Ask Slashdot: How Best To Deal With a GPLv2 License Infringement? 240
cultiv8 writes "I am a developer and released some code at one point under GPLv2. It's nothing huge — a small Drupal module that integrates a Drupal e-commerce system (i.e. Ubercart) with multiple Authorize.net accounts — but very useful for non-profits. Earlier today I discovered that a Drupal user was selling the module from their website for $49 and claiming it was their custom-made module. I'm no lawyer, but my perspective is this violates both the spirit and law of GPLv2, most specifically clause 2-b: 'You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.' Am I correct in my understanding of GPLv2? Do I have any recourse, and should I do anything about this? I don't care about money, I just don't want someone selling stuff that I released for free. How do most developers/organizations deal with licensing infringements of this type?"
Re:Understand your choice of license... (Score:5, Interesting)
Heck, they can even do something cleverer, like Redhat does: they are free to cancel any subscription/service agreement that you may have with them if you exercise your rights to further redistribution. It does not violate GPL, for GPL is about distribution and distribution only, and they are not hindering your right to that. If you subscribe to RHEL, you are of course free to redistribute any source RPMs you downloaded from their network, but if you do so, they are free to cancel your subscription. And they will if you're a big enough fish (say, if you'd try to run your own "clone" distro based on their SRPMS).
This seems to be a sensible business model even to people who'd wish to sell their stuff for big bucks: who the heck will abandon a multi-$k subscription by exercising their right to redistribute GPL code? No one sane; in most cases, unless they have plenty of money to burn. Ah, and IIRC Redhat will not renew your subscription if so terminated: you're essentially blacklisting yourself for life.
According to the summary, you missed one point. (Score:4, Interesting)
The code was stripped of its existing GPL and redistributed under a new license. Even though the source code is available (because PHP is distributed in source form), it's no longer clear that the code is still covered by the GPL - someone purchasing this package wouldn't know that they were entitled to redistribute or modify the code. That's the crux of the violation:
Re:Where is your license mentioned? (Score:4, Interesting)
Note that the above only applies to US Federal copyright law. In some states (although generally only for a subset of types of work), and in most of Europe, copyright also includes the concept of Moral Rights. These include the right of the author to be identified with the work, so in many jurisdictions plagiarism (i.e. not giving the author credit) are explicitly covered by copyright law.
At the Federal level, the USA does not recognise moral rights - make of that what you will.
Re:Where is your license mentioned? (Score:4, Interesting)
The headers are important. I've seen many pieces of code where people only put a copyright in a LICENSE file, and a subsequent package manager stripped it (it should be assumed that unless it's being downloaded in binary format only, that neither the LICENSE nor the headers will be read, but can be referenced.)
For reference –those package managers are in violation of the GPL –to redistribute GPL'd code you must make sure you preserve the copyright notice. This is in fact probably the single most important bit of the license!