foss-north: Enablement Talks

During foss-north 2020 we had a group of talks related to using free and open source in various settings. I call them enablement talks. Someone with a more salesy mind might have said success stories.

This year we had tree such talks. One from about SVT’s (the Swedish public TV broadcaster) video streaming platform by Gustav Grusell and Olof Lindman, one from arbetsförmedlingen (the Swedish public employment service) by Johan Linåker and Jonas Södergren, and about Screenly OSE by Viktor Petersson, a digital signage solution.

We’ve also decided to experiment with a series of shorter videos, and we started by explaining licenses.

What a License Track!

The foss-north 2020 videos are rolling out. This year we’re doing a small experiment, so everything is available at once over at conf.tube, while we roll the videos out gradually at YouTube in an attempt to feed the algorithm (like and subscribe!).

This year we had a great set of licensing related talks, and I’d like to discuss them all in this post.

Monday morning started with Frank Karlitschek and his talk Why the GPL is great for business. This a great overview of how you can build an free and open source business – pros and cons and pitfalls to avoid.

Next up is Gabriel Ku Wei Bin from FSFE who talked about REUSE. The REUSE project is about helping creators choose and apply free and open source licenses.

This is followed by Pavel Kopylov and his talk Hacking the legal code of an open source license. This talk is about understanding how licenses works and how to use them.

This is followed by Jason Hammond from Whitesource talking about their compliance tooling and why compliance is important.

The final talk in this track is by Adriaan de Groot talking about the KDE Free Qt Foundation. This is an interesting aspect, as it is about protecting the customers by offering a more liberal license at a given point of time.

Historically we’ve always split talks on a specific topic during the conference to ensure that people move about in the hallways and that most visitors get to see something unexpected. Since we record everything, we can now do both – clustering by topic and a linear playlist.

Tech Day by Init

Last Thursday I visited Tech Day by Init and had the opportunity to talk about a topic close to my heart. I decided to do a talk about Open Source Anti-Patterns (you can find the slides over at Kuro Studio).

It is always fun visiting TDBI (it is my third year speaking). The audience is very well read up on the topics and the questions are always good. Also, I got a high five from a guy for my speech during the beer event ;-)

Free software and the wish to be good

The free software movement has recently been going through a lot. From the introduction of Commons Clause, to the resignation of Stallman. It seems like the mood in the air is that now is the time for a redefinition of what free and open source software actually is.

My view on this is that free software, and open source, is about software. For instance, I agree to Roman Gilg’s great post about activism. What we share within the FOSS movement is our passion for software licensing. For other political issues, we do not all agree. It is important to recognize this, and that by implying political standpoints, we limit the size of the communities.

To me, we in the FOSS movement need to define tackle two issues: what is distribution (to address the Common Clause issues), and can we be neutral to what the software is used for (to address the activism issues).

When it comes to distribution, the open source definition explicitly says “No Discrimination Against Persons or Groups” and “No Discrimination Against Fields of Endeavor“. I think we all can agree that software is used for both good and evil. However, what is good and what is evil depends on your viewpoint. I believe that the license should be free of this type of politics, as opening the discussion will be like opening a Pandora’s box.

If we, as a community, want to define good and and bad, and restrict usage accordingly, I would argue that we should make sure to use an established, and accepted standard such as The Universal Declaration of Human Rights. This would avoid creating an impenetrable forest of various uses that each author feels strongly about and prohibits. The latter would make it very difficult to ensure compliance.

When it comes to compliance, including a definition of good and restricting usage accordingly has an interesting effect. Common day objects such as cars, can be used for both good and evil. Is it allowed to use FOSS licensed software in a car, if that car could be used in activities breaking the human rights?

Another problem with incorporating human rights into the license, is that those who ignore the human rights probably don’t care about software licenses either.

The second point is the definition of distribution. Here I’m approaching the discussion from a GPL standpoint. The GPL licenses are triggered when software is distributed. By taking the distribution concept further, e.g. including access over a network, the license can be further extended.

Here, the balancing act is going far enough, but not too far, and to provide a range of licenses that make it easy for the authors to control how the software can be used.

The problem that I see with going too far, is that entire fields of endeavor might be excluded by extending the license to far. One example of this is the anti-Tivioization clauses in (L)GPLv3. We all know what purpose they serve. The side effect is that they exclude entire fields where the OEMs feel that, for liability or compliance reasons, they need to introduce Tivioization.

I see this in the automotive sector, but would assume that it exists in medtech and other industries where the final product needs to fulfill safety requirements.

For me, I think that the license should prevent Tivioization from an end-user standpoint. It should be possible to change and deploy the software. I believe it should be explicitly allowed to detect the non-OEM software and, for instance, void warranties and warn the end-user, but not prevent usage of the product (this in itself is interesting – can other physical devices refuse to talk to the device, e.g. a cloud backend, or other ECUs in the same car? – it will be tricky to define the boundaries here). This opens the door for FUD warnings, but it also extends the reach of FOSS.

Both these topics form a complex discussion that needs to be given time. The current open source definition serves us well, and the current licenses are familiar. Introducing more licenses, or even challenging the definition of open source, will introduce complexities and side effects, so we need to tread carefully.

Complicating Licensing

I’ve recently seen a couple of attempts to present non-open source licensing as almost open source. What I’m talking about is Commons Clause and fair source. This sounds a lot like the failed shared source model promoted by companies such as Microsoft in the early 2000. Yes, I’m looking at you redis and neo4j.

What I find particularly disturbing is the way that both, but especially Commons Clause, attempts to piggyback on the good name of open source. The naming is very close to Creative Commons, and the way that the clause is intended to be introduced is very confusing for the user as the user would see a familiar open source license, and then just a “small” exception.

I would argue that the way to go about this is to combine a strong copyleft license such as GPLv3, LGPLv3 or AGPLv3, with a CLA. That way a dual licensing model could be used to create a business model. If that is not possible, the [A/L]GPLv3 needs to be improved – not complicated by additional clauses added by a third party.

The consequence that anyone accepting the strong copyleft can do whatever they like with the software is not a bug in the copyleft license, but instead a feature. Actually, this is one of the core four freedoms of free software.

At the end of the day, my cynical self gets the impression that this is something that you add to an existing project once it has gained traction and then hope that it does not render in fork. If something like the Commons Clause would have been present from the start, the projects would never had gained the user bases and communities that they are enjoying today.