Hacker News new | past | comments | ask | show | jobs | submit login
Court finds calling stuff open source when it's not is false advertising (opensource.org)
501 points by webmink 6 months ago | hide | past | favorite | 152 comments



> The court only confirmed what we already know – that "open source" is a term of art for software that has been licensed under a specific type of license, and whether a license is an OSI-approved license is a critically important factor in user adoption of the software.

The court confirmed no such things. The decisions expressed in these two documents regarding the use of "open source" as a description of the product in question hinge upon the fact that someone else's software was released under a new license by Defendant, who had no authority to do so.

The court did not care to define open source, except to clarify that a license used previously by the Plaintiff is an open source license, and a license used subsequently is not. The court also did not consider any license-approving practices, let alone those of the Open Source Institute, of whom I find no mention in either document used to justify OSI's claim.


Yeah, that entire paragraph is complete and total bunk. If you go the trial court's opinion regarding the "free and open source" bit:

> The parties agree that the truth or falsity of Defendants’ statements hinge on “the interpretation of Section 7 [of the Neo4j Sweden Software License], and GFI’s right to remove the Commons Clause from the Neo4j Sweden Software License.”

The court isn't deciding if ONgDB is "free and open source" according to a lay definition of the term, it's deciding if ONgDB has the right to license it in that matter, since that's what the parties are asking it to decide. In other words, if the statement is "ONgDB is a free and open source version of Neo4j", the operative words being challenged aren't so much "free and open source" as they are "version" (or more specifically, the implicit "validly licensed" phrase).


OSI has been trying really hard to claim the term for themselves in a dishonest way, even though they were not the ones that invented it. https://news.ycombinator.com/item?id=26507460


That's not really convincing. Sure the term "open" and "source" have appeared in conjunction together previously, but it was rare for it to be used as a proper noun, instead of an adjective describing a noun, and even if it was, it was OSI that populized the term.

Regardless of any historical context, in contemporary usage, "open source" has a commonly understand meaning and its what the OSI says it is. Other meanings make as much sense as pointing out that computers aren't machines, but a job title.


> "open source" has a commonly understand meaning and its what the OSI says it is

I would contest this, based on the many discussions there have been on HN about this, as well as many people (including many "normal" software developers who are not deeply invested in open source) I've met and talked to over the years having only a vague notion of what "open source" is exactly (often being something along the lines of "you have access to the source code").

I'd be willing to bet a substantial amount of money that if you were to ask 1,000 random software developers about Open Source, the OSI, and the OSD over half of them won't be able to give you a coherent answer on what these things are exactly.

This is the crux of the issue, really. Who did or did not invent the term isn't necessarily all that important: the thing is that in common understanding it doesn't really have the clear specific meaning in the minds of most, whereas for others – I would argue a minority – it has a very clear and very specific meaning, which inevitably leads to friction.

I guess the point of "Open Source was used before the OSI came along" is to demonstrate that it's a term that has a kind-of "obvious" meaning, and has been coined independently of the OSI's coining more than once. People don't hear "Open Source" and then consult a precise definition, they hear "Open Source" and assume it means what it says on the tin. The same applies to "Free Software", a term with 15 years more effort to explain what it means exactly, with even more limited success.

It seems to me that attempting to educate a landmass about a term with an "obvious meaning" is a futile effort; there have been many language pedantics over the years, and I don't know of a single attempt that has worked out. You're welcome to try as far as I'm concerned, but it seems to me that there are many more fruitful ways to spend time and effort.


> I'd be willing to bet a substantial amount of money that if you were to ask 1,000 random software developers about Open Source, the OSI, and the OSD over half of them won't be able to give you a coherent answer on what these things are exactly.

How about if you pick 1000 random devs involved in licensing? I don't see that it matters what a random dev knows, so long as the group using the term knows and has a consistent definition.

To put another way, how many people actually know the precise definition of the term "organic" (as used in grocery stores)? Probably not that many, at best they have a vauge notion, and the term has much wider used historical definition than open spurce does. I would still say its morally wrong for a company to use an alternative "definition" to attract customers to their product. It would be false advertising in exactly the same way misusing open source would be, regardless of what their customer base knows about the details.


Then you run into obvious and predictable problems at the interface between "devs involved in licensing" and "devs".


I think it's first important to define what we're talking about, before talking about it. If a certain set of people have 'a very clear and very specific meaning' of what it is, and another set 'doesn't really have the clear specific meaning', then I think it's pretty obvious which definition we should go with.


It's not obvious at all. There are many people who have all sorts of very specific ideas about language and how it ought to be used. They are usually ignored by everyone except themselves and people who agree with them already.

I don't get why so many people are so obsessed with language. Over the last few decades terabytes of data has been used to discus this, and to what effect? I would actually argue it's been a net-negative since it has put many people off, and has been a distraction from far more pressing matters.


If you're talking hacker vs cracker, linux vs GNU/linux, then sure, its mostly a waste of air.

As far as "open source" goes, its in essence a brand of a cultural movement. And like real brands, some unscrupulous people want to enrich themselves off the brand by making a substandard product but pretending its the real thing. This is harmful to users who are swindled and it is harmful to open source devs whose reputation are stained by association. (To make the metaphor concrete, an example of a swindle would be someone makes open source software which isnt really, then sues all its users that use it in an open source fashion. This hurts the users, but also hurts people who make open source software because people cant trust the brand anymore)


"And like real brands, some unscrupulous people want to enrich themselves off the brand by making a substandard product but pretending its the real thing"

I am unsure if you mean the OSI people or the people who disagree with the OSI definition here.


People are obsessed about it because on one side you have a bunch of people trying to redefine it to mean whatever set of obligations they feel like e.g. 'You open sourced it so now you're responsible for it' etc. etc. and on the other side you have people trying to hold the line and say 'No, that's not what open source means'.

You're basically arguing to turn 'OSS' into a meaningless blob of text that anyone can interpret as they like.


The OSI definition of open source matches what almost everyone thinks of open source. It's the most useful definition. The Stallman gang have wasted over a decade trying to redefine open source to weaker terms making it useless and insisting that everyone use "Free software" instead which is insane since the world does and always will think of free as in money.


We all may have different opinions about Stallman, but one - I believe - undeniable thing is that he's an extreme purist/idealist, and he would ceaselessly fight for any cause he believes in. Even for a totally lost one. And here, "open source" is practical, but "free/libre software" captures the essence (which "open source" misses).


Open source as defined by the OSI which is what most people agree with, is exactly identical to what RMS calls free software. RMS wants open source to mean what most people call "source available".

We have the terms source available and open source which are well understood and has no ambiguity but RMS and the FSF want to push their free software term and have to change open source so their term isn't obsolete.

It's nothing to do with being a purist or ideal. Because the wider understanding is exactly as pure and ideal. They just aren't the words RMS wants us to use for those meanings. He is obsessive but not for any real gain.


It has to do with the English meaning of words both generally and for software in particular. Free, as in freedom, is a much stronger word than open. This distinction is longstanding in the business. See for example the Open Group[1]. Those of us who can remember the past are well aware that the OSI specifically tried to co-opt the free software movement for commercial gain and specifically used the weasel term open to appeal to the suits without any of that pesky user freedom.

[1] https://en.m.wikipedia.org/wiki/The_Open_Group


> RMS wants open source to mean what most people call "source available".

This is not true.

https://www.gnu.org/philosophy/open-source-misses-the-point....

> by Richard Stallman

> The terms “free software” and “open source” stand for almost the same range of programs.

The article goes into some cases where RMS considers OSS to cover things that are not free software but these are about small details and certainly don't include anything close to "source available".


> The Stallman gang have wasted over a decade trying to redefine open source to weaker terms

No they haven't. The disagreement over free software vs. open source is about the idea behind it not about what rights are granted by open source or free software licenses.


This is the key phrase from the Appeals court decision:

https://storage.courtlistener.com/recap/gov.uscourts.cand.33...

> Defendants' representation that ONgDB is a "free and open source" version of Neo4j® EE was literally false, because Section 7 of the Sweden Software License only permits a downstream license to remove "further restrictions" added by an upstream license to the original work.

It makes sense to me that if the court believes the defendants had no license to use the code at all, then describing it as any "licensed" version would be improper, whether their product was released under a "free and open source" license or even some other kind of license.

I don't fully understand the second part of the sentence about removing the restriction, but I think the court is just explaining why the defendants have no license.

> The court did not care to define open source, except to clarify that a license used previously by the Plaintiff is an open source license, and a license used subsequently is not.

In the Appeals Court decision I didn't see anything affirming that the Plaintiff's license (the text of which is AGPL + Commons Clause) was "open source". EDIT: There's more in the trial court decision.


I understand how it can be misread though. In the documents it does seem like the court is taking a stance, but in fact it's punting on that because the two parties agree.

Because both parties agree that AGPL + Common Clause can't be classified as "free and open" the court can decide if ONgDB is "free and open" by determining if it's licensed under AGPL + Common Clause. The court doesn't have to have an opinion on what "free and open" means, because the involved parties are already in agreement.


It’s an OSI relevance puff piece. They want to make sure they own the term.


I think the salient point of the article is this:

> However, the court held that it was improper for the defendants to remove the Commons Clause, and therefore the defendants’ claims in advertising that its ONgDB software was open source was false advertising.

> Even though the AGPL has a clause specifically allowing downstream recipients to remove "further restrictions" like the Commons Clause, the court stopped the defendant from doing just that.

The decision of the trial court reads:

> Section 7 of the Sweden Software License only permits a downstream licensee to remove "further restrictions" added by an upstream licensee to the original work.

"Sweden Software License" here refers to the AGPL+Commons Clause.

Archive link: https://web.archive.org/web/20220317154012/https://opensourc...

AGPL: https://www.gnu.org/licenses/agpl-3.0.en.html


This is the part of the decision I don't understand. The AGPL seems pretty clear:

> All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term.


The longer order with the facts[1] has more details about this point than the shorter decision.[2] They explain their rationale on pages 24-25.

It seems that this question was already decided by the court in an earlier case, Neo4j, Inc. v. Graph Found., Inc 2020.[3] They decided that only restrictions added by downstream licensees could be removed in this way. The original licensor can impose additional restrictions, and those cannot be removed, because it would be "contrary to the principles of contract and copyright law" to allow such a thing.

1. https://storage.courtlistener.com/recap/gov.uscourts.cand.33...

2. https://storage.courtlistener.com/recap/gov.uscourts.cand.33...

3. https://casetext.com/case/ne04j-inc-v-graph-found-inc/


As far as I understand it was never legally AGPL licensed, it was licensed on a custom license that just happened to merge AGPL and commons clause. The commons clause in this case is not an addition to existing AGPL licensed code.


I don't think this argument holds, because Section 7 refers to "this License", which the AGPL text defines specifically as:

> "This License" refers to version 3 of the GNU Affero General Public License.

Thus I don't think that references to "this License" within the portion of their custom license that is the verbatim AGPL text would automatically expand to also encompass the tacked-on Commons Clause text.


Okay, if I read the court document correctly Section 7 explicitly refers to Section 10 to limit its scope and section 10 is explicitly about things a licensee (You) isn't allowed to do. So it cannot be applied to terms added by the licensor.


IANAL, but it seems to me that the court has only decided that if you fork software, and break it's license by removing clauses that aren't permitted to be removed (think removing one of the 3 clauses in a 3-clause BSD license), then you're distributing the software under a license that is a lie, and thus invalid, and thus not "open-source".

Could this be used as precedent if you release software and claim that it's open-source, but don't provide full source or even any source at all? Probably not IMHO.


Yes, this is what I think is going on here. It's a bit more complicated though.

In the case of AGPL, you have an original open source release A that is forked to create B, and restrictions are added to the license of B. The original license of A permits those restrictions to be removed by someone who forks B into C. C is under no obligation to abide by those additional restrictions added by B.

But for that rule to apply in this case, the original code must have been licensed without such restrictions. If the original code, as in the case of Neo4j EE, was licensed under AGPL+Commons Clause, then that combination IS the original license. Downstream forks cannot remove that Commons Clause restriction and claim that the fork is "Free," because the original license is still in force, restrictions and all.


> Could this be used as precedent if you release software and claim that it's open-source, but don't provide full source or even any source at all? Probably not IMHO.

That would be unfortunate, because there are companies that claim their products are "open source" even though they clearly aren't. For example pritunl markets their product as open source on their website, but while the source code is available on github, it is licensed with a proprietary license that doesn't let you do basically anything with that source code.


Yea there are many many companies that do this. Maybe we need a "hall of shame" to call them out. Maybe we can give out "Biggest Open Source Liar" awards.


I don't like that OSI seems to somehow come away with this (at least as framed here) with control of the term. I agree just calling whatever nonsense open-source is problematic, but I don't agree it has to be one of their licenses to be open source at all.


Yes and no. On the one hand, I agree that OSI seems like a fairly arbitrary entity and in the abstract I would agree that they shouldn't control it. On the other hand, 99 times out of 100 if someone is making that argument with reference to a specific license, it means they're trying to claim their software is open source when it isn't and just want to pretend that they can redefine the term themselves. So I tend to ignore my theoretical dislike and practically accept the OSI definition of OSS.


I haven't read the trial court ruling, but the appeals court ruling doesn't support OSI controlling the term. Rather, since both the plaintiff and the defendant agreed that AGPL + Common Cause was not a free or open source license, the court simply accepted that, and didn't have to weigh in on the matter themselves.

Edit: After reading the applicable sections of the trial court ruling, it is no different - the court simply accepted the plantiff and defendant's shared use of the term. It didn't reference OCI or FSF or any other authority.


I don't see it that way. It's the standard usage of the term in 2022. If you sell someone a red car but deliver a black car, you can't claim to have your own definition of red. I think it's important that this involves participants that are familiar with the industry. You might have a stronger argument if it were non-technical executives in the paper industry.


That part seemed like their own spin on the decision, to me. I agree with you: they shouldn’t control the term.


They determined the guidelines of what constitutes being Open Source.

Absolutely they should control the term. Just look at all of the companies out there with "source-available" licenses masquerading as Open Source. Neo4j themselves here uses "Open Source" in all of their marketing materials and should be just as guilty as this fork of false advertising.


1. “Open source” as a term predates the OSI

2. There are organizations other than OSI which have their own opinions on what they consider a “valid” open source license.

3. Some licenses are functionally open source but not approved by OSI because of their limited use. Furthermore, public domain works aren’t licensed at all.

4. OSI has no trademark on “open source”.

OSI’s opinion is only as good as other people agree with it.


> There are organizations other than OSI which have their own opinions on what they consider a “valid” open source license.

What other organizations have credible claims?

I’ve only heard of companies that have created non-open licenses and are trying to redefine the term (eg, open core, etc)


The organizations that you think are credible, are credible. The term is not legally protected.

Personally, when Subway calls their sandwiches "good", I think they are actually making non-good sandwiches, and they're trying to redefine the term.

Both "good" and "open source" are descriptive terms that are subjective. The OSI recognizes this themselves:

> "Open Source" is not and cannot become a trademark.

> there is virtually no chance that the U.S. Patent and Trademark Office would register the mark "open source"; the mark is too descriptive

https://opensource.org/pressreleases/certified-open-source.p...


> The organizations that you think are credible, are credible. The term is not legally protected.

Credible to me, but I don’t get to decide what’s credible. We live in a society, etc etc. that’s why I asked.

Subway can’t call the cold cut combo sandwich a fried chicken sandwich even though I think they are a credible organization. They would be wrong. If there’s some other org that is credible and is credible using open source, I’d like to know.

Just like Subway would not be credible if they claimed their non-organic sandwich was organic.

The examples I’m familiar with are companies trying to benefit from open source as a positive marketing term and I don’t think are credible.


The reasons people can’t sell a product with a blatantly wrong label is because it is fraudulent. However, when words gain widespread use to mean something else, then people can certainly use them that way.

OSI might vehemently argue against people using “open source” to describe source available works, but… people do it. Someone does it in every comment section discussing this topic. People post their source code on GitHub without a license and call it open source. For several decades before the OSI was founded, the phrase “open source intelligence” was used to describe works that were public available, not those that were licensed in any particular way. It is, factually, not uncommon for people to use it differently than the OSI prescribes.

The fact that people have a disagreement on the use of the term is exactly why people have leeway in the use of the term.

To use food as an example, there are a ton of foods that are culinarily labeled “incorrectly”. The reason why they are legal to sell is because people used the words that way.

If you want to use “fried” as an example: consider refried beans. They are often not even fried once!

https://wearenotfoodies.com/culinary-misnomers-or-danish-pas...

“Organic” is a different story, it’s regulated in many places.


Hard disagreement from me. The courts get to decide, not some random organization that clearly has an interest in promoting themselves.


OSI is not random and, while not perfect, are a pretty good steward of the concept. They’re a non-profit with a clear goal and broad membership.

Not sure who else would be better.


OSI doesn't need to control what licenses qualify as "open source" for neo4j to be sued for false advertising.


I disagree with some of their requirements for open source licenses, and will continue to call the code that I have open sourced over the years as "open source" despite them.

Their attempt to occupy the term is a little offensive.

Correction: They came up with the name, so it's theirs. I'll leave my public embarrassment here.


They occupy the term because they literally coined it, if you know your history.[1]

OS came to us from the OSD, written by the OSI and after hot debate in the early days of what should and shouldn't be Free Software. It was specifically a reaction to the FSF and a rejection of that group's activism, which didn't fit what they were trying to do.

[1]: https://en.wikipedia.org/wiki/Open-source_software (specifically the first section starting with End of the 90s)


FWIW, while I agree with the general sentiment of your post, I understand that there is some debate about whether or not OSI - strictly speaking - coined the term "Open Source" or not. That is, I've seen reference to citations of people showing use of the phrase "open source" that predate OSI by a decade or more. I never dug deeply into the issue because I don't consider it terribly important. I consider the OSD to be the effective, de facto (but not de jure) definition of Open Source regardless of this particular minor quibble.

Still, it could matter it it ever came down to legal proceedings. But in everyday, colloquial terms, I think the OSD just "is" the definition of Open Source.

Edit: Yeah, see @CogitoCogito's post for more on the "Open Source predates OSI" argument. The counter-argument, I suppose, is that they didn't "coin" the phrase in the strictest sense, but were possibly the first to rigorously define it and give it meaning within a specific context. Whether or not one accepts that argument, or a similar argument, is obviously open to debate.


Except they didn't create the MIT license, or BSD, or Apache, or any of the software that built the movement. It's an advocacy group that tries very hard to insert itself into the conversation, and coining a term doesn't give them stewardship or ownership.

I don't imagine the F/OSS ecosystem would be much different today had the OSD/OSI never come to be, unlike say the Apache Foundation or GNU projects.



When I see a bunch of disconnected posts, and not a percentage or some kind of number, I automatically assume those are all the examples the author could find. If you trawled through the entirety of usenet you could probably also find someone who capitalized the word Windows before Microsoft ever got hold of it. I disagree with Richard Stallman and the FSF about a lot of things, but I would never oppose their right to declare what is and isn't 'free software' (within the hacker community, anyway), regardless of how many people put the word 'free' before the word 'software' before he started talking about it.


From the perspective of popularizing and bringing it into mainstream usage, they surely did.

Digging further is for extreme nitpickers.

Gutenberg didn't "invent" the printing press either. Movable type dates back to 11th century China if you really want accurate attribution. Except for the purposes of the history of the modern world, Gutenberg's invention is most relevant/accurate.

My internet usage started on university systems back in the 80s, along with BBS and usenet and I had never heard the term Open Source even once until 1998.


So they popularized (or maybe co-opted?) the term then. They didn't coin it. How is this nitpicking? Saying they coined the term is clearly false.


Because as far as they know they did. It came up in meetings they had saying "what should we call this?" per your own link!

https://en.wikipedia.org/wiki/Multiple_discovery


I'm not really sure what your point is anymore. If you agree that they were not the first ones to use the term, then we are on the same page. If you agree that open source was used as a term before the OSI came along and decided the define the term in a specific way, then we are in agreement.


Not really in the context of software though it wasn't. Save for that one caldera announcement.

General awareness of the term and its meaning starts with the OSI.


You are correct. I will retract my statement.


The don't own the words "open" or "source code".

They did not come up with the use of the word "open" in regard to computer software or standards. Any native or fluent English speaker could easily do that.

The term "open standard" was used in the 1980's. In the area of Unix, specifically, there existed The Open Group for Unix Systems (later called X/Open Company) and The Open Software Foundation. These two merged in 1996 to form The Open Group.

In the 1980's AT&T and Sun Microsystems collaborated on creating a standard GUI, and called it Open Look.

All these people were corporate cronies trying to create a monopolistic software ecosystem that they control; they used the word "open" insincerely: the obvious ingredient that was lacking was access to source code by anyone who isn't one of the oligarchs.

In that environment it was very easy for any random developer or user to come up with a lament along the lines "these Open This and Open That people have open standards and open systems and even software with the word Open in the name; the only ingredient missing is, oops, the actual open source code".


This is a fun little bit of history! As an aside, I was once employed as a systems administrator in the “Open Systems” group at my employer, in roughly 1999. In reality, I worked exclusively on SunOS/Solaris.


In practice I don't think it's just OSI which gets to decide this.

Debian and Red Hat have their own teams determining whether something is Open Source enough to allow into their distributions, and obviously the Free Software Foundation keeps their own list of licenses which they consider Free Software.

If these groups of people disagree on whether a particular license is Free/Open Source software, it's not going to be considered an Open Source license by everyone.


The only relationship between Free and Open Source Software is that the bulk of Open Source Software can be relicensed into Free Software (as long as the OSS license stipulations on e.g. including a copy of the license or acknowledging authorship are followed.) The FSF will never claim any interest in deciding what Open Source Software is.


They have every right to dictate the meaning of the term. https://en.wikipedia.org/wiki/Open-source_software Read the first section.


> They have every right to dictate the meaning of the term.

I mean this is just factually not true. They have no such right. They tried to trademark it, but failed because it's just a generic term.


They should have one, but they don't, so it allows parasitic companies to trade on the goodwill that the OSI built up. If you don't think that people who sell carbon-based foods should always be able to sell them as organic, or that any coffee buyer who thinks that they do business fairly should be able to label their product as Fair Trade, you shouldn't think companies that are open about their source code should be able to label themselves Open Source.

I'm going to label my company Open Source because we're open about how we source the laptops we programmed the software on. They're MacBook Pros, and you're welcome.


They have the right to promote the term, under freedom of speech legislation.

That's about it.


I recently started listening to an InfoSec podcast and there's an interesting conflict of terms going on in terms of journalist/hacker/analyst/researcher use of the term "open source". It seems like "Open Source" can be an answer to the question "What's your source on that information?" And "open source" means it's freely available public information vs say a private interview or information acquired with a warrant or wiretap or freedom of information request. Based on that use case and how careful journalists need to be about sources, I suspect journalists etc were using the term first. And I suspect Perens encountered it in that domain first and applied it to software. But I honestly have no idea.

Open Source is a pretty dumb term. Free Software is also a dumb term for other reasons. It's a pity.


This article doesn't really explain what happened, and the details it does give contradict each other. Here it is as I understand it:

- the plaintiff's software was under the AGPL+Commons, which makes it non-open-source

- the defendants copied the software, re-releasing it under bare AGPL, under the clause that says you can remove upstream restrictions

- that clause is actually about licensees, and the plaintiff isn't a licensee, they're a copyright holder. So the defendants had no right to remove it and their version can only be, and therefore is, subject to the Commons Clause too

- their declaration of being open source would have been valid if they had the right to license the work as they did, but they didn't, so it's not open-source

I assume that the plaintiff couldn't figure out a way to make a copyright license violation accusation stick, so they went after them for false advertising instead, and the judge judged it with the intensity of a copyright license violation because he knew the score too. This seems like a bizarre train for the OSI to leap on because it doesn't further anything about open-source and only furthers the interests of people who aren't.


> that clause actually says upstream licensee

The AGPL does not use that wording, but the court chose to interpret it that way because the alternative interpretation that a licence could restrict how the original licensor can convey their work was deemed to incompatible with the principles of contract and copyright law.


The 'you' in section 10 refers to the licensee, and section 7 is specifically about further restrictions as defined in section 10. It doesn't help that the AGPL didn't capitalize that phrase, but as the document defines it, conditions added by the copyright holder as opposed to licensees don't count as 'further restrictions'.


So on the Neo4j website they have a community edition that is GPLv3 license with a link to gnu.org, not their own gpl + some stuff version. However on their pricing page they list a number of size and performance limitations to the community edition.

How does that work? It would seem like false advertising to claim I have to upgrade to remove their arbitrary limitations. I don't see how they legally enforce those limitations since they are licensing under a vanilla GPL v3.


When licensing something open-source; there should be proof that, within reasonable allowance, that the source should be viewable, downloadable, and modifiable by any customer or person who is aware of the software.

I don't get how so many companies say they are "open source" but there's not a single line of uncompiled code available even on request.


Nothing to see here, move along.

The only thing it really addresses about the licensing, is that the license permits downstream users to remove additional terms added by upstream licensees. So original licensing of the licensor (adding the Commons Clause) is not allowed to be removed by a licensee as it doesn't fit the definition of an additional term.


Who is getting sued here? The post mentions Neo4j in the initial paragraph, but then it shifts to talking about someone who tried to promote their fork as open source.

Shouldn't Neo4j be sued as well for falsely claiming to be open source then?


This is related to a long ongoing court battle between Neo4j and Graph Found (ONgDB). Basically the latter forked the former but removed some clauses from the license they weren't supposed to remove, and this tangential ruling is basically stating that they can't call it open source in their advertising because of that. Related reading: https://casetext.com/case/neo4j-inc-v-graph-found-inc


I understand it a bit differently. They could not remove the clause (as they do not dictate the license), so the clause stays. The software is thus licensed the same way as the original repo and neither can be called open source.

Whoever sued these folks for false advertising should sue Neo4j as well.


But isn't Neo4j suing Graph Found? Why would Neo4j sue themselves?


I suppose it should be a regulator representing the public then.


Please extend to food advertising. Especially fast food advertising.

How can it be legal to advertise a food products and the delivered results are nothing like what was advertised. Imagine a car sales person doing the same thing.


I wish that OSI would stop acting like the courts have ruled that "open source" means what OSI says it means. They have not.


I wonder if could lead to Apple getting in trouble for claiming that WebKit is "open-source" despite ignoring the requirement that programs (e.g., Safari) that include LGPL libraries permit them to be re-linked (which is something that Apple has implicitly disallowed ever since their platforms required code signing).


Does anyone recommend some documentations to know all the licences vs open source?

I'm thinking of launching one of our project in open source but don't want to end up in this kind or articles ^^


Neither is super up to date, but these should cover the important stuff:

- Understanding Open Source and Free Software Licensing[1]

- Open Source Licensing[2]

And then Producing OSS[3] also contains a (very) brief section on choosing a license. It's worth reading though, for other reasons.

[1]: https://people.debian.org/~dktrkranz/legal/Understanding%20O...

[2]: https://www.rosenlaw.com/oslbook.htm

[3]: https://producingoss.com/en/producingoss-letter.pdf


https://opensource.org/licenses/category is the list of all Open Source licenses vetted by the OSI (open source initiative).

Other licenses may be open source, but you'd probably have to get lawyers involved to make sure. So it's better to just pick a license which the OSI considers Open Source.

If you don't want to rely on just the OSI, you can also check what the Free Software Foundation, Debian and Red Hat think of the license you've picked.


Moreover, picking an existing popular open source license is important because a and b being opensource licenses does not mean that they are compatible, i.e. they could still have mutually-incompatible requirements that prevent anyone from releasing a combination of a-licensed and b-licensed code.


You could look at the OSI here for open source definitions. https://opensource.org/licenses/category

A number of Affero GPL type license have started to emerge and the community source. We started working on our own version here to allow us to still monetize or share restricted versions with fewer legal concerns: https://github.com/buildlyio/communitysource


For people in your position, I like Van Lindberg's book, Intellectual Property and Open Source: A Practical Guide to Protecting Code.

https://www.oreilly.com/library/view/intellectual-property-a...

It will help you understand the relevant parts of the law (copyright, patent, trademark) as well as helping to differentiate between various types of Open Source licenses.



Take a look at the popular licenses from the OSI: https://opensource.org/licenses


so now open source is the licensing on not whether the source code is freely visible?

"this unlicensed project is closed source, source code is free to browse >here<"


What? Open source was always about the license, and has never included "shared source" / "source available".


Yes, this is what it has basically always meant to basically everyone who uses it. https://opensource.org/osd


How is it closed source if the source is openly available to view?


If it's not possible for people to (legally) use that source, or to modify or redistribute it, then it's not open source, it's just shared source / source available (https://en.wikipedia.org/wiki/Source-available_software).


If it's unlicensed (in the quote) and source is available, then what restrictions are there?


you have to explicitly permit use of your intellectual property. Publishing work and not providing that license means you retain all copyright, and if anyone uses your IP, they are breaking the law. you must specifically grant them permission, otherwise they open themselves up to a lawsuit at a later date, because they have no permission to use the code.

I do however strongly disagree that "code without a license is not open source". publicly visible source code is extremely useful for research and education purposes, and I have in fact published code that is "free to view, research and experiment with" but contains no license and specifically states that you are not allowed to use the code. I still consider that code open source, but it is of course not "free" (as in speech) software. Please do not conflate the two.


You have to assert that you have copyright on the work. Which seems to be missing from that quote.


You have no license to use it. Any use would be infringing.


Not if copyright is not claimed.


Copyright is automatic.


True, I mean if you dedicate it or decide not to defend it.


It's really splitting hairs to say that dedicating it isn't a license. Especially because you need a fallback license in many countries.

Deciding not to defend it means it's still copyright infringement to use the unlicensed code, and they could change their mind at any time.


True. I guess this entire comment thread isn't germane to the post topic given the root comment is a hypothetical that isn't actually related to court decision.


There's plenty of closed source software where you can view the source. Open source just means the ability to modify, use and potentially redistribute according to the terms of the license.


But the quote also says it's unlicensed.


If there's no license, then all rights are implicitly reserved by whoever owns the copyright, probably the author, unless it was explicitly placed in the public domain.

"distributed unlicensed software (not in the public domain) is fully copyright protected, and therefore legally unusable... Examples of this are unauthorized software leaks or software projects which are placed on public software repositories like GitHub without a specified license" https://en.wikipedia.org/wiki/Software_license#Software_lice...


My bad, I took it to mean fully copyleft or dedicated.


Unlicensed is the same as closed source. It's only open source if explicitly stated.


I think you got the point.


that was my point. "open source" is a loaded term.


This is really interesting. Specifically this quote "it’s false advertising to claim that software is “open source” when it’s not licensed under an open source license". Also, is opensource.org and the OSI the only organization that can define it and if so should they be? To me this is more about false advertising and changing a license. Another reason to look at a tool like debricked for license management.


The OSI founders are (some of) the inventors of the term Open Source. It'd be like telling Ken Thompson he's wrong about what constitutes Unix Philosophy. Or, for that matter, the Free Software Foundation that they're wrong about what constitutes Free Software.


> It'd be like telling Ken Thompson he's wrong about what constitutes Unix Philosophy.

If his definition has shifted, it might be entirely correct to say he's wrong.

You can also accept his general definition but validly disagree with how exactly to apply it.

Inventing a term gives you a lot of authority but not total control over what it means.


Maybe the original founders yes, but the board and the decisions they make on how it's governed now is not the same group. That's like saying the original authors of the constitution never meant for it to be a living and evolving document. I don't think they ever intended it to be the one and only definition of the term and licenses.


Think of this in terms of a brand defending their trademark to avoid losing it through dilution. It's Open Source, a term they created, not a generic concept "open source." I don't like them owning a term that feels like it should be generic and communally defined, but it's not, and they do.


Do they even claim to own the term?

They are the Open Source Initiative, stewards of the Open Source Definition.

The closest I see is a rule then when you're using the OSI trademark or logo you need to follow their definition of "Open Source".


They don't claim to own it, because they legally do not have a right to it. They tried to register it and failed.



It seems like they’re going to cover the question I have in a “next post”:

Had they not claimed they were “100% free and open source”, surely they’d have been able to change the license as they saw fit? Yes?


OpenAI.


What court? Site wont load


The US Court of Appeals for the Ninth Circuit.


Ninth Circuit is western part of the country, including California and Washington, for computer related things.


Great! That has weight!


Supabase should hear this


Reminds me of OpenAI


A bunch of people here are conflating the concepts of "free software" and "open source". these are not the same. "Free" (as in speech, or beer) software is governed by the license it is published under. Open source simply refers to the fact that the source code is publicly available.

Open source is a prerequisite for truly free (as in speech) software, but the opposite is not.


> Open source simply refers to the fact that the source code is publicly available.

That's "source available". "Open Source" is widely understood to mean a bunch more, captured in the "Open Source Definition": https://opensource.org/osd


No court has as yet ruled that the OSI definition of "open source" is the legal definition of the term. The ruling here does not either. If it had limited its ruling to the term "open source," then this would indeed begin to codify what "open source" means from a legal standpoint.

However, the courts ruled upon the composite term "open source and free". Under the OSI definition, open source implies free. But no court has yet so ruled.


I said "widely understood", which is true irrespective of whether a court has ruled on it. There's a huge ecosystem which is underpinned by the OSD.

There are also a handful of orgs (most prominently a few VC-funded companies) who want to freeload on the goodwill of "Open Source" to market their proprietary software. And there are some Free Software advocates who dislike the very term "Open Source". (Not that "Free Software" has court-endorsed clarity either.)


It may be "widely understood" but one could just as well argue that open source is "widely misunderstood." What matters is how the courts understand the term, and that, unfortunately, has not been resolved.


"Open source" is not a legal trademark of OSI. The idea that "open source" means what OSI says it means is purely an opinion.


Yeah, but if you try to bullshit a proprietary license as "open source" you're going to catch hell from a whole lot of people. It's not just the OSI that has a stake in the OSD.

A few companies have tried it and backed off.


Yes, you will get criticism, depending on the circumstances. If it's proprietary, sure, if it's public domain, probably not.


If it's public domain then it is open source as per the OSI definition.


Replace "public domain" with "CC0" and it's a fair point. OSI hasn't approved CC0, and it's worth questioning how important OSI's whitelist is, or whether they should be the ones curating it.

But everybody kinda knows that CC0 is more or less in the spirit of the OSD (so long as there are no patents involved) and OSI doesn't go around hollering about it, because it's not that important.

As opposed to the Commons Clause, and other historical attempts to undermine "open source" as being nothing more than "source available" — those are battles worth fighting. The OSD is more important than OSI. If OSI were ever to change the OSD in a substantive way, there would be a huge revolt against them.


> Replace "public domain" with "CC0" and it's a fair point. OSI hasn't approved CC0

From https://opensource.org/faq#cc-zero

> CC0 was not explicitly rejected, but the License Review Committee was unable to reach consensus that it should be approved, and Creative Commons eventually withdrew the application. The most serious of the concerns raised had to do with the effects of clause 4(a), which reads: "No ... patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.". While many open source licenses simply do not mention patents, it is exceedingly rare for open source licenses to explicitly disclaim any conveyance of patent rights, and the Committee felt that approving such a license would set a dangerous precedent, and possibly even weaken patent infringement defenses available to users of software released under CC0.

So it's more that there are concerns and nobody has cared enough to fully resolve them to arrive at a clear answer. It's also not like the CC licenses are commonly used for software so this is not surprising.


That is not OSIs position.

For example: https://opensource.org/node/878


The argument there is:

> it’s impossible to make a globally applicable statement that a certain piece of software is in the public domain

Not that something truly in the public domain is not open source.


The court decision directly declares this false. The fact that AGPL+Commons makes code source-available (the source code is publicly available) but not open-source (https://opensource.org/osd) is the false advertising claim in question. If you were to design a source-available nonfree product, and call it 'open source', this court would find you guilty of false advertising. Not that this should come as a surprise, as the OSI definition has every right to be authoritative, given that the people who started the OSI literally invented the term.


No, that's not what the decision says. OSI is guilty of making claims that the court did not make, and they are adding needless confusion to the legal definitions of the terms "Open Source" and "Free". No court has ever ruled on a definitive meaning of "open source" that matches OSI's definition of the term.

OSI is claiming that the term "open source" is what is false advertising. But both the trial and appellate courts are specifically calling out the phrase "open source and free" as false advertising. Neo4j EE and ONgDB may be "open source," but they are definitely not "free."

If the defendants had only claimed that ONgDB was "open source" they might not have had any issues. But because they removed the Commons Clause and also declared it "free," they are in violation of the original license of Neo4J EE, a license which is still in force, and a license which is not "free."


Sure they're free. I can get them for $0.

If that statement is wrong, then 'open source just means source-available' is also wrong, for the same reasons. People who release OSI 'open source' software call it open source, people like GitHub who talk about licenses use OSI's definition, and people who release closed-source-available software clarify that it's not 'open source', using those words. The only people who treat 'open source' as meaning 'source available' are people who say 'free software' and want you to too.

And when you say 'free and open-source', the 'free' in that phrase does mean $0 - you wouldn't need 'open-source' if free meant FSF 'free' and open-source meant source-available, because FSF 'free' software requires source availability, so 'and open source' would be redundant.

Therefore you can either interpret FOSS as meaning $0 and source-available, or $0 and OSI 'open source'. The former would not have been false advertising, as it is in fact $0 and source-available. Therefore the interpretation the court is going with almost certainly involves OSI 'open source'.


The "Free" in "FOSS" has never meant $0. That's a possible and common consequence of "free," but not its definition. In fact, "free" does not necessarily imply $0. I can take an MIT licensed codebase, compile it, and sell it, and break no license. I am "free" to sell this code and products derived therefrom. I am also "free" to give it away.

But what I cannot do is take a piece of software that is not "free" and advertise that it is free.

That's what's going on here.


The point of the post you're replying to is that you cannot simultaneously act like 'free software' has one canonical definition which the software definitely violates, while 'open source software' is the nebulous one which doesn't necessarily mean anything more than its availability in source form. If 'open source' doesn't have to mean what everyone who actually uses it means by it, then neither does 'free software'; if 'open source' can just mean source-available then 'free software' can just mean software for $0; if advertising your software as 'free' is false advertising if you're explicitly violating the FSF's definition, then advertising your software as 'open source' is false advertising if you're explicitly violating the OSI's definition.


Look at that, there's one other person in this post that knows what's really going on.


"If you were to design a source-available nonfree product, and call it 'open source', this court would find you guilty of false advertising."

It's not really about any of that. If you read the court opinion, it's basically copyright protection infringement on the basis that someone copied a product and changed the licensing in violation of the original license. The false advertising claim is on the basis that the duplicate software is free and open source, because it can't be free and open source if the original license forbade that.


The original license is AGPL with an added non-commercial clause. To say 'the original license forbade that', where 'that' is being FOSS, is to either agree with me, or to claim that the court is instead offering opinion on what constitutes 'free', which is five times as loaded as 'open source'.


This is a false dichotomy. I don't have to agree with you as the elements of your example are substantially different from the case, leaving other possible outcomes. This ruling does not create precedent on the definition of open source. The court is addressing the violations of the terms of the license and the misrepresentation of being a drop in replacement.

Can you quote the ruling where it defines open source, or Open Source? There are several definitions in the dictionary and OSI is only one of them. There is still debate in many communities about whether open source and a noncommercial clause are compatible or not. That's not something the court needs to look at in this case.


They specifically cite the misrepresentation of the software as 'free and open source', they specifically say it's literally false as opposed to simply misleading, and they specifically say it's because they couldn't remove the Commons Clause. That means they are, in fact, judging whether the definition of free and open source includes the Commons Clause, and specifically judging that it doesn't. Either that means they're judging 'open source', or they're judging 'free', or 'free and open source' is its own third term that doesn't quite mean either.


As a free and open source replacement. The sentence include replacement.


Yes, that has zero bearing on what I said.


freeware != free software ~= open source != source available


Not sure why the downvotes; the above is true.




Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: