Linux programmer wins legal victory

A Linux programmer has reported a legal victory in Germany in enforcing the General Public License, which governs countless projects in the free and open-source software realms.

A Munich district court on Tuesday issued a preliminary injunction barring Fortinet, a maker of multipurpose security devices, from distributing products that include a Linux component called "initrd" to which Harald Welte holds the copyright.

In addition to being a Linux programmer, Welte runs an operation called the GPL Violations project that attempts to encourage companies shipping products incorporating GPL software to abide by the license terms. The license lets anyone use GPL software in products without paying a fee, but it requires that they provide the underlying source code for the GPL components when they ship such a product.

News.context

What's new:
A German court agreed with a Linux programmer's contention that a California security appliance maker called Fortinet needs to comply with the terms of the General Public License.

Bottom line:
The case adds new legal weight to the GPL, the legal foundation for Linux and countless other projects in the open-source and free software realms. It also shows some computer industry growing pains from adopting open-source software.

More stories on the GPL

The case highlights the ease with which open-source software can spread across the computing industry--but also the growing pains that companies face as they adjust to new legal concepts underlying the collaborative programming approach.

Fortinet, based in Sunnyvale, Calif., said in a statement it's addressing the issue but is surprised that Welte resorted to legal action.

"Fortinet recently became aware of Mr. Welte's allegations and has, in good faith, been diligently working with him to resolve this matter outside of the German court system. Fortinet is actively taking steps to ensure that its products are compliant with GPL requirements. Therefore, Fortinet is surprised that Mr. Welte pursued a preliminary injunction against Fortinet in Germany and believes that this is an unnecessary action," the company said. "Fortinet is continuing its efforts to expeditiously resolve this matter with Mr. Welte."

Welte has said he doesn't object to corporate use of open-source software; he just wants it to be done properly. Welte first notifies companies of his accusations before beginning legal action, he said. In the case of Fortinet, the GPL Violations project informed the company of its concerns March 17, but "out-of-court negotiations on a settlement failed to conclude in a timely manner," the project said in a statement.

In March, Welte sent similar letters to multiple companies exhibiting at the CeBit trade show. And a year ago, he won a ruling against Sitecom in a case similar to that of Fortinet.

Fortinet uses Linux in the operating system included in its FortiGate and FortiWiFi products, the project said. "FortiOS is using the Linux operating system kernel and numerous other free software products that are licensed exclusively under the GNU GPL. This information was not disclosed by Fortinet," the GPL Violations project said.

Most actions by GPL Violation have been against European or Asian companies, and the Sitecom and Fortinet cases don't have direct repercussions outside Germany. But the actions this year also have targeted corporations in the United States--an indication that case law around the GPL could also start building soon in the world's largest computing technology market.

"Generally, corporations are becoming more conscious of the issues surrounding the GPL," said Brian Kelly, an intellectual-property attorney with Manatt, Phelps & Phillips. "The process of clarifying the

[aabcdefghij987654321]

gpl clarification

" when they ship such a product."

it is "when they distribute modified versions of the product (derivative works)"

[Shankland]

author replies: Well, sort of

The GPL requires source code to be available even if it's not modified, and i's not clear exactly what Fortinet did. Section 2 of the GPL governs derivative works, but in cases where a company distributes code--modified or not--in executable form, Section 3 kicks in:

3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

--Stephen Shankland

A shadow?

A shadow over open source, or a careless developer's product? Please. This was a case of the developer either not paying attention or not wanting to abide by the terms (attempting to plagiarize/obtain free development work from others).

Is news.com ignorant of GPL requirements? They aren't complex, but like any license, somebody needs to pay attention. A company that uses external code without understanding the licensing terms is shooting their own foot. A company that tries to weasel out of their obligations after repeated requests deserves the cloud over their derivative products.

Thanks

News.com, thanks for the "shadow" headline change.

[David Arbogast]

SCORE

"You didn't give your work freely to the community!"

Score one for the socialism police.

The GPL is simple.

It is not, however, a declaration of carte blanche or public domain status.

Pay attention, give credit where due, and enjoy the numerous benefits. Simple stuff for those not looking to plagiarize.

[pcLoadLetter]

More FUD

If they didn't want to abide by the terms of the license, they should not have used it.

The company in question was trying to get a free lunch, by climbing on the backs of others without having to abide by the terms. They wanted the quid without giving a bit of quo.

You socialist comment was unintelligent and unnecessary.

Socialist?

OSS software under the gpl is no more socialist than broadcast television. You get to watch it free, yes? Are they socialistic? Certainly not. They sell commercials, but not the broadcasts. They make money from a "free" broadcast.

The same thing happens with software under the gpl. At a bare minimum, they are getting access to everyone else's work who used their product. That has value even if dollars don't change hands. Some companies sell service and support for their gpl products. How can that be socialistic in any fashion?

[TheMidnightCoder]

Well, you OSS guys do tend to sound a bit

Socialist once in a while. Generally I think your living in a wonderful fantasy land. I would love to live there too, but I have bills to pay. Music should be free, movies should be free, heck, and I wish my car was free too. OSS will probably disappear once the Evil Nemesis M$ is no longer king. Then the major hardware companies that support OSS so much really won't need to anymore (great for marketing). I know, I'm evil too.

[unknown unknown]

reply

No one is forced to use GPLed code or software. Companies who don't want to turn over their source shouldn't use GPLed code in their projects. It's really very simple. It might be socialism, but it's opt-in. Those who opt-in are expected to comply with the terms.

Fortinet are dumb as bricks

"Fortinet recently became aware of Mr. Welte's allegations and has, in good faith, been diligently working with him to resolve this matter outside of the German court system"

Fortinet knew they were taking GPL code and reselling without distributing their source code. To act all surprised is a ruse. Welte's legal actions are to wake up companies that think they can get away with this.

If Fortinet is a real company they would have had their lawyers read over the GPL license before using it. Fortinet is a tech company selling a computer firewalls, for crying out loud! For them to have never heard of the GPL license is simply a lie.

[David Arbogast]

Not a Victory by a Longshot

I call it... shooting yourself in the foot.

Fortinet may have broken the rules, but if you call this a victory for GPL or OSS you are pretty foolish. Fortinet wanted to make a profit, and probably realized that *giving away their software* would make that very difficult. Now that they have been smacked upside the head by the GPL-Police, you can bet they'll find a new approach. Proprietary software anybody? One less GPL contributor. One more win for closed-source software. I'm sure Fortinet isn't too broken up about it. They obviously have no desire to *Give Away Their Hard Work For Free."

[pcLoadLetter]

Give away their hard work for free?

That is amusingly ignorant considering that much of their 'hard work', is nothing more then using others hard work that was free.

You FUD spreaders need to get it through your head that free does not have to mean free of cost.

[TimeBomb]

You mean psuedo-opt-in

There is nothing "opt-in" about using GPL code without being aware of it, because it was imbedded in a product you obtained.