[License-review] Approval: Server Side Public License, Version 1 (SSPL v1)

Bradley M. Kuhn bkuhn at ebb.org
Wed Oct 17 17:34:39 UTC 2018


Carlo, I really liked the statements you made in your first post in this
thread (<fa796eb1-d99b-a6cc-a04d-f25b8dd49de7 at piana.eu>) and I very much
agree with them.  I disagree with some of the meta-statements in your
followup (<d11ab657-c825-a551-64a8-29e0f0cf23c5 at piana.eu>) that qualified
your original statements.  In particular, I think you were unduly harsh on
yourself. :)

First, I definitely appreciate your effort to be kind to everyone, and I
think we should all be kind and friendly to everyone.

Carlo Piana wrote earlier today:
> Just a clarification, since this is a public list and strong wording
> might be mistaken for insult to individuals

However, I don't think your original statements could (by any reasonable
person) be mistaken for an insult to any individual, nor were they even on
bordering on insulting to any individual.

Being kind and friendly does not mean avoiding all criticisms of any action,
especially when those actions work directly against advancement of software
freedom, as I believe MongoDB's do.

> strong wording might be mistaken for insult to....  corporations....  I
> have **nothing** against MongoDB for trying to monetize their investment or
> -- even less so -- against those who have drafted the license.

I know that at least one Code of Conduct in the "FOSS license discussion
community" forbids disparagement of particular lines of business.
Fortunately, OSI's Code of Conduct [0] does *not* forbid disparagement of
lines of business, or of corporations and the behavior of their executives.

I (and others, including Richard Fontana -- as he just reminded me on the
phone) have often called the proprietary relicensing model a "nefarious" one.
Those of us who believe, as I do, that MongoDB harms FOSS should feel free
condemning that bad behavior on this list, since the bad behavior relates
directly to the license proposal.  While OSI does not take a stand for
software freedom as a fundamental right, many in our community are software
freedom activists who do take that moral stand.  I thus deplore MongoDB's use
of copyleft primarily as a scare tactic to sell proprietary licenses.
MongoDB has engaged in this sustained, bad action that actively hurts the
FOSS community.  We should not be afraid to say that, as it's central to the
politics of what Eliot seeks to do with MongoDB's license proposal.

> My strong words (here an in other outspokenly critic messages) shall be
> directed against the message, not the messenger. We all do our job at the
> best of our abilities and we all play the cards we have been given.

The messenger (Eliot) is a high-ranking official of the company (MongoDB)
that drafted the license and submitted it here for review. This license was
*not* submitted (for example) by a low-ranking MongoDB intern who was saddled
with the job, or (as sometimes happens) by a third-party user who
legitimately needs to know if it's OSI approved before they deploy the
software.  Therefore, I don't think this is a "don't criticize the messenger"
situation; there is no "messenger"; rather, there's a company's co-founder,
the company, the law firm lawyer they hired to draft their new license.

Also, I think you might be pointing at a distinction without a difference.
(I don't believe "corporations are people", even though corporate apologists
in my country like to say that.)  Ultimately, someone with authority takes up
the cause of advancing the company's interest, and those decisions-makers
should be held accountable for the "corporation's actions".  I believe the
corporate veil should remain thin in most cases.

> This is why I wonder if analysis shouldn't be done (or pretended to be
> done) in double blind, to avoid the authority bias, appeal to the authority
> or argumentum ad verecundiam [0] (or cronism bias, for that matter) in
> assessing licenses.

I strongly disagree with this with regard to license review.  Licenses are
like legislation: both the drafting and license review process are subject to
politics.  One of the biggest problems we have with legislation (at least in
the USA, and I suspect the problem exists around the world too) is that
lobbyist write legislation and it's often difficult to figure out which parts
the lobbyists wrote [1].  It's important to know what lobbyist drafted and/or
seeks OSI's license approval.  More importantly, OSI decision-makers might
have conflicts of interest that OSI's CoC [0] requires them to disclose; they
can't do that if they are on the far side of a double-blind submission.

I agree that authority bias is a real phenomenon, and perhaps we should have
a side-thread to discuss how it is impacting license-review.  But, in this
case, does anyone consider MongoDB to be an authority on copyleft?  I think
MongoDB would like to be considered that -- and the political rhetoric in
Eliot's original post purports MongoDB to be a copyleft drafting authority --
but, ironically, the only thing IMO that could *make* MongoDB into an
authority on copyleft is OSI's approval of the license!

BTW, in license review (by any licensing authority -- be it OSI, FSF, or
Debian), I'm much more worried about "Quis custodiet ipsos custodes?" than I
am about "authority bias".  (My hope on that is that Fontana's "Rule of
Three" is adequate to assure bad licensing policy doesn't occur.)

[0] https://opensource.org/codeofconduct/licensing

[1] I note that copyleft-next's Harvey Birdman Rule (see
    https://github.com/richardfontana/hbr/blob/master/HBR.md ) and was
    designed specifically to avoid this problem, which (AFAIK) was
    identified in license drafting first during the GPLv3 process, with
    which the FSF sought (but failed in some respects) to be transparent.
-- 

Bradley M. Kuhn

Pls. support the charity where I work, Software Freedom Conservancy:
https://sfconservancy.org/supporter/



More information about the License-review mailing list