How Are Companies Dealing With The Negative PR From Open Source Rug Pulls?
How do companies deal with negative PR in the first place?
Advertising is powerful. With the right presentation, public opinion can be shaped. There are courses dedicated to teaching this. Innocuous naming is one of them.
For example, HashiCorp switched its open-source products - including the popular TerraForm - to a "Business Source License", with similar restrictions. I already went over why this is a slap in the face to every volunteer that contributed code to the project.
And now Sentry has come up with a "fair source" license, which is also being adopted by GitButler.
What Are All These New Terms?
The idea behind all these new fancy licenses is that the companies want to retain the ability to have the public improve the monetised product, while taking away the public's ability to create a monetisable competitor.
To be fair, both Business Source License and Fair Source do stipulate that the published software be released to an open source license after a specified period of time. For Fair Source, it is 2 years, while for Business Source License, it is 4 years unless specified otherwise.
So why isn't this open source? For one, the definitions in the noncompete stipulations are fuzzy. Secondly, the fact that the license holder is the only entity allowed to monetize the code means that the freedoms do not apply easily, and thus violate the Open Source Initiative's definition of open source.
Then there is the problem of the license being controlled by a single for-profit entity. What's to say they won't come up with a more business-friendly and less open-sourcey version tomorrow, which will be promptly adopted by everyone using the current version. And when there is a risk of the license holder changing the terms of the deal on you, how different is it from a proprietary license?
Another reason I believe that these new terms are more of a branding exercise than a game-changing middle-ground between open source and proprietary licencing is that we already have names for this. A product which makes its source code auditable but not reusable has had a few names for a while - "source available" or "public source".
Okay, But Business Decisions Are Always Evaluated On Company Value, Right?
Rachel Stevens, a senior analyst at Redmonk, looked at the following companies that moved away from open source licences:
- MongoDB, which went from GNU Affero General Public License to Server Side Public License
- Elastic Co. (owner of ElasticSearch), which went from Apache 2 to Elastic License
- HashiCorp, which went from Mozilla Public License 2.0 to Business Source License
- Confluent, which went from Apache 2 to Confluent Community License
Of course, a sample size of 4 is not very large, and there are many confounding factors at play. None of these companies are profitable yet, so their valuation is only determined by their potential for profits. However, with that in mind, what did we see from these companies? The rate of revenue growth did not change across the license switch.
An oft-cited reason for open-source rug pulls was that the developers of the software were unable to sell hosted/managed instances of it because cloud providers swooped in with their economies of scale and capture all the value, while giving nothing back to the community.
Six years after MongoDB switched its license, cloud providers remain as profitable as ever, while MongoDB itself is not yet profitable.