Important Change to MongoDB’s Open Source License
Many of you may be using MongoDB’s open source Community Server database somewhere in your operations or products. A recent announcement and license switch by MongoDB may affect you, so please review the following carefully.
Old Reality: MongoDB under AGPL
Historically, MongoDB was licensed under the GNU Affero General Public License (“AGPL”). The AGPL is a version of the “Highly Viral” GNU General Public License (“GPL”) that reaches code you modify and then make available remotely through a computer network. While the viral reach of the AGPL is contested, MongoDB created a limited safe harbor for licensors who didn’t modify the licensed code and only linked to it through a mongodb.org-supported driver. (They did this through release notes and other clarifications issued to licensees.)
⇒ For background on “Highly Viral” and other open source license types, see Smithline Training’s Open Source Series.
New Reality: MongoDB under SSPL
Citing concerns about SaaS providers “test[ing] the boundaries” of the APGL and taking advantage of the value of MongoDB code “while contributing little or nothing back to the community,” MongoDB announced that all subsequent versions and patch releases of MongoDB will be made available under a new license called the Server Side Public License (“SSPL”). The SSPL is the AGPL with a new version of Section 13 (“Offering the Program as a Service”) aimed directly at SaaS providers.
Could the SSPL reach your proprietary SaaS code?
Under Section 13 of the SSPL, if you make the functionality of MongoDB or a modified version “available to third parties as a service” then you must release the source code to all programs that you use to make MongoDB or the modified version available as a service, including, without limitation, “management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software.”
This new language has several important implications:
- Modification no longer matters. Previously, if you did not modify the MongoDB code, you were (ostensibly) in the clear as a SaaS provider under the APGL. Under the new SSPL, that distinction no longer matters.
- Copyleft obligation may reach beyond “database as a service.” MongoDB states that their intent is to target companies who offer “MongoDB as a service” and the SSPL FAQ includes helpful language suggesting there is no copyleft obligation when using MongoDB as an internal database. While the examples the SSPL gives of covered services include those that “accompli[sh] for users the primary purpose of the Program [MongoDB]” or derive their value “entirely or primarily” from MongoDB, unfortunately the language of the SSPL is not so limited. Section 13 also states that the SSPL reaches any SaaS service that enables third parties to “interact with the functionality of the Program.”
- Source code release obligations are very broad. If your use of MongoDB triggers Section 13, you must release under the SSPL the source code for any of the management, API, monitoring, hosting, backup or other software you use with MongoDB. Given the potentially dire effects of this requirement, you should carefully re-assess your use of MongoDB in any context involving SaaS.
Does the SSPL change anything for software providers?
Except for Section 13 (which applies to SaaS), the SSPL is otherwise the same as version 3 of the GPL, which is Highly Viral. Therefore, while the new language in the SSPL does not change anything specifically relevant to software providers, use of MongoDB in any software that you distribute remains highly problematic.
The information contained in this post is provided for informational purposes only. It should not be considered legal advice or a substitute for legal advice, and does not create an attorney-client relationship between you and Smithline PC. Because this information is general, it may not apply to your individual legal or factual circumstances. You should not take (or refrain from taking) any action based on the information in this document without first obtaining legal counsel.
Welcome Loretta Lau!
We are pleased to announce that Loretta Lau has joined the firm as an Associate. Loretta joins us from Kirkland & Ellis. Loretta has a BA from the University of Michigan and a JD from New York University School of Law. For more information about Loretta, please see her bio here.
SF Bar Fixed-Fee Billing Discussion Now Online
Alternative fee arrangements are all the buzz, but very few firms have taken the plunge to drop the billable hour entirely in their engagements with demanding corporate clients. In this OnDemand program from the San Francisco Bar Association, Todd Smithline of Smithline PC and Ryan Tyz of Tyz Law Group cover both the practical and legal aspects of using fixed-fee subscription pricing for sophisticated transactional and litigation services. Watch the program to learn how to move from the billable hour to fixed-fee relationships with your clients.
• What’s a true fixed fee and how is it better than the billable hour?
• How do you set and adjust the fee?
• What are the impacts on employee and client satisfaction?
• Are there any limitations on fixed fees under the California Rules of Professional Conduct?
Todd Smithline, Managing Principal, Smithline PC
Ryan Tyz, Founder, Tyz Law Group
California MCLE Credits: 1 Hour
Watch the OnDemand Program
Todd Smithline Teaching Video Game Law at Berkeley Law School
For the ninth year, Todd Smithline is teaching Video Game Law at U.C. Berkeley (Boalt) School of Law in Spring 2018. More information here.