GPL May Not Work In German Legal System

erbse2 writes "It may be that the (L)GPL can not be (fully) enforced under German jurisdiction. This is at least the conclusion professor Gerald Spindler of the jurisprudential faculty of the University of Goettingen came to when he examines the Legal questions of the open source software (It's long, it's complex and it's in German and it's written by a professor, so don't expect to understand anything, if you are not a German lawyer). Heise News has the article in German, however, the fish may be with you. IANAL, however, as one can put some of the legal problems aside, most of the concerns mentioned in there should provoke at least some thought by brave men around RMS."

Translation

[Renegade+Lisp]

Here's a rough, carbon-based translation of the Heise news article. Please don't hold me liable for it :-)

The Organization of German Software Industries (VSI) considers its view reinforced that using Open-Source-Software leads to jurisdictional uncertainties. On behalf of VSI, Professor Gerald Spindler of the law faculty at the University of Goettingen examined "Jurisdictional Questions of Open Source Software". In more than 100 pages he examines the situation from different perspectives: Author's Rights (Urheberrecht), Usage Rights (Verwertungsrecht), and Liability Rights (??, Haftungsrecht).

Spindler spots jurisdictional uncertainties for all parties involved: Developers may be held liable if software does not work as expected, even if they only participated marginally in the development, rather than being a lead developer. Employers could walk on thin ice if they pay employees for writing Open Source Software. And buyers of such software must be prepared that liability is limited to the criteria common for items given away for free, i.e. severe negligence only.

Although one could argue about one or the other detail of the study, it spells out many problems. The license that is probably most popular for free software, the GPL, is hardly considered to be fully enforceable in the German maze of laws. For VSI, the results are probably most welcome, in order to spread uncertainty among people interested in Open Source, who are currently watching the actions of SCO against IBM eagerly.

Re:Translation

[Random+Walk]

There is a group of German lawyers who have founded IFROSS, a private institution to study legal problems with open source in Germany. They have quite a few publication on this issue, including a detailed study of the GPL.

They conclude that under German law, the authors liability is most probably limited to intentional damage and gross negligence.

Also, they argue that clause 2 (allowing modifications) and clause 9 ("and any later version") may be problematic. The problem with clause 2 is that modifications of a program may (e.g.) tarnish the reputation of the author, and legally one cannot waive one's right to sue for that (at least in Germany). Also, apparently the author may claim that modifications violate the artistic integrity of her work. However, the analysis foresees problems mainly for works of art, rather than utility programs. Clause 9 is problematic because here the author waives rights for future usage modes that she cannot yet foresee. But licences can only apply to usage modes presently known.

The baseline of problems with the GPL seems to be that in Germany (and, I think, also in other european states), waiving or selling of basic personal rights is usually not possible.

Re:Actually, the GPL hasn't exactly worked..

[prockcore]

The SCO cases is supposed to be the first test, but that might not happen anyway.

No, SCO is not challenging the GPL, SCO really has little to do with linux.. it is about two things, one, a contract dispute with IBM, two, ownership of derivatives (they claim that if you write code and license it to SCO for use in SysV, then SCO owns all rights to that code and you cannot take that same code and use it elsewhere).

Re:In other news

[73939133]

Actually, I believe SCO is under a restraining order in Germany that prohibits them from making the kinds of outrageous claims about Linux that they have been making in the US.

Re:that doesn't make much sense

[SmallFurryCreature]

Well, the whole things smells of FUD anyway. Since when are software makers liable for damages anyway? I can think only of virus writers who are held accountable for the actions of the code they written. Oh and that poor guy who made DeCCS(?).

If you buy and run product X be it linux/windows/aix/????? and it destoys youre data, sleeps with youre cat and sets fire to youre wife then though luck. Sure some special contracts exist wich rememdy this but these are little more then extremely expensive insurance policies such as you could buy from any insurance agency.

But the VSI can't really be blamed for this FUD. Suse is right there in germany stealing their contracts. Damn commies must be stopped or else what did they tear down the wall for!!!! :)

Really europe makes some extremely dence laws, netherlands introduced a .5 to 1 euro tax on dvd recordables, but opensource here is pretty hot. Well compared to the us goverment. Anything to stick it to the yanks!

IANAL but I'm German

[Advocadus+Diaboli]

and besides the fact that this study is just a big piece of FUD sponsored by the VSI (which is practically equal to Microsoft) you should know that also the EULA is invalid according to the german laws.

The only problem is that justice is not a matter of laws and "being right" anymore, actually (thanks to the lawyers) its more a matter of money. And sadly money is the resource that Microsoft has in big ammounts.

Summary starts on p. 104

[Get+Behind+the+Mule]

If you can read German (and this is heavily legal German, the hardest kind of language to work through), you might want to start with the three-page summary on page 104, rather than plow through all 100+ pages.

I don't have a lot of time, but here's my first impression. IANAL, etc., etc. The summary raises three categories of legal problems, involving (1) the copyright holder, (2) contract law, and (3) liability. Actually, it seems to me that everything boils down to the issue of liabiliy: who has to pay if the software is defective in some way. Identifying the copyright holder and clarifying the contract are all means to the end of deciding who has to pay up. Incidentally, the text occasionally mentions open source software in general, but it appears that the only license analyzed in detail is the GPL (at least in the summary).

The section about the copyright holder strikes me as a tremendous struggle with what should be an easy question. Prof. Spindler or whatever says that since so many people may have contributed to the development of GPL'd software, in so many different countries, there may be huge problems identifying the copyright holder. This is the longest and most complicated part of the summary, and I'm not into working it all through right now, especially since I don't see the problem. Isn't this a moot issue with the GPL, since there is always exactly one copyright holder, regardless of who else contributed? That is, if the distributor of GPL'd software elects to include someone else's contribution, they nevertheless distribute it under their own copyright?

There are other issues in this section: if a company pays employees to contribute to GPL'd software, they might not be able to let the company be the copyright holder, because they do it for money, and the GPL allegedly says you can only do this free of charge. (Is that right?) It also raises the problem that the GPL as a business contract (one business allows another to use software under the conditions of the GPL) may be problematic since it's only in English. And that it is difficult to know when the GPL applies to new development, since the criteria for determining whether one software is derivative of another are unclear.

The second part contains what I think is the most critical claim: That the exclusion of warranty and liability in GPL sections 11 and 12 is not valid under German law. Open source software is legally regarded as a gift, and even for gifts, German law requires certain minimal standards of consumer protection, for example against deliberate or gravely negligent defects.

And so in the third section, Prof. Spindler claims that there are liability issues related to open source software, for the aforementioned cases of deliberate or gravely negligent failures of the software. He specifically mentions that distributors may be liable for viruses distributed in the software. Also, third-party-users may have stronger liability claims if they suffer damages caused by GPL'd software. For example, if a provider uses GPL'd software that is used in turn by its customers, and the software has some kind of defect that harms the customers, then the provider itself may be limited with respect to liability claims against the software authors, but the customers might be able to make stronger claims against the provider. "Download centers" or software distributors (such as SuSE, I guess) may be liable for distributing defective open source software. And if a provider or distributor does not hire support or consultants to help them ensure that the software is not defective, they may be exposed to liability claims because they were insufficiently diligent.

As I said, this summary reflects a superficial read-through and I'd be surprised if I've really understood it all. Hope it helps, but don't sue me if my summary/translation is defective. %^)

Re:Slam SCO, now GPL?

[dirkx]

In germany (and in fact in most countries visited by Napoleon) the broad 'as-is' disclaimer generally is quite an issue.

In the US it is very normal that two 'grown up' parties agree to something fair reaching; such as waiving certain rights or liabilties with respect of each other.

In most of (continental) europe that is not quite so easy; and the contract or agreemnt which two parties may have with each other may simply be overclassed by national law or 'common sense' in that respect.

The national law dictates that there are certain minimal levels and that disowning it all is simply not an option.

So regardless of what the developer (dis)claims with respect to warranty; the court may well held him liable to a certain extend.

At the same time, there is also a bright side; those liabilities are generally much more limited and 'capped' than in the US; and hardly ever exceed a small multiple of the resonable sum/economic value of the good (and not what can be done with that good). And they also put very reasonable demands on the 'user'. Willy nilly risking 5 million of lost production on a bit of untested free software is not going to ring true with the judge. He expects (more) resonable caution than generally in the US.

Also note that the scope of damages is very propotional to the purchace/gains of the developer/transaction. Sor 'free' (as in gratis') software those amounts are obviously not going to be very large.

Except if there is a bit more blame; i.e. someone knowingly dropping the ball. And unlike the US, where that waiver is going to help you - it may do little or nothing in most of Europe. Whereas in the US you are fairly secure.

On the other hand - any secondary damages issues are not nearly as much of a problem in europe, and virtually unheard of. Plus bear in mind that cost recovery and legal assistance is on an entirely different level in germany compared to the US. This making the issue of frivolous lawsuits by a megacorp which cripples a small developer virtually unheard of in most of the EU.

So in short; yes - you are bit more open to exposure in Europe - but as long as you behave resonably and are not vandalizing the hight of that exposure is very limited; and proportional to your fairly direct and clear cut gains from that software. And with open source / gratis - that is not going to make you go bust.

Dw