French judge rules GPL license to be inapplicable in French copyright court


TL;DR Landmark case Entr’ouvert vs Orange, after 9 years of legal battle, the copyright court (TGI Paris) found the GPL license to be inapplicable and dismissed the case.

Read the judgment as, since there is nothing that this court can consider here, there is nothing that can be done but drop the case. Parties may sue again on another basis (contract dispute rather than copyright) in another court.

We’re going to explain the case, the parties, the points, the judgment. With quite a bit of extra explanation on the French legal system and Intellecual Property (IP) law.

The Case

Parties and objects:

  • Entr’ouvert: A software company in France creating software, specialized in identity and access management.
  • Orange (previously France Telecom): A large telecom operator in France (akin to British Telecom for British readers).
  • Orange Application for Business / Orange Business Services: An IT service and consulting company, spin-off from Orange (akin to Accenture/IBM/Tata).
  • ADAE: An administrative agency from the French government.
  • Mon Service public: A single-sign on portal to access French public services (taxes, benefits, etc…).

We will summarize Orange as Orange, the matter at hand is not how the conglomerate is structured.

We will summarize the government agencies as the French government.

Events:

  • Entr’ouvert created the software Lasso, a library for SAML authentication, first version released on 23 Mars 2004.
  • Lasso is distributed under GPL.
  • Orange won a project bid to develop an identity portal for the french government in 2005.
  • The portal operated from 2009 to 2016 (retired) using Lasso.
  • Entre’ouvert sued Orange in 2011 for counterfeiting, on copyright grounds (intellectual property).
  • A forensic report was ordered and took 3 or 4 years to complete.
  • The case was judged in court in 2019. Dismissed.

Judgment:

The case is dismissed. All the demands and claims are dismissed.

Entr’ouvert has to cover its own forensic costs and pay 14000 Euros fees to Orange to cover their costs.

Verdict and Translation

French (scroll down for English)

“””
Il apparaît ainsi que la société Entr’ouvert poursuit en réalité la réparation d’un dommage généré par l’inexécution par les sociétés défenderesses d’obligations résultant de la licence[,] et non pas la violation d’une obligation extérieure au contrat de licence.

La solution du litige requiert l’interprétation de la licence libre, régissant les rapports entre les parties en cause pour établir la légalité ou l’illégalité du comportement reproché.

La relation entre la société Entr’ouvert et les sociétés Orange pour l’utilisation de la licence est donc de nature contractuelle.

En application du principe de non-cumul de responsabilité, seul le fondement de la responsabilité contractuelle est susceptible d’être invoqué par la demanderesse, qui doit donc être déclarée irrecevable en son action en contrefaçon et en ses prétentions accessoires, fondées exclusivement sur la responsabilité délictuelle, sans que la société Entr’ouvert ne puisse invoquer “la résolution immédiate” et rétroactive de la licence, sanction au demeurant propre à la matière contractuelle.
“””

English Translation:

“””
It appears that the company Entr’ouvert is seeking reparations from harm caused by the non-execution by the defendant companies of their obligations imparted by the license[,] not for violation of an external obligation from the license contract.

The resolution of the case requires to interpret the free license [GPL], governing relations between the parties, to establish the legality or illegality of the behaviors.

The relation between the company Entr’ouvert and the company Orange on the usage of the license is thus contractual.

As per the principle of non-cumulative responsibilities [sic], only contract law [responsabilite contractuelle] may be invoked by the plaintiff, who must be ruled to be irreceivalble in its action for counterfeit (copyright) and its demands, based on tort law [responsabilite civile]. […]
“””

One more part for context:

“””
En application des dispositions de l’article L122-6 du code de la propriété intellectuelle, les actes liés au droit d’exploitation du logiciel, tels que “le droit d’effectuer et d’autoriser : 1/ la reproduction permanente ou provisoire du logiciel (…) ; 2/ la traduction, l’adaptation l’arrangement ou toute autre modification et la reproduction du logiciel”, sont expressément réservés par la loi à l’auteur du logiciel et soumis à l’autorisation de celui-ci […]
La violation des droits réservés de l’auteur est sanctionnée par la contrefaçon (article L335-2 du code de la propriété intellectuelle).

Cependant “les modalités particulières d’usage pour permettre l’utilisation du logiciel conformément à sa destination, par la personne ayant le droit de l’utiliser” sont aménagées, selon l’alinéa 2 de l’article L122-6-1 du code de la propriété intellectuelle, par contrat entre les parties.

En l’occurrence la bibliothèque Lasso est mise à disposition dans le cadre d’une licence libre GNU GPL V.2, qui consiste pour le donneur de licence à autoriser un utilisateur, à exécuter, diffuser et modifier un logiciel, à charge pour celui-ci de respecter les conditions d’usage prévues au contrat de licence correspondant.
“””

English Translation:

“””
As per article L122-6 of Intellectual Property […] ;rights to 1/ copy permanently or temporarily 2/ translation, adjustment or arrangement or any other modification and reproduction; are explicitly reserved by law to the author of the software and subject to permission from them.
Violating rights reserved to the authors is punished by counterfeiting (article L335-2 of Intellectual Property) .

However “particular conditions to allow usage of the software in accordance to its destination, by the person having the permission to use it” are arranged, under paragraph 2 article L122-6-2 of intellectual property rights, by contracts between parties.

In this case, the library Lasso is given under a freedom [sic] license GNU GPL v.2, that consists into for the license grantor to authorize a user, to run, distribute and modify the software, up to that user to follow conditions stated by the license contract.
“””

We will have to do a bit of explanation on the concepts here.

US Law and Copyright

Let’s talk US Copyright law, where the GPL is created and meant to make sense.

The US is heavily based around the concept of a copy, if you own a copy of something, you have the freedom to use it as you see fit (“you are free to use it”). Longer explanation here, have a read.

If you have a fork (the kitchen utensil) you can do whatever with that fork. If you have a software, you can do whatever with the software.

If you obtain a [legitimate] copy of a software you can use that copy as you wish. The analogy with a fork shows its limitations here because a fork cannot be duplicated ad infinitum. The right to create copies and to give them is limited to the copyright holder. That’s the basis of US software license.

Have another read of the GPL license with that in mind. Now you should understand why they are obsessed with copies and copying and making sure the license is included verbatim with the copy. Also a hint why the law is called “COPYright” in English, “the right to copy”.

What happens when things are copied without respecting the license?

US authors will sue for counterfeiting, under copyright. The copies can be considered counterfeits.

Counterfeit is a rather “strong” word, think serious damages and liabilities here. The party who created the copies can be pursued for damages, damages for each copy created, while all the copies are illegal to use.

The US legal system has the concept of license, among other things the license is a way for the owner to permission other to use and/or to copy their software.

In short, that’s about it.

Foreign readers will note that US companies like to think that they only lend permission to use a software, not ownership of the software or of a copy of the software (see wording in any EULA for example), which is nonsense to the foreign reader. This misunderstanding stems from the US culture being deeply rooted around COPY (copying/copyright/etc), they really don’t want the consumer to OWN a copy!

The US legal systems also has contracts and contract law. Contracts and licenses being different. Won’t get into more details there but suffice to say that the license is widely used to assert copyright, not necessarily as a contract (as other countries think of a “contract”).

French Law

Let’s talk about French law.

France doesn’t have copyright. Sorry for US readers, your “copyright” is nonsense that doesn’t apply here, though the word “copyright” can be seen misused verbatim once in a while.

There are laws around droits d’auteurs (authors rights), intellectual property and patents. (Not software patents, software patents are not recognized in Europe). Have a read on Copyright and Authors’ Rights for some differences in perspective.

Droits d’auteurs are mostly about protecting the rights of the author. This covers things like copying and distribution (and allowing other people to copy and distribute).

Next. In France there is no distinction between a contract and a license (there was in US law).

To be exact there is no such thing as a license, thus licenses (foreign word) are ALWAYS considered to be contracts (that’s critical to the case at hand so better remember this). Recommend to translate “license” to “contrat d’utilisation” [for usage] or to “contrat de distribution” [for distributors/resellers].

There is legal subcategory of contracts “contrat d’adhesion“, that is a contract where where is no negotiation, one party submits to the terms of the other with no possibility to negotiate. Common examples include a utility contract or a phone contract. US software licenses fall under that subcategory.

Note that there are requirements to form a valid contract. A license -often not designed as a contract- may not fit the requirements, in which case it is null. Requirements vary quite a bit by jurisdiction and whether consumer or business to business. Typical issues include the contract being in another language, the contract (EULA) not being visible before buying the product, the contract not being in writing or signed by both parties.

Understanding the Verdict

The plaintiff sued for counterfeiting, in French law (fair enough that’s a thing covered by intellectual property).

The court was the Tribunal de grande instance (TGI de Paris) that handles civil cases related to authors rights and intellectual property.

The court dismissed the case, stating it has nothing to do with counterfeiting (author’s rights or IP), it’s a contractual dispute. There is a contract between the two parties, the GPL contract, that puts obligations on both parties [and Orange didn’t fulfill its obligations].

To deal with the case requires to interpret the contract and to determine the obligations and whether they have been fulfilled.

Two problems here, first the plaintiff attacked on counterfeiting not on the contract, second the court may not be in capacity to interpret the contract. There is a handful of courts in France dealing with different matters, a contractual dispute between 2 business entities should most likely go to Tribunal de Commerce (commercial court).

That’s a major precedent here. It sets in stone that software licenses are contracts and can only be settled in contract law / contract courts.

[US lawyers will note that a judgment on contract law vs copyright law is a potential risk in the US too, so they may sue on both grounds simultaneously to leave no easy way out for the defendant. Don’t think it could have worked in France because different courts and specifics.]

In theory Entr’ouvert could appeal (there goes another 9 years!). Not the greatest idea because an appeal might be on the same basis (not sure the litigation could be continued about breach of contract rather than counterfeiting) and it might get dismissed the same way.

The offending software was retired from service in 2016, superseded by another government portal.