devork

E pur si muove

Saturday, February 08, 2014

Don't be scared of copyright

It appears there is some arguments against putting copyright statements on the top of a file in free software or open source projects. Over at opensource.com Rich Bowen argues that it is counter productive and not in the community spirit (in this case talking about OpenStack). It seems to me the main arguments are the following:

  • It is intimidating to new people
  • It gets too verbose
  • Encourages contribution for the wrong reasons
  • It is hard to decide when to add a name
  • It is even harder to decide when to remove a name
  • The VCS keeps track of contributions anyway

Lastly and perhaps most improtantly he asks:

[...] why do you care? What are you trying to protect against? If you're trying to protect against your contribution being taken by the community and used for other purposes, perhaps contributing to an Apache-licensed code base isn't the smartest thing to do.

Now I think the last question is the most important to answer: you want to assert your copyright on a file to avoid your work from being re-licenced against your will.

That to me is really the crux of the issue and it certainly does not go against the spirit of free or open source software. In fact every additional author asserting their copyright under the license chosen for the project makes the committment of the project to this free or open source license even deeper. It is an attempt to protect against some hypotetical future lawyer who might one day try to claim someone was allowed to do something which was not in the spirit of the free or open source project. For every additional person or organisation listed as holding copyright it becomes harder to ever re-license the work. And this is a good thing.

Now I choose the words "assert your copyright" carefully. Not being a lawyer I am not sure what is the best way to do this. Personally I remember the FSF recommending to put a copyright line with the license in every file so I trust them that this is a fairly legally sound approach. But likewise I'm fine with a LICENSE.txt and AUTHORS.txt file, it is far nicer to work with as developers however I can imagine lawyers being able to attack such a system easier.

As to addressing the other minor points: on the social issues I can't really counter much. Yes it would be a shame if people would be scared away for no reason.

As for deciding when to add or remove a person to the copyright: this might always remain tricky, but if in doubt add the person. And simply never ever remove a person. However the claim that the VCS would be capable of tracking who is the author of what fragment is a bit frivolous, it is fairly common for patches to be applied by a committer instead of the author. And even if originating from a pull request there might easily be reasons to change the commit for some typos, squashing commits etc. I've seen the original authors of a commit disappear before, so really wouldn't just leave it up the VCS to do this bookkeeping.

So in short, the more people are listed as owning copyright on a project the healthier it is and the more I trust it. Please do not be scared away by other people or organisations being listed as copyright holders.

Subscribe to: Posts (Atom)