Two weeks ago, I wrote a critical analysis of the governance structure of the CodePlex Foundation, a new open source-focused foundation launched by Microsoft.
But what about the business premise for the Foundation itself? Let’s say that Microsoft does restructure CodePlex in such a way as to create a trusted, safe place for work to be done to support the open source software development model. Is there really a need for such an organization, and if so, what needs could such an organization meet?
As with my last piece, I’ll use the Q&A approach to make my points.
Q: Let’s hear what Microsoft has to say before you start pontificating again. What is the mission of the CodePlex Foundation?
A: That’s fair. As stated on the Foundation’s “About” page, it is:
The mission of the CodePlex Foundation is to enable the exchange of code and understanding among software companies and open source communities.
Q: Hmm. Kind of general. Anything else to help us understand what Microsoft has in mind?
A: It looks like they expected that reaction, because the first Q&A exchange at the FAQ you can find at the site reads as follows:
Q: OK, I’ve read the Mission Statement. But what, exactly, is the Codeplex Foundation going to do?
We believe that commercial software companies and the developers that work for them under-participate in open source projects. Some of the reasons are cultural, some have to do with differing software development methodologies, and some have to do with differing views about copyrights and patents. In general, we are going to work to close these gaps. Specifically we aim to work with particular projects that can serve as best practice exemplars of how commercial software companies and open source communities can effectively collaborate.
The About page has additional detail, including the following:
The Codeplex Foundation also provides a channel of communication from the open source community back to Foundation partners and other commercial software companies, advancing the dialog between commercial software companies and open source communities.
Other goals include developing model contribution agreements for use by projects and providing a new venue to host projects. There are variety of other materials at the site you can review, including an interview with interim Executive Director Sam Ramji, a press conference file, and more.
Q: All well and good. But how will CodePlex be different from other open source foundations?
A: Now I get it. You’ve already been to the CodePlex site. Yes, they answered that question, too, like this:
Other foundations are targeted at particular projects, platforms, or applications, such as Firefox and the Mozilla Foundation, or Gnome and the Gnome Foundation. We wanted a foundation that addresses a full spectrum of software projects, and does so with the licensing and intellectual property needs of commercial software companies in mind. Having said that, we expect the Codeplex Foundation to be complimentary to, and not competitive with, other open source foundations. One measure of our success will be if other foundations experience an increase in participation from commercial software developers because of us.
Q: That second sentence sounds a little one-sided: “We wanted a foundation that addresses a full spectrum of software projects, and does so with the licensing and intellectual property needs of commercial software companies in mind.”
A: Yes, it does. It will be interesting to see whether the Foundation decides to stick with that emphasis or not. If it does, it might expect that open source community members will wonder why they should participate, and stay away (in droves).
Q: Any other breadcrumbs in that line of thinking worth noting?
A: Yes, there are others, but for brevity’s sake, I’ll note just this one, again, from the main FAQ:
Q: Why are you creating the CodePlex Foundation at this time?
We see a convergence of maturing technology and evolving business models – an inflection point – underway where more commercial companies are willing to participate in open source projects. We saw a great opportunity to drive change, and Microsoft was willing to fund a nonprofit foundation to make the change happen.
The open source community is famously unwilling to be “driven,” so again, I think the Foundation needs to do some rethinking here, and make it clear what’s in it for the community to participate if they really expect them to engage.
Q: OK, you’ve been uncharacteristically patient. How do you want to kick off the next section of this exchange?
A: Let’s talk about whether there really is a need for a new Foundation in the general neighborhood of the CodePlex Foundation’s stated mission, and if so, what that need might be.
Q: Fair dinkum, and it is your blog. So how about I ask you this: Is there a need for a new Foundation in the general neighborhood of the CodePlex Foundation’s stated mission, and if so, what might that need be?
A: Why thank you (cough <the check is in the mail>). Let’s start with a few observations about the current state of development of the open source model and the ethos of the open source movement. If you look at it from the historical perspective (which I’m always prone to do), you can compare the open source movement to any other political movement, which, to an extent, it is.
Q: A political movement? How’s that?
A: Well, it has a philosophy, it’s had dedicated leaders who have skillfully articulated that philosophy, and it’s inspired and rallied a broad and very large population of adherents to its banner. It’s also gone through a period of creative ferment, with passionate debates over both fundamental issues as well as finer points, developed schisms between camps with differing viewpoints, and soon.
Q: That sounds kind of unstable.
A: Yes, but necessary, especially in the beginning. As they say, democracy is messy. And despite the high level of dynamism, some of the largest and most conservative technology companies in the world (e.g., IBM) have realized how much value can be found in open source development and licensing, and have come on board. That’s pretty remarkable, given how risk-averse huge companies generally are.
The really big question now is how the open source movement will evolve from here. Revolutionaries are necessary to bring about revolutions, but they’re better with big ideas than with boring details. Problem is, it takes a fair amount of attention to boring details to turn grand revolutions into stable, lasting systems.
Q: OK, so how do you see that happening?
A: One possibility is that corporations will try to over-domesticate the open source development model and kill its spirit. If that happens, then you’re likely to see less participation, and two separate types of projects: corporate projects where all or almost all of the participants are the employees of the group of companies that launch, and rely on, the project’s output, and community projects, with largely independent developers participating, as well as corporate employees engaging for their own personal, avocational reasons.
Q: How do you think that would play out?
A: The corporate projects could work well as cost sharing mechanisms, allowing companies to develop software they want to see exist because it helps them sell other products and services. But the talent, creativity and passion would still migrate to the community projects, so corporations would never get the full advantage of the open source development model.
Q: So what’s the other possibility?
A: Corporations continue to realize that the magic of open source comes from volunteerism, numbers of participants, merit-based advancement, openness, and other factors that can’t be domesticated. You can’t push a string, as they say.
Q: This is all very interesting from an academic perspective, I’m sure, but does this actually have anything to do with the CodePlex Foundation?
A: Indeed, it has everything to do with the Foundation. That’s because (and to return to the political analogy), I think that the open source movement needs to mature, just as any revolutionary movement needs to mature, if it is to become a long term force.
A: What do you mean by “mature?”
Q: Passion is great to launch a movement, but it’s often the boring details that have to be filled in to make it work long term. In the case of open source, the creative ferment that I referred to earlier has resulted in a somewhat chaotic landscape – far too many licenses with far too few differences between them (the same is true with contribution and similar agreements), competing priorities between the interests of various stakeholders, and other fault lines that create legal issues that can slow down the spread of open source development and uptake.
If community members would like to see free and open source software rather than proprietary software predominate in the marketplace, then it’s in their best interest to address these issues, and relax these tensions, as well.
Having a place where community members and vendors can get together and talk about these things could result in life being easier and better for everyone. By the way, I think that such a place needs to invite more than just individual and corporate developers, too, if it’s really going to be useful. End users should have a seat at the table, as should foundation and project management, and also mergers and acquisitions experts – the current state of open source licensing at best adds many extra cycles to doing any kind of deal these days, and sometimes real nightmares.
A: So let’s get more granular now. What kind of things do you think the members of such a foundation should engage on?
Q: Here are some issues that would be at the top of my list (asterisked items are already mentioned in some fashion at the CodePlex Foundation site):
1. There are too many licenses, too many of which don’t mesh well. Let’s narrow down the numbers and address where they don’t fit well, and also document clearly and concisely where the problems are. There’s already some good work going on in this area (e.g., at the Open Source Initiative), so in part this could be more of a supporting and promotional role.
2. Some of the existing, popular licenses that have been around for awhile could be cleaned up a bit, but whenever I help set up a new foundation, everyone is very reticent to touch the license they choose, because it’s easier to reuse the version posted at OSI than to raise concerns over what has been changed, and why. So while recommending a subset of the existing licenses, let’s suggest a few tune up changes to some of them as well.
3.* Involving corporate employees in projects can be a real pain, from the legal side. A project needs to be sure that it has the necessary intellectual property rights to any code an employee contributes, but that employee will often have already signed an agreement with her employer that says the employer owns the code and the related IP rights. In that case, you need the employer to sign something.
That’s not too bad if the employer wants the employee to be participating, but what if the same employee works for, say, a multinational agribusiness? Who does the employee go to, and why should they say yes, particularly if they don’t know anything about open source software? The concept of having well-recognized model contribution agreements that individuals and corporations would readily sign – as suggested by the CodePlex Foundation Web site – is not at all a bad idea, as it would facilitate getting such permissions. Of course, they need to say something that’s acceptable to the community as well as to the corporations.
4.* What about the rights in project code, as between a project and an individual code contributor? From a purely simplistic, legal perspective, the ideal situation is for contributors to transfer ownership of their contributions to the project, or to grant the project an unrestricted license to change, distribute, and sublicense the code (the latter route is the one taken at the current model Contribution Agreement to be found at the CodePlex site). Why ideal? Because this allows the project to exercise all rights needed to accomplish its goals, such as adopting a new version of its distribution license (the alternative is to go back and get permission from all of the individual contributors – many of whom may no longer be reachable). From the perspective of many developers, however, that’s entirely unacceptable.
At one level, the question here is about the rights of authors (code contributors) versus the rights of publishers (projects), which is a conflict that’s been around at least since the days of Gutenberg. But in this case – a distribution’s authors are its publisher. Perhaps with time contributors may end up thinking more like publishers and this issue may go away, but for now, it would be great to make some practical progress on this one way or another – or in more than one way, so that people could make intelligent, project by project choices. (By the way, Stephen O’Grady’s excellent Q&A on the CodePlex Foundation has a very good discussion on this topic).
5. Project governance is another area where developing best practices would be useful, making it easier for new projects to be launched with less effort, and in a form that will be most likely to facilitate success.
6.* I think it’s always beneficial to help each community (corporate and developer) become more aware of the others’ reality. There’s no better way to appreciate another person’s perspective and legitimate needs than to sit across a table (or listserv) from them and hash things out.
7. Needless to say, not every project is led by a Linus Torvalds, and even when one does come close, inevitably that person is going to want to retire or move on. Open source development projects are still in their relative infancy, with few important projects having gone full cycle from formation to some sort of happy ending (i.e., a transition to just a few, legacy users after the software has been superseded in the marketplace and the project has gone dormant). It would be great to review how the most successful projects have been run internally, analyze what made that happen, and then set up better “how to” manuals than currently exist. An element of this would be to consider how individual community members and dedicated corporate participants most productively interacted.
8. Last but not least, I think that having a place where the sometimes competing demands of open standards and open source could be discussed and worked out as well.
It would be great to see an organization that could tackle questions like these, either individually, or in some cases, in collaboration with existing organizations.
A: What about hosting projects? The Web site talks about that as well.
Q: I’m a bit ambivalent on that one. Do we need another project host? Probably not. But hosting projects as test beds to try out and demonstrate the type of deliverables that I mention above could be a very worthwhile endeavor. If those projects run really well, put out great software on an efficient basis, and attract and keep large, diverse communities of participants that work well together, that’s a great way to develop, confirm, perfect and demonstrate the kind of best practices that others could benefit from.
Q: So I’m hearing from you that you don’t think that the concept of the CodePlex Foundation is necessarily a bad idea, but that (a) it needs to be set up differently to inspire trust, (b) it needs to reset its priority statements to reflect an equal concern for community priorities as well as corporate needs, (c) it needs to change its messaging to demonstrate a commitment to provide convincing value for community members, and (d) while the initial list of deliverables is in the right ballpark, it could be further refined.
A: You know, I couldn’t have said that better myself.
For further blog entries on Open Standards and Open Source click here
sign up for a free subscription to Standards Today today!