Feeds

First GPL lawsuit in US settles out of court

For real this time

Internet Security Threat Report 2014

After a false alarm last month, the first lawsuit to test the GPL in the US has actually settled.

The Software Freedom Law Center (SFLC) announced yesterday that it has reached an agreement with Monsoon Multimedia to end the SFLC's copyright infringement suit against the company.

The lawsuit accused Monsoon of violating GPL version 2 by distributing GPL-licensed software without making the source code available. The plaintiffs, makers of the Unix utility collection BusyBox, alleged that Monsoon included BusyBox in the firmware for its media products and made the executable version of the firmware available for download on its website without ever offering up the firmware's source.

The plaintiffs argued that this violation of the GPL revoked the contingent license contained therein. With the license to use the software gone, according to the plaintiffs, the distribution of BusyBox infringed on their copyright in the program, and they requested money damages and an injunction preventing any further copying.

Shortly after the SFLC filed the suit, Monsoon released a statement that it had entered into negotiations with the SFLC in order to end the suit by coming into compliance with the GPL's requirements.

Many members of the press (but not El Reg, of course) jumped on this announcement as a declaration that the case had already settled.

Not so, said the SFLC. The organization wanted more than mere compliance. It believed that allowing firms to wriggle out of infringement lawsuits by simply doing what they should have done in the first place would remove any incentive to comply with the GPL, thus robbing it of its teeth.

With the actual settlement announced yesterday, the SFLC got what it was holding out for: money. The agreement includes an "undisclosed amount of financial consideration" for the plaintiffs, and also requires Monsoon to publish the source code, appoint an Open Source Compliance Officer and notify previous recipients of the software about their rights under the GPL.

Cyberlaw aficionados, on the other hand, didn't get what they had hoped for: a legal showdown that would have tested the very foundations of the GPL. Since the case settled, nothing legally binding came out of it, leaving the exact status of the GPL in murky legal waters - especially after a decision handed down in August by a federal judge in California.

That ruling held that plaintiffs could not pursue an injunction under copyright law for a violation of a different flavor of open source license, the Artistic License. Instead, the court treated the attribution requirement contained in the license as a condition on a contract, which foreclosed on the possibility of an injunction, or any other remedy under copyright law.

This removed a major tool for open source rights holders to enforce the Artistic License, and sent ripples of alarm through the open source community. Legal types saw the SFLC's suit as a chance to test the GPL to find out if courts interpreting the GPL would agree with the California judge's reasoning.

Now, however, it looks as though they'll have to wait until the second GPL lawsuit is filed in the US.

Whenever that may be. ®

Secure remote control for conventional and virtual desktops

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.