Linux, the GPL, and Civil Liberties

Discussion topics, Linux related - not requests for help

Moderators: ChrisThornett, LXF moderators

Linux, the GPL, and Civil Liberties

Postby professorsnapper » Sun May 01, 2011 11:22 am

**NB: this post is not intended to start a flamewar. It is intended to express my dismay at limitations that have been placed on supposedly libre software, and to highlight an issue that some *nixers and FOSS advocates might not be aware of.**

Wow - I've just gotten a real shock, and it's not one I ever imagined I'd get in the FOSS world.

I've been solidly sold on (GNU/)Linux's "libre" credentials for some time now - I see the right to be able to freely modify, copy, and redistribute Linux as one of its' core strengths, even if I don't yet contribute to the "modify" part.

It seems, to some extent at least, that the Fedora project agrees with this position - their official website announces that freedom is one of their core values. They go further:

"We provide free alternatives to proprietary code and content to make Fedora completely free and redistributable for everyone. That way, anyone can use any of our work for their own purposes, without legal hassles, to further spread free software."

So, you can imagine my astonishment when I discovered the following caveat on the bottom of the download page on the official Fedora site:

"Export Regulations

"By clicking on and downloading Fedora, you agree to comply with the following terms and conditions:

"Fedora software and technical information is subject to the U.S. Export Administration Regulations and other U.S. and foreign law, and may not be exported or re-exported to certain countries (currently Cuba, Iran, Iraq, North Korea, Sudan, and Syria) or to persons or entities prohibited from receiving U.S. exports (including those (a) on the Bureau of Industry and Security Denied Parties List or Entity List, (b) on the Office of Foreign Assets Control list of Specially Designated Nationals and Blocked Persons, and (c) involved with missile technology or nuclear, chemical or biological weapons). You may not download Fedora software or technical information if you are located in one of these countries, or otherwise affected by these restrictions. You may not provide Fedora software or technical information to individuals or entities located in one of these countries or otherwise affected by these restrictions. You are also responsible for compliance with foreign law requirements applicable to the import and use of Fedora software and technical information."

So, Fedora is free to use and redistribute, unless you happen to live in a country that isn't on the U.S. government's Christmas card list. Presuming that Fedora is released under the GPL or similar license, where does it enable bias on the grounds of a person's geographic or geopolitical situation (or any other basis)?

Of course, M$ and Apple probably adhere to policies like the one above, but to me it seems a travesty for FOSS to hold this line. The requirement isn't universal across the Linux landscape - I remember reading that Cuba has adopted their own Linux distro. So, Fedora, what gives?
professorsnapper
 
Posts: 5
Joined: Sun May 01, 2011 10:44 am
Location: Australia

Postby roseway » Sun May 01, 2011 11:42 am

If they're based in the US, it's probably a legal requirement for them to say that.
Eric
roseway
LXF regular
 
Posts: 448
Joined: Thu Jan 18, 2007 2:27 pm

Postby nelz » Sun May 01, 2011 12:35 pm

So US law prohibits distribution to some countries, Fedora have the decency to inform their users of this to save them inadvertently breaking the law and you blame Fedora?

Talk about shooting the messenger.

Hint: The GPL is not capable of overriding the laws of any country.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8504
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby guy » Sun May 01, 2011 10:30 pm

I seem to recall that Uncle Sam has decreed that sufficiently strong encryption is weapons-grade and therefore comes under US weapons export legislation, which bans export to certain countries.

Fedora presumably includes, or might include, such encryption technologies. Hence the message. What is so laughable is that a fair amount of this technology was developed elsewhere in the world and imported into the USA - where it is illegal to re-export it back to the country of origin!

Yes, technically the export restriction does not respect the four freedoms that the GPL is designed to protect. But RedHat/Fedora live in the US of A, which has yet to release its legislation under the GPL. MInd you, the way the Obama administration is going ....

BTW, look closely and you will find some genuinely non-free components in the average GNU/Linux distro, typically hardware drivers and media players/tools. Truly free Linux is hard to find.
Cheers,
Guy
The eternal help vampire
User avatar
guy
LXF regular
 
Posts: 1078
Joined: Thu Apr 07, 2005 12:07 pm
Location: Worcestershire

Postby professorsnapper » Mon May 02, 2011 2:14 am

Folks, thanks for the points you've raised. I appreciate your engaging on the subject.

Nelz wrote:The GPL is not capable of overriding the laws of any country.


Nelz & Eric, I realise that Fedora don't make a country's laws, but I reckon Guy hits the spot in saying,

guy wrote:What is so laughable is that a fair amount of this technology was developed elsewhere in the world and imported into the USA - where it is illegal to re-export it back to the country of origin!


Which neatly raises the question: to what extent can U.S. (or any other country's) law restrict access to an internationally-produced collaborative product? Presumably those same products / components that the U.S. govt are concerned about are freely available through distro's / repositories not based in the U.S., which to me makes the export regulations ring pretty hollow. Certainly, the feasability of policing of this law must be patchy at best.

And Guy, you make an excellent point about the non-free globs in Linux...

Thanks again for the rich discussion!
professorsnapper
 
Posts: 5
Joined: Sun May 01, 2011 10:44 am
Location: Australia

Postby roseway » Mon May 02, 2011 6:23 am

Which neatly raises the question: to what extent can U.S. (or any other country's) law restrict access to an internationally-produced collaborative product?


They can't of course, but they can certainly prohibit US based companies and citizens from exporting any such material.
Eric
roseway
LXF regular
 
Posts: 448
Joined: Thu Jan 18, 2007 2:27 pm

Postby nelz » Mon May 02, 2011 10:28 am

professorsnapper wrote:Which neatly raises the question: to what extent can U.S. (or any other country's) law restrict access to an internationally-produced collaborative product?


They can't. What they can do is restrict activities within their borders, and as that is where Red Hat are, they must comply. That doesn't stop a distro leaving such code off their disc but allowing to be be downloaded from a server that is not subject to those laws, which is how American companies have distributed encryption software for years.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8504
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Bazza » Mon May 02, 2011 10:40 am

Hi nelz...

> That doesn't stop a distro leaving such code off their disc but allowing
> to be be downloaded from a server that is not subject to those laws,
> which is how American companies have distributed encryption software
> for years.

I'm curious, how is that possible?

The above statement becomes a paradox...

If Red Hat modify GPLed code inside the USA that is in theory
restricted under US law, how do they get that code onto external
servers outside of the USA borders...

A contradiction in terms...
73...

Bazza, G0LCU...

Team AMIGA...
User avatar
Bazza
LXF regular
 
Posts: 1476
Joined: Sat Mar 21, 2009 11:16 am
Location: Loughborough

Postby nelz » Mon May 02, 2011 11:25 am

It's not a paradox, because nowhere did I state that Red Hat modified the code. They cannot actually touch the code in any way, not even package it into an RPM, within the US, but that doesn't stop a non-Red Hat employee doing the same outside of the US. The same principle is used with DeCSS code, for similar reasons, which is why most distros also don't include libdvdcss yet have it in a third party repository.

The code being open source allows Red Hat to have nothing to do with it directly, as long as the packages do not have a Red Hat signature.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8504
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Bazza » Mon May 02, 2011 12:31 pm

Hi nelz...

But Red Hat can modify any GPLed code so.........

I`ll rephrase my sentence a little...

If <some_us_based_distro> modify legal GPLed code inside the USA
and then in theory it inadvertantly becomes restricted under US law,
how do they get that code onto external servers outside of the USA
borders...

By definition they can't so it becomes a paradox, OR, they're in breach
the terms and conditions of any F(L)OSS licences that occur by not
re-issuing their mods...

This may be hypothetical but theoretically possible...
73...

Bazza, G0LCU...

Team AMIGA...
User avatar
Bazza
LXF regular
 
Posts: 1476
Joined: Sat Mar 21, 2009 11:16 am
Location: Loughborough

Postby nelz » Mon May 02, 2011 6:28 pm

To which the answer is obvious, they don't modify the code. Why would they need to?
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8504
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby Dutch_Master » Mon May 02, 2011 8:36 pm

To answer Bazza's dilemma: they just upload it to a US based server, then have a non-US citizen pull it down from abroad and presto: problem solved :)
Dutch_Master
LXF regular
 
Posts: 2445
Joined: Tue Mar 27, 2007 1:49 am

Postby Rhakios » Tue May 03, 2011 6:08 pm

Well yes, as the OP's original quote says, they notify the party downloading the software and expect them to observe the law.

On the more particular note about encryption software, that's not something Red Hat are likely to tamper with anyway, we can all remember, I'm sure, the trouble Debian got into over that one.
Bye, Rhakios
User avatar
Rhakios
Moderator
 
Posts: 7634
Joined: Wed Apr 06, 2005 11:18 pm
Location: Midlands, UK


Return to Discussion

Who is online

Users browsing this forum: No registered users and 1 guest