TLDR: It’s compatible with other copy-left licenses like GPLv3. However, it’s available in multiple languages, which technically makes it more applicable.
I started using it for my own project. If you want a practical example: https://github.com/TimoKats/emmer
Let’s reinvent EVERYTHING!
There is no way Europe will prevail if we spread thin and try to copy everything. A free license is not a lockin that the US can abuse. It’s the opposite.
With licenses, I don’t think the goal is to create one universal standard. More options is typically better.
It is not. It makes evaluation more complicated, as well as sharing code among projects.
The Free Software Foundation writes the following about the EUPL 1.2 (https://www.gnu.org/licenses/license-list.html#EUPL12):
This is a free software license. By itself, it has a copyleft comparable to the GPL’s, and incompatible with it. However, it gives recipients ways to relicense the work under the terms of other selected licenses, and some of those—the Eclipse Public License and the Common Public License in particular—only provide a weaker copyleft. Thus, developers can’t rely on this license to provide a strong copyleft.
The EUPL allows relicensing to GPLv2, because that is listed as one of the alternative licenses that users may convert to. It also, indirectly, allows relicensing to GPL version 3, because there is a way to relicense to the CeCILL v2, and the CeCILL v2 gives a way to relicense to any version of the GNU GPL.
To do this two-step relicensing, you need to first write a piece of code which you can license under the CeCILL v2, or find a suitable module already available that way, and add it to the program. Adding that code to the EUPL-covered program provides grounds to relicense it to the CeCILL v2. Then you need to write a piece of code which you can license under the GPLv3-or-later, or find a suitable module already available that way, and add it to the program. Adding that code to the CeCILL-covered program provides grounds to relicense it to GPLv3-or-later.
The fact that re-licensing from EUPL to GPL is so cumbersome (and therefor off-putting to independent developers), and that at the same time it allows for re-licensing to weaker copyleft (i.e. for derivative works to be more proprietary, so to speak), makes me not want to use it.
That’s wrong. The EUPL’s strictest provisions remain in effect even when used in other licenses:
However, according to the EUPL, the compatible licence that is applied to a derivative work will prevail “in case of conflict” with the EUPL. For example, when the EUPL licensor has its seat in Germany, the applicable law is German and the court is Berlin, but if the code is reused in a French project distributed under CeCILL, the French law will be applicable and the competent court will be Paris. But on the strongest open source EUPL provisions, like the coverage of SaaS and the obligation to publish and share the derivative source code, none of the listed compatible licences enters in conflict with the EUPL: for example, they may not “impose” code distribution in case of SaaS distribution, but they do not prohibit it. Therefore the EUPL obligations are persistent.
The EUPL 1.2 also allows directly relicensing to GPLv3, I don’t know where they got the idea you cannot do so.
Large parts of the GPLs are also void (e.g. providing “zero warranty/liability” and provisions regarding dynamic linking) according to EU case law.
The EUPL is effectively a interoperable strong copyleft license. It tries to prevent license incompatibilities due to “virality”.
I strongly recommend reading these two articles, they are much more accurate than the FSF’s:
Highly interesting. However:
So these are the parts of the EUPL 1.2 that are most relevant to copyleft:
- Obligations of the Licensee
…
Copyleft clause: If the Licensee distributes or communicates copies of the Original Works or Derivative Works, this Distribution or Communication will be done under the terms of this Licence or of a later version of this Licence unless the Original Work is expressly distributed only under this version of the Licence — for example by communicating ‘EUPL v. 1.2 only’. The Licensee (becoming Licensor) cannot offer or impose any additional terms or conditions on the Work or Derivative Work that alter or restrict the terms of the Licence.
Compatibility clause: If the Licensee Distributes or Communicates Derivative Works or copies thereof based upon both the Work and another work licensed under a Compatible Licence, this Distribution or Communication can be done under the terms of this Compatible Licence. For the sake of this clause, ‘Compatible Licence’ refers to the licences listed in the appendix attached to this Licence. Should the Licensee’s obligations under the Compatible Licence conflict with his/her obligations under this Licence, the obligations of the Compatible Licence shall prevail.
Having read this section multiple times, also in different languages, I preliminarily believe that the following still remains possible:
-
Let’s say that some person or entity “A” has released some code under the EUPL.
-
Some other person or entity “B” creates a derivative work and distributes it (including all of A’s code) under the LGPL. This is allowed per the first sentence of the EUPL’s Compatibility clause above: “this Distribution or Communication can be done under the terms of this Compatible Licence”. Here B is a licensee of the EUPL-licenced work, and what the final part of the Compatibility clause (just like the text that you quoted) says is that B, being a licensee of a EUPL-licensed work, continues to be bound by all of the EUPL’s copyleft obligations. Fair enough.
-
Now some third person or entity “C” comes along, and takes just this re-distributed work, which is being distributed by B under the terms of just the LGPL. Here C has no obligations under the EUPL, because C is only dealing with code that is distributed by B under just the LGPL. That is, C is solely a licensee under the terms of the LGPL.
And thus the exploit would be: Corporation C pays some straw man company B to re-distribute A’s interesting EUPL code under the LGPL, so that corporation C can pick it up while only needing to comply with the weaker copyleft of the LGPL.
I am not an expert in copyright law, which is what these licenses are based upon and cannot analyze the text.
Still, couldn’t you make it even more straightforward by forking twice yourself?
- Take the original EUPL code and fork it under the LGPL
- Take the LGPL code and fork it under the LGPL
- This second fork has all EUPL conditions removed
I’d by surprised if the license authors did not consider this. Lawyers wrote this with consideration of EU law after all, not some laypeople.
If I had to guess: Any inclusion of EUPL code in another project would have to be marked as being under the EUPL. This is solely to inform anyone who wants to fork this section and distribute the code in form of SaaS to abide by source code requests.
It’s like an EU variant of the AGPL whose many conditions about linking apparently don’t hold up in EU court. The GPL’s are all primarily considering US copyright law after all.
EUROPEAN UNION PUBLIC LICENCE v. 1.2
EUPL © the European Union 2007, 2016
The ‘EUPL’ in short.
I don’t know how well it holds up against gpl3 & later etc. but it’s definitely a good step forward for Europe, or so it seems.
If I can get some feedback on FOSS etc I will gladly add it to tenfingers.
tenfingers looks cool btw, hadn’t heard of it yet. Is it your project?
Yep 😋 and thanks! I’m appallingly bad at marketing so no doubt you haven’t heard about it 🥲.
Glad you raise this topic.
Can anybody elaborate on the practical difference between EUPL and AGPL ?
Iirc, although these both cover software as a service, EUPL is more relaxed about conversion or combination with other ‘compatible’ licenses which don’t include SaaS. So I’d be worried this keeps open a pathway for a bigger power to ‘enshittify’ my code.
Another question - has anybody experience defending rights under EUPL ?I can only answer the first question:
The great thing about the EUPL is: Its terms prevail if the other license does not have conflicting provisions. Any code licensed under EUPL will keep the SaaS restrictions:
However, according to the EUPL, the compatible licence that is applied to a derivative work will prevail “in case of conflict” with the EUPL. For example, when the EUPL licensor has its seat in Germany, the applicable law is German and the court is Berlin, but if the code is reused in a French project distributed under CeCILL, the French law will be applicable and the competent court will be Paris. But on the strongest open source EUPL provisions, like the coverage of SaaS and the obligation to publish and share the derivative source code, none of the listed compatible licences enters in conflict with the EUPL: for example, they may not “impose” code distribution in case of SaaS distribution, but they do not prohibit it. Therefore the EUPL obligations are persistent.
I’m still confused by this. Doesn’t that imply that if a derivative SaaS is created in combination with a weaker ( less-copyleft ) license such as GPL, Apache or MIT, then the weaker licence wins, so the derivative source code no longer has to be published ? I’m not looking for a ‘do whatever you like’ licence, I’d prefer a copyleft approach like AGPL, but one that’s easier to defend in europe.
The weaker licenses don’t even mention SaaS so they aren’t in conflict with the EUPL there. As such, the EUPL’s copyleft protections should still remain for code published under it, even when used in an MPL project.
I’m imagining it as a pseudo-dual license permission and the EUPL as some sort of Affero-LGPL.
Though SaaS vendors would probably comply maliciously and only send EUPL code snippets back when requesting source code, if they are used in a differently licensed project.
I hope you are right but fear that in practice (has this ever been tested?) you might not be.
See for example this discussion ( note especially comments by ‘MadHatter’ )
If you have software using this license, feel free to share under this post :)
There’s no fuckin drummer better than Neal Peart
*neil peart…but yes very true
I think this is a very useful license to require in new software procurements commissioned by public entities in the EU. The FSFE calls this “public money – public code” (publiccode.eu). Having a specific EUPL over just the GPL might make this look more proper, even if there aren’t many technical differences. However for personal use I would prefer using good old GPLv3.
Is there a license that permits free use by humans but not LLMs?
That would be CC BY-NC-SA.
Creative Commons,
Attribution,
Non-Commercial,
Share Alike.Meaning you need to attribute to the original author, can only use it for non-commercial purposes, and must share alike (i.e., your derivation must have the same attribution rules).
Imho there should be a “Commercial only for worker co-ops” option.
Maybe we also need to consider internet content and written books by default as something not allowed to be scraped by AI. Only that which is in public domain may be scraped.
Practically all the free software licenses require some form of attribution. CC licenses are not really suited for code. I would say the GPL is way more applicable here.
Not a lawyer, but I don’t think so. there are licenses that extend existing licenses with that clause, like BSD NON-AI
It’s not like these licenses require approval by any regulatory board. Remember you can write “all rights reserved” on any of your copyrightable work and extend no license to anyone whatsoever, or you can voluntarily release your work into the public domain and relinquish your copyright entirely, or anything in between.
Sadly the prevailing opinion seems to be that the most strict option (all rights reserved) doesn’t protect you from LLMs.
At that point, no license will help you, because they’re outright ignoring the law.
Yep. Either they’re ignoring the law and face no consequences or case law settles that scraping copyrighted content for LLM models is fine, in which case again, it doesn’t matter.
I’m afraid that might be correct :( perhaps closing off software to the public will be the only way to prevent it from getting stolen
I just came across repos using this in the past week. Thanks for starting a thread.
