Copyleft/guide Changeset - 764802727541

Changeset - 764802727541

Parent rev.

Child rev.

[Not reviewed]

0 2 0

Martin Michlmayr (tbm) - 10 years ago 2014-04-24 23:12:21
tbm@cyrius.com

Typo fixes

2 files changed with 3 insertions and 3 deletions:

compliance-guide.tex

gpl-lgpl.tex

0 comments (0 inline, 0 general)

compliance-guide.tex

➞

Show inline comments

 % compliance-guide.tex                            -*- LaTeX -*-
 \part{A Practical Guide to GPL Compliance}
 \label{gpl-compliance-guide}
 {\parindent 0in
 This part is: \\
 \begin{tabbing}
 Copyright \= \copyright{} 2014 \= \hspace{.2in} Bradley M. Kuhn. \\
 Copyright \> \copyright{} 2008 \> \hspace{.2in} Software Freedom Law Center. \\
 \end{tabbing}
 \vspace{1in}
 \begin{center}
 Authors of this part are: \\
 Bradley M. Kuhn \\
 Aaron Williamson \\
 Karen M. Sandler \\
 \vspace{3in}
 The copyright holders of this part hereby grant the freedom to copy, modify,
 convey, Adapt, and/or redistribute this work under the terms of the Creative
 Commons Attribution Share Alike 4.0 International License.  A copy of that
 license is available at
 \verb=https://creativecommons.org/licenses/by-sa/4.0/legalcode=.
 \end{center}
+}
 \bigskip
 \chapter*{Executive Summary}
 This is a guide to effective compliance with the GNU General Public
 License (GPL) and related licenses.  Copyleft advocates
 usually seek to assist the community with
 GPL compliance cooperatively.   This guide focuses on complying from the
 start, so that readers can learn to avoid enforcement actions entirely, or, at
 least, minimize  the negative impact when enforcement actions occur.
 This guide  introduces and explains basic legal concepts related to the GPL and its
 enforcement by copyright holders. It also outlines business practices and
 methods that lead to better GPL compliance.  Finally, it recommends proper
 post-violation responses to the concerns of copyright holders.
 \chapter{Background}
 Early GPL enforcement efforts began soon after the GPL was written by
 Richard M.~Stallman (RMS) in 1989, and consisted of informal community efforts,
 often in public Usenet discussions.\footnote{One example is the public
   outcry over NeXT's attempt to make the Objective-C front-end to GCC
   proprietary.  RMS, in fact, handled this enforcement action personally and
   the Objective-C front-end is still part of upstream GCC today.}  Over the next decade, the Free Software Foundation (FSF),
 which holds copyrights in many GNU programs, was the only visible entity
 actively enforcing its GPL'd copyrights on behalf of the software freedom
 community.
 FSF's enforcement
 was generally a private process; the FSF contacted violators
 confidentially and helped them to comply with the license.  Most
 violations were pursued this way until the early 2000's.
 By that time, Linux-based systems such as GNU/Linux and BusyBox/Linux had become very common, particularly in
 embedded devices such as wireless routers.  During this period, public
 ridicule of violators in the press and on Internet fora supplemented
 ongoing private enforcement and increased pressure on businesses to
 comply.  In 2003, the FSF formalized its efforts into the GPL Compliance
 Lab, increased the volume of enforcement, and built community coalitions
 to encourage copyright holders to together settle amicably with violators.
 Beginning in 2004, Harald Welte took a more organized public enforcement
 approach and launched \verb0gpl-violations.org0, a website and mailing
 list for collecting reports of GPL violations.  On the basis of these
 reports, Welte successfully pursued many enforcements in Europe, including
 formal legal action.  Harald earns the permanent fame as the first copyright
 holder to bring legal action in a Court regarding GPL compliance.
 In 2007, two copyright holders in BusyBox, in conjunction with the
 Software Freedom Conservancy (``Conservancy''), filed the first copyright infringement lawsuit
 based on a violation of the GPL\@ in the USA. While  lawsuits are of course
 quite public, the vast majority of Conservancy's enforcement actions
 are resolved privately via
 cooperative communications with violators.  As both FSF and Conservancy has worked to bring
 individual companies into compliance, both organizations have encountered numerous
 violations resulting from preventable problems such as inadequate
 attention to licensing of upstream software, misconceptions about the
 GPL's terms, and poor communication between software developers and their
 management.  This document highlights these problems and describe
 best practices to encourage corporate Free Software users to reevaluate their
 approach to GPL'd software and avoid future violations.
 Both FSF and Conservancy continue GPL enforcement and compliance efforts
 for software under the GPL, the GNU Lesser
 Public License (LGPL) and other copyleft licenses.  In doing so, both organizations have
 found that most violations stem from a few common mistakes that can be,
 for the most part, easily avoided.  All copyleft advocates  hope to educate the community of
 commercial distributors, redistributors, and resellers on how to avoid
 violations in the first place, and to respond adequately and appropriately
 when a violation occurs.
 \chapter{Best Practices to Avoid Common Violations}
 \label{best-practices}
 Unlike highly permissive licenses (such as the ISC license), which
 typically only require preservation of copyright notices, licensees face many
 important requirements from the GPL.  These requirements are
 carefully designed to uphold certain values and standards of the software
 freedom community.  While the GPL's requirements may appear initially
 counter-intuitive to those more familiar with proprietary software
 licenses, by comparison, its terms are in fact clear and quite favorable to
 licensees.  Indeed, the GPL's terms actually simplify compliance when
 violations occur.
 GPL violations occur (or, are compounded) most often when companies lack sound
 practices for the incorporation of GPL'd components into their
 internal development environment.  This section introduces some best
 practices for software tool selection, integration and distribution,
 inspired by and congruent with software freedom methodologies.  Companies should
 establish such practices before building a product based on GPL'd
 software.\footnote{This document addresses compliance with GPLv2,
   GPLv3, LGPLv2, and LGPLv3.  Advice on avoiding the most common
   errors differs little for compliance with these four licenses.
   \S~\ref{lgpl} discusses the key differences between GPL and LGPL
   compliance.}
 \section{Evaluate License Applicability}
 \label{derivative-works}
 Political discussion about the GPL often centers around the ``copyleft''
 requirements of the license.  Indeed, the license was designed primarily
 to embody this licensing feature.  Most companies adding non-trivial
 features (beyond mere porting and bug-fixing) to GPL'd software (and
 thereby invoking these requirements) are already well aware of their
 more complex obligations under the license.\footnote{While, there has been much legal
   discussion regarding copyleft and derivative works.  In practical
   reality, this issue is not relevant to the vast majority of companies
   distributing GPL'd software.  Those interested in this issue should study
   \tutorialpartsplit{\textit{Detailed Analysis of the GNU GPL and Related
       Licenses}'s Section on derivative works}{\S~\ref{derivative-works} of
     this tutorial}.}
 However, experienced  GPL enforcers find that few redistributors'
 compliance challenges relate directly to the copyleft provisions; this is
 particularly true for most embedders.  Instead, the distributions of GPL'd
 systems most often encountered typically consist of a full operating system
 including components under the GPL (e.g., Linux, BusyBox) and components
 under the LGPL (e.g., the GNU C Library).  Sometimes, these programs have
 been patched or slightly improved by direct modification of their sources,
 resulting unequivocally in a derivative work.  Alongside these programs,
 companies often distribute fully independent, proprietary programs,
 developed from scratch, which are designed to run on the Free Software operating
 system but do not combine with, link to, modify, derive from, or otherwise
 create a combined work with
 the GPL'd components.\footnote{However, these programs do often combine
   with LGPL'd libraries. This is discussed in detail in \S~\ref{lgpl}.}
 In the latter case, where the work is unquestionably a separate work of
 creative expression, no copyleft provisions are invoked.
 Admittedly, a tiny
 minority of situations which lie outside these two categories, and thus
 do involve close questions about derivative and combined works.  Those
 situations admittedly do require a highly
 fact-dependent analysis and cannot be addressed in a general-purpose
 document, anyway.
 \medskip
 Most companies accused of violations lack a basic understanding
 of how to comply even in the former straightforward scenario.  This document
 provides those companies with the fundamental and generally applicable prerequisite knowledge.
 For answers to rarer and more complicated legal questions, such as whether
 your software is a derivative or combined work of some copylefted software, consult
 with an attorney.\footnote{If you would like more information on the
   application of derivative works doctrine to software, a detailed legal
   discussion is presented in our colleague Dan Ravicher's article,
   \textit{Software Derivative Work: A Circuit Dependent Determination} and in
   \tutorialpartsplit{\textit{Detailed Analysis of the GNU GPL and Related
       Licenses}'s Section on derivative works}{\S~\ref{derivative-works} of
     this tutorial}.}
 This discussion thus assumes that you have already identified the
 ``work'' covered by the license, and that any components not under the GPL
 (e.g., applications written entirely by your developers that merely happen
 to run on a Linux-based operating system) distributed in conjunction with
 those works are separate works within the meaning of copyright law and the GPL\@.  In
 such a case, the GPL requires you to provide complete corresponding
 source (CCS)\footnote{For more on CCS,  see
 \tutorialpartsplit{\textit{Detailed Analysis of the GNU GPL and Related
       Licenses}'s Section on GPLv2~\S2 and GPLv3~\S1.}{\S~\ref{GPLv2s2} and \S~\ref{GPLv3s1} of
     this tutorial}.}
 for the GPL'd components and your modifications thereto, but not
 for independent proprietary applications.  The procedures described in
 this document address this typical scenario.
 \section{Monitor Software Acquisition}
 Software engineers deserve the freedom to innovate and import useful
 software components to improve products.  However, along with that
 freedom should come rules and reporting procedures to make sure that you
 are aware of what software that you include with your product.
 The most typical response to an initial enforcement action is: ``We
 didn't know there was GPL'd stuff in there''.  This answer indicates
 failure in the software acquisition and procurement process.  Integration
 of third-party proprietary software typically requires a formal
 arrangement and management/legal oversight before the developers
 incorporate the software.  By contrast, developers often obtain and
 integrate Free Software without intervention nor oversight. That ease of acquisition, however,
 does not mean the oversight is any less necessary.  Just as your legal
 and/or management team negotiates terms for inclusion of any proprietary
 software, they should gently facilitate all decisions to bring Free Software into your
 product.
 Simple, engineering-oriented rules help provide a stable foundation for
 Free Software integration.  For example, simply ask your software developers to send an email to a
 standard place describing each new Free Software component they add to the system,
 and have them include a brief description of how they will incorporate it
 into the product.  Further, make sure developers use a revision control
 system (such as Git or Mercurial), and have
 store the upstream versions of all software in a ``vendor branch'' or
 similar mechanism, whereby they can easily track and find the main version
 of the software and, separately, any local changes.
 Such procedures are best instituted at your project's launch.  Once
 chaotic and poorly-sourced development processes begin, cataloging the
 presence of GPL'd components  becomes challenging.
 Such a situation often requires use of a tool to ``catch up'' your knowledge
 about what software your product includes.  Most commonly, companies choose
 some software licensing scanning tool to inspect the codebase.  However,
 there are few tools that are themselves Free Software.  Thus, GPL enforcers
 usually recommend the GPL'd
 \href{http://fossology.org/}{Fossology system}, which analyzes a
 source code base and produces a list of Free Software licenses that may apply to
 the code.  Fossology can help you build a catalog of the sources you have
 already used to build your product.  You can then expand that into a more
 structured inventory and process.
 \section{Track Your Changes and Releases}
 As explained in further detail below, the most important component of GPL
 compliance is the one most often ignored: proper inclusion of CCS in all
 distributions  of GPL'd
 software.  To comply with GPL's CCS requirements, the distributor
 \textit{must} always know precisely what sources generated a given binary
 distribution.
 In an unfortunately large number of our enforcement cases, the violating
 company's engineering team had difficulty reconstructing the CCS
 for binaries distributed by the company.  Here are three simple rules to
-follow to decrease the likelihood of this occurance:
+follow to decrease the likelihood of this occurrence:
 \begin{itemize}
 \item Ensure that your
 developers are using revision control systems properly.
 \item Have developers mark or ``tag'' the full source tree corresponding to
   builds distributed to customers
 \item Check that your developers store all parts of the software
 development in the revision control system, including {\sc readme}s, build
 scripts, engineers' notes, and documentation.
 \end{itemize}
 Your developers will benefit anyway from these rules.  Developers will be
 happier in their jobs if their tools already track the precise version of
 source that corresponds to any deployed binary.
 \section{Avoid the ``Build Guru''}
 Too many software projects rely on only one or a very few team members who
 know how to build and assemble the final released product.  Such knowledge
 centralization not only creates engineering redundancy issues, but also
 thwarts GPL compliance.  Specifically, CCS does not just require source code,
 but scripts and other material that explain how to control compilation and
 installation of the executable and object code.
 Thus, avoid relying on a ``build guru'', a single developer who is the only one
 who knows how to produce your final product. Make sure the build process
 is well defined.  Train every developer on the build process for the final
 binary distribution, including (in the case of embedded software)
 generating a final firmware image suitable for distribution to the
 customer.  Require developers to use revision control for build processes.
 Make a rule that adding new components to the system without adequate
 build instructions (or better yet, scripts) is unacceptable engineering
 practice.
 \chapter{Details of Compliant Distribution}
 This section explains the specific requirements placed upon
 distributors of GPL'd software.  Note that this section refers heavily to
 specific provisions and language in
 \href{http://www.gnu.org/licenses/old-licenses/gpl-2.0.html#section3}{GPLv2}
 and \href{http://www.fsf.org/licensing/licenses/gpl.html#section6}{GPLv3}.
 It may be helpful to have a copy of each license open while reading this
 section.
 \section{Binary Distribution Permission}
 \label{binary-distribution-permission}
 % be careful below, you cannot refill the \if section, so don't refill
 % this paragraph without care.
 The various versions of the GPL are copyright licenses that grant
 permission to make certain uses of software that are otherwise restricted
 by copyright law.  This permission is conditioned upon compliance with the
 GPL's requirements.
 This section walks through the requirements (of both GPLv2 and GPLv3) that
 apply when you distribute GPL'd programs in binary (i.e., executable or
 object code) form, which is typical for embedded applications.  Because a
 binary application derives from a program's original sources, you need
 permission from the copyright holder to distribute it.  \S~3 of GPLv2 and
 \S~6 of GPLv3 contain the permissions and conditions related to binary
 distributions of GPL'd programs.\footnote{These sections cannot be fully
   understood in isolation; read the entire license thoroughly before
   focusing on any particular provision.  However, once you have read and
   understood the entire license, look to these sections to guide
   compliance for binary distributions.}
 GPL's binary distribution sections offer a choice of compliance methods,
 each of which we consider in turn.  Each option refers to the
 ``Corresponding Source'' code for the binary distribution, which includes
 the source code from which the binary was produced.  This abbreviated and
 simplified definition is sufficient for the binary distribution discussion
 in this section, but you may wish to refer back to this section after
 reading the thorough discussion of ``Corresponding Source'' that appears
 in \S~\ref{corresponding-source}.
 \subsection{Option (a): Source Alongside Binary}
 GPLv2~\S~3(a) and v3~\S~6(a) embody the easiest option for providing
 source code: including Corresponding Source with every binary
 distribution.  While other options appear initially less onerous, this
 option invariably minimizes potential compliance problems, because when
 you distribute Corresponding Source with the binary, \emph{your GPL
   obligations are satisfied at the time of distribution}.  This is not
 true of other options, and for this reason, we urge you to seriously
 consider this option.  If you do not, you may extend the duration of your
 obligations far beyond your last binary distribution.
 Compliance under this option is straightforward.  If you ship a product
 that includes binary copies of GPL'd software (e.g., in firmware, or on a
 hard drive, CD, or other permanent storage medium), you can store the
 Corresponding Source alongside the binaries.  Alternatively, you can
 include the source on a CD or other removable storage medium in the box
 containing the product.
 GPLv2 refers to the various storage mechanisms as ``medi[a] customarily
 used for software interchange''.  While the Internet has attained primacy
 as a means of software distribution where super-fast Internet connections
 are available, GPLv2 was written at a time when downloading software was
 not practical (and was often impossible).  For much of the world, this
 condition has not changed since GPLv2's publication, and the Internet
 still cannot be considered ``a medium customary for software
 interchange''.  GPLv3 clarifies this matter, requiring that source be
 ``fixed on a durable physical medium customarily used for software
 interchange''.  This language affirms that option (a) requires binary
 redistributors to provide source on a physical medium.
 Please note that while selection of option (a) requires distribution on a
 physical medium, voluntary distribution via the Internet is very useful.  This
 is discussed in detail in \S~\ref{offer-with-internet}.
 \subsection{Option (b): The Offer}
 \label{offer-for-source}
 Many distributors prefer to ship only an offer for source with the binary
 distribution, rather than the complete source package.  This
 option has value when the cost of source distribution is a true
 per-unit cost.  For example, this option might be a good choice for
 embedded products with permanent storage too small to fit the source, and
 which are not otherwise shipped with a CD but \emph{are} shipped with a
 manual or other printed material.
 However, this option increases the duration of your obligations
 dramatically.  An offer for source must be good for three full years from
 your last binary distribution (under GPLv2), or your last binary or spare
 part distribution (under GPLv3).  Your source code request and
 provisioning system must be designed to last much longer than your product
 life cycle.
 In addition, if you are required to comply with the terms of GPLv2, you
 {\bf cannot} use a network service to provide the source code.  For GPLv2,
 the source code offer is fulfilled only with physical media.  This usually
 means that you must continue to produce an up-to-date ``source code CD''
 for years after the product's end-of-life.
 \label{offer-with-internet}
 Under GPLv2, it is acceptable and advisable for your offer for source code
 to include an Internet link for downloadable source \emph{in addition} to
 offering source on a physical medium.  This practice enables those with
 fast network connections to get the source more quickly, and typically
 decreases the number of physical media fulfillment requests.
 (GPLv3~\S~6(b) permits provision of source with a public
 network-accessible distribution only and no physical media.  We discuss
 this in detail at the end of this section.)
 The following is a suggested compliant offer for source under GPLv2 (and
 is also acceptable for GPLv3) that you would include in your printed
 materials accompanying each binary distribution:
 \begin{quote}
 The software included in this product contains copyrighted software that
 is licensed under the GPL\@.  A copy of that license is included in this
 document on page $X$\@.  You may obtain the complete Corresponding Source
 code from us for a period of three years after our last shipment of this
 product, which will be no earlier than 2011-08-01, by sending a money
 order or check for \$5 to: \\
 GPL Compliance Division \\
 Our Company \\
 Any Town, US 99999 \\
 \\
 Please write ``source for product $Y$'' in the memo line of your
 payment.
 You may also find a copy of the source at
 \verb0http://www.example.com/sources/Y/0.
 This offer is valid to anyone in receipt of this information.
 \end{quote}
 There are a few important details about this offer.  First, it requires a
 copying fee.  GPLv2 permits ``a charge no more than your cost of
 physically performing source distribution''.  This fee must be reasonable.
 If your cost of copying and mailing a CD is more than around \$10, you
 should perhaps find a cheaper CD stock and shipment method.  It is simply
 not in your interest to try to overcharge the community.  Abuse of this
 provision in order to make a for-profit enterprise of source code
 provision will likely trigger enforcement action.
 Second, note that the last line makes the offer valid to anyone who
 requests the source.  This is because v2~\S~3(b) requires that offers be
 ``to give any third party'' a copy of the Corresponding Source.  GPLv3 has
 a similar requirement, stating that an offer must be valid for ``anyone
 who possesses the object code''.  These requirements indicated in
 v2~\S~3(c) and v3~\S~6(c) are so that noncommercial redistributors may
 pass these offers along with their distributions.  Therefore, the offers
 must be valid not only to your customers, but also to anyone who received
 a copy of the binaries from them.  Many distributors overlook this
 requirement and assume that they are only required to fulfill a request
 from their direct customers.
 The option to provide an offer for source rather than direct source
 distribution is a special benefit to companies equipped to handle a
 fulfillment process.  GPLv2~\S~3(c) and GPLv3~\S~6(c) avoid burdening
 noncommercial, occasional redistributors with fulfillment request
 obligations by allowing them to pass along the offer for source as they
 received it.
 Note that commercial redistributors cannot avail themselves of the option
 (c) exception, and so while your offer for source must be good to anyone
 who receives the offer (under v2) or the object code (under v3), it
 \emph{cannot} extinguish the obligations of anyone who commercially
 redistributes your product.  The license terms apply to anyone who
 distributes GPL'd software, regardless of whether they are the original
 distributor.  Take the example of Vendor $V$, who develops a software
 platform from GPL'd sources for use in embedded devices.  Manufacturer $M$
 contracts with $V$ to install the software as firmware in $M$'s device.
 $V$ provides the software to $M$, along with a compliant offer for source.
 In this situation, $M$ cannot simply pass $V$'s offer for source along to
 its customers.  $M$ also distributes the GPL'd software commercially, so
 $M$ too must comply with the GPL and provide source (or $M$'s \emph{own}
 offer for source) to $M$'s customers.
 This situation illustrates that the offer for source is often a poor
 choice for products that your customers will likely redistribute.  If you
 include the source itself with the products, then your distribution to
 your customers is compliant, and their (unmodified) distribution to their
 customers is likewise compliant, because both include source.  If you
 include only an offer for source, your distribution is compliant but your
 customer's distribution does not ``inherit'' that compliance, because they
 have not made their own offer to accompany their distribution.
 The terms related to the offer for source are quite different if you
 distribute under GPLv3.  Under v3, you may make source available only over
 a network server, as long as it is available to the general public and
 remains active for three years from the last distribution of your product
 or related spare part.  Accordingly, you may satisfy your fulfillment
 obligations via Internet-only distribution.  This makes the ``offer for
 source'' option less troublesome for v3-only distributions, easing
 compliance for commercial redistributors.  However, before you switch to a
 purely Internet-based fulfillment process, you must first confirm that you
 can actually distribute \emph{all} of the software under GPLv3.  Some
 programs are indeed licensed under ``GPLv2, \emph{or any later version}''
 (often abbreviated ``GPLv2-or-later'').  Such licensing gives you the
 option to redistribute under GPLv3.  However, a few popular programs are
 only licensed under GPLv2 and not ``or any later version''
 (``GPLv2-only'').  You cannot provide only Internet-based source request
 fulfillment for the latter programs.
 If you determine that all GPL'd works in your whole product allow upgrade
 to GPLv3 (or were already GPLv3'd to start), your offer for source may be
 as simple as this:
 \begin{quote}
 The software included in this product contains copyrighted software that
 is licensed under the GPLv3\@.  A copy of that license is included in this
 document on page $X$\@.  You may obtain the complete Corresponding Source
 code from us for a period of three years after our last shipment of this
 product and/or spare parts therefor, which will be no earlier than
 -08-01, on our website at
 \verb0http://www.example.com/sources/productnum/0.
 \end{quote}
 \medskip
 Under both GPLv2 and GPLv3, source offers must be accompanied by a copy of
 the license itself, either electronically or in print, with every
 distribution.
 Finally, it is unacceptable to use option (b) merely because you do not have
 Corresponding Source ready.  We find that some companies chose this option
 because writing an offer is easy, but producing a source distribution as
 an afterthought to a hasty development process is difficult.  The offer
 for source does not exist as a stop-gap solution for companies rushing to
 market with an out-of-compliance product.  If you ship an offer for source
 with your product but cannot actually deliver \emph{immediately} on that
 offer when your customers receive it, you should expect an enforcement
 action.
 \subsection{Option (c): Noncommercial Offers}
 As discussed in the last section, GPLv2~\S~3(c) and GPLv3~\S~6(c) apply
 only to noncommercial use.  These options are not available to businesses
 distributing GPL'd software.  Consequently, companies who redistribute
 software packaged for them by an upstream vendor cannot merely pass along
 the offer they received from the vendor; they must provide their own offer
 or corresponding source to their distributees.  We talk in detail about
 upstream software providers in \S~\ref{upstream}.
 \subsection{Option 6(d) in GPLv3: Internet Distribution}
 Under GPLv2, your formal provisioning options for Corresponding Source
 ended with \S~3(c).  But even under GPLv2, pure Internet source
 distribution was a common practice and generally considered to be
 compliant.  GPLv2 mentions Internet-only distribution almost as aside in
 the language, in text at the end of the section after the three
 provisioning options are listed.  To quote that part of GPLv2~\S~3:
 \begin{quote}
 If distribution of executable or object code is made by offering access to
 copy from a designated place, then offering equivalent access to copy the
 source code from the same place counts as distribution of the source code,
 even though third parties are not compelled to copy the source along with
 the object code.
 \end{quote}
 When that was written in 1991, Internet distribution of software was the
 exception, not the rule.  Some FTP sites existed, but generally software
 was sent on magnetic tape or CDs.  GPLv2 therefore mostly assumed that
 binary distribution happened on some physical media.  By contrast,
 GPLv3~\S~6(d) explicitly gives an option for this practice that the
 community has historically considered GPLv2-compliant.
 Thus, you may fulfill your source-provision obligations by providing the
 source code in the same way and from the same location.  When exercising
 this option, you are not obligated to ensure that users download the
 source when they download the binary, and you may use separate servers as
 needed to fulfill the requests as long as you make the source as
 accessible as the binary.  However, you must ensure that users can easily
 find the source code at the time they download the binary. GPLv3~\S~6(d)
 thus clarifies a point that has caused confusion about source provision in
 v2.  Indeed, many such important clarifications are included in v3 which
 together provide a compelling reason for authors and redistributors alike
 to adopt GPLv3.
 \subsection{Option 6(e) in GPLv3: Software Torrents}
 Peer-to-peer file sharing arose well after GPLv2 was written, and does not
 easily fit any of the v2 source provision options.  GPLv3~\S~6(e)
 addresses this issue, explicitly allowing for distribution of source and
 binary together on a peer-to-peer file sharing network.  If you distribute
 solely via peer-to-peer networks, you can exercise this option.  However,
 peer-to-peer source distribution \emph{cannot} fulfill your source
 provision obligations for non-peer-to-peer binary distributions.  Finally,
 you should ensure that binaries and source are equally seeded upon initial
 peer-to-peer distribution.
 \section{Preparing Corresponding Source}
 \label{corresponding-source}
 Most enforcement cases involve companies that have unfortunately not
 implemented procedures like our \S~\ref{best-practices} recommendations
 and have no source distribution arranged at all.  These companies must
 work backwards from a binary distribution to come into compliance.  Our
 recommendations in \S~\ref{best-practices} are designed to make it easy to
 construct a complete and Corresponding Source release from the outset.  If
 you have followed those principles in your development, you can meet the
 following requirements with ease.  If you have not, you may have
 substantial reconstruction work to do.
 \subsection{Assemble the Sources}
 For every binary that you produce, you should collect and maintain a copy
 of the sources from which it was built.  A large system, such as an
 embedded firmware, will probably contain many GPL'd and LGPL'd components
 for which you will have to provide source.  The binary distribution may
 also contain proprietary components which are separate and independent
 works that are covered by neither the GPL nor LGPL\@.
 The best way to separate out your sources is to have a subdirectory for
 each component in your system.  You can then easily mark some of them as
 required for your Corresponding Source releases.  Collecting
 subdirectories of GPL'd and LGPL'd components is the first step toward
 preparing your release.
 \subsection{Building the Sources}
 Few distributors, particularly of embedded systems, take care to read the
 actual definition of Corresponding Source in the GPL\@.  Consider
 carefully the definition, from GPLv3:
 \begin{quote}
   The ``Corresponding Source'' for a work in object code form means all
   the source code needed to generate, install, and (for an executable
   work) run the object code and to modify the work, including scripts to
   control those activities.
 \end{quote}
 and the definition from GPLv2:
 \begin{quote}
 The source code for a work means the preferred form of the work for making
 modifications to it.  For an executable work, complete source code means
 all the source code for all modules it contains, plus any associated
 interface definition files, plus the scripts used to control compilation
 and installation of the executable.
 \end{quote}
 Note that you must include ``scripts used to control compilation and
 installation of the executable'' and/or anything ``needed to generate,
 install, and (for an executable work) run the object code and to modify
 the work, including scripts to control those activities''.  These phrases
 are written to cover different types of build environments and systems.
 Therefore, the details of what you need to provide with regard to scripts
 and installation instructions vary depending on the software details.  You
 must provide all information necessary such that someone generally skilled
 with computer systems could produce a binary similar to the one provided.
 Take as an example an embedded wireless device.  Usually, a company
 distributes a firmware, which includes a binary copy of
 Linux\footnote{``Linux'' refers only to the kernel, not the larger system
   as a whole.} and a filesystem.  That filesystem contains various binary
 programs, including some GPL'd binaries, alongside some proprietary
 binaries that are separate works (i.e., not derived from, nor based on
 freely-licensed sources).  Consider what, in this case, constitutes adequate
 ``scripts to control compilation and installation'' or items ``needed to
 generate, install and run'' the GPL'd programs.
 Most importantly, you must provide some sort of roadmap that allows
 technically sophisticated users to build your software.  This can be
 complicated in an embedded environment.  If your developers use scripts to
 control the entire compilation and installation procedure, then you can
 simply provide those scripts to users along with the sources they act
 upon.  Sometimes, however, scripts were never written (e.g., the
 information on how to build the binaries is locked up in the mind of your
 ``build guru'').  In that case, we recommend that you write out build
 instructions in a natural language as a detailed, step-by-step {\sc
   readme}.
 No matter what you offer, you need to give those who receive source a
 clear path from your sources to binaries similar to the ones you ship.  If
 you ship a firmware (kernel plus filesystem), and the filesystem contains
 binaries of GPL'd programs, then you should provide whatever is necessary
 to enable a reasonably skilled user to build any given GPL'd source
 program (and modified versions thereof), and replace the given binary in
 your filesystem.  If the kernel is Linux, then the users must have the
 instructions to do the same with the kernel.  The best way to achieve this
 is to make available to your users whatever scripts or process your
 engineers would use to do the same.
 These are the general details for how installation instructions work.
 Details about what differs when the work is licensed under LGPL is
 discussed in \S~\ref{lgpl}, and specific details that are unique to
 GPLv3's installation instructions are in \S~\ref{user-products}.
 \subsection{What About the Compiler?}
 The GPL contains no provision that requires distribution of the compiler
 used to build the software.  While companies are encouraged to make it as
 easy as possible for their users to build the sources, inclusion of the
 compiler itself is not normally considered mandatory.  The Corresponding
 Source definition -- both in GPLv2 and GPLv3 -- has not been typically
 read to include the compiler itself, but rather things like makefiles,
 build scripts, and packaging scripts.
 Nonetheless, in the interest of goodwill and the spirit of the GPL, most
 companies do provide the compiler itself when they are able, particularly
 when the compiler is based on GCC\@ or another copylefted compiler.  If you have
 a GCC-based system, it is your prerogative to redistribute that GCC
 version (binaries plus sources) to your customers.  We in the software freedom
 community encourage you to do this, since it often makes it easier for
 users to exercise their software freedom.  However, if you chose to take
 this recommendation, ensure that your GCC distribution is itself
 compliant.
 If you have used a proprietary, third-party compiler to build the
 software, then you probably cannot ship it to your customers.  We consider
 the name of the compiler, its exact version number, and where it can be
 acquired as information that \emph{must} be provided as part of the
 Corresponding Source.  This information is essential to anyone who wishes
 to produce a binary.  It is not the intent of the GPL to require you to
 distribute third-party software tools to your customer (provided the tools
 themselves are not based on the GPL'd software shipped), but we do believe
 it requires that you give the user all the essential non-proprietary facts
 that you had at your disposal to build the software.  Therefore, if you
 choose not to distribute the compiler, you should include a {\sc readme}
 about where you got it, what version it was, and who to contact to acquire
 it, regardless of whether your compiler is Free Software, proprietary, or
 internally developed.
 \section{Best Practices and Corresponding Source}
 \S~\ref{best-practices} and \S~\ref{corresponding-source} above are
 closely related.  If you follow the best practices outlined above, you
 will find that preparing your Corresponding Source release is an easier
 task, perhaps even a trivial one.
 Indeed, the enforcement process itself has historically been useful to
 software development teams.  Development on a deadline can lead
 organizations to cut corners in a way that negatively impacts its
 development processes.  We have frequently been told by violators that
 they experience difficulty when determining the exact source for a binary
 in production (in some cases because their ``build guru'' quit during the
 release cycle).  When management rushes a development team to ship a
 release, they are less likely to keep release sources tagged and build
 systems well documented.
 We suggest that, if contacted about a violation, product builders use GPL
 enforcement as an opportunity to improve their development practices.  No
 developer would argue that their system is better for having a mysterious
 build system and no source tracking.  Address these issues by installing a
 revision system, telling your developers to use it, and requiring your
 build guru to document his or her work!
 \chapter{When The Letter Comes}
 Unfortunately, many GPL violators ignore their obligations until they are
 contacted by a copyright holder or the lawyer of a copyright holder.  You
 should certainly contact your own lawyer if you have received a letter
 alleging that you have infringed copyrights that were licensed to you
 under the GPL\@.  This section outlines a typical enforcement case and
 provides some guidelines for response.  These discussions are
 generalizations and do not all apply to every alleged violation.
 \section{Understanding Who's Enforcing}
 \label{compliance-understanding-whos-enforcing}
 % FIXME-LATER: this text needs work.
 Both  FSF and Conservancy has, as part their mission,  to spread software
 freedom. When FSF or Conservancy
 enforces GPL, the goal is to bring the violator back into compliance as
 quickly as possible, and redress the damage caused by the violation.
 That is FSF's steadfast position in a violation negotiation --- comply
 with the license and respect freedom.
 However, other entities who do not share the full ethos of software freedom
 as institutionalized by FSF pursue GPL violations differently.  Oracle, a
 company that produces the GPL'd MySQL database, upon discovering GPL
 violations typically negotiates a proprietary software license separately for
 a fee.  While this practice is not one that FSF nor Conservancy would ever
 consider undertaking or even endorsing, it is a legally way for copyright
 holders to proceed.
 Generally, GPL enforcers come in two varieties.  First, there are
 Conservancy, FSF, and other ``community enforcers'', who primary seek the
 policy goals of GPL (software freedom), and see financial compensation as
 ultimately secondary to those goals.  Second, there are ``for-profit
 enforcers'' who use the GPL as a either a crippleware license, or sneakily
 induce infringement merely to gain proprietary licensing revenue.
 Note that the latter model \textit{only} works for companies who hold 100\% of
 the copyrights in the infringed work.  As such, multi-copyright-held works
 are fully insulated from these tactics.
 \section{Communication Is Key}
 GPL violations are typically only escalated when a company ignores the
 copyright holder's initial communication or fails to work toward timely
 compliance.  Accused violators should respond very promptly to the
 initial request.  As the process continues, violators should follow up weekly with the
 copyright holders to make sure everyone agrees on targets and deadlines
 for resolving the situation.
 Ensure that any staff who might receive communications regarding alleged
 GPL violations understands how to channel the communication appropriately
 within your organization.  Often, initial contact is addressed for general
 correspondence (e.g., by mail to corporate headquarters or by e-mail to
 general informational or support-related addresses).  Train the staff that
 processes such communications to escalate them to someone with authority
 to take action.  An unknowledgable response to such an inquiry (e.g., from
 a first-level technical support person) can cause negotiations to fail
 prematurely.
 Answer promptly by multiple means (paper letter, telephone call, and
 email), even if your response merely notifies the sender that you are
 investigating the situation and will respond by a certain date.  Do not
 let the conversation lapse until the situation is fully resolved.
 Proactively follow up with synchronous communication means to be sure
 communications sent by non-reliable means (such as email) were received.
 Remember that the software freedom community generally values open communication and
 cooperation, and these values extend to GPL enforcement.  You will
 generally find that software freedom developers and their lawyers are willing to
 have a reasonable dialogue and will work with you to resolve a violation
 once you open the channels of communication in a friendly way.
 \section{Termination}
 Many redistributors overlook the GPL's termination provision (GPLv2~\S~4 and
 GPLv3~\S~8).  Under v2, violators forfeit their rights to redistribute and
 modify the GPL'd software until those rights are explicitly reinstated by
 the copyright holder.  In contrast, v3 allows violators to rapidly resolve
 some violations without consequence.
 If you have redistributed an application under GPLv2\footnote{This applies
   to all programs licensed to you under only GPLv2 (``GPLv2-only'').
   However, most so-called GPLv2 programs are actually distributed with
   permission to redistribute under GPLv2 \emph{or any later version of the
     GPL} (``GPLv2-or-later'').  In the latter cases, the redistributor can
   choose to redistribute under GPLv2, GPLv3, GPLv2-or-later or even
   GPLv3-or-later.  Where the redistributor has chosen v2 explicitly, the
   v2 termination provision will always apply.  If the redistributor has
   chosen v3, the v3 termination provision will always apply.  If the
   redistributor has chosen GPLv2-or-later, then the redistributor may want
   to narrow to GPLv3-only upon violation, to take advantage of the
   termination provisions in v3.}, but have violated the terms of GPLv2,
 you must request a reinstatement of rights from the copyright holders
 before making further distributions, or else cease distribution and
 modification of the software forever.  Different copyright holders
 condition reinstatement upon different requirements, and these
 requirements can be (and often are) wholly independent of the GPL\@.  The
 terms of your reinstatement will depend upon what you negotiate with the
 copyright holder of the GPL'd program.
 Since your rights under GPLv2 terminate automatically upon your initial
 violation, \emph{all your subsequent distributions} are violations and
 infringements of copyright.  Therefore, even if you resolve a violation on
 your own, you must still seek a reinstatement of rights from the copyright
 holders whose licenses you violated, lest you remain liable for
 infringement for even compliant distributions made subsequent to the
 initial violation.
 GPLv3 is more lenient.  If you have distributed only v3-licensed programs,
 you may be eligible under v3~\S~8 for automatic reinstatement of rights.
 You are eligible for automatic reinstatement when:
 \begin{itemize}
 \item you correct the violation and are not contacted by a copyright
   holder about the violation within sixty days after the correction, or
 \item you receive, from a copyright holder, your first-ever contact
   regarding a GPL violation, and you correct that violation within thirty
   days of receipt of copyright holder's notice.
 \end{itemize}
 In addition to these permanent reinstatements provided under v3, violators
 who voluntarily correct their violation also receive provisional
 permission to continue distributing until they receive contact from the
 copyright holder.  If sixty days pass without contact, that reinstatement
 becomes permanent.  Nonetheless, you should be prepared to cease
 distribution during those initial sixty days should you receive a
 termination notice from the copyright holder.
 Given that much discussion of v3 has focused on its so-called more
 complicated requirements, it should be noted that v3 is, in this regard,
 more favorable to violators than v2.
 \chapter{Standard Requests}
 As we noted above, different copyright holders have different requirements
 for reinstating a violator's distribution rights.  Upon violation, you no
 longer have a license under the GPL\@.  Copyright holders can therefore
 set their own requirements outside the license before reinstatement of
 rights.  We have collected below a list of reinstatement demands that
 copyright holders often require.
 \begin{itemize}
 \item {\bf Compliance on all Free Software copyrights}.  Copyright holders of Free Software
   often want a company to demonstrate compliance for all GPL'd software in
   a distribution, not just their own.  A copyright holder may refuse to
   reinstate your right to distribute one program unless and until you
   comply with the licenses of all Free Software in your distribution.
 \item {\bf Notification to past recipients}.  Users to whom you previously
   distributed non-compliant software should receive a communication
   (email, letter, bill insert, etc.) indicating the violation, describing
   their rights under the GPL, and informing them how to obtain a gratis source
   distribution.  If a customer list does not exist (such as in reseller
   situations), an alternative form of notice may be required (such as a
   magazine advertisement).
 \item {\bf Appointment of a GPL Compliance Officer.}  The software freedom community
   values personal accountability when things go wrong.  Copyright holders
   often require that you name someone within the violating company
   officially responsible for Free Software license compliance, and that this
   individual serve as the key public contact for the community when
   compliance concerns arise.
 \item {\bf Periodic Compliance Reports.}  Many copyright holders wish to
   monitor future compliance for some period of time after the violation.
   For some period, your company may be required to send regular reports on
   how many distributions of binary and source have occurred.
 \end{itemize}
 These are just a few possible requirements for reinstatement.  In the
 context of a GPL violation, and particularly under v2's termination
 provision, the copyright holder may have a range of requests in exchange
 for reinstatement of rights.  These software developers are talented
 professionals from whose work your company has benefited.  Indeed, you are
 unlikely to find a better value or more generous license terms for similar
 software elsewhere.  Treat the copyright holders with the same respect you
 treat your corporate partners and collaborators.
 \chapter{Special Topics in Compliance}
 There are several other issues that are less common, but also relevant in
 a GPL compliance situation.  To those who face them, they tend to be of
 particular interest.
 \section{LGPL Compliance}
 \label{lgpl}
 GPL compliance and LGPL compliance mostly involve the same issues.  As we
 discussed in \S~\ref{derivative-works}, questions of modified versions of
 software are highly fact-dependant and cannot be easily addressed in any
 overview document.  The LGPL adds some additional complexity to the
 analysis.  Namely, the various LGPL versions permit proprietary licensing
 of certain types of modified versions.  These issues are well beyond the
 scope of this document, but as a rule of thumb, once you have determined
 (in accordance with LGPLv3) what part of the work is the ``Application''
 and what portions of the source are ``Minimal Corresponding Source'', then
 you can usually proceed to follow the GPL compliance rules that we
 discussed, replacing our discussion of ``Corresponding Source'' with
 ``Minimal Corresponding Source''.
 LGPL also requires that you provide a mechanism to combine the Application
 with a modified version of the library, and outlines some options for
 this.  Also, the license of the whole work must permit ``reverse
 engineering for debugging such modifications'' to the library.  Therefore,
 you should take care that the EULA used for the Application does not
 contradict this permission.
 \section{Upstream Providers}
 \label{upstream}
 With ever-increasing frequency, software development (particularly for
 embedded devices) is outsourced to third parties.  If you rely on an
 upstream provider for your software, note that you \emph{cannot ignore
   your GPL compliance requirements} simply because someone else packaged
 the software that you distribute.  If you redistribute GPL'd software
 (which you do, whenever you ship a device with your upstream's software in
 it), you are bound by the terms of the GPL\@.  No distribution (including
 redistribution) is permissible absent adherence to the license terms.
 Therefore, you should introduce a due diligence process into your software
 acquisition plans.  This is much like the software-oriented
 recommendations we make in \S~\ref{best-practices}.  Implementing
 practices to ensure that you are aware of what software is in your devices
 can only improve your general business processes.  You should ask a clear
 list of questions of all your upstream providers and make sure the answers
 are complete and accurate.  The following are examples of questions you
 should ask:
 \begin{itemize}
 \item What are all the licenses that cover the software in this device?
 \item From which upstream vendors, be they companies or individuals, did
   \emph{you} receive your software from before distributing it to us?
 \item What are your GPL compliance procedures?
 \item If there is GPL'd software in your distribution, we will be
   redistributors of this GPL'd software.  What mechanisms do you have in
   place to aid us with compliance?
 \item If we follow your recommended compliance procedures, will you
   formally indemnify us in case we are nonetheless found to be in
   violation of the GPL?
 \end{itemize}
 This last point is particularly important.  Many GPL enforcements are
 escalated because of petty finger-pointing between the distributor and its
 upstream.  In our experience, agreements regarding GPL compliance issues
 and procedures are rarely negotiated up front.  However, when they are,
 violations are resolved much more smoothly (at least from the point of
 view of the redistributor).
 Consider the cost of potential violations in your acquisition process.
 Using Free Software allows software vendors to reduce costs significantly, but be
 wary of vendors who have done so without regard for the licenses.  If your
 vendor's costs seem ``too good to be true,'' you may ultimately bear the
 burden of the vendor's inattention to GPL compliance.  Ask the right
 questions, demand an account of your vendors' compliance procedures, and
 seek indemnity from them.
 \section{User Products and Installation Information}
 \label{user-products}
 GPLv3 requires you to provide ``Installation Information'' when v3
 software is distributed in a ``User Product.''  During the drafting of v3,
 the debate over this requirement was contentious.  However, the provision
 as it appears in the final license is reasonable and easy to understand.
 If you put GPLv3'd software into a User Product (as defined by the
 license) and \emph{you} have the ability to install modified versions onto
 that device, you must provide information that makes it possible for the
 user to install functioning, modified versions of the software.  Note that
 if no one, including you, can install a modified version, this provision
 does not apply.  For example, if the software is burned onto an
 non-field-upgradable ROM chip, and the only way that chip can be upgraded
 is by producing a new one via a hardware factory process, then it is
 acceptable that the users cannot electronically upgrade the software
 themselves.
 Furthermore, you are permitted to refuse support service, warranties, and
 software updates to a user who has installed a modified version.  You may
 even forbid network access to devices that behave out of specification due
 to such modifications.  Indeed, this permission fits clearly with usual
 industry practice.  While it is impossible to provide a device that is
 completely unmodifiable\footnote{Consider that the iPhone, a device
   designed primarily to restrict users' freedom to modify it, was unlocked
   and modified within 48 hours of its release.}, users are generally on
 notice that they risk voiding their warranties and losing their update and
 support services when they make modifications.\footnote{A popular t-shirt
   in the software freedom community reads: ``I void warranties.''.  Our community is
   well-known for modifying products with full knowledge of the
   consequences.  GPLv3's ``Installation Instructions'' section merely
   confirms that reality, and makes sure GPL rights can be fully exercised,
   even if users exercise those rights at their own peril.}
 GPLv3 is in many ways better for distributors who seek some degree of
 device lock-down.  Technical processes are always found for subverting any
 lock-down; pursuing it is a losing battle regardless.  With GPLv3, unlike
 with GPLv2, the license gives you clear provisions that you can rely on
 when you are forced to cut off support, service or warranty for a customer
 who has chosen to modify.
 \chapter{Conclusion}
 GPL compliance need not be an onerous process.  Historically, struggles
 have been the result of poor development methodologies and communications,
 rather than any unexpected application of the GPL's source code disclosure
 requirements.
 Compliance is straightforward when the entirety of your enterprise is
 well-informed and well-coordinated.  The receptionists should know how to
 route a GPL source request or accusation of infringement.  The lawyers
 should know the basic provisions of Free Software licenses and your source
 disclosure requirements, and should explain those details to the software
 developers.  The software developers should use a version control system
 that allows them to associate versions of source with distributed
 binaries, have a well-documented build process that anyone skilled in the
 art can understand, and inform the lawyers when they bring in new
 software.  Managers should build systems and procedures that keep everyone
 on target.  With these practices in place, any organization can comply
 with the GPL without serious effort, and receive the substantial benefits
 of good citizenship in the software freedom community, and lots of great code
 ready-made for their products.
 \vfill
 % LocalWords:  redistributors NeXT's Slashdot Welte gpl ISC embedders BusyBox
 % LocalWords:  someone's downloadable subdirectory subdirectories filesystem
 % LocalWords:  roadmap README upstream's Ravicher's Fossology readme CDs iPhone
 % LocalWords:  makefiles violator's

gpl-lgpl.tex

➞

Show inline comments

@@ ... @@
 copies, one may make money.  Re-distributors are fully permitted to charge
 for the re-distribution of copies of Free Software. In addition, they may
 provide the warranty protection that the GPL disclaims as an additional
 service for a fee. (See Section~\ref{Business Models} for more discussion
 on making a profit from Free Software redistribution.)
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{Derivative Works: Statute and Case Law}
 \label{derivative-works}
 We digress for this chapter from our discussion of GPL's exact text to
 consider the matter of derivative works --- a concept that we must
 understand fully before considering GPLv2~\S\S2--3\@. The GPL, and Free
 Software licensing in general, relies critically on the concept of
 ``derivative work'' since software that is ``independent,'' (i.e., not
 ``derivative'') of Free Software need not abide by the terms of the
 applicable Free Software license. As much is required by \S~106 of the
 Copyright Act, 17 U.S.C. \S~106 (2002), and admitted by Free Software
 licenses, such as the GPL, which (as we have seen) states in GPLv2~\S0 that ``a
 `work based on the Program' means either the Program or any derivative
 work under copyright law.'' It is being a derivative work of Free Software
 that triggers the necessity to comply with the terms of the Free Software
 license under which the original work is distributed. Therefore, one is
 left to ask, just what is a ``derivative work''? The answer to that
 question differs depending on which court is being asked.
 The analysis in this chapter sets forth the differing definitions of
 derivative work by the circuit courts. The broadest and most
 established definition of derivative work for software is the
 abstraction, filtration, and comparison test (``the AFC test'') as
 created and developed by the Second Circuit. Some circuits, including
 the Ninth Circuit and the First Circuit, have either adopted narrower
 versions of the AFC test or have expressly rejected the AFC test in
 favor of a narrower standard. Further, several other circuits have yet
 to adopt any definition of derivative work for software.
 As an introductory matter, it is important to note that literal copying of
 a significant portion of source code is not always sufficient to establish
 that a second work is a derivative work of an original
 program. Conversely, a second work can be a derivative work of an original
 program even though absolutely no copying of the literal source code of
 the original program has been made. This is the case because copyright
 protection does not always extend to all portions of a program's code,
 while, at the same time, it can extend beyond the literal code of a
 program to its non-literal aspects, such as its architecture, structure,
 sequence, organization, operational modules, and computer-user interface.
 \section{The Copyright Act}
 The copyright act is of little, if any, help in determining the definition
 of a derivative work of software. However, the applicable provisions do
 provide some, albeit quite cursory, guidance. Section 101 of the Copyright
 Act sets forth the following definitions:
 \begin{quotation}
 A ``computer program'' is a set of statements or instructions to be used
 directly or indirectly in a computer in order to bring about a certain
 result.
 A ``derivative work'' is a work based upon one or more preexisting works,
 such as a translation, musical arrangement, dramatization,
 fictionalization, motion picture version, sound recording, art
 reproduction, abridgment, condensation, or any other form in which a work
 may be recast, transformed, or adapted. A work consisting of editorial
 revisions, annotations, elaborations, or other modifications which, as a
 whole, represent an original work of authorship, is a ``derivative work.''
 \end{quotation}
 These are the only provisions in the Copyright Act relevant to the
 determination of what constitutes a derivative work of a computer
 program. Another provision of the Copyright Act that is also relevant to
 the definition of derivative work is \S~102(b), which reads as follows:
 \begin{quotation}
 In no case does copyright protection for an original work of authorship
 extend to any idea, procedure, process, system, method of operation,
 concept, principle, or discovery, regardless of the form in which it is
 described, explained, illustrated, or embodied in such work.
 \end{quotation}
 Therefore, before a court can ask whether one program is a derivative work
 of another program, it must be careful not to extend copyright protection
 to any ideas, procedures, processes, systems, methods of operation,
 concepts, principles, or discoveries contained in the original program. It
 is the implementation of this requirement to ``strip out'' unprotectable
 elements that serves as the most frequent issue over which courts
 disagree.
 \section{Abstraction, Filtration, Comparison Test}
 As mentioned above, the AFC test for determining whether a computer
 program is a derivative work of an earlier program was created by the
 Second Circuit and has since been adopted in the Fifth, Tenth, and
 Eleventh Circuits. Computer Associates Intl., Inc. v. Altai, Inc., 982
 F.2d 693 (2nd Cir. 1992); Engineering Dynamics, Inc. v. Structural
 Software, Inc., 26 F.3d 1335 (5th Cir. 1994); Kepner-Tregoe,
 Inc. v. Leadership Software, Inc., 12 F.3d 527 (5th Cir. 1994); Gates
 Rubber Co. v. Bando Chem. Indust., Ltd., 9 F.3d 823 (10th Cir. 1993);
 Mitel, Inc. v. Iqtel, Inc., 124 F.3d 1366 (10th Cir. 1997); Bateman
 v. Mnemonics, Inc., 79 F.3d 1532 (11th Cir. 1996); and, Mitek Holdings,
 Inc. v. Arce Engineering Co., Inc., 89 F.3d 1548 (11th Cir. 1996).
 Under the AFC test, a court first abstracts from the original program its
 constituent structural parts. Then, the court filters from those
 structural parts all unprotectable portions, including incorporated ideas,
 expression that is necessarily incidental to those ideas, and elements
 that are taken from the public domain. Finally, the court compares any and
 all remaining kernels of creative expression to the structure of the
 second program to determine whether the software programs at issue are
 substantially similar so as to warrant a finding that one is the
 derivative work of the other.
 Often, the courts that apply the AFC test will perform a quick initial
 comparison between the entirety of the two programs at issue in order to
 help determine whether one is a derivative work of the other. Such a
 holistic comparison, although not a substitute for the full application of
 the AFC test, sometimes reveals a pattern of copying that is not otherwise
 obvious from the application of the AFC test when, as discussed below,
 only certain components of the original program are compared to the second
 program. If such a pattern is revealed by the quick initial comparison,
 the court is more likely to conclude that the second work is indeed a
 derivative of the original.
 \subsection{Abstraction}
 The first step courts perform under the AFC test is separation of the
 work's ideas from its expression. In a process akin to reverse
 engineering, the courts dissect the original program to isolate each level
 of abstraction contained within it. Courts have stated that the
 abstractions step is particularly well suited for computer programs
 because it breaks down software in a way that mirrors the way it is
 typically created. However, the courts have also indicated that this step
 of the AFC test requires substantial guidance from experts, because it is
 extremely fact and situation specific.
 By way of example, one set of abstraction levels is, in descending order
 of generality, as follows: the main purpose, system architecture, abstract
 data types, algorithms and data structures, source code, and object
 code. As this set of abstraction levels shows, during the abstraction step
 of the AFC test, the literal elements of the computer program, namely the
 source and object code, are defined as particular levels of
 abstraction. Further, the source and object code elements of a program are
 not the only elements capable of forming the basis for a finding that a
 second work is a derivative of the program. In some cases, in order to
 avoid a lengthy factual inquiry by the court, the owner of the copyright in
 the original work will submit its own list of what it believes to be the
 protected elements of the original program. In those situations, the court
 will forgo performing its own abstraction, and proceed to the second step of
 the AFC test.
 \subsection{Filtration}
 The most difficult and controversial part of the AFC test is the second
 step, which entails the filtration of protectable expression contained in
 the original program from any unprotectable elements nestled therein. In
 determining which elements of a program are unprotectable, courts employ a
 myriad of rules and procedures to sift from a program all the portions
 that are not eligible for copyright protection.
 First, as set forth in \S~102(b) of the Copyright Act, any and all ideas
 embodied in the program are to be denied copyright protection. However,
 implementing this rule is not as easy as it first appears. The courts
 readily recognize the intrinsic difficulty in distinguishing between ideas
 and expression and that, given the varying nature of computer programs,
 doing so will be done on an ad hoc basis. The first step of the AFC test,
 the abstraction, exists precisely to assist in this endeavor by helping
 the court separate out all the individual elements of the program so that
 they can be independently analyzed for their expressive nature.
 A second rule applied by the courts in performing the filtration step of
 the AFC test is the doctrine of merger, which denies copyright protection
 to expression necessarily incidental to the idea being expressed. The
 reasoning behind this doctrine is that when there is only one way to
 express an idea, the idea and the expression merge, meaning that the
 expression cannot receive copyright protection due to the bar on copyright
 protection extending to ideas. In applying this doctrine, a court will ask
 whether the program's use of particular code or structure is necessary for
 the efficient implementation of a certain function or process. If so, then
 that particular code or structure is not protected by copyright and, as a
 result, it is filtered away from the remaining protectable expression.
 A third rule applied by the courts in performing the filtration step of
 the AFC test is the doctrine of scenes a faire, which denies copyright
 protection to elements of a computer program that are dictated by external
 factors. Such external factors can include:
 \begin{itemize}
   \item The mechanical
 specifications of the computer on which a particular program is intended
 to operate
   \item Compatibility requirements of other programs with which a
 program is designed to operate in conjunction
   \item Computer manufacturers'
 design standards
   \item Demands of the industry being serviced, and widely accepted programming practices within the computer industry
 \end{itemize}
 Any code or structure of a program that was shaped predominantly in
 response to these factors is filtered out and not protected by
 copyright. Lastly, elements of a computer program are also to be filtered
 out if they were taken from the public domain or fail to have sufficient
 originality to merit copyright protection.
 Portions of the source or object code of a computer program are rarely
 filtered out as unprotectable elements. However, some distinct parts of
 source and object code have been found unprotectable. For example,
 constants, the invariable integers comprising part of formulas used to
 perform calculations in a program, are unprotectable. Further, although
 common errors found in two programs can provide strong evidence of
 copying, they are not afforded any copyright protection over and above the
 protection given to the expression containing them.
 \subsection{Comparison}
 The third and final step of the AFC test entails a comparison of the
 original program's remaining protectable expression to a second
 program. The issue will be whether any of the protected expression is
 copied in the second program and, if so, what relative importance the
 copied portion has with respect to the original program overall. The
 ultimate inquiry is whether there is ``substantial'' similarity between
 the protected elements of the original program and the potentially
 derivative work. The courts admit that this process is primarily
 qualitative rather than quantitative and is performed on a case-by-case
 basis. In essence, the comparison is an ad hoc determination of whether
 the protectable elements of the original program that are contained in the
 second work are significant or important parts of the original program. If
 so, then the second work is a derivative work of the first. If, however,
 the amount of protectable elements copied in the second work are so small
 as to be de minimis, then the second work is not a derivative work of the
 original.
 \section{Analytic Dissection Test}
 The Ninth Circuit has adopted the analytic dissection test to determine
 whether one program is a derivative work of another. Apple Computer,
 Inc. v. Microsoft Corp., 35 F.3d 1435 (9th Cir. 1994). The analytic
 dissection test first considers whether there are substantial similarities
 in both the ideas and expressions of the two works at issue. Once the
 similar features are identified, analytic dissection is used to determine
 whether any of those similar features are protected by copyright. This
 step is the same as the filtration step in the AFC test. After identifying
 the copyrightable similar features of the works, the court then decides
 whether those features are entitled to ``broad'' or ``thin''
 protection. ``Thin'' protection is given to non-copyrightable facts or
 ideas that are combined in a way that affords copyright protection only
 from their alignment and presentation, while ``broad'' protection is given
 to copyrightable expression itself. Depending on the degree of protection
 afforded, the court then sets the appropriate standard for a subjective
 comparison of the works to determine whether, as a whole, they are
 sufficiently similar to support a finding that one is a derivative work of
 the other. ``Thin'' protection requires the second work be virtually
 identical in order to be held a derivative work of an original, while
 ``broad'' protection requires only a ``substantial similarity.''
 \section{No Protection for ``Methods of Operation''}
 The First Circuit has taken the position that the AFC test is inapplicable
 when the works in question relate to unprotectable elements set forth in
 \S~102(b).  Their approach results in a much narrower definition
 of derivative work for software in comparison to other circuits. Specifically,
 the
 First Circuit holds that ``method of operation,'' as used in \S~102(b) of
 the Copyright Act, refers to the means by which users operate
 computers. Lotus Development Corp. v. Borland Int'l., Inc., 49 F.3d 807
 (1st Cir. 1995).  In Lotus, the court held that a menu command
 hierarchy for a computer program was uncopyrightable because it did not
 merely explain and present the program's functional capabilities to the
 user, but also served as a method by which the program was operated and
 controlled. As a result, under the First Circuit's test, literal copying
 of a menu command hierarchy, or any other ``method of operation,'' cannot
 form the basis for a determination that one work is a derivative of
 another.  As a result, courts in the First Circuit that apply the AFC test
 do so only after applying a broad interpretation of \S~102(b) to filter out
 unprotected elements. E.g., Real View, LLC v. 20-20 Technologies, Inc.,
 F. Supp.2d 147, 154 (D. Mass. 2010).
 \section{No Test Yet Adopted}
 Several circuits, most notably the Fourth and Seventh, have yet to
 declare their definition of derivative work and whether or not the
 AFC, Analytic Dissection, or some other test best fits their
 interpretation of copyright law. Therefore, uncertainty exists with
 respect to determining the extent to which a software program is a
 derivative work of another in those circuits. However, one may presume
 that they would give deference to the AFC test since it is by far the
 majority rule among those circuits that have a standard for defining
 a software derivative work.
 \section{Cases Applying Software Derivative Work Analysis}
 In the preeminent case regarding the definition of a derivative work for
 software, Computer Associates v. Altai, the plaintiff alleged that its
 program, Adapter, which was used to handle the differences in operating
 system calls and services, was infringed by the defendant's competitive
 program, Oscar. About 30\% of Oscar was literally the same code as
 that in Adapter. After the suit began, the defendant rewrote those
 portions of Oscar that contained Adapter code in order to produce a new
 version of Oscar that was functionally competitive with Adapter, without
 having any literal copies of its code. Feeling slighted still, the
 plaintiff alleged that even the second version of Oscar, despite having no
 literally copied code, also infringed its copyrights. In addressing that
 question, the Second Circuit promulgated the AFC test.
 In abstracting the various levels of the program, the court noted a
 similarity between the two programs' parameter lists and macros. However,
 following the filtration step of the AFC test, only a handful of the lists
 and macros were protectable under copyright law because they were either
 in the public domain or required by functional demands on the
 program. With respect to the handful of parameter lists and macros that
 did qualify for copyright protection, after performing the comparison step
 of the AFC test, it was reasonable for the district court to conclude that
 they did not warrant a finding of infringement given their relatively minor
 contribution to the program as a whole. Likewise, the similarity between
 the organizational charts of the two programs was not substantial enough
 to support a finding of infringement because they were too simple and
 obvious to contain any original expression.
 In the case of Oracle America v. Google, 872 F. Supp.2d 974 (N.D. Cal. 2012),
 the Northern District of California District Court examined the question of
 whether the application program interfaces (APIs) associated with the Java
 programming language are entitled to copyright protection.  While the
 court expressly declined to rule whether all APIs are free to use without
 license (872 F. Supp.2d 974 at 1002), the court held that the command
 structure and taxonomy of the APIs were not protectable under copyright law.
 Specifically, the court characterized the command structure and taxonomy as
 both a ``method of operation'' (using an approach not dissimilar to the
 First Circuit's analysis in Lotus) and a ``functional requirement for
 compatibility'' (using Sega v. Accolade, 977 F.2d 1510 (9th Cir. 1992) and
 Sony Computer Ent. v. Connectix, 203 F.3d 596 (9th Cir. 2000) as analogies),
 and thus unprotectable subject matter under \S~102(b).
 Perhaps not surprisingly, there have been few other cases involving a highly
 detailed software derivative work analysis. Most often, cases involve
 clearer basis for decision, including frequent bad faith on the part of
 the defendant or over-aggressiveness on the part of the plaintiff.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{Modified Source and Binary Distribution}
 \label{source-and-binary}
 In this chapter, we discuss the two core sections that define the rights
 and obligations for those who modify, improve, and/or redistribute GPL'd
 software. These sections, GPLv2~\S\S2--3, define the central core rights and
 requirements of GPLv2\@.
 \section{GPLv2~\S2: Share and Share Alike}
 \label{GPLv2s2}
 For many, this is where the ``magic'' happens that defends software
 freedom upon redistribution.  GPLv2~\S2 is the only place in GPLv2
 that governs the modification controls of copyright law.  If users
 modify a GPLv2'd program, they must follow the terms of GPLv2~\S2 in making
 those changes.  Thus, this sections ensures that the body of GPL'd software, as it
 continues and develops, remains Free as in freedom.
 To achieve that goal, GPLv2~\S2 first sets forth that the rights of
 redistribution of modified versions are the same as those for verbatim
 copying, as presented in GPLv2~\S1.  Therefore, the details of charging money,
 keeping copyright notices intact, and other GPLv2~\S1 provisions are in tact
 here as well.  However, there are three additional requirements.
 The first (GPLv2~\S2(a)) requires that modified files carry ``prominent
 notices'' explaining what changes were made and the date of such
 changes. This section does not prescribe some specific way of
 marking changes nor does it control the process of how changes are made.
 Primarily, GPLv2~\S2(a) seeks to ensure that those receiving modified
 versions know the history of changes to the software.  For some users,
 it is important to know that they are using the standard version of
 program, because while there are many advantages to using a fork,
 there are a few disadvantages.  Users should be informed about the
 historical context of the software version they use, so that they can
 make proper support choices.  Finally, GPLv2~\S2(a) serves an academic
 purpose --- ensuring that future developers can use a diachronic
 approach to understand the software.
 \medskip
 The second requirement (GPLv2~\S2(b)) contains the four short lines that embody
 the legal details of ``share and share alike''.  These 46 words are
 considered by some to be the most worthy of careful scrutiny because
 GPLv2~\S2(b), and they
 can be a source of great confusion when not properly understood.
 In considering GPLv2~\S2(b), first note the qualifier: it \textit{only} applies to
 derivative works that ``you distribute or publish''.  Despite years of
 education efforts on this matter, many still believe that modifiers
 of GPL'd software \textit{must} publish or otherwise
 share their changes.  On the contrary, GPLv2~\S2(b) {\bf does not apply if} the
 changes are never distributed.  Indeed, the freedom to make private,
 personal, unshared changes to software for personal use only should be
 protected and defended.\footnote{Most Free Software enthusiasts believe there is a {\bf
     moral} obligation to redistribute changes that are generally useful,
   and they often encourage companies and individuals to do so.  However, there
   is a clear distinction between what one {\bf ought} to do and what one
   {\bf must} do.}
 Next, we again encounter the same matter that appears in GPLv2~\S0, in the
 following text:
 \begin{quote}
 ``...that in whole or part contains or is derived from the Program or any part thereof.''
 \end{quote}
 Again, the GPL relies here on what the copyright law says is a derivative
 work.  If, under copyright law, the modified version ``contains or is
 derived from'' the GPL'd software, then the requirements of GPLv2~\S2(b)
 apply.  The GPL invokes its control as a copyright license over the
 modification of the work in combination with its control over distribution
 of the work.
 The final clause of GPLv2~\S2(b) describes what the licensee must do if she is
 distributing or publishing a work that is deemed a derivative work under
 copyright law --- namely, the following:
 \begin{quote}
 [The work must] be licensed as a whole at no charge to all third parties
 under the terms of this License.
 \end{quote}
 That is probably the most tightly-packed phrase in all of the GPL\@.
 Consider each subpart carefully.
 The work ``as a whole'' is what is to be licensed. This is an important
 point that GPLv2~\S2 spends an entire paragraph explaining; thus this phrase is
 worthy of a lengthy discussion here.  As a programmer modifies a software
 program, she generates new copyrighted material --- fixing expressions of
 ideas into the tangible medium of electronic file storage.  That
 programmer is indeed the copyright holder of those new changes.  However,
 those changes are part and parcel to the original work distributed to
 the programmer under GPL\@. Thus, the license of the original work
 affects the license of the new whole derivative work.
 % {\cal I}
 \newcommand{\gplusi}{$\mathcal{G\!\!+\!\!I}$}
 \newcommand{\worki}{$\mathcal{I}$}
 \newcommand{\workg}{$\mathcal{G}$}
 \label{separate-and-independent}
 It is certainly possible to take an existing independent work (called
 \worki{}) and combine it with a GPL'd program (called \workg{}).  The
 license of \worki{}, when it is distributed as a separate and independent
 work, remains the prerogative of the copyright holder of \worki{}.
 However, when \worki{} is combined with \workg{}, it produces a new work
 that is the combination of the two (called \gplusi{}). The copyright of
 this combined work, \gplusi{}, is held by the original copyright
 holder of each of the two works.
 In this case, GPLv2~\S2 lays out the terms by which \gplusi{} may be
 distributed and copied.  By default, under copyright law, the copyright
 holder of \worki{} would not have been permitted to distribute \gplusi{};
 copyright law forbids it without the expressed permission of the copyright
 holder of \workg{}. (Imagine, for a moment, if \workg{} were a proprietary
 product --- would its copyright holders  give you permission to create and distribute
 \gplusi{} without paying them a hefty sum?)  The license of \workg{}, the
 GPL, states the  options for the copyright holder of \worki{}
 who may want to create and distribute \gplusi{}. The  GPL's pre-granted
 permission to create and distribute derivative works, provided the terms
 of the GPL are upheld, goes far above and beyond the permissions that one
 would get with a typical work not covered by a copyleft license.  (Thus, to
 say that this condition is any way unreasonable is simply ludicrous.)
 \medskip
 \label{GPLv2s2-at-no-charge}
 The next phrase of note in GPLv2~\S2(b) is ``licensed \ldots at no charge.''
 This phrase  confuses many.  The sloppy reader points out this as ``a
 contradiction in GPL'' because (in their confused view) that clause of GPLv2~\S2 says that re-distributors cannot
 charge for modified versions of GPL'd software, but GPLv2~\S1 says that
 they can.  Avoid this confusion: the ``at no charge'' \textbf{does not} prohibit re-distributors from
 charging when performing the acts governed by copyright
 law,\footnote{Recall that you could by default charge for any acts not
 governed by copyright law, because the license controls are confined
 by copyright.} but rather that they cannot charge a fee for the
 \emph{license itself}.  In other words, redistributors of (modified
 and unmodified) GPL'd works may charge any amount they choose for
 performing the modifications on contract or the act of transferring
 the copy to the customer, but they may not charge a separate licensing
 fee for the software.
 GPLv2~\S2(b) further states that the software must ``be licensed \ldots to all
 third parties.''  This too yields some confusion, and feeds the
 misconception mentioned earlier --- that all modified versions must be made
 available to the public at large.  However, the text here does not say
 that.  Instead, it says that the licensing under terms of the GPL must
 extend to anyone who might, through the distribution chain, receive a copy
 of the software.  Distribution to all third parties is not mandated here,
 but GPLv2~\S2(b) does require re-distributors to license the derivative works in
 a way that extends to all third parties who may ultimately receive a
 copy of the software.
 In summary, GPLv2\ 2(b) says what terms under which the third parties must
 receive this no-charge license.  Namely, they receive it ``under the terms
 of this License'', the GPLv2.  When an entity \emph{chooses} to redistribute
 a derivative work of GPL'd software, the license of that whole
 work must be GPL and only GPL\@.  In this manner, GPLv2~\S2(b) dovetails nicely
 with GPLv2~\S6 (as discussed in Section~\ref{GPLv2s6} of this tutorial).
 \medskip
 The final paragraph of GPLv2~\S2 is worth special mention.  It is possible and
 quite common to aggregate various software programs together on one
 distribution medium.  Computer manufacturers do this when they ship a
 pre-installed hard drive, and GNU/Linux distribution vendors do this to
 give a one-stop CD or URL for a complete operating system with necessary
 applications.  The GPL very clearly permits such ``mere aggregation'' with
 programs under any license.  Despite what you hear from its critics, the
 GPL is nothing like a virus, not only because the GPL is good for you and
 a virus is bad for you, but also because simple contact with a GPL'd
 code-base does not impact the license of other programs.  A programmer must
 expend actual effort  to cause a work to fall under the terms
 of the GPL.  Redistributors are always welcome to simply ship GPL'd
 software alongside proprietary software or other unrelated Free Software,
 as long as the terms of GPL are adhered to for those packages that are
 truly GPL'd.
 \section{GPLv2~\S3: Producing Binaries}
 \label{GPLv2s3}
 Software is a strange beast when compared to other copyrightable works.
 It is currently impossible to make a film or a book that can be truly
 obscured.  Ultimately, the full text of a novel, even one written by
 William Faulkner, must be presented to the reader as words in some
 human-readable language so that they can enjoy the work.  A film, even one
 directed by David Lynch, must be perceptible by human eyes and ears to
 have any value.
 Software is not so.  While the source code --- the human-readable
 representation of software is of keen interest to programmers -- users and
 programmers alike cannot make the proper use of software in that
 human-readable form.  Binary code --- the ones and zeros that the computer
 can understand --- must be predicable and attainable for the software to
 be fully useful.  Without the binaries, be they in object or executable
 form, the software serves only the didactic purposes of computer science.
 Under copyright law, binary representations of the software are simply
 derivative works of the source code.  Applying a systematic process (i.e.,
 ``compilation''\footnote{``Compilation'' in this context refers to the
   automated computing process of converting source code into binaries.  It
   has absolutely nothing to do with the term ``compilation'' in copyright statues.}) to a work of source code yields binary code. The binary
 code is now a new work of expression fixed in the tangible medium of
 electronic file storage.
 Therefore, for GPL'd software to be useful, the GPL, since it governs the
 rules for creation of derivative works, must grant permission for the
 generation of binaries.  Furthermore, notwithstanding the relative
 popularity of source-based GNU/Linux distributions like Gentoo, users find
 it extremely convenient to receive distribution of binary software.  Such
 distribution is the redistribution of derivative works of the software's
 source code.  GPLv2~\S3 addresses the matter of creation and distribution of
 binary versions.
 Under GPLv2~\S3, binary versions may be created and distributed under the
 terms of GPLv2~\S1--2, so all the material previously discussed applies
 here.  However, GPLv2~\S3 must go a bit further.  Access to the software's
 source code is an incontestable prerequisite for the exercise of the
 fundamental freedoms to modify and improve the software.  Making even
 the most trivial changes to a software program at the binary level is
 effectively impossible.  GPLv2~\S3 must ensure that the binaries are never
 distributed without the source code, so that these freedoms are passed
 through the distribution chain.
 GPLv2~\S3 permits distribution of binaries, and then offers three options for
 distribution of source code along with binaries. The most common and the
 least complicated is the option given under GPLv2~\S3(a).
 GPLv2~\S3(a) offers the option to directly accompany the source code alongside
 the distribution of the binaries.  This is by far the most convenient
 option for most distributors, because it means that the source-code
 provision obligations are fully completed at the time of binary
 distribution (more on that later).
 Under GPLv2~\S3(a), the source code provided must be the ``corresponding source
 code.''  Here ``corresponding'' primarily means that the source code
 provided must be that code used to produce the binaries being distributed.
 That source code must also be ``complete''.   GPLv2~\S3's penultimate paragraph
 explains in detail what is meant by ``complete''.  In essence, it is all
 the material that a programmer of average skill would need to actually use
 the source code to produce the binaries she has received.  Complete source
 is required so that, if the licensee chooses, she should be able to
 exercise her freedoms to modify and redistribute changes.  Without the
 complete source, it would not be possible to make changes that were
 actually directly derived from the version received.
 Furthermore, GPLv2~\S3 is defending against a tactic that has in fact been
 seen in GPL enforcement.  Under GPL, if you pay a high price for
 a copy of GPL'd binaries (which comes with corresponding source, of
 course), you have the freedom to redistribute that work at any fee you
 choose, or not at all.  Sometimes, companies attempt a GPL-violating
 cozenage whereby they produce very specialized binaries (perhaps for
 an obscure architecture).  They then give source code that does
 correspond, but withhold the ``incantations'' and build plans they
 used to make that source compile into the specialized binaries.
 Therefore, GPLv2~\S3 requires that the source code include ``meta-material'' like
 scripts, interface definitions, and other material that is used to
 ``control compilation and installation'' of the binaries.  In this
 manner, those further down the distribution chain are assured that
 they have the unabated freedom to build their own derivative works
 from the sources provided.
 Software distribution comes in many
 forms.  Embedded manufacturers, for example, have the freedom to put
 GPL'd software into mobile devices with very tight memory and space
 constraints.  In such cases, putting the source right alongside the
 binaries on the machine itself might not be an option.  While it is
 recommended that this be the default way that people comply with GPL, the
 GPL does provide options when such distribution is unfeasible.
 \label{GPLv2s3-medium-customarily}
 GPLv2~\S3, therefore, allows source code to be provided on any physical
 ``medium customarily used for software interchange.''  By design, this
 phrase covers a broad spectrum --- the phrase seeks to pre-adapt to
 changes in  technology.  When GPLv2 was first published in June
 , distribution on magnetic tape was still common, and CD was
 relatively new.  By 2002, CD was the default.  By 2007, DVD's were the
 default.  Now, it's common to give software on USB drives and SD cards.  This
 language in the license must adapt with changing technology.
 Meanwhile, the binding created by the word ``customarily'' is key.  Many
 incorrectly believe that distributing binary on CD and source on the
 Internet is acceptable.  In the corporate world in industrialized countries, it is indeed customary to
 simply download a CDs' worth of data quickly.  However, even today in the USA, many computer users are not connected to the Internet, and most people connected
 to the Internet still have limited download speeds.  Downloading
 CDs full of data is not customary for them in the least.  In some cities
 in Africa, computers are becoming more common, but Internet connectivity
 is still available only at a few centralized locations.  Thus, the
 ``customs'' here are normalized for a worldwide userbase.  Simply
 providing source on the Internet --- while it is a kind, friendly and
 useful thing to do --- is not usually sufficient.
 Note, however, a major exception to this rule, given by the last paragraph
 of GPLv2~\S3. \emph{If} distribution of the binary files is made only on the
 Internet (i.e., ``from a designated place''), \emph{then} simply providing
 the source code right alongside the binaries in the same place is
 sufficient to comply with GPLv2~\S3.
 \medskip
 As is shown above, under GPLv2~\S3(a), embedded manufacturers can put the
 binaries on the device and ship the source code along on a CD\@.  However,
 sometimes this turns out to be too costly.  Including a CD with every
 device could prove too costly, and may practically (although not legally)
 prohibit using GPL'd software. For this situation and others like it, GPLv2\S~3(b) is available.
 GPLv2~\S3(b) allows a distributor of binaries to instead provide a written
 offer for source code alongside those binaries.  This is useful in two
 specific ways.  First, it may turn out that most users do not request the
 source, and thus the cost of producing the CDs is saved --- a financial
 and environmental windfall.  In addition, along with a GPLv2~\S3(b) compliant
 offer for source, a binary distributor might choose to \emph{also} give a
 URL for source code.  Many who would otherwise need a CD with source might
 turn out to have those coveted high bandwidth connections, and are able to
 download the source instead --- again yielding environmental and financial
 windfalls.
 However, note that regardless of how many users prefer to get the
 source online, GPLv2~\S3(b) does place lasting long-term obligations on the
 binary distributor.  The binary distributor must be prepared to honor
 that offer for source for three years and ship it out (just as they
 would have had to do under GPLv2~\S3(a)) at a moment's notice when they
 receive such a request.  There is real organizational cost here:
 support engineers must be trained how to route source requests, and
 source CD images for every release version for the last three years
 must be kept on hand to burn such CDs quickly. The requests might not
 even come from actual customers; the offer for source must be valid
 for ``any third party''.
 That phrase is another place where some get confused --- thinking again
 that full public distribution of source is required.  The offer for source
 must be valid for ``any third party'' because of the freedoms of
 redistribution granted by GPLv2~\S\S1--2.  A company may ship a binary image
 and an offer for source to only one customer.  However, under GPL, that
 customer has the right to redistribute that software to the world if she
 likes.  When she does, that customer has an obligation to make sure that
 those who receive the software from her can exercise their freedoms under
 GPL --- including the freedom to modify, rebuild, and redistribute the
 source code.
 GPLv2~\S3(c) is created to save her some trouble, because by itself GPLv2~\S3(b)
 would unfairly favor large companies.  GPLv2~\S3(b) allows the
 separation of the binary software from the key tool that people can use
 to exercise their freedom. The GPL permits this separation because it is
 good for re-distributors, and those users who turn out not to need the
 source.  However, to ensure equal rights for all software users, anyone
 along the distribution chain must have the right to get the source and
 exercise those freedoms that require it.
 Meanwhile, GPLv2~\S3(b)'s compromise primarily benefits companies that
 distribute binary software commercially.  Without GPLv2~\S3(c), that benefit
 would be at the detriment of the companies' customers; the burden of
 source code provision would be unfairly shifted to the companies'
 customers.  A customer, who had received binaries with a GPLv2~\S3(b)-compliant
 offer, would be required under GPLv2 (sans GPLv2~\S3(c)) to acquire the source,
 merely to give a copy of the software to a friend who needed it.  GPLv2~\S3(c)
 reshifts this burden to entity who benefits from GPLv2~\S3(b).
 GPLv2~\S3(c) allows those who undertake \emph{noncommercial} distribution to
 simply pass along a GPLv2~\S3(b)-compliant source code offer.  The customer who
 wishes to give a copy to her friend can now do so without provisioning the
 source, as long as she gives that offer to her friend.  By contrast, if
 she wanted to go into business for herself selling CDs of that software,
 she would have to acquire the source and either comply via GPLv2~\S3(a), or
 write her own GPLv2~\S3(b)-compliant source offer.
 This process is precisely the reason why a GPLv2~\S3(b) source offer must be
 valid for all third parties.  At the time the offer is made, there is no
 way of knowing who might end up noncommercially receiving a copy of the
 software.  Companies who choose to comply via GPLv2~\S3(b) must thus be
 prepared to honor all incoming source code requests.  For this and the
 many other additional necessary complications under GPLv2~\S\S3(b--c), it is
 only rarely a better option than complying via GPLv2~\S3(a).
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{GPL's Implied Patent Grant}
 \label{gpl-implied-patent-grant}
 We digress again briefly from our section-by-section consideration of GPLv2
 to consider the interaction between the terms of GPL and patent law. The
 GPLv2, despite being silent with respect to patents, actually confers on its
 licensees more rights to a licensor's patents than those licenses that
 purport to address the issue. This is the case because patent law, under
 the doctrine of implied license, gives to each distributee of a patented
 article a license from the distributor to practice any patent claims owned
 or held by the distributor that cover the distributed article. The
 implied license also extends to any patent claims owned or held by the
 distributor that cover ``reasonably contemplated uses'' of the patented
 article. To quote the Federal Circuit Court of Appeals, the highest court
 for patent cases other than the Supreme Court:
 \begin{quotation}
 Generally, when a seller sells a product without restriction, it in
 effect promises the purchaser that in exchange for the price paid, it will
 not interfere with the purchaser's full enjoyment of the product
 purchased. The buyer has an implied license under any patents of the
 seller that dominate the product or any uses of the product to which the
 parties might reasonably contemplate the product will be put.
 \end{quotation}
 Hewlett-Packard Co. v. Repeat-O-Type Stencil Mfg. Corp., Inc., 123 F.3d
 , 1451 (Fed. Cir. 1997).
 Of course, Free Software is licensed, not sold, and there are indeed
 restrictions placed on the licensee, but those differences are not likely
 to prevent the application of the implied license doctrine to Free
 Software, because software licensed under the GPL grants the licensee the
 right to make, use, and sell the software, each of which are exclusive
 rights of a patent holder. Therefore, although the GPLv2 does not expressly
 grant the licensee the right to do those things under any patents the
 licensor may have that cover the software or its reasonably contemplated
 uses, by licensing the software under the GPLv2, the distributor impliedly
 licenses those patents to the GPLv2 licensee with respect to the GPLv2'd
 software.
 An interesting issue regarding this implied patent license of GPLv2'd
 software is what would be considered ``uses of the [software] to which
 the parties might reasonably contemplate the product will be put.'' A
 clever advocate may argue that the implied license granted by GPLv2 is
 larger in scope than the express license in other Free Software
 licenses with express patent grants, in that the patent license
 clause of many of those other Free  Software licenses are specifically
 limited to the patent claims covered by the code as licensed by the patentee.
 In contrast, a GPLv2 licensee, under the doctrine of implied patent license,
 is free to practice any patent claims held by the licensor that cover
 ``reasonably contemplated uses'' of the GPL'd code, which may very well
 include creation and distribution of derivative works since the GPL's terms,
 under which the patented code is distributed, expressly permits such activity.
 Further supporting this result is the Federal Circuit's pronouncement that
 the recipient of a patented article has, not only an implied license to
 make, use, and sell the article, but also an implied patent license to
 repair the article to enable it to function properly, Bottom Line Mgmt.,
 Inc. v. Pan Man, Inc., 228 F.3d 1352 (Fed. Cir. 2000). Additionally, the
 Federal Circuit extended that rule to include any future recipients of the
 patented article, not just the direct recipient from the distributor.
 This theory comports well with the idea of Free Software, whereby software
 is distributed among many entities within the community for the purpose
 of constant evolution and improvement. In this way, the law of implied
 patent license used by the GPLv2 ensures that the community mutually
 benefits from the licensing of patents to any single community member.
 Note that simply because GPLv2'd software has an implied patent license does
 not mean that any patents held by a distributor of GPLv2'd code become
 worthless. To the contrary, the patents are still valid and enforceable
 against either:
 \begin{enumerate}
  \renewcommand{\theenumi}{\alph{enumi}}
  \renewcommand{\labelenumi}{\textup{(\theenumi)}}
 \item any software other than that licensed under the GPLv2 by the patent
   holder, and
 \item any party that does not comply with the GPLv2
 with respect to the licensed software.
 \end{enumerate}
 \newcommand{\compB}{$\mathcal{B}$}
 \newcommand{\compA}{$\mathcal{A}$}
 For example, if Company \compA{} has a patent on advanced Web browsing, but
 also licenses a Web browsing program under the GPLv2, then it
 cannot assert the patent against any party based on that party's use of
 Company \compA{}'s GPL'ed Web browsing software program, or on that party's
 creation and use of derivative works of that GPL'ed program.  However, if a
 party uses that program without
 complying with the GPLv2, then Company \compA{} can assert both copyright
 infringement claims against the non-GPLv2-compliant party and
 infringement of the patent, because the implied patent license only
 extends to use of the software in accordance with the GPLv2. Further, if
 Company \compB{} distributes a competitive advanced Web browsing program
 that is not a derivative work of Company \compA{}'s GPL'd Web browsing software
 program, Company \compA{} is free to assert its patent against any user or
 distributor of that product. It is irrelevant whether Company \compB's
 program is also distributed under the GPLv2, as Company \compB{} can not grant
 implied licenses to Company \compA's patent.
 This result also reassures companies that they need not fear losing their
 proprietary value in patents to competitors through the GPLv2 implied patent
 license, as only those competitors who adopt and comply with the GPLv2's
 terms can benefit from the implied patent license. To continue the
 example above, Company \compB{} does not receive a free ride on Company
 \compA's patent, as Company \compB{} has not licensed-in and then
 redistributed Company A's advanced Web browser under the GPLv2. If Company
 \compB{} does do that, however, Company \compA{} still has not lost
 competitive advantage against Company \compB{}, as Company \compB{} must then,
 when it re-distributes Company \compA's program, grant an implied license
 to any of its patents that cover the program. Further, if Company \compB{}
 relicenses an improved version of Company A's program, it must do so under
 the GPLv2, meaning that any patents it holds that cover the improved version
 are impliedly licensed to any licensee. As such, the only way Company
 \compB{} can benefit from Company \compA's implied patent license, is if it,
 itself, distributes Company \compA's software program and grants an
 implied patent license to any of its patents that cover that program.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{Defending Freedom on Many Fronts}
 Chapters~\ref{run-and-verbatim} and~\ref{source-and-binary} presented the
 core freedom-defending provisions of GPLv2\@, which are in GPLv2~\S\S0--3.
 GPLv2\S\S~4--7 of the GPLv2 are designed to ensure that GPLv2~\S\S0--3 are
 not infringed, are enforceable, are kept to the confines of copyright law but
 also  not trumped by other copyright agreements or components of other
 entirely separate legal systems.  In short, while GPLv2~\S\S0--3 are the parts
 of the license that defend the freedoms of users and programmers,
 GPLv2~\S\S4--7 are the parts of the license that keep the playing field clear
 so that \S\S~0--3 can do their jobs.
 \section{GPLv2~\S4: Termination on Violation}
 \label{GPLv2s4}
 GPLv2~\S4 is GPLv2's termination clause.  Upon first examination, it seems
 strange that a license with the goal of defending users' and programmers'
 freedoms for perpetuity in an irrevocable way would have such a clause.
 However, upon further examination, the difference between irrevocability
 and this termination clause becomes clear.
 The GPL is irrevocable in the sense that once a copyright holder grants
 rights for someone to copy, modify and redistribute the software under terms
 of the GPL, they cannot later revoke that grant.  Since the GPL has no
 provision allowing the copyright holder to take such a prerogative, the
 license is granted as long as the copyright remains in effect.\footnote{In
   the USA, due to unfortunate legislation, the length of copyright is nearly
   perpetual, even though the Constitution forbids perpetual copyright.} The
 copyright holders have the right to relicense the same work under different
 licenses (see Section~\ref{Proprietary Relicensing} of this tutorial), or to
 stop distributing the GPLv2'd version (assuming GPLv2~\S3(b) was never used),
 but they may not revoke the rights under GPLv2 already granted.
 In fact, when an entity loses their right to copy, modify and distribute
 GPL'd software, it is because of their \emph{own actions}, not that of the
 copyright holder.  The copyright holder does not decide when GPLv2~\S4
 termination occurs (if ever); rather, the actions of the licensee determine
 that.
 Under copyright law, the GPL has granted various rights and freedoms to
 the licensee to perform specific types of copying, modification, and
 redistribution.  By default, all other types of copying, modification, and
 redistribution are prohibited.  GPLv2~\S4 says that if you undertake any of
 those other types (e.g., redistributing binary-only in violation of GPLv2~\S3),
 then all rights under the license --- even those otherwise permitted for
 those who have not violated --- terminate automatically.
 GPLv2~\S4 makes GPLv2 enforceable.  If licensees fail to adhere to the
 license, then they are stuck without any permission under to engage in
 activities covered by copyright law.  They must completely cease and desist
 from all copying, modification and distribution of the GPL'd software.
 At that point, violating licensees must gain the forgiveness of the copyright
 holders to have their rights restored.  Alternatively, the violators could
 negotiate another agreement, separate from GPL, with the copyright
 holder.  Both are common practice, although
 \tutorialpartsplit{as discussed in \textit{A Practical Guide to GPL
     Compliance}, there are }{Chapter~\ref{compliance-understanding-whos-enforcing}
   explains further} key differences between these two very different uses of GPL.
 \section{GPLv2~\S5: Acceptance, Copyright Style}
 \label{GPLv2s5}
 GPLv2~\S5 brings us to perhaps the most fundamental misconception and common
 confusion about GPLv2\@. Because of the prevalence of proprietary software,
 most users, programmers, and lawyers alike tend to be more familiar with
 EULAs. EULAs are believed by their authors to be contracts, requiring
 formal agreement between the licensee and the software distributor to be
 valid. This has led to mechanisms like ``shrink-wrap'' and ``click-wrap''
 as mechanisms to perform acceptance ceremonies with EULAs.
 The GPL does not need contract law to ``transfer rights.''  Usually, no rights
 are transferred between parties.  By contrast, the GPL is primarily a permission
 slip to undertake activities that would otherwise have been prohibited
 by copyright law.  As such, GPL needs no acceptance ceremony; the
 licensee is not even required to accept the license.
 However, without the GPL, the activities of copying, modifying and
 distributing the software would have otherwise been prohibited.  So, the
 GPL says that you only accepted the license by undertaking activities that
 you would have otherwise been prohibited without your license under GPL\@.
 This is a certainly subtle point, and requires a mindset quite different
 from the contractual approach taken by EULA authors.
 An interesting side benefit to GPLv2~\S5 is that the bulk of users of Free
 Software are not required to accept the license.  Undertaking fair and
 unregulated use of the work, for example, does not bind you to the GPL,
 since you are not engaging in activity that is otherwise controlled by
 copyright law.  Only when you engage in those activities that might have an
 impact on the freedom of others does license acceptance occur, and the
 terms begin to bind you to fair and equitable sharing of the software.  In
 other words, the GPL only kicks in when it needs to for the sake of
 freedom.
 While GPL is by default a copyright license, it is certainly still possible
 to consider GPL as a contract as well.  For example, some distributors chose
 to ``wrap'' their software in an acceptance ceremony to the GPL, and nothing in
 the GPL prohibits that use.  Furthermore, the ruling in \textit{Jacobsen
   v. Katzer, 535 F.3d 1373, 1380 (Fed.Cir.2008)} indicates that \textbf{both}
 copyright and contractual remedies may be sought by a copyright holder
 seeking to enforce a license designed to uphold software freedom.
 % FIXME-LATER: Write this
 %\section{Using GPL Both as a Contract and Copyright License}
 \section{GPLv2~\S6: GPL, My One and Only}
 \label{GPLv2s6}
 A point that was glossed over in Section~\ref{GPLv2s4}'s discussion of GPLv2~\S4
 was the irrevocable nature of the GPL\@. The GPLv2 is indeed irrevocable,
 and it is made so formally by GPLv2~\S6.
 The first sentence in GPLv2~\S6 ensures that as software propagates down the
 distribution chain, that each licensor can pass along the license to each
 new licensee.  Under GPLv2~\S6, the act of distributing automatically grants a
 license from the original licensor to the next recipient.  This creates a
 chain of grants that ensure that everyone in the distribution has rights
 under the GPLv2\@.  In a mathematical sense, this bounds the bottom ---
 making sure that future licensees get no fewer rights than the licensee before.
 The second sentence of GPLv2~\S6 does the opposite; it bounds from the top.  It
 prohibits any licensor along the distribution chain from placing
 additional restrictions on the user.  In other words, no additional
 requirements may trump the rights and freedoms given by GPLv2\@.
 The final sentence of GPLv2~\S6 makes it abundantly clear that no individual
 entity in the distribution chain is responsible for the compliance of any
 other.  This is particularly important for noncommercial users who have
 passed along a source offer under GPLv2~\S3(c), as they cannot be assured that
 the issuer of the offer will honor their GPLv2~\S3 obligations.
 In short, GPLv2~\S6 says that your license for the software is your one and
 only copyright license allowing you to copy, modify and distribute the
 software.
 \section{GPLv2~\S7: ``Give Software Liberty or Give It Death!''}
 \label{GPLv2s7}
 In essence, GPLv2~\S7 is a verbosely worded way of saying for non-copyright
 systems what GPLv2~\S6 says for copyright.  If there exists any reason that a
 distributor knows of that would prohibit later licensees from exercising
 their full rights under GPL, then distribution is prohibited.
 Originally, this was designed as the title of this section suggests --- as
 a last ditch effort to make sure that freedom was upheld.  However, in
 modern times, it has come to give much more.  Now that the body of GPL'd
 software is so large, patent holders who would want to be distributors of
 GPL'd software have a tough choice.  They must choose between avoiding
 distribution of GPL'd software that exercises the teachings of their
 patents, or grant a royalty-free, irrevocable, non-exclusive license to
 those patents.  Many companies have chosen the latter.
 Thus, GPLv2~\S7 rarely gives software death by stopping its distribution.
 Instead, it is inspiring patent holders to share their patents in the same
 freedom-defending way that they share their copyrighted works.
 \section{GPLv2~\S8: Excluding Problematic Jurisdictions}
 \label{GPLv2s8}
 GPLv2~\S8 is rarely used by copyright holders.  Its intention is that if a
 particular country, say Unfreedonia, grants particular patents or allows
 copyrighted interfaces (no country to our knowledge even permits those
 yet), that the GPLv2'd software can continue in free and unabated
 distribution in the countries where such controls do not exist.
 As far as is currently known, GPLv2~\S8 has very rarely been formally used by
 copyright holders.  Admittedly, some have used GPLv2~\S8 to explain various
 odd special topics of distribution (usually related in some way to
 GPLv2~\S7).  However, generally speaking, this section is not proven
 particularly useful in the more than two decades of GPLv2 history.
 Meanwhile, despite many calls by the FSF (and others) for those licensors who
 explicitly use this section to come forward and explain their reasoning, no
 one ever did.  Furthermore, research conducted during the GPLv3 drafting
 process found exactly one licensor who had invoked this section to add an
 explicit geographical distribution limitation, and the reasoning for that one
 invocation was not fitting with FSF's intended spirit of GPLv2~\S8.  As such,
 GPLv2~\S8 was not included at all in GPLv3.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{Odds, Ends, and Absolutely No Warranty}
 GPLv2~\S\S0--7 constitute the freedom-defending terms of the GPLv2.  The remainder
-of the GPLv2 handles administrive and issues concerning warranties and
+of the GPLv2 handles administrivia and issues concerning warranties and
 liability.
 \section{GPLv2~\S9: FSF as Stewards of GPL}
 \label{GPLv2s9}
 FSF reserves the exclusive right to publish future versions of the GPL\@;
 GPLv2~\S9 expresses this.  While the stewardship of the copyrights on the body
 of GPL'd software around the world is shared among thousands of
 individuals and organizations, the license itself needs a single steward.
 Forking of the code is often regrettable but basically innocuous.  Forking
 of licensing is disastrous.
 (Chapter~\ref{tale-of-two-copylefts} discusses more about the various
 versions of GPL.)
 \section{GPLv2~\S10: Relicensing Permitted}
 \label{GPLv2s10}
 GPLv2~\S10 reminds the licensee of what is already implied by the nature of
 copyright law.  Namely, the copyright holder of a particular software
 program has the prerogative to grant alternative agreements under separate
 copyright licenses.
 \section{GPLv2~\S11: No Warranty}
 \label{GPLv2s11}
 Most warranty disclaimer language shout at you.  The
 \href{http://www.law.cornell.edu/ucc/2/2-316}{Uniform Commercial
   Code~\S2-316} requires that disclaimers of warranty be ``conspicuous''.
 There is apparently general acceptance that \textsc{all caps} is the
 preferred way to make something conspicuous, and that has over decades worked
 its way into the voodoo tradition of warranty disclaimer writing.
 That said, there is admittedly some authority under USA law suggesting that
 effective warranty disclaimers that conspicuousness can be established by
 capitalization and is absent when a disclaimer has the same typeface as the
 terms surrounding it (see \textit{Stevenson v.~TRW, Inc.}, 987 F.2d 288, 296
 (5th Cir.~1993)).  While GPLv3's drafters doubted that such authority would
 apply to copyright licenses like the GPL, the FSF has nevertheless left
 warranty and related disclaimers in \textsc{all caps} throughout all versions
 of GPL\@\footnote{One of the authors of this tutorial, Bradley M.~Kuhn, has
   often suggested the aesthetically preferable compromise of a
   \textsc{specifically designed ``small caps'' font, such as this one, as an
     alternative to} WRITING IN ALL CAPS IN THE DEFAULT FONT (LIKE THIS),
   since the latter adds more ugliness than conspicuousness.  Kuhn once
   engaged in reversion war with a lawyer who disagreed, but that lawyer never
   answered Kuhn's requests for case law that argues THIS IS INHERENTLY MORE
   CONSPICUOUS \textsc{Than this is}.}.
 Some have argued the GPL is unenforceable in some jurisdictions because
 its disclaimer of warranties is impermissibly broad.  However, GPLv2~\S11
 contains a jurisdictional savings provision, which states that it is to be
 interpreted only as broadly as allowed by applicable law.  Such a
 provision ensures that both it, and the entire GPL, is enforceable in any
 jurisdiction, regardless of any particular law regarding the
 permissibility of certain warranty disclaimers.
 Finally, one important point to remember when reading GPLv2~\S11 is that GPLv2~\S1
 permits the sale of warranty as an additional service, which GPLv2~\S11 affirms.
 \section{GPLv2~\S12: Limitation of Liability}
 \label{GPLv2s12}
 There are many types of warranties, and in some jurisdictions some of them
 cannot be disclaimed.  Therefore, usually agreements will have both a
 warranty disclaimer and a limitation of liability, as we have in GPLv2~\S12.
 GPLv2~\S11 thus gets rid of all implied warranties that can legally be
 disavowed. GPLv2~\S12, in turn, limits the liability of the actor for any
 warranties that cannot legally be disclaimed in a particular jurisdiction.
 Again, some have argued the GPL is unenforceable in some jurisdictions
 because its limitation of liability is impermissibly broad. However, \S
 , just like its sister, GPLv2~\S11, contains a jurisdictional savings
 provision, which states that it is to be interpreted only as broadly as
 allowed by applicable law.  As stated above, such a provision ensures that
 both GPLv2~\S12, and the entire GPL, is enforceable in any jurisdiction,
 regardless of any particular law regarding the permissibility of limiting
 liability.
 So end the terms and conditions of the GNU General Public License.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{GPL Version 3}
 \label{GPLv3}
 This chapter discusses the text of GPLv3.  Much of this material herein
 includes text that was adapted (with permission) from text that FSF
 originally published as part of the so-called ``rationale documents'' for the
 various discussion drafts of GPLv3.
 The FSF ran a somewhat public process to develop GPLv3, and it was the first
 attempt of its kind to develop a Free Software license this way.  Ultimately,
 RMS was the primary author of GPLv3, but he listened to feedback from all
 sorts of individuals and even for-profit companies.  Nevertheless, in
 attempting to understand GPLv3 after the fact, the materials available from
 the GPLv3 process have a somewhat ``drinking from the firehose'' effect.
 This chapter seeks to explain GPLv3 to newcomers, who perhaps are familiar
 with GPLv2 and who did not participate in the GPLv3 process.
 Those who wish to drink from the firehose and take a diachronic approach to
 GPLv3 study by reading the step-by-step public drafting process of the GPLv3 (which
 occurred from Monday 16 January 2006 through Monday 19 November 2007) should
 visit \url{http://gplv3.fsf.org/}.
 \section{Understanding GPLv3 As An Upgraded GPLv2}
 Ultimately, GPLv2 and GPLv3 co-exist as active licenses in regular use.  As
 discussed in Chapter~\ref{tale-of-two-copylefts}, GPLv1 was never regularly
 used alongside GPLv2.  However, given GPLv2's widespread popularity and
 existing longevity by the time GPLv3 was published, it is not surprising that
 some licensors still prefer GPLv2-only or GPLv2-or-later.  GPLv3 gained major
 adoption by many projects, old and new, but many projects have not upgraded
 due to (in some cases) mere laziness and (in other cases) policy preference
 for some of GPLv2's terms and/or policy opposition to GPLv3's terms.
 Given this ``two GPLs world'' is reality, it makes sense to consider GPLv3 in
 terms of how it differs from GPLv2.  Also, most of the best GPL experts in
 the world must deal regularly with both licenses, and admittedly have decades
 of experience with GPLv2 while the most experience with GPLv3 that's possible
 is by default less than a decade.  These two factors usually cause even new
 students of GPL to start with GPLv2 and move on to GPLv3, and this tutorial
 follows that pattern.
 Overall, the changes made in GPLv3 admittedly \textit{increased} the
 complexity of the license.  The FSF stated at the start of the GPLv3 process
 that they would have liked to oblige those who have asked for a simpler and
 shorter GPL\@.  Ultimately, the FSF gave priority to making GPLv3 a better
 copyleft license in the spirit of past GPL's.  Obsession for concision should
 never trump software freedom.
 The FSF had many different, important goals in seeking to upgrade to GPLv3.
 However, one important goal that is often lost in the discussion of policy
 minutia is a rather simple but important issue.  Namely, FSF sought to assure
 that GPLv3 was more easily internationalized than GPLv2.  In particular, the
 FSF sought to ease interpretation of GPL in other countries by replacement of
 USA-centric\footnote{See Section~\ref{non-usa-copyright} of this tutorial for
   a brief discussion about non-USA copyright systems.}  copyright phrases and
 wording with neutral terminology rooted in description of behavior rather
 than specific statue.  As can be seen in the section-by-section discussion of
 GPLv3 that follows, nearly every section had changes related to issues of
 internationalization.
 \section{GPLv3~\S0: Giving In On ``Defined Terms''}
 \label{GPLv3s0}
 One of lawyers' most common complaints about GPLv2 is that defined terms in
 the document appear throughout.  Most licenses define terms up-front.
 However, the GPL was always designed both as a document that should be easily
 understood both by lawyers and by software developers: it is a document
 designed to give freedom to software developers and users, and therefore it
 should be comprehensible to that constituency.
 Interestingly enough, one coauthor of this tutorial who is both a lawyer and
 a developer pointed out that in law school, she understood defined terms more
 quickly than other law students precisely because of her programming
 background.  For developers, having \verb0#define0 (in the C programming
 language) or other types of constants and/or macros that automatically expand
 in the place where they are used is second nature.  As such, adding a defined
 terms section was not terribly problematic for developers, and thus GPLv3
 adds one.  Most of these defined terms are somewhat straightforward and bring
 forward better worded definitions from GPLv2.  Herein, this tutorial
 discusses a few of the new ones.
 GPLv3~\S0 includes definitions of five new terms not found in any form in
 GPLv2: ``modify'' ``covered work'', ``propagate'', ``convey'', and
 ``Appropriate Legal Notices''.
 \subsection{Modify and the Work Based on the Program}
 GPLv2 included a defined term, ``work based on the Program'', but also used
 the term ``modify'' and ``based on'' throughout the license.  GPLv2's ``work
 based on the Program'' definition made use of a legal term of art,
 ``derivative work'', which is peculiar to USA copyright law.  However,
 ironically, most criticism of USA-specific legal terminology in GPLv2's
 ``work based on the Program'' definition historically came not primarily from
 readers outside the USA, but from those within it\footnote{The FSF noted in
   that it did not generally agree with these views, and expressed puzzlement
   by the energy with which they were expressed, given the existence of many
   other, more difficult legal issues implicated by the GPL.  Nevertheless,
   the FSF argued that it made sense to eliminate usage of local copyright
   terminology to good effect.}.  Admittedly, even though differently-labeled
 concepts corresponding to the derivative work are recognized in all copyright
 law systems, these counterpart concepts might differ to some degree in scope
 and breadth from the USA derivative work.
 The goal and intention of GPLv2 was always to cover all rights governed by
 relevant copyright law, in the USA and elsewhere.  GPLv3 therefore takes the
 task of internationalizing the license further by removing references to
 derivative works and by providing a more globally useful definition.  The new
 definition returns to the common elements of copyright law.  Copyright
 holders of works of software have the exclusive right to form new works by
 modification of the original --- a right that may be expressed in various
 ways in different legal systems.  GPLv3 operates to grant this right to
 successive generations of users (particularly through the copyleft conditions
 set forth in GPLv3~\S5, as described later in this tutorial in its
 \S~\ref{GPLv3s5}).  Here in GPLv3~\S0, ``modify'' refers to basic copyright
 rights, and then this definition of ``modify'' is used to define ``modified
 version of'' and ``work based on'' as synonyms.
 \subsection{The Covered Work}
 GPLv3 uses a common license drafting technique of building upon simpler
 definitions to make complex ones.  The Program is a defined term found
 throughout GPLv2, and the word ``covered'' and the phrase ``covered by this
 license'' are used in tandem with the Program in GPLv2, but not as part of a
 definition.  GPLv3 offers a single term ``covered work'', which enables some
 of the wording in GPLv3 to be simpler and clearer than its GPLv2
 counterparts.
 \subsection{Propagate}
 The term ``propagate'' serves two purposes.  First, ``propagate'' provides a
 simple and convenient means for distinguishing between the kinds of uses of a
 work that GPL imposes conditions on and the kinds of uses that GPL does not
 (for the most part) impose conditions on.
 Second, ``propagate'' helps globalize GPL in its wording and effect.  When a
 work is GPL'd, the copyright law of some particular country will govern
 certain legal issues arising under the license.  A term like ``distribute''
 (or its equivalent in languages other than English) is used in several
 national copyright statutes.  Yet, practical experience with GPLv2 revealed
 the awkwardness of using the term ``distribution'' in a license intended for
 global use: the scope of ``distribution'' in the copyright context can differ
 from country to country.  The GPL never necessarily intended the specific
 meaning of ``distribution'' that exists under USA (or any other country's)
 copyright law.
 Indeed, even within a single country and language, the term distribution may
 be ambiguous; as a legal term of art, distribution varies significantly in
 meaning among those countries that recognize it.  For example, comments
 during GPLv3's drafting process indicated that in at least one country,
 distribution may not include network transfers of software but may include
 interdepartmental transfers of physical copies within an organization.
 Meanwhile, the copyright laws of many countries, as well as certain
 international copyright treaties, recognize ``making available to the
 public'' or ``communication to the public'' as one of the exclusive rights of
 copyright holders.
 Therefore, the GPL defines the term ``propagate'' by reference to activities
 that require permission under ``applicable copyright law'', but excludes
 execution and private modification from the definition.  GPLv3's definition
 also gives examples of activities that may be included within ``propagation''
 but it also makes clear that, under the copyright laws of a given country,
 ``propagation'' may include other activities as well.
 Thus, propagation is defined by behavior, and not by categories drawn from
 some particular national copyright statute.  This helps not only with
 internationalization, but also factually-based terminology aids in
 developers' and users' understanding of the GPL\@.
 \subsection{Convey}
 Further to this point, a subset of propagate --- ``convey'' --- is defined.
 Conveying includes activities that constitute propagation of copies to
 others.  As with the definition of propagate, GPLv3 thus addresses transfers
 of copies of software in behavioral rather than statutory terms.
 \subsection{Appropriate Legal Notices}
 GPLv2 used the term ``appropriate copyright notice and disclaimer of
 warranty'' in two places, which is a rather bulk term.  Also, experience with
 GPLv2 and other licenses that grant software freedom showed throughout the
 s that the scope of types of notices that need preservation upon
 conveyance were more broad that merely the copyright notices.  The
 Appropriate Legal Notice definition consolidates the material that GPLv2
 traditionally required preserved into one definition.
 \subsection{Other Defined Terms}
 Note finally that not all defined terms in GPLv3 appear in GPLv3~\S0.
 Specifically, those defined terms that are confined in use to a single
 section are defined in the section in which they are used, and GPLv3~\S1
 contains those definitions focused on source code.  In this tutorial, those
 defined terms are discussed in the section where they are defined and/or
 used.
 \section{GPLv3~\S1: Understanding CCS}
 \label{GPLv3s1}
 Ensuring that users have the source code to the software they receive and the
 freedom to modify remains the paramount right embodied in the Free Software
 Definition (found in \S~\ref{Free Software Definition} of this tutorial).  As
 such, GPLv3~\S1 is likely one of the most important sections of GPLv3, as it
 contains all the defined terms related to this important software freedom.
 \subsection{Source Code Definition}
 First, GPLv3~\S1 retains GPLv2's definition of ``source code'' and adds an
 explicit definition of ``object code'' as ``any non-source version of a
 work''.  Object code is not restricted to a narrow technical meaning and is
 understood broadly to include any form of the work other than the preferred
 form for making modifications to it.  Object code therefore includes any kind
 of transformed version of source code, such as bytecode or minified
 Javascript.  The definition of object code also ensures that licensees cannot
 escape their obligations under the GPL by resorting to shrouded source or
 obfuscated programming.
 \subsection{CCS Definition}
 The definition of CCS\footnote{Note that the preferred term for those who
   work regularly with both GPLv2 and GPLv3 is ``Complete Corresponding
   Source'', abbreviated to ``CCS''.  Admittedly, the word ``complete'' no
   longer appears in GPLv3 (which uses the word ``all'' instead).  However,
   both GPLv2 and the early drafts of GPLv3 itself used the word ``complete'',
   and early GPLv3 drafts even called this defined term ``Complete
   Corresponding Source''.  Meanwhile, use of the acronym ``CCS'' (sometimes,
   ``C\&CS'') was so widespread among GPL enforcers that its use continues
   even though GPLv3-focused experts tend to say just the defined term of
   ``Corresponding Source''.}, or, as GPLv3 officially calls it,
 ``Corresponding Source'' in GPLv3~\S1\P4 is possibly the most complex
 definition in the license.
 The CCS definition is broad so as to protect users' exercise of their rights
 under the GPL\@.  The definition includes with particular examples to remove
 any doubt that they are to be considered CCS\@.  GPLv3 seeks to make it
 completely clear that a licensee cannot avoid complying with the requirements
 of the GPL by dynamically linking a subprogram component to the original
 version of a program.  The example also clarifies that the shared libraries
 and dynamically linked subprograms that are included in Corresponding Source
 are those that the work is ``specifically'' designed to require, which
 clarifies that they do not include libraries invoked by the work that can be
 readily substituted by other existing implementations.  While copyleft
 advocates never doubted this was required under GPLv2's definition of CCS,
 GPLv3 makes it abundantly clear with an extra example.
 The GPL, as always, seeks to ensure users are truly in a position to install and
 run their modified versions of the program; the CCS definition is designed to
 be expansive to ensure this software freedom.  However, although the
 definition of CCS is expansive, it is not sufficient to protect users'
 freedoms in many circumstances.  For example, a GPL'd program, or a modified
 version of such a program, might be locked-down and restricted.  The
 requirements in GPLv3~\S6 (discussed in Section~\ref{GPLv3s6} of this
 tutorial) handle that issue.  (Early drafts of GPLv3 included those
 requirements in the definition of CCS; however, given that the lock-down
 issue only comes up in distribution of object code, it is more logical to
 place those requirements with the parts of GPLv3 dealing directly with object
 code distribution).
 The penultimate paragraph in GPLv3\S2 notes that GPLv3's CCS definition does
 not require source that can be automatically generated.  Many code
 generators, preprocessors and take source code as input and sometimes even
 have output that is still source code.  Source code should always be whatever
 the original programmer preferred to modify.
 GPLv3\S1's final paragraph removes any ambiguity about what should be done on
 source-only distributions.  Specifically, the right to convey source code
 that does not compile, does not work, or otherwise is experimental
 in-progress work is fully permitted, \textit{provided that} no object code
 form is conveyed as well.  Indeed, when combined with the permissions in
 GPLv3\S~5, it is clear that if one conveys \textit{only} source code, one can
 never be required to provide more than that.  One always has the right to
 modify a source code work by deleting any part of it, and there can be no
 requirement that free software source code be a whole functioning program.
 \subsection{The System Library Exception}
 The previous section skipped over one part of the CCS definition, the
 so-called system library exception.  The ``System Libraries'' definition (and
 the ``Standard Interface'' and ``Major Component'' definitions, which it
 includes) are designed as part
 to permit certain distribution arrangements that are considered reasonable by
 copyleft advocates.  The system library exception is designed to allow
 copylefted software to link with these libraries when such linking would hurt
 software freedom more than it would hurt proprietary software.
 The system library exception has two parts.  Part (a) rewords the GPLv2
 exception for clarity replacing GPLv2's words ``unless that component itself
 accompanies the executable'' with ``which is not part of the Major
 Component''.  The goal here is to not require disclosure of source code of
 certain libraries, such as necessary Microsoft Windows DLLs (which aren't
 part of Windows' kernel but accompany it) that are required for functioning
 of copylefted programs compiled for Windows.
 However, in isolation, (a) would be too permissive, as it would sometimes
 allowing distributors to evade important GPL requirements.  Part (b) reigns
 in (a).  Specifically, (b) specifies only a few functionalities that a
 system library may provide and still qualify for the exception.  The goal is
 to ensure system libraries are truly adjunct to a major essential operating
 system component, compiler, or interpreter.  The more low-level the
 functionality provided by the library, the more likely it is to be qualified
 for this exception.
 Admittedly, the system library exception is a frequently discussed topic of
 obsessed GPL theorists.  The amount that has been written on the system
 library exception (both the GPLv2 and GPLv3 versions of it), if included
 herein,  could easily increase this section of the tutorial to a length
 greater than all the others.
 Like any exception to the copyleft requirements of GPL, would-be GPL
 violators frequently look to the system library exception as a potential
 software freedom circumvention technique.  When considering whether or not a
 library qualifies for the system library exception, here is a pragmatic
 thesis to consider, based on the combined decades of experience in GPL
 interpretation of this tutorial's authors: the harder and more strained the
 reader must study and read the system library exception, the more likely it
 is that the library in question does not qualify for it.
 \section{GPLv3~\S2: Basic Permissions}
 GPLv3~\S2 can roughly be considered as an equivalent to GPLv2~\S0 (discussed
 in \S~\ref{GPLv2s0} of this tutorial).  However, the usual style of
 improvements found in GPLv3 are found here as well.  For example, the first
 sentence of GPLv3~\S2 furthers the goal internationalization.  Under the
 copyright laws of some countries, it may be necessary for a copyright license
 to include an explicit provision setting forth the duration of the rights
 being granted. In other countries, including the USA, such a provision is
 unnecessary but permissible.
 GPLv3~\S2\P1 also acknowledges that licensees under the GPL enjoy rights of
 copyright fair use, or the equivalent under applicable law.  These rights are
 compatible with, and not in conflict with, the freedoms that the GPL seeks to
 protect, and the GPL cannot and should not restrict them.
 However, note that (sadly to some copyleft advocates) the unlimited freedom
 to run is confined to the \textit{unmodified} Program.  This confinement is
 unfortunately necessary since Programs that do not qualify as a User Product
 in GPLv3~\S6 (see \S~\ref{user-product} in this tutorial) might have certain
 unfortunate restrictions on the freedom to run.\footnote{See
   \S~\ref{freedom-to-run} of this tutorial for the details on ``the freedom to
   run''.}
 GPLv3~\S2\P2 distinguishes between activities of a licensee that are
 permitted without limitation and activities that trigger additional
 requirements.  Specifically, GPLv3~\S2\P2 guarantees the basic freedoms of
 privately modifying and running the program.
 Also, GPLv3~\S2\P2 gives an explicit permission for a client to provide a
 copy of its modified software to a contractor exclusively for that contractor
 to modify it further, or run it, on behalf of the client.  However, the
 client can \textit{only} exercise this control over its own copyrighted
 changes to the GPL-covered program.  The parts of the program it obtained
 from other contributors must be provided to the contractor with the usual GPL
 freedoms.  Thus, GPLv3 permits users to convey covered works to contractors
 operating exclusively on the users' behalf, under the users' direction and
 control, and to require the contractors to keep the users' copyrighted
 changes confidential, but \textit{only if} the contractor is limited to acting
 on the users' behalf (just as the users' employees would have to act).
 The strict conditions in this ``contractors provision'' are needed so that it
 cannot be twisted to fit other activities, such as making a program available
 to downstream users or customers.  By making the limits on this provision
 very narrow, GPLv3 ensures that, in all other cases, contractor gets the
 full freedoms of the GPL that they deserve.
 The FSF was specifically asked to add this ``contractors provisions'' by
 large enterprise users of Free Software, who often contract with non-employee
 developers, working offsite, to make modifications intended for the user's
 private or internal use, and often arrange with other companies to operate
 their data centers.  Whether GPLv2 permits these activities is not clear and
 may depend on variations in copyright law in different jurisdictions.  The
 practices seem basically harmless, so FSF decided to make it clear they are
 permitted.
 GPLv3~\S2's final paragraph includes an explicit prohibition of sublicensing.
 This provision ensures that GPL enforcement is always by the copyright
 holder.  Usually, sublicensing is regarded as a practical convenience or
 necessity for the licensee, to avoid having to negotiate a license with each
 licensor in a chain of distribution.  The GPL solves this problem in another
 way --- through its automatic licensing provision found in GPLv3~\S10 (which
 is discussed in more detail in \S~\ref{GPLv3s10} of this tutorial).
 \section{GPLv3's views on DRM and Device Lock-Down}
 \label{GPLv3-drm}
 The issues of DRM, device lock-down and encryption key disclosure were the
 most hotly debated during the GPLv3 process.  FSF's views on this were sadly
 frequently misunderstood and, comparing the provisions related to these
 issues in the earliest drafts of GPLv3 to  the final version of GPLv3 shows
 the FSF's willingness to compromise on tactical issues to reach the larger
 goal of software freedom.
 Specifically, GPLv3 introduced provisions that respond to the growing
 practice of distributing GPL-covered programs in devices that employ
 technical means to restrict users from installing and running modified
 versions.  This practice thwarts the expectations of developers and users
 alike, because the right to modify is one of the core freedoms the GPL is
 designed to secure.
 Technological measures to defeat users' rights.  These measures are often
 described by such Orwellian phrases, such as ``digital rights management,''
 which actually means limitation or outright destruction of users' legal
 rights, or ``trusted computing,'' which actually means selling people
 computers they cannot trust.  However, these measures are alike in one basic
 respect.  They all employ technical means to turn the system of copyright law
 (where the powers of the copyright holder are limited exceptions to general
 freedom) into a virtual prison, where everything not specifically permitted
 is utterly forbidden.  This system of ``para-copyright'' was created well
 after GPLv2 was written --- initially through legislation in the USA and the
 EU, and later in other jurisdictions as well.  This legislation creates
 serious civil or even criminal penalties to escape from these restrictions
 (commonly and aptly called ``jail-breaking a device''), even where the
 purpose in doing so is to restore the users' legal rights that the technology
 wrongfully prevents them from exercising.
 GPLv2 did not address the use of technical measures to take back the rights
 that the GPL granted, because such measures did not exist in 1991, and would
 have been irrelevant to the forms in which software was then delivered to
 users.  GPLv3 addresses these issues, particularly because copylefted
 software is ever more widely embedded in devices that impose technical
 limitations on the user's freedom to change it.
 However, FSF always made a clear distinction to avoid conflating these
 ``lock-down'' measures with legitimate applications that give users control,
 as by enabling them to choose higher levels of system or data security within
 their networks, or by allowing them to protect the security of their
 communications using keys they can generate or copy to other devices for
 sending or receiving messages.  Such technologies present no obstacles to
 software freedom and the goals of copyleft.
 The public GPLv3 drafting process sought to balance these positions of
 copyleft advocates with various desperate views of the larger
 Free-Software-using community.  Ultimately, FSF compromised to the GPLv3\S3
 and GPLv3\S6 provisions that, taken together, are a minimalist set of terms
 sufficient to protect the software freedom against the threat of invasive
 para-copyright.
 The compromises made were ultimately quite reasonable.  The primary one is
 embodied in GPLv3\S6's ``User Product'' definition (see \S~\ref{user-product}
 in this tutorial for details).  Additionally, some readers of early GPLv3
 drafts seem to have assumed GPLv3 contained a blanket prohibition on DRM; but
 it does not.  In fact, no part of GPLv3 forbids DRM regarding non-GPL'd
 works; rather, GPLv3 forbids the use of DRM specifically to lock-down
 restrictions on users' ability to install modified versions of the GPL'd
 software itself, but again, \textit{only} with regard to User Products.
 \section{GPLv3~\S3: What Hath DMCA Wrought}
 \label{GPLv3s3}
 As discussed in \S~\ref{software-and-non-copyright} of this tutorial,
 \href{http://www.law.cornell.edu/uscode/text/17/1201}{17 USC~\S1201} and
 relate sections\footnote{These sections of the USC are often referred to as
   the ``Digital Millennium Copyright Act'', or ``DMCA'', as that was the name
   of the bill that so-modified these sections of the USC\@.} prohibits users
 from circumventing technological measures that implement DRM\@.  Since this
 is part of copyright law and the GPL is primarily a copyright license, and
 since what the DMCA calls ``circumvention'' is simply ``modifying the
 software'' under the GPL, GPLv3 must disclaim that such anti-circumvention
 provisions are not applicable to the GPLv3'd software.  GPLv3\S3 shields
 users from being subjected to liability under anti-circumvention law for
 exercising their rights under the GPL, so far as the GPL can do so.
 First, GPLv3\S3\P1 declares that no GPL'd program is part of an effective
 technological protection measure, regardless of what the program does.  Early
 drafts of GPLv3\S3\P1 referred directly to the DMCA, but the final version
 instead includes instead an international legal reference to
 anticircumvention laws enacted pursuant to the 1996 WIPO treaty and any
 similar laws.  Lawyers outside the USA worried that a USA statutory reference
 could be read as indicating a choice for application of USA law to the
 license as a whole.  While the FSF did not necessarily agree with that view,
 the FSF decided anyway to refer to the WIPO treaty rather than DMCA, since
 several national anticircumvention laws were (or will likely be) structured
 more similarly to the anticircumvention provisions of the DMCA in their
 implementation of WIPO\@.  Furthermore, the addition of ``or similar laws''
 provides an appropriate catch-all.
 Furthermore, GPLv3\S3\P2 states precisely that a conveying party waives the
 power to forbid circumvention of technological measures only to the extent
 that such circumvention is accomplished through the exercise of GPL rights in
 the conveyed work.  GPLv3\S3\P2 makes clear that the referenced ``legal
 rights'' are specifically rights arising under anticircumvention law.  and
 refers to both the conveying party's rights and to third party rights, as in
 some cases the conveying party will also be the party legally empowered to
 enforce or invoke rights arising under anticircumvention law.
 These disclaimers by each licensor of any intention to use GPL'd software to
 stringently control access to other copyrighted works should effectively
 prevent any private or public parties from invoking DMCA-like laws against
 users who escape technical restriction measures implemented by GPL'd
 software.
 \section{GPLv3~\S4: Verbatim Copying}
 \label{GPLv3s4}
 GPLv3~\S4 is a revision of GPLv2~\S1 (as discussed in \S~\ref{GPLv2s1} of
 this tutorial).   There are almost no changes to this section from the
 GPLv2~\S1, other than to use the new defined terms.
 The only notable change of ``a fee'' to ``any price or no price'' in the
 first sentence of GPLv3\S4\P2.  The GPLv2\S1\P1 means that the GPL permits
 one to charge money for the distribution of software.  Despite efforts by
 copyleft advocates to explain this in GPLv2 itself and in other documents,
 there are evidently some people who still believe that GPLv2 allows charging
 for services but not for selling copies of software and/or that the GPL
 requires downloads to be gratis.  Perhaps this is because GPLv2 referred to
 charging a ``fee''; the term ``fee'' is generally used in connection with
 services.
 GPLv2's wording also referred to ``the physical act of transferring.''  The
 intention was to distinguish charging for transfers from attempts to impose
 licensing fees on all third parties.  ``Physical'' might be read, however, as
 suggesting ``distribution in a physical medium only''.
 To address these two issues, GPLv3 says ``price'' in place of ``fee,'' and
 removes the term ``physical.''
 GPLv3~\S4 has also been revised from its corresponding section in GPLv2 in
 light of the GPLv3~\S7 (see \S~\ref{GPLv3s7} in this tutorial for more).
 Specifically, a distributor of verbatim copies of the program's source code
 must obey any existing additional terms that apply to parts of the program
 pursuant to GPLv3~\S7.  In addition, the distributor is required to keep
 intact all license notices, including notices of such additional terms.
 Finally, there is no harm in explicitly pointing out what ought to be
 obvious: that those who convey GPL-covered software may offer commercial
 services for the support of that software.
 \section{GPLv3~\S5: Modified Source}
 \label{GPLv3s5}
 GPLv3\S5 is the rewrite of GPLv2\S2, which was discussed in \S~\ref{GPLv2s2}
 of this tutorial.  This section discusses the changes found in GPLv3\S5
 compared to GPLv2\S2.
 GPLv3\S5(a) still requires modified versions be marked with ``relevant
 date'', but no longer says ``the date of any change''.  The best practice is
 to include the date of the latest and/or most significant changes and who
 made those.  Of course, compared to its GPLv2\S2(a), GPLv3\S5(a) slightly
 relaxes the requirements regarding notice of changes to the program.  In
 particular, the modified files themselves need no longer be marked.  This
 reduces administrative burdens for developers of modified versions of GPL'd
 software.
 GPLv3\S5(b) is a new but simple provision. GPLv3\S5(b)  requires that the
 license text itself must be unmodified (except as permitted by GPLv3\S7; see
 \S~\ref{GPLv3s7} in this tutorial).  Furthermore, it  removes any perceived
 conflict between the words ``keep intact all notices'' in GPLv3\S4, since
 operating under GPLv3\S5 still includes all the requirements of GPLv3\S4 by
 reference.
 GPLv3\S5(c) is the primary source-code-related copyleft provision of GPL. (The
 object-code-related copyleft provisions are in GPLv3\S6, discussed in
 \S~\ref{GPLv3s6} of this tutorial).  Compared to GPLv2\S2(b), GPLv3\S5(c)
 states that the GPL applies to the whole of the work.  Such was stated
 already in GPLv2\S2(b), in ``in whole or in part'', but this simplified
 wording makes it clear the entire covered work
 Another change in GPLv3\S5(c) is the removal of the
 words ``at no charge,'' which was often is misunderstood upon na\"{i}ve
 reading of in GPLv2\S(b) (as discussed in \S~\ref{GPLv2s2-at-no-charge} of this
 tutorial).
 %  FIXME-LATER: Write up something on 5d, and related it to Appropriate Legal Notices.
 Note that of GPLv2~\S2's penultimate and ante-penultimate paragraphs are now
 handled adequately by the definitions in GPLv3\S0 and as such, have no direct
 analogs in GPLv3.
 GPLv2~\S2's final paragraph, however, is reworded and expanded into the final
 paragraph of GPLv3\S5, which now also covers issues related to copyright
 compilations (but not compilations into object code --- that's in the next
 section!).  The intent and scope is the same as was intended in GPLv2.
 \section{GPLv3~\S6: Non-Source and Corresponding Source}
 \label{GPLv3s6}
 GPLv3~\S6 clarifies and revises GPLv2~\S3.  It requires distributors of GPL'd
 object code to provide access to the corresponding source code, in one of
 four specified ways.  As noted in \S~\ref{GPLv3s0}, ``object code'' in GPLv3
 is defined broadly to mean any non-source version of a work.
 % FIXME:  probably mostly still right, needs some updates, though.
 GPLv3~\S6(a--b) now apply specifically to distribution of object code in a
 physical product.  Physical products include embedded systems, as well as
 physical software distribution media such as CDs.  As in GPLv2~\S3 (discussed
 in \S~\ref{GPLv2s3} of this tutorial), the distribution of object code may
 either be accompanied by the machine-readable source code, or it may be
 accompanied by a valid written offer to provide the machine-readable source
 code.  However, unlike in GPLv2, that offer cannot be exercised by any third
 party; rather, only those ``who possesses the object code'' can exercise
 the offer.  (Note that this is a substantial narrowing of requirements of
 offer fulfillment, and is a wonderful counterexample to dispute claims that
 the GPLv3 has more requirements than GPLv2.)
 % FIXME:  probably mostly still right, needs some updates, though.
 GPLv3~\S6(b) further revises the requirements for the written offer to
 provide source code. As before, the offer must remain valid for at least
 three years. In addition, even after three years, a distributor of a product
 containing GPL'd object code must offer to provide source code for as long as
 the distributor also continues to offer spare parts or customer support for
 the product model.  This is a reasonable and appropriate requirement; a
 distributor should be prepared to provide source code if he or she is
 prepared to provide support for other aspects of a physical product.
 GPLv3~\S6(a--b) clarifies that the medium for software interchange on which
 the machine-readable source code is provided must be a durable physical
 medium.  GPLv3~\S6(b)(2), however, permits a distributor to instead offer to
 provide source code from a network server instead, which is yet another
 example GPLv3 looser in its requirements than GPLv2 (see
 \S~\ref{GPLv2s3-medium-customarily} for details).
 % FIXME-LATER: more information about source provision, cost of physically
 % performing, reasonable fees, medium customary clearly being said durable
 % connecting back to previous text
 GPLv3\S6(c) gives narrower permission than GPLv2\S3(c).  The ``pass along''
 option for GPLv3\S6(c)(1) offers is now available only for individual
 distribution of object code; moreover, such individual distribution can occur
 only ``occasionally and noncommercially.''  A distributor cannot comply with
 the GPL merely by making object code available on a publicly-accessible
 network server accompanied by a copy of the written offer to provide source
 code received from an upstream distributor.
 %FIXME-LATER: tie back to the discussion of the occasional offer pass along
 %             stuff in GPLv2 this tutorial.
 GPLv3~\S6(d) revises and improves GPLv2~\S3's final paragraph.  When object
 code is provided by offering access to copy the code from a designated place
 (such as by enabling electronic access to a network server), the distributor
 must merely offer equivalent access to copy the source code ``in the same way
 through the same place''.  This wording also permits a distributor to offer a
 third party access to both object code and source code on a single network
 portal or web page, even though the access may include links to different
 physical servers.  For example, a downstream distributor may provide a link
 to an upstream distributor's server and arrange with the operator of that
 server to keep the source code available for copying for as long as the
 downstream distributor enables access to the object code.  This codifies
 formally the typical historical interpretation of GPLv2.
 % FIXME-LATER: perhaps in enforcement section, but maybe here, note about
 % ``slow down'' on source downloads being a compliance problem.
 Furthermore, under GPLv3~\S6(d), distributors may charge for the conveyed
 object code; however, those who pay to obtain the object code must be given
 equivalent and gratis access to obtain the CCS.  (If distributors convey the
 object code gratis, distributors must likewise make CCS available without
 charge.)  Those who do not obtain the object code from that distributors
 (perhaps because they choose not to pay the fee for object code) are outside
 the scope of the provision; distributors are under no specific obligation to
 give CCS to someone who has not purchased an object code download under
 GPLv3~\S6(d).  (Note: this does not change nor impact any obligations under
 GPLv3~\S6(b)(2); GPLv3~\S6(d) is a wholly different provision.)
 \subsection{GPLv3~\S6(e): Peer-to-Peer Sharing Networks}
 Certain decentralized forms of peer-to-peer file sharing present a challenge
 to the unidirectional view of distribution that is implicit in GPLv2 and
 Draft 1 of GPLv3.  Identification of an upstream/downstream link in
 BitTorrent distribution is neither straightforward nor reasonable; such
 distribution is multidirectional, cooperative and anonymous.  In peer-to-peer
 distribution systems, participants act both as transmitters and recipients of
 blocks of a particular file, but they perceive the experience merely as users
 and receivers, and not as distributors in any conventional sense.  At any
 given moment of time, most peers will not have the complete file.
 Meanwhile, GPLv3~\S6(d) permits distribution of a work in object code form
 over a network, provided that the distributor offers equivalent access to
 copy the Corresponding Source Code ``in the same way through the same
 place''.  This wording might be interpreted to permit peer-to-peer
 distribution of binaries \textit{if} they are packaged together with the CCS,
 but such packaging impractical, for at least three reasons.  First, even if
 the CCS is packaged with the object code, it will only be available to a
 non-seeding peer at the end of the distribution process, but the peer will
 already have been providing parts of the binary to others in the network.
 Second, in practice, peer-to-peer forms of transmission are poorly suited
 means for distributing CCS.  In large distributions, packaging CCS with the
 object code may result in a substantial increase in file size and
 transmission time.  Third, in current practice, CCS packages themselves tend
 \textit{not} to be transmitted through BitTorrent --- owing to reduced demand
 -- thus, there generally will be too few participants downloading the same
 source package at the same time to enable effective seeding and distribution.
 GPLv3~\S6(e) addresses this issues.  If a licensee conveys such a work of
 object code using peer-to-peer transmission, that licensee is in compliance
 with GPLv3~\S6 if the licensee informs other peers where the object code and
 its CCS are publicly available at no charge under subsection GPLv3~\S6(d).
 The CCS therefore need not be provided through the peer-to-peer system that
 was used for providing the binary.
 Second, GPLv3\S9 also clarifies that ancillary propagation of a covered work
 that occurs as part of the process of peer-to-peer file transmission does not
 require acceptance, just as mere receipt and execution of the Program does
 not require acceptance.  Such ancillary propagation is permitted without
 limitation or further obligation.
 % FIXME-LATER: Would be nice to explain much more about interactions between
 % the various options of GPLv3~\S6(a-e), which might all be in play at once!
 \subsection{User Products, Installation Information and Device Lock-Down}
 As discussed in \S~\ref{GPLv3-drm} of this tutorial, GPLv3 seeks to thwart
 technical measures such as signature checks in hardware to prevent
 modification of GPL'd software on a device.
 To address this issue, GPLv3~\S6 requires that parties distributing object
 code provide recipients with the source code through certain means.  When
 those distributors pass on the CCS, they are also required to pass on any
 information or data necessary to install modified software on the particular
 device that included it.  (This strategy is not unlike that used in LGPLv2.1
 to enable users to link proprietary programs to modified libraries.)
 % FIXME-LATER: LGPLv2.1 section should talk about this explicitly and this
 %              should be a forward reference here
 \subsubsection{User Products}
 \label{user-product}
 The scope of these requirements are narrow.  GPLv3~\S6 introduces the concept
 of a ``User Product'', which includes devices that are sold for personal,
 family, or household use.  Distributors are only required to provide
 Installation Information when they convey object code in a User Product.
 In brief, the right to convey object code in a defined class of ``User
 Products,'' under certain circumstances, on providing whatever information is
 required to enable a recipient to replace the object code with a functioning
 modified version.
 This was a compromise that was difficult for the FSF to agree to during the
 GPLv3 drafting process.  However, companies and governments that use
 specialized or enterprise-level computer facilities reported that they
 actually \textit{want} their systems not to be under their own control.
 Rather than agreeing to this as a concession, or bowing to pressure, they ask
 for this as a \textit{preference}.  It is not clear that the GPL should interfere
 here, since the main problem lies elsewhere.
 While imposing technical barriers to modification is wrong regardless of
 circumstances, the areas where restricted devices are of the greatest
 practical concern today fall within the User Product definition.  Most, if
 not all, technically-restricted devices running GPL-covered programs are
 consumer electronics devices.  Moreover, the disparity in clout between the
 manufacturers and these users makes it difficult for the users to reject
 technical restrictions through their weak and unorganized market power.  Even
 limited to User Products, this provision addresses the fundamental problem.
 % FIXME-LATER: link \href to USC 2301
 The core of the User Product definition is a subdefinition of ``consumer
 product'' adapted from the Magnuson-Moss Warranty Act, a federal
 consumer protection law in the USA found in 15~USC~\S2301: ``any tangible
 personal property which is normally used for personal, family, or household
 purposes.''  The USA has had three decades of experience of liberal
 judicial and administrative interpretation of this definition in a manner
 favorable to consumer rights.\footnote{The Magnuson-Moss consumer product
   definition itself has been influential in the USA and Canada, having been
   adopted in several state and provincial consumer protection laws.}
 Ideally, this body of interpretation\footnote{The FSF, however, was very
   clear that incorporation of such legal interpretation was in no way
   intended work as a general choice of USA law for GPLv3.} will guide
 interpretation of the consumer product subdefinition in GPLv3~\S6, and this
 will hopefully provide a degree of legal certainty advantageous to device
 manufacturers and downstream licensees alike.
 One well-established interpretive principle under Magnuson-Moss is that
 ambiguities are resolved in favor of coverage.  That is, in cases where
 it is not clear whether a product falls under the definition of consumer
 product, the product will be treated as a consumer product.\footnote{16
 CFR~\S\ 700.1(a); \textit{McFadden v.~Dryvit Systems, Inc.}, 54
 UCC~Rep.~Serv.2d 934 (D.~Ore.~2004).}  Moreover, for a given product,
 ``normally used'' is understood to refer to the typical use of that type
 of product, rather than a particular use by a particular buyer.
 Products that are commonly used for personal as well as commercial
 purposes are consumer products, even if the person invoking rights is a
 commercial entity intending to use the product for commercial
 purposes.\footnote{16 CFR \S \ 700.1(a).  Numerous court decisions
 interpreting Magnuson-Moss are in accord; see, e.g., \textit{Stroebner
 Motors, Inc.~v.~Automobili Lamborghini S.p.A.}, 459 F.~Supp.2d 1028,
 (D.~Hawaii 2006).}  Even a small amount of ``normal'' personal use
 is enough to cause an entire product line to be treated as a consumer
 product under Magnuson-Moss\footnote{\textit{Tandy Corp.~v.~Marymac
 Industries, Inc.}, 213 U.S.P.Q.~702 (S.D.~Tex.~1981). In this case, the
 court concluded that TRS-80 microcomputers were consumer products, where
 such computers were designed and advertised for a variety of users,
 including small businesses and schools, and had only recently been
 promoted for use in the home.}.
 However, Magnuson-Moss is not a perfect fit because in the area of components
 of dwellings, the settled interpretation under Magnuson-Moss under-inclusive.
 Depending on how such components are manufactured or sold, they may or may
 not be considered Magnuson-Moss consumer products.\footnote{Building
   materials that are purchased directly by a consumer from a retailer, for
   improving or modifying an existing dwelling, are consumer products under
   Magnuson-Moss, but building materials that are integral component parts of
   the structure of a dwelling at the time that the consumer buys the dwelling
   are not consumer products. 16 C.F.R.~\S\S~700.1(c)--(f); Federal Trade
   Commission, Final Action Concerning Review of Interpretations of
   Magnuson-Moss Warranty Act, 64 Fed.~Reg.~19,700 (April 22, 1999); see also,
   e.g., \textit{McFadden}, 54 U.C.C.~Rep.~Serv.2d at 934.}  Therefore, GPLv3
 defines User Products as a superset of consumer products that also includes
 ``anything designed or sold for incorporation into a dwelling.''
 Thus, the three sentences in the center of GPLv3's User Product definition
 encapsulate the judicial and administrative principles established over the
 past three decades in the USA concerning the Magnuson-Moss consumer product
 definition.  First, it states that doubtful cases are resolved in favor of
 coverage under the definition.  Second, it indicate that the words ``normally
 used'' in the consumer product definition refer to a typical or common use of
 a class of product, and not the status of a particular user or expected or
 actual uses by a particular user.  Third, it clearly states that the
 existence of substantial non-consumer uses of a product does not negate a
 determination that it is a consumer product, unless such non-consumer uses
 represent the only significant mode of use of that product.
 It should be clear from these added sentences that it is the general mode of
 use of a product that determines objectively whether or not it is a consumer
 product.  One could not escape the effects of the User Products provisions by
 labeling what is demonstrably a consumer product in ways that suggest it is
 ``for professionals'', for example.
 \subsubsection{Installation Information}
 With the User Products definition complete,  The ``Installation Information''
 definition uses that to define what those receiving object code inside a User
 Product must receive.
 Installation Information is information that is ``required to install and
 execute modified versions of a covered work \dots from a modified version of
 its'' CCS, in the same User Product for which the covered work is conveyed.
 GPLv3 provides guidance concerning how much information must be provided: it
 ``must suffice to ensure that the continued functioning of the modified
 object code is in no case prevented or interfered with solely because
 modification has been made.''  For example, the information provided would be
 insufficient if it enabled a modified version to run only in a disabled
 fashion, solely because of the fact of modification (regardless of the actual
 nature of the modification).  The information need not consist of
 cryptographic keys; Installation Information may be ``any methods,
 procedures, authorization keys, or other information''.
 Note that GPLv3 does not define ``continued functioning'' further.  However,
 GPLv3 does provide some additional guidance concerning the scope of
 GPLv3-compliant action or inaction that distributors of
 technically-restricted User Products can take with respect to a downstream
 recipient who replaces the conveyed object code with a modified version.
 First of all, GPLv3 makes clear that GPLv3 implies no obligation ``to
 continue to provide support service, warranty, or updates'' for such a work.
 Second, most technically-restricted User Products are designed to communicate
 across networks.  It is important for both users and network providers to
 know when denial of network access to devices running modified versions
 becomes a GPL violation.  GPLv3 permits denial of access in two cases: ``when
 the modification itself materially and adversely affects the operation of the
 network,'' and when the modification itself ``violates the rules and
 protocols for communication across the network''.  The second case is
 deliberately drawn in general terms, and it serves as a foundation for
 reasonable enforcement policies that respect recipients' right to modify
 while recognizing the legitimate interests of network providers.
 Note that GPLv3 permits the practice of conveying object code in a mode not
 practically susceptible to modification by any party, such as code burned in
 ROM or embedded in silicon.  The goal of the Installation Information
 requirement is to ensure the downstream licensee receives the real right to
 modify when the device manufacturer or some other party retains that right.
 Accordingly, GPLv3\S6's ante-penultimate paragraph states that the
 requirement to provide Installation Information ``does not apply if neither
 you nor any third party retains the ability to install modified object code
 on the User Product''.
 Finally, GPLv3\S6 makes it clear that there is also no requirement to
 provide warranty or support for the User Product itself.
 \subsection{GPLv3~\S7: Additional Permissions}
 \label{GPLv3s7}
 The GPL is a statement of permissions, some of which have conditions.
 Additional terms --- terms that supplement those of the GPL --- may come to be
 placed on, or removed from, GPL-covered code in certain common ways.
 Copyleft licensing theorists have generally called
  those added terms ``additional permissions'' if they grant
 exceptions from the conditions of the GPL, and ``additional requirements'' if
 they add conditions to the basic permissions of the GPL\@. The treatment of
 additional permissions and additional requirements under GPLv3 is necessarily
 asymmetrical, because they do not raise the same interpretive
 issues; in particular, additional requirements, if allowed without careful
 limitation, could transform a GPL'd program into a non-free one.
 With these principles in the background, GPLv3~\S7  answers the following
 questions:
 \begin{enumerate}
 \item How does the presence of additional terms on all or part of a GPL'd program
 affect users' rights?
 \item When and how may a licensee add terms to code being
 distributed under the GPL?
 \item When may a licensee remove additional terms?
 \end{enumerate}
 Additional permissions present the easier case.  Since the mid-1990s,
 permissive exceptions often appeared alongside GPLv2 to allow combination
 with certain non-free code.  Typically, downstream
 stream recipients could remove those exceptions and operate under pure GPLv2.
 Similarly, LGPLv2.1 is in essence a permissive variant of GPLv2,
 and it permits relicensing under the GPL\@.
 These practices are now generalized via GPLv3~\S7.
 A licensee may remove any additional permission from
 a covered work, whether it was placed by the original author or by an
 upstream distributor.  A licensee may also add any kind of additional
 permission to any part of a work for which the licensee has, or can give,
 appropriate copyright permission. For example, if the licensee has written
 that part, the licensee is the copyright holder for that part and can
 therefore give additional permissions that are applicable to it.
 Alternatively, the part may have been written by someone else and licensed,
 with the additional permissions, to that licensee.  Any additional
 permissions on that part are, in turn, removable by downstream recipients.
 As GPLv3~\S7\P1 explains, the effect of an additional permission depends on
 whether the permission applies to the whole work or a part.
 % FIXME-LATER: LGPLv3 will have its own section
 Indeed, LGPLv3 is itself simply  a list of additional permissions supplementing the
 terms of GPLv3.  GPLv3\S7 has thus provided the basis for recasting a
 formally complex license as an elegant set of added terms, without changing
 any of the fundamental features of the existing LGPL\@.  LGPLv3 is thus  a model for developers wishing to license their works under the
 GPL with permissive exceptions.  The removability of additional permissions
 under GPLv3\S7 does not alter any existing behavior of the LGPL since the LGPL
 has always allowed relicensing under the ordinary GPL\@.
 \section{GPLv3~\S7: Understanding License Compatibility}
 \label{license-compatibility}
 A challenge that faced the Free Software community heavily through out the
 early 2000s was the proliferation of incompatible Free Software licenses.  Of
 course, the GPL cannot possibly be compatible with all such licenses.
 However, GPLv3
 contains provisions that are designed to reduce license incompatibility by
 making it easier for developers to combine code carrying non-GPL terms with
 GPL'd code.
 This license compatibility issue arises for
 three reasons.  First, the GPL is a strong copyleft license, requiring
 modified versions to be distributed under the GPL\@.  Second, the GPL states
 that no further restrictions may be placed on the rights of recipients.
 Third, all other software freedom respecting licenses in common use contain certain
 requirements, many of which are not conditions made by the GPL\@.  Thus, when
 GPL'd code is modified by combination with code covered by another formal
 license that specifies other requirements, and that modified code is then
 distributed to others, the freedom of recipients may be burdened by
 additional requirements in violation of the GPL.  It can be seen that
 additional permissions in other licenses do not raise any problems of license
 compatibility.
 GPLv3  took a new approach to the issue of combining GPL'd code with
 code governed by the terms of other software freedom licenses.  Traditional
 GPLv2 license compatibility theory (which was not explicitly stated in GPLv2
 itself, but treated as a license interpretation matter by the FSF) held that GPLv2 allowed such
 combinations only if the non-GPL licensing terms permitted distribution under
 the GPL and imposed no restrictions on the code that were not also imposed by
 the GPL\@.  In practice, the FSF historically supplemented that policy with a structure of
 exceptions for certain kinds of combinations.
 GPLv3~\S7  implements a more explicit policy on license
 compatibility.  It formalizes the circumstances under which a licensee may
 release a covered work that includes an added part carrying non-GPL terms.
 GPLv3~\S7 distinguish between terms that provide additional permissions, and terms that
 place additional requirements on the code, relative to the permissions and
 requirements established by applying the GPL to the code.
 As discussed in the previous section of this tutorial, GPLv3~\S7 first and foremost explicitly allows added parts covered by terms with
 additional permissions to be combined with GPL'd code. This codifies the
 existing practice of regarding such licensing terms as compatible with the
 GPL\@. A downstream user of a combined GPL'd work who modifies such an added
 part may remove the additional permissions, in which case the broader
 permissions no longer apply to the modified version, and only the terms of
 the GPL apply to it.
 In its treatment of terms that impose additional requirements, GPLv3\S7
 extends the range of licensing terms with which the GPL is compatible.  An
 added part carrying additional requirements may be combined with GPL'd code,
 but only if those requirements belong to an set enumerated in GPLv3\S7. There
 are, of course,  limits on the acceptable additional requirements, which
 ensures that enhanced license compatibility does not
 defeat the broader software-freedom-defending terms of the GPL\@. Unlike terms that grant
 additional permissions, terms that impose additional requirements cannot be
 removed by a downstream user of the combined GPL'd work, because only in the
 pathological case\footnote{Theoretically, a user could collect copyright
   assignment from all known contributors and then do this, but this would
   indeed be the pathological case.}  would a user have the right to do so.
 % FIXME-LATER: It would be good to have detailed info on each of 7a-f.
 %              Here's some commented-out text that might be useful for 7a-b
 %% Under subsections 7a and 7b, the requirements may include preservation of
 %% copyright notices, information about the origins of the code or alterations
 %% of the code, and different warranty disclaimers. Under subsection 7c, the
 %% requirements may include limitations on the use of names of contributors and
 %% on the use of trademarks for publicity purposes. In general, we permit these
 %% requirements in added terms because many free software licenses include them
 %% and we consider them to be unobjectionable. Because we support trademark fair
 %% use, the limitations on the use of trademarks may seek to enforce only what
 %% is required by trademark law, and may not prohibit what would constitute fair
 %% use.
 % FIXME-LATER:  Say removing additional restrictions
 % FIXME-LATER: This text may be useful later:
 %% Some have questioned whether section 7 is needed, and some have suggested
 %% that it creates complexity that did not previously exist.  We point out to
 %% those readers that there is already GPLv2-licensed code that carries
 %% additional terms.  One of the objectives of section 7 is to rationalize
 %% existing practices of program authors and modifiers by setting clear
 %% guidelines regarding the removal and addition of such terms.  With its
 %% carefully limited list of allowed additional requirements, section 7
 %% accomplishes additional objectives, permitting the expansion of the base of
 %% code available for GPL developers, while also encouraging useful
 %% experimentation with requirements we do not include in the GPL itself.
 \section{GPLv3~\S8: A Lighter Termination}
 GPLv2 provided for automatic termination of the rights of a person who
 copied, modified, sublicensed, or distributed a work in violation of the
 license.  Automatic termination can be too harsh for those who have committed
 an inadvertent violation, particularly in cases involving distribution of
 large collections of software having numerous copyright holders.  A violator
 who resumes compliance with GPLv2 technically needs to obtain forgiveness
 from all copyright holders, and even contacting them all might be impossible.
 GPLv3~\S8 now grants opportunities for provisional and permanent
 reinstatement of rights. The termination procedure provides a limited
 opportunity to cure license violations.  If a licensee has committed a
 first-time violation of the GPL with respect to a given copyright holder, but
 the licensee cures the violation within 30 days following receipt of notice
 of the violation, then any of the licensee's GPL rights that have been
 terminated by the copyright holder are ``automatically reinstated''.
 Finally, if a licensee violates the GPL, a contributor may terminate any
 patent licenses that it granted under GPLv3~\S11, in addition to any
 copyright permissions the contributor granted to the licensee.
 % FIXME-LATER: write more here, perhaps linking up to enforcement
 \section{GPLv3~\S9: Acceptance}
 GPLv3~\S9 means what it says: mere receipt or execution of code neither
 requires nor signifies contractual acceptance under the GPL.  Speaking more
 broadly, GPLv3 is intentionally structured as a unilateral grant
 of copyright permissions, the basic operation of which exists outside of any
 law of contract.  Whether and when a contractual relationship is formed
 between licensor and licensee under local law do not necessarily matter to
 the working of the license.
 \section{GPLv3~\S10: Explicit Downstream License}
 \label{GPLv3s10}
 % FIXME-LATER: this is a punt: need more time to write!
 GPLv3~\S10 ensures that everyone downstream receives licenses from all
 copyright holders.  It really is a generally straightforward section.
 % FIXME-LATER: link up this paragraph to above sections.
 Note, however, GPLv3 removed the words ``at no charge'' from GPLv2~\S2(b) (in
 GPLv3,~\S5(b)) because it contributed to a misconception that the GPL did not
 permit charging for distribution of copies.  The purpose of the ``at no
 charge'' wording was to prevent attempts to collect royalties from third
 parties.  The removal of these words created the danger that the imposition
 of licensing fees would no longer be seen as a license violation.  Therefore,
 GPLv3~\S10 adds a new explicit prohibition on imposition of licensing fees or
 royalties.  This section is an appropriate place for such a clause, since it
 is a specific consequence of the general requirement that no further
 restrictions be imposed on downstream recipients of GPL-covered code.
 % FIXME-LATER: This text needs further study before I can conclude it belongs
 % in this tutorial:
 %% Careful readers of the GPL have suggested that its explicit prohibition
 %% against imposition of further restrictions\footnote{GPLv2, section 6; Draft
 %%   3, section 10, third paragraph.} has, or ought to have, implications for
 %% those who assert patents against other licensees.  Draft 2 took some steps to
 %% clarify this point in a manner not specific to patents, by describing the
 %% imposition of ``a license fee, royalty, or other charge'' for exercising GPL
 %% rights as one example of an impermissible further restriction.  In Draft 3 we
 %% have clarified further that the requirement of non-imposition of further
 %% restrictions has specific consequences for litigation accusing GPL-covered
 %% programs of infringement.  Section 10 now states that ``you may not initiate
 %% litigation (including a cross-claim or counterclaim in a lawsuit) alleging
 %% that any patent claim is infringed by making, using, selling, offering for
 %% sale, or importing the Program (or the contribution of any contributor).''
 %% That is to say, a patent holder's licensed permissions to use a work under
 %% GPLv3 may be terminated under section 8 if the patent holder files a lawsuit
 %% alleging that use of the work, or of any upstream GPLv3-licensed work on
 %% which the work is based, infringes a patent.
 \section{GPLv3~\S11: Explicit Patent Licensing}
 \label{GPLv3s11}
 Software patenting is a harmful and unjust policy, and should be abolished;
 recent experience makes this all the more evident. Since many countries grant
 patents that can apply to and prohibit software packages, in various guises
 and to varying degrees, GPLv3 seeks to protect the users of GPL-covered programs
 from those patents, while at the same time making it feasible for patent
 holders to contribute to and distribute GPL-covered programs as long as they
 do not attack the users of those programs.
 It is generally understood that GPLv2 implies some limits on a licensee's
 power to assert patent claims against the use of GPL-covered works.
 However, the patent licensing practices that GPLv2~\S7 (corresponding to
 GPLv3~\S12) is designed to prevent is only one of several ways in which
 software patents threaten to make free programs non-free and to prevent users
 from exercising their rights under the GPL. GPLv3 takes a more comprehensive
 approach to combating the danger of patents.
 GPLv2~\S7 has seen some success in deterring conduct that would otherwise
 result in denial of full downstream enjoyment of GPL rights, and thus it is
 preserved in GPLv3~\S12.  Experience has shown that more is necessary,
 however, to ensure adequate community safety where companies act in concert
 to heighten the anticompetitive use of patents that they hold or license.
 Therefore,  GPLv3 is designed to reduce the patent risks that distort and
 threaten the activities of users who make, run, modify and share Free
 Software.  At the same time, GPLv3 gives favorable consideration to practical
 goals such as certainty and administrability for patent holders that
 participate in distribution and development of GPL-covered software.  GPLv3's
 policy requires each such patent holder to provide appropriate levels of
 patent assurance to users, according to the nature of the patent holder's
 relationship to the program.
 \subsection{The Contributor's Explicit Patent License}
 Specifically, the ideal might have been for GPLv3 to feature a patent license
 grant triggered by all acts of distribution of GPLv3-covered works.  The FSF
 considered it during the GPLv3 drafting process, but many patent-holding
 companies objected to this policy.  They have made two objections: (1) the
 far-reaching impact of the patent license grant on the patent holder is
 disproportionate to the act of merely distributing code without modification
 or transformation, and (2) it is unreasonable to expect an owner of vast
 patent assets to exercise requisite diligence in reviewing all the
 GPL-covered software that it provides to others.  Some expressed particular
 concern about the consequences of ``inadvertent'' distribution.
 The argument that the impact of the patent license grant would be
 ``disproportionate'',  that is to say unfair, is not valid. Since
 software patents are weapons that no one should have, and using them for
 aggression against free software developers is an egregious act (thus
 preventing that act cannot be unfair).
 However, the second argument seems valid in a practical sense.  A
 typical GNU/Linux distribution includes thousands of programs.  It would
 be quite difficult for a re-distributor with a large patent portfolio to
 review all those programs against that portfolio every time it receives
 and passes on a new version of the distribution.  Moreover, this question
 raises a strategic issue. If the GPLv3 patent license requirements
 convince patent-holding companies to remain outside the distribution
 path of all GPL-covered software, then these requirements, no matter how
 strong, will cover few patents.
 GPLv3 therefore makes a partial concession
 which would lead these companies to feel secure in doing the
 distribution themselves. GPLv3~\S11
 applies only to those distributors that have
 modified the program.  The other changes we have made in sections 10 and
 provide strengthened defenses against patent assertion and compensate
 partly for this concession.
 Therefore, GPLv3~\S11 introduces the terms ``contributor'', ``contributor version'', and
 ``essential patent claims'', which are
 used in the GPLv3~\S11\P3.   Viewed from the perspective of a recipient of the
 Program, contributors include all the copyright holders for the Program,
 other than copyright holders of material originally licensed under non-GPL
 terms and later incorporated into a GPL-covered work.  The contributors are
 therefore the initial GPLv3 licensors of the Program and all subsequent
 upstream licensors who convey, under the terms of GPLv3~\S5, modified covered
 works.
 Thus, the ``contributor version'' includes the material the contributor has copied from the
 upstream version that the contributor has modified.  GPLv3~\S11\P3
  does not apply to those that redistribute the program
 without change.\footnote{An implied patent license from the distributor,
 however, often arises.  See \S~\ref{gpl-implied-patent-grant} in this tutorial}
 In other words, the ``contributor version'' includes not just
 the material added or altered by the contributor, but also the pre-existing
 material the contributor copied from the upstream version and retained in the
 modified version.  (GPLv3's usage of ``contributor'' and ``contribution'' should
 not be confused with the various other ways in which those terms are used in
 certain other free software licenses\footnote{Cf., e.g., Apache License,
   version 2.0, section 1; Eclipse Public License, version 1.0, section 1;
   Mozilla Public License, version 1.1, section 1.1.}.)
 Some details of the ``essential patent claims'' definition deserve special
 mention.  ``Essential patent claims'', for a given party, are a subset of the
 claims ``owned or controlled'' by the party.  They do include sublicensable
 claims that have been licensed to the contributor by a third
 party.\footnote{This issue is typically handled in other software freedom
   licenses having patent licensing provisions by use of the unhelpful term
   ``licensable,'' which is either left undefined or is given an ambiguous
   definition.}  Most commercial patent license agreements that permit
 sublicensing do so under restrictive terms that are inconsistent with the
 requirements of the GPL\@.  For example, some patent licenses allow the
 patent licensee to sublicense but require collection of royalties from any
 sublicensees.  The patent licensee could not distribute a GPL-covered program
 and grant the recipient a patent sublicense for the program without violating
 section 12 of GPLv3.\footnote{GPLv3 also provides an example in section 12
   that makes this point clear.}  In rare cases, however, a conveying party
 can freely grant patent sublicenses to downstream recipients without
 violating the GPL\@.
 Additionally, ``essential patent claims'' are those patents ``that would be
 infringed by some manner, permitted by this License, of making, using, or
 selling the work''.  This intends to make clear that a patent claim is
 ``essential'' if some mode of usage would infringe that claim, even if there
 are other modes of usage that would not infringe.
 Finally, ``essential patent claims \ldots do not include
 claims that would be infringed only as a consequence of further
 modification of the work.''  The set of essential patent
 claims licensed  is fixed by the
 particular version of the work that was contributed.  The claim set
 cannot expand as a work is further modified downstream.  (If it could,
 then any software patent claim would be included, since any software
 patent claim can be infringed by some further modification of the
 work.)\footnote{However, ``the work'' should not be understood to be
 restricted to a particular mechanical affixation of, or medium for
 distributing, a program, where the same program might be provided in
 other forms or in other ways that may be captured by other patent claims
 held by the contributor.}
 \medskip
 Ideally, this contributor patent policy will result in fairly frequent licensing of patent
 claims by contributors.  A contributor is charged with awareness of the fact
 that it has modified a work and provided it to others; no act of contribution
 should be treated as inadvertent.  GPLv3's rule also requires no more work, for a
 contributor, than the weaker rule proposed by the patent holders.  Under
 their rule, the contributor must always compare the entire work against its
 patent portfolio to determine whether the combination of the modifications
 with the remainder of the work cause it to read on any of the contributor's
 patent claims.
 \subsection{Conveyors' Patent Licensing}
 The remaining patent licensing in GPLv3 deals with patent licenses that are
 granted by conveyance.  The licensing is not as complete or far reaching as
 the contributor patent licenses discussed in the preceding section.
 The term ``patent license,'' as used in GPLv3~\S11\P4--6, is not meant to be
 confined to agreements formally identified or classified as patent licenses.
 GPLv3~\S11\P3  makes this clear by defining ``patent
 license,'' for purposes of the subsequent three paragraphs, as ``any express
 agreement or commitment, however denominated, not to enforce a patent
 (such as an express permission to practice a patent or covenant not to
 sue for patent infringement)''
-% FIME-LATER: I want to ask Fontana about this before adding it.
+% FIXME-LATER: I want to ask Fontana about this before adding it.
 % The definition does not include patent licenses that arise by
 % implication or operation of law, because the third through fifth paragraphs
 % of section 11 are specifically concerned with explicit promises that purport
 % to be legally enforceable.
 GPLv3~\S11\P5 is commonly called GPLv3's downstream shielding provision.  It
 responds particularly to the problem of exclusive deals between patent
 holders and distributors, which threaten to distort the free software
 distribution system in a manner adverse to developers and users.  The
 fundamental idea is to make a trade-off between assuring a patent license for
 downstream and making  (possibly patent-encumbered) CCS publicly available.
 Simply put, in nearly all cases in which the ``knowingly relying'' test is
 met, the patent license will indeed not be sublicensable or generally
 available to all on free terms.  If, on the other hand, the patent license is
 generally available under terms consistent with the requirements of the GPL,
 the distributor is automatically in compliance, because the patent license
 has already been extended to all downstream recipients.  Finally, if the
 patent license is sublicensable on GPL-consistent terms, the distributor may
 choose to grant sublicenses to downstream recipients instead of causing the
 CCS to be publicly available.  (In such a case, if the distributor is also a
 contributor, it will already have granted a patent sublicense anyway, and so
 it need not do anything further to comply with the third paragraph.)
 Admittedly, public disclosure of CCS is not necessarily required by other
 sections of the GPL, and the FSF in drafting GPLv3 did not necessarily wish
 to impose a general requirement to make source code available to all, which
 has never been a GPL condition.  However, many vendors who produce products
 that include copylefted software, and who are most likely to be affected by the
 downstream shielding provision, lobbied for the addition of the source code
 availability option, so it remains.
 Meanwhile, two specific alternatives to the source code availability option
 are also available. The distributor may comply by disclaiming the patent
 license it has been granted for the conveyed work, or by arranging to extend
 the patent license to downstream recipients\footnote{The latter option, if
   chosen, must be done ``in a manner consistent with the requirements of this
   License''; for example, it is unavailable if extension of the patent
   license would result in a violation of GPLv3~\S 12.}.  The GPL is intended
 to permit private distribution as well as public distribution, and the
 addition of these options ensures that this remains the case, even though it
 remains likely that distributors in this situation will usually choose the
 source code availability option.
 Note that GPLv3~\S11\P5 is activated only if the CCS is not already otherwise
 publicly available.  (Most often it will, in fact, already be available on
 some network server operated by a third party.)  Even if it is not already
 available, the option to ``cause the Corresponding Source to be so
 available'' can then be satisfied by verifying that a third party has acted
 to make it available.  That is to say, the affected distributor need not
 itself host the CCS to take advantage of the source code availability option.
 This subtlety may help the distributor avoid certain peculiar assumptions of
 liability.
 Note that GPLv3~\S11\P6--7 are designed to stop distributors from colluding with
 third parties to offer selective patent protection.  GPLv3 is designed to
 ensure that all users receive the same rights; arrangements that circumvent
 this make a mockery of free software, and we must do everything in our power
 to stop them.
 First, GPLv3~\S11\P6 states that any license that protects some recipients of
 GPL'd software must be extended to all recipients of the software.
 If conveyors arrange to provide patent
 protection to some of the people who get the software from you, that
 protection is automatically extended to everyone who receives the software,
 no matter how they get it.
 Second, GPLv3~\S11\P7
 prohibit anyone who made such an agreement from distributing software
 released under GPLv3.    Conveyors are prohibited from
 distributing software under GPLv3 if the conveyor makes an agreement of that
 nature in the future.
 The date in GPLv3~\S11\P7 likely seems arbitrary to those who did not follow
 the GPLv3 drafting process.  This issue was hotly debated during the drafting of
 GPLv3, but ultimately one specific deal of this type --- a deal between Microsoft
 and Novell for Microsoft to provide so-called ``coupons'' to Microsoft customers to redeem
 for copies of Novell's GNU/Linux distribution with a Microsoft patent license -- was
 designed to be excluded.
 The main reason for this was a tactical decision by the FSF.  FSF believed they can do more to
 protect the community by allowing Novell to use software under GPLv3
 than by forbidding it to do so.  This is because of
 paragraph 6 of section 11 (corresponding to paragraph 4 in Draft 3).
 It will apply, under the Microsoft/Novell deal, because of the coupons
 that Microsoft has acquired that essentially commit it to participate
 in the distribution of the Novell SLES GNU/Linux system.
 The FSF also gave a secondary reason:  to avoid affecting other kinds of agreements for
 other kinds of activities.  While GPLv3 sought to
 distinguish pernicious deals of the Microsoft/Novell type from
 business conduct that is not particularly harmful, the FSF also did not
 assume success in that drafting, and thus there remained some risk that other
 unchangeable past agreements could fall within the  scope of GPLv3~\S11\P7.
 In future deals, distributors engaging in ordinary business practices
 can structure the agreements so that they do not fall under GPLv3~\S11\P7.
 \section{GPLv3~\S12: Familiar as GPLv2~\S7}
 GPLv2~\S12 remains almost completely unchanged from the text that appears in
 GPLv2~\S7.  This is an important provision that ensures a catch-all to ensure
 that nothing ``surprising'' interferes with the continued conveyance safely
 under copyleft.
 The wording in the first sentence of GPLv3~\S12 has been revised slightly to
 clarify that an agreement -- such as a litigation settlement agreement or a
 patent license agreement -- is one of the ways in which conditions may be
 ``imposed'' on a GPL licensee that may contradict the conditions of the GPL,
 but which do not excuse the licensee from compliance with those conditions.
 This change codifies the historical interpretation of GPLv2.
 GPLv3 removed the limited severability clause of GPLv2~\S7 as a
 matter of tactical judgment, believing that this is the best way to ensure
 that all provisions of the GPL will be upheld in court. GPLv3 also removed
 the final sentence of GPLv2 section 7, which the FSF consider to be unnecessary.
 \section{GPLv3~\S13: The Great Affero Compromise}
 The Affero GPL was written with the expectation that its
 additional requirement would be incorporated into the terms of GPLv3
 itself.  Many software freedom advocates, including some authors of this
 tutorial, advocated heavily for that, and fully expected it to happen.
 The FSF, however, chose not to include the Affero clause in GPLv3, due to
 what it called  ``irreconcilable views from
 different parts of the community''.  Many
 commercial users of Free Software were opposed to the inclusion of a
 mandatory Affero-like requirement in the body of GPLv3 itself.  In fact, some
 wealthier companies even threatened to permanently fund forks of many FSF
 copyrighted-programs under GPLv2 if the Affero clause appeared in GPLv3.
 Meanwhile, there was disagreement even among copyleft enthusiasts about the
 importance of the provision.  A coalition never formed, and ultimately the
 more powerful interest implicitly allied with the companies who deeply opposed
 the Affero clause such that the FSF felt the Affero clause would need its own
 license, but one compatible with GPLv3.
 GPLv3~\S13 makes GPLv3 compatible with the AGPLv3, so that at least code can
 be shared between AGPLv3'd and GPLv3'd projects, even if the Affero clause
 does not automatically apply to all GPLv3'd works.
 %FIXME-LATER:  no time to do this justice, will come back later, instead the
 %above.
 %% Some of this hostility seemed to be based on a misapprehension that
 %% Affero-like terms placed on part of a covered work would somehow extend
 %% to the whole of the work.\footnote{It is possible that the presence of
 %% the GPLv2-derived copyleft clause in the existing Affero GPL contributed
 %% to this misunderstanding.}  Our explanations to the contrary did little
 %% to satisfy these critics; their objections to 7b4 instead evolved into a
 %% broader indictment of the additional requirements scheme of section 7.
 %% It was clear, however, that much of the concern about 7b4 stemmed from
 %% its general formulation.  Many were alarmed at the prospect of GPLv3
 %% compatibility for numerous Affero-like licensing conditions,
 %% unpredictable in their details but potentially having significant
 %% commercial consequences.
 %% On the other hand, many developers, otherwise sympathetic to the policy
 %% goals of the Affero GPL, have objected to the form of the additional
 %% requirement in that license.  These developers were generally
 %% disappointed with our decision to allow Affero-like terms through
 %% section 7, rather than adopt a condition for GPLv3.  Echoing their
 %% concerns about the Affero GPL itself, they found fault with the wording
 %% of the section 7 clause in both of the earlier drafts.  We drafted 7b4
 %% at a higher level than its Draft 1 counterpart based in part on comments
 %% from these developers. They considered the Draft 1 clause too closely
 %% tied to the Affero mechanism of preserving functioning facilities for
 %% downloading source, which they found too restrictive of the right of
 %% modification.  The 7b4 rewording did not satisfy them, however. They
 %% objected to its limitation to terms requiring compliance by network
 %% transmission of source, and to the technically imprecise or inaccurate
 %% use of the phrase ``same network session.''
 %% We have concluded that any redrafting of the 7b4 clause would fail to
 %% satisfy the concerns of both sets of its critics.  The first group
 %% maintains that GPLv3 should do nothing about the problem of public
 %% use. The second group would prefer for GPLv3 itself to have an
 %% Affero-like condition, but that seems to us too drastic. By permitting
 %% GPLv3-covered code to be linked with code covered by version 2 of the
 %% Affero GPL, the new section 13 honors our original commitment to
 %% achieving GPL compatibility for the Affero license.
 %% Version 2 of the Affero GPL is not yet published.  We will work with
 %% Affero, Inc., and with all other interested members of our community, to
 %% complete the drafting of this license following the release of Draft 3,
 %% with a goal of having a final version available by the time of our
 %% adoption of the final version of GPLv3.  We hope the new Affero license
 %% will satisfy those developers who are concerned about the issue of
 %% public use of unconveyed versions but who have concerns about the
 %% narrowness of the condition in the existing Affero license.
 %% As the second sentence in section 13 indicates, when a combined work is
 %% made by linking GPLv3-covered code with Affero-covered code, the
 %% copyleft on one part will not extend to the other part.\footnote{The
 %% plan is that the additional requirement of the new Affero license will
 %% state a reciprocal limitation.} That is to say, in such combinations,
 %% the Affero requirement will apply only to the part that was brought into
 %% the combination under the Affero license.  Those who receive such a
 %% combination and do not wish to use code under the Affero requirement may
 %% remove the Affero-covered portion of the combination.
 Meanwhile, those who criticize the permission to link with code under the Affero
 GPL should recognize that most other free software licenses also permit
 such linking.
 \section{GPLv3~\S14: So, When's GPLv4?}
 \label{GPLv3s14}
 No substantive change has been made in section 14. The wording of the section
 has been revised slightly to make it clearer.
 It's unclear when the FSF might consider publishing GPLv4.  However, this
 section makes it clear that the FSF is the sole authority who can decide
 such.
 The main addition to this section allows a third-party proxy to be appointed
 by contributors who wish someone else to make relicensing to new versions of
 GPL when they are released.  This is a ``halfway'' point between using ``-only''
 or ``-or-later'' by consolidating the decision-making on that issue to a
 single authority.
 % FIXME-LATER: better proxy description
 \section{GPLv3~\S15--17: Warranty Disclaimers and Liability Limitation}
 No substantive changes have been made in sections 15 and 16.
 % FIXME-LATER: more, plus 17
 % FIXME-LATER: Section header needed here about choice of law.
 % FIXME-LATER: reword into tutorial
 %% Some have asked us to address the difficulties of internationalization
 %% by including, or permitting the inclusion of, a choice of law
 %% provision.  We maintain that this is the wrong approach.  Free
 %% software licenses should not contain choice of law clauses, for both
 %% legal and pragmatic reasons.  Choice of law clauses are creatures of
 %% contract, but the substantive rights granted by the GPL are defined
 %% under applicable local copyright law. Contractual free software
 %% licenses can operate only to diminish these rights.  Choice of law
 %% clauses also raise complex questions of interpretation when works of
 %% software are created by combination and extension.  There is also the
 %% real danger that a choice of law clause will specify a jurisdiction
 %% that is hostile to free software principles.
 %% % FIXME-LATER: reword into tutorial, \ref to section 7.
 %% Our revised version of section 7 makes explicit our view that the
 %% inclusion of a choice of law clause by a licensee is the imposition of
 %% an additional requirement in violation of the GPL.  Moreover, if a
 %% program author or copyright holder purports to supplement the GPL with
 %% a choice of law clause, section 7 now permits any licensee to remove
 %% that clause.
 % FIXME-LATER: does this need to be a section, describing how it was out then in
 % then out then in? :)
 Finally, the FSF shortened the section on ``How to Apply These
 Terms to Your New Programs'' to just the bare essentials.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{The Lesser GPL}
 As we have seen in our consideration of the GPL, its text is specifically
 designed to cover all possible derivative works under copyright law. Our
 goal in designing the GPL was to make sure that any derivative work of GPL'd
 software was itself released under the GPL when distributed. Reaching as far
 as copyright law will allow is the most direct way to reach that goal.
 However, while the strategic goal is to bring as much Free Software
 into the world as possible, particular tactical considerations
 regarding software freedom dictate different means. Extending the
 copyleft effect as far as copyright law allows is not always the most
 prudent course in reaching the goal. In particular situations, even
 those of us with the goal of building a world where all published
 software is Free Software realize that full copyleft does not best
 serve us. The GNU Lesser General Public License (``GNU LGPL'') was
 designed as a solution for such situations.
 \section{The First LGPL'd Program}
 The first example that FSF encountered where such altered tactics were
 needed was when work began on the GNU C Library. The GNU C Library would
 become (and today, now is) a drop-in replacement for existing C libraries.
 On a Unix-like operating system, C is the lingua franca and the C library
 is an essential component for all programs. It is extremely difficult to
 construct a program that will run with ease on a Unix-like operating
 system without making use of services provided by the C library --- even
 if the program is written in a language other than C\@. Effectively, all
 user application programs that run on any modern Unix-like system must
 make use of the C library.
 By the time work began on the GNU implementation of the C libraries, there
 were already many C libraries in existence from a variety of vendors.
 Every proprietary Unix vendor had one, and many third parties produced
 smaller versions for special purpose use. However, our goal was to create
 a C library that would provide equivalent functionality to these other C
 libraries on a Free Software operating system (which in fact happens today
 on modern GNU/Linux systems, which all use the GNU C Library).
 Unlike existing GNU application software, however, the licensing
 implications of releasing the GNU C Library (``glibc'') under the GPL were
 somewhat different. Applications released under the GPL would never
 themselves become part of proprietary software. However, if glibc were
 released under the GPL, it would require that any application distributed for
 the GNU/Linux platform be released under the GPL\@.
 Since all applications on a Unix-like system depend on the C library, it
 means that they must link with that library to function on the system. In
 other words, all applications running on a Unix-like system must be
 combined with the C library to form a new whole derivative work that is
 composed of the original application and the C library. Thus, if glibc
 were GPL'd, each and every application distributed for use on GNU/Linux
 would also need to be GPL'd, since to even function, such applications
 would need to be combined into larger derivative works by linking with
 glibc.
 At first glance, such an outcome seems like a windfall for Free Software
 advocates, since it stops all proprietary software development on
 GNU/Linux systems. However, the outcome is a bit more subtle. In a world
 where many C libraries already exist, many of which could easily be ported
 to GNU/Linux, a GPL'd glibc would be unlikely to succeed. Proprietary
 vendors would see the excellent opportunity to license their C libraries
 to anyone who wished to write proprietary software for GNU/Linux systems.
 The de-facto standard for the C library on GNU/Linux would likely be not
 glibc, but the most popular proprietary one.
 Meanwhile, the actual goal of releasing glibc under the GPL --- to ensure no
 proprietary applications on GNU/Linux --- would be unattainable in this
 scenario. Furthermore, users of those proprietary applications would also
 be users of a proprietary C library, not the Free glibc.
 The Lesser GPL was initially conceived to handle this scenario. It was
 clear that the existence of proprietary applications for GNU/Linux was
 inevitable. Since there were so many C libraries already in existence, a
 new one under the GPL would not stop that tide. However, if the new C library
 were released under a license that permitted proprietary applications
 to link with it, but made sure that the library itself remained Free,
 an ancillary goal could be met. Users of proprietary applications, while
 they would not have the freedom to copy, share, modify and redistribute
 the application itself, would have the freedom to do so with respect to
 the C library.
 There was no way the license of glibc could stop or even slow the creation
 of proprietary applications on GNU/Linux. However, loosening the
 restrictions on the licensing of glibc ensured that nearly all proprietary
 applications at least used a Free C library rather than a proprietary one.
 This trade-off is central to the reasoning behind the LGPL\@.
 Of course, many people who use the LGPL today are not thinking in these
 terms. In fact, they are often choosing the LGPL because they are looking
 for a ``compromise'' between the GPL and the X11-style liberal licensing.
 However, understanding FSF's reasoning behind the creation of the LGPL is
 helpful when studying the license.
 \section{What's the Same?}
 Much of the text of the LGPL is identical to the GPL\@. As we begin our
 discussion of the LGPL, we will first eliminate the sections that are
 identical, or that have the minor modification changing the word
 ``Program'' to ``Library.''
 First, LGPLv2.1~\S1, the rules for verbatim copying of source, are
 equivalent to those in GPLv2~\S1.
 Second, LGPLv2.1~\S8 is equivalent GPLv2~\S4\@. In both licenses, this
 section handles termination in precisely the same manner.
 LGPLv2.1~\S9 is equivalent to GPLv2~\S5\@. Both sections assert that
 the license is a copyright license, and handle the acceptance of those
 copyright terms.
 LGPLv2.1~\S10 is equivalent to GPLv2~\S6. They both protect the
 distribution system of Free Software under these licenses, to ensure that
 up, down, and throughout the distribution chain, each recipient of the
 software receives identical rights under the license and no other
 restrictions are imposed.
 LGPLv2.1~\S11 is GPLv2~\S7. As discussed, it is used to ensure that
 other claims and legal realities, such as patent licenses and court
 judgments, do not trump the rights and permissions granted by these
 licenses, and requires that distribution be halted if such a trump is
 known to exist.
 LGPLv2.1~\S12 adds the same features as GPLv2~\S8. These sections are
 used to allow original copyright holders to forbid distribution in
 countries with draconian laws that would otherwise contradict these
 licenses.
 LGPLv2.1~\S13 sets up the FSF as the steward of the LGPL, just as GPLv2~\S9
 does for GPL. Meanwhile, LGPLv2.1~\S14 reminds licensees that copyright
 holders can grant exceptions to the terms of LGPL, just as GPLv2~\S10
 reminds licensees of the same thing.
 Finally, the assertions of no warranty and limitations of liability are
 identical; thus LGPLv2.1~\S15 and LGPLv2.1~\S16 are the same as GPLv2~\S11 and \S
 .
 As we see, the entire latter half of the license is identical.
 The parts which set up the legal boundaries and meta-rules for the license
 are the same. It is our intent that the two licenses operate under the
 same legal mechanisms and are enforced precisely the same way.
 We strike a difference only in the early portions of the license.
 Namely, in the LGPL we go into deeper detail of granting various permissions to
 create derivative works, so the re-distributors can make
 some proprietary derivatives. Since we simply do not allow the
 license to stretch as far as copyright law does regarding what
 derivative works must be relicensed under the same terms, we must go
 further to explain which derivative works we will allow to be
 proprietary. Thus, we'll see that the front matter of the LGPL is a
 bit more wordy and detailed with regards to the permissions granted to
 those who modify or redistribute the software.
 \section{Additions to the Preamble}
 Most of the LGPL's Preamble is identical, but the last seven paragraphs
 introduce the concepts and reasoning behind creation of the license,
 presenting a more generalized and briefer version of the story with which
 we began our consideration of the LGPL\@.
 In short, FSF designed the LGPL for those edge cases where the freedom of the
 public can better be served by a more lax licensing system. FSF doesn't
 encourage use of the LGPL automatically for any software that happens to be a
 library; rather, FSF suggests that it only be used in specific cases, such
 as the following:
 \begin{itemize}
 \item To encourage the widest possible use of a Free Software library, so
   it becomes a de-facto standard over similar, although not
   interface-identical, proprietary alternatives
 \item To encourage use of a Free Software library that already has
   interface-identical proprietary competitors that are more developed
 \item To allow a greater number of users to get freedom, by encouraging
   proprietary companies to pick a Free alternative for its otherwise
   proprietary products
 \end{itemize}
 The LGPL's preamble sets forth the limits to which the license seeks to go in
 chasing these goals. The LGPL is designed to ensure that users who happen to
 acquire software linked with such libraries have full freedoms with
 respect to that library. They should have the ability to upgrade to a newer
 or modified Free version or to make their own modifications, even if they
 cannot modify the primary software program that links to that library.
 Finally, the preamble introduces two terms used throughout the license to
 clarify between the different types of derivative works: ``works that use
 the library,'' and ``works based on the library.''  Unlike the GPL, the LGPL must
 draw some lines regarding derivative works. We do this here in this
 license because we specifically seek to liberalize the rights afforded to
 those who make derivative works. In the GPL, we reach as far as copyright law
 allows. In the LGPL, we want to draw a line that allows some derivative works
 copyright law would otherwise prohibit if the copyright holder exercised
 his full permitted controls over the work.
 \section{An Application: A Work that Uses the Library}
 In the effort to allow certain proprietary derivative works and prohibit
 others, the LGPL distinguishes between two classes of derivative works:
 ``works based on the library,'' and ``works that use the library.''  The
 distinction is drawn on the bright line of binary (or runtime) derivative
 works and source code derivatives. We will first consider the definition
 of a ``work that uses the library,'' which is set forth in LGPLv2.1~\S5.
 We noted in our discussion of GPLv2~\S3 (discussed in
 Section~\ref{GPLv2s3} of this document) that binary programs when
 compiled and linked with GPL'd software are derivative works of that GPL'd
 software. This includes both linking that happens at compile-time (when
 the binary is created) or at runtime (when the binary -- including library
 and main program both -- is loaded into memory by the user). In GPL,
 binary derivative works are controlled by the terms of the license (in GPLv2~\S3),
 and distributors of such binary derivatives must release full
 corresponding source\@.
 In the case of LGPL, these are precisely the types of derivative works
 we wish to permit. This scenario, defined in LGPL as ``a work that uses
 the library,'' works as follows:
 \newcommand{\workl}{$\mathcal{L}$}
 \newcommand{\lplusi}{$\mathcal{L\!\!+\!\!I}$}
 \begin{itemize}
 \item A new copyright holder creates a separate and independent work,
   \worki{}, that makes interface calls (e.g., function calls) to the
   LGPL'd work, called \workl{}, whose copyright is held by some other
   party. Note that since \worki{} and \workl{} are separate and
   independent works, there is no copyright obligation on this new copyright
   holder with regard to the licensing of \worki{}, at least with regard to
   the source code.
 \item The new copyright holder, for her software to be useful, realizes
   that it cannot run without combining \worki{} and \workl{}.
   Specifically, when she creates a running binary program, that running
   binary must be a derivative work, called \lplusi{}, that the user can
   run.
 \item Since \lplusi{} is a derivative work of both \worki{} and \workl{},
   the license of \workl{} (the LGPL) can put restrictions on the license
   of \lplusi{}. In fact, this is what the LGPL does.
 \end{itemize}
 We will talk about the specific restrictions LGPLv2.1 places on ``works
 that use the library'' in detail in Section~\ref{lgpl-section-6}. For
 now, focus on the logic related to how the LGPLv2.1 places requirements on
 the license of \lplusi{}. Note, first of all, the similarity between
 this explanation and that in Section~\ref{separate-and-independent},
 which discussed the combination of otherwise separate and independent
 works with GPL'd code. Effectively, what LGPLv2.1 does is say that when a
 new work is otherwise separate and independent, but has interface
 calls out to an LGPL'd library, then it is considered a ``work that
 uses the library.''
 In addition, the only reason that LGPLv2.1 has any control over the licensing
 of a ``work that uses the library'' is for the same reason that GPL has
 some say over separate and independent works. Namely, such controls exist
 because the {\em binary combination\/} (\lplusi{}) that must be created to
 make the separate work (\worki{}) at all useful is a derivative work of
 the LGPLv2.1'd software (\workl{}).
 Thus, a two-question test that will help indicate if a particular work is
 a ``work that uses the library'' under LGPLv2.1 is as follows:
 \begin{enumerate}
 \item Is the source code of the new copyrighted work, \worki{}, a
   completely independent work that stands by itself, and includes no
   source code from \workl{}?
 \item When the source code is compiled, does it create a derivative work
   by combining with \workl{}, either by static (compile-time) or dynamic
   (runtime) linking, to create a new binary work, \lplusi{}?
 \end{enumerate}
 If the answers to both questions are ``yes,'' then \worki{} is most likely
 a ``work that uses the library.''  If the answer to the first question
 ``yes,'' but the answer to the second question is ``no,'' then most likely
 \worki{} is neither a ``work that uses the library'' nor a ``work based on
 the library.''  If the answer to the first question is ``no,'' but the
 answer to the second question is ``yes,'' then an investigation into
 whether or not \worki{} is in fact a ``work based on the library'' is
 warranted.
 \section{The Library, and Works Based On It}
 In short, a ``work based on the library'' could be defined as any
 derivative work of LGPL'd software that cannot otherwise fit the
 definition of a ``work that uses the library.''  A ``work based on the
 library'' extends the full width and depth of copyright derivative works,
 in the same sense that the GPL does.
 Most typically, one creates a ``work based on the library'' by directly
 modifying the source of the library. Such a work could also be created by
 tightly integrating new software with the library. The lines are no doubt
 fuzzy, just as they are with GPL'd works, since copyright law gives us no
 litmus test for derivative works of a software program.
 Thus, the test to use when considering whether something is a ``work
 based on the library'' is as follows:
 \begin{enumerate}
 \item Is the new work, when in source form, a derivative work under
   copyright law of the LGPL'd work?
 \item Is there no way in which the new work fits the definition of a
   ``work that uses the library''?
 \end{enumerate}
 If the answer is ``yes'' to both these questions, then you most likely
 have a ``work based on the library.''  If the answer is ``no'' to the
 first but ``yes'' to the second, you are in a gray area between ``work
 based on the library'' and a ``work that uses the library.''
 In our years of work with the LGPLv2.1, however, we have never seen a work
 of software that was not clearly one or the other; the line is quite
 bright. At times, though, we have seen cases where a derivative work
 appeared in some ways to be a work that used the library and in other
 ways a work based on the library. We overcame this problem by
 dividing the work into smaller subunits. It was soon discovered that
 what we actually had were three distinct components: the original
 LGPL'd work, a specific set of works that used that library, and a
 specific set of works that were based on the library. Once such
 distinctions are established, the licensing for each component can be
 considered independently and the LGPLv2.1 applied to each work as
 prescribed.
 \section{Subtleties in Defining the Application}
 In our discussion of the definition of ``works that use the library,'' we
 left out a few more complex details that relate to lower-level programming
 details. The fourth paragraph of LGPLv2.1~\S5 covers these complexities,
 and it has been a source of great confusion. Part of the confusion comes
 because a deep understanding of how compiler programs work is nearly
 mandatory to grasp the subtle nature of what LGPLv2.1~\S5, \P 4 seeks to
 cover. It helps some to note that this is a border case that we cover in
 the license only so that when such a border case is hit, the implications
 of using the LGPL continue in the expected way.
 To understand this subtle point, we must recall the way that a compiler
 operates. The compiler first generates object code, which are the binary
 representations of various programming modules. Each of those modules is
 usually not useful by itself; it becomes useful to a user of a full program
 when those modules are {\em linked\/} into a full binary executable.
 As we have discussed, the assembly of modules can happen at compile-time
 or at runtime. Legally, there is no distinction between the two --- both
 create a derivative work by copying and combining portions of one work and
 mixing them with another. However, under LGPL, there is a case in the
 compilation process where the legal implications are different.
 Specifically, while we know that a ``work that uses the library'' is one
 whose final binary is a derivative work, but whose source is not, there
 are cases where the object code --- that intermediate step between source
 and final binary --- is a derivative work created by copying verbatim code
 from the LGPL'd software.
 For efficiency, when a compiler turns source code into object code, it
 sometimes places literal portions of the copyrighted library code into the
 object code for an otherwise separate independent work. In the normal
 scenario, the derivative would not be created until final assembly and
 linking of the executable occurred. However, when the compiler does this
 efficiency optimization, at the intermediate object code step, a
 derivative work is created.
 LGPLv2.1~\S5\P4 is designed to handle this specific case. The intent of
 the license is clearly that simply compiling software to ``make use'' of
 the library does not in itself cause the compiled work to be a ``work
 based on the library.''  However, since the compiler copies verbatim,
 copyrighted portions of the library into the object code for the otherwise
 separate and independent work, it would actually cause that object file to be a
 ``work based on the library.''  It is not FSF's intent that a mere
 compilation idiosyncrasy would change the requirements on the users of the
 LGPLv2.1'd software. This paragraph removes that restriction, allowing the
 implications of the license to be the same regardless of the specific
 mechanisms the compiler uses underneath to create the ``work that uses the
 library.''
 As it turns out, we have only once had anyone worry about this specific
 idiosyncrasy, because that particular vendor wanted to ship object code
 (rather than final binaries) to their customers and was worried about
 this edge condition. The intent of clarifying this edge condition is
 primarily to quell the worries of software engineers who understand the
 level of verbatim code copying that a compiler often does, and to help
 them understand that the full implications of LGPLv2.1 are the same regardless
 of the details of the compilation progress.
 \section{LGPLv2.1~\S6 \& LGPLv2.1~\S5: Combining the Works}
 \label{lgpl-section-6}
 Now that we have established a good working definition of works that
 ``use'' and works that ``are based on'' the library, we will consider the
 rules for distributing these two different works.
 The rules for distributing ``works that use the library'' are covered in
 LGPLv2.1~\S6\@. LGPLv2.1~\S6 is much like GPLv2~\S3, as it requires the release
 of source when a binary version of the LGPL'd software is released. Of
 course, it only requires that source code for the library itself be made
 available. The work that ``uses'' the library need not be provided in
 source form. However, there are also conditions in LGPLv2.1~\S6 to make sure
 that a user who wishes to modify or update the library can do so.
 LGPLv2.1~\S6 lists five choices with regard to supplying library source
 and granting the freedom to modify that library source to users. We
 will first consider the option given by \S~6(b), which describes the
 most common way currently used for LGPLv2.1 compliance on a ``work that
 uses the library.''
 LGPLv2.1~\S6(b) allows the distributor of a ``work that uses the library'' to
 simply use a dynamically linked, shared library mechanism to link with the
 library. This is by far the easiest and most straightforward option for
 distribution. In this case, the executable of the work that uses the
 library will contain only the ``stub code'' that is put in place by the
 shared library mechanism, and at runtime the executable will combine with
 the shared version of the library already resident on the user's computer.
 If such a mechanism is used, it must allow the user to upgrade and
 replace the library with interface-compatible versions and still be able
 to use the ``work that uses the library.''  However, all modern shared
 library mechanisms function as such, and thus LGPLv2.1~\S6(b) is the simplest
 option, since it does not even require that the distributor of the ``work
 based on the library'' ship copies of the library itself.
 LGPLv2.1~\S6(a) is the option to use when, for some reason, a shared library
 mechanism cannot be used. It requires that the source for the library be
 included, in the typical GPL fashion, but it also has a requirement beyond
 that. The user must be able to exercise her freedom to modify the library
 to its fullest extent, and that means recombining it with the ``work based
 on the library.''  If the full binary is linked without a shared library
 mechanism, the user must have available the object code for the ``work
 based on the library,'' so that the user can relink the application and
 build a new binary.
 The remaining options in LGPLv2.1~\S6 are very similar to the other choices
 provided by GPLv2~\S3. There are some additional options, but time does
 not permit us in this course to go into those additional options. In
 almost all cases of distribution under LGPL, either LGPLv2.1~\S6(a) or LGPLv2.1~\S6(b) are
 exercised.
 \section{Distribution of the Combined Works}
 Essentially, ``works based on the library'' must be distributed under the
 same conditions as works under full GPL\@. In fact, we note that
 LGPLv2.1~\S2 is nearly identical in its terms and requirements to GPLv2~\S2.
 There are again subtle differences and additions, which time does not
 permit us to cover in this course.
 \section{And the Rest}
 The remaining variations between the LGPL and the GPL cover the following
 conditions:
 \begin{itemize}
 \item Allowing a licensing ``upgrade'' from the LGPL to the GPL\@ (in LGPLv2.1~\S3)
 \item Binary distribution of the library only, covered in LGPLv2.1~\S4,
   which is effectively equivalent to LGPLv2.1~\S3
 \item Creating aggregates of libraries that are not derivative works of
   each other, and distributing them as a unit (in LGPLv2.1~\S7)
 \end{itemize}
 Due to time constraints, we cannot cover these additional terms in detail,
 but they are mostly straightforward. The key to understanding LGPLv2.1 is
 understanding the difference between a ``work based on the library'' and a
 ``work that uses the library.''  Once that distinction is clear, the
 remainder of LGPLv2.1 is close enough to GPL that the concepts discussed in
 our more extensive GPL unit can be directly applied.
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \chapter{Integrating the GPL into Business Practices}
 Since GPL'd software is now extremely prevalent through the industry, it
 is useful to have some basic knowledge about using GPL'd software in
 business and how to build business models around GPL'd software.
 \section{Using GPL'd Software In-House}
 As discussed in Sections~\ref{GPLv2s0} and~\ref{GPLv2s5} of this tutorial,
 the GPL only governs the activities of copying, modifying and
 distributing software programs that are not governed by the license.
 Thus, in FSF's view, simply installing the software on a machine and
 using it is not controlled or limited in any way by the GPL\@. Using Free
 Software in general requires substantially fewer agreements and less
 license compliance activity than any known proprietary software.
 Even if a company engages heavily in copying the software throughout the
 enterprise, such copying is not only permitted by GPLv2~\S\S1 and 3, but it is
 encouraged!  If the company simply deploys unmodified (or even modified)
 Free Software throughout the organization for its employees to use, the
 obligations under the license are very minimal. Using Free Software has a
 substantially lower cost of ownership --- both in licensing fees and in
 licensing checking and handling -- than the proprietary software
 equivalents.
 \section{Business Models}
 \label{Business Models}
 Using Free Software in house is certainly helpful, but a thriving
 market for Free Software-oriented business models also exists. There is the
 traditional model of selling copies of Free Software distributions.
 Many companies make substantial revenue
 from this model. Some choose this model because they have
 found that for higher-end hardware, the cost of the profit made from
 proprietary software licensing fees is negligible. The real profit is
 in the hardware, but it is essential that software be stable, reliable
 and dependable, and the users be allowed to have unfettered access to
 it. Free Software, and GPL'd software in particular (because IBM can
 be assured that proprietary versions of the same software will not
 exist to compete on their hardware) is the right choice.
 For example, charging a ``convenience fee'' for Free Software,
 when set at a reasonable price (around \$60 or so), can produce some
 profit. Even though Red Hat's system is fully downloadable on their
 Web site, people still go to local computer stores and buy copies of their
 box set, which is simply a printed version of the manual (available under
 a Free license as well) and the Free Software system it documents.
 \medskip
 However, custom support, service, and software improvement contracts
 are the most widely used models for GPL'd software. The GPL is
 central to their success, because it ensures that the code base
 remains common, and that large and small companies are on equal
 footing for access to the technology. Consider, for example, the GNU
 Compiler Collection (GCC). Cygnus Solutions, a company started in the
 early 1990s, was able to grow steadily simply by providing services
 for GCC --- mostly consisting of new ports of GCC to different or new,
 embedded targets. Eventually, Cygnus was so successful that
 it was purchased by Red Hat where it remains a profitable division.
 However, there are very small companies that compete in
 this space. Because the code-base is protect by the GPL, it creates and
 demands industry trust. Companies can cooperate on the software and
 improve it for everyone. Meanwhile, companies who rely on GCC for their
 work are happy to pay for improvements, and for ports to new target
 platforms. Nearly all the changes fold back into the standard
 versions, and those forks that exist remain freely available.
 \medskip
 \label{Proprietary Relicensing}
 A final common business model that is perhaps the most controversial is
 proprietary relicensing of a GPL'd code base. This is only an option for
 software in which a particular entity is the sole copyright holder. As
 discussed earlier in this tutorial, a copyright holder is permitted under
 copyright law to license a software system under her copyright as many
 different ways as she likes to as many different parties as she wishes.
 Some companies use this to their
 financial advantage with regard to a GPL'd code base. The standard
 version is available from the company under the terms of the GPL\@.
 However, parties can purchase separate proprietary software licensing for
 a fee.
 This business model is at best problematic and at worst predatory because it means that the GPL'd code
 base must be developed in a somewhat monolithic way, because volunteer
 Free Software developers may be reluctant to assign their copyrights to
 the company because it will not promise to always and forever license the
 software as Free Software. Indeed, the company will surely use such code
 contributions in proprietary versions licensed for fees.
 \section{Ongoing Compliance}
 GPL compliance is in fact a very simple matter --- much simpler than
 typical proprietary software agreements and EULAs. Usually, the most
 difficult hurdle is changing from a proprietary software mindset to one
 that seeks to foster a community of sharing and mutual support. Certainly
 complying with the GPL from a users' perspective gives substantially fewer
 headaches than proprietary license compliance.
 For those who go into the business of distributing {\em modified}
 versions of GPL'd software, the burden is a bit higher, but not by
 much. The glib answer is that by releasing the whole product as Free
 Software, it is always easy to comply with the GPL. However,
 admittedly to the dismay of FSF, many modern and complex software
 systems are built using both proprietary and GPL'd components that are
 not legally derivative works of each other. Sometimes, it is easier simply to
 improve existing GPL'd application than to start from scratch. In
 exchange for that benefit, the license requires that the modifier give
 back to the commons that made the work easier in the first place. It is a
 reasonable trade-off and a way to help build a better world while also
 making a profit.
 Note that FSF does provide services to assist companies who need
 assistance in complying with the GPL. You can contact FSF's GPL
 Compliance Labs at $<$licensing@fsf.org$>$.
 %FIXME-LATER: should have \tutorialpart
 If you are particularly interested in matters of GPL compliance, we
 recommend the next two parts, which include both recommendations on good
 compliance and compliance case studies.
 % =====================================================================
 % END OF FIRST DAY SEMINAR SECTION
 % =====================================================================
 %%  LocalWords:  Sebro Novalis Ravicher GPLv GPL'd copylefted LGPLv OSI USC
 %%  LocalWords:  noncommercially counterintuitive Berne copyrightable DRM UC
 %%  LocalWords:  proprietarize proprietarization Stallman's Tridgell's RMS
 %%  LocalWords:  Lessig Lessig's Stallman Proto GPLs proto Tai pre GPL's ful
 %%  LocalWords:  legalbol AGPLv Runtime licensor licensors relicense UCITA
 %%  LocalWords:  unprotectable Intl nd th Kepner Tregoe Bando Indust Mitel
 %%  LocalWords:  Iqtel Bateman Mitek Arce protectable hoc faire de minimis
 %%  LocalWords:  Borland Int'l uncopyrightable LLC APIs Ent Connectix DVD's
 %%  LocalWords:  redistributor diachronic unshared subpart redistributors
 %%  LocalWords:  CDs userbase reshifts licensor's distributee impliedly Mgmt
 %%  LocalWords:  patentee  relicenses irrevocability Jacobsen Katzer TRW CCS
 %%  LocalWords:  Unfreedonia administrivia Relicensing impermissibly centric
 %%  LocalWords:  permissibility firehose bytecode minified Javascript DLLs
 %%  LocalWords:  preprocessors functionalities offsite sublicensing DMCA CFR
 %%  LocalWords:  anticircumvention WIPO BitTorrent multidirectional Magnuson
 %%  LocalWords:  subdefinition Dryvit Stroebner Tandy TRS superset LGPL SLES
 %%  LocalWords:  cryptographic relicensing removability sublicensed Novell
 %%  LocalWords:  anticompetitive administrability sublicensable licensable
 %%  LocalWords:  sublicense sublicensees sublicenses affixation Novell's
 %%  LocalWords:  severability Affero LGPL'd lingua franca glibc facto LGPL's
 %%  LocalWords:  relicensed runtime subunits relink downloadable MontaVista
 %%  LocalWords:  CodeSourcery OpenTV MySQL TrollTech

0 comments (0 inline, 0 general)