Transcript - ArchitectNow

Navigating the Open Source
Legal Waters
Presenter:
Jeff Strauss
August 14, 2013
Who is this guy?
•
•
•
•
•
Jeff Strauss
ArchitectNow
Developer, Consultant, and (Non-Practicing) Attorney
[email protected]
@jeffreystrauss
Well-Known Open Source
•
•
•
•
•
•
Apache
Linux
Android
Webkit
Firefox
ASP.NET MVC, Web API, and Web Pages (Razor)
What does Open Source Mean?
•
•
•
•
•
•
Must be freely distributed
Source code must be included
Anyone must be allowed to modify the code
Modified versions can be redistributed
License must not exclude or interfere with other software
No discrimination (against groups or endeavors)
Wait! I can sell open source?
• YES! But commercializing a piece of software does not make
it proprietary to the distributor.
• Ways to “sell” open source or related services
• You also cannot restrict who uses, modifies, or redistributes.
How do I copyright my stuff?
• The answer: “It Depends”
• Many licenses provide instructions with them
• Otherwise, use common sense and follow the pattern
• This typically includes a LICENSE and/or NOTICE file
• Also copyright language at the top of relevant code files
Binary Distribution
• It may be permissible to distribute only compiled binaries
• NOTE: The binaries cannot be considered “open source”
Permissive vs. Copyleft
• Copyleft licenses are more restrictive to commercial purposes
• GPL, LGPL, and (to a lesser extent) the Mozilla licenses
• Basically licensee must abide by rules and impose them downstream
• Permissive licenses are any non-copyleft licenses
• If I am an author, do I really want to use a permissive license?
So which ones are popular?
Among the most common are:
• GNU General Public License (GPL) 2.0 and 3.0
• GNU Lesser General Public License (LGPL) 2.1
• MIT License
• BSD License 2.0
• Mozilla Public License (MPL) 1.1
• Apache License 2.0
MIT License
• This a short-form license, but with explicit rights granted to
the end-user
• Often referred to as the “X11” license or the “Expat” license
• These are actually two different versions
• With X11, you cannot leverage original author’s name for promotion
of derived works
• Non-attribution clause in X11 is there to protect original
authors’ reputations
BSD License
• There have been several versions
• The “original” version (pre-1999) had an advertising clause
• Caused problems due to the burden of listing contributors
• The “modified” version added non-attribution like the MIT X11
• There is also a newer “FreeBSD” license that is less restrictive,
not including the non-attribution clause
Apache License
• In many ways, another typical permissive license, with v1.1
working like MIT and BSD
• Key clauses:
• Has a (less cumbersome) advertising clause for end-user docs
• Contains the non-attribution provision
• License was rewritten (v2.0) and has substantial changes
Apache (version 2.0)
• Most important piece: patent protection
• Also expressly defines Contributions, Derivative Works, and
excludes “mere” linking of the licensed Work.
• All contributions become part of the Work (under Apache 2.0)
• Derivative works may be licensed under other licenses
• Change log requirements
Mozilla License (MPL)
• Part of a family of “Common Public License” type
• This is more of a hybrid license
• Like a cross of New BSD and GPL… maybe like the LGPL?
• Designed to motivate both businesses and the open-source
community
• Core software, or Covered Code, remains under MPL, but
other derivative works may be distributed with other licenses
GNU Licenses – (L)GPL
• GPL is the most restrictive of these, a true copyleft
• Technically any work that is bundled and redistributed with
GPL libraries are considered a single derivative work
• Ironically, the “most restrictive” license could also be seen as
providing the “most open” software product
• LGPL is “semi-permissive”
• They allow linking with proprietary (or other non-GPL) software
• The FSF actually prefers and encourages straight GPL
Microsoft Licenses
• Microsoft has two approved licenses: Ms-PL and Ms-RL
• The Microsoft Public License is less restrictive
• The Microsoft Reciprocal License is more like the LGPL
Developer Considerations
• What are you goals for the project?
• Do you care about use at the enterprise level?
• Choose-a-License:
• http://choosealicense.com
• Good O’Reilly discussion of open source licenses:
• http://oreilly.com/openbook/osfreesoft/book/
Consumption Considerations
• What’s the license?
• Don’t just click “I accept” without reviewing
• What happens when you update?
• How does this play in the enterprise?
Questions? Comments?