Slashdot Mirror
Google Didn't Ship Relicensed Java Code After All
RedK writes "In a follow up to yesterday's news about Google apparently relicensing confidential Oracle code found in Java under the ASL, it seems that the blogger who initially reported the issue was plain wrong, as the files he indicated were in breach of Oracle's copyright do not actually ship with Android. Google has also deleted many of these files, which were mostly used as unit tests."
If Google distributed the source at any point, it's a copyright violation, whether or not it shipped in a handset.
it seems that the blogger who initially reported the issue was plain wrong
Florian Mueller produced two blatantly erroneous stories in about as many days. I hope this high error rate keeps Slashdot from promiscuously posting his stuff for a while. I'm not counting on miracles, but this guy was given two chances on Slashdot and he blew it badly each time. Even if Slashdot's goal is to troll for eyeballs, they can find someone more competent to do the trolling.
I hope Google gets its way on court, scales up the Dalvik VM and we stop using anything coming from Oracle. Tomcat would run happily on it and we would use a completely Free/Free/No patents virtual machine. Kind of like they are doing with WebM. That would result in companies becoming really careful when trying to take open source code and screw up with it.
When his defense asked, "Which computer has Jon Johansen trespassed upon?" the answer was: "His own."
Yes, they are liable, but liable for what? What damages case can you make for files that aren't actually used?
found in the unit test area? Does that mean EMI (who owns the copyrights for the Beatles songs) could sue Google for copyright violation and get a percentage for each android handset even though the song "All You Need is Love" is not used in Android in any way whatsoever?
this seems like a perfectly valid counter to the zdnet piece:
http://www.engadget.com/2011/01/21/android-source-code-java-and-copyright-infringement-whats-go/
From a legal perspective, it seems very likely that these files create increased copyright liability for Google, because the state of our current copyright law doesn't make exceptions for how source code trees work, or whether or not a script pasted in a different license, or whether these files made it into handsets. The single most relevant legal question is whether or not copying and distributing these files was authorized by Oracle, and the answer clearly appears to be "nope" -- even if Oracle licensed the code under the GPL. Why? Because somewhere along the line, Google took Oracle's code, replaced the GPL language with the incompatible Apache Open Source License, and distributed the code under that license publicly. That's all it takes -- if Google violated the GPL by changing the license, it also infringed Oracle's underlying copyright. It doesn't matter if a Google employee, a script, a robot, or Eric Schmidt's cat made the change -- once you've created or distributed an unauthorized copy, you're liable for infringement.*
My blog never made a specific claim about Android devices containing certain code.
That's not what your blog post reads like. If they're not part of the codebase used on an Android device, you should have explicitly stated so, seeing as quite obviously "The Android versions of those files" by default suggests that those files are a part of the Android OS.
Maybe you can admit you were wrong or at the very least unclear in certain places, rather than quite childishly trying to bullshit your way out of this?
It's also wrong, as stated above, that Google "deleted" those files. They are still in the Froyo (Android 2.2) and Gingerbread (2.3) trees. At least they were when I last checked, which was yesterday. They are just not in the tree for future versions.
That's kind of how source repositories work when you delete things.
Statutory damages, probably. "The basic level of damages is between $750 and $30,000 per work," but "statutory damages are only available in the United States for works that were registered with the Copyright Office prior to infringement." If they can't claim statutory damages, they would probably only be able to claim either lost earnings, or whatever profit Google made from the infringing distribution, neither of which are likely to add up to very much.
Please name one Android device that ships with this code.
I'm looking for clarity regarding the impact of any possible infringement. Willful infringement of code central to Android devices could stop shipments. Incidental infringement of peripheral code is another matter. It should be resolved, of course, but would have little impact on the market.
Do Android devices contain infringing code? Do they contain infringing code that could be easily replaced? Or do they contain infringing code that is central to their operation?
Sounds much like you're trolling. Copyrighted files can be distributed if the copyright holder allows it.
Have you got your LWN subscription yet?
What you said was:
Android contains, under the Apache license, code that is essentially just decompiled code of Oracle/Sun software that was never licensed to Apache.
Now, with some creative interpretation, you can likely indeed weasel out of it and say that this doesn't really mean that files were shipped to end users as part of Android. But it certainly wasn't the impression from your original post, and nowhere did you highlight that very important detail. What more, you contrasted your newly discovered files with PolicyNodeImpl.java, from which the "decompiled unlicensed copy" story started - and why it wasn't big deal back in the day was that it didn't ship on devices.
A lot of readers interpreted your words in the same way as TFA, which leaves one to wonder if that was an honest mistake (but then why not just admit that and correct the story?), an attempt to sound more sensationalist than it really is by omitting details that make it mundane, or deliberate FUD. I was one of those readers, and I now have to apologize to fellow Slashdot readers for spreading this misinformation. Are you going to apologize for starting it?
The files discovered in the Android code repository are unequivocally Oracle's IP, with an inappropriately modified license. This means, that for these at least, Google is almost certainly liable for infringement. However, since none of those files ever went into an Android handset, their presence, in a legal sense, is most likely completely irrelevant with regards to Oracle's main aim, which is to extract court-mandated royalties from Google and/or handset manufacturers for each Android device they produce. It would be like the RIAA trying to collect royalties on music that I wrote and produced on my own, because they found pirated music on one of my computers.
Does that sound about right, or am I way off-base here?
Fines/Damages/Fees/"Whatever your legal system calls it" usually depend on how often you copied it and what money you made from it.
Weather you intended to violate copyright or not factors in as well (though it has no bearing on guilt or innocence).
The range of damages for copyright violation is anywhere from 1$ to $150,000 per work infringed.
It also matters if they were registered with the US Copyright Office. Copyright is automatic, but you cannot claim statutory damages without registration. All that is left available to you are punative damages, and since Google clearly did not intend any harm, and since any distribution of the files was likely accidental, Oracle isn't likely to see very much money for their trouble.
It's also worth noting that damages are awarded per work, not per instance of infringement (i.e. if someone shares a song a million times it's only one case of infringement). Since any distribution by hardware manufacturers is only due to Google's initial distribution, the very worst Oracle could do is make them share the maximum $150k per work with Google. They can't get extra damages for each manufacturer.
This is an informative article about the current state of copyright statutory damages. The same author has a more in-depth "primer for non-lawyers" here.
This is really pretty pathetic. Even if 1,000 files were infringed on, the absolute maximum Oracle can get for all cases involving Android is $150 million. That's combined, not individually. Even the most egregious cases rarely elicit the maximum, so they're really probably looking about $50-60 million, tops.
Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
It's also wrong, as stated above, that Google "deleted" those files. They are still in the Froyo (Android 2.2) and Gingerbread (2.3) trees. At least they were when I last checked, which was yesterday. They are just not in the tree for future versions.
Wow Florian, that's a creative interpretation of "not deleted". I presume that you mean, a user can still check out an older repository version and that version would contain the files in question. Let me make an equally creative counter-proposition. If the files were deleted from the tip of the repository but not from the history, that simply provides a historical record of exactly what was deleted. You can't make the information vanish from the past you know, unless you are also proposing some kind of time travel. You can only make information vanish from the present, that is, tip of tree.
Have you got your LWN subscription yet?
You can be sure the damage award would not be zero even if nobody ever used it.
For an inadvertent inclusion of an incorrect license on GPLed code? I can't be sure of what you suggest at all, in fact the opposite seems considerably more likely. Looks to me like you're pretty far out on a limb on this, I would suggest backing slowly away.
Have you got your LWN subscription yet?
Usually the infringed party contacts the infringing party and allows them to correct the error, since mistakes happen. It's the polite, non-douchebag way to behave, particularly since the goal of the GPL is spreading code. In legal terms, it's called "good-faith".
Oracle, of course, is a douchebag, and as such does things the douchebag way.
Thus, Oracle gets slammed for being a douchebag.
It's like seeing a guy hit on your girlfriend, and instead of telling the guy she's spoken for, you sucker-punch him. You're a douchebag if you behave that way, plain and simple. That's how Oracle operates.
Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
From any angle Android's Java reliance seams like a bad move.
.NET.
Any sensible move would have had them developing to a more open platform like
I'm a big tall mofo.