Cloud computing was rightfully considered a massive innovation during the first years of its development, mainly, because information, which until then would have to be stored and accessed locally, could now be stored and be accessed online through a simple web browser from anywhere in the world. Moreover, the end user’s device didn’t have to be a powerful processor – a “thin client” is enough.
Today, cloud computing has become an integral part of our everyday personal and professional lives, partly thanks to Open Source Software (OSS). OSS proved to be a driving force of the cloud development, with a lot of cloud technologies containing OSS in a significant degree. But what happens, when the OSS in question is offered under a license with a so-called “copyleft effect”?
Before this topic is explored, it is necessary to provide some brief necessary definitions of the terms “cloud computing” and “copyleft effect”.
As for the term “cloud computing”, the definition of the Cloud Legal Project at Queen Mary, University of London cites:
“Cloud computing provides flexible, location-independent access to computing resources that are quickly and seamlessly allocated or released in response to demand.
Services (especially infrastructure) are abstracted and typically virtualised, generally being allocated from a pool shared as a fungible resource with other customers.
Charging, where present is commonly on an access basis, often in proportion to the resources used.
The term “copyleft effect” stands for certain clauses in OSS licenses, which oblige the licensee to distribute modifications, derivative works based on (and sometimes also containing) the OSS under the same “copyleft license”, or (in some cases) a compatible license containing an equivalent “copyleft clause”. This aims to ensure that derivatives of the OSS will remain in an open source state, meaning that the source code for the software will need to be distributed together with the program.
Since the copyleft clause governs the distribution of the modified software, its effect is essentially triggered with the distribution, and not when the software merely runs on the licensee’s server in the cloud.
As previously stated, this is exactly the case with cloud computing applications – they run only on a remote server and the end users can access them and interact with them through the web, without the software being distributed to them. This essentially means that OSS components under copyleft licenses can be integrated into cloud computing applications without triggering any copyleft effect, thus, without the obligation to distribute the source code for the application. This so called “ASP (application service provider) loophole” or “SaaS (Software as a Service) loophole” was criticized by many open software advocates.
The search for a solution
The community started looking for a solution to this perceived challenge already at the start of the millennium. After some unsuccessful efforts (Affero General Public License v 1, Honest Public License), the Affero General Public License version 3 (AGPL-3.0) was published on 19 November 2007. The AGPL-3.0, which was heavily based on the General Public License version 3 (GPL-3.0), was specifically drafted to tackle the “SaaS loophole”
Section 13 of the AGPL-3.0 provides that, if an end user interacts remotely through a computer network with a modified version of the program, then an opportunity to receive the “corresponding source code” must be provided to such user free of charge. Unfortunately, the AGPL-3.0 did not manage to avoid certain ambiguities, mainly regarding the definition and the scope of the term “corresponding source code”, which certainly would exceed the purpose of this article.
The situation today
Despite the valiant efforts of the drafters of the AGPL-3.0, it is safe to say that the so-called “SaaS loophole” remains open, mainly because the AGPL-3.0 and other licenses designed to address the matter failed to become popular among the community and are still not used as much as other copyleft licenses, for example the GPL-2.0 or the GPL-3.0. Meanwhile, voices expressing the opinion that closing the loophole would have an adverse effect on the popularity of OSS are losing in power, considering that some of the biggest cloud providers are also active in the open source community, providing maintenance and upstreaming their modifications. The only thing that still certain, is that uncertainties still exist. Our law firm enjoys year of experience and advises on open source software, its legal use, and possible business models.