Author: Preston St. Pierre
In a presentation on open source software licensing issues, noted open source legal mind and license author Larry Rosen gave attendees a sampling of the new license applications he received via email while working for the Open Source Initiative (OSI) last year.
The emails were chock full of humorous statements from those seeking new open source licenses, which are now estimated to number about 60 different licenses and growing. Some applicants referred to their licenses as personal pets or members of the family, with one submission expressing hope for “my own beloved license.”
“How do we respond to someone who says his license is beloved?” Rosen asked. “How do we tell this guy: beloved or not, we don’t need your license?”
Other applicants conceded to the difficulty of reading existing licenses to avoid duplication and redundancy. “OK, I didn’t read them all, but I’m guessing they don’t,” said one of the emails that contended existing OSI licenses did not apply.
Other applications brought up legitimate issues that have yet to be addressed, including one that based a new license on the different laws of Australia.
“This is one example of an issue that the open source community needs to deal with,” Rosen said. “There does need to be some kind of a recognition of what the rest of the world is doing.”
Still, Rosen’s point in presenting the myriad of license proposals was that the continued proliferation of licenses and OSI inundation by “people that submit licenses because they like the sound of their name in the license” needed to be discussed and addressed.
The issue really boiled down to compatibility and avoiding duplication, according to Rosen, who did not aim to present solutions to the problem, but rather to increase focus and discussion on it.
“If I told you all the licenses we had were compatible, would you care how many?” he asked. “It’s not because the number is too high, it’s because they duplicate each other.”
Rosen even said one of his own licenses, the Jabber license, would better serve the open source community under another license, the MPL. Other existing licenses Rosen presented as most popular based on SourceForge data were the GPL, LGPL, BSD, Artistic, MIT, and Apache licenses.
“We don’t need two licenses,” he said. “We need one better license.”
Still, the audience and Rosen recognized the difficulty of convincing developers and others to switch licenses and work to stem the proliferation of new ones.
“We’ve got licenses out there that are currently in use,” Rosen said. “How do we deal with that? How do I convince them to pick a new license, and which one?”
Rosen, who added there is also the difficulty of reaching license users who may no longer care, conceded there was much work to be done with the legacy license problem, as well as the proliferation issue.
When asked about whether the marketplace would eventually enforce discipline on the licensing process, Rosen said it may be the only way to change the direction of proliferation.
“I think that has to happen,” he said. “The problem is getting worse, not better.”
Monumental, meaningful task
Another major issue and challenge for the free and open source software community, which will have a role in addressing it, according to Columbia University law professor Eben Moglen, is the next version of the GPL, which was last updated in 1991 in a very different world. Moglen credited the GPL for surviving as long as it has, but added, “We are, to be frank about it, pushing our luck.”
Moglen said while GPL version 3 will serve the same purposes as the existing license — as a copyright license, a code of conduct for the larger free and open source software industry, and as a constitution of the free software movement — it will have to deal with a number of new issues, including non-English languages, changes in the art of computer programming, and more diverse IT systems.
“It’s not that everything is different,” Moglen said. “Nor has the free software movement changed its goals. The conduct of industry has changed and there are more systems that are more engaged with the relationship with software. The license must continue to serve so many processes. There are actual changes in the nature of the relationship between machines and procedures.”
For example, Moglen said the new GPL — which he estimated will arrive in 2006 or 2007 — will have to accommodate different models of software distribution, such as Web services. “One of the major changes to the license is that it will speak to this issue, somehow,” he said.
Moglen also referred to the threat of “trusted computing,” where machines are set up to determine what programs they can or cannot run. “We will have to fight that one out, and the terms of that competition are not clear,” he said. “Otherwise, we would have a new version now.”
Moglen said the task of updating the GPL has repercussions across industry and society. “How we discuss this is more important than how Mr. Stallman decides,” Moglen said. “Nobody, including Mr. Stallman, will get everything they want in this process.”
Still, Moglen indicated the Free Software Foundation realizes the importance of delivering version 3 in a way that allows the community to prepare for it. “Many people must be able to plan,” he said. “We will make commitments and we will be good to them.”