The license is too ambiguous and potentially restrictive. Would you please clean it up, or potentially even move to a more permissive license?

[levihb]

I love this project, but I have a lot of issues with the license. It's really not very clear, and I don't think it will stand up very well legally. To start with looking at section 1:

Prior to using this database in your product, you will inform the irdb project about your product by opening an issue on https://github.com/probonopd/irdb/issues

Well to start with there's no mention of the product being granted or denied, so simply informing through here is enough. It would be better if it was clear though that they cannot be arbitrarily denied based on the issue opened.

Secondly it's not clear whether this section only applies to embedded hardware:

You may include this database and derivative works with your software (e.g., app) and/or access this database over network from your commercial or non-commercial software (e.g., app) or embedded hardware (subsequently called "your product") provided that:

It's ambiguous here whether "your product" applies to just embedded hardware or to all the uses listed. Reading that I would assume "your product" only refers to the hardware part, and that I would not have to create an issue here if I am using it purely in software.

Another issue with requiring users to inform is that it's not really clear what information should be given, all it says is "inform the irdb project about your product". It's not clear what this means, e.g. "We are using this for our product" would likely be enough given what's written in the first point. If you expect more than that and the issue creator refuses, what's your plan? I also think this creates issues, as what about projects contracted under an NDA? What about projects with legal requirements that prevent that information being given here? What about companies who simply want to keep the project information a secret for the time being?

Going back to this statement again:

You may include this database and derivative works with your software (e.g., app) and/or access this database over network from your commercial or non-commercial software (e.g., app) or embedded hardware (subsequently called "your product") provided that:

The first statement is also rather ambiguous. It's quite clear that you can access the database over a network from commercial or non-commercial software, but there's no distinction between commercial or non-commercial software when directly including it locally, or in embedded hardware.

You will make available up to three fully licensed copies/units of your product to the irdb team, represented by Simon Peter, free of charge (incuding shipping and handling) upon request.

Again we have the "your product" ambiguity here. But I also have a lot of issues with this:

Let's say a client has a legacy system that control their building. They need a way to integrate it into their new setup so they come to me. I write a bunch of software for them that allows them to integrate this legacy system into their new system. So my software is running on various specialized hardware devices throughout the building. How on earth would I follow this point of the license? This wouldn't be a system I could create a new user for, and it would only be a single setup. Am I expected to recreate their setup up to three times just to send it to you? In reality, I wouldn't be able to use this project in my project, as satisfying this license condition would be unreasonable.

Or here's another example, this one is rather extreme but something that could easily happen. Let's imagine I build a very expensive piece of equipment e.g. for a government, that intercepts and analyses a whole huge array of communications. We implement this because including IR has some sort of benefit. The whole system costs $200k, but the IR bit is only a very small part of the hardware + software. Would I be expected to deliver three entire systems worth up to $600k to you? Again this seems unreasonable. But the license also doesn't contain any definition of what part of it you want access to. If the IR functionality of this machine made up only 0.5% of the machine, would you expect them to still deliver an entire machine? Or what if BMW integrates uses it in part of a vehicle of theirs? Would you expect them to deliver you up to three entire vehicles?

The last example of this is one that is actually likely to come up a lot. I integrate it into a single system for someone, let's say a government again. Now part of the licensing agreement (or even law) from this government says that I cannot distribute their software to anyone else. I use this in the software, the software uses my code, this projects, and the governments. Your license requires I give you access to the software, but doing so is illegal or would violate my license agreements. The current way the license is written is very restrictive here, and just prevents me using it at all in situations like this. The government example is extreme, but this comes up all the time when writing software for someone, you're very often limited in licensing the software to others.

These are just some of the problems I thought of while having a quick glance at it. There's also many other potential issues that really limit the usage in many applications, and make it ambiguous enough to be worried about the implications of depending on it.

I would implore you to consider dropping this license entirely, and going with something much more open like the MIT license. But if not I would really ask you to consider dropping requirements 1 and 3. Perhaps you would consider using a permissive open source license like the MIT one, but with requirement 2 added in as well?

If you are not open to moving towards a more permissive license, then I would ask you to at least remove the ambiguity from this license. It's really limited in so many situations at the moment. Maybe by being a lot clearer in sections 1 and 3, and applying limits to section 3, so that projects like the ones I mentioned are excluded?

[probonopd]

The intention of the license is to make commercial vendors who use this project in their products contribute something back, ideally codes.

Basically hobbyists should be able to use this for non-commercial projects as they like, but commercial vendors should get in touch with us.

How could this be best achieved?

[levihb]

The intention of the license is to make commercial vendors who use this project in their products contribute something back, ideally codes.

If that's the aim then maybe simply require codes added to be contributed back to the project? I think that would be a reasonable requirement?

Basically hobbyists should be able to use this for non-commercial projects as they like, but commercial vendors should get in touch with us.

By "get in touch with us" what exactly do you mean? Because the current license doesn't really give you any room for negotiation with them. What do you specifically want from them? For them to license it and pay for the database? For them to contribute yearly fees just for the upkeep? Just to be aware of what they're using it for?

If you could be much more specific about what it is you want, or might want in the future, it would make it a lot easier. Because there's already lots of solutions out there for those types of things.

At the moment I don't think this license is particularly helpful to you or to commercial projects that might want to use it.

[probonopd]

Roughly speaking...

What we want:

• Open source projects using these codes (and referring back to this project)
• Commercial vendors that really add value with their hardware or software product, and ideally have some ideas how to give back (codes or publicity or resources or whatever) to this project

What we don't want:

• Wannabe app developers selling our codes alongside some half-baked app in app stores, without any mention of this project (these are the types who would like to have pre-rendered codes so that they don't have to do any work themselves)
• Commercial vendors redistribuing millions of copies without us even knowing

[levihb]

(Sorry for the long time between replies.)

Well your current license is not suitable for those requirements either. All you specify is that they must make a thread, not that the thread will determine whether it can be licensed. There's not even anything in there saying you can revoke the license for various uses. A large company or "wannabe" app developer could likely just make the thread, and then ignore everything after that. And there likely wouldn't be anything you could do.

Open source projects using these codes (and referring back to this project)

Commercial vendors that really add value with their hardware or software product, and ideally have some ideas how to give back (codes or publicity or resources or whatever) to this project

If this is what you want, why not simply require that everyone submits any new codes they use back to the project? And for the publicity part perhaps something similar to the message you have at the moment?

Wannabe app developers selling our codes alongside some half-baked app in app stores, without any mention of this project (these are the types who would like to have pre-rendered codes so that they don't have to do any work themselves)

The problem is you can't really do this without just giving yourself arbitrary control over what projects can and can't use the project. I think that's problematic due to the reasons I outlined in the original post. It makes legitimate companies very hesitant to use it if you can simply strip them of their license because of your personal judgement.

Also this is going to happen regardless of what you do. Copyright violations are rampant on the app stores. There's a huge number of apps which just blatantly violate all sorts of copyrights, from small projects like this to huge international companies. The companies behind those apps are very often based in a country that makes them practically out of reach of copyright law, and every time they're banned from the app store they just switch things up a little bit and use a new account.

I would suggest you consider just allowing this. Are those apps actually causing any damage to the project? They are potentially even bringing publicity to it. The vast majority of open source projects simply allow this to happen, there's really not many out there that try to prevent it.

Commercial vendors redistribuing millions of copies without us even knowing

Just out of curiosity, as I'm having a hard time thinking of a way to implement this one, what information do you want to know from companies with successful projects? If it's just new codes then the requiring codes to be added back should be enough. If it's something else then perhaps you can require that to be added back as well?

But I think that your current license not only is ambiguous and problematic to adopt, but it's not really working for you either? Because many of the things you just listed simply aren't enforceable with the current license. You likely can't deny it to specific people, you have no rights to demand codes to be added back, etc.

Just an idea, but what about the following. The notice that is currently required will stay. Anyone can use the project, but new codes must be added back to the project at 6 monthly increments. Commercial projects must notify you of the project upon reaching 1,000 sales or $10,000 in revenue generated from sales, whichever comes first.

That one seems pretty permissive, but it also allows the project to grow in code size, allows the project to gain publicity by the notice, and allows you to be aware of projects after they have established themselves.

[ysard]

Hi, first of all, sorry for the digging...
I see a confusion between the 2 terms open-source/free. What you want is a legal propagation from the license to the derivative projects, with not only an obligation to mention (license and copyright notice) but also an obligation to publish under the same license for the benefit of the community.
Open-source licenses, or permissive licenses as many people call them (I prefer lax) with respect to the fundamental freedoms of free software, do not only allow restricted use only by the obligation to quote the original project;
they also allow inclusion in proprietary projects without any obligation to open the code or offer any compensation.

If you explicitly do not want closed-source/proprietary projects that use the code, then any lax license should be ruled out.

You can always adopt a dual license system, with a version for commercial use, allowing inclusion in proprietary software in return for an agreement/compensation or whatever.
The compensation should of course not be so high that it would encourage risk-taking related to the violation of the license.
I'm thinking of a compensation system by sales/revenue level or number of tokens obtained from an API for example.
I agree with @levihb on this point, the current license is not realistic.

This proprietary license will probably have to be redacted with the help of a lawyer.
Check the double license of GhostScript for example.

Don't forget that you are the owner of the rights of the project :
you can decline as you wish its distribution under several licenses.
The GPL is non-exclusive, which allows you to grant several licenses for the same material.

See:
https://opensource.stackexchange.com/questions/4875/open-source-license-to-prevent-commercial-use

The GPL is also legally recognized. In practice, proprietary developers rarely bother with free licenses and sneak them into their products, hoping that they won't be seen. However, with the GPL they are exposed to well-managed sanctions by the courts when fraud is characterized. Most countries recognize copyright; there is no doubt that the infringers are likely to be in one of them.

In any case you will have the resources to talk with the host or the store hosting the problematic application.

I also note that this project is likely to be included in an online service such as the former irdb.tk site or any other web site.
You can extend the obligations of the license to force the owner of the site running this project to publish the code executed on the server and offering features to the visitors.
In this case I advise you to check out the AGPL license (Affero GPL).

The AGPL is like the GPL, but the GPL is only triggered if you distribute your derivative work.
The AGPL expands that trigger so that it is activated if you let people use a work derived from this project on a network.

Regarding when the terms apply, the AGPL applies as soon as you make the code available as a service.

In short, on more fundamental considerations, the term open-source is a trap.
It is precisely the kind of license that puts developers in an awkward position with respect to their users, or with respect to the possible rewards expected from their work.
Open-source is not fair for the work you provide: it just promises you better distribution of your work and/or possible publicity, while allowing almost all uses.
It does not offer a fair return for whatever you aspire to.
Free software does.

Hoping to have brought some hints. Thanks for reading ;)

[probonopd]

Basically, I want this to be an open source project that everyone can use and contribute to but I want to avoid that someone takes all the hard work of the community, and puts it into a proprietary product, without even thinking about how to contribute back to the project. I am fine with people using this in commercial projects but we need to talk beforehand because depending on what kind of commercial project it is I'd like to understand how the commercial company wants to contribute back (with that I don't mean $$$).

I hope this is reasonable.

[levihb]

@probonopd could you expand more on what you would like them to contribute back? GPL would require them to contribute back any changes they make, including new codes.

[probonopd]

GPL is too restrictive and many companies don't want to use GPL stuff at all. We'd need a dual license then. But what would the other part of the "dual" be?

[nortio]

I know this is an old issue, but have you considered the ODBL? It has been used by OpenStreetMap for a long time and I think it fits your requirements very well.

[probonopd]

Thanks for the suggestion @nortio but I'd really like commercial users to contribute "something" back, whatever that "something" is. And I'd like to have a conversation in each specific case with them about that. What I don't want is someone take these codes, put them into a proprietary app, and selling this app without adding any value to this project whatsoever.

[isage]

What about using CC BY-SA?
This allows commercial and open-source use, but requires attribution and sharing additions/modifications