OSI Affiliate Scheme Live

The move to membership at the Open Source Initiative continues. OSI just published a list of the last five “invited” non-profit Affiliate Members, and opened for general applications. As well as open source development communities, I would also love to see open source user groups all over the world apply to join OSI, as the French user association AFUL has done.

Among the other (very welcome!) Affiliates joining OSI, I’m also pleased to see a non-profit open source user organisation; the Wikimedia Foundation. This is another step towards OSI fulfilling the core of the vision with which it was initially founded back in 1998; “to educate about and advocate for the benefits of open source and to build bridges among different constituencies in the open source community.” (my emphasis).  It’s time.

★ On Copyright Aggregation

Monarchs on EucalyptusA collaborative activity dubbed Project Harmony is now under way between corporate and corporate-sponsored participants in the free and open source software communities (not to be confused with the Apache Java project of the same name). The project seeks to harmonise the various participant and contributor agreements – collectively termed “contributor agreements” by some – used by many open source projects.

The goal of the project’s initiators is to reduce the legal costs of analysing paperwork faced by companies contributing to open source projects. Initiated and sponsored by Canonical, meetings have already been held several times under the Chatham House Rule, including one recently during LinuxCon in Boston. The participants also number several people who are skeptical of the value of copyright aggregation, myself included. At the meeting I was asked to write about my skepticism; this article is the result. I’m by no means the first to tread this ground; you’ll also want to read the earlier article by Dave Neary, and the comprehensive article by Michael Meeks ends with a useful list of other articles.

What are “contributor agreements”, why do they exist, and are they a good thing?  The need often arises from the interaction with open source of certain approaches to business. They serve a need of those approaches, but they can come at a significant cost to the health of the project. If you’re starting a new project, it’s worth understanding the bigger picture before diving in with a practical guide on the assumption “everyone uses contributor agreements” because not everyone does. For good reasons.

Dual Licencing

One of the dimensions of the business of open source has been the dual-licensing business model. The name is a little confusing since there is (usually) only one open source licence used – the second arrangement is usually a proprietary license or contract exempting the customer from some of the terms of the open source licence. It can be better to describe this as “selling exceptions to the open source licence”, and it is commonly done in conjunction with the GNU General Public License (GPL) which has clauses some businesses regard as hard to accept.

Under this model, open source software is genuinely present, guaranteeing the freedoms of its users, but the business owning the copyright makes money by selling benefits such as the right to make derivatives under a different licence, commercial terms that offer additional guarantees and (most famously) anything-but-the-GPL as the licence under which the software is used. This last option means dual-licensing has often been associated with shady sales tactics along the lines of “it would be a shame if your business got infected with that evil GPL viral licence…”

Copyright Aggregation

In order to use this model, the business owning the copyright has to own the entire copyright to the software they are distributing. As a consequence, when any community member wants to add a modification or enhancement to the source code for the software, the owner demands that to do so they must also hand over their rights to the addition. To achieve this, the copyright owner makes signing of a legal document mandatory for any involvement in the community that involves co-development.

Usually called a “contributor agreement” (to the detriment of older arrangements that use that term for community participation agreements that don’t actually aggregate copyright), the document gives rights amounting to ownership of the copyright in the new work to the copyright aggregator. It may also include other clauses, such as a statement or originality (“this is my work and I didn’t plagiarise it”), a grant of patent rights and even an indemnity (“if you get sued you can blame me”). In most cases the author retains rights to their individual work in some form or receives a license back, but it’s only the aggregator who has ownership of the copyright to the whole system.

So What’s The Problem?

Open source can be defined as the co-development of software by a community of people who choose to align a fragment of their self-interest in order to do so. The commons in which they work contains software under an OSI-approved licence free from usage restrictions with guaranteed freedoms to use, study, modify and distribute it – “free software”. The community members each work at their own expense in order to achieve a shared outcome that benefits all, including themselves. When they create an enhancement, fix a defect, participate in a design, they are not “working for free” or “donating their work” so much as they are “participating in co-development”.

That favoured word “contributor” gives a clue to the problem copyright aggregation agreements cause. An open source community is an open, meritocratic oligarchy – ruled by an elite who gained leadership based on the merit of their participation and skills, open equally to anyone who does the same in the future. The presence of a “contributor agreement” that involves copyright aggregation may be a warning sign that the community using it has one member who is more equal than all the others.

Communities whose members are termed “contributors” rather than “members” or “participants” may well be unequal places where your interests are subsidiary to those of the copyright owner. They are often dominated by users and fans of the software rather than by co-developers, since the inequality makes it hard-to-impossible for a genuine co-developer to align any fragment of their interests on equal terms. Indeed, this inequality is seen by some dual-license proponents as one of the attractions of the model as they seek a community of enthusiasts and (hopefully) customers that they can exploit without competition.

Exceptions

There can be justifications for having copyright aggregation by and for a community. When the beneficiary of the aggregated copyright is the community itself (in the case of a community hosted by a non-profit Foundation), there are benefits available that may outweigh the disadvantages. These include giving the Foundation the legal right to enforce the copyright in certain jurisdictions, and the freedom to update the open source licence later. They may also include the granting of additional rights such as patent licences in the case where the open source licence does not adequately deal with patents, or to help in countries where copyright law is sufficiently different from US law that the US-centric concepts behind open source fail. Richard Fontana covered these well in his LinuxCon presentation.

Even with these benefits available, there are many communities that choose not to aggregate their copyrights – notably the Linux kernel, GNOME, Apache and Mozilla communities. The recent policy and guidelines on copyright assignment by the GNOME Foundations are especially worth reading. Having diverse copyright ownership leads to a deeper mutual trust and an assurance that the playing-field remains level. Insisting on copyright aggregation is one of the more certain ways a company can ensure the open source community it is seeding remains small and lacking co-developers. With the rise of “value add” business models such as Apache-based open core or service subscriptions, it is less necessary for the businesses involved to aggregate copyright.

Some Foundations that avoid aggregation (such as Mozilla) do have a document termed a contributor agreement but the purpose it serves might be better termed a “participant agreement” since it mainly addresses community norms and specifically avoids copyright aggregation. Indeed, there are some who suspect a motivation for using the term “contributor agreement” vaguely to describe agreements also aggregating copyright is a tactic to screen the toxicity of copyright assignments from general view.

How To Flourish

It may well be advisable to have a participant agreement for your community, to ensure that everyone has the same understanding of and commitment to the project if they are sharing its evolution. But if you want your community to flourish, eschew aggregated copyrights, or vest them in a non-profit entity representative of and open to the community. In fact, avoid any institutional inequality and focused control. Communities should be open-by-rule.

In my experience,  attempting to retain control of a project you’re starting or hosting leads to mistrust, contention and a rules-based focus that diminishes your reputation. Relaxing control will lead to the community innovating and growing in ways you’ve not anticipated, as well as enhancing your reputation. As I’ve frequently said (although less frequently been heeded): trade control for influence, because in a meshed society control gets marginalised while influence delivers success.

[First published in ComputerWorldUK]

★ “Which Open Source Licence” Is The Wrong Question

Mesa Verde Cliff Palace DetailVarious commentators are beginning to pick at the threads of the rediscovered collaborative model for open source now that the “open source bubble” is being superseded. This is a return to what many of us regard as “real open source” (the co-development of software by a community of people who align a fragment of their self-interest in order to do so, using their software freedoms under an open source license and open governance).

Glyn Moody asks the question of which open source licence is best for the new wave and comes to the conclusion that the problem that’s faced open source projects in the “bubble” has been less licence choice and more the practice of corporate control via copyright aggregation. I have more to say on this subject in a forthcoming essay.

Glyn’s article has triggered a somewhat strident response from Matt Asay, who picks up a surprising message that I find hard to read in Glyn’s article. He asserts that Glyn (and I) are advocating that the businesses participating in the new collaborative wave should use proprietary software to earn their revenues. This assertion appears to flow from a conviction the only way a business can succeed is by keeping some sort of copyright (or patent) control that creates an artificial scarcity.

I believe the seed of this view is a riff on one of the oldest arguments in software. To comment on it, I first need to get philosophical for a moment.

Cause and Effect

There are two views of the place of “cause and effect” in the world. One believes in direct causality, the other in systemic causality. Both are correct much of the time, so the difference between them rests beneath the surface of most realities. Both are tools in guiding behaviour and predicting consequences.

In most circumstances, direct causality seems the obvious interpretative lens for the past and predictive lens for the future. We are most comfortable when we can draw clear circles around causes and thick lines between them and their consequences. We admire the “chess players” of society who can draw long chains of clear circles and thick lines, and for most of us the ability to mentally calculate chains of cause and effect is limited to only a few steps.

But certain systems involve a longer chain of lesser causes and effects that makes a focus on the individual steps unhelpful. Things like evolution, national economics, global warming and terrorist networks all need a systemic view if they are to be properly understood, and a focus on what the individual can directly prove leads to bad choices. These systems are especially difficult for people with “just do it” attitudes, who find it hard to take “on faith” that they should act in a contrarian way because of a larger system which can’t be seen and computed in its entirety.

When our outlook is dominated by direct causality, we seek control over causes. When our outlook is dominated by systemic causality, we seek influence over the network of causes and effects. In many cases, both outlooks lead to the same decision, but as we have moved to a meshed society, the importance of systemic causality has risen. Every cause has an immediate effect, but to believe that effect is the only consequence is increasingly a risk.

If the distance to the effect we seek is short, and that effect is the only outcome that matters, control is obviously desirable. But if the distance to the desired effect is large and filled with many connections, it’s better to collaborate and co-operate with other participants and prioritise influence over control.

Two Views of Freedom

The tension between direct and systemic causality lies at the heart of the endless debate between whether BSD-ish (permissive) approaches to software licensing are better or worse than GNU-ish (copyleft-based) ones. The GNU-ish view takes a directly causal view, believing that the freedoms of software users are so important that there should be a direct compulsion on every user to share improvements they make to code. Glyn is clearly in the GNU-ish, directly-causal camp, concerned that people may not “give back”:

“This is the classic free-rider problem that the GNU GPL was designed in part to avoid. It means that contributors to Apache-licensed projects must be willing to accept that their work may well end up in closed-source products, maybe multiple times.”

The BSD-ish view is systemic, believing that any innovative user of the code will want to add their improvements to the commons so that the community around the commons will maintain them collectively, freeing the innovator to spend time elsewhere.

This is the view the Apache Software Foundation best expresses, and it clearly works well for them. They have large numbers of participants in a large number of successful projects, and there is no “tragedy of the commons” at work – self-interest does not require selfishness. It is in the interests of every participant to contribute their work to the commons upon which the fragment of their interests relates. Doing so reduces their own costs, increases the surface upon which the community innovates and gives the maximum return. People who don’t add their work to the commons are condemned to maintain their own work, alone, for ever…

Asay makes an unwarranted leap in his description of me in his article. I am a firm believer in the concept and philosophy of software freedom, but that doesn’t mean I believe the only way to achieve it is through directly-causal compulsion. Indeed, I tend to believe that the key to a successful open source project and community is to studiously maintain equality among all the participants so that no one participant can become “more equal” than the others, giving systemic effects free rein.

Contrary to Asay’s accusations, I’m not interested in the sort of “purity tests” into which FOSS fundamentalists spiral; I do, however, object to use of the term “open source” to describe a project where the participants are not all equal-by-rule. The most important factor is not whether it’s OK for community members to create proprietary code from a project; it’s whether everyone has equal rights. I don’t believe creating artificial scarcity through proprietary code is a smart or scalably profitable action, so frankly Asay’s accusation I’m promoting proprietary development aren’t offensive; they are just irrelevant.

So Which Licence?

That’s where the argument of which license to pick needs to follow the sort of logic Carlo Daffera offers rather than the GNU-ish vs BSD-ish path. It’s hard to believe we are still having “which licence is best” arguments eleven years after the founding of OSI, but we are. Arguments over licenses rarely matter these days; all open source licenses are fully gamed. The reason collaborative projects are resurgent is not a “which licence is best” argument at all; it’s a “level playing field vs artificial scarcity” argument.

The reason I believe “Open Core” approaches will become scarcer and scarcer is that the control-freak behaviours they necessitate (like demanding copyright ownership as a precondition of community participation) just don’t lead to the greatest growth. I’m not sure I care much which licence you use, as long as everyone in your community has the same rights so that the most people possible can participate. That’s what will grow the community – and thus the opportunity – for everyone.

[First published on ComputerWorldUK]

★ Open Source Trade Associations Lack Sanctions

Software patents are broken and the only possible justification for having them is self-defence (which is itself a risky accumulation of armaments that can easily fall into the wrong hands). It seems plenty of important members of both the Linux Foundation and the Open Invention Network make public assertions claiming they believe that, so there should surely be no objection to equipping both of these trade associations with firm, meaningful sanctions.

Read on over at ComputerWorldUK.

☞ Monkey Business

  • Miguel de Icaza clarifies his comments regarding Microsoft’s handling of the open source community over the last 8 years. I find myself in complete agreement with him for once. Had Microsoft had the epiphany that open source was something it could instinctively adopt and harness at the start of the decade, the world today would be very different.

    Instead, it finds itself with a history of toxic behaviour that no amount of attempted reconciliation will quickly clear, especially while the leadership that attacked the free and open source movement is still in place. I hear the job of figurehead for their open source work is proving hard to fill, and no wonder – who wants to step in as apologist for a decade of bad faith? The mistrust is deserved and most of us won’t be as wowed by technology into easy trust as Miguel has been.

Other news:

✍ Software Freedom Has A Posse

OSfA Logo§ Software freedom has a posse – in Washington DC, at least.

You’ll recall I posted a long analysis of the sick position the IIPA took urging the US Trade Representative (USTR) to discriminate against countries around the world if they have a preference for software freedom. That analysis become an input for the excellent position statement, written collaboratively by the OSI Board and posted by OSI President Michael Tiemann, calling for action by national groups.

I hear today that this has indeed resulted in positive action in Washington DC. Campaigning group Open Source for America issued a press statement yesterday, and wrote a two page position statement that they submitted to USTR. I gather they also met personally with a USTR representative to assert the position on behalf of America’s open source communities. I’m pretty sure this is the first time open source has been actively represented in Washington – about time!

This is an excellent development – kudos to the team that made it happen. We formed OSfA so that software freedom would have a political posse in Washington DC, and this first outing has shown that was the right move.

☞ Lobbying, Marketing and Evolution

%d bloggers like this: