OPEN SOURCE SOFTWARE & LICENSING

A CONVERSATION ON

1

JASON CAROLAN - JCAROLAN@ME.COM

ABOUT ME

• 20+ years in technology

• Luther College

• Startups, Health systems, software / hardware cos.

• Current CTO ViaWest @ Denver - cloud services

• Relevant experience

• DE at SUN, IP Committee Lead for Sun field org.

• Open source contributor - it’s been a while!

And this is not legal advice!

WHAT WE’RE COVERING!

AGENDA

• Definitions - F/OSS, Intellectual Property

• License history

• License types

• Comparisons and constraints

• Examples

• Q&A

ITS ALL PROPERTY

STARTING AT THE TOP

• It applies to art, photos, written work, and code

• People and companies have different goals when they release the property -

• Monetary

• Exposure / Viral Marketing

• Giving Back

• Collaboration & Scale

DEFINITIONS

WHAT IS IP?

“Intellectual property refers to creations of the mind: inventions, literary and artistic works, and symbols, names, images, and designs used in commerce.”

What is Intellectual Property?, World Intellectual Property Organization (WIPO), http://www.wipo.int/about-ip/en/

The basis of IP protection is “Copyright” - Expression of Idea, vs the Idea itself — has evolved from worldwide laws over the last 500 years

- Patents protect property rights over a set number of years.

- Open source licensing — it pertains to open source — and there’s over 60+ licensing formats

source - wikipedia

WHY PROPERTY PROTECTION IS IMPORTANT

PROTECTION / RISK REDUCTION

• Ensure people can’t steal it

• e.g. Patents, Copyright (not always evil!)

• Ensure folks get “paid” for their work ($$s, attribution, etc)

• Ensure “open” stays open aka “copyleft”

• A license is a contract to permit

• Use

• Modify

• Distribute

• Control derivative work (distribute modifications)

• Specify warranty rights / or in most cases no warranty is implied.

AND WHAT ISN’T IT?

WHAT IS F/OSS?

• Free doesn’t mean open source - grants a license to use

• Open source may grant a free license - and it usually does

• Open source intent is a “copyleft” paradigm, which is enforced by copyright law - generally recognized internationally

• Once property / code /etc is “open sourced” it cannot be closed sourced - or revoked — but future releases MAY have different license schemes

• Typically, open source licenses restrict what type of license can be used down stream - for derivative work

WE CAN THANK RICHARD STALLMAN & ERIC RAYMOND

OSS/LICENSE HISTORY

photo source-wikipedia

OPEN SOURCE SUCCESS!

WHERE WE ARE TODAY

source - black duck softwaresource - techcrunch

97% of companies use Open Source Software!

-black duck - 2016

BUT THEY LIKE TO HIDE THEMSELVES IN COMPLEXITY

LICENSES ARE STRAIGHT-FORWARD?

• Restrictions / Permissiveness & Compatibility

• can I include in other software?

• how am I able to distribute?

• downstream distribution rights

• vs public domain

http://blog.microbiologynetwork.com/497/alphabet-soup-abbreviations-and-acronyms-of-interest/

source - wikipedia

LICENSES!TODAY’S MOST COMMON -

source - black duck - 2015 survey

GNU PUBLIC LICENSE / MANIFESTO

GPL 2/3

• A short history - it all started with Emacs (1983) — GNU projects did not have a single license, so users could take the source and do what they wanted — aka sell it, without his permission

• Stallman sought to correct this hence GPL or GNU Public License in 1988

• GPL 2 and 3 are the primary, Lesser = L

• Lesser GPL removes restrictions based on proprietary and commercial use, allowing it to be distributed as a library

• Prefer copyright to be assigned to FSF (Free Software Foundation), and tries to reduce forks by ensuring back-wards compatibility.

GPL 2/3

• GPL2

• provides the right to use, modify, derivative works

• requires distribution with the GPL license, in-tact

• ability to “copyleft” work to ensure open / free distribution

• is hard to incorporate into other licenses (see Library/Lesser)

• GPL3 - the current version

• is more compatible with other licenses

• allows patents to be included in the license

• more legal structure to handle violations, DRM

SOFTWARE THAT USES GPL… -GNU STUFF - ARDUINO

- FUSE - GRAPHITE - GNOME

BERKELEY SOFTWARE DISTRIBUTION

BSD 2 / 3

• Major difference to GPL - does not require downstream distribution to utilize the same license format - “copyleft” provisions

• Great for those wanting the right to potentially commercialize

• BSD 2 - Clause : Simplified BSD license / FreeBSD license

• Source and binary distributions refer to Copyright notice

• BSD 3 - Clause : New BSD

• 2+ Limitations- Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

SOFTWARE THAT USES BSD… - - SCALA - - CHERRYPY - -FREEBSD - -GO (!)

MASS. INSTITUTE OF TECHNOLOGY LICENSE

MIT

• Also known as the X11 license, allows open use in other licenses, as long as MIT notice is in-tact, including proprietary

• Is easy to incorporate into other licenses -e.g. can be incorporated into GPL

• Most common for F/OSS - Ruby on Rails, Node.js, Backbone.js, Jquery, etc.

APACHE SOFTWARE FOUNDATION

APACHE 2.0

• Requires license and copyright in-tact, but allows for patent applicability, private use only, sub-licensing, permissive modifications…

• Modifications can use any compatible license downstream

• Non-modified code must retain Apache 2.0 license

AKA MOZILLA COMMERCIAL LICENSE

MOZILLA PUBLIC LICENSE / MPL

• Limits downstream licensing - requires contributions to be made only under MPL

• Supports patent rights and litigation structure

• Works best for commercial endeavors, and is “verbose”

• Carve outs for US Government and International jurisdictions

BROAD APPLICABILITY TO MEDIA

CREATIVE COMMONS (CC) / SHAREALIKE

• Allows content owners / authors to provide open use, attribution of their ownership, and potential to restrict downstream use - “sharealike”

• Also able to clearly distinguish non-commercial use

source - wikipedia

RISKS AND CONCERNS

• Overall Infringement and Enforcement

• Copyright and Notice requirements

• Ambiguous and still new enough for random interpretation

• May be revocable

• Forking and downstream licensing formats / vs intent

• License management itself and overall process

• …

EXAMPLES - MOSAIC / NETSCAPE / MOZILLA

• Mosaic - one of the first WWW browsers - NCSA / IL

• Authors created Mosaic Communications, then Netscape, but distributed Mosaic/Communicator for free, for non-commercial use as “proprietary software”

• First example of truly viral software

• Netscape re-wrote, and distributed Netscape Communicator

• Mosaic was never open source, and still has a proprietary license from NCSA.

NETFLIX OSS

• Project started in 2015

• Focused on internal cross-functional code, much of it around AWS

• Simple pragmatic rules on what to keep proprietary and what to OSS - video / vs / compute

• e.g. Chaos Monkey, ICE

• Apache License Model

• OSS to reduce complexity internally and to share with broader community

• “costs to much to worry about charging $$”NOTE - RED HAT JUST BECAME THE FIRST $2BN

“OPEN SOURCE” COMPANY - 2016

PICKING THE RIGHT LICENSE

APACHE

MIT/BSD

GPL

PERMISSIVE

RESTRICTED - COPYLEFT MOZILLA RESTRICTED - COPYRIGHT

RESOURCES

• Open Source Definition - OSD

• https://opensource.org/osd

• License Help!

• https://choosealicense.com/

• https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses

• https://en.wikipedia.org/wiki/Permissive_software_licence

PICK A LICENSE!

SUMMARY

• Major constraints —

• Intent to restrict downstream value / openness

• Trade secret or public domain — probably something between

• where do you want this project to be 2-5 years down the road?

• Evolving and changing but the basics are the same, and mostly follow the open source definitions

• Pick a simple one and move on, you can re-write it :)

Q&A

THANK YOU!

jcarolan@me.com