[License-discuss] Thoughts on the subject of ethical licenses

Chris Travers chris at metatrontech.com
Sun Mar 8 20:43:07 UTC 2020


On Sun, Mar 8, 2020 at 9:26 PM Gil Yehuda via License-discuss
<license-discuss at lists.opensource.org> wrote:
>
> Coraline
>
> I'll share my opinion, offered with respect and after considerable reading and thinking about this. In order for the ethical source movement (ESM) to succeed and be understood, I recommend taking much more control over messaging.
>
> In your email below you said you resent the us-vs-them framing and are indicating here that the movement is shifting from that position. I suggest you help people who are trying to figure this out. Many perceive ill intent, and you tell them "I encourage you to do some googling on the topic." so they stop creating strawman arguments to attack you. Very fair. But when they search, they will find us-vs-them framing in ESM's materials. For your message to work, you have to address this, and own this issue.
>
> You have cautioned the use of dog-whistle terms such as "virtue signalling" and I'll caution the same consideration with phrases like "Open Source is the playground of the privileged" "Open Source incentivises exploiting a volunteer labor force" and "Open Source exacerbates existing injustices" which I take from the materials you shared with me as pre-reading to learn about the movement. http://bit.ly/ethical-resources If these are no longer representative of your mission, great. Please distance yourself from these phrases and come to the OSI explaining that you see the folks here are not here to exploit labor, exacerbate injustice, or play with our privilege. We're here to to pursue what we consider a value. If you share the value, then welcome.
>
> Imagine the clergy who applies for a job and explains that he's a wonderfully compassionate and charismatic leader who can fundraise, bring more families to the congregation, and deliver a fantastic sermon. But when asked, he admits that he actually sees religion as an antiquated way to control people and get their money -- and he's written about it too. But he reminds you that his sermons will really get the crowd on their feet. Should the congregation hire him? What if he then says, "well, I'm in the process of changing my views... and coming back to this religion..." ?
>
> Another way to strengthen your message: Reconsider your response "But taking a step back, would we even be having this conversation if the (admittedly deeply flawed first version of the) Hippocratic License had not been released last September? Had it not gotten so much press attention? Had it not launched dozens of blog posts?" since it is framed as 'the ends that justify the means' -- which is a framing that I'm not sure is consistent with the message ESM is trying to send. I think Ethical Source is trying to convey that the means matter too. If the goal was to have this conversation with the OSI, surely the framing of OSI as the antagonist matters. 'But it worked' is not your strongest response. 'I see now that OSI is not the problem, but potentially an ally and want to explore how to make that work.' is a much stronger way to present this.
>
> > The OSD does not define open source, it defines the characteristics of open source licenses. This is a critical distinction.
>
> I don't understand the semantic distinction -- but that's OK, I'll think about this carefully and maybe I'll get it. But I really don't see the rhetorical strategy. On Feb 5, 2019 the OSI posted an affirmation of the OSD that it is a codification of the term "open source" -- and if you agree, great. If not, please clarify your point. Note I think it's ok for a person to be against open source. But it's a tactical mistake to try to get support from a group of people by disagreeing with their fundamentally shared view (or at least appearing to).
>
> The messaging around the ESM also needs improvement. The common example I've seen in these discussions (within the ESM community) is paraphrased in your email: ICE puts kids in cages in concentration camps but they cannot be sued for human rights violations. Palantir uses open source software. ESM seeks to remind contributors to open source packages to connect their ethical introspection about their open source work to Palantir, to ICE, and to putting kids in cages. The movement then seeks ways to protect those contributors from the ethical scar of being an unwilling profiteer of wrongdoing. Thus ethical licensing solves a problem we previously (but inadequately) solved by suggesting that open source authors don't take responsibility for things they can't control such as the ethics of the users of their code.
>
> I'd consider expanding the examples to things that are more obvious and take less of a mental stretch. You see, at each point of the chain, you'll get people departing. Some people reading this will ask maybe ICE's policies are legitimate? If they were indeed violations, let them face some international court. Palantir is an analytics company, do they sell cages? How do I know if Palantir is using my software internally (when I can only see the code they publish, not the code they use). etc. Each phrase will get another group of people to drop off and at the end, you'll have a very small following. That's odd in a world full of ethical challenges. Why not pick examples that are more apparent ethical issues, perhaps related to the software itself. This way you are not asking your followers to agree that a particular entity is evil, but that a particular use is.
>
> I think of the various certifications and declarations used in consumer goods: Fair-trade, not tested on lab animals, 5% of profits donated to some cause, for every pair of shoes, we donate a pair, organic (no-pesticides), happy workers, employee-owned businesses, etc. And I wondered which of these serve as analogies to the ESM. I'm not sure.
>
> ESM's examples don't seem to point (or maybe they do? did?) to sustainability of critical infrastructure projects by engaging in fair trade or fair pay (which remains a concern, although the data indicates a surge in open source contributions from employed developers -- so the image of open source being all about volunteerism is changing). ESM is not a call to unionize software developers. It's not even a call against using open source in weapons. In its current manifestation it is an attempt to discourage people who engage in human rights violations by threatening them with copyright violations. That's very hard to rally around. I don't think licensing is going to get the movement going to its potential goals.
>
> I'm sure the ethical source movement is motivated by good intentions, but is leveraging inadequate rhetoric to be compelling at this time. I understand it's hard for busy volunteers to get this put together. I'd take the time and relaunch when the message is clearer. I think the association with OSI -- either to fix an antiquated movement, or request help to establish new parallel but different movement, is not helpful to OSI. Not when the ethical source movement is at such a formative stage that OSI members can't really tell if this is or is not an attack. So my advice to the OSI is to request the ESM to come back to the table when they have their message more polished. It will be better for the ESM (they'll be considered on the merits of their actual message, not their previous rhetoric), and better for the OSI (who will be able to focus on the open source movement, not on trying to help a different movement that is welcome to exist, but does not share many of our fundamental values).


I come from a different perspective here.  I have lived and worked in
SE Asia, Europe, and the US.  Between all of these about six
countries....


People in different places want different things from social
institutions.  In SE Asia, people want cross-generational family
businesses to support mothers in having children, help facilitate
adults in caring for their parents in old age, and more and this means
there is a different viewpoint on a lot of the issues that people
often want to push on the world from the West.  Marriage tends to be
tied not only to procreation but also to business, for example.

And this is a great thing for open source software because it means
that small businesses can compete internationally with others.  And if
we cannot respect these cultures in their rights to determine their
own economic and reproductive systems of society as they see fit then
we are no different than the colonizers of the Dutch or Spanish or
Portuguese, etc. dreaming of "civilizing the savage."

The OSI definition has always been inclusive to an extent which
conflicts with "ethical source."  We cannot include license
requirements that say that groups we dislike cannot use or modify our
software, for example.  And in a global environment, we will have to
be inclusive to cultural differences of sorts that require some
moderation.  All we can do as project maintainers is insist that
everyone treat each other with respect regardless of disagreement.

2500 years of philosophy have been unable to deliver a consensus of
what "justice" is whether social or other. Globally we are never going
to agree on ethics and if we did we would probably have to start by
denying Western multinationals access to our software since they are
*by nature* exploitative even if they push trendy Western causes
around the globe (often for their own benefit).  But we aren't going
to do that because we recognize that cutting people off from economic
commons is very serious business from which nothing good ever comes in
the long term.
>
> Gil Yehuda
>
>
> On Sun, Mar 8, 2020 at 1:34 PM Coraline Ada Ehmke <coraline at idolhands.com> wrote:
>>
>> On Mar 4, 2020, at 9:13 AM, Drew DeVault <sir at cmpwn.com> wrote:
>>
>>
>> I have some thoughts of my own regarding the ethical licensing movement.
>> I hope we can promote a more civil discussion among peers, rather than
>> between opponents.
>>
>>
>> I can’t tell you how glad I am to read those words. I am the first to admit that in the early days of the movement we took a very antagonistic, anti-establishment approach, but thanks in part to the efforts of individuals at the SFC and the OSI who had the wisdom and wherewithal to engage in good faith anyway, I feel like we are much better situated to have constructive conversations about the issues that are important to us, in service of finding a collaborative and mutually beneficial way forward.
>>
>>
>> Firstly, I completely acknowledge the concerns of those who would put
>> ethical clauses in their licenses. I believe that the values on display
>> with these licenses are valid and worth fighting for. That being said, I
>> don't believe that software licensing is the appropriate stage for this
>> fight. I'll explain why, and I'll also share my thoughts on alternative
>> solutions to these valid ethical issues.
>>
>>
>> There is a strong contingent of people within the ethical source working group who agree 100% with this sentiment about licensing not being the best strategy. Although it is the most visible of our many initiatives, please rest assured that we are exploring a number of options to move the agenda forward.
>>
>> Even though I find problems with the ethical-source approach, I again
>> find the ethical dilemma valid and worth addressing. Ethical-source is a
>> desperate response to the increasing radicalism of world politics. Many
>> advocates feel powerless to effect change in the world around them, as
>> dissonant right-wing worldviews grow in public support. This leaves us
>> frustrated, dejected, and desperate for solutions.
>>
>> Software licensing is a domain over which we have power, as software
>> developers, to affect change. Contrasted with the powerless feeling we
>> endure on the world's political stage, our power over the software
>> ecosystem is a good feeling. We want to believe that by exercising our
>> privilege in the software space, we can bring about the broader changes
>> we want in the rest of the world, or at least insulate the software
>> ecosystem against it.
>>
>> Unfortunately, it won't work. I know this sucks. I feel those same
>> frustrations with the progress of world affairs. I feel equally
>> powerless and desperate. This approach, however, amounts only to virtue
>> signaling. There are better ways to signal your virtues, and better ways
>> to deal with the problems that are facing us.
>>
>>
>> I completely understand your position, even though I hold out hope that it might prove to have a positive impact. But taking a step back, would we even be having this conversation if the (admittedly deeply flawed first version of the) Hippocratic License had not been released last September? Had it not gotten so much press attention? Had it not launched dozens of blog posts?
>>
>> As an aside I also would like to caution you on the use of the term “virtue signaling”. I am NOT implying that this applies to you, but that term is something of an alt-right “god whistle” in very common usage in dark and hateful corners of the internet like 4chan, 8chan, some terrible communities on Reddit, and places like Kiwi Farms. It is commonly used to dismiss, imply insincerity or hypocrisy, and generally ridicule people working in the social justice space.
>>
>> That being said, taken without the culture baggage, what’s so wrong about "virtue signaling" if you think of it as “this person is publicly proclaiming a strongly held moral or ethical stance”? Don’t people have the right to make such proclamations without having their integrity challenged? In fact, shouldn’t we be encouraging that? Doesn’t it have inherent value?
>>
>>
>> This doesn't mean that there is no place for ethics in your software
>> projects. You shouldn't have to deal with racism, sexism, homophobia,
>> transphobia, or any other kind of discrimination in your project's
>> spaces. The maintenance of a healthy and inclusive community is an
>> important role for a software maintainer to perform. Be vigilant, and be
>> prepared to moderate discussions, eject bad actors, and provide a safe
>> space for everyone. It's going to be hard work, and it won't be made
>> easier by your choice of license.
>>
>> Just because a jerk (or substitute whichever rude word you prefer) can
>> use your software doesn't mean that you're obligated to interact with
>> them. You can ban them from your issue trackers, mailing lists, and
>> chat rooms. You can reject their patches. You can even blackhole their
>> IPs from your distribution servers. Tell them to fork off and die.
>> You're still going to have to do this if you use an ethical software
>> license.
>>
>>
>> Adopting an ethical license, at worst, is a way of stating very clearly that you feel an ethical responsibility for the way your software is being used. The strong feelings evoked by, for example, Palantir using hundreds of open source libraries to help ICE put kids in cages are valid, and as you say, developers have very strong reactions to knowing that the code they so lovingly crafted and devoted so much of their time to is being used in this way. Developers feel helpless. And to date no organization that I am aware of has prioritized addressing this feeling of helplessness.
>>
>> That was the impetus for founding the Ethical Source Movement— we want to empower creators and reinforce the idea that BECAUSE of the impact of the software we create is so wide-ranging, we have a higher-than-average responsibility to ensure that our work is used for social good. The Ethical Source Movement comprises like-minded, concerned technologists looking for any and all tools and methods that will enable us to fulfill these responsibilities. There are going to be misses. There are going to be failures. There are going to be unintended consequences. The important thing is that we are coming together and trying. We’re prioritizing it when it seems that no one else is.
>>
>>
>> Philosophy aside, the specific issues as I see them with the ethical
>> licensing approach are:
>>
>> 1. Laws enforce themselves
>>
>> The Hippocratic License, for example, includes the following:
>>
>> The Software shall not be used by any person or entity for any systems,
>> activities, or other uses that violate any applicable laws,
>> regulations, or rules that protect human, civil, labor, privacy,
>> political, environmental, security, economic, due process, or similar
>> rights (the “Human Rights Laws”). Where the Human Rights Laws of more
>> than one jurisdiction are applicable to the use of the Software, the
>> Human Rights Laws that are most protective of the individuals or groups
>> harmed shall apply.
>>
>>
>> The problem is, licenses are held in force by laws, too. Human rights
>> are already defended: by laws. Anyone who is prepared to violate *human
>> rights* is going to have no problem ignoring your software license, too.
>>
>>
>> I disagree on this point, which I see being made quite often (usually it’s more along the lines of “terrorists don’t care about licenses”. The activities that ICE engages in at its concentration camps are illegal but still being carried out by the government, and ICE cannot be sued for human rights violations. But to return to the example of Palantir: do you think their lawyers are going to even ENTERTAIN the notion of using software with an ethical license? Being sued for license violation is the least of their concerns. It would be a public relations disaster if it was discovered that they were using ethical source licensed software to support ICE.
>>
>>
>> 2. It's difficult to comply with
>>
>> I maintain a project hosting forge, which is currently licensed with the
>> AGPL. It provides git hosting, among other things. If I used the
>> Hippocratic License instead of AGPL, would I be liable if someone hosted
>> a project on my platform which violated, say, environmental laws? The
>> license terms say that most stringent jurisdiction applies. Let's say
>> for example that the electricity consumption of Bitcoin was made illegal
>> under strict environmental protections somewhere, and I have users in
>> that jurisdiction. If someone pushes the Bitcoin source repository to
>> SourceHut, are they in violation of the SourceHut license? Am I?
>>
>> What if someone pushes GNURadio to SourceHut, and I have a user in the
>> United States National Radio Quiet Zone?
>>
>>
>> I think the language in 2.1 (coming out next week) will clarify this concern.
>>
>> 3. It's not open source
>>
>> This should be fairly obvious. Simply review the ESD and OSD:
>>
>> https://ethicalsource.dev/definition/
>> https://opensource.org/osd
>>
>> Points 1 and 6 are the only ones which are not in *direct* conflict with
>> the open-source definition. Ethical Source is tautologically not the
>> same thing as Open Source.
>>
>>
>> The OSD does not define open source, it defines the characteristics of open source licenses. This is a critical distinction. Not meaning this at all in an ageist way (I’m pushing 50 myself), the so-called “GitHub generation” does not, I believe, think of open source from a licensing perspective. The way the majority of them think of open source is experiential: “I am developing code in public, accepting contributions from other developers across the world, in the hopes that it will be useful to someone else.” For better or worse, for many people a license is just a drop-down you select from on a GitHub form when you create a new repo.
>>
>> This is part of the reason why I’m running for the OSI board: the OSI necessarily spends its incredibly insufficient budget on the mission of open source adoption by commercial entities, and (to the best of my knowledge) does little or nothing to support developers themselves. I think it has tremendous potential to do more for the average open source developer, given an adequate budget.
>>
>> Even if we disagree on software licensing being the appropriate venue
>> for these battles, I don't believe that a hostile takeover of the
>> open-source definition is an appropriate way to promote this viewpoint.
>> A better approach is to put forward new definitions and terminology for
>> the ethical-source movement to rally behind, and to not drag open-source
>> advocates into it kicking and screaming. Any members of the open-source
>> community who were brought into ethical-source without their consent are
>> going to make for poor members of the ethical-source community.
>>
>>
>> Hostile takeover is very strong language, and I believe a gross misunderstanding of my goal (speaking now for myself, not the movement.) The OSD was written in 1998 with some very specific goals. It has been a wild success. Open source is the glue, the infrastructure, the go-to toolkit powering the modern age of computing. Mission accomplished. But licensing via OSI-approved instruments is about the rights of users, not creators.
>>
>>  don’t believe the OSD does much to serve the constituents of the open source community, the developers spending their precious free time putting all of themselves into code that they hope someone will find useful. Maybe the OSI shouldn’t concern itself with developers like that? That’s for the organization itself to decide. But I firmly believe that business-as-usual will lead to the increasing irrelevance of the organization, and I think that would be a tragedy and great loss.
>>
>> If I were to be elected to the board, I would push for two things related to the OSD:
>>
>> 1) Creating a mechanism for reviewing and, if need be, revising the OSD through a consensus-based mechanism that extended beyond the board and paying members of the organization
>> .
>> 2) Through this mechanism, I would advocate for revising the language around “field of endeavor” to close the extraordinary ethical loophole of “evil people deserve freedom, too.” (I can’t think of a single example in the modern world where “evil people” enjoy the same full set of rights and privileges as the rest of a community.)
>>
>> A contested merger of our groups would leave half of us feeling
>> disenfranchised: if the OSD remains the same, ethical-source advocates
>> feel unrepresented; if the OSD changes, open-source advocates feel
>> unrepresented. This "hostile takeover" approach risks creates a
>> community of fragmentation and infighting. In truth, almost all goals of
>> the open-source and ethical-source movements are in alignment. By
>> cooperating as separate entities, we can be more successful in promoting
>> our shared goals, and compete only on our mutually exclusive goals.
>>
>>
>> “Hostile takeover” is not a goal of the Ethical Source Movement. We want a seat at the table, and we’re trying multiple strategies to make that happen— including working as peers with the other members of the board. I believe the organization is strong enough and the proper parliamentary procedures are in place to prevent one or even two board members strongly aligned with the Ethical Source Movement from disrupting or abruptly changing the fundamental mission of the organization. Those one or two board members would, instead, represent a perspective that for too long has been ignored, and find ways to encourage our peers in the organization to consider the ethical implications of our mission and goals.
>>
>>
>> I believe that this approach is going to weaken the open-source
>> community before it makes it stronger. For this reason, I voted against
>> Coraline in the OSI board member election.
>>
>>
>> I believe the open source community is strong enough to handle these conversations. But that’s not completely in my control (despite the world-crushing powers that some of my critics ascribe to me ;) ). Over the past few months I have worked very hard to establish relationships and have civil conversations with the people who are dedicating so much of their time and effort to shepherding open source into the future. The working group that I created boasts members from both the OSI and the SFC. Sometimes I still react from a place of emotion and it comes out in ways that I regret, but for the most part I make a concerted effort to engage in the spirit of collaboration and shared concern.
>>
>> Framing matters. I am not an outsider to the open source community; I’ve been participating in open source since the early 2000s. Before that, I released software under the Artistic License back when I was a Perl hacker, and shareware before that. I have worked tirelessly for almost a decade to make open source more welcoming, inclusive, and diverse. I created the first code of conduct for open source communities, and it’s been adopted by tens of thousands of projects, including the entire open source portfolios of companies like Apple, Microsoft, Salesforce, and Intel, not to mention the Linux Kernel. I have mentored dozens of young people eager to join the open source community. And during my tenure on the board of Ruby Together, I launched a paid mentorship program called Ruby Me that helps aspiring developers get valuable experience by pairing them with experienced open source developers and paying both mentor and apprentice to work on open source projects. Like me or hate me, you can’t argue that I have *already* had a tremendous and positive impact on the open source community.
>>
>> Open source transformed my life and opened up opportunities to me that I never would have had otherwise. It is BECAUSE I believe so strongly in the promise of open source that I am engaged in the work that I am doing now.
>>
>> So I resent us-vs-them framing, even as I admit my own contribution to that antagonism early on. I’m hoping that we can move past adversity and come together to create the next great hack that ensures, in the words of Karen Sandler, that software freedom is ALWAYS in service to human freedom.
>>
>> —Coraline
>>
>> _______________________________________________
>> License-discuss mailing list
>> License-discuss at lists.opensource.org
>> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
>
> _______________________________________________
> License-discuss mailing list
> License-discuss at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org



More information about the License-discuss mailing list