summaryrefslogtreecommitdiff
path: root/2016
diff options
context:
space:
mode:
Diffstat (limited to '2016')
-rw-r--r--2016/kim_chang_2016/gplvorg.adoc261
1 files changed, 261 insertions, 0 deletions
diff --git a/2016/kim_chang_2016/gplvorg.adoc b/2016/kim_chang_2016/gplvorg.adoc
new file mode 100644
index 0000000..b8bbc1b
--- /dev/null
+++ b/2016/kim_chang_2016/gplvorg.adoc
@@ -0,0 +1,261 @@
+The past and the future of Free Software License Violations
+===========================================================
+:author: Harald Welte <laforge@gpl-violations.org>
+#:copyright: sysmocom - s.f.m.c. GmbH (License: CC-BY-SA)
+:backend: slidy
+:max-width: 45em
+
+
+
+== About the speaker
+
+* A _deeply_ technical person, IANAL.
+* Started as FOSS sysadmin in the mid-1990ies
+* Network security expert, electronics engineer, software developer.
+* Former Linux Kernel developer from 1999 on
+* Former head of netfilter core team
+* Founder of gpl-violations.org
+* Recipient of FSF Award for the Advancement of Free Software
+* Recipient of Google/O'Reilly Open Source Award
+* Now fully immersed in implementing cellular (GSM/3G) protocol stacks
+ under the Osmocom.org project (mostly AGPLv3)
+
+== My personal journey into _the communities_
+
+The culture in which we grow up defines our values. For me:
+
+* BBS communities (FIDO, Z-Netz, ...) and UseNet @ age 12
+* programming DOS shareware in TurboPascal @ age 13
+** Didn't know about Free Software yet. My apologies!
+* switched to GNU/Linux before Windows 95, never looked back
+** learning about Free Software, GNU, copyleft, the GPL
+* from 1994 on, helped building a non-for-profit ISP
+** started to write + contribute patches against software we used there
+* from 1999 onwards: netfilter/iptables, the Linux 2.3/2.4 packet filter
+
+[role="incremental"]
+=> all of the above were communities of enthusiasts
+
+[role="incremental"]
+* open to anyone
+* information and code was shared freely, to mutual benefit
+
+
+== Linux and license compliance
+
+* Until around 2000, Linux was still the niche of the nerds
+** the Long-bearded gurus used a *real* UNIX instead
+** the rest of the world was trapped in Microsoft-land
+
+[role="incremental"]
+* GPL violations on the Linux kernel were not known to me until about 2002
+* First news about GPL violations made me very upset
+** the industry ignored our culture, rules and norms
+** they took what we had created and did not give back
+** as companies didn't react to friendly reminders, I started legal action
+** gpl-violations.org was started, first legal case in 2003
+** enforcement in hundreds of cases, most of them out of court
+** prevailed in several German court cases, 100% success rate
+
+
+
+== The past of FS license enforcement
+
+For those not around to witness it:
+
+* early work by the FSF (until 2004?)
+** entirely out of court
+* gpl-violations.org (2003-2011)
+** started by a Linux Kernel developer (yours truly)
+* Software Freedom Conservancy (2006-current)
+** doing excellent work on behalf of many projects since
+
+
+== gpl-violations.org early history
+
+* device makers stared to use embedded Linux in WiFi routers
+* vendors did not get into compliance
+* some frustration existed with FSFs back then very tolerant approach
+ of pushing for compliance at Linksys
+* further companies were infringing, triggering me as one of the many
+ copyright holders to pursue independent legal action against product
+ vendors in Germany
+
+
+== gpl-violations.org later history
+
+Fast-Forward 8 years. Results:
+
+* more than two hundred enforcements in total
+** some of them didn't even reach any legal claims
+** most of them were settled out of court
+** some very few actually had to go to court
+* created some of the first precedent in terms of GPL enforcement in
+ court, both in Germany and world-wide
+* not a single case lost
+
+== gpl-violations.org dormancy
+
+* While doing netfilter work as dayjob, there still was time to do
+ compliance work in spare time
+* Increasingly difficult when I got involved with OpenMoko in Taiwan
+ (2007-2009)
+* Impossible to find time while I started + bootstrapped my new
+ company sysmocom from 2011 onwards
+* Big loss to the project when Armijn left in 2012
+
+Result: No gpl-violations.org activity in years. Project became
+dormant.
+
+== gpl-violations.org dormancy
+
+* I've never been particularly sad about the dormancy
+* We did some pioneering and hugely successful work in GPL
+ enforcement, creating ripples throughout the technology industry.
+* The FSFE legal network got started as a forum for related topics
+* Other people (e.g. SFC) started to do enforcement
+* So I didn't think it's a loss if I focus on other areas for an
+ undefined amount of time
+
+Still, it is a pity that it was too much tied to me personally,
+and there was no structure and no team that could continue the work.
+
+Let's learn from that...
+
+== Resurrection, Step 1 (Q4/2015)
+
+* brought historic content of gpl-violations.org back online
+* occasional blog post about GPL related topics again
+* getting more exposure in FOSS legal community again
+* reporting about VMware case (in which I'm not legally involved, but
+ which I very much support)
+
+
+== Resurrection, Step 2 (2016)
+
+* establishing a legal body for new gpl-violations.org activities
+** put project on more shoulders
+** less dependency on me personally
+** taking legal action as natural person didn't allow others to get
+ involved to larger extent due to associated personal risk
+* I wanted to have it established before LLW, but schedule slipped.
+ Plan is to definitely complete this within Q2/2016.
+
+
+== gpl-violations.org e.V.
+
+* structure of a German "eingetragener Verein" (e.V.)
+* membership-based entity, where FOSS developers can become members
+* members can (but do not have to) sign fiduciary license agreement to
+ enable gpl-violations.org e.V. to enforce license on their behalf
+* any enforcement will be done in compliance with the principles of
+ community-oriented enforcement as published by SFC+FSF
+* is not going to be charitable due to increased tax/legal risk
+** financial structure and usage of funds will be published to avoid
+ any claims regarding misappropriation of funds
+
+
+== How is this different to SFC?
+
+* Jurisdiction / Geographic Scope
+** SFC is primarily active in the US (so far?)
+** gpl-violations.org would be primarily active in Germany, maybe EU
+* There's no shortage of violations to enforce, i.e. room for many
+ more people or entities doing active enforcement
+* Very narrow focus on copyleft license enforcement, no other services
+
+Apart from that, in terms of goals and actual enforcement work, not
+all that different. At last not that it is planned.
+
+
+== Isn't more enforcement harmful?
+
+* there is some feeling that more enforcement scares people away from
+ FOSS
+* I think it matters a lot about the _style_ of enforcement. We need
+ more evidence of people caring about licenses and doing enforcement
+ in a proper and respected way; compliance-centric and within a
+ generally accepted common sense.
+* I also think license enforcement is required to make new (corporate)
+ players in the FOSS world comply, and to continuously encourage and
+ increase motivations for companies to be compliant
+* Last, but not least: License enforcement is also happening in
+ proprietary software, so it's not a specific issue of FOSS, so let's
+ not over-dramatize it.
+
+
+== Actual enforcement process
+
+* will probably not look any different from the past
+* reports of GPL violations by the community at large
+* technical investigation + establishing legal evidence
+* sending warning notice to company, requesting cease + desist
+* resolving the issue hopefully out of court
+* going to court whenever it is really necessary
+
+== Taking a step back
+
+[role="incremental"]
+* companies start to work on/with Linux without following
+ collaborative development model. Their management is free to
+** ignore the decades-old requests by the community
+** ignore requests by their own engineers to contribute
+* community upset, because management did *not* enable, allow or require
+** FOSS development to be done in the regular, collaborative process
+** their engineers to contribute
+* gpl-violations.org uses the legal vehicle of copyright enforcement
+** senior management cannot ignore legal threats, we got their attention!
+* Result: they ask their lawyers what needs to be done to comply to
+ the absolute minimum _legally_ required to not get in trouble
+** they do still not follow the collaborative development process
+
+== The cultural impedance mis-match
+
+Surprise: FOSS is about collaborative development
+
+[role="incremental"]
+* participation on mailing lists
+* developing code in public repositories
+* using fine grained commits
+* to **jointly develop software**
+* it is **not about procrastinating over legal issues**
+* FOSS developers _really_ want **collaboration, not license compliance**
+** GPL is just a legal hack to ensure the bare absolute minimum of adherence to the FOSS culture
+** it suffers from impedance mismatch between what can be done under copyright law, and not what is _actually_ the goal in terms of a development model
+** focusing _just_ on legal compliance with the license indicates a lack of understanding
+* **GPL compliance should not be driven only by lawyers!**
+
+== Cultural Differences
+
+[role="incremental"]
+* exist between every set of two cultures
+* think of _Western_ vs. _Asian_ culture
+* westerners (_farang/gaijin/laowei_) are considered rude, if they
+[role="incremental"]
+** stick chopsticks in a rice bowl anywhere in Asia
+** have loud phone conversations on a Japanese train
+** want to split a restaurant bill in China
+** decline to accept Soju offered by their Korean host
+** use a Buddha statues head as decoration in Thailand
+* Being European and coming to Asia likely causes me to make mistakes
+due to the _cultural differences_.
+* those mistakes may cause people to be upset with me. _How could I
+not know?_ Couldn't I at least inform myself before travelling?
+* This is not so different from an electronics or proprietary software
+company first engaging with FOSS
+
+== Outlook
+
+* get over with formalities of establishment
+* get initial group of members to sign up
+* establish and tune the related processes
+* get started with some actual enforcement
+
+== Thanks
+
+* to Armijn Hemel for helping me all those years in the past at
+ gpl-violations.org
+* to Till Jaeger and his team at JBB for all their legal help
+* to FSFE for their great work far beyond the Legal Network
+
+You now have a license to ask questions ;)
personal git repositories of Harald Welte. Your mileage may vary