Recently, I was looking into licensing an open-source project I’m creating. My preferred license is the BSD-3, but was given advice that I should seek a license that offers patent protection as well. I saw there is a BSD 2-Clause + Patent option, but not one for the BSD 3-Clause, not that I found through OSI or SPDX. This seems odd to me, because I’m pretty sure the BSD 3-Clause is more commonly used than the BSD 2-Clause. Because of this, I’ve had to dual license my project as BSD 3-Clause AND BSD 2-Clause+Patent, which is a bit unwieldy, but achieves the same desired results.

This seems like an odd oversight though, I’d be curious if there’s a reason the 2-Clause was chosen for the patent protection over the 3-Clause version? I could just add in the patent protection part to the 3-Clause version, but creating arbitrary licenses like that definitely makes me feel a bit… uncomfortable.

Edit: Due to some confusion as to what I meant, I wanted to add some details.

I’m definitely aware that licenses such as the Apache 2.0 exist, I just like the BSD licenses for their simpler language (and also don’t have that odd state changes clause from Apache 2.0). I’m more so just curious why the choice was made for only the BSD 2-Clause license to gain the Patent Clause, but not the BSD 3-Clause version. That’s what I’m not sure about, and why I’m curious about the logic behind this choice. I’m gonna paste in the content of both licenses below, since they are both short and easy to read and understand.

BSD 2-Clause + Patent

Copyright ©

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Subject to the terms and conditions of this license, each copyright holder and contributor hereby grants to those receiving rights under this license a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except for failure to satisfy the conditions of this license) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer this software, where such license applies only to those patent claims, already acquired or hereafter acquired, licensable by such copyright holder or contributor that are necessarily infringed by:

(a) their Contribution(s) (the licensed copyrights of copyright holders and non-copyrightable additions of contributors, in source or binary form) alone; or

(b) combination of their Contribution(s) with the work of authorship to which such Contribution(s) was added by such copyright holder or contributor, if, at the time the Contribution is added, such addition causes such combination to be necessarily infringed. The patent license shall not apply to any other combinations which include the Contribution. Except as expressly stated above, no rights or licenses from any copyright holder or contributor is granted under this license, whether expressly, by implication, estoppel or otherwise.

DISCLAIMER

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

(Fun Fact: A lead developer on the Rust team said they would have chosen the BSD 2-Clause+Patent license if it existed at the time of them first releasing the Rust programming language. Instead, it’s why they chose to dual-license under the MIT and Apache 2.0 instead.)

BSD 3-Clause

Copyright © .

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
  3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

    • 0x4E4F@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      3
      ·
      1 year ago

      Yeah, everyone could just snatch it, reimplement it and say it was their idea 🤷.

      • heeplr@feddit.de
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        1 year ago

        no, the patent office would find your publication, deem it Prior Art and not grant the patent. If it would miss it (some don't research very well), anyone can notify them to void the patent afterwards anytime.

        IANAL, there are lawyers specialized on patents who'll reassure you for free/cheap (relatively, they are friggin expensive). It also depends on legislature. Countries that break/never agreed to the PCT will do what they please.

        • 0x4E4F@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          no, the patent office would find your publication, deem it Prior Art and not grant the patent.

          Yeah, but what if they completely rewrite the code, making it completely indistinguishable from yours. They could claim that they came up with the idea themselves 🤷.

          • heeplr@feddit.de
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            not sure why you think that. if it's indistinguishable, it's still prior art. If it's something better or different than your code, it's a new thing.

            Patents protect technical principles, not actual sourcecode.

            • 0x4E4F@infosec.pub
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              1 year ago

              If it's something better or different than your code, it's a new thing.

              They might steal the idea. Analyze the source, make some modifications regarding their needs, reimplement it in whatever language they like… that is still stealing, is it not?

                • 0x4E4F@infosec.pub
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  Mhm… OK, in that case, let's say I reimplement Fraunhoffer's FDK-AAC. It's open source, but you can't redistribute binaries of it, you can only compile it for your own personal needs and you can't commercially use it for free. So, let's say my reimplementation is licensed under BSD or GPL and I allow everything, even commercial use for free. That would cut on the profit Fraunhoffer is making from their product, but they can't legally persue me because none of their code is in my reimplementation 🤨? That seems kinda off…

                  • lambalicious@lemmy.sdf.org
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    edit-2
                    1 year ago

                    Here's two things:

                    1. You can not steal an idea. (aka "just because you had an idea doesn't mean it's yours")
                    2. You can not steal profits that were never had or intended to be had in the first place (aka: piracy vs "abandonware")

                    Considering that:

                    It’s open source, but you can’t redistribute binaries of it you can only compile it for your own personal needs and you can’t commercially use it for free

                    Then it's not Open Source. So, which is it?

                    OK, in that case, let’s say I reimplement Fraunhoffer’s FDK-AAC. It’s open source, but you can’t redistribute binaries of it, you can only compile it for your own personal needs and you can’t commercially use it for free.

                    The only midly-relevant question here becomes: did you use their source code to implement yours, or did you use public knowledge of the algorith etc (up to and including "white boarding") to reimplement it? If the former, if the software is actually Open Source at best I could see a case for misrepresentation, but not for theft, because the source code is made available openly, you are not breaking that (that's what "steal" is).

                    Second, if your implementation is better than theirs, including eg.: because of having a better license, then the rules of the market apply: the better product wins (that's the same argument corps would use to try and break you if the case went the other way around, so it's only fair you can also use that; at least, law's supposed to be blind to order-of-parties). You are also not stealing profits because, besides the fact that potential profits by definition can not be stolen, you are also aiming at a different market eg.: people who wouldn't have bought Fraunhoffer's in the first place because of the license etc. If you are selling cheese sandwiches, you can not sue "stolen profits" from someone who is selling bacon sandwiches just because their clients asked you for bacon sandwiches and you said no.

              • heeplr@feddit.de
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                What are you trying to prevent? You can't release anything (opensource or not) without risking someone stealing the idea without patenting.

                No FOSS license will prevent that (quite the opposite, it encourages copying/modifications). Those licenses just prevent someone using your code commercially without releasing the source code again.

                • 0x4E4F@infosec.pub
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  I had a particular project in mind, I should have mentioned earlier, Fraunhoffer's FDK-AAC. It's open source, but the license is… tricky…

                  • heeplr@feddit.de
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    1 year ago

                    you could check how other FOSS do it. e.g. you externally link it as a library and use another license the user has to agree on just for that.