Drupal Ousts Project Contributor

A recent article in Inc. reported the ouster of one of Drupal’s significant contributors based on controversial objections over his personal behavior and beliefs.  The ejection was pursuant to violations of the project’s Code of Conduct.  The Code of Conduct contains high-level imperatives such as Be Considerate, Be Respectful, and Be Collaborative. The article reports there is controversy over the reasons for the ouster, however, and that is where the story takes an odd turn.

In a blog post entitled “Living our Values“, Drupal founder and lead developer Dries Buytaert stated, “A few weeks ago, I privately asked Larry Garfield, a prominent Drupal contributor, to leave the Drupal project. I did this because it came to my attention that he holds views that are in opposition with the values of the Drupal project.”  He goes on, “[W]hen a highly-visible community member’s private views become public, controversial, and disruptive for the project, I must consider the impact that his words and actions have on others and the project itself. In this case, Larry has entwined his private and professional online identities in such a way that it blurs the lines with the Drupal project.”

The “private views” apparently relate to Garfield’s interest in a lifestyle associated with the Chronicles of Gor  “sword and planet” novels, which includes “relationships between dominant men and submissive women, the latter often in positions of slavery.”  Buytaert stated in his blog post, “The Gorean philosophy promoted by Larry is based on the principle that women are evolutionarily predisposed to serve men and that the natural order is for men to dominate and lead.”

The controversy arises because it is not clear whether Garfield violated the Code of Conduct. Questions have arisen as to whether the ejection is appropriate if based on beliefs and values, rather than action — or on activity outside the Drupal project.  In making such a decision, clearly, any project must consider how the public behavior of individuals reflects on the project, but some of those quoted in the article were troubled about where the line was drawn between personal and public action.

In 2014, Brendan Eich, an original founder of the Mozilla project, resigned after a short-lived tenure as CEO of Mozilla Foundation, after public criticism that he had donated $1,000 to California Proposition 8, which sought to ban same-sex marriage in California, years before.  Among those bringing pressure were OKCupid, and online dating site, which asked its users to boycott the Firefox internet browser due to Eich’s support of Proposition 8.  Eich resigned after less than a month.

Unlike Eich, Garfield was a significant contributor to Drupal, but not its leader.

Open source projects these days — like many organizations — are walking a difficult line between controlling behavior in order to create hospitable and diverse communities, and allowing for diversity in personal behavior and beliefs.

MariaDB Releases Business Source License 1.1

On February 14, 2017, MariaDB released an update to its Business Source License.  The BSL is an alternative to free software licensing, intended to help developers reap the economic benefits of their work, while still making source code available to the community.

The BSL mades code available for a limited time on limited terms, but converts automatically to an open source license (the “Change License”) on a pre-determined date (the “Change Date”).

This new version of BSL was reviewed by open source pioneer Bruce Perens (and me), and so now BSL 1.1 has been adjusted for clarity, consistency with eventual open source release of the code, and potential use by other developers as a template license.

The changes included:

  • Limits on the time elapsing before the Change Date, so the software will be converted to open source in a reasonable amount of time
  • Requiring the Change License to be GPL compatible

MariaDB also used the announcement to adjust and clarify the licensing going forward for its MaxScale products.

The BSL represents one of a new crop of license models attempting to bridge the gap between open source licensing and proprietary licensing — seeking to create the community benefits of access to source code while preserving a viable economic model for the developer.  The more common open source business models of customization or maintenance services, widget frosting, and dual licensing have lost some of their luster over the years, as businesses — particularly startups — have struggled to serve both the community and their own economic needs.  Another approach in this new crop is the Fair Source License — which is a proprietary source-available license with modest limitations on royalty-free use.

As Kaj Arnö commented on his blog: “It’s authentic, it’s honest, it’s fair for your users, your customers, your developers and your shareholders alike. Go BSL!”

MariaDB is an increasingly popular  open source database product started by the founders of MySQL.  Many users have grown frustrated and dismayed with MySQL’s licensing policies and lack of community involvement after the acquisition by Oracle, and so many are turning to MariaDB as a viable option.

Congratulations to MariaDB on this effort.

Microsoft Offers IP Protection for Open Source elements of Azure

In February 2017, Microsoft announced expanded IP coverage for its Azure cloud service.  This move follows in the footsteps of earlier open source indemnity pledges by companies Red Hat, Novell and IBM.

Microsoft describes the program:

“Azure IP Advantage is a program for Azure customers offering best-in-industry protection against intellectual property risks, so developers can focus on coding and customers can focus on running their businesses, with reduced risk and exposure to IP lawsuits without diminishing customers’ own IP rights. It has three components to help customers protect their cloud investments:

  1. The ability to pick from 10,000 Microsoft patents to help defend against an IP lawsuit
  2. Industry leading uncapped indemnification for IP lawsuits, including open source incorporated into first-party Azure branded services
  3. A springing license to any Microsoft patent that is transferred to non-practicing entities

Some eligibility requirements apply.”

Microsoft’s IP indemnity (the Azure Advantage Program) is described in the Azure Terms of Service that issued on February 1, 2017.   Essentially, it is part of Microsoft’s general indemnity coverage for IP claims regarding Azure, but Microsoft notes it now does not exclude open source elements.  Coverage would therefore include Hadoop, but “Open source that is provided under a separate license, such as a Linux distribution in a VM, is not covered by Microsoft’s terms.”  This is perhaps an elegant way to exclude any GPL software — which would by definition be covered by a separate license.

The terms and conditions of this IP protection say a few interesting things.

  • The coverage applies to “Qualified Customers” that have spent $1000 per moth during the prior three month period on Azure, excluding resellers of cloud services like Google, Amazon and IBM.
  • It contains a springing patent license (LOT-Style) in the event Microsoft sells a patent to a patent troll. That license covers the customer’s products running on Azure.
  • It promulgates a list of Azure-related patents that are available for sale by Microsoft — presumably for use for defensive purposes — if the customer is sued by a patent plaintiff accusing products deployed on Azure.  It is limited to one per year, per lawsuit, per customer.  (This brought to mind for me a video game where you get to pick one weapon at the start.  But here, you can’t trade up or earn the others.)

Overall, this is an interesting move by Microsoft, and equally interesting is the scanty press coverage it got.  Earlier pledges regarding Linux by companies like Red Hat made a big splash, but those happened many years ago.  Some readers will react with ironical skepticism, given Microsoft is one of the biggest patent licensors for (read, “claimants against”) Linux, and those claims arguably made some of those original pledges a commercial necessity.

But there is no moral high ground in indemnities.  They are a commercial necessity, or they are not, depending on the circumstances.  Microsoft’s FAQ and marketing announcement are laced with phrases like “unlike some of our competitors” — that do not offer the same coverage.  This step by Microsoft shows that IP indemnities are a potential commercial advantage in the the cloud services wars, which are the commercial free-for-all of the decade.

Communities and Reputation — and Anti-SLAPP Suits

This article describes a case involving a divorce between two programmers in Oregon.  One accused the other of sexual assault, and the defendant filed a claim for defamation, because “news of the accusations and information on the police report quickly circulated in Portland’s tightly connected open source software community” and “[h]e claimed the accusations prevented him from finding work in open source software.”

The legal issue in the case has to do with anti-SLAPP legislation, a topic on which I claim no expertise.  SLAPP is an acronym for a “strategic lawsuit against public participation.” A SLAPP is a lawsuit intended to intimidate or discourage or burden an accuser (such as a whistle-blower or criminal complainant) by suing for defamation.  Many US states have enacted statutory protections against SLAPPs, and this case tested the applicability of one of those statutes.

But what does that have to do with open source software licensing?  Not a lot, directly, but it bears mentioning that open source communities are beginning to change their attitudes about regulating their members’ behavior.  If it’s true that being accused of sexual assault can get one ostracized from open source development in Oregon, that’s actually remarkable.  Open source software communities have been known historically for not seeking to control the behavior of their members.  Now some open source communities have begun to take codes of conduct — formal or informal — more seriously.  This probably won’t be the last clash between tenets of open source governance, inclusiveness of communities, and the law of defamation.

Software commands can be “Scene a Faire” in Copyright

Arista Networks successfully defended a copyright claim by Cisco based on the use of Cisco’s Command Line Interface.  The jury returned a verdict that the use was not fair use but was scènes à faire –– a copyright doctrine that has historically been applied as a defense to claims of infringement for works like books, video games, and movie scripts.  The doctrine holds that copying elements that are necessary to a genre of work is not infringement.  For instance, a western would contain a sheriff, a bad guy with a black hat, and a final showdown, and any work copying such elements would not infringe as a result.  Software lawyers have long posited that this doctrine might be applied to copying of elements of software that are standardized, so this successful invocation of the doctrine is significant.  The case may be appealed, and because the initial claims included patent claims, the Federal Circuit would hear the appeal.