Slashdot Mirror
Click-Thru Licensing on Open Source Software?
Russ Nelson writes "At the July OSI board meeting last week, we approved the Academic Free License (think MIT/BSD/X11/Apache with a patent grant) and we sent four licenses back for reconsideration. Here's the hitch: we were asked to approve a license which includes a requirement for click-wrap. Read more to see why we're asking you about it.
The submittor had already been asked if that requirement was a necessity. She said yes, because of various legal precedents. We consulted a few people and yes, it looks like a license without click-wrap is weaker at protecting your rights. So, folks, the lawyers are coming. The time is coming when you won't be able to distribute software unless you have presented the license to the user and their assent is necessary to access the software. Even free software. Our industry is maturing and we need to be more legally careful and rigorous.
The question here is whether we should amend the Open Source Definition so that it is clear whether click-wrap licenses are allowable or not. We could go either way, but we want to hear from you first. Your opinions solicited, and engaged!" While I can understand some legal necessities are necessary in the software world, click-thru licenses have never, and will never, make sense to me. Maybe commercial software has soured me on the concept, but I dislike agreeing to something before I even get a chance to use it.
I don't get it. Not only is this an incredibly annoying thing to have, it doesn't make sense on console-based apps. So what, if I want to run a given program I have to see the license and agree to it each time? Once? Twice? Will it ask me again if I'm SURE?
I think this is a very silly idea. If the software is commercial and is a large application as well, I can understand that being there. But, mandating such a rule, and making it across the board (not case-by-case) is unthinkable.
It's horrible that we live in such a litigious society that people have to worry about giving something away for free.
We've ratcheted down another couple of notches into the corporatization of everyday life.
Jim Slattery
Network Guy (MCSE)
Thousands of candles can be lighted from a single candle, and the life of the candle will not be shortened. Happiness never decreases by being shared.
- Buddha
In the event that a license is not legally binding (i.e. a GPL or BSD style license), the terms revert to the default, which is "All Rights Reserved", which is more restrictive than what is being granted by the GPL or BSD license.
So taking advantage of those terms (creating derived works, redistributing, blah blah woof woof) indicates implied assent of the terms.
Besides, the only time licenses have been held not legally binding have been when the software has been sold -- most free software is not sold, it is downloaded. Free Software vendors should be indicating the terms of the GPL (assuming some software is GPLed in their distribution) on the outside of the packaging, but even if they don't, again, the license is not restricting any of the rights you would normally have in a software sale so there is no need for prior assent.
This is all crap until the courts rule on the applicability of licenses like this anyway. Free software licenses do not fall under the same category as normal closed licenses.
... which have no GUI and is installing using
RPM ?
Or updated using RPM?
Or worse, installed using OS installer?
I will sit and click through about 600 EULA-s?
Even through GNU EULA-s?
Is it just me or would this require a massive re-working of the current Open Source system. How do you provide a user with a click-through interface on a tarball? Would you have to distribute source code through a binary just so that you could have an interface for the user to agree to the license? How would the package management/distribution software maintainers respond? How would Open Source OS distributers respond? Contact the maintainers for all pieces of software included in the distribution and get together to have an all-encompasing license?
My personal favorite would be to build a system like Gentoo. It already takes forever to compile the software. But then to wait for the user to interact with each piece as it installs?
Ridiculous. I agree that the Open Source software industry is evolving but I never saw it going in the direction of a massive beuracracy. One of the beautiful things about this software is that it can avoid all of that crap. The industry can turn on a dime. Would it be able to with a requirement like this?
Have your lawyers read Eben Moglen on enforcing the GPL.
-- Some things are to be believed, though not susceptible to rational proof.
I'm suspicious of this, and here's why:
/. saying "I didn't get the click-through because (insert complicated avoidance proceedure here) so it doesn't apply to me." What if I have a child click through?
How do you verify that I have indeed clicked-through the wrapper? I've oft seen people on
In short, how do you have a legally binding contract in the absence of a bidirectional communication that "... the party of the first part, being legally able to enter into a contract and freely entering into the contract, and the party of the second part, being legally able..." zzzzzzzz-snork! (Sorry, nodded off there...)
I question whether click-wrap really improves the strength of the contract or not. I'd like to hear from a professional on this matter, however (Dr. Hawk? You reading this?)
www.eFax.com are spammers
Bruce
Bruce Perens.
I think a lot of people are sour to idea of click-thru licenses because they typically take rights away, in commercial software. But the GPL, BSD License, etc all grant you additional rights.
What is the purpose to making sure people have agreed to these additional rights? It's nice to let them know as a favor, I suppose... Mozilla shows the license during install.
But if they don't agree to the "Open Source" terms, they are left with normal fair-use rights to the software, which, for an open source program, SHOULD BE PERFECTLY FINE. There is nothing we have to take away, so no need to force agreement to the terms. In fact, the GPL says as much. You can still use the application without accepting the GPL, you just can't modify it (due to copyright law).
I can't think of a license under the Open Source terms that takes away rights, therefor I oppose the requirement of such click-thru license agreements.
DRM? No thanks, I'll just get it somewhere else...
No, I'm not talking about warez...but perhaps, if software can't be used without agreeing to the license, shouldn't the seller provide an unlicensed demo? I mean, you aren't required to buy a car just because you test drive it, nor are you required to buy a screwdriver just for taking it off the shelf at Sears.
Software, however, comes with no such luck. You can't try it out at the shop (Apple Store excluded). You can't open it, discover it's shit (*cough* daikatana *cough* *cough* windows xp), and return it. You are required to guess whether you need it, shell out $50-$400 for it, and sign away your rights to share it, sell it, fix it, critize it and in some cases, even use it for its intended purpose, as well as the company's liabilities for their own mistakes.
Can you imagine buying a hammer and having to sign a form saying you won't use it to hammer anything unapproved by Stanley tools?
Not that you'd be buying Stanley tools, what with their moving all their plants to China and Israel and their corp office to Bermuda to avoid taxes, unamerican shitheads.
Hey freaks: now you're ju
Look, the damned lawyers are hauling us up by
our short hairs, we're being eaten alive by a
huge raftload of bad law aided and abetted by
Microsoft and others. There is no longer any
question that we need protection.
It doesn't need to be elaborate. A
file would contain a list of booleans for every
approved open-source license. When an app starts
up it merely calls a library function that checks
to see if that file has the boolean checked and
if it does not, prompts the user by command-line
or dialog box to set it. The OSI licenses them-
selves should be modified to note that OSI soft-
ware will not run without the boolean being set,
and therefore the fact that the software runs is
evidence of user acceptance of the license,
regardless of how the boolean came to be set, by
dialog or user editing.
Distros would, of course, simply combine the
above into part of the install "Do you accede
to the requirements of the following OSI
licenses?" and sets the file up with all booleans
checked. Viola, no more hassle.
Seriously, if a new license springs up requiring a click through, that could work on a desktop, but what about when I rip out the program's optimised hashtable implementation for use in an embedded controller? How is a clickthrough supposed to work then?
If a new input paradigm springs up for desktops, will code licensed under explicit clickthrough terms that aren't satisfied by it be left to rot?
If you're that afraid of people using your stuff, and you don't feel that copyright gives you adequate protection, then you probably shouldn't open the code.
Read the article by Eben Moglen, the lawyer who, for the Free Software Foundation, actually enforces the GPL.
This claim is based on a misunderstanding. The license does not require anyone to accept it in order to acquire, install, use, inspect, or even experimentally modify GPL'd software. All of those activities are either forbidden or controlled by proprietary software firms, so they require you to accept a license, including contractual provisions outside the reach of copyright, before you can use their works. The free software movement thinks all those activities are rights, which all users ought to have; we don't even want to cover those activities by license. Almost everyone who uses GPL'd software from day to day needs no license, and accepts none. The GPL only obliges you if you distribute software made from GPL'd code, and only needs to be accepted when redistribution occurs. And because no one can ever redistribute without a license, we can safely presume that anyone redistributing GPL'd software intended to accept the GPL. After all, the GPL requires each copy of covered software to include the license text, so everyone is fully informed.
I don't understand the posters comments about the ability to defend the license if it's not presented to the user.
Fundamentally under copyright law, you have virtual no rights except that you can use the software. I refer to section 5 of the GPL:
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
Click-wrap licenses should only be necessary if the licenses restricts the *use* of the program.
Tks,
Jeff Bailey
If software companies really want to enforce click through licenses like a contract, why don't they just make it a formal contract? Print it out on official legal paper, require all customers to sign (with witnesses, etc) before they buy, and take people to court if they violate it?
Oh right, because that would mean that people would be paranoid out of their minds whenever they went to buy software. Not to mention that no one under age 18 would be able to buy software (or use it, for that matter). No, software giants WANT the click through license to be as easy and brainless as possible, so people don't realize just how much they're getting screwed. Plus, they don't want the idea of click-through to get too much legal scrutiny, since it would probably be ruled unenforcable. No, they're just interested in the fear factor they get from being able to say "Hey, you clicked to agree that you wouldn't do that! Don't make us come after you!"
A requirement imposed on whom, to do what?
What precedents? Whom did you consult? Whose rights? What's the argument?
What kind of FUD is this? Are you telling us it's a forgone conclusion that you will accept this license? Are you telling us that the FSF (which defines "free software") will accept this license? Are they and other free software distributers going to change their licenses to require click-through?
Come on, Russ. Give us the facts, straight, so we have some basis for discussion.
The evaluation of an action as 'practical' . . . depends on what it is that one wishes to practice.
That's not the purpose for click-through software on free apps. The major reason is liability of the software on a computer. If I install LILO and it wipes out my hard drive, I can sue the writer of the software. Unless, of course, there is a legally binding agreement between me and the software company/programmer who made it that I cannot sue for damage done to my computer, etc.
Moderation: Put your hand inside the puppet head!
They are probably correct that click-through is helpful for typical proprietary licenses. But it is not needed for typical OSS licenses.
You can read http://www.gnu.org/philosophy/enforcing-gpl.html for an explanation of why, from perhaps the world's foremost authority on the subject, FSF lawyer Eben Moglen. But by way of an executive summary:
This is there actually is a fundamental difference between OSS (or at least Free Software) licenses and proprietary ones. By default (in the US) you have no rights to do anything with the software, even run it. Proprietary software licenses offer you a deal whereby you are allowed to run the software, in exchange for agreeing not to do other things that you are typically legally allowed to do. So they give up rights, and you give up rights. But its tough to make a case (in court) that you agreed to give up those rights, if there is no proof that you ever even saw the agreement. That's where click-through comes in.
With a Free Software license, you are only given rights; none are taken away. You might not be able to do some things (like sell it to someone else with a different license), but you aren't allowed to do that stuff by default either. If you break this license, there is no question that you violated copyright law, whether you agreed to the license or not.
So unless they had something in that license that says the user agrees not to do XYZ, which they normally would have the legal right to do without the license, then click-through is completely unnessecary.
Note: IANAL. This comes from extensive reading of GPL materials, writings of IP lawyers like Eben Moglen, and discussions with folks who have actually been in court on IP cases. For advice on a specific situation, contact a good IP lawyer. For everyone else, I highly encourage reading http://www.gnu.org/philosophy/enforcing-gpl.html , which covers this in a bit of detail.
The OSD was developed by the Debian group under the aegis of Software in the Public Interest. Nobody who is presently involved with OSI had any part of that.
OSI is probably the biggest mistake I've ever made, and yes it's my mistake. It's time to clean it up. The OSD should be returned to SPI, who can be trusted to administer it sanely.
Bruce
Bruce Perens.
Having read some of what Eben Moglen wrote, I'm inclined to agree. Software is covered under copyright, and copyright grants your work protection by default. We don't need a shrinkwrap on a book to note that copying it is illegal; the same should remain true of software.
Bruce
Bruce Perens.
The GPL is not a End User License Agreement. EULAs restrict the rights of the End User.
If you want to install emacs on your computer, you don't have to agree to anything. If you want to install Microsoft Word, you are bound by the EULA.
If, however, you want to redistribute emacs or modify the program, you are bound by the GPL. If you want to modify of redistribute Microsoft Word, you may be held liable for civil and criminal penalties.
I suppose if you distributed emacs without source, those same penalties might still apply. The GPL is so much easier...
I took an Econ class this summer for college. It was rather boring, but the one thing that I really got out of the class was this: the more expensive the lawyer, the better a chance you'll win when someone sues you.
What does this have to do with software? Well, a cheap lawyer will tell you this:
Software is covered under copyright, and copyright grants your work protection by default. We don't need a shrinkwrap on a book to note that copying it is illegal; the same should remain true of software.
An expensive lawyer will laugh at that response and will tell you that you need to set up every possible legal defense if you don't want to get sued for millions of dollars. And the best line of defense: be the first to state the rules of the game. If the other team has to play by your rules, you have much better odds of winning.
So, when it comes to software, be it commercial or open source, it's always safer for the publisher to present the license (which goes far beyond the limits of ordinary copyright), because it gives them the advantage in court. Whether or not the license is legal under Copyright Law doesn't matter, because (the other thing I learned in Econ) the first line of defense in court is not the law, it is FUD. If you have the more expensive lawyer, the bigger contract, and the Italian-quality suits, you stand a better chance at frightening the other party into submission.
First, it's necessary for you to divorce copyright from warranty in your mind. Warranty does not necessarily follow copyright. In many cases, the warrantor will be the person you got the software from, regardless of whether they hold a copyright. And they may be able to pass on damages to the person they got the software from, perhaps the original developer. I think the risk to FTP sites is low, but to distributions, who put more active work into the process, and sometimes get a cash consideration, it's high.
The problem is what is the default in the law regarding warranties. If the default were clearly no warranty, Free Software would be OK. To the extent that the default is otherwise, we are less OK, and must deal with imperfect instruments for disclaiming warranties, and getting the user to agree to indemnify us (pay for our damages). But our goal is not to go to court at all. The minute someone has us in court, we're already losing money. So, we want it to be so clear that there is no warranty that nobody will ever try to sue. This is why people are tempted to use click-wrap. But I don't think that requiring it is the right solution.
Bruce
Bruce Perens.
I work with a MacOSX based package manager called fink. It essentially allows users to automatically download, compile, and install software.
Each package description contains a license field. One such possible value for the field is "OSI-Approved". As fink is frequently used to automate package installations, a shrinkwrap licensing requirement would be most cumbersome, and require extra debugging. We'd have novice package maintainers submitting shrink-licensed packages with "OSI-Approved" designations, but without the logic to handle "shrinkwrap".
And how would you propose to impliment it?
This isn't windows where you can be sure that everyone is using a GUI, and
doing the install on a GUI... how about an OS install?
When I install even a very minimal Debian system I am sure that the software beinbg instatalled is not all licensed from Debian, in fact, only a versy small amount of it is. Some of it is the FSF, some of it is Xfree86, some of it is Berkley, some of it is licensed from other people entirely.
I should have to "click through" how many hundreds of times to get the OS on my box? How about if I want to impliment automated installs? Like say my office mate whpose job it is going to be to setup a research computing cluster... installing software in parallel on a whole cluster of boxen at once?
Secondly, I don't knbow if you read it but neither the GPL nor any other Free Software license that I have seen says much about USE of the software. USE is implied by posession, its Fair Use. You only need these licenses to DISTRIBUTE the software. Thats the whpole reason the GPL exists... to give people terms of a distribution license.
I think thats the major disconnect here, these are not USE licenses (frankly IMNSHO use should be covered under fair use doctrine anyway, making the whole "click through" issue moot) they are distribution licenses.... and not neede dfor use at all...
Its very simple. Legally you have no right to redistribute a copyrighted work by default. So if you don't accept the distribution license (GPL, BSD, whatever it is) then you have no legal right to distribute. So distribution implies agreement with the license.
-Steve
"I opened my eyes, and everything went dark again"
There are many reasons why click-through licenses are bad:
- They obviously place the software distributor in a place of power over the end user, something that free software is supposed to combat.
- There is no clear way to define who agreed to what. What if the purchaser isn't the same as the user? What if a user installs software on a computer and then resells that computer, with it's software, to another user.
- Software licensing is too complicated. That complication is a barrier to entry for small, independent software authors. Promotion of a software "fair use" doctrine that says that click-through licenses are unnecessary seems to be in the public interest.
- Click-through licenses provide a convenient method for a downhill slide towards prohibition of other fair uses, such as reverse engineering or published benchmarks or criticism. They may also provide a mechanism for other onerous goals: censorship ("you agree not to use this software to produce communist manifestos"), patent abuse ("you agree that our patents are valid"), barring trade or competition ("you agree not to sell this program to Pakistan or the FBI")... The list is endless. Not that this is what's planned, but once the door is opened, who knows where it leads?
- Every additional click-through license in use marginalizes the existing non-click-through licenses, making them seem more like some lunatic fringe rather than plain use of copyright law. No matter how OSI feels about the FSF and the GPL, I as a user understand and appreciate the GPL's stand on this issue: "You are not required to accept this License, since you have not signed it.
- Click-wrap licenses, if they spread to other media, will quickly lead us into a "pay-per-use" world. Click-wrap issues have barely been touched by the courts, and a small push in the right direction now may help keep us away from that path.
Please fight to keep click-wrap licenses away from Free and Open-Source Software. I understand that overly cautious lawyers (is there another kind?) will wring their hands over the idea of bucking the trend, but this is a battle worth fighting."Use" contracts make no sense (and have been shot down by courts when applied to other copyrighted content). Though you have not provided any details as to why the party in question wants them, I fail to see a compelling legal reason why they should be allowed.
Please reply to eds at reric.net if I can be of any assistance.
314-15-9265
I'm a bit bemused by the idea that clicking a button during an installation process can bind me in the same way as a physical signature can. At least with physical signatures on physical documents (or even the electronic kind used at many retail stores these days) both parties to the transaction have some record that can be used, later, to prove who agreed to what. With a click-through license, there is only the presumption of acceptance, based on some pretty dodgy inductive reasoning (since you are using the software you must have, at some point in the past, clicked the "Ok" button on the license screen, hence you have agreed to, and are bound by, the EULA!).
Now, I can see that, for OSI approved license, where the original license holder may be difficult or impossible to contact, such a licensing policy would be very inconvenient, but for the bulk of commercial licenses, a more positive assent to the EULA would be preferable.
You know what would protect us? Properly written law. Like if we could get the right text into UCITA instead of the wrong text that is there. I am not optimistic.
Bruce
Bruce Perens.
There is a big difference between all OSS licenses that I know of (BSD, GPL and LGPL) and commercial licenses:
You don't need to agree with the license in order to use the product.
I remember a windows GPL:ed program (might have been a port of the GIMP) that in the installer showed the GPL like most programs show a license, but with the difference that a text below the small scrollbox said something along the lines "Please note that you don't have to agree with this license to use the program. You only have to agree with it if you want to redistribute this program" and there was only one button to continue (think it said "cool", definitely not "I agree").
Here is how I see it, but IANAL:
If no special license is agreed upon, then normal copyright laws apply. Since basically all non-OSS licenses restrict the users rights (compared to copyright law), they need to force the user to accept the license in order to use the program. They also have to convince the court that the user has seen and accepted the license before installing, thus click-through licenses.
Since OSS licenses don't restrict users (compared to copyright) but instead grants extra freedoms, there is no need to accept the license ever. If somebody violates the GPL he can't state that he has not agreed upon the license, in that case he has violated copyright instead and he's in trouble no matter what.
My impression is that the company who wants a license demanding click-through either has not thought about it enough or is trying to get a license passed as OSS compliant when it in fact is not. In either case it would be wrong to accept it.