German Court Finds Fantec Responsible For GPL Violation On Third-Party Code 228
ectoman writes "Are firms responsible for GPL violations on code they receive from third parties? A German court thinks so. The Regional Court of Hamburg recently ruled that Fantec, a European media player maker, failed to distribute 'complete corresponding source code' for firmware found in some of its products. Fantec claims its third-party firmware supplier provided the company with appropriate source code, which Fantext made available online. But a hackathon organized by the Free Software Foundation Europe discovered that this source code was incomplete, and programmer Harald Welte filed suit. He won. Mark Radcliffe, an IP expert and senior partner at DLA Piper who specializes in open source licensing issues, has analyzed the case—and argued that it underscores the need for companies to implement internal GPL compliance processes. 'Fantec is a reminder that companies should adopt a formal FOSS use policy which should be integrated into the software development process,' he writes. 'These standards should include an understanding of the FOSS management processes of such third-party suppliers. The development of a network of trusted third-party suppliers is critical part of any FOSS compliance strategy.'"
Yes, when asked to comply the company lied. German (Score:5, Informative)
Contrast that to when I pointed out to Plesk that they were violating the Apache license. They very quickly apologized and posted the code, putting an end to the issue. All they needed to do is post the code that they compiled in order to come into compliance.
The court opinion is six pages, Im guessing three of those are boilerplate. Are there any fluent speakers of German who can read through it and tell us the facts as expressed by the court?
Re:Bigger Issue (Score:5, Informative)
They didn't adopt the GPL they borrowed code that was GPL so they had to do less work rather than spend tends of thousands of dollars doing the work themselves. It's not the first time I've heard of a company thinking their added code totaling a fraction of a percent of the project is somehow worth more than the rest. It's also not the firs time I've seen willful ignorance on behalf of a device maker.
I few years back I was sourcing some kit for an ISP and discovered the ADSL modems were based on Linux + BusyBox. I asked the manufacturer if I could have the source so we could try some local modifications only to be told "the chipset maker doesn't supply that" and I would have to talk to them (in China) about it. I argued the point but they refused to accept that they had a legal obligation. Fortunately about a year later they entered into a settlement with the gpl-violations.org but by then I was no longer working for that ISP.
Not just due diligence, lying and covering up (Score:5, Informative)
That second scenario is what Plesk did. I pointed out they weren't in compliance and as an Apache copyright holder I insisted that they comply.
They immediately posted the Apache code they were using, ending the matter. The only effect on them is that now a couple of Slashdot readers know that they did the right thing.
I think that's the big takeaway - when you mess up, don't lie and initiate a cover-up, just fix it and move on.
Re:Premptive STFU to GPL haters (Score:2, Informative)
How did this get modded insightful?
Yes, they should follow the license for all code they use.
No, this would not have been an issue if they had used code under BSD.
Yes, if I had a company that was producing code based on OSS, I'd be making sure I was using BSD licensed (or one of the other more liberal licenses).
It's a simple matter of risk, BSD licensed code is less risky for companies to use. That's not good or bad, it just is.
Re:Premptive STFU to GPL white knighters (Score:4, Informative)