decoration decoration

When you want to know more...
For layout only
Site Map
About Groklaw
Legal Research
ApplevSamsung p.2
Cast: Lawyers
Comes v. MS
Gordon v MS
IV v. Google
Legal Docs
MS Litigations
News Picks
Novell v. MS
Novell-MS Deal
OOXML Appeals
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v Novell
Sean Daly
Software Patents
Switch to Linux
Unix Books
Your contributions keep Groklaw going.
To donate to Groklaw 2.0:

Groklaw Gear

Click here to send an email to the editor of this weblog.

Contact PJ

Click here to email PJ. You won't find me on Facebook Donate Paypal

User Functions



Don't have an account yet? Sign up as a New User

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.

What's New

No new stories

COMMENTS last 48 hrs
No new comments


hosted by ibiblio

On servers donated to ibiblio by AMD.

Enforcement of the GNU GPL in Germany and Europe, by Till Jaeger
Saturday, April 03 2010 @ 10:51 AM EDT

Enforcement of the GNU GPL in Germany and Europe
~ by Till Jaeger

[Dr. iur., Partner at JBB Rechtsanwälte, Berlin; Co-founder of the Institute for Legal Questions on Free and Open Source Software (ifrOSS); Representative of project in its enforcement activities. A PDF of this article is available here.]


GPL enforcement is successful in Europe. In several court decisions and out of court settlements the license conditions of the GPL have been successfully enforced. In particular, embedded systems are the main focus of such compliance activities. The article describes the practice of enforcement activities and the legal prerequisites under the application of German law.




A.              Rationale for enforcement of the GPL


At present, the enforcement of the GPL license conditions is driven by single developers and organizations supporting Free Software. Most famous is Mr. Harald Welte, former maintainer of the Netfilter/Iptables project, who is running the enforcement project Some years ago, Mr. Welte became aware of the fact that many manufacturers use the Linux kernel in their products without complying with the GPL conditions, and give the necessary credit to the Free Software community. His letters to the companies remained mostly unanswered or negotiations were so protracted that by the time the source code was eventually published, the relevant product was no longer available for sale. Therefore, he decided to take legal action in a more formal way.


After the first enforcement cases became public, more and more interested parties informed Mr. Welte about other violations. He then decided to establish ‘’ to provide a platform for enforcement activities and public documentation of his and others’ efforts to bring commercial GPL users into GPL compliance.[1] Having access to modified source codes of technical devices is a strong motivation to participate in the enforcement of the GPL, and thus many people support


In 2006, the FSF Europe launched a Freedom Task Force (FTF) to collect and share knowledge about Free Software law and safeguard the interests of Free Software projects. FTF cooperates with with regard to GPL compliance issues and facilitates  the European Legal Network (ELN), where lawyers and representatives of companies from the software industry maintain a lively exchange of ideas.[2] This strategic approach has been enhanced and refined, and has had impact on the general behaviour of IT industries with regard to GPL compliance.


GPL is popular not just among developers but also among companies because it helps secure a proper competition with regard to a particular software product and prevents unfair withholding of improvements of the software released in the Free Software world. Moreover, as the dual licensing model – i.e. offering a software product under the GPL and a proprietary license – is widely used, it can be expected that companies will also start to enforce their rights in the near future. Even companies that distribute GPL products without holding copyrights may soon begin to enforce the GPL by relying on unfair competition law (instead of copyright law) in order to obtain the complete corresponding source codes of improved software solutions from their competitors.[3]  



B.              Information about GPL violations


One might think that the detection of GPL violations in proprietary products is difficult or almost impossible, when no source code is at hand or the software is even hidden in an embedded system. In reality, however, there are many different ways to get the necessary information to prove the use of GPL-licensed software.[4]  To quote an easy example: On a recent flight, when the entertainment system in the seat in front of me booted, I was surprised to see the typical boot information of the Linux kernel, including a copyright notice of one of my clients.


But GPL violations are not restricted to the Linux kernel. Once, another client of mine was contacted by a customer of a proprietary product asking for support. Thus, my client learned that a header file written by him was made available on the vendor’s website, and that the latter shipped his proprietary product without any information about the fact that the software was licensed under the GPL.


Many violations concern embedded systems. Typically, violations become obvious when manufacturers provide firmware updates on their websites. Violations can often be shown by a simple analysis of strings showing typical debug information or even copyright notices. Strings are sequences of characters, and sometimes text strings from the source code remain intact after the compilation process. String searches with an editor can be sufficient to receive strong indication for the use of a certain program.[5] Specialised research providers are currently developing a software tool for easy detection of GPL violations.[6]


More complex efforts are necessary to provide evidence for the use of the Linux kernel in an embedded system, if no firmware access is given. With the necessary expert knowledge, a serial port can be detected on the printed circuit board (PCB). The typical structure of a booting Linux kernel can be found with the help of an oscillograph and, if the suspicion is confirmed, a hardware interface can be soldered on the PCB to extract the firmware from the serial port for further analysis.


In our current practice, we frequently see cases of firmware being encrypted in order to hide the use of GPL software, but where the violation can be shown with the help of the advanced reengineering skills of the Free Software community.




C.              Modes of violations


The typical GPL infringing product does not contain any notice about the fact that GPL software is contained. Consequently, no license text and no source code are provided. Such products are the main focus of enforcement activities. Sometimes a GPL notice is provided, but the license text of the GPL and the source code are not available, or the notice points to a webpage that might contain this material or nothing at all. Although a situation where the necessary information is provided on a webpage is in general no reason for enforcement activities, one should keep in mind that the District Court of Munich has decided that the mere referral to a webpage does not comply with section 3 of the terms and conditions of the GPL (version 2).[7] This example demonstrates that careful in depth consideration of all obligations of the GPL is required for compliant use of GPL software.


Far more common is the situation that firmware updates are offered on the website of the manufacturer but no “complete corresponding source code” is made available.[8] In particular, it is not sufficient to provide the most current version of the source code, if several older versions of the firmware are still offered on the website – the “correspondent” source code for all software versions would be missing. Furthermore, often faces the problem that the available source code is not complete, because only parts of the source code are offered or only the modified files, but not the complete source code allowing compilation and installation of the software on the very same device are available. It is a common violation that the scripts used to control compilation and installation are missing for embedded systems.[9]


Derived works of a GPL licensed software have to be licensed under the GPL according to section 2 b) GPLv2 (so called “Copyleft”[10]), and the source code of the modified version has to be provided. Although we have not seen any court cases regarding the scope of the “Copyleft” so far, it is most likely that such cases will come to court in the future. At present, there is uncertainty about what has to be considered as a derivative work and how it can be distinguished from an independent piece of software.[11] This might discourage parties to institute court proceedings with an uncertain outcome. Nevertheless, developers and competitors are highly interested in using modifications of successful programs, and therefore, companies unwilling to release the source code of derivative works will sooner or later become targets of GPL enforcement.



D.              Out of court proceedings


Enforcement proceedings usually start with a cease and desist letter explaining the GPL violation and demanding a declaration to cease and desist from distributing the product, unless according to the requirements of the GPL, each product contains a copy of the license text and the complete corresponding source code is made available. Therefore the violator is allowed to continue the use of the GPL software if he shifts the distribution of his product in a GPL compliant way. In addition, the violator is demanded to accept the reimbursement of the costs of the enforcement (expenses for a test purchase, reengineering and lawyer’s fees[12]) and to provide information about the supplier of the software (if any) and commercial consumers. This information is needed to safeguard and ensure that the distribution chain is also compliant.


Depending on the concrete case, damages may be claimed.[13] Some infringers defend themselves with the argument that no damage was incurred, as the software is available without any license fee. But this line of argument is without any merit: under German law the copyright holder may claim the vendor’s profit that is based on the use of the GPL software. Copyright holders who offer their software under a dual licensing model are easily able to prove their actual damage when demanding the equivalent of license fees not earned.


The vast majority of infringers accept to declare to cease and desist from GPL incompliant distribution of their products and to reimburse the costs of the enforcement. In some cases a settlement can entered into, which addresses particular issues, e.g. a grace period. 


German procedural law allows to file for a preliminary injunction in urgent matters. It is generally accepted that a permanent copyright infringement constitutes an urgent matter.[14] However, this assumption is not upheld where the infringed party fails to act in an urgent matter by waiting a inappropriate time (measured from the moment the rights holder becomes aware of the infringement) before filing for a preliminary injunction. What is considered an appropriate time in this context depends on the competent court.[15] Therefore out of court proceedings have to be conducted within a short period to keep the option alive to apply for a preliminary injunction.


Out of court settlements are not restricted to violations in Germany. The project enforced the GPL in other European countries like Slovenia, the Netherlands, Sweden, France, Austria and the UK, as well as outside Europe, e.g. in Taiwan, Korea, the US and China. This has led to a growing awareness about GPL compliance issues, in particular in software producing countries as Korea and Taiwan.[16]




E.              Enforcement in court proceedings


The first lawsuit to enforce the GPL in Europe was filed in 2004.[17] The infringer, a manufacturer of a WLAN router that deployed GPLed software in its firmware, refused to provide a declaration to cease and desist from GPL incompliant distribution. The copyright holder applied for a preliminary injunction on April 1, 2004. The District Court of Munich granted a preliminary injunction on April 2, 2004, thus only one day later. After an objection of the manufacturer against the preliminary injunction and a court hearing the District Court of Munich confirmed the preliminary injunction and provided a written reasoning. The infringer had to bear the complete costs of the proceedings including the lawyer’s fees of the copyright holder.



The most important aspect of this judgment is  the court’s conclusion that a violation of the GPL results in a copyright infringement with regard to the automatic termination clause of section 4 GPLv2.[18] The GPL is considered a license agreement with a resolutory condition that provides for an automatic reversal of rights in case a licensee does not abide by his contractual obligations.[19] Therefore, GPL incompliant distribution is a copyright infringement and not only a breach of contract.[20] Consequently, licensors of GPL software may rely on all the enforcement means established by the European “Directive on the enforcement of intellectual property rights”[21], when enforcing the GPL obligations.



If this reasoning will prevail in other countries of the European Union, has still to be proven in court cases. Currently, a lawsuit aiming at the enforcement of the GPL is pending in France.[22] Independently from this case, the Paris Court of Appeals held in a recent decision that it is a breach of an IT contract, if GPL software is delivered in fulfilment of the contractual obligations, but the conditions of the GPL are not observed.[23] This case was not an enforcement case, but examined the GPL as a preliminary question.


However, enforcement lawsuits with effect on other European countries are existent. In the case Welte ./. Skype Technologies S.A., the GPL has been enforced against a Luxembourgian company acting in Germany.[24] This is the single case in Germany, in which a GPL infringer appealed a District Court decision, mainly for alleged violation of antitrust law. However, the defendant withdrew the appeal, after the Munich Court of Appeal expressed in the hearing its clear intention to uphold the decision of the District Court, arguing that even in the unlikely case that the GPL would violate antitrust provisions, such violation would not result in releasing a licensee of GPL software from observing the conditions of the GPL. Another case with international perspective concerned a UK company with a branch office in Germany, which allowed to serve a preliminary injunction in German language.


F. Conclusion


The well-established practice of GPL enforcement in Germany and some parts of Europe leads to a growing number of GPL compliant products. Since embedded systems often contain third party software, enforcement cannot stop with legal actions against manufacturers or importers of infringing products, but must aim for compliance of the complete distribution chain and needs to have a more general strategy of information policy for such software developing companies and countries.[25]. Plenty of documentation exists that can be used for providing the software industries all over the world with the necessary know-how to avoid GPL violations.[26] Considering the increasing use of GPL software in the software market, license enforcement will continue being an essential issue in the OSS world.






[1] See

[2] See K. Kopenhaver, Collaboration Among Counsel Celebrating the Formation of a Community of Lawyers for the Advancement of Understanding of Free and Open Source Licensing and Business Models,  1 IFOSS L. Rev. 53 et seq. (2009),

[3] See G. Spindler, Rechtsfragen bei open source, p. 128 and T. Jaeger/A. Metzger, Open Source Software, 2. ed, para. 336 et seq.

[4] For detailed information see  A. Hemel, The GPL Compliance Engineering Guide (v.3.00),

[5]  Before a string research, it might be necessary to extract data from an image file by decompressing and extracting the kernel image and file systems hidden in such file.

[6] Development by OpenDawn and Loohuis Consulting funded by NLnet Foundation. The detection tool is expected to be launched in the near future.

[7] District Court of Munich, 12 July 2007, case 7 O 5245/07 (Welte v. Skype Technologies S.A.), available at

[8] Section 3 GPLv2: “…complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.”

[9] More detailed information is provided at

[10] Definition of the FSF, see

[11] On the concept of „derivative work“ under European copyright law, especially with regard to the Council Directive 91/250/EEC of 14 May 1991 on the legal protection of computer programs (, see T. Jaeger, Kommerzielle Applikationen für Open Source Software und deutsches Urheberrecht, in Hoffmann/Leible (eds.), Vernetztes Rechnen, Softwarepatente, Web 2.0 (2008), 61, 70 et seq. (available at

     See also ifrOSS, Die GPL kommentiert und erklärt, Ziffer 2, (licensed under the CC license Attribution-Noncommercial-No Derivative Works 1.0).

[12] According to German law, the violator has to compensate for the actual costs for the test purchase and the reengineering efforts and the costs for the services of a lawyer under a statutory scale according to the German Lawyers’ Fees Act,

[13] German civil law does not stipulate claims for punitive damages, but is designed to compensate the claimant for its economic loss. In the case of an infringement of copyright three methods of calculation are accepted: 1. equivalent to license fees, 2. concrete actual damage and 3. profits of the violator, BGH GRUR 1995, 349, 351 –Objektive Schadensberechnung.

[14] See Fromm/Nordemann-J.B. Nordemann, Urheberrecht, 10th ed. (2008), § 97 UrhG, para 202.

[15] The courts of Munich apply a strict deadline of one month, OLG München, GRUR 1992, 328.

[16]               F. Ko, The Introduction of Viral Effect of the GPL and German Case Studies,

in: Y-C. Wang, Exploring the Unknown of Science and Technology Law, Taipei

2006, p. 93-117.

[17] District Court of Munich, 19 May 2004, case 21 O 6123/04 (Welte v. Sitecom Deutschland GmbH), available in German language at, and in English translation at

[18] „You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License.”

[19] A. Metzger/T. Jaeger, Open Source Software and German Copyright Law, IIC Vol. 32, 2001, p. 52.

[20] Similar to the conclusions of the United States Court of Appeals for the Federal Circuit in Jacobsen v. Katzer, 535 F.3d 1373, 1379 (Fed. Cir. 2008), For an analysis see T. Jaeger/J. Gebert, USA/CAFC - Open Source Licensing – Comment on “ Jacobsen v. Katzer”, IIC 2009, pp. 345 et seq; L. Rosen,  Bad Facts Make Good Law: The Jacobsen Case and Open Source, 1 IFOSS L. Rev. 27 et seq. (2009),; M. Henley, Jacobsen v Katzer and Kamind Associates – an English legal perspective, 1 IFOSS L. Rev. 41 et seq. (2009),

[21] Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights,


[23] EDU 4 v. AFPA, Cour d’Appel de Paris, Pôle 5, Chambre 10, no: 294, For a report see M. von Willebrand, Case law report: A look at EDU 4 v. AFPA, also known as the “Paris GPL case”,  1 IFOSS L. Rev. 123 et seq. (2009),

[24]District Court of Munich, 12 July 2007, case 7 O 5245/07 (Welte v. Skype Technologies S.A.), available at

[25] See R. Kemp, Towards Free/Libre Open Source Software (“FLOSS”) Governance in the Organisation, 1 IFOSS L. Rev. 61 et seq. (2009).

[26] See e.g. A. Hemel, The GPL Compliance Engineering Guide (v.3.00),, the FAQ of the FSF,, the FAQ of,, and the information provided by ifrOSS,

© 2010 Till Jaeger

Any party may modify and pass on this article as physical copies and by electronic means and make it available for download under the terms and conditions of the Free Digital Peer Publishing Licence (f-DPPL). The text of the licence may be accessed and retrieved via Internet at

As an alternative, this article may also be used under the Creative Commons Attribution-Share Alike 3.0 Unported License, available at

Cite as: Jaeger T (2010). Enforcement of the GNU GPL in Germany and Europe. jipitec, Vol. 1


Enforcement of the GNU GPL in Germany and Europe, by Till Jaeger | 140 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Off topic posts below....
Authored by: dacii on Saturday, April 03 2010 @ 11:17 AM EDT
Please keep things off topic here.
Thank you.

[ Reply to This | # ]

NEWS Pick Discussions
Authored by: dacii on Saturday, April 03 2010 @ 11:19 AM EDT
Post the News Pick Title in your Subject.

[ Reply to This | # ]

Authored by: ankylosaurus on Saturday, April 03 2010 @ 11:19 AM EDT
Please use 'mistake --> correct' in the title.

The Dinosaur with a Club at the End of its Tail

[ Reply to This | # ]

COMES here
Authored by: PolR on Saturday, April 03 2010 @ 12:06 PM EDT
We still have to do Comes isn't it? As far as I know this work isn't over.

[ Reply to This | # ]

  • COMES here - Authored by: PJ on Saturday, April 03 2010 @ 05:43 PM EDT
Enforcement of the GNU GPL in Germany and Europe, by Till Jaeger
Authored by: Anonymous on Saturday, April 03 2010 @ 12:07 PM EDT
Terekhov will not be happy about this article.

[ Reply to This | # ]

Enforce the GPL by relying on unfair competition law (instead of copyright law)
Authored by: SilverWave on Saturday, April 03 2010 @ 12:29 PM EDT
Well that an interesting development...

RMS: The 4 Freedoms
0 run the program for any purpose
1 study the source code and change it
2 make copies and distribute them
3 publish modified versions

[ Reply to This | # ]

GPL is considered a license agreement licensee...does not abide by his contractual obligations
Authored by: Anonymous on Saturday, April 03 2010 @ 01:48 PM EDT

Contractual obligations?!

Hey PJ, please elaborate on that!!

[ Reply to This | # ]

Ve Have Vays to make you talk, er comply.
Authored by: Anonymous on Saturday, April 03 2010 @ 02:01 PM EDT
Sounds painful.

[ Reply to This | # ]

Authored by: The Mad Hatter r on Saturday, April 03 2010 @ 08:49 PM EDT

Thanks to Til for writing this and PJ for publishing it here. This was a very
educational read.

I suspect that the legality of the GPL will not be meet with good cheer in
Redmond. Or in Lindon :)


[ Reply to This | # ]

Interesting and very useful
Authored by: barbacana on Sunday, April 04 2010 @ 02:35 AM EDT

Information like this needs to be spread as widely as possible, to make sure that everyone in the Free Software community knows how to go about enforcement, and that lawyers acting on our behalf know where to look for precedents and expert help.

[ Reply to This | # ]

Some infringers defend themselves with the argument that no damage was incurred.
Authored by: Anonymous on Sunday, April 04 2010 @ 06:46 AM EDT
Surely a better line of attacking this defence is:
1) If you are dual licensing as proprietary and GPL then as
the article says, the damages is the loss of the proprietary
version of the license.
2) If you are not dual licensing as proprietary and GPL,
then your loss is the loss of code modifications under GPL
license that are being distributed which you would be able
to use and distribute to others to use, plus the cost of
enforcement. If the loss were to be put into monetary terms,
it would be the cost of reverse engineering the modified
code and the cost of buying indemnity insurance and
defending against lawsuits brought by the defendant for the
reverse engineering.

[ Reply to This | # ]

A couple of examples in .au yet to reach conclusion: OpenNetworks and Gigaset
Authored by: Arthur Marsh on Monday, April 05 2010 @ 04:28 AM EDT

Brendan Scott has written about using the Australian Trade Practices Act to enforce GPL compliance in his posting LA [Linux Australia] Funds Important Legal Research on Free Software Compliance, based in part on what I had discovered about the software in the OpenNetworks iConnect 625 router - discussion here.

There is also the case of the Gigaset (formerly Siemens) C470 IP voice over IP handset, which uses some Free Software and whose web site provides source for code but only an i386 binary for signing the built code, which nonetheless fails to install. I have not yet tried to obtain a physical copy of the source code, but may do so. There are also issues of incorrect time-zone information on the handset - the code in the handset appears to only have information on whether a given time-zone has seasonal daylight saving and then queries a remote site for the dates of operation. Discussion here.


[ Reply to This | # ]

Enforcement of the GNU GPL in Germany and Europe, by Till Jaeger
Authored by: Anonymous on Tuesday, April 06 2010 @ 05:34 PM EDT
"Dr. iur." is an abbreviation for the latin "Doctor
iuris", meaning someone having a doctoral degree in law.

I'm not quite sure, but I think the equivalent title in
the US would be "S.J.D" (see also

[ Reply to This | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )