Subject: request feedback on a new licence profile
From: Darren Duncan <darren@DarrenDuncan.net>
Date: Wed, 12 Jan 2005 01:28:45 -0800 (PST)

I will be releasing some new software within a few months that I developed 
from scratch and hold the sole copyright on.  I want it to be licensed 
under terms that are as close to 'freedom software' as possible but also 
allow me to have a good personal return on my work.  As near as I can 
tell, none of the major FOSS licenses match my needs as is, and so I plan 
to write a new license.  Below I will give a profile of what I want the 
license to say, and what the context is that it would be used in.  I 
appreciate any feedback that I can get from you on this matter.  I also 
have some specific questions at the end.  Sorry if its too verbose.

The basic software profile:
- Implements a database framework/application for storing any kind of data 
in a highly accurate and long-term adaptable fashion.  The basic data 
structures being managed are loosely similar to an ontology model.
- The market is everyone, especially consumers, but also organizations.
- The software is meant to be widely applicable, 
as much so as a generic RDBMS, but it isn't a generic RDBMS.
- Specific user tasks that I will be targeting in the short term include 
genealogy, general research, historical archives, education, etc; another 
specific target is its use as a catalogue.
- I see myself as entering a mature market with many established players 
(eg, there are a good 30+ genealogy programs already).  I intend that my 
product will stand out by being 'better' rather so much than 'new'; at the 
same time, it should be so much better at addressing needs that people 
would be compelled to use it despite the existing players.
- Software is highly portable and should run on any modern operating 
system; like Java, but its not written in Java.
- Software is implemented on top of a generic SQL RDBMS, and it is 
designed to be heavily portable so users can pick what RDBMS they want; if 
they don't want to choose, SQLite 3.x will be used by default.
- Software uses all-Unicode text exclusively and supports N locales.
- Software is multi-user from the ground up, and is inherently 
client-server model, but this can be hidden for a single user.
- Scaled pricing structure; individuals pay little, organizations pay 
more.  Software is componentized and customers can pay a-la-carte; the 
core that everyone needs starts at $100, which includes 5+ years of 
upgrades but no tech support, and should be suitable for a majority of 
individuals, as well as very affordable.
- The software core allows 1 read-write + 1 read-only concurrent user for 
the starting $100 price, which is like standard consumer desktop programs, 
and is all that a large fraction of users will expect or use.  Additional 
concurrent users are $50 each for read-write and $1 for read-only (each 
is cheaper on volume).  
'Concurrent' means that any number of users can be registered with the 
program and acknowledged in the data change history, but only N of them 
can log in at the same time; one of those must log-out to let an 
additional one log-in beyond the limit; hence, one doesn't necessarily 
need to buy as many concurrent users as actual users if they work at 
different times.  The read-only users are mainly for when the software 
drives a web site, and they are anonymous visitors; 'concurrent' for them 
means within a rotating 24-hour time period.
- The only price variance is based on number of concurrent users, which is 
counted per installation.  There are no price limits based on processor 
count or other details such as Oracle et al.
- An 'installation' is virtual; it refers to one instance of the server 
portion of the software that is loaded in RAM and accepting input.  You 
can have the software installed on multiple machines but only the ones 
actually executing count as installations; no paying extra for back-up 
copies.  Moreover, if you have a network of machines which are clustered 
such that they behave to the outside world like a single bigger machine, 
then this also counts as just a single installation (which can service 
more users at once, so things still work out).
- The normal method for distribution/sale will be as an internet download; 
a purchaser registers with my site in advance, which keeps track of what 
licenses they own and from which they can re-download both the original 
software and any upgrades.  See the Eudora email client for similarity.
- The software itself is multi-mode with all the per-user-limit variants 
built-in; you enter a registration code like thingy to enable the correct 
limits that were paid for.
- The software should have a low enough disk footprint that each version 
can be downloaded whole every time, rather than my messing with 
'updaters'.
- There are no refunds for purchases, but a no-cost demo will be provided 
in advance for try-before-you-buy.
- Given the nature of the program and its high degree of customizability, 
I anticipate that it would be technically simple for one to figure out how 
it works and build a clone, although that would take time and I would hope 
people do something more original.

This is the basic license profile:
- One single 'installation' per licence bought.
- No more concurrent users on an install than the licence specifies.
- To help keep honest people honest, the software will enforce the 
user-limit restrictions; while it is possible to circumvent this, we ask 
that you don't try, and doing so is a license violation.
- Each license purchase entitles the buyer to 5+ years of upgrades, minor 
or major, for the licenced compenents without extra cost.
- Anyone who has purchased a license to the program is also entitled to a 
complete copy of the program source code for the licenced components, 
which at the very least includes the core.  This might be bundled with 
the binary or a separate download, depending on practicality.
- You may examine the program source code and modify it to better meet 
your needs; the main exception to this is that you may not circumvent the 
per-user limits that you purchased, even though doing so would be made 
easy by access to the source code.
- You may make any number of back-up copies on 'permanent' storage of both 
the binaries and source for the program, for your own use only.
- You may not distribute the program as a whole to anyone else, either 
pristine or modified, either binary or source; anyone who wants a copy of 
the program must obtain it from me; you may not distribute even a portion 
of my program, in source or otherwise, to anyone.
- If you make a modified version of the program, you may distribute only 
the diffs between a pristine version and your changed version, which 
recipients may apply to their pristine version to use your changes.  You 
may charge or not charge any fee of your choice for the diffs, and licence 
them under any terms you want.
- You may create and distribute separate modules that inter-operate with 
my program components and/or extend my program though its extension API, 
under what terms you want and for what fee you want; these rules are the 
same as for distributing diffs to the program itself.  You may not include 
any code from my program in your modules.
- You are strongly encouraged, but not required, to send any modifications 
you make to the program to me so that I can include them in the standard 
version, and everyone else can use them without the need to apply diffs.
- You are required, within reason, to report any serious bugs or security 
holes that you detect in the program, with or without fixes, so that 
everyone can benefit.  Minor bugs or desired enhancements are appreciated 
to be reported, but are not required; doing so benefits you, however.
- Any modifications to the program that you submit to me for the standard 
version must include disclaimers of copyright and ownership; I retain sole 
ownership of all code in the standard version modules.
- You may provide technical support for the program to others, and charge 
whatever fee you want for it (just as I do, at a separate charge).
- If and only if I become unable to distribute or sell the program for a 
period of 1 year, then all restrictions are lifted, whereby you may 
distribute my whole program yourself, pristine or modified, and you may 
circumvent the per-user limits; in that situation, this licence will 
change into a standard 'free software' license.  This license conversion 
can not be revoked for any already distributed versions, although I will 
remain the copyright holder of the pristine version, and any new versions 
I may happen to make later, if possible, may be subject to other licenses.

To summarize, the license allows access to source code and its 
modification for your own use, but you may not distribute the program to 
others; all distribution, save diffs of your own modifications, must go 
through me; there is also a sunset clause that kicks in if I can no longer 
deliver on my end, which allows others to have my privileges.

My rationale for having the specified structure, aside from wanting to get 
paid, is an effort to avoid fragmentation and retain fundamental control 
over my creation.  I see other benefits to both myself and everyone else.

Note that my long-term goal is that this program will benefit humanity, 
in a philanthrophy sense, and in that respect I want it to be the best 
quality possible, and as widely deployed as possible.  In the long term, a 
standard 'free software' license would serve the needs fine.  But in the 
short term I and those who help me need to make a living from this, and 
trying to subside on services fees alone is not reliable while the 
installed base is small.  The license terms I describe refer to the short 
term situation where I depend on the licence fees to live.

The questions:

1. Do the licensing terms I mentioned sound reasonable as applied to an 
average person and their situation?  How about to you and yours?  How 
about to a business that may want to use or extend the program?  Does 
any of it sound outrageous?

2. How likely would an average programmer, when presented with this 
license, respect what it says, versus the likelihood of intentionally 
violating the license in some way for some self-serving reason.

...

I had more questions, but it's getting late so I'll ask them tomorrow.  
They concern the practicality of using the above license, and whether or 
not I would be better or worse off financially by allowing all users to 
have the source code vs letting them only have the binaries.

3. What is the risk that someone who has bought my program and gotten 
the source code could try to pass off my work, slightly altered, as 
entirely their own and/or make a new product strongly based on my code?  
If this happens, how likely is it that this would cause me a problem vs 
being harmless?

4. How likely would it be that someone with my source code could publish 
it and/or pass it off to other people like warez?  If this happens, how 
likely would this cause a problem for me to sell my program?  How is the 
risk increased by their access to the code vs typical binary warez?

5. How likely would it be that someone would circumvent the per-user 
limits and get more than they paid for?  How likely that they would 
distribute this cracked version?

Note that I fully expect that there will be some unscrupulous people who 
send copies around etc.  But as long as it doesn't seriously impact my 
ability to sell copies then I'm not concerned about it.  I am more 
concerned if someone makes a fortune from distributing my code, however, 
vs selling their own improvements as a separate product.

Thanks in advance for any feedback. -- Darren Duncan