The GPL is not a burden.

One editor of the LWN commented recently on his yearly predictions for the ecosystem and how well they performed. The article is titled "The Grumpy Editor's 2008 retrospective." Perhaps the grumpy editor was a bit too grumpy this year. There hasn't even been enough coal to go around in people's stockings.

He comments:
The other prediction was that GPL enforcement actions would continue, and perhaps grow. The recent FSF lawsuit against Cisco makes it clear that the GPL enforcers are serious about what they are doing. Your editor cannot help but wonder, though, whether the increasingly litigious actions by the Software Freedom Law Center might not eventually lead to a serious backlash within the community. We are about freedom, not punitive damages. Enforcement of the GPL is necessary if we expect our licenses to be taken seriously, but overly zealous - or greedy - litigation could encourage those who say that use of free software exposes companies to an unacceptable level of risk.

Simply put, i fail to see in how the FSF is being 'greedy'. There have been attempts by the FSF since 2003 to bring Cisco into compliance, and the standard procedure has failed. More importantly, i don't think the GPL is necessarily a burden on companies either.

For instance, consider the EULAs provided with other industry software. The Windows Vista EULA is so onerous, and that's before even considering building a one-off product based on Vista. Between Oracle and SAP, with the multiple levels of licensing, it's a wonder companies don't get sued off the face of the earth just for using a free trial. Legalese has a very broad effect on the industry, and the way companies and other organisations operate. Schools and daycares, for example tend to be so liability conscious that they have very strict rules about what may and may not be done there. In the proprietary world, the burden has definitely been pushed from the software provider to the software consumer in many cases. Compared to the GPL, compliance is very simple.

Compliance can be even easier. Basic compliance roughly requires that all components that are liable under the GPL must be released with both the binary code and source code. GPLv3 compliance requires a few more steps that are a critical part of the design process. For example, the requirement not to use DRM or other methods to lock the user out of using the software on a target platform is a fairly high level engineering decision. GPL compliance also requires being aware of which components use GPL code. How easy is it to be in compliance then? Pretty easy. All you need to do is have a link that says 'source code over here', and you're done.

But what if projects under the GPL could be developed out in the open. I mean, if the linux kernel were hosted somewhere where anyone could see the kernel before it's even released, the source code would lead the binary code. If there was a website to host and house projects that are open source, it would be even simpler. It's a shame we don't have such tools and websites available. ;)

The open source methodology is to release early and release often. In Fedora-land, we have a number of tools, including Fedora Hosted, that are not only open for any takers, but can also be deployed free of charge, because they themselves are open source projects. Any company that wants to stay in compliance needs to understand that in some ways, open source software is easier than closed source.

0 flames: