| ▲ | sarchertech 6 hours ago |
| There’s no reasonable way for you to use AI generated code and guarantee it doesn’t infringe. The whole use it but if it behaves as expected, it’s your fault is a ridiculous stance. |
|
| ▲ | philipov 6 hours ago | parent | next [-] |
| If you think it's an unacceptable risk to use a tool you can't trust when your own head is on the line, you're right, and you shouldn't use it. You don't have to guarantee anything. You just have to accept punishment. |
| |
| ▲ | sarchertech 6 hours ago | parent | next [-] | | That’s just it though it’s not just your head. The liability could very likely also fall on the Linux foundation. You can’t say “you can do this thing that we know will cause problems that you have no way to mitigate, but if it does we’re not liable”. The infringement was a foreseeable consequence of the policy. | | |
| ▲ | philipov 5 hours ago | parent | next [-] | | This policy effectively punts on the question of what tools were used to create the contribution, and states that regardless of how the code was made, only humans may be considered authors. From the foundation's point of view, humans are just as capable of submitting infringing code as AI is. If your argument is sound, then how can Linux accept contributors at all? EDIT: To answer my own question: Instead of a signed legal contract, a DCO is an affirmation that a certain person confirms that it is (s)he who holds legal liability for the act of sending of the code, that makes it easier to shift liability to the sender of the code in the case of any legal litigation, which serves as a deterrent of sending any code that can cause legal issues.
This is how the Foundation protects itself, and the policy is that a contribution must have a human as the person who will accept the liability if the foundation comes under fire. The effectiveness of this policy (or not) doesn't depend on how the code was created. | | |
| ▲ | sarchertech 2 hours ago | parent [-] | | Anyone distributing copyrighted material can be liable that DCO isn’t going to stop anyone. If that worked any corporation that wanted to use code they legally couldn’t could just use a fork from someone who assumed responsibility and worst case they’d have to stop using it if someone found out. |
| |
| ▲ | empath75 4 hours ago | parent | prev [-] | | The only lawsuits so far have been over training on open source software. You're inventing a liability problem that essentially does not exist. | | |
| ▲ | sarchertech 2 hours ago | parent [-] | | OpenAI and Anthropic added an indemnity clause to their enterprise contracts specifically to cover this scenario because companies wouldn’t adopt otherwise. |
|
| |
| ▲ | streetfighter64 6 hours ago | parent | prev [-] | | Yeah, but that's not a useful thing to do because not everybody thinks about that or considers it a problem. If somebody's careless and contributes copyrighted code, that's a problem for linux too, not only the author. For comparison, you wouldn't say, "you're free to use a pair of dice to decide what material to build the bridge out of, as long as you take responsibility if it falls down", because then of course somebody would be careless enough to build a bridge that falls down. Preventing the problem from the beginning is better than ensuring you have somebody to blame for the problem when it happens. | | |
| ▲ | philipov 5 hours ago | parent [-] | | It was already necessary to solve the problem of humans contributing infringing code. It was solved by having contributors assume liability with a DCO. The policy being discussed today asserts that, because AI may not be held legally liable for its contributions, AI may not sign a DCO. A human signature is required. This puts the situation back to what it was with human contributors. What you are proposing goes beyond maintaining the status quo. | | |
| ▲ | sarchertech 2 hours ago | parent [-] | | It’s not solved. It hasn’t been tested in court to my knowledge and in my opinion is unlikely to hold up to serious challenge. You can be held liable for just distributing copyrighted code even if the whole “the Linux foundation doesn’t own anything” holds up. |
|
|
|
|
| ▲ | adikso 5 hours ago | parent | prev [-] |
| Their position is probably that LLM technology itself does not require training on code with incompatible licenses, and they probably also tend to avoid engaging in the philosophical debate over whether LLM-generated output is a derivative copy or an original creation (like how humans produce similar code without copying after being exposed to code). I think that even if they view it as derivative, they're being pragmatic - they don't want to block LLM use across the board, since in principle you can train on properly licensed, GPL-compatible data. |
