[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPL and linking

On 5/6/05, Jeremy Hankins <nowan@nowan.org> wrote:
> "Michael K. Edwards" <m.k.edwards@gmail.com> writes:
> > You may not be qualified (as I am not) to offer legal advice.  But
> > you're certainly qualified to have an opinion.
> Sure.  But it's not relevant to this discussion -- despite what many of
> the participants seem to believe.

Did you read any of the rest of my message?  This particular sentence
of mine disagrees with your claim that "almost all of us aren't
qualified to have an opinion" on license issues.  Then what are we
doing messing around with other people's copyrighted material?

> > And there isn't
> > necessarily an "agreeable, safe position".
> Are you saying there's not?  So who's going to sue me (or Debian) for
> adopting an overbroad idea of what constitutes a derivative?  "Hey, you
> decided to abide by my license terms when you didn't have to.  I'm gonna
> sue!"  (Standing?  What's that?)

It's not particularly agreeable or safe to say, "we, Debian, interpret
the GPL to recursively follow the depends/reverse-depends
relationships of GPLed packages, crossing most of the individual API
and package boundaries within the work called Debian, and therefore
the strong set within Debian is being offered to our users under the
GPL alone, even if the individual packages contain MIT/BSD/whatever
licenses in debian/copyright".  That's probably a little stronger than
the estoppel one risks in saying the Debian consensus is that
dynamically linked Quagga -> NetSNMP -> OpenSSL is illegal (disallowed
under the GPL), but not much.

My take on it is that such relationships are perfectly legal, but that
as a courtesy to the FSF we undertake to resolve such situations when
they are discovered, either by efforts to obtain unambiguous license
compatibility or by package removal.  And if it were me, I'd keep
building Quagga against NetSNMP while proceeding with reasonable
dispatch, but not in a panic, to request that the Quagga upstream get
it together with respect to an OpenSSL exemption.

The risk in publicly acknowledging the FSF FAQ as a standard of
legitimacy is not that anyone will sue you but that Debian will
unwittingly provide a stalking-horse for some GPL copyright holder
(not necessarily the FSF) to attack Debian users and derivatives. 
Say, for instance, I write a program that uses an LGPL library whose
upstream doesn't follow a copyright assignment policy, and then
someone claims that their GPL code was pasted in a while ago.  I watch
helplessly while Debian relabels it GPL and purges all
GPL-incompatible engineering relationships to that library -- and
knowing that they have done so might put me at risk of being estopped
along with Debian even if I don't agree with the FSF FAQ myself.  That
would not be a good situation.

(By the way, my undying thanks to the Debian X Strike Force for
handling the XFree86 license situation the way they have.  No panic,
no sudden abandonment of the XFree86 code base, just a decision to
decline contributions not available under the MIT/X11 license even if
they're from upstream, and to move to an alternate upstream fork after
sarge.  And a carefully written FAQ, not over-commital on legal

> Conversely, if our idea of what constitutes a derived work is too
> narrow we could end up violating someone's copyright.

Again, that's not how it works.  In the presence of a valid license
contract, one is entitled to contract-law standards of the
reasonableness of one's attempts to cure a breach when notified.  The
"automatic termination" clause is probably unenforceable in most
jurisdictions; I think (IANAL) few would even read it as authority to
terminate on inadvertent (non-material) breach, let alone on the
licensor's idea of breach if the licensee's (reasonable) construction
makes it not a breach.

Consider how it worked in Progress Software v. MySQL.  The FSF's
affidavit on MySQL's behalf claimed that Progress's license was
terminated, but the judge didn't buy it, and upheld Progress's right
to go on distributing MySQL's GPL material.  The judge called the
derivative work issue a "matter of fair dispute" -- and hence not a
deliberate breach -- noted that it was arguably cured anyway, that
MySQL had not demonstrated irreparable harm, and that the balance of
harms favored Progress, and denied the request for preliminary
injunction on GPL/copyright grounds.

For legal purposes, it often matters not only what you do and don't do
but why you say you're (not) doing it.  Saying in public that you're
trying to do X less often because you believe it's illegal is
injudicious at best.  Doubly so if you go on to say that you believe
that you permanently lost your rights under a license every time you
did X.

- Michael

Reply to: