New idea for finessing patent issues (was: lame (again!))
We have a conflict: staying true to our ideals, which hold that
software patents are a travesty, and preventing nasty lawyers from
suing Debian for contributory patent infringement. To shield Debian
from legal liability, we do not include patented algorithms in the
main archive.
This means that even people who would not violate the patents by using
the software in question (eg for research purposes, or in countries
where the algorithm in question isn't patented, or people who hold
explicit licenses, or people who would use the software in
circumstances covered by a waiver from the patent holder) are also
denied the convenience of having the software included in Debian.
I'd like to propose a less onerous solution to the conflict. A
solution which would allow Debian to package and archive the software
in question, and would allow people in above situation to use the
software, while preventing anyone in violation of the above rules from
using the software. As a consequence, even though Debian would be
distributing the software in question, it would be shielded from legal
liability.
The idea is to have a click-through license of sorts. Before a
potentially-patent-violating package is installed (ie in a preinst)
the user would be notified that the software contains a patented
algorithm, the identity of the patent would be explained, and the user
would be asked if they might be violating the patent by using the
software. The list of reasons by which one might not be in violation
(see above) would be available for viewing. The user might even be
required to mark which of the above reasons, if any, apply to them.
If they do not indicate that they have the legal right to use the
software in question, then the system would refuse to install it.
As an added legal protection, another question could follow this one,
in which the user is informed that lying on the previoius question is
a violation of the law, and requiring them to swear that they are
telling the truth, and to assume any and all legal risk from any
patent violations that might occur in using the software, and
specifically to indemnify Debian from any legal risk. Again, if they
do not agree the software would not be installed.
As a convenience for developers, and to allow the legal wording to be
modified more conveniently, most of this dialog could be encapsulated
in a package: software-patent-warning.deb. In the configuration for
the software-patent-warning package, the user could indicate that they
live in a country in which software patents are invalid. In that
case, the click-through text could be skipped, and instead a warning
displayed. This warning would mention that software embodying a
patented algorithm is being installed, but that the user has indicated
that the computer is residing in a venue in which such patents do not
apply - but that if the computer is ever moved the user should take
care to either remove the software in question, obtain authorization
from the patent holder, or otherwise ensure that they are not in
violation of the patent.
This would be very simple to implement. (I'd be happy to do it
myself, in consultation with lawyers here at my university, and/or any
other council that Debian or SPI has access to.) It would allow
Debian to support authorized users of patented algorithms, but would
prevent any patent violations from taking place. Debian would not be
contributing to any patent infringements; quite the contrary, it would
be taking strenuous measures to ensure that no such infringement
occurred, including educating its users in relevant patent law.
It has been suggested to me that system administrators might actually
lie in their responses to the above dialogs, but I consider that
highly unlikely. In any case, we shouldn't contort our software
infrastructure to shield bald-faced liars from the legal consequences
of their actions. If sys admins lie in such a setting, especially in
the face of such clear warnings, it wouldn't be Debian's fault.
Reply to: