I really like that they require you to pay a citizenship fee in order to vote. You want to tell us what to do? Put your money where your mouth is.
I did just that yesterday, but I’m still waiting for my citizenship rights. Asking on IRC, it seems that they’re processing these manually, and apparently they follow regular office hours, so I might not hear back until Monday. When I am able to vote, I will be very happy to vote for AGPL. Mailpile is uniquely positioned in what it does (maybe Nylas is a competition, but I don’t think so), and that’s precisely when being copylefted helps the most.
AGPLv3 would also allow selling exceptions, but the Mailipile team deliberately did not collect copyright assignments so that they couldn’t sell exceptions. I really don’t get why. They said it might corrupt them. I get that bringing in money can bring in social tension, but they’ve been bringing in money since the beginning in donations, and it seems to me that they just closed off another possible revenue stream of exception selling.
I submitted this because I rarely see such a thoughtful look at the tradeoffs of different software licences. Fingers crossed we don’t have a flamewar. :)
I think only allowing paying customers a vote is a very smart move. It discourages casual discussion from sidelines, the most probable source of flaming.
Them going with AGPL feels suicidal to me. It will be removing freedom they had already granted and will almost guarantee a fork. I suspect they would prefer to avoid a fork and hence will go with Apache 2.0.
I don’t think going AGPLv3 would be suicidal, since it’s been a license option since the beginning. It’s not like anybody would feel like they were being tricked. The terms were clear for all contributors from the start: we’ll dual-license everything for now and some day we’ll pick just one.
As to “removing freedom”, this is always a question of removing whose freedom? Freedom is a give-and-take sitution. When someone is allowed to do something, frequently someone else is not allowed something else. The AGPL would really guarantee that no user ever has to deal with a proprietary version of Mailpile, at the expense of a few developers not being able to close it up. For users' sake this might be the best thing.
It isn’t AGPLv3 that is suicidal it is a major fork that could be, I realize I didn’t make that clear in rereading my post. The various pros and cons of the licenses are entirely irrelevant, except in the eyes of those who might fork (read: developers/companies). So, when I referenced “freedom” I was speaking about developers and companies currently working with the Mailpile source and those who have contemplated it. As pushcx pointed out, the word “obligation” might have been a better to use, less loaded.
It is just brutal pragmatism, going form Apache 2.0 -> AGPLv3 will make a lot of developers and companies unable/unwilling to work on the project at all, which would leave them with the “fork or quit” question, I don’t see the AGPLv3 -> Apache 2.0 flow as being nearly as severe or forcing any of the same questions to the surface.
I am still looking for a decent mail client… and I selfishly want Mailpile to get awesome.
Mailpile is not even out of beta yet. There isn’t a deeply invested community who is relying on the non-copyleftness of it. It’s just the core devs doing almost all the work. There isn’t a whole community to alienate yet with copyleft. This is the right time to make a licensing decision.
In the future, as they themselves acknowledge, copyleft might deter some people from contributing. But since Mailpile currently has no competitor that I know of (free, self-hosted, web-based, privacy-conscious, encrypted and convenient email client), this is when copyleft can be the best tool. If all you can use is nothing or a copyleft package where your only obligation is to pay forward with modifications, the incentive to use it may be larger than the deterrent to give back your modifications.
Y'know what, I’m going to collect all my arguments in this discussion into the blog post that the Mailpile team is requesting.
I know the FSF is big on using the word “freedom”, but I think when we’re describing the requirements of the AGPL, a word like “obligation” or simply “cost” might be more useful. It seems more useful to me to say: “if your site uses AGPL code, you are obligated to share your code under the AGPL” rather than “if your site uses AGPL code, you lose the freedom to keep your code proprietary”.
I realize these are two ways of phrasing the same thing, but I like getting away from the word “freedom” because a big part of FOSS licenses, to me, is that you are receiving code (often at no cost) in exchange for taking on certain obligations. It’s a transaction. When we phrase things in terms of freedom the conversation is overwhelmed by morality, the difference between positive and negative freedoms, and denies the agency of the individuals who choose to use the code or not.
I can’t predict what the Mailpile community will choose, I don’t know anything about their community. But I think your point that they’re less likely to choose the license with more restrictions (or obligations) is a good one.
When we phrase things in terms of freedom the conversation is overwhelmed by morality,
Yes, this is quite intentional. The FSF wants you to think about what is right and moral.
the difference between positive and negative freedoms, and denies the agency of the individuals who choose to use the code or not.
I don’t understand this. How is acknowledging morality reducing agency? Isn’t it quite the opposite? By making you think of morality, it forces you to have to make a choice?
Sorry I was unclear. I know it’s intentional on the part of the FSF, I was trying to say that when humans start thinking about morality we short-circuit a lot of ability to consider anything else, including whether morality is an effective way to understand a topic. I agree with the FSF on most of their points about morality, but I don’t see it produce conversations where folks really try to get in each other’s shoes to understand disagreements.
I see morality as reducing agency because if any party in a conversation can impose their moral dimension on a question then the conversation is pretty much over: there’s only one right answer to the question and anyone who disagrees is not just wrong but unethical. As an example: should we spend two million dollars to save the life of a congenitally ill kid at the hospital? If it’s an immediate moral question, even considering alternatives is horrifying, anyone doing so should be shunned. If it’s not a moral question, we can talk about qualty-adjusted years of life or how many other lives could be saved with that money - even though this involves more abstract, long-term moral reasoning. (I’m thinking of a study that used this example, but I can’t find it now - I hope the example seems plausible on its own. If not, there a lot of political examples where the sides ‘argue’ by imposing their morality on the topic and entirely denying/misunderstanding the opposition.)
I see morality as reducing agency because if any party in a conversation can impose their moral dimension on a question then the conversation is pretty much over: there’s only one right answer to the question and anyone who disagrees is not just wrong but unethical
Eh, people’s minds rarely change about anything. Whether it’s about morals or preferences or beliefs or peer pressure or whatever other aid they use for making decisions. Appealing to people’s morality just makes them think about what truly is right.
For your example, I cannot see this as anything other than a moral question. What is right? Save a child now or save the money and save many other people later? The economics of hospital management, the value and quality of life, all of these are just part of a complicated moral calculation.
Back to software freedom, the FSF’s insistence on using the word “freedom” is precisely designed to make some people feel uncomfortable and question if what they’re doing is right. Is it right to hoard our users' personal date? Is it right to prevent our customers from understanding how their computers work? Is it right to insert backdoors into their encryption for the benefit of the government?
As to your first point about putting yourself in other people’s shoes… well, sometimes the right thing to do just can’t be good for everyone, and sometimes compromise and middle grounds are impossible. You want to run a business and make as much money as possible, and maybe spy on and control a few users a little in ways most users won’t notice… but that just runs contrary to the right thing of giving your users control, respect, and freedom. There are some things where compromise just weakens good deeds into meaningless gestures.
That is unfortunate, I was hoping stuff from Apache would be better vetted. What surprises me is that it survived review by so many huge shops (Apple, Google, Microsoft) who have entire legal teams that spend a non-trivial amount of time reviewing licenses and deciding if employees can use them (and even how they can use them).
That is one downside of using any less popular license, it hasn’t been preemptively cleared by your companies legal department, which often means for any sort of corporate use it is a nonstarter.
I know they’re not alone in this. Google, OSI, and Github all recommend or use Apache 2.0 as the go-to non-copyleft free license.
So unless you have specialised legal knowledge that these other organisations don’t have, organisations who all have somewhat mutually conflicting interests and motivations for free software, I am very skeptical as to the potential problems you raise with the Apache v2.0 license.
Skepticism is fine. I am not a lawyer, I merely understand logic fairly well.
If you read the license, the logical conclusion is inescapable. You can’t argue with logic.
You can argue that a judge or jury will likely ignore said logic and interpret it in another way, but why risk that when there are near-identical licenses that don’t have this problem?
I am not a lawyer, I merely understand logic fairly well.
This, actually, doesn’t help. Legal texts are not programming languages. You can’t reason about them the same way. You have to know how judges have reacted to similar language in the past and what they would do if they saw the same language again. It’s subjective and frustrating for those of us who are used to words and symbols of mathematical precision. The law is consensus-based, not “logic-based”, so to speak. Judges will also try to interpret the “intent” of the legal document they’re reading, not always necessarily the literal meaning.
So, I understand all of that, which is why I wrote more than one sentence.
Consensus can be gamed, especially as more time passes from the time something was originally written. In the end, it’s best if the wording clearly reflects the intended meaning. If it’s unclear, there will be problems down the line.
So, I repeat:
why risk that when there are near-identical licenses that don’t have this problem?
Because that other license has less consensus now, and where you don’t see a problem future lawyers and judges might. It is far more uncertain to use another license than this one. Apache v2.0 is overwhelmingly the most popular non-copyleft license with patent defense clauses. It is far safer to go with a license that has wide scrutiny and understanding.
And if consensus is gamed, no amount of what you may consider “clear language” will save you. After all, humans might just decide to throw out the entire legal system and do something else, or completely ignore the laws.
Apache v2.0 is overwhelmingly the most popular non-copyleft license with patent defense clauses.
Determining which legal contract to use based on its popularity? Good luck with that. May you bring down an entire civilization with that sort of thinking.
How about actually reading what you’re asking others to agree to?
why risk that when there are near-identical licenses that don’t have this problem?
Because it is unlikely that those licenses have been pre-vetted by your organization. Therefore making using them difficult or impossible. Apache 2.0 is one of the “pre-approved” licenses in a lot of organizations.
We’re talking about Mailpile here. And “pre-approved”, as mentioned in the original link, is another way of saying nobody is paying attention to what is written.
No small feat, getting a company to understand the implications of a contract its executives probably didn’t actually read closely in the first place, and then to send the document back to their lawyers to make it reasonable.
[..] a sympathetic stance would entail understanding that virtually no one reads this boilerplate stuff, that “bad code” gets passed along from one attorney and one organization to others, and then it gets defended for the surface-defensible reason that ‘standard contracts’ allow for legal interoperability. None of that sympathy is to endorse the going ‘standard’ — and it takes something like what [happened] to put things in better stead.
The “Current Decisions” sidebar on their Community Roadmap page includes some useful links to resources:
Help choose a license for Mailpile 1.0
Should Mailpile 1.0 be published under the Free Software Foundation’s GNU AGPL version 3, or the more liberal Apache License version 2.0? Confused? So are we! Some links:
I really like that they require you to pay a citizenship fee in order to vote. You want to tell us what to do? Put your money where your mouth is.
I did just that yesterday, but I’m still waiting for my citizenship rights. Asking on IRC, it seems that they’re processing these manually, and apparently they follow regular office hours, so I might not hear back until Monday. When I am able to vote, I will be very happy to vote for AGPL. Mailpile is uniquely positioned in what it does (maybe Nylas is a competition, but I don’t think so), and that’s precisely when being copylefted helps the most.
AGPLv3 would also allow selling exceptions, but the Mailipile team deliberately did not collect copyright assignments so that they couldn’t sell exceptions. I really don’t get why. They said it might corrupt them. I get that bringing in money can bring in social tension, but they’ve been bringing in money since the beginning in donations, and it seems to me that they just closed off another possible revenue stream of exception selling.
I submitted this because I rarely see such a thoughtful look at the tradeoffs of different software licences. Fingers crossed we don’t have a flamewar. :)
I think only allowing paying customers a vote is a very smart move. It discourages casual discussion from sidelines, the most probable source of flaming.
Them going with AGPL feels suicidal to me. It will be removing freedom they had already granted and will almost guarantee a fork. I suspect they would prefer to avoid a fork and hence will go with Apache 2.0.
I don’t think going AGPLv3 would be suicidal, since it’s been a license option since the beginning. It’s not like anybody would feel like they were being tricked. The terms were clear for all contributors from the start: we’ll dual-license everything for now and some day we’ll pick just one.
As to “removing freedom”, this is always a question of removing whose freedom? Freedom is a give-and-take sitution. When someone is allowed to do something, frequently someone else is not allowed something else. The AGPL would really guarantee that no user ever has to deal with a proprietary version of Mailpile, at the expense of a few developers not being able to close it up. For users' sake this might be the best thing.
It isn’t AGPLv3 that is suicidal it is a major fork that could be, I realize I didn’t make that clear in rereading my post. The various pros and cons of the licenses are entirely irrelevant, except in the eyes of those who might fork (read: developers/companies). So, when I referenced “freedom” I was speaking about developers and companies currently working with the Mailpile source and those who have contemplated it. As pushcx pointed out, the word “obligation” might have been a better to use, less loaded.
It is just brutal pragmatism, going form Apache 2.0 -> AGPLv3 will make a lot of developers and companies unable/unwilling to work on the project at all, which would leave them with the “fork or quit” question, I don’t see the AGPLv3 -> Apache 2.0 flow as being nearly as severe or forcing any of the same questions to the surface.
I am still looking for a decent mail client… and I selfishly want Mailpile to get awesome.
Mailpile is not even out of beta yet. There isn’t a deeply invested community who is relying on the non-copyleftness of it. It’s just the core devs doing almost all the work. There isn’t a whole community to alienate yet with copyleft. This is the right time to make a licensing decision.
In the future, as they themselves acknowledge, copyleft might deter some people from contributing. But since Mailpile currently has no competitor that I know of (free, self-hosted, web-based, privacy-conscious, encrypted and convenient email client), this is when copyleft can be the best tool. If all you can use is nothing or a copyleft package where your only obligation is to pay forward with modifications, the incentive to use it may be larger than the deterrent to give back your modifications.
Y'know what, I’m going to collect all my arguments in this discussion into the blog post that the Mailpile team is requesting.
I know the FSF is big on using the word “freedom”, but I think when we’re describing the requirements of the AGPL, a word like “obligation” or simply “cost” might be more useful. It seems more useful to me to say: “if your site uses AGPL code, you are obligated to share your code under the AGPL” rather than “if your site uses AGPL code, you lose the freedom to keep your code proprietary”.
I realize these are two ways of phrasing the same thing, but I like getting away from the word “freedom” because a big part of FOSS licenses, to me, is that you are receiving code (often at no cost) in exchange for taking on certain obligations. It’s a transaction. When we phrase things in terms of freedom the conversation is overwhelmed by morality, the difference between positive and negative freedoms, and denies the agency of the individuals who choose to use the code or not.
I can’t predict what the Mailpile community will choose, I don’t know anything about their community. But I think your point that they’re less likely to choose the license with more restrictions (or obligations) is a good one.
Yes, this is quite intentional. The FSF wants you to think about what is right and moral.
I don’t understand this. How is acknowledging morality reducing agency? Isn’t it quite the opposite? By making you think of morality, it forces you to have to make a choice?
Sorry I was unclear. I know it’s intentional on the part of the FSF, I was trying to say that when humans start thinking about morality we short-circuit a lot of ability to consider anything else, including whether morality is an effective way to understand a topic. I agree with the FSF on most of their points about morality, but I don’t see it produce conversations where folks really try to get in each other’s shoes to understand disagreements.
I see morality as reducing agency because if any party in a conversation can impose their moral dimension on a question then the conversation is pretty much over: there’s only one right answer to the question and anyone who disagrees is not just wrong but unethical. As an example: should we spend two million dollars to save the life of a congenitally ill kid at the hospital? If it’s an immediate moral question, even considering alternatives is horrifying, anyone doing so should be shunned. If it’s not a moral question, we can talk about qualty-adjusted years of life or how many other lives could be saved with that money - even though this involves more abstract, long-term moral reasoning. (I’m thinking of a study that used this example, but I can’t find it now - I hope the example seems plausible on its own. If not, there a lot of political examples where the sides ‘argue’ by imposing their morality on the topic and entirely denying/misunderstanding the opposition.)
Eh, people’s minds rarely change about anything. Whether it’s about morals or preferences or beliefs or peer pressure or whatever other aid they use for making decisions. Appealing to people’s morality just makes them think about what truly is right.
For your example, I cannot see this as anything other than a moral question. What is right? Save a child now or save the money and save many other people later? The economics of hospital management, the value and quality of life, all of these are just part of a complicated moral calculation.
Back to software freedom, the FSF’s insistence on using the word “freedom” is precisely designed to make some people feel uncomfortable and question if what they’re doing is right. Is it right to hoard our users' personal date? Is it right to prevent our customers from understanding how their computers work? Is it right to insert backdoors into their encryption for the benefit of the government?
As to your first point about putting yourself in other people’s shoes… well, sometimes the right thing to do just can’t be good for everyone, and sometimes compromise and middle grounds are impossible. You want to run a business and make as much money as possible, and maybe spy on and control a few users a little in ways most users won’t notice… but that just runs contrary to the right thing of giving your users control, respect, and freedom. There are some things where compromise just weakens good deeds into meaningless gestures.
I try to discourage folks from using Apache 2.0 because it contains very dangerous language in it for contributors.
There are many good licenses to choose from. I prefer MPL-2.0 for projects considering Apache. It’s similar, except without the dangerous wording.
That is unfortunate, I was hoping stuff from Apache would be better vetted. What surprises me is that it survived review by so many huge shops (Apple, Google, Microsoft) who have entire legal teams that spend a non-trivial amount of time reviewing licenses and deciding if employees can use them (and even how they can use them).
That is one downside of using any less popular license, it hasn’t been preemptively cleared by your companies legal department, which often means for any sort of corporate use it is a nonstarter.
Are you a lawyer? Did you consult one? Do you know how a judge or jury might interpret the language in question?
I know the FSF does have lawyers, does consult them, and these lawyers have a good understanding of how judges and juries would interpret these words. I also know the FSF recommends Apache v2.0 as one of its standard go-to licenses.
I know they’re not alone in this. Google, OSI, and Github all recommend or use Apache 2.0 as the go-to non-copyleft free license.
So unless you have specialised legal knowledge that these other organisations don’t have, organisations who all have somewhat mutually conflicting interests and motivations for free software, I am very skeptical as to the potential problems you raise with the Apache v2.0 license.
Skepticism is fine. I am not a lawyer, I merely understand logic fairly well.
If you read the license, the logical conclusion is inescapable. You can’t argue with logic.
You can argue that a judge or jury will likely ignore said logic and interpret it in another way, but why risk that when there are near-identical licenses that don’t have this problem?
This, actually, doesn’t help. Legal texts are not programming languages. You can’t reason about them the same way. You have to know how judges have reacted to similar language in the past and what they would do if they saw the same language again. It’s subjective and frustrating for those of us who are used to words and symbols of mathematical precision. The law is consensus-based, not “logic-based”, so to speak. Judges will also try to interpret the “intent” of the legal document they’re reading, not always necessarily the literal meaning.
This xkcd comes to mind.
I’m also reminded of the time Kurt Gödel found a “logical inconsistency” in the US constitution that would result in the president being able to become a complete despot for life.
So, I understand all of that, which is why I wrote more than one sentence.
Consensus can be gamed, especially as more time passes from the time something was originally written. In the end, it’s best if the wording clearly reflects the intended meaning. If it’s unclear, there will be problems down the line.
So, I repeat:
Because that other license has less consensus now, and where you don’t see a problem future lawyers and judges might. It is far more uncertain to use another license than this one. Apache v2.0 is overwhelmingly the most popular non-copyleft license with patent defense clauses. It is far safer to go with a license that has wide scrutiny and understanding.
And if consensus is gamed, no amount of what you may consider “clear language” will save you. After all, humans might just decide to throw out the entire legal system and do something else, or completely ignore the laws.
Determining which legal contract to use based on its popularity? Good luck with that. May you bring down an entire civilization with that sort of thinking.
How about actually reading what you’re asking others to agree to?
FWIW, that link does not include any “logical inconsistency”, either.
Because it is unlikely that those licenses have been pre-vetted by your organization. Therefore making using them difficult or impossible. Apache 2.0 is one of the “pre-approved” licenses in a lot of organizations.
We’re talking about Mailpile here. And “pre-approved”, as mentioned in the original link, is another way of saying nobody is paying attention to what is written.
I’d prefer if bad decisions wouldn’t be linked to suicide verbally, thanks.
Use “reckless”, “stupid” or “not far-sighted” if you’d like.
The “Current Decisions” sidebar on their Community Roadmap page includes some useful links to resources: