Todd A. Jacobs | Pragmatic Cybersecurity<p>Have the open source and open data communities, including organizations like the <span class="h-card" translate="no"><a href="https://mastodon.social/@eff" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>eff</span></a></span>, <span class="h-card" translate="no"><a href="https://mastodon.social/@creativecommons" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>creativecommons</span></a></span>, or the <span class="h-card" translate="no"><a href="https://hostux.social/@fsf" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fsf</span></a></span>, given any thought yet to updating various <a href="https://infosec.exchange/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> and other licenses to address the current <a href="https://infosec.exchange/tags/SaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaS</span></a> problem of code or data that isn't necessarily being "redistributed," allowing these companies to dodge the obligation to contribute changes back upstream? How about the privatization and unauthorized commercialization of material licensed under the <a href="https://infosec.exchange/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a> and <a href="https://infosec.exchange/tags/FDL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FDL</span></a>, <a href="https://infosec.exchange/tags/CreativeCommons" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CreativeCommons</span></a> licenses, and other open-license content that is often scooped up regardless of licensing into <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/datasets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datasets</span></a> that are then put behind <a href="https://infosec.exchange/tags/paywalls" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>paywalls</span></a>?</p><p>To me, this seems very similar to the <a href="https://infosec.exchange/tags/Tivoization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tivoization</span></a> problem that led to the evolution of <a href="https://infosec.exchange/tags/GPLv2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv2</span></a> to <a href="https://infosec.exchange/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a>. It seems wrong that <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenAI</span></a> or <a href="https://infosec.exchange/tags/GitHub_Copilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub_Copilot</span></a> can profit by putting licensed code, writing, or other data into a walled garden where even the original contributors that they rely on are charged for access.</p><p>I'm <em>not</em> anti-business. If these companies were at least making the data sets freely available, there's nothing intrinsically wrong with making value-added profit off of properly-licensed data, although examples like CC-BY-NC 4.0 are a notable exception that should also be considered. Companies like Canonical, Red Hat, IBM, and others have been making money <em>legally</em> off of open source software for decades.</p><p>Just because the label "AI" is slapped on something doesn't mean that companies should be allowed to ignore copyrights or licensing terms. If they want to do that, and licensing or requiring free access to open-content data can't prevent this land-grab, perhaps its time we collectively revisit the whole framework around <a href="https://infosec.exchange/tags/intellectualproperty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>intellectualproperty</span></a> that currently allows corporations like <a href="https://infosec.exchange/tags/Disney" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Disney</span></a> and uncountable <a href="https://infosec.exchange/tags/PatentTrolls" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatentTrolls</span></a> to create ever-expanding assertions of property rights that prevent almost any material from entering the public domain within a single human lifetime.</p>