[Fedora-legal-list] "Must-read" licenses and their ethical implications. Possible workarounds.
csvanefalk at hushmail.me
Mon Feb 8 07:18:21 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
[NOTE: IANAL or thoroughly versed in contract law and software
licensing. Thus, if I have made any wrong assumptions here, they
were done in good faith, and I appreciate any corrections. Please
also note that if anything here is percieved to be "flaming" in any
sense, I truly did not mean it to be so - my goal is to help
contributing to both Fedora - my OS of choice - and FOSS at large.]
Forgive me if the header (and indeed this whole mail is a tad long,
but I would like to address an issue which is very important to me
personally, and which I believe must be dealt with in the interest
of keeping FOSS truly free for everyone to use.
At least one OSI-certified license today (the "W3 Software Notice
and License") contains a provision like this:
"By using this software in any way, you acknowledge that you have
READ, UNDERSTOOD, and will comply with this license".
In other words, the license seems to put a moral burden on the end-
user to both read and understand the license in order to be granted
any rigths to even use (let alone modify and distribute) the
software it covers. There may be other licenses that have "lighter"
provisions of the same type (such as "you understand that you may
not remove or alter any copyright notices" and the like) in their
text, and I will include those here for the sake of discussion, as
falling into the same category.
I believe restrictions like this are contrary to the spirit of
FOSS. As the FSF definition says:
"The freedom to run the program means the freedom for ANY KIND of
person or organization to use it on any kind of computer system"
(http://www.gnu.org/philosophy/free-sw.html, emphasis added)
Licenses like this do not grant this freedom to everyone - it
expressly grants it only (at least in the ethical sense) to people
who can affirm that they have read and understood whatever the
license requires them to read and understand.
What this could mean in practice might be that end-users might have
to pre-screen the licenses (including any third-party licenses) for
packages they install, just to make sure they comply with the
ethical side of these restrictions. Needless to say, that would put
a large and impractical burden on the end-user, which I believe
land us in a situation where we are no better off then in a
proprietary environment, which (in my view) is unacceptable for any
I believe the perfect situation is ABSOLUTE freedom to run the
software, without any extraordinary legal obligations toward the
licensor, as is granted expressly by the GPLv2 ("There are no
restrictions on running this software").
Again, legal or moral pre-reqs like this on free software excludes
people who for any reason are not able to fulfill them (take into
account that the license might only be available in english, or
contain complex legal language, and you see the difficulty this
will pose for most people who are not english-speaking lawyers).
I believe it is possible to get around this problem, in fact, it
may already be solved. Here are some suggestions:
1) Compile against GPL2+ code - Now I am not sure about this, but
does not combining code under a GPL-compatible license with code
under the GPL cause the combined work to fall under the GPL? If
this is the case, does that mean that any terms of the GPL-
compatible license (such as the W3C) can be ignored after such
combination? In that case, the situation would be solved for
packages that are combinations of the W3C licensed code and GPL
2) Display any "must-read" terms in the package manager - Hack the
package manager to popup a shrink-wrap window where the user has to
affirm they have read and understood what the license requires. I
admit this is an awful, ugly solution.
3) Ban any licenses that would fall into this category (possible,
since for now the only license of this type I know off is the W3C).
4) Petition license authors to provide global waivers that remove
these provisions from the licenses (possible if it came from the
community, perhaps not an individual).
I appreciate any feedback on this issue, and of course I am
personally willing to put in a lot of work to contribute to a
solution of it.
With kind regards,
Student, Computer Science, Univ. of Gothenburg.
PS. the link to this mailing list at
points to the old archive at redhat.com, not the new list server at
-----BEGIN PGP SIGNATURE-----
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify
-----END PGP SIGNATURE-----
More information about the legal