Posted by mkarg
on March 3, 2009 at 1:30 PM PST
I am rather proud that today I received the logo of EADS (you know, the company building the Airbus and other smart gadgets) for putting it on our project site. It seems now is the time to think over some legal aspects of Open Source Software.
In fact I was rather astonished when some weeks back someone with an @eads.com email address asked some questions about the correct usage of WebDAV Support for JAX-RS : The project was still an alpha, not tested at all, only available as source via SVN. Apparently EADS had chosen it to do something useful with it, even in this early stage. I agreed to spend some time helping with their problems, and in turn they allwed me to use their logo on the project site. Today it arrived and I must say I am really proud that they have chosen my code for their needs, whatever those might be (maybe they remote control the next Ariane with it?).
That led me to some different thoughts about Open Source Software: Liability. I am living in Germany and one principle of German law is: You are always liable for all you do. There is no exception for free things like Open Source. So what happens if someone puts my code into an airbag, my code crashes, and the airbag does not ignite? What if someone is harmed or killed? Or something gets damaged? Am I liable to that?
German law says: Yes. Fullstop. At least this is what the amateur jurist expects. But is it true?
While my source actually is published under GPLv3 which says that I shall not be liable for anything, the big question is whether this is valid in the German law system: Think of the case that I build a nuclear power plant for free, as a gift to the poor people of the world. The plant explodes due to a bug in my code, and the poor people (and presumably a few millions more) will be "seriously affected" (this is what some people would call "collateral damage"). Can millions of people sue me then? While I actually hope that the answer will be a clear "No, since your reactor was licenced by GPLv3 and people had the choice not to turn it on after reading the disclaimer of warranty." (do you also feel sick each time as soon as you come across a "disclaimer of warranty"?), I feel a bit queasy when thinking of large technology companies start using my code (in fact in my "real" job I do not feel sick since we have an insurance for cases like these, at least I hope so).
What do you think about that? Is the GPLv3 really a carte-blanche, a "licence to kill" without any liability? Really? I am not convinced that I would unconditionally say "Yes!" if it was my own airbag that did not open because somebody else's code did not work...
Post your opinion!