GPL May Not Work In German Legal System

erbse2 writes "It may be that the (L)GPL can not be (fully) enforced under German jurisdiction. This is at least the conclusion professor Gerald Spindler of the jurisprudential faculty of the University of Goettingen came to when he examines the Legal questions of the open source software (It's long, it's complex and it's in German and it's written by a professor, so don't expect to understand anything, if you are not a German lawyer). Heise News has the article in German, however, the fish may be with you. IANAL, however, as one can put some of the legal problems aside, most of the concerns mentioned in there should provoke at least some thought by brave men around RMS."

Re:Translation

[Sique]

Spindler spots jurisdictional uncertainties for all parties involved: Developers may be held liable if software does not work as expected, even if they only participated marginally in the development, rather than being a lead developer. Employers could walk on thin ice if they pay employees for writing Open Source Software. And buyers of such software must be prepared that liability is limited to the criteria common for items given away for free, i.e. severe negligence only.

But the same is valid for all commercial software in Germany too. EULAs have repeatedly been denied validity because of the german contract law. EULAs are a contract between you and the author of the software. But because you didn't buy the software directly from the author, but from a third party (the reseller, the company bundling the software with a computer etc.pp.), EULAs can't be enforced. All the author can impose on you is the priviledges he gains from the Author's Right (Urheberrecht).

This makes software under GPL in no way different than any commercial software you buy in Germany from a liability point of view.

that doesn't make much sense

[73939133]

The article says that even minor contributors to an open source software project might incur substantial liability if the software doesn't perform correctly, employers might be liable if they permit their employees to develop open source software, and yet users of open source software might not be able to get much protection if the software malfunctions. The whole thing sounds like scare tactics to me.

This is not surprising, since the study was commissioned by the VSI, an alliance of closed source software development companies, whose members are the usual suspects: Microsoft, Sun, Autodesk, and others. I suspect that if the BSA commissioned something similar in the US, they could find a "legal expert" giving the same kind of opinion.

In any case, if this really is the legal situation in Germany (or any other nation), the logical next step is to fix the laws. There is no reason to leave any legal uncertainty around BSD or GPL-like licenses: they are clearly one valuable and valid way of licensing software, and they are an important component of a free market in software.

Re:Translation of page 2 of the study

[slimme]

If you give a lawyer (or a professor) the task to examine a contract and make a list of all possible weak spots in the contract, he (or she) will do so. Of course this lawyer might find very strong elements, but he (or she) is not being paid to list them ;)

So here you got a list with all things that might go wrong with the GPL in Germany. The same thing could be done with any contract (most contracts are dubious and open for interpretation).

You should thank the opposition (VSI) for giving their money to investigate your contract. Read it wisely and improve where necessary.

Re:Translation

[pubjames]

I think I've spotted some uncertainties myself:

Developers may be held liable if software does not work as expected, even if they only participated marginally in the development

followed by:

And buyers of such software must be prepared that liability is limited to the criteria common for items given away for free, i.e. severe negligence only.

These cannot both be true i.e. it cannot be that OSS developers are liable and yet buyers cannot hold anyone liable.

I think the guy is just trying to point out as many possible legal holes as possible. This is what lawyers do. Put any contract in front of a lawyer and they'll find holes it in. If they couldn't they'd be out of a job.

Re:Slam SCO, now GPL?

[Stephan+Schulz]

German courts are playing both sides, now?

Well, first of all I hope that German courts (indead, all courts) decide cases based on their merits and current law, not on wether they like one side better. It's the task of the legislative power to make laws that prefer the side we like better ;-).

Secondly, no court was involved, but a German Professor of Law wrote a study.

And thirdly, the study was commissioned by a trade association of proprietary software companies -- what do you expect? Even without suspecting the author of willful misinterpretation, you can be sure that the sponsor carefully picked somebody who shared their vision or something to that effect.

Re:Actually, the GPL hasn't exactly worked..

[pe1rxq]

It might not be an excuse for the first theft...
But in this case it is not without SCO's knowledge...or atleast they had the opportunity to examine the source before distributing it.
By not doing it (and thus taking a risk) they forfitted the right to complain later. SCO's argument that nobody checks before shipping is nonsense. Just because everybody takes risks does not mean that they don't have to face the consequences of their actions.

Once the first 'widget' gets through the offending company might use your apparent approval as a sign for subsequent 'theft'.
In the case of IBM vs SCO not even the theft has been proven...

Jeroen

Re:Translation

[egghat]

Open Source is NOT the main problem, the main problem *may* be the lack of liability.

Every producer of every product on Earth has some kind of liability. That's not different when producing software. Even if the EULA or the GPL claim otherwise. This problem gets worse with a software that is created by a team of volunteers in 10 countries around the world. Who is liable? Under which laws of which country?

There are a lot of other minor problems in the article. E.g. that you don't need to confirm that you agree to the GPL while installing the software. (That's similiar to unacceptable "with opening this box you agree to the EULA" when the EULA is *in* the box). You simply can't agree to sth. you haven't seen.

Btw., the article doesn't mention, how to fix the license. You'll get what you pay for ...

Bye egghat.

The study is not about the GPL at all

[heironymouscoward]

Raising the GPL as "exposing companies to legal risks" is playing games with concepts. The GPL defines what can and can't be done with software written under that license. It does not, and cannot, define commercial conditions and liabilities for using the software. This is firstly a matter for national legal systems, and secondly a matter for contracts between parties.

Let us imagine for a second that this is actually a fault in the GPL. Now, what about public domain software (not GPL), such as software freely provided by computer manufacturers, or by individuals or groups. Exactly the same issues apply: writing such software can expose the programmer and company to liability, and using such software means you have to accept that no-one is liable.

Now how about commercial software. Is this any different? No, it can be criticised for exactly the same reasons.

So, it's clear that the so-called study is a misdirection. The GPL is about ownership and freedom, the study is about legal liabilities. No matter who owns the software, the legal liabilities remain shared between the author and the user, as defined by contracts and legislation.

That the study was paid for by a group representing commercial software vendors suggests that the deep pockets of interested parties lie behind it. Why Frankfurt, Germany? Because Germany is at the fore-front of the OSS revolution. (Note that my company has been distributing OSS products since 1997 and a steady 9-10% of all downloads have been from Germany, against 40-50% from the USA and 30-40% from the rest of the world).

The study is bunkum and can be dismissed easily, since taken to its logical conclusion, no-one should write software at all, and no company should use any product whatsoever if they are not able and willing to sue the person making it.

Re:Actually, the GPL hasn't exactly worked..

[jodo]

Your's is a good analogy. But SCO distributed Linux under the GPL. They knowingly participated in this arrangement for years. The code was open for all to see. Right?
Let's say SCO writes a song. I write a new verse and new vamp for the song. It's a hit. We go on tour together. SCO and I perform the song for years on tour. We sell concert cd's of the song with my verse and music included to our adoring fans. We make money. Suddenly (overtaken by an evil spirit) SCO says, "it's all mine now." Pay me! Or don't sing the song.
In the end, I think it was SCO's responsibilty to know what they were doing with the GPL.

Re:Translation

[Moraelin]

IANAL, but so basically it means: in Germany the idea is that the consumer has some inalienable rights. (Incidentally they also insist that employees have some inalienable rights, and are not at the mercy of the employer.)

I.e., it may come as a shock to some people from the USA, where the idea is that big corporations make the law and the common man must bend over and pull down the pants whenever some billion dollar company says so... but in Germany, and some other places in Europe, politicians still do something for the population, not just for Microsoft and IBM and the like. Maybe also because the population itself has not yet thrown in the towel and accepted that it's at the mercy of whoever is currently on top.

But either way, the idea is that Europe actually has laws, as opposed to letting the biggest bully make his own rules. Those laws dictate that as a customer (or again, as an employee) you have this and that right, and noone can bully you into accepting any less. No contract or EULA or GPL can override the _law_. If you bought something, you have the right to some warranty, for example.

That's what made it possible, for example, to override some provisions in Microsoft's own EULA. Not because it was or wasn't read by the buyer, as is usually the debate in the US courts. But because even if the buyer had fully read and understood all that, it would still have been a case of allowing one company to override the law in their contracts. It would have meant that Microsoft can effectively say "no, we don't want to obey the law." (I.e., not give the customer his legal rights.)

However, the same applies to the GPL too. If you sell some product, you have to support it and offer the legal warranty, and are liable if it does really bad stuff. Writing "ABSOLUTELY NO WARRANTY" can not override the law.

And, if you think about it, it already happens. If some German company goes and buys a copy of SuSe Linux, they'll get plenty of support from SuSe.

Should you worry about it for your own freeware utilities? Probably not too much, unless it reformats someone's database server. Or unless it's a cleverly disguised virus. Then you can start worrying a lot.

And, honestly, I fail to see why that's a bad thing. IMHO it's about time that the whole software industry had some responsibility for their actions. The standard has become selling disfunctional software and then hiding behind some EULA. Or sneaking in provisions which basically give some vendor full rights on your computer, just because it said so near the end of the EULA. And, well, maybe what's needed is precisely some consumer protection law stepping in.

Re:Translation

[Narcissus]

But there is no need to agree to anything on installation: the basis of the GPL is that there are no USE limitations. DISTRIBUTION, yes, but just because you didn't read the licence does not make you allowed to distribute, because you need permission to do so in any other case.

The only way you are allowed to distribute the application is by agreeing to the GPL. Don't like it? Don't distribute it, but that will not stop you in ANY way from being allowed to use it.

Re:Translation

[ajs]

Just to review the core strength of the GPL, while the GPL may have many satellite weaknesses in many legal systems, it will always fall back on revocation.

That is, if you cannot apply the GPL, you MUST NOT apply it. As soon as you are without the GPL, you have source code and binaries for something that you are now not allowed to distribute without getting permission from the author, except as allowed by your country's take on fair use.

The GPL is a voluntary license, and you never HAVE to apply it if you don't want to. The fact that, in some legal systems, it may not be possible to apply it in some or all situations, simply means that you have what you are given, and you may not use it in ways that you are not allowed to by law.

The GPL doesn't apply to you unless you want it to.

Don't you think this is a problem, then?

[xant]

If your local laws don't allow the GPL, then the only law that applies is copyright, and copyright law does not (by default) allow distribution of someone else's work. That's fine.

What it means is that the GPL is really brittle. Anywhere that any clause of the GPL is invalid, GPL code cannot be distributed. In this specific case, it means that e.g. Linux install parties are illegal in Germany.