
Software Licenses and Failed States - rumcajz
http://250bpm.com/blog:82
======
Doctor_Fegg
The methodology behind this graph is really rudimentary, as the original
author admits[1], and I wish people would stop quoting it without big health
warnings.

"To detect what license, if any, a project is licensed under, we used an open
source Ruby gem called Licensee to compare the repository's LICENSE file to a
short list of known licenses. However, it's important to note that this
approach doesn't count a project as licensed if the README indicates a
specific license or if individual project files contain a named license in the
code comments."

Of my 13 (original, non-forked) projects on github, 11 state a licence; each
one would be immediately found by a human looking at the project; not a single
one would be found by the above method.

[1] [https://github.com/blog/1964-open-source-license-usage-on-
gi...](https://github.com/blog/1964-open-source-license-usage-on-github-com)

~~~
caf
Right, I don't understand why it doesn't at least look for COPYING or
COPYRIGHT as well, those filenames have quite some seniority.

~~~
snuxoll
Hell, you can't use GNU Autotools without a COPYING file or it will yell at
you until you create it or figure out the incantation to make it ignore the
lack of said file. There's still plenty of software out there on github that
uses automake/autoconf that wouldn't be properly recognized like this.

------
TheMagicHorsey
The conclusions of this article are wrong. The vast majority of Github
repositories with no license are those that also have no followers and no
stars. These are repositories with little useful code most likely.

I more useful metric would be to measure repositories that have 10 or more
stars or followers, and to see what percentage of such repositories have no
software license.

As it is, the whole digression into the failed state metaphor is premature.
The author should have done some digging for better supporting stats before
spending so much time on a stretched failed state metaphor.

~~~
mbreese
It would also be interesting to look at the inverse relationship - how many
average stars does a "licensed" repository have vs an "unlicensed" one. I
suspect that you're right that repositories with licenses will have more
stars, and thus more widely used.

Another interesting metric would be lines of code (licensed vs. unlicensed).
This would probably make your argument more obvious... more useful
repositories will have many more lines of code than unuseful ones; and thus
also more likely to have a license.

I believe that the author may have just re-discovered the concept of the long
tail, reproduced in source code repositories.

------
rmc
> _The projects without license can in theory be considered open source (the
> source is published after all)_

That is not what "Open Source" means.

> _but legally, the copyright is still owned by the authors_

In Open Source/Free Software, the copyright on the software is still owned by
the original authors.

~~~
ashitlerferad
> That is not what "Open Source" means.

"Open Source" means different things to different people and not everyone
accepts the OSI definition, there are even people who are angry at ESR for
grabbing the phrase for himself and making his definition the most popular
one.

~~~
jordigh
esr didn't coin the term, Christine Peterson did, and Tim O'Reilly funded the
OSI compaign. Also, nobody used the term before OSI did, except with an
unrelated meaning in the intelligence community.

[http://jordi.inversethought.com/blog/5-things-we-have-
forgot...](http://jordi.inversethought.com/blog/5-things-we-have-forgotten-
about-open-source/)

------
captainmuon
I am one of those who (would) publish their code source-open, but not Open
Source. The reason is not that I reject the legal system per se (although I do
dislike and fundamentally criticize it). The reason is that publishing code
without a license gives me the effect I want.

People can look at my code, they can use it privately and do whatever they
want. They cannot build a business with it or use it in any way I don't like
without my permission. Yes, people with a contempt of copyright law (which
tend to align with me politically a bit) profit from this. People who have
internalized copyright law and won't even look at my unlicensed code in
secret, on their phone on the toilet, because it's 'wrong', are disadvantaged.
That's great!

Most importantly, I don't give any rights away. "All rights reserved" is the
default. And I don't enter any obligations. Remember, we like to talk about
licenses that are attached to code. But how are they implemented? In reality,
licenses are in fact like contracts between you and the license taker. I'm
extremely hesitant to sign contracts with strangers - I especially don't want
to offer a blanket contract to everybody who reads my code and wants to accept
it. I can't be 100% sure that such a contract doesn't create any obligations
for me that I don't want - the legal system is so complicated that even
lawyers have problems finding all side effects of clauses. At the very least,
I'll be giving courses of action away if I license my code.

Without a license, putting code online is a bit like writing a poem in a park.
People can look over your shoulder, read what you're writing, you can interact
with them if you like, they can take your words and pass them on - but they
can't publish a book with them, and you have no obligations towards those
people.

------
DannyB2
If it doesn't have a license, then don't touch it with a ten foot pole. Run,
don't walk away.

He may not care about the law, but the user of that unlicensed software will
care when they get sued for using it.

"Oh, but I would never sue you for using my software" says the unlicensed
GitHub author.

"But I can't trust you. You're not trustworthy."

"Oh, but I am. I won't sue, I promise!"

"Then why don't you put that promise in writing? It's called a License."

~~~
wolfgke
> "Then why don't you put that promise in writing? It's called a License."

Because the author of this particular source code strongly prefers users who
like them who are ignorant of the law? The author doesn't want to get sued for
his license.

~~~
green_lunch
What most likely will happen is that if the person likes you (IE: not some big
company), they will allow you to use their code. If you are a huge corporation
profiting from it, you will get sued for misuse.

This is exactly why you don't use unlicensed code in any commercial
application.

~~~
DannyB2
So if you are one of the people he 'likes' and will allow you to use his code,
then does he give you a license? If he likes you, he would give you a license,
which describes how you can use the code without getting sued.

But I thought by putting it on GitHub, and claiming that he doesn't believe in
licenses, because he wants EVERYONE to be able to use the code -- that he
wouldn't then 'allow' a special friend to use the code.

------
kerkeslager
> So, the other possibility is that authors deliberately reject the legal
> system per se. The reasoning can go as follows: I do care about my peers
> using my software. I don't give a damn about whether the lawyers and mega-
> corporations they work for use it. So, if you are like me and you don't care
> about all the intellectual property antics, here's my project, feel free to
> use it. If you are the kind of moron who wants to have their legal ass
> covered, go screw yourself.

I totally buy the idea that at least some users who upload source to GitHub
without a license feel that way. I have slightly different priorities
(creating software that is used is more important to me than avoiding the
copyright antics) but I'm pretty sympathetic to that sentiment.

The problem with expressing that sentiment by not licensing your software is
that it doesn't express that sentiment at all, especially on GitHub. GitHub's
terms of use require that public repositories contain only open source code,
so there's an argument to be made that uploading your code to a public repo on
GitHub implies an open source license.

If you really want to make a civilly-disobedient statement rejecting the idea
of licenses, I'd do so with something like the Forget Users License[1].

[1] [https://www.kerkeslager.com/forget-users-
license.txt](https://www.kerkeslager.com/forget-users-license.txt)

EDIT: I'm not a lawyer and would love to make this more lawyer-y. Suggested
improvements to the license are welcome.

~~~
cm3
I have dev peers who think like that and they release code into the public
domain.

~~~
DannyBee
Except that they legally can't in plenty of countries, so that are, in
practice, just making the problem of unclear licensing worse :(

------
ucaetano
Mogadishu actually has a functioning local government, with (mostly)
functioning utilities, telecom, etc. No need to pick on it.

------
wmil
There's nothing odd about publishing something on Github without licensing it.

For example, imagine you have an MVP for a failed startup idea. By throwing it
up on Github other people can learn from your project. Potential employers can
review your code.

But if someone wants to fork your code and try to launch an identical startup,
they really should cut you in.

------
venomsnake
Simpler explanation - people go with defaults. The default is no licence. So
it is mostly github UI problem.

~~~
jolux
I think this is the best explanation per Occam's Razor. Licensing is often
complex and a lot of developers would rather not think about, plus the
alternative is that GitHub by default waives certain copyrights when
publishing which might get them in trouble.

~~~
snuxoll
It'd be nice if more tooling yelled at you for trying to publish something
without a license attached. As much as it annoys me about refusing to even
generate a working configure script and Makefile without it, autotools
enforcing a COPYING file's presence is a great idea.

~~~
jolux
I think perhaps a lot of it is also simple misunderstanding. People don't
realize that publishing something is not the same as licensing it.

------
teamhappy
Most of these are probably Node.js packages with "License: MIT" somewhere in
the README.

------
scotty79
> It's going to be weird, but bear with me, I have a point to make…

> So, the other possibility is that authors deliberately reject the legal
> system per se.

I hope he's sarcastic because it's blindingly obvious to anyone who knows
there's a copyright and published any stuff for other people to use. Reality
is that if you publish something everybody can take it and use it. Copyright
flies in the face of actual reality. So most people just ignore it. Consumers
but also producers. Only lawyers still care. Nothing weird about it.

If you had a law that water is dry until explicitly declared wet by
appropriate rightholder people would ignore that law in their daily lives if
there were no enforcer around.

~~~
Ace17
"Reality is that if you publish something everybody can take it and use it"

Patents are a (controversial) way to publish something without allowing others
to use it. So at least, there must be a (controversial) rationnale behind
"publishing without allowing any use".

------
gioele
Parallels in the video world:
[http://waxy.org/2011/12/no_copyright_intended/](http://waxy.org/2011/12/no_copyright_intended/)
[http://www.urbandictionary.com/define.php?term=No%20copyrigh...](http://www.urbandictionary.com/define.php?term=No%20copyright%20infringement%20intended)

------
geofft
_The interesting question is why would anyone make such a contradictory
statement? Why would they make the code physically available to everyone and
yet make it legally unavailable?_

Why is that contradictory? That's how every piece of sample code in a book
works; the book generally has a copyright statement at the beginning and no
license on the code. That's how, for instance, Microsoft's sample code
_explicitly_ works: there's a license that clearly states you can't use it
unless you make nontrivial modifications.

That's also how code under non-simple-permissive licenses works. If I post
something under the AGPL, it's legally unavailable _for many purposes_. If I
post it under GPLv2-only (as I would default to for, e.g., a kernel module),
it's legally unavailable to even GPLv3-only software.

In my experience it's been pretty easy to ask the author and say "Hi, I'd like
to use your code under this license, here's my use case, can you provide it
under that license?", and a good chunk of the time they'll say "Sure." For
that question, it doesn't really matter whether the software is under any
license at all to start with.

Don't compare those of us living under the rule of international law adopted
in Berne in 1886 with people in failed states.

------
dpc_pw
Piggybacking on the thread. I am a person that would like to provide Open
Source for personal use, non-profits and other Open Source projects, but I'd
like to force commercial institutions to pay me some money or give back to
community.

What options do I have?

~~~
icebraining
As far as I know, only dual licensing under a copyleft license (usually GPL or
AGPL) and a paid proprietary license. It allows people to pay to avoid the
copyleft.

That said, it works best for some kinds of software, since unlike commonly
believed, the GPL doesn't require one to contribute back, only forward, so in
some cases people might be allowed to modify it without sharing those changes.

By the way, if you follow the dual licensing route, you need to be careful
about accepting contributions, as unless you make them sign a document saying
so, you won't have the right to issue those paid licenses for that code.

~~~
dpc_pw
Yes, the accepting contributions part is such a pain...

------
_RPM
I've had code on GH before without a license. It took a while to go through
every file and add a license header. I know I could of used sed/awk and
probably made life easier, but I didn't feel like it.

~~~
nickserv
Unless you're paranoid, you can just add a single file named "LICENSE" at the
root of your project.

------
iofj
It's an interesting thesis, to say that law has failed because people believe
so little in the law they see no reason to even make their intentions clear in
a legally common manner.

And let's face facts here : he is right.

1) a common person making open source code cannot reasonably assume he will
enjoy the protection of the legal system when others violate the licenses
(just look at GPL enforcement efforts and their lack of results)

2) the power of the law to enforce these things in the first place is very
limited. If you don't notice the abuse yourself (either because you do, or
because it's pointed out to you), the law isn't going to do so either (this is
in fact an important legal principle in western law : if no-one cares, it's
not against the law, not even if there actually is a law against it. Note that
in criminal cases the state can "care" in a legal sense, on behalf of someone
else (e.g. a murder victim), but this cannot happen in civil cases. This
becomes obvious in the case of contracts, for instance: feel free to violate
contracts ("commit fraud"), if the other signatory to the contract agrees with
your actions. I will advise you to get that agreement in writing though)

3) you can make mistakes which get you into hot water. For instance, if you
accidentally relicense, or appear to relicense, code from a large company,
that can get you in serious legal trouble.

4) in practice, such massive portions of the law are ridiculous and
unenforceable, and these portions have expanded, and expanded, and expanded
yet more over time. Effectively, following the law is not a realistic
proposition, and nobody should be under the illusion that they're following
the law, ESPECIALLY when facing the police, but also in all other cases
(remember this when the police asks you questions. The answer is always the
same : I refuse to answer except through my lawyer (and even then, take the
fifth). Why ?
[https://www.youtube.com/watch?v=6wXkI4t7nuc](https://www.youtube.com/watch?v=6wXkI4t7nuc)
)

You should always treat any situation as a negotiation. Even when there is a
clear law against what the person you're talking to is about to do.

I remember coming to a law lecture. The professor had 3 bottles of Bols (a
famously strong alcoholic drink in western Europe). Why ? Well, the case he
had started in his second year of law study against the telecom monopoly had
completed, 45 years later. He had won. For 45 years of regular legal efforts,
he got 83 euros (enough for 3 bottles of bols and some fast food). It was
extremely nice of him, but it really drove the point home for me : the law, by
itself, is merely an argument in any negotiation, and not a very strong one.

So we have established:

1) the law will not help you against others, at best it will enable you to
help yourself (for a price, not for free)

2) the law may work against you. Taking legal actions, no matter how small, is
something you don't understand (not even experienced lawyers or even judges
can understand their everyday actions in a legal sense). Adding a license is
definitely a legal action you don't understand and is not risk-free.

And I would add that this is plainly visible:

3) a LOT of people openly violate the law in pretty much all aspects of life
(as a tenant which recently changed apartments, I was yet again reminded of
this last month, getting charged with replacement costs for consumables, which
was explicitly mentioned in the contract, and in law, to be the landlord's
problem. Mentioning that got me a 50% reduction in what I got charged, and I
accepted. Realistically I would have accepted a 10% reduction in what I was
charged)

So why would you put licenses on your own code ? Don't. It's a risk without
reward. If you want to go on a crusade, then go ahead. Otherwise, just stay
away.

~~~
icebraining
I don't disagree with your assessment of the law, I just think you (and
possibly OP) are looking at issue from the wrong POV. The point of adding a
license is not to allow you to initiate legal action, it's to give others some
assurance that you _won 't_ initiate legal action against them when they use
your code.

And while adding a license might get you in trouble, so can _not_ adding one -
for example, if the code from that Big Corp is GPL-licensed.

------
avs733
with deference to venomsnake, a simpler explanation is that people are to
cheap to pay for a github subscription and instead of keeping private code
private just don't share the code. These folks aren't publishing code without
a license, they aren't even publishing code with intentionality period.

~~~
unimpressive
Other code hosting platforms such as GitLab do exist. I find it plausible that
people don't know about them, but if they're reading this comment now they do.

~~~
avs733
and now I do as well...which I appreciate

