Hacker News new | past | comments | ask | show | jobs | submit login
[Fedora-legal-list] Change in classification of CC0 (lwn.net)
147 points by em-bee on July 25, 2022 | hide | past | favorite | 122 comments

The stated reason seems self-refuting within its own text. The quoted section of CC0 doesn't "preclude any form of patent licensing or patent forbearance". It just makes clear that CC0 is silent on those issues, allowing other documents/tradtions to govern.

If instead the real reason is Fedora wants all licenses to include explicit "patent licensing or patent forbearance", that's different than the rationale excerpted by LWN here.

There's a theory/hope that putting out open-source code using a license that's silent as to patents acts as an implicit waiver: that a court would say, "you knew when you put this out there what open-source was, that people would use your code and therefore perform the patent; you acted like you were giving them permission to do so and they have justifiably relied on that, so you're barred from turning around and going after them on patent claims." As far as I know, this is totally untested but it's at least plausible.

In a situation like this where the license explicitly says "this is not a waiver of any patent rights" that argument is going to be pretty hard to make fly.

The whole area is interesting for sure. The very presence of explicit patent grants/waivers/forbearance in later licenses could be argued as evidence that a waiver isn't commonly understood to automatically come with the license where it's totally silent. But that's still a different world from the "definitely not a waiver" situation set up by CC0.

Read the opening license line for BSD: "Redistribution and use in source and binary forms, with or without modification, are permitted"

This feels incompatible with a spontaneous patent claim, because otherwise "use" is not permitted once a patent right is asserted.

The notion of open source is under threat from patents being used by the likes of Facebook, who've released BSD code then immediately claimed a special patent license in a parallel that disavowed "redistribution and use" unless the patent license also applied.

So we can say that a license that explicitly doesn't include patent permission doesn't meet the 4 freedoms.

> The freedom to run the program as you wish, for any purpose.

A patent overrides this.

> The freedom to study how the program works, and change it so it does your computing as you wish.

A patent overrides this, at least the second half.

> The freedom to redistribute copies so you can help your neighbor.

A patent overrides this.

> The freedom to distribute copies of your modified versions to others.

A patent overrides this.

Facebook's React library was an example of this. BSD but with a non-free patent license that ran against those freedoms. So it was not really open source.

I'm not sure a patent would override all those things if it's being asserted by the same entity which put the license on the code.

If the patent holder puts a "redistribution and use are permitted", that can be deemed as an IP license in every relevant way, including patent and trademark grant; it's not just copyright.

"Use" means carrying out the patented functionality; permission to "use" is tantamount to permission to apply the patented algorithm to one's data to reap its benefit.

The BSD license is clear that it's a copyright license. IANAL, but I expect "this isn't a patent license and its terms don't cover our patents" would stand up in court. Which is how we get to the GP's question of implied license.

If the plaintiff seeks to stop the defendent from engaging in "redistribution and use", by invoking their patent, but the plaintiff put a license on the code whose wording allows "redistribution and use" in any form without any restrictions, I don't see how the court could just ignore that.

Thanks, that’s a theory making Fedora’s statements somewhat more understandable than they were with just the LWN excerpt. Namely, that other licenses, by being silent, might be construable as implying patent permissions.

Perhaps the Creative Commons lawyers erred by mentioning patents at all, and they should issue a corrected “CC0v2”!

It was intentional and well intended, so that CC0-1.0 use (e.g. for research datasets) would not be blocked by academic tech transfer offices. But yes, they should issue a CC1-1.0 that is not copyright-only.

I think it's reasonable. Other licenses use the traditional method of being silent (not saying anything) about patents, so if someone had granted the right to run the code without mentioning a patent, I bet it'd be hard to find a judge who would decide that the right to the patent (or at least to not have it enforced) didn't come with the rights given to the code.

Whereas with CC0 it's explicit that the same person who granted you the code could sue you for running it. There's no room for interpretation.

"Please accept this giant wooden horse! We don't preclude the possibility that it's sincere gift given in good faith!".

> The quoted section of CC0 doesn't "preclude any form of patent licensing or patent forbearance".

But it does do exactly that.

> It just makes clear that CC0 is silent on those issues

It doesn't do that, because that's impossible to do. Saying "I'm not talking about X" is talking about X.

It doesn’t ‘preclude’ anything by disclaiming implications either way. It leaves all possibilities open, which is the opposite of ‘precluding’.

Someone can absolutely say “Though some might think my prior words endorse or reject X, let me be clear I don’t endorse or reject X.” You can mention X, especially in a aspires-to-be-rigorous context like law, without committing to a treatment.

> It doesn’t ‘preclude’ anything by disclaiming implications either way.

Yes, it does.

A license that gives permission to use software but does not enumerate specific rights that the licensor holds which may be necessary to use the software will most naturally be read as licensing all necessary rights held by the licensor.

A license which explicitly disclaims any grant of patent rights can only be read as...not granting patent rights held by the licensor, even if they may be necessary to use the software. Thus, such a grant which would otherwise be reasonably included is, instead, explicitly precluded.

Sure, but that's not what CC0 says. CC0 says "No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.", which is more like saying "I reject X."

"by this document" limits the effect such that it doesn't [emphasis added] "PRECLUDE ANY FORM OF PATENT LICENSING or patent forbearance" via other documents/mechanisms. (It does preclude one particular implied-permission interpretation, as others have helpfully pointed out.)

The problem is that you are arguing about something that is not the issue. The issue isn't “via other documents/mechanisms”, the issue is whether it precludes patent grants that may be necessary to exercises the permissions in the license from being found to be granted by the license. Anything that grants permissions for particular but doesn't rule a grant of specific rights (at issue at the moment, patent, but the same would be true of any other specific rights) necessary to that use is most naturally read as granting all rights the licensor has power to grant necessary to the use explicitly licensed (and also as a claim that the licensor has a right to grant all rights necessary for that use.) If it specifically excludes particular rights that may be necessary to that use, then the license itself is on its face insufficient for the use it appears to grant without a separate license for the other rights or independent evidence that no rights which would be an obstacle are held anywhere else.

> (It does preclude one particular implied-permission interpretation that others have helpfully pointed out.)

Yes, and this seems to be the entire reason that Fedora is revoking approval of the license.

And if Fontana had written, and LWN excerpted, a statement like...

"The reason for the change: Over a long period of time a consensus has been building in FOSS that licenses that EXPLICITLY DISCLAIM PATENT FORBEARANCE cannot be considered FOSS."

...I'd have not flagged any apparent textual contradiction – and understood the rationale better. It was the broad, unqualified allegation that CC0's text would "preclude any form of patent licensing or patent forbearance" that created the impression of mismatch between reasoning and literal text.

(And note: submission link has changed since I commented from a tiny excerpt of Fontana's announcement, and the full email.)

> which is more like saying "I reject X."

I dont think it is. I really dont see how you could read that sentence and get "i reject x" out if it.

It's saying "I'm not giving you any patent licenses", not "I'm not saying whether or not I'm giving you any patent licenses".

I disagree.

More specificly its saying "the previous statement i just made is not me saying i am giving you a patent license. However i'm not saying in general whether or not i am going to give you one, and i might be giving you one in some other statement."

There is of course a certain sense where not rendering an opinion is the same as the supporting the status quo ante (which would be no patent license), but i dont think its fair to equate an implicit no opinion = no patent license with an explicit no patent license.

Is there any license that I can place my code under, that truly does not stop anyone from using it, for any reason? What legalese would I need to tell bespoke legal systems that I want to revoke all rights, in any situation, to anything in that project? Is there a license project that fulfills that need? And I don’t mean the WTFPL: I mean a license that legally stands and does what it is intended to do, and that would satisfy even the most conservative of lawyers that it’s safe to use?

0BSD is the license for that if you do not even care that attribution is provided. 0BSD code even ships with Android, so it is safish to assume other large companies would approve it too.

The Unlicense is the closest that I know of. It attempts to release the software into the public domain. Since not all jurisdictions have the notion of public domain, it also explicitly waives copyright (though it doesn't mention patents).

I don't have any insight into how effective Unlicense is, but to give an idea of how complicated this is: just as many jurisdictions don't let you place things into a Public Domain, or even have the legal concept of one, some (I think France?) also don't let you just waive your authorial rights. I think a full copyright license is okay, though.

It's usually the moral rights (separate but related to the economic part of copyright) that can't be waived:

> In most of Europe, it is not possible for authors to assign or even waive their moral rights. This is following a tradition in European copyright itself, which is regarded as an item of property which cannot be sold, but only licensed. The author can agree to waive them to a limited extent (and such terms are very common in contracts in Europe).

(from https://en.wikipedia.org/wiki/Moral_rights#In_Europe)

IIRC, moral rights are also always tied to the individual and not to the employer or organization.

In NL, these moral rights include the following properties:

> even after transferring their copyright, the original creator retains the rights to:

> 1a. oppose publication of the work without attribution

> 1b. oppose publication of the work under a different name than their own (applies to both the name of the work and the name of the creator)

> 1c. oppose modifications of the work

> 1d. oppose any kind of mutilation of disfiguration of the work, or modifications that would negatively affect the perception of the work or its creator

> Of these rights, 1a can be waived entirely; 1b and 1c can be waived only with regards to the name of the work, not its creator; right 1d remains the privilege of the creator (or any designated heir) for the entire duration of the copyright itself.

(from https://wetten.overheid.nl/BWBR0001886/2015-07-01/#Hoofdstuk...)

edit: note that (1c) talks about modifications of the original (physical) work; it doesn't necessarily apply in the same sense as the GPL, where all extensions/updates to the original codebase are also considered modifications of the same work.

Unlicense is entirely unsuitable because it explicitly only affects copyright law. It’s not that it doesn’t mention patents (for then it’d be in a similar situation to many accepted open source licenses), but that it defines its scope as something that excludes patents. See my other comments in this thread for more.

Is there anything wrong with MIT or the more succinct ISC license? Is the attribution portion a sticking point?

Yeah, I mean a license without any strings attached at all. I’m just curious if one exists already.

Yes, 0BSD is ISC with ", provided that the above copyright notice and this permission notice appear in all copies" removed. MIT-0 is MIT with "subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software" removed. Unlicense is a more ideological statement.

Other comments provide links to licenses similar to what you are looking for. But I’d like to argue that the MIT/BSD2 licenses are _better_ than a “no strings attached“ license, even when one wants to give the broadest permissions to use and modify a piece of code. The obligation to preserve attribution and license is as unobtrusive as possible, and at the same time gives assurance that the code is actually properly licensed. The typical corporate entity will not trust a piece of code with no license and would have to track copyright and license in some database. Having the same information in the source files makes things easier.

Also you have to be careful, because in some countries, attribution isnt waived unless you explicitly say. I think in some countries you arent even allowed to waive attribution.


I believe you're just describing putting something in the public domain and waiving all copyright (CC talks about this too: https://creativecommons.org/share-your-work/public-domain/pd...). But be cautious: you're still required to comply with the requirements of any licenses for dependencies you redistribute.

No, that is only for “No Known Copyright”.

The problem with Public Domain is that it is decided by law, not by you. You can't put anything on the public domain; the public takes domain by expiring copyright.

The license I have been using is this:

> This software is information. It is subject only to local laws of physics.

I deliberately use the term "information" here to convey a sense of factual truth which is generally not protected under copyright. It is meant to be a license that transcends all human legal systems since I cannot guarantee any protections they would provide.

I have been told this will not stand up in a court of law, but the people who told me this don't seem to understand its purpose or effects. As long you obey the laws of physics no legal intervention is ever required. And the best part is that even the people who disagree must always conform to its terms.

I think the big issue is that there is nothing in this that clearly says "you have permission to use/distribute this".

"this software is information" does not achieve this because information can be subject to intellectual property laws! Even excluding that, it's not clear so imposes a legal risk on users.

"It is subject only to local laws of physics" does not achieve a clear grant of permission. It's phrased as a statement of fact, and a statement of fact doesn't actually give permission for a reader to just act as if its true.

There's minor issues too... just use the 0BSD or MIT-no-attribution or CC0 license which does what you want in clear and unambiguous legal language, with the bonus of trying to stop you getting sued.

No, the big issue is that people seem to think you need permission to "obey the laws of physics". I have no way of enforcing a license under legal regimes with which I can't negotiate. Therefore such terms are meaningless and useless for my licensing purposes. The MIT/BSD licenses require legal interpretation and are not appropriate. Even the "public domain" is a jurisdiction-defined term that is not universal.

How can I create unambigous legal language if I don't know the laws to which I am subject? Am I supposed to assume US or "Western" style copyright? Will this work in China? What about Russia or North Korea? Does this language work in 2122? 2222? Under what authority?

And since I live in the US, let's be clear: nothing will prevent someone from suing you. The best chance you have is to hope the judge agrees with your interpretation of the law.

Well your text will not work anywhere, you might as well not provide one. Instead your text mentions things like "laws of physics" which are totally irrelevant to the matter at hand, and reads like you just want to make fun of licenses/the law, so even more reason it will not achieve what you want.

the relevant copyleft landscape:

- [Unlicense](https://unlicense.org/)

- [What The Fuck You Want](http://www.wtfpl.net/)

- [Public Domain](https://creativecommons.org/share-your-work/public-domain/)

- [0BSD](https://opensource.org/licenses/0BSD)

You can find more on tl;dr:legal


BSD license?

It would seem that complaint would also implicate MIT/X, BSD, and GPL 2.0, would it not?

No. Those licenses don't say anything about patents. This one explicitly says it doesn't give licensees any patent rights.

How, in your mind, is the legal effect different between those two cases?

There's an argument (and while I an pretty up on IP law in the United States, I am not a lawyer, etc. etc.) that, by providing code via an open-source license, you're handing anyone who uses it a defense (again IANAL but I believe the magic word is "estoppel" here) with regards to suing them for acts downstream of using it. In normal-person terms, it'd be along the lines of "you used an open-source license intended to permit, if not incentivize, the use of this thing; the only reasonable way anyone could use it is by violating your IP; therefore, you are implicitly granting permission to use it regardless of the status of your IP."

This has not AFAIK been tested in any court, but (to my mind) it's not an unreasonable point to accept.

CC0 actively does not provide any protections with regards to patents, which would make the above defense inapplicable.

The MIT license says:

> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use …

It would be interesting to argue that, yes, I gave you the right to “use” this software but you actually had to pay me extra for a patent license.

The issue is that CC0 explicitly reserves trademark and patent rights. Those OSS licenses do not have this issue.

I do not think this is true. CC0 neither reserves nor waives these rights: instead it just says that the CC0 license (when it says "this document" it's referring to the license, not the licensed material) does not surrender any of these rights. This doesn't introduce anything new at all: it is effectively a reminder to the licensee.

MIT, BSD, and GPL 2.0 also do not surrender those rights. They just don't helpfully remind the licensee of this fact in the body of the license itself. The net result is, so far as I can tell, the same.

It would seem to me that the complaint is with a license which doesn't surrender rights, particularly patent rights. I think this is proper: MIT, BSD, and GPL 2.0 are awful licenses for exactly this reason.

*Edit* A quick mention of MIT. There are people who argue that MIT's "without restriction" clause sort of acts as a patent release. As if that was good. MIT is a bad license because a critical feature of a modern license -- a patent release -- hinges on a strained interpretation of a vague, easily misconstrued statement, and one which was clearly not the intention of the original license authors. A good license would have explicitly spelled things out. It takes just one judge to grind the MIT license into dirt.

The MIT license plainly says I am allowed to use the software without restriction. The portion of the license that grants permission is:

> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software

It doesn't say anything about copyright or patents. It merely provides a list of things that I am allowed to do. To decide that they haven't granted all rights required to use the software would seem to contradict what was written in the license.

Patent grants don't seem like they're worth much anyway. They don't stop a third party from coming along and suing you and the original developer for supposedly violating some patent neither of you knew ever existed. And isn't that how all patent trolling plays out? I've never heard of a patent troll that starts out with the troll giving you CC0 licensed code and waiting for you to trip over the patents they neglected to mention earlier.

What is the legal difference between a license with this clause:

> No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document.

and a license with no clause at all addressing trademark or patent rights? Wouldn't both of those documents leave trademark and patent rights unaffected?

I particularly like this bit:

> The MIT License unquestionably has an express [patent] license. That license is not limited to the granting of any particular flavor of intellectual property rights. The statement of license does not use the word "patent" or the word "copyright." When was the last time you heard someone expressing concern that the MIT License merely had an implied copyright license?

Not so much reserves as declares out of scope.

CC0 is a public domain dedication, with fallback license for jurisdictions where public domain dedication is not possible. The public domain dedication part is not a license (this was a large part of the legal criticism of the awfully-named Unlicense: that it tried to be both a public domain dedication and a license, despite the two being incompatible), and so cannot do anything with trademark or patent rights.

If you want to cover trademark or patent rights, you’ll have to use a public-domain-equivalent license instead of a public domain dedication. This is where things like 0BSD come in. (With this latest thing, I think I’m going to change my primary recommendation in https://chrismorgan.info/blog/unlicense/ to 0BSD rather than CC0.)


"Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:"

Can you use and redistribute it or not?

"Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions"

Are you free to deal in, redistribute, sublicense and sell the software, or are you not?

It seems very important to point out something here that I hope is obvious, but may not be: the Fedora project is not representative of, nor does it speak for, the entire Linux ecosystem.

Fedora is ultimately stewarded by Red Hat, which (let's not forget)... is now an IBM company. As such, a cynic might be inclined to read this notice more like "IBM doesn't like FOSS licenses that are (or might possibly be construed as) patent-prohibitive." At the risk of sounding churlish... NO $**T! Phrased more delicately, methinks one's motives might be suspect.

I find this little more than another pawn moved around the board in the whole "how cozy with big business should FOSS be" debate, and my personal take is that we passed most sane thresholds a decade or more ago. IBM via Red Hat via Fedora can 2>&1>/dev/null .

So we need any american to relicense any CC0 work as 0BSD and then it should be all good.

Or they could just bequeath their code to the public domain, and ignore the quirks of foreign legal systems that make that weird in other countries.

List of Germans who've been sued for using SQLite without a license: .... [End of list]

Just because SQLite project hasn't sued any Germans doesn't mean there's not legal risk involved.

Build a billion dollar company on some "public domain" software in Germany, and you've given a stranger a gun to your head. They might not exercise their copyright, but they also could.

Or the stranger dies, and whoever inherits the gun decides to fire it.

If some foreign rightholder actually tries suing a billion-dollar German company in German court on the basis of lack of license to some software dedicated to the public domain, do you really expect them not to get laughed out of court?

As I understand, German courts do not recognize public domain dedications, because they recognize “authors rights” which are not fully transferable or licensable.

Do you really think that's going to be the sticking point if someone tries to sue over it?

Yes, if I imagine myself to be a billion dollar corporation instead of Joe Random, then I have to act differently. But I'm not, and so I don't.

Billion dollar companies use major Linux distros, so the concern seems justified here.

In the sense that CC0 work is just public domain in the US, and thus an American can just assign it the 0BSD?

Legally that should work, even for non-Americans: the 0BSD doesn't grant anything the CC0 doesn't. But that doesn't work if you assume the 0BSD has a patent grant (by arguing that it gives you permission to use, modify, etc. the software). Then the product of your license reassignment is 0BSD, but doesn't grant permission from all authors, thus preventing its use in Fedora.

> In the sense that CC0 work is just public domain in the US, and thus an American can just assign it the 0BSD?

If I search for CC0, the first hit is https://creativecommons.org/share-your-work/public-domain/cc... which already starts to answer from the URL, but let me just quote it:

> CC0 enables scientists, educators, artists and other creators and owners of copyright- or database-protected content to waive those interests in their works and thereby place them as completely as possible in the public domain, so that others may freely build upon, enhance and reuse the works for any purposes without restriction under copyright or database law.

So yes, IANAL but AFAIK CC0 is just "public domain" but spelled out (the rest of that link explains why this might be needed).

> and thus an American can just assign it the 0BSD?

The catch, as I understand it, is that yes any American could take something under CC0 and re-release it under 0BSD (probably, again IANAL) but they can only give away the rights they had in the first place so they can't say "and nobody can claim a patent infringement on this", only "and I promise you can use this and I won't sue you for patent infringement". The original authors, if they have a patent, could (as this argument goes) still sue for patent infringement because they never agreed not to (allegedly).

The silly part is that the licensor claims he will not assert any patent rights regarding the code. But someone else might still do that.

Someone else might do that anyway, don’t they? (Barring the mutually-assured-destruction clause in Apache-2.0, but even that only works if that someone is simultaneously interested in using the code in question.)

This. The original argument is sideways. When contributing code, you claim to have written it yourself and you grant a copyright license to this work of yours. You don't claim the contributed code does not infringe on any patent. (How could you?? Normal code contributor has no idea how to check that.) So the only evil plan the CC0 prohibition foils (a patent holder contributes code needing patent license under CC0 and later sues for patent infringement) needs only to be slightly modified: the patent holder asks/hires someone to contribute such code. This person grants all rights using BSD0 but obviously cannot grant a patent license to someone else's patent, so the patent holder can still sue.

Even if he properly and legally relinquished any and all patent rights, there is nothing to stop him from layering up and suing everybody anyway in direct contradiction to the patent grant. Presumably all the lawsuits would fail, but harassing others with flagrantly horseshit lawsuits is an industry.

I think people are free to license their work as they see fit, and whether Fedora likes that or not is their own business and their own problem.

So what they are worried about is an entity that does the following:

1. Quietly patent sexy new algorithm

2. Release CC0 implementation of algorithm without mentioning they hold a patent.

3. ? (sue for infringement)

4. Profit

Anyone that tried this should be laughed out of court. If they're not, the law needs an overhaul.

> If they're not, the law needs an overhaul

How many times have we thought that in the last 10 years?

Yes, my cliché detector kicked in hard when I wrote it :-)

Which packages are potentially affected?

SQLite is under Public Domain, but not under CC0; I wonder how will this going to affect it...

Time to relicense to WTFPL I guess? Not American and used CC0 for everything. And don't say public domain because a LICENSE.txt file that just says "this is public domain" isn't a valid license, I think.

Public domain isn't a license of a copyrighted work, it's you denying that your copyright exists at all. This isn't legally valid in some countries like Germany, but if you did it anyway they're not going to send gestapo to stop you.

Corporations with lawyers up their ass aren't going to like something ostensibly put into the public domain by a German who technically can't do that, but lawyers don't like the WTFPL either, so it makes little difference.

The issue isn't the gestapo coming in, it's that, if a person never legally disclaimed copyright, the work is still subject to copyright.

> "hey use my stuff it's public domain"

> "ok thanks"

> "Ha! gotcha! Here's your lawsuit, pay up!"

Technically possible; something lawyers would worry about. A problem for corporations that have to listen to lawyers.

For common people? Not a problem. No German has ever been sued for using SQLite.

Keep the Law of Strict Licenses [1] in mind, though:

> Every FOSS license must be interpreted as strictly as possible in case the copyright holder is bought by Oracle.

[1] https://gavinhoward.com/2022/01/the-law-of-strict-licenses/

There's nothing stopping Oracle for claiming SQLite violates some of their patents and suing the world for it. They don't even need to buy SQLite for that.

If you're a billion dollar corporation, then you've already lawyered up and prepared for innumerable scenarios. If you're Joe Random like most of us, just get over it and move on with your life.

Is FOSS merely for hobbyists, or should Fedora be something that large organizations can trust?

Does Germany not have any concept of promissory estoppel?

So then what are the options for a German who can't use CC0 now? Other distros are sure to follow suit and CC0 was the go to license for mostly everyone outside the US.

Germans can still use the CC0. If a linux distro or anybody else think that isn't okay, the German developer can laugh and say that's the distro's problem, not their own.

> a LICENSE.txt file that just says "this is public domain or something" isn't a valid license

It's legal in America, but you'll have trouble in a lot of other countries (Germany for one).

The Unlicense is designed to waive all rights while addressing as many of these nitpicks as possible.

=> https://Unlicense.org

It’s what I use for a public-domain-equivalent.

Please don’t use the Unlicense. It’s at least as bad as CC0. If it works as a public domain dedication (which was its purpose, but lawyerly consensus seems to be that it failed at that and would be interpreted as a license) then it is in exactly the same boat as CC0, and if it works as a license, I see no scope at all for even an implied patent grant, and it explicitly speaks of copyright law as its scope (part of the failed PDD parts of the license), so it should still be in the same boat as CC0. (The only possible argument for any difference is that Unlicense would allow you to slightly more credibly plead ignorance, which seems a fairly absurd argument to me.) See https://chrismorgan.info/blog/unlicense/ for some more info and suggestions. (I do need to mull over the specific recommendations, as another point rises against CC0 specifically, and frankly the concept of public domain dedication in general.) As a starting suggestion, go with 0BSD, which is at least better-drafted than Unlicense and legally unambiguous.

There's a lot of second and third and fourth-hand reports of people who are not lawyers trying to discuss this. Your blog post, for example, cites as a source StackOverflow user "stawberryfields" who claims to have be reiterating something that they read in another StackOverflow answer. I'm not a lawyer, but I also can't afford to hire one. So I'd like to stick to things that actual lawyers have said.

For reference, the OSI's comments when approving The Unlicense:

> There is general agreement that the document is poorly drafted. It is > an attempt to dedicate a work to the public domain (which, taken

> alone, would not be approved as an open source license) but it also

> has wording commonly used for license grants.There was some discussion

> about the legal effectiveness of the document, in particular how it

> would operate in a jurisdiction where one cannot dedicate a work to

> the public domain. The lawyers who opined on the issue, both US and

> non-US, agreed that the document would most likely be interpreted as a

> license and that the license met the OSD. It is therefore recommended

> for approval.

=> https://lists.opensource.org/pipermail/license-review_lists....

You seem to interpret "the document would most likely be interpreted as a license" as standing alone, which forms the basis of your critique. I interpret that line in the context of the sentence before. That is to say, I think "the issue" is how the license would be treated in a jurisdiction without a public domain, and I think that the lawyers agree the that it would be treated as a license only in that context.

To quickly address some other points:

Many people comment that "public domain dedication" is an ill-defined legal term and you shouldn't even try. Okay, fine, whatever. I'll happily use a public-domain-equivalent license. Citing the above, The Unlicense works for this purpose.

Your comments on its name are understandable, but as someone who is trying to actually license my code in a public-domain-equivalent way, I can't afford to be picky about that.

I don't trust/understand The FSF's "recommendation" for CC0 because in their guidance on CC0, they explicitly do not recommend using CC0 for software. (Not even to mention the thread we're commenting on.)

Many people on the OSI mailing list harshly criticized The Unlicense for being written by someone that isn't a lawyer. While I understand their concerns, again, I'm not aware of any licenses written by lawyers to be public-domain equivalent. The BSD 0-clause is just deleting portions of the BSD license. Since neither of these were written by lawyers, I feel like I can speculate by saying that The Unlicense seems to me to cover a lot more cases and is a lot more explicit about its intent than 0BSD.

All that is to say, I know that a lot of people don't like The Unlicense. I would love to use a public-domain-equivalent license written by a lawyer with a patent disclaimer. But doesn't exist, and the closest thing in intent is The Unlicense.

I have erred in my understanding of the key sentence you’re quoting. Thank you for pointing that out; I will amend my writings about it. But I didn’t actually build anything on that point; correcting it requires only changing a few words in two places, a minor patch. All of my arguments and other criticisms are still intact.

As for Unlicense versus CC0 or 0BSD, and the patent law matters in question here: the Unlicense explicitly says it’s talking about copyright law, and limits the effects of its fallback license to that. And as a public domain dedication, it can’t exceed that scope. Thus, worldwide it will exclude any patent law considerations just as thoroughly and reliably as CC0 which explicitly reminds you of this fact. This is a decent chunk of the problems with both Unlicense and CC0: public domain dedications only cover copyright law, and consensus has been building that that’s not enough for open source.

If you want a public domain dedication: use CC0, because it’s fairly clearly uniformly better than Unlicense.

If you want a public-domain-equivalent license: use 0BSD or MIT-0, but certainly not Unlicense, because it’s a PDD with fallback license, not a PDEL, which means that it cannot possibly have any implicit patent or trademark grant; you could staple a patent grant on top of it (or better yet, in my opinion, just state clearly that there are no applicable patent rights).

The problem with Unlicense is that by bad drafting it exists partway between PDD and PDEL, and doesn’t do the best job of either. So choose which you want, and take the better option.

It would be nice to have a public-domain-equivalent form license that included a patent grant or release. But Unlicense is not close to that in intent.

It seems to me very clear that the only fully consistent position for Fedora here would be to disallow all forms of public domain dedication (most germanely Unlicense), unless accompanied by some supplemental remark on patent law.

Thanks for your reply. I will definitely consider using a more explicit public-domain equivalence in the future.

Please do use the Unlicense. I've published dozens of projects that are widely used in production under the Unlicense. In my experience, it works just fine. Granted, I do dual license with the MIT to ease folks' worries, but there have been plenty of contributions to my projects without any fuss. It's my hope that one day the dual licensing will no longer be a necessary hedge, however, for the folks that want to use my work under the Unlicense, they can. The way to make the Unlicense more broadly acceptable, IMO, is for more people to use it.

The only issue that has cropped up from this is that Google employees can use but not contribute to these projects.

I also personally love the name of the Unlicense. Personally, I use it because I'm interested in a bit of advocacy against monopoly copyright interest.

(The fact that Andrew insists on using the Unlicense despite the problems pointed out by quite a few people and the existence of better alternatives like 0BSD is the only thing I have against him. His code and leadership in Rust circles is excellent and I regard him highly in all other technical matters. :-) )

Ditto, I guess? :P (But obviously with the position on the Unlicense flipped.)

To address your indictment head-on: you suggesting the 0BSD as a better alternative is really missing my point. The 0BSD is not an alternative for my use case. The Unlicense is one of the very few overt "political" acts that I inject into the software I produce. Its purpose is to make a statement. The 0BSD doesn't do that IMO, so it's not actually an alternative that meets my advocacy goal.

You and Rick Moen seem to have the same apparent blind spot for this. See my conversation with him that started here (which might also clarify some aspects of my own position): https://github.com/docopt/docopt.rs/issues/1#issuecomment-42...

And finally, note that my dual licensing scheme is exactly a response to the "problems pointed out by quite a few people": https://github.com/BurntSushi/byteorder/issues/26

Hmm… I had indeed forgotten some of those details of your reasoning—it’s mostly stuff that I read several years ago and my memories of it have faded with time.

In suggesting 0BSD, I am indeed talking on legal grounds. For Unlicense, the only part of it that would seem to be any kind of “statement” is its name, which… well, you know my opinion of the misbegotten name. I feel like there must surely be some better way of making that statement (which I agree with!), but I don’t know what.

(I’ve been having fun using BlueOak-1.0.0, which is generally superior to the likes of MIT and Apache-2.0, and have been rather tempted to release things under only that license, and tough luck to anyone that cares about OSI approval, as BlueOak-1.0.0 is not OSI-approved largely because the authors are unimpressed with OSI process after having been involved with it for years in the past, but so far I’ve been doing silly things like trial-licensing BlueOak-1.0.0/MIT/Apache-2.0 to satisfy people’s sensibilities. I’ve also been wondering if I should just throw in the towel and go 0BSD, not like I care about the attribution anyway, or would ever pursue any license violation of any form for reasons of conscience. I had thought of going CC0-1.0 or similar, but legal limitations of PDD versus licenses decided me against it when I was mulling it over. Pity public domain dedication is so hard to do properly and so surprisingly limited in scope.)

Just to be really clear here, the statement is not just in the name. It is also in the first sentence on unlicense.org:

> The Unlicense is a template for *disclaiming copyright monopoly interest* in software you've written

But yes, the name is a big part of the "statement," I agree.

> Pity public domain dedication is so hard to do properly and so surprisingly limited in scope.

Indeed. That should change.

I admire your attitude. I wish more people would stop letting corporate legal interests dictate their own choices.

Sounds like Fedora is sacrificing good code for ideological purity.

Nothing wrong with 1. Having principles 2. Having a sane legal framework in place for when the parent trolls come

Unfortunately it sounds like they are doing this to protect themselves from patent trolls, not some kind of ideological purity testing.

They aren't mutually exclusive.

Many Linux distros have been limiting their repos to FOSS from the start. Much of it is ideology, some of it is minimization of legal exposure.

>> The reason for the change: Over a long period of time a consensus has been building in FOSS that licenses that preclude any form of patent licensing or patent forbearance cannot be considered FOSS. CC0 has a clause that says: "No trademark or patent rights held by Affirmer are waived, abandoned, surrendered, licensed or otherwise affected by this document."

> Part of the background story is that on patents, we've fought the scenario that a patent holder could offer some FOSS library implementing their patented method, and then come chase you for patent infringement. What are the boundaries for me, FOSS user, to not be ensnared by a submarine license?

> and then come chase you for patent infringement.

Honest question: How could they claim damages from someone to whom they've granted permission? It just doesn't seem like a likely problem. So i'm trying to understand what the actual threat is.

>Honest question: How could they claim damages from someone to whom they've granted permission?

That's actually the underlying rationale here, although it isn't explained well in the linked page. There is the possibility of an implied patent license grant (or waiver) from the licensor in a license that is silent about patent rights, for exactly the reason you state.

But CC0 is different, in that it grants permission to use while simultaneously being explicit that there is no implied patent license (or waiver) granted.

> How could they claim damages from someone to whom they've granted permission?

I think that's the key: technically they haven't granted permission, not explicitly, absent a patent waiver. (Disclaimer: not a lawyer, barely paying attention to this.)

Sounds stupid. If they want to be legally consistent they'd have to ban all FOSS licenses that don't waive patent rights. By default, patent rights aren't waived so explicitly retaining them is just literally stating the obvious.

Any lawyer trying to sneak out of patent claims by saying "oh but the FOSS license didn't state they were retaining patent rights..." is just regular legal bullshitting and would not stand long in any half-working justice system.

Not a lawyer but: is there any case law in which the act of open-source licensing in a not-explicitly-retaining-patent-rights way was found to be a de facto, or implied, waiver of patent rights? https://patentdefenses.klarquist.com/waiver/ points out some situations in which one could implicitly waive patent rights, but specifically in the context of lying to standards-setting organizations, it would seem?

If a license has never been considered an implicit waiver, it seems overkill to say that "a license that says nothing about rights is materially better than a license that explicitly does not waive rights," no?

> If a license has never been considered an implicit waiver, it seems overkill to say that "a license that says nothing about rights is materially better than a license that explicitly does not waive rights," no?

Yes, and I suspect a lawyer for a sufficiently-malicious GPLv2 dev looking to submarine an org could probably even take it further – because the FSF felt it was necessary to create GPLv3 in order to explicitly grant patent rights to GPLv3 licensors of the code, choosing to continue to use GPLv2 like my client the malicious-submarine-dev did, instead of relicensing in GPLv3, was done precisely in order to signal that they are expressly choosing to grant a copyright license but not a patent license to users.

Singling out CC0 seems arbitrary – if Fedora wants patent certainty, they should be sticking to things like GPLv3 and Apache

I almost agree with you. Except that many FOSS developers who stick a license onto something do not hold any patents, or if they do, not necessarily anything relevant to that code.

If you choose a license which explicitly says you're not waiving your patents, it insinuates that you are holding some, and they are used in the project.

> If you choose a license which explicitly says you're not waiving your patents, it insinuates that you are holding some, and they are used in the project.

Not anymore than the BSD-no-nuclear clause insinuates that there's a version somewhere that is suitable for being run in the control system of nuclear power plants, it doesn't.

CC0 just makes it clear what is in-scope for the license – copyright, not patents, because it's intended as a formalization of public domain and that is not something that can be formalized re: patents – unlike BSD or GPLv2, which implicitly are about copyright but never actually come out and say so (and if you were looking to screw someone over with some patent you hold, you're better off with something that doesn't even mention it, like GPLv2, rather than prompting the lawyers to explicitly ask about patents because the license reminds them that they're not covered)

Authors who assign to the public domain do so generally because they are mavericks who dislike any sort of permission scheme for the use of information, tied to any sort of authoritarian rules, regardless of how relaxed the permission is.

The fallback license in the CC0 is supposed to be just a begrudging inclusion that applies in jurisdictions where the assignment to the public domain isn't upheld; the author who releases a work under the CC0 would be most pleased if there were not such jurisdictions, and the public domain assignment were enough.

OK, so then you have this fallback license which says, "I am not granting any use of the patents covering the ideas in this work". That's completely stupid; nobody who ideologically favors the public domain would want to use this.

The only rational use for CC0 is by a corporation which has developed some patented technology (e.g. video encoder) and wants to promote a reference implementation, to be used by paying patent licensees for making applications (plus individuals for educational, non-commercial, personal use).

If a fallback license of a public domain assignment says anything other than "you can use and redistribute this as you wish", it is not an earnest, genuine, ideological public domain assignment. Someone who wants to make such a grant to the public, yet uses the CC0, has been duped.

It insinuates nothing of the sort. It just suggests that you’re using a form license that mentions that. In the specific context of CC0, it’s not a license but rather a public domain dedication (with fallback license) and so anything about patents is by definition out of scope—the document is strictly focused on elements of copyright law. The sentence in question here is just reminding you of that fact.

I'm just trying to guess the reason why CC0 was singled out. Why would Fedora not want to expunge all licenses that doesn't mention patents at the same time?

Probably the reasoning is that most licenses that don't mention patents don't actually have any patents behind them.

Most CC0 probably don't either, but since CC0 explicitly says patents are not waived, that's where Fedora decided to start cleaning house.

As a free software developer, I just want to know whether this is the way the wind is blowing? Do I have to re-license everything with a different BSD license that incorporates a patent waiver?

I see this whole thing as pointless, because even if you don't hold any patents, it's almost impossible to write any significant piece of code without infringing on multiple ridiculous software patents that someone filed somewhere.

Just because I add a sentence saying I won't enforce any patents against the users of my code doesn't mean that some third party in the world will not do that. That's probably one reason licenses are mum about patents; patents are a threat coming from someone else which your own waiver doesn't dispel.

> Why would Fedora not want to expunge all licenses that doesn't mention patents at the same time?

The idea is that a generic grant of usage rights will cover multiple forms of IP, so it's fine.

But if it says "this is copyright only" that's a problem.

The issue isn't directly about whether it mentions patents or not.

Url changed from https://lwn.net/Articles/902410/, which points to this.

Will this exclude just declaring a work as public domain, like some of the Boost libraries?

Boost libs are not public domain; they are licensed under the Boost license.

I did not know that, I must have confused them for some other library.

Given software patents are unethical, this means as a software developer I should start considering CC0 for code as it will prevent people/companies that play the software patent game from using that software?


Its the opposite.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact