[License-review] in opposition of 'choice of law' provisions in FOSS licenses (was: For Approval: Open Logistics License v1.2)

[Bradley M. Kuhn]

TL;DR: I oppose 'choice of law' clauses in FOSS licenses because:

 * They create an inherent bias about the software (and its license) in
   places where the folks are unfamiliar (or just plain daunted by) their
   understanding of the chosen law jurisdiction.  (i.e., a potential
   contributor in the USA reading the license and thinking: “I've never been
   to Germany, I don't know what the laws are like there.  Is it dangerous
   for me to even contribute to this project?  How do I figure that out?  I
   guess I have to hire a lawyer to ask …”) This is somewhat a perception
   issue, but the legal terms *must* appear welcoming to potential
   contributors for FOSS to succeed.

 * FOSS licenses should be (and usually are) designed to operate worldwide
   on the same text, and treat all jurisdictions equally.  No matter where
   you chose the law — *even if* there is widespread consensus that it's a
   good choice, it will *still* annoy/offend/confuse some would-be
   contributors, adopters, and users who may well have legitimate dislikes
   of that jursdiction's laws.  You inherently bias your community's
   participants to people in that jurisdiction or those who like that
   jursidiction's laws.

 * Jurisdictions can easily gain precedent/new laws or other problematic
   policies that may be antithetical to FOSS, its use, its adoption, and its
   development.  FOSS license text usual live for decades, and contributors
   and users must operate on that text without change for decades.  The best
   way to mitigate this very real risk is to *not* chose a law jurisdiction
   up front, for everyone in your community, forever.

 * License stewards are generally based “somewhere”.  They're almost always
   going to have a bias for their own jurisdiction, which will proliferate
   different choices of law (inherently incompatible), and possibly
   promulgate non-FOSS friendly laws throughout the FOSS ecosystem.

 * Historically, we have seen no evidence that 'choice of law' aids
   individual contributors, users, or small redistributors.  It has been
   argued that it can help large corporate redistributors, but only
   hypotheticals have been put forward.

Here's my more detailed response:

Mike Milinkovich wrote:
>>>>>> Just to pipe in as a practitioner, not a lawyer. … We spent something
>>>>>> like 15 years arguing that the certainty provided by the choice of
>>>>>> law provision was valuable. I don't remember winning that argument
>>>>>> once in all that time. In my experience, both adopters and
>>>>>> contributors viewed the choice of law as a negative.

I find it noteworthy that in this thread, generally speaking, the
*practitioners* appear to universally be saying that choice of law clauses
are not a good choice, while only lawyers are saying they're a good choice.

>>>>>> I would also add that if you sort open source licenses by usage you
>>>>>> will find that something like 95%++ of all free and open source
>>>>>> software is currently made available under licenses which do not have a
>>>>>> choice of law provision.

This wasn't an accident — there has been a lot of discussion in FOSS license
drafting circles about 'choice of law' clauses and they've generally been
rejected.

I'm appreciative to hear that Eclipse Foundation actually did the
experimental research on this, and came to the conclusion that 'choice of
law' clauses are a mistake in FOSS.  Sounds like we have evidence to rely on
now, thanks to Mike's work.

>>>> Pamela Chestek wrote:
>>>>> Someone recently persuaded me that a choice of law provision is
>>>>> beneficial to the extent it provides certainty. Without it, you have
>>>>> no idea what law might apply and therefore no way to evaluate the
>>>>> risk.

> > I replied:
>>>> Choice of law clauses have always tempted FOSS license drafters.  Good
>>>> FOSS license drafters resist the temptation — knowing that it'll cause
>>>> more trouble than help.

> > Pam asked:
> > > How?

> On 12/12/2022 8:34 AM, Bradley M. Kuhn wrote:
> > If I want to enforce a license with a choice of law clause, *either* I
> > end up asking a court in one jurisdiction to understand the laws of a
> > foreign jurisdiction (i.e., a USA Court trying to interpret the laws of
> > Germany, in the case of the so-called “Open Logistics License”), or I
> > have to take action in that jurisdiction, not my own.

Pamela Chestek replied:
> You're confusing two things, choice of law and venue/jurisdiction. 

I don't think I was confused, but I'll write more text this time hopefully my
points are clearer …

> I am only speaking of the former [choice of law]. …  As to the former, it
> is not infrequent that US courts decide matters under foreign law,

How is this different from precisely what I said: “I end up asking a court in
one jurisdiction to understand the laws of a foreign jurisdiction (i.e., a
USA Court trying to interpret the laws of Germany, ”?  That's the example I
gave as the most likely outcome if there is a “choice of law” present, and I
*do* think that's a bad outcome for the reasons I stated previously.

(I did admittedly mention another option, which is using the locale of the
chosen law as a venue — after all, you can surely still do that even if not
mandated to do so by a choice of venue.  I *do* still think if you are faced
with 'choice of law' clause, you're only two options during a dispute *are*
to either (a) let your local court interpret the laws of the chosen law *or*
(b) go to the venue of the chosen law.  Is there a third option that I
missed?)

As I said, even if all this really is “just another day at the office for
the lawyers”, FOSS license drafting should consider the individual
contributor/user first and foremost.  Usually, that contributor/user who
can't afford a lawyer.  They can't afford an expert in the local laws of
some distant land.  Yet, they're the ones most likely to face non-compliance
issues with the FOSS license.

FOSS license drafting should also consider carefully the advocacy component
of the license, and that people all over the world will read it and wonder
if they can use the code.  How will that 'choice of law' clause look to the
average contributor who does *not* operate under the chosen law at any time
in their lives otherwise?

In short, a choice of law clause is going to be daunting, for various
reasons, to anyone who isn't in the place where the law was chosen, or who
has access to an expensive lawyer.  That's true even for small companies as
well as individuals.  Only big companies benefit from 'choice of law'
clauses.

> and very common in a similar situation, decided a case under a different
> state's laws.

Even in this situation (i.e., a FOSS license chooses California (at least for
USA-based disputes), and a Texas court decides it under California law), the
problem I mentioned below still comes up:

> For foreign law, typically the parties provide dueling experts on what the
> foreign law is. I understand that the same happens in other countries. It's
> not that hard.

I think you mean: It's not that hard *for a well-funded litigant*.

> > This kind of cross jurisdictional mess may be just “another day at the
> > office” for lawyers, but for individuals who aren't lawyers, this is a
> > daunting and confusing proposition.  FOSS licenses are for the people,
> > not for the lawyers.

> Somehow it's better to not have a clue what law would be applied than to
> have something you could go look up?

It's generally believed that you can apply the law in whatever jurisdiction
where the dispute is in — isn't that usually the case around the world where
a contract doesn't have a “choice of law”?

(As a side note, do lawyers here actually believe that every contract that
doesn't have a choice of law clause is a huge mistake?)

The lack of certainty *is* valuable for FOSS advocacy, because it means local
recipients of the software can operate in the environment and legal system
they're most comfortable.  And, it makes it a bit harder for the for-profit
distributor to steamroll them with lawyers.

Meanwhile, as Mike hinted at, almost all of OSI's approved licenses *don't*
have a 'choice of law' clause.  Obviously at some point, the OSI thought
that a 'choice of law' clause wasn't that important either way (at least).
Based on the sheer number of approved licenses without them, one might get
the impression that OSI *doesn't* think a 'choice of law' clause is
recommended.

(As a side question: does OSI recommend a 'choice of law' clause for FOSS
license, or not?  And if not, why not?  Given the issue has been routinely
discussed since early 2000s, I'd have expected the OSI would have an
official position on this one way or the other by now … )

Anyway, my argument at this moment is that we (as a FOSS community) don't
have any evidence that a 'choice of law' clause has *helped* any situation
regarding a real-world problem in FOSS.  Meanwhile, in those few licenses
that OSI let through with a 'choice of law' clause (e.g., CDDL), we know
that 'choice of law' clause was one of the methods that was used to force
copyleft incompatibility.  IMO a 'choice of law' clause is presumptively a
problematic FOSS policy due to the compatibility issue alone.

I suspect that OSI may want to remain “mostly neutral” on 'choice of law'
clauses, but I wanted to be sure that at least a few more people say more
loudly this time (in case it wasn't said loudly enough during CDDL's
consideration, which it seems like maybe it wasn't … ?) that 'choice of law'
was kept out of the GPL's in part because it was considered problematic for
users attempting to assert their rights.  I can add that we've never even
contemplated a 'choice of law' clause in the copyleft-next project because
we were operating on the assumption that there was general consensus that
'choice of law' is a Bad Thing™ for FOSS licenses.  This thread has
admittedly surprised me to see that maybe there is *not* actually consensus
on that point, or, perhaps that there is one consensus among practitioners
and policy folks and another consensus among lawyers.

It kind reminds me of the first time I taught a CLE class about the GPL in
2002.  All the lawyers were just plain ANGRY that the GPL doesn't define
what will be a “Work based on the Program” because it was ambiguous.  “Just
tell us what you copyleft people want.  You're making it too
uncertain. You're making it too hard.”  In my experience, practicing lawyers
tend to hate uncertainty, especially when the uncertainty cuts towards
making the world harder for corporations and easier for hobbyists. ☺
   
> Or are you saying that we should avoid covering important topics in
> licenses because non-lawyers might not care about it or they're not bright
> enough to understand? It is indeed another day at the office for lawyers,
> we take care of the details that our non-lawyer clients may not be aware of
> or think about but that are important.

If it becomes the case that you need a lawyer to even figure out how to
operate under a FOSS license, then the FOSS license has failed.  I do think
it's valuable for companies to hire lawyers to work with FOSS licenses when
they have a lot on the line (and they should all hire Pam ☺), but I also
don't think we should let these companies set policy about FOSS licenses
just to make *their* wealthy lives easier — especially if it makes the lives
of non-wealthy activists and individual contributors harder more confusing.

In short, the primary audience for FOSS licenses is the potential individual
contributors and users.

> > Also, if the laws (or precedents) of that jurisdiction change in a way that
> > is not friendly to FOSS, it locks all FOSS under that license into a bad
> > legal regime.  This reason was one of the many reasons why copyleft license
> > drafters have historically rejected choice of law.  Copyleft never wants all
> > its eggs in a single jurisdictional basket.

> Or, you could have locked into a jurisdiction because of its
> Constitutionally based protections, like the First Amendment.

That seems like US-centrism to me.  Every jurisdiction has its upsides and
downsides.

> You also seem to assume that one can shop around for a favorable
> jurisdiction, but it's not that easy.

It *is* easy when software becomes popular and ubiquitous in many
jurisdictions.  And, as an interesting note, the most popular and widely
adopted FOSS tends to be FOSS that's under a license that *don't* have a
'choice of law' clause. 🤔

> What might happen under an unstated choice of law is a spin of the roulette
> wheel.

That argument is akin to the old Unfreedonia (as its inventor dubbed it at
the time) argument from the early 2000s: that if you get a jurisdiction that
is unfavorable to a particular provision in a FOSS license, bad actors would
push for all FOSS to have its country of first publication be Unfreedonia
and thwart its provisions somehow.  Ironically, I always thought that
argument kinda supported a 'choice of law' for FOSS, but it was usually put
forward to oppose it.  Ultimately, though, I think the entire argument is
specious and doesn't support either side of the 'choice of law' argument.
It's a silly hypothetical.

Indeed, you might fail on contract or copyright claims in some jurisdiction,
but you'd probably have failed on them even more if you've chosen the laws of
that place anyway.  So, why not let the choice of law occur based on where
the dispute is?  If there is no standing for the dispute there, the issue is
moot anyway, and if there is standing, we're left with the other problems I
mention.

One tenet is true in FOSS license enforcement: nothing is certain once a
party decides to circumvent a license on purpose.  I can definitely say that
a 'choice of law' clause would never have helped any effort of FOSS license
enforcement in the real world that I've seen or participated (and I've seen
and/or participated in thousands).  I have, however, seen a 'choice of law'
clause get in the way of the advancement of FOSS.  (CDDL example below.)

I agree with you that for-profit distributors who can easily hire a lawyer
who knows *just* the laws of a particular jurisdiction gain certainty.  But,
who is clamoring for that and why?  Do they really want FOSS?  Do they rely
on/use/redistribute any FOSS under licenses that *don't* have a 'choice of
law' clause, and if so, how do they justify that — if 'choice of law'
clauses are so important, shouldn't they be avoiding all that FOSS and using
Microsoft's and Google's proprietary software (… as I bet those licenses
*do* have a 'choice of law' clause)?

> You seem to prefer uncertainty to certainty but others may prefer
> certainty.

FOSS should be international, and needs a broad coalition across almost
every country in the world to succeed.  If we want to convene an
international drafting panel to decide what jurisdiction in the world is the
best one to interpret FOSS licenses, and of course, reconvene it every five
years or so to reconsider (as it could change), then maybe certainty is
achievable, but I doubt even that would work.

In fact, I'll bet if we convene that panel, even *if* we got universal assent
that a 'choice of law' was good for FOSS licenses, there will be dissent and
disagreement about the best jurisdiction.

Meanwhile, if OSI then takes the position that any choice of law clause is
fine (i.e., just pick your favorite jurisdiction, license drafter!), it'll
stack up a whole pile of incompatible licenses — all with their own 'choice
of law' in a different place.

Historically, OSI took a strong anti-license-proliferation stance after its
disaster that was the corporate vanity licenses.  I hope that stance doesn't
wane for the allure of 'choice of law'.

In fact, I think this whole exercise hints at one of the questions that OSI
has been asking itself since it was founded the late 1990s: is it a venue
for companies (and their lawyers) to experiment with the “magic of the
marketplace” of FOSS licenses (as VanL argued it should be when ballyhooing
his license), or is OSI trying to create a clear set of licenses that it
recommends will create a healthy, vibrant, and compatible FOSS ecosystem?

In some sense, the discussion we're having is about that question more than
it is about one specific issue within that broader question.  Our debates a
few years ago about VanL's license (that OSI ultimately approved) were
really that same debate too.

> >   * * *
> > CDDL, of course, had a choice of law (in part) to force it to be
> > incompatible with all FOSS licenses that didn't have them.  Certain
> > incompatibility with the GPL is now known to have been a planned design
> > goal of the CDDL.  Is that also a design goal of the Open Logistics
> > License, one wonders?

> It's quite a surprise to me that the CDDL is incompatible with all FOSS
> licenses that don't have a choice of law provision. You can't blend CDDL and
> MIT? Or do you mean just the GPL licenses?

I'm sorry, you're right.  I meant compatibility with copylefts (which is
more than just GPL family licenses).  Nevertheless, I do think OSI should
*at last* factor in cross-license compatibility during review, though,
*particularly* for the most prolific of FOSS licenses.  Pushback about
compatibility was able to get even the EUPL to add compatibility upgrade
clauses.  License incompatibilities introduced into this process, IMO,
should come a clearly stated policy reason that explains why the
incompatibility advances FOSS in some way.

In this specific situation, I do think Open Logistics Foundation should
answer the question of why they didn't follow the EUPL's example — with an
explicit compatibility clause for well-known copylefts.  I further suggest
that the OSI factor Open Logistics Foundation's efforts (or lack thereof) in
that regard into its approval decision on Open Logistic Foundation's
license.

  -- bkuhn