Slashdot Mirror

← Back to Stories (view on slashdot.org)

SFLC Finds One New GPL Violation Per Day

Posted by timothy on from the learning-something-new dept.

eldavojohn writes "In July, the Software Freedom Law Center (SFLC) leveled the finger at Microsoft for a GPL violation but how often does this actually happen? Sunday, Brad M. Kuhn (tech director at the SFLC) stated in his blog that since August of 2009 he has been finding about one per day. So why is it that we have only covered a handful of these cases in the news? Brad offers sage wisdom; surprisingly, he recommends, 'Don't go public first. Back around late 1999, when I found my first GPL violation from scratch, I wanted to post it to every mailing list I could find and shame that company that failed to respect and cooperate with the software freedom community. I'm glad that I didn't do that, because I've since seen similar actions destroy the lines of communication with violators, and make resolution tougher.' Public shame is evidently not always the best answer. Ars has a few more details and notes that (in accordance with Brad's advice) lawsuits are usually a dead last resort."

6 of 187 comments (clear)

  1. Going to court and going public by Corporate+T00l · · Score: 5, Insightful

    It's not really surprising that going to court and going public are really last resort sort of things. Court is expensive, and most people considering them to be a "roll of the dice". Actually negotiating with your counterparty in a contract dispute is always cheaper and more productive.

    Going public, even after going to court, also sours the atmosphere, creating emotional contention that makes an actual agreement less likely. Look at out-of-court settlements with undisclosed terms and no party admitting fault. Once you get out of the public light, you can get people to sit down and discuss and actually come to a mutual agreement since the emotions have been toned down. If you're all fury and anger, you're not really in a position to negotiate someone into a corrective action.

  2. Re:closed up by jellomizer · · Score: 4, Insightful

    open source project have violations too. Using someones patented ideas, calling a library that isn't GNU compatible. The program is performing a function that is illegal such as DRM disabling. That is why you need to be civil with dealing with people for violations. As chances are you have made a mistake and created a violation yourself.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  3. Re:closed up by tnk1 · · Score: 4, Insightful

    Be civil and *document*. If it does come to court, your kind requests (in writing) to desist, as well as your flexibility in helping them identify and correct their violation will help make the case that you have taken the needed steps to protect your property without being an asshole. Their response, or lack thereof, will then be a building block in your case should it come to that.

    Remember, civil court is usually just a judge and that judge may react somewhat differently if it is clear you are a jerk. While it is true that they may have to rule in your favor even if you are a jerk, they are unlikely to make it easy on you. There are many things judges can to to move things along that are at their discretion.

    Treat every communication for violation as it it was going to be entered into evidence, but remember, court costs money and (more importantly) time. You are much better off if you are getting violators to comply without taking it to that level.

  4. Re:Behind the scenes or not by asdf7890 · · Score: 4, Informative

    GPL is about forcing future software to also be free. Not using it doesn't rob anyone of anything.

    GPL is about forcing future software that uses on GPLed code to also be free. You don't want to be held by the GPL? Then don't use GPLed code. Is it really that difficult?

    Got GPLed code in your project by accident? Then you didn't do due diligence properly. Your fault, not the GPL's fault.

    Got GPLed code in your project by no fault of your own (bad contractor, used a library or other source that itself broke GPL, or some such reason)? That does sometimes happen and here you need to discuss it with the owner of the affected code.

  5. Re:Behind the scenes or not by shutdown+-p+now · · Score: 4, Insightful

    May I advance a humble proposal that any post along the lines of "GPL is better than BSDL" or "BSDL is better than GPL" is modded Flamebait and/or Troll on sight? Personally, I'm sick of these endless and pointless fights over nothing, where arguments boil down to who is "more free", with either side persisting in the claim that their definition of "free" is the One and Only True Free.

  6. Re:closed up by imp · · Score: 4, Insightful

    I've been involved in an open source project (FreeBSD) for a long time. There have been a number of complaints about GPL violations in the past. These complaints are usually made in private. That helps a lot. Often times the compaints are wrong (The GPL code that was alleged to have been taken and improperly included in FreeBSD turned out to have been taken from BSD 4.4lite and incorporated into the GPL code was the worst example). There have also been cases where the same code appeared in drivers in multiple places. Again, that wasn't a GPL violation because both places took the code from a common data sheet. Sometimes supposed violations are cleaned up out of an abundance of caution: it isn't clear the code is improperly included, but the code in question is easy to rewrite and/or icky to start with.

    There are also times where GPL code is improperly imported code from BSD as well. Even when these are found it isn't always worth it to complain. Sometimes the gain from complaining is so small that it is easier to just let the folks use the code and not worry too much about it. Sometimes having the code out there and improperly licensed is better than getting it removed from the code base.

    In general, I've found that most people that aren't lawyers don't know the law or the provenance of the code very well. By complaining in private, you get a chance to learn a bit about both. You also give people a chance to make it right. With large open source projects, the chances for accidental mistakes are high. The projects are generally keen to avoid the mistakes in the first place, and even keener on making sure that they get ironed out after the facts. Turns out most companies have a similar view and will do the right thing when asked (but sometimes it takes a little time, which is OK: the GPL never said instantly on demand).

    Of course, this begs the question about the validity of the License to use GPL software after a violation has occurred, the scope to which license is lost, how to get it back, etc. GPLv2 is silent on the issue, while GPLv3 gives you one shot to fix it (but that's likely insufficient for large companies that have multiple product lines done by disjoint sets of people all of whom aren't educated on the finer points of incorporating GPL software into their products).