James Vasile of the Software Freedom Law Center is a man who chooses his words carefully. That’s a common feature to lawyers who write license agreements, and certainly a useful trait for someone who’s worked on a license as public, visible and controversial as the third version of the General Public License.
The Software Freedom Law Center is a non-profit, pro-bono law firm – the Free Software Foundation was their client in creating the most recent version of the GPL. James explains that as a law firm, they are not an advocacy organization, but a support organization, doing work for the public good.
James tells us that SFLC had expected to spend roughly a year in public debate to create the new GPL license. In fact, it took a bit more time, in part because the expectations for what a person can do with the GPL may be a bit beyond what’s realistic to expect from a license.
“GPL is not a social contract. It’s not the consitution of the free software world.” Instead, it’s just a set of permissions to use software, a copyright and patent license. As a software license, it’s “incapable of acting as the embodiment of the right that the good.”
In discussing the third version of the GPL, some people believe that GPL prohibits commercial use of software, and they’re shocked that this actually isn’t part of license. When confronted with the reality that commercial use of software – including sale of GPL’d software – is completely permissable under GPL, some respond by declaring that the person telling them this must be misreading the license.
But there are now large corporate stakeholders who have an investment in the future of the GPL. Part of the debate over GPLv3 is a debate over to what extent these actors have a stake and a say in the future of the license. It’s possible that the new GPL could have been created in a way that it would be impossible for corporations to be part of the community – that’s not the direction SFLC went in when drafting the license.
GPL in its new version is not a trademark license – it doesn’t deal well with attribution, naming and branding problems. There’s a tendency, James tells us, to look to the license to embody what’s really an ethical problem in the community. GNOME, for instance, would like people to use its footprint to signify compatibility with GNOME. But this isn’t really a trademark law project – it’s a problem of deciding what we actually want to allow people to do. Wendy Seltzer poitns out that default trademark licenses allow referential use – i.e., the sort of use neccesary to refer to a project’s compatibility with GNOME. James mentions that most projects don’t need licenses to use trademarks, just better understood trademark policies.
It’s possible that a GPLv4 could include trademarks, but James hopes it won’t. “We need to move away from the GPL as the locus for our hopes and dreams” about what free software to be. Community discussions about what is the right way forward for free software don’t need to be in a license.
Furthermore, very few people actually read these licenses – we’re often dealing with people’s perceptions are what are in these licenses, not what’s actually there.
Another feature not incorporated into the GPL is the key feature of the Affero GPL license. Under this license, which is a version of GPLv2, there’s an added clause which states that if you deliver services to people over a network using AGPL’d code, you need to deliver a copy of that code to the user. You can imagine this being very cool – people who’ve learned HTML from viewing source on webpages might want to learn PHP through a similar method. But it wasn’t incorporated into GPLv3, due to “having people in our community who don’t share our values.”
There was a hope that GPLv3 would prohibit DRM. James explains that this turned out to be impossible, because the same authentications neccesary to let people use clients in networked games (so that no one creates a super-client “which always lets you roll 20s”) are the same as DRM measures. James argues that there are “limits of reality” that stopped them from banning the use of DRM in these systems – Wendy points out that you could make the license address intent rather than implementation, focusing on the social use of DRM. It might be okay for DRM to work in a community where everyone opts into it, but perhaps it should be banned in other settings.
In discussion of the issues, James points out that people are now looking at issues associated with code in embedded medical devices, specifically the code that runs a pacemaker. Doctors are able to upgrade software to these computers by flashing their RAM. But doctors don’t want you overclocking your heart. What should your rights be to see the code on these embedded (really, embodied) computers? A staff member at SFLC has been trying to see the code for her pacemaker and the company has so far refused. One of her concerns is that there are likely no access controls on this device – what if it turns out that anyone can reprogram your heart via bluetooth? Does GPL make us more comfortable in this scenario by making the situation more open, or are we happier having some of these systems be closed?