Open Source Licenses in Detail

Open Licensing Workshop, Mauritius, October 1/2, 2018

Dr. Till Jaeger

Certified Copyright and Media Law Attorney

www.jbb.de

2

Compatibility of FOSS Licenses

www.jbb.de

3

Licenses with a strong Copyleft:

● GPL - GNU General Public License, Versions 2 and 3

● AGPL - GNU Affero General Public License

● EPL – Eclipse Public License, Version 1

Licenses with a weak Copyleft

● LGPL – GNU Lesser General Public License, Versions, 2, 2.1 and 3

● MPL – Mozilla Public License, Versions 1, 1.1, 2

● EPL – Eclipse Public License, Version 2

OSS licenses

www.jbb.de

4

Non-Copyleft (permissive) licenses:

● BSD License (2-Clause, 3-Clause und 4-Clause)

● Apache License 2.0

● MIT License

● Academic Free License

● PHP License

● ...

OSS licenses

www.jbb.de

5

Derivative works cannot be licensed under more than one license at the same

time (except in the case of dual licensing)

Compatibility check:

a) are two components to be considered a derivative work?,

b) if yes: Copyleft triggered?,

c) if yes: are the FOSS licenses compatible?

License Compatibility

www.jbb.de www.jbb.de

6

Examination:

● Is there a Copyleft license? Is the Copyleft applicable? (e.g. derivative

work) - compatibility of the licenses involved

● More than one Copyleft license?

● If yes: compatibility clause applicable?

● If not: contains the non-copyleft license restrictions not contained in the

Copyleft license

License Compatibility

www.jbb.de

7

Non-copyleft licenses are always compatible among each other

Copyleft licenses are not compatible (except in the case of a compatibility clause)

Non-copyleft and copyleft licenses are compatible but in the case that the non-copyleft license provides an obligation the copyleft license does not provide (example: GPL-2.0 and Apache License 2.0 or BSD-4-Clause)

License Compatibility

www.jbb.de

8

Solution for copyleft licenses: compatibility clause

Sec. 3 LGPL-2.1, sec. 13 AGPL-3.0

“You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library.”

Sec. 3.3 MPL-2.0, Sec. 3.2 EPL-2.0 (compatibility with „secondary licenses“)

License Compatibility

www.jbb.de

9

GPL-2.0 (Linux) and GPL-3.0 – internal compatibility

Sec. 9 GPL-2.0 provides as follows:

● "any later version" – license under the GPL-3.0 possible

● Program does not specify a version number – license under all versions (GPL-1.0, GPL-2.0 and GPL-3.0) possible

● GPL-2.0 only? Not intended by sec. 9 GPL-2.0, but FSF tolerates this licensing for a long time – GPL-2.0 and GPL-3.0 are not compatible in this case

License Compatibility

www.jbb.de

10

License Compatibility

Source: https://stackoverflow.com/a/6523628

11

New solution for the compatibility problem in the GPL-3.0

Sec. 7 GPL-3.0

"Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:

a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or

b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or ….”

License Compatibility

www.jbb.de

12

Lizenzkompatibilität bei der GPL

13

FOSS Licenses (I)

BSD, MIT, Apache and MPL

www.jbb.de

14

Permissive License (Non-Copyleft-License)

Three versions: BSD-2-clause, BSD-3-clause and BSD-4-clause

2-clause and 3-clause are compatible with most other OSS licenses, BSD-4-clause not

compatible with the GPL

Simple use with proprietary developments

BSD Licenses

www.jbb.de

15

Copyright © 2012 Yahoo! Inc. All rights reserved.Redistribution and use of this software in source and binary forms, with or without modification, are permitted provided that the following conditions are met:Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of Yahoo! Inc. nor the names of YUI's contributors may be used to endorse or promote products derived from this software without specific prior written permission of Yahoo! Inc.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

BSD Licenses

www.jbb.de

16

BSD-4-clause - advertising clause:

“All advertising materials mentioning features or use of this software must display the

following acknowledgement: This product includes software developed by the

University of California, Berkeley and its contributors.“

BSD-3-clause – „non-advertising“ clause:

„Neither the name of the <rightholder> nor the names of its contributors may be used

to endorse or promote products derived from this software without specific prior

written permission.“

BSD Licenses

www.jbb.de

17

License obligations:

● Delivery of the license text (including the disclaimer)

● Providing all copyright notices

BSD Licenses

www.jbb.de

18

Permissive license

Grant of rights is broad

License obligations:

“The above copyright notice and this permission notice shall be included in all

copies or substantial portions of the Software.“

MIT License

www.jbb.de

19

Permissive license

Obligations similar to the BSD-3-clause

Additional obligations:

● Indemnification clause

● Prominent notice about modifications in adapted files

● Providing a NOTICE file (if preexisting)

● Retaining trademark, patent and copyright notices

Apache License 2.0

www.jbb.de

20

21

Compatible with GPL-3.0, but not with GPL-2.0

Indemnification provision in sec. 9

Termination of patent license in sec. 3

Apache License 2.0

www.jbb.de

22

Weak Copyleft

The copyleft is restricted to files containing CDDL/MPL code (file-based approach is a mere formal

criterium)

No risk to be obliged to license proprietary software under the MPL/CDDL as long as modifications

are made outside such files

MPL-2.0 contains specific compatibility clause with the AGPL, GPL and LGPL

MPL and CDDL

www.jbb.de

23

License obligations:

● Delivery of the license text

● Access to the source code and information about how to access

● Retaining trademark, patent and copyright notices

● Prominent notice about modifications in adapted files

MPL and CDDL

www.jbb.de

24

FOSS Licenses (II)

AGPL, GPL and LGPL

www.jbb.de

25

Overview to GNU licenses:

● Free Software Foundation (FSF) is the license steward

● GNU GPL is the flagship license for Copyleft

● GNU LGPL is a specific license for libraries

● GNU AGPL is a license for SaaS with Copyleft

GNU Licenses

www.jbb.de

26

GNU Licenses

www.jbb.de

Source: Derek Molloy, http://derekmolloy.ie/writing-a-linux-kernel-module-part-1-introduction/

27

Most popular FOSS license

Linux is probably the most important free software (Android, embedded

systems)

Version 2 from 1991, version 3 from 2007

GPL

www.jbb.de

28

Right to reproduce and distribute

Right to create derivative works

Right to make the software publicly available (see sec. 3 GPL-2.0)

Rental right

GPL-2.0 – Grant of Rights

www.jbb.de

29

Providing the license text (in paper or electronically)

Copyright notice(s) and disclaimer

Providing the complete corresponding source code (or written offer thereof)

No license fees or further restrictions

www.jbb.de

GPL-2.0 – Distribution Obligations

30

Source code exactly corresponding to the distributed binary

Scripts to control compilation and installation

Not necessary: standard libraries, compiler and other tools (but helpful for

embedded systems with cross compiling)

GPL-2.0 – Complete Corresponding Source Code

www.jbb.de

31

Sec. 2b GPL-2.0:

“You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.“

GPL-2.0 – Copyleft

www.jbb.de

32

Sec. 0 GPL-2.0:

“The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language.“

Sec. 2 GPL-2.0: interpretation of what is considered as a derivative work – or just a

referrer to what is a derivative work under copyright law?

GPL is not very clear about how to interpret „derivative work“

GPL-2.0 – Copyleft

www.jbb.de

33

Sec. 2 (2) GPL-2.0:

“If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.”

Proposal for an interpretation: formal and functional criteria

Formal criterion: code in one single file has to be considered as a derivative work (e.g.

static linking)

GPL-2.0 – Copyleft

www.jbb.de

34

Clear cut cases: modifications within a source code file

IPC – inter process communication (e.g. sockets, pipes): typical for independent

works

Use of software tools which do not copy code in the created program (but Bison

and gcc have specific exceptions)

GPL-2.0 – Copyleft

www.jbb.de

35

Unclear cases: dynamic linking, kernel modules

Kernel modules are deeply integrated into the kernel – copyleft probably applies

Dynamic linking: differentiation between standard libraries and non-standard

libraries? But: strict position of the FSF (always a derivative work)

GPL-2.0 – Copyleft

www.jbb.de

36

License FAQ of the FSF: http://www.gnu.org/licenses/gpl-faq.html

Interpretation of the FSF: not binding, but factual relevance

GPL-2.0 – Copyleft

www.jbb.de

37

Internationalization of terms: “Propagate” and “convey”

“Convey” replaces “distribution”

“Convey”: transfer of a copy – SaaS does not trigger license obligations (except

javascript running on the client)

GPL-3.0 – Changes to GPL-2.0

www.jbb.de

38

Changed distribution obligations (e.g. source code can be provided by

download)

Anti-tivoization clause and „Installation Information“

Anti-DRM clauses

Automatic termination and automatic licensing

www.jbb.de

GPL-3.0 – Changes to GPL-2.0

39

Strengthening of license compatibility

Additional restrictions allowed under sec. 7

Affero General Public License (AGPL-3.0) – Copyleft for webservices

But: no license compatibility with GPL-2.0 „only“

GPL-3.0 – Changes to GPL-2.0

www.jbb.de

40

Strong copyleft license

Grant of rights and license obligations as in the GPL-3.0

Additional requirement: source code for software that is running on a server

instead of being distributed has to be provided under the AGPL-3.0

Compatible with GPL-3.0

AGPL-3.0

www.jbb.de

41

Weak copyleft

License for libraries, in particular: glibc

Former name: Library General Public License

Goal: free libraries as a standard

Version 2.1 from 1999, version 3 from 2007

Libraries under the LGPL are dual licensed under both the GPL and LGPL (sec. 3 LGPL-2.1) - can be used with GPL licensed applications

LGPL

www.jbb.de

42

Distribution of the combination of an application with the library:

● Sec. 5: the application is defined to be a „derivative work“ if linked with the library

● Sec. 6: exception for the distribution of executables containing the library

● Sec. 7: exception for the combination of library facilities within one library

LGPL

www.jbb.de

43

License obligations (general obligations):

● Providing the license text of the LGPL

● Providing the source code of the library

● Prominent notice about modifications in adapted files and the date

● Modified library must itself be a software library

● Modified library has to be licensed under the LGPL

LGPL

www.jbb.de

44

License obligations (for the distribution with an application, sec. 6 LGPL-2.1):

● Permission (license) to modify the application for the customer's own use and reverse engineering for debugging such modifications – but no obligation to provide the source code of the application

● Prominent notice that the library is used in the application (if so) and that the library is covered by the LGPL

● Use a shared library mechanism or deliver the object code file of the application to allow relinking

LGPL

www.jbb.de

45

License obligations (for the distribution with an application):

● If the application displays copyright notices:

– Including a copyright notice for the library among them

– Including a reference directing the user to the license text

LGPL

www.jbb.de

46

LGPL-3.0 is the GPL-3.0 with additional permissions

Modifications of the library have not to result in a (new) library

No permission needed to allow the modification of the library (see sec. 4)

Providing the license texts of the LGPL-3.0 and GPL-3.0 required

LGPL

www.jbb.de

47

Software Freedom Law Center Guide to GPL Compliance: https://www.softwarefreedom.org/resources/2014/SFLC-Guide_to_GPL_Compliance_2d_ed.html

Copyleft and the GNU General Public License: A Comprehensive Tutorial and

Guide: https://copyleft.org/guide/

FAQ of FSF and FAQ of ifrOSS: http://www.ifross.org/en/faq-frequently-asked-questions

www.jbb.de

GNU Licenses - Interpretation

48

FOSS Licenses (III)

EPL and other FOSS Licenses

www.jbb.de

49

EPL is an adapted version of the Common Public License (CPL)

License steward is the Eclipse Foundation instead of IBM

EPL-2.0 published in 2017 – weak copyleft license

The laws of the state of New York are applicable

EPL and CPL

www.jbb.de

50

EPL-1.0: strong copyleft but scope is unclear (and this interpretation)

Copyleft:

"Contribution" means: a) …, b) in the case of each subsequent Contributor:

i) changes to the Program, and ii) additions to the Program;

where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.

EPL

www.jbb.de

51

EPL

www.jbb.de

52

Different interpretations of FSF and Eclipse Foundation about what is a

„derivative work“

Problem solved with EPL-2.0:

“Modified Works shall not include works that contain only declarations,

interfaces, types, classes, structures, or files of the Program solely in each case

in order to link to, bind by name, or subclass the Program or Modified Works

thereof.”

EPL

www.jbb.de

53

EPL-1.0 allows licensee to use the software under EPL-2.0:

“Each new version of the Agreement will be given a distinguishing version

number. The Program (including Contributions) may always be distributed

subject to the version of the Agreement under which it was received. In addition,

after a new version of the Agreement is published, Contributor may elect to

distribute the Program (including its Contributions) under the new version..”

EPL

www.jbb.de

54

License obligations:

● Providing the license text of the EPL (or complying license)

● Providing the source code

● Prominent notice about modifications in adapted files

● Retaining trademark, patent and copyright notices

● Indemnification for contributors (sec. 4)

EPL

www.jbb.de

55

DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE

Version 2, December 2004

Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>

Everyone is permitted to copy and distribute verbatim or modified

copies of this license document, and changing it is allowed as long

as the name is changed.

DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. You just DO WHAT THE FUCK YOU WANT TO.

WTFPL

www.jbb.de

56

Permissive license

License for the license text and license for a computer programme

No license obligations

WTFPL

www.jbb.de

57

Public domain in the US: waiver is possible

Public domain in Germany: copyright protection has to be expired (70 years after the death of the author; sec. 15 Mauritius Copyright Act: 50 years)

Dedication to the public domain may be interpreted as unristricted permissive license without license conditions

Sample code in books or public documents – license required

Public Domain

www.jbb.de