The biggest legal danger for open source?
Patents or copyright?
I grew up near a river.
Not a particularly deep or wide river, but due to the geographic history of the Midwest, a river with a bottom full of massive pits and dips, dug out by glaciers and the debris they shoved around this part of the world 15,000 years ago. Because of these formations, this particular river is rather dangerous to be in for swimmers--at any point, an undercurrent can drag you under the surface, to be trapped in whatever pit or dead tree lies beneath.
It looks calm on the surface, placid even. But it is not.
There is an undercurrent of legal issues troubling the open source world these days. While things are going great in some aspects--cloud, mobile, server--there is a definite potential for trouble from litigious attacks on any of the successful technologies open source has helped create.
If this sounds like fear, uncertainty, and doubt, it is assurdedly not. But if there's a bear in your house, you can't just ignore it and hope it will go away. You call animal control.
FUD is the obvious intention of those who have instigated the various legal troubles on open source practitioners. Fear specifically: ramp it up to intimidation, and you've got a potential licensing revenue channel on your hands.
Such troubles, from the scores of software patents that are used to "protect" intellectual property, are obvious.
But no less troublesome, I believe, is the issue of copyright and copyright assignments.
Lately, commercial vendors in open source space have caught flak for the nature of the copyright assignments used when developers contribute code to a project the vendor manages.
Copyright assignments basically work like this: I, a hypothetical developer, create some semi-brilliant code and want to contribute it to Project X, which is overseen and used by Company X. Company X, recognizing the semi-brilliance of my code, wants to use it in their latest distribution, so they ask me to sign away the copyrights of my code over to them. This is so that when they release my code as part of the greater whole distribution, they can have full legal control over the code--even though they will still work with me and give me credit.
Under most circumstances, this seems rather fair. After all, I want my code to be in Distro X, and it makes sense that Company X doesn't want the nightmare of working with a bazillion different copyrights.
But sometimes copyright assignment can be confusingly Machievllian, even in open source land.
Canonical, for instance, is one company that in the past has been knocked about on this issue. Developers and free software advocates have argued that it agreement, while simple and strightforward in form, actually contains what appear to be trapdoors. They're not hidden, either, as seen in Clause 6:
"Canonical will ordinarily make the Assigned Contributions available to the public under a 'Free Software Licence,' according to the definition of that term published by the Free Software Foundation from time to time. Canonical may also, in its discretion, make the Assigned Contributions available to the public under other license terms."
This makes people uneasy, because the wording "ordinarily" seems rather vague. Does that mean that in extraordinary circumstances, they'll take contributed code and release it under some other license? The second sentence is less vague and seems to answer that point: Canonical may indeed decide to release code under other license terms.
Canonical has publicly addressed these concerns before. Shuttleworth stated in an interview over a year ago that Canonical's contributor agreement is no different than other commercial vendors'.
So why bring it up again?
The issue of copyright assignment was a source of a long conversation I had with Taurus Balog of OpenNMS and Bradley Kuhn of the Software Conservancy a couple of weeks ago at the Indiana LinuxFest. It was a one of those hours-long discussions that happen in the halls of such events and I enjoyed it immensely and learned a lot.
And in that conversation, which bounced all over the map as such conversations are wont to do, I began to wonder: which is a more dangerous undercurrent? Patents or copyright assignments?
This is a question I will be pondering for a while, and hope to share my conclusions and others' opinions. Ultimately, it may be that they are both equally bad for open source and that the question is akin to asking which is more dangererous: the lion or the bear?