In October, the OSI hosted the State of the Source Track at All Things Open designed to connect developers with the big policy conversations shaping our ecosystem. Pamela Chestek, emeritus OSI Board member, opened the track with Licensing 201, an advanced but practical look at how licenses get approved and why the right choice matters for community health.<\/p>\n
Licensing 201<\/p>\n
This essential session is an advanced primer on Open Source licenses and why one should care, which are most commonly used and why. Also included are insights into the OSI license process and who are involved in considering and approving new licenses based on the Open Source Definition, plus which have been approved in the last five years. Topics include\u00a0 challenges, successes, best practices, operational policies, and resources.<\/p>\n
Open Source 201 \u2013 ATO 2025Download<\/p>\n
Video summary<\/p>\n
Pamela Chestek: All right, as Deb mentioned, thank you very much for the introduction. A little about myself: I\u2019m a former board member of the Open Source Initiative. My term on the board has ended, and I\u2019m now a lawyer in private practice, focusing on trademarks and open source software licensing. I currently live in California but used to live in Raleigh, so it\u2019s nice to be back here for a visit.<\/p>\n
We\u2019re calling this session \u201cOpen Source 201\u201d because we\u2019re assuming that everyone here already has a good understanding of open source licensing\u2014so this isn\u2019t 101. That said, we\u2019ll start with a short refresher to make sure we\u2019re all on the same page.<\/p>\n
Agenda<\/p>\n
We\u2019ll begin with a quick review of terminology and basic concepts, then talk about the current state of open source licensing\u2014including some recently approved licenses, current issues, and emerging topics like AI licensing. I\u2019ll also explain the license review process\u2014how it works and what to expect if you want your license approved by the OSI.<\/p>\n
Open Source Definition Refresher<\/p>\n
Here are the ten elements of the Open Source Definition. You don\u2019t need to memorize them all; I certainly haven\u2019t. But there are three that tend to come up most often when we review licenses\u2014they\u2019re the ones that most frequently cause problems:<\/p>\n
Not granting sufficient rights to derivative works.<\/p>\n
Discrimination against persons, groups, or fields of endeavor.<\/p>\n
Restrictions on other software.<\/p>\n
For example, any license that says \u201cnon-commercial use only\u201d will never be approved by the Open Source Initiative, because that discriminates against commercial users\u2014a violation of the definition.<\/p>\n
Basic Vocabulary<\/p>\n
Let\u2019s go through a few key terms.<\/p>\n
Copyleft \u2013 This is the philosophy underlying many open source licenses. There are two general categories of licenses: permissive and copyleft.<\/p>\n
Permissive licenses let you do almost anything with the software.<\/p>\n
Copyleft licenses add a condition: if you modify or combine the software with others, your modified work must also be distributed under the same license.<\/p>\n
It\u2019s a mechanism to ensure that improvements remain available to everyone\u2014a \u201crising tide lifts all boats\u201d philosophy.<\/p>\n
BSD License \u2013 The Berkeley Software Distribution license. It\u2019s one of the oldest open source licenses, very permissive, and exists in several variants because certain clauses have been dropped over time. The wording is old-fashioned, but it\u2019s still recognized and widely used.<\/p>\n
Model Weights \u2013 A newer term relevant to AI. Model weights are the numerical values assigned to nodes in an AI model, determining how the model processes information and produces output. Adjusting these weights changes the model\u2019s behavior.<\/p>\n
Defensive Termination \u2013 A clause that\u2019s appeared in newer licenses. It says if you use this software and then sue someone for patent infringement, your license terminates. It\u2019s designed to discourage patent lawsuits within the open source community.<\/p>\n
Current State of Open Source Licensing<\/p>\n
It was interesting to revisit some of the licenses we reviewed recently.<\/p>\n
From the State of Open Source Report, in 2025 the top reason people said they use open source was \u201cno license cost.\u201d In 2023, it was \u201cfunctionality,\u201d but that flipped in 2024\u20132025.<\/p>\n
Top support challenges include:<\/p>\n
Updates and patches<\/p>\n
Meeting security and compliance policies<\/p>\n
Maintaining end-of-life versions<\/p>\n
Recently Approved Licenses<\/p>\n
These are some of the licenses recently approved by OSI. Most are older or specialized:<\/p>\n
Los Alamos National Labs BSD-3 Variant<\/p>\n
CDDL 1.1<\/p>\n
OSC License 1.1 (German) \u2013 Created for use by the city of Solingen, Germany. There had been longstanding uncertainty about whether the MIT license\u2019s limitation of liability clause was enforceable under German law. This license was crafted to address that concern.<\/p>\n
Blue Oak Model License 1.0.0 \u2013 About five years old, recently submitted and approved. Somewhat controversial but valid.<\/p>\n
Writing a good license is extremely difficult. Once it\u2019s published and software is released under it, you can\u2019t easily change it. That\u2019s why the review process is so careful. Reviewers in the OSI process are some of the best contract analysts I\u2019ve ever worked with\u2014they find loopholes, edge cases, and ensure the license truly aligns with open source principles.<\/p>\n
Licenses Under Review and Withdrawn<\/p>\n
Under Review: The ModelGo family of licenses\u2014designed for AI models specifically. They\u2019re being rewritten several times to get them right. AI licenses are complex and need precise language because AI systems are very different from traditional software.<\/p>\n
Withdrawn Licenses:<\/p>\n
MGB 1.0 License \u2013 Proposed by Massachusetts General Brigham Hospital. They needed a healthcare-specific license with special liability disclaimers but couldn\u2019t finalize a workable version.<\/p>\n
PPPL BSD-3 License \u2013 Duplicated an existing license, so it was withdrawn.<\/p>\n
Irrevocable MIT License \u2013 Attempted to prevent relicensing or removing repositories, but included problematic terms (like requiring perpetual hosting). It wasn\u2019t workable as drafted.<\/p>\n
Most submissions are well-meaning\u2014people want to strengthen the open source ecosystem\u2014but translating those goals into sound legal text is hard.<\/p>\n
Key Challenges in Open Source Licensing<\/p>\n
1. Complexity \u2013 Modern codebases use thousands of third-party components, often pulled from registries like npm, PyPI, and RubyGems. These can introduce security risks.<\/p>\n
2. Attribution \u2013 Every open source license requires attribution and inclusion of the license text. Manually tracking thousands of dependencies is nearly impossible.<\/p>\n
3. License Compatibility \u2013 A persistent issue. The main question: can you comply with all applicable licenses at once?<\/p>\n
For example, the GPLv2 and GPLv3 licenses are incompatible with each other\u2014you can\u2019t merge software under both because each requires the combined work to be distributed under its own terms. The same applies between GPLv2 and the Apache License (according to the Free Software Foundation).<\/p>\n
There\u2019s no definitive court ruling on these issues in the U.S.; the community operates largely on shared norms and interpretations.<\/p>\n
Legal Developments<\/p>\n
One major case is Software Freedom Conservancy (SFC) vs. Vizio.SFC sued Vizio for failing to provide source code for GPLv2 and LGPLv2 components in their televisions. Uniquely, SFC sued as a purchaser of the TV\u2014not a copyright holder\u2014claiming they were a third-party beneficiary of the GPL license terms.<\/p>\n
They\u2019re seeking only the source code, not damages. The case will go to trial in January 2026. If successful, it could significantly expand who has standing to enforce open source licenses.<\/p>\n
AI and Open Source Licensing<\/p>\n
AI introduces new challenges. The Open Source Initiative recently defined \u201cOpen Source AI\u201d as an AI system\u2014and \u201csystem\u201d is key\u2014made available under terms that grant the freedoms to use, study, modify, and share it.<\/p>\n
However, OSI emphasizes that this must apply to the entire system\u2014not just the model weights or code fragments. Many entities today release \u201copen models\u201d that share only parameters, not the training data or code, which doesn\u2019t meet the OSI\u2019s definition.<\/p>\n
To qualify as Open Source AI:<\/p>\n
The full system must be available.<\/p>\n
Data information must be provided in enough detail for others to recreate the system.<\/p>\n
Code must be under OSI-approved licenses.<\/p>\n
Model parameters must be shared under OSI-compliant terms.<\/p>\n
Using open licenses is necessary but not sufficient\u2014you must also provide enough transparency for others to reproduce or modify the system.<\/p>\n
Other Trends and Challenges<\/p>\n
In the broader landscape, we\u2019re seeing new attempts to reshape open source for particular goals:<\/p>\n
Ethical Source Licenses and Responsible AI (RAIL) Licenses aim to restrict harmful or unethical uses (e.g., military, medical, or nuclear applications). While well-intentioned, these violate the Open Source Definition because they limit fields of endeavor. They also risk shifting liability to end users.<\/p>\n
Commercial Restrictions (like Meta\u2019s Llama license) reintroduce non-commercial clauses, which are fundamentally incompatible with open source principles.<\/p>\n
Despite these challenges, OSI continues to emphasize that open source licensing must remain truly open\u2014free of discrimination, transparent, and reusable by anyone.<\/p>\n
License Review Considerations<\/p>\n
When reviewing a license, OSI looks for:<\/p>\n
Reusability by anyone, not just the license creator.<\/p>\n
No special privileges for the original author.<\/p>\n
Clarity and precision\u2014legal writing must be exact.<\/p>\n
Compliance must be possible in practice.<\/p>\n
The license must fill a genuine gap not already covered by existing licenses.<\/p>\n
Because human creativity has no limits, the OSI can\u2019t list every unacceptable provision\u2014but its guiding principle is simple:<\/p>\n
Does this license advance or inhibit the adoption and use of open source software?<\/p>\n
\n
\nSource: opensource.org
<\/p>\n","protected":false},"excerpt":{"rendered":"
In October, the OSI hosted the State of the Source Track at All Things Open designed to connect developers with […]<\/p>\n","protected":false},"author":64,"featured_media":0,"comment_status":"false","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-18674","post","type-post","status-publish","format-standard","hentry","category-mp"],"_links":{"self":[{"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/posts\/18674","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/users\/64"}],"replies":[{"embeddable":true,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/comments?post=18674"}],"version-history":[{"count":1,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/posts\/18674\/revisions"}],"predecessor-version":[{"id":18675,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/posts\/18674\/revisions\/18675"}],"wp:attachment":[{"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/media?parent=18674"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/categories?post=18674"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/plus.maciejpiasecki.info\/index.php\/wp-json\/wp\/v2\/tags?post=18674"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}