Download - Don't Screw Up Your Licensing
Don’t Screw UpYour Licensing
Ansel Halliburton"
@anseljh
https://halliburtonlegal.com/
Silicon Valley Code Camp October 12, 2014
Who am I?
2
Lawyer"• Starting startups • Keeping startups out of hot water • Defending patent troll cases • Suing bad guys
!
Hacker"• Since age 10 • Lex Machina • Mechanical Turk module for Boto
(AWS for Python) • Raspberry Pi & Arduino robot
Writer"• TechCrunch contributor
• legal tech • startup law • smartphone patent wars • computer crime
• Paper on Somali maritime piracy
Daddy"!!!!!!
Disclaimers!
IANAL
IAAL
but
IANYL
3
This is general information for
educational purposes. It might not be right
for you! Talk to a lawyer for advice about your own
specific situation.
1 2
What is open source?
• The Open Source Definition by the Open Source Initiative: 10 paragraphs
• The Free Software Definition by the Free Software Foundation: 4 pages
4
What is open source?
5
Open source
Public domain
Free software
FOSS
FLOSS
GPL
BSD
???
What is open source?
“Open source software is software that can be freely used, changed, and shared (in modified or unmodified form) by anyone.”
6
• Free of charge
• Published source code
• Varying restrictions on commercial use
Intellectual Property
7
Kind Protects Laws
Patent Technological inventions Federal
Copyright Expression Federal
Trademark Signals of source Federal and State
Trade SecretsInformation that is valuable because
it is secretState
Open Source Proprietary
What is a license?
1. Contract
2. Allows use of IP (copyrighted source code)
3. Imposes conditions
8
License dimensionsNotice Must include notice and a copy of the license with code
Source code disclosure Must include a copy of your source code
SublicensingCan you grant downstream licenses?
Copyleft You code must be under the same license
Patent license Some give express patent license (GPLv2 is silent!)
9
Major open source licensesNotice Source Code Sublicense
GPL Y Y N
BSD Y N Y
MIT Y N Y
Apache Y N Y
ChooseALicense.com by GitHub
MIT License
11
GPLv3
12
12 pages long!
GPLv3 § 5
13
GPLv3 § 8
14
Consequences of screwing up licensing
• Lose control of your…
• code
• patents
• trade secrets
• company
15
How to screw up• Pick a bad license
• Pick the wrong license for your project
• Fail to attribute
• Fail to give source code
• Forget to get contributor assignments
16
( )
Notable screw ups• BusyBox cases (GPL violations by embedded
developers)
• Linksys (GPL violation in routers) Free Software Foundation, Inc. v. Cisco Systems, Inc.
• Settlement: $ donations to FSF + open source compliance director
• Versata (GPL violation in enterprise software) XimpleWare Corp. v. Versata Software, Inc.
17
How not to screw up
1. Pick the right license"
2. Give attribution
3. Give notice in source code
4. Include license
5. Contributor license agreement
18
ChooseALicense.com by GitHub
How not to screw up
1. Pick the right license
2. Give attribution"
3. Give notice in source code
4. Include license
5. Contributor license agreement
20
How NOT to screw up: attribution
21
How not to screw up
1. Pick the right license
2. Give attribution
3. Give notice in source code"
4. Include license
5. Contributor license agreement
22
License header (GPLv2)
23
one line to give the program's name and an idea of what it does. Copyright (C) yyyy name of author !This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. !This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. !You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
License header (GPLv2)
24
#!/usr/bin/env python !# dont_screw_up.py - Demo program for Don't Screw Up Your License talk # Copyright (C) 2014 Ansel Halliburton # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. !LICENSE_INTERACTIVE = """dont_screw_up.py, Copyright (C) 2014 Ansel Halliburton dont_screw_up.py comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.""" !if __name__ == '__main__': print(LICENSE_INTERACTIVE) print("Now we'll do something useful.") print("Just kidding!")
How not to screw up
1. Pick the right license
2. Give attribution
3. Give notice in source code
4. Include license"
5. Contributor license agreement
25
26
27
How not to screw up
1. Pick the right license
2. Give attribution
3. Give notice in source code
4. Include license
5. Contributor license agreement
28
Contributor License Agreements (CLA)
• Default copyright rule: every author owns his own contributions
• 100 contributors —> 100 separate copyrights
• CLA assigns contributors’ copyrights to the project (or project leader)
29
How to do CLAs• Make sure all committers sign a CLA!
• The easy way:
• get a CLA from Project Harmony.http://www.harmonyagreements.org
• use CLAHub to integrate your CLA with a GitHub repohttps://www.clahub.com/
30
31
Get a CLA
32
Get a CLA
…
33
Using CLAHub
34
Authorize CLAHub
35
Paste & markup CLA with Markdown
36
What contributors see
37
Contributors sign
38
Owner gets a nice CSV report
39
Add it to your repository
Bigtime compliance
40
https://www.blackducksoftware.com/audits/open-source-audits https://www.blackducksoftware.com/products/black-duck-suite/protex/black-duck-code-label
Miscellaneous
• Copyright exists by default
• Copyright registration grants more remedies
• Copyright lasts as long as Mickey Mouse needs it
• Fair use is probably not what you think it is (and doesn’t exist outside the US)
41
How not to screw up
1. Pick the right license
2. Give attribution
3. Give notice in source code
4. Include license
5. Contributor license agreement
42
Q & A
43
Thanks!
Ansel Halliburton"
@anseljh
https://halliburtonlegal.com
44