How the GPL was tempered

Ever since the open source licenses appeared, it was tempting to test them for strength. The GNU Public License is the most uncompromising among them, it protects the freedom of the user and the programmer from assigning the results of foreign labor, replacing an open and public product, closed and paid. Not surprisingly, it is the GPL that is most often violated by small, medium and even large companies.

Enforcement of the GPL is a matter of strategic importance to an open community and it is easy to see why this is so. The GPL is a cornerstone, a gathering point for the community and its most principled supporters. Of these, the most famous is the GNU founder and GPL author Richard Stallman. Let's find out how the community fights license violators, who violated and continues to violate the GPL, and how to expropriate open source expropriators.

GPL and Copyleft

The GPL, according to one of the hawks of the Software Freedom Conservancy Bradley M. Kuhn, is the Constitution of the Free Software World. It defines four basic positions, four degrees of freedom of a hacker.

• the freedom to execute the program as it pleases, (degree of freedom 0);
• freedom to study the program and its source code in order to understand how it works (degree of freedom 1);
• freedom to distribute a program in order to help his neighbor (degree of freedom 2);
• the freedom to disseminate changes and improvements in the program (degree of freedom 3) so that the community can take advantage of your work.

The first version of the license appeared in 1989. GPL v1 solved the following problems.

1. The manufacturer of the software product does not give the code, but only the binaries. To prevent this, one of the requirements for the program's manufacturer is to distribute human-readable source code.
2. The manufacturer of the software product may impose additional restrictions. To prevent this from happening, the text of the license states that all changes made to the code should also be made publicly available.

The second version of the license was released soon after the first in 1991 GPL v2 was released under the motto of freedom or death . An important point in the new license was a provision to prohibit the distribution of software in the event that, due to any restrictions, the manufacturer of the program is not able to adequately ensure the rights and principles of user freedom. So, unscrupulous dealers are much less tempted to rip patent royalties from manufacturers of free software.

Tivo

Richard Stallman published GPL v3 in 2007. The third version protected the user's freedom from new threats, such as tivization and a muddy deal between Microsoft and Novell. The changes were mainly caused by the fact that TiVo found a loophole in the GPL v2, giving the user a snag instead of the first degree of freedom.

In the film Soldiers of Failure, the hero Matthew McConaughey, the whole movie is trying to get him for his friend the digital video player TiVo. Most likely it was the first version, since not everyone was delighted with the second TiVo. The fact is that the first one could be changed and configured as desired - this is Linux, and in the second version the whole freebie was over .

Some companies have created all sorts of devices that run programs under the GPL, and then redraw the equipment so that they can change the programs that run on it, but you could not. If a device can run arbitrary programs, then this is a general purpose computer, and its owner must control what this computer does. When the device does not let you do this, we call it tivoization.

As a result of the changes, the user could no longer change the firmware and do everything that was possible in the previous version, despite the fact that the GPL gives the user that right. However, the hardware limitations of the device were not spelled out in the GPL v2, which was used by the manufacturer of TiVo.

As for the deal between Microsoft and Novell, it was the very monopoly of Steve Ballmer, which went right through the bones, thinking that all the markets could be crushed just as happened with the desktops. In short, Microsoft began to distribute FUD , the meaning of which is that only Novell SUSE Linux users will not be subject to patent prosecution. Ostensibly, the Linux kernel violates a certain number of patents, but the monopoly on this will close its eyes if the user chooses the correct SUSE Linux. However, Richard Stallman knew his business and compiled the GPL v3 so that the danger of such discriminatory patent prosecution was neutralized.

Microsoft made a few mistakes in the contract with Novell, and GPLv3 is designed to wrap them up against Microsoft, extending this limited patent protection to the entire community. To take advantage of this protection, programs need to use GPLv3.

How the GPL works in theory and practice

The theoretical rationale for the GPL is as follows:

• copyright - an institution of civil law, which operates internationally and determines the rights of the creator to his work;
• using a copyright license, grant permission for use and distribution;
• the condition of the previous is the granting of four degrees of freedom to users;
• so copyright turns into copyleft.

And now about how everything happens in reality.

The community does not have a unified approach and a single point of view on how to deal with violators. However, the principle shared by the overwhelming majority of the participants in the discussions can be considered the priority of cooperation over litigation and financial indicators. If the violator can be persuaded to comply with the GPL without resorting to legal action, then that is exactly what should be done.

The dubious glory of the first violator of the GPL belongs, no less, to NeXT and its founder, Steve Jobs. The company did use its gcc skills, but it was not in a hurry to open the source. In NeXT they intended to leave Objective C closed, providing only binary * .o files for linking from gcc, but RMS and FSF were able to insist on their own .

Unfortunately, it is not always possible to agree on a good one, and sometimes you have to get involved in a fight. Look at the most famous litigation around the violation of the GPL.

FSF vs. Cisco

For a long time, Linksys, bought by Cisco Systems, was using gcc , binutils , glibc distributed under the GPL with might and main, while being greedy and did not disclose the source code. Tellingly, Cisco by that time was quite involved in the development of the Linux kernel, was an honorary gold member of the Linux Foundation.

For the first time, the FSF pointed out a violation of the GPL conditions in 2003. Cisco was beating its head, promised to fix everything, but did not do anything. After 5 years, FSF patience broke and they filed a lawsuit, which ended in a complete victory for open source advocates. Cisco reconciled with FSF by making a donation of an unknown amount and opening the source code in accordance with the requirements of the license.

Jacobsen vs Katzer

On August 13, 2008, the US Court of Appeal found in Jacobsen v. Katzer, that the free license Artistic License is relevant under copyright law. The court identified the Artistic License, Creative Commons, GPL as licenses with meaningful terms, which makes them subject to copyright law , and not just a commercial contract. According to US law, violation of the relevant terms of a copyright license is a violation of copyright itself. At the same time, if the provisions of the license were recognized as contractual, their violation would be considered within the framework of the contract legislation, which greatly complicates the payment of compensation and the determination of the extent of damage to open source licenses.

Why did a lawsuit arise? Jacobsen has written software for model train management. In Katzer, the JMRI code was used, violating the requirements of a fairly liberal Artistic License , while they themselves willingly sued their competitors, intimidating them with their patents.

The importance of this trial was that for the first time in a US court a case concerning violation of an open license was considered. In addition, the Artistic License relies on the same concept of meaningful copyright conditions, on which Creative Commons, the GPL, and other open source licenses are held. The fact that the court refers to them in the reasoning of the decision allows the open source developer to count on favorable decisions in other cases of infringement of their copyright. This is facilitated by case law in the United States.

Welte vs Fantec

In June 2013, the Hamburg State Court found Fantec guilty of violating the GPL. The multimedia player FANTEC 3DFHDL in one of the firmware contained a GPLv2 licensed netfilter/iptables firewall. Attempts to reach an agreement were unsuccessful, after which Harald Welte - one of the iptables developers - sued the offender conventions license. In the case of Harald Welte ^[1] v. Fantec GmbH, the court ordered the defendant to pay a fine of € 7,000 and pay all legal fees.

FANTEC tried to fight off the charges, citing the fact that the Chinese contractor wrote and installed the firmware, who assured FANTEC that the licenses were in order. The court, however, considered such excuses insufficient.

Artifex vs Hancom

The trial of Artifex ^[2] against Hancom ^[3] continues and the latest news gives cause for optimism. In the federal district court of the Northern California sector, a lawsuit against the South Korean company Hancom is considered by Artifex.

The GhostScript package is distributed under a dual license: Affero GPL and commercial. Open license is used in the usual sense, providing 4 degrees of freedom to users and software developers who do not use the product for commercial purposes. For the rest, a commercial license is provided when there is a need to use the package as part of closed products without opening the source code. The South Korean company decided that it was possible to hack the system and chose the third way - to use Ghostscript code in its closed programs for nothing, having refused to buy a commercial license.

Office package ThinkFree Office for Android OS

After detecting the fact of Ghostscript delivery in Hancom products, Artifex tried to negotiate with the violator by offering to buy a commercial license backdating for copies of the program already sold, but was refused. Artifex’s response was a lawsuit against a South Korean company. The argument of Hancom was that it considered the terms of delivery of Ghostscript as a contract that did not sign and did not fix its agreement with its terms. Not surprisingly, this argument did not work .

The court rejected a motion from Hancom to discontinue the proceedings. The whole snag is that the GPL, in conjunction with a commercial license, is considered in court as an agreement , thereby falling into the area of ​​contractual relations. This position differs sharply from the point of view of the ACT Foundation, which does not consider the GPL to be a contract due to the fact that the user does not have the right to bypass the license at all, while the contract implies the existence of a transaction, benefits and voluntary consent.

For the right holder, there are certain benefits to being a plaintiff in a copyright infringement case instead of seeking truth in a contract infringement case. Contract law to monetary compensation and quantifiable definitions of material damage, just the fact that it is not easy to calculate and present to the creators of open source software. It is not clear how to achieve the desired result - open the source code of the program by a court decision . With copyright infringement is much easier to get what you want. There are still statutory fines, $ 30,000 for each violation, or $ 150,000 in case of malicious violation.

So far, the result is in favor of Artifex, but the very fact that the GPL is considered a violation under contract law is fraught with new manipulations by proprietors. Hope, wait, believe.

Finally

It may seem that open source advocates win all the lawsuits, but in reality this is not the case. In the SFLC v. VMWare case, so far everything is not in favor of the plaintiff. SFLC and FSF do not keep up with hundreds of violators and morally unstable hackers are already trying to cash in on this. However, this should be discussed separately.

Used materials

1. GPLv3 Quick Start Guide
2. Samba, GPL enforcement and the GPLv3
3. GNU GPL, LGPL, Apache license Types and Differences
4. The court found that the GPL falls into the field of contractual relations
5. Jacobsen v. Katzer: The Federal Circuit

1. ↑ The creator of the web resource GPL violations , one of the developers of iptables.
   
2. ↑ Ghostscript developer for viewing pdf and PostScript documents.
   
3. ↑ Creator of the office package ThinkFree Office .