Violations of the GNU Licenses
If you think you see a violation of the GNU GPL, LGPL, AGPL, or FDL, the first thing you should do is double-check the facts:
- Does the distribution contain a copy of the License?
- Does it clearly state which software is covered by the License? Does it say anything misleading, perhaps giving the impression that something is covered by the License when in fact it is not?
- Is source code included in the distribution?
- Is a written offer for source code included with a distribution of just binaries?
- Is the available source code complete, or is it designed for linking in other nonfree modules?
If there seems to be a real violation, the next thing you need to do is record the details carefully:
- the precise name of the product
- the name of the person or organization distributing it
- email addresses, postal addresses and phone numbers for how to contact the distributor(s)
- the exact name of the package whose license is violated
- how the license was violated:
- Is the copyright notice of the copyright holder included?
- Is the source code completely missing?
- Is there a written offer for source that's incomplete in some way? This could happen if it provides a contact address or network URL that's somehow incorrect.
- Is there a copy of the license included in the distribution?
- Is some of the source available, but not all? If so, what parts are missing?
The more of these details that you have, the easier it is for the copyright holder to pursue the matter.
Once you have collected the details, you should send a precise report to the copyright holders of the packages that are being wrongly distributed. The GNU licenses are copyright licenses; free licenses in general are based on copyright. In most countries only the copyright holders are legally empowered to act against violations.
The Free Software Foundation acts on GPL violations reported on FSF-copyrighted code. Thus, if the program includes code that is copyright Free Software Foundation, please send your report to <license-violation@gnu.org>.
It's important that we be able to write back to you to get more information about the violation and the product. Thus, if you use an anonymous remailer, please provide a return path of some sort. If you'd like to encrypt your correspondence, just send a brief mail saying so, and we'll make appropriate arrangements. Because the FSF endorsed the Principles of Community-Oriented GPL Enforcement, you can rest assured that your report will not lead to punishing anyone for an innocent mistake who is willing to correct it.
The FSF offers assistance and advice to any other copyright holder who wishes to enforce GNU licenses. But we cannot act on our own where we do not hold copyright. Thus, be sure to find out who are the copyright holders of the software, and report the violation to them.
Our colleagues at the Software Freedom Conservancy do GPL enforcement for many free programs, through their own copyrights and with coalitions of copyright holders in those programs. The programs include Linux, Git, Samba, QEMU, and others. If you encounter a GPL violation on those programs, we suggest you visit the Conservancy's copyleft compliance page for the up-to-date list of programs it handles, and how to report violations.
This page is maintained by the Free Software Foundation's Licensing and Compliance Lab. You can support our efforts by making a donation to the FSF. Have a question not answered here? Check out some of our other licensing resources or contact the Compliance Lab at licensing@fsf.org.