2006: Year of the GPLv3 (Part 2)
This article is reprinted with permission from the August 2006 issue of TEQ magazine.
In Part 1 of this series (see June/July 2006 TEQ), we discussed the overall process by which the Free Software Foundation (FSF) (along with the Software Freedom Law Center, and Free Software Foundation Europe), has made 2006 the year of the GNU Public License v3 (GPLv3). As this article goes to press, the expectation is building for the release of the second version of the GPLv3 draft, currently expected in July 2007. As we, along with the Open Source community (friends and foes alike) await that document, this Part 2 will summarize some key provisions of the first draft of the GPLv3 which was made available on January 16, 2006.
Because the GPL continues to be the most popular Open Source license, it can be argued that the GPLv3 process represents a crucial moment. One of the initial issues for existing GPLv2 licensees will be whether or not to choose to “upgrade” their v2 license to the provisions of the v3 (both GPLv2 and GPLv3 cover this concept with forward-looking language: “If the Program specifies a version number of this License which applies to it and ‘any later version,’ you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.”)
GPL licensors will also be making a choice (as they can lock in v3 or later versions), so for both licensees and licensors the real issue becomes, what are the important changes in v3? There are many and varied opinions on this, but one leading GPL authority (namely Richard Stallman of the FSF) has characterized the four most significant changes as: (1) nonexclusive, worldwide, royalty-free software patent licenses; (2) compatibility with other Open Source licenses; (3) the definition of source code; and (4) provisions addressing so-called digital rights management (DRM) (actually called “Digital Restrictions Management” in the draft).
According to the first v3 draft (Section 11), distribution of a work under the GPL is an express grant of a patent license to the recipient and anyone that receives any version of the work, permitting all activities allowed or contemplated by the license provisions (i.e., installing, executing, distributing the work, as well as using the output). This patent license is intended to include all patent claims (controlled by the GPL licensor at the time of the distribution or in the future) that would be infringed by the work or any reasonably contemplated use of the work. In essence, this concept is striking back at software and business method patents by forcing licensors to shield downstream licensees from third party infringement claims based on the licensors distribution of GPL covered works.
The Open Source license compatibility issue is handled by Section 7 of the first draft, by allowing certain added terms, such as copyright permission, publicity provisions, warranties, etc., which are supplemental to the GPLv3’s general terms. Added terms must clearly permit all the activities that the GPLv3 permits, or otherwise permit usage or re-licensing under the GPLv3. Added terms may be written separately or amended to the GPLv3, although, it should be noted that the entire work remains under the GPLv3. The GPLv3 states that licensees who copy the work, or works based on it, must preserve all additional terms from the licensor, just as said licensees must preserve the GPLv3.
The first GPLv3 draft (Section 1) also addresses more thoroughly than before the distinction between source code, object code and the software code in its totality. Source code for a work is defined as “the preferred form of the work for making modifications to it,” and object code is “any non-source version of a work.” Added to the definition section of the GPLv3 is “Complete Corresponding Source Code,” which applies to a work in object code, including all the source code needed to understand, modify, compile/link, install and run the work (but excluding general-purpose tools not part of the work). Complete Corresponding Source Code also includes any encryption or authorization codes necessary to execute the source code (though perhaps modified). This definition also includes any decryption codes necessary to access or unseal the work’s output. The upshot of all this is that under new GPLv3, any scripts, shared libraries, dynamically linked subprograms that the work is designed to require, and interface definition files associated with the program source files are explicitly considered part of the covered work. This is an important distinction from version 2 in light of the continuing fears about the “viral” nature of the GPL (as discussed in Part 1 of this article). Under this draft, it would appear that parts of program code previously considered proprietary are more explicitly transformed into free and Open Source if used in conjunction with open source programs under the GPLv3.
Lastly, there is a growing trend in the law (both here and abroad) to attempt to prohibit software or technology that enables users to escape from digital rights or restrictions management (DRM), which prohibitions the FSF has expressly stated are fundamentally incompatible with the purpose of the GPL. As written, the new draft GPLv3 summarizes the implementation of this policy as follows: “the GPL ensures that the software it covers will neither be subject to, nor subject other works to, digital restrictions from which escape is forbidden.” Section 3 of the first draft substantively embodies the point by expressly precluding any distribution which denies full exercise of the license rights and by unequivocally stating that any work licensed under the GPL is not a technological protection measure. The effectiveness of these provisions, in light of the ongoing debate over DRM generally, is sure to be one of the most debated elements of GPLv3.
To come in Part Three of our final article on the GNU GPLv3, we will conclude our examination of the GPLv3 by offering our own comments on suggested clarifications or improvements we would like to see. (We will also offer a quick update on the second draft if it has been released by then!) In the meantime, we encourage you to read the current v3 draft for yourself at: http://gplv3.fsf.org/draft.