[License-review] Approval: Server Side Public License, Version 1 (SSPL v1)

Wed Oct 17 06:52:26 UTC 2018

Richard Fontana came by IRC channels to find me today noting:
>> * fontana is curious to know bkuhn's thoughts on the MongoDB license

I missed him, but later opened license-review folder and found three posts
from him on the thread, so I will simply reply to his request here.

I frankly think the OSI should not waste its time reviewing a license like
this.  This is not simply another slightly-differently-worded,
obviously-Open-Source highly-permissive license that needs an OSI rubber
stamp.  By contrast, MongoDB's license (and their submission to OSI on the
same day of publication) is a campaign by a well-resourced for-profit company
to reframe what copyleft is.

A decade ago, the Affero GPL, authored by a small charity, was hotly debated
in the community, and there was lobbying to oppose its approval by OSI.
OSI took many months to decide about AGPL (November to
March), and while I don't think license committee discussion of that era are
archived publicly, I assume it was a complex topic for consideration, even
though Affero GPL had been promulgated in draft form for comment for years
before, and discussed rather extensively as part of FSF's public and lengthy
GPLv3 process.  In other words, even after many years of public discussion to
consider whether the Affero clause fit the OSD, the OSI still needed months
to think about it one last time.

MongoDB had no public process for this license.  Experts in copyleft
licensing were not asked for input before the license was officially
released.  The OSI was (apparently) not included early in the drafting
process as OSI has been when other copylefts (e.g., GPL, MPL).
Moreover, as others have mentioned in this thread, this license is
essentially a modified version of a license under the purview of another
steward who publicly urges license drafters to *not* do what MongoDB did.

Copyleft licenses are a different breed, and there is clever (and
difficult-to-interpret) drafting in the OSD to allow copyleft licenses to
qualify.  I think it's totally reasonable that OSI needs a higher standard
for copylefts than other types of licenses.

Furthermore, I think it is completely reasonable for the OSI to reject a
license review request not necessarily for the content of the license, but
on grounds that a public process of comment and discussion were not used to
draft a license containing a major policy change in FOSS licensing.  The
copyleft community has evolved from a single drafter vetting the drafts
through a single law firm (as RMS did for the Emacs Public License, GPLv1
and GPLV2), to a community process.  copyleft-next should be the standard,
and license stewards of copyleft licenses should be required to explain
why they *didn't* follow a process similar to copyleft-next's process as
part of their application to OSI.

I therefore suggest the OSI ask MongoDB to withdraw its submission, and ask
MongoDB to go back and engage in a public comment and drafting process.
--
Bradley M. Kuhn

Pls. support the charity where I work, Software Freedom Conservancy:
https://sfconservancy.org/supporter/