PLEASE read EVERYTHING ARL has done

[ckaran]

tldr version: the legal stuff is really complicated. See this dicussion for some of the legal issues involved. The license agreement you've put together does not address many of the issues.

ARL has been wrestling with the legal issues since October 2015. They are complex. You can read some of the issues here, and you can see the guidelines we've come up with for our own workforce here. Please read through our material completely.

I've also been given an email address to contact you through, I'll be writing to you directly so you can confirm I'm DoD, and so I can confirm who you are. Then we can have a more complete discussion.

[aggieben]

With respect to your comments about the legal complexities and the inadequacy of this draft license so far, @ckaran, I completely agree.

However, I think it is inappropriate to use GH issues to redirect the repository owners into a private discussion with you, which sort of defeats the point of being on GH in the first place. That discussion belongs squarely right here.

[shawoods]

@ckaran The legal issues are complex as you've said. We are very aware of what ARL has done, and it's clear you all put a lot of work into it!

We know this is a little different than what other Government offices have done, which is we why put it out as a draft and have actively invited community comment. At the end of the day, our main goal is to foster DoD participation in the open source community. We are experimenting with the exact mechanics to achieve that and inviting comments and criticism on the approach to gauge the community response.

@aggieben Totally not trying to be cloak and dagger about any of this! @ckaran is also a federal employee like us, and we were trying to track down his Government contact info. Discussion and deliberation about this open source experiment will absolutely occur in GH.

[jbjonesjr]

We know this is a little different than what other Government offices have done,

This is one of the most refreshing parts about this effort to me. Instead of assuming CC-0, or working towards a new license that the community (and foundations) need to accept, this is an attempt to mostly stand on the back of the already approved and used (and in most cases, litigated) licenses. Being able to to equate a Government project to a normal license should reduce the barrier to entry for the open source community actually getting involved with government work going forward.

[BrandonBouier]

@jbjonesjr You hit the nail on the head - that's exactly what we're trying to do here.

[andrewgdunn]

One thing that shouldn't be overlooked is the apparent pressure that exists for the local leaders of R&D organizations within the DoD. The incentive structures here run very deep and are difficult to understand, but the effects are obvious. Your repository is a response to what many of us are living day-to-day. Certain organizations have made significantly more progress in this area, notably ARL of late, however their work on openness is largely done in the shadows...

The DoD, for whatever reason, has built in negative incentive structures for organizations fore releasing things publicly. This is despite POTUS memorandums about embracing openness, and OSD studies about rampant over-classification. It is the default mode of these inherently academic organizations to hide behind some barrier of convoluted OPSEC processes that bar the bright people within from contributing back to humanity.

It seems insanity to me that massive R&D organizations like ARL would have to develop their open strategy behind closed doors and tread lightly to share their end product. We know that the individuals working on these efforts want to evangelize the concepts of openness, however their slow/calculated releases are typical of the leadership and legal council within these organizations.

The lofty goals of the repository are interesting, but I'd settle for the issue section of the repo becoming a public aggregation of comments from those who have been barred within their respective organizations.

If DDS is close to the Pentagon... a new compliant license would be the least of the objectives I'd shoot for... I'd instead be examining what incentive structures the Pentagon has in place that has made the entire workforce of the DoD effectively fear the process of openly developing work.

TL;DR: Don't downthumb @ckaran for pointing out that ARL has done a lot of work in this and offered to share that work via the channels made available to them via leadership/legal council.

[seanenck]

I generally agree with @storrgie but to add that even a ticket that says "PLEASE read EVERYTHING ARL has done" indicates a lack of communication within the DoD itself where this is just another form of decision and movement coming forward where it seems like members of the community they might be trying to serve are not even involved in whatever is being decided upon on our behalf.

This is not meant to come across as aggressive... but this comes out and you've got issues like #6 and a community of people saying "Uh...what?" and expecting people you want to engage to come to the table and "agree to the DCO terms" and "signoff" on commits...it doesn't look like a composed foundation and strategy from the DoD community. At least the code.mil cert isn't a DoD certificate (yet)...

[konklone]

@ckaran As another fellow government employee, I want to just say that opening a ticket with all-caps words in the title and a stern scolding tone was a deeply unprofessional way to open a dialogue with another agency.

You may be frustrated at not being consulted or something, but an approach of public bullying is never the right response, and reflects very poorly on your organization.

[andrewgdunn]

@konklone this in no way was bullying. Uness @ckaran comes in and tells us that was his explicit intent. It appeared to me that @ckaran would like to share with you what has been being worked for a couple years by and organization that despite the DoD as a whole... has actually been pursuing openness.

Nobody expects to be consulted in this juggernaut of an ecosystem we're participating in. Rather I think that we'd like to share the bureaucratic pitfalls with each-other to minimize collective suffering.

I'd say "deeply unprofessional" would fall along the lines of:

• using http for a domain in the .mil space
• redirecting a registered .mil site back to this gh page
• the need for this file and this file
• hard requirements for commit signoffs
• stating your core goal is to collaborate with other agencies, but being sad that other agencies have a sharing limitations and down-voting their self selecting emissary
• saying that nothing is fishy, just make sure to get your commits in, sign off on them, and have them tidied up by an arbitrary date... without any reason for that deadline.

[shawoods]

We believe in the value of open collaboration. Rather than concocting some scheme behind closed doors, we shared our ideas and readily sought the feedback of the open source and free software communities. This is a diverse community with differing ideas about how to best approach the complicated challenge of keeping code freely available. There have been a variety of approaches to this challenge in the U.S. Federal government (ARL, NASA, NSA, DISA, and 18F to name a few), and we are experimenting with another approach here. We talked extensively with other groups both within and outside the Government and wanted to continue that dialogue in an open way accessible to all. We appreciate the open and honest discourse.

[andrewgdunn]

Labeling the work done by an organization:

• over several years
• following the inlaid required pathways for discussion and change of policy
• seeking legal council, and likely working a long game to change the status quo of what internal DoD legal council thinks about open collaboration.
• internally publishing signed memorandums checking all the "boxes" of the necessary people so that it has some teeth and sticking power

as " some scheme behind closed doors", in hopes that you can claim this project is different just because you registered a GH page... is just flatly obnoxious. Do you think that the folks at ARL have been fighting for an official memo on unrestricted public release of software because they don't value open collaboration?

You're going to see a lot of people interested in this project because there are a lot of people who know they work on things that could benefit humanity if there were developed out in the open. There are very likely several hundred people scattered across the DoD who are fighting this fight on a daily basis. The DoD is a place mired in very old patterns of thought about openness. I find your claim of being different and open while marginalizing others as "schemes behind closed doors" as disingenuous.

If you've talked with other organizations (as you listed above), why not mention that in the FAQ or readme? What are the barriers of using their prior work? Why is this actually different? What is unique/special, open and collaborative effort meant to culminate into?

If you did your homework, claim it in your code, so that others don't have grounds to make claims that you're unaware of longer running efforts.

[tomberek]

@storrgie : I'll address your final questions about other organizations, barriers, and end state.

Other organizations: While we have reached out to other organizations who have provided comments and feedback, they did not specifically endorse this effort. We did not want to assume their endorsement. Perhaps we should add a section to the README. When it comes to continued contributions, we are accepting pull-requests (the DCO sign-off procedure does not apply to this repo, this is all still in draft and development)

Barriers of using prior work: The goal is specifically to not introduce a new license into the ecosystem, but to use the contract theory mechanism to get to a place where government-created projects could re-use well-known and established licenses. We are also considering another approach (see #33 and #34) for which we'd love to have your feedback.

Edited: didn't proof-read. Uniquness/End-state: Government developers do not run into the common barriers when trying to open source their code and collaborate with the public. Government managers and oversight see that there is precedent and a benefit in openness. The unique part of our approach is that ideally there isn't another license, proliferation was a major concern of ours. Others have accomplished this by just using CC0. We have nothing against that, this is just another approach.

[andrewgdunn]

• Please update the readme in regards to your first paragraph.
• Please re-structure the project and place the artifacts that you are seeking assistance with in a folder as to not confuse potential contributors (I've not issued a pull request because I'm not going to do that silly sign off thing).
• Please come out and specifically say you're intent is not to create a new license, because it appears the bulk of the comments have the impression you're considering <license>+<DoD> as an approach here.
• Please examine #43 .... because you've named yourself in a way that gives the impression this is a DoD wide level effort, and that doesn't sit nicely with those of us who have watched the slow roll out of very deliberate and strategic efforts by other organizations. If DDS is going to make a dent in the insanity that is DoD level wide policy I think everyone is behind you... just name yourself what you are.

Your last paragraph, I agree with you. We experience barriers at every level. This is why you're seeing a lot of critical comments from people about the posture of this effort you've created. There are many opposition people in control that will look at the level of maturity within this repository and scoff at it with whatever stereotype they've already been using to prevent openness.

Unfortunately it actually does take "schemes behind closed doors" to build up the critical mass for a memorandum (how the DoD sets policy) that can actually stick and make some change. There exists a deep level of fear/opposition to these ideas within the DoD by people who are able to impact change. "scheming" out in the open is valuable, but we should attempt play the game that is laid before us and leverage the efforts of others who have understood the game board and decided that "scheming behind closed doors" was a potential winning strategy.

[johnmod3]

putting this here: There was a hack we looked at a while back that could work: if DoD designated NASA as an agent for releasing government employee created works then NASA could release it under any open source license since NASA can create copyright

[johnmod3]

And a big +1 to the DDS for running the traps on this and pushing thru. Not and easy thing

[andrewgdunn]

@johnmod3 but what is this? Anyone can register a GH organization.

You should register the NASA hack as a separate issue as its worth discussing in more detail rather than being mired in this chain.

[johnmod3]

@storrgie ?

[johnmod3]

@storrgie "Anyone can register a GH organization." True, but so what?

[tomberek]

This issue seems to be digressing, so I'll try to sum up:

1) We should add a section in the README about organizations we've gotten comments and feedback from. 2) Restructure this repository to make clear we are soliciting feedback on the approach. 3) Add section in README about the results of solicitation and future plans. 4) Specifically mention that the intent is to avoid creating a new license. 5) Restructure repo to have GitHub Pages be separte.

[andrewgdunn]

For 5 I believe you can do a branch for gh-pages, I think @enckse suggested that someplace else. You may also consider moving that redirect to a server, but I think we all know the complexity of setting up "accepted" hosts. The gh-pages gives you a place that you can "publish" the results of this repo on.

[BrandonBouier]

Hi everyone, we're going to be updating the FAQ based on some of the issues raised in this thread.

[andrewgdunn]

Until you have a commit, leave this open for visibility.

[andrewgdunn]

Also, as @shawoods points out, this is supposed to be different by being open. Which branch is the update to the FAQ being worked in? Closing this ticket and alluding to work your doing not in the open seems disingenuous.

[gbinal]

Just a quick word - thank you all for the work you're doing in trying to do more open source work in government. Starting up FCC's and GSA's efforts weren't a walk in the park and there's always a ton that goes into it.

I hope that all of us can recurringly dig deeper and try to begin with assumptions in each others best intentions. The good news is that this, being an open source project, can continue to iterate, respond, and get better.

Thanks to all of you for being engaged and for trying to keep this a civil and supportive effort.

[ckaran]

My apologies about not responding to everyone earlier; I've been dealing with email telephone calls directed at me caused by the code.mil launch.

@aggieben @shawoods Part of the reason I want to discuss some of this offline in a Government only location rather than on GitHub, is that these discussions may be construed as a Federal Record, at which point we may be in violation of 44 U.S.C. Chapter 31. Note that I'm not a lawyer, so I can't give legal advice, and this should not be construed as such, nor is this a position of the US Government.

@jbjonesjr @BrandonBouier If someone at the White House level is willing to accept the potential risks involved in used copyright-based licenses, and they are willing to cover the entire Executive branch with a suitable order, then those of us in the Executive should be able to follow those orders. However, there is the possibility that using one of the standard copyright-based licenses (e.g. Apache 2.0) will be invalid on code that is in the public domain. I've discussed this at length on the the OSI license-discuss mailing list. The latest discussion starts here.

@enckse Part of the reason the Federal records process exists is to make sure that the Government has a coherent response to questions that the public comes up with. It is also why quite a bit of work goes on before public statements are made.

@konklone @storrgie @shawoods I didn't want to sound bullying, but there are numerous laws and regulations governing what actions civil servants are permitted to do. These often cover what we're allowed to say in public. On top of these are the rules and regulations governing the Department of Defense. This limits some of what I can say on GitHub, and I suspect it may limit what members of DDS can also say. This is another reason why some of this discussion has to be done off-line in a Government only forum.

@storrgie You're right about how long this has taken; I started work on getting an approved process and policy in at ARL in October of 2015. It took quite a bit of work to get the input from everyone within the Government before there was a policy that would be approved. My hope is that the DDS folks can take a look at what I've learned along the way and shortcut their own policy. The easiest way is to fork ARL's policy and modify it as necessary; that's one of the reasons its up on GitHub, so others can easily benefit from our work.

I know that this issue is now quite old; I'm hoping that this will answer why I pushed for immediate communications in my original issue posting.