 Okay, I believe we are all here in one form or another. So I'm gonna go ahead and introduce the next session, which is a very fascinating topic that I think everyone's going to enjoy. We have a great group of panelists and a very talented moderator to join us and present our panelists to us. But, and he'll explain the topic in more detail, but the essential idea of the conversation for the next hour is the idea of what happens when a corporate sponsor comes into an open source project or a free software project and sponsors, developers, maybe pays their salary to work on the project. But then what happens if that same sponsor decides to start producing software or a non-free software license? And what issues does that raise? What can we do about it? What's worked, what hasn't? And so it's my pleasure to introduce our esteemed panelists for today. First, I'd like to introduce Karen Sandler, who's the Executive Director of Software Freedom Conservancy. She is well known in the tech world as a cyborg lawyer for her advocacy for free software as a life or death issue, particularly in relation to software on medical devices. Next, we have Bruce Perens, who's a very well known as the second Debian project leader and more importantly, perhaps as the principal author of the Debian social contract and the Debian free software guidelines, which evolved into something that most people have heard of called the open source definition. He's also the co-founder of the software and the public interest organization as well. Next up, we've got Andre Rebetisch from the Foundation for Free Information Infrastructure. He's an expert in European Digital Regulatory Affairs. And when he's not busy doing that, his day job is working at a German telecommunications company. Next, we've got Harris Pelé from Red Hat, based in Singapore, a very well known face around the FASAsia conferences from year to year, a FAS advocate and has a lot of experience in internet security and development, tech ethicists and an internet pioneer. We're very happy to have him in our conversation. And then finally, our moderator for the panel. I'm very pleased to introduce Roland Turner, who's the Chief Privacy Officer for TrustSphere, a member of the FASAsia organizing team that we've seen for many years around the events and a founding member of Hacker Space SG, the Singapore's premier Hacker Space. So Roland, we'll turn it over to you to introduce the topic a little bit more and start the conversation. Take it away. Thank you, Michael. So as with most questions I asked, this one's gonna be a bit big. The motivating event was the recent decision by Elastic to change the license under which they make the source code to Elastic Search available. This is not any grievance with Elastic. It is a sort of fundamental precept of free and open source software that the people who write the code write the rules. It's your enclosure property to do with as you wish, even if you object to that term, it is still the case that as the author for code, you get to decide under what terms it's made public. However, there are clearly concerns for the free and open source communities at large when something like that happens, particularly with something that's widely used and widely dependent upon. And so there are a few prior examples that we'll touch on later in the panel. So the question that I want to ask, a horrible feeling we won't get to answer it because my panelists have some really amazing ideas that are a bit broader than my question. But the question I want to ask is, what is it that should happen when an organization makes this choice with respect to a piece of software that publishes and that many people depend upon? What should happen in the community at large? And indeed what can be done perhaps to mitigate the impact or indeed reduce the likelihood the likelihood of such things occurring in the future? So those are my broad questions, but my break, sorry, specific questions. My broader interest, like everything else I've ever spoken at Fossage Regard and the fact that I'm a handwriting operator and that I work in privacy and that I work with Makerspaces and Hackerspaces all stem from a fundamental discomfort about the power imbalance between institutions, not just corporations, but corporations in particular and individuals. So I'm perfectly happy for the conversation to be a bit broader and to deal with these concerns, but I would love to have to make some progress on the motivating question for the session if we can. So what I'll do is open with an initial question to each of the panelists, carefully calculate it to help them talk about the things that they particularly want to talk about and then the rest of the session, we're rolling Q and A, including ongoing invitation to questions from the audience. And I'll start with you. In our exchange in advance, you expressed a concern that our focus should perhaps be broader than just licenses, but there's a bunch of other concerns that we can and perhaps shouldn't be concerning ourselves with. Do you want to address that a few minutes? Yeah, I'd like to. Sorry, and how it bears on my question, please. I'm perfectly happy to have my question answered, but I'm sort of open. Here's the, please tell us what's concerning you, what you're coming from. Right, I'm very much interested in larger pictures and while now licensing and the free and open source licenses is mainstream, it's like the default choice in many parts of the industry, still it does not always translate into degrees of freedom. And I know that, say, free software dogmatics, they can then quote like the four freedoms, but the question is really, does it match the contemporary struggles when it comes to liberties and even off developers? I mean, lots of developers, what are they struggling with? They're struggling with like these app store reviews of their little apps, the tight controls, exercise for these gated stores, certificates you need to buy. And well, as a dogmatist, you can say, yeah, throw away the smartphone, but not everyone wants to do that. And rather the app stores say, throw away your electron apps, we don't want electrons apps here. So where are your freedoms then? And the platform, everything is open source free software. And still you don't have access to it. You cannot use your own software on your device. And there are areas like electronics, where maybe they're also good regulatory reasons not to enable you to tinker with your self-driving cars, but still these are like the struggles ahead. And on the political side, say on the European level, there was this great discussion on export controls for software, I think of spy tools like the ones used by FinFisher, which were very prominent in the Arab Spring. Yeah, open sourcing them would not solve anything or the fundamental problem. And you already mentioned the privacy debate, where we now have commercial models of smart devices, smart phones, based on what critics call surveillance capitalism, where even all sorts of media consumption of users is being monitored. And add to that also as a contemporary debate, the whole me too question of sexually predatory behavior in the workplace of female IT professionals that struggle with their freedom to code to gather the proper respect and behavior in the workplace. Yeah, and of course always an ever commercial viability, the elephant in the room was already put on the stage, it's like elastic search now. And yeah, also the conditions to think about where like these original free software concepts emerged from say privileged environment in academia, where you have, yeah, persons in operations that already get the paycheck and don't have to struggle for their everyday living conditions. And one free and open source software, they bring a say standardization of licensing conditions. And we very much appreciate this. It's also surprising that the whole idea of say source code disclosure in general did not take up or now maybe even receives less traction. I mean, think of the debates around chat source policy, but say for a company like Microsoft, it wouldn't be rational at this stage to say open source or turn into free software, they're cash called products like Microsoft Office or Outlook, which would make sense for other reasons. And we also have like the trade debate now where we have, they're like in these e-commerce chapters, provisions against source course disclosure, mandatory source disclosure by the state, which maybe is a very good idea, but yeah, still we have like these provisions against it. A good survey of the broader concern and I hope we'll dig further into interventions that are broader than just licensed language. Cause I, yes, I think that you've said quite well that the, I'd really dislike the term privilege because it tends to be a priority but certainly the very fortunate group who gave rise to free software and later to open source necessarily aren't suffering the same concerns as half to two thirds of humanity. So there is a scope to broaden that. Karen, I had a perhaps a more concrete question for you on something other than licensing, but still loyally. And so I quite like your thing you're working on, which I must confess I hadn't actually heard of. So please talk a bit about it again, just a few minutes to get us the audience a sense of where you're coming from. We can't do it for justice here, but please. I want to, but I have to talk about, I have to answer the bigger question first. I hope that's okay. And I want to tie it into what Andre said, which is, I think that traditionally participants in the free and open source software communities have had a lot of privilege, they've had a lot of power. And I think the promise of software freedom was that we were going to democratize technology, right? Like what, but software freedom was going to give people the opportunity to customize software wherever they were and to wherever they are to make it, I could customize the software for my heart device so that it would be okay to be pregnant with a heart device, right? Like the promise of software freedom is that we have that power and that we're going to bring that to everyone. But in actuality, we haven't necessarily done that. Software freedom hasn't necessarily democratized technology. And part of the reason why we haven't done that is that those of us with our privilege have not leveraged our privilege enough in order to make sure that what you described never happens. And we can make sure that it never happens if every free and open source software developer that has the power to do so insists on certain things in the project and the technology that they contribute to. And that goes across the board. One is, you know, copy left really goes a long way in this. There's, you know, there are a lot of, you know, details to that, but copy left, certainly strong copy left license really helps making sure that a project has good governance from the outset, that there's a real level playing field. If you like avoid aggregating copyrights because a company that doesn't have all the copyrights can't pivot with their license in the same way. And if you must aggregate your licenses, you know, then do so in a nonprofit that reflects that good governance that you established earlier. You know, so there are all of these ways that we can help keep companies in check. And we should, we also should take a much more holistic approach like Andre is suggesting. And that's one of the reasons why I co-authored a declaration of digital autonomy with Molly de Blanc, which is just a first draft, but I'll drop the link in the chat for anyone who's interested for taking feedback now, where we must, you know, talk about how all of these like software freedom is necessary, but it is not sufficient. So, you know, I think there are all of these ways we should never allow ourselves to be in this position because we have the power to make sure that companies behave in a way that we find acceptable and where we've been able to exercise that power, we've avoided some of these worst case scenarios. Now, another way that I think that we can leverage that privileges on an individual basis, and that's what Roland has tipped me off to say, which is that I'm working on an initiative to help developers, better contributors, better understand their employment agreements because when you're on their way into a company, you have an opportunity to negotiate that agreement. A lot of people don't know that. And when you do, you can put things in your agreement like I, you know, as part of my job, I will be working on free and open source software only or I get to keep the copyrights of my contributions. It could also be much smaller than that. Like I get keep the copy, I own the things that I work on outside of my employment, which unfortunately is not the case everywhere. And so these agreements are almost always somewhat negotiable and people don't know that. And so contract patch is an initiative where we're literally writing patches that you can ask for in your employment agreement, but also just to help people better understand those agreements so that they can negotiate it. And while we're in that process and haven't published anything yet, I have lost count of the number of developers who have said that they have managed to get all of the things I just named in their employment agreement. Not everyone has gotten everything, but many have gotten multiple provisions included. So that's really encouraging. I think it's brilliant and I suspect for reasons that I hope to get back to during this panel that you may have picked up on something much larger than you've realized, that Western society has been here before and the consequences were spectacular. So I think there's reason to push that. Self-realizing might almost end up being a footnote compared to the consequences of what you're describing. Bruce, you are pursuing something quite ambitious. I might even say heretical and we simply don't have time to do it justice properly here, but I would invite you to express at least two things that I think might help the panel and audience understand where you're coming from. The first was in an email to me, you offered a resource extraction metaphor that for me immediately transformed how I understand what you're working on. I got it in one go. But secondly, you might, very high level, just describe the thing that you are promoting. We'll get back to some of the details, but again, take three, four minutes now to suggest for those two things. Well, let's talk about the resource extraction thing because I don't think the audience understood that. And what that is, is the way that business approaches open source is from the paradigm of a resource extraction company. So these would be companies that mine or cut down the woods to make lumber, et cetera. So they have a public resource. It's not one that they own, which they harvest and they do the PR. So you'll notice that, for example, the Linux Foundation is pretty much the main entity speaking for open source. And when I look at the list of the steering board of that organization, I see the most exploitive companies of open source steering the organization, some of whom were, for example, infringers of open source licenses, some of whom actually work against the open source community in government and standards. For example, the Qualcomm guys on the Linux Foundation board works for royalty bearing patents in standards when people like myself, others from the open source initiative are representing open source or attempting to on the same organization and saying, we need standards that don't have patent royalties in them. So there's this big tension. So we need to stop the loggers speaking for the trees. We're the trees and those companies are the loggers. Now, the other thing I want to talk about is let's evaluate our mission achievement. And Karen sort of touched on this when she said, you know, we don't serve the average person. We really don't, we don't fulfill their needs. We have not liberated them from these exploitative companies, et cetera. What we have done is we have achieved the goals of business for open source. We have not achieved the goals of people. We have not served the people except for maybe 5% in all the world. And from that perspective, open sources of failure. And when I say open source, free software open source, same thing. And so I think that we've done a great job for the business world, but we need to pivot. And one thing we should be considering is the initial announcement of the GNU project went out on news net. There was no internet. I was at work and I read it. This was in September of 1983. So we've been working on the same thing for 37 years. And we should have learned more by now. Consider there were no cell phones. A car phone took up most of your trunk. The most complicated input device in most people's homes was either a dial or a touch tone pad. There was no, you could not have thought about Amazon eating the lunch of elastic. And we are still working with the paradigm of 37 years ago. And we need to consider, well, what were our goals back then? And why are we not achieving them? And what comes after open source? Because maybe it's time for something to come out after open source and free software. And that doesn't mean we abandon them. What we do is we preserve them and we preserve the promises of free software and open source as they exist today. And we provide those developers a way to transition through dual licensing into a paradigm that doesn't have Amazon eating your lunch, that gives freedom and free software to the people we most need to serve who are individuals, not the richest companies in the world, that sometimes charges the deep pocket companies for things. And that also charges for some abusive uses. For example, embedding our software in digital rights management and performing our software as a service without adding additional value. These are the abusive uses and some of those developers should be paid for them. And if they were paid for them, they could focus more on helping the average person because they'd have the money and the time to work on the average person's needs and the motivation. And that doesn't exist for now either. We mostly write software for each other rather than for everyone else in the world. So I have a paradigm I'm working on. It's called post open. And there's a program on YouTube under my name. It's just the first step. Let's come back to concrete steps and mitigations. I think the stage of your panel. Say again? Say again? I'd like for the entire rest of your panel. I know. And as I said, even before I had approached all four of you, I had enough questions to operate for hours. So we will have plenty to cover but I do specifically want to get into mitigations. So I will come back to you on some more concrete details of what you have in mind later in the panel. Harish, you have the distinction of being the only panelist who has not turned up with a specific program of change to propose. But you also have a very long involvement in corporate engagement with patents or something, particularly within Red Hat. And I understand you're not speaking on behalf of Red Hat today. Where would you like? You've got a lot of white noise in the background. OK. I'm not sure what I can do about it. Oh, well, I approved it. Yes. That's good. Is it better? OK. Would you have a place you like, including my question or as you wish? OK. Can you remind me what your question does now? So I'm confused of which one I object. OK. So the question that might have added to the panel was sort of what sort of things should happen? I don't mean what should Elastic do or what should Amazon do or what should anyone else do. But how we would like to see what are essentially economic relations happen in the event that a major contributor to open source or to one major project decides to cease. We accept the right that they have to do so. But what should happen in the rest of the community to perhaps deal with that? And perhaps what should happen to reduce the likelihood of future changes or to mitigate their effect? Yeah. Thanks. There's a lot to it. The three predecessors, they have spoken quite a bit about it anyways. I guess I'm in a place with a group of people and with a business that is sort of smack in the middle of a lot of the things that is happening. And what we are trying to navigate is the choppy seas of different pools and pools or pushes and flows of interest and trying to be as honest and true to the open source ideals, everything that we could do to be staying on track. Because so if I take Elastic as an example, as something to talk about, the challenge with any of these things at the end of the day is that a dependency grows up in a particular set of technologies. And the dependency is now based on, as opposed to, there are two types of projects. One is like an example of OpenSSL. OpenSSL was essentially a project. A few people initially started. It grew up and got in a lot more people and then started to peter out because it reached a level of stability and everything was happy until something happened. Then everybody scrubbed out and figured out and made something happen. Now there wasn't a corporate entity behind it from that perspective. So that's one type of a project. The other one is Elastic and all those who have done the same kind of twists and turns in terms of licensing and SSPL and so on. So there is this sense that when something becomes too large, no matter whether it's a proprietary company or an OpenSource project, it becomes too large to fail. That's when we have a problem. And I think that's where we are in some of these projects because they are both a project and a corporate entity and that's part of the bigger problem. So from a red hat point of view, speaking as a red hacker, not necessarily speaking for a red hat, we face this every single day. How do we make sure we are always honest to the goals, the full freedoms of SSF and yet try to generate a business that is accountable to the customer? So it's a very, very fine line and it's not easy. I've got no easy answers to this. It's a lot of work, a lot of effort, a lot of understanding and talking to people. And then there will be those who come with a, what about this and what about that? That distracts everything. Let's focus on what we're trying to achieve and move forward in that direction. I cannot handle what about this and I walk away from that. I highlight it to them. That's not what we're talking about. Let's talk about just specifically this. How do we do this and are we doing it to the extent that we claim that we are doing and what everybody in general agrees, yeah, that's about right. And everybody can see it well and say, yeah, you're being honest about it. The model works well for companies that are committed. But the fear is, of course, that most aren't and even those who start out sometimes change their minds, as we've seen. Which is legitimate. Yes, I thank you. I hadn't thought about applying the too big to fail metaphor, but that, of course, is exactly why it's a concern that once someone gets bigger, the fact that they have the power to make the change gives them leverage out of people that you might reasonably regard as unjust, even though their individual choices are perfectly legitimate. So that's a freaking problem. Right, so now I'm going to address the audience for a moment. This is a 55-minute session. A lot of other sessions tend to run for sort of 50 or 45 minutes and then have a sort of Q&A session jam on the end. One of the joys in running a conversational panel is we don't have to do that and therefore we're not going to do that. Audience Q&A starts now and runs for the next 29 minutes right up until the end of the panel, which is 29 minutes from now. So what I am going to do is maintain some sort of nominal agenda and spend roughly 10 minutes each on the objectives or the values that we're pursuing, the risks that we are concerned about, and then finally the mitigations, the measures that we might take to strengthen it. What I'll try to do is reserve more time for the latter because I know that Karen and Bruce in particular have quite substantial things to say on the latter. So the first question that is really, it's a follow-on for the opening, where you're coming at this from, it is what are the values or the objectives that you see as important for free software, open-source software, or indeed post-open software? Karen. You caught me while I was taking a screenshot to show off that we're having this awesome panel. So hit me again with the question. I was just about to comment on how great you're doing moderating. Do you just push one button to take a screenshot? So the first of the three sort of general phases I want to take the panel through is objectives and values rather than specific risks and specific mitigations. What are the good things that we're here about? And I'm hoping this is slightly more concrete than the opening statements. Where do you concretely measure if we can? What do you think we would like to achieve in the next year, five years, ten years, whatever? Yeah, I think that we're at this inflection point in the free and open-source software community where we realize we are seeing our early success as Wayne and we are wondering why we have not succeeded as much since then. And I think that a lot of it has to do with the fact that I don't know how to put this in a super nice way, which makes me feel a little uncomfortable. But I feel like a lot of people who were passionate about software freedom saw the promise of it. People who contributed as hobbyists and as idealists and then they got jobs and they were in this happy spot. Yeah, yeah, this happy spot where they felt like they could work on the thing they cared about and get a good salary and get paid on it and still push forward the thing that they cared about. And what happened is that so many of those people wound up making small compromises over time and didn't recognize the fact that the interests of their paycheck were not necessarily the interests of the ideology. And I think we're now at the point where it's simply plain that we can't reconcile those two things all of the time. Like we could never... Can you say concretely then which some objectives that we might sort of lift back out of the mud and rethink our compromises on or abandon them? Yeah, we need to go right back to ideology. Like people talk about sustaining open source, but I have never... And it's important that people be able to survive and it's important that maintainers be able to stay focused and make a salary. I agree with those points, but ideology as sustainability is extremely powerful. So at Conservancy we hire dozens of developers to work on our member projects every year. And then we also hire around 100 interns every year to work on outreachy projects. And having people who are paid through charitable nonprofit to work on their free software project is a really powerful thing because the interests that those developers or those contributors, because they're not all developers, are working for and the ends that they're working for are in the public good. And because they're being paid through a charity, they can't make as much money as they might make through a corporate actor. But the roadmap that they're working on is established by everyone and it is to make the use of that technology better over time for all. And so it's a different way that we can start thinking about it. And I'm proud that we've been doing that within Conservancy. I think we mentioned a whole bunch of things that I'm working on that are very pragmatic. There's contract patch. There's also ethical organizations. I think it's been very powerful to see what's happened at Google with their organizing. And I think that when I was in college I was sworn into the order of the engineer, which was actually started in Canada, but I went to undergrad in the United States. But I swore that I understood that I had an ethical obligation in my engineering work and that lives were at stake. And I think that if we had ethical societies, ethical obligations, if we thought about the ultimate, and I'm talking of platitudes again, so you asked me not to do that. But actually, I think you've stated something quite concrete in the verbiage, which was that it is specifically desirable that we have a larger, ideally much larger number of people who are working on stuff that is explicitly ideological, mission-based, there's a few different ways it can be stated, and that their income is structured around pursuing that objective rather than the sort of investment machine mechanism that typically venture-backed, but probably four-part corporations are built to do. I hadn't thought of it in quite those terms, but that's a really important answer. Rather than letting something happen alongside, do it more of it. You might make less money to do that, but it serves the public good and it's easier to sustain over the long run. You're not raising as much money and then you're also broadening the base. So I always say, see where the money is coming from, right? You look at all of these organizations, I put in the chat the IRS search entity to take a look at where the money is coming from in these organizations and how it flows, and you can see that organizations that are set up around this kind of model have really good public support. They are getting small donations from a lot of individuals and it looks different. The motivation is different, and if we can employ a lot more developers in this mechanism, we'll start to see some really interesting things. I love people suggesting things I had never even thought of. This is fantastic. Andre, again, I'm asking more about objectives than mechanisms at this time, although to the extent that they're inseparable, it's fine. What are the values that you want to see elevated or the objectives you'd like to see pursued over the next, let's say then it's okay. I'm afraid I cannot compete with bogus and trees. That's a wonderful metaphor. And also Karen shared a nice manifesto. Of course, there are lots of manifestos and I think there should be a thousand flowers of ideas that people bring forward and they cannot be fixed catalog. So let me share a kind of positive view or a positive perspective. Yeah, I'm trying to bring up an iceberg, a positive one, not the one that is organic. And I would like to stress that the focus on post-licensing conditions is sometimes a bit of a tip of an iceberg. And when we consider the larger, the unregulated, the non-codified ecosystem that characterizes typical free and open source software development environments, we get lots of things that were not regulated, that were not prescribed. Very simple example. Licenses as such do not specify that you ought to have a public bug tracker. I'm working in a commercial software company. Yes, we have support, but we don't have a public bug tracker that anyone on the internet can read. And licenses do not specify that anyone can download the code. Even free software license, they don't say you can download everything from the internet. It just happens. Or even check out the code history. Several providers as an option, as an alternative to providing free licensees, but yes, very few are saying... What was it? Originally it was more in the GPL, even more this shareware model you can get some copies of the code. The requirement initially was that you had to either provide the source to licensees or provide a binding offer to provide it on request, which mattered when it was CDs and mailed around. Or indeed, later licenses, possibly including GPL3, a number of them specifically talk about it's a adequate discharge of the obligation to make the thing readily available in a public place via conventional means for download. Those kinds of words. But it's only a couple of licenses that do that. It's not universal. If I'm hearing you, what you'd like to see quite apart from mechanism is that by one means or another the kinds of things that all look and feel to us like a well-run project that we can find the people, the documentation, the bug tracker, the source code and source history, the design documentation, the on ramping for beginners with simple bugs, all that stuff that there is... This is a worthwhile thing that we should seek to promote somehow. Is that a reasonable paraphrase? I would say even where companies move back from a more restrictive to a more restrictive licensing model often this kind of open development environment remains. It's not prescribed. Of course you can also do free software in a different environment. It just naturally emerges that you have this openness, that you have mailing lists, that you have contacts, that you have forums, etc. etc. Especially when the code gets free. If I just go back to this elastic search issue, of course they're changing the licensing model now for commercial reasons, but I mean, folks are in discussion. I know at least that was discussion to put it in the Apache foundation or the CNCF. No, the discussion. Amazon was done. Maybe other organizations would emerge, say the free elastic foundation. In Berlin, we have the document foundation that took Libre Office, although the Apache foundation already had taken over open office under the stewardship, I think mostly of IBM. We have these very successful models, but of course there's a discussion about making money with open source to have something sustainable. But in the case of elastic, it's like I think 430 million per year annual business, so it was 4 or 5 million. You can set up a very nice business case for a foundation that continues under the legacy license. I think you've come up with something quite clever, that in the same sense that some licenses oblige public disclosure of source up front. There's also, it's not quite clear how to say it or how to do it, and even where the license is the right tool, but also this it should not be the case that a licensee can, particularly a for profit licensee, can comply by doing a periodic obscure source dump. Go back 20 years, IBM's Java CC they got dinged because they were publishing Java code for their Java compiler compiler, but the Java code was not source code. It was machine generated from a high level language, the compiler for which they were not publishing. And so here's our open source Java compiler compiler, but you can't modify it or you can, but we're just going to trample it with our next updates. And this is what GNU GPL calls the preferred form for making modifications IBM hadn't shared. So it's a broader form as it's the same observation that if we can establish norms maybe even licensee complications to ensure that the community can't be have the right yanked out from underneath it, which is the usual shape of it where the corporation has all the developers the main contributors on payroll then we limit the harm and I suspect they will limit the temptation so it works both ways. Bruce you actually listed a number of obligations I didn't quickly, not the number of objectives I didn't quickly list them, but I care to remind us. I'm sorry I didn't get the question at all. Oh sorry, this sort of phase and I'm trying to get a sense of what the values are either broad values or concrete objectives. Okay to pursue, I know another can up in your opening comments perhaps you could remind us. We need to serve the normal person out on the street, you know, who's not a hacker and so far we've really failed at that and I think that it's fundamental to serving that person that the people who serve them have some way of supporting themselves in feeding their families and making free software and obviously we don't want to say well here little guy you have to pay for the software so that I can feed my family we want to give those folks freedom. However when you've got the biggest most hungry deepest market companies who are making money from free software I mean everybody builds their infrastructure on free software. I think there should be a couple goals where they are concerned. First is that they be able to use the software second is that compliance be much easier if you've actually done open source compliance in a company it is a nightmare and what I would like it to be is that you write a check once a year and you send it off and that is compliance and well how do we do that well we can tell what software are you using we can do that technically you don't really have to tell us you can run a program and it will tell us and we can using that divvy up that check that you've sent among the developers your software that you're using and do that for very many people. Now what should we charge this is all stuff I'm still working on but what I'm thinking is that if you collect funds from an end user using the software you should pay 1% of those funds and that 1% goes for all of the software that's under the post open license and the way it works is if you're an open source developer and you do a license under this license and there's other software that's only under the post open license the license choice is made for post open for all of that software and the result is that companies have to pay the open source developer even though the software is still available under an open source license if they also want to use the post open software and so there's some getting over the hump where this is concerned because obviously you have to have enough software that it becomes desirable for business to buy into this covenant now I've been in the field with this with dual licensing there are ways to facilitate that there's a very real value there that you've brought up that I haven't thought about which is compliance that if you're able to solve the problem or a large chunk of the problem for corporate compliance people that's real direct monetary value they would pay real money to not have that problem potentially the money that I'm talking about I mean I have been for 20 years consulted in this area and I build $7.5 per minute working on this for people so it is expensive and so another thing that I would do is there are two kinds of what I'd say are pernicious uses and one is where you perform the software and you don't add value and the other is digital rights management those two would not be 1% they would be 10% and once you pay you can integrate with proprietary software so the biggest thing that these companies want to do which is to have their own differentiating value protected they can do and we need to think about the exchange of value how do you exchange value in the free software community you improve the software thus you are exchanging software for software there are some people who don't want to exchange software for software let's give them the chance to exchange money for software and that will pay us to make more software that we can exchange with the other folks so you pulled out a few things we had nine minutes there's a really big one which is that we as a community need to be serving people on the street who aren't cutters we monumentally failed to do that and for that reason we are merely riding on the back of software in the world we haven't really thrived as a body of people that serves society although today I would like before I die to see the free software community serving the average person I think that's a reasonable goal for the rest of my life I think that's a fair goal for most of us there's a bunch of others there that I will refer to later on but the other big one that you've called out that I hadn't thought about in quite those terms is to help corporations or to allow corporations using free and open-source software to sustain the separation of their differentiating efforts the effort to differentiate them in the eyes of their customers and this dovetails nicely with the observation that what free and open-source software really good at have really excelled at is the non-differentiating element of technology that's used in the back room the servers to plumb everything other than the piece that customers can see on the basis of I think it's a really the emerging economic paradigm of open-source it's 14 years old now emergence is an ongoing task we're down to eight minutes Harish particular values or objectives that you see is important over the next decade or two the rest of your life if you wish I think that's a reasonable plan yeah I would echo what Bruce was saying I would love to see us do this as a societal objective that everybody benefits from it but there's this nagging thing in the back of my mind which was something that I read many many years ago and the title of that was called Eye Pencil it's basically a pencil telling the story of how it was created how none of us on this panel and I don't think anyone of us that is watching this knows how to make a pencil what goes on to make a pencil the word, the graph it's a the ferrule and the rubber and the ink and whatever that needs to go in to make a pencil so likewise the software and everything that we depend on is built by somebody else just how it is but if I don't have a means to have some sense of understanding an ability to navigate that space and also to be able to figure out how can I contribute this is the real problem because every time I have conversations with people not necessarily from the IT industry they ask me about software they say oh you're from the IT industry can you fix my computer why is it that they can't do that why is it that they there's this huge problem no I don't know what to do it's not mine somebody else do it for me so that's where the problem is I get that one unbelievably we're down to six minutes so we want to get into mechanism and I have a specific question for Karen Jonas do you mind turning off your camera please Jonas thank you hi Jonas but I did invite and we have received questions from the audience so Michael's question actually is related to my question to Karen just an open one to the panel a sort of social observation in Tyrand having political parties involved in FOSS seems to caught controversy as there is a stigma associated with political parties and politicians is that the case in other parts of the world any panelist who would like that one come on Harish you know you want to talk about what would happen if GAP was running an open source program no it's fine I mean just from a national perspective I ran in last year's similar general election in a different alternative party and I did help with the current incumbent subsequently won the elections before the elections in doing some stuff around the contact tracing app that we have on the mobile phone to make sure that that particular thing was open sourced and it's available on github it's on a GPO version 3 license and so on fortunately there isn't any negative connotation to doing stuff that way so I think that is a positive so I would say for the person who was asking the question I think it's Mishari I think we need to have a conversation if there is a possibility to have a conversation with the folks in Thailand who have this challenge thank you finally I'll ask a two part question to Karen and with him pretty much at a time the question from in fact our emcee Michael do we near mortals as individual employees have any power in the equation as to what our employers ask to do with our open source work and my half of the question was more to look at what happened during the late part of industrial revolution when there was an unprecedented shortage of semi-skilled labour and that gave rise to labour unionism which then was the engine behind the largest change in human rights in human history I'd suggest that it's probably too much to ask the programmers of the world to do the same thing again but it also occurs to me this might be quite as crazy as it sounds Karen where are you on this at Middle East grandiose view no I'm right with you first of all I think the moment that we're at right now is unprecedented right I know we're talking about how Bruce has mentioned quite a lot about how we're not doing regular people or non-developers and I think this is the first time certainly in my lifetime that everyone understands what technology the importance of technology after all these years of working in free and open source stuff or finally those relatives that I see at my family functions are saying you were really onto something I thought you were really annoying that you made some really good points and I stopped using whatsapp or I stopped you know I'm going off facebook and you know I don't have the right answers right now to say like here are your alternatives that are perfect substitutes but alternatives that you will embrace and enjoy and will serve your needs but we have an unprecedented opportunity to create those like the very fact that big blue button right now that we're on is so good that I can easily provide alternatives to zoom for every single meeting that I am ever asked to do is a huge triumph and so I think we're at this real inflection point and I think that at the same time I think developers are realizing that there are consequences to the work that they're doing and that they have a responsibility to make sure that the technology they work on is not part of the problem and that they're not forwarding the dystopia you know that we're past finding ourselves in and so I think I don't think that it's too much to ask for us to start an ethical movement amongst developers I know that traditionally it's been extremely alienating to say please make software freedom or the principles of open source software or whatever it is however it is we want to talk about it that it's been somewhat alienating but now is the time because there is a real security argument for it and it's tied into all these other issues it's time for us to not be siloed anymore and it's time for us to speak up for the ethical nature of our work and the way that software freedom fits into that software freedom, free and open source software is not necessarily better, safer or more ethical but it gives us a chance to be better, safer and more ethical and so I don't think it's I think you're absolutely right Roland when you tie it to other labor movements and I think this is our time and we can do it. Thank you and I suspect that you're right we have landed right on five minutes to the hour at which point I am required to give the room back Michael are you still are you still with us while we wait for Michael to appear huge thank you all four of you even despite the fact that I talked to each of you beforehand this ground has covered this talk has covered ground that I hadn't anticipated, hadn't thought about it is great to have panelists who can think beyond what I can wait a minute I've just been told that the MC is off duty and it's all me which creates an interesting problem which means that we could thank you Roland thank you so much for moderating this panel you were excellent it was a really fun discussion thank you Roland ah thank you can you see us can you hear us yes loud and clear yes I'm really thrilled to have the panel here today and I just want to address my appreciation to all the panelists and I want to shout out to Ruth and Karen because it's difficult for you with the time zone but you still make the time to come here I know for Karen it's only two in the morning thank you so much and also for Ruth very late in the evening I really appreciate that you take your time to come and connect with the community in Asia I don't know how many thank you but I really appreciate it thank you so much for making it even the challenging of the time zone and of course how it's under a very interesting conversation Roland thank you for putting this up so we have everything recorded I have people asking already for the video I will share with them at the end of the day and then about a week after the event we have a video of the session I will send it to your email thank you very much what can I say you already said all the thanks we understand that we definitely appreciate it and it's a very important conversation I think there are many more points to add and we definitely need to continue in this exchange I think the important point was that free software and open source is like a lot dominated by some large companies and even Red Hat brought up this point thank you very much I think it's very important and many other concepts we said so I appreciate it and greetings so let's continue one final comment to all four panellists there were some questions in the shared notes section that we didn't quite get to if you would like to spend a few minutes peering at them perhaps commenting in front of my official