Open Source Accountability: How do we deal with abuse of FOSS principles?
I was thinking, society has many decades of public policy, standards and frameworks to keep peace and good order, to ensure everyone is working on an even playing field and playing fairly, especially for those who may be disadvantaged otherwise. These things include consumer protections, accountability of engineers, workmanship minimums, and more recently electronic privacy laws like the GDPR coming to light. While these are far from perfect in both concept and execution, they do a lot to ensure peace and good order of society on the whole
Thing is, I worry that the FOSS community as a significantly libertarian community is prime real estate for some really toxic ideas to form. Toxic ideas where it's made alright to ignore or disregard the peace and good order of society for the sake of individual rights to freedom. Such ideas may not be adequately challenged or assessed if they are promoting freedoms, while on the underhand, causing harm.
Let's look at some examples of these toxic ideas:
"This is my project that I use to scratch my own itch on my own time. I'm just putting it out there for people to try out. I have no obligations to do due diligence or to warn people that my code is potentially unsafe and shouldn't be deployed in production." – This is the software equivalent of an electrician or electrical engineer offering the public suicide cords and irresponsibly promoting their use just because the idea worked for themselves, then disclaiming responsibility when it starts a fire or electrocutes someone. It's a breach of professional ethics by the developer who should know better.
"I am a member of a major project. Our software is advertised as a consumer product. But since we in reality have no real obligations to our users as we're free to do what we wish, we have decided our software is really not a consumer product after all. It's actually designed for our members and partners." – This just bad faith false advertising likely designed to maintain relations with their partners like distributions who would promote their interests. Over and all, it victimizes the public and keeps the irresponsible project in a position where it can do real harm.
"I have spent significant time working on my project for free for everyone. Given you are willingly downloading my software, my own private property, you now consent to this adware/malware I have included in my software package. This helps support me." – This is just an insincere non-volunteering and malicious bait and switch.
"By applying the GPL to my work and classifying it open source, I can benefit from others' contributions to my project, but I'm going to socialize all of the defects that I don't care to fix to everyone else." – This is just bad taste.
"I'm not getting paid. We have no contract. I have no obligations to you. You should go find something else if you're unhappy." – This is negligence in its purest form when it is your thing impacting the other person.
I'm sure the list goes on and on.
Most of us work to be stewards of FOSS, to bring it to our family, friends, workplaces, schools, religious centers, local communities so on and so forth. Trying to make new users' experience positive ones in hopes that they could be inspired to contribute back through donations or to be inspired by responsible developers to take up software development themselves to solve challenging problems, or even if they can't do either, to spread the word further and make it more important in society's mindshare to address problems with proprietary software.
But I fear that these toxic views that promote an irresponsible vision of freedom are right behind us undoing our hard work. Sometimes these ideas can make it seem incredibly hard to justify pushing for greater FOSS adoption at times, especially in public spaces when we can't offer people any kind of safety nets against these ideas.
I leave you with an exercise to consider:
- What steps are we taking as a community to address these abuses of FOSS principles?
- What do we tell people when FOSS fails them and it seems like they have to take the fall for it?
- What happens when a prominent developer or group of developers who are responsible for an important, hard-to-fork project engages in these activities?
- How do we create a sort of "consumer protection" initiative in FOSS so people can avoid being taken for a ride by those who are less than sincere in their contributions?
- How do we ensure that we don't dabble in the logic that is in line with the soverign citizen movement aka Free man on the land movement, e.g. arguing minutiae of one's interpretations of their obligations to deflect acts in bad faith or other violations of the peace and good order?
submitted by /u/Kaizyx