From 2366ad1c385cecf3ead68b5a377614593441491e Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Fri, 27 May 2016 15:55:32 +0900 Subject: add slodes from FSFE LLW 2016 workshop --- 2016/llw/llw-gplvorg.adoc | 173 ++ 2016/llw/llw-gplvorg.html | 4345 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 4518 insertions(+) create mode 100644 2016/llw/llw-gplvorg.adoc create mode 100644 2016/llw/llw-gplvorg.html (limited to '2016') diff --git a/2016/llw/llw-gplvorg.adoc b/2016/llw/llw-gplvorg.adoc new file mode 100644 index 0000000..a963819 --- /dev/null +++ b/2016/llw/llw-gplvorg.adoc @@ -0,0 +1,173 @@ +The past and the future of Free Software License Violations +=========================================================== +:author: Harald Welte +#:copyright: sysmocom - s.f.m.c. GmbH (License: CC-BY-SA) +:backend: slidy +:max-width: 45em + + + +== About the speaker + +* A _deeply_ technical person, IANAL. +* Started as FOSS sysadmin in the mid-1990ies +* Network security expert, electronics engineer, software developer. +* Former Linux Kernel developer from 1999 on +* Former head of netfilter core team +* Founder of gpl-violations.org +* Recipient of FSF Award for the Advancement of Free Software +* Recipient of Google/O'Reilly Open Source Award +* Now fully immersed in implementing cellular (GSM/3G) protocol stacks + under the Osmocom.org project (mostly AGPLv3) + +== The past of FS license enforcement + +For those not around to witness it: + +* early work by the FSF (until 2004?) +** entirely out of court +* gpl-violations.org (2003-2011) +** started by a Linux Kernel developer (yours truly) +* Software Freedom Conservancy (2006-current) +** doing excellent work on behalf of many projects since + + +== gpl-violations.org early history + +* device makers stared to use embedded Linux in WiFi routers +* vendors did not get into compliance +* some frustration existed with FSFs back then very tolerant approach + of pushing for compliance at Linksys +* further companies were infringing, triggering me as one of the many + copyright holders to pursue independent legal action against product + vendors in Germany + + +== gpl-violations.org later history + +Fast-Forward 8 years. Results: + +* more than two hundred enforcements in total +** some of them didn't even reach any legal claims +** most of them were settled out of court +** some very few actually had to go to court +* created some of the first precedent in terms of GPL enforcement in + court, both in Germany and world-wide +* not a single case lost + +== gpl-violations.org dormancy + +* While doing netfilter work as dayjob, there still was time to do + compliance work in spare time +* Increasingly difficult when I got involved with OpenMoko in Taiwan + (2007-2009) +* Impossible to find time while I started + bootstrapped my new + company sysmocom from 2011 onwards +* Big loss to the project when Armijn left in 2012 + +Result: No gpl-violations.org activity in years. Project became +dormant. + +== gpl-violations.org dormancy + +* I've never been particularly sad about the dormancy +* We did some pioneering and hugely successful work in GPL + enforcement, creating ripples throughout the technology industry. +* The legal network got started as a forum for related topics +* Other people (e.g. SFC) started to do enforcement +* So I didn't think it's a loss if I focus on other areas for an + undefined amount of time + +Still, it is a pity that it was too much tied to me personally, +and there was no structure and no team that could continue the work. + +Let's learn from that... + +== Resurrection, Step 1 (Q4/2015) + +* brought historic content of gpl-violations.org back online +* occasional blog post about GPL related topics again +* getting more exposure in FOSS legal community again +* reporting about VMware case (in which I'm not legally involved, but + which I very much support) + + +== Resurrection, Step 2 (2016) + +* establishing a legal body for new gpl-violations.org activities +** put project on more shoulders +** less dependency on me personally +** taking legal action as natural person didn't allow others to get + involved to larger extent due to associated personal risk +* I wanted to have it established before LLW, but schedule slipped. + Plan is to definitely complete this within Q2/2016. + + +== gpl-violations.org e.V. + +* structure of a German "eingetragener Verein" (e.V.) +* membership-based entity, where FOSS developers can become members +* members can (but do not have to) sign fiduciary license agreement to + enable gpl-violations.org e.V. to enforce license on their behalf +* any enforcement will be done in compliance with the principles of + community-oriented enforcement as published by SFC+FSF +* is not going to be charitable due to increased tax/legal risk +** financial structure and usage of funds will be published to avoid + any claims regarding misappropriation of funds + + +== How is this different to SFC? + +* Jurisdiction / Geographic Scope +** SFC is primarily active in the US (so far?) +** gpl-violations.org would be primarily active in Germany, maybe EU +* There's no shortage of violations to enforce, i.e. room for many + more people or entities doing active enforcement +* Very narrow focus on copyleft license enforcement, no other services + +Apart from that, in terms of goals and actual enforcement work, not +all that different. At last not that it is planned. + + +== Isn't more enforcement harmful? + +* there is some feeling that more enforcement scares people away from + FOSS +* I think it matters a lot about the _style_ of enforcement. We need + more evidence of people caring about licenses and doing enforcement + in a proper and respected way; compliance-centric and within a + generally accepted common sense. +* I also think license enforcement is required to make new (corporate) + players in the FOSS world comply, and to continuously encourage and + increase motivations for companies to be compliant +* Last, but not least: License enforcement is also happening in + proprietary software, so it's not a specific issue of FOSS, so let's + not over-dramatize it. + + +== Actual enforcement process + +* will probably not look any different from the past +* reports of GPL violations by the community at large +* technical investigation + establishing legal evidence +* sending warning notice to company, requesting cease + desist +* resolving the issue hopefully out of court +* going to court whenever it is really necessary + +== Outlook + +* get over with formalities of establishment +* get initial group of members to sign up +* establish and tune the related processes +* get started with some actual enforcement + +Let's meet again next year at LLW and talk about the progress by then. + +== Thanks + +* to Armijn for helping me all those years in the past at + gpl-violations.org +* to Till Jaeger and his team at JBB for all their legal help +* to FSFE for their great work far beyond the Legal Network + +You now have a license to ask questions (SCNR). diff --git a/2016/llw/llw-gplvorg.html b/2016/llw/llw-gplvorg.html new file mode 100644 index 0000000..678b9ab --- /dev/null +++ b/2016/llw/llw-gplvorg.html @@ -0,0 +1,4345 @@ + + + + +The past and the future of Free Software License Violations + + + + + + + + +
+

About the speaker

+
+
    +
  • + +A deeply technical person, IANAL. + +
  • +
  • + +Started as FOSS sysadmin in the mid-1990ies + +
  • +
  • + +Network security expert, electronics engineer, software developer. + +
  • +
  • + +Former Linux Kernel developer from 1999 on + +
  • +
  • + +Former head of netfilter core team + +
  • +
  • + +Founder of gpl-violations.org + +
  • +
  • + +Recipient of FSF Award for the Advancement of Free Software + +
  • +
  • + +Recipient of Google/O’Reilly Open Source Award + +
  • +
  • + +Now fully immersed in implementing cellular (GSM/3G) protocol stacks + under the Osmocom.org project (mostly AGPLv3) + +
  • +
+
+
+
+

The past of FS license enforcement

+
+

For those not around to witness it:

+
    +
  • + +early work by the FSF (until 2004?) + +
      +
    • + +entirely out of court + +
    • +
    +
  • +
  • + +gpl-violations.org (2003-2011) + +
      +
    • + +started by a Linux Kernel developer (yours truly) + +
    • +
    +
  • +
  • + +Software Freedom Conservancy (2006-current) + +
      +
    • + +doing excellent work on behalf of many projects since + +
    • +
    +
  • +
+
+
+
+

gpl-violations.org early history

+
+
    +
  • + +device makers stared to use embedded Linux in WiFi routers + +
  • +
  • + +vendors did not get into compliance + +
  • +
  • + +some frustration existed with FSFs back then very tolerant approach + of pushing for compliance at Linksys + +
  • +
  • + +further companies were infringing, triggering me as one of the many + copyright holders to pursue independent legal action against product + vendors in Germany + +
  • +
+
+
+
+

gpl-violations.org later history

+
+

Fast-Forward 8 years. Results:

+
    +
  • + +more than two hundred enforcements in total + +
      +
    • + +some of them didn’t even reach any legal claims + +
    • +
    • + +most of them were settled out of court + +
    • +
    • + +some very few actually had to go to court + +
    • +
    +
  • +
  • + +created some of the first precedent in terms of GPL enforcement in + court, both in Germany and world-wide + +
  • +
  • + +not a single case lost + +
  • +
+
+
+
+

gpl-violations.org dormancy

+
+
    +
  • + +While doing netfilter work as dayjob, there still was time to do + compliance work in spare time + +
  • +
  • + +Increasingly difficult when I got involved with OpenMoko in Taiwan + (2007-2009) + +
  • +
  • + +Impossible to find time while I started + bootstrapped my new + company sysmocom from 2011 onwards + +
  • +
  • + +Big loss to the project when Armijn left in 2012 + +
  • +
+

Result: No gpl-violations.org activity in years. Project became +dormant.

+
+
+
+

gpl-violations.org dormancy

+
+
    +
  • + +I’ve never been particularly sad about the dormancy + +
  • +
  • + +We did some pioneering and hugely successful work in GPL + enforcement, creating ripples throughout the technology industry. + +
  • +
  • + +The legal network got started as a forum for related topics + +
  • +
  • + +Other people (e.g. SFC) started to do enforcement + +
  • +
  • + +So I didn’t think it’s a loss if I focus on other areas for an + undefined amount of time + +
  • +
+

Still, it is a pity that it was too much tied to me personally, +and there was no structure and no team that could continue the work.

+

Let’s learn from that…

+
+
+
+

Resurrection, Step 1 (Q4/2015)

+
+
    +
  • + +brought historic content of gpl-violations.org back online + +
  • +
  • + +occasional blog post about GPL related topics again + +
  • +
  • + +getting more exposure in FOSS legal community again + +
  • +
  • + +reporting about VMware case (in which I’m not legally involved, but + which I very much support) + +
  • +
+
+
+
+

Resurrection, Step 2 (2016)

+
+
    +
  • + +establishing a legal body for new gpl-violations.org activities + +
      +
    • + +put project on more shoulders + +
    • +
    • + +less dependency on me personally + +
    • +
    • + +taking legal action as natural person didn’t allow others to get + involved to larger extent due to associated personal risk + +
    • +
    +
  • +
  • + +I wanted to have it established before LLW, but schedule slipped. + Plan is to definitely complete this within Q2/2016. + +
  • +
+
+
+
+

gpl-violations.org e.V.

+
+
    +
  • + +structure of a German "eingetragener Verein" (e.V.) + +
  • +
  • + +membership-based entity, where FOSS developers can become members + +
  • +
  • + +members can (but do not have to) sign fiduciary license agreement to + enable gpl-violations.org e.V. to enforce license on their behalf + +
  • +
  • + +any enforcement will be done in compliance with the principles of + community-oriented enforcement as published by SFC+FSF + +
  • +
  • + +is not going to be charitable due to increased tax/legal risk + +
      +
    • + +financial structure and usage of funds will be published to avoid + any claims regarding misappropriation of funds + +
    • +
    +
  • +
+
+
+
+

How is this different to SFC?

+
+
    +
  • + +Jurisdiction / Geographic Scope + +
      +
    • + +SFC is primarily active in the US (so far?) + +
    • +
    • + +gpl-violations.org would be primarily active in Germany, maybe EU + +
    • +
    +
  • +
  • + +There’s no shortage of violations to enforce, i.e. room for many + more people or entities doing active enforcement + +
  • +
  • + +Very narrow focus on copyleft license enforcement, no other services + +
  • +
+

Apart from that, in terms of goals and actual enforcement work, not +all that different. At last not that it is planned.

+
+
+
+

Isn’t more enforcement harmful?

+
+
    +
  • + +there is some feeling that more enforcement scares people away from + FOSS + +
  • +
  • + +I think it matters a lot about the style of enforcement. We need + more evidence of people caring about licenses and doing enforcement + in a proper and respected way; compliance-centric and within a + generally accepted common sense. + +
  • +
  • + +I also think license enforcement is required to make new (corporate) + players in the FOSS world comply, and to continuously encourage and + increase motivations for companies to be compliant + +
  • +
  • + +Last, but not least: License enforcement is also happening in + proprietary software, so it’s not a specific issue of FOSS, so let’s + not over-dramatize it. + +
  • +
+
+
+
+

Actual enforcement process

+
+
    +
  • + +will probably not look any different from the past + +
  • +
  • + +reports of GPL violations by the community at large + +
  • +
  • + +technical investigation + establishing legal evidence + +
  • +
  • + +sending warning notice to company, requesting cease + desist + +
  • +
  • + +resolving the issue hopefully out of court + +
  • +
  • + +going to court whenever it is really necessary + +
  • +
+
+
+
+

Outlook

+
+
    +
  • + +get over with formalities of establishment + +
  • +
  • + +get initial group of members to sign up + +
  • +
  • + +establish and tune the related processes + +
  • +
  • + +get started with some actual enforcement + +
  • +
+

Let’s meet again next year at LLW and talk about the progress by then.

+
+
+
+

Thanks

+
+
    +
  • + +to Armijn for helping me all those years in the past at + gpl-violations.org + +
  • +
  • + +to Till Jaeger and his team at JBB for all their legal help + +
  • +
  • + +to FSFE for their great work far beyond the Legal Network + +
  • +
+

You now have a license to ask questions (SCNR).

+
+
+ + -- cgit v1.2.3