While at the Linux Foundation Members Summit in Napa, California, I was bemused to find that an open-source savvy intellectual property attorney had never heard of SCO vs. IBM. You know, the lawsuit that at one time threatened to end Linux in the cradle? Well, at least some people thought so anyway. More fool they. But now, after SCO went bankrupt; court after court dismissing SCO’s crazy copyright claims; and closing in on 20-years into the saga, the U.S. District Court of Utah has finally put a period to the SCO vs. IBM lawsuit.
I think we first mentioned the lawsuit on OSAlert way back in 2003. The then-current version of the Linux kernel was 2.4/2.5.
We had some good wins on copyright this year.
This comes just after recent rule expansions for right to repair, security research and jailbreaking: https://www.eff.org/deeplinks/2021/10/copyright-regulator-eases-restrictions-research-education-and-repair-0
It was also deemed legal to break DRM for blind users: https://www.wired.com/story/ebooks-drm-blind-accessibility-dmca/
And last, but not the least, APIs deemed fair use in copyright law: https://patentlyo.com/patent/2021/04/google-oracle-oracles.html
Of course, none of these are set in stone, so no need to be relaxed, yet. But still, there is plenty to be happy about.
sukru,
I view the whole Oracle debacle as a loss for the copyright cause. “Fair use” rulings don’t become rights because they are assessed on a case by case basis.
(my emphasis)
The problem here is that you can still be sued for reimplimenting an API as they did not rule that APIs are excluded from copyright. Winning your case is NOT going to be determined by the fair use factors in the oracle/google case, you’re going to have to make the case for fair use yourself. And your chances are going to be highly correlated to what court you get sued in as well as your financial ability to reattain strong legal representation.
This whole lawsuit was a huge blow to the idea that interfaces are public and anyone is free to implement it. Take a project like ReactOS. They need to explicitly copy the win32 APIs in order to be compatible with windows. If ever they started becoming a real threat, MS could demand royalties for using their copyrighted API, and failing that MS could sue in a court that dissents with the fair use ruling.
So even though copyright law allows defendants to argue a fair use defense in any copyright infringement case, which a judge will determine by the specifics of the case, it would have been so much better if they had asserted that APIs defining programming interfaces were not copyrightable in the first place. So good on google for winning it’s fair use exception against oracle, but the sequence of trials was a rather disappointing net loss for programmer rights IMHO for giving legal credibility to API lawsuits.
Alfman,
You touch a valid point.
Unfortunately currently header file are copyrightable. And I could actually agree with that. Thanks to how C/C++, and other languages mix interfaces, code, and documentation inside a single file, it is not hard to see this would be the case. (There are entire Boost libraries implemented in headers).
A better verdict could be: anything related to a clean room implementation would be fair use. Something like “all class, struct, function definitions, variable and parameter names, necessary constants, etc”, excluding non-trivial template implementations or manually written comments.
sukru,
Well, to me as a programmer, whether it’s in a header file or not is a bad criterion. Obviously you can easily have inlined code in “header” files. The entire sqlite database can be included as a header file for example, but this doesn’t mean things like that shouldn’t be entitled to copyright, it just means that both implementation and interface are in the same file. And in other languages like java, javascript, php, and so on…it’s perfectly normal to see the code, definitions, documentation, comments written in the same source file too. The implementation, comments, documentation should be copyrightable, but reusing the interface is unavoidable for someone who wants to create their own independent implementation using the same interface, which should be explicitly allowed.
So we really need to look at what the lines of code are rather than what files they are located in. The trouble is, this is easy for a software developer to do, but to a non-savvy lawyer, judge, or legislator it may be hard for them to grasp the concepts, which leads to them getting it wrong
Thing is, this idea never had any confirmed court case behind it. Don’t assume that just because something makes intuitive sense to the majority, it’s actually what the law says.
So… let’s just enjoy the moment. Sure, the court had to rule that APIs are copyrightable because they had their hands tied by copyright law, but we got a strong fair-use ruling on what is a massive API re-implementation case, which should keep Oracle and the other litigious companies at bay.
kurkosdr,
Maybe, but on the other hand the industry norm in the past was that clones could share the exact same interfaces and they would not infringe on copyrights as long as it was an original implementation and they took basic clean room precautions. This notion that interfaces themselves are subject to copyrights is a relatively new interpretation and I think it’s a serious regression from the industry’s roots.
Whether it be hardware drivers, BIOS or operating systems like linux, I think the existence of compatible clones would have been jeopardized if they had been prosecuted under the current copyright regime.
I’m not really confident that the little guys are going to be protected under google’s fair use ruling through. The cases are going to be argued over technicalities in courts that are notorious for flip flopping. No one is really guarantied to reproduce google’s results.
It’s not exactly the fault of copyrights per say, but a troubling problem for smaller guys is how asymetric lawsuits with giant multinationals are. They have billions if not trillions in assets and can fund armies of lawyers to fight you in court for years or decades, as long as it takes. Even if a corporate lawsuit doesn’t have merit, many defendants end up giving up and settling because they simply can’t afford to disrupt their business with a long protracted lawsuit, especially with the uncertainty of winning.
I am reminded of a quote from IBM’s lawyers in the context of patents (this link is about apple, but includes the quote from IBM)…
https://www.project-disco.org/competition/012313-patent-bully-steve-jobs-unethical-use-of-patents-45773/
@Alfman
There are problems with none lawyers discussing topics when they don’t know the basic of law either international or local law, the difference between civil law and common law, and so on. Even the basics of general discussion can be difficult as people confuse debate with discussion and don’t get their definitions sorted out as the first step. That’s not to say ordinary discussion by lay people is useless because it is not. The short version is a lot can go wrong whether it’s access to law or political lobbying on downwards.
I don’t know a huge amount about this topic as I haven’t followed it with the intensity some people have but a few ordinary observations: This case primary concerns the US jurisdiction. Copyright law and monopoly law and reverse engineering and interoperability law are all different things. Time ad time again I see people discussion this case from the point of US law as well as making points of argument which only apply to US law and are actually technically incorrect. For example: the argument about avoiding copyright by clean room implementation is completely wrong as a point of law. It is legal to refer to copyright work as long as work covered by copyright is original. The “clean room” argument is nothing more than a device to avoid expensive lawyers time proving you did not copy. Because of the difference in law in different legal jurisdictions the risk of legal liabilities outside of the US are a lot lower or none existent. Outside of the US reverse engineering is a stronger right in law so has a lot more weight in court. Then there is the awkward issue of the US exporting its law by forcing vendors to comply with local US judgments even if this goes no further than scaring a foreign vendor who sells products within the US market, or other methods such as public or private threats during trade negotiations, or abuse of international regulatory bodies.
And like you say so far the judgments have been none binding.That can be for a lot of reasons whether it’s a fault in the basic law the judges are avoiding, or political cowardice on the part of judges, or the level of court which issues judgments, and so on.
HollyB,
I couldn’t tell you much about other jurisdictions, but clean room design is a real thing that has a lot of history at least in the US.
https://en.wikipedia.org/wiki/Clean_room_design
Yeah, the US is guilty of pressuring other countries to adapt its own intellectual property laws. Software patents were always kind of evil because they encourage an exclusionary land grab granting legal monopolies on the most suitable algorithms and denying independent developers the fruits of their own labor
Copyrights hadn’t bothered me as much until recently. Historically copyrights weren’t being used to block competing developers from writing their own independent implementations of things. However API copyrights are kind of corrupting this principal.
Also in other domains I think copyright is reaching an end game where it’s becoming increasingly difficult to compose original music that doesn’t replicate riffs and patterns of prior music. This mathematical inevitability is kind of unfair to new artists who are increasingly likely to face incidental infringement. I can’t speak to any specific recording being incidental or intentional, but considering that melodies don’t have to be perfect copies to be found guilty of infringement, it makes the chance of collisions that much higher.
https://www.sharongivoni.com.au/copyright-infringement-and-music/
I don’t think this is sustainable in the long term, at least not if we want to avoid a future where new artists will be forced to license riffs from copyright holding companies to use in their own compositions.
@Alfman
Yes I’ve been following this and you make good observations.
It’s slightly orthogonal to the topic but the other week I chanced upon some analysis of autotune:
https://www.youtube.com/watch?v=s7aDN3oujXI
And the follow up:
https://www.youtube.com/watch?v=HVmXBql1ZlA
@Alman
More thoughts are that notes on paper and the actual performance can be completely different. A fair amount of the final performance is interpretive and down to the different skills and temperament of the artist. That’s not unlike API’s and the sourcecode. And as we know with some things there is only one good way to solve that particular problem so notes on a page or sourcecode are going to look exactly the same which isn’t unlike riffs.
Individual technique:
https://www.youtube.com/watch?v=1B8udfivolA
Careful of confirmation bias here. The question was never actually answered and still casts a shadow over the industry.
SCO licensed code to IBM, SCO canceled IBM’s SVRx license which IBM which IBM then went on to effectively ignore and continue to use in AIX without payment. SCO are seen as a “big bad” in the linux community, but ultimately it could be any business running against a big player like IBM who basically used their sheer mass to not pay and profited off of it, THEN gave it away to the entire market for free as a “derivative”, crushing your business model and losing thousands of jobs in the process.
The argument was and still is, are derivative works covered by a licence or not?
Except that SCO never did show what IBM did or did not copy. From what I remember, it did a whole lot of hand-waving then produced some generic Unix/POSIX header files and said, “look, they contain the same definitions.” To top it all off, Novell demonstrated that the code in question wasn’t even SCO’s to license, to begin with, so it had no standing.
Even the Oracle vs. Google case had more “outright copying” of header files and was deemed fair-use. SCO never had a case and the only reason this went as far as it did is because they had some very wealthy backers.
I’m surprised folks are still attempting to spread the same FUD that was proven to be false in court over 10 years ago. To answer your question: yes, derivative works are covered by the license. To address your FUD: no, this was never the question here since (1) SCO did not own the code, so had no claim over it, and (2) SCO was never able to demonstrate IBM produced a derivative work.
It was ruled in court that SCO never got the copyrights transferred in the APA with Novell (and that wasn’t the goal in the APA either), so they had no standing to license anything without the say so of Novell, who were the owners of the copyrights at the time. Also, SCO as in The Santa Cruz Operation, the originators of SCO Unix, sold their Unix business to Caldera, a Linux distributor. “Old” SCO went on as Tarrantella, a company with network middleware, later acquired by Sun Microsystems.
Caldera subsequently renamed itself The SCO Group and sued IBM for alleged wrongdoings they themselves were never a party to. It could be argued that The SCO Group had unclean hands themselves by dint of having been Linux company Caldera. Much of the ballyhoo was later found to be copied BSD code, which is permissible by its license. The SCO Group suit was in essence a nuisance suit to grab rights they didn’t have and weren’t entitled to.
You’re grossly misrepresenting what happened.
The argument was more in the lines if a company can change the terms of a previous agreed upon contract/license unilaterally, so they can use it against one of the licenses. IBM wasn’t “ignoring” the license, on the contrary they were honoring it.
It’s a sad saga of SCO ending up being a patent troll going against one of the largest patent holders on earth. The IBM legal team must still laugh about this whole thing to this day.
“Opportunity loss” is an actionable thing and contract law in the UK at least (which I have to use as a model because I don’t know the first thing about US contract law) is a thing too.
IBM has it own in house OS licenses tied to its own proprietary hardware. IBM also saw an opportunity to take a leadership role in an emerging market and to shape the direction of Linux and offload the cost of OS development.
Having access to sourcecode can speed up reverse engineering no end.
That’s the best case I can make out of things.
Most of the API versus copyright cases happening seem to me to be driven by an urge to control the market and lock-in users. Oracle have their feature creep which locks in users. Microsoft are now blatantly behaving as if they own your platform and using access to open source to con management into remaining on the Windows platform and build trojan horses. Google are playing innocent but they are the biggest privacy busting data thieves on the planet and not immune to user and developer unfriendly tricks with Android to keep vendors supporting their platform.
Platform lock-in tactics and the cloud and making things none repairable is the end result of a long journey by these corporations to own the market and own the user.
As others have rightly pointed out thats an accurate summary of the facts for SCO vs IBM. That would otherwise be a terrible case with different players. I’m not currently aware of a set of facts that exactly matches your larger worries. Maybe ZFS would be the best case, were Oracle to press charges against a linux distro shipping it, or a company that uses it. But they haven’t done it yet, so Fingers crossed they never do. I’m not exactly clear on the facts in the zfs case so some one more versed in how ZFS for linux came into being could chime in.
@Bill
Sun deliberately created a license for ZFS which was incompatible with GPL. My reading of this is it doesn’t exclude precompiled generic binaries from being distributed and plugging into a system with a GPL interface as long as the user is given the option at install time. (i.e. It is not a derived work.) The Sun license doesn’t stop anyone from writing their own implementation of ZFS as an original work.
I think one thing Oracle et al forget is if they got what they wanted in a US court it may mean to one degree or another US companies taking advantage of this would find their products and the licenses which surround them are unlawful in none US jurisdictions.
Many US big tech licenses and US EULA’s are strictly speaking unlawful under European law one two points: You cannot sign your rights in law away in Europe, and a wall of impenetrable or otherwise dodgy legalese would also be ruled unlawful so have no force in law.
In the UK law contains even more gotchas for US companies. Unlike mainland Europe the UK is a common law jurisdiction not a civil law jurisdiction. (The US is a hybrid.) What does this mean? To some degree it depends on the grace and favour of judges and government but under the law of England and Wales (Scotland has a similar but different system) there is jurisprudence around law being unenforceable. If law is deemed unenforceable you won’t find your case even getting to court. This can happen for lots of reasons such as being viewed as archaic or not being supported by society because it lacks credibility or relevance to the current legal landscape.
I have no hesitation at all when it comes to writing to MPs and getting them to ask questions about shady practices and corporate bullying.