Open Source Licenses

and how to choose one

Alexandru Badiu

@ BEN Group / Drupal Romania

IANAL

(I am not a lawyer)

So take this with a grain of salt.

Even if I was, this is just a presentation.

When in doubt, hire a lawyer.

Advice on the internet != lawyer.

What I will talk about

What is copyright? What's a license?

Open Source licenses in use.

Their issues.

Choosing one.

Some tips on running a project.

Copyright

Berne Convention.

A bit of text, some code, a drawing.

Instant copyright!

(Registration not required.)

Expression of an idea and not the idea itself.

Copyright expires.

You have the right...

to paaaarty

to copy

to not copy (but there's fair-use)

to sue (statutory damages)

Who owns the code?

You!

But...

You're contracting / freelancing.

You're fulltime and your contract says otherwise.

Licenses

Permissions granted to others.

Without assigning the copyright to them.

You can dual license.

Proprietary licenses.

Free software licenses.

Open Source licenses.

License breakdown on Github, as of 2015. On other sites GPL is still the king.
License evolution on Github, as of 2015.

No license

You have no right.

Even if it's on Github.

Unlicensed code on a site: TOS.

No license is not public domain.

Public domain is tricky.

Licensed projects on Github, as of 2015.

Licenses

Copyleft (Viral)

Permissive (non copyleft)

Copyleft

Are like the borg, they assimilate.

Permissive

Not the borg.

GPL

The most used (and known).

Created by Richard Stallman for GNU.

Version 2 and 3 are used.

GPL

In a nutshell:

If you distribute / sell a product that uses GPL code, you need to provide the source and it needs to be GPL.

Private use is fine.

GPL

Version 2: Liberty or death

Version 3: Tivoization, patents.

"Version 2 or later".

GPL

Web frameworks

Selling themes / Plugins

Usage in SaaS products

Static / dynamic linking

Appstores

GPL

Wordpress, Drupal are GPL.

Hosting your website is not distributing.

Contracting means, however, that you're writing GPL code.

GPL

Selling plugins or themes is ok, but they're GPL.

The consensus is that you're being payed for customizations and support.

Generally images and stylesheets are not considered GPL.

None of this has been proven in a court of law.

Bridging is sometimes ok.

GPL

When GPL 2 was written there was no SaaS.

This was a problem for some.

AGPL fixed it.

GPL 3 avoided it.

GPL

Linking to GPL code means that your code must be GPL.

LGPL was created to avoid that.

Key: dynamic linking.

Until iOS 8 you couldn't dynamically link.

Libraries moved to another license.

Appstores

"To make a copy for your neighbour" conflicts with DRM.

Mac, iOS App Store are a no no.

Android, Linux appstores are fine.

VLC was pulled off initially.

Dual license (like MySQL did).

GPL 3

Is compatible with:

GPL 2 (if "or later" is used)

LGPL, AGPL, Apache 2.0, *BSD, MPL, MIT

GPL 3

Is not compatible with:

GPL 2

AGPL 1, Apache 1.x, APSL, Original BSD, MPL 1.1

More on GNU compatible licenses.

BSD, MIT, ISC

On the other side of the spectrum.

Pretty much do what you want.

Nothing about patents.

Nothing about trademarks.

Simple language.

MPL

In the middle.

Allows proprietary use.

Result can be under a proprietary license.

Can be part of closed source software.

MPL code must be made available.

Patents, trademarks.

Apache

Do what you want.

Preserve copyright, license, notices.

State changes made.

Patents, trademarks.

Fair Source

Tries to monetize OSS.

More than 15 employees: pay.

Difficult to integrate with other licenses.

Sourcegraph, Codenvy, Data Duck, GitLab.

Public domain

Public domain is tricky.

Some lawyers say you can't put things in the public domain.

Some say you can via a 'dedication'.

This is difficult in EU due to 'moral rights'.

sqlite

Unlicense

Tries to put code in the public domain via a license.

Doesn't quite work due to 'moral rights'.

Don't use it.

WTFPL

Do what the fuck you want to license.

Creative Commons

Books, music, photos, blog posts etc.

Not recommended for code.

CC0 is the equivalent of Unlicense.

Which one to choose?

It really depends on your project.

MIT, Apache 2.0, GPLv3

choosealicense.com

Other things

Watch for simple licenses with extra things.

e.g. react's PATENTS file.

Stack Overflow's content is CC, migrating to MIT.

You probably violated the license.

Getting into FOSS

Open Source is not only about code.

Documentation, QA, design etc.

Help a project you use.

Scratch an itch.

Events like Hacktoberfest, meet-ups, hackathons.

A successful project

Takes time and dedication.

Needs a strong hand.

Might need a co-mantainer or two.

Might be given to someone else.

Might be discontinued.

Might be forked (but try to avoid it).

So you've started an FOSS project

Contributions come.

Project grows, gains traction.

You have 100 contributors.

And then...

You decide to change or add another license.

You want to sue someone.

You are getting sued because somebody contributed "bad" code.

So...

You have to get approval from 100 people.

You have to involve anyone in the lawsuit.

You are getting sued for someone else's mistake.

Contributor License Agreement

Copyright gets transferred to you / your organization.

Can protect you from getting sued.

Moral rights rears it's head.

Code of Conduct

Set guidelines on what's accepted or not.

VLC

Moved from GPL to LGPL.

French, so moral and patrimonial rights.

libVLC: 150 devs, 80,000 locs.

Plugins: 300 devs, 300,000 locs.

Resources

Choose an open source license

Software Licenses in Plain English

Cyberlaw

Open Source Licensing - Software Freedom and Intellectual Property Law

Thank you!

[email protected]

@voidberg