Subject: Re: JBoss aquired by Red Hat
From: Taran Rampersad <>
Date: Mon, 01 May 2006 09:03:59 -0400

Thomas Lord wrote:
> The employee doing the crime here is not putting a GPL notice
> on a program that didn't have one.
> Rather, the employer received that program via a distribution
> under the GPL. It is, already, a GPLed program. It has been
> distributed, just not publicly. Because it was distributed as
> a GPLed program, by clause 2(b), that license must be valid
> for all third parties or else those who distributed it have violated
> clause 7.
> -t
This is where I'm a bit lost between 'Trade Secret', 'NDA' and 'GPL'.

Here's a business case: A client wants a piece of code done, and they 
support Free Software. An NDA is signed only for the protection of the 
Trade Secrets of the company, and has nothing to do with the 
distribution of the code or how the code is distributed. In other words, 
to get the work that will pay bills, the developer signs the NDA. S/he 
agrees that the releases will be only to the client for them to 
distribute as they see fit, and since the code has Trade Secrets in it, 
the code will not be distributed as long as the company protects it's 
trade secrets.

When a trade secret becomes public, it's no longer a trade secret. If an 
employee leaks out the source code, it's the same as them leaking the 
secret recipe for Angostura bitters. Sure, there might be a legal case, 
but the fact of the matter is that it's no longer a secret. It's like 
asking the jury to ignore something said during a trial. 'Oops. OK, 
forget you heard that'.

The NDA can be a problem with the GPL if the developer wishes to post 
all the trade secrets of a client, and believes in suicide. If there is 
a right infringed, it is the right of the developer and it is a choice 
of the developer in signing the NDA. If someone comes up with code 
independent of the company's trade secrets which is also GPL'd, there 
has been no violation of the GPL and the 'value' of the trade secret is 
diminished. If the code escapes into the wild as GPL'd code, I don't 
know that the main problem would be the code. I would think that the 
problem would be the lost 'trade secrets' embedded in the code.

I'm not saying that every NDA is perfect, or that NDAs should be used at 
all times. What I am saying is that when it comes to Trade Secrets, 
protecting a client's right is important to assure that food can be 
purchased. If the GPL cannot be used while protecting - exclusively - a 
client's trade secrets, then I view it as a handicap of the GPL. If the 
client makes better bitters by preheating the water before the 
ingredients and the code allows that to happen, the code incorporates 
trade secrets.

At a meta level, I view it this way: If there were more trade secrets, 
there would be less silly patents. And it's possible to view the lack of 
support of trade secrets as forcing businesses into patents to protect 
what would have otherwise been trade secrets. There is a section of the 
world which still believes that trade secrets have value, and if we want 
less patents - including lobbying FOR *software patents* - encouraging 
trade secrets might be a good idea. Lobbying against software patents is 
well and good, but reducing the need to do so seems like a pretty good 
idea. If a company cannot use NDA/GPL to protect it's trade secrets, and 
they really think that their secrets have value, then they'll hire 
someone to do proprietary code, and may even go as far as patenting the 
process and even attempting to patent the code... Yuck.

Is there a way out of this mess that any of you see?

Taran Rampersad
Presently in: San Fernando, Trinidad and Tobago

Looking for contracts/work!



"Criticize by creating." — Michelangelo