January 18, 2006
The General Public License covers some of the most important software in widespread use: Linux, MySQL (dual-licensed by the vendor), Samba, and many other modern packages, not to forget the suite of compiler tools and command-line utilities from the Free Software Foundation, for which the GPL was originally designed.
That's why hundreds of people came to hear Richard Stallman and Eben Moglen (law professor and general counsel for the FSF) lay out their proposed new version of GPL on Monday. And why the audience included world-renowned leaders from many free software projects--even some projects such as Apache that aren't covered by the GPL.
After the dramatic convocation I reported on (article now lost), where the veil was lifted on the hitherto secret draft of the GPLv3, the packed hall at MIT thinned out over the next day and a half. Most people got what they needed at the opening session: they found that the draft opposed patents and Digital Rights management, as expected, but that it made no drastic changes in reaction to these threats or other changes in the software field, and that the draft was graciously accommodating to Application Service Providers (who could have expected their trade secrets to come under attack), to software under non-GPL licenses, and to companies acting in good faith to propagate and make a business from GPL-covered software.
These attendees probably also realized that further work on the GPL was going to descend into detailed textual analysis requiring both sophistication and dedication. And most people were ready to leave that to the committees set up by the FSF.
This is a rare chance for the public to make law.
His committee found many problems with the draft; it will need a lot of work.
Feedback will be taken seriously. Bruce's committee, at least, promises to review comments carefully.
So try visiting the site from time to time and take at least an hour to look at where discussion is heading. Don't expect to reverse the philosophy behind the endeavor--Bruce believes "the intent of the document is sound"--but help to avoid unexpected harm.
So what's in the GPLv3? The actual draft license is not that hard to read, and a rationale document helps to explain it. Still, I feel it worthwhile to summarize some of the more interesting points:
The drafters made changes that allow programmers to combine GPL-covered code with code from other projects. The Apache and Eclipse licenses were explicitly mentioned as compatible. This outreach is particularly praiseworthy because those two projects offer key support to Java programmers, and some others in the free software movement have sometimes expressed distrust of Java. This change should help everybody work together.
These are mentioned four places in the draft. The goals here are modest: essentially, to force programmers to relinquish patent-related controls if they use free software. If they have patents on free software, they must give a patent license to anyone using it. If they have cross-licensed patents or otherwise gained rights to use patents, they must help spread this protection to the users of their software.
The goals here are also modest: to make sure free software and DRM are not used together--in short, to prevent freedom from being used against itself. First, users are forbidden from closing off access to works through encryption or authentication keys. (This doesn't cover legitimate uses of encryption and authentication for privacy purposes.) Another clause attacks the notorious "technical circumvention" measures in the Digital Millennium Copyright Act and copycat treaties and laws, ruling out the use of GPL-covered software to carry out the measures.
Previous versions of the GPL had built-in termination of the license if a propagator infringed on it. This minimized the need for copyleft holders to police users, but it placed a burden on vendors and other users trying to build systems on free software. They might infringe unknowingly and have the carpet pulled out from under them at any time.
Version 3 requires the copyleft holder to notify an infringer within 60 days of the occurrence. The new clause provides protection for people trying to build a business. It also demonstrates a confidence by the drafters that the free software community has matured enough to invest the necessary resources to check up on users.
If copyright holders want to go further than the GPL in trying to open up software--by requiring Application Service Providers to reveal the code running on their servers, or to retaliate against patent holders--they are explicitly allowed to do so. These clauses allow people to experiment with their own solutions to what the Free Software Foundation sees as problems, but for which it currently does not see effective remedies.
There are many, many more details. The drafters have learned over the years which clauses of the GPL have created confusion or prevented people from doing useful things. The license has also been drafted with more care to making it applicable in different countries.
Zak Greant, a volunteer who answers licensing questions for the FSF, told me he is happy with the new draft, finding it both clearer and more comprehensive. While he currently has to refer people to a FAQ or other ancillary documents to answer questions, he estimates that 70% of the questions now could be answered by the legal document itself. I hope the preceding list makes you curious enough to check out the official FSF site.
All that said, I took away from the conference a pessimistic impression that the GPL is not the battlefield where the information struggles of our day will be resolved. The drafters made no suggestion that they had solved the problems of patents, DRM, or other threats to user's control over information. On the contrary, they used the conference as a forum to call for political action on these threats.
The looming collision between the control-obsessed entertainment industry and today's dynamic communities of programmers and modders will be carried out in the social realm more than the legal one. The law may produce some of the carnage, but it will mostly come along to clean up the debris after the victory of one side or the other.
If the public turns against Digital Rights Management--if they even understand what it is--they will do so because of outrageous missteps like the recent botched Sony CD controls. Even during this highly publicized incident, it was nearly impossible to find a teachable moment concerning the importance of user control over computer systems and software.
I hope FSF spokesperson Peter Brown is right in saying that we have a great opportunity to explain the benefits of freedom to the public over the coming year. I also sympathize with his claim that one must use the term "freedom" instead of focusing on "open source."
But opponents of the "open source" terminology always caricature the term and its supporters. Those who pushed for open source have promoted its ethics and community benefits just as free software proponents have. The virtue of "openness" as a general principle is powerful, and has brought people out on the streets in many countries.
I admit that the words "open source" do not slam the ethical challenge down on the table the way the word "freedom" does. But "open source" has helped free software spread to far more places in business and public organization. Now many more people have something to defend when the free software proponents warn them they're in danger of losing it.
I think FSF knows that it needs allies; that's why the proposed license demonstrates so much conciliation and coalition-building. In addition, popularity of Samba, and the presence of Samba project leaders at conference, shows that the free software movement has accepted the need to co-exist with a non-free world, at least for a while.
The FSF has reacted to the encroachment of outside control by trying to exert forms of control all their own. They have often been criticized for this, and I don't want to rehash the flames wars here. But after the license assails software patents and DRM, it goes on to impose a ban on "works that illegally invade users' privacy." This makes some sense in context (because some forms of DRM snoop on users) but one wonders when the FSF is going to stop.
Why not keep going and ban the use of free software, for instance, to promulgate racism? The obvious answer to this question is that it's hard to define what constitutes promulgating racism, and that banning it would lead to encroachments on other activities that are beneficial. But the same dilemmas dog the FSF as it tries to fend off patents and DRM.
The other way to approach free software is the old BSD way of throwing open the doors and allowing proprietary vendors to enfold the software into closed products. Proponents of the BSD approach have made a strong argument: if the free software movement is really a superior way to treat software and its users, the free versions of the software will ultimately win out over the proprietary ones. After all, who could turn down the free software promise of open source code, a community of experts to turn to for support, and a stream of new features that will automatically interoperate on different systems?
History seems to bear out this argument, but once again, I'm not writing this to revive an old debate. I'm putting it here to show that the fate of free software depends on the reactions of the general public.
It's good for programmers to have a choice. For those who feel it safer to require the unencumbered freedom of what they've produced, the GPL should be as robust and usable as possible. The year 2006 is our year to make it so.
Andy Oram, firstname.lastname@example.org, is an editor at O’Reilly Media. This article represents his views only.
This work is licensed under a Creative Commons Attribution 4.0 International License.