Etienne, You may also want to look at https://tldrlegal.com/ <https://tldrlegal.com/> as it’s a site that tries to simplify license understanding. Of course, still pay attention to the full text of any license you work with and seek legal consultation as warranted, but maybe a useful resource for getting a handle on the terminology and differences.
I suggest going down the list of “MOST POPULAR” licenses first, as they are very well-understood and in prevalent use. Cheers! Sean > On Dec 1, 2016, at 4:57 AM, FREJAVILLE Etienne > <etienne.frejavi...@coface.com> wrote: > > Thank you for the link below that I had searched without success. > Moreover this discussion helped me better understand the terminology (still > lightly ambiguous, but after all it’s the problem with natural language, no ? > ;-)) > I see that it can become very tricky with some licences and particular > technologies.. > I think the best is to start with licences that are clearly permissive for > our situation, and have our legal department keep an eye on that. They’ll > decide what to do for other situations more subtle. > > Best regards. > > Etienne > > De : License-discuss [mailto:license-discuss-boun...@opensource.org > <mailto:license-discuss-boun...@opensource.org>] De la part de Radcliffe, Mark > Envoyé : mardi 29 novembre 2016 19:36 > À : license-discuss@opensource.org <mailto:license-discuss@opensource.org> > Objet : Re: [License-discuss] Using opensource in a company not in the > software business > > And being compliant is the right thing to do. > > From: License-discuss [mailto:license-discuss-boun...@opensource.org > <mailto:license-discuss-boun...@opensource.org>] On Behalf Of Ben Tilly > Sent: Tuesday, November 29, 2016 10:32 AM > To: License Discuss > Subject: Re: [License-discuss] Using opensource in a company not in the > software business > > If you host the software on a server and they hit that API, this does not > count as distribution. But there are licenses, such as the AGPL, that will > still cause you problems there. > > The exact definition of when linking creates a derivative work has not to my > non-lawyerly knowledge been litigated. Many lawyers think that the GPL FAQ > is overly optimistic about how much power the license will have if litigated. > On the other hand staying within its suggestions greatly limits the odds of > problems down the road. > > In general each open source license aims to allay some fear that the author > of the software had. Some, like the MIT and Apache licenses, protect the > authors and otherwise make it easy to use the code as you see fit. Others, > like the GPL, avoid having someone build something cool on your software > while refusing to let you see/build on that. > > It is likely easiest for you to start with > https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses#FOSS_licenses > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Comparison-5Fof-5Ffree-5Fand-5Fopen-2Dsource-5Fsoftware-5Flicenses-23FOSS-5Flicenses&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=TCa2aR4yZuooZ9ly4VCCQamoHgdZUjTkxjRXc5AWU0I&s=7hP38b5LRT5dyIs80y8_uKD1W7fMJ3ZompMtamxH024&e=>, > decide where your comfort level is, and try to only use software on one side > of that. That's a lot easier than staying careful about exactly how you use > each piece of software. > > Alternately you can decide that you are not in the software business after > all, give away all distributed software with source, and charge for access to > a service that you maintain. (And avoid the AGPL!) > > On Tue, Nov 29, 2016 at 12:27 AM, FREJAVILLE Etienne > <etienne.frejavi...@coface.com <mailto:etienne.frejavi...@coface.com>> wrote: > Hello, > > Thank you for the answers. It seems that we are concerned even though we > don't sell the software provided to the customer. > Apparently, the fact that the customer uses the software from the outside of > the company counts as a 'distribution'. > > I may submit that topic to our lawyers, but before I have more precise > questions related, concerning particular uses of licences, to be sure I > understand them correctly. > And I agree not to trust 'as is' answers from a mailing list, but it's a good > start! > > It seems that Apache, BSD, MIT... licences do not cause particular problems > in our context (and in general). > > Concerning GPL, I have found in the GPL's FAQ that: > > "The community expects that all code linked to GPL code will be licensed > under the GPL, even if the link is made at runtime using a shared library" > > Does it means that in that case we should release publicly under the GPL > licence any of our source code that use the open source libraries ? > If true, does indirect usages are also concerned ? Libraries that call > libraries that call open source libraries will also have to be licenced under > the GPL licence ? > > Concerning LGPL, knowing that the user cannot modify our code as it's > proprietary, I understand that using Java libraries for example is not > possible as he must be able to > (§ 4 of the LGPL V3 : ) "... recombine or relink the Application with a > modified version of the Linked Version to produce a modified Combined Work". > > But using Opensource javascript LGPL library without providing source code > should be possible if I understand well. > Indeed, if the code using the opensource uses it as a reference to a library > on a distant domain, the user can get the benefits of the latest version of > the library used by our code if he wants. > > E.g , if displaydate.js is an open source library released under the LPGP > licence, in our code: > > <script src="displaydate.js" type="text/javascript"> > </script> > > would be an incorrect usage, whereas: > > <script src="http://www.yahoo.com/displaydate.js > <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.yahoo.com_displaydate.js&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=TCa2aR4yZuooZ9ly4VCCQamoHgdZUjTkxjRXc5AWU0I&s=OvmN-UgJQOG7J5wcI3Ps85Du8qUqD1FT08vQ7dFsd-8&e=>"> > </script> > > would be a correct usage. > > Is it correct ? > > Thank you. > > Cordialement, Best regards. > > Etienne > > > De : License-discuss [mailto:license-discuss-boun...@opensource.org > <mailto:license-discuss-boun...@opensource.org>] De la part de Radcliffe, Mark > Envoyé : lundi 28 novembre 2016 22:55 > À : license-discuss@opensource.org <mailto:license-discuss@opensource.org> > Cc : c...@theiet.org <mailto:c...@theiet.org> > Objet : Re: [License-discuss] Using opensource in a company not in the > software business > > I agree with Ben. Lawyers with open source experience will dramatically > decrease your costs. You should also consider consulting Heather Meeker’s > book: > https://www.amazon.com/Open-Source-Business-Practical-Licensing/dp/1511617772/ref=sr_1_1?ie=UTF8&qid=1480369990&sr=8-1&keywords=open+source+for+business+meeker > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.amazon.com_Open-2DSource-2DBusiness-2DPractical-2DLicensing_dp_1511617772_ref-3Dsr-5F1-5F1-3Fie-3DUTF8-26qid-3D1480369990-26sr-3D8-2D1-26keywords-3Dopen-26-2343-3Bsource-26-2343-3Bfor-26-2343-3Bbusiness-26-2343-3Bmeeker&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=TCa2aR4yZuooZ9ly4VCCQamoHgdZUjTkxjRXc5AWU0I&s=zrUEvmKneAfJOhfNJUDJC7abUwC3nR1MdWZm0CyITHY&e=> > > From: License-discuss [mailto:license-discuss-boun...@opensource.org > <mailto:license-discuss-boun...@opensource.org>] On Behalf Of Ben Tilly > Sent: Monday, November 28, 2016 11:44 AM > To: License Discuss > Cc: c...@theiet.org <mailto:c...@theiet.org> > Subject: Re: [License-discuss] Using opensource in a company not in the > software business > > Nigel's list is biased towards paranoia. Paranoia is a healthy default But > it is OK, for example, to ship useful standalone GPL tools to customers in a > zip file that happens to also contain proprietary code of yours that does not > use those tools. > > As always, if in doubt you should consult a lawyer and the license. And > don't rely on opinions from a mailing list. > > One final note, I would recommend that it may be worth your while to find a > lawyer with open source experience, and not just familiarity with > intellectual property. Open source licenses are somewhat unusual, and there > are common misunderstandings around, for instance, how the GPL works that a > general lawyer is likely to spend time working through the first time. (Is > this a contract? Does it apply if it is not a contract?) While lawyers are > generally happy to research things on your dime, this is not always an > efficient use of your money... > > On Mon, Nov 28, 2016 at 9:29 AM, Tzeng, Nigel H. <nigel.tz...@jhuapl.edu > <mailto:nigel.tz...@jhuapl.edu>> wrote: > Cindy advice is best but the quick and dirty answer for you given the two > things you stated: > We do not modify or enhance the open source code of the used libraries. > At last, our code must be kept as proprietary and we don’t consider providing > the source code using the opens source libraries. > Good: Apache, BSD, MIT and other permissively licensed open source code. > > Maybe Good: LGPL, MPL and weak copyleft licensed open source code. > > Not Good: GPL and any strong copyleft licensed open source code. > > Review your code base and anything that used GPL source code in an > Android/iOS app or Windows/MacOS/Linux program is an issue. On your internal > server if you used any AGPL code it may be an issue. > > Your normal lawyer should be able to find you an IP lawyer but you might as > well start going over your code base. > > Regards, > > Nigel > > From: License-discuss <license-discuss-boun...@opensource.org > <mailto:license-discuss-boun...@opensource.org>> on behalf of Cinly Ooi > <cinly....@gmail.com <mailto:cinly....@gmail.com>> > Reply-To: "c...@theiet.org <mailto:c...@theiet.org>" <c...@theiet.org > <mailto:c...@theiet.org>>, License Discuss <license-discuss@opensource.org > <mailto:license-discuss@opensource.org>> > Date: Monday, November 28, 2016 at 7:51 AM > To: License Discuss <license-discuss@opensource.org > <mailto:license-discuss@opensource.org>> > Subject: Re: [License-discuss] Using opensource in a company not in the > software business > > You _are_ in the software business. > > The correct person to evaluate your case is your lawyer. > > As Woolley said, regardless of which the license of the software you choose > uses, you still have responsibility under open source license, and your > customers have expectations as provided for by the license. > > It is the same whether it is open source license or close source license > > Your lawyer will look at each license you need to use and apply it to see > whether it meets your business objective. > > Another good place to start is to see is there any local people who can talk > you through it for the price of a coffee. However, your lawyer has the final > say. > > > Best Regards, > Cinly > > ***** > “There should not be an over-emphasis on what computers tell you, because > they only tell you what you tell them to tell you,” -- Joe Sutter, Boeing 747 > Chief Engineer. > > On 28 November 2016 at 10:23, FREJAVILLE Etienne > <etienne.frejavi...@coface.com <mailto:etienne.frejavi...@coface.com>> wrote: > Hello, > > I'm sorry for asking a question that has probably been answered in the past, > but I couldn't find a clear and precise answer on the subject on your website > or any web resource. > > We are a private company and we wonder how to deal with developments using > open source. > > First of all we are not a software company, and therefore we just provide > software applications to our customers, so that they can use our services/buy > our products. > > We develop with code that may use opensource, both: > > - 1. Pure internal software > - 2. Software for our customers provided as Web applications (that obviously > interacts with a part of our internal software). > - 3. Software for our customers provided as mobile applications (IOS&Android > apps) that interacts with a part of our internal software. > > The usage we make of opensource, is either use the opensource products as > standalone products (e.g Maven, Kados..), or use them ‘as is’ as libraries > (most java or javascript) (e.g POI, jQuery...). > We do not modify or enhance the open source code of the used libraries. > At last, our code must be kept as proprietary and we don’t consider providing > the source code using the opens source libraries. > > I have read quite a few pages on the opensource.org > <https://urldefense.proofpoint.com/v2/url?u=http-3A__opensource.org&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=mb6Xv_IQ0-9vyxXoreSfoPx986ZZ17jIvvSEeZzr_m0&s=cW_7dVP6ausJzvov6lbFHOGhMdXgxspnB24JX4mlUFU&e=> > website, the FAQ and other external papers, but it seems that the licences > discussions and restrictions, concern most of the time the usage of the open > source in commercial products, or concern the distribution of open sources > modifications. > > First of all, I would like to know if a software provided to our customers in > our case, is considered in the open source terminology as a 'customer > product'. > Second, I would like to understand what 'distribution' stands for. Is > distributing a web application or mobile application considered > 'distribution' ? > We provide some binary code that may contain usages of open source libraries, > to some of our subsidiaries. Is it also considered as 'distribution' ? > > The idea behind these questions is to know if in fact we have to care about > using Open source software or not in our situation.. > > If indeed we provide a commercial product and we are considering distributing > software that may require the usage of opensource libraries for being able to > work, indeed, I guess we are concerned by Open source usage. > If it's the case, I will have more precise questions regarding the usage we > make of these libraries, to understand what licences we may use and what we > may not. > > Thank you. > ********************************************************************** > Le groupe Coface, un leader mondial de l'assurance-crédit, propose aux > entreprises du monde entier des solutions pour les protéger contre le risque > de défaillance financière de leurs clients. Ses 4 400 collaborateurs assurent > un service de proximité dans 67 pays. > > The Coface Group, a worldwide leader in credit insurance, offers companies > around the globe solutions to protect them against the risk of financial > default of their clients. 4 400 staff in 67 countries provide a local service > worldwide. > > > Confidentialité/Internet disclaimer > > Ce message ainsi que les fichiers attachés sont exclusivement adressés aux > destinataires désignés et peuvent contenir des informations à caractère > confidentiel. Si vous n'êtes pas le destinataire désigné, merci de prendre > contact avec l'expéditeur et de détruire ce message, sans en faire un > quelconque usage ni en prendre aucune copie. > Les messages électroniques sur Internet peuvent être interceptés, modifiés, > altérés, détruits, ou contenir des virus. L'expéditeur ne pourra être tenu > responsable des erreurs ou omissions qui résulteraient de la transmission par > voie électronique. > > This message and the attachments are exclusively addressed to their > designated addresses. If you are not the intended recipient, please contact > the sender and delete the message without making any use or copying it. > E-Mail transmissions could be intercepted, corrupted, lost, destroyed or > contain viruses. The sender therefore does not accept liability for any > errors or omissions in the contents of this message which arise as a result > of e-mail transmission. > ********************************************************************** > > _______________________________________________ > License-discuss mailing list > License-discuss@opensource.org <mailto:License-discuss@opensource.org> > https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss > <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opensource.org_cgi-2Dbin_mailman_listinfo_license-2Ddiscuss&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=mb6Xv_IQ0-9vyxXoreSfoPx986ZZ17jIvvSEeZzr_m0&s=OQ2JBElTCY-xLYUEDNIEGPMqzktuIhVn_Ymm_-H2Qio&e=> > > > _______________________________________________ > License-discuss mailing list > License-discuss@opensource.org <mailto:License-discuss@opensource.org> > https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss > <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opensource.org_cgi-2Dbin_mailman_listinfo_license-2Ddiscuss&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=mb6Xv_IQ0-9vyxXoreSfoPx986ZZ17jIvvSEeZzr_m0&s=OQ2JBElTCY-xLYUEDNIEGPMqzktuIhVn_Ymm_-H2Qio&e=> > > Please consider the environment before printing this email. > > The information contained in this email may be confidential and/or legally > privileged. It has been sent for the sole use of the intended recipient(s). > If the reader of this message is not an intended recipient, you are hereby > notified that any unauthorized review, use, disclosure, dissemination, > distribution, or copying of this communication, or any of its contents, is > strictly prohibited. If you have received this communication in error, please > reply to the sender and destroy all copies of the message. To contact us > directly, send to postmas...@dlapiper.com <mailto:postmas...@dlapiper.com>. > Thank you. > ********************************************************************** > Le groupe Coface, un leader mondial de l'assurance-crédit, propose aux > entreprises du monde entier des solutions pour les protéger contre le risque > de défaillance financière de leurs clients. Ses 4 400 collaborateurs assurent > un service de proximité dans 67 pays. > > The Coface Group, a worldwide leader in credit insurance, offers companies > around the globe solutions to protect them against the risk of financial > default of their clients. 4 400 staff in 67 countries provide a local service > worldwide. > > > Confidentialité/Internet disclaimer > > Ce message ainsi que les fichiers attachés sont exclusivement adressés aux > destinataires désignés et peuvent contenir des informations à caractère > confidentiel. Si vous n'êtes pas le destinataire désigné, merci de prendre > contact avec l'expéditeur et de détruire ce message, sans en faire un > quelconque usage ni en prendre aucune copie. > Les messages électroniques sur Internet peuvent être interceptés, modifiés, > altérés, détruits, ou contenir des virus. L'expéditeur ne pourra être tenu > responsable des erreurs ou omissions qui résulteraient de la transmission par > voie électronique. > > This message and the attachments are exclusively addressed to their > designated addresses. If you are not the intended recipient, please contact > the sender and delete the message without making any use or copying it. > E-Mail transmissions could be intercepted, corrupted, lost, destroyed or > contain viruses. The sender therefore does not accept liability for any > errors or omissions in the contents of this message which arise as a result > of e-mail transmission. > ********************************************************************** > > _______________________________________________ > License-discuss mailing list > License-discuss@opensource.org <mailto:License-discuss@opensource.org> > https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss > <https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opensource.org_cgi-2Dbin_mailman_listinfo_license-2Ddiscuss&d=CwMGaQ&c=3wvJ0zJmnOH4EwE3NZ_dojrpL7MAvp0sk6CwidQglYA&r=jdsm-qkq-Mk027Redh3Cbs2iQvbzFXesOa4hf4yZVks&m=TCa2aR4yZuooZ9ly4VCCQamoHgdZUjTkxjRXc5AWU0I&s=hRSeiFXCcxMJf5dTk6oFpw_cwF-dzeXhnNlGRWb0RTQ&e=> > > Please consider the environment before printing this email. > > The information contained in this email may be confidential and/or legally > privileged. It has been sent for the sole use of the intended recipient(s). > If the reader of this message is not an intended recipient, you are hereby > notified that any unauthorized review, use, disclosure, dissemination, > distribution, or copying of this communication, or any of its contents, is > strictly prohibited. If you have received this communication in error, please > reply to the sender and destroy all copies of the message. To contact us > directly, send to postmas...@dlapiper.com <mailto:postmas...@dlapiper.com>. > Thank you. > ********************************************************************** > Le groupe Coface, un leader mondial de l'assurance-crédit, propose aux > entreprises du monde entier des solutions pour les protéger contre le risque > de défaillance financière de leurs clients. Ses 4 400 collaborateurs assurent > un service de proximité dans 67 pays. > > The Coface Group, a worldwide leader in credit insurance, offers companies > around the globe solutions to protect them against the risk of financial > default of their clients. 4 400 staff in 67 countries provide a local service > worldwide. > > > Confidentialité/Internet disclaimer > > Ce message ainsi que les fichiers attachés sont exclusivement adressés aux > destinataires désignés et peuvent contenir des informations à caractère > confidentiel. Si vous n'êtes pas le destinataire désigné, merci de prendre > contact avec l'expéditeur et de détruire ce message, sans en faire un > quelconque usage ni en prendre aucune copie. > Les messages électroniques sur Internet peuvent être interceptés, modifiés, > altérés, détruits, ou contenir des virus. L'expéditeur ne pourra être tenu > responsable des erreurs ou omissions qui résulteraient de la transmission par > voie électronique. > > This message and the attachments are exclusively addressed to their > designated addresses. If you are not the intended recipient, please contact > the sender and delete the message without making any use or copying it. > E-Mail transmissions could be intercepted, corrupted, lost, destroyed or > contain viruses. The sender therefore does not accept liability for any > errors or omissions in the contents of this message which arise as a result > of e-mail transmission. > ********************************************************************** > _______________________________________________ > License-discuss mailing list > License-discuss@opensource.org <mailto:License-discuss@opensource.org> > https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss > <https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss>
_______________________________________________ License-discuss mailing list License-discuss@opensource.org https://lists.opensource.org/cgi-bin/mailman/listinfo/license-discuss
