GPL 3 may tackle Web loophole

Web companies may be forced to publish the source code of any GPL-licensed software that they are using for commercial services

The next version of the GPL may tackle the issue of Web companies using free software in commercial Web-based applications but are not distributing the source code.

At present, companies that distribute GPL-licensed software must make the source code publicly available, including any modifications they have made. Although this rule covers many businesses that use GPL-licensed software for commercial ends, it does not cover Web companies that use GPL-licensed software to offer their services through the Web, as they are not actually distributing the software.

GPL 3, the next version of the free software licence, of which a draft is expected for release in early 2006, may close this loophole, according to GPL author and head of the Free Software Foundation (FSF), Richard Stallman, in an interview with publisher O'Reilly Media.

Stallman said developers may be encouraged to add a command to their GPL-licensed Web application that allows users to download the source code. The inclusion of this command in modified versions of the program will then be enforced by an additional clause in GPL 3.

"We're looking at an approach where programs used [on a public server] will have to include a command for the user to download the source for the version that is running," Stallman said. "If you release a program that implements such a command, GPL 3 will require others to keep the command working in their modified versions of the program."

This change would have no effect on existing software, but could be added by developers in future versions of a particular software, according to Stallman. He said this was only a "tentative plan" as it has not yet been studied fully to see whether it would work.

GPL 3 may also include a clause to penalise companies that use software patents against free software and a clause to prevent companies from using digital rights management (DRM) in free software applications. Stallman said that one possible way that it might handle DRM is by forcing companies to distribute the signature keys of the binaries of free software applications.

"We are thinking about a clause requiring distribution, with the software, of any signature keys necessary to sign the binary so that it can run and fully utilise the machine's facilities. This would prevent the perversion of a supposedly 'free' program, which nominally you are allowed to change, except that modified versions are prevented from functioning," said Stallman.

One clause that is unlikely to be significantly changed in GPL 3 is the clause that forbids translations, although the Free Software Foundation (FSF) is considering allowing translated versions that can only be used in one country.

"Authorising a translation of the GPL is very risky, because a mistake could be disastrous worldwide. Most of the world's major languages are known by neither me nor Eben Moglen [general counsel for FSF]. We would have to rely on translators who are lawyers but not necessarily free software supporters, and we could not check their work. Thus, mistakes would be rather likely," said Stallman.

"We're thinking about the idea of authorising translations that are valid for one country only. That could reduce the risk to the point where we could consider it," he said.

The full interview with Stallman can be read on O'Reilly's ONLamp Web site.