We actually discussed this issue at the Legal Affairs committee meeting in January. The issues raised by Marc led the Committee to conclude that, at present,
it would be very difficult to find a general rule and a case by case approach would be difficult to manage and potentially unfair to the major contributors. The fundamental issue raised at the Legal Affairs Committee meeting was that such a policy would be
unfair to the major contributors because it would actually favor “small contributors” over the major contributors.
I also don’t think that the bylaws actually give the Executive Director that authority and it would be difficult to have the Board grant it to him. My memory
was that the approach in drafting this section was consistent in minimizing discretion in the manner in which contributions could be accepted. Although I suggested giving the Board more flexibility, the decision was that method of contribution needed to tightly
controlled. As currently drafted, the Bylaws always contemplate the use of a CLA. The bylaws set up the following hierarchy: (1) contributions under the OpenStack Contributor License Agreements in Appendix 7 (2) contributions under a modified CLA (or license)
approved by the Board and (3) contributions under the OpenStack Contribution License Agreements with non-material amendments by the Executive Director if the Board grants such power to the Executive Director. The relevant section is:
The Foundation shall generally accept contributions of software made pursuant to the terms of the Contributor License Agreements attached as Appendix 7.
The Board of Directors may adopt additional contributor license agreements as may be appropriate for certain organizations or contributions to secure a license on terms which will permit distribution under the Apache License 2.0, and may require inclusion
of the Apache License 2.0 license header in code contributions. The Board of Directors may delegate the authority to make non material amendments to the Contributor License Agreement to the Executive Director so long as such modifications permit distribution
of the software under Apache License 2.0.
From: Alice King [mailto:alice_king@att.net]
Sent: Tuesday, April 22, 2014 6:57 PM
To: 'Marc Ehrlich'
Cc: legal-discuss@lists.openstack.org
Subject: Re: [legal-discuss] Trivial contributions and CLAs
Hi Marc! In the order of your comments:
I am fine and hope you are too!! I know all of you have been carefully working on these issues and it has been quite a while since I have been in the trenches.
So apologies if I am speaking “out of school,” but here are my thoughts:
I think the Executive Director would make the call, and would probably want the advice of legal counsel. I want to stress that I am talking only about exceptional
cases. The Board can set parameters for the ED and can set them as conservatively as they think wise. In any domain the application of rules with human judgment can lead to unintended and unwanted results. The Foundation does not have a judiciary, but the
Bylaws do contemplate the ED having this type of discretion on intellectual property matters.
On the patent risk – forgive me if I missing something, but I am not sure I see much additional risk here either. Any contributor can expose the project to
the risk of a patent infringement claim by someone outside of the community. I don’t think the CLA helps manage that risk. It only creates a disincentive for a contributor to make a patent claim based on their own contribution.
Again, in this particular edge case I think the risk is low that a contributor would make that one slight change that then brings the technology under a patent that the very same contributor holds. But this would be a judgment call
for the ED. Certainly the patent risk would be part of the equation in every case.
Alice
From: Marc Ehrlich [mailto:mehrlich@us.ibm.com]
Sent: Tuesday, April 22, 2014 8:20 PM
To: Alice King
Cc: legal-discuss@lists.openstack.org; 'Richard Fontana'
Subject: Re: [legal-discuss] Trivial contributions and CLAs
Hi Alice!! Nice to know I am not the only one hanging out on this list and not responding much. Hope all's well with you!
As it relates to IP I guess I do have a few concerns with the trajectory of this discussion. I apologize if I am missing something obvious and if so feel free to disregard this...
For example how do we determine what "trivial contribution" is? Who makes that call? Would it be the same to all participants? Why are IBM and HP and others who have signed the CLA held to
a different standard and denied the ability to make trivial contributions (not that I think we should be able to make them I don't think they should be made at all) but if some can make them why not all?
Most importantly it is the patent IP I think we should be worried about. What if that line or two of code trivially contributed completes the steps of a patent claim held by the contributer's
company that then makes open stack users infringers of that code? Remember our committee discussions about contributors licenses which extend not only to the code they contribute but its combination with the work? This is exactly the same point. Even a
trivial contribution in terms of size or function can render a body of code infringing. I think that one of the great benefits of the CLA is that it addresses that scenario. So in my view we need to think long and hard about letting companies take a pass
on what everyone else has agreed to lest we find ourselves facing patent claims based on trivial additions. I would not expect (though please correct me if I am wrong) that someone planning on doing a patent clearance against the contributor when such contributions
are made before they are deemed trivial? I would think that would be more than a trivial undertaking.
Sorry if I am missing something that covers us for patents but I think I have this right.
Marc A. Ehrlich
"Alice
King" ---04/22/2014 08:55:37 PM---Thank you Richard. That helps put it in perspective. The process needs to permit a trusted person
From:
"Alice King" <alice@alicelkingpc.com>
To:
"'Richard Fontana'" <rfontana@redhat.com>, <legal-discuss@lists.openstack.org>,
Date:
04/22/2014 08:55 PM
Subject:
Re: [legal-discuss] Trivial contributions and CLAs
Thank you Richard. That helps put it in perspective.
The process needs to permit a trusted person to exercise discretion in edge
cases like this. That is true of every process involving human interaction.
The Foundation Bylaws contemplate the Board giving this kind of edge-case
discretion to the Executive Director.
I don't see that there is much risk around intellectual property in this
kind of contribution. Who would make a claim? There is a secondary risk
that the project is viewed as being lax on IP issues generally, which would
scare off some users. I think this is also unlikely. My impression is that
the project is viewed as exercising an abundance of caution.
The kind of participation represented by this contribution is valuable.
Reward significantly outweighs risk.
Still on the list and felt like chiming in!
Alice
-----Original Message-----
From: Richard Fontana [mailto:rfontana@redhat.com]
Sent: Tuesday, April 22, 2014 7:32 PM
To: legal-discuss@lists.openstack.org
Subject: Re: [legal-discuss] Trivial contributions and CLAs
For anyone on this list not accustomed to looking at such things, I think it
might be interesting to point out what this patch actually is and what
Stefano means by triviality (even though the CLA may not be the relevant
issue in this instance, the issue of contribution process around trivial
patches is the larger issue that Stefano was raising):
The patch would cause one existing line in one file:
options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id])
to be replaced with this:
options = sorted([(ip.id, ip.ip) for ip in ips if not ip.port_id],
key=lambda ip: ip[1])
That is: all this patch does is add the following text to one line of a
file:
", key=lambda ip: ip[1]"
The file itself contains about ~100 lines of code, and Horizon, the relevant
project, contains, I believe, about 2000 files.
- RF
Stefano wrote:
> I have been notified of another very small patch that is left in a
> limbo, with the author not allowed to sign the CLA and the developers
> stuck in unknown legal territory. You can read more about it on
>
> https://bugs.launchpad.net/bugs/1308984
>
> From what I can see, the patch is trivial and shouldn't even be
copyrightable but the person spotting the issue and fixing it is not
comfortable signing the CLAs. Can any other developer copy the patch and put
it into our trunk? Until when is this sort of behaviour safe?
>
> We're getting more of these small blockers and I think it's already a
problem. Having to sign a Corporate CLA and Individual CLA for a trivial
patch, from an operator (whose job is to run clouds, resulting in small and
rare patches, not to develop large features) can conflict with our effort to
get more operators involved in OpenStack.
>
> I'm not sure what solutions are available. If we can't change the CLA
processes easily, what else can we do to get small contributions like these?
_______________________________________________
legal-discuss mailing list
legal-discuss@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss
_______________________________________________
legal-discuss mailing list
legal-discuss@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/legal-discuss