freedom ‘for users’- which users did you mean, exactly? (or, of users, user-deployers, and user-consumers)

“Free software… refers to four kinds of freedom, for the users of the software…”
–Free Software Definition, emphasis mine

“closing the [ASP] loophole would infringe on certain peoples rights and he [Moglen] didn’t see any way to preserve everyone’s rights…”
— Eben Moglen, as paraphrased here

[The rest of this post is not based on any conversations with FSF/SFLC folks on this issue, but merely on readings of essays/interviews/etc., and so their position here may represent a bit of a strawman. To the extent that the representation is inaccurate I apologize and will strive to fix it if someone points out the inaccuracies. That said, if it is a strawman, it is a useful strawman which helped me sort out my own thinking on the subject.]

who has the freedoms and the rights?

In one of my GPL posts, I mentioned that I thought that the question of ‘who holds the rights’ is a critical distinction between the ‘free’ and ‘open/pragmatic’ licensing camps. To the free camp, rights are held by users; and to the open/pragmatic camp, rights are held primarily by developers- who then grant most (but not necessarily all) rights to users. I thought I’d dig a bit more into that notion, particularly into the question of what a ‘user’ is in this day and age, because I think it helps explain the current dilemma around free software as deployed over the web.

who ‘users’ used to be

FSF has always insisted that “users” are the locus of all rights. In practice, to FSF, “users” has really meant “the people who install the software”- what I’ll call “user-deployers” or “deployers”, in comparison to “the people who use the software”- what I’ll call “user-consumers” or “consumers.”

In the beginning, this was not problematic- anyone who deployed free software also consumed it, so giving rights to all deployers also gave rights to all consumers.

As free software got more popular, this got a little more complicated- deployers were often systems administrators in an organization (who had full rights to modify the code) and the software was used by consumers in the same organization. These user-consumers were given the binaries but were not given enough permissions to install new versions of the binary, or access to source (though they could presumably obtain them for their personal, non-work PCs if they were skilled enough.) And so there was a gap between the rights of deployers (who could modify) and consumers (who could not)- a small gap, but a gap nonetheless.

In practice, this worked OK. The interests of user-deployers and user-consumers were not perfect aligned, but they were pretty close- deployers mostly wanted consumers to get things done and get out of the way, so they protected consumers to a large extent. In addition, even if they weren’t always exactly aligned, consumers and deployers were clearly both on the same side against the software vendors- both consumers and deployers wanted more freedoms than the vendors would necessarily have chosen to give. Given this combination, for most purposes it is fair to say that in practice user-consumers had the freedoms to use and modify- even if in practice those rights were granted to and proxied through the deployers hired by their organizations.

who ‘users’ are now

That brings us to the present day. With the advent of the LAMP-powered web, user-deployers and user-consumers of free software are often no longer in the same organization- the deployer, who was once the local sysadmin, is now the sysadmin of Google or Yahoo. As a result, the interests of the user-deployer and user-consumer are often poorly aligned or in outright conflict. In addition, the old tension between vendors and user-deployers, which helped protect user-consumers, has to a large extent vanished- since the deployer of the free software (the party that runs the compiled code) is now also the vendor.

In a web world, then, user-deployers have the same rights they’ve always had to use and modify. The FSF apparently believes that should not change. But since the deployers and consumers aren’t part of the same organization anymore, the deployers no longer protect the user-consumers, and so user-consumers end up frequently making use of free software without even the slightest ability to use and modify the software- and often even without the right to use and modify their own data!

This is, I think, part of why Matt Asay wants to call GPL ‘the new BSD‘- like the BSD, the GPL lets software vendors (in the BSD case, Apple; in the GPL case, Google) deliver software to consumers without also delivering the freedoms to use, modify, and redistribute. Some freedom is preserved- the freedom of the deployer to use and customize- but this is not, at least in my mind, the kind of freedom I’m aggressively interested in working towards.

so how to restore freedoms to user-consumers?

This problem isn’t easy to resolve systematically- since they are in conflict, any attempt to guarantee rights to user-consumers would seem to require some compromise of the rights of user-deployers. I admit I myself am a bit stymied on the issue, though I have some ideas.

Prof. Moglen and FSF’s position seems to be that the freedoms of user-deployers will trump those of user-consumers until someone comes up with a principled and rights-centric way to draw the line between the two. Unfortunately, Moglen seems skeptical this line can be drawn- and experience shows that he is usually right.

I remain interested in the problem, though, since in the end I’m much more interested in the freedoms of users than the freedoms of sysadmins. I hope that better understanding that there is more than one type of user takes me one step closer to figuring out where the line can and should be drawn.