Everything you need to know about the new Joinup Licensing Assistant (JLA)

At the Sharing & Reuse Conference (held on 11 June 2019 in Bucharest, Romania), the Commission presented a new solution, the Joinup Licensing Assistant (JLA). Patrice-Emmanuel Schmitz (lawyer) is the person behind the idea of this very interesting tool. He is promoting EUPL (the European Union Public Licence) and supporting legal questions submitted by Joinup users. Together with the Joinup Team, as well as the continuous support of the ISA² Programme, Patrice-Emmanuel is an ardent promoter of legal interoperability.

Patrice-Emmanuel, could you explain in a few words what the Joinup Licensing Assistant is?

The JLA is a new and original solution allowing everyone to compare and select open licences based on their content and specificities; for example, looking for a licence that covers network distribution, is multilingual, does not limit linking etc. In addition, the tool is interconnected with the SPDX project from the Linux Foundation, providing normalised identifiers and original licence texts. Therefore, JLA makes use of existing standards and resources. Nothing is duplicated, maintained twice or reinvented.

Why the need for such an Assistant?  Doesn’t such a tool already exist? What’s the added value of the Joinup Licensing Assistant?

Other types of Assistants exist, belonging mainly in two categories:

• Some are tutorials or wizards guiding the user step-by-step, like the “GitHub license selector” which asks users questions like “Do you want to license software or data?” and “If software, is it your own work or reuse/improvements of existing works?” etc.
• Other, like choosealicense.com or TLDRLegal are more informative, adding for each licence a description and the corresponding list of permissions, conditions and prohibitions.

The added value of JLA is:

• On one hand, the addition of three new important aspects – or categories – that were omitted or neglected so far: the level of interoperability (how far the licence is compatible with others), the level of support you can expect (from communities, organisations, governments), and the legal aspects (applicable law, venue, etc.).
• On the other hand, and as said before, the added value is the possibility to select licences based on any of their specificities, now grouped under six main categories. The idea and initial source code were found in an existing solution developed by the Commission, the European Data Portal, making JLA a good example of sharing, reusing and improving software [here, Patrice-Emmanuel smiles].
• Last but not least, we have to acknowledge that other tools are mostly built in the USA with little consideration for EU specificities, legal frameworks and care for interoperability.

Advantages of JLA:

• Legal interoperability & support
• Legal conformity
• Intuitive licence search & match functionality
• Tailored according to EU requirements

But isn’t the term Open Source Licence self-contradictory?

Certainly not, on the contrary, open source (or free software) means licensing, but the licence must be compliant with the Open Source Definition (OSD), or with the four Free Software permissions, which grant similar rights.

How many licences are currently available, and how many do you aim at offering? Why do we have so many?

In fact, the number of available licences is quasi-unlimited. The name for this is “licence proliferation”. The Open Source Initiative (OSI) has certified more than 80 software licences as “compliant with its Open Source Definition” (OSD), but much more exist that did not obtain official OSI approval for various reasons, like presenting too much similarities with approved ones or providing unclear added value. Many licences are marked as “deprecated” because a more recent version exists, but they are still in use, even in new projects: SPDX maintains 350 licence IDs and corresponding texts, including deprecated ones.

The question about how many licences will be covered by JLA is still open. Hopefully not all the deprecated licences! Most other tools limit their widest selection between 20 to 30 licences. A compromise must be found between extending coverage (the temptation of being encyclopaedic) and providing comprehensive support to users (meaning reducing choices).

Wouldn’t it be then more reasonable to reduce the number of proposed licences? Isn’t EUPL enough to cover all types of situations?

Some tools developed in the US propose initially little more than three software licences only:

• A very permissive one, like the MIT licence: your solution is based on your own software and you don’t want any restriction to its use, including other persons improving it and distributing these improvements commercially, without disclosing the modified source code, keeping it their exclusive property;
• A moderately “weak copyleft” or reciprocate licence, like the Mozilla Public License or the LGPL licences:  if you care that improvements distributed by third parties will stay shared with you and the whole community of users, without exclusive appropriation;
• A stronger “copyleft” licence like the GPL-2.0 or 3.0 licences: if, for promoting free software, your aim is that all derivatives – in the widest possible sense – will also be covered by the same licence, or the AGPL-3.0 for network distribution.

In Europe, meaning if you have at least a seat in the European Union, we could propose an even simpler dual alternative:

• The MIT as a permissive software licence;
• The EUPL in all other cases of software distribution, because:

1. It is the most interoperable of all so-called “copyleft” licences, especially convenient if your project integrates components of various origins;
2. It is clearly operating under the European Union law;
3. Unlike some other copyleft licences, it ensures freedom regarding all forms of linking the various components of your project, when the purpose is interoperability (law-lovers will read Recitals 10 and 15 of Directive 2009/24/EC). This makes useless most of the distinctions between “strong and weak” copyleft;
4. It covers all forms of distribution (including Web or SaaS);
5. Globally applicable to “the work”, it covers software and ancillary data, as well;
6. It has a working value in 23 languages including your native one, most probably.

Advantages of EUPL:

• Flexible & interoperable licence
• EU legal conformity
• Freedom of use
• Full distribution
• Comprehensive Multilingual

Having said that, it may be that a project is exclusively distributing data or media, and the JLA proposes Creative Commons licences that are open and convenient in such cases. It may also be that a project merges sources already covered by inherited licences, which means that a specific legal licence screening must be processed before any distribution to third parties.

Do all solutions on Joinup have a licence? Would you recommend solution owners choosing one?

Choosing or establishing clearly a copyright licence is a necessity as soon as your solution (your own work or a combination of works from various origins) is or could be provided to third parties. Neglecting doing so leaves recipients uncertain regarding the applicable copyright and how far they may use, modify and share it with others.

In some cases, licensing conditions are globally covered by a framework decision, like the Commission Decision of 12 December 2011 on the reuse of Commission documents.

In other cases, licensors should apply existing licence(s) and not try to forge and establish a new one, which is never recommended except for very specific needs and after screening all existing alternatives. In case of specific needs, a convenient solution is to complement an existing licence: the EUPL permits to be complemented by additional agreements (for example, regarding the applicable law, the seat of the competent court/arbitration or extending compatibility and permissions) as far as the granted rights are not restricted.

Nowadays, is Open Source the rule and no more the exception?

It is certainly the rule for the public sector. This does not mean that all software developed by or for the public sector must always be disclosed or distributed. The PSI directive is not always applicable, but if a software is distributed, an open licence must be the rule. Regarding the private sector, open source is the rule for most service companies, for most of the internet and the server industry. Many small and larger enterprises have now included open source in the core of their business model, like Google, Red Hat Linux, Oracle, IBM, Dell etc. Even Microsoft, which was hostile for a long time, is now hosting thousands of open source projects and proposes its own open source licences.

So, how will the JLA evolve?

This first version will take advantage of users’ feedback, for example regarding the selection of categories and the number of licences to cover. Considering the future, an option is to assess compatibility when distributing combined works including components covered by various licences.