Ask Slashdot: How Best To Deal With a GPLv2 License Infringement?

cultiv8 writes "I am a developer and released some code at one point under GPLv2. It's nothing huge — a small Drupal module that integrates a Drupal e-commerce system (i.e. Ubercart) with multiple Authorize.net accounts — but very useful for non-profits. Earlier today I discovered that a Drupal user was selling the module from their website for $49 and claiming it was their custom-made module. I'm no lawyer, but my perspective is this violates both the spirit and law of GPLv2, most specifically clause 2-b: 'You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.' Am I correct in my understanding of GPLv2? Do I have any recourse, and should I do anything about this? I don't care about money, I just don't want someone selling stuff that I released for free. How do most developers/organizations deal with licensing infringements of this type?"

Re:Understand your choice of license...

[tibit]

Heck, they can even do something cleverer, like Redhat does: they are free to cancel any subscription/service agreement that you may have with them if you exercise your rights to further redistribution. It does not violate GPL, for GPL is about distribution and distribution only, and they are not hindering your right to that. If you subscribe to RHEL, you are of course free to redistribute any source RPMs you downloaded from their network, but if you do so, they are free to cancel your subscription. And they will if you're a big enough fish (say, if you'd try to run your own "clone" distro based on their SRPMS).

This seems to be a sensible business model even to people who'd wish to sell their stuff for big bucks: who the heck will abandon a multi-$k subscription by exercising their right to redistribute GPL code? No one sane; in most cases, unless they have plenty of money to burn. Ah, and IIRC Redhat will not renew your subscription if so terminated: you're essentially blacklisting yourself for life.

According to the summary, you missed one point.

[TheEmperorOfSlashdot]

If your software were a compiled language (eg c/c++/java etc.) then if they didn't provide the original source OR didn't provide it on request by you AS A CUSTOMER (the license is granting rights to the people they distribute to - ie customer), then they violate. If they have put the php through some code obfuscator and don't provide the original source before obfuscation, then this would come under the "compiled" category i'd say. What they are doing is perfectly legal under the GPL.

The code was stripped of its existing GPL and redistributed under a new license. Even though the source code is available (because PHP is distributed in source form), it's no longer clear that the code is still covered by the GPL - someone purchasing this package wouldn't know that they were entitled to redistribute or modify the code. That's the crux of the violation:

I'm no lawyer, but my perspective is this violates both the spirit and law of GPLv2, most specifically clause 2-b: 'You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.'