These tools are all licensed as GPLv3 and I don’t see a CLA anywhere. From what I can tell, any commit (that takes actual creativity and work, basic copyright requirements and all) seems to be licensed under GPLv3 as well.
That means that if they decide to close the apps, or fork them with a paid version, they’re breaking the terms of the GPL license. The infectious nature of GPL means that any customer has the legal right to demand the source code of the application, and is allowed to republish that source code if they so choose.
Now, I expect the new owner to just ignore the GPLv3 license, which would then allow contributors to demand either compliance or, in the worse case, revoke the company’s permission to use their work, thereby giving them the legal right to issue takedowns under the DMCA and similar laws.
Of course I’m not a lawyer so it’s hard to predict how this will work out exactly and what the exact rights of the individual contributors are, but this has the potential to be one hell of a shitstorm if the new owners think they can close up shop.
This is also why you need a CLA if you’re going to use GPL or a similar license for your open source project of you ever want to sell the project, dual license it, change the license, or do any legal work other than enforcing trademark, really.
Dumb question because I’m not fluent in License-Lore: which license would be best at preventing others (or me from the future) from selling / closing down the licensed work? Would it be GPL, AGPL, MPL, something else?
It’s hard to tell. I think AGPL is one of the better “fuck business opportunities” licenses. If it scares the Google lawyers enough that Googlers aren’t allowed to use AGPL code or use AGPL software on company computers, that makes it seem pretty good to me.
When it comes to “big company forking and taking over”: customise the license. Software licensing is hard, and known licenses make it a little easier. Big companies hate custom licenses because Legal needs to sign off on it. Just adding a little throwaway line to the license used for JSLint has ended up with IBM having written permission to use JSLint for evil.
If you are the sole author of your code, you can relicense as much as you want. Other people may have received a licensed copy before the relicensing, but new additions don’t need to follow that same license model, and you’re not bound by any restrictions on the old code either. The license determines under which terms you’re giving something away, but you can decide those terms for yourself! In other words, it’s almost impossible to prevent yourself from selling your code in the future through licenses alone.
However, when other people come in and help, this becomes complicated. Now you need their permission to relicense their code, because you’re not the owner of that code. You can use it, under the license provided by the alterations, but you can’t just change the license.
A Contributor License Agreement is a document others sign (digitally, usually) that will grant you certain rights to their work. Using the right CLA (and you’ll need a legal professional to determine what is “right” for you!) you can make contributors hand over either full authorship of their work or give you an irrevocable license to reuse and relicense the code. Without such a signed document, you’re bound by the whims of the contributions’ authors, which can be a real issue for “open core” projects that want to relicense (for example, when Amazon takes the code for their open source SaaS and provides a dirt-cheap alternative you cannot compete with).
So, if you want to prevent yourself from ever selling your code: take contributions from as many people as possible, under as open a license as possible. Of course you can always sell your product, but the business would be buying a complex and most likely expensive copyright situation along with the code.
There are licenses that can help prevent business interest. If you don’t mind being classified as a proprietary project, you could use CC-NC. When others contribute to your project and use the same license, you’ve essentially screwed yourself over. However, most people interested in open source software don’t really care when a small shop down the road uses their open source calculator app, so CC-NC isn’t very popular.
Obligatorily: I am not a lawyer, and license law is complicated.
MPL wouldn’t be the best choice, since it is per-file. GPL is copyleft and viral, meaning that if you make a modification and distribute the software, you must provide your modified source code under the GPL. AGPL is stricter in terms of when source code must be released; primarily it targets server software where the user interacts with the software, but does not actually download the software itself. The GPL wouldn’t require releasing source code, but the AGPL would.
As skullgiver mentioned, if you want to relicense, it would be best to use a CLA. The key to preventing yourself from being able to relicense your project (to a proprietary license or otherwise) is to ensure that other people are licensing their contributions to you under the GPL, without a CLA giving you exceptions, so that you yourself must follow their licensing terms. The Linux kernel for example is locked into the GPLv2, because they used a version of the GPL that does not provide for “upgrading” to newer versions of the GPL, and there are too many people who have contributed to the code to get all together to agree on a relicensing.
Oh, this is going to be a ride.
These tools are all licensed as GPLv3 and I don’t see a CLA anywhere. From what I can tell, any commit (that takes actual creativity and work, basic copyright requirements and all) seems to be licensed under GPLv3 as well.
That means that if they decide to close the apps, or fork them with a paid version, they’re breaking the terms of the GPL license. The infectious nature of GPL means that any customer has the legal right to demand the source code of the application, and is allowed to republish that source code if they so choose.
Now, I expect the new owner to just ignore the GPLv3 license, which would then allow contributors to demand either compliance or, in the worse case, revoke the company’s permission to use their work, thereby giving them the legal right to issue takedowns under the DMCA and similar laws.
Of course I’m not a lawyer so it’s hard to predict how this will work out exactly and what the exact rights of the individual contributors are, but this has the potential to be one hell of a shitstorm if the new owners think they can close up shop.
This is also why you need a CLA if you’re going to use GPL or a similar license for your open source project of you ever want to sell the project, dual license it, change the license, or do any legal work other than enforcing trademark, really.
Dumb question because I’m not fluent in License-Lore: which license would be best at preventing others (or me from the future) from selling / closing down the licensed work? Would it be GPL, AGPL, MPL, something else?
It’s hard to tell. I think AGPL is one of the better “fuck business opportunities” licenses. If it scares the Google lawyers enough that Googlers aren’t allowed to use AGPL code or use AGPL software on company computers, that makes it seem pretty good to me.
When it comes to “big company forking and taking over”: customise the license. Software licensing is hard, and known licenses make it a little easier. Big companies hate custom licenses because Legal needs to sign off on it. Just adding a little throwaway line to the license used for JSLint has ended up with IBM having written permission to use JSLint for evil.
If you are the sole author of your code, you can relicense as much as you want. Other people may have received a licensed copy before the relicensing, but new additions don’t need to follow that same license model, and you’re not bound by any restrictions on the old code either. The license determines under which terms you’re giving something away, but you can decide those terms for yourself! In other words, it’s almost impossible to prevent yourself from selling your code in the future through licenses alone.
However, when other people come in and help, this becomes complicated. Now you need their permission to relicense their code, because you’re not the owner of that code. You can use it, under the license provided by the alterations, but you can’t just change the license.
A Contributor License Agreement is a document others sign (digitally, usually) that will grant you certain rights to their work. Using the right CLA (and you’ll need a legal professional to determine what is “right” for you!) you can make contributors hand over either full authorship of their work or give you an irrevocable license to reuse and relicense the code. Without such a signed document, you’re bound by the whims of the contributions’ authors, which can be a real issue for “open core” projects that want to relicense (for example, when Amazon takes the code for their open source SaaS and provides a dirt-cheap alternative you cannot compete with).
So, if you want to prevent yourself from ever selling your code: take contributions from as many people as possible, under as open a license as possible. Of course you can always sell your product, but the business would be buying a complex and most likely expensive copyright situation along with the code.
There are licenses that can help prevent business interest. If you don’t mind being classified as a proprietary project, you could use CC-NC. When others contribute to your project and use the same license, you’ve essentially screwed yourself over. However, most people interested in open source software don’t really care when a small shop down the road uses their open source calculator app, so CC-NC isn’t very popular.
Obligatorily: I am not a lawyer, and license law is complicated.
MPL wouldn’t be the best choice, since it is per-file. GPL is copyleft and viral, meaning that if you make a modification and distribute the software, you must provide your modified source code under the GPL. AGPL is stricter in terms of when source code must be released; primarily it targets server software where the user interacts with the software, but does not actually download the software itself. The GPL wouldn’t require releasing source code, but the AGPL would.
As skullgiver mentioned, if you want to relicense, it would be best to use a CLA. The key to preventing yourself from being able to relicense your project (to a proprietary license or otherwise) is to ensure that other people are licensing their contributions to you under the GPL, without a CLA giving you exceptions, so that you yourself must follow their licensing terms. The Linux kernel for example is locked into the GPLv2, because they used a version of the GPL that does not provide for “upgrading” to newer versions of the GPL, and there are too many people who have contributed to the code to get all together to agree on a relicensing.
Thanks for the response. Seems like I made a good choice by going with the AGPL