Open-source software practitioners tend to see everything in black and white: it's open source or its proprietary.
So says Peter Zaitsev, co-founder of managed database firm Percona and investor in several open-source projects. This point of view often has moral overtones, saying open source is transparent and therefore "good", whereas proprietary software is closed and therefore "bad," or at least suspect.
But this picture is simplistic and increasingly outmoded.
First, software is a mix and match. Open-source components are found in almost all software, including the vast majority of proprietary applications. Code is a tool which can be co-opted for good or evil, and if modules can be shared and repurposed, as permitted by many licenses, developers have no way of knowing what their work will be used for.
Second, the picture has become confused with the likes of MongoDB, Hashicorp and Elastic going their own way, while still using the "open" word. AI is also complicating things with models like Meta's Llama 2 make a play about openness and transparency, without being officially open source. Like MongoDB's and Elastic's terms, Meta's community license is not recognized by the Open Source Institute, not that this stops some companies wearing the open-source badge.
There are already around 100 OSI-ratified open-source licenses, with a dozen or so in common use, but it's a complex area and there's not one for every use case, particularly in the age of cloud and AI, leading to a lot of "open-adjacent" schemes.
"There's this desire to redefine open source," said Zaitsev. "Elastic saying they're ‘doubling down on open.' Come on guys you know you're not; you just know that some people won't read beyond the headline. And MongoDB, when they talk to open-source folk they say ‘no, no it's SSPL, and SSPL is not OSI approved,' but then you look on their website and they're still marketing MongoDB as an open-source database."
As the OSI lacks an enforcement arm such transgressions go unpunished.
There's nothing wrong in having alternative business models, said Zaitsev, but "open source" should retain its accepted meaning. Otherwise, customers get confused, which works against their interests.
Earning profit from open-source software is challenging, and competition is inherent to the model, he said. There are two ways to succeed in that world: "Figure out a way to be better than the competition or figure out a way to screw the user so they have no choice."
Third, the OSI's remit leaves no space for new license types, such as ethical source and do-no-harm licenses, which may align with its ethos but do not quite fit established definitions. Zaitsev believes that while the OSI and similar organizations should preserve their open-source definitions, and preferably be able to enforce them, they should also be open to considering other models.
"I'd like to see them recognize the world has changed. If you look at software licenses, they go from your proprietary Oracle-type license right up to permissive open source. There are shades of grey; there is this spectrum. But as open-source people we tend to see it as black and white: is it open source or not?
"There has to be a line somewhere, but let's talk about the non-competitive source available licenses; let's talk about what that means and the benefits and drawbacks for users. Let us have a language for that. Let's talk more about that landscape."
The lack of an accepted lexicon that recognizes this broader spectrum of models leads to more confusing and "open washing", which is ultimately damaging to open source and its users alike, Zaitsev said.
This article originally appeared on our sister site Computing.
