Microsoft, SAP, SUSE, Cisco, CA, and HPE have joined an initiative to help combat open source licensing difficulties; reducing the penalties forinadvertent non-compliance with open source license terms.
The GNU General Public License (GPL) is one of the most widely used open source licenses. GPL v3 introduced a new concept which gives license violators the opportunity to correct their mistakes, an approach much more in line with the open source spirit.
November 2017 saw Red Hat, Google, Facebook, and IBM each commit to extend this policy to code they have released under GPL v2 and the GNU Lesser General Public License (LGPL) v2 and v2.1. This new addition takes the number of companies up to 10.
Each of the tech companies has committed to the following language:
Before filing or continuing to prosecute any legal proceeding or claim (other than a Defensive Action) arising from termination of a Covered License, [Company] commits to extend to the person or entity (“you”) accused of violating the Covered License the following provisions regarding cure and reinstatement, taken from GPL version 3. As used here, the term ‘this License’ refers to the specific Covered License being enforced.
However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
[Company] intends this Commitment to be irrevocable, and binding and enforceable against [Company] and assignees of or successors to [Company]’s copyrights.
[Company] may modify this Commitment by publishing a new edition on this page or a successor location.
‘Covered License’ means the GNU General Public License, version 2 (GPLv2), the GNU Lesser General Public License, version 2.1 (LGPLv2.1), or the GNU Library General Public License, version 2 (LGPLv2), all as published by the Free Software Foundation.
‘Defensive Action’ means a legal proceeding or claim that Red Hat brings against you in response to a prior proceeding or claim initiated by you or your affiliate.
‘[Company]’ means [Company] and its subsidiaries.
This is another interesting development in the world of open source licensing, and further shows its increasing prominence in the thoughts of tech companies.
HPE’s Senior VP & CTO, Mark Potter says “Fixing this bug is not just good business, but it is also good for business and society overall.”, showing the importance afforded towards open source projects
It also represents a significant shift in approach for several of the participants. Microsoft’s journey to better embrace open source is perhaps relatively well known, from 2011 when (then) CEO Steve Ballmer called Linux “a cancer” to today, where Microsoft are one of the top contributors to GitHub, over 40% of Azure VMs are running Linux and they have open sourced several products including .NET core and Powershell.
In 2008, Cisco were sued by the Free Software Foundation (FSF) after 5 years of stalling and inaction over several Linux related infringements under the Linksys brand. To see them taking part in this new open source initiative indicates a promising turnaround in their corporate viewpoint.