Combined licensing with CC0‑1.0 and MIT

Licensing
, , ,
1

Release | 04


This posting covers the licensing of mixed‑content material and multi‑role material using some combination of the CC0‑1.0 content and MIT software licenses. An example of mixed‑content material would be a Jupyter Notebook. And an example of multi‑role material would be an open ontology intended to inform the semantics of both data and code.

Introduction

Any two public licenses can potentially be linked using either AND or OR relationships. I was recently asked which might be the better option for joining CC0‑1.0 and MIT when dual licensing in these various contexts. Dual licensing in the general sense that either one of the licenses should apply or that both licenses should apply simultaneously. This posting, for the reasons provided, concludes that the choice between AND and OR depends on the application area and the desired objectives.

An AND relationship means the terms of both licenses must apply. While an OR relationship means either license can apply and the recipient is able to elect which to deploy. This posting examines the specifics of both options and particularly the question of logical compatibility required under an AND relationship.

Application areas

As indicated, two broad yet distinct use‑cases are identified in this posting:

  • mixed‑content material
  • multi‑role material

Mixed‑content material contains code, data, and written content within the one entity, or legally speaking, collective work. These different types of material are treated differently under copyright law, but the options under discussion here do not require the author or programmer to designate which is which. The example of a Jupyter Notebook was offered earlier.

Multi‑role material can be coherent information intended to inform software design, data schema development and, by extension, written content including documentation. The term multi‑role implies these multiple use‑cases. The example of a formal ontology was offered earlier.

Legal primer

Copyright provides rightsholders with a set of negative rights — negative in the sense that they govern what other parties may not do with the protected work. If an activity is omitted from that set, then that usage is implicitly permitted — unless otherwise prevented by some other legal construct, for instance defamation law.

The Berne Convention aims to harmonize national copyright legislation. Under that convention, the creation of source code is considered a form of literary endeavor.

For software, both compilation [1][2] and running the resulting complied code [3] are not generally permitted by law — unless some suitable enabling license, proprietary or public, has been either purchased or provided. Note too that interpreted languages (like python) still compile to binary code and execute on‑the‑fly.

Allied to copyright is the 96/9/EC database right which applies only in Europe and currently post‑Brexit United Kingdom.[4] As with copyright, protection is automatic and it is up to the user to ensure that their actions are compliant, particularly regarding the degree of information extraction permitted under law. Notwithstanding, users have no way of knowing whether 96/9/EC protection has indeed attached to the resource in question (Davidson 2008).

Copyright law and patent law are distinct and different. A separate license is required to make use of material under patent protection. Patents require examination and award, whereas copyright is automatic. However, like copyright, a patent is a negative right that prevents third‑party usage of the disclosed invention.

SPDX license identifiers and license expressions

The SPDX standard from the Linux Foundation contains agreed identifiers for common licenses covering both software and content. Under that standard, multiple licenses can be connected with so‑called license expressions that denote logical relationships. Of interest here (Wheeler 2021):

More than one operator may be applied. In relation to operator priority, AND takes precedence over OR. Simple brackets can be used to alter or underscore the desired precedence (Linux Foundation 2022, Wheeler 2021). The WITH operator is not considered here.

The licenses under consideration

The two licenses under consideration here are:

  • the CC0‑1.0 license which covers authored works and databases
  • the MIT license which covers software and associated documentation

The combined licenses of interest would therefore be designated as:

  • CC0‑1.0 AND MIT
  • CC0‑1.0 OR MIT

License scope

The MIT license applies solely to software and associated documentation and includes an implicit patent grant.[5] The CC0‑1.0 license applies to all authored works and also entities that fall under the 96/9/EC database directive. CC0‑1.0 expressly excludes patent rights being “waived, abandoned, surrendered, licensed or otherwise affected by the license”. Hence CC0‑1.0 is not generally suitable for source code due to this lack of a patent grant.[6]

The CC0‑1.0 license waives all negative rights associated with copyright and 96/9/EC database rights, using either a public domain dedication where applicable — or failing that, a maximally‑permissive open license. In both cases, all negative rights associated with copyright and 96/9/EC database rights are extinguished. The former public domain case works in the United States, where the legal concept of a public domain exists in law — and the latter case in Germany where a public domain is not part of the legal tradition.

Note carefully that the CC0‑1.0 license is not automatically inbound-compatible with the MIT license. In other words, material under CC0‑1.0 cannot be added to a codebase under MIT unless it can be confirmed that that particular import does not additionally contain patentable material.

That said, CC0‑1.0 does provide users with sufficient grants to compile and run software distributed under CC0‑1.0 solely. This is because CC0‑1.0 waives all negative protections in relation to copyright.

License compatibility

Under logical conjunction, the question of logical compatibility arises. Are there conditions required by each license that cannot be satisfied simultaneously? The underpinning technical concept is mutual exclusivity. Mutual exclusivity occurs when two events or propositions cannot both be honored at the same time. It is assumed here that the two licenses under consideration are themselves internally consistent.

The four conceivable issues I can see arising in relation to logical compatibility are:

  • requirements to attribute
  • treatment of patent rights
  • treatment of 96/9/EC database rights
  • commercial usage

The MIT license requires attribution because the copyright notice necessarily lists the copyright holders — and the license prescribes that that notice be included in all copies or substantial portions of the software.[7] The CC0‑1.0 license is silent on the matter of attribution. This means that no logical conflict arises in respect of the MIT requirement to attribute.

The treatment of patent rights also differs between the two licenses. The MIT license contains an implicit patent grant (see earlier) and the CC0‑1.0 license expressly excludes a patent grant. The potential logical conflict is resolved because patent protection is based on negative rights (as discussed earlier) and again explicit silence can sit alongside an implicit grant. Note however that this grant applies only to any software present.

The treatment of 96/9/EC database rights revolves around a similar argument. The CC0‑1.0 license contains a waiver for this right and the MIT license is silent on that matter. Thus again no logical conflict arises. Note however that this grant applies to all material present.

Regarding commercial usage, the MIT license admits a range of use‑case which expressly includes selling copies of the software. And while not strictly necessary, the CC0‑1.0 license again articulates a range of use‑cases and expressly includes commercial purposes without limitation. These two grant statements covering downstream commercial usage are not mutually exclusive — in that both can be satisfied simultaneously. Viewed from another perspective, neither instrument discriminates on fields of endeavor.

Legal restrictions on incoming material

If external material under either a single CC0‑1.0 license or a single MIT license is to be brought in then certain restrictions must apply. Imported works under CC0‑1.0 cannot contain patentable material. And imported code under MIT cannot contain material protected under 96/9/EC database rights.

It is unlikely, but not impossible, that these two corner cases would be encountered in reality. Nevertheless, as is always necessary, users need to understand the legal provenance of the material they are collecting, combining, or mixing to form the new work, and react accordingly.

Outgoing material forming derivative works

In terms of outgoing usage, it is conceivable that non-software material — such as a comprehensive ontology — may transfer intellectual property to an aligned codebase under immiscible licensing (Morrison 2023). Recall that CC0‑1.0 is not automatically inbound compatible with MIT or any other approved open‑source software license. This eventuality provides the reason why CC0‑1.0 alone might not offer sufficient legal grants in relation to logical conjunction.

Other matters

There is a no‑attribution version of the MIT license designated MIT‑0 which lacks the attribution paragraph. The attribution paragraph requires re‑users to retain the original copyright notice, the attribution paragraph, and the liability disclaimer. The MIT‑0 license is not considered further here.

There is work being undertaken to formalize and characterize public license terms and conditions so they can be subject to automated processing. That work does not extend to non‑software licenses. Some more here:

The Creative Commons CC0 FAQ claims that CC0‑1.0 is suitable for software under the header: May I apply CC0 to computer software? If so, is there a recommended implementation? I cannot agree with Creative Commons for the reasons provided in this posting.

Conclusions

I regard AND to be the correct joiner for mixed-content material, thus with the SPDX construction CC0‑1.0 AND MIT. For the following reasons:[8]

  • the two licenses are compatible under logical conjunction

  • continuing, the required license notices and attribution requirements of MIT are not mutually exclusive with CC0‑1.0

  • under an OR joiner for instance, a re‑distributor would be able to remove one of the licenses and then disseminate accordingly — usually not what is intended

While I regard OR to be the correct joiner for multi‑role or multi‑purpose material with the SPDX construction CC0‑1.0 OR MIT. In this application area:

  • a key objective is to provide for the least compliance friction and the widest adoption

  • the material will often be used to inform distinct works that class solely as software, data, or written content in legal terms, so the application of a single license should perform if elected

  • the user may opt to retain both licenses under logical disjunction to license their host work — while noting that they are not under any legal obligation to do so

  • it is generally unlikely that the kinds of multi‑role projects under consideration will be forked and relicensed under just one instrument — thereby losing the legal flexibility that this form of dual licensing provides

Summarized pictorially:

dual-licensing.scan300-mod
dual-licensing.scan300-mod2100×1100 339 KB

If the material under consideration does not contain software in some manner — or is not used to tangibly inform the design of software — then CC0‑1.0 alone might be the better choice. CC0‑1.0 provides no requirements to attribute or track provenance — and that can be advantageous.

Stepping back, the legal distinction between conventional prose and other forms of artistic content, data, and software is increasingly difficult to establish in practice (even without referencing artificial intelligence technologies).

Ultimately (and I do not make such suggestions lightly), a new single permissive license that collectively spans written content, data, and code might provide a better solution than the dual licensing arrangements under discussion.

References

Davidson, Mark J (January 2008). The legal protection of databases. Cambridge, United Kingdom: Cambridge University Press. ISBN 978‑0‑521‑04945‑0. Paperback edition.

European Commission (5 May 2009). “Directive 2009/24/EC of the European Parliament and of the Council of 23 April 2009 on the legal protection of computer programs — Codified version (text with EEA relevance)”. Official Journal of the European Union. L 111: 16–22. Colloquially the “software directive” and first promulgated in 1991.

European Parliament and European Council (27 March 1996). “Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases”. Official Journal of the European Union. L 77:20–28. Colloquially the “database directive”. Also applies in post‑Brexit Britain.

Jaeger, Till and Axel Metzger (6 February 2020). Open Source Software: Rechtliche Rahmenbedingungen der Freien Software (5. Ausgabe) [Open source software: legal framework for free software (5th ed)] (in German). Munich, Germany: CH Beck. ISBN 978‑3‑406‑73497‑7.

Linux Foundation (November 2022). The Software Package Data Exchange (SPDX) Specification — Version 2.3. Linux Foundation. San Francisco, California, USA. License expressions section. :open_access:

Morrison, Robbie (23 May 2023). Can non-open data standards legally taint conforming codebases and databanks? — Release 03. Berlin, Germany: Free Software Foundation Europe (FSFE) Legal and Licensing Workshop (LLW) 2023. doi:10.5281/zenodo.7937197. Minor post‑presentation improvements and updated CC0‑1.0 question. DOI resolves to latest version. Creative Commons CC‑BY‑4.0 license. :open_access:

US Copyright Office (28 January 2021). The Compendium of US Copyright Office Practices — Third edition: Chapter 700. US Government. See PDF metadata for background.

Webber, Christopher Allan (17 February 2012). [License-review] Submitting CC0 for OSI approval — Posting. Open Source Initiative (OSI). Mailing list contribution. Relates to version 1.0.

Wheeler, David (21 September 2021). SPDX tutorial. GitHub. License expressions section. :open_access:

  1. The US Copyright Office (2021:§721.5) says: “The U.S. Copyright Office views source code and object code as two representations of the same work. See GCA Corp. v. Chance, 217 U.S.P.Q. 718, 719-20 (N.D. Cal. 1982) (”[b]ecause the object code is the encryption of the copyrighted source code, the two are to be treated as one work…“). As a general rule, the Office will not issue separate registrations for the source code and object code versions of the same program.” ↩︎

  2. Recital 15 of the European software directive (European Commission 2009:17) indicates that compilation is only lawful in the absence of suitable licensing if such compilation is necessary for a computer system to function. Compilation is taken to fall under the scope of “reproduction, translation, adaptation or transformation”. ↩︎

  3. Jaeger and Metzger (4th edition, page 129) write, in relation to executable software, (translation confirmed by Till Jaeger, emphasis added): “The UrhG x 69c (1) assumes a broad concept for copying which includes not only a permanent copy on a storage medium, but also the temporary loading into main (RAM) memory or processor cache. This leads to the conclusion that a copyright permission is required for the mere use of a piece of software. Thus, the construction of UrhG x 69a and following sections differs from classical copyright. Anyone who uses an analog work as intended does not require permission from the author and in particular no rights of use: reading a novel, listening to music, or viewing an artwork are not processes which can be prohibited by exclusive copyrights.” UrhG is Urheberrechtsgesetz, which covers copyright under German law. ↩︎

  4. So‑called 96/9/EC databases obtain limited protection under the European database directive (European Parliament and European Council 1996). The protection applies when there has been substantial investment in the making of the database — including collection, verification, and presentation of information, but excluding any investment in the creation of the data itself. The notion of a database under the directive extends well beyond that which a database programmer would recognize. ↩︎

  5. There is a long‑standing discussion as to whether the implied patent grant in the MIT license would indeed prevail under civil litigation. That assertion has not been tested in court, but is nonetheless accepted by many open source law practitioners. Notwithstanding, some projects opt for Apache‑2.0 because it was written considerably later than MIT and contains an explicit patent grant. ↩︎

  6. Creative Commons applied for Open Source Initiative (OSI) approval for CC0‑1.0 in 2012. Webber (2012) marks the start of those discussions. The application was subsequently withdrawn after the software community reacted adversely to the lack of a patent grant. ↩︎

  7. The qualifier “substantial” is frequently used in copyright and related rights legislation. There are no clear definitions for the term and it is ultimately left to courts to adjudicate. Conversely, a non‑substantial portion is not subject to such rights and both the amount in question and the proportion relative to the work as a whole are material in determining where this boundary might lie. ↩︎

  8. The author of this posting has no legal training. Consult a suitably skilled lawyer if you need legal analysis and advice. ↩︎