So you want to comply with the GPL...

For years people have suggested that open-source adoption would go even faster if only open-source licenses like the GNU General Public License (GPL) were easier to understand. My personal belief is that "It's so hard to understand!" tends to be an euphemism for "I really want to pilfer this open-source software but its terms don't let me!" After all, the terms of the GPL have been explained repeatedly, including by the Free Software Foundation itself, which authored the GPL.

Regardless, the Software Freedom Law Center is now making it easy to understand the GPL and related licenses with a guide (available online) that walks through effective compliance:

Unlike highly permissive FOSS licenses (such as the ISC license), which typically only require preservation of copyright notices, the GPL places a number of important requirements upon licensees. These requirements are carefully designed to uphold certain values and standards of the software freedom community. While the GPL's requirements may appear initially counter-intuitive to those more familiar with proprietary software licenses, by comparison its terms are in fact clear and favorable to licensees. The terms of the GPL actually simplify compliance when violations occur.

GPL violations are often caused or compounded by a failure to adopt sound practices for the incorporation of GPL'd components into a company's internal development environment. In this section, we introduce some best practices for software tool selection, integration and distribution, inspired by and congruent with FOSS methodologies.

What follows, then, is a highly practical walk-through of how to use GPL software, when to release derivative works, etc. Any company that uses GPL software - which includes roughly 99.999 percent of IT departments due to the rise of Linux - should get a copy of this compliance guide and study it. Ignorance is no longer an excuse for a lack of compliance with open-source license compliance.

Via LinuxToday.

[sm5574]

Wow! Since non-GPL IT departments only constitute 0.001% of the industry, I must have managed to work for nearly all of them, as I have never used GPL software professionally.

I take it that was hyperbole rather than extremely wishful thinking.

[Matt Asay]

I guarantee that you're using Linux or other GPL-licensed software somewhere in your company. If you're with an SMB, it's possible that you're not (though of course you're using it whenever you use Google, etc.), but every large enterprise has GPL software in spades.

[jrepenning]

The article seems pretty glib in assuming that most "proprietary + OSS" distributions are non-"combining," yet drawing that line has always been the chief point of confusion and concern.

[sm5574]

True, it is utilized in components we may use, such as firewalls or whatever. But we never touch the code, so in a very real sense we are not using the software, and the GPL is of no real interest...unless you're saying that everyone who uses FireFox needs to completely understand the GPL. And even that would be more apropos than the professional use I've experienced.

I agree that a company should be familiar with the GPL before downloading any open source CODE, but if you acquire it already compiled -- and especially installed or embedded -- I really don't see the point.

[odubtaig]

No, in a very real sense you are using that software. The GPL just doesn't apply unless you're modifying or distributing the software (and distributing does include burning a copy for your mate).

So no, the GPL doesn't directly apply in this case but just because you're not using it directly doesn't mean you're not using it at all.