@pixelcode @mikolaj @Natureshadow @owl @rysiek @teckids_eV @AlekSISorg Not sure if there´s an ultimate truth to be found here. But the (German-based) globocorp for which I used to work in #FOSS governance/compliance, with all its sceptical lawyers, didn´t think that addition was necessary or even helpful.

@jens @kgerloff @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg which is a big problem if you're a globocorp that uses MIT-licensed software all over the place.

If MIT is invalid, you are not licensed to use the software. That would expose you to a huge legal jeopardy.

So if a well-lawyered-up globocorp thinks"this is fine", this is almost certainly fine in this particular case.

@rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg

Here´s the gold standard FAQ on this for se Germanz: ifross.org/?q=open-source-lize

1. The warranty/liability exclusions in the license aren´t valid in Germany
2. They´re simply overridden by the standard rules in German law
3. The license remains valid nevertheless.

@kgerloff @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg Well, yes, but ifross.org/?q=welcher-gesetzli explains further.

If the FOSS software is distributed free of charge, you tend to only be liable if you caused damage intentionally or through gross negligence, or when you maliciously hide flaws.

It's probably good enough for FOSS-as-a-hobby. FOSS-as-a-business could be a lot trickier.

@jens @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg If by "FOSS for business" you mean "I charge someone to use the software", it´s definitely good enough.

You´re liable for damages due to intent or gross negligence, and that applies whether you´re selling software, car tyres or potted plants.

@kgerloff @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg Not to put too fine a point on it, but there's a very subtle difference between charging people for the use of software, and making modifications to the software on behalf of the same people (even if they remain firmly FOSS). The question then is how that second work is charged. Is it "for free", part of the service fee? Or is it bespoke development?

It's that kind of distinction that may matter.

@jens @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg It does matter for you, but it´s more a question of what type of contract you´re working under. Not really a liability issue.

Look, everyone, what I just want to say is: #FOSS is absolutely fine for business! It´s actually *less* problematic than proprietary software in legal terms.

@kgerloff @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg Very true, but as I said, a fine distinction people may not be aware of.

As for is fine for businesses, I second that. I review tech departments for due diligence, and...

@kgerloff @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg
... well, if FOSS terms are a bit confusing, maybe a love triangle in a 2h movie, then commercial licensing is like a ten year run of a daily telenovela.

Fine if you're into that! Easy to navigate, no.

@jens @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg If you’ve got a halfway skilled compliance team, #FOSS handling is mostly super easy!

FOSS licenses do what it says on the tin, so it’s mostly a matter of checking that nobody has „improved“ the license texts. A lot of that can be automated with tools like Fossology and SW360.

Approaches like @fsfe #REUSE make it easier still.


@kgerloff @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg @fsfe yes, but that's sort of the point. Plenty of places with up to a few hundred people won't have one.

@jens @rysiek @pixelcode @mikolaj @Natureshadow @owl @teckids_eV @AlekSISorg @fsfe True. Fortunately most #FOSS compliance is easily handled with a few simple rules of thumb:

1. Ship source + copyright notices + license info along with your binaries

2. Avoid combining obviously incompatible licenses into a single work

3. When some Internet rando contacts you with compliance questions, take them seriously.

4. Find a competent lawyer to advise on edge cases.

Sign in to participate in the conversation
Finkhäuser Social

A private instance for the Finkhäuser family.