When a manufacturer chooses -- or is led to choose by lack of information -- to distribute such software without passing on the source, the community faces a real loss.
The Software Freedom Conservancy does a valuable job in this area. Its action has provided manufacturers with an education on the subject of compliance, and it has created an environment where best practices are observed by them. Almost every intervention results in the vendor's compliance; only one of its cases has gone the distance, out of about 100 interventions per year, Kuhn says.
Debunking the false controversy
Why is there controversy? In short, self-interest -- on the part of the proprietary vendor community.
Remember: As a user of open source software, there are no conditions of any kind set on your use; you are free to work with it for any purpose. There is no compliance requirement. Pause and reflect on that for a moment.
Open source does not place a compliance burden on the user, does not mandate acceptance of an end-user license agreement, and does not subject you to para-police action from the BSA. That is a significant advantage, and there's no wonder proprietary vendors want to hide it from you and make you think open source licensing is somehow complex, burdensome, or risky.
But it's not:
- If all you want to do is use the software -- which is all you are allowed to do with proprietary software -- and the other three freedoms are entirely absent, then open source software carries significantly less risk.
- If you move beyond use of the software and study the source code, there is also no compliance burden. There is no risk associated with using the knowledge you gain for other purposes. You do not become tainted in some way, and there is no need to create a "clean room" environment when you build related software using that knowledge.
- If you move beyond studying the code and actually modify it, there is no compliance burden. You are free to use the modified version in any way you want, both personally and in your business. There is no need to account for your use, no need to send your improvements somewhere else, and no requirement that you participate in the community. Of course, if you don't do these things, you won't get all the benefits associated from joining the community. All the same, the choice remains yours.
- If you move beyond modifying the code and decide to distribute the software, there may be compliance issues with the open source license. But you only need to verify that you are passing on the same rights to others as you received with the original code.
Even then, not all open source licenses place significant responsibilities on you. Licenses like the Apache, BSD, MIT, and X11 licenses are extremely easy to comply with, and the CDDL and the Mozilla license involve negligible housekeeping if you are participating in an open source community; simply committing code back to the community repository is likely to be enough. Only strong copyleft licenses like the GPL family need an audit process, and it's no more burdensome for most of us than the sort of tracking we do anyway in our version control system.
Should enterprise software users worry about open source license compliance? Obviously, respecting authors and obeying the law are important, but for most of us the answer is no. While the Software Freedom Conservancy is serving us all by keeping electronics manufacturers honest, the rest of us can use open source as a way to relax about license compliance rather than worry about it.
This article, "Why the GPL licensing cops are the good guys," was originally published at InfoWorld.com. Read more of the Open Sources blog and follow the latest developments in open source at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.