Source files of,,,,, and Contribute:
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

news-20180530-02.en.xhtml 9.4KB

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <html newsdate="2018-05-30">
  3. <head>
  4. <title>LLW2018: The FSFE brings together top legal experts to debate about
  5. cross-cutting legal and licensing issues around Free Software</title>
  6. </head>
  7. <body>
  8. <h1>LLW2018: The FSFE brings together top legal experts to debate about
  9. cross-cutting legal and licensing issues around Free Software</h1>
  10. <p newsteaser="yes">Following more than a decade long tradition, the
  11. FSFE once again led its annual Free Software Legal and Licensing
  12. Workshop (LLW) in 2018: a meeting point for world-leading legal experts
  13. to debate issues and best practices surrounding Free Software licences.
  14. This year we decided to bring the event back to its roots and emphasise
  15. the "Workshop" part in its original title: around 120 legal experts
  16. gathered for a 3-day conference in Barcelona, Spain with an
  17. unprecedented amount of parallel tracks and interactive sessions
  18. designed to dive into the most contentious topics in the legal world of
  19. Free Software.</p>
  20. <p>Traditionally, the whole event is covered under the
  21. <a href="" target="_blank">Chatham House
  22. Rule</a>, enabling confidential discussions under fair terms for all the participants.
  23. However, the part of the conference not covered by Chatham House Rule
  24. (as explicitly stated by speakers) was reflected in a series of articles
  25. by Jake Edge from, who wrote about the following discussions
  26. that had taken place during the LLW2018:</p>
  27. <p>Marcus von Welser and Armijn Hemel gave an overview of the recent GPL
  28. compliance <a href="" target="_blank">case</a> in Germany, where
  29. Patrick McHardy claimed that the company Geniatech violated his
  30. copyright in Linux kernel. The regional court in Cologne (Germany),
  31. where the case was brought into action in 2017 initially granted McHardy
  32. the injunction and obliged Geniatech to stop from distributing any
  33. version of the kernel. Geniatech appealed the injunction on the grounds
  34. of being too broad and restrictive, as Patrick McHardy cannot be
  35. perceived as a co-author of Linux kernel, as he claimed. In fact, his
  36. contributions to Linux kernel under GPL v.2 could only be considered as
  37. adaptations under German copyright law which gives him right to claim
  38. the discontinuation of distributing kernel versions with his
  39. modifications only. According to Marcus von Welser, there are more than
  40. 100 officially released versions of the kernel that do not include any
  41. contributions from McHardy. By ordering Geniatech not to distribute any
  42. version of the kernel, the court was covering kernels that were not even
  43. part of the dispute with McHardy. After an oral hearing at the higher
  44. regional court of Cologne in March 2018, McHardy eventually withdrew his
  45. application for an injunction. The case shows that there is a need for a
  46. wider information exchange on how to build adequate legal defense
  47. strategies against copyright trolls.</p>
  48. <p>Dirk Hohndel presented the <a href="" target="_blank">challenges of compliance of container
  49. images</a>. With containers being a hot
  50. topic, there are many issues with container images and their compliance,
  51. according to Hohndel. Primarily, it is a common practice to just copy a
  52. container image from random internet locations, ignoring licences.
  53. According to Hohndel, such practice is not only a security nightmare but
  54. also a "rabbit hole" in terms of identifying what is actually shipped in
  55. such containers. While it is already hard to figure out which packages
  56. are included in the build, it is even harder to fix any compliance
  57. issues after you have identified any. The version and which patches are
  58. applied are also difficult to determine. Beyond that, the licences
  59. under which those packages are distributed are not obvious. This is why
  60. it is important to train software developers about the pitfalls of the
  61. container build systems, according to Hohndel. Additionally, containers
  62. need to be built with good compliance practices in mind: for example,
  63. starting from a base that has known-good package versions, corresponding
  64. source code, and licences. Needles to say, the anti-pattern of
  65. installing container images from random internet locations has to be
  66. avoided.</p>
  67. <p>Mike Dolan <a href="" target="_blank">presented</a> the Community
  68. Data Licence Agreement, a legal instrument to enable sharing relevant
  69. data for applications like machine learning, blockchains, and open
  70. geolocation, similarly to how Free Sofware licences work for software.
  71. The idea behind the CDLA is to share data openly using the knowledge
  72. acquired from decades of sharing source code. There are two types of
  73. agreements in CDLA inspired by copyleft and non-copyleft licences for
  74. software. Solely applying Free Software licences to data is not optimal,
  75. as there are fundamental differences between data and source code, and
  76. this is why a separate legal instrument is needed in order to address
  77. issues that are data-specific. For example, data can be perpetual and
  78. this is why it might be impossible to recreate the same conditions under
  79. which such data was gathered. That means the license under which such
  80. data is released may be critical to how it can be used decades or even
  81. centuries from now.</p>
  82. <p>Participants were also updated about recent developments and the
  83. Appeal's court's reasoning in the on-going legal battle between Oracle
  84. and Google over latter's use of Java application programming interfaces
  85. (APIs) in its Android operating system. It is long-standing tradition to
  86. borrow APIs from different products in software development in order to
  87. ensure compatibility between programs. In short, an API allows two or
  88. more programs to speak to each other by using common specifications.
  89. Oracle brought a legal action against Google back in 2012 claiming its
  90. copyright violation over the use of APIs written in Java. In 2012, a
  91. district court ruled that APIs are not subject to copyright. That
  92. decision was overturned by an appeals court and returned to the same
  93. district court. In 2016, the jury ruled that Google’s use of the Java
  94. APIs qualified as permitted "fair use" under US law. Oracle appealed the
  95. jury decision, stating that Google copied former's APIs solely for
  96. commercial purposes, copied thousands more lines of code than necessary,
  97. as well as lured Oracle's customers from licensing Java SE to switching
  98. to Android because Google provided free access to it. In March 2018, the
  99. appeals court sided with Oracle and ruled that Google's use of Java APIs
  100. in question was not fair as a matter of law. While the case is far from
  101. over, as Google can further appeal the decision in the Supreme court, it
  102. may set a precedent for software development in general.</p>
  103. <p>Artificial intelligence (AI) and automated decision making and its
  104. connection to Free Software in the 21st century was another topic for a
  105. debate during the conference. When it comes to generalisation of
  106. automated decision making, we need to look beyond a Free Software
  107. licence to meaningfully address all the issues affecting users' rights.
  108. In the workshop discussion, participants concluded that automated
  109. decision making raises points that are not easy to solve. In particular,
  110. we expect every automated decision that affects humans to be accompanied
  111. by a human understandable explanation of why this decision was made. For
  112. machine learning techniques, and in particular deep learning, there is
  113. little understanding on how to ensure that AI is explainable, and it is
  114. currently an active area for research. There are also challenges when it
  115. comes to transparency and accountability of decision making processes.
  116. In particular cases, this criterion is impossible to achieve, e.g. by
  117. providing full access to medical history of a population used to train
  118. certain algorithms.</p>
  119. <p>In another interactive workshop session, the participants gathered
  120. to identify and address the common legal pitfalls for public
  121. procurement of Free Software. The participants first identified a few
  122. real-life cases on how Free Software procurement process can be
  123. regulated. A legal requirement to prioritise procurement of Free
  124. Software (like it is the case in <a
  125. href=""
  126. target="_blank">Italy</a>) is a good option for more Free Software in
  127. public sector in law and theory. However, the Italian case lacks the
  128. practical implementation, as the law does not foresee sufficient
  129. sanctions in case of non-compliance. Another case comes from town of
  130. Barcelona, Spain, where advanced policies and guidelines for procuring
  131. Free Software for public sector are adopted on the local municipality
  132. level. In case of Barcelona, the decision to move towards more Free
  133. Software in public sector is made by procuring public authorities
  134. themselves, rather than by a top-down legislative requirement. The
  135. downside of such a "soft law", however, is the uncertainty of positive
  136. procurement policies once the mandate of politicians runs out. There
  137. is, therefore, a need for a culture change in public administrations
  138. and a strong political will to change existing preconditions in public
  139. procurement.</p>
  140. <p>The workshop would not have been possible without the generous support
  141. of all the event's sponsors. In particular, we would like to thank our
  142. Platinum Sponsors: Intel, Red Hat, and The Linux Foundation.</p>
  143. </body>
  144. <tags>
  145. <tag>front-page</tag>
  146. <tag content="Legal">Legal</tag>
  147. <tag content="Licensing">Licensing</tag>
  148. <tag content="Compliance">Compliance</tag>
  149. </tags>
  150. <author id="malaja"/>
  151. </html>