On Tue, Sep 22, 2020 at 11:04 AM Marinus Savoritias <[1][email protected]> wrote: > > 2. The main argument for GPL is that it protects the freedom of the user > by restricting the freedom of the developer a little bit. Same with a > company that has to keep trade secrets. Having something like the > Hipocratic license or CNVPL does the same thing. And on my personal > opinion better. I get this point of view but please consider that the Hippocratic license and other "ethical licenses" are quite harmful. (I will use the term "ethical licenses" here not because I agree that they're ethical but it's a commonly understand term) I've discussed this at length elsewhere but a few topics you should consider: 1. They're legally suspect. Additionally, they almost inherently guarantee you will put more people at risk of violating copyright and being sued. Consider the following scenario: * A piece of software is under the Hippocratic license. They use inbound=outbound licensing so every contributor has copyright on a portion of the software. * A human rights group with a controversial viewpoint like being pro-abortion rights or LGBTQ rights or union rights or a sex worker advocacy group uses the software. * One of the contributors to the software feels that the human rights group is actually violating human rights. As an example, many anti-abortion opponents think abortion is a human rights violation. * The contributor sues the human rights group for copyright infringement. * Copyright infringement is very severely punished in some countries and they need a judge to enforce it. While one could say "oh, that's unlikely to happen", I would respond that it's not really your place to decide what is an acceptable legal risk for others. I can't possibly understand every user's experience, their viewpoints, their fears or the risks they have. You're opening up a possible legal quagmire for people who are already marginalized. I think that's wrong. 2. They prevent integration with software used by nonprofits, human rights and international development groups. Significant pieces of software including CiviCRM, Mastodon and CiviCRM are under copy-left licenses.These ethical licenses have restrictions which can't be combined with copyleft licenses like the GPL or AGPL. Therefore, your Hippocratic licensed software can't be integrated into a CiviCRM plugin. I barely avoided this problem at my work. As background, I happen to work on the Houdini Project which is nonprofit fundraising software. The backend is under the AGPL and the front-end is under the LGPL. Through my employer CommitChange, we host a slightly modified version of Houdini for nonprofits in the US. We help these nonprofits raise almost $10 million a year to assist their missions. At one point, the project was using VCR, a Ruby gem for providing automated testing. In February, the VCR creator unilaterally relicensed the software under the Hippocratic license. When I read this, I panicked: I thought we used VCR and I knew we wouldn't be able to use new versions of VCR. Was I going to waste weeks ripping this out? What would I tell our customers? That some external party decided they weren't ethical enough without even knowing them? When I got back to the office, I checked and realized I had removed VCR previously. We had moved to some new testing and had forgotten that all the test code for VCR was commented out. I didn't have to set all of my work projects aside and waste weeks ripping software out but this was a real risk. Additionally, many international development organizations, like the UN Foundation, the Gates Foundation and others, are requiring that software they fund be licensed under OSI or FSF approved licenses (preferably approved by both) and support open standards. This is becoming a basic requirement for international development software going forward. Who is helped by your software not being usable for fighting poverty? Or improving public health? 3. This isn't going to stop really big companies. Don't get me wrong, big companies want to use and support FOSS software, preferably under permissive licenses. It saves them money and reduces training costs for potential new developers. That said, companies like Amazon, Facebook, Microsoft, and Google truly do not need your software. They can spend their way out of these restrictions and work around them. It's pretty likely in fact that they'll release their replacements under permissive licenses. The only people who will be significantly harmed by ethical licenses are smaller groups who simply can't afford to build their own workarounds. 4. These licenses are almost entirely written by highly paid software developers, all of whom speak English and most of whom are people of European descent. They don't represent the interests of the marginalized or end-users, they represent the interests of the globally powerful. Everything needs to be placed into that context. We've seen this problem already in the traditional copy-left route, already. I think it's pretty obvious that part of the massive development around LLVM and Clang is because their license is more permissive than the license for GCC and friends. A lot of companies just don't want to have to comply with the GPL so they'll do what it takes to avoid it. In summary, I think ethical licenses are far from ethical and are downright dangerous. I do however feel quite strongly about many of the concerns ethical source advocates speak about. I think we should do what it takes to discourage bad actors, whether organizations who don't give back or who violate human rights, from benefiting from our labor. From my point of view, licenses are not appropriate for this, either practically or morally. On the other hand, I advocate for projects and developers to develop sustainable communities with clear policies on who may participate in them, something like a code of conduct on steroids. Houdini is in the early stages of making it clear that certain bad actors are not welcome in the community, they may not file bug reports or feature requests, any they do file will be deleted without consideration, they may not join project chat rooms, they may be called out in the software and documentation, and they are not allowed to participate in events in any manner. In an extreme case, we may consider removing features that are most of use to them (this has to be done selectively of course) We can't, and won't, ban them from using the software if they receive it with a license. But under no circumstances will we provide additional labor or support for them through the project. Our tentative initial plan is to start with banning organizations listed as hate groups by the Southern Poverty Law Center. Over time, we will likely expand it as necessary. This happens to be a MAJOR advantage of using an aggressive code of conduct over a license: it can be changed by the project at any time with no legal costs. Need to add an org to the list? Made a mistake and need to remove an org? Both are extremely straightforward to do, you just follow the project's policy. Once a license is in the wild though, it's basically written in stone. It's hard to amend and costs a ton to do it well. I strongly recommend those of us who value a place for free software and digital autonomy in social justice to advocate for these type of changes to their projects. Eric -- Eric Schultz, Developer and FOSS Advocate [2]wwahammy.com [3][email protected] @wwahammy Pronouns: He/his/him
References 1. mailto:[email protected] 2. http://wwahammy.com/ 3. mailto:[email protected]
_______________________________________________ libreplanet-discuss mailing list [email protected] https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss
