Cover photo
Software Freedom Conservancy
120 followers|15,038 views


Just about 12 hours to go for 28 more Supporters to join or renew to meet +Private Internet Access match donation!
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
Private Internet Access launches $50,000 match for Software Freedom Conservancy

Today on Giving Tuesday, Software Freedom Conservancy announces a generous match by Private Internet Access of $50,000 towards our current fundraiser.

Until January 15, Supporters count twice toward our fundraising goals! If you join or renew as a Supporter now, Private Internet Access will contribute matching support. The next 416 Supporters (both new or renewing, monthly or annually) will have the impact of 832 Supporters. Giving now will quickly advance the progress in our fundraiser and help sustain much of Conservancy's work for free and open source software.

With the funds provided by previous match donors in 2016, Conservancy is over 60% towards our goal of 2,500 Supporters which we need to continue our full programmatic activities through 2017. Become a Supporter today!

The match includes renewing annual supporters, and new supporters who join monthly or annually.
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
+Linux Weekly News has an article about The GPL Compliance BoF Session at +Linux Foundation Events ' Linux Plumbers Conference.
Add a comment...
Conservancy Promotes Transparency by Publishing Template Agreements for Linux Compliance Program

Discussion Invited at Second Feedback Session on GPL Enforcement

Today at the +Linux  Plumbers Conference, Software Freedom Conservancy hosts its second feedback session on the GPL Compliance Program for Linux Developers. These sessions, which Conservancy is hosting at relevant events over the next year and summarizing for public review, will seek input and ideas from the Linux community about GPL enforcement, answer questions, and plan strategies to deal with GPL enforcement actions that do not follow Conservancy and +Free Software Foundation's Principles of Community-Oriented GPL Enforcement.

The publication of the template agreements ([1], [2]) demonstrates Conservancy's commitment to transparency. The documents have a similar structure as Conservancy's agreements with its member projects, designed to work at the service of the coalition. They include an easy termination provision, requiring just thirty days' notice at any time. Because the aim of Conservancy's compliance work is to avoid litigation, no lawsuits may be initiated without further explicit agreement.

Two versions of the template agreement are provided. The anonymous agreement includes a clause binding Conservancy to not disclose the identity of the participant. This clause was directly requested by Linux contributors who fear repercussions from their employers or other community members who oppose GPL enforcement. Conservancy designed this version to respect the wishes of those who want to help ensure the future of copyleft, but are not prepared to face public attacks from those who oppose copyleft.

Karen Sandler, who will co-host today's session at the Plumbers Conference, noted the importance of designing agreements that adhere to the Principles of Community-Oriented GPL Enforcement. "The agreements empower developers to direct and control Conservancy's enforcement actions. While the Principles allow for recovery of costs, the terms ensure that developers direct how such funds are spent." Karen noted, however, "While the agreement sets out how money received through any compliance actions is divided, to date no amounts have been received under this initiative."

Conservancy is publishing these agreements today as background for the enforcement feedback session at 6:00 PM Mountain Time at the Linux Plumbers Conference 2016. Conservancy's Executive Director, Karen Sandler, and Director of Strategic Initiatives, Brett Smith, will host the session, and all conference attendees are welcome to join the discussion. Conservancy will also take feedback on the agreements over its mailing list for discussion of the GPL enforcement principles and at feedback sessions at other conferences over the coming months.

Conservancy, as always, recommends that anyone who is contemplating signing an agreement consult legal counsel about their own specific situation prior to doing so.
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
October 27, 2016 by Bradley M. Kuhn

As I mentioned in an earlier blog post, I had the privilege of attending Embedded Linux Conference Europe (ELC EU) and the OpenWrt Summit in Berlin, Germany earlier this month. I gave a talk (for which the video is available below) at the OpenWrt Summit. I also had the opportunity to host the first of many conference sessions seeking feedback and input from the Linux developer community about Conservancy's GPL Compliance Project for Linux Developers.

ELC EU has no “BoF Board” where you can post informal sessions. So, we scheduled the session by word of mouth over a lunch hour. We nevertheless got an good turnout (given that our session's main competition was eating food :) of about 15 people.

Most notably and excitingly, Harald Welte, well-known Netfilter developer and leader of, was able to attend. Harald talked about his work with enforcing his own copyrights in Linux, and explained why this was important work for users of the violating devices. He also pointed out that some of the companies that were sued during his most active period of are now regular upstream contributors.

Two people who work in the for-profit license compliance industry attended as well. Some of the discussion focused on usual debates that charities involved in compliance commonly have with the for-profit compliance industry. Specifically, one of them asked "how much compliance is enough, by percentage?" I responded to his question on two axes. First, I addressed the axis of "how many enforcement matters does the GPL Compliance Program for Linux Developers do, by percentage of products violating the GPL"? There are, at any given time, hundreds of documented GPL violating products, and our coalition works on only a tiny percentage of those per year. It's a sad fact that only that tiny percentage of the products that violate Linux are actually pursued to compliance.

On the other axis, I discussed the percentage on a per-product basis. From that point of view, the question is really: "Is there a ‘close enough to compliance’ that we can as a community accept and forget about the remainder?" From my point of view, we frequently compromise anyway, since the GPL doesn't require someone to prepare code properly for upstream contribution. Thus, we all often accept compliance once someone completes the bare minimum of obligations literally written in the GPL, but give us a source release that cannot easily be converted to an upstream contribution. So, from that point of view, we're often accepting a less-than-optimal outcome. The GPL by itself does not inspire upstreaming; the other collaboration techniques that are enabled in our community because of the GPL work to finish that job, and adherence to the Principles assures that process can work. Having many people who work with companies in different ways assures that as a larger community, we try all the different strategies to encourage participation, and inspire today's violators to become tomorrow upstream contributors — as Harald mention has already often happened.

That same axis does include on rare but important compliance problem: when a violator is particularly savvy, and refuses to release very specific parts of their Linux code (as VMware did), even though the license requires it. In those cases, we certainly cannot and should not accept anything less than required compliance — lest companies begin holding back all the most interesting parts of the code that GPL requires them to produce. If that happened, the GPL would cease to function correctly for Linux.

After that part of the discussion, we turned to considerations of corporate contributors, and how they responded to enforcement. Wolfram Sang, one of the developers in Conservancy's coalition, spoke up on this point. He expressed that the focus on for-profit company contributions, and the achievements of those companies, seemed unduly prioritized by some in the community. As an independent contractor and individual developer, Wolfram believes that contributions from people like him are essential to a diverse developer base, that their opinions should be taken into account, and their achievements respected.

I found Wolfram's points particularly salient. My view is that Free Software development, including for Linux, succeeds because both powerful and wealthy entities and individuals contribute and collaborate together on equal footing. While companies have typically only enforce the GPL on their own copyrights for business reasons (e.g., there is at least one example of a major Linux-contributing company using GPL enforcement merely as a counter-punch in a patent lawsuit), individual developers who join Conservancy's coalition follow community principles and enforce to defend the rights of their users.

At the end of the session, I asked two developers who hadn't spoken during the session, and who aren't members of Conservancy's coalition their opinion on how enforcement was historically carried out by, and how it is currently carried out by Conservancy's GPL Compliance Program for Linux Developers. Both responded with a simple response (paraphrased): "it seems like a good thing to do; keep doing it!"

I finished up the session by inviting everyone to the join the principles-discuss list, where public discussion about GPL enforcement under the Principles has already begun. I also invited everyone to attend my talk, that took place an hour later at the OpenWrt Summit, which was co-located with ELC EU.
Your browser does not support the element. Perhaps you can or .

In that talk, I spoke about a specific example of community success in GPL enforcement. As explained on the OpenWrt history page, OpenWrt was initially made possible thanks to GPL enforcement done by BusyBox and Linux contributors in a coalition together. (Those who want to hear more about the connection between GPL enforcement and OpenWrt can view my talk.)

Since there weren't opportunities to promote impromptu sessions on-site, this event was a low-key (but still quite nice) start to Conservancy's planned year-long effort seeking feedback about GPL compliance and enforcement. Our next session is an official BoF session at Linux Plumbers Conference, scheduled for next Thursday 3 November at 18:00. It will be led by my colleagues Karen Sandler and Brett Smith.

Posted by Bradley M. Kuhn on October 27, 2016. Please email any comments on this entry to
Add a comment...
On Free as in Freedom, Episode 0x5D, Bradley and Karen discuss various Conservancy trips to conferences during the first half of 2016.
Free as in Freedom is a bi-weekly oggcast about legal, policy and other issues in Free, Libre and Open Source Software
Add a comment...
November 23, 2016

“Principles of Community-Oriented GPL Compliance” Now in Chinese

Software Freedom Conservancy is pleased to announce that the Kaiyuanshe Legal Committee has translated the Principles of Community-Oriented GPL Compliance in Chinese. Kaiyuanshe, roughly translated as "open source alliance," is a group of enterprises, communities, and individuals in China supporting and promoting free and open source software. The document is available for download on Kaiyuanshe's web site and on Conservancy's site in HTML and as a PDF.

The Principles were published by Conservancy and the Free Software Foundation last year, and set forth norms around community-oriented enforcement, removing uncertainty for companies who face compliance actions and providing criteria for evaluating whether license compliance is in the community's interest. The translation was primarily worked on by Richard Lin and Maggie Wang, members of the Kaiyuanshe Legal Committee.

"More and more Chinese companies are embracing Free and Open Source Software, but not enough participants truly understand our communities' expectations around compliance," said Lin, Community Director for Huawei Developer Zone. "We in Kaiyuanshe want to help more people to truly understand Free and Open Source Software, and call for more people, organizations and companies to contribute together."

"The principles are good education and very clear to put into practice," added Wang, Representative in China for Ladas & Parry LLP. "I believe the publication of the Principles will ease the tension for a lot of companies who are willing to adopt GPL'd software."

Karen Sandler, Executive Director of Conservancy commented, "This is part of the impressive work undertaken by the Kaiyuanshe Legal Committee. This coordination by Kaiyuanshe shows the strength of all of the organizations and companies that have come together in China."

The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
November 16, 2016 by Brett Smith

Recap: GPL Compliance BoF at Linux Plumbers’ Conference

At the +Linux Plumbers Conference a couple of weeks ago, Karen and I ran a Birds of a Feather session about our GPL Compliance Project for Linux Developers. It was a success by every measure. Approximately seventy people attended, and about twenty of them participated in the discussion, covering a wide variety of issues around compliance. The interactive and inclusive format was ideal for us to provide additional information and get feedback from a lot of interested people. Many thanks to the Linux Plumbers Organizing Committee for scheduling a slot for us to run this session.

We opened the discussion with a basic overview of the program: its history and mission, the structure of how we coordinate with Linux developers on our coalition, the typical flow of how we respond to a violation and work to help the distributor comply. We published the project agreement templates beforehand to facilitate the discussion. In the past, we heard people express concern that these agreements were private. We were happy to tackle that issue head-on, and I was glad to see several attendees download the template and review it during the session.

We also talked about how our work differs from some inappropriately aggressive enforcement efforts going on today—including Patrick McHardy's unfortunate enforcement lawsuits. One person rightly pointed out that less savvy distributors will often assume all GPL compliance is handled the same way. We discussed how Conservancy could emphasize the distinctions up front. We agree that's important; it's why we published our Principles of Community-Oriented GPL Enforcement, and why we were the first organization to publicly criticize McHardy's actions. Still, a new Linux distributor might not know about our principles, or understand that they specifically call on lawsuits only as a last resort. Based on this feedback, we plan to mention the Principles in our first correspondence about GPL compliance problems.

Our transparency in our methods and goals distinguishes Conservancy's compliance work from others'. There were several suggestions that we could take this further by publishing different numbers about how many cases we're handling, and different ways they've been resolved. To this end, Karen echoed the same point Bradley made at ELC EU that we only have the resources to pursue a relatively small percentage of the violation reports we receive. Because of this, publishing these numbers could de-anonymize active cases, which would contravene our compliance principles. Nonetheless, we will reexamine this issue to see if we could publish some numbers safely.

That discussion led to suggestions that volunteers could help us with technical compliance work, confirming violations and the completeness of source code. We've discussed that idea internally for many years. Even more than publishing numbers, engaging volunteers risks leaking information about violators to the public. Furthermore, we would need to vet and train volunteers, which we lack the resources to do now. If we received funding for this work, we could use that to plan and provide volunteer training, but there has been limited interest in funding community-oriented compliance initiatives.

Finally, we discussed different ways to make compliance work less necessary. We'd love to see more of this: as more distributors proactively come into compliance, we have more time to spend supporting our member projects and other initiatives. That's a big reason we helped write the Copyleft Guide, which helps distributors better understand the conditions and requirements of the GPL. The pristine source example, in particular, is designed to show step-by-step the process of verifying a complete, corresponding source release. There's certainly lots of great ideas for more work like this, and I think naming them in the BoF helped make some good connections between them.

Our thanks to everyone who attended and provided feedback. If you couldn't attend this BoF, don't worry. We'll be running similar sessions at other conferences over the next few months, and you can also provide feedback on our principles-discuss mailing list. We want to hear from as much of the community as possible, so if you have questions or comments about our Linux compliance work, we hope we'll hear from you soon.

Posted by Brett Smith on November 16, 2016. Please email any comments on this entry to
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
On Free as in Freedom 0x5E, Bradley and Karen discuss Conservancy's
ContractPatch Initiative that will help Free Software developers negotiate
their agreements with employers. Do you think that developers should have
the tools to ensure they can decide the licensing of their own work in the
Open Source and Free Software community? Take a listen and see what you think!
Free as in Freedom is a bi-weekly oggcast about legal, policy and other issues in Free, Libre and Open Source Software
Add a comment...
ContractPatch, Step 2: Understanding the power balance
by Karen Sandler

Employment agreements are one of the things that I'm asked the most regularly about in the free and open source software world, almost rivaling questions about licenses. My responses have always been the usual lawyerly responses of This Is Not Legal Advice and while I Am A Lawyer, I Am Not Your Lawyer (I'm generally not acting as a lawyer on behalf of Conservancy as its Executive Director either). But even from my early days of being involved with free software, I have seen that there's a lack of understanding about employment agreements and the ability of employees to get their agreements modified. Last month, Fred announced a new initiative that we are working on together, called ContractPatch. With ContractPatch, our goal is to help provide knowledge to employees, along with sample language for better contract terms. The first step in this process is understanding the dynamics at work in employment arrangements. Step 1 is knowing that everything is negotiable and step 2 is knowing where you stand in the negotiation. Quite simply, you likely will never have as much power as you do the moment just before you sign your employment agreement.

At the point you are presented with a job offer, your prospective employer really wants to hire you. Chances are, they've screened and interviewed a number of candidates and put a lot of work into the process. Your manager has thought deeply about who they want in the position and has probably imagined how it will all work out with you in the role. Both you and the hiring decision-maker(s) are probably very optimistic about what you'll accomplish in the role and how well you'll get along working together. At this point, no one wants to go back to the drawing board and start the process over again. You will be excited to start the new job but it's worth taking a step back to appreciate the unusual position you are in with your new employer.

As part of the hiring process, you'll be expected to negotiate your salary (this can be complicated) and finalize all of the terms of your employment. Terms of employment can also be looked at through the lens of compensation, and asking for more favorable terms in your employment contract can be another kind of perk an employer can give you if they have a tight budget. A classic contract negotiation tactic (I even learned this in law school) is to make an agreement stronger in the first draft than you really need it to be, just so that you can give something away when pushed. This is certainly true of many company's standard agreement templates. The only way to find out is to ask.

Once you take the job, it's harder to change your terms of employment (though it's possible, as we'll cover later). Think hard about the long term impact of signing the agreement and whether things could happen down the road that would make you feel less comfortable with working under those terms. We'll be giving you some examples of situations you want to be prepared for when we talk about specific contract provisions.

Asking for more favorable terms doesn't have to be an adversarial process. You can ask for an agreement to be amended in a friendly way. Employers often respect workers more when they advocate for themselves.

So, we'll help you think about how to engage with your employer while anticipating things that could go wrong down the road and how to ask for more favorable terms. You can sign up for our mailing list to be part of the conversation. While it may be easier to avoid negotiating your agreement, don't trade short term comfort for your long term benefit.

Posted by Karen Sandler on September 26, 2016. Please email any comments on this entry to
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
September 21, 2016 by Bradley M. Kuhn
Help Send Conservancy to Embedded Linux Conference Europe

Last month, Conservancy made a public commitment to attend Linux-related events to get feedback from developers about our work generally, and Conservancy's GPL Compliance Program for +Linux  Developers specifically. As always, even before that, we were regularly submitting talks to nearly any event with Linux in its name. As a small charity, we always request travel funding from the organizers, who are often quite gracious. As I mentioned in my blog posts about LCA 2016 and GUADEC 2016, the organizers covered my travel funding there, and recently both Karen and I both received travel funding to speak at LCA 2017 and DebConf 2016, as well as many other events this year.

Recently, I submitted talks for the CFPs of +Linux Foundation Events' Embedded Linux Conference Europe (ELC EU) and the Prpl Foundation's OpenWRT  Summit. The latter was accepted, and the folks at the Prpl Foundation graciously offered to fund my flight costs to speak at the OpenWRT Summit! I've never spoken at an OpenWRT event before and I'm looking forward to the opportunity getting to know the OpenWRT and LEDE communities better by speaking at that event, and am excited to discuss Conservancy's work with them.

OpenWRT Summit, while co-located, is a wholly separate event from LF's ELC EU. Unfortunately, I was not so lucky in my talk submissions there: my talk proposal has been waitlisted since July. I was hopeful after a talk cancellation in mid-August. (I know because the speaker who canceled suggested that I request his slot for my waitlisted talk.) Unfortunately, the LF staff informed me that they understandably filled his open slot with a sponsored session that came in.

The good news is that my OpenWRT Summit flight is booked, and my friend (and Conservancy Board Member Emeritus) Loïc Dachary (who lives in Berlin) has agreed to let me crash with him for that week. So, I'll be in town for the entirety of ELC EU with almost no direct travel costs to Conservancy! The bad news is that it seems my ELC EU talk remains waitlisted. Therefore, I don't have a confirmed registration for the rest of ELC EU (beyond OpenWRT Summit).

While it seems like a perfect and cost-effective opportunity to be able to attend both events, that seems harder than I thought! Once I confirmed my OpenWRT Summit travel arrangements, I asked for the hobbyist discount to register for ELC EU, but LF staff informed me yesterday that the hobbyist (as well as the other discounts) are sold out. The moral of the story is that logistics are just plain tough and time-consuming when you work for a charity with an extremely limited travel budget. ☻

Yet, it seems a shame to waste the opportunity of being in town with so many Linux developers and not being able to see or talk to them, so Conservancy is asking for some help from you to fund the $680 of my registration costs for ELC EU. That's just about six new Conservancy supporter signups, so I hope we can get six new Supporters before Linux Foundation's ELC EU conference begins on October 10th. Either way, I look forward to seeing those developers who attend the co-located OpenWRT Summit! And, if the logistics work out — perhaps I'll see you at ELC EU as well!

Posted by Bradley M. Kuhn on September 21, 2016. Please email any comments on this entry to
The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
Add a comment...
Conservancy defends and upholds your software freedom!
Software Freedom Conservancy is a not-for-profit organization that helps promote, improve, develop, and defend Free, Libre, and Open Source Software (FLOSS) projects. Conservancy provides a non-profit home and infrastructure for FLOSS projects. This allows FLOSS developers to focus on what they do best — writing and improving FLOSS for the general public — while Conservancy takes care of the projects' needs that do not relate directly to software development and documentation.
Contact Information
Contact info