The problem here is not that Patrick McHardy managed to sued 50 companies and gaining 2 million Euros – the problem is – he ignored the „official“ way via FSF to sue a company that violates the GPL2 under which the Linux Kernel was released and probably kept all the money to himself and his lawyers.
According to C’t McHardy DID NOT pass on that money raised to the Open Source community / Linux Foundation / Free Software Foundation or any other Open Source dedicated organization – which is the way it should have been.
This is called „licence trolling“ (again – more work for lawyers).
„With my history of being the first to enforce the GNU GPLv2 in (equally German) court, it is unsurprising that I am in favor of license enforcement being performed by copyright holders.
I believe individual developers who have contributed to the Linux kernel should have the right to enforce the license, if needed. It is important to have distributed copyright, and to avoid a situation where only one (possibly industry friendly) entity would be able to take [legal] action.
I’m not arguing for a „too soft“ approach. It’s almost 15 years since the first court cases on license violations on (embedded) Linux, and the fact that the problem still exists today clearly shows the industry is very far from having solved a seemingly rather simple problem.
On the other hand, such activities must always be oriented to compliance, and compliance only. Collecting huge amounts of contractual penalties is questionable. And if it was necessary to collect such huge amounts to motivate large corporations to be compliant, then this must be done in the open, with the community knowing about it, and the proceeds of such contractual penalties must be donated to free software related entities to prove that personal financial gain is not a motivation.
The rumors of Patrick performing GPL enforcement for personal financial gain have been around for years. It was initially very hard for me to believe. But as more and more about this became known, and Patrick would refuse to any contact requests by his former netfilter team-mates as well as the wider kernel community make it hard to avoid drawing related conclusions.
We do need enforcement, both out of court and in court. But we need it to happen out of the closet, with the community in the picture, and without financial gain to individuals. The „principles of community oriented enforcement“ of the Software Freedom Conservancy as well as the more recent (but much less substantial) kernel enforcement statement represent the most sane and fair approach for how we as a community should deal with license violations.“
„Linux developer named Patrick McHardy continues ongoing GPL enforcement actions but has not endorsed the community Principles.“ (src)
Some media channels (N-TV / RTL) transforms this incident into bad publicity for Linux (good for Microsoft) because it is said to spread doubt among companies if Linux is „safe to use“ for their purpose, because CEO Decker thinks the GPL2 is hard to full fill. (well all they have to do is make their source code changes public… in what form ever… why should this be so hard? it is not harder than opening a github account and creating a new project)
Geniatech admits that according to GPL2 they should have made their code changes public. They regret this mistake and followed suit.
„The Linux kernel ecosystem of developers, companies and users has been wildly successful by any measure over the last couple decades. Even today, 26 years after the initial creation of the Linux kernel, the kernel developer community continues to grow, with more than 500 different companies and over 4,000 different developers getting changes merged into the tree during the past year. As Greg always says every year, the kernel continues to change faster this year than the last, this year we were running around 8.5 changes an hour, with 10,000 lines of code added, 2,000 modified, and 2,500 lines removed every hour of every day.
The stunning growth and widespread adoption of Linux, however, also requires ever evolving methods of achieving compliance with the terms of our community’s chosen license, the GPL-2.0. At this point, there is no lack of clarity on the base compliance expectations of our community. Our goals as an ecosystem are to make sure new participants are made aware of those expectations and the materials available to assist them, and to help them grow into our community. Some of us spend a lot of time traveling to different companies all around the world doing this, and lots of other people and groups have been working tirelessly to create practical guides for everyone to learn how to use Linux in a way that is compliant with the license. Some of these activities include:
- Community Conferences: FSFE Free Software Legal and Licensing Workshop, FOSDEM, Open Compliance Summit, and others
- Compliance Guides: Guide to GPL Compliance, Second Edition, Practical GPL Compliance, Open Source Compliance in the Enterprise
- Compliance Communities: OpenChain, SPDX
Unfortunately the same processes that we use to assure fulfillment of license obligations and availability of source code can also be used unjustly in trolling activities to extract personal monetary rewards. In particular, issues have arisen as a developer from the Netfilter community, Patrick McHardy, has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation. Some of his compliance claims are issues that should and could easily be resolved. However, he has also made claims based on ambiguities in the GPL-2.0 that no one in our community has ever considered part of compliance.
Examples of these claims have been distributing over-the-air firmware, requiring a cell phone maker to deliver a paper copy of source code offer letter; claiming the source code server must be setup with a download speed as fast as the binary server based on the “equivalent access” language of Section 3; requiring the GPL-2.0 to be delivered in a local language; and many others.
How he goes about this activity was recently documented very well by Heather Meeker.“
McHardy was suspended from the NetCoreFilter team.
List: netfilter-devel Subject: [ANNOUNCE] Suspending Patrick McHardy as coreteam member From: Pablo Neira Ayuso <pablo () netfilter ! org> Date: 2016-07-18 20:43:55 Message-ID: 20160718204355.GA11668 () salvia [Download message RAW] The netfilter project regrets to have to suspend its core team member Patrick McHardy from the core team. This is a grave step, definitely the first in the projects history, and it is not one we take lightly. Over many months, severe allegations have been brought forward against the style of his license enforcement activities on parts of the netfilter software he wrote. With respect to privacy, we will not publicly disclose the content of those allegations. Despite many attempts by us to reach him, Patrick has been unable or unwilling to comment on those allegations or defend against the allegations. The netfilter project does not have first-hand evidence. But given the consistent allegations from various trusted sources, and in the absence of any response from Patrick, we feel it is neccessary to suspend him until further notice. We'd like to stress that we do not take any sides, and did not "convict" Patrick of anything. He continues to be welcome in the project as soon as he is be able to address the allegations and/or co-sign the "principles"  in terms of any future enforcement activities.  http://www.netfilter.org/files/statement.pdf -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to email@example.com More majordomo info at http://vger.kernel.org/majordomo-info.html
Lawyers want to make money – after all – money is THE meaning of life in capitalism.
capitalistic life is getting more and more complicated.
there ought to be alternatives before everyone goes mad.
Do you know what competition means? everyone AGAINST everyone – also in harmful ways.
Bernard Lietar: „Mabye having ONLY competition is not so good“
In a German court earlier this week, former Linux developer Patrick McHardy gave up on his Gnu General Public License version 2 (GPLv2) violation case against Geniatech Europe GmbH. Now, you may ask, „How can a Linux programmer dropping a case against a company that violates the GPL count as a win?“
First, anyone who knows the least thing about Linux’s legal infrastructure knows its licensed under the GPLv2.
Many don’t know that anyone who has copyrighted code in the Linux kernel can take action against companies that violate the GPLv2. Usually, that’s a non-issue.
People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center (SFLC) to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2.
Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he’d requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions.
With Geniatech, McHardy claimed to have found Linux code within satellite TV receivers built by the Shenzhen China based company Geniatech, which is represented in Europe by Germany-based Geniatech Europe GmbH. He then demanded payment from the company. When it refused, McHardy obtained a Einstweilige Verfügung, an interim injunction is the close American equivalent, against the company. In German courts, these tend to be immediately granted by the court, without hearing from the defendant.
The last thing Linux at large wants is for a single rogue developer to be shaking down companies. GPLv2 defenders want companies that use Linux to abide by the GPLv2 — not pay a programmer off. Indeed, one of the Principles of Community-Oriented GPL Enforcement is „Community-oriented enforcement must never prioritize financial gain.“
McHardy was able to start taking these actions because he’d contributed some code to the Linux kernel and had been the chair of Linux’s Netfilter core development team. Netfilter is a Linux network utility that handles Network Address Translation (NAT), and with IPTables, firewalls. As a Linux developer, McHardy owns the copyright to his code contributions, but not to the whole Linux kernel.
After all, if I add a headlight to a car, I can’t claim to be the car manufacturer. But, as Heather Meeker, a partner at the law firm O’Melveny & Myers who specializes in open-source software licensing, explained, „Copyright ownership in large projects such as the Linux kernel is complicated.“
Meeker continued, „It’s like a patchwork quilt. When developers contribute to the kernel, they don’t sign any contribution agreement or assignment of copyright. The GPL covers their contributions, and the recipient of a copy of the software gets a license, under GPL, directly from all the authors. The contributors‘ individual rights exist side-by-side with rights in the project as a whole.“
Using this legal logic, McHardy was to follow his path, with some success. The Linux community was not amused.
In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles.
In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers‘ position. Kroah-Hartman wrote: „McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation. Some of his compliance claims are issues that should and could easily be resolved. However, he has also made claims based on ambiguities in the GPL-2.0 that no one in our community has ever considered part of compliance.“
He continued, „We have never even considered enforcement for the purpose of extracting monetary gain. It is not possible to know an exact figure due to the secrecy of Patrick’s actions, but we are aware of activity that has resulted in payments of at least a few million Euros. We are also aware that these actions, which have continued for at least four years, have threatened the confidence in our ecosystem.“
The community is not out for financial gain when it comes to license issues. … All we want is the modifications to our code to be released back to the public, and for the developers who created that code to become part of our community so that we can continue to create the best software that works well for everyone.
In short, this addresses the issue when a ‚bad actor‘ is attacking companies in a way to achieve personal gain.
What finally brought this to a head was that, unlike other companies McHardy had approached, Geinatech opted to fight than pay up. Geinatech’s CEO admitted the company had violated the GPL out of court, but the company then complied with the GPLv2. This was, after all, what GPL compliance efforts had been all about until McHardy appeared.
Harald ‚LaForge‘ Welte, a Linux kernel developer and active defender of the GPL, was at the hearing at higher regional court of Cologne (OLG Koeln). Welte reported the OLG Koeln presiding judge had „by far the most precise analysis of how Linux kernel development works“ of any GPL-violation case he’d seen.
The judge found the following reasons he was inclined to dismiss McHardy’s claims:
- The Linux kernel development model does not support the claim of Patrick McHardy having co-authored Linux. In so far, he is only an editing author (Bearbeiterurheber), and not a co-author. Nevertheless, even an editing author has the right to ask for cease and desist, but only on those portions that he authored/edited, and not on the entire Linux kernel.
- The plaintiff did not sufficiently show what exactly his contributions were and how they were forming themselves copyrightable works
- The plaintiff did not substantiate what copyrightable contributions he has made outside of Netfilter/iptables. His mere listing as general networking subsystem maintainer does not clarify what his copyrightable contributions were.
- The plaintiff being a member of the Netfilter core team or even the head of the core team still doesn’t support the claim of being a co-author, as Netfilter substantially existed since 1999, three years before Patrick’s first contribution to Netfilter, and five years before joining the core team in 2004.
In short, it became obvious the court thought McHardy’s claims „on all of Linux was too far-fetching.“ It was also clear the court was unsympathetic to McHardy“s assertions. For him to proceed further would require „regular main proceedings, in which expert witnesses can be called and real evidence has to be provided, as opposed to the constraints of the preliminary procedure.“
This, in turn, would add far more legal costs.
McHardy’s attorney requested a brief recess so he could call his client to decide if they would want to continue with their request to uphold the preliminary injunction. McHardy then withdrew the request to uphold the injunction. So, the injunction was withdrawn, and McHardy now has to bear all legal costs for both sides of the case.
In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.
The Linux community is breathing a sigh of relief. Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions.
Karen Copenhaver, legal counsel to The Linux Foundation, said, „This is good news for Linux and the Linux community.“ Linux developers at the Open Source Leadership Summit in Sonoma, Calif., also agreed. One said, „McHardy’s legal threats were a pain in the neck, and I hope this puts an end to them.“
In the event you hear from McHardy with a similar claim against your company’s use of Linux source code, Netfilter’s developers recommend taking his claims seriously and complying with the GPL.
„Community-oriented enforcement must never prioritize financial gain.“
more crazy open source law stories…
- ‚Big four‘ Linux companies shift open-source licensing policies
- Linus Torvalds‘ love-hate relationship with the GPL
- Canonical and Free Software Foundation come to open-source licensing terms
This article was written searching the web and iterating over many sources trying to get closest to the truth.
if you never the less think things were presented inaccurate – please add your comment to this article – thanks.