EUPL - a better choice for European citizens?

When choosing a FLOSS license, GPL is often mentioned as the copyleft license. However, enforcing the terms of the license might be difficult in countries that are not the United States. Copyright laws work differently across the world, and the wording of the GPL might not be directly compatible with copyright law in your jurisdiction.

As a European citizen, I prefer to use the European Union Public License for the open source projects that I write.

From Introduction to the EUPL licence | Joinup

What makes the EUPL unique and different from all other licences?

  • The EUPL is a reciprocal (or share alike, or copyleft) licence, meaning that distributed contributions and improvements (called “derivatives”) will be provided back or shared with the licensor and all other users. At the same time (and unlike other copyleft licences like the GPL or AGPL), the EUPL is compatible with most other open reciprocal licences and is interoperable. Summarising strongly, the EUPL functions as a LGPL covering remote distribution.

  • Compatible means that the work covered by the EUPL can be used/merged and distributed in another work covered by GPL-2.0, GPL-3.0, LGPL, AGPL, CeCILL, OSL, EPL, MPL and other licences listed as outbound compatible in the EUPL Appendix. This applies to the other (combined) work that is a “derivative”, while the original project must stay covered by the EUPL without re-licensing. Compatibility does not reduce the licensor obligations applied on derivatives, like the publication of the source code or the coverage of SaaS, because none of the compatible licences enter in conflict with the EUPL on these points. The compatible licence obligations will prevail when they conflict with those resulting from the EUPL.

  • Interoperable means that the EUPL is applied according to the European Law (Directive 91/250/EEC, re-codified 2009/24/EC), even when used in other parts of the world, making clear that the covered interfaces, APIs and data structures may be freely copied and reused for implementing static or dynamic linking with any other independent component, without impacting the licence of this component.

  • The EUPL is the sole really multilingual open source licence, where all 23 versions are original and have equal value;

  • The EUPL covers “the Work” meaning any copyrighted material (i.e. software and ancillary data);

  • The EUPL covers distribution through a network or SaaS (like a more compatible and interoperable AGPL) and includes a Developer Certificate of Origin (DCO) .

I would like to see that more developers are aware of this license, and that they would consider it for their next projects.

What are your thoughts about the EUPL?

8 Likes

I have to admit that I haven’t looked closely at the EUPL, but that’s a very compelling set of advantages you’ve listed there. I like that it’s very multilingual, for instance. That ties into another advantage which is you didn’t mention, which is that it seems to be a great deal more comprehensible than the GPL is to most people, particularly those for whom English is not a first language.

Perhaps something that led to my initial disinterest is the name? EUPL suggests that it only applies in the EU, or is designed for EU member states to use, or in some other way is fundamentally European and therefore mostly applicable to software with a European focus. Which is not true, of course, but I wonder if anyone else has had a similar experience.

In any case I’m interested, I think I’ll do more research and this might end up in one of my future projects.

1 Like

The EUPL covers distribution through a network or SaaS (like a more compatible and interoperable AGPL) and includes a Developer Certificate of Origin (DCO)

This is definitely something awesome that I think licenses need to cover. I wish licenses tackled AI stuff as well.

At the same time (and unlike other copyleft licences like the GPL or AGPL), the EUPL is compatible with most other open reciprocal licences and is interoperable. Summarising strongly, the EUPL functions as a LGPL covering remote distribution.

This means that it doesn’t have strong copyleft like the GPLv3 though, no?

No, not exactly. Copyleft and compatibility are related but not mutually exclusive. Basically, copyleft licenses have to carve out specific exceptions for where they can be incorporated into works using other licenses even if those other licenses are free software. This means that the EUPL can be incorporated into, say, GPL’d works without making the whole thing EUPL’d. The reverse is not true; GPL does not provide for any outgoing compatibility. However, that doesn’t mean you can just rub off the copyleft – note that the list of compatible licenses is explicitly enumerated at the bottom and doesn’t include any non-copyleft licenses.

3 Likes

Oooh. That’s actually really nice.

1 Like

This is a topic I was interested in when joining. I’ve been using mostly GPLv3-or-later, but I feel like the decision is mostly based on marketing (I see projects use the license and replicate that behavior). So some of my hesitation is definitely because of my comfort zone, but I’m interested in what others have to say.

2 Likes

I also like that there are lots of additional documents, such as

3 Likes

I wonder if the EUPL could be easier to enforce, given its origin.

Afaik both GPLv3 and EUPL protect from patent trolls, but only GPLv3 protects from tivoization. Tivoization is spreading in IoT devices, smartphones and similar.

1 Like

Is this really so? I know this was a topic of debate for a long time, but in my perception the dust has settled in favor of the GPL. Here are three different rulings, from different jurisdictions in Germany, that vary in details but all accept the premise that the GPL is a valid, legally binding agreement (all German of course, sorry):

As such, I’d really love to know if there are counter-examples from other (EU) countries? It would make the EUPL much more interesting indeed…

3 Likes

Ooh thanks, these links are very useful!

I have been using the EUPL for new projects, and have been slowly switching over old ones (from GPL3/LGPL3, usually). I was looking for a copyleft license in practical use, one that is stronger than the MPL, but is also GPL compatible. The license compatibility list, and the compatibility story of the EUPL in general was very, very appealing.

It’s also a considerably shorter license, and much easier to understand than the GPL for a layman. And another important part: the EUPL does not try to define what a derived work is, but defers it to the applicable law at the place of jurisdiction mentioned in Article 15 (an EU member state if the Licensor is EU-based, Belgian law otherwise). EU has - as far as I can judge - stronger guards in this regard than US, and enforcing the place of jurisdiction to be within the EU is, therefore, a desirable thing in my eyes.

1 Like

I’ve been using the EUPL for vdirsyncer (which has been my main focus these last months), and I still have my doubts about it:

  • Code can be copied into something like a GPL project, but later improvements to the code cannot be copied back.
  • Code can’t be re-used in more liberal licenses (e.g.: ISC, MIT).

My main goal is for my code to be easily reusable by others, and I’m not convinced that this license maximises easy of reuse.

On the upside, it does provide protection against patent trolls, and there is a good expectation that these protections would be upheld in court.

While it is true that you can’t copy code from an EUPL project into MIT, and be it MIT licensed, you can combine EUPL and MIT code, and the combination will be EUPL. It’s not very different from the GPL in this regard, which works exactly the same way.

This is because MIT - and most permissive licenses - allow relicensing the combined work under another license. That does not mean you can take MIT code and relicense it, it means that you can combine it with another license, and distribute the combination under the terms of that license. MIT still applies to the parts that were originally MIT.

1 Like

On the EUPL site by the European Commission it is stated that

To be valid in all Member States, limitations of liability or warranty had to be precise, and not formulated “to the extent allowed by the law” as in most licenses designed with the legal environment of the United States in mind

I don’t know if these clauses in the GPL are valid in my jurisdiction. So I guess I prefer to stay on the ‘safe side’ and use a license with more precise wording.

Interesting, made me notice the difference between the no-warranty of MIT (pretty familiar with it) and the one in the GPLv3 (read few times but way too long for careful reading).

For reference, MIT:

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

GPLv3:

  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.

EUPL-1.2

7.Disclaimer of Warranty
The Work is a work in progress, which is continuously improved by numerous Contributors. It is not a finished work
and may therefore contain defects or ‘bugs’ inherent to this type of development.
For the above reason, the Work is provided under the Licence on an ‘as is’ basis and without warranties of any kind
concerning the Work, including without limitation merchantability, fitness for a particular purpose, absence of defects or
errors, accuracy, non-infringement of intellectual property rights other than copyright as stated in Article 6 of this
Licence.
This disclaimer of warranty is an essential part of the Licence and a condition for the grant of any rights to the Work.
1 Like

Huh. I can’t comment on the legal aspect of it, but personally I like the introduction in the EUPL disclaimer. The other ones kind of come off as “if there’s a problem it’s not my problem”… and I know that most developers don’t have that attitude, we generally take pride in our work and want it to work correctly and be helpful to people (that’s the whole point of releasing the source…). And this is a legal document not a novel, but I still think it’s nice to have the friendlier introduction (there are a lot of reasons that people skip over legalese, but making the language friendlier is probably a step in the right direction).

1 Like

Yeah, I think I prefer the EUPL one, while the others feel like “our lawyers said we had to put a disclaimer” (and somehow it’s in screaming caps rather than tiny lawyer-font).
Although I wouldn’t be surprised that the GPLv3 one explicitly allows a “agreed in writing” exception for things like support contracts like RedHat likely provides.

If my non-lawyer brain understands correctly, this shouldn’t be necessary. They’re just 2 separate agreements. The GPL statement means that if I send a patch to NetworkManager (for example), it gets accepted, and there ends up being in a bug in it that costs some company a gazillion* dollars I won’t personally be held liable. But because there’s a separate agreement with Red Hat they have to fix the bug even if I’m unavailable (and they may or may not reimburse the company some fraction of a gazillion dollars).

  • I like how spell check accepts “gazillion” as a valid word now :laughing:

EUPL - a better choice for European citizens?

Even as a non-EU citizen this seems like a straight upgrade from the MPL-2.0 that I have been using for projects where linking “virality” was a concern. The fact that it closes the SaaS loophole and is published in many different languages makes me favour it over MPL-2.0 for my uses.

2 Likes

Speaking of EU-friendly licenses, this reminds me of CeCILL which has BSD-like, LGPL-like, and GPL-like variants. And ah…

It has gained support of the main French Linux User Group and the Minister of Public Function, and was considered for adoption at the European level before the European Union Public Licence was created.

I wonder how many CeCILL licensed software has moved to the EUPL since.