LA Funds Important Legal Research on Free Software Compliance
Over the past twelve months or so I’ve noticed an upswing in enquiries about free software compliance. For example, someone might be seeking access to source code for embedded devices with Linux and/or Busybox on them. One of the key problems for pursuing compliance is the legal concept of “standing”. That is, does the court think you have a right to press the claim in question? So for example, if you see someone (A) breach a contract with someone else (B), a court will probably not let you sue A, basically because that is B’s business [1]. B might not be concerned about the breach, or B might have a relationship with A (or someone else) that might be jeopardised by suing A, so it should be up to B to make the decision about whether to proceed with a suit. Moreover, A has not infringed a right that you have, so why should you be able to sue? You’ve not suffered damage, so why should you be able to sue? In short, a court seeks to limit the people bringing actions to only those people whose rights have been infringed. So, if you, not holding copyright, see someone breaching the GPL, you can’t sue them in copyright to enforce compliance.
The term “free software compliance” is a short form of compliance with the licence terms for the free software. In this case, the relevant person whose rights are infringed is the person who granted the licence. That is, the person who holds the copyright in the software. Therefore, to bring a court case would require the copyright holders to be parties to the case. Given that copyright holders are largely concentrated overseas this presents problems for compliance within Australia. While it is possible for foreign copyright holders to initiate and/or participate in Australian proceedings, it is not simple as the mere distance presents logistical problems. There are other practical problems that a foreign copyright holder faces. For example, they may be required to be present in Australia in order to give evidence. Even where the copyright holder is in Australia they may be reluctant to pursue proceedings. For example, they may not think it justifies the time commitment they would need to make, or they may not want to be exposed to the possibility of the award of legal costs if they are unsuccessful. I have spoken with some foreign copyright holders and generally they are happy to help, but can’t commit to spend much time helping.
This is where the Trade Practices Act (TPA) is relevant. The TPA has a very wide concept of standing. Practically anyone has standing to sue for a breach of the TPA. If a competitor puts on a misleading advertisement you don’t need to have been misled in order to have it corrected. You don’t need to show that you (or indeed anyone) suffered a loss. The mere fact of a breach is usually enough for anyone in the community to enforce compliance with the TPA. The TPA is therefore particularly relevant for free software compliance. If a breach of the terms of a licence are also a breach of the TPA, then you don’t need the copyright holders in order to take action. You can leave them out of it entirely and, instead, rely on your rights as a consumer.
Enforcement under the TPA has other benefits. First, courts have tended to interpret the Act in a way which favours consumers (not surprising as this is the point of the legislation). Second, the consumer protections set out in the TPA are pretty straight forward. You may have heard of “section 52”, which provides that a person must not engage in misleading or deceptive conduct in the course of trade. In the case of section 52 intention or knowledge is not relevant. If someone is unintentionally misleading, they will still be caught by the section. Finally, the TPA comes with an administrative structure for enforcing consumers’ rights in the form of the ACCC and its State and Territory equivalents. That is, you need not even go to court in order to enforce compliance. You can, instead, rely on consumer rights procedures (at least in the first instance – if all else fails you may still end up in court,[2] and even then the consumer body may assist you with the case – as happened up to the Federal Court in the groundbreaking Stevens v Sony case). This may involve some education of the consumer protection people, but, ultimately it’s their job to protect consumers so they must come around sooner or later. Essentially, vendors who do not (for example) supply source code when they are obliged to are depriving consumers of a legal entitlement. Imagine how they would react to a vendor selling a car with a wheel missing.
Last year, I was contacted about a potential compliance issue for a router product in which Busybox was embedded (the company in question has since gone into administration). As is often the case, the person contacting me did not have a lot of money to spend on legal advice or drafting. In these cases people don’t tend to contact me until they have first tried to get through to the relevant vendor, so it is usually at at least the first level of escalation. It seemed that the best way to deal with these cases, at least initially, was to try to create some “self help” materials for people to pursue themselves, without having to engage a lawyer. To do this, however, would mean that the initial issue of standing needed to be overcome, so I turned to the TPA. After a short consideration I came to the view that there were profitable lines of inquiry in the TPA, but the mapping of free software to the TPA is not straight forward. How would the research be funded?
I was told about the Linux Australia grants system and discussed with one of the then LA committee members whether a “compliance how to” might be worth doing. I put together two proposals to put some materials together:
http://lists.linux.org.au/pipermail/linux-aus/2009-December/017823.html
http://lists.linux.org.au/pipermail/linux-aus/2009-December/017822.html
Initially, the committee wasn’t convinced that this work would be of value to the community – see after item 5 of this post:
http://lists.linux.org.au/pipermail/linux-aus/2010-February/017896.html
In their next meeting, (last night, 3 March), the Linux Australia committee decided to go ahead and fund the first proposal I submitted (I am making a 1:1 in kind contribution of my time). This is important research into what arguments might be raised under the TPA if someone is not complying with a free software licence (a decision on the second proposal has been deferred), so the decision is excellent news. Only yesterday I received another referral – via the SFLC. They wanted to be able to take it to the next stage and send something more formal to a vendor they’d contacted, but didn’t think it worth spending much money on. Once the research phase is done, producing notices such as this will be substantially easier (because the background of what is to be said is already set out). The outputs of the research will be public.
If you know of devices sold in Australia that you think are non compliant, send them to me, because I may as well start a list.
[apologies if you saw a draft of this up – the autosave put it up by mistake]
Notes:
[1] This is talking only about civil actions. If there is a crime involved different issues come into play.
[2] The minority of cases end up in court. By and large things are resolved without recourse to courts.
Brendan Scott's Weblog 