{% extends "base_compliance.html" %}

{% block subtitle %}Copyleft Compliance Projects - {% endblock %}

{% block submenuselection %}AboutCompliance{% endblock %}

{% block content %}

<h1 id="ourwork">Conservancy's Copyleft Compliance Projects</h1>

<p>As existing donors and supporters know, the Software Freedom Conservancy

  is a 501(c)(3) non-profit charity registered in New York, and Conservancy

  helps people take control of their computing by growing the software

  freedom movement, supporting community-driven alternatives to proprietary

  software, and defending free software with practical initiatives.

  Conservancy accomplishes these goals with various initiatives, including

  defending and upholding the rights of software users and consumers under

  copyleft licenses, such as the GPL.</p>

<p>Free and open source software (FOSS) is everywhere and in everything; yet

our software freedom is constantly eroded.  With the help of its

volunteers, <a href="/members/current/">member projects</a>,

and <a href="/about/staff/">staff</a>, Conservancy stands up for users'

software freedom via its copyleft compliance work.</p>

<p>Conservancy's primary work in copyleft compliance currently focuses on

our <a href="/copyleft-compliance/enforcement-strategy.html">Strategic GPL

Enforcement Initiative</a>.  This initiative, launched in August 2020,

represents the culmination of nearly 15 years of compliance work of

Conservancy spanning ten different fiscally sponsored projects, past lawsuits

against more than a dozen defendants, and hundreds of non-litigation

compliance actions.</p>

<p>For these many years, Conservancy has always given the benefit of the

  doubt to companies who exploited our good nature and ultimately simply

  ignore the rights of users and consumers.  In that time, the compliance

  industrial complex has risen to a multi-million-dollar industry —

  selling (mostly proprietary) products, services, and consulting to

  companies.  Yet, these compliance efforts ignore consistently the most

  essential promise of copyleft — the complete, Corresponding Source

  and "the scripts used to control compilation and installation of the

  executable".</p>

<p>We encourage our supporters and software freedom enthusiasts everywhere to

  <a href="/copyleft-compliance/enforcement-strategy.html">read our detailed

  strategic plan for GPL enforcement</a> and its companion

    Firmware Liberation Project</a>.</p>

<h2 id="projects">Compliance Relationship to Fiscally Sponsored Projects</h2>

<p>Historically, Conservancy was well-known for its ongoing license

compliance efforts on behalf of its BusyBox member project.  Today,

Conservancy does semi-regular compliance work for its BusyBox, Git, Inkscape,

Mercurial, Samba, QEMU and Wine member projects.  If you are a copyright

holder in any member project of Conservancy, please contact the project's

leadership committtee,

via <a href="mailto:PROJECTNAME@sfconservancy.org">&lt;PROJECTNAME@sfconservancy.org&gt;</a>

for more information on getting involved in compliance efforts in that

project.

</p>

<h2 id="linux">GPL Compliance Project For Linux Developers</h2>

<p>In May

2012, <a href="/news/2012/may/29/compliance/">Conservancy

launched</a> the <cite>GPL

Compliance Project for Linux Developers</cite>, which handles compliance and

enforcement activities on behalf of more than a dozen Linux copyright

holders.</p>

<p>The GPL Compliance Project for Linux Developers is comprised of copyright

holders in the kernel, Linux, who have contributed to Linux under its

license, <a href="http://www.gnu.org/licenses/gpl-2.0.html">the

GPLv2</a>. These copyright holders have formally asked Conservancy to engage

in compliance efforts for their copyrights in the Linux kernel.  In addition,

some developers have directly assigned their copyrights on Linux to Conservancy,

so Conservancy also enforces the GPL on Linux via its own copyrights in Linux.</p>

<p>Linux copyright holders who wish to assign copyright to or sign an enforcement agreement with

Conservancy should

  contact <a href="mailto:linux-services@sfconservancy.org">&lt;linux-services@sfconservancy.org&gt;</a>.

  In 2016,

  Conservancy <a href="/news/2016/nov/03/linux-compliance-agreements/">made

    public the template agreements used as part of this project</a>; both the

  <a href="/docs/blank_linux-enforcement-agreement.pdf">non-anonymous</a> and

  <a href="/docs/blank_anonymous-linux-enforcement-agreement.pdf">anonymous</a>

  versions are available.  However, please <strong>do not</strong> sign these

  unilaterally without contacting and discussing

  with <a href="mailto:linux-services@sfconservancy.org">&lt;linux-services@sfconservancy.org&gt;</a>

  first.</p>

<h2 id="debian">The Debian Copyright Aggregation Project</h2>

<p>In August 2015, <a href="/news/2015/aug/17/debian/">Conservancy announced the Debian Copyright Aggregation

Project</a>.  This project allows Debian contributors to assign copyrights to

Conservancy, or sign enforcement agreements allowing Conservancy to enforce

Free and Open Source (FOSS) licenses on their behalf.  Many Debian contributors

have chosen each of these options already, and more continue to join.</p>

<p>Debian contributors who wish to assign copyright to or sign an enforcement agreement with

Conservancy should contact <a href="mailto:debian-services@sfconservancy.org">&lt;debian-services@sfconservancy.org&gt;</a>.</p>

<h2 id="commitment">Conservancy's Commitment to Copyleft License Compliance</h2>

<p>Conservancy is dedicated to encouraging all users of software to comply

  with Free Software licenses. Toward this goal, in its compliance efforts,

  Conservancy helps distributors of Free Software in a friendly spirit of

  cooperation and participation.  In this spirit, Conservancy has co-published,

  with the Free Software Foundation (FSF), <a href="/copyleft-compliance/principles.html">the principles that both organizations

  follow in their compliance efforts</a>.

  Also in collaboration with the FSF, Conservancy also sponsors

  the <a href="https://copyleft.org/guide/"><cite>Copyleft and the GNU

  General Public License:A Comprehensive Tutorial and Guide</cite></a>,

  which <a href="/news/2014/nov/07/copyleft-org/">formally

  launched in fall 2014</a>.  The Guide includes tutorial materials about

  copyleft and compliance with copyleft licenses,

  including <a href="https://copyleft.org/guide/comprehensive-gpl-guidepa2.html"><cite>A

  Practical Guide to GPL Compliance</cite></a>.  The materials

  on <a href="https://copyleft.org/">copyleft.org</a> have been developed and

  improved since 2002, and are themselves copylefted, and developed

  collaboratively in public.</p>

<p>However, the Guide is admittedly a large document, so for those who are

  interested in a short summary of describing how Conservancy handles GPL

  enforcement and compliance

  work, <a href="/blog/2012/feb/01/gpl-enforcement/">this blog post outlining

  the compliance process</a> is likely the best source.</p>

<h2 id="reporting">Reporting GPL Violations To Us</h2>

<p>If you are aware of a license violation or compliance issue regarding

  Debian, Linux, or any <a href="/members/current/">Conservancy member

  project</a> (&mdash; in particular BusyBox, Git, Inkscape, Mercurial,

  Samba, Sugar Labs, or Wine),

  please <a href="mailto:compliance@sfconservancy.org">contact us by email at

  &lt;compliance@sfconservancy.org&gt;</a>.</p>

<!--- FIXME: bkuhn is rewriting this blog post fresh the weekend of --

      2020-07-18 so we need not link to ebb.org anymore when we roll out

      these changes --> 

<p>If you think you've found a GPL violation, we encourage you to

{% extends "base_compliance.html" %}

{% block subtitle %}Copyleft Compliance Projects - {% endblock %}

{% block submenuselection %}EnforcementStrategy{% endblock %}

{% block content %}

<h1 id="strategic-gpl-enforcement-initiative">The Strategic GPL Enforcement Initiative</h1>

<p>As existing donors and supporters know, the Software Freedom Conservancy

  is a 501(c)(3) non-profit charity registered in New York, and Conservancy

  helps people take control of their computing by growing the software

  freedom movement, supporting community-driven alternatives to proprietary

  software, and defending free software with practical initiatives.

  Conservancy accomplishes these goals with various initiatives, including

  defending and upholding the rights of software users and consumers under

  copyleft licenses, such as the GPL.</p>

<h2 id="brief-history-of-user-focused-gpl-enforcement">Brief History of

  User-Focused GPL Enforcement</h2>

<p>The spring of 2003 was a watershed moment for software freedom on

  electronic devices. 802.11 wireless technology had finally reached the

  mainstream, and wireless routers for home use had flooded the market

  earlier in the year. By June

  2003, <a href="https://hardware.slashdot.org/story/03/06/08/1749217/is-linksys-violating-the-GPL">the

  general public knew that Linksys (a division of Cisco) was violating the

  GPL</a> on their WRT54G model wireless routers. Hobbyists discovered

  (rather easily) that Linux and BusyBox were included in the router, but

  Linksys and Cisco had failed to provide source code or any offer for source

  code to its customers.</p>

<p>A coalition formed made up of organizations and individuals — including

  Erik Andersen (major contributor to and former leader of the BusyBox

  project) and Harald Welte (major contributor to Linux’s netfilter

  subsystem) — to enforce the

  GPL. <a href="https://sfconservancy.org/about/staff/#bkuhn">Bradley

  M. Kuhn</a>, who is now Conservancy’s Policy Analyst and

  Hacker-in-Residence, led and coordinated that coalition (when he was

  Executive Director of the FSF). By early 2004, this coalition, through the

  process of GPL enforcement, compelled Linksys to release an

  almost-GPL-compliant source release for the

  WRT54G. A <a href="https://openwrt.org/about/history">group of volunteers

  quickly built a new project, called OpenWRT</a> based on that source

  release. In the years that have followed, OpenWRT has been ported to almost

  every major wireless router product.  Now, more than 15 years later, the

  OpenWRT project routinely utilizes GPL source releases to build, improve

  and port OpenWRT.  The project has also joined coalitions to fight the FCC

  to ensure that consumers have and deserve rights to install modified

  firmwares on their devices and that such hobbyist improvements are no

  threat to spectrum regulation.</p>

<p>Recently, OpenWRT decided to join Conservancy as one its member projects,

  and Conservancy has committed to long-term assistance to this project.</p>

<p>OpenWRT has spurred companies to create better routers and other wireless

  devices than they would otherwise have designed because they now need to

  either compete with hobbyists, or (better still) cooperate with them to

  create hardware that fully supports OpenWRT’s features and improvements

  (such as dealing

  with <a href="https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm">the

  dreaded “bufferbloat” bugs</a>). This interplay between the hobbyist

  community and for-profit ventures promotes innovation in

  technology. Without both permission <em>and</em> the ability to build and

  modify the software on their devices, the hobbyist community

  community, hobbyists are limited by the oft-arbitrary manufacturer-imposed

  restraints in the OEM firmware. OpenWRT saved the wireless router market

  from this disaster; we seek to help other embedded electronic subindustries

  avoid that fate. The authors of GPL’d software chose that license so its

  source is usable and readily available to hobbyists. It is our duty, as

  activists for the software freedom of hobbyists, to ensure these legally

  mandated rights are never curtailed.</p>

<p>(More on the OpenWRT project’s history and its connection to GPL

  enforcement can be found

  in <a href="https://www.youtube.com/watch?v=r4lCMx-EI1s">Kuhn’s talk

    at <em>OpenWRT Summit 2016</em></a>.)</p>

<p>Conservancy has had substantial success in leveraging more device freedom

  in other subindustries through GPL compliance. In 2009, Conservancy, with

  co-Plaintiff Erik Andersen, sued fourteen defendants in federal court under

  copyright claims on behalf of its BusyBox member project. Conservancy was

  able to achieve compliance for the BusyBox project in all fourteen

  cases. Most notably, the GPL-compliant source release obtained in the

  lawsuit for certain Samsung televisions provided the basis for

  the <a href="https://www.samygo.tv/">SamyGo project</a> — an alternative

  firmware that works on that era of Samsung televisions and allows consumers

  to modify and upgrade their firmware using FOSS.</p>

<p>Harald Welte also continued his efforts during the early and mid-2000s,

  after the Linksys enforcement, through

  his <a href="https://gpl-violations.org/">gpl-violations.org

    project</a>. Harald successfully sued many companies (mostly in the

  wireless router industry) in Germany to achieve compliance and yield source

  releases that helped OpenWRT during that period.</p>

<h2 id="importance-of-linux-enforcement-specifically">Importance of Linux Enforcement Specifically</h2>

<p>In recent years, embedded systems technology has expanded beyond wireless

  routers to so-called “Internet of Things” (IoT) devices designed for

  connectivity with other devices in the home and to the “Cloud”. Consumer

  electronics companies now feature and differentiate products based on

  Internet connectivity and related services. Conservancy has seen

  Linux-based firmwares on refrigerators, baby monitors, virtual assistants,

  soundbars, doorbells, home security cameras, police body cameras, cars, AV

  receivers, and televisions.</p>

<p>This wide deployment of general purpose computers into

  mundane household devices raises profound privacy and consumer rights

  implications. <a href="https://www.nytimes.com/2019/12/15/us/Hacked-ring-home-security-cameras.html">Home</a> <a href="https://www.washingtonpost.com/technology/2019/01/23/family-says-hacked-nest-camera-warned-them-north-korean-missile-attack/">security</a> <a href="https://www.npr.org/sections/thetwo-way/2018/06/05/617196788/s-c-mom-says-baby-monitor-was-hacked-experts-say-many-devices-are-vulnerable">cameras</a> <a href="https://www.cnn.com/2019/12/12/tech/ring-security-camera-hacker-harassed-girl-trnd/index.html">are</a> <a href="https://abc7.com/baby-monitor-hack-leads-to-kidnap-scare/4931822/">routinely</a> <a href="https://www.bbc.com/news/av/uk-44117337/security-footage-viewed-by-thousands">compromised</a>

  — invading the privacy and security of individual homes. Even when

  companies succeed in keeping out third parties, consumers

  are <a href="https://www.theguardian.com/technology/2019/aug/29/ring-amazon-police-partnership-social-media-neighbor">pressured

  by camera makers</a> to automatically upload their videos to local

  police. Televisions

  routinely <a href="https://techcrunch.com/2019/01/07/vizio-settlement-moves-forward/">spy

  on consumers for the purposes of marketing and massive data

  collection</a>.</p>

<p>There is one overarching irony to this growing dystopia: nearly all these

  devices are based primarily on software licensed under the GPL: most

  notably, Linux. While Linux-based systems do allow proprietary user-space

  applications not licensed under GPL, the kernel and many other system

  utilities routinely used in embedded systems, such as Conservancy’s BusyBox

  project, are under that license (or similar copyleft licenses such as the

  LGPL). These licenses require device makers to provide complete,

  corresponding source code to everyone in possession of their

  devices. Furthermore, Linux’s specific license (GPL, version 2), mandates

  that source code must also include “the scripts used to control compilation

  and installation of the executable”. In short, the consumers must receive

  all the source code and the ability to modify, recompile and reinstall that

  software. Upholding of this core freedom for Linux made OpenWRT

  possible. We work to preserve (or, more often, restore) that software

  freedom for consumers of other types of electronic devices.</p>

<p>When devices are compliant with the GPL’s requirements, customers can

  individually or collectively take action against the surveillance and other

  predatory behavior perpetuated by the manufacturers of these devices by

  modifying and replacing the software. Hobbyists can aid their community by

  providing these alternatives. People with no technical background already

  replace firmware on their wireless routers with OpenWRT to both improve

  network performance and allay privacy concerns. Furthermore, older

  equipment is often saved from planned obsolescence by alternative

  solutions. E-recyclers

  like <a href="https://www.freegeek.org/">Freegeek</a> do this regularly for

  desktop and laptop machines with GNU/Linux distributions like Debian, and

  with OpenWRT for wireless routers. We seek to ensure they can do this for

  other types of electronic products. However, without the complete,

  corresponding source code, including the scripts to control its compilation and

  installation, the fundamental purpose of copyleft is frustrated. Consumers,

  hobbyists, non-profit e-recyclers and the general public are left without

  the necessary tools they need and deserve, and which the license promises

  them.</p>

<p>Additionally, copyleft compliance relates directly to significant

  generational educational opportunities. There are few easier ways to

  understand technology than to experiment with a device one already

  has. Historically, FOSS has succeeded because young hobbyists could

  examine, modify and experiment with software in their own devices. Those

  hobbyists became the professional embedded device developers of today!

  Theoretically, the advent of the “Internet of Things” — with its many

  devices that run Linux — <em>should</em> give opportunities for young

  hobbyists to quickly explore and improve the devices they depend on in

  their every day lives.  Yet, that’s rarely possible in reality.  To ensure

  that both current and future hobbyists can practically modify their

  Linux-based devices, we must enforce Linux’s license. With public awareness

  that their devices can be improved, the desire for learning will increase,

  and will embolden the curiosity of newcomers of all ages and

  backgrounds. The practical benefits of this virtuous cycle are immediately

  apparent. With technological experimentation, people are encouraged to try

  new things, learn how their devices work, and perhaps create whole new

  types of devices and technologies that no one has even dreamed of

  before.</p>

<p>IoT firmware should never rely on one vendor — even the vendor of the

  hardware itself. This centralized approach is brittle and inevitably leads

  to invasions of the public’s privacy and loss of control of their

  technology. Conservancy’s GPL enforcement work is part of the puzzle that

  ensures users can choose who their devices connect to, and how they

  connect. Everyone deserves control over their own computing — from their

  laptop to their television to their toaster. When the public can modify (or

  help others modify) the software on their devices, they choose the level of

  centralized control they are comfortable with. Currently, users with

  Linux-based devices usually don’t even realize what is possible with

  copyleft; Conservancy aims to show them.</p>

<h2 id="the-gpl-compliance-project-for-linux-developers">The GPL Compliance

  Project for Linux Developers</h2>

<p>In May 2012, Software Freedom Conservancy

  formed <a href="https://sfconservancy.org/copyleft-compliance/#linux">The GPL

    Compliance Project for Linux Developers</a> in response to frustration by

  upstream Linux developers about the prevalence of noncompliance in the

  field, and their desire to stand with Conservancy’s BusyBox, Git and Samba

  projects in demanding widespread GPL compliance. This coalition of Linux

  developers works with Conservancy to enforce the GPL for the rights of

  Linux users everywhere — particularly consumers who own electronic

  devices. We accept violation reports from the general public, and

  prioritize enforcement in those classes of devices where we believe that we

  can do the most good to help achieve GPL compliance that will increase

  software freedom for the maximum number of device users.</p>

<h2 id="the-need-for-litigation">The Need for Litigation</h2>

<p>While we still gain some success, we have found that the landscape of GPL

  compliance has changed in recent years. Historically, the true “bad actors”

  were rare. We found in the early days that mere education and basic

  supply-chain coordination assistance yielded compliance. We sought and

  often achieved goodwill in the industry via education-focused

  compliance.</p>

<p>Those tactics no longer succeed; the industry has taken advantage of that

  goodwill. After the BusyBox lawsuit settled, we observed a slow move toward

  intentional non-compliance throughout the embedded electronics

  industry. Companies use delay and “hardball” pre-litigation tactics to

  drain the limited resources available for enforcement, which we faced (for

  example) in <a href="/copyleft-compliance/vmware-lawsuit-links.html">the

  VMware violation</a>. While VMware ultimately complied with the GPL, they

  did so by reengineering the product and removing Linux from it — and only

  after the product was nearing end-of-life.</p>

<p>Conservancy has recently completed an evaluation of the industry’s use of

  Linux in embedded products. Our findings are disheartening and require

  action.  Across the entire industry, most major manufacturers almost flaunt

  their failure to comply with the GPL.  In our private negotiations,

  pursuant to

  our <a href="/copyleft-compliance/principles.html">Principles

  of Community-Oriented GPL Enforcement</a>, GPL violators stall, avoid,

  delay and generally refuse to comply with the GPL. Their disdain for the

  rights of their customers is often palpable.  Their attitude is almost

  universal: <q>if you think we’re really violating the GPL, then go ahead and

  sue us. Otherwise, you’re our lowest priority</q>.</p>

<h2 id="conservancys-plan-for-action">Conservancy’s Plan For Action</h2>

<p>Conservancy has a three-pronged plan for action: litigation, persistent

  non-litigation enforcement, and alternative firmware development.</p>

<h3 id="litigation">Litigation</h3>

<p>Conservancy has many violation matters that we have pursued during the

  last year where we expect compliance is impossible without litigation.  We

  are poised to select — from among the many violations in the embedded

  electronics space — a representative example and take action in USA courts

  against a violator who has failed to properly provide source code

  sufficient for consumers to rebuild and install Linux, and who still

  refuses to remedy that error after substantial friendly negotiation with

  Conservancy.</p>

<p>Our goal remains the same as in all matters: we want a source release that

  works, and we’ll end any litigation when the company fully complies on its

  products and makes a bona fide commitment to future compliance.</p>

<p>Conservancy, after years of analyzing its successes and failures of

  previous GPL compliance litigation, has developed — in conjunction with

  litigation counsel over the last year — new approaches to litigation

  strategy.  We believe this will bring to fruition the promise of copyleft:

  seek full control and modifiability of devices they own. With the benefit

  of this grant, Conservancy plans to accelerate these plans in 2020 and to

  keep the public informed at every stage of the process.</p>

<h3 id="persistent-non-litigation-enforcement">Persistent Non-Litigation Enforcement</h3>

<p>While we will seek damages to cover our reasonable costs of this work, we

  do not expect that any recovery in litigation can fully fund the broad base

  of work necessary to ensure compliance and the software freedom it brings.

  Conservancy is the primary charitable watchdog of GPL compliance for

  Linux-based devices.  We seek to use litigation as a tool in a broader

  course of action to continue our work in this regard.  We expect and

  welcome that the high profile nature of litigation will inspire more device

  owners to report violations to us. We expect we’ll learn about classes of

  devices we previously had no idea contained Linux, and we’ll begin our

  diligent and unrelenting work to achieve software freedom for the owners of

  those devices. We will also build more partnerships across the technology

  sector and consumer rights organizations to highlight the benefit of

  copyleft to not just hobbyists, but the entire general public.</p>

<h3 id="alternative-firmware-project">Alternative Firmware Project</h3>

<p>The success of the OpenWRT project, born from GPL enforcement, has an

  important component. While we’ve long hoped that volunteers, as they did

  with OpenWRT and SamyGo, will take up compliant sources obtained in our GPL

  enforcement efforts and build alternative firmware projects, history shows

  us that the creation of such projects is not guaranteed and exceedingly

  rare.</p>

<p>Traditionally, our community has relied exclusively on volunteers to take

  up this task, and financial investment only comes after volunteers have put

  in the unfunded work to make an MVP alternative firmware. While volunteer

  involvement remains essential to the success of alternative firmware

  projects, we know from our fiscal sponsorship work that certain aspects of

  FOSS projects require an experienced charity to initiate and jump-start

  some of the less exciting aspects of FOSS project creation and

  development.</p>

<p>Conservancy plans to select a specific class of device. Upon achieving

  compliant source releases in that subindustry through GPL enforcement,

  Conservancy will <a href="firmware-liberation.html">launch an alternative

  firmware project</a> for that class of device.</p>

{% endblock %}

{% extends "base_compliance.html" %}

{% block subtitle %}Copyleft Compliance Projects - {% endblock %}

{% block submenuselection %}EnforcementStrategy{% endblock %}

{% block content %}

<h1 id="software-freedom-conservancy-proposal-for-firmware-liberation-project">Firmware Liberation Project</h1>

system space.  For this product, Conservancy will launch, or assist, a

project that creates a functioning alternative firmware for those devices.

The promise of GPL enforcement is only realized through actual, practical use

<h2 id="gpl-enforcement-needs-follow-through">GPL Enforcement Needs Follow-Through</h2>

<p>Simply enforcing the GPL is an important first step, and Conservancy

  <a href="enforcement-strategy.html">continues our efforts in that

  regard</a>. However, We can

  replicate <a href="/copyleft-compliance/enforcement-strategy.html#brief-history-of-user-focused-gpl-enforcement">the

  success found with OpenWRT</a> <em>only by</em> a substantial

  effort <strong>after</strong> enforcement occurs to turn the compliant

  source release into a viable alternative firmware for the platform.</p>

<p>Conservancy has seen non-compliant Linux-based firmwares on refrigerators,

  baby monitors, virtual assistants, soundbars, doorbells, home security

  cameras, police body cameras, cars, AV receivers, and televisions.  We

  believe that building an alternative firmware for one of these classes of

  devices — or joining our work with an existing alternative firmware project

  that is struggling due to lack of sources available — will lead to

<h2 id="limited-success-of-alternative-hardware">Limited Success of

  Alternative Hardware</h2>

<p>Alternative hardware projects remain an essential component of small

  device freedom. Conservancy supports and engages with communities that seek

  to source and build IoT-style devices from the ground up. We’re excited to

  see deployable boards that allow Maker efforts to create new devices.</p>

<p>Nevertheless, we remain ever-cognizant that FOSS succeeded on servers,

  laptop, desktop, and wireless router computers <em>precisely</em> because

  users could buy commodity hardware at any store and install FOSS

  alternatives to the vendor-provided software.  Throughout the history of

  FOSS, most new users who seek to experience software freedom want to do so

  with their existing devices first.  Many don't even know much about the

  issues involved in software liberation <em>until they've already purchased

  hardware</em>.  Conservancy therefore believes support of alternative

  firmwares for such devices is paramount.</p>

<h3 id="demonstrating-the-power-of-software-freedom">Demonstrating the power

  of software freedom</h3>

<p>To many, the benefits of software freedom are abstract. For less technical

  users, the idea of modifying or even reviewing the software on their

  devices is wholly theoretical. For technical users, there is a limited time

  available to invest in the devices they use for their everyday

  lives. Bringing people together to take collective action for the control

  of their own technology is a powerful proposition that has rarely been

  demonstrated.</p>

<p>When alternative firmware projects like OpenWRT exist for IoT devices,

  non-technical users can replace the software on their devices and benefit

  from custom, community-controlled software. Technical users are more likely

  to contribute knowing their efforts will be meaningful.</p>

<p>However, decades of corporate involvement in copyleft have demonstrated

  that without an organized effort, control over one’s own software is purely

  theoretical, even when software has a copyleft license, and

  sometimes <em>even when</em> compliance with the copyleft license is

  acheived. Conservancy recognizes that there is a unique opportunity for

  charitable organizations to step in and change the power dynamic of the

  tech industry for consumers.</p>

<h2 id="conservancys-plan-for-action">Conservancy’s Plan For Action</h2>

<p>Conservancy seeks to fund work on liberating firmware for a specific

  device. This is accomplished with a two-prong approach: first, we will

  leverage increased interest and tendency toward GPL compliance throughout

  the embedded industry to more quickly achieve compliant source releases in

  a particular subindustry.</p>

<p>Second, depending on what subindustry (i.e., specific class of devices)

  seems most responsive to increased enforcement activity and willing to

  provide compliant source releases quickly, we will launch, coordinate and

  fund an alternative firmware project for that class, or, if appropriate,

  merge our efforts with an existing alternative firmware project for that

  class of device.</p>

<h2 id="leveraging-on-increased-enforcement">Leveraging on Increased

  Enforcement</h2>

<p><a href="enforcement-strategy.html">Conservancy already plans to select a

  specific violation and engage in litigation.</a> Based on past experience,

  we expect that the press and attention to that ongoing litigation will

  yield increased responsiveness by violators throughout the industry. (A

  similar outcome occurred after our BusyBox-related litigation in 2006.)

  This expected change in behavior will open opportunities to replicate the

  OpenWRT approach in another embedded electronic subindustry. Fast action

  will be necessary; most IoT products have an 18 month lifecycle, so we seek

  to quickly identify the right subindustry, gain compliance there, and move

  on to the next phase.</p>

<h3 id="funding-firmware-liberation">Funding Firmware Liberation</h3>

<p>While we’ve long hoped that volunteers would take up compliant sources

  obtained in our GPL enforcement efforts and build alternative firmware

  projects as they did with OpenWRT, history shows us that the creation of

  such projects is not guaranteed and exceedingly rare.</p>

<p>Traditionally, our community has relied exclusively on volunteers to take

  up this task, and financial investment only comes after volunteers have put

  in the unfunded work to make a Minimum Viable Product (MVP) liberated

  firmware. While volunteer involvement remains essential to the success of

  alternative firmware projects, we know from our fiscal sponsorship work

  that certain aspects of FOSS projects require an experienced charity to

  initiate and jump-start some of the less exciting aspects of FOSS project

  creation and development. (In our last fiscal year, Conservancy funded 160

  contributors to work on FOSS.)</p>

<p>In the initial phase of this grant, Conservancy will select a specific

  class of device. Upon achieving compliant source releases in that

  subindustry through GPL enforcement, Conservancy will launch an alternative

  firmware project for that class of device.</p>

<p>Conservancy will seek to fund the time of project leaders and