Wow. Don't you think you're overreacting, just a little?
Your sig is particularly ironic here. If you want information to be free, you're welcome to offer to pay the salaries of all the journalists, reporters, cameramen, sound crews, and support folks who are out there all over the world collecting it. Go ahead and put your money where your mouth is.
That being said, I submitted this to point out the misstep I think publishers are taking. Search engines and aggregators drive their business, and usually they do it for free. I don't understand why anyone would think it would be a good idea to mess with that.
This being Slashdot, I predict that huge numbers of people will now arrive in this thread and say that you're absolutely right, the search engines are providing a great service, and the publishers should just suck it up because they'd die without them.
The thing is, they're completely wrong. It's actually the other way around, for the simple reason that news aggregators produce no useful content of their own.
For you or me, as someone who wants to know what's happening today, we can do one of two obvious things using a web browser. We can visit a specific news site we already know about (or at least guess at a URL), or we can start with an aggregator like Google News. Either way, many people will only read the headlines and summary for most stories. Either way, someone had to go out and get the information to write that story. But in one case, the people who brought the knowledge to the public get the page hit, while in the other, the search engine gets the hit in exchange for ripping much of the value of the other sites' content and the people who actually provided the content get nada.
It's common at this point for someone to pipe up with a fair use argument, but again, they are wrong, for the simple reason that while the headlines and summaries on news aggregators may only be small excerpts from the entire article, they represent a very significant chunk of the value. You can easily determine this by observing the proportion of users who look something up on an aggregator and never follow through to read any article in more detail; I don't know exactly what the answer is, but I'll wager it's a substantial proportion, perhaps even the majority.
Another common argument is that the news sites would die without input from search engines, but again I can't believe this is really true. When I reach lunchtime at work, I do not visit Google to find the BBC News web site, I just type in news.bbc.co.uk. (Actually, I visit the bookmark, but the first time that's what I typed.) Google, or any other news aggregator, is wholly unnecessary to my finding the main news site. Even without that, I could easily have guessed that the BBC News web site could be reached at www.bbc.co.uk/news or news.bbc.co.uk, either of which would have got me there immediately. The site is advertised via the BBC's other media as well. A significant proportion of the links I e-mail to and receive from friends and family are direct links to stories on the site.
Basically, if every search engine on the planet disappeared tomorrow, I rather doubt the big news services would care. As with everything else to do with search engines, they are just a middleman service, and one that is entirely expendable. If they weren't around, the Internet community would just develop an alternative or five, probably rather quickly, just as it always does.
On the other hand, if the big news services stopped providing news tomorrow, aggregator services like Google News would be completely dead, because they provide absolutely no value in themselves. They simply scrounge content from one source and visitors from another, and insert themselves as a middle man to cream off some of the profits.
The very fact that one service could survive quite happily without the other, while the other would die immediately without the first, tells us everything we need to know about the merits and public service benefits of each. That being the case, I find it hard to argue with the publishers' position that the news aggregators are basically ripping them off, and I don't really have much sympathy with the two most common counter-arguments people seem to be making in this Slashdot discussion.
No. The code in question is not unrestricted just because it's available for viewing on the Internet. Publishing on-line does not mean giving up copyright, and no matter how much sarcasm and profanity you put in your posts, this does not change.
Years of observation has shown (time and again) that all those wacky things RMS warns about generally come true a year or two later.
It's funny you say that. I would have said exactly the opposite. My years of observation have shown (time and again) that the software world carries on developing new things for commercial, charitable and personal use purposes, without any great disaster happening because it isn't all licensed under something like the GPL.
Meanwhile, all the claimed benefits of the GPL have turned out to be rather shallow in practice. Forking of major projects happens relatively rarely. Most end users of most software don't really want to be able to hack the code (not least because most of them wouldn't even know where to start). Those who are willing to share their work with the community get tied up in silly arguments over the technicalities of the licences in question, and that problem has been made worse by the introduction of the GPL2 vs. GPL3 debate. The entire OSS world has not collapsed under the weight of patent claims, nor is it ever likely to with or without GPL3's help for the simple reason that many major businesses now rely on it and they have patents of their own to fight back with, just as everyone in the commercial world has done for years.
On the whole, with due respect to his past achievements, I'd say these days RMS talks a lot but often comes across badly and isn't particularly relevant in the modern software development world. I'd back the pragmatist every time.
I'm sorry, but I think you're just inventing problems where none exist.
Works have been distributed for free since long before computers existed. I simply don't believe that most people who aren't keen followers of this area have even heard of MIT or BSD or GPL or whatever. However, any man in the street understands "You may use this as you wish, but it comes with no guarantees and you use it at your own risk."
In terms of liability, as long as you give the code away and perhaps add a note that it comes with no warranties of any kind if your jurisdiction cares about such things, I don't see what could be simpler.
I don't see that any jurisdiction issues are going to be any more complicated with public domain works than with the enforceability or otherwise of complicated licence agreements under different fair use frameworks and so on.
Realistically MIT/new-BSD/etc. gives you all the same advantages as declaring it PD, and none of the disadvantages.
Sorry, but I see it the other way around: releasing something to the public domain with no warranties is about as simple as you can get. All the MIT/BSD stuff just seems to be a legally tedious way of saying the same thing.
Well said, on many counts. I think it is sad that society is tending in this direction.
I concede that this post may be somewhat off-topic, but I think it's relevant. I spend a lot of time helping to run a large local dance club. It's a slightly unusual organisation, because despite having thousands of members each year, it's a non-profit and run entirely by its members.
For several decades, we have run dancing classes. They're mostly aimed at adults, but we've always had a few older school kids join in, mostly 16-17 but occasionally as young as 14. As long as they were grown up enough both physically and socially to take part, no-one has ever had a problem with this as far as I know. Sadly, we have now concluded that because of all the new child protection legislation that will be taking effect over the next few months, it is safest just to back off any work with under-18s.
To continue, it sounds like as a minimum we would need to have Criminal Records Bureau checks done regularly on all our teachers. Those checks cost money and apply only to our specific activities for a finite time, and we'd have to do them for all teachers since all members can go to any of our classes without booking in advance. The cost of that, to a self-supporting non-profit organisation, is just silly.
But the really silly thing is that several of these dance teachers are in fact school teachers who work with kids all day for their main job, and just teach a bit of dancing on the side. These have already been through full CRB checks and could no doubt produce the relevant certificates, but officially they won't have any validity for us. Moreover, all of our teachers are professionals we've worked with for years, and known personally (in some cases for all of their adult lives) to the organising committee who would be responsible for getting them checked out. From more than half a century of the club's history and probably more than 50,000 people dancing with us, we have had exactly zero cases of child abuse.
Learning to dance is one of the most healthy activities there is for a child's physical, mental and social development. Many do continue into adulthood, and those who find themselves drawn to other things will at least be exceptionally fit, able to learn well, polite, friendly and supportive of partners/team-mates.
I haven't yet worked out how effectively making it impossible for us to help older children to enjoy these benefits in what is demonstrably a very low risk environment serves to protect those children.
Public Domain licensing seems to be the worst of all worlds to me.
By definition, something in the public domain doesn't require any licence because it's been released from copyright.
That aside, I don't see how it can possibly be a bad thing if someone is kind enough to release their useful work to everyone without restriction. If you want to use it in your own work, whether it is commercial, OSS, public domain or otherwise, you can do so. No-one else can take that away from you, regardless of anything they may themselves do with the work and any licensing conditions they may wish to impose on the result. If your personal beliefs mean you want to release your own code building on the public domain work under the GPL so others using your work must adhere to certain conditions, you are free to do so. You just can't impose such a condition on the original or anyone else using it, but since the original was nothing to do with you, I fail to see why that is a problem.
How is this, then, the "worst of all worlds"? It seems to me that the so-called "free software" evangelists could learn something from this... like what freedom really means. A clue: if your code comes with more restrictions than none, it's not really free, no matter how often you repeat the word. The "freeware" crowd claimed it first, and their version is compatible with my dictionary.
Extreme groupthink isn't healthy in any direction, precisely because it tends to trample on any dissenting views, no matter how valid.
Information doesn't want to be free. Information doesn't want anything at all. It simply exists, and it can be shared by those who have it. (The argument that "you can't prevent it being shared, so sharing it must be OK" is unhelpful: you can't realistically prevent me committing many evil acts, but that doesn't mean society should condone my doing so by legalising them.)
Similarly, empty-headed support for any copyright law is unhelpful, because you start equating the current law with ethics, which is always a dangerous path to follow. The law should follow ethics, not the other way around.
However, in this discussion, the original question seems to relate to a real situation, and therefore what is called for is a real answer based on real laws as they stand today. Misrepresenting those laws, whether because you happen to disagree with them or because you simply don't know what you're talking about, doesn't help the OP to solve his problem, and that's why I object to many of the replies and moderations in this discussion.
What law, in particular? I know a little about copyright law.
Apparently not, since you're openly advocating an obvious infringement of it in pretty much any nation that is a signatory to the Berne Convention. It's not as though this is a particularly technical question: the work is automatically subject to copyright, the company has copied it without permission, and the copy does not appear to be fair use/fair dealing/whatever it's called in their jurisdiction.
I'm pretty sure if it came to court, damages if any would be minimal considering the way the orignal author openly published his code.
I don't see how you can possibly know that without knowing the nature of the code and any value it might have had for the copyright holder, whether any statutory damages might apply, and more generally the legal environment in whatever jurisdiction we are talking about.
In any case, even if there are only token actual damages, you might wind up incurring heavy legal costs (particularly if you're in a loser-pays legal system) and/or suffering indirect damage if the court prohibits further distribution of the work at an inconvenient time.
As I noted in another post, one of the differences between the professionals and the amateurs is that the pros are generally smarter than this. It just isn't worth risking this sort of thing for 200 lines of code. For that matter, it's not even worth paying your lawyers to track down what agreements apply to such a short snippet. Just get your own developer(s) to write the equivalent in-house instead.
I didn't say that this situation could not have occurred. But it strains my credulity to believe that it happened to the poster.
Why would he make it up? TFA seemed reasonable enough, and I've certainly encountered similar situations from a third party perspective more than once during my career.
I'm sorry, but your statement about the author having little claim to anything simply isn't true.
As for your advice, you're advocating breaking the law because you think you can get away with it, in reply to a question from someone who seems to want to do the right thing. That's unhelpful, unethical, and if things go wrong, dangerous legally as well.
As for your "it's all just a fairy tale" theory, that sounds like someone who's never seen a colleague get screwed because of something like this even though it wasn't really their fault. The result can be summed up in two words: career dead. Why on earth would you advise someone to risk it, when right now they've done nothing wrong and have several practical ways to avoid getting shafted?
This discussion is pretty scary. Of those posts I've read, a clear majority seem to be blatantly misrepresenting the most basic principles of copyright law. Whether this is out of ignorance or malice I don't know, but in many cases, it has now been moderated informative and/or insightful. Attempting to describe possible ethical actions the OP could take at this point seems to meet more derision and laughter than acknowledgement and agreement. And apparently some of our mods think it's funny to break the law, but trolling to point this out.
Slashdot used to be better than this, but it seems almost impossible to have any reasoned, objective discussion about copyright-related issues here now. Go ahead and mod me to hell for saying it; I've got karma to burn, and it has to be said.
I like your advice right up to the end - definitely don't touch it - but planning on leaving your position over someone else's mistake is rather drastic.
I wouldn't be planning on leaving because of someone else's mistake. I'd be planning on leaving because (a) the culture at the company is obviously not strong on ethics, and (b) one way or another, I look like being the fall guy if anything does go wrong as a result of that mistake.
OP said he was up against a release deadline and that the potential violator was in a position senior to his own. The survival guide says you saw nothing.
Whose survival guide is that? Both legally and ethically, turning a blind eye to this is at least questionable. Seeing no evil may let you last a bit longer with one employer of dubious ethics, but having been tangled up in some legal mess (even if you personally were entirely innocent) is not going to look good on your resume.
You make a valid point, which is why the concept of due diligence exists. Exhibiting due diligence is one thing that tends to set the professionals apart from the amateurs. But any way you cut it, just grabbing a substantial, unattributed bit of code off a web site and using it in a commercial product doesn't sound much like performing due diligence, and the OP is right to be concerned.
To the OP: If I were in your position, for a start I wouldn't touch the code that already exists so it's very clear I didn't put it there or have anything to do with using someone else's copyrighted code. An informal approach drawing it to management's attention is probably a reasonable first action to try and restore compliance. If it's a larger company, they might have a dedicated compliance contact in the legal department you could approach if management is unresponsive. In any case, if the situation is not resolved quickly and appropriately, I would be planning on finding another job as soon as possible, since you really don't want to get caught up in any potential legal action, and it sounds like you're in the optimum position to become the fall guy.
No offence, but answers like this, and the first post for that matter, are exactly why posting questions like this to Slashdot is a bad idea.
In just about any jurisdiction, for many years now, works automatically fall under their creator's copyright unless there is another agreement. It does not enter the public domain until either the work is released to the public domain by the copyright holder or the copyright expires. The fact that the work is published on some web site makes absolutely no difference. The fact that it's not supplied with any explicit licence agreement makes absolutely no difference. If the code is ripped from someone else, and not for a fair use or whatever your jurisdiction calls the concept, then it is copyright infringement. There is no doubt about this, nor any need to weasel out saying call a lawyer. It is just basic copyright law.
As for the Bruce Perens thing, I haven't seen the talk in question, but I suspect it had more to do with patents than copyright. Rewriting the code in some significant way most certainly does make it a different beast from a copyright perspective, because copyright doesn't apply to the idea, it applies to the particular expression. You can't just rip someone's code and do an obvious search and replace or something similarly trivial, because then you would be creating a derived work using the original, which isn't allowed unless you qualify as fair use. But you can't copyright an algorithm (though in some places you can effectively patent one) so if you choose to completely rewrite the same algorithm in a different way then that's a new thing as far as copyright goes.
I, too, am not a firm believer in on-line anonymity: I think on balance it does more harm than good today, as cases like this illustrate. While I do understand that some people have a principled objection to compromising it, I take a pragmatic view on this one.
However, that doesn't mean just anyone should have access to just anything. We have judicial systems precisely to ensure that where any individual rights must be overridden in the interests of justice, it is done in a controlled way and with due process. It isn't criminal abuse of any aspect of Google until a court finds that it is, and while anyone can of course ask Google for help, they should have to obtain the proper agreement of a court before Google actually hand anything over to them.
Juts one point to highlight about google so called protecting people's privacy. Google fought to prevent giving the information away for 'free' not selling that information.
Ironically, as I write this, the top story on the Slashdot homepage suggests that Google aren't always so good at protecting people's privacy.
That case is doubly ironic, because it sounds as if there really was a decent case there and so a court probably would have issued the proper order, justifying Google releasing the relevant data. Doing so before that order was issued doesn't sound much like fighting not to give the information away to me, though.
In the information age, perhaps people's expectations need to change? It needs to be realised what you really do in public is not local but global.
Alternatively, maybe we should introduce legal safeguards that apply to data, taking into account the much greater storage, data mining and communication facilities available today? Just because we can do something, does not mean we should, particularly where "we" means governments, businesses or other groups with disproportionate resources rather than private individuals.
In fact, I would argue that to some extent this is inevitable. Everyone does things in "public" (which apparently includes people observing things inside your home from outside, for the purposes of this debate) that might be embarrassing as a minimum, or potentially even dangerous. It needn't even be what you were actually doing or some item you actually possessed; anything you could be misconstrued as doing or appear to possess counts, too.
Have you ever left a credit card statement on a desk visible from a window? Mistyped a password in a clear text field and then immediately deleted it? Followed a link from a normally reliable web site and found the content that appeared on your screen was not what you expected? Said something in your home that might be misunderstood if taken out of context? Had a visitor who looks a bit like someone who's been in the news recently? Of course you have, many times, and so has everyone else.
If we go down the path of saying everything that ever happens that is observable even momentarily from a public location may be permanently recorded and searchable by absolutely anyone, then privacy will be dead and we will have killed it. Humanity has evolved to respect privacy for a variety of good reasons, and the consequences of breaches in privacy can be life-changing or worse. If the highly resourced Big Guy gets to do whatever he likes in terms of invading the Little Guy's life (as long as it's done from a public place, naturally) then we're basically condemning anyone to suffer arbitrary, unaccountable damage if anyone else doesn't like them, and that is not a healthy path to tread.
Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.
Thin client computing is on its way back - like it or not.
Why? What advantage does using all these on-line services actually offer me as the end user? How is this service better than my own hard drive (or having a remotely accessible server set up at home that I control)? How are Internet-based applications from the likes of Google or Salesforce.com better than installing software locally in any technical way?
All these services are basically just playing on the convenience of using a remote service, and that in turn is only relevant because of the absurdly awkward installation and maintenance processes people expect for desktop software. There is absolutely no technical reason these things have to happen, it's merely momentum in the marketplace.
Meanwhile, there are fundamental security, reliability and performance dangers associated with using any off-site service with an external provider. It all seems cute until your (or their) network connection drops out, or the service provider finds they're not making enough money and shuts the service down (which you can't do anything about with free services, since the provider is under no obligation to you), or the database leaks and compromises your personal information, or your costs for bandwidth and access to the services start to rise.
After the first few nasty accidents, I think people will have a very different view of these "convenient" external service providers, and I for one wouldn't bet on a thin client future just yet.
I have/still have all the concerns about my privacy, but the offering was too tempting to pass up.
And that is why things in today's database-driven, surveillance-obsessed society are going to get very much worse before they get better.
It's quite sad that even after the big leak here in the UK last week, things have gone quiet on the political front and there isn't a sustained media attack on our underpowered privacy and data protection laws.
With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.
I'm sorry, what track record would that be?
Google are quite possibly the world's leading authority on automated information gathering. After all, their ad-based business model fundamentally relies on being able to target those ads, and the continued success of their primary service, the search engine, depends on how effectively and comprehensively they can process the entire WWW.
As we have seen in the past, with everything from Google Street View to the leaks from a certain other popular search engine to Google Groups archives, vast databases like this will inevitably include information that people might have expected to remain private, and these services can make it accessible (deliberately or otherwise) to the entire world.
Google are a business like any other and, despite all the "do no evil" rhetoric, they will still do whatever they can get away with to make a profit for their shareholders, and they can still be compelled to disclose any information required by law (and laws can change).
Right now, it probably is no exaggeration to say that Google is the single greatest threat to privacy the world has ever seen.
No, silly. It's the government who listen in to everyone using the surveillance kit, not the megacorps! However, thanks to the latest communications channels, the government can now quickly provide data on up to 25 million people at once to those megacorps with very low overheads...
Wow. Don't you think you're overreacting, just a little?
Your sig is particularly ironic here. If you want information to be free, you're welcome to offer to pay the salaries of all the journalists, reporters, cameramen, sound crews, and support folks who are out there all over the world collecting it. Go ahead and put your money where your mouth is.
That being said, I submitted this to point out the misstep I think publishers are taking. Search engines and aggregators drive their business, and usually they do it for free. I don't understand why anyone would think it would be a good idea to mess with that.
This being Slashdot, I predict that huge numbers of people will now arrive in this thread and say that you're absolutely right, the search engines are providing a great service, and the publishers should just suck it up because they'd die without them.
The thing is, they're completely wrong. It's actually the other way around, for the simple reason that news aggregators produce no useful content of their own.
For you or me, as someone who wants to know what's happening today, we can do one of two obvious things using a web browser. We can visit a specific news site we already know about (or at least guess at a URL), or we can start with an aggregator like Google News. Either way, many people will only read the headlines and summary for most stories. Either way, someone had to go out and get the information to write that story. But in one case, the people who brought the knowledge to the public get the page hit, while in the other, the search engine gets the hit in exchange for ripping much of the value of the other sites' content and the people who actually provided the content get nada.
It's common at this point for someone to pipe up with a fair use argument, but again, they are wrong, for the simple reason that while the headlines and summaries on news aggregators may only be small excerpts from the entire article, they represent a very significant chunk of the value. You can easily determine this by observing the proportion of users who look something up on an aggregator and never follow through to read any article in more detail; I don't know exactly what the answer is, but I'll wager it's a substantial proportion, perhaps even the majority.
Another common argument is that the news sites would die without input from search engines, but again I can't believe this is really true. When I reach lunchtime at work, I do not visit Google to find the BBC News web site, I just type in news.bbc.co.uk. (Actually, I visit the bookmark, but the first time that's what I typed.) Google, or any other news aggregator, is wholly unnecessary to my finding the main news site. Even without that, I could easily have guessed that the BBC News web site could be reached at www.bbc.co.uk/news or news.bbc.co.uk, either of which would have got me there immediately. The site is advertised via the BBC's other media as well. A significant proportion of the links I e-mail to and receive from friends and family are direct links to stories on the site.
Basically, if every search engine on the planet disappeared tomorrow, I rather doubt the big news services would care. As with everything else to do with search engines, they are just a middleman service, and one that is entirely expendable. If they weren't around, the Internet community would just develop an alternative or five, probably rather quickly, just as it always does.
On the other hand, if the big news services stopped providing news tomorrow, aggregator services like Google News would be completely dead, because they provide absolutely no value in themselves. They simply scrounge content from one source and visitors from another, and insert themselves as a middle man to cream off some of the profits.
The very fact that one service could survive quite happily without the other, while the other would die immediately without the first, tells us everything we need to know about the merits and public service benefits of each. That being the case, I find it hard to argue with the publishers' position that the news aggregators are basically ripping them off, and I don't really have much sympathy with the two most common counter-arguments people seem to be making in this Slashdot discussion.
No. The code in question is not unrestricted just because it's available for viewing on the Internet. Publishing on-line does not mean giving up copyright, and no matter how much sarcasm and profanity you put in your posts, this does not change.
Years of observation has shown (time and again) that all those wacky things RMS warns about generally come true a year or two later.
It's funny you say that. I would have said exactly the opposite. My years of observation have shown (time and again) that the software world carries on developing new things for commercial, charitable and personal use purposes, without any great disaster happening because it isn't all licensed under something like the GPL.
Meanwhile, all the claimed benefits of the GPL have turned out to be rather shallow in practice. Forking of major projects happens relatively rarely. Most end users of most software don't really want to be able to hack the code (not least because most of them wouldn't even know where to start). Those who are willing to share their work with the community get tied up in silly arguments over the technicalities of the licences in question, and that problem has been made worse by the introduction of the GPL2 vs. GPL3 debate. The entire OSS world has not collapsed under the weight of patent claims, nor is it ever likely to with or without GPL3's help for the simple reason that many major businesses now rely on it and they have patents of their own to fight back with, just as everyone in the commercial world has done for years.
On the whole, with due respect to his past achievements, I'd say these days RMS talks a lot but often comes across badly and isn't particularly relevant in the modern software development world. I'd back the pragmatist every time.
I'm sorry, but I think you're just inventing problems where none exist.
Works have been distributed for free since long before computers existed. I simply don't believe that most people who aren't keen followers of this area have even heard of MIT or BSD or GPL or whatever. However, any man in the street understands "You may use this as you wish, but it comes with no guarantees and you use it at your own risk."
In terms of liability, as long as you give the code away and perhaps add a note that it comes with no warranties of any kind if your jurisdiction cares about such things, I don't see what could be simpler.
I don't see that any jurisdiction issues are going to be any more complicated with public domain works than with the enforceability or otherwise of complicated licence agreements under different fair use frameworks and so on.
Realistically MIT/new-BSD/etc. gives you all the same advantages as declaring it PD, and none of the disadvantages.
Sorry, but I see it the other way around: releasing something to the public domain with no warranties is about as simple as you can get. All the MIT/BSD stuff just seems to be a legally tedious way of saying the same thing.
Well said, on many counts. I think it is sad that society is tending in this direction.
I concede that this post may be somewhat off-topic, but I think it's relevant. I spend a lot of time helping to run a large local dance club. It's a slightly unusual organisation, because despite having thousands of members each year, it's a non-profit and run entirely by its members.
For several decades, we have run dancing classes. They're mostly aimed at adults, but we've always had a few older school kids join in, mostly 16-17 but occasionally as young as 14. As long as they were grown up enough both physically and socially to take part, no-one has ever had a problem with this as far as I know. Sadly, we have now concluded that because of all the new child protection legislation that will be taking effect over the next few months, it is safest just to back off any work with under-18s.
To continue, it sounds like as a minimum we would need to have Criminal Records Bureau checks done regularly on all our teachers. Those checks cost money and apply only to our specific activities for a finite time, and we'd have to do them for all teachers since all members can go to any of our classes without booking in advance. The cost of that, to a self-supporting non-profit organisation, is just silly.
But the really silly thing is that several of these dance teachers are in fact school teachers who work with kids all day for their main job, and just teach a bit of dancing on the side. These have already been through full CRB checks and could no doubt produce the relevant certificates, but officially they won't have any validity for us. Moreover, all of our teachers are professionals we've worked with for years, and known personally (in some cases for all of their adult lives) to the organising committee who would be responsible for getting them checked out. From more than half a century of the club's history and probably more than 50,000 people dancing with us, we have had exactly zero cases of child abuse.
Learning to dance is one of the most healthy activities there is for a child's physical, mental and social development. Many do continue into adulthood, and those who find themselves drawn to other things will at least be exceptionally fit, able to learn well, polite, friendly and supportive of partners/team-mates.
I haven't yet worked out how effectively making it impossible for us to help older children to enjoy these benefits in what is demonstrably a very low risk environment serves to protect those children.
Public Domain licensing seems to be the worst of all worlds to me.
By definition, something in the public domain doesn't require any licence because it's been released from copyright.
That aside, I don't see how it can possibly be a bad thing if someone is kind enough to release their useful work to everyone without restriction. If you want to use it in your own work, whether it is commercial, OSS, public domain or otherwise, you can do so. No-one else can take that away from you, regardless of anything they may themselves do with the work and any licensing conditions they may wish to impose on the result. If your personal beliefs mean you want to release your own code building on the public domain work under the GPL so others using your work must adhere to certain conditions, you are free to do so. You just can't impose such a condition on the original or anyone else using it, but since the original was nothing to do with you, I fail to see why that is a problem.
How is this, then, the "worst of all worlds"? It seems to me that the so-called "free software" evangelists could learn something from this... like what freedom really means. A clue: if your code comes with more restrictions than none, it's not really free, no matter how often you repeat the word. The "freeware" crowd claimed it first, and their version is compatible with my dictionary.
Extreme groupthink isn't healthy in any direction, precisely because it tends to trample on any dissenting views, no matter how valid.
Information doesn't want to be free. Information doesn't want anything at all. It simply exists, and it can be shared by those who have it. (The argument that "you can't prevent it being shared, so sharing it must be OK" is unhelpful: you can't realistically prevent me committing many evil acts, but that doesn't mean society should condone my doing so by legalising them.)
Similarly, empty-headed support for any copyright law is unhelpful, because you start equating the current law with ethics, which is always a dangerous path to follow. The law should follow ethics, not the other way around.
However, in this discussion, the original question seems to relate to a real situation, and therefore what is called for is a real answer based on real laws as they stand today. Misrepresenting those laws, whether because you happen to disagree with them or because you simply don't know what you're talking about, doesn't help the OP to solve his problem, and that's why I object to many of the replies and moderations in this discussion.
What law, in particular? I know a little about copyright law.
Apparently not, since you're openly advocating an obvious infringement of it in pretty much any nation that is a signatory to the Berne Convention. It's not as though this is a particularly technical question: the work is automatically subject to copyright, the company has copied it without permission, and the copy does not appear to be fair use/fair dealing/whatever it's called in their jurisdiction.
I'm pretty sure if it came to court, damages if any would be minimal considering the way the orignal author openly published his code.
I don't see how you can possibly know that without knowing the nature of the code and any value it might have had for the copyright holder, whether any statutory damages might apply, and more generally the legal environment in whatever jurisdiction we are talking about.
In any case, even if there are only token actual damages, you might wind up incurring heavy legal costs (particularly if you're in a loser-pays legal system) and/or suffering indirect damage if the court prohibits further distribution of the work at an inconvenient time.
As I noted in another post, one of the differences between the professionals and the amateurs is that the pros are generally smarter than this. It just isn't worth risking this sort of thing for 200 lines of code. For that matter, it's not even worth paying your lawyers to track down what agreements apply to such a short snippet. Just get your own developer(s) to write the equivalent in-house instead.
I didn't say that this situation could not have occurred. But it strains my credulity to believe that it happened to the poster.
Why would he make it up? TFA seemed reasonable enough, and I've certainly encountered similar situations from a third party perspective more than once during my career.
I'm sorry, but your statement about the author having little claim to anything simply isn't true.
As for your advice, you're advocating breaking the law because you think you can get away with it, in reply to a question from someone who seems to want to do the right thing. That's unhelpful, unethical, and if things go wrong, dangerous legally as well.
As for your "it's all just a fairy tale" theory, that sounds like someone who's never seen a colleague get screwed because of something like this even though it wasn't really their fault. The result can be summed up in two words: career dead. Why on earth would you advise someone to risk it, when right now they've done nothing wrong and have several practical ways to avoid getting shafted?
This discussion is pretty scary. Of those posts I've read, a clear majority seem to be blatantly misrepresenting the most basic principles of copyright law. Whether this is out of ignorance or malice I don't know, but in many cases, it has now been moderated informative and/or insightful. Attempting to describe possible ethical actions the OP could take at this point seems to meet more derision and laughter than acknowledgement and agreement. And apparently some of our mods think it's funny to break the law, but trolling to point this out.
Slashdot used to be better than this, but it seems almost impossible to have any reasoned, objective discussion about copyright-related issues here now. Go ahead and mod me to hell for saying it; I've got karma to burn, and it has to be said.
Holy hell, someone finds some useful code posted on a forum, uses it illegally , and you report them to management??
There, fixed that for you. No charge.
I like your advice right up to the end - definitely don't touch it - but planning on leaving your position over someone else's mistake is rather drastic.
I wouldn't be planning on leaving because of someone else's mistake. I'd be planning on leaving because (a) the culture at the company is obviously not strong on ethics, and (b) one way or another, I look like being the fall guy if anything does go wrong as a result of that mistake.
OP said he was up against a release deadline and that the potential violator was in a position senior to his own. The survival guide says you saw nothing.
Whose survival guide is that? Both legally and ethically, turning a blind eye to this is at least questionable. Seeing no evil may let you last a bit longer with one employer of dubious ethics, but having been tangled up in some legal mess (even if you personally were entirely innocent) is not going to look good on your resume.
If you don't register it the result is that you simplu can't sue for quite as much as you could otherwise (although you can still sue).
Specific jurisdiction and citation, please?
You make a valid point, which is why the concept of due diligence exists. Exhibiting due diligence is one thing that tends to set the professionals apart from the amateurs. But any way you cut it, just grabbing a substantial, unattributed bit of code off a web site and using it in a commercial product doesn't sound much like performing due diligence, and the OP is right to be concerned.
To the OP: If I were in your position, for a start I wouldn't touch the code that already exists so it's very clear I didn't put it there or have anything to do with using someone else's copyrighted code. An informal approach drawing it to management's attention is probably a reasonable first action to try and restore compliance. If it's a larger company, they might have a dedicated compliance contact in the legal department you could approach if management is unresponsive. In any case, if the situation is not resolved quickly and appropriately, I would be planning on finding another job as soon as possible, since you really don't want to get caught up in any potential legal action, and it sounds like you're in the optimum position to become the fall guy.
No offence, but answers like this, and the first post for that matter, are exactly why posting questions like this to Slashdot is a bad idea.
In just about any jurisdiction, for many years now, works automatically fall under their creator's copyright unless there is another agreement. It does not enter the public domain until either the work is released to the public domain by the copyright holder or the copyright expires. The fact that the work is published on some web site makes absolutely no difference. The fact that it's not supplied with any explicit licence agreement makes absolutely no difference. If the code is ripped from someone else, and not for a fair use or whatever your jurisdiction calls the concept, then it is copyright infringement. There is no doubt about this, nor any need to weasel out saying call a lawyer. It is just basic copyright law.
As for the Bruce Perens thing, I haven't seen the talk in question, but I suspect it had more to do with patents than copyright. Rewriting the code in some significant way most certainly does make it a different beast from a copyright perspective, because copyright doesn't apply to the idea, it applies to the particular expression. You can't just rip someone's code and do an obvious search and replace or something similarly trivial, because then you would be creating a derived work using the original, which isn't allowed unless you qualify as fair use. But you can't copyright an algorithm (though in some places you can effectively patent one) so if you choose to completely rewrite the same algorithm in a different way then that's a new thing as far as copyright goes.
I, too, am not a firm believer in on-line anonymity: I think on balance it does more harm than good today, as cases like this illustrate. While I do understand that some people have a principled objection to compromising it, I take a pragmatic view on this one.
However, that doesn't mean just anyone should have access to just anything. We have judicial systems precisely to ensure that where any individual rights must be overridden in the interests of justice, it is done in a controlled way and with due process. It isn't criminal abuse of any aspect of Google until a court finds that it is, and while anyone can of course ask Google for help, they should have to obtain the proper agreement of a court before Google actually hand anything over to them.
Juts one point to highlight about google so called protecting people's privacy. Google fought to prevent giving the information away for 'free' not selling that information.
Ironically, as I write this, the top story on the Slashdot homepage suggests that Google aren't always so good at protecting people's privacy.
That case is doubly ironic, because it sounds as if there really was a decent case there and so a court probably would have issued the proper order, justifying Google releasing the relevant data. Doing so before that order was issued doesn't sound much like fighting not to give the information away to me, though.
In the information age, perhaps people's expectations need to change? It needs to be realised what you really do in public is not local but global.
Alternatively, maybe we should introduce legal safeguards that apply to data, taking into account the much greater storage, data mining and communication facilities available today? Just because we can do something, does not mean we should, particularly where "we" means governments, businesses or other groups with disproportionate resources rather than private individuals.
In fact, I would argue that to some extent this is inevitable. Everyone does things in "public" (which apparently includes people observing things inside your home from outside, for the purposes of this debate) that might be embarrassing as a minimum, or potentially even dangerous. It needn't even be what you were actually doing or some item you actually possessed; anything you could be misconstrued as doing or appear to possess counts, too.
Have you ever left a credit card statement on a desk visible from a window? Mistyped a password in a clear text field and then immediately deleted it? Followed a link from a normally reliable web site and found the content that appeared on your screen was not what you expected? Said something in your home that might be misunderstood if taken out of context? Had a visitor who looks a bit like someone who's been in the news recently? Of course you have, many times, and so has everyone else.
If we go down the path of saying everything that ever happens that is observable even momentarily from a public location may be permanently recorded and searchable by absolutely anyone, then privacy will be dead and we will have killed it. Humanity has evolved to respect privacy for a variety of good reasons, and the consequences of breaches in privacy can be life-changing or worse. If the highly resourced Big Guy gets to do whatever he likes in terms of invading the Little Guy's life (as long as it's done from a public place, naturally) then we're basically condemning anyone to suffer arbitrary, unaccountable damage if anyone else doesn't like them, and that is not a healthy path to tread.
Not gonna happen. Their business is advertising.
Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.
Thin client computing is on its way back - like it or not.
Why? What advantage does using all these on-line services actually offer me as the end user? How is this service better than my own hard drive (or having a remotely accessible server set up at home that I control)? How are Internet-based applications from the likes of Google or Salesforce.com better than installing software locally in any technical way?
All these services are basically just playing on the convenience of using a remote service, and that in turn is only relevant because of the absurdly awkward installation and maintenance processes people expect for desktop software. There is absolutely no technical reason these things have to happen, it's merely momentum in the marketplace.
Meanwhile, there are fundamental security, reliability and performance dangers associated with using any off-site service with an external provider. It all seems cute until your (or their) network connection drops out, or the service provider finds they're not making enough money and shuts the service down (which you can't do anything about with free services, since the provider is under no obligation to you), or the database leaks and compromises your personal information, or your costs for bandwidth and access to the services start to rise.
After the first few nasty accidents, I think people will have a very different view of these "convenient" external service providers, and I for one wouldn't bet on a thin client future just yet.
I have/still have all the concerns about my privacy, but the offering was too tempting to pass up.
And that is why things in today's database-driven, surveillance-obsessed society are going to get very much worse before they get better.
It's quite sad that even after the big leak here in the UK last week, things have gone quiet on the political front and there isn't a sustained media attack on our underpowered privacy and data protection laws.
With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.
I'm sorry, what track record would that be?
Google are quite possibly the world's leading authority on automated information gathering. After all, their ad-based business model fundamentally relies on being able to target those ads, and the continued success of their primary service, the search engine, depends on how effectively and comprehensively they can process the entire WWW.
As we have seen in the past, with everything from Google Street View to the leaks from a certain other popular search engine to Google Groups archives, vast databases like this will inevitably include information that people might have expected to remain private, and these services can make it accessible (deliberately or otherwise) to the entire world.
Google are a business like any other and, despite all the "do no evil" rhetoric, they will still do whatever they can get away with to make a profit for their shareholders, and they can still be compelled to disclose any information required by law (and laws can change).
Right now, it probably is no exaggeration to say that Google is the single greatest threat to privacy the world has ever seen.
The only power we can exercise is to not play the game.
<shrug> Sometimes, the only way to win is not to play... particularly if doing so completely kills your opposition.
No, silly. It's the government who listen in to everyone using the surveillance kit, not the megacorps! However, thanks to the latest communications channels, the government can now quickly provide data on up to 25 million people at once to those megacorps with very low overheads...