Re: [boost] Legal problem with Stackoverflow contribution under the "Creative Commons Attribution Share Alike 3.0" license

Hi Niall, Yes, you're right, most of developers are not lawyers. The company I work for did a Third Party dependency scan of all our code. It was done by a company specialized in code check and the report was analyzed by a lawyer office specialized in copyright, licences, IP... They confirmed that this Boost contribution could be a problem at a court. Fortunately we do not use this contribution directly and our Dev team checked that the link step did not include it in our executable files. Dominique 2018-02-20 0:48 GMT+01:00 Niall Douglas via Boost :

On 19/02/2018 22:57, Tim Song via Boost wrote:

...

On Mon, Feb 19, 2018 at 3:41 PM, Niall Douglas via Boost wrote:

...

But it's a non-point. If you follow the full discussion of the reuse of snippets on stackoverflow, reuse of small pieces of code which are not self standing programs, or functionality in themselves, is not copyright infringement in most jurisdictions. cf https://en.wikipedia.org/wiki/Oracle_America,_Inc._v._Google,_Inc. after all.

In which the courts found copyright infringement over a nine-line literally copied rangeCheck function.

That was the jury's verdict in the first case. The judge overrode that in a ruling which can be read at http://www.groklaw.net/pdf3/OraGoogle-1202.pdf. In that he lays out the many cases where copyright cannot be infringed on a snippet, and the importance of originality as far as copyright is concerned.

So, for example, a snippet cannot be original if there is only one way of calling a set of system APIs to achieve a goal, and copy-and-paste identicality is not important for copyright infringement, but rather it is the originality in the sequence of steps. So even if Peter takes that snippet and rewrites it, if he duplicates the sequence exactly, it's the same snippet as far as US IP law is concerned.

Some code on stackoverflow does not call system APIs, and could have originality in its algorithm or design. Those snippets you don't reuse without permission. But if it mostly calls system APIs, its originality is highly constrained, and it now falls under fair use.

The snippet in question calls a lot of system APIs. It is hard to implement very differently without replacing the calls to those system APIs with inferior ones. That's fair use so.

...

(The district court also later ruled that the jury could have validly found for either side on the fair use defense for the APIs. And the jury's fair-use verdict is still under appeal, so it's hardly "established case law".)

This copying seems by far closer to the rangeCheck copying than the APIs.

If you read the court's judgement, you will find that the rangeCheck issue stemmed from failure to sufficiently document original source, hence the importance of etiquette to comment where you get borrowed code from. The same programmer wrote the same code twice in two separate situations nothing to do with Android, and due to how open source works, one of those copies eventually ended up in Android through no design nor intent of anybody. That's why the court found a technical infringement, but with no damages, especially as once the infringement had been noticed, it was immediately rectified.

This is what I've been saying: you can't make pristine open sourced IP. Can't be done. I've spotted on more than one occasion code on SO matching that of Boost. I suspect there's plenty of it, and nothing anyone can do about it. Even if it were all purged through a herculean effort now, a few years from now it would be back to the situation now. IP leaks across boundaries, so channel not damn the flow.

Better therefore to attribute sources, cite your references, don't steal but instead borrow. Then if an IP claim lands, you've done everything by the book. Nobody did anything malicious like take somebody else's code, *and hide where they got it from* which is not a technical infringement, but a malicious one with intent to deceive.

Everything I said above refers to very small pieces of code where any originality is hard to determine. Anything larger, or obviously novel, is copyright to its author and is not being referred to above.

Niall

-- ned Productions Limited Consulting http://www.nedproductions.biz/ http://ie.linkedin.com/in/nialldouglas/

_______________________________________________ Unsubscribe & other changes: http://lists.boost.org/ mailman/listinfo.cgi/boost