Facebook React.js License
I’m critical of the license approach used by Facebook for React for at least three reasons. More on that below. But since Facebook’s approach is unconventional, I first offer a brief explanation of the history and substance of that approach.
I. History and Structure of React Licensing.
All I know about React licensing is what I’ve seen on the Internet– notably, on Wikipedia.org.
Initially, in May 2014, React.js was offered under the Apache License, v. 2.0.
In October 2014, Facebook changed its licensing and began to offer React.js under the BSD License. But, unusually, in addition to the BSD License, Facebook issued an addendum-like document titled “Additional Grant of Patent Rights” that gave an “additional” license to use the library under Facebook patents. Even more unusually, this Additional Grant of Patent Rights included a termination provision that stated, in part, that Facebook’s grant of patent license would terminate if the software licensee were to initiate or participate in certain patent infringement lawsuits, including, filing any patent lawsuit against Facebook or its affiliates.
Apparently in response to criticism, in April 2015 Facebook issued a second version of the Additional Grant of Patent Rights that softened the termination provision to say that the React software licensee would not lose its right to use the software under Facebook patents in the special case in which the licensee brings a patent lawsuit that is a counterclaim against Facebook or its affiliates that is unrelated to React.js. The second version of the Additional Grant of Patent Rights, in addition to the BSD license, is what governs use of React.js today.
A. The Additional Grant of Patent Rights is Unnecessary.
It is unknown to me why Facebook issued an Additional Grant of Patent Rights in the first place. If Facebook was trying to make developers feel better by publishing an express patent license grant, then their effort was unnecessary. To the extent it created complexity and questioning, it was misguided. True, the BSD License does not explicitly state that the licensee receives the right to use the licensed software under the licensor’s patents.* But I’ve never heard any lawyer postulate that that document does not grant a license to fully exploit the licensed software under all of the licensor’s intellectual property. Anyone who pushes that view is thinking too hard.
Similarly, I’ve never heard of any BSD licensor claiming patent infringement for any use, distribution, or other exploitation of software it has offered under the BSD License. That would be very strange. Developers-licensees (or, more to the point, their lawyers) have traditionally been very confident that the BSD License does not leave room for a licensor to successfully sue under patents.
Facebook’s Additional Grant of Patent Rights does not add anything to the simple and heavily relied-upon BSD License. **
B. Facebook’s Licensing Language is (a bit) Inelegant.
I’ll say upfront that my second criticism of the Facebook Additional Grant of Patent Rights is pretty wonky. Perhaps I’ve written too many software licenses, but here it goes.
You will note that the Additional Grant of Patent Rights uses the defined term Necessary Claim, which it defines as follows:
A “Necessary Claim” is a claim of a patent owned by Facebook that is necessarily infringed by the Software standing alone.
The document then grants rights under only Necessary Claims.
The defined term “Necessary Claim” is, err, unnecessary to the purpose of the Additional Grant of Patent Rights. The document would be more economically, and thus more gracefully, written if it simply granted the right under all of Facebook’s patents to exploit the software. Indeed, version 1 of the Additional Grant of Patent Rights did just this.
Put another way, the Additional Grant of Patent Rights, although a patent license, is still only a software license. There is ordinarily no reason to define the licensed patent claims in a software license grant because the behavior one wants to license is bounded by the software itself. Expert technology licensing practitioners will note that the “necessary claims” or “required claims” concept arose in the practice of granting patent rights to implement written technology specifications (not software), where it is more important to carefully bound the scope of patent claims under which permission is granted.
C. This is Not Open Source Software.
Facebook touts React.js as open source software. But in my mind the license termination provision of the Additional Grant of Patent Rights takes the offering outside the realm of open source software.
The patent license offered in the Additional Grant of Patent Rights (v.2) is conditioned upon the licensee not bringing a patent infringement lawsuit against Facebook or its affiliates. Thus, the licensee pays a price to use the library. It is not a price paid with money. The price demanded by Facebook for use of the library is that the licensee refrain from exercising any of its patent rights against Facebook or its affiliates.
Importantly, one should note the breadth of the patent assertion condition used by Facebook. Facebook is not saying only that a licensee’s rights to use React will terminate if the licensee claims patent infringement by the React library itself. This more limited approach, in my mind, would not disqualify React licensing from open source status. An open source licensor may employ a non-assert condition if the spirit of that condition is to protect the integrity and promote the use of the licensed software. But that is not what Facebook did. Instead, it wants to terminate its license if it is sued by a React developer under any patent. Facebook is using its publication of React source code as leverage to win some protection against patent lawsuits generally. In my mind, this is too greedy an approach for Facebook to claim open source status.
The Apple Public License 2.0 includes an aggressive non-assert condition similar to the one used by the Additional Grant of Patent Rights (see Section 12.1 c of the APSL 2). So, use of such conditions is not unheard of. I don't know whether Apple still uses that license in its developer programs. Such strong-form conditions may be used in other licenses claimed to be open source, but none come to mind.
The Mozilla Public License v. 1.1 does include an aggressive non-assert condition similar to the one used in the Additional Grant of Patent Rights (see Section 8.2 b of the MPL 1.1). But apparently Mozilla thought better of that because MPL 2.0 tamed the condition to say that rights are revoked only when a patent lawsuit by a licensee claims infringement by the licensed code itself (see Section 5.2 of MPL 2.0). Not infringement under any patent.
I don’t know what the Open Source Initiative (OSI) has to say about the Facebook Additional Grant of Patent Rights (v.2), if anything. The OSI definition of open source may leave enough room for Facebook to validly claim open source status. But one would need to read the word “fee” in the first paragraph of that definition narrowly. ***
I note that the APSL 2.0 is listed by OSI as an open source license. So, it would seem that the strong-form non-assert provisions do not disqualify a license from making the list.
I note that the MPL 2.0, which includes a soft non-assert condition, is listed by OSI as an open source license. MPL 1.1, which, as noted above, includes an strong-form non-assert condition similar to the Facebook Additional Grant of Patent Rights, is not.
The Facebook lawyers have issued an FAQ on their BSD+Additional Grant of Patent Rights approach. The FAQ does not address the scope of their non-assert condition.
Perhaps a metaphor is in order. Hopefully this is a fun and timely one.
Imagine Donald Trump, the rich hotel developer, has 10,000 tons of bricks left over after building his latest skyscraper. He wants to give the bricks away to other hotel developers. He's a nice guy.
Offer 1: I have 10,000 tons of extra bricks. I will give them to any other developer, but anyone who takes them must give those same bricks back to me if that developer ever sues me for giving him/her defective bricks.
Offer 2: I have 10,000 tons of extra bricks. I will give them to any other developer, but anyone who takes them must give those same bricks back to me if that developer, or any of his/her relatives, ever sues me for sexual harassment.
Should each of the foregoing offers be thought of as equally generous?
I’d like to hear from anyone who disagrees with me. Corrections and differing views welcome!
* * *
* Indeed, the BSD does not explicitly grant rights under any particular form of intellectual property. Not patents, not copyrights, not trade secrets. Why did Facebook feel the need to create an "additional" grant of rights in patents and not other intellectual property?
** Note that I am not saying that a grant of rights in patents is "implied." What I am saying is that as a matter of textual interpretation it is without serious question that under the BSD the licensor intends to grant a right under all intellectual property.
*** It cannot reasonably be the case that the definition of "fee" as used by OSI includes only money payment. That would allow licenses with conditions requiring payment with, for example, gold to be considered open source. A reasonable definition of "fee" must be one that allows some forms of conditions but disallows others. As suggested above, my proposal is that an open source license may include a restrictive or prohibitive condition on license only if the spirit of that condition is the protection or promotion of the licensed software itself. For example, the spirit of the GPL condition that prevents licensees from making proprietary distributions of derivatives is the promotion of use of the licensed software. Thus, that GPL condition is not an impermissible condition or "fee." On the other hand, the spirit of the aggressive non-assert condition in the Facebook Additional Grant of Patent Rights is to protect Facebook from patent litigation that is completely unrelated to React code. Thus, the condition ought to be impermissible in an open source license.