Software Freedom Conservancy attacks Trump's Social Network... before any licensing violations occur
The "Conservancy" claims AGPL violations and begins making threats... before any violation has even occurred.
Yesterday, the newly formed “Trump Media and Technology Group” announced their new social network dubbed “Truth Social”.
The new social media platform was not yet publicly launched in any way — the final URL was not yet shared and folks were not yet shown how to sign up. Despite that, a few people managed to figure out the URL paths to allow them to find, and sign up for, the not-yet-released platform.
As tends to happen with anonymous people on the Internet, a few of those people decided to post derogatory and vulgar pictures. Because… it’s the Internet. That’s what those people do.
The Truth Social team quickly took down that way of accessing the not-yet-released site. Because it wasn’t released yet and people weren’t supposed to be using it. Obviously.
One thing that came out of this is the knowledge that Truth Social appears to be based on Mastodon, one of the most popular open source social media projects.
None of this is terribly surprising. Mastodon is a reasonable option for basing a new social media platform on. And the fact that a bunch of angry, anonymous Internet people behaved badly… well, that’s just par for the course for the Internet.
Then the Software Freedom Conservancy got involved.
A post by the Software Freedom Conservancy’s Bradley Kuhn stated that Truth Social was violating the terms of the AGPL v3 (which Mastodon source code is licensed under)… and threatened action if that violation wasn’t remedied within 30 days.
“Early evidence strongly supports that Trump's Group publicly launched a so-called “test site” of their “Truth Social” product, based on the AGPLv3'd Mastodon software platform. Many users were able to create accounts and use it — briefly. However, when you put any site on the Internet licensed under AGPLv3, the AGPLv3 requires that you provide (to every user) an opportunity to receive the entire Corresponding Source for the website based on that code. These early users did not receive that source code, and Trump's Group is currently ignoring their very public requests for it. To comply with this important FOSS license, Trump's Group needs to immediately make that Corresponding Source available to all who used the site today while it was live. If they fail to do this within 30 days, their rights and permissions in the software are automatically and permanently terminated. That's how AGPLv3's cure provision works — no exceptions — even if you're a real estate mogul, reality television star, or even a former POTUS.”
Let’s break this down.
Conservancy is correct that AGPL code must be made available
Bradley Kuhn is 100% correct that the terms of the AGPL v3 require that any AGPL licensed code (and modifications of them) must be made available to users of that code, on request.
Which means that any site that is based on the AGPL licensed Mastodon must provide the source code, on request, to any legitimate users of that site.
The AGPL is crystal clear about that.
Which means that: Yes. Truth Social, once it is launched and users are rightfully using the platform, must provide the source code to those users, when asked.
No violation has occurred
As of this moment… no violation has actually occurred, on the part of Truth Social.
First and foremost: The “Truth Social” social network has not launched.
The fact that a few people were able to dig around and find a hidden test site (that was not yet ready for usage) does not constitute a public launch. And even more importantly, does not constitute “Conveying” of the AGPL source code, as defined by the AGPL license. Therefor, no violation could possibly have occurred.
Second: The Software Freedom Conservancy declared that “Truth Social” was in violation… mere hours after this all occurred. Hours. Not days, hours. Mostly at night. Not only does this not constitute a violation under the terms of the AGPL… it is simply not reasonable. Not in the slightest.
Hypothetical:
What if you, personally, decide to set up a Mastodon server to tinker around with it. You don’t tell anyone about it. Don’t invite anyone to use it or even give out the URL. But, somehow, someone found it. That person then demands that you provide source code immediately. When you don’t reply in just a few hours… they write a public article declaring you are in violation of the license and threaten further action.
That is almost exactly what happened in this case. And it is absolutely absurd.
Now. That said.
After “Truth Social” launches — when it is actively telling others that they can use the system — they must provide the source code to Mastodon and any modifications to it, under the AGPL… when such code is requested (which, I’m guessing, will happen almost immediately upon public launch).
That’s how the license works.
If — hypothetically — “Truth Social” fails to provide said code at that point (they have 30 days to do so after the request), then “Truth Social” would be in violation of the AGPL license.
But that process hasn’t even begun. And, even if it had, you would need to wait more than a couple of hours before declaring the violation.
This reeks of an opportunistic, political attack
I have never witnessed the Software Freedom Conservancy making such an aggressive attack in the past. Before any violation actually occurred, and only hours after the software and license in question was even learned about. This is… unusual. To say the least.
Considering that no violation has yet occurred, this looks highly politically motivated and opportunistic.
It has already been picked up by the, highly political, Verge. I wouldn’t be surprised if other politically “anti-Trump” technology journalists jump on this story over the coming days. Which means that damage is being done… based on an obviously false premise.
This makes everyone in open source look petty and angry
This doesn’t make the Software Freedom Conservancy look good. Not at all.
That small group has done some excellent and positive work… but… this? This makes the Software Freedom Conservancy look petty. And willing to disregard facts and reasonableness… in order to attack a political figure that they don’t like.
The truly unfortunate part here, is this paints all of “open source” and “free software” with that same brush. It reinforces the, already existing, impression (which is, honestly, rightly earned) that those in the open source industry tend to be so extreme in their Left-wing political views… that they are willing to throw out facts, common sense, and basic human kindness in order to score political vengeance points against those they disagree with.
Note: I have spoken with Bradley Kuhn of the Software Freedom Conservancy many times and have always found him to be reasonable, intelligent, and (most importantly) kind. I truly hope that he (and the rest of the Conservancy) can sit down and think this through. I recommend issuing a retraction. Then if, in the future, “Truth Social” actually does violate the AGPL… make such a statement at that time.
I, Bryan Lunduke, am not a lawyer. So, hey. Maybe I’m wrong. That said, I have acted as the VP of Engineering of multiple software companies, run marketing at open source companies, been in elected board positions of open source projects, and been an active journalist in the open source world for over 15 years.