From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 35F1625A for ; Fri, 26 Aug 2016 15:23:46 +0000 (UTC) Received: from pure.motives.com (pure.motives.com [207.192.71.45]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5F35887 for ; Fri, 26 Aug 2016 15:23:45 +0000 (UTC) Message-ID: <1472225020.3680.8.camel@localhost.localdomain> From: Karen Sandler To: Linus Torvalds Date: Fri, 26 Aug 2016 11:23:40 -0400 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Cc: "Bradley M. Kuhn" , ksummit-discuss@lists.linuxfoundation.org Subject: Re: [Ksummit-discuss] [CORE TOPIC] GPL defense issues List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Firstly, to all as another reminder on this: please remember that this is a public list, and already a variety of industry lawyers representing a variety of interests are reading it. Linus, I'll take some inspiration from your tone: You are completely inconsistent and you exaggerate our activities. We have been committed to approaching companies in a friendly fashion and avoiding law suits at all costs. You'll note that in the years I've been Executive Director of Conservancy that there has been a single law suit that we have been connected to - Christoph's suit that we are funding. Initiating the Principles of Community-Oriented GPL Enforcement [1] and our blogpost about Patrick [2], which we also discussed, has been an important part of our work. I never said what you quote me as saying. What I did say, as you'll recall, is that allowing violations can create precedent as to norms and expectations in the field. I also said that if we don't have community-driven enforcement, we'll likely see more individual developers trying to enforce on their own, and not in a coordinated fashion. I also believe that unless we have community-driven enforcement, important issues about the GPL will be decided in cases brought by companies suing each other over their business squabbles (which we've also seen already), which really may not yield the results we want as community. When Conservancy acts either publicly or with any legal action, we do so on behalf of and in coordination with the kernel developers that are part of our coalition. We talk extensively with those developers before taking any action. Anyone who joins our coalition is part of those conversations. I think we see different parts of the compliance process. We get reports from folks that are frustrated because they can't get the code that they should be able to in order to do a particular thing that interests them. We follow those Principles, which have been endorsed by four other charities, the Netfilter team, and Harlad Welte, whose enforcement Greg lauds. I did appreciate your comments on stage at Linux and your commitment to copyleft. From where we're sitting, we see that this doesn't mean a whole lot if there's no one following up with those companies that *don't* ever hire or collaborate with upstream developers and refuse to comply. There have been in-house attorneys, developers and device users that have thanked me for our work. Those who work for software companies have told me that it gives them traction within their own companies in pushing for them doing the right thing. This is why we aim to treat today's violators as tomorrow's contributors, we keep their identities private and we insist on compliance above all else. As someone else said, "the GPL isn't magic pixie dust." James, As I told you in person, you're exaggerating what the dismissal said, and what its impact may be. As I believe you're aware, a German lawyer unconnected to Christoph's case published a memo in German about the case: http://junit.de/spezialisierung-mainmenu-12/open-source-im-unternehmen-2/662-sind-bearbeiter-von-software-zukuenftig-urheberrechtlich-schutzlos-unser-statement-zur-vmware-entscheidung-des-landgerichts-hamburg There is currently no English version, but as I understand it, this says two main points: * that the court applied standards in their analysis that have been outdated for more than 20 years. * that the court didn't process information on infringing code even though all necessary information was on the table. The author even suggests that this could violate a constitutional right. I originally started this thread when encouraged by a few kernel developers because I wanted to carefully provide information to anyone who wanted it, and hear opinions from anyone who cared to and was able to give them, in a form that what *not* publicly archived and allowed for real-time communication. I think we've gone considerably off topic :) Finally, James, Greg, you both talked about your approaches working with companies internally to keep them upstreaming and to not violate GPL. With larger, older software companies that act more rationally -- like IBM and Intel which Greg mentioned -- this work is invaluable. GPL compliance needs both types of people working on it. I agree there are some violations you can resolve that we can't using your methods, but there are also clearly many violations where your methods don't work. We want to be well-coordinated, which is why I proposed this session. karen [1] https://sfconservancy.org/copyleft-compliance/principles.html [2] https://sfconservancy.org/blog/2016/jul/19/patrick-mchardy-gpl-enforcement/