Worked my first GPL enforcement case in 1999 (as FSF volunteer).
Started working for FSF in 2000 (until 2005).
Worked at SFLC from 2005–2010.
Now: Executive Director of Software Freedom Conservancy & on Board of Directors of the FSF.
Plurality of my time since 1999 has been spent on GPL enforcement.
Through the eyes of a GPL enforcer …
Mine are the stories of the latter.
Copyright: the internationalized standard for authors’ controls over works.
Use copyright license to grant permission.
Make permission conditional on giving your downstream the four freedoms.
This is the copyright law hack of copyleft.
Copyright rules require compliance with the license.
GNU Emacs: was the first GPL’d program.
AFAIK Emacs’ copyleft never been violated.
From: bpal…@bbn.com (Brian Palmer)
Subject: Objective Gnu?
Date: 19 Sep 89 15:36:16 GMT
In “The NeXT Book” by Bruce Webster, he says: (page 134):
Objective C is based on the Gnu C compiler developed by Richard Stallman. Release 0.9 has merged the Objective C syntax with the the Gnu C compiler to speed up compilation and to produce faster, more efficient code.
Are they using FSF software in their product? Or is Webster just badly explaining the situation … and Objective C is just preprocessing and passing C to gcc.
Otherwise Gang, I see a Copyleft violation right?
Subject: Objective-C front end for GCC from NeXT
Date: 21 Sep 89 01:01:50 GMT
In response to Steve Simmons’ inquiry about an Objective-C front-end for GCC, NeXT will be making our modifications to GCC for Objective-C available very soon.
Once GCC–1.36 is released (any day now), I will create a patch kit which will be announced on this mailing list. (The modifications are very small.)
A long time ago, in a city far far away, the Empires had taken GNU tar and placed it into proprietary backup solutions. A small band of freedom fighters enforced the GPL to liberate users who were oppressed by the proprietary nature of GPL violators.
Tape backup systems essential in late 1990s.
Many companies made forks of GNU Tar, and violated.
Sysadmins were good at finding these violations.
All but one violator came into compliance.
Last GNU tar enforcement I ever did was circa mid–2002.
Company decided to remove tar & rewrite rather than compliance.
Lawyers told me courts are unlikely to order a source release as a remedy.
Spring 2003: dozens of reports on WRT54G.
Discussions begin with Cisco (who’d bought Linksys just weeks before)
Story hits slashdot on 2003–06–08
FSF represents the coalition.
Broadcom is discovered as upstream.
WRT54G source is released (but wireless driver kept proprietary).
Broadcom argues FCC prohibits; FSF agrees not to pursue (can’t really anyway).
WRT54G releases spawns OpenWRT community.
Harald is frustrated.
FSF was initially shy about lawsuits.
Harald disagreed with FSF strategy (in hindsight, he was right).
launches multiple lawsuits in Germany (about 8 between 2005–2008).
Quite successful, although has in some cases, courts only grant injunction.
Embedded systems become major part of industry.
GCC is the best compiler.
Many companies start making GCC-based toolchains.
Focus of post-WRT54G enforcement at FSF.
FSF had hoped to raise funds “certifying compliance”.
You can’t break even on this for less than $10,000/release.
No one is willing to pay (still true today, AFAICT).
Those who’d know enough to buy services think they’ll get away with violations anyway.
No one in non-profits is getting rich from this.
There must be a deterrent.
Non-profit enforcement == accountability.
Confidentiality is something violators ask for.
Proprietary relicensing (by holding all copyright).
GPL enforcement with profit as its primary (and only?) goal.
MySQL would shake down GPL users to buy proprietary licenses they didn’t need.
I wish I’d identified this as corruption sooner.
Erik asks for help.
Conservancy becomes his enforcement agent (& receive some others’ © assignment)
2003–2004: all embedded consumer devices are VxWorks.
Circa late 2004, BusyBox/Linux & GNU/Linux slowly becomes the Linksys default again.
FSF finally gets fed up and sues.
One wonders: Why don’t these companies just come into compliance before getting sued?
When I said that I was king of forwards, you got to understand that I don’t come up with this stuff. I just forward it along. You wouldn’t arrest a guy who was just passing drugs from one guy to another.
— Michael Scott, The Office (USA Version)
I’d be the worst police officer in the world.
Me: “Please, just tell me on the record your supplier violated when distributing to you.”
Them: “We’ll work with our upstream to get into compliance.”
Sure, I’ve got the sources.
But, can I build it in the same way the company did?
If I get it built, can I install it?
By the time I get all that working, will the device be discontinued?
Will they get away with it if they do, only to violate in the next product line?
In the age of the embedded device, copyleft seeks to answer these questions correctly.
For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
“the scripts to control…” gets us close.
It handles most of the issues.
“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information.
In my view, just clarifies GPLv2’s terse wording.
In any event, it makes it certain.
This is one of the reasons projects should upgrade to GPLv3.
Matthew Garrett: Android device compliance.
FSF’s queue as long as Conservancy’s.
GPL Violations are everywhere.
Presentation and slides are: Copyright © 2008, 2009, 2010, 2011 Bradley M. Kuhn, and are licensed under the Creative Commons Attribution-Share Alike (CC-By-SA) 3.0 United States License.
Some images included herein are ©’ed by others. I believe my use of those images is fair use under USA © law. However, I suggest you remove such images if you redistribute these slides under CC-By-SA-USA 3.0.