TOS updated to match RFCs and Rust repository

So what, if I post a piece of Apache licensed code, I am breaking the rules? If you include that in your MIT repo, as you've given yourself a right to, you can then sue me for infringement, because I implicitly granted you a license to it? You think that holds, putting those lines in your ToS and expecting that you will only get posts you can assume are legally usable under the MIT? What are you really doing?

I also can't help but notice that the "delete my account" button has been removed from the "preferences" page. Do I have to send Mozilla a GDPR request?

Ultimately this is a legal question, so you are unlikely to get an official answer. However, by posting Apache licensed code, you must also state which license it is under. Failure to do so is a violation by you, and would presumably expose you to secondary liability.

Obviously, I am not a lawyer and this is not legal advice. Do your own research. Or, of course, you are free to contact a licensed attorney in your jurisdiction.

That's a feature of Discourse (the forum software). You can only self delete if you have only one or two posts and your account is new. The forum isn't self-hosted so there is limited ability to change it.

But you can just contact the mods.

These TOS seem appropriate for the “Internals” forum, where the typical user is already a contributor to the Rust project, and the main purpose of the forum is to develop code/docs/designs that may end up in the various rust-lang repositories.

However, in the “Users” forum, many participants are not contributors to the upstream Rust project, and most code under discussion is not destined for inclusion in the Rust toolchain. Therefore, I think that the licensing clause is not necessary. I also think the potential harms outweighs the potential benefits:

1. The permissions granted by these TOS are unusually broad for a discussion forum, and will therefore catch many users by surprise. (Though I admit many Rust users may be accustomed to certain other sites with similar TOS, like Stack Overflow and Wikipedia.)

2. We are not robots, and may not perfectly read and remember the terms of service of every discussion forum that we use, especially if those terms are mentioned only once, briefly, during the initial sign-up process.

3. The first and second points above mean that some people will unintentially post content that can’t or shouldn’t be released under the default MIT/Apache licenses.

4. Even for those who do remember the TOS correctly, discussing non-MIT/Apache code becomes burdensome, because authors must explicitly opt out of the licensing clause every time they post any code snippets for discussion.

Aside from the direct harm if anyone’s code or writing gets reused in ways they didn’t intend to consent to, these risks and burdens may also cause indirect harm by dissuading some people or companies from using the forum as much as they otherwise would.

This argument applies to both the new (MIT/Apache) licensing clause and the old (Creative Commons) one. In place of either, I would suggest a more typical TOS that grants to Mozilla (not to arbitrary third parties) the permissions necessary to run the forum (e.g., to store and retransmit the user’s content), and not any other permissions (to make or sell derivative works, license patents, etc.). In the minority of cases where we do want to incorporate part of a thread into an RFC, we can just ask the authors to repost it on internals.rust-lang.org or otherwise give explicit permission.

@nikomatsakis, is this a suggestion I should make to the Rust core team, or is it a matter for Mozilla Legal?

Hi all,

I've been following this thread. To respond to a few points made thus far:

This change in the Terms of Service was made in response to various requests over the years, both on this forum and the internals forum. It was indeed discussed with Mozilla's legal team. We initially considered adopting a CC-BY license, but we ultimately settled on MIT/Apache2 because it made it very clear that incorporation of posts or thoughts into RFCs was permitted, and the ultimate effect was quite similar. Licensing for code was a relatively minor consideration, I think, because honestly I do not expect that there are large or significant snippets of code posted on this site. In that conversation, I at least did not consider the option of using distinct ToS between the internals and the users forum, so that is a new suggestion to consider.

I see that there are some folks with significant concerns about this choice of license. I will revisit the question with the core team and with Mozilla's legal team and get their opinion. To summarize the concerns I've heard raised on this thread, and make sure that I've understood them accurately:

• People may post snippets of code when asking questions without being aware of the "terms of service", and they may not be aware that they are licensing the code in any particular way beyond "able to be seen on the forum". (e.g., @mbrubeck's most recent comment, or this comment).
• People should be able to post comments or thoughts on the users forum (but perhaps not the internals forum) without permitting others to use those comments/thoughts commercially (e.g., @s3bk's original comment here).
  • However, this would also prohibit copying comments to places that do permit commercial use, such as wikipedia and RFCs, without explicitly stating the copyright (which remains an option, even on wikipedia). It is worth noting that limited quotes are likely considered "fair use" in any case.

Are there any additional points not covered by those?

I believe there are also some technical misunderstandings. I am not a lawyer, so I will double check, but for example I don't believe the Terms of Service claim any sort of copyright transfer. The person who writes a comment remains the owner of its copyright. However, in order to post that comment here, they have agreed to license its content under the stated terms.

Summary:

I discussed this issue with Mozilla and with the Rust core team. We generally want to keep using MIT/Apache2 as the default, but we have an idea for a tweak that should address some concerns, and I'd like to get feedback on it.

MIT/Apache2 seems like the right default because having the same license for forum posts and Rust repositories makes reuse within Rust easier. This reuse was not possible under the old terms because of the non-commercial limitation of the creative commons license (which appears to have been applied to the forums simply because it was part of Discourse’s default setup). Similarly, we feel it's important for internals/users forum to have the same terms, both because it reduces the overall complexity of our licensing setup and because it allows content to move back and forth.

However, we do agree there is a problem with the new setup (and the old one, actually) in that it is possible to post code that cannot be licensed under the default terms. For example, posting a comment that quotes the linux kernel or wikipedia could be construed as relicensing that content as MIT/Apache2.0 under the ToS for this forum, which (as they are not copyleft terms) would not be permitted.

To address this, we are leaning towards adding an explicit clause to the ToS to cover the case where people are quoting external sources. The idea is that if you quote code/text from an external source, and you identify the source of that quotation, then it inherits the licensing of the original source (which must of course permit us to reproduce the text). This would permit, for example, quoting GPL code in a comment (which would technically be disallowed under both the older and newer ToS, without an explicit statement of the licensing).

And of course contributors can always specify a different license for individual posts if they want. The default license will be the familiar Rust license of MIT/Apache2.0. But in the rare case someone feels the need to submit a post under a different license that option will be available to them.

Here is how this would play out in various common scenarios:

• People write random comments or small "throwaway" snippets of code -- those are licensed as MIT/Apache-2 by default.
• People copy and paste copy from a GPL project (and cite its source) -- those are licensed as GPL, just as in the original code.
• People quote from Wikipedia here and attribute it -- also fine, for the same reason, the text retains its copyright as declared on wikipedia.
• People move text from a users post onto the internals forum or vice-versa -- no problem, same licensing terms.
• People quote text/code from a users/internals post in an RFC or the Rust repository -- no problem, same licensing terms, presuming that it is not text/code coming from some external source with an incompatible license.
• People write a post and explicitly specify a distinct license -- no problem, it is published under those license terms.
• People write a post and some of that code is incorporated into a commercial product -- that is allowed, as long as appropriate credit is given, per the MIT/Apache-2 licenses. Note that this must be allowed if we're going to permit content to be incorporated into RFCs or the Rust repository by default.
• People post their company's private code -- this should not happen, because that person likely doesn't own the copyright on that code and cannot grant the license required here.

I realize that this setup doesn't address all the concerns raised. In particular, some people want to be able to post things that cannot be re-used under the permissive terms of MIT/Apache-2. You are free to specify alternative licensing in your posts, or to post that comment elsewhere (for example, in a gist, or on your blog) with distinct licensing terms and then simply post a URL that references it. Modifying the username/avatar, however, doesn't count as specifying a license in one's post. Ultimately it feels like this is unlikely to be a major obstacle to participation for the vast majority of users, especially as compared to the other scenarios listed above.

I hope that linking with a Wikipedia URL underlying some copied text will be considered to be an attribution to Wikipedia.

Correct.

Does this also apply to playground links? (I think it should, but I couldn't find specific mention of it.)

I don't believe so. The license of URLO wouldn't apply, as the content isn't being hosted there. Therefore it would be the license of the playground, which doesn't have one specified. However, a GitHub gist is created when sharing, so you'd be giving GitHub a non-exclusive license to host and display the code. Other than that, I believe all rights would be reserved.

(standard not a lawyer disclaimer, take this at your own risk)

Thanks. Previously, I've assumed that when someone shares example code or a problem solution through the Rust playground, their informal intention is that it is free to be reused (or else why share it?). I don't know how well that argument would hold up legally, if it came to it. Maybe there could be an option on the Rust playground to opt into MIT/Apache-2.0 on sharing? That would clarify things.

When interacting with the playground, there’s no obvious connection to GitHub at all. As a user, the fact that it uses a gist for its share storage is an implementation detail— the only rights GitHub should have are the ones implied in my request to the playground, as I never interacted directly with them (and wasn’t informed of the connection before pressing the share button).

In the absence of an explicit agreement, that would be limited to showing the code to people that have a copy of the generated playground link, I would expect.

Yeah, that's far beyond my basic understanding of contract law. But it's also orthogonal to the topic, so I'd prefer to not continue it here. Feel free to send a DM, though.

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.