Re: AGPLv3 Compliance and Debian Users
Excerpts from Richard Fontana's message of 2013-07-11 06:55:12 -0700:
> On Thu, Jul 11, 2013 at 03:12:39PM +0200, Ansgar Burchardt wrote:
> > > I'm no expert but that would be my interpretation. Also when I asked
> > > about the basis of the network part of the AGPL during the GPLv3 talk
> > > at DebConf10 in NYC, Bradley said the AGPL was specifically based on
> > > modification, _not_ on public performance or other use.
> > You have to make the source available in this case. Otherwise it would
> > be a trivial way around the AGPL (just have a third party modify the
> > program and give it to you).
> Co-author of AGPLv3 here, including the section at issue. You do not
> have to make the source available in this case, in general. In unusual
> cases of circumvention, like what I believe you are suggesting, the
> answer might arguably be different, but in the context of ordinary
> Linux distributions, when a user gets AGPLv3-licensed software that
> the *distro* has modified, that software is *unmodified* from the
> standpoint of that user downstream from the distro and therefore the
> user needs to do something to trigger the section 13 requirement.
> Otherwise you have to explain why modification was made to be the
> trigger. If the modified/unmodified distinction was meant to be
> meaningless, section 13 would have been drafted not to make any
> reference to modification. Indeed, other Affero-like licenses
> typically are broader than AGPLv3 in the sense that they work by
> redefinition of 'distribution' and thus are not limited to cases where
> the user has modified the software. This approach was specifically
> rejected when AGPLv3 was being drafted.
So are you suggesting that the AGPL's protections against commercial
takeover are basically moot? How would the AGPL be applied in this
Company A starts a business based on unmodified MediaGoblin. They hire
a firm, Consultants-R-Us, to manage their MediaGoblin code base and
develop a new new video encoder.
Their contract with Consultants-R-Us keeps ownership of all code in
Consultants-R-Us name, and C-R-U simply gives a tarball to Company A
which they then use to serve users.
Can we honestly say that Company A modified the software? If not, then
what is the point of the AGPL? To protect C-R-U?
I am not suggesting that this is absolutely not modification by Company A.
However, to a non-lawyer like me, it sure _looks_ like a big hole.