Tag: Corporate Greed

Bones About It

Last week, the Hollywood Reporter Hollywood reported on a $179 million ruling against Fox for underpaying the creators and stars of Bones.

There's a lot of typical self-dealing stuff here -- Fox the studio selling the show to Fox the TV network, insisting it was for a fair market value, but being unable to produce evidence that it actually did due diligence in determining what a fair market value was. But on top of that there are some more egregious examples of fraud. In one instance, when Fox sold the streaming rights to Hulu, which it owns a 30% stake in, the same executive signed the contract as both seller and buyer.

And here's one particularly jaw-dropping grift:

During the show’s run, Bones' profit participants were continually rebuffed in their attempts to argue for more money. [Executive producers Barry] Josephson and [Kathy] Reichs signed releases barring them from challenging license fees for the fifth and sixth seasons upon Fox's word that unless everyone signed these releases, Bones would be canceled. According to [21st Century Fox president Peter] Rice, though, Fox already had committed contractually to keep the show on the air and knew that [stars David] Boreanaz and [Emily] Deschanel would never sign such a release. Nevertheless, Fox kept up the impression the stars would sign, even going so far as to include blank signature spaces for the actors in the releases sent to the producers.

Studios do this sort of Hollywood accounting all the time. And they get away with it, because most creators -- actors, directors, producers, etc. -- choose not to sue. Most don't have the money, and of the ones who do, many don't want to run the risk of pissing off the studios.

This suit was decided in a private arbitration court, so it doesn't set any legal precedent. But it does show everybody that the talent can sue the studio and win -- and I expect that will mean more suits like this.

Unfortunately, I don't expect it will cause the studios to change their behavior. One of the plaintiffs' attorneys, John Berlinski, says, "What we have exposed in this case is going to profoundly change the way Hollywood does business for many years to come." I'm more inclined to agree with arbitrator Peter Lichtman's more cynical opinion:

Slamming the company with a punishment that includes $128 million in punitive damages -- or five times the amount of compensatory damages -- Lichtman points out that the award is 0.6 percent of 21st Century Fox's stipulated net worth.

He muses whether it's really enough.

"In fact, one could question whether a five to one ratio given Fox's financial condition and lack of contrition serves to deter the wrongful conduct at issue here, or whether it will be considered part of the cost of doing business," writes the arbitrator.

I think he's right. This won't make the studios stop ripping off the talent; it will merely mean that the studios will continue ripping off the talent while pricing in the risk of the occasional lawsuit.

Meanwhile, there's another Hollywood accounting lawsuit I've been keeping one eye on: Century of Progress Productions v. Vivendi S.A. et al, more popularly known as the Spinal Tap suit.

In 2016, Harry Shearer sued Vivendi over profits on merchandise and music sales from This Is Spinal Tap. From the filing:

... according to Vivendi, the four creators’ share of total worldwide merchandising income between 1984 and 2006 was $81 (eighty-one) dollars. Between 1989 and 2006 total income from music sales was $98 (ninety-eight) dollars. Over the past two years, Vivendi has failed to provide accounting statements at all.

The other three creators, Christopher Guest, Michael McKean, and Rob Reiner, have since joined the suit. There don't appear to be any updates since August 2018, but the litigation is still ongoing.

Century of Progress could be the suit that finally sets some legal precedents regarding Hollywood accounting. Other artists who have filed suits like this have either wound up in private arbitration, as in the Bones case, or agreed to settle. This is different. Shearer, Guest, McKean, and Reiner don't want to settle. They don't need the money. They're in it to set a legal precedent to make it harder for studios to rip off their artists.

I look forward to hearing more from that case.

Fauxpen Source

Back in December, Bryan Cantrill wrote a pretty good article titled Open source confronts its midlife crisis. He discusses a particular problem that's started cropping up over the past year or so: companies deciding that free software/open source licenses are unfair, and modifying them so that they're no longer free/open-source.

It's the same old problem we've been seeing since the start of the Free Software movement: how can you make a profit giving your software away for free? How can you stay in business if somebody else can just take your software and resell it without giving you a cut?

There's a growing trend toward answering that question with "Change the license so they can't do that."

One particular example is the inaccurately-named Commons Clause, which is a clause you can attach to some other license; here it is in its entirety:

"Commons Clause" License Condition v1.0

The Software is provided to you by the Licensor under the License, as defined below, subject to the following condition.

Without limiting other conditions in the License, the grant of rights under the License will not include, and the License does not grant to you, the right to Sell the Software.

For purposes of the foregoing, “Sell” means practicing any or all of the rights granted to you under the License to provide to third parties, for a fee or other consideration (including without limitation fees for hosting or consulting/ support services related to the Software), a product or service whose value derives, entirely or substantially, from the functionality of the Software. Any license notice or attribution required by the License must also include this Commons Clause License Condition notice.

The Free Software Foundation has added the Commons Clause to its license list under "Nonfree Software Licenses". In its update notes, the FSF explained the move:

We added the Commons Clause to our list of nonfree licenses. Not a stand-alone license in and of itself, it is meant to be added to an existing free license to prevent using the work commercially, rendering the work nonfree. It's particularly nasty given that the name, and the fact that it is attached to pre-existing free licenses, may make it seem as if the work is still free software.

Cantrill called out other nonfree licenses too, including Confluent's Community License. Confluent's Jay Kreps objected:

We actually aren’t trying to "co-opt" the community or open source terminology. We tried really hard both in the license and in the blog post to be honest and upfront. Whether you like Confluent's license or not, you have to agree it is exceptionally permissive and the software has a pretty great community of users. How do you describe a license that lets you run, modify, fork, and redistribute the code and do virtually anything other than offer a competing SaaS offering of the product?

I describe it as "Not open source."

"Open source" is not a generic term. It doesn't just mean that you can look at a program's source code. It's a term of art, subject to the Open Source Definition. And the definition includes section 6:

6. No Discrimination Against Fields of Endeavor

The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.

I'm not a lawyer, but I'm pretty sure "a competing SaaS offering" counts as a field of endeavor.

Bruce Perens, who wrote the OSD, explains more in a blog post titled When Licenses Discriminate. It's a relatively short post, so I'm going to quote it in its entirety:

A long time ago, well-meaning people at the University of California, Berkeley created a license for their SPICE electronic simulation software that prohibited use by the Police of South Africa. This was, of course, during Apartheid.

Years later, Apartheid ended. The Police of South Africa now included Blacks and Whites with the same duties and powers. And they were still prohibited from using Berkeley SPICE. Getting the University of California to change the license, so that the software could be carried in Debian as "Free Software", was impossible at the time.

I took this example (among others) and wrote into the Open Source Definition (then the Debian Free Software Guidelines) that licenses could not discriminate against persons or groups, or against fields of endeavor.

This implements a major principle of Free Software. Freedom means Freedom for Everyone, not Freedom For People I Approve Of. Even when those folks abuse the freedom of others.

Someone recently created a license that discriminates against companies that have contracts with the U.S. Immigration and Customs Enforcement (ICE), a division of the Department of Homeland Security. Ironically, this is called "Moral Programming" or "Moral Licensing". I have to object to it on moral grounds.

I don't approve of the recent conduct of ICE under the direction of Donald Trump and his gang. Far, far from it. I am happy to say so, to participate in protests, and most importantly, I will not vote Republican in upcoming elections.

But if you insist on denying them the right to run your software in your license, please be careful not to call it Open Source or Free Software. Because your license will not comply with the Open Source Definition or the Four Freedoms of the Free Software Foundation. Which protect Freedom for everyone.

There's another license that's been getting some attention lately: MongoDB's Server Side Public License. It's based on the GNU Affero General Public License (which in turn is based on the GNU General Public License), but it makes a significant change. Here's Section 13 of the Affero GPL:

13. Remote Network Interaction; Use with the GNU General Public License.

Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software. This Corresponding Source shall include the Corresponding Source for any work covered by version 3 of the GNU General Public License that is incorporated pursuant to the following paragraph.

Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the work with which it is combined will remain governed by version 3 of the GNU General Public License.

Here's the modified version in the SSPL:

13. Offering the Program as a Service.

If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Program or modified version.

"Service Source Code" means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available.

That's some pretty dry legalese, but if you've made it this far, I suppose you're interested in reading about technical differences in free software licenses. So here goes:

If you take a program that's licensed under the Affero GPL, modify it, and make that modified version available to run over a network, you have to license your modified version under the Affero GPL.

Whereas under the SSPL, if you use MongoDB as part of a service package you offer to third parties, you have to release the entire package under the SSPL.

While MongoDB is couching this in the language of the GPL and copyleft, its goal seems more inline with the Commons Clause. It doesn't actually expect anyone to use MongoDB as part of a package and then release the entire software stack under the SSPL; it expects the terms of the SSPL to be so onerous that companies just pay MongoDB to license the software without the SSPL.

What's the point of all this?

It gets back to that earlier question: how do you make money on software you give away for free?

One of the traditional answers to that question has been that you charge for support. That was the idea behind MongoDB: they'd give the software away for free, but charge for support.

That may have been a viable business strategy a decade ago, but the market has changed. More and more companies are choosing not to run their own servers on-site, but instead to use Amazon Web Services. And that disrupts the traditional "pay for service" model -- because now companies are using MongoDB, and they're paying for service, but they're not paying MongoDB for service, they're paying Amazon for it.

Clearly the bean-counters at MongoDB saw this as a problem, and so they wrote a license that they hoped would force Amazon to pay them to continue using their software.

It didn't work. Amazon responded by creating a competing database format called DocumentDB. As soon as Amazon announced the project, MongoDB's stock dropped nearly 15 points. Whoops.

Meanwhile, neither the Free Software Foundation nor the Open Source Initiative has reached an official verdict yet on whether the SSPL is a free/open-source license, but it's under review, and Bruce Perens has his doubts.

First of all, he notes that it almost certainly violates the FSF's copyright on the AGPL; just because it's a license that allows redistribution of modified versions of software doesn't mean that it allows redistribution of modified versions of the text of the license.

The issue of the license text being infringing of FSF's copyright needs to be addressed. I doubt FSF is going to give permission for this use of their text. There is a possible 17 USC 102(b) argument, but most sources (Nimmer, Adams) disagree, and I don't know of any case law. This might require a full rewrite, and IMO OSI would face a risk of being a contributory infringer simply by hosting a copy of the current text on their site. The legal ambiguity of that might be sufficient reason for rejection.

And in the same post, he suggests it might violate sections 6 and 9 of the OSD. I've already quoted #6; here's the text of #9:

9. License Must Not Restrict Other Software

The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be open-source software.

And here's what Perens has to say about the SSPL:

I am most concerned with the second paragraph of section 13, and its conflict with OSD #9 and #6. The definition of how those pieces are coupled needs to be tighter. Management software, backup software, etc. may be used as part of the offering of a service, but they don't create a derivative work, nor are they combined into the same program. So, we get a restriction on works that are simply aggregated together (#9) or a restriction on use of the program if the data is backed up using a non-Open-Source backup program (#6).

In a later post, and with deep apologies, Perens backs off the Section 9 claims and states that the SSPL violates the spirit of Section 9, but not the letter.

The OSD terms were not written for software-as-a-service. OSD #9 very clearly states

The license must not place restrictions on other software that is *distributed* along with the licensed software. For example, the license must not insist that all other programs *distributed on the same medium* must be open-source software.

Since software-as-a-service software is not distributed, OSD #9 doesn't apply. Sorry. The document was written for another time and I could not predict today's conditions.

Regardless, even if it doesn't violate #9, it would nonetheless appear to violate #6. At any rate, Red Hat and its community version, Fedora, think so; they've rejected the SSPL and will be removing MongoDB from their software repositories. The Debian maintainers don't even think a strict analysis of the Debian Free Software Guidelines is necessary; it clearly violates the spirit of the DFSG, and that's good enough for exclusion from Debian.

Here's the thing: a change in license can kill a project. XFree86 was a much more essential package than MongoDB, and its owners made a much more minor change to its license. But that was enough to completely destroy the project. A previous version, with the old license, was forked as X.Org, and within a matter of months every Linux and BSD release had switched.

MongoDB is well along that path. The company has since introduced SSPL v2 in the hopes that it will prove more acceptable than v1, but MongoDB itself is still published under v1.

Maybe v2 will prove more acceptable. Maybe MongoDB won't end up like XFree86 and it'll end up like, say, KDE instead -- a project which initially used a nonfree license but then switched to a free license and continues to be widely used. Those are MongoDB's options: make your license acceptable to the free/open-source community, or fade into irrelevance as everybody switches to a fork. Time will tell which path MongoDB ultimately takes -- and what impact that has on the rest of this new crop of projects trying to pass off proprietary licenses as free ones.

The Last Day at Papago

Papago Brewing used to be my regular watering hole. It closed on Saturday.

Papago Plaza -- the entire complex where the tap room was located -- is being demolished to put up condos. They've expressed hope for finding a new home, but no news yet.

My good friend Brad -- himself a brewery owner these days -- came in from Riverside to pay his respects, and so we got a Lyft van-full of the old gang together and headed up there for the last day.

There are pictures. I don't have them yet. Hopefully I'll get them later and be able to post them.

It was bittersweet. The fridge was mostly empty; most of the items on the menu, food or drink, were sold out. The life-size monk statue had already gone, as had one of the two dartboards.

The writing was literally on the wall; people had been saying their goodbyes in silver Sharpie for months (if one message, dated March, is anything to go on).

We had a few rounds, and then we walked a block south to McFate -- that's my regular watering hole these days. My friends hadn't been there yet, but they were interested in checking it out. There was a nice bit of symmetry: saying goodbye to the old spot, and hello to the new one.

The details of the day are a little hazy. I remember we told old stories, and I laughed some belly laughs.

I'm pretty sure I only drank five beers, and I paced myself, with a glass of water after each. But I do have a tendency to make a beeline for the highest-alcohol beer on the menu when I don't have to drive. (I can recommend the beers I drank at McFate, but can't remember their names. There was an IPA called Hazy something, and a Scotch-aged something or other.)

I'll miss Papago. I hope it reopens someplace. At any rate, it was good to get the band back together for a day, and talk about the good old days.

Net Neutrality Roundup #2

Yesterday I discussed Ajit Pai's plan to dismantle the FCC's net neutrality regulations, his disingenuous justifications for doing so, and the inevitability of lawsuits challenging the change in court. We left off on Tim Wu's observation that Pai is doing this in opposition to the vast majority of public opinion.

The FCC comment period concerning the net neutrality repeal saw 22 million comments; it received a greater response than any other FCC proposal in history.

While Pai has openly acknowledged that he doesn't care about the quantity of pro-Title II comments, he has also, disingenuously, drawn a false equivalence between the number of pro- comments and the number of anti- comments. Jon Brodkin at Ars Technica notes:

Pai [...] released a "Myth vs. Fact" sheet that claims public comments to the FCC don't show significant support for net neutrality. Pai's office called it a "myth" that commenters "overwhelmingly want the FCC to preserve and protect net neutrality," arguing that fraudulent comments far outnumber legitimate ones.

That's true largely because the FCC imposed no real restrictions on comment uploads and took no steps to remove fraudulent comments from the record. But analyses of comments show that about 98 or 99 percent of "unique" comments oppose the net neutrality repeal.

That last link goes to an article by Jeff Kao at Hackernoon titled More than a Million Pro-Repeal Net Neutrality Comments were Likely Faked. Here are a couple lines from the abstract:

My research found at least 1.3 million fake pro-repeal comments, with suspicions about many more. In fact, the sum of fake pro-repeal comments in the proceeding may number in the millions. In this post, I will point out one particularly egregious spambot submission, make the case that there are likely many more pro-repeal spambots yet to be confirmed, and estimate the public position on net neutrality in the “organic” public submissions.

Kao goes on to chart the duplicate versus unique comments:

Chart of trends in FCC comments
Keep-Net Neutrality comments were much more likely to deviate from the form letter, and dominated in the long tail.

From this chart we can see that the pro-repeal comments (there are approximately 8.6 million of them) are much more likely to be exact duplicates (dark red bars) and are submitted in much larger blocks. If even 25% of these pro-repeal comments are found to have been spam, that would still result in more than 2 million faked pro-repeal comments, each with an email address attached. Further verification should be done on the email addresses used to submit these likely spam comments.

On the other hand, comments in favor of net neutrality were more likely to deviate from a form letter (light green, as opposed to dark green bars) and were much more numerous in the long tail. If the type, means of submission, and ‘spamminess’ of comments from both sides were equal, we would expect a roughly even distribution of light and dark, red and green, throughout the bars. This is evidently not the case here.

Kao has gone to more trouble than Pai to try and tell spam comments from legitimate ones. Indeed, New York AG Eric Schneiderman has accused the FCC of stonewalling his investigation into FCC comments using fraudulent names and addresses. And he's not the only one investigating:

Schneiderman is not the first to accuse the FCC of stonewalling investigations into the net neutrality comment system. The FCC's claim that the comment system was temporarily disrupted by DDoS attacks has received lots of attention, but the FCC hasn't provided all the records requested in several Freedom of Information Act (FoIA) requests.

The FCC also told members of Congress that it won't reveal exactly how it plans to prevent future attacks on the public comment system.

A FoIA request from Ars was denied by the FCC due to "an ongoing investigation."

US Senator Ron Wyden (D-Ore.) criticized the FCC for failing to turn over its internal analysis of the DDoS attacks that hit the FCC's public comment system. Senator Brian Schatz (D-Hawaii) and Rep. Frank Pallone (D-N.J.) requested an independent investigation into the DDoS attacks, and the US Government Accountability Office (GAO) has agreed to investigate.

The FCC is also facing a lawsuit alleging that it ignored a FoIA request for data related to bulk comment uploads, which may contain comments falsely attributed to people without their knowledge.

So are there any other ways the FCC's terrible plan is vulnerable to litigation?

Why yes. Yes there are. Because it also prevents states from passing their own net neutrality laws.

And there's legal precedent stating that the FCC can't preempt state laws -- ironically, decided in a case where Tom Wheeler's FCC attempted to prevent states from passing laws against municipal broadband.

These are just some of the avenues of attack Pai has opened himself up to. The question isn't whether there will be lawsuits after the net neutrality repeal; it's how many and how soon.

Net Neutrality Roundup #1

Ajit Pai has announced, expectedly, that he intends to vote to kill the FCC's Title II net neutrality regulations on December 14.

As I've discussed previously, this was a foregone conclusion, but the point was never to change Pai's mind; there are, after all, two whole branches of government besides the one he serves in.

Tim Wu (the man who coined the phrase "Network Neutrality") discusses one of those branches in a recent op/ed in the New York Times called Why the Courts Will Have to Save Net Neutrality.

The problem for Mr. Pai is that government agencies are not free to abruptly reverse longstanding rules on which many have relied without a good reason, such as a change in factual circumstances. A mere change in F.C.C. ideology isn’t enough. As the Supreme Court has said, a federal agency must “examine the relevant data and articulate a satisfactory explanation for its action.” Given that net neutrality rules have been a huge success by most measures, the justification for killing them would have to be very strong.

It isn’t. In fact, it’s very weak. From what we know so far, Mr. Pai’s rationale for eliminating the rules is that cable and phone companies, despite years of healthy profit, need to earn even more money than they already do — that is, that the current rates of return do not yield adequate investment incentives. More specifically, Mr. Pai claims that industry investments have gone down since 2015, the year the Obama administration last strengthened the net neutrality rules.

Setting aside whether industry investments should be the dominant measure of success in internet policy (what about improved access for students? or the emergence of innovations like streaming TV?), Mr. Pai is not examining the facts: Securities and Exchange Commission filings reveal an increase in internet investments since 2015, as the internet advocacy group Free Press has demonstrated.

A popular argument I've seen from anti-Title II trolls on sites like Ars Technica and Techdirt is "Well if we need these rules, how did the Internet do so well before 2015?" (This rhetorical question is usually coupled with sarcastic remarks about former president Barack Obama.)

That question is disingenuous, for a couple of reasons. First, as Wu notes, that's the opposite of how FCC rules get passed and repealed. We already asked and answered the question of why we needed Title II regulations during the public comment period in 2014. The question isn't "Why did we need these rules in 2015?" It's "Why do we no longer need them in 2018?" It's the oldest forum troll trick in the book: "I'm not going to provide supporting evidence for my argument, I'm going to demand that you provide supporting evidence for yours, even though the burden of proof is on me."

The other reason the "How did the Internet ever survive before 2015?" question is disingenuous horseshit is that Pai's not merely rolling back FCC rules to pre-2015 levels, he's rolling them back to pre-2005 levels. Wu's article continues:

But Mr. Pai faces a more serious legal problem. Because he is killing net neutrality outright, not merely weakening it, he will have to explain to a court not just the shift from 2015 but also his reasoning for destroying the basic bans on blocking and throttling, which have been in effect since 2005 and have been relied on extensively by the entire internet ecosystem.

This will be a difficult task. What has changed since 2004 that now makes the blocking or throttling of competitors not a problem? The evidence points strongly in the opposite direction: There is a long history of anticompetitive throttling and blocking — often concealed — that the F.C.C. has had to stop to preserve the health of the internet economy. Examples include AT&T’s efforts to keep Skype off iPhones and the blocking of Google Wallet by Verizon. Services like Skype and Netflix would have met an early death without basic net neutrality protections. Mr. Pai needs to explain why we no longer have to worry about this sort of threat — and “You can trust your cable company” will not suffice.

So let's, just for a moment, play the trolls' game and explain why we need Title II regulations to protect net neutrality.

There's a convenient list of net neutrality violations making the rounds; I don't know where it originated, but I've seen variations on it in a couple of different places: by a poster named JoeDetroit on Techdirt and a poster named Happysin on Ars Technica. Here are both those versions of the list combined and lightly edited:

2005 - Madison River Communications was blocking VOIP services. The FCC put a stop to it.

2005 - Comcast was denying access to P2P services without notifying customers.

2007-2009 - AT&T was having Skype and other VOIPs blocked because they didn't like that there was competition for their cellphones.

2011 - MetroPCS tried to block all streaming except YouTube. They actually sued the FCC over this.

2011-2013 - AT&T, Sprint, and Verizon were blocking access to Google Wallet because it competed with their own wallet apps. This one happened literally months after the trio were busted collaborating with Google to block apps from the Android marketplace.

2012 - Verizon was demanding Google block tethering apps on Android because it let owners avoid their $20 tethering fee. This was despite guaranteeing they wouldn't do that as part of a winning bid on an airwaves auction.

2012 - AT&T tried to block access to FaceTime unless customers paid more money.

2013 - Verizon literally stated that the only thing stopping them from favoring some content providers over other providers were the net neutrality rules in place.

2014 - Netflix & Comcast sign a deal where Netflix will pay Comcast to stop throttling the service. The very next day, streaming problems vanish.

That is, needless to say, not an exhaustive list.

Meanwhile, there's another kind of forum troll, making the rounds like clockwork on every article I've ever seen on this subject: the "What does it matter? Pai's just going to do it anyway; he doesn't care what we think!" troll.

I've already responded to that argument at length (and up at the top of this post -- "two whole branches of government"). Wu reinforces my point:

Moreover, the F.C.C. is acting contrary to public sentiment, which may embolden the judiciary to oppose Mr. Pai. Telecommunications policy does not always attract public attention, but net neutrality does, and polls indicate that 76 percent of Americans support it. The F.C.C., in short, is on the wrong side of the democratic majority.

That's why people left comments on the FCC website. It's why people are writing articles protesting it now, and planning in-person protests for December 7. Lawsuits are inevitable, and clear and constant reminders that Pai threw out the Title II classification against public opinion makes his weak case weaker.

And that's not the only thing. Come back tomorrow for more.

The SFLC Tries to Terminate Conservancy's Trademark

In my last two posts, I've talked about the Linux Foundation's apparent disdain for the GPL (the license that Linux is published under, which allows derivative works but requires them to be published under the same license), and Eben Moglen's apparent souring on legal enforcement of the GPL. I mentioned that the Software Freedom Law Center is seeking to terminate the Software Freedom Conservancy's trademark, and that Bruce Perens believes that this is retaliation by the LF. So let's continue, shall we?

The Linux Foundation now represents corporate interests, not the community. The GPL is designed to protect the community. So there's some friction there right off the bat.

In fact, as I mentioned in the first part, the LF used to have two community representatives on its board, but terminated the position.

Why? Well, it happened right after the Software Freedom Conservancy's Executive Director, Karen Sandler, announced her intention to run for a seat. Looks like the Linux Foundation didn't like that. VMware certainly didn't, since Conservancy is currently funding a GPL enforcement lawsuit against it.

And, as noted in the previous post, Eben Moglen published an article arguing against GPL enforcement. That doesn't seem to have gone over well with the Free Software Foundation; he resigned his position as FSF General Counsel soon after. That's a hell of a thing, after nearly 25 years in the role.

Now, Moglen's SFLC has filed to terminate the Conservancy's trademark, stating that the marks are too similar and could cause confusion. This seems out of the blue; the SFLC started Conservancy, and legally represented it for years; if it were concerned about trademark confusion, it should have expressed those concerns eleven years ago.

Perens went on a bit of a tear about this; he submitted an article to Slashdot titled Software Freedom Law Center Launches Trademark War Against Software Freedom Conservancy, and has commented extensively on two articles at LWN, one quoting Conservancy's post and the other quoting the SFLC's response.

Perens believes the connection is clear: as the Linux Foundation has come to represent corporate members over the Linux community, it has become increasingly critical of the GPL. Eben Moglen and the SFLC, which is funded by the LF, still purport to believe in the GPL, but have become increasingly critical of legal actions enforcing it. The LF includes VMware on its board, and Conservancy is funding a GPL enforcement action against VMware; in light of these facts, it does not appear coincidental that the LF eliminated its community representative positions right after the executive director of Conservancy expressed an interest in running for one, and the Software Freedom Law Center suddenly became concerned that the Software Freedom Conservancy -- an organization which it started -- has a name that's too similar.

So how will this all turn out? I'm not a lawyer, but I think Conservancy is on pretty solid ground here. Of course, if Perens is right, then this isn't really about a trademark at all. And if Perens is right and the Linux Foundation really is out to punish Conservancy, then this action may not be the end of it.

The SFLC and Conservancy: A History

Yesterday, I went over how the Linux Foundation doesn't seem to like the license Linux is published under very much.

Bruce Perens, co-founder of the Open Source Initiative and founder of the Linux Standard Base (which led to the formation of the Linux Foundation), says it's worse than that, and that the Linux Foundation is now undermining GPL enforcement against its member organizations.

This is a complicated story, so strap in. I mean, if this sounds like something you're interested in. If it doesn't, then I don't blame you; come back on Friday, when I'll have about 750 words on April from Teenage Mutant Ninja Turtles.

Still here? Okay.

The Software Freedom Law Center is funded by the Linux Foundation, and provides pro bono legal services and representation to developers of free/open-source software. Its chairman is Eben Moglen, who was pro bono general counsel for the Free Software Foundation from 1994 to 2016. Moglen has done a hell of a lot for free software over the course of the last 25 years.

In 2006, the SFLC launched the Software Freedom Conservancy, an organization that provides free financial and administrative services to free software projects. Today Conservancy represents 48 projects, notably including BusyBox, Git, phpMyAdmin, QEMU, Samba, and Wine. Conservancy is an independent entity and not part of the SFLC, though the SFLC represented Conservancy through 2011.

In 2007, the SFLC and Conservancy began GPL enforcement suits on behalf of BusyBox. BusyBox is a minimal bootable system that's in everything; if you're using a piece of consumer electronics that's more complicated than a microwave oven, there's a good chance it's got BusyBox in it. And a lot of those electronics companies don't bother to follow the GPL and release their source code modifications.

There's been some backlash against GPL enforcement in the years since. BusyBox's maintainer, Rob Landley, later regretted the lawsuits; he deemed them counterproductive, and said they hadn't helped BusyBox or any other project, they'd just convinced companies like Google to avoid the GPL and use permissive licenses instead.

Maybe so. But if nobody ever enforces the GPL, then it's meaningless. A mere suggestion.

Conservancy has continued its GPL enforcement actions. Currently, it's funding Christoph Hellwig's litigation against VMware in Germany. VMware distributes a modified version of the Linux kernel; Hellwig is a kernel contributor and, thus, one of the many copyright holders in the Linux kernel. (While many free/open-source projects require that contributors assign all copyright to a single rightsholder, such as Conservancy or the GNU Project, the Linux kernel does not; every single contributor to the Linux kernel maintains the copyright to the portion of the kernel they contribute, but licenses it under the GPL for anyone else to use.)

Eben Moglen seems to have soured on GPL enforcement. Last year he published an article in the International Free and Open Source Software Law Review titled Whither (Not Wither) Copyleft. His arguments are similar to Landley's: all these GPL enforcement suits are actually bad for the GPL, because they discourage companies from using the GPL at all.

Moglen makes the argument that litigation should be a last resort, and that parties should try to resolve their disputes amicably if at all possible. The thing is, I don't think anybody actually disagrees with that.

When has Conservancy chosen to sue, when there was any other path available? BusyBox v Westinghouse was a default judgement. Westinghouse didn't even bother showing up to court; I don't see how politely-worded E-Mails were going to get it to comply. Conservancy spent three years attempting to negotiate with VMware, to no avail; the lawsuit is a last resort. Whither copyleft? indeed.

Bruce Perens thinks the SFLC's recent trademark action is retaliation for Conservancy's enforcement action against VMware. I'll save the why for my next post. Tune in tomorrow, same Thad-time, same Thad-channel.

The Linux Foundation Hates Copyleft

It's been kinda weird, seeing the Linux Foundation slowly transform into an organization that is fundamentally opposed to the license Linux is published under.

But the Linux Foundation is in the business of turning a profit, and that's meant embracing corporate America -- even Microsoft is now a member. In fact, the board is overwhelmingly made up of corporate representatives now: Facebook, AT&T, Qualcomm, Cisco, VMware (we'll come back to them tomorrow), Intel, HP, Bitnami, Panasonic, Hitachi, Samsung, IBM, Microsoft (Microsoft!), Comcast, Huawei, NEC, Oracle, Fujitsu. There used to be two community representatives on the board, but they eliminated that position (we'll come back to that on Thursday).

Linux is published under the GNU General Public License. The GPL is what GNU/Free Software Foundation founder Richard Stallman calls "copyleft": if a piece of software is licensed under the GPL, then that means anyone else is free to access, modify, and redistribute the source code, provided that if they release a modified version, they publish it under the same license.

Corporations don't much like copyleft or the GPL. They like more permissive licenses, like the MIT License and the BSD Licenses, which allow them to take someone else's code, modify it, and not give their modifications back to the community.

Linus Torvalds, the man who the Linux Foundation is named after, gets this. FOSS Force's Christine Hall recounts his remarks at LinuxCon last year:

“I think that if you actually want to create something bigger, and if you want to create a community around it, the BSD license is not necessarily a great license,” he said.

“I mean, it’s worked fairly well, but you are going to have trouble finding outside developers who feel protected by a big company that says, ‘Hey, here’s this BSD license thing and we’re not making any promises because the copyright allows us to do anything, and allows you to do anything too.’ But as an outside developer, I would not get the warm and fuzzies by that, because I’m like, ‘Oh, this big company is going to take advantage of me,’ while the GPL says, ‘Yes, the company may be big, but nobody’s ever going to take advantage of your code. It will remain free and nobody can take that away from you.’ I think that’s a big deal for community management.

“It wasn’t something I was planning personally when I started, but over the years I’ve become convinced that the BSD license is great for code you don’t care about. I’ll use it myself. If there’s a library routine that I just want to say ‘hey, this is useful to anybody and I’m not going to maintain this,’ I’ll put it under the BSD license.

“Whenever licenses come up, I want to say that this is a personal issue,” he continued, adding a disclaimer most likely meant mainly for the benefit of the BSD folks, some of whom resent Linux’s success, but also to appease big enterprise, which is where the Linux Foundation gets virtually all of it’s funding.

“Some people love the BSD license,” he said. “Some people love proprietary licenses, and do you know what? I understand that. If you want to make a program and you want to feed your kids, it used to make a lot of sense to say that you want to have a proprietary license and sell binaries. I think it makes less sense today, but I really understand the argument. I don’t want to judge, I’m just kind of giving my view on licensing.”

Jim Zemlin, Executive Director of the Linux Foundation, seems to feel a little bit differently. Hall quotes him, in an article titled The Linux Foundation: Not a Friend of Desktop Linux, the GPL, or Openness:

“The most permissive licenses present little risk and few compliance requirements. These licenses include BSD and MIT, and others, that have minimal requirements, all the way to Apache and the Eclipse Public License, which are more elaborate in addressing contributions, patents, and indemnification.

“In the middle of the spectrum are the so-called ‘weak viral licenses’ which require sharing source code to any changes made to the originally licensed code, but not sharing of other source code linked or otherwise bound to the original open source code in question. The most popular and frequently encountered licenses in this category are the Mozilla Public License and the Common Public Attribution License.

“Restrictive Licenses present the most legal risk and complexity for companies that re-distribute or distribute software. These licenses are often termed ‘viral’ because software combined and distributed with this licensed software must be provided in source code format under the terms of those licenses. These requirements present serious risks to the preservation of proprietary software rights. The GNU General Public License is the archetype of this category, and is, in fact, the most widely used open source license in the world.”

Hall adds, "While his points are accurate enough, and reflect what I’ve already written in this article, the terms he uses suggest that the foundation holds the GPL and other copyleft licenses in contempt."

So what's all that got to do with the Software Freedom Law Center filing to have the Software Freedom Conservancy's trademark terminated? Nothing, insist the Linux Foundation and the SFLC. But Bruce Perens -- who founded the Linux Standard Base, one of the organizations that became the Linux Foundation -- thinks it's retaliation for a GPL enforcement lawsuit against VMware.

But that's a story for another post. Or two...

Net Neutrality Day

Today's the Net Neutrality Day of Action.

Here's what I said about net neutrality during the open comment period in 2014, before the Title II rules passed, when the FCC was pushing a policy that would allow ISPs to charge websites for fast lanes:

This is exactly the kind of policy you get when you put a cable company lobbyist in charge of the FCC: a plan nobody but the cable companies could possibly want, and that seeks to make the Internet work like cable TV.

This plan has no benefit whatsoever to consumers. Cable companies demand extortion money from content providers; the providers who are willing and able to pay pass that cost on to their consumers (as Netflix has already done by raising its streaming subscription price), and the providers who aren't are put at a crippling disadvantage. You can bet the ever-increasing bottom dollar on your cable bill that if Comcast had had the opportunity to demand a premium from YouTube to stream video in 2005, we wouldn't be talking about YouTube today -- though maybe that would have been good news for Real Networks, as we'd probably still be limping along on the vastly inferior RealPlayer. Buffering...

This proposal is a government handout to the kind of companies that need it the least: monopolies and near-monopolies that already provide poor service at exorbitant prices, and suffer no market backlash for the simple reason that they provide a necessary service and have no competition.

Google doesn't want this. Microsoft doesn't want this. Netflix doesn't want this. Amazon doesn't want this. Consumers don't want this, and small businesses sure as hell don't want this. The only ones who DO want this are the cable companies who pick our pockets every month -- and their former employees like Chairman Wheeler.

And here's what I said during the open comment period this year, with the FCC preparing to repeal the Title II rules and, once again, proposing Internet fast lanes:

Seeking public comment? This is a farce. Chairman Pai heard exactly what the public had to say in 2014. The public responded, overwhelmingly, in support of net neutrality; indeed, the public interest was so high that the traffic brought down fcc.gov.

If Chairman Pai cared what the public thought, he would not be reversing a rule supported by the public in order to grant more power to internet service providers, some of the most despised companies in America. Nobody wants this except Comcast, AT&T, Charter, and Time Warner.

There is no free market competition in broadband Internet in America. There is no incentive for ISPs to compete on price or on service. We, as Americans, are a captive audience; our only choices are "use whatever ISP is available at our address" and "try to participate in twenty-first century America without Internet access".

We've already seen AT&T prioritizing its own traffic and Comcast banning protocols it didn't like. We need net neutrality protections to prevent predatory, monopolistic ISPs from engaging in that behavior. This is obvious to every American who's seen their monthly bill go up while the quality of service goes down.

But Chairman Pai has made it abundantly clear that he doesn't care what the American public has to say. If he did, he wouldn't even be considering repealing net neutrality.

I was wrong about Wheeler. He backed away from the fast-lane proposal, and passed Title II regulation. It wasn't perfect, but it was better than I ever thought we'd get.

I don't think I'm wrong about Pai. I'd love to be, but I think the fix is in. Pai doesn't give a fuck what the American public has to say.

But it's not about Pai. Pai won't last forever. Trump won't last forever. Even if the Republican majority in Congress sticks around, they're going to have to face their constituents sooner or later. And while net neutrality is a partisan issue on Capitol Hill, it's got broad bipartisan support everywhere else.

I don't think today's protests are going to make a damn bit of difference to Pai. But this is a long game. We need to keep the pressure on.

And hey, I've been surprised before. I thought SOPA and the TPP were foregone conclusions too. Maybe I'll be pleasantly surprised again.

Tracking

I wrote a post about VPNs a few months back, referring to the recent repeal of Obama-era regulations that would have prevented ISPs from selling customer browsing history.

There's a common refrain I've seen from people who favor the repeal, both in the government and in Internet comments sections: "Google and Facebook track you and sell your data, and the government doesn't stop them from doing it, so it's not fair to stop your ISP from doing it!"

Now, this argument is fundamentally dishonest, for the following reasons, off the top of my head:

  • Your ISP sits between you and every single site you visit. Google and Facebook have extensive tracking operations, but not that extensive.

  • You can use the Internet without using Facebook or Google. It may not be easy, but it's possible. You can't use the Internet without your ISP.

  • Google and Facebook's business model is that they provide a service and, in exchange, you allow them to gather your personal data and resell it to third parties. Your ISP's business model is that it provides service and, in exchange, you pay them eighty fucking dollars a month. Did I say eighty? They just kicked it up to one-thirty, if you want unlimited data.

    When you give your personal data to Facebook or Google to sell to third parties, you get their service in return. When you give your personal data to your ISP to sell to third parties, you get fucking nothing in return, because you're already paying your ISP money in exchange for Internet service. Is your ISP going to lower your bill in exchange for taking your personal information to sell to third parties? LOLno.

  • Google and Facebook have competitors. Those competitors don't have the dominant market position that Google and Facebook do; hell, maybe they're just plain not as good. But they exist. They're options.

    There is no significant broadband competition in the US. If I don't like my ISP, I can't just switch to another one, because there is no other one available at my address. My choices consist of Cox, no Internet, and moving.

    There's no incentive for your ISP to behave ethically. There's no incentive for your ISP to charge you fairly. There's no incentive for your ISP to provide quality service. My ISP is a monopoly. Yours probably is too. Or, at best, it might have one competitor that does all the same shit.

  • Google and Facebook have pages where you can opt out of tracking.

But. Despite the intellectual dishonesty of the "but Google and Facebook track you!" argument, there is a kernel of truth in there: yes, Google and Facebook track you, yes it's difficult to avoid that tracking, and no, there are no regulations in place to protect your data. This is a problem.

So, shortly after writing that post, I removed the Google Analytics code from this site. And now I've also updated the site so that the fonts it uses are hosted here at corporate-sellout.com, not called from Google Fonts (hat tip to the Disable Google Fonts WordPress plugin). I'm still using a Google Captcha on the Contact page for now, but I'm looking at alternatives. Plus, there are YouTube videos embedded on this site...and, well, there's nothing I can really do about preventing Google from tracking you when you load YouTube videos. Sorry about that.

I'm also planning on adding SSL to the site, eventually, but I haven't gotten around to it yet.

This blog's not a business. Occasionally somebody buys something through an Amazon Associates link, or buys my book (thanks!), but I've got a day job; I'm not here to make money. I write stuff here because I like to write stuff. Sometimes people like it, and that's cool, and it's cool to know that people are reading. But that's as far as my interest in analytics goes.

I don't resell data; I don't do SEO or A/B headlines or clickbait or any other kind of crap to try and drive people here -- hell, I hate all that shit. But I like looking at site stats once in awhile to see where people are coming from, where somebody's mentioned me, and to laugh at search terms like "did stan lee bone at jack kirby's wife".

So I'm looking for a new stats package. Server-side; just for me, not Google.

Meanwhile, I am looking for ways to use Google as little as possible, not just on this site but in general. I think I can probably get a few more posts out of that subject.