[License-review] in opposition of 'choice of law' provisions in FOSS licenses (was: For Approval: Open Logistics License v1.2)

Bradley M. Kuhn bkuhn at ebb.org
Tue Dec 13 16:15:23 UTC 2022 

Eric Schultz wrote:
> We already have a number of approved licenses with a choice of law clauses.

First, is there an approved license that chooses a *specific*, *named*
jurisdiction? (There may be, it's just hard to find if there is, as OSI's
website seems to have no discussion of “choice of law”, and/or why some
licenses have it and others don't?  Or did I miss it?)  The “precedents”
mentioned so far in this thread: CDDL (in some ways worse, in some ways
better) has a “each new project chooses its own jurisdiction”; Mike already
noted that EPL has dropped is “choice of law” clause; Larry already noted
that his license anchors choice of law to “Licensor” location.

Second, while you do point out a problem with the OSI process that is indeed
unfair to submitters, the unfairness is baked into OSI's design of this
process.  Specifically, (AFAICT from <https://opensource.org/approval>) there
is *still* no way to appeal decisions of license approval once OSI makes
them.  IOW, there is no appeals or supreme court of OSI license approval
(despite many suggestions, including from past OSI Directors, over the years
that one be created).  There is *just* this process, on this mailing list,
that happens *only* when a license is submitted for approval.  After a
license is approved, it's approved forever, and then it can be used as
precedent forever without any opportunity for reconsideration [0].  OSI
Directors and leadership leave, the reasoning that a given license was
acceptable isn't published, and various terms get grandfathered in without
any justification or treatise published.  The next submitter comes along and
says: “I should get this clause OSI-approved because this other one is”.

> Unless there's something uniquely egregious in the choice of law clause, it
> doesn't seem like that should hold up this submission.

Given that the during the periods when many of the existing licenses (and the
CDDL in particular) was approved, (a) the OSI had no conflict of interest
policy regarding who participates in the license approval process, (b) there
were various leadership “issues” at the time, and (c) this process was under
the ad-hoc control of a very few people (possibly one person) — it means that
many of these key issues, such as “choice of law”, have never been adequately
discussed by the community in OSI's license-review venue.

I understand that Andreas might legitimately find this process
frustrating, in that they (like VanL and MongoDB's CEO did a few years ago),
has faced stronger scrutiny than licenses approved in the early 2000s faced.
However I, for one, feel that Pam has done an excellent job making this
process more rigorous.  I frankly rarely bothered to participate in
license-review before her tenure because the past processes lacked the kind
of rigor that OSI ought to have had from the beginning in license review [1].
Pam's process here is *definitely* interested in that kind of rigor. (Lack of
rigor in license review was, BTW, a major issue, that was raised, and mostly
ignored, in the OSI Membership Reboot list in circa 2004.  Many of us here
now were invited to be “Refounding Members” at the time and likely recall).

While I'm still deeply concerned about the lack of an appeals process, I do
think this process is doing a much better job identifying issues (as it has
shaken out this “choice of law” one) than the ad-hoc OSI processes of the
past.  I realize and am sympathetic that it probably makes Andreas wish
they'd submitted their license fifteen years ago instead of now. ☺

Andreas Nettsträter wrote:
>> The license is called Open Logistics License because it was authored by
>> the Open Logistics Foundation (https://openlogisticsfoundation.org/), like
>> EPL from Eclipse.

But Eclipse isn't a field of endeavor — it's a (presumably ®) name of a
project and an organization — like Mozilla.  I have some concern that since
“open logistics” is a generic term that seems to have something to do with
“open source”.  Specifically, I am concerned that it might confuse the
community that if you are doing “open logistics” of any kind, that, if
approved, users of the license list will assume that the “Open Logistics
License” is considered by OSI as the preferred license for that activity.

By contrast, no one is confused to think that if you're writing software to
study eclipses that OSI prefers the EPL. ☺

For example, would OSI approve a license called the “Software Freedom
License” if SFC submitted it?  I'd expect (and even encourage!) OSI to reject
it if SFC did, since “software freedom” is a generic term that happens to be
the first two words of (a) longer organization name(s).  As such, approval of
the “Software Freedom License” might confuse folks — thinking that OSI is
saying the it's the only license to use for “software freedom”.  I have the
same concern with the “Open Logistics License”.

 * * *

[0] Admittedly, the license steward can submit to “delist” their own
    license(s), but the license steward is obviously a biased party.  I also
    note the process as a whole is somewhat biased in another direction:
    toward licenses that have a traditional, single-organizational license
    steward.

[1] Just in case folks have forgotten/didn't know, I am not longer affiliated
    with the FSF (not since 2019-10).  I can disclose that I argued
    internally at the FSF for many years that it, too, lacked appropriate
    rigor and checks and balances on its license review process.  It still
    does, AFAICT.  Kudos to the OSI (in contrast with the FSF) that there is
    (at least) a forum (this one) to raise and discuss the question of OSI's
    license-review rigor.  This is beside the point here, but I wanted to
    make it abundantly clear, since I was affiliated with the FSF from
    1999-2019, that I am not subtly arguing that the FSF does this better for
    its list of approved “Free Software” licenses.  In fact, I think at this
    particular moment in history, the OSI is doing a slightly better job on
    license approval transparency and process than the FSF is.

 -- bkuhn

More information about the License-review mailing list