Open Letter to the Open Source Software Industry
Since the release of PGP in the early 1990s, code has been treated as protected speech by the 1st Amendment of the US Bill of Rights. A new lawsuit is beginning to unwind that precedent by attempting to establish a fiduciary relationship between coder and user where no contractual obligation exists today. This implies that open source cryptographers become liable when a user loses their private keys, database maintainers become liable when backup recovery is ineffective, Linux kernel developers become liable when they do not protect the best interests of all of their users, and more.
In 2021, a lawsuit was launched by a company controlled by an individual whose credibility and behavior in courts around the world has been repeatedly criticized. This lawsuit was primarily directed at open source developers who he lumped into two groups: “Bitcoin” and “ABC”, with other defendants also being lumped into cryptocurrency-related groupings. He claims an extraordinary fiduciary duty is owed to him despite the permissive MIT License standing prominently in the relevant softwares. To our knowledge, this is the first time anyone has claimed that open source developers owe duties (and over $3.2B in monetary damages) to users of free software. If the claimant gets its way, the open source software industry stands to lose much more than a handful of developers.
Although the claim was initially dismissed, an appeal court allowed the case to proceed to trial. Trial is incredibly expensive, with over $700,000 spent on our defenses so far. Any software developers living anywhere in the world can be dragged into a court in the United Kingdom purely because the user happens to live there, and be forced to pay hundreds of thousands of dollars out of their own pocket to defend themselves in a costly trial, in a country that has nothing to do with their homeland, their business, or any facet of their life.
We need your help. Our personal resources are at a breaking point and can no longer bear this burden alone.
This Impacts You
No developer can operate in an environment where the threat of lawsuits hangs over them. Although a successful defendant might recover the majority of their legal costs from the claimant after trial, in the UK, this amount is typically not higher than 70%. The 30% which is not recovered often amounts to tens or hundreds of thousands of dollars after trial. If you are a developer, it won’t matter if the truth is on your side because even winning a lawsuit might involve out-of-pocket costs substantial enough to ruin many people’s lives. And this assumes that you can afford the initial expense to get to trial.
If you are a business, there are immediate effects if we lose this trial. The new precedent could unlock a torrent of novel lawsuits in every country in the world. Following that, your business may find its operations unexpectedly halted as more open source software becomes unavailable. A large stack of open source lays the foundation for almost all businesses today, even if you exclude software businesses. Can your business operate without Linux, databases, file backups, or internet browsers? Will your website continue to work for customers? Do services that you rely on depend on open source? From our experiences, decoupling a business from open source is not practical.
If you live in the UK, the battles over Bitcoin software being waged by the individual behind this claim may already be impacting you today! Bitcoin.org blocks UK connections from downloading Bitcoin software due to the consequences of another lawsuit brought by him. We expect that more open source projects will find themselves in similar situations and be forced to do the same. As the UK turns itself into a pariah in technology-related legal issues, this could become the norm.
If you are a cryptocurrency business, the largest impact is on you. The notion that Bitcoin and other cryptocurrency developers might owe duties to users of blockchains will drive those developers into other jobs, and few if anyone will want to replace them. Without them, these softwares will cease to be maintained, developed, and improved. Unmaintained software, like fruit on an unwatered tree, withers and decays.
What should I do?
- Ensure this letter reaches far and wide. All open source developers need to raise the concerns of the risk they now suddenly bear.
- Make the defendants whole. We have already given great personal sacrifice, both in time and money, to make it this far. With support, we can win the case and avoid a damaging precedent that would put open source software developers on the hook. Please see donation information here.
- Consider blocking downloads from the UK if you run an open source project, and explain why you are doing it. You can reduce your risk and raise awareness. Businesses that find themselves unable to download open source software will quickly realize they are a stakeholder and can contribute to fixing the root problems.
- Reach out to your political representatives, and make them aware that this issue will make English law at odds with every international tech company. Even if you don’t live in the United Kingdom, your political representative needs to know that this impacts their constituents!
- Think long term. The MIT License has brought the open source software industry a long way. Is it time for the next iteration? Should there be a foundation established to protect open source projects? Work with your lawyer to improve the future legal landscape.
How can I donate?
Please see our donation page for details.