195 lines
11 KiB
HTML
195 lines
11 KiB
HTML
{% extends "base_compliance.html" %}
|
|
{% block subtitle %}Copyleft Compliance Projects - {% endblock %}
|
|
{% block submenuselection %}CopyleftPrinciples{% endblock %}
|
|
{% block content %}
|
|
|
|
<h1>The Principles of Community-Oriented GPL Enforcement</h1>
|
|
|
|
<p>The GNU General Public License (GPL) is the principal copyleft
|
|
license. Copyleft is a framework that permits ongoing sharing of a
|
|
published work, with clear permissions that <em>both</em> grant
|
|
<em>and</em> defend its users' freedoms — in contrast to other
|
|
free licenses that grant freedom but don't defend it.
|
|
Free software released under the GPL is fundamental
|
|
to modern technology, powering everything from laptops and desktops to
|
|
household appliances, cars, and mobile phones, to the foundations of
|
|
the Internet. Following the GPL's terms is easy — it gets more
|
|
complicated only when products distributed with GPL'd software also
|
|
include software distributed under terms that restrict users. Even in
|
|
these situations, many companies comply properly, but some companies
|
|
also try to bend or even break the GPL's rules to their perceived
|
|
advantage.</p>
|
|
|
|
<p>The Free Software Foundation (FSF) and Software Freedom Conservancy
|
|
(Conservancy) today lead worldwide efforts to ensure compliance with
|
|
the GPL family of licenses. The FSF began copyleft enforcement
|
|
in the 1980s, and Conservancy has enforced the GPL for many of
|
|
its member projects since its founding nearly a decade ago. Last
|
|
year, the FSF and Conservancy jointly
|
|
published <a href="https://copyleft.org/guide/"><cite>Copyleft and
|
|
the GNU General Public License: A Comprehensive Tutorial and
|
|
Guide</cite></a>, which includes sections such as
|
|
“<a href="https://copyleft.org/guide/comprehensive-gpl-guidepa2.html#x17-116000II">A
|
|
Practical Guide to GPL Compliance”</a> and
|
|
“<a href="https://copyleft.org/guide/comprehensive-gpl-guidepa3.html#x26-152000III">Case
|
|
Studies in GPL Enforcement</a>”, which explain the typical
|
|
process that both the FSF and Conservancy follow in their GPL
|
|
enforcement actions. (Shorter descriptions of these processes appear
|
|
in blog posts written
|
|
by <a href="https://www.fsf.org/blogs/licensing/compliance-situations">the
|
|
FSF</a>
|
|
and <a href="https://sfconservancy.org/blog/2012/feb/01/gpl-enforcement/">Conservancy</a>.)</p>
|
|
|
|
<p>As stalwarts of the community's freedom, we act as a proxy for users when
|
|
companies impede the rights to copy, share, modify, and/or
|
|
redistribute copylefted software. We require all redistributors to
|
|
follow the GPL's requirements in order to protect all the users' freedom,
|
|
and secondarily to support businesses that respect freedom
|
|
while discouraging and penalizing bad actors.</p>
|
|
|
|
<p>Copyleft is based on copyright; it uses the power of copyright to
|
|
defend users' freedom to modify and redistribute rather than to hinder
|
|
modification and redistribution. A traditional copyright license is
|
|
violated by giving the work to others without permission; a copyleft
|
|
license is violated by imposing restrictions to <em>prevent</em>
|
|
further redistribution by others. Nevertheless, with their basis in copyright law,
|
|
copyleft licenses are enforced through the same mechanisms — using
|
|
the same vocabulary and processes — as other copyright
|
|
licenses. We must take care, in copyleft enforcement,
|
|
to focus on the ultimate freedom-spreading purpose of copyleft,
|
|
and not fall into an overzealous or punitive approach, or into
|
|
legitimizing inherently unjust aspects of the copyright regime.
|
|
Therefore Conservancy and the FSF do enforcement according to community-oriented principles originally formulated by the FSF in 2001.
|
|
</p>
|
|
|
|
<h4>Guiding Principles in Community-Oriented GPL Enforcement</h4>
|
|
|
|
<ul>
|
|
<li><strong>Our primary goal in GPL enforcement is to bring about GPL
|
|
compliance.</strong> Copyleft's overarching policy
|
|
goal is to make respect of users' freedoms the norm.
|
|
The FSF designed the GNU GPL's text towards this end.
|
|
Copyleft enforcement done in this spirit focuses on stopping
|
|
incorrect distribution, encouraging corrected distribution, and
|
|
addressing damage done to the community and users by the past
|
|
violation. Addressing past damage often includes steps to notify those
|
|
who have already received the software how they can also obtain its
|
|
source code, and to explain the scope of their related rights. No
|
|
other ancillary goals should supersede full compliance
|
|
with the GPL and respect for users' freedoms to copy, share, modify
|
|
and redistribute the software.
|
|
</li>
|
|
|
|
<li><strong>Legal action is a last resort. Compliance actions are primarily
|
|
education and assistance processes to aid those who are not following the
|
|
license.</strong>
|
|
|
|
Most GPL violations occur by mistake, without ill will.
|
|
Copyleft enforcement should assist these distributors to
|
|
become helpful participants in the free software
|
|
projects on which they rely. Occasionally, violations are intentional
|
|
or the result of severe negligence, and there is no duty to be
|
|
empathetic in those cases. Even then, a lawsuit is a
|
|
last resort; mutually agreed terms that fix (or at least cease)
|
|
further distribution and address damage already done are much better than a battle in court.
|
|
</li>
|
|
|
|
<li><strong>Confidentiality can increase receptiveness and
|
|
responsiveness.</strong> Supporters of software
|
|
freedom rightly view confidentiality agreements with
|
|
distrust, and prefer public discussions. However, in compliance
|
|
work, initiating and continuing discussions in private demonstrates
|
|
good faith, provides an opportunity to teach compliance without fear
|
|
of public reprisal, and offers a chance to fix honest mistakes.
|
|
Enforcement actions that begin with public accusations are much more
|
|
likely to end in costly and lengthy lawsuits, and less likely to achieve the
|
|
primary goal of coming into compliance. Accordingly, enforcers should,
|
|
even if reluctantly, offer confidentiality as a term of settlement. If
|
|
it becomes apparent that the company is misusing good faith
|
|
confidentiality to cover inaction and unresponsiveness, the problems
|
|
may be publicized, after ample warning.</li>
|
|
|
|
<li><strong>Community-oriented enforcement must never prioritize
|
|
financial gain.</strong>
|
|
|
|
Financial penalties are a legitimate tool to achieve compliance when
|
|
used judiciously. Logically, if the only penalty for violation is
|
|
simply compliance with the original rules, bad actors will just wait
|
|
for an enforcement action before even reading the GPL. That social
|
|
model for copyleft and its enforcement is untenable and unsustainable.
|
|
An enforcement system without a financial penalty favors bad actors
|
|
over good ones, since the latter bear the minimal (but non-trivial)
|
|
staffing cost of compliant distribution while the former avoid it.
|
|
Copyright holders (or their designated agent) therefore are reasonable
|
|
to request compensation for the cost of their time providing the
|
|
compliance education that accompanies any constructive enforcement
|
|
action. Nevertheless, pursuing damages to the full extent allowed by
|
|
copyright law is usually unnecessary, and can in some cases work against
|
|
the purpose of copyleft. </li>
|
|
|
|
<li><strong>Community-oriented compliance work does not request nor accept payment
|
|
to overlook problems.</strong>
|
|
|
|
Community-oriented enforcement cannot accept payments in exchange for
|
|
ignoring a violation or accepting incomplete solutions to identified
|
|
compliance problems. Ideally, copyright holders should refuse any
|
|
payment entirely until the distributor repairs the past violation and
|
|
commits formally (in writing) to plans for future compliance.</li>
|
|
|
|
<li><strong>Community-oriented compliance work starts with carefully
|
|
verifying violations and finishes only after a comprehensive
|
|
analysis.</strong>
|
|
|
|
This means fully checking reports and confirming violations before accusing
|
|
an entity of violating the GPL. Then, all of the relevant
|
|
software should be examined to ensure any compliance problems, beyond
|
|
those identified in initial reports and those relating to any clauses of the
|
|
relevant licenses, are raised and fixed. This is important so that
|
|
the dialogue ends with reasonable assurance for both sides that additional
|
|
violations are not waiting to be discovered.
|
|
(<a href="http://gpl.guide/pristine-example">Good examples of
|
|
compliance</a> already exist to help distributors understand their
|
|
obligations.)</li>
|
|
|
|
<li><strong>Community-oriented compliance processes should extend the
|
|
benefit of GPLv3-like termination, even for GPLv2-only
|
|
works. </strong> GPLv2 terminates all copyright permissions at the
|
|
moment of violation, and that termination is permanent. GPLv3's
|
|
termination provision allows first-time violators automatic
|
|
restoration of distribution rights when they correct the violation
|
|
promptly, and gives the violator a precise list of copyright holders
|
|
whose forgiveness it needs. GPLv3's collaborative spirit regarding
|
|
termination reflects a commitment to and hope for future cooperation
|
|
and collaboration. It's a good idea to follow this approach in
|
|
compliance situations stemming from honest mistakes, even when the
|
|
violations are on works under GPLv2.</li>
|
|
</ul>
|
|
|
|
<p>These principles are not intended as a strict set of rules.
|
|
Achieving compliance requires an understanding of the violator's
|
|
situation, not so as to excuse the violation, but so as to see how
|
|
to bring that violator into compliance. Copyleft licenses do not
|
|
state specific enforcement methodologies (other than license termination itself)
|
|
in part because the real world situation of GPL violations varies;
|
|
rigidity impedes success. </p>
|
|
|
|
<p>In particular, this list of principles purposely does not seek to
|
|
create strict criteria and/or “escalation and mediation
|
|
rules” for enforcement action. Efforts to do that limit the
|
|
ability of copyright holders to use copyleft licenses for their
|
|
intended effect: to stand up for the rights of users to copy, modify,
|
|
and redistribute free software.</p>
|
|
|
|
<p>The GPL,
|
|
enforced when necessary according to these principles, provides a
|
|
foundation for respectful, egalitarian, software-sharing
|
|
communities.
|
|
</p>
|
|
|
|
<p><em>[ This document is also published on <a href="https://fsf.org/licensing/enforcement-principles">FSF's site</a>. ]</em></p>
|
|
|
|
<p>Copyright © 2015, Free Software Foundation, Inc., Software Freedom Conservancy, Inc., Bradley M. Kuhn, Allison Randal, Karen M. Sandler.
|
|
<br/>Licensed under the <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0">Creative Commons Attribution-ShareAlike 4.0 International License</a>.
|
|
<br/>The copyright holders ask that per §3(a)(1)(A)(i) and §3(a)(1)(A)(v) of that license, you ensure these two links (<a href="https://sfconservancy.org/linux-compliance/principles.html">[1]</a>,
|
|
<a href="https://fsf.org/licensing/enforcement-principles">[2]</a>) are preserved in modified and/or redistributed versions.</p>
|
|
{% endblock %}
|