An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

Hello,

A recent event sparked an idea that I wanted to share. The event was when
Seth Vargo, a maintainer of an open source software package, decided to
remove his OSS codebase upon discovering that it was being used by DHS/ICE:
https://www.vice.com/en_us/article/mbm3xn/chef-sugar-author-deletes-code-sold-to-ice-immigration-customs-enforcement.


While Seth's action caused temporary annoyance to consumers of his
codebase, it was quickly remediated by Chef (the company with the DHS/ICE
contract.) They remediated by distributing a fork of Seth's software. This
is what sparked the idea:

What if there was an OSS license that could sanction human rights abusers?

I am not a lawyer, so I don't know what would be necessary to implement
such a license or to enforce it; but, the legal community has long been
able to implement sanctions against certain actors. This seems to take the
form of preventing economic transactions with a list of blacklisted actors.

What I am proposing is to create a variant of the Apache license that adds
a clause to the effect that distribution/use of licensed materials follows
a sanctions program: that usage by or distribution to an actor who is on an
Amnesty International curated sanctions list constitutes a license
violation. (I could also see a similar sanctions list leveraged to
encourage green business practices.)

As I said, I am not a lawyer, so I don't know what kind of wranglings are
necessary to implement the above control; but as an OSS maintainer, I
believe that there is appetite in the community for such capabilities. I
also believe that this kind of capability represents a novel form of
community-based soft power: a huge part of the world's economy flows
through OSS software. Imagine the leverage that such a mechanism could have
in aligning corporate entities with social goods.

Cheers,
Jeff Ploughman
CEO/Engineer, Immutability, LLC

Re: An Apache-Amnesty Open Source License

[Jim Jagielski <ji...@jaguNET.com>]

As Greg said, it is likely not to be approved by OSI.

Field of Use restrictions are kind of sensitive to the ASF... after all, it was for that reason that we resigned from the JCP when Sun, and then Oracle, implemented such conditions on our JEE efforts.*

*: It was not the *sole* reason, of course, but was the seed of many

> On Sep 22, 2019, at 11:19 AM, Jeff Ploughman <je...@immutability.io> wrote:
> 
> I am suggesting an additional license - not a replacement, of course. A tool that could be chosen by authors to restrict access to members of civil society - yes, as defined by a trusted 3rd party. Yes, that is a different definition of open than currently exists. 
> 
>  Rather than arbitrary, I'd describe this as trust being ceded to a 3rd party (in this case Amnesty) - in the same way that legal regimes are trusted 3rd parties. It is definitely the case that this would $groups would be dynamic - in the same way that committers of crimes are changing. 
> 
> This kind of a license could act as a practical disincentive - a way to marginalize actors who currently behave as if there is no consequence to their actions by virtue of their positions of privilege.
> 
> F/OSS could survive this - thrive in fact. The F/OSS community is the chief enabler of the new digital age. Perhaps it is time to develop an opt-in model that allows F/OSS to be used as a political tool instead of merely a way to subsidize the corporate world to do whatever they wish with no liability.
> 
> On Sun, Sep 22, 2019 at 10:48 AM Greg Stein <gstein@gmail.com <ma...@gmail.com>> wrote:
> The simplest answer is that would violate §6 ("Fields of Endeavor") of the Open Source Definition.
> https://opensource.org/osd <https://opensource.org/osd>
> 
> While using the OSD as the arbiter of "what is [colloquially-known-as] Open Source?" can be debated, it would be a *huge* lift to socialize a different understanding of "Open Source", and one that doesn't include fields of endeavor. If $someGroup is denied today, then $whichGroup tomorrow? Is that truly open? If arbitrary and changing choices are allowed, then how can F/OSS survive within that landscape?
> 
> Cheers,
> -g
> 
> 
> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <jeff@immutability.io <ma...@immutability.io>> wrote:
> Hello,
> 
> A recent event sparked an idea that I wanted to share. The event was when Seth Vargo, a maintainer of an open source software package, decided to remove his OSS codebase upon discovering that it was being used by DHS/ICE: https://www.vice.com/en_us/article/mbm3xn/chef-sugar-author-deletes-code-sold-to-ice-immigration-customs-enforcement <https://www.vice.com/en_us/article/mbm3xn/chef-sugar-author-deletes-code-sold-to-ice-immigration-customs-enforcement>. 
> 
> While Seth's action caused temporary annoyance to consumers of his codebase, it was quickly remediated by Chef (the company with the DHS/ICE contract.) They remediated by distributing a fork of Seth's software. This is what sparked the idea:
> 
> What if there was an OSS license that could sanction human rights abusers?
> 
> I am not a lawyer, so I don't know what would be necessary to implement such a license or to enforce it; but, the legal community has long been able to implement sanctions against certain actors. This seems to take the form of preventing economic transactions with a list of blacklisted actors.
> 
> What I am proposing is to create a variant of the Apache license that adds a clause to the effect that distribution/use of licensed materials follows a sanctions program: that usage by or distribution to an actor who is on an Amnesty International curated sanctions list constitutes a license violation. (I could also see a similar sanctions list leveraged to encourage green business practices.)
> 
> As I said, I am not a lawyer, so I don't know what kind of wranglings are necessary to implement the above control; but as an OSS maintainer, I believe that there is appetite in the community for such capabilities. I also believe that this kind of capability represents a novel form of community-based soft power: a huge part of the world's economy flows through OSS software. Imagine the leverage that such a mechanism could have in aligning corporate entities with social goods.
> 
> Cheers,
> Jeff Ploughman
> CEO/Engineer, Immutability, LLC

Re: An Apache-Amnesty Open Source License

[Brian Behlendorf <br...@behlendorf.com>]

This isn't really the right place to propose a new license; the right place for it would be the license-review (if you have a finished license) or license-discuss mailing lists at opensource.org.  The feedback here is nothing compared with what you'll get there, unless you first review the existing approved licenses to see if there is already a fit, and if not to work on a draft with a competent lawyer with a clear purpose.  

To be fair, I suppose you weren't just proposing it here as a thought experiment. You clearly know that for something like this to be successful on any given project, the momentum behind the fork under this license must be much greater than the momentum behind any reasonable alternative. So rallying Apache to this cause, lending it's brand to a second license like this (even if OSI refuses it), convincing a few key projects to commit to it... all that was your reason for it here, right? 

On one hand: kudos, because while normally this community would brush away suggestions to accept code under any more restrictive license (the GPL being the main example), it doesn't hurt to occasionally ask if that's still the hill to die on. Times do change, and we face much deeper global crises in 2019 than we did in 1998 or 1995.  The desire for social impact in one's work has not only become core to many programmers, there are companies committing to better cleaner practices of all sorts. A license like this dangles an even bigger carrot to move companies towards better practices and away from ugly ones. And US companies are already required to check conformance with certain blacklists, like OFAC's Specially Designated Nationals list. I'd rather block out the fossil fuels industry than ICE myself...

But on the other hand, there are serious practical issues to this. For example, if ICE couldn't use httpd because of this license, they could just pay a contractor to host a web site for them on httpd or whatever. So we'd have to not only ban organizations on the black list, we'd have to ban companies from using this software on their projects with banned entities.  And how many layers of such indirection do we have to do due diligence around?  Secondly, licenses on code stick around forever and are hard to change, but these third parties could change much more frequently, so how do you protect against Amnesty or others going sideways?  I won't even to mention the enforcement challenges and even the cost of monitoring for that.

But I do think it was a question worth asking, and a better frame than "cloud companies are freeloading" which is the usual gripe these days. Thank you.

Brian 



On 22 September 2019 5:35:01 PM GMT-07:00, Greg Stein <gs...@gmail.com> wrote:
>To be fair, he asked for help. It is just that we are pessimistic,
>cynical
>bastards and quit before starting 😛
>
>On Sun, Sep 22, 2019, 18:51 Ted Dunning <te...@gmail.com> wrote:
>
>>
>> Go for it, then!
>>
>>
>>
>> On Sun, Sep 22, 2019 at 4:38 PM Jeff Ploughman <je...@immutability.io>
>> wrote:
>>
>>> Jeez. And all I was trying to do was suggest an option that allows
>people
>>> to ascribe moral constraints to the use of software that they author
>and
>>> let that grow as it will.
>>>
>>>
>>>
>>> On Sun, Sep 22, 2019 at 6:07 PM Ted Dunning <te...@gmail.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman
><je...@immutability.io>
>>>> wrote:
>>>>
>>>>> ...
>>>>>
>>>>> I agree that this would present challenges in maintaining the
>viability
>>>>> of a community. I also think that the power of moral authority in
>this
>>>>> community is very strong. Couple that strength with the utter
>dependency
>>>>> that the entire economy has on the F/OSS model and you could see
>some new
>>>>> dynamics emerge in reaction to a stronger moral stance by software
>authors.
>>>>>
>>>>
>>>> The economy is not dependent on any software that you could
>relicense in
>>>> this way. There is no leverage to be had here because there is no
>single
>>>> F/OSS community. Sure, if you could convince an impossibly large
>fraction
>>>> of the committers (past and present) on critical projects to
>essentially
>>>> boycott other licenses than yours, then you might get a
>conversation, but
>>>> the committers who are paid a wage to be committers are unlikely to
>stand
>>>> with you. As such, you are stuck in a voiceless position.
>>>>
>>>>
>>>>

-- 
Sent via Superhuman^H K-9 Mail. Please excuse my brevity.

Re: An Apache-Amnesty Open Source License

[Dave Fisher <wa...@apache.org>]

Hi -

Sorry for top posting, the guy who took down his software also will take down his software when he dies which is certainly a reason not to use his software ever. [1]

Regards,
Dave

[1] https://techcrunch.com/2019/09/23/programmer-who-took-down-open-source-pieces-over-chef-ice-contract-responds/

Sent from my iPhone

> On Sep 23, 2019, at 8:19 AM, Wheeler, David A <dw...@ida.org> wrote:
> 
> Danese Cooper:
> > Field of Use restrictions are the number one carve out requested by well meaning people who wish the OSD would allow them to enforce their morality via Open Source license. 
> …
> > Here’s the problem with such restrictions...they are a slippery slope. You want to limit access by ICE. I get that. But somebody else may want to limit use of their software in prisons, or by non-Christians...the possibilities are endless. Carving up the world of otherwise reusable code into sub-sections by political affiliation would quickly undermine the whole point of licenses like the AL2.0, which were designed to promote reuse.
>  
> I agree that such restrictions would be counterproductive.  Such restrictions are a slippery slope, because they are very likely to lead to fragmentation which would lead to uselessness.  In addition, this clearly conflicts with the Open Source Definition point 6 (“No Discrimination Against Fields of Endeavor”).
>  
> If you want to create software & release it using a proprietary software license, no one is stopping you.  But such a license would (by definition) not be an open source software license.
>  
> --- David A. Wheeler
>  

RE: An Apache-Amnesty Open Source License

["Wheeler, David A" <dw...@ida.org>]

Danese Cooper:
> Field of Use restrictions are the number one carve out requested by well meaning people who wish the OSD would allow them to enforce their morality via Open Source license.
…
> Here’s the problem with such restrictions...they are a slippery slope. You want to limit access by ICE. I get that. But somebody else may want to limit use of their software in prisons, or by non-Christians...the possibilities are endless. Carving up the world of otherwise reusable code into sub-sections by political affiliation would quickly undermine the whole point of licenses like the AL2.0, which were designed to promote reuse.

I agree that such restrictions would be counterproductive.  Such restrictions are a slippery slope, because they are very likely to lead to fragmentation which would lead to uselessness.  In addition, this clearly conflicts with the Open Source Definition point 6 (“No Discrimination Against Fields of Endeavor”).

If you want to create software & release it using a proprietary software license, no one is stopping you.  But such a license would (by definition) not be an open source software license.

--- David A. Wheeler

Re: An Apache-Amnesty Open Source License

[Roman Shaposhnik <ro...@shaposhnik.org>]

On Sun, Sep 22, 2019 at 6:41 PM Danese Cooper <da...@gmail.com> wrote:

> I helped run the OSI for 10 years.
>
> Field of Use restrictions are the number one carve out requested by well
> meaning people who wish the OSD would allow them to enforce their morality
> via Open Source license.
>
> In the late 90s it was a desire to limit the use of Open Source within the
> nuclear power and nuclear weapons industries. Here’s the problem with such
> restrictions...they are a slippery slope. You want to limit access by ICE.
> I get that. But somebody else may want to limit use of their software in
> prisons, or by non-Christians...the possibilities are endless. Carving up
> the world of otherwise reusable code into sub-sections by political
> affiliation would quickly undermine the whole point of licenses like the
> AL2.0, which were designed to promote reuse.
>

This!

Now, I very much do understand where Jeff (and quite a few folks lately)
are coming from. I don't take their position lightly. I wish there was a
neat solution, but fundamentally this is a tension.

It is a tension between the goal of building the biggest pool of re-usable
human knowledge (open source software) vs. the goal of leveraging the value
of that pool for affecting social change.

Both are remarkable endeavors, but anything that threatens fragmentation
and balkanization of that amazing pool has a huge bar to clear to be
justified (at least in my book).

Unfortunately I don't think there's any solution in the realm of licensing
alone that would not have that very unfortunate side effect. Still, I'm
always open to be surprised.

Thanks,
Roman.

Re: An Apache-Amnesty Open Source License

[Danese Cooper <da...@gmail.com>]

I helped run the OSI for 10 years.

Field of Use restrictions are the number one carve out requested by well
meaning people who wish the OSD would allow them to enforce their morality
via Open Source license.

In the late 90s it was a desire to limit the use of Open Source within the
nuclear power and nuclear weapons industries. Here’s the problem with such
restrictions...they are a slippery slope. You want to limit access by ICE.
I get that. But somebody else may want to limit use of their software in
prisons, or by non-Christians...the possibilities are endless. Carving up
the world of otherwise reusable code into sub-sections by political
affiliation would quickly undermine the whole point of licenses like the
AL2.0, which were designed to promote reuse.

Late last year the ASF helped demonstrate to Facebook that the additional
obligations imposed by their “Apache plus extra patent-clause” licensing of
React were in fact unsupportable by us. Our refusal to pass on those
additional obligations meant a ban on React code at the ASF. Your proposed
license would receive the same fate, and for the same reason.

Hope this helps you not waste your time.

Danese

On Sun, Sep 22, 2019 at 5:35 PM Greg Stein <gs...@gmail.com> wrote:

> To be fair, he asked for help. It is just that we are pessimistic, cynical
> bastards and quit before starting 😛
>
> On Sun, Sep 22, 2019, 18:51 Ted Dunning <te...@gmail.com> wrote:
>
>>
>> Go for it, then!
>>
>>
>>
>> On Sun, Sep 22, 2019 at 4:38 PM Jeff Ploughman <je...@immutability.io>
>> wrote:
>>
>>> Jeez. And all I was trying to do was suggest an option that allows
>>> people to ascribe moral constraints to the use of software that they author
>>> and let that grow as it will.
>>>
>>>
>>>
>>> On Sun, Sep 22, 2019 at 6:07 PM Ted Dunning <te...@gmail.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io>
>>>> wrote:
>>>>
>>>>> ...
>>>>>
>>>>> I agree that this would present challenges in maintaining the
>>>>> viability of a community. I also think that the power of moral authority in
>>>>> this community is very strong. Couple that strength with the utter
>>>>> dependency that the entire economy has on the F/OSS model and you could see
>>>>> some new dynamics emerge in reaction to a stronger moral stance by software
>>>>> authors.
>>>>>
>>>>
>>>> The economy is not dependent on any software that you could relicense
>>>> in this way. There is no leverage to be had here because there is no single
>>>> F/OSS community. Sure, if you could convince an impossibly large fraction
>>>> of the committers (past and present) on critical projects to essentially
>>>> boycott other licenses than yours, then you might get a conversation, but
>>>> the committers who are paid a wage to be committers are unlikely to stand
>>>> with you. As such, you are stuck in a voiceless position.
>>>>
>>>>
>>>>

Re: An Apache-Amnesty Open Source License

[Greg Stein <gs...@gmail.com>]

To be fair, he asked for help. It is just that we are pessimistic, cynical
bastards and quit before starting 😛

On Sun, Sep 22, 2019, 18:51 Ted Dunning <te...@gmail.com> wrote:

>
> Go for it, then!
>
>
>
> On Sun, Sep 22, 2019 at 4:38 PM Jeff Ploughman <je...@immutability.io>
> wrote:
>
>> Jeez. And all I was trying to do was suggest an option that allows people
>> to ascribe moral constraints to the use of software that they author and
>> let that grow as it will.
>>
>>
>>
>> On Sun, Sep 22, 2019 at 6:07 PM Ted Dunning <te...@gmail.com>
>> wrote:
>>
>>>
>>>
>>> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io>
>>> wrote:
>>>
>>>> ...
>>>>
>>>> I agree that this would present challenges in maintaining the viability
>>>> of a community. I also think that the power of moral authority in this
>>>> community is very strong. Couple that strength with the utter dependency
>>>> that the entire economy has on the F/OSS model and you could see some new
>>>> dynamics emerge in reaction to a stronger moral stance by software authors.
>>>>
>>>
>>> The economy is not dependent on any software that you could relicense in
>>> this way. There is no leverage to be had here because there is no single
>>> F/OSS community. Sure, if you could convince an impossibly large fraction
>>> of the committers (past and present) on critical projects to essentially
>>> boycott other licenses than yours, then you might get a conversation, but
>>> the committers who are paid a wage to be committers are unlikely to stand
>>> with you. As such, you are stuck in a voiceless position.
>>>
>>>
>>>

Re: An Apache-Amnesty Open Source License

[Ted Dunning <te...@gmail.com>]

Go for it, then!



On Sun, Sep 22, 2019 at 4:38 PM Jeff Ploughman <je...@immutability.io> wrote:

> Jeez. And all I was trying to do was suggest an option that allows people
> to ascribe moral constraints to the use of software that they author and
> let that grow as it will.
>
>
>
> On Sun, Sep 22, 2019 at 6:07 PM Ted Dunning <te...@gmail.com> wrote:
>
>>
>>
>> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io>
>> wrote:
>>
>>> ...
>>>
>>> I agree that this would present challenges in maintaining the viability
>>> of a community. I also think that the power of moral authority in this
>>> community is very strong. Couple that strength with the utter dependency
>>> that the entire economy has on the F/OSS model and you could see some new
>>> dynamics emerge in reaction to a stronger moral stance by software authors.
>>>
>>
>> The economy is not dependent on any software that you could relicense in
>> this way. There is no leverage to be had here because there is no single
>> F/OSS community. Sure, if you could convince an impossibly large fraction
>> of the committers (past and present) on critical projects to essentially
>> boycott other licenses than yours, then you might get a conversation, but
>> the committers who are paid a wage to be committers are unlikely to stand
>> with you. As such, you are stuck in a voiceless position.
>>
>>
>>

Re: An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

Jeez. And all I was trying to do was suggest an option that allows people
to ascribe moral constraints to the use of software that they author and
let that grow as it will.



On Sun, Sep 22, 2019 at 6:07 PM Ted Dunning <te...@gmail.com> wrote:

>
>
> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io>
> wrote:
>
>> ...
>>
>> I agree that this would present challenges in maintaining the viability
>> of a community. I also think that the power of moral authority in this
>> community is very strong. Couple that strength with the utter dependency
>> that the entire economy has on the F/OSS model and you could see some new
>> dynamics emerge in reaction to a stronger moral stance by software authors.
>>
>
> The economy is not dependent on any software that you could relicense in
> this way. There is no leverage to be had here because there is no single
> F/OSS community. Sure, if you could convince an impossibly large fraction
> of the committers (past and present) on critical projects to essentially
> boycott other licenses than yours, then you might get a conversation, but
> the committers who are paid a wage to be committers are unlikely to stand
> with you. As such, you are stuck in a voiceless position.
>
>
>

Re: An Apache-Amnesty Open Source License

[Ted Dunning <te...@gmail.com>]

On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io> wrote:

> ...
>
> I agree that this would present challenges in maintaining the viability of
> a community. I also think that the power of moral authority in this
> community is very strong. Couple that strength with the utter dependency
> that the entire economy has on the F/OSS model and you could see some new
> dynamics emerge in reaction to a stronger moral stance by software authors.
>

The economy is not dependent on any software that you could relicense in
this way. There is no leverage to be had here because there is no single
F/OSS community. Sure, if you could convince an impossibly large fraction
of the committers (past and present) on critical projects to essentially
boycott other licenses than yours, then you might get a conversation, but
the committers who are paid a wage to be committers are unlikely to stand
with you. As such, you are stuck in a voiceless position.

Re: An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

Groups such as Amnesty are already susceptible to being politicized and
being corrupted. Such is an unavoidable and IMHO acceptable risk.

It is quite possible that the trusted 3rd party needs to be a consortium of
3rd parties. Regardless, Seth's action indicates that there may be an
appetite for such a license.

The F/OSS community possesses a great deal of latent political power by
virtue of the fact that the corporate world have tuned their budgets for
years and built their businesses based on the notion that software is free.
In many cases, the community producing this software has a drastically
different value system than the largest consumers of this software. Likely
that disparity will create dynamics that we are just now starting to see.



On Sun, Sep 22, 2019 at 12:43 PM David Jencks <da...@gmail.com>
wrote:

> I would expect, should such a license become popular, that whatever group
> judged who could use the software (Amnesty International IIUC in your
> suggestion) would promptly become politicized and corrupt.
>
> David Jencks
>
> Sent from my iPhone
>
> On Sep 22, 2019, at 9:33 AM, Jeff Ploughman <je...@immutability.io> wrote:
>
> If such a license existed, and if the supply side (aka, the community)
> adopted such a license, then there would definitely be forking. Much of the
> demand side would adopt forks. However, there would be both cost and risk
> to chasing a fork - especially if the talent and expertise in the community
> lay in the newly licensed upstream. Firms would be forced to make a risk
> trade-off: legal risk vs. technical risk.
>
> I agree that this would present challenges in maintaining the viability of
> a community. I also think that the power of moral authority in this
> community is very strong. Couple that strength with the utter dependency
> that the entire economy has on the F/OSS model and you could see some new
> dynamics emerge in reaction to a stronger moral stance by software authors.
>
> On Sun, Sep 22, 2019 at 12:17 PM Ted Dunning <te...@gmail.com>
> wrote:
>
>>
>> You can definitely define a license such as you describe.
>>
>> The problem will be adoption. Downstream limitations means that
>> commercial adoption will be limited (at least it will be as soon as people
>> look at the license). And if commercial adoption is limited, it will be
>> hard to sustain a community and that is the death knell for software.
>>
>> Even GPL is a hard sell in many companies for anything but platforms. For
>> any software where viral entanglement becomes even slightly imaginable,
>> things simply stop. Thus, Linux and R and LibreOffice are OK, but for
>> libraries it becomes unworkable (hence LGPL).
>>
>>
>>
>> On Sun, Sep 22, 2019 at 8:44 AM Jeff Ploughman <je...@immutability.io>
>> wrote:
>>
>>> Thank you for your comments. I think there is a non-proprietary option.
>>> Something more practical, and still effectively free and open, than
>>> Crockford's "No Evil" license.
>>>
>>> On Sun, Sep 22, 2019 at 11:36 AM Greg Stein <gs...@gmail.com> wrote:
>>>
>>>> On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io>
>>>> wrote:
>>>>
>>>>> I am suggesting an additional license - not a replacement, of course.
>>>>> A tool that could be chosen by authors to restrict access to members of
>>>>> civil society - yes, as defined by a trusted 3rd party. Yes, that is a
>>>>> different definition of open than currently exists.
>>>>>
>>>>
>>>> I would strongly oppose a "different definition of open", with what
>>>> personal voice I could apply.
>>>>
>>>> We have been seeing this kind of encroachment on F/OSS over the past
>>>> year. It sucks. It complicates the F/OSS world and introduces
>>>> misunderstandings and confusion. For example: a company traded on Apache's
>>>> goodwill/name to advance their source-available license. It sucked, and
>>>> expended a lot of our volunteers' energy.
>>>>
>>>> All that said, I'm sure there is a path towards the non-open regime you
>>>> seek. Proprietary licenses are easy.
>>>>
>>>> -g
>>>>
>>>>

Re: An Apache-Amnesty Open Source License

[David Jencks <da...@gmail.com>]

I would expect, should such a license become popular, that whatever group judged who could use the software (Amnesty International IIUC in your suggestion) would promptly become politicized and corrupt.

David Jencks 

Sent from my iPhone

> On Sep 22, 2019, at 9:33 AM, Jeff Ploughman <je...@immutability.io> wrote:
> 
> If such a license existed, and if the supply side (aka, the community) adopted such a license, then there would definitely be forking. Much of the demand side would adopt forks. However, there would be both cost and risk to chasing a fork - especially if the talent and expertise in the community lay in the newly licensed upstream. Firms would be forced to make a risk trade-off: legal risk vs. technical risk.
> 
> I agree that this would present challenges in maintaining the viability of a community. I also think that the power of moral authority in this community is very strong. Couple that strength with the utter dependency that the entire economy has on the F/OSS model and you could see some new dynamics emerge in reaction to a stronger moral stance by software authors. 
> 
>> On Sun, Sep 22, 2019 at 12:17 PM Ted Dunning <te...@gmail.com> wrote:
>> 
>> You can definitely define a license such as you describe.  
>> 
>> The problem will be adoption. Downstream limitations means that commercial adoption will be limited (at least it will be as soon as people look at the license). And if commercial adoption is limited, it will be hard to sustain a community and that is the death knell for software.
>> 
>> Even GPL is a hard sell in many companies for anything but platforms. For any software where viral entanglement becomes even slightly imaginable, things simply stop. Thus, Linux and R and LibreOffice are OK, but for libraries it becomes unworkable (hence LGPL).
>> 
>>  
>> 
>>> On Sun, Sep 22, 2019 at 8:44 AM Jeff Ploughman <je...@immutability.io> wrote:
>>> Thank you for your comments. I think there is a non-proprietary option. Something more practical, and still effectively free and open, than Crockford's "No Evil" license.
>>> 
>>>> On Sun, Sep 22, 2019 at 11:36 AM Greg Stein <gs...@gmail.com> wrote:
>>>>> On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io> wrote:
>>>> 
>>>>> I am suggesting an additional license - not a replacement, of course. A tool that could be chosen by authors to restrict access to members of civil society - yes, as defined by a trusted 3rd party. Yes, that is a different definition of open than currently exists. 
>>>> 
>>>> I would strongly oppose a "different definition of open", with what personal voice I could apply.
>>>> 
>>>> We have been seeing this kind of encroachment on F/OSS over the past year. It sucks. It complicates the F/OSS world and introduces misunderstandings and confusion. For example: a company traded on Apache's goodwill/name to advance their source-available license. It sucked, and expended a lot of our volunteers' energy.
>>>> 
>>>> All that said, I'm sure there is a path towards the non-open regime you seek. Proprietary licenses are easy.
>>>> 
>>>> -g
>>>> 

Re: An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

If such a license existed, and if the supply side (aka, the community)
adopted such a license, then there would definitely be forking. Much of the
demand side would adopt forks. However, there would be both cost and risk
to chasing a fork - especially if the talent and expertise in the community
lay in the newly licensed upstream. Firms would be forced to make a risk
trade-off: legal risk vs. technical risk.

I agree that this would present challenges in maintaining the viability of
a community. I also think that the power of moral authority in this
community is very strong. Couple that strength with the utter dependency
that the entire economy has on the F/OSS model and you could see some new
dynamics emerge in reaction to a stronger moral stance by software authors.

On Sun, Sep 22, 2019 at 12:17 PM Ted Dunning <te...@gmail.com> wrote:

>
> You can definitely define a license such as you describe.
>
> The problem will be adoption. Downstream limitations means that commercial
> adoption will be limited (at least it will be as soon as people look at the
> license). And if commercial adoption is limited, it will be hard to sustain
> a community and that is the death knell for software.
>
> Even GPL is a hard sell in many companies for anything but platforms. For
> any software where viral entanglement becomes even slightly imaginable,
> things simply stop. Thus, Linux and R and LibreOffice are OK, but for
> libraries it becomes unworkable (hence LGPL).
>
>
>
> On Sun, Sep 22, 2019 at 8:44 AM Jeff Ploughman <je...@immutability.io>
> wrote:
>
>> Thank you for your comments. I think there is a non-proprietary option.
>> Something more practical, and still effectively free and open, than
>> Crockford's "No Evil" license.
>>
>> On Sun, Sep 22, 2019 at 11:36 AM Greg Stein <gs...@gmail.com> wrote:
>>
>>> On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io>
>>> wrote:
>>>
>>>> I am suggesting an additional license - not a replacement, of course. A
>>>> tool that could be chosen by authors to restrict access to members of civil
>>>> society - yes, as defined by a trusted 3rd party. Yes, that is a different
>>>> definition of open than currently exists.
>>>>
>>>
>>> I would strongly oppose a "different definition of open", with what
>>> personal voice I could apply.
>>>
>>> We have been seeing this kind of encroachment on F/OSS over the past
>>> year. It sucks. It complicates the F/OSS world and introduces
>>> misunderstandings and confusion. For example: a company traded on Apache's
>>> goodwill/name to advance their source-available license. It sucked, and
>>> expended a lot of our volunteers' energy.
>>>
>>> All that said, I'm sure there is a path towards the non-open regime you
>>> seek. Proprietary licenses are easy.
>>>
>>> -g
>>>
>>>

Re: An Apache-Amnesty Open Source License

[Ted Dunning <te...@gmail.com>]

You can definitely define a license such as you describe.

The problem will be adoption. Downstream limitations means that commercial
adoption will be limited (at least it will be as soon as people look at the
license). And if commercial adoption is limited, it will be hard to sustain
a community and that is the death knell for software.

Even GPL is a hard sell in many companies for anything but platforms. For
any software where viral entanglement becomes even slightly imaginable,
things simply stop. Thus, Linux and R and LibreOffice are OK, but for
libraries it becomes unworkable (hence LGPL).



On Sun, Sep 22, 2019 at 8:44 AM Jeff Ploughman <je...@immutability.io> wrote:

> Thank you for your comments. I think there is a non-proprietary option.
> Something more practical, and still effectively free and open, than
> Crockford's "No Evil" license.
>
> On Sun, Sep 22, 2019 at 11:36 AM Greg Stein <gs...@gmail.com> wrote:
>
>> On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io>
>> wrote:
>>
>>> I am suggesting an additional license - not a replacement, of course. A
>>> tool that could be chosen by authors to restrict access to members of civil
>>> society - yes, as defined by a trusted 3rd party. Yes, that is a different
>>> definition of open than currently exists.
>>>
>>
>> I would strongly oppose a "different definition of open", with what
>> personal voice I could apply.
>>
>> We have been seeing this kind of encroachment on F/OSS over the past
>> year. It sucks. It complicates the F/OSS world and introduces
>> misunderstandings and confusion. For example: a company traded on Apache's
>> goodwill/name to advance their source-available license. It sucked, and
>> expended a lot of our volunteers' energy.
>>
>> All that said, I'm sure there is a path towards the non-open regime you
>> seek. Proprietary licenses are easy.
>>
>> -g
>>
>>

Re: An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

Thank you for your comments. I think there is a non-proprietary option.
Something more practical, and still effectively free and open, than
Crockford's "No Evil" license.

On Sun, Sep 22, 2019 at 11:36 AM Greg Stein <gs...@gmail.com> wrote:

> On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io>
> wrote:
>
>> I am suggesting an additional license - not a replacement, of course. A
>> tool that could be chosen by authors to restrict access to members of civil
>> society - yes, as defined by a trusted 3rd party. Yes, that is a different
>> definition of open than currently exists.
>>
>
> I would strongly oppose a "different definition of open", with what
> personal voice I could apply.
>
> We have been seeing this kind of encroachment on F/OSS over the past year.
> It sucks. It complicates the F/OSS world and introduces misunderstandings
> and confusion. For example: a company traded on Apache's goodwill/name to
> advance their source-available license. It sucked, and expended a lot of
> our volunteers' energy.
>
> All that said, I'm sure there is a path towards the non-open regime you
> seek. Proprietary licenses are easy.
>
> -g
>
>

Re: An Apache-Amnesty Open Source License

[Greg Stein <gs...@gmail.com>]

On Sun, Sep 22, 2019 at 10:19 AM Jeff Ploughman <je...@immutability.io>
wrote:

> I am suggesting an additional license - not a replacement, of course. A
> tool that could be chosen by authors to restrict access to members of civil
> society - yes, as defined by a trusted 3rd party. Yes, that is a different
> definition of open than currently exists.
>

I would strongly oppose a "different definition of open", with what
personal voice I could apply.

We have been seeing this kind of encroachment on F/OSS over the past year.
It sucks. It complicates the F/OSS world and introduces misunderstandings
and confusion. For example: a company traded on Apache's goodwill/name to
advance their source-available license. It sucked, and expended a lot of
our volunteers' energy.

All that said, I'm sure there is a path towards the non-open regime you
seek. Proprietary licenses are easy.

-g

Re: An Apache-Amnesty Open Source License

[Jeff Ploughman <je...@immutability.io>]

I am suggesting an additional license - not a replacement, of course. A
tool that could be chosen by authors to restrict access to members of civil
society - yes, as defined by a trusted 3rd party. Yes, that is a different
definition of open than currently exists.

 Rather than arbitrary, I'd describe this as trust being ceded to a 3rd
party (in this case Amnesty) - in the same way that legal regimes are
trusted 3rd parties. It is definitely the case that this would $groups
would be dynamic - in the same way that committers of crimes are changing.

This kind of a license could act as a practical disincentive - a way to
marginalize actors who currently behave as if there is no consequence to
their actions by virtue of their positions of privilege.

F/OSS could survive this - thrive in fact. The F/OSS community is the chief
enabler of the new digital age. Perhaps it is time to develop an opt-in
model that allows F/OSS to be used as a political tool instead of merely a
way to subsidize the corporate world to do whatever they wish with no
liability.

On Sun, Sep 22, 2019 at 10:48 AM Greg Stein <gs...@gmail.com> wrote:

> The simplest answer is that would violate §6 ("Fields of Endeavor") of the
> Open Source Definition.
> https://opensource.org/osd
>
> While using the OSD as the arbiter of "what is [colloquially-known-as]
> Open Source?" can be debated, it would be a *huge* lift to socialize a
> different understanding of "Open Source", and one that doesn't include
> fields of endeavor. If $someGroup is denied today, then $whichGroup
> tomorrow? Is that truly open? If arbitrary and changing choices are
> allowed, then how can F/OSS survive within that landscape?
>
> Cheers,
> -g
>
>
> On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io>
> wrote:
>
>> Hello,
>>
>> A recent event sparked an idea that I wanted to share. The event was when
>> Seth Vargo, a maintainer of an open source software package, decided to
>> remove his OSS codebase upon discovering that it was being used by DHS/ICE:
>> https://www.vice.com/en_us/article/mbm3xn/chef-sugar-author-deletes-code-sold-to-ice-immigration-customs-enforcement.
>>
>>
>> While Seth's action caused temporary annoyance to consumers of his
>> codebase, it was quickly remediated by Chef (the company with the DHS/ICE
>> contract.) They remediated by distributing a fork of Seth's software. This
>> is what sparked the idea:
>>
>> What if there was an OSS license that could sanction human rights abusers?
>>
>> I am not a lawyer, so I don't know what would be necessary to implement
>> such a license or to enforce it; but, the legal community has long been
>> able to implement sanctions against certain actors. This seems to take the
>> form of preventing economic transactions with a list of blacklisted actors.
>>
>> What I am proposing is to create a variant of the Apache license that
>> adds a clause to the effect that distribution/use of licensed materials
>> follows a sanctions program: that usage by or distribution to an actor who
>> is on an Amnesty International curated sanctions list constitutes a license
>> violation. (I could also see a similar sanctions list leveraged to
>> encourage green business practices.)
>>
>> As I said, I am not a lawyer, so I don't know what kind of wranglings are
>> necessary to implement the above control; but as an OSS maintainer, I
>> believe that there is appetite in the community for such capabilities. I
>> also believe that this kind of capability represents a novel form of
>> community-based soft power: a huge part of the world's economy flows
>> through OSS software. Imagine the leverage that such a mechanism could have
>> in aligning corporate entities with social goods.
>>
>> Cheers,
>> Jeff Ploughman
>> CEO/Engineer, Immutability, LLC
>>
>

Re: An Apache-Amnesty Open Source License

[Greg Stein <gs...@gmail.com>]

The simplest answer is that would violate §6 ("Fields of Endeavor") of the
Open Source Definition.
https://opensource.org/osd

While using the OSD as the arbiter of "what is [colloquially-known-as] Open
Source?" can be debated, it would be a *huge* lift to socialize a different
understanding of "Open Source", and one that doesn't include fields of
endeavor. If $someGroup is denied today, then $whichGroup tomorrow? Is that
truly open? If arbitrary and changing choices are allowed, then how can
F/OSS survive within that landscape?

Cheers,
-g


On Sun, Sep 22, 2019 at 9:33 AM Jeff Ploughman <je...@immutability.io> wrote:

> Hello,
>
> A recent event sparked an idea that I wanted to share. The event was when
> Seth Vargo, a maintainer of an open source software package, decided to
> remove his OSS codebase upon discovering that it was being used by DHS/ICE:
> https://www.vice.com/en_us/article/mbm3xn/chef-sugar-author-deletes-code-sold-to-ice-immigration-customs-enforcement.
>
>
> While Seth's action caused temporary annoyance to consumers of his
> codebase, it was quickly remediated by Chef (the company with the DHS/ICE
> contract.) They remediated by distributing a fork of Seth's software. This
> is what sparked the idea:
>
> What if there was an OSS license that could sanction human rights abusers?
>
> I am not a lawyer, so I don't know what would be necessary to implement
> such a license or to enforce it; but, the legal community has long been
> able to implement sanctions against certain actors. This seems to take the
> form of preventing economic transactions with a list of blacklisted actors.
>
> What I am proposing is to create a variant of the Apache license that adds
> a clause to the effect that distribution/use of licensed materials follows
> a sanctions program: that usage by or distribution to an actor who is on an
> Amnesty International curated sanctions list constitutes a license
> violation. (I could also see a similar sanctions list leveraged to
> encourage green business practices.)
>
> As I said, I am not a lawyer, so I don't know what kind of wranglings are
> necessary to implement the above control; but as an OSS maintainer, I
> believe that there is appetite in the community for such capabilities. I
> also believe that this kind of capability represents a novel form of
> community-based soft power: a huge part of the world's economy flows
> through OSS software. Imagine the leverage that such a mechanism could have
> in aligning corporate entities with social goods.
>
> Cheers,
> Jeff Ploughman
> CEO/Engineer, Immutability, LLC
>