My Thoughts on the Datomic License

Yeah, it's not Open

I have a greenfield project where the choice of database is open. I have been very interested in Datomic for a couple of years now and figured that I'd try Datomic out for the project. Then I tried to actually download and install it and decided against it... mostly because the value of Datomic does not clearly outweigh the cost of using proprietary software. I am writing this post to communicate my perception.

Making Money

People who write software should be reasonable compensated for their work. I write software... some open and some proprietary... and I like to be compensated for my work.

It's important to have financial incentives aligned with software development as we've recently learned in the whole Heart Bleed disaster.

We also know that pricing models are complex beasts.

I am all in favor of finding ways to reasonably price software so that a reasonable amount of money flows to the authors such that the authors can keep writing/improving the software.

In terms of software, I prefer the mostly open approach to making money. Zimbra is an excellent example. They have an open version of their mail server. Download it and install it. Want support? There's a fee for that. Want the Exchange connector to make it work nicely with Outlook, that's proprietary and costs a non-trivial amount. Zimbra makes enough off support and the "Network" edition to support robust development of the core open product. Yay!

Chattin' with Rich

I had a conversation with Rich Hickey about open sourcing Datomic. He has a lot of valid reasons for keeping Datomic closed and charging for it. While I think there are other ways that Cognitect can make money from Datomic, this post is not trying to change Rich's mind. It is, however, information to help the Cognitect folks improve the way they present a proprietary piece of software in a world that is mostly open.

My Experience with trying Datomic

I've got this project. I'm making a Docker container for my development. Ideally, I'd have a package that I can apt-get install with the data storage. A second is to have something that can be wgeted when I'm building the Docker container. A very distant third is to put the tar file in my git repo and have the bytes loaded into the container on build.

I go to Datomic.com and look for the download link. None... but a lot of big buttons for Get Datomic so I click on one of those. But I have to visit My Datomic to actually get anything.

I register my user name and wait 15 minutes for the validation link in the email. I get the validation link and I log into My Datomic. I go to the download link and there's only the option for Datomic Pro... no easy way to find the Datomic "Free" version that's supposed to be fine for open source projects.

Part of the download is an admonition to read the End User License Agreement and being a developer who cares about other developers' rights and a lawyer by training, I start reading.

Problems

So, the first problem is in the License Grant clause:

The Licensee is permitted to create copies the Software solely for data protection, archiving and backup purposes.

Basically, this means that making of Datomic and putting it in a git repo and distributing that git repo to GitHub/BitBucket is a violation of the terms of the EULA. Yes, one might argue that the preceding sentence:

... or for Licensee's own internal non-production use for the purpose of development or testing on an unlimited number of Licensed Processes.

Means that putting a copy in git is "for the purpose of development" and I'm sure that's what the current Datomic management intents. But when Oracle buys Cognitect, Oracle may have a different read on the license.

Also, I think that if Oracle were to sue me for having copies of Datomic strewn around in git, I would likely escape liability under copyright law. On the other hand, I would not be able to get a legal action dismissed with a Rule 11 motion and anything that's going to a judge is a place I don't want to be,

I also understand the complexities of trying to use "rights to copy bits" as a lever for extracting money for functionality that isn't directly associated with those bits is a tough issue to deal with. But, the Datomic EULA doesn't even try to address that.

Next, let's take a look at the Restrictions clause:

(a) copy or use the Software in any manner except as expressly permitted in this EULA;

There's nothing in the EULA that is express about what can be done with the software. Yes, the "install and use the Software only for the Licensee's own internal production use by Licensed Processes, subject to the condition that the Licensee must ensure the maximum number of processes accessing and using the Software is equal to the number of Licensed Processes for which the necessary Fees have been paid" clause gives us a hint. But there's really nothing that says I can store data in Datomic. If the above clause referenced the documentation as a guide to the manner in which the software could be used, fine. And yes, I'm being picky.

(c) transfer, sell, rent, lease, lend, distribute, or sublicense the Software to any third party;

Does this mean I have to run Datomic on my own physical hardware servers? Does this mean that I can't allow a consultant to access Datomic in my git repo? If I run it on AWS, I'm transferring the bytes of the software to Amazon. Also, this clause likely conflicts with most cloud hosting agreements where one has to grant at least certain copying rights to the hosting service.

(d) use the Software for providing time-sharing services, service bureau services or as part of an application services provider or as a service offering primarily designed to offer the functionality of the Software;

Okay... so you can't use Datomic for a cloud service. The conjunction above is or so each of the above is a EULA violation.

(j) publicly display or communicate the results of internal performance testing or other benchmarking or performance evaluation of the Software;

Sure, Oracle has no-benchmarking clauses. But really. Cognitect? Come on.

(l) except as otherwise permitted in this EULA, publish, use, promote, broadcast, circulate or refer publicly to any Cognitect's name, trade name, trademark, service mark or logo;

Once you install Datomic, no more blogging about Cognitect.

(m) commit any act or omission the likely result of which is that Cognitect's or any of its third party suppliers' reputation will be brought into disrepute or which act or omission could reasonably be expected to have or does have a material and adverse effect on Cognitect's interests;

I don't know what circumstances could lead to the above, but I don't know why it has a place in a EULA.

(o) perform or facilitate any act which, directly or indirectly, causes to be transmitted to, uploaded or downloaded by, the Cognitect or any end user any software viruses, worms, Trojan horses, time bombs, trap doors or any other computer code, files or programs or repetitive requests for information designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment or to diminish the quality of, interfere with the performance of, or impair the functionality of the Software (individually and collectively, a "Virus");

Once again, I don't know why this clause should be in a EULA for a database. There are criminal laws that deal with hacking and viruses. Further, there's no limitation for intent. The above clause could allow Cognitect to pull a Datomic license from a user who fails to stop the spread of a virus.

(p) use the Software for any immoral, unethical, illegal or otherwise nefarious purpose;

Um... really. Who gets to determine morals here. If I use Datomic to build a site for Marriage Equality USA, would Brendan Eich be the moral decision maker. What if I build a site for a Prop 215 company... can Cognitect pull the license even though the company is legal in California, but not at the federal level?

I Could go On

But at the end of the day, the Datomic EULA isn't something that I can feel comfortable with. That means I can't build software on software that's bound by a EULA that is internally inconsistent and that exposes me and my clients to a fair number of license loss scenarios.

I really do want to use Datomic. I also want Cognitect to be wildly successful and I deeply appreciate what they've done with Clojure and the Clojure community.

I will also gladly pay Cognitect for Datomic if I get it into production for a non-trivial site.

But where the EULA is now and the sense that I get from the Datomic web site... I'm going to pass on it for right now. I'll use PostgreSQL 9.3 with JSON support. Yeah, it's technically not as good, but I know what my rights are.