Re: AGPLv3 Compliance and Debian Users
Clint Byrum wrote:
Excerpts from Richard Fontana's message of 2013-07-11 10:45:00 -0700:
On Thu, Jul 11, 2013 at 08:27:31AM -0700, Clint Byrum wrote:
Excerpts from Richard Fontana's message of 2013-07-11 06:55:12 -0700:
On Thu, Jul 11, 2013 at 03:12:39PM +0200, Ansgar Burchardt wrote:
I'm no expert but that would be my interpretation. Also when I asked
about the basis of the network part of the AGPL during the GPLv3 talk
at DebConf10 in NYC, Bradley said the AGPL was specifically based on
modification, _not_ on public performance or other use.
You have to make the source available in this case. Otherwise it would
be a trivial way around the AGPL (just have a third party modify the
program and give it to you).
Co-author of AGPLv3 here, including the section at issue. You do not
have to make the source available in this case, in general. In unusual
cases of circumvention, like what I believe you are suggesting, the
answer might arguably be different, but in the context of ordinary
Linux distributions, when a user gets AGPLv3-licensed software that
the *distro* has modified, that software is *unmodified* from the
standpoint of that user downstream from the distro and therefore the
user needs to do something to trigger the section 13 requirement.
Otherwise you have to explain why modification was made to be the
trigger. If the modified/unmodified distinction was meant to be
meaningless, section 13 would have been drafted not to make any
reference to modification. Indeed, other Affero-like licenses
typically are broader than AGPLv3 in the sense that they work by
redefinition of 'distribution' and thus are not limited to cases where
the user has modified the software. This approach was specifically
rejected when AGPLv3 was being drafted.
So are you suggesting that the AGPL's protections against commercial
takeover are basically moot?
No. The main problem I have been seeing is in the opposite direction:
overbroad interpretations of AGPLv3, one of the reasons I am chiming
in here. It is the tendency to overbreadth that is tragic.
How would the AGPL be applied in this
Company A starts a business based on unmodified MediaGoblin. They hire
a firm, Consultants-R-Us, to manage their MediaGoblin code base and
develop a new new video encoder.
Their contract with Consultants-R-Us keeps ownership of all code in
Consultants-R-Us name, and C-R-U simply gives a tarball to Company A
which they then use to serve users.
Can we honestly say that Company A modified the software?
Possibly, in that case -- but that's entirely different from the
distro packaging scenario.
Right, I want to understand AGPL's motivations is all.
I used to put similar terms on my code, back before the GPL existed.
Essentially: If you modify this code, you must send your modifications back to
me (the original author). The motivation is that if you fixed a bug or
improved the code, you should make your improvements available to me, and I
subsequently make them available to the user base at large in my next release.
I don't consider this a terrible restriction - if you're using my code that
you got for free, and are deriving value from it, and find a way to make it
better, I think you owe it to everyone to release your improvement freely as well.
If not, then
what is the point of the AGPL? To protect C-R-U?
I am not suggesting that this is absolutely not modification by Company A.
However, to a non-lawyer like me, it sure _looks_ like a big hole.
I don't see any hole. If C-R-U did the modifications then they are obligated
to publish the source code, by virtue of the fact that giving the modified
code to Company A is distributing it.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/