Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Linux

Fedora Sours On Creative Commons 'No Rights Reserved' License (theregister.com) 29

waspleg writes: Fedora, the popular Linux distribution, will no longer incorporate software licensed under CC0, the Creative Commons "No Rights Reserved" license. In order to support the wide re-use of copyrighted content in new works, CC0 provides authors "a way to waive all their copyright and related rights in their works to the fullest extent allowed by law." The license arose in response to the 1998 Sonny Bono Copyright Term Extension Act (CTEA), which extended the duration of copyright by 20 years at the expense of the public domain. But CC0 explicitly says the licensor does not waive patent rights, which for free and open source software (FOSS) is a potential problem. That means, for instance as described here, if you use CC0-licensed code in your project, and the author of that code later claims your project is infringing a patent they own regarding that code, your defense will be limited. Avoiding the use of CC0-licensed code is one way to steer clear of these so-called submarine patents that could years later torpedo you.

In a message to The Fedora Project's mailing list for legal issues, Richard Fontana, a technology lawyer for Red Hat (which sponsors Fedora), explained that while CC0 is cited as a "good license," it won't be for much longer. "We plan to classify CC0 as allowed-content only, so that CC0 would no longer be allowed for code," said Fontana. "This is a fairly unusual change and may have an impact on a nontrivial number of Fedora packages (that is not clear to me right now), and we may grant a carveout for existing packages that include CC0-covered code." Fontana said there's a growing consensus in the FOSS community that licenses without any form of patent licensing or forbearance aren't suitable. CC0, he said, like other Creative Commons licenses, includes a clause that explicitly states no patent rights are waived by the licensor.

This discussion has been archived. No new comments can be posted.

Fedora Sours On Creative Commons 'No Rights Reserved' License

Comments Filter:
  • What's the difference between that and almost every other open source license out there? The BSD license doesn't provide a patent grant. Neither does the MIT license, nor any version of GPL or LGPL prior to v3. If you refuse to accept software licensed under anything other than GPLv3 or Mozilla or Apache licenses, the entire traditional open source community (as opposed to the free software community) is going to just walk away.

    • Re:Huh? (Score:4, Informative)

      by Len ( 89493 ) on Tuesday July 26, 2022 @04:00PM (#62736362)

      Other open-source licenses assert copyright ownership but allow people to use the code (with certain conditions). CC0 asserts that there is no copyright and puts the code in the public domain (as far as that is allowed under copyright law, which generally assumes that everything is owned by someone).

      • by Junta ( 36770 )

        The point is not what the difference is on that point, but rather how CC0 is singled out when so many of the popular licenses do not include patent grants either.

        • But other popular ones don't necessarily exclude them, either. They're implicitly granted by the virtue of blanket grants to use/redistribute. YMMV depending on specific license, of course.
        • If you don't mention patents at all distributing with a license to use and distribute is an implicit patent grant. Trying to go "yeah I made it seem it was usable under the license, but surprise it really wasn't, gotcha" won't get you far in court.

    • Re:Huh? (Score:5, Insightful)

      by Improv ( 2467 ) <pgunn01@gmail.com> on Tuesday July 26, 2022 @04:04PM (#62736376) Homepage Journal

      Lack of a patent grant is a mistake in every license that did not consider it; it will need to be fixed or the effort to build a world of software free of IP restrictions is not going to work.

      • Re:Huh? (Score:4, Interesting)

        by dgatwood ( 11270 ) on Tuesday July 26, 2022 @04:47PM (#62736522) Homepage Journal

        Lack of a patent grant is a mistake in every license that did not consider it; it will need to be fixed or the effort to build a world of software free of IP restrictions is not going to work.

        Ah, but I'm not sure it really is a mistake, at least for the corporations that use it.

        Patents are mostly used defensively within the software industry. Companies make software available under BSD licenses and similar knowing full well that they may have patents on things in the code, not because they intend to get everyone to use their code and then use the patent to take over the world, but rather because when patent trolls (whether practicing or non-practicing) sue them, they can potentially use the fact that those patent trolls are using code that violates their patents and counter-sue.

        Mind you, some corporations do still do patent grants, but almost always with clauses where your license is terminated if you sue the corporation over any patent, which basically means random individuals are okay using it, but companies that own any patents should be wary. That's also potentially problematic, just more subtly so.

        At best, patent grants mostly just reduce the risk of non-practicing entities acquiring patents of a defunct company and using them to sue open source users. But given how much software is out there without patent grants, trying to fix it now is likely to be an exercise in futility.

        • by Improv ( 2467 )

          I don't buy that these things will only or mostly used defensively; it'd be nice if that were true, but it's still worth trying to defang the beast. Even at cost of defanging tit-for-tat responses.

          • by dfghjk ( 711126 )

            It's.a simple fact of the matter, whether you buy it or not. The fact that you don't know it just informs us of your ignorance.

            Patents are not included because they can't be. It's not enough to include a license to your own patents, you need to include protection against any patents which cannot be realistically provided. Sure, there is a possibility of malicious acts, but that is always the case, whether IP-related or not.

            • Re: (Score:3, Interesting)

              by Anonymous Coward
              IP lawyer, and I gotta side with Improv on this, particularly where you claim "patents are not included because they can't be." It is trivially easy to incorporate a patent license into any other license. Furthermore, it is MUCH easier to do so because of the legal impediments to alienating a copyright to material that has not yet been placed in fixed form. For patent assignments, licenses, covenants not to sue- practically anything except a disclaimer on an existing patent- these sorts of documents are
    • Yeah, I've never interpreted the MIT license that way. You're giving people a license to use and modify your software's source without significant reservation or limits. Just because it doesn't explicitly waive patent rights doesn't seem like the same thing as *reserving* rights to patent it later and retroactively modifying the terms of that license.

      Then again, maybe common sense or my intuition or intent has little to do with it. These are legal matters, after all. Has there been a case in which someo

      • by dgatwood ( 11270 )

        Yeah, I've never interpreted the MIT license that way. You're giving people a license to use and modify your software's source without significant reservation or limits. Just because it doesn't explicitly waive patent rights doesn't seem like the same thing as *reserving* rights to patent it later and retroactively modifying the terms of that license.

        If there's no grant of patent rights, the author of the code might already have a patent pending, or even granted.

        Has there been a case in which someone retroactively tried to block usage of open source due to a patent? I'm curious if the patent waivers came about because of an actual issue, or if someone was just trying to cover all potential future issues. And if this occurred, has it ever been legally challenged?

        I can't think of any. All the interesting open source cases that I'm aware of have been about copyright. More than likely, if there were a case about patents, it would be something like this:

        • [Company A] patents something and releases source code for compatibility with their file format for interoperability even though that source code involves some aspect of their proprietary technology.
        • [Co
      • You're giving people a license to use

        That is more than CC0 does. CC0 doesn't grant anything - it just waives copyright enforcement. Granting the right to use and redistribute (most other licenses) implicitly covers everything needed to do so.

    • by Junta ( 36770 )

      CC0 I suppose is singled out for explicitly saying that everyone involved still has their patents. Meanwhile people consider MIT "to deal in the Software without restriction," to cover, implicitly, patent grants.

      A similar argument can be made for the other licenses that don't mention patents. E.g. BSD 3-clause declares there are *only* three restrictions, and so long as those are met, you are golden, therefore again one could fairly state that the license implies a patent grant associated with the license

    • Using the wording from GPLv2 as an example:
      --
      You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium ...
      --

      It's a license to use and distribute the code. It's not a "only regarding copyright" license. It's a full license- copyright, patent, right of publicity, whatever. It's full permission from the owner.

      Contrast CC0, which says:

      --

      surrenders all of Affirmer's Copyright and Related Rights ...
      No trademark or patent rights held by Affirmer are waived, abandoned

    • If is company is maintaining an open source project... and CC0 is downstream to be included, how do the developers keep undesirable versions of the CC0 out of their open source software? They are forced to either fork the CC0 if possible or take it over. Either way the license has to reflect that. I guess they could just hire someone just to monitor the CC0 making sure nobody is putting crap in to it before they upgrade. But like I said they would more likely fork it under a new license and maintain that th

    • Most other licences don't mention patents, but by virtue of sharing the code, you can at least argue that there is a licence to use the patent.

      From the article :
      -
      But CC0 explicitly says the licensor does not waive patent rights, which for free and open source software (FOSS) is a potential problem. That means, for instance as described here, if you use CC0-licensed code in your project, and the author of that code later claims your project is infringing a patent they own regarding that code, your defense wi

    • The other licenses essentially say "yes I own this, but I'm granting you the right to use it," while the CC0 license says "nobody owns this." So in the case of most OSS licenses, patent claims from the creator are irrelevant, since they've already given the explicit right for somebody else to use your IP. With the CC0, they haven't granted that right explicitly, they've just ruled out copyright as a way to claim ownership. So, the original creator could come back later and claim patent rights.
  • by bustinbrains ( 6800166 ) on Tuesday July 26, 2022 @04:18PM (#62736426)

    Software, in the currently oppressive legal environment everyone lives in these days, unfortunately requires an appropriate software license. CC0 has always been exclusively for works of *art* like books, music, graphics, icons, documentation, etc. It is not an appropriate license for software since it lacks appropriate protections for both the authors of the software and offering sufficient notice to anyone who might use that software about what legal remedies they may seek against the author should they choose to use that software. MIT is the most liberal OSI approved software license with appropriate limited liability protections and sufficient warnings on the use of any software that uses it. The fact Fedora accepted CC0 in the first place as a software license is a major problem. If a author's software causes damage to anyone's system (simply running it could be perceived as causing damage as it used someone's CPU cycles), under CC0 they are 100% legally liable for that damage. That "WITHOUT WARRANTY OR FITNESS FOR A PARTICULAR PURPOSE" phrase found in every software license carries meaning with courts of law.

  • by Catvid-22 ( 9314307 ) on Tuesday July 26, 2022 @04:51PM (#62736536)
    If you're a free software fan, I guess the best thing for you to do is to read the source. The wording of CC0 [creativecommons.org] actually validates Fedora's interpretation that the license poses a downstream risk for developers, in particular section No. 4 on "Limitations and Disclaimers."

    No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.

  • CC0, he said, like other Creative Commons licenses, includes a clause that explicitly states no patent rights are waived by the licensor.

    this came up in OPF discussions, as well, particularly LibreBMC which has of course to choose a suitable license for both hardware and software. it turns out that google's "favourite" license - Apache2 - is missing wording that provides *hardware* patent rights to be waived.

    in other words, what these non-patent-waiving licenses are saying is: "yeah you can use the code TOTALLY for free... oh but we reserve the right to sue the shit out of you for patent infringment if you do so"

  • CC0 has always been sketchy for software use. Design patents are real and possibly what they had in mind.

    I license most open source code under WTFPLv2 and that's after an academic study of several competing flowery licenses. Public domain doesn't exist in many countries, which is stupid, but the fact remains.

    http://www.wtfpl.net/about/ [wtfpl.net]

    Most business that host content are afraid to ack WTFPL because of religious conservatism but its your code so do what you want.

Single tasking: Just Say No.

Working...