a proposed change to the OSD
digitaleon at runbox.com
Sun Nov 3 10:42:09 UTC 2002
To OSI License Discussion subscribers,
>>> From: Bruce Dodson <bruce_dodson at hotmail.com>,
>> From: John Cowan <jcowan at reutershealth.com>,
> From: Lawrence E. Rosen <lrosen at rosenlaw.com>,
>>> If there is no contract, you can't contract away liability. But if
>>> there's no direct relationship between you and the recipient (such
>>> as a contract), it's hard to conceive of a way that you could be
>>> held liable in the first place. At least I, a mere software
>>> developer, cannot conceive of one.
>> That used to be the law. But people got tired of buying useless
>> and/or dangerously defective products from stores and getting this
>> Store: I had no way to know it was useless/defective: try the
>> Manufacturer: You and we have no privity of contract: try the store.
>> So after enough people got angry enough, the law was changed. Now
>> manufacturers are liable for the useless/defective products they
>> produce *to the ultimate consumer*, under a fiction of "implied
>> warranty": the manufacturer is deemed to have issued such a warranty
>> whether he has or not. The warranty disclaimer is an attempt to
>> dispose of this obligation, and 1) it may not work at all in some
>> jurisdictions, and 2) it surely will not work unless the manufacturer
>> SHOUTS it at the consumer in an unmistakable place.
> Yes, what John says is true. And so we find ourselves in a situation
> where manufactured products intended for consumers are covered by
> mandatory warranties under federal law. (Even some products that
> contain Linux software in them!) And there are effective product
> liability and consumer protection statutes in nearly all states that
> make manufacturers and distributors liable for the crap they foist on
> the unsuspecting public.
OK. Let me see if I have this issue correct:
(1) Many open-source licenses are essentially Copyright Notices that
place various restrictions on what can be done with the source code
they cover, in accordance with the OSD and with how the author wishes
their package to be used. These mainly deal with modification,
re-distribution, and disclaiming liability & warranties.
(2) The consensus among legal experts here is that a Copyright Notice
is not sufficient for disclaiming liabilities & warranties; for that, a
contract must be used. As usual, to form a valid contract, the parties
involved both have to agree to the contract and a consideration has to
pass between the two.
(3) In view of the fact that many open-source packages are also gratis,
the majority opinion is that consideration in this case is the act of
downloading or otherwise obtaining the software, as opposed to
(4) Recent court cases plus advice have both indicated that mere use of
a software package is not sufficient assent to form a contract; the
terms of the contract must be displayed clearly, and an indication of
the assent to the terms at that time must be given before the terms
(5) Sybase, a corporation that deals in back-end solutions for the
enterprise, has submitted a license for review that will be used as a
'click-wrap' license, so that an enforceable contract can be formed.
This was based on the evidence in the above point.
(6) There is widespread concurrence on speculation that software
developers will be legally held liable for software defects that affect
their customers. If not now, then in the future (as per your point
(7) The above points, put together, pose a conundrum for Open Source:
If developers take the contracts route, they inherit all the caveats
mentioned thus far, plus uncertainty how well they are actually
protected. If they don't, they expose themselves to the sorts of
liability that makes creating Open Source impractical for individuals
or smaller organisations.
Making products available gratis isn't going to help; after all,
Internet Explorer is gratis, but many organisations use it as an
essential part of their desktop infrastructure. If there was a major
defect in Internet Explorer that caused any particular enterprise
customer revenue loss, would this really stop them from going to court?
If it did, you could bet that every single business lobby group in your
country would be petitioning your government that same afternoon to get
the law changed.
Russell Nelson has made two key points in this discussion:
"The time is coming when you won't be able to distribute software
unless you have presented the license to the user and their assent is
necessary to access the software. Even free software. Our industry is
maturing and we need to be more legally careful and rigorous."
"Imagine, if you will, that a large proprietary software firm (or
consortium) wishes to destroy open source software. If they can require
that all software come with a warranty, the job is done -- time will
cook the soup."
It appears in both of these that he was spot on, and if the Open Source
community, which includes us, does not respond correctly, then Open
Source might be made to disappear. Sounds impossible, right? Laws make
the impossible possible.
All that said, there have been some good points in this discussion,
especially from you Larry, about how to get through, or at least
around, these issues. Basically, all we need at this point is some
certainty around how courts are likely to tackle these questions. I
don't want to see any developers taken to court, but I have to admit it
could be very helpful at this juncture...
> Someday UCITA may do these things for software. Do you want that? Do
> you want the open source community to try to influence the shaping of
> laws like UCITA?
No, and yes, in that order. Events in the U.S. concern me since our
current government sucks up to George W and his team wherever possible.
A quiet word from one to the other and UCITA would find itself being
debated in the Australian parliament faster than you can say
My question, though: who is UCITA truly designed to serve? The public?
license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3
More information about the License-discuss