I have won Open Source Security Inc. and Bradley Sengler v. Bruce Perens on all counts. Mr. Spengler and his company have abandoned any further challenges to the case, and have been ordered to pay for my defense. Attorney Heather Meeker said This is a victory for everyone who expresses opinions about Open Source licensing law. I was sued for expressing my opinion, in this blog post, that the GRSecurity product is in violation of the GPL. This is, of course, my free speech right. I was defended by O’Melveny and the Electronic Frontier Foundation. Join EFF!
The court dismissed their lawsuit for failure to plausibly state a claim, and awarded me defense costs under California’s anti-SLAPP law. A SLAPP is a “Strategic Lawsuit Against Public Participation”, and happens when a lawsuit is brought to suppress the public speech of a person by burdening them with legal defense costs so large that they could easily bankrupt an individual. The suit brought against me was for 3 Million dollars, an amount that, if awarded, would have deprived my family of our home and driven us into poverty. Anti-SLAPP is state law. Only 29 states have one, and few states have as good a law as California. If I lived in another state, they could have succeeded! To protect your speech, we need a Federal anti-SLAPP law.
Dismissal means that the court ended the case early (two years, including the appeal, being early), after deciding that the claim was implausible, and that there was thus no reason to go ahead with the case. So we did not go through procedures that would have been in a full case, like the discovery process, and there were few rulings on facts.
There was never any legitimate reason for Open Source Security and Mr. Spengler to bring this lawsuit. During the lower court hearing, Judge Laurel Beeler said: in many ways, I’m concerned that the litigation doesn’t make sense, and she eventually dismissed the case and awarded me defense fees. A three-judge panel of the 9th Circuit Appeals Court affirmed Judge Beeler’s dismissal and award very quickly, issuing a memorandum 15 days after the appeal was heard.
I estimate that Open Source Security, Inc. lost at least $400,000 on the case, between my attorney costs and their own. I will be awarded $260,000 for my defense in the lower court case, and an amount yet to be determined for the appeal, all of which I will pay to my attorneys at O’Melveny and EFF. I need not attempt to collect the first $300,000 of those funds from Open Source Security, because of the Superscedeas Bond which the court required them to purchase on my behalf.
In the blog post that was the subject of the lawsuit, I claimed (and still do today) that Open Source Security Inc. is violating the GPL by imposing additional terms on their customers. The 9th Circuit Appeals Court confirmed: Perens’s statement that “GPL version 2 section 6 explicitly prohibits the addition of terms such as [Open Source Security’s] “redistribution prohibition” is not facially false given the Public License’s admonition that “You may not impose any further restrictions on the recipients’ exercise of the rights granted herein.”
Open Source Security’s terms tell the customer that they may exercise their GPL right to redistribute the software in the GRSecurity product, but that they will be denied any further service if they do so – potentially endangering their business. Open Source Security Inc. and their attorney Rohit Chaabra contend that their terms are legal because they have the right to deny business to anyone. I believe they cross a line into illegality when they deny services systematically to anyone who exercises a particular right.
Under Mr. Chaabra’s dangerous theory, a supermarket chain that wished to perform voter suppression could strategically select neighborhoods that are likely to vote against their desires, and inform the inhabitants that they would not be allowed to purchase food if they exercised their right to vote. If allowed, Mr. Chaabra’s theory could be used to suppress any right at all, as business owners desire. With technologies like facial recognition, this strategy could be made efficient and would present a great threat to democracy.
Open Source Security and Mr. Chaabra claim that Red Hat uses the same strategy of suppressing distribution of their modifications to GPL software. This is clearly and visibly not so. While Open Source Security operates to prevent the distribution of their modifications to the GPL source code of the Linux kernel, Red Hat themselves distributes the entire source code to Red Hat Enterprise Linux under the Centos brand, and their programmers contribute their modifications to the Linux kernel back to the kernel project using the conventional git mechanism. They need not ever suppress a customer from distributing GPL source code, since they do it themselves. Red Hat continually makes significant contributions to Open Source software available to the public, while it is the policy of Open Source Security Inc. to make their modifications available only to customers.
My lawsuit was in federal, rather than state, court because Mr. Spengler and Open Source Security, Inc. filed their suit from Pennsylvania, and I reside in California. Because the suit spanned two states, which is called diversity jurisdiction, the federal court handled the case, interpreting the state laws of California while using evidentiary rules of the federal court. This made the case more complicated, expensive, and protracted than a SLAPP suit brought directly in California, which would probably have been dismissed swiftly.
Mr. Chaabra also made the case significantly more expensive by filing flurries of complicated motions, with varying arguments, some before my attorneys even had a chance to respond to the previous one. Ultimately, his own customer paid the price of this unnecessary complexity, with the burden of Mr. Chaabra’s bills and those of my attorneys as well. It’s important to note that although the Electronc Frontier Foundation is a non-profit, they have the right to bill Open Source Security, Inc. and Mr. Spengler for their defense of me, rather than be depleted of their funds by every party that would suppress the rights that EFF defends.
Mr. Chaabra has been a patent attorney before this case. I can’t find any evidence that he has brought a defamation case before this one. He lists no cases on his own web site, and despite repeated searches, I have not been able to find any cases at all in which he has participated. My personal perception is that the lower court was very tolerant of what I saw as procedural errors by Mr. Chaabra, as if he was a pro se plaintiff, someone who goes to court without a lawyer. But Mr. Chaabra is very definitely licensed to practice law in California. I noted a number of things that I feel are mistakes in his handling of the case:
- That he brought a case that ultimately lost his own customer around $400K, in my estimate. Given the California anti-SLAPP law, and the ease with which both courts dismissed the case, I feel Mr. Chaabra could have known, and in my opinion should have refused to take the case even if his customer was adamant about bringing it.
- A significant strategy in Mr. Chaabra’s case was to prompt the court to decide the copyright issues in a defamation case, in order to label my past claims about the copyright issues as false and thus defamatory, even though there were no such findings at the time I made the claims. The lower court rejected this circular strategy. The appeals court, perhaps in annoyance at this strategy, verified that the GPL rejects additional terms, and left it to a copyright court to decide how this effects the terms used by Open Source Security, Inc.
- Mr. Chaabra filed a claim of “False Light” on behalf of Open Source Security, Inc. False light is privacy law: when a private person who has no expectation of publicity – being regarded by the general public – is “brought into the light” by a defamatory claim, that is “False Light”. California does not allow a company to file False Light, only individuals, and Mr. Chaabra might have been expected to know that.
- When the court rejected Mr. Chaabra’s False Light claim, Mr. Chaabra preserved the claim by joining Mr. Spengler to the case as a plaintiff, rather than drop the claim.
- This pierced Mr. Spengler’s corporate veil, since he had previously filed the suit as his corporation, and thus only that corporation was liable for the fees for my defense. After Mr. Chaabra joined Mr. Spengler to the case as an individual, Mr. Spengler no longer had his corporate protection, and became personally liable for the cost of my defense under the anti-SLAPP law.
- It was entirely unnecessary for Mr. Chaabra to preserve this False Light claim at his customer’s peril, since False Light claims are considered duplicative of defamation claims under California case law, and are heard and rejected together.
- It was also unlikely that Mr. Chaabra could ever have proven Mr. Spengler to be a private person who could make a False Light claim, since he is featured extensively in a number of national press interviews and, as CEO, is the spokesperson for his company.
- Here’s what I call the $300,000 mistake: During the appeal hearing, in the video at 13:13, Judge Nelson gave Mr. Chaabra a chance to argue against awarding me defense fees at all. Mr. Chaabra did not seem to understand the question, and instead of answering it, argued that the amount of the fees my attorneys requested was incorrect. Finally, Mr. Chaabra realized that he might not have understood the question, and asked Judge Nelson if he was giving the answer that the Judge wanted. Rather than explain the question again in the little time Mr. Chaabra had to argue, Judge Nelson simply told him to go ahead.
- Mr. Chaabra pursued the appeal, rather than refusing to take it on despite how adamant his customer might have been, in the face of facts that I believe made it’s success unlikely, and thus the expense and delay unwarranted.
- Lower court Judge Laurel Beeler, whom Mr. Chaabra accepted to handle the case, was the Civil Appeals Division Chief at the Ninth Circuit’s Office of Staff Attorneys, before she was made a federal Magistrate Judge. If any lower court judge could have known exactly how to handle a case so that it would be affirmed by the 9th Circuit Appeals Court, that would be Judge Beeler! Her reversal rate by that appeals court is correspondingly low. Thus, Mr. Chaabra should have understood that the potential for an appeal to succeed was unlikely. Since she is a Magistrate Judge, appointed by other judges rather than the President of the United States, parties in a case are given the choice to accept or reject her. Mr. Chaabra could have rejected her before the lower court case started, giving him a greater potential to win any later appeal.
- Given the ease with which Judge Beeler rejected the case, and her comment to Mr. Chaabra during the hearing that in many ways, the case doesn’t make sense, I believe that Mr. Chaabra could have understood how unlikely it was for an appeal to succeed, and could have spared his client the expense and delay.
- Mr. Chaabra filed flurries of motions with complicated and varying arguments, which you can read in the archive of the case. This is sometimes done to overwhelm the defendant with legal costs and the complexity and length of the case. Ultimately, his own customer had to pay for him to write them, and for my attorneys to read and respond to each one.
- And finally, the court rejected Mr. Chaabra’s arguments. Although lawyers can’t possibly win every case, customers like lawyers who win. Where are the cases that Mr. Chaabra has won, since 2011 when he was admitted to the bar? Not on his web site. So far, I can’t tell that there are any.
This was a defamation case, and thus there was never any expectation that the court would make any findings about copyright law. However, the appeals court, almost in passing, confirmed that my claim that the GPL explicitly rejects additional terms is facially true. Meaning that yes, that’s exactly what the GPL says. They left it to a copyright court to interpret what that means regarding Open Source Security’s additional terms.
Thus, a copyright infringement case against Open Source Security, Inc., and its customers as contributory infringers, is at least as possible today as it was before they brought the defamation case against me. Obviously, I would be happy to testify in such a case, or to be a strategic consultant. For free.
Any party which owns a portion of the copyrights to the Linux kernel can bring such a lawsuit. That is very many companies and individuals. Thus, it is likely that we could see such a case in the future.
Open Source Security Inc. and Mr. Chaabra are attempting to clean up their perception after the fact: They claim that it wasn’t ever a 3 million dollar lawsuit against me at all. Instead, they claim, the suit was against me and 100 John Does – anonymous people. It is normal legal practice to bring a lawsuit against the actual party being sued and some number of John Does, so that additional defendants can be attached to the case at any time. These anonymous people rarely become a real part of the case, and none of the John Does were ever named during the lawsuit. I was the sole defendant for the 3 million dollars. Open Source Security Inc. might have tried to name the company that provided my web service, had they figured out who it was – but of course I have my own server, so that would have been me. They complained that my site was proxied by Cloudflare, so that they couldn’t determine the internet provider. And they never tried to name Cloudflare.
In the aftermath of the case, Open Source Security and Mr. Chaabra have now decided that if they can’t win their defamation case against me, they can do their best to FUD me and insult my character. Not that they get much attention. Oops, it seems that Mr. Chaabra may have missed the fact that Mr. Spengler and his company are not protected by Pennsylvania’s weak anti-SLAPP law, which applies only to environmental issues. Perhaps he should join me in calling for a federal anti-SLAPP law.
I have done my best to provide you with everything necessary to form your own opinion. I am not relying on any “hidden facts”, if you can’t find it here, assume it doesn’t exist. And of course, this is all my opinion. I am not an attorney, and you should consult your own attorney who is contracted for you for legal advice. Please show him or her this article.