Minutes, APAS as a guerilla tactic for liberating proprietary software

[Bradley M. Kuhn]

Joseph Turner wrote at 16:04 (PDT) on Monday:
> Most of the discussion about licensing and CoPilot that I've read is
> concerned with proprietary APAS being fed FOSS input and producing code
> which is then licensed under some proprietary license.

Can you share some links to where this was discussed?  I admittedly haven't
seen that discussion.

In fact, as I wrote in my essay on CoPilot
<https://sfconservancy.org/blog/2022/feb/03/github-copilot-copyleft-gpl/>,
we specifically asked Microsoft and their attorneys: if their position is
that what their APAS does is completely reasonable and permissible — why did
they not feed all Microsoft proprietary software as inputs.  Microsoft and
their GitHub subsidiary continue to refuse to answer that question.  More on
the implications of that are below.

> I'm left wondering about the opposite situation. What are the ethical (and
> legal) ramifications of APAS being fed proprietary input and producing
> code which is then copylefted?

This is an interesting question, but this does push us again toward that
question of “what's the legal outcome?”.  I appreciate that you're asking
about software rights morality first.  I'm going to talk only in therms of
morality here, as I think that we should leave the legal question aside for
now — lest a legal conclusion influence our conclusions about morality.

 * * *
 
One of the difficult moral dilemmas we face (as I also wrote about in my
“kickoff” essay) is that Microsoft's GitHub has first mover advantage in the
Court of Public Opinion; their amoral (but disingenuous) views are already
incumbent.  Specifically, Microsoft's GitHub has opened with a position that
they can do whatever they want and they are not accountable to anyone in the
FOSS community (or the software-writing community at large) for their
behavior here.

So, this debate (and its ethical implications) start from an unfair and
unequal place.  Microsoft and its GitHub subsidiary are not willing to have
a moral and ethical debate about whether what they're doing is moral —
rather, they have acted completely entitled throughout the process, and
dismiss anyone who raises concerns.  They are behaving amorally, and it's
tricky to analyze the morality of behavior that is amoral by design.

In this sense, it's like the entire tradition of proprietary software
companies: they don't believe in fair play when engaging with FOSS
communities, while we (software freedom activists) usually go through
contortions to seek to act honorably.

That said, I believe we're lucky that there are very few bad actors on our
activist community. (e.g., it's a very rare occurrence that someone breaks
into a company and liberates their secret source code onto the Internet.)
But, precisely because we (activists) don't “play dirty” (as proprietary
software companies do) leaves us at a political disadvantages in situations
like this.

That context makes me recoil from suggestions like this …

> The culpable deniability of AI which is used to circumvent the protections
> offered by copyleft licenses could conversely offer a guerilla tactic for
> liberating proprietary software.

… as that feels morally equivalent to me of breaking into Microsoft's
servers to “liberate” the source to Microsoft Word onto the Internet.

It's been a unwritten principle of software rights advocacy that we'd never
do what Microsoft's GitHub has done from the start here — disingenuously try
to take unfair advantage of the opposition.  For example, FOSS activists
rarely push reverse engineering boundaries; we usually stay much further
from the line of violating proprietary licenses than we necessarily needed
to.  In short, FOSS activists almost always behave with decency and fairness
in our efforts to eradicate proprietary software.  We know well that
Microsoft does the exact opposite (e.g., they call FOSS activists
unAmerican, say that we're spreading cancer on the software industry, etc.)

So, while I don't (yet) have an answer to your question in my own mind, I do
have an opinion regarding equity and fairness in the situation.
Specifically, I believe that whatever we believe the moral implications are
of using other people's code as input to Trainers, those moral implications
and outcomes should be consistent.  We should *not* response to Microsoft's
GitHub's disingenuous behavior with disingenuous behavior of our own.

If Microsoft's GitHub actually *is* morally correct — i.e., that they have
absolutely no moral obligation to anyone for what their APAS does — then
that moral (non-)obligation should have parity between proprietary software
and FOSS.  The logical conclusion is that their Model *should* be Trained
with all the proprietary software in the world *as well as* all the FOSS.

IOW, the moral implications (whatever they might be) must be, IMO, the same
for all sides.  Either: (0) if it *is* morally wrong to take people's
proprietary code, ignore their terms, conditions, and licensing, and run it
through your Trainer with no consequences, then it should be morally wrong
to do that with FOSS, too.  (1) If, OTOH, it turns out that we decide (as a
society) that it's morally acceptable to take all the FOSS in the world and
run it through the Trainer and have no obligations of any kind to anyone for
doing so (i.e., Microsoft's GitHub's current position), then we should
insist that the systems be Trained with all the proprietary software known
to humanity, too.

Furthermore, if (1) is shown to be morally right, we *definitely* must
acknowledge that it cannot be fair without major policy change.  Namely,
since FOSS is (more or less) by-default publicly available, it means APAS
creators have easy access to source code.  Such access to proprietary source
code is logistically and legally harder.  As such, if we decide what
Microsoft's GitHub has done with their APAS *is* moral, then the fair and
equitable policy change on which we must insist is that *all* software
source code of all kinds (proprietary, FOSS) be made available to anyone who
seeks to make an APAS so they can Train on all known code to humanity.

To be abundantly clear, I'm not concluding that (0) or (1) above is morally
correct; I'm admitting that I'm not jumping to a conclusion about it.  What
I'm trying to describe are the downstream moral implications of the two
possible outcomes.

> I hope your wrist is better.

The wrist is fine now; it's the knee that's the problem — but fortunately I
rarely use my knees for my job as a FOSS activists — at least during the
pandemic. ☺

-- 
Bradley M. Kuhn - he/him
Policy Fellow & Hacker-in-Residence at Software Freedom Conservancy
========================================================================
Become a Conservancy Sustainer today: https://sfconservancy.org/sustainer