Ted Gould’s debate with Bradley Kuhn and others about the Canonical Copyright Assignment Agreement (CAA) is quite illustrative and one of Ted’s remarks provides a good launching pad for me to express why I find the CAA so objectionable.
I would say that those who don’t trust Canonical to be good stewards of the project with their patch, shouldn’t assign copyright. (reference)
The ability to trust Canonical is indeed one of the problems with the CAA. Canonical does a lot of good work in the free software domain, and its work on Ubuntu is funded by philanthropic donations from its founder. These are great things, without which Ubuntu would not exist. But Canonical is not a charity, it is a company with aspirations of profitability, and contracts frequently with companies who may not have the same commitment to free software as it does. Furthermore Canonical is not only a free software company. It has non-free software in its portfolio, some of which has been placed by it into the Ubuntu namespace. For these reasons I can definitely see why some people would have trouble blindly trusting that Canonical will never use their code in proprietary software. It seems unlikely, even extremely unlikely, but not impossible. That’s particularly the case given that Canonical expressly reserves the right to do it in this clause of the CAA:
Canonical will ordinarily make the Assigned Contributions available to the public under a “Free Software Licence”, according to the definition of that term published by the Free Software Foundation from time to time. Canonical may also, in its discretion, make the Assigned Contributions available to the public under other license terms. (emphasis added)
But this is not the main problem with the CAA. The main problem is that people should not have to decide whether they are prepared to give this trust to Canonical. It is unnecessary, and inappropriate.
- Unnecessary because there is a perfectly simple alternative solution – to include within the CAA a provision which guarantees that the assigned code will not be used in proprietary software. Other CAAs do this.
- Also unnecessary because it is very hard to see why Canonical needs to own copyright in affected code. The stated justification on the Canonical FAQ is “Canonical both uses and distributes software around the world. We need to make sure we are legally entitled to do so with contributed code, in a way that will hold up everywhere.” Whatever other reason Canonical may have for requiring copyright assignment, that one is nonsense. Canonical doesn’t have copyright to a lot of the code which it ships in Ubuntu (because the majority of Ubuntu’s code comes from upstream) and this doesn’t affect Canonical’s ability to redistribute that code, and it does so freely. I have not seen any response which addresses this issue on any Ubuntu mailing list or on Planet Ubuntu, despite having raised it on Ubuntu’s development mailing list in January 2010.
- Inappropriate because the individual is giving up legal rights by signing the CAA. That action means that it is for Canonical, as the recipient of those rights, to satisfy the individual that the rights will be used in the appropriate way, not the other way around.
The CAA is a legal document. As a lawyer drafting agreements on a daily basis (albeit not in this sector), I know that in such documents, it is unacceptable to leave eventualities to trust or hope. If you have a desired consequence in a specific situation, you include a provision dealing with it. I am sure that Canonical would not sign any commercial agreement which left a particular consequence down to trust.
Until these issues are resolved, I won’t be signing the Canonical CAA.