Loss of Credibility

On its face, the appeal verdict may seem like a victory for Bruce Perens, but it has also rendered his costly "expert" advice and that of the FSF and SFC completely arbitrary and irrelevant. In this case, Bruce has a company, Legal Engineering, to provide license compliance advice to lawyers and companies. When confronted about Red Hat's similar subscription policy, this highly-compensated "expert" claimed to have no knowledge of it, despite it being covered by LWN and other news sites years earlier. No knowledge of the business practices of the largest Open Source company in the entire world. Yet back in 2004, on the very same LWN site, he was certainly aware of it and had this to say about it:

Using more than one attorney, various non-profit and commercial entities have determined that the RH enterprise business model is within the letter but not the spirit of the GPL.

The court has determined this "expert" advice is no different from random layperson opinion. Yet in a world where very few cases involving the GPL are actually tried in court, especially in the US, it's these "experts" that effectively determine the bounds of the license for the public.

It seems to me that if every other credible person has the complete opposite opinion as Perens, to defend their own credibility, they should have voiced the fact that Perens is the extreme outlier here. This would prevent them from being lumped in with the wild theories he repeated from a troll. Yet they made no public statements on the merits of Perens' claims, nor apparently did any news organization or website parroting Perens' claims even disclose his conflict of interest in running a for-profit license compliance business or do the most basic research of asking any of these other non-profit organizations.

As noted in the legal analysis of Rohit Chhabra, Perens' invitation of multiple interpretations of the "further restrictions" clause of the GPL, in opposition to the position widely-held for decades, may cause the entire clause to be rendered unenforceable in court, effectively destroying the GPLv2 and triggering huge world-wide implications. Continued silence on the part of the FSF and SFC will only further exacerbate this inevitability if Perens continues his attack unchallenged.

Loss of Moral High Ground

This should be incredibly worrying to everyone, as it seems the goal of not actually trying GPL cases in court encouraged by most of these individuals and groups has the effect of granting themselves the power that drives funding to mold and shape the license in the public's view however they see fit through "community-oriented enforcement." Through such arbitrary enforcement, no meeting of the minds can occur. Today you can be writing GPL-licensed code; tomorrow a self-proclaimed "GPL expert" that the public trusts to provide accurate, factual information, can target you and ruin your reputation unless you either 1) pay them for their non-lawyer compliance services or 2) comply with an unreasonable, nonsensical restriction that doesn't exist in the GPL and which all of the other "GPL experts" can even agree doesn't exist.

It should bother everyone that the SFC for instance published a blog years ago in support of the legality of Red Hat's subscription policies, but not one peep was blogged from them about our identical policies. It should bother everyone that despite the FSF receiving repeated emails from us pleading for them to publish a statement about the GPLv2 license on our GCC plugins, since false accusations were being made by self-proclaimed GPL experts, they have not responded even multiple years later. They have also been entirely silent about our subscription agreement. They are acting like they forgot there still exists evidence of an email from one of their Compliance Managers in reply to a description of a subscription agreement nearly identical to ours which clearly states that developers are under "no obligation to supply future releases to anyone." In 2004 the FSF claimed that they'd issue clear information around these kinds of subscription policies "in the coming weeks", and then never did in the coming weeks, nor in the following 16 years, despite even recently receiving a million dollar donation to, in part, expand their licensing and compliance programs.

Some companies are afraid of using the GPL because of the legal uncertainty around it, and organizations like these seem to relish in the uncertainty -- uncertainty that only actual court cases could resolve. Uncertainty provides them with more funding for "guidance."

Double Standards

It should bother everyone that it appears there's one set of rules for large companies that have had policies like ours in place for years (with rationalizations accepted by the public of (paraphrasing) "to protect ourselves from Oracle"), whereas developers like us should be forced to slave away for free for Google or someone else.

It's well-accepted by now that large cloud companies are killing many smaller businesses. It's one of the main driving forces behind the proliferation of new open source licenses. A cloud company where all of the computing happens on its systems, where customers don't actually own anything, avoids having to deal with many aspects of the GPL when offering certain services that a traditional business would that permits its customers to actually possess the software and run it on their own systems. Yet there exists little outrage against this paradigm shift that's largely eliminating the freedom once provided by the GPL, and in some instances making free software development unsustainable.

Open Source software is notoriously underfunded -- it's the tragedy of the commons -- and yet these people and organizations want to scare developers like you and me away from perfectly legal (by their own admission) ways to get funded for continued hard work. Adding to the confusion is the masses of people unknowledgeable about the GPL and whose only concern about free software is getting software for no cost. A reading of any comment section where free software licenses are discussed demonstrates clearly how poorly the stewards of the GPL have educated their userbase, creating unnecessary tension and conflict between an entitled generation of freeloaders and the developers they depend on.

No Way to Defend

It should bother everyone that Bruce Perens is free to spout off any ridiculous claim about the GPL and a company's compliance with it. These same people and organizations know practices like ours are perfectly legal, as do real lawyers, which is why Red Hat for instance has never had suit brought against it for its policies over the past almost-two-decades that they've been in place. Without a plaintiff, the matter will never be resolved in court, leaving it within the realm of self-declared GPL experts to publicly shame and damage anyone who doesn't share their skewed interpretation of the GPL, influence people to accept the claims as facts, and then cower behind disingenuous claims of opinion when their statements are contested.

The words of Bruce Perens, the SFC, and the FSF no longer mean anything. They have demonstrated that they can't be trusted as fair and impartial stewards of the license, but instead seemingly cultivate uncertainty for additional funding and to try to pretend the GPL provides more rights than it legally does. Register your copyright. If you believe strongly that someone violated the license on your work, take them to court. If someone accuses you of violating the GPL, demand it be resolved in court. Ignore meaningless statements and allegations from unrelated third-parties that have nothing to lose and everything to gain from simply spreading FUD. For better or worse, it's the only way perceived uncertainty has a chance of being resolved. Otherwise, the level playing field the GPL purports to provide will be nothing more than the illusion it is today.

For more information about the lawsuit, including the anonymous troll who formed the sole source of Bruce Perens' false claims, see Part 1 of our post here: https://grsecurity.net/setting_the_record_straight_on_oss_v_perens_part1.
For more information about Bruce Perens' history of FUD and profiting off it, see Part 2 of our blog post here: https://grsecurity.net/setting_the_record_straight_on_oss_v_perens_part2.

For those who believed the opinions of a layperson reflected facts, please see this article from an actual lawyer regarding the GPL and subscription policies with conditions on providing future services or support: https://www.clfip.com/ip/blog/the-gpl-and-a-condition-on-providing-future-versions-or-services/