Webmink In Draft

A clause in a software license that says something that sounds as simple as “you must follow the law” is problematic in practice and likely to render the license unapprovable as open source. Here's why.

Graduated to a Meshed Insights article

Of the many attributes of software freedom that could move to front-of-mind, it strikes me that the minimal license compliance burdens for open source software users are actually a comparative strength. Having them presented as a dangerous weakness by commercial interests in various contexts (what has been called “the compliance-industrial complex”) applies a “frame” that serves only the detractors of software freedom. No wonder proprietary vendors want to divert our attention! Open source is so much easier!

During the discussions around European digital agenda legislation, I have frequently heard people proposing to define “open source” within a draft instrument. But that's a surprisingly difficult thing to do – it turns out that despite being a globally-understood term-of-art, capturing the whole thing in a phrase simple enough to use in a recital requires a great deal of thought and experience.

So people mostly defer to the OSI Open Source Definition, which is not designed for that purpose. This post considers three different ways to consider open source — knowing it when you see it, knowing it by its goals and knowing it by summarising its mechanism — and includes a recital-ready definition of open source for use in legislation that embodies the global consensus of its meaning.

Ultimately software freedom is a matter of personal liberty, however it is framed. Whether you describe it as “open source” or “free software”, the goal is for each individual user of software to be self-sovereign in their software and data. Where the privilege of choice is available, this is a matter of consciously choosing liberty, and it is strictly a matter for each individual to make a set of choices — which will necessarily be inter-related.

Update: Graduated to the OSI Blog.

Like me you may be surprised to see the suggestion from the IMCO Committee to change “free and open source software” in the CRA to “freeware and open source software” in an amendment from Karen Melchior MEP¹. It's not a word I have heard much this decade, so I checked with her team and discovered this was an informed and intentional choice, not a misunderstanding (by them, at least).

I just read a news story about how Chinese tech companies are threatening Europe by registering so many patents. Turns out it's in the context of “open standards” and is actually Chinese companies copying what European multinationals have done for years with patents embedded in standards. That Sword of Damocles cuts both ways.

Update: This has now graduated to the OSI Blog.

No, open source advocates are not engaged in “special pleading” to try to get open source given an unreasonable artificial market advantage in Europe, as some are alleging. From the very beginning I have heard people claiming that open source advocates are trying to get open source software per se excluded from the scope of regulation by the Cyber Resilience Act (CRA). Even now it seems people are still hearing this.