[License-discuss] [FTF-Legal] Reverse Engineering and Open Source Licenses

Fri Mar 6 17:37:10 UTC 2015

Dear Larry

I have no doubt about your legal expertise and experience, but I think
generally speaking using something legally reverse-engineered in one
jurisdiction in another jurisdiction  where that specific act of
reverse-engineering is illegal is at the minimum, problematic.  This is
regardless of whether the license is open source or not and based mainly on
the ground that in the eye of that jurisdiction, the person granting the
license has no rights to do so in the first place.

This is particularly true in a jurisdiction that permits suing the user of
the copyright software in addition the person doing the reverse
engineering. In this case, it can become the responsibility of the user to
show that the process did not violate the law of that jurisdiction.

Perhaps it is easier to understand if I turn the table around and say
someone import into the US something legally reverse engineered but which
is incompatible with US law. Is it illegal? (Note: If you say I am
mistaken, I accept it.)

It also impose a moral hazard: If one simply has to do the reverse
engineering job in a  country that permits the  type of reverse engineering
in order to be able to legally use the result anywhere, then we are merely
constrained by the highest common factor of all copyright laws.

Of course any project (open source or proprietary) of any significant would
had done a clean room reverse engineering to attempt to get around this
issue.

Best Regards,
Cinly

*****
I do not read footer and will not be bounded by them. If they are legally
enforceable then this one always triumph yours.

On 6 March 2015 at 17:09, Lawrence Rosen <lrosen at rosenlaw.com> wrote:

> Nigel and others,
>
> We needn't rely on some DT document to justify our reverse engineering.
> Here
> is what EFF says we can do in the United States:
>
>     https://www.eff.org/issues/coders/reverse-engineering-faq
>
> Perhaps we can rely on their well-researched legal analysis for now.
> Someone
> complained to me that that this EFF analysis is U.S.-centric and ignores
> the
> copyright law in other countries. But if one (legally and effectively!)
> does
> reverse engineering in the U.S. and then distributes the results around the
> world via an open source license, won't that be legal enough?
>
> /Larry
>
>
> -----Original Message-----
> From: Tzeng, Nigel H. [mailto:Nigel.Tzeng at jhuapl.edu]
> Sent: Friday, March 6, 2015 8:29 AM
> To: license-discuss at opensource.org
> Subject: Re: [License-discuss] [FTF-Legal] Reverse Engineering and Open
> Source Licenses
>
> Well, the provided text in the document does not appear to me to be
> conclusive that permitting reverse engineering is not required from LGPL
> users.  There¹s interesting analysis of the wording but the real ³missing
> step² for me would be that your analysis would actually hold up in a court
> of law.  Dependence on analysis of the ³logical structure of the sentence²
> seems mildly problematic to me.
>
> If this mattered significantly to me (reverse engineering) I¹d simply
> assert
> that using Apache and BSD/MIT licensed code is just better and to continue
> to avoid LGPL.  Which is what companies do and will likely continue to do
> until there is supporting case law in the jurisdictions that matter to them
> (US, EU, China, etc) that this isn¹t actually required for what they wish
> to
> do with such libraries.  That would be the most prudent and conservative
> course.  So Mr. Tilly isn¹t obstructing anything.
>
> Now if DT were to offer indemnification for any losses incurred based on
> your analysis...
>
>
>
> On 3/6/15, 4:09 AM, "Reincke, Karsten" <k.reincke at telekom.de> wrote:
>
> >Dear Mr. Tilly;
> >
> >On a first glance, your mail seems to be clear an reasonable.
> >Unfortunately you are impeding the everyday work of those who want and
> >must convince and support their companies, employees and colleagues to
> >use free software compliantly. Let me explain, how your obstruction
> >comes into being...
> >
> >Sincerely
> >Karsten Reincke
> >
> >--
> >Deutsche Telekom Technik GmbH  / Infrastructure Cloud Karsten Reincke,
> >PMP®, Senior Experte Key Projekte - Open Stack
> >Komplexitäts- und Compliancemanagement
> >[ komplette Signatur einblenden:
> >http://opensource.telekom.net/kreincke/kr-dtag-sign-de.txt ]
> >
> >_______________________________________________
> >License-discuss mailing list
> >License-discuss at opensource.org
> >http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
>
> _______________________________________________
> License-discuss mailing list
> License-discuss at opensource.org
> http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
>
> _______________________________________________
> License-discuss mailing list
> License-discuss at opensource.org
> http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20150306/fc6f2177/attachment.html>