Contributor License Agreement

Last updated

A Contributor License Agreement (CLA) defines the terms under which intellectual property has been contributed to a company/project, typically software under an open source license.

Contents

Rationale

CLAs can be used to enable vendors to easily pursue legal resolution in the case of copyright disputes, [1] or to relicense products to which contributions have been received from third parties. [2] CLAs are important especially for corporate open source projects under a copyleft license, since without a CLA the contribution would restrict the guardian as well.

The purpose of a CLA is to ensure that the guardian of a project's outputs has the necessary ownership or grants of rights over all contributions to allow them to distribute under the chosen license, often by granting an irrevocable license to allow the project maintainer to use the contribution; if copyright is actually transferred, the agreement is more normally known as a Copyright Transfer Agreement. CLAs also have roles in raising awareness of IPR issues within a project. [3]

Relicensing controversy

When a CLA requires a contributor to assign unrestricted republishing rights to the project, contributed code can be relicensed at the discretion of the project, even when the CLA does not assign copyright to the project. Prominent open source advocates regard CLAs as dangerous to open source rights. [4]

Examples

In 2019 MongoDB used these rights granted by its CLA to achieve a move to a non-open-source license. [5]

In January 2021, the Elasticsearch project used such rights to move the project to a non-open-source license [6] arguing Amazon had been "misleading and confusing the community".

[...] Our license change is aimed at preventing companies from taking our Elasticsearch and Kibana products and providing them directly as a service without collaborating with us.

Our license change comes after years of what we believe to be Amazon/AWS misleading and confusing the community - enough is enough.

We’ve tried every avenue available including going through the courts, but with AWS’s ongoing behavior, we have decided to change our license so that we can focus on building products and innovating rather than litigating [...] [7]

Drew DeVault, a lead developer with a number of open source projects such as Sway, regards this move as a loophole. Both these projects were licensed under a copyleft license, which uses copyright to protect contributions, yet the CLA negates the usefulness of copyright in achieving this protection:

Elasticsearch belongs to its 1,573 contributors, who retain their copyright, and granted Elastic a license to distribute their work without restriction. This is the loophole which Elastic exploited when they decided that Elasticsearch would no longer be open source [...] [8]

CLAs which restrict relicensing

Project Harmony

Project Harmony was established by Canonical in 2010 to optionally avoid the problems discussed above. It provides a CLA template-builder. Based on choices made, the CLA will allow the contributor to keep copyright and assign rights to the project (as above) but with various restrictions on relicensing: using the template requires choosing one of the mutually-exclusive options, which range in restrictiveness. [9] A real-world example is the Ubuntu project. The CLA leaves copyright with the contributor and allows the project to relicense the code but with a restriction based on the license the contribution was made under:

2.3 Outbound License Based on the grant of rights in Sections 2.1 and 2.2, if We include Your Contribution in a Material, We may license the Contribution under any license, including copyleft, permissive, commercial, or proprietary licenses. As a condition on the exercise of this right, We agree to also license the Contribution under the terms of the license or licenses which We are using for the Material on the Submission Date. [10]

Fedora

The Fedora Project formerly required contributors to sign a CLA, either as an organization or as an individual. [11] However, this was retired in 2011 [12] and instead contributors must agree to the Fedora Project Contributor Agreement, which is not a license agreement and does not include assignment of copyright.

Users

Companies and projects that use CLAs include:

KDE

KDE uses Free Software Foundation Europe's Fiduciary Licence Agreement [50] of which (FLA-1.2) states in section 3.3:

FSFE shall only exercise the granted rights and licences in accordance with the principles of Free Software as defined by the Free Software Foundations. FSFE guarantees to use the rights and licences transferred in strict accordance with the regulations imposed by Free Software licences, including, but not limited to, the GNU General Public Licence (GPL) or the GNU Lesser General Public Licence (LGPL) respectively. In the event FSFE violates the principles of Free Software, all granted rights and licences shall automatically return to the Beneficiary and the licences granted hereunder shall be terminated and expire. [51]

However, it is optional and every contributor is allowed not to assign their copyright to KDE e.V.

See also

Related Research Articles

The free software movement is a social movement with the goal of obtaining and guaranteeing certain freedoms for software users, namely the freedoms to run, study, modify, and share copies of software. Software which meets these requirements, The Four Essential Freedoms of Free Software, is termed free software.

The MIT License is a permissive software license originating at the Massachusetts Institute of Technology (MIT) in the late 1980s. As a permissive license, it puts very few restrictions on reuse and therefore has high license compatibility.

<span class="mw-page-title-main">Free Software Foundation Europe</span> Foundation promoting Free Software movement

The Free Software Foundation Europe e.V. (FSFE) is an organization that supports free software and all aspects of the free software movement in Europe, with registered chapters in several European countries. It is a registered voluntary association incorporated under German law.

Multi-licensing is the practice of distributing software under two or more different sets of terms and conditions. This may mean multiple different software licenses or sets of licenses. Prefixes may be used to indicate the number of licenses used, e.g. dual-licensed for software licensed under two different licenses.

<span class="mw-page-title-main">Eclipse Public License</span> Free software license similar to the Common Public License

The Eclipse Public License (EPL) is a free and open source software license most notably used for the Eclipse IDE and other projects by the Eclipse Foundation. It replaces the Common Public License (CPL) and removes certain terms relating to litigations related to patents.

This comparison only covers software licenses which have a linked Wikipedia article for details and which are approved by at least one of the following expert groups: the Free Software Foundation, the Open Source Initiative, the Debian Project and the Fedora Project. For a list of licenses not specifically intended for software, see List of free-content licences.

<span class="mw-page-title-main">WTFPL</span> Permissive free software license

The WTFPL is a permissive free software license. As a public domain like license, the WTFPL is essentially the same as dedication to the public domain. It allows redistribution and modification of the work under any terms. The name is an abbreviation of Do What The Fuck You Want To Public License.

<span class="mw-page-title-main">Public-domain-equivalent license</span> License that waives all copyright

Public-domain-equivalent license are licenses that grant public-domain-like rights and/or act as waivers. They are used to make copyrighted works usable by anyone without conditions, while avoiding the complexities of attribution or license compatibility that occur with other licenses.

<span class="mw-page-title-main">GNU Affero General Public License</span> Free software license based on the AGPLv1 and GPLv3

The GNU Affero General Public License is a free, copyleft license published by the Free Software Foundation in November 2007, and based on the GNU GPL version 3 and the Affero General Public License (non-GNU).

<span class="mw-page-title-main">Free-software license</span> License allowing software modification and redistribution

A free-software license is a notice that grants the recipient of a piece of software extensive rights to modify and redistribute that software. These actions are usually prohibited by copyright law, but the rights-holder of a piece of software can remove these restrictions by accompanying the software with a software license which grants the recipient these rights. Software using such a license is free software as conferred by the copyright holder. Free-software licenses are applied to software in source code and also binary object-code form, as the copyright law recognizes both forms.

BSD licenses are a family of permissive free software licenses, imposing minimal restrictions on the use and distribution of covered software. This is in contrast to copyleft licenses, which have share-alike requirements. The original BSD license was used for its namesake, the Berkeley Software Distribution (BSD), a Unix-like operating system. The original version has since been revised, and its descendants are referred to as modified BSD licenses.

<span class="mw-page-title-main">Open-core model</span> Business model monetizing commercial open-source software

The open-core model is a business model for the monetization of commercially produced open-source software. The open-core model primarily involves offering a "core" or feature-limited version of a software product as free and open-source software, while offering "commercial" versions or add-ons as proprietary software. The term was coined by Andrew Lampitt in 2008.

Project Harmony is an initiative by Canonical Ltd. about contributor agreements for Open Source software. The aim of the Harmony project is to develop templates of Contributor License Agreements for use by Free and open source software (FOSS) projects.

<span class="mw-page-title-main">Elasticsearch</span> Search engine

Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch is developed in Java and is triple-licensed under the (source-available) Server Side Public License, the Elastic license, and the Affero General Public License, while other parts fall under the proprietary (source-available) Elastic License. Official clients are available in Java, .NET (C#), PHP, Python, Ruby and many other languages. According to the DB-Engines ranking, Elasticsearch is the most popular enterprise search engine.

Software relicensing is applied in open-source software development when software licenses of software modules are incompatible and are required to be compatible for a greater combined work. Licenses applied to software as copyrightable works, in source code as binary form, can contain contradictory clauses. These requirements can make it impossible to combine source code or content of several software works to create a new combined one.

<span class="mw-page-title-main">Unlicense</span> Anti-copyright license

The Unlicense is a public domain equivalent license for software which provides a public domain waiver with a fall-back public-domain-like license, similar to the CC Zero for cultural works. It includes language used in earlier software projects and has a focus on an anti-copyright message.

<span class="mw-page-title-main">Grafana</span> Platform for data analytics and monitoring

Grafana is a multi-platform open source analytics and interactive visualization web application. It can produce charts, graphs, and alerts for the web when connected to supported data sources.

OpenSearch is a family of software consisting of a search engine, and OpenSearch Dashboards, a data visualization dashboard for that search engine. The software started in 2021 as a fork of Elasticsearch and Kibana, with development led by Amazon Web Services.

The Business Source License is a software license which publishes source code but limits the right to use the software to certain classes of users. The BUSL is not an open-source license, but it is source-available license that also mandates an eventual transition to an open-source license. This characteristic has been described as a compromise between traditional proprietary licenses and open source.

References

  1. "Licenses". www.apache.org.
  2. "Contributing FAQ". mysql.com. Archived from the original on 2007-12-09. Retrieved 2007-12-22.
  3. "Contributor Licence Agreements". Oss-watch.ac.uk. Retrieved 2014-01-24.
  4. comments, 28 Feb 2019 Richard FontanaFeed 291up 2. "Why CLAs aren't good for open source". Opensource.com. Retrieved 2021-01-26.{{cite web}}: CS1 maint: numeric names: authors list (link)
  5. Corbet, Jonathan (2018-10-18). "Making the GPL more scary". LWN.net. Retrieved 2023-04-29.
  6. "Upcoming licensing changes to Elasticsearch and Kibana". www.elastic.co. 2021-01-14. Archived from the original on 2021-01-14. Retrieved 2023-04-29.
  7. "Amazon: NOT OK - why we had to change Elastic licensing". www.elastic.co. 2021-01-14. Archived from the original on 2023-03-30. Retrieved 2023-04-29.
  8. DeVault, Drew (2021-01-19). "Elasticsearch does not belong to Elastic". drewdevault.com. Retrieved 2023-04-29.
  9. "Guide to the CAs | Harmony Agreements". harmonyagreements.org. Retrieved 2021-01-26.
  10. "Contributor agreement form | Contributors". Ubuntu. Retrieved 2021-01-26.
  11. "Legal:Licenses/CLA - Fedora Project Wiki". fedoraproject.org. Retrieved 2023-01-29.
  12. "Meeting:Board meeting 2011-04-05 - Fedora Project Wiki". fedoraproject.org. Retrieved 2023-01-29.
  13. "Contribution License Agreement". .NET Foundation.org. Retrieved 2015-01-11.
  14. "Licenses". Apache.org. Retrieved 2014-01-24.
  15. "Canonical Contributor license agreement". Canonical.com. Retrieved 2014-01-24.
  16. "Clojure - Contributor Agreement".
  17. "CNCF Linux Foundation ID CLA signing FAQ" . Retrieved 2020-10-19.
  18. "Individual Contributor License Grant". CyanogenMod. Archived from the original on 2016-03-08.
  19. "diaspora/diaspora · GitHub". Github.com. Retrieved 2014-01-24.
  20. "Legal Aspects". Qt Project. Retrieved 2014-01-24.
  21. http://www.discourse.org/cla
  22. "Contributor License Agreements | Django". Djangoproject.com. Retrieved 2014-01-24.
  23. "CLA". The Dojo Foundation. Retrieved 2014-01-24.
  24. "SeLion : Individual Contributor License Agreement (CLA)" . Retrieved 2015-02-23.
  25. "LIST OF SUBSIDIARIES AS OF DECEMBER 31, 2014" . Retrieved 2015-02-23.
  26. "Eclipse Foundation Contributor License Agreement". Eclipse.org. 2013-06-17. Retrieved 2014-01-24.
  27. "Contributor Agreement Elastic". elastic.co.
  28. "Contributing to Facebook Projects". facebook.com. Retrieved 2015-07-08.
  29. "CONTRIBUTORS - The Go Programming Language". Golang.org. Retrieved 2014-01-24.
  30. "Google Individual Contributor License Agreement, v1.1". Google Inc. Retrieved 2014-06-09.
  31. Hashicorp. ""Contributor License Agreement"". Hashicorp: Infrastructure Enables Innovation. Retrieved 2021-08-09.
  32. Schoutsen, Paulus (2017-01-21). "Home Assistant Governance [updated]". Home Assistant. Retrieved 2024-03-04.
  33. "InfluxDB Contributor License Agreement" . Retrieved 25 August 2014.
  34. "Contribute". Developer.joomla.org. Retrieved 2014-01-24.
  35. jQuery Foundation - jquery.org. "jQuery Foundation Contributor License Agreement | Contribute to jQuery". Contribute.jquery.org. Retrieved 2014-01-24.
  36. Cloud Native Computing Foundation. "Kubernetes CLA". CNCF. Retrieved 2019-02-19.
  37. GitHub - openbmc/docs, openbmc, 2019-02-20, retrieved 2019-02-21
  38. "Contributing to the PSF". Python Software Foundation.
  39. "Contributing to Meteor". Contribute.meteor.com. Retrieved 2014-01-24.
  40. "Contributing to Microsoft Visual Studio Code". Microsoft. Retrieved 2016-04-22.
  41. "Contributor License Agreement | MuseScore". musescore.org. Retrieved 2019-08-30.
  42. "Contributor Agreement". OpenMediaVault. Retrieved 2014-01-24.
  43. "OpenStack Contributors License Agreement". OpenStack. Retrieved 2014-01-24.
  44. "Puppet Contributor License Agreement" . Retrieved 2016-02-01.
  45. "Salesforce Contributor License Agreement". Archived from the original on 2020-07-28. Retrieved 2020-05-21.
  46. "CONTRIBUTOR LICENSE AGREEMENT". www.sangoma.com. 2023-04-26. Archived from the original on 2023-04-29. Retrieved 2023-04-29.
  47. "License". TiddlyWiki . 19 December 2022.
  48. "TLDR-pages/TLDR". GitHub . 26 February 2022.
  49. "W3C Community Contributor License Agreement (CLA)". Community and Business Groups. W3C . Retrieved 2024-05-11.
  50. "FSFE welcomes KDE's adoption of the Fiduciary Licence Agreement (FLA)". 2008-08-22.
  51. "Fiduciary Licence Agreement (Version 1.2)" (PDF). Retrieved 2010-12-31.