The Software Freedom Law Center (SFLC) took aim at 14 consumer electronics companies for violating GPL licensed products. This is the largest lawsuit of its kind ever filed. This lawsuit uses what Richard Stallman calls "tivoization" as its defense. Tivoization, if you recall from my post, "Does Linus Torvalds Hate Freedom?" involves the use of GPL licensed software with a product without allowing the user access to the source code and thereby preventing the user from changing that code--two very important stipulations of the GPL and in the definition of free software.
I also made the following observation in that same article:
It seems to me that manufacturers want the best of both worlds: They want to use something free but then want to turn around and violate the license by making it impossible for you to exercise that freedom. This is wrong. And I'm surprised that the FSF hasn't taken these manufacturers to task and to court over such practices.
I think that people have the false belief that free software, open source software and GPL software means that you don't have to abide by licensing terms. They feel that since the projects are community-contributed and allow a great deal of freedom that there are no restrictions or stipulation to which they must comply. This is clearly not the case.
Free does not mean free to abuse.
The stipulations are very clear. Any product derived from a GPL'd source must also provide the source code and allow that source code to be changed in any manner and for any purpose. And product means software or hardware. Though not explicitly covering hardware, it is implied.
To make this implication explicit, Stallman wrote the GPL version 3 to include hardware devices so that there is absolutely no question about the intention of the license and what it covers.
The suit is concerned with a project called BusyBox. The BusyBox project is self-described as:
BusyBox: The Swiss Army Knife of Embedded Linux
BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins; however, the options that are included provide the expected functionality and behave very much like their GNU counterparts. BusyBox provides a fairly complete environment for any small or embedded system.
BusyBox has been written with size-optimization and limited resources in mind. It is also extremely modular so you can easily include or exclude commands (or features) at compile time. This makes it easy to customize your embedded systems. To create a working system, just add some device nodes in /dev, a few configuration files in /etc, and a Linux kernel.
BusyBox is maintained by Denys Vlasenko, and licensed under the GNU GENERAL PUBLIC LICENSE version 2.
If any company wants to know how to comply with the GPL version 2 for such products, the BusyBox website provides the following information.
These days, Linksys is doing a good job at complying with the GPL, they get to be an example of how to do things right. Please take a moment and check out what they do with distributing the firmware for their WRT54G Router. Following their example would be a fine way to ensure that you have also fulfilled your licensing obligations.
I don't like lawsuits but I also don't enjoy seeing companies take unfair advantage of developers, their projects and the GPL. I am also confident that the SFLC didn't just grab these 14 companies out of the air and surprise them with the lawsuit. I'm sure the 14 were given the opportunity to comply prior to the filing.
Hopefully this batch of lawsuits will send a serious message to anyone who uses a GPL software project in their product that we, the free software movement members, are serious about all of the GPL--not just the "free" part.
The 14 companies named in the lawsuit are: Astak, Best Buy, Bosch, Comtrend, Dobbs-Stanford, GCI Technologies, Humax, JVC, Phoebe Micro, Samsung, Versa Technology, Western Digital Technologies, Westinghouse Digital and ZyXEL Communications.
What do you think about this latest enforcement action? Do you think the SFLC is justified or not in its actions?