The key difference, to my mind, in these two examples, is that, in
Bruce's example, there is an already-established "infringement of
their property", whereas, in Thomas' there is not yet an established
infringement. That is the very question at the heart of the
discussion, as I understand it: if I make a written offer, how long do
I have to supply the source code before my failure to do so would be
interpreted as a failure to comply with the conditions of GNU GPL 2.0,
such that, by failing to comply with the licence terms, my
distribution infringes copyright?

I am not sure that the two situations above are analagous.

However (and I am musing now), this discussion presupposes that
failure to provide the source code *does* lead to copyright
infringement.

The requirement of GNU GPL 2.0, s3(b), is that Company A, which is
distributing a product containing covered code, must, if using the
"written offer" route, accompany distribution of the binary with a
written offer.

Let us assume that Company A has included a written offer with their
product, saying "Company A will give the complete corresponding source
code for $product to any third party seeking it, for $1. Contact
$address".

Company A has satisfied its obligation under the licence: it has made
a written offer.

With what section of the licence does Company A fail to comply if it
does not subsequently send the source code to someone asking for it?

Or would the requesting party need to establish some sort of direct
relationship by virtue of Company A having made an offer, such as
breach of contract?



Neil

The comparison doesn't apply. There is no infringement, as the GPL does
not stipulate a time frame anywhere. There are requirements to make an
offer for the source code. That offer must be fulfilled. However, our
practical stance on reasonable time to provide it is based on our own
belief, and minus any specified requirement, the law would revert to the
question of, 'Is it reasonable'.
Again, not comparable. There is no time. If you ordered a product, and
it did not specify a delivery date, there is no legal requirement that the
thing you ordered even have been produced. Again, it falls back to what is
reasonable.
Bruce, I have a lot of respect to you, but just think about this for a
second. It is a HORRIBLE idea for a company to not have everything ready.
They put themselves in a situation where compliance could possible be
impossible. But strictly speaking, bad practice != copyright
infringement. If I'm mistaken, by all means, please point to where in the
GPL it states or even infers what state your software must be in prior to
distribution.

And *that* sounds like a debate to be had over a beer...


Neil


Neil Brown
***@neilzone.co.uk | http://neilzone.co.uk

Hi Bruce

On 13 Mar 2014, at 18:33, Bruce Perens <***@perens.com<mailto:***@perens.com>> wrote:

Andy,

I think you are confusing the commission of an act and the revelation of evidence to others. If you consider it that way. there is no reason to treat it as a quantum physics experiment.

I don't believe an act can become retrospectively infringing. (In the spirit of full disclosure, I have come across a case in the UK where the courts disagree with me, but I still have problems with the logic). And I think that must be by RMS and Eben drafted the clause as they did. Certainly, I occasionally draft contracts where I say that 'A agrees to enter into an agreement with third Party B to do X' very deliberately, instead of saying 'A will procure that B does X'. I believe that legally they are very different things. In this case, because of the drafting, we don't have to consider the Schroedinger issue in any case, as it's possible to determine whether the condition has been fulfilled at the time the copying takes place.


If you fail to distribute source code on request, at what time does it become infringement?

Unfortunately, from the perspective of the GPL, never (this is only the case if you employ 3b, not 3a).


The answer is "at the moment that you distributed the binary".

Only if you didn't make the offer at the same time.



At the time you distributed the binary, you had a due diligence requirement to have the complete and corresponding source code on hand and ready for distribution, to have a structure in place to handle that distribution in a timely manner, and to retain that structure in place for three years. If you are unable to assure that at the time of distribution, it's an act of infringement. The only question is when you are caught.

The GPL doesn't explicitly require this, and the courts will only imply the minimum term to give business efficacy to the contract (I'm assuming they'd apply the same rule to the interpretation of a bare licence, but I'm not aware that this point has ever been considered in the English courts, at least). This goes way beyond that requirement - as no term need be implied. That the licensee has given a valid written offer is good enough. If the offer is accepted, there is a remedy - it belongs to the recipient of the code, not the licensor.


An embezzler does not become one when it is found that the books have been cooked. He is an embezzler the moment he diverts the funds. And of course many embezzlers tell themselves that they will put the money back, and then they fail to do so. He may have a change of heart, replace the funds, and never get caught. He may lose the money in Las Vegas and eventually be revealed. But the commission of the act is the original diversion rather than the later loss or replacement.

This is another point - and a very interesting one. If the offeror makes the offer with the intention that he is never going to fulfil it, he may be making a fraudulent representation to the offeree, and he may be committing some sort of offence, but I'm still struggling to see how the licensor has any claim. (Except in the sense that the licensor is also a person who has a right to the code under the offer, so can take up the licensee's offer, and then, if the licensee doesn't respond, seek an order for specific performance, and then release the modified code him/herself). So in a roundabout way, the licensee does have a remedy, but not for copyright infringement.

I'm going back to the original wording of GPL2 - the condition is to accompany the code with the offer, not to make the code available. Once the offer has been made, the condition is fulfilled. I'm even struggling to find extreme cases where court might deem the offer not to be validly made: it was have to be a case where the offeror cannot be bound. Even if the offeror makes the offer fraudulently, the offeree can void the subsequent agreement, but not the offeror. if the offeror is minor, or otherwise doesn't have legal capacity, then the offer wouldn't be valid (and, interestingly, if it's an offer to make the code available for free it also wouldn't be legally binding so arguably fails to fulfil the condition, although an offer made under seal or an offer to provide the source for a penny would be).

It's unfortunate, but I'm pretty adamant that under a strict legal interpretation, provided the offer is validly made, the GPL cannot be infringed for failure to provide the source. I'm trying hard to reach the conclusion we all want to reach, but I can't in any consistent way - not under English law (and I suspect US copyright law) at least.

Best



Andrew






Thanks

Bruce


On March 13, 2014 2:41:06 AM PDT, Andrew Katz <***@moorcrofts.com<mailto:***@moorcrofts.com>> wrote:

HI Neil

On 10 Mar 2014, at 21:09, Neil Brown <***@neilzone.co.uk<mailto:***@neilzone.co.uk><mailto:***@neilzone.co.uk>> wrote:


On 9 Mar 2014, at 19:06, Olliver Schinagl <oliver+***@schinagl.nl<mailto:oliver+***@schinagl.nl><mailto:oliver+***@schinagl.nl>> wrote:

How long of a delay would be acceptable?

As others have said, there is no position within GNU GPL 2.0 or 3.0 which permits a delay in the provision of the source code. However, perhaps, if your question were phrased slightly differently, it might elucidate some further interesting and useful comments? Perhaps:

A company develops, manufacturers and retails a product containing GNU GPL 2.0 covered code, and distribution of the binary is to be accompanied by a written offer conforming to section 3(b).

Someone chooses to take up the written offer, and asks the company for a copy of the source code.

How long need the delay be between someone asking fo
r the
code, and the company providing it, for that company to be considered non-compliant?

This is exactly the right way to analyse this. It's worth considering why 3(b) doesn't say "provide any third party with [the complete corresponding source on request made within 3 years of distribution...]"

I think the answer to this is quite subtle: the GPL is a distribution licence, and, logically, it must be possible to determine whether the condition is complied with at the time of distribution, otherwise the condition is in a Schroedinger superposition of states, and it will never be clear whether the condition was fulfilled or not at the time of distribution, until a period of three years has elapsed (or a request for the source code has been refused).

I suspect that RMS and Eben realised this, and drafted the condition to avoid it. The condition is fulfilled by making the written offer, and not by making the source available.

This has some
interesting consequences. There is no guidance as to when the source has to be provided. It is arguable...



(Hopefully formulating the question in this way does not make me one of the horrible lawyers intent on circumventing the GPL but, if it does, at least take comfort from the fact that I am not *your* horrible lawyer :))

...(which puts me in danger of being one of Neil's 'horrible lawyers') that an offer which says 'we will provide you with the source in 10 years' time' is compliant, although clearly completely against the spirit of the GPL. However, assuming that the offer is 'We will provide you with the complete corresponding source on request', and providing that this is legally binding offer (lawyers will realise that there is, in itself, a problem here), then courts would be likely to interpret the lack of a time period as a 'reasonable time' (what else are they to do, if the offer is binding).

The other consequences of th
is are
that, although under the GPL itself, assuming it is interpreted as a bare licence, there is no mechanism to compel the release of the source (although failure to release under 3(a) clearly leads to a breach of copyright), if the written offer is accepted and forms a binding contract, than it may be susceptible to specific performance, so release of the source can be compelled under that secondary contract.

It is also the case that failure to comply with the offer is not a breach of the GPL (so enforceable by the licensor), but is a contractual breach, enforceable by the recipient of the offer. This does suggest a route for a 'horrible lawyer' to circumvent the GPL.

The licensor would have to demonstrate that the 'offer' was not a 'written offer, valid for at least three years...' that there would a valid claim that the GPL had been breached. That's not necessarily impossible, but it could be a very difficult argument to maintain.

All the best<
br
/>

Andrew




--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

To me, this is the nub of the issue: if someone asks for the code, how long does the binary distributor have to provide the source before he is considered non-compliant? At what point does someone "fail to distribute" the source code? A day after being asked? A week? A month?

(If, indeed, failure to live up to one's written offer is indeed non-compliance; on the wording of the licence, I'm not convinced it is, although clearly it would be based based on the intention.)


Best wishes


Neil


Neil Brown
***@neilzone.co.uk | http://neilzone.co.uk

At what moment do you 'fail' to distribute it?
Actually, you do NOT have a due diligence requirement. You are inserting
requirements which are NOT present. You are at a degree of risk if you do
not, certainly in some cases possibly rather large risk, but you have not
broken license if you fully intend on fulfilling the terms at the time a
request is made to take you up on the offer.
An embezzler is actively doing something. Your saying guilty until
proven innocent, and I go back to my original examples. Motorola Mobility
has provided sources after sanitizing and verifying source trees only
*after* a request for the given sources was made. It is your opinion that
since they failed to produce IMMEDIATELY on request, but spent several
weeks producing the code after request, they they have stolen the Linux
kernel and various GPL components, and have done a crime on par with
embezzling funds for the Columbian Drug Cartel.