Practical Technology

for practical people.

Violate the GPL at your own risk


It used to be that companies could get away with stealing GPLed open-source code into their own software and no one would be the wiser. Those days are done.

Oh, it still happens, but the SFLC’s (Software Freedom Law Center) recent legal actions on behalf of BusyBox‘s principal developers have been putting the fear of open-source violations into unscrupulous software companies. In the latest chapter, SFLC has sued Bell Microproducts Inc. and Super Micro Computer Inc. for using BusyBox’s open-source software without honoring its open-source license.

Both companies have been distributing BusyBox’s lightweight embedded Unix tools illegally without complete source code. By the rules of the GPLv2, which is the open-source license that covers BusyBox, every downstream recipient of the program must be provided access to the program’s source code

The SFLC contacted each company, but the businesses ignored them. Dumb move.

The SFLC filed injunctions against the pair on June 9 in the United
States District Court for the Southern District of New York and are asking for damages and litigation costs to be awarded to BusyBox. “Before filing these lawsuits, we contacted both companies and gave them the opportunity to remedy their violations privately, but they were continually unresponsive,” said Aaron Williamson, SFLC counsel in a press statement.

“When companies are contacted by SFLC or anyone else about a GPL violation, they need to respond by taking good faith steps toward compliance. If they do not, lawsuits like these are the predictable consequences.”

The SFLC has a perfect track-record on its BusyBox GPL enforcement lawsuits. All of the previous lawsuits, including the biggest GPL legal victory to date, against Verizon have resulted in out-of-court settlements. In each case, the defendants had to distribute source code in compliance with the GPL and pay damages and legal costs.

This open-source legal winning streak has some attorneys like, Edmund J. Walsh of Wolf Greenfield writing in
that he’s concerned that this is foreshadowing “new risks in the irreconcilable conflict between open source software and its widespread use by for-profit companies.

Williamson responded in the pages of SFLC that “The issue is hardly that FOSS [Free and Open Source Software] licenses present hidden risks. By and large, they are clearer and less onerous than proprietary software licenses. Nor is it the case that ‘the freedom belongs to the software, not to users.’ All users, including for-profit companies, are afforded the same substantial freedoms by FOSS licenses. But as has always been the case, the GPL does not give any user the right to deny those freedoms to others. This could only be a ‘new lesson’ to someone who has never read the license.

The real point, according to Williamson, is that companies that use FOSS licensed software illegally may be doing so because of “ignorance of their legal obligations, indifference owing to a history of non-enforcement, etc.—but it seems that in the overwhelming majority of cases, the decision has nothing to do with protecting a proprietary business model. Whether they license proprietary software or FOSS, for-profit companies should of course pay attention to their legal obligations. But so long as they do so, they need not fear any ‘irreconcilable conflict’ between making money and using FOSS.”

In short, the only thing that’s new here is that open source is finally calling companies on not meeting their legal obligations. With the SFLC on the prowl, it’s no longer safe for companies to rip off open-source software and hide it within their own software stacks.