website/www/conservancy/static/copyleft-compliance/principles.html

198 lines
11 KiB
HTML
Raw Normal View History

{% extends "base_compliance.html" %}
{% block subtitle %}Copyleft Compliance Projects - {% endblock %}
{% block submenuselection %}CopyleftPrinciples{% endblock %}
{% block content %}
[
<a href="/copyleft-compliance/principles.cn.html" lang="zh-CN">简体中文版 (Chinese)</a>
| <a href="/copyleft-compliance/principles.kr.html">한국어 판 (Korean)</a>
]<br/>
<h1>The Principles of Community-Oriented GPL Enforcement</h1>
<p>The GNU General Public License (GPL) is the principal copyleft
license. Copyleft is a framework that permits ongoing sharing of a
published work, with clear permissions that <em>both</em> grant
<em>and</em> defend its users' freedoms &mdash; in contrast to other
free licenses that grant freedom but don't defend it.
Free software released under the GPL is fundamental
to modern technology, powering everything from laptops and desktops to
household appliances, cars, and mobile phones, to the foundations of
the Internet. Following the GPL's terms is easy &mdash; it gets more
complicated only when products distributed with GPL'd software also
include software distributed under terms that restrict users. Even in
these situations, many companies comply properly, but some companies
also try to bend or even break the GPL's rules to their perceived
advantage.</p>
<p>The Software Freedom Conservancy leads worldwide efforts to
ensure compliance with the GPL family of licenses. Conservancy has enforced
the GPL for many of its member projects since its founding in 2006. Conservancy also helped
published, and hosts, <a href="https://copyleft.org/guide/"><cite>Copyleft and the GNU
General Public License: A Comprehensive Tutorial and Guide</cite></a>
(often called the &ldquo;Copyleft Guide&rdquo;),
which includes sections such as
&ldquo;<a href="https://copyleft.org/guide/comprehensive-gpl-guidepa2.html#x17-116000II">A
Practical Guide to GPL Compliance&rdquo;</a> and
&ldquo;<a href="https://copyleft.org/guide/comprehensive-gpl-guidepa3.html#x26-152000III">Case
Studies in GPL Enforcement</a>&rdquo;. Those sections explain the typical process
that Conservancy follows in our GPL enforcement
actions. (A Shorter descriptions of these processes appeared in <a href="https://sfconservancy.org/blog/2012/feb/01/gpl-enforcement/">earlier blog post</a>.)</p>
<p>As stalwarts of the community's freedom, we act as a proxy for users when
companies impede the rights to copy, share, modify, and/or
redistribute copylefted software. We require all redistributors to
follow the GPL's requirements in order to protect all the users' freedom,
and secondarily to support businesses that respect freedom
while discouraging and penalizing bad actors.</p>
<p>Copyleft is based on copyright; it uses the power of copyright to
defend users' freedom to modify and redistribute rather than to hinder
modification and redistribution. A traditional copyright license is
violated by giving the work to others without permission; a copyleft
license is violated by imposing restrictions to <em>prevent</em>
further redistribution by others. Nevertheless, with their basis in copyright law,
copyleft licenses are enforced through the same mechanisms &mdash; using
the same vocabulary and processes &mdash; as other copyright
licenses. We must take care, in copyleft enforcement,
to focus on the ultimate freedom-spreading purpose of copyleft,
and not fall into an overzealous or punitive approach, or into
legitimizing inherently unjust aspects of the copyright regime.
Therefore Conservancy does enforcement according to community-oriented
principles originally formulated by other community leaders in 2001.
</p>
<h4>Guiding Principles in Community-Oriented GPL Enforcement</h4>
<ul>
<li><strong>Our primary goal in GPL enforcement is to bring about GPL
compliance.</strong> Copyleft's overarching policy
goal is to make respect of users' freedoms the norm.
The GNU GPL's text is designed towards this end.
Copyleft enforcement done in this spirit focuses on stopping
incorrect distribution, encouraging corrected distribution, and
addressing damage done to the community and users by the past
violation. Addressing past damage often includes steps to notify those
who have already received the software how they can also obtain its
source code, and to explain the scope of their related rights. No
other ancillary goals should supersede full compliance
with the GPL and respect for users' freedoms to copy, share, modify
and redistribute the software.
</li>
<li><strong>Legal action is a last resort. Compliance actions are primarily
education and assistance processes to aid those who are not following the
license.</strong>
Most GPL violations occur by mistake, without ill will.
Copyleft enforcement should assist these distributors to
become helpful participants in the free software
projects on which they rely. Occasionally, violations are intentional
or the result of severe negligence, and there is no duty to be
empathetic in those cases. Even then, a lawsuit is a
last resort; mutually agreed terms that fix (or at least cease)
further distribution and address damage already done are much better than a battle in court.
</li>
<li><strong>Confidentiality can increase receptiveness and
responsiveness.</strong> Supporters of software
freedom rightly view confidentiality agreements with
distrust, and prefer public discussions. However, in compliance
work, initiating and continuing discussions in private demonstrates
good faith, provides an opportunity to teach compliance without fear
of public reprisal, and offers a chance to fix honest mistakes.
Enforcement actions that begin with public accusations are much more
likely to end in costly and lengthy lawsuits, and less likely to achieve the
primary goal of coming into compliance. Accordingly, enforcers should,
even if reluctantly, offer confidentiality as a term of settlement. If
it becomes apparent that the company is misusing good faith
confidentiality to cover inaction and unresponsiveness, the problems
may be publicized, after ample warning.</li>
<li><strong>Community-oriented enforcement must never prioritize
financial gain.</strong>
Financial penalties are a legitimate tool to achieve compliance when
used judiciously. Logically, if the only penalty for violation is
simply compliance with the original rules, bad actors will just wait
for an enforcement action before even reading the GPL. That social
model for copyleft and its enforcement is untenable and unsustainable.
An enforcement system without a financial penalty favors bad actors
over good ones, since the latter bear the minimal (but non-trivial)
staffing cost of compliant distribution while the former avoid it.
Copyright holders (or their designated agent) therefore are reasonable
to request compensation for the cost of their time providing the
compliance education that accompanies any constructive enforcement
action. Nevertheless, pursuing damages to the full extent allowed by
copyright law is usually unnecessary, and can in some cases work against
the purpose of copyleft. </li>
<li><strong>Community-oriented compliance work does not request nor accept payment
to overlook problems.</strong>
Community-oriented enforcement cannot accept payments in exchange for
ignoring a violation or accepting incomplete solutions to identified
compliance problems. Ideally, copyright holders should refuse any
payment entirely until the distributor repairs the past violation and
commits formally (in writing) to plans for future compliance.</li>
<li><strong>Community-oriented compliance work starts with carefully
verifying violations and finishes only after a comprehensive
analysis.</strong>
This means fully checking reports and confirming violations before accusing
an entity of violating the GPL. Then, all of the relevant
software should be examined to ensure any compliance problems, beyond
those identified in initial reports and those relating to any clauses of the
relevant licenses, are raised and fixed. This is important so that
the dialogue ends with reasonable assurance for both sides that additional
violations are not waiting to be discovered.
(<a href="http://gpl.guide/pristine-example">Good examples of
compliance</a> already exist to help distributors understand their
obligations.)</li>
<li><strong>Community-oriented compliance processes should extend the
benefit of GPLv3-like termination, even for GPLv2-only
works. </strong> GPLv2 terminates all copyright permissions at the
moment of violation, and that termination is permanent. GPLv3's
termination provision allows first-time violators automatic
restoration of distribution rights when they correct the violation
promptly, and gives the violator a precise list of copyright holders
whose forgiveness it needs. GPLv3's collaborative spirit regarding
termination reflects a commitment to and hope for future cooperation
and collaboration. It's a good idea to follow this approach in
compliance situations stemming from honest mistakes, even when the
violations are on works under GPLv2.</li>
</ul>
<p>These principles are not intended as a strict set of rules.
Achieving compliance requires an understanding of the violator's
situation, not so as to excuse the violation, but so as to see how
to bring that violator into compliance. Copyleft licenses do not
state specific enforcement methodologies (other than license termination itself)
in part because the real world situation of GPL violations varies;
rigidity impedes success. </p>
<p>In particular, this list of principles purposely does not seek to
create strict criteria and/or &ldquo;escalation and mediation
rules&rdquo; for enforcement action. Efforts to do that limit the
ability of copyright holders to use copyleft licenses for their
intended effect: to stand up for the rights of users to copy, modify,
and redistribute free software.</p>
<p>The GPL,
enforced when necessary according to these principles, provides a
foundation for respectful, egalitarian, software-sharing
communities.
</p>
<div class="doc-footer">
Please <a href="https://lists.sfconservancy.org/mailman/listinfo/principles-discuss">subscribe to our principles-discuss list</a> to follow the discussion and share your thoughts with us.</p>
</div>
<p>Copyright &copy; 2021, Software Freedom Conservancy.<br/>
Copyright &copy; 2015, Free Software Foundation, Inc., Software Freedom Conservancy, Inc., Bradley M. Kuhn, Allison Randal, Karen M. Sandler.
<br/>Licensed under the <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 International License</a>.
<br/>The copyright holders ask that per &sect;3(a)(1)(A)(i) and &sect;3(a)(1)(A)(v) of that license, you ensure these two links (<a href="https://sfconservancy.org/copyleft-compliance/principles.html">[1]</a>,
<a href="https://fsf.org/licensing/enforcement-principles">[2]</a>) are preserved in modified and/or redistributed versions.</p>
{% endblock %}