Subject: Re: [boost] Legal problem with Stackoverflow contribution under the "Creative Commons Attribution Share Alike 3.0" license
From: Dominique CHABAUD (dchabaud63_at_[hidden])
Date: 2018-02-20 07:55:47
Yes, you're right, most of developers are not lawyers. The company I work
for did a Third Party dependency scan of all our code. It was done by a
company specialized in code check and the report was analyzed by a lawyer
office specialized in copyright, licences, IP... They confirmed that this
Boost contribution could be a problem at a court. Fortunately we do not use
this contribution directly and our Dev team checked that the link step did
not include it in our executable files.
2018-02-20 0:48 GMT+01:00 Niall Douglas via Boost <boost_at_[hidden]>:
> On 19/02/2018 22:57, Tim Song via Boost wrote:
> > On Mon, Feb 19, 2018 at 3:41 PM, Niall Douglas via Boost
> > <boost_at_[hidden]> wrote:
> >> But it's a non-point. If you follow the full discussion of the reuse of
> >> snippets on stackoverflow, reuse of small pieces of code which are not
> >> self standing programs, or functionality in themselves, is not copyright
> >> infringement in most jurisdictions. cf
> >> https://en.wikipedia.org/wiki/Oracle_America,_Inc._v._Google,_Inc.
> >> all.
> > In which the courts found copyright infringement over a nine-line
> > literally copied rangeCheck function.
> That was the jury's verdict in the first case. The judge overrode that
> in a ruling which can be read at
> http://www.groklaw.net/pdf3/OraGoogle-1202.pdf. In that he lays out the
> many cases where copyright cannot be infringed on a snippet, and the
> importance of originality as far as copyright is concerned.
> So, for example, a snippet cannot be original if there is only one way
> of calling a set of system APIs to achieve a goal, and copy-and-paste
> identicality is not important for copyright infringement, but rather it
> is the originality in the sequence of steps. So even if Peter takes that
> snippet and rewrites it, if he duplicates the sequence exactly, it's the
> same snippet as far as US IP law is concerned.
> Some code on stackoverflow does not call system APIs, and could have
> originality in its algorithm or design. Those snippets you don't reuse
> without permission. But if it mostly calls system APIs, its originality
> is highly constrained, and it now falls under fair use.
> The snippet in question calls a lot of system APIs. It is hard to
> implement very differently without replacing the calls to those system
> APIs with inferior ones. That's fair use so.
> > (The district court also later ruled that the jury could have validly
> > found for either side on the fair use defense for the APIs. And the
> > jury's fair-use verdict is still under appeal, so it's hardly
> > "established case law".)
> > This copying seems by far closer to the rangeCheck copying than the APIs.
> If you read the court's judgement, you will find that the rangeCheck
> issue stemmed from failure to sufficiently document original source,
> hence the importance of etiquette to comment where you get borrowed code
> from. The same programmer wrote the same code twice in two separate
> situations nothing to do with Android, and due to how open source works,
> one of those copies eventually ended up in Android through no design nor
> intent of anybody. That's why the court found a technical infringement,
> but with no damages, especially as once the infringement had been
> noticed, it was immediately rectified.
> This is what I've been saying: you can't make pristine open sourced IP.
> Can't be done. I've spotted on more than one occasion code on SO
> matching that of Boost. I suspect there's plenty of it, and nothing
> anyone can do about it. Even if it were all purged through a herculean
> effort now, a few years from now it would be back to the situation now.
> IP leaks across boundaries, so channel not damn the flow.
> Better therefore to attribute sources, cite your references, don't steal
> but instead borrow. Then if an IP claim lands, you've done everything by
> the book. Nobody did anything malicious like take somebody else's code,
> *and hide where they got it from* which is not a technical infringement,
> but a malicious one with intent to deceive.
> Everything I said above refers to very small pieces of code where any
> originality is hard to determine. Anything larger, or obviously novel,
> is copyright to its author and is not being referred to above.
> ned Productions Limited Consulting
> http://www.nedproductions.biz/ http://ie.linkedin.com/in/nialldouglas/
> Unsubscribe & other changes: http://lists.boost.org/
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk