This one is something that were brought up a lot by developers including me who are very weary about corporations profiting off of our work for free and this basically put us off from contributing to open source in general.
We get a bunch of dialogues about this such as:
Developers like me: “Many of us who create are concerned about our work being exploited. The possibility of corporations profiting from our open-source contributions without giving back to the community disincentivizes us from participating in such endeavors.”
Open-Source Advocates: “The AGPL exists to mitigate such concerns. It requires derivative works to also be open-source.”
Developers like me: “While I appreciate the intention behind AGPL, there is a loophole - a ‘condom code’ if you will. Even though Linux Kernel prevents such strategies by refusing to merge these changes and that it’s difficult for a singular corporation to force an adoption of a forked version of Linux Kernel, a corporation can fork our much smaller project however and introduce such legal bypass to the copyleft restrictions. This bypass can be justified by them under the guise of extending the software’s capabilities with a plugin interface or an interprocess communication protocol layer, similar to how PostgreSQL allows User Defined Functions. However, I must caution that I’m not well-versed in the legal intricacies.”
When bringing up on non-commercial clause for licensing
Open-Source Advocates: “Disallowing commercial use of your project contradicts the principles of open-source.”
Developers like me: “Well, then perhaps we need a new term, something like ‘Open Code Project’. We can create projects that encourage collaboration and openness while also restricting commercial exploitation.”
So I created this post, because we do need to discuss on a path forward for Open Source in general knowing that corporation can shirk around this restriction and discourage developers like me from participating in open source or open code projects.
Edited to add:
I really want to thank you all for discussing a rather contentious topic and adding your own thoughts to this. I really appreciate everyone’s thoughts into this. I clearly have a lot to do on researches.
Contributing to open source projects is pretty much just altruism.
If we’re talking about protection of people integrating open source code in their proprietary code we’ll always have issues. It doesn’t matter if we declare our projects under GPL, AGPL, LGPL, CC or whatever, unless they do shoddy work, we won’t be able to know what code snippets, libraries or frameworks they’re using when source code isn’t disclosed.
People that want to be assholes will always be assholes. If you feel like giving back, contribute to an open source project. If you don’t, don’t. But making it about evil corporations is a bit meh. Even a company like Amazon is actively contributing to improving Java, offering the Amazon Corretto JDK for free. So the path forward may just be trying to be the change yourself, and making sure the company you’re working for is also giving back somehow.
I think the biggest con with this kind of license is that it also means neither you nor the collaborators can try to make a living out of it. Such a type of license forces entirely hobby work.
The cost of maintainership of the project and the fact that it may exclude people that don’t have the privilege of being able to contribute in their free time are both things that concern me quite a bit when you remove all commercial usage.
From what I understood about the copyright law is that you could create a separate license apart from non-commercial license and you could still sell a commercial license (if all contributors agreed to it, CAA/CLA agreements been signed, or some other agreements in place.) A project can have multiple licenses. Please correct me if I’m wrong however.
Yeah, that’d be the only way to do this but it also means the project can change the license at any time. As an outside developer, I would probably not want to rely on a project where it can go fully closed source potentially at any time.
It’s also worth noting but if you have a non-commercial license, you will also be incompatible with any GPL license.
You raise a good point on that consideration.
I agree, the parasitic nature of this relationship has been sharpened in the past week and made many of us think more critically of it.
My question is - what happens if several significant FOSS projects change their licence to “Sources must be publically available if repackaged” or even “Cannot be packaged for sale”, specifically to prevent a non-freely available distro profiting from it.
Yes, that distro could fork the software at the point before the new licence is applied, but they they would be responsible for maintaining that fork going forwards, no? And that would take a lot of resources and need it to be called something else.
Absolutely, your understanding mirrors mine. The re-licensing process is a complex one, particularly in the context of FOSS projects with multiple contributors. It requires unanimous agreement from all contributors, unless a Contributor License Agreement (CLA) or Copyright Assignment Agreement is already in place, which can simplify the process.
As for the scenario where a distro continues to maintain a hard fork of the project from the point before re-licensing, it’s certainly possible. However, as you pointed out, it would place a substantial burden on the distro in terms of resources. They would need to maintain and update the code independently, which might not be feasible or desirable.
In regards to the proposed license conditions, “Sources must be publicly available if repackaged” or “Cannot be packaged for sale”, it’s worth noting that the first one is already embodied in the principles of GPL/AGPL. The second proposal, however, raises more complex considerations. This approach would indeed help address the issue of commercial exploitation that I initially raised. But as you’ve mentioned, the challenge lies in navigating the re-licensing process.
If a FOSS project is already licensed under a different license, a re-license would require obtaining permissions from all contributors, which might prove to be a logistical challenge. Therefore, any change in the licensing model needs to be thought through carefully, taking into account not only the potential legal complexities but also the broader implications for the open-source community.
Disclaimer that I’m not a lawyer.
I recently came across this license, which addresses some of your concerns: https://commonsclause.com/
Thank you for posting this! It’s very interesting on how it can be applied on top of existing open source licensing. I’ve got some reading to do!
Reminds me of what happened with elasticsearch and amazon.
Isn’t the ultimate issue enforceability? For a dev to be awarded some of the profit made off an open source project:
- A whistleblower would have to discover, gather, and publish evidence that the software was being used to generate profit
- The dev would have to win a court case against the company
It would be fuckin rad if that happened and a dev got a huge payout and a legal precedent was set. But it’d be more rad if we didn’t live in a society where this was an issue in the first place :[
There are a number of licenses that do this. And yes, many of them are not OSI approved and people will say mean things about not using the word open source. Which you should ignore and instead perhaps say fair source instead if you care.
A couple to look at:
a public LICENSE that makes software free for noncommercial and small-business use, with a guarantee that fair, reasonable, and nondiscriminatory paid-license terms will be available for everyone else
Prosperity is a public LICENSE for software that makes work free for noncommercial use, with a built-in free trial for commercial users.
I also recommend going through the back log of posts by Kyle Mitchell, an engineer - lawyer who has authored a number of great software licenses, including the two I listed.
Just to add to the topic, the ‘condom code’ point you bring up is actually well-established in the business - the so-called ‘Embrace, Extend, Extinguish’ technique.
And it sucks that it such a massive discouragement from a lot of developers who shared similar concerns as I have about this.
Software licenses cannot solve every problem and AGPL is still the best option.
There are many larger problems related to FOSS including freeloading, right of repair, surveillance, lock-in… and they require social solutions rather than new licenses.
You want an option analogous to
NC
in Creative Commons:Only noncommercial uses of the work are permitted
I’ve worked at more than one job where I was told it was OK to use MIT, or Apacje-2.0 licensed things, but to not touch any GPL or AGPL software.
So, even though there wasn’t any non-commercial clause in the license, it’s copyleft nature led to that effect at those businesses.
In general, I like the balance that the GPL & AGPL strike - commercial use is allowed, but the company has to give back. The “condom code” thing that you mentioned is certainly less than ideal. I would prefer that businesses open up their full codebase. But, I think the more likely scenario is that they just don’t use any open source at all (or they use it and violate the license!) I’d prefer condom code over either of those possibilities.
You don’t need to read much history to find plenty of bad things done by non-commercial entities, e.g. governments. Or churches.
It’s not commerce that is the problem, it is oppression. Use of my code for oppressive purposes is the thing I want to avoid.
It’s a broder societal cultural problem. No license can ever fix it. Companies and corporatons are made up of people, and if life has only taught them to wreck everybody they can, they will do their work with a mentality of exploiting any chance they to make sure only they succeed.
Any kind of long term fix to change corporations will take generations, not a legal standard.
There was a time when a verbal agreement and a handshake was an unbreakable commitment because people shared a common set of principals and personal values that bonded people together. It took generatios to destroy that sense of honour, it will take generations to get back to that. People are delusional if they think corporate exploitation can be fixed through courts, the law, or politics, only culture.
@TheTrueLinuxDev - If your goal is indeed non-commercial usage, then what you need is a clear new license with a clear new name: “Non-Commercial Source License” (NCSL), or possibly “Public Domain Source License” (PDSL).
I basically take the position “you need a different, non-confusing term”. Open Code is not such a term.
My view is shaped from the cultural realm more so than the software side, but I think the concern at the centre of it is transferable: it becomes extremely messy to capture the desired acceptable uses in the legal wording of an enforceable license. The outcome is that every use will have to be individually authorised.
I was helping run and occasionally held the editor role of a leftist magazine which we decided to make Free Culture under CC-BY-SA. Content using the Non Commercial clause gave us such headache, while even though we did not charge for the magazine nor we ran adverts, we accepted and strongly encouraged donations from our readers. That money went to pay off the printing costs (the NC clause already has a problem with that, but we assumed that would still be defensible), but the rest was also invested in other endeavours like public events, or eventually helping fund a community centre.
At that point, it didn’t matter if creators with NC works released them under a supposedly free license. Our -in our opinion- non-for-profit use was still so tainted with money changing hands, that we still needed to seek their consent and get a written permission on top of the original license. At the end of the day, it was the same as working with All Rights Reserved works, where we get a special license from a sympathetic creator. The NC clause solved nothing for us.
That part is, I believe, the same with software licenses. We will end up having to get 1:1 license agreements for so many things because the new anti-commercial licenses will not be able to predict all the scenarios which are “false positives” for the anti-capitalist software developer (as in, some desirable re-uses will be blocked by the license, and individual licensing agreements will be needed often).
My focus would be to fix the loopholes that go counter to the copyleft spirit in AGPL, if such loopholes are identified, and perhaps get a more reliable organisation handle the AGPL definition in the future.
It hasn’t been tested in court yet in the US as far as I know, but non-commercial licenses can potentially be more restrictive than you intend. As such, I don’t contribute on projects with non-commercial licenses and I know others who do the same.
That said, I understand the frustration of big companies using your code for something big and you not getting a share of the profits. That frustration though, either as a frustration of capitalists benefiting from your work or from you not getting profit you feel you may deserve, seems like a nothing-burger to me. If you weren’t planning on selling licenses to your code before-hand and them using it doesn’t affect the maintenance burden that you have, then what is the problem? It functionally changes nothing concerning the time and effort you were planning to put in.
The power of open-source licenses is in how they allow for quick and painless sharing of software for the collective benefit of others. There are tons of ways to get paid while using open-source licenses. Non-commercial licenses are unnecessary bloat that could gum up the works.
Correct me if I’m mistaken. What I read from your post sounds to me like you think that we should accept that a company will inject a revenue stream into the process that we all were working on as an open source project. We weren’t expecting to get paid, so why not allow the company to get paid, regardless of the downstream impacts for other projects that once relied on the project being completely free and open. Do I understand that properly? I don’t want to misrepresent your intent. I feel like I must be misunderstanding something.
I’m a socialist. I believe at a societal level that it’s messed up that companies can turn exploited labor into profit for capitalists instead of distributing it fairly among workers.
On an individual level or individual project level, how would a company using your code for profit on their own project affect the availability or accessibility of your original version?
I’m happy to be proven wrong here, but my understanding is that FOSS is an important tool to combat the consolidation of technology into the hands of a few capitalists, and it generally relies on the free altruistic labor of people for the good of the commons. All else being equal, it would be a much better world if that work was always paid for, but I don’t think we can have that in a capitalist society without sacrificing the best parts of FOSS.
I think we may be talking about two different things with regards to corporate control. I’m saying that, in the case with Redhat specifically, that their injection of a fee to access the source code now no longer makes the code freely available to downstream repositories. If they comically charged a billion dollars to access the source code (with a GPL) it would practically become closed source, so I’m curious why any entity can charge any amount to access open source software. And if it’s totally legal with this type of license, doesn’t that mean that we should be avoiding GPL at all costs?
Yes, we are talking about different things. I don’t know enough copyright law to know what to think about the RHEL situation yet, i.e. source available vs. open source. I’ve been talking about a theoretical open source project that you control and a corporation downstream using it for profit.
I kind of want GPL, but with one extra clause that says that violating the terms of the GPL permanently and irrevocably terminates all right to touch anything else under the same license, including your own code.
Fat chance. We can’t get the existing terms of GPL to be enforced
Re: red hat restricting redistribution of GPLv3’d code