We have a conflict: staying true to our ideals, which hold that software patents are a travesty, and preventing nasty lawyers from suing Debian for contributory patent infringement. To shield Debian from legal liability, we do not include patented algorithms in the main archive.
This means that even people who would not violate the patents by using the software in question (eg for research purposes, or in countries where the algorithm in question isn't patented, or people who hold explicit licenses, or people who would use the software in circumstances covered by a waiver from the patent holder) are also denied the convenience of having the software included in Debian. I'd like to propose a less onerous solution to the conflict. A solution which would allow Debian to package and archive the software in question, and would allow people in above situation to use the software, while preventing anyone in violation of the above rules from using the software. As a consequence, even though Debian would be distributing the software in question, it would be shielded from legal liability. The idea is to have a click-through license of sorts. Before a potentially-patent-violating package is installed (ie in a preinst) the user would be notified that the software contains a patented algorithm, the identity of the patent would be explained, and the user would be asked if they might be violating the patent by using the software. The list of reasons by which one might not be in violation (see above) would be available for viewing. The user might even be required to mark which of the above reasons, if any, apply to them. If they do not indicate that they have the legal right to use the software in question, then the system would refuse to install it. As an added legal protection, another question could follow this one, in which the user is informed that lying on the previoius question is a violation of the law, and requiring them to swear that they are telling the truth, and to assume any and all legal risk from any patent violations that might occur in using the software, and specifically to indemnify Debian from any legal risk. Again, if they do not agree the software would not be installed. As a convenience for developers, and to allow the legal wording to be modified more conveniently, most of this dialog could be encapsulated in a package: software-patent-warning.deb. In the configuration for the software-patent-warning package, the user could indicate that they live in a country in which software patents are invalid. In that case, the click-through text could be skipped, and instead a warning displayed. This warning would mention that software embodying a patented algorithm is being installed, but that the user has indicated that the computer is residing in a venue in which such patents do not apply - but that if the computer is ever moved the user should take care to either remove the software in question, obtain authorization from the patent holder, or otherwise ensure that they are not in violation of the patent. This would be very simple to implement. (I'd be happy to do it myself, in consultation with lawyers here at my university, and/or any other council that Debian or SPI has access to.) It would allow Debian to support authorized users of patented algorithms, but would prevent any patent violations from taking place. Debian would not be contributing to any patent infringements; quite the contrary, it would be taking strenuous measures to ensure that no such infringement occurred, including educating its users in relevant patent law. It has been suggested to me that system administrators might actually lie in their responses to the above dialogs, but I consider that highly unlikely. In any case, we shouldn't contort our software infrastructure to shield bald-faced liars from the legal consequences of their actions. If sys admins lie in such a setting, especially in the face of such clear warnings, it wouldn't be Debian's fault.
