When "open source" software isn't truly open source

The meaning of "open source" may seem self-evident, but what many people call open source is not. Chad Perrin illustrates the difference between pretend and actual open source software.

Richard Stallman may have kick-started the Free Software and open source software community, but the Open Source Initiative was founded in 1998 by Bruce Perens and Eric Raymond to offer an alternative approach to defining and promoting the same software development processes and licenses, and that approach has gotten the lion's share of public recognition since. Free Software is a term that both promotes Stallman's ideological goals regarding how software is distributed, thus turning off business-oriented software users who disagree with Stallman's ideology, and manages to conflate itself with software that simply doesn't cost anything. Perens and Raymond coined the term "open source software" to refer to software developed under essentially the same conditions as Stallman's Free Software definition.

Once the term "open source software" was coined, it was also defined. The official Open Source Definition is clear, and explains how software must be licensed to qualify as open source software. The specific points of the Definition address issues related to:

  1. Redistribution
  2. Source Code
  3. Derived Works
  4. Integrity of the Author's Source Code
  5. No Discrimination Against Persons or Groups
  6. No Discrimination Against Fields of Endeavor
  7. Distribution of License
  8. License Product Specificity
  9. License Restrictions on Other Software
  10. License Technology Neutrality

A summary of the effect of the conditions mandated by that Definition is available in the Wikipedia article about open source software:

Open-source software (OSS) is computer software that is available in source code form for which the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study, change, and improve the software.

Unfortunately, the fact is that many people misuse the term "open source software" when referring to their own software. In the process of looking for a decent dice roller IRC bot in 2010, I came across one called Bones. On the announcement page for it, Bones: Ruby IRC Dicebot, its author said the dicebot is:

Free: Like most IRC bots, Bones is open source and released free of charge.

In subsequent email discussion with its author, it turned out that his definition of "open source" is substantially different from that of the Open Source Initiative, me personally, and the entire open source community -- to say nothing of Microsoft, Oracle, tech journalists, and just about everybody else who uses the term:

Question: You said in your page for bones that "Like most IRC bots, Bones is open source and released free of charge."  What open source license are you using for it?

I haven't released it under any particular open source license. It's only open source in so far as it isn't closed source.

In an attempt to clarify the legal standing of the IRC bot, I asked further:

Any chance I could get you to let me do stuff with it under a copyfree license (my preference is the Open Works license, though BSD and MIT/X11 licenses or public domain are great too) so I can hack on yours a bit rather than just having to start over from scratch?

I don't plan on releasing it under a license, but that shouldn't stop you from making changes to the code if you like.

Of course, if I have the source in my possession -- which is pretty much a given for any Ruby program -- I can indeed make changes to it if I like. The point he ignored is that without a license setting out what permissions the copyright holder grants to recipients of the code, these recipients cannot legally share changes with others. This effectively made any interest I had in improving his program dry up and blow away. It also effectively means that when he called it "open source", he made an error either of ignorance or of deception. When I pointed out to him the legal problems involved, he declined to respond.

There is some argument to be made as to whether a license that conforms to the requirements of the Open Source Definition should be called an "open source" license even if it has not been certified by the OSI itself. Many of us are inclined to regard a license as an open source license if it obviously fits the definition, regardless of certification. By that standard, the Open Works License and WTFPL (Note: the full name of the WTFPL may not be safe for reading at work, depending on your workplace; be careful clicking on that link) are open source licenses. By the standards of the list of OSI approved licenses, however, they are not -- because the OSI requires an extensive review process that lies somewhat outside the range of what many would-be license submitters have the time and resources to pursue.

Let us for argument's sake accept that merely conforming to the Open Source Definition is sufficient to call a license "open source", regardless of official approval by the OSI. By contrast with the Bones IRC bot, then, an IRC bot called drollbot (part of the larger droll project) that I wrote from scratch to serve much the same purpose as Bones actually is open source software, released under the terms of the Open Works License.

The simple comparison of Bones with drollbot serves to illustrate the difference between what really is open source software and what only pretends to be. The pretense, in this case, is an example of something many people call "source-available software", where the source code is available but recipients are granted no clear legal permission to modify, redistribute, and even sell the software if they so desire -- requirements of both the Open Source Definition and the Free Software Foundation's definition of Free Software.

There are many other concerns related to how we classify software and the licenses under which we distribute it, but many of them are secondary to the simple necessity of understanding what is or is not open source software at its most basic level. Whether or not you consider a piece of software to qualify as "open source software" if the license under which it is distributed has not been officially approved by the OSI, one thing is clear. That is the fact that before you go around telling people to download your "open source software", you should give them assurances of the most basic requirement of open source software as differentiated from software that has merely been written in a language traditionally run by an interpreter rather than compiled to an executable binary:

When you call something "open source software", you must give all recipients a guarantee that they may modify and redistribute the software without fear of lawsuits for copyright violation. If you do not do that, by way of a license that conforms to the Open Source Definition or by releasing the software into the public domain, what you give them is not open source software. Period.