FOSS needs a new license

Most open source software is also free software. In everyday conversations people use the two terms interchangeably and so will I in this post.

One of the most popular free software licenses is the GNU GPL. It is used by the Linux kernel, GNOME, KDE (LGPL) and countless other big and small projects. It’s a license that, in the past 37 years, has played an important role in shaping the open source landscape. The GPL was created to block many different vectors of abuse associated with software distributed in goodwill. Most of all, preventing individuals and companies from taking unfair advantage and closing-down or restricting software that was initially released and intended as FOSS by the original author. In other words, you cannot take a GPL licensed project and turn it into a proprietary, closed source one. Or can you?

Well, you could not legally do that up until present day when all it takes is to feed the GPLed code into an LLM and there is your legal loophole. Free software can easily be abused by corporations using LLMs in two distinct ways. First, using free software as training data. Second, disregarding the license by instructing an LLM to create a functionally equivalent proprietary replica of the free project.

Both practices are perfectly acceptable under the GPL terms. Actually, GPL explicitly forbids you from introducing any additional limitations that are not part of the license. Therefore, you cannot add an additional “No LLM training” clause because this will be incongruous to the main license and will render either or both legally void. The GPL’s main weapon is now it’s biggest weakness. I’m giving GPL as an example here but this applies to basically all popular free software licences in use today. Especially given that most of them are even more permissive and “weaker” than the GPL.

Why is this problematic? Publicly available large language models are a rather new phenomenon. Many authors of open source software have made their work public years or decades ago, long before they could foresee that their work might be (ab)used in this way. Linus Torvalds did not publish his kernel in 1991, knowing that his code will be used to train LLMs in 2026.

Developers thought that their intention will be protected by the copyleft license but we have a technology now that makes the framework completely irrelevant. Absorbing millions of free software projects into an LLM controlled by a multi-billion dollar corporation which then sells it back to other smaller companies in the form of “code assistants” and “AI” so they can also profit from derivative work. I’m not sure Richard Stallman had this scenario in mind in 1989.

We need a new license because I don’t want to feel like I’m being taken advantage of, every time I create a new public repository on GitHub (not that public or private matters in this case). If I’m releasing free software, I want to benefit the regular user and the “community” and not the mega-corporation that cannot wait for all of us to be out of a job.