Understanding the Red Hat – IBM – Google – Facebook GPL Enforcement Announcement

On November 27, Red Hat, IBM, Google, and Facebook announced that they would give infringers of their GPL software up to a 30-day hold-off period during which an accused infringer could cure a GPL violation after one was brought to their attention by the copyright holder, and a 60 day “statute of limitations” on an already-cured infringement when the copyright holder has never notified the infringer of the violation.  In both cases, there would be no penalty: no damages, no fees, probably no lawsuit; for the infringer who promptly cures their infringement. I’ll discuss this in a question-and-answer style:

Q: Does this change any court case involving the GPL that is presently in progress? A: No. Red Hat, IBM, Google, and Facebook are not known to be involved in any recent cases of enforcing their copyrights on any software under the GPL license. Red Hat once suggested that it could enforce the GPL against patent aggressors, but I am not aware of any cases in which they have done so.

Q: Does this change the way that GPL license on Linux or any Open Source program will be enforced? A: That’s unlikely. It is not in the interest of those four companies to become involved in enforcement of the GPL license in the future. Thus, their promise to allow an infringer to cure their infringement within certain time limits is irrelevant. Red Hat and IBM would rather sell Linux systems than make their customers afraid by bringing lawsuits. Google and Facebook have bigger fish to fry.

Q: Does anyone else have to provide the same time limits? A: No. The companies involved in the announcement are not the entities that bring GPL enforcement lawsuits. There are thousands of copyright holders in the Linux kernel who could theoretically bring a lawsuit, and perhaps one hundred thousand authors of GPL-licensed software other than Linux (but which might be included as part of a typical Linux system). None of those parties are compelled by today’s announcement. But in general those parties have been voluntarily waiting much longer for infringements to be cured without penalties.

Q: Does their announcement comply with the Principles of Community-Oriented GPL Enforcement drafted by the Software Freedom Conservancy? A: Sort of. It’s obviously inspired by them and by a previous announcement by the kernel team which is also inspired by SFC’s principles but doesn’t mention them. The Open Source developer community in general doesn’t just wait 30 days for an infringer to cure their infringement without any penalties. Historically, they’ve waited much longer and the community principles do not specify any particular duration. The infringements of some of my compliance customers would have been impossible to resolve in just 30 days. Some cases have been settled quietly after more than a year in progress, without any cost, or perhaps only a reasonable compliance auditing fee. One of my customers, a Fortune 100 company, was asked to pay $5000 in auditing fees in resolution of a GPL infringement in a Billion dollar product line. Current infringers may be asked for more simply because these cases are expensive to pursue, but in general the community prioritizes compliance over income and does not ask for huge damages as a company in the proprietary software industry would.

Q: Why was today’s announcement made? A: The companies are concerned by one person, Patrick McHardy. I have no personal knowledge of this, but attorney Heather Meeker has documented it. It is said that he has brought about 50 copyright infringement claims regarding the Linux kernel, with intent to collect income rather than simply obtain compliance with the GPL license. Pretty much everyone in the Open Source community and the companies involved all object to this behavior. Me too. But as far as I can tell, it’s McHardy’s legal right to bring such claims regarding the copyrights which he owns, even if it doesn’t fit Community Principles which nobody is actually compelled to follow. The big companies and community members (and I) wish to discourage McHardy and other parties who might wish to become “copyright trolls” in a similar style and exact damages out of unintentional infringers of GPL-liccensed and other software.

Q: Did the Linux Kernel Team make a similar announcement to that of the four companies? A: Yes. Here’s what they had to say. It is probable that in the future the kernel team will stop accepting contributions from people who don’t sign on to the policies at that link. They have presently excluded Mr. McHardy from the kernel team. But it’s important to note that there is lots of existing work in the kernel by copyright holders who are not required to comply with those principles, and the copyright holders all of the GPL software other than the kernel (a larger body of software than the kernel by far) are not required to comply with those principles.

Q: Is it true that the principles the four companies announced today are taken from the GPL 3 license, but they are applying them to GPL 2? A: Yes. If your software is under GPL 3, the same waiting periods that the four companies have promised are required. Thus, it is ironic that when originally presented with the opportunity to apply the GPL 3 to Linux, Linus Torvalds and the Kernel team were quite hostile about it, while the kernel team’s recent announcement attributes the principles they have adopted to the text in GPL 3. Perhaps they’ve learned something since those hostile moments.

Q: I have more questions. A: Send them to bruce at perens dot com.

What Happened to SpaceX’s Zuma Mission? Was It Ever For Real?

The Zuma mission was always mysterious. Now, there’s reason to wonder if it was ever even real.

SpaceX announced on October 16 its mission to launch a secret government satellite built by Northrop-Grumman. It was scheduled to launch within 30 days of the announcement. Keeping a mission secret until the last month before launch was unprecedented for SpaceX, even for previous secret government satellite launches, which had been listed on its launch manifest for years.

Just before Zuma was ready to launch, SpaceX announced that the launch was cancelled via twitter: Standing down on Zuma mission to take a closer look at data from recent fairing testing for another customer.

Subsequently, the Zuma mission was removed from the famous NASA Pad 39a, and returned to the SpaceX garage. SpaceX resumed construction work on Pad 39a to remove the  huge rotating Space Shuttle enclosure and to ready the pad for the three-booster Falcon 9 Heavy demonstration launch. This indicated that there would be no Zuma launch soon. No new launch date has been announced.

So, if we are to take SpaceX’s tweet at face value, SpaceX has suffered a serious failure during testing of its fairing, the “nose cone” of the rocket used to shield a satellite from the atmosphere during launch, which has delayed the Zuma mission until the failure can be understood and corrected.

The next expected SpaceX launch, a cargo launch to ISS expected to fly from Pad 39a on December 4, won’t use the fairing, which is only for satellite launches. Cargo launches to ISS use the Dragon space vehicle. So, this mission would not be delayed.

Since there’s an Iridium satellite launch using the fairing scheduled for December 22 at Vandenberg, we’ll see in a month or so if the fairing problem is so large that it delays further launches. Changes in the fairing could be visible in the launch video, expect space aficionados to pour over that video frame-by-frame.

But there’s another possibility: That the Zuma mission was never real.

Why would SpaceX bring a rocket to the pad on a short schedule only to never launch it? Perhaps the actual mission was to see if SpaceX could put together a launch on a short-enough schedule to satisfy strategic requirements of the government. In tense times a satellite might have to be launched on a short schedule in order to view a country we want a really good look at with special instruments: say, North Korea. Or a failed military satellite might have to be replaced with a standby unit in a big hurry.

If the Zuma mission actually was a test of SpaceX’s ability to launch on a short schedule, they probably passed the test. They put a rocket with what might have been a mock-up satellite on the pad on a short public schedule and test-fired it. We have no idea, of course, of how long SpaceX actually knew about this mission.

And of course the government could have other reasons to delay a spy satellite launch, which we’d never hear of.

SpaceX still has the functioning rocket to satisfy another mission, so if Zuma was never meant to happen, the government might not have had to pay as much as they would for an actual launch. Government launches and launch simulations are still significantly more expensive than civilian ones, due to the vastly increased administrative requirements when working for the government: tests, paperwork, accounting, etc. that a civilian launch customer would not require.

SpaceX fans obsessively track the serial numbers of boosters (seen near the tail fin on the first stage) from the SpaceX factory in California to its test site in Texas to launch in Florida or California. They might catch on if the Zuma booster is eventually used for another mission. Or SpaceX could repaint the serial number to confuse them.

We should know more soon. Perhaps Zuma will launch.


ARRL Board Publicly Censures Southwestern Division Director

The ARRL board held a special meeting via teleconference on November 14 at 9PM (Eastern) and publicly censured Southwestern Division Director Richard Norton N6AA.

I only have the board meeting minutes and the ARRL Board Director Code of Conduct which was cited. But from what I read here (and you can read it for yourself below), it’s clear that  Richard Norton publicly dissented against an ARRL board decision at an Amateur Radio meeting (Hamcon? Pacificon?), resulting in this censure.

While ARRL directors can argue with each other in private meetings, ARRL wants all directors to  publicly represent ARRL as a bloc, and does not tolerate it if one director publicly opposes some action of ARRL.

So, the members get minutes with bald notices of how directors voted upon a motion, but no transparency to a director’s own sentiment and rationale regarding any particular action. Of course, such information would usefully inform us when we vote for ARRL directors, thus the fact that it is concealed is troubling. Obviously, by doing this ARRL largely keeps the membership from being active in ARRL politics. Troubling indeed.

Here are the relevant minutes of the board meeting:

4. Mr. Carlson, moved, seconded by Mr. Lisenco that:

Whereas, Mr. Richard Norton, N6AA, publicly criticized the ARRL Code of Conduct for Board members at a public Amateur Radio gathering by virtue of his characterizations thereof, thus criticizing publicly the collective action of the Board of Directors adopting said Code of Conduct and drawing the Board’s collective decision making into disrepute, in violation of multiple portions of the Code of Conduct, including but not limited to Sections 1.b. and 8.a, 8.b., 8.d; and 8.f; and Whereas, Mr. Norton has been cautioned by Board members that his actions and his manner in the above respects are not acceptable and cannot continue, with no notable change in his behavior since that time; and

Whereas, Mr. Norton has been given a copy of the Recommendation of the Ethics and Elections Committee dated September 7, 2017, and has responded to it and tendered to the Board of Directors four statements of ARRL members in support of his response;

Now, therefore, the Board of Directors having considered the recommendation of the Ethics and Elections Committee at a Special Meeting of the Board of Directors duly called for the purpose of considering the actions of Mr. Norton and an appropriate remedy therefor, and in view of the information before it and taking into account Mr. Norton’s response and his submissions in response thereto, finds that there exists sufficient cause (i.e. a material violation of the ARRL Code of Conduct that has caused harm to the League) to publicly censure Mr. Norton for his unacceptable behavior as an ARRL Board Member, and Mr. Norton is admonished by the Board that no further, similar behavior will be tolerated. That action is so ordered.

After discussion and a roll call vote being requested, the motion was ADOPTED by a vote of 11 Aye, 3 Nay and 1 abstention with Directors Carlson, Olson, Norris, Williams, Lisenco, Blocksome, Frenaye, Pace, Boehner, Allen and Sarratt voting aye, Directors Abernethy, Norton and Woolweaver voting nay, and Director Vallio abstaining.

Here are the cited sections of the ARRL Board Director Code of Conduct:

1(b). A Board member should take no action that could adversely affect the reputation or credibility of the ARRL, or discourage membership in the organization.

8(a). A Board member, as a leader in Amateur Radio, is encouraged to be an ambassador and an advocate for ARRL and, subject to the Confidentiality Standard of this Code of Conduct, to publicly promote the activities and actions of the organization with the ARRL membership. In doing so, a Board member must act at all times faithfully to the intent of the Board as expressed in its official statements, and should not reinterpret or re-characterize the Board’s actions to reflect his/her own view or the views of any other Board Member.

8(b). While having the right and responsibility to exercise independent judgment and to express dissenting opinions during Board deliberations, a Board member also has the obligation outside the Boardroom to respect and support final decisions of the Board, even when the Board member dissented from the majority view.

8(d). A Board member must not take actions publicly or with respect to the ARRL membership that have the purpose or effect of undermining or discrediting the decisions or actions of the Board.

8(f). A Board member may not publicly oppose a Board action prior to the effective date of his or her resignation from the Board.

Source Material:

About The Lawsuit: May I Please Introduce My Wonderful Legal Team!

As you probably know, Open Source Security, Inc., and their CEO Mr. Bradley Spengler have sued me for defamation and half a dozen other things. It is obvious legal hygiene not to talk about a lawsuit in process. Meanwhile, you can follow the suit on Pacer, and please allow me to introduce my legal team!

I am incredibly pleased and impressed with my team and their firm O’Melveny. They have done superb work, assembled a very strong case for me, and are a pleasure to work with!

Heather Meeker and I first met about two decades ago and have had a business relationship for a decade. She’s the best attorney for any Open Source matter. I have often worked for her and her clients. So, it was natural that I would turn to Heather when I needed legal assistance. Heather is the author of Open (Source) for Business: A Practical Guide to Open Source Software Licensing — Second Edition and three other books.

Melody Drummond Hansen is a senior attorney at O’Melveny who was an obvious choice because of her previous experience with defamation cases. Because of Melody’s participation, my case is strong and I feel very secure.

Cara Gagliano got her J.D. in 2015 and has already built an impressive portfolio of cases. She does much of the research and writing for my case, and of course has the assistance of Melody and Heather. Cara is doing superb work! I could not ask for better.

Heather, Melody, and Cara are assisted by Marissa Rhoades and Eric Ormsby.

Finally, I have to thank their families, who have supported them while they burn midnight oil on my behalf.

I am so lucky to have all of these excellent people helping me.

Linux and Free Software Organizations at War With Each Other

In Monty Python’s Life of Brian, the Judean People’s Front hated the People’s Front of Judea. Unfortunately, it’s not at all funny when two similarly-named organizations in the Linux world battle with each other.

The Software Freedom Conservancy (SFC) holds the copyright interest for a long list of highly-respected Free Software / Open Source projects, serves as an IRS-certified 501(c)3 non-profit so that those projects don’t have to, provides the projects with legal and organizational advice, and when necessary enforces against those who infringe on their copyrights and the Free Software / Open Source licenses, including the GPL. You may know SFC’s officers Karen Sandler and Bradley Kuhn.

A similarly-named organization funded by the Linux Foundation, the Software Freedom Law Center (SFLC), has asked the US Patent and Trademark Office to void the trademark on SFC’s name.

The bizarre thing about this is that SFLC started SFC, acted as their attorney in filing the very same trademark on their behalf, and was their law firm for several years. And Linux Foundation originally funded both organizations, but now appears to be behind this action of one against the other.

This follows a decade-long trend during which I believe the Linux Foundation, and SFLC on their behalf, have turned against the Free Software / Open Source community. I believe this action is part of a greater war being carried out by the Linux Foundation against enforcement of the GPL license by the Free Software / Open Source developers.

There has always been a tension between independent Free Software / Open Source developers on one side, and the largest corporations that use the software (and sometimes participate in its development) on the other.

Independent Free Software / Open Source developers don’t produce their software as corporate welfare to the world’s richest corporations, or to facilitate the development of proprietary software by those companies. They make it so that Free Software and Open Source will be larger. Their preferred license is the GPL, which enforces share-and-share-alike terms that mean corporations must participate under the developers rules, or not at all.

The corporations would prefer to see the developers give up their GPL license and its “inconvenient” sharing rules, and make the software an outright gift. That way, the independent developers would act more like unpaid employees of the corporations.

On actual Free Software / Open Source projects, the corporations and independent developers get along, because the corporations are represented by their programmers, whose main interest is in making good software, just as the independent developers wish. It’s in the industry organizations, where the representatives are not the programmers, that the problems come up.

Linux Foundation started with a promise to represent the interest of the independent Linux developers as well as the corporations, but over the past decade, all developer representation was eliminated.

SFC also changed during this time, from a volunteer-only corner of SFLC with most of its volunteers coming from the Free Software Foundation, to its own organization with a full-time staff, supporting a long list of Free Software / Open Source organizations, and still with a strong bond to FSF. SFLC endorsed this change.

The disconnect started when SFC began enforcement of the GPL license against VMware on behalf of Free Software / Open Source developers. It had been suspected for years that VMware had incorporated portions of Linux in their ESX software, in an infringing manner. But VMware was at the time a “silver sponsor” of Linux Foundation, and Linux Foundation halted financial support of SFC in retaliation for the GPL enforcement. SFC responded with a fund drive and gained new private sponsors.