Android Patent Peace (PAX)

Google has announced its latest patent initiative, the Android Networked Cross-License to “promote patent peace within the Android ecosystem.”  This royalty-free community patent licensing pact, nicknamed PAX (a Latin nod to its harmonious objective) applies to Android and Google Applications pre-installed on qualified Android-compatible smartphones and devices. Android itself is a free open-source operating system (the AOSP), the source code for which is maintained by Google.  

PAX currently has nine founding members: Google, Samsung Electronics Co. Ltd., LG Electronics Inc., HTC Corp., Foxconn Technology Group, Coolpad, BQ, HMD Global and Allview. According to a statement from Google’s VP of Business and Operations, these companies together own more than 230,000 global patents. PAX membership is free of charge, and open to anyone, but the PAX license agreement terms are still confidential to members and prospective members only.

Those familiar with open source and Linux will recognize this is not the first community-based effort to create a patent commons for an open source operating system.  Open Invention Network (OIN), was formed in 2005 by  major players such as IBM, Sony, Phillips, Red Hat, and Novell, to protect Linux from patent suits, and since then has grown into the best known and most influential such effort.  Android, of course, describes a large stack of software that includes the Linux kernel, as does the subject matter of OIN.  The two efforts are complementary and undoubtedly cover some overlapping subject matter.  Like OIN, PAX seeks to protect the Android ecosystem through patent cross-licenses among its members.  OIN also engages in various activities and policies to achieve the community objective of defending Linux.  PAX has not announced any plans for such additional activities as this point.   

Patent pools, of course, have inherently limited ability to manage patent claims.  Patent pools are only as effective as their ability to include the relevant patent holders.  They do not help to reduce the claims of patent trolls, who have no incentive to participate, and do not address the aggression of large patent holders such as Microsoft, which famously levies patent royalties on most Android devices.

Watch Your Language

A contretemps has arisen among free software advocates, once again.  This article in Tech Republic describes online ranting about a fairly bland post on a site hosted by the Linux Foundation.  (I had trouble locating the original post, but it was apparently on and thus not an official LF statement.)  Those of you readers who are uninterested in the political squabbles of open source world need read no further.  Those of you who are interested should take a look at the article — for amusement value at least, if you have an ironic sense of humor.

Some free software advocates react badly to any observation that using free software can entail legal risks — an odd point of view for a paradigm based on copyright licensing conditions (and by implication, copyright infringement claims to enforce them). Some react badly to the heretical suggestion that permissive licenses are a better choice. Those reactions will never change.  But part of this particular reaction to the original post was clearly because of the language it used.

So, next time I tell a client not to use the word “viral” or call copyleft licenses “restrictive,” perhaps they will believe me.  (I cringe when I hear these words, and my clients probably cringe when I lecture them about not using these words.)  Copyleft licenses are not viral.  Open source licenses contain no license restrictions, or they would violate the Open Source Definition — restrictions are for proprietary licenses.  Open source licenses do contain conditions, but the difference between restrictions and conditions is a subtle but essential concept underlying the open source licensing model.

All that may seem like pedantry, and I won’t claim I am free from that sin.  But pedantry is a menial sin, and inadvertently starting a war of words is not a good idea.  Maybe we need the equivalent of a “swear jar” for this.  Every mistake requires a contribution to an open source project!

Drupal Ousts Project Contributor

A recent article in Inc. reported the ouster of one of Drupal’s significant contributors based on controversial objections over his personal behavior and beliefs.  The ejection was pursuant to violations of the project’s Code of Conduct.  The Code of Conduct contains high-level imperatives such as Be Considerate, Be Respectful, and Be Collaborative. The article reports there is controversy over the reasons for the ouster, however, and that is where the story takes an odd turn.

In a blog post entitled “Living our Values“, Drupal founder and lead developer Dries Buytaert stated, “A few weeks ago, I privately asked Larry Garfield, a prominent Drupal contributor, to leave the Drupal project. I did this because it came to my attention that he holds views that are in opposition with the values of the Drupal project.”  He goes on, “[W]hen a highly-visible community member’s private views become public, controversial, and disruptive for the project, I must consider the impact that his words and actions have on others and the project itself. In this case, Larry has entwined his private and professional online identities in such a way that it blurs the lines with the Drupal project.”

The “private views” apparently relate to Garfield’s interest in a lifestyle associated with the Chronicles of Gor  “sword and planet” novels, which includes “relationships between dominant men and submissive women, the latter often in positions of slavery.”  Buytaert stated in his blog post, “The Gorean philosophy promoted by Larry is based on the principle that women are evolutionarily predisposed to serve men and that the natural order is for men to dominate and lead.”

The controversy arises because it is not clear whether Garfield violated the Code of Conduct. Questions have arisen as to whether the ejection is appropriate if based on beliefs and values, rather than action — or on activity outside the Drupal project.  In making such a decision, clearly, any project must consider how the public behavior of individuals reflects on the project, but some of those quoted in the article were troubled about where the line was drawn between personal and public action.

In 2014, Brendan Eich, an original founder of the Mozilla project, resigned after a short-lived tenure as CEO of Mozilla Foundation, after public criticism that he had donated $1,000 to California Proposition 8, which sought to ban same-sex marriage in California, years before.  Among those bringing pressure were OKCupid, and online dating site, which asked its users to boycott the Firefox internet browser due to Eich’s support of Proposition 8.  Eich resigned after less than a month.

Unlike Eich, Garfield was a significant contributor to Drupal, but not its leader.

Open source projects these days — like many organizations — are walking a difficult line between controlling behavior in order to create hospitable and diverse communities, and allowing for diversity in personal behavior and beliefs.

MariaDB Releases Business Source License 1.1

On February 14, 2017, MariaDB released an update to its Business Source License.  The BSL is an alternative to free software licensing, intended to help developers reap the economic benefits of their work, while still making source code available to the community.

The BSL mades code available for a limited time on limited terms, but converts automatically to an open source license (the “Change License”) on a pre-determined date (the “Change Date”).

This new version of BSL was reviewed by open source pioneer Bruce Perens (and me), and so now BSL 1.1 has been adjusted for clarity, consistency with eventual open source release of the code, and potential use by other developers as a template license.

The changes included:

  • Limits on the time elapsing before the Change Date, so the software will be converted to open source in a reasonable amount of time
  • Requiring the Change License to be GPL compatible

MariaDB also used the announcement to adjust and clarify the licensing going forward for its MaxScale products.

The BSL represents one of a new crop of license models attempting to bridge the gap between open source licensing and proprietary licensing — seeking to create the community benefits of access to source code while preserving a viable economic model for the developer.  The more common open source business models of customization or maintenance services, widget frosting, and dual licensing have lost some of their luster over the years, as businesses — particularly startups — have struggled to serve both the community and their own economic needs.  Another approach in this new crop is the Fair Source License — which is a proprietary source-available license with modest limitations on royalty-free use.

As Kaj Arnö commented on his blog: “It’s authentic, it’s honest, it’s fair for your users, your customers, your developers and your shareholders alike. Go BSL!”

MariaDB is an increasingly popular  open source database product started by the founders of MySQL.  Many users have grown frustrated and dismayed with MySQL’s licensing policies and lack of community involvement after the acquisition by Oracle, and so many are turning to MariaDB as a viable option.

Congratulations to MariaDB on this effort.

Microsoft Offers IP Protection for Open Source elements of Azure

In February 2017, Microsoft announced expanded IP coverage for its Azure cloud service.  This move follows in the footsteps of earlier open source indemnity pledges by companies Red Hat, Novell and IBM.

Microsoft describes the program:

“Azure IP Advantage is a program for Azure customers offering best-in-industry protection against intellectual property risks, so developers can focus on coding and customers can focus on running their businesses, with reduced risk and exposure to IP lawsuits without diminishing customers’ own IP rights. It has three components to help customers protect their cloud investments:

  1. The ability to pick from 10,000 Microsoft patents to help defend against an IP lawsuit
  2. Industry leading uncapped indemnification for IP lawsuits, including open source incorporated into first-party Azure branded services
  3. A springing license to any Microsoft patent that is transferred to non-practicing entities

Some eligibility requirements apply.”

Microsoft’s IP indemnity (the Azure Advantage Program) is described in the Azure Terms of Service that issued on February 1, 2017.   Essentially, it is part of Microsoft’s general indemnity coverage for IP claims regarding Azure, but Microsoft notes it now does not exclude open source elements.  Coverage would therefore include Hadoop, but “Open source that is provided under a separate license, such as a Linux distribution in a VM, is not covered by Microsoft’s terms.”  This is perhaps an elegant way to exclude any GPL software — which would by definition be covered by a separate license.

The terms and conditions of this IP protection say a few interesting things.

  • The coverage applies to “Qualified Customers” that have spent $1000 per moth during the prior three month period on Azure, excluding resellers of cloud services like Google, Amazon and IBM.
  • It contains a springing patent license (LOT-Style) in the event Microsoft sells a patent to a patent troll. That license covers the customer’s products running on Azure.
  • It promulgates a list of Azure-related patents that are available for sale by Microsoft — presumably for use for defensive purposes — if the customer is sued by a patent plaintiff accusing products deployed on Azure.  It is limited to one per year, per lawsuit, per customer.  (This brought to mind for me a video game where you get to pick one weapon at the start.  But here, you can’t trade up or earn the others.)

Overall, this is an interesting move by Microsoft, and equally interesting is the scanty press coverage it got.  Earlier pledges regarding Linux by companies like Red Hat made a big splash, but those happened many years ago.  Some readers will react with ironical skepticism, given Microsoft is one of the biggest patent licensors for (read, “claimants against”) Linux, and those claims arguably made some of those original pledges a commercial necessity.

But there is no moral high ground in indemnities.  They are a commercial necessity, or they are not, depending on the circumstances.  Microsoft’s FAQ and marketing announcement are laced with phrases like “unlike some of our competitors” — that do not offer the same coverage.  This step by Microsoft shows that IP indemnities are a potential commercial advantage in the the cloud services wars, which are the commercial free-for-all of the decade.

Communities and Reputation — and Anti-SLAPP Suits

This article describes a case involving a divorce between two programmers in Oregon.  One accused the other of sexual assault, and the defendant filed a claim for defamation, because “news of the accusations and information on the police report quickly circulated in Portland’s tightly connected open source software community” and “[h]e claimed the accusations prevented him from finding work in open source software.”

The legal issue in the case has to do with anti-SLAPP legislation, a topic on which I claim no expertise.  SLAPP is an acronym for a “strategic lawsuit against public participation.” A SLAPP is a lawsuit intended to intimidate or discourage or burden an accuser (such as a whistle-blower or criminal complainant) by suing for defamation.  Many US states have enacted statutory protections against SLAPPs, and this case tested the applicability of one of those statutes.

But what does that have to do with open source software licensing?  Not a lot, directly, but it bears mentioning that open source communities are beginning to change their attitudes about regulating their members’ behavior.  If it’s true that being accused of sexual assault can get one ostracized from open source development in Oregon, that’s actually remarkable.  Open source software communities have been known historically for not seeking to control the behavior of their members.  Now some open source communities have begun to take codes of conduct — formal or informal — more seriously.  This probably won’t be the last clash between tenets of open source governance, inclusiveness of communities, and the law of defamation.