Github, popular code sharing and collaboration site, has recently become much more attentive to the subject of unlicensed code. Obviously, like any user content driven site, Github had extensive terms and conditions that governed what Github itself could do with code that you uploaded. However, unlike Sourceforge or Google Code, it lacked a robust framework for allowing users to state what licence covered their code for the purposes of other users. Frequently it would not be clear which licence if any covered this kind of use of the projects on Github.
We have discussed the option of providing no licence with your code on this blog recently (Unlicensed code: is it ever OK?, Unlicensed code: movement or madness?). It’s superficially tempting, both as a reasoned reaction to the complexity of IPR management and as dodge to avoid it. However OSS Watch advises its customers to deal with the issue, and indeed over the years it has become an easier and easier argument to make in the academic world at least, where IP management and exploitation is emphasised more with each passing budget.
The argument against leaving your licensing unclear is fairly obvious: many of the benefits of open source release arise from collaboration, and if your collaborators value clarity in IP then they need to know the terms under which they can collaborate with you. Full clarity is perhaps only achievable when you have the trinity of a licence, a contributor agreement and a governance model, but of these the licence is the most crucial (and indeed some would say the licence should be taken to serve as all three).
So is we accept that a licence is necessary for clarity, how do we make sure we are clear on which licence to choose? It’s ironic that – for something that is supposed to improve clarity – most licences are so opaque linguistically. Like cryptic crosswords, they have implied techniques for parsing their language that are non-obvious. One answer is to do what Github has done (and indeed what OSS Watch did for their community some years ago) and produce a kind of taxonomy of licence features. Licences are complex and individual, but they contain sections that can be broadly grouped in terms of what they try to achieve. This is true both for licences in general, and even more so for the small sub-category of free and open source licences.
What you end up with, if you attempt this task, is something like the feature comparison lists you often get to aid understanding of software functionality; essentially a table with features on one axis, products on another, and ticks in between indicating which products have which features. The feature list Github has extracted varies slightly from the OSS Watch one, but that is only natural; this is a subjective exercise. The question we faced, and which faces users of Github’s tool now, is what to do when you have landed upon the ‘product’ that seems to suit your needs as a code author. At OSS Watch we use our licence tool as a first stage during a consultation, with subsequent discussion and support to choose a licence which genuinely suits a customer. We do our best to make sure the code owners actually read and understand the licence they pick; after all this is their property and the licence is a statement of their intentions for it. Personally I feel uneasy at the idea that any approximation of a licence, such as these tools inevitably provide, is going to be taken as the licence itself. Still, maybe an approximate idea is better than no idea at all?
I think in some ways the free and open source software community has been suffering icon-envy ever since the Creative Commons project launched. In the case of CC, the features, their iconic representation and their encoding in legal and natural language were born of a unitary effort. Free and open source licences have no such single source, and although the Open Source Initiative provides accreditation that certain licences exhibit certain features, we are far from having a simple, single, agreed taxonomy of their features. Github’s project may help provide us with one, but like OSS Watch’s tool, it’s not a complete substitute for actually reading your licence.