28.07.06

GPLv3 beta 2

Posted in DRM, FLOSS, GPLv3, Legal at 4:12 pm by Jens Hardings

So, the second draft of the GPLv3 is out. Changes include a rephrasing of the anti-DRM aspects of the code. In fact, the wording DRM is not there anymore. As Richard Stallman has made it clear in his presentation at barcelona, the purpose of these clauses is to avoid the “tivoisation” of programs. That is, even if the source code of the GPL software is available, you cannot change some bit and trust it to be installed on the same hardware it was distributed with, and work. This is because you need a special key to do so, or the hardware will refuse to run the modified code.

If we assume as a fact that software enforcing DRM will exist in the future, I would rather like to have the code available, and being able to reproduce the compilation exactly as to generate the same binary that has been signed as “trusted”. That way, at least I would have enough information to choose whether I could trust the system enough or not, and this would set abuses on the part of publishers to a minimum. This does not mean that the code should be under the GPL, though. So up to this point there is really no problem.

There are some issues, though, where I’m not so sure about. One phrase in particular states:

“However, the fact that a key is generated based on the object code of the work or is present in hardware that limits its use does not alter the requirement to include it in the Corresponding Source.”

I wonder what this implies. Let’s take The GIMP as an example, as it is a useful program, not implementing any DRM schemes and working on the Microsoft Windows platform. Suppose that the GIMP is available under GPLv3 and keeps to be compatible with the MS-Windows platform. What if the next version of MS-Windows implements a DRM scheme in which an application has to be signed before it may access a certain file? This would imply a key generated based on the object code, and thus somebody should make the key available. The question is: who? Apparently, the people distributing (conveying according to the new wording in GPLv3 beta 2) the code. So, as these people have nothing to do with the release of a new MS-Windows version, how on earth are they supposed to distribute the key? Until the existence of that new version, everyting worked smoothly. Now, because of some action of a third party, The GIMP can no longer be redistributed, because the Corresponding Source is impossible to be made available without the collaboration of somebody not related at all (and, probably interested in avoiding the availability of The GIMP)? And by way of the “Freedom or death” clause, if one cannot guarantee every right stated in the GPL, the software cannot be conveyed anymore, to nobody. That just doesn’t make sense to me. Seems to me like the perfect denial-of-service activity in the software development field: create a new feature on a system, and magically it makes some competing software illegal.

If, on the other hand, the case mentioned above resolves to The Gimp being available to anybody, including the ones who use that new DRM implementing MS-Windows version, then the fight against DRM is lost. Because the GIMP will then be subject to the DRM rules and the GPLv3 would have nothing to say against it. In the case of the TiVo, it would not be possible to distribute something which is GPLv3′d and prohibiting the system to run, but only because the system is conveyed as a unit. If the hardware plus the DRM-enabling components (hardware plus software) is distributed by some different party, either we have the case in the previous paragraph, or the GPLv3 would not avoid tivoization. Both outcomes are unacceptable for a free software license that intends to avoid tivoization.

I sympathize with the opponents of DRM technologies. The motivation for them is mainly to extend the established (and in many ways already too wide) rights by adding a technological measure. It doesn’t seem right to use technology to narrow even more the usage you can make of information, and the result is unfair, benefiting the powerful over the weak and/or scattered ones.However, it also doesn’t seem right to impose an ethical view by the usage of software, through the licensing of that software. It would be OK to keep the freedom to use a certain software (avoiding tivoization as Stallman puts it) and thus avoid DRM for that case. But are we certain we aren’t shooting ourselves in the foot?

Permalink

RSS feed for comments on this post. TrackBack URI