The Problem Of Software Licensing

This wasn’t a request, just a personal debate of mine.

Meet the main contenders. On the one hand, we have the likes of DRM: making it difficult not only to pirate their software, but to use it legally after you’ve legitimately bought it.

On the other hand, we have Richard Stallman and the Four Essential Freedoms:

  • The freedom to run the program as you wish, for any purpose (freedom 0).
  • The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
  • The freedom to redistribute copies so you can help your neighbor (freedom 2).
  • The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

Paul Graham also has an essay that’s pretty sympathetic to Stallman, although it doesn’t explicitly agree with him on the points mentioned above. It simply takes a stand against DRM and restrictive copyright licensing.

I don’t fully agree with either of these. I agree with PG, and my views are closer to Stallman’s side, but I also think the freedoms Stallman considers essential would prevent people from being able to profit from writing software. As someone who plans to profit from writing software as a living, this puts me in a bit of a dilemma.

The main problem, as I see it, is that software “piracy”–the act of seeing a developer (or any digital creator, such as a music artist) selling their work for an amount of money, and choosing to deny them reimbursement for their work and for making your life easier by downloading it elsewhere even if you could have paid for it fairly–is not taboo.

I can sympathize with so-called piracy (which, I agree with Stallman, is a pretty strong word for something that isn’t always bad) in the case where one actually doesn’t have the money. I don’t care if high school students want to grab something I made from a torrent site or whatever instead of… not paying for it and not benefiting from it, which is their other option. I want to help people with my software. I also sympathize when the software is patently overpriced. (Photoshop, I’m looking at you. You’re worth, like, fifty bucks… not two hundred.)

So, what constitutes “bad” piracy? Is “good” piracy even piracy? It’s clear the issue isn’t black-and-white. To me, the license applied to software needs to consider critically precisely which behaviors are to be prohibited, and which ones allowed.

I ran a quick Google search and found a post on entitled “Is internet piracy a bad thing?” There’s some intelligent discussion going on about the benefits and costs of piracy in general.

Here’s one against piracy:

Internet piracy is theft.

Internet piracy is not as bad as stealing something physical, such as a CD or DVD, as no one lost money from the physical creation of the item, but, it is still theft, and still bad. While it may not be physical, the parallels are unquestionable. In both situations you are getting something for free that has cost others lots of time, money and effort to build. Films especially cost huge amounts to make, often hundreds of millions of dollars, in exactly the same way to how it costs someone to create a handbag or a car. If internet piracy was not an option, you would either not watch said film, or buy it, giving the creators money and consequently payment for their efforts. However, as internet piracy is an option, there is no motivation for people to pay. If everyone pirated this would mean that all films would result in major losses, and film/computer programme/music would all become charitable things relying on donations to be made. Instead, the current situation is some people pirate, and others pay the proper price, giving the creators the money they deserve. But that itself is unfair, as why should some have to pay while others do not? No matter how people twist it to justify what they are doing, despite the fact internet piracy is not stealing something physical, it is still theft, you are not stealing from a shop owner or item-owning citizen, but you are stealing from the creators of whatever you pirate.

Here’s one that says piracy is sometimes okay:

It isn’t [a bad thing], within limits.

Lets say a movie isn’t available in your country. Maybe it will be- in a few months or so (in a cut and extra-less version), but your friends from overseas are already touting how good it is. Perhaps there’s a game that’s two times more costly in your region than anywhere else in the world. It could be that you’ve been screwed over by DRM and locked out of your *legally purchased* software (very, very frustrating, and it really bothers me when a pirated product is *better* and *easier to use* than the legal one, because it doesn’t have the damned DRM) It might be you have your wallet ready, but the software is prohibitively expensive. Say you’d love to pay to watch those episodes of Game of Thrones, but you really don’t want a full HBO subscription. There are instances in which piracy is justified- it can be a means of protecting consumers from bad industry practices, like overpricing, awful DRM (screws over only paying consumers!) or idiotic distribution practices.
Of course, piracy is terrible if it means profiting from someone’s work, plagiarism, or not paying for something you could have reasonably easily obtained legally.

I agree with both, as you might have gathered. I didn’t write either, however.

I’d like to call attention to the last line of that second one:

“Of course, piracy is terrible if it means profiting from someone’s work, plagiarism, or not paying for something you could have reasonably easily obtained legally.”

This lists three things (really, two behaviors) that are to be prohibited:

1. Plagiarism, which we can probably all agree is awful;

2. Benefiting from someone else’s work without giving them the payment they’ve asked for, if you could have reasonably obtained it legally.

This is my view in a nutshell. I think it’s a lot of people’s views in a nutshell. Now, the question is how to keep those behaviors from happening, because I think the current measures are far too restrictive. There must be a better way to do this.

To prevent both of those things, most software companies only distribute binary files. They don’t distribute source code, because a) their competitors could see how their software worked and copy it, and b) it would be easy to illicitly redistribute their programs by just releasing the source code to the Internet. Many software providers also prevent redistribution of their binaries by trying to locate and eradicate sites which distribute them illegally.

Windows, notably, does not do the latter. Not because Microsoft is somehow more noble… they’ve just found a way around the latter concern. Windows copies only work if you have a product key. I think this is a hint as to how we could get things to work.

Another hint is Mac OS X. Part of the code is open, and the other part is closed-source. I consider this fairly acceptable, although it definitely isn’t a perfect solution.

A third hint is actually Chrome OS. Most of that OS’s software is cloud-based. You need server support to run it.

These three hints, working together, can fight at least the second behavior.

If your software is cloud-based, you can open up most of your code. This is because if your software is cloud-based, you can make your users pay for an account to log in to the server, or a product key.

The first option (access through accounts) is basically how Google Play works! (At least on mobile phones.) And as we’ve found, that works pretty well. 🙂 I, at least, haven’t heard much about pirating apps. I’m sure it happens, but not much. I wouldn’t expect it to pick up just because the source became available, either, unless the price of the software exceeded the price of publishing an app to Google Play (about $20, I think) and supporting it. And if it’s cheaper to reproduce and maintain on your own (something crackers are highly unlikely to do, let alone do well), that probably means the original was far overpriced.

The second option (which you have to take if you aren’t providing server support–i.e., if it’s a piece of desktop software) requires making part of your code closed-source. Namely, the part that requires your users to need a product key. The problem here is that if you distribute that binary in the middle of untainted source, piracy-minded folks will just strip it out of your package and use the rest of your source code. So maybe you have to hide your main method or close off one feature that it’s inconvenient not to have, thus making it inconvenient to pirate your software.

(A nasty/fun hack one could try as an alternative to this would be to program the product-key-requirement code in Whitespace or something. Crackers, on the whole, wouldn’t be smart enough to catch on.)

[Edit: A note on product keys. I object to product keys and licensing that say you can only run the program on one machine. I think the legal qualifier should be that you’re licensing the program to one person, not one computer, and deal with licensing for institutions like schools and businesses separately (this, I think, is how the current model came about). Licensing to a person is pretty painless on both sides. Having a user sign into an account which includes their billing data in order to access their program seems pretty effective; at most you get them sharing with close friends and family, which helps (marketing) more than it hurts.]

I think a lot of big corporations would object to this idea, though. They’d be worried about their competitors accessing their code and copying it. Indeed, I’d start off being nervous about putting tinypapers out there like that, at least right now.

The trick is that you have to have a brand and a following first. You have to be recognizable. Furthermore, your users have to like and be loyal to you. If someone else stole Photoshop’s code, even if they had no patents, people would probably recognize that it was stolen Photoshop code. However, a lot of hackers would go, “Hey, awesome, we don’t have to support Adobe.” Adobe has had a history of producing crummy, overpriced software–Flash and Dreamweaver certainly come to mind. Photoshop isn’t crummy, but it is overpriced.

Whereas if I were to establish a brand with tinypapers–make it well-known and recognizable–I’d be more likely to have a good relationship with my users. I can afford to listen to what they’re saying they want. I can afford to give them spectacular customer service. I can afford to start fixing a bug the hour they report it–perhaps even while they’re on the phone with me. I also don’t have a history of ripping them off, and don’t plan to sell my app for more than a dollar or two–more probably, though, I’d distribute a free version first with one line of simple text ads per page–and charge more for server space if/when that becomes a thing.

At that point in my business, assuming (hoping!) I get there, anyone trying to copy me would most likely be ignored, because my users by then would like me too much. The competitor also have to learn to use the tools I’m using, which not many people know how to do, so I have a head start. Because I’m young and not tied to a programming language, I don’t hesitate to learn a new framework like Kivy, even though it’s a steep learning curve.

There would be a trade-off to opening up my code: many companies would not want to buy tinypapers. But I think those would probably be miserable companies to work for, so maybe that’s a good thing. It also might make it harder to get investors. But if those investors care more that my code is open than whether users like my product, they’re probably dumb investors.

It’s tempting to open up my code on GitHub now. I really like the open-source development methodology, the community surrounding GitHub, and the version control software itself. It’s tempting to think that my repo wouldn’t be seen by much of an audience at first anyway. But I think, for prudence’s sake, I’ll hold off for now. It’s kind of a dumb idea to let potential competitors know that much about a larval startup.

I’d really like to hear your opinions on this, readers. Honestly, I’d especially like Paul Graham’s opinion, because he’s seen so much of the landscape I’m talking about and has good powers of analysis (and I’d like to see a more recent essay of his about it). I’ll try emailing him, but he’s probably really busy. Nevertheless, my habit of bugging people I admire hasn’t done me any disfavors yet. 😉

ESR, if you happen to be reading this, I’d really appreciate your comments too. You’ve probably heard a lot of discussion on this topic, and generated quite a bit of it yourself.

Edit: Other Thoughts

It was observed by ESR in “Cathedral and the Bazaar” that repositories which encourage others’ contributions to their code have fewer forked projects running from them; changes got incorporated into the main branch rather than spinning off into their own projects.

It occurs to me, then, that if a startup were to open up their code, there is a way to prevent certain competitors–the ones who are at least partially driven by wanting to make better software. A hacker may look at a commercial application, think, “I can do better than this,” and write his own, thus becoming a competitor. But if the application’s source is open, and the people running the business behind it aren’t territorial about their code, he can apply as a sort of temporary consultant for whatever feature he wanted to program in. Basically, he could program in the feature, and offer it to the company with an estimate of what he thinks it’s worth (maybe $50-$2000 if it’s somewhere from a little bug fix to a neat but not huge addition, or he could ask for stock if it’s particularly large). Then the company could accept or reject it, or negotiate price if necessary. Since they (hopefully) know their users better than J. Random Hacker does, their decision would probably be respected.

This would also solve the hiring problem many startups face! Anyone who provided a few good fixes or features like this would be a very promising candidate. And of course it would make the company’s software better, which is always excellent.

Big companies buy startups for their software (the basis of their market) and their people. Why can’t startups buy code chunks and job candidates?


2 thoughts on “The Problem Of Software Licensing

  1. I think this is a great analysis of the subject and certainly is not an easy solve. I too can sympathize with those who want to make money from their work and are afraid that going fully open source will be counterproductive to that goal. In the end though, in my own project I decided fully open source was the only way for me to go and here is why:

    I believe beyond all the fear, hype, and backstabbing two main things are true: (1) People are inherently good. (2) Open Source creates a better end product and the community I want to live in. These two simple personal truths don’t allow for anything else to take hold in my development. I think that the open source model is the correct one and I believe that most people will support a project or product they feel deserves it and not simply take it because it is donation only or the like. I respect the idea that developers should get paid for their work, but I am willing to risk getting paid less to have something to add to a community and ecosystem I believe in.

    There are steps you can take to safeguard yourself against such abuse and the ever vigilant eyes of your competition and still remain open source though. For example, if you provide support and a service that is not represented in the coding of the project, the platform becomes simply a tool for which you can deliver that service and it is much harder to straight up copy a benefit like that. In addition, you can work on the project in its development as a private endeavor and simply release it as open source when you get a working alpha/beta product as well. You could also hide some important part of your code as you suggest in you post but this seems to me to be counter to the open source ideal and would likely only hurt you in the long run. As funny as it would be to find whitespace code in a project, even if I prefer LOLCODE myself ;P, to me it is an all or nothing choice. You can’t say something is open source if it is only partially open source.

    I don’t think there is a right or wrong answer to this question. I think it comes down to much of what you mention in your post. Don’t cheat your customers and they won’t cheat you. Unfortunately much of the market has the mentality of cheat them before they cheat you on both sides of the coin. Crackers trying to get everything they can before the company gets everything they can. It is a toxic cycle that pushes out those who would willingly pay for and fairly use the product.

    It is my opinion that any time there is a great effort to break something and redistribute at risk to the user that it is indicative of a larger problem in the acquisition of that item; like in the DRM you mention or other similarly hazardous methods of asset protection. It is clear that the wants and needs of the user has changed and the monetization models are not properly adapting to match these changes. Staying stagnant in any business is the best way to have your ideas fester and die.

    Perhaps the line between Open and Closed is going to birth some new idea that matches up with what people want and the need to monetize effectively at a rate that the software is worth. Until something like that becomes clearly defined and undergoes an ethical pass or two to ensure it is fair, I think I have to stick to the idea that if my idea is good enough people will want to pay for it, contribute to it, and improve on it and really that is all I ever wanted anyways.


    • You raise very good points, and I do firmly believe in open source wherever it can be fully applied. No arguments there!

      However, the “where it can be fully applied” is just one use case. One very large use case. The model of “People are generally decent; they’ll generally pay” works when it’s one person’s chunk of software that they want to make income from. Presumably this is working for AdBlock’s author, for instance.

      The complicated and interesting use case is that of slightly larger companies of perhaps a hundred people. They’re conservative. They want regular income, in order to pay their employees. They can’t quite rely on the decency of mankind to regularly throw out just enough to keep the bills paid. And they don’t want to just rely on the open-source community for development; for one thing, it might mean getting rid of their people because they can’t pay for them. They want to distribute their software and get paid a regular amount each time, because then they can extrapolate on the user growth/income graph with regularity. They don’t want to be pirated, but maybe they want to let you see how things work.

      It’s an interesting problem to solve! I’ve been thinking about it for quite a while, so that if I happen to land in one of those places, the idea has a chance of making proprietary code less proprietary, and therefore less sucky. The “partially open” thing is a hack, and an ugly one, but it might be a serviceable one as well. I don’t know, not knowing much about the psychology of companies at that stage beyond the more obvious stuff.

      The other issue is that many people regard open source software as “free beer” software. There doesn’t seem to be a moral obligation to pay for ideas, even ideas that are more like intangible, complicated tools. This isn’t everyone, of course, and it depends on how much money the users might have. Now that I have a steady job, I’m more inclined to show my gratitude. Disk Inventory X recently helped me free up 70GB of hard disk space, and I sent the author a note of appreciation and a little cash. Not a lot, just enough to buy him an order of Chinese or whatever. I can afford that. I just hope he’s getting plenty of people who are happy enough to buy him Chinese. I was going to write a post on how nice the software is but haven’t gotten to it yet. Spoilers! I personally believe that publicity is a decent form of payment, perhaps a step or two below actual money.

      As far as startups go… they can be different than the “older company” case I presented above. They don’t have all those people yet (if they do, they’re going to flunk out anyway), so they don’t worry about firing them. They aren’t conservative and they can afford to take risks. As long as paying the startup is easier than getting things to work on users’ own effort, letting developer users tinker and examine and make suggestions is a seriously good idea.

      And I really like my idea of paying for good pull requests. If a competitor did want to copy you, they’d have to choose open or closed too. If they choose open, it’s obvious they copied you, which won’t look good in the press. If they choose closed, the dev users (who are frequently general trendsetters in tech) will instantly prefer you anyway. After all, if they find a bug, it’s not an inconvenience… it’s an income opportunity.

      So, I guess I’m arguing for a few different sides in my post in different cases, and didn’t realize it until your comment made me think about it. Thanks! But yeah, once I’ve got stuff rolling, maybe a decent user base and a few patent applications, I plan on opening up my code. Those plans may change if external pressures force them, but I think it’s a good idea.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s