[Spi-private] IRC log from 2003-02-04 SPI Board meeting
Theodore Ts'o
tytso at mit.edu
Tue Feb 25 17:54:36 UTC 2003
One comment about the U.S. versions of such a copyright assignment. I
would strongly suggest that any such legal wording be similar to the
one which the FSF accepted from IBM when IBM donated the s390 changes
to the binutils package:
http://sources.redhat.com/ml/bug-binutils/2000-q3/msg00000.html
... and not based on the default templates distributed by the FSF. In
particular, the offending words which you will note the IBM lawyers
removed from the assignment agreement referenced above are:
"... I hereby indemnify and hold harmless the Foundation, its
officers, employees, and agents against any and all claims, actions or
damages (including attorney's reasonable fees) asserted by or paid to
any party on account of a breach or alleged breach of the foregoing
warranty."
Why is this bad? An explanation can be found at this web page:
http://ohwg.cap.gov/jag/indemnify.html. In part:
"Indemnification means you agree to step into the shoes of the
person you have agreed to indemnify and suffer in their place whatever
consequences they were to suffer because of something happening
(literally to protect them from being "damned"). That includes
financial suffering - paying the bills to repair or replace damaged
things; paying the judgment a court assesses them for injury to a
third party; sometimes paying a fine levied against them; anything
short of imprisonment for their own direct criminal conduct. Anyone
want to bet their own house and savings?"
A good rule of thumb is that any time you see a legal agreement with
the word "indemnify", that should be an immediate red flag, and you
should ideally refuse to sign such an agreement before getting
competent legal advice.
If I'm going to write software, and donate my efforts and my
intellectual property the Open Software community, that's my choice.
I've done this on many occasions. But one thing that I will NOT do
after making such a free donation of my efforts is to sign something
which explicitly puts my house and all of my savings at risk. If IBM
refused to put its corporate assets at risk when it donated the s390
binutils changes to the FSF, why should I risk mine? As a result, I
will refuse to donate code to any project which requires me to sign an
agreement with similar language.
- Ted
More information about the Spi-general
mailing list