Over the course of this year’s State of Open Con, the annual open technology conference, there has been a creeping sense of uncertainty in open source. Mixed feelings of optimism and unease have run through many of the event’s keynotes, panels, and consultation sessions.
While many herald the achievements of open source, there are also those who continue to level criticisms at the flaws present within the community and none perhaps more so than Bruce Perens.
Speaking in his keynote address at this year’s the open source veteran touts the shortcomings of the open model, arguing that current licenses are unfit for purpose and that a “corporate-developer power differential” is preventing a level playing field.
“Our licenses aren't working. 1/3 of paid-for Linux systems are now sold with the GPL circumvention, prohibiting redistribution of source code. That's billions of dollars in business,” Perens says.
General Public License (GPL) circumvention refers to a situation in which companies seek to undermine open source software by applying restrictions to modification or redistribution.
To illustrate the issue, Perens draws attention case of the database management firm Neo4j which went to court in 2022 to dispute products being sold as open source licensed versions of its software from being distributed. The products relied on the removal of Commons Clause additions it had made to its license. A district court judge ruled in favor of Neo4j, arguing that companies cannot call software open source if it doesn’t meet the definition.
“I've been going to the court to observe the Neo4j case, regarding the commons clause, which distorts the purpose of open source licensing,” he adds. “That court has invalidated the GPL language prohibiting the addition of terms. This is a problem.”
The current form of open source licensing would appear to have lost its way, in that it no longer protects the core values of the software. Perens makes direct reference to the inequalities created by the current licensing model.
“We have a great corporate welfare program, our users are the richest companies in the world. Indeed, we've enabled companies like Google to be created.
“In contrast, if our developers aren't working for those companies, they probably go un-compensated.”
Distilling this into a phrase, Perens describes the “corporate-developer power differential,” which denotes the unfair rewarding of large company licenses over the remuneration of developers.
Monetization is an ever-constant struggle in open source. Back in August 2023, HashiCorp announced that it would be moving away from open source licensing to Business Source Licensing (BSL), restricting commercial use and limiting the income sources of certain developers and vendors. This move followed similar changes made by both MongoDB and Elastic.
Complex compliance for open source
Compliance has been a major topic at State of Open Con and Perens takes aim at what he outlines as an inefficient and largely unnecessary system necessary to keep up with the compliance landscape, which serves only to eat up time and money.
“The companies that actually want to follow the rules of open source have large departments just for compliance. I spoke with someone yesterday who had worked in a $7 million per year compliance department,” he says.
“Can't we give them something better to do with that money?” he adds.
As the author of the world’s first open source manifesto and the co-founder of the Open Source Initiative, Perens’ criticisms carry weight within the community. His speech underlies a growing concern within the community about the viability of the open source model, particularly with regard to licensing.
Perens’ concerns around compliance have been echoed in the Labour Party’s focus on open innovation, which has been welcomed by OpenUK CEO Amanda Brock.
Shadow minister for science and innovation, Chi Onwurah, eyed a cautious approach to regulation in her keynote, while Brock raised concerns around compliance in conversation with ITPro.
How open source can adapt and look to the future
In what he cautiously describes as “post-open,” Perens lays out some of his ideas for the future of open source. “It may never happen, this may be a dream, but hear me out,” he says.
The first port of call, he argues, is fair and sufficient payment for developers so as to motivate them in their continued contribution and support. “Compensate developers fairly for their work. Motivate developers to write for the common person by paying them,” he says. In the past, open source developers have called for government funding to help meet this need.
Perens stresses the importance of compliance, explaining how regulatory systems could be reformed to better suit the demands and workflows of companies, while still adhering to the foundational rules of open source. A key part of this would be making compliance an annual process.
“Entities over a specific and future revenue, I'm thinking maybe $5 million, would pay for that wish to keep a modification private,” he explains. “And they need to audit what software they use, form, and redistribute once a year.”
This need to audit is necessitated from the perspective of the open source community, who need to know who their contributors are and who they need to pay. The aim, Perens argues, is to create a post-open-source collection that holds everything under one license and one payment.
While Perens’ vision has a somewhat utopianist charm, he makes it clear that he’s been putting in the leg work to get his ideas off the ground. He’s put out a grant request of $100,000 to develop draft policies and processes through legal work, and he’s also considering offers of investment from several companies, though with a mind to maintain the project’s independence.
“Just one license, one contract for paid users, one operating agreement for developers, a few companies that collect money and distribute it to developers,” Perens says.
This is Perens’ keynote rallying cry to his addressees, the future of open source, targeting the core issues the open source community is facing, and the measures that could be taken to rectify them.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
George Fitzmaurice is a staff writer at ITPro, ChannelPro, and CloudPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.