At last. With Christmas another 300 days away, the season of the "free" is over. Or is it? Not all software, even if labelled "open source" or "free", is free of charge. The same is true for photos "found" in a web search. They might all be subject to licence fees and copyright. In fact, the CERN Computer Security Officer still receives repeated invitations from companies to "regularise" our mutual licence conditions. On the other hand, in CERN's academic environment, licence conditions become a PhD in themselves. Let's delve deep.
Licence conditions are complex - too complex IMHO - but perhaps deliberately complex to make some easy money for the licence holder and blind the user to whether or not it is free, creating doubt and uncertainty, leading them to pay in the end, wary of falling into the trap of licence infringement. And the conditions depend on so many factors: professional vs private use; used by a few, a team or many; used at CERN, or on a CERN-owned device or with a CERN email address. But what do the licence conditions really entail?
Professional vs private: This is the easiest one. According to many terms of use, "private use" is when it is entirely private and never used for any professional purpose. For example, using "TeamViewer" to connect remotely to your Grandma's PC is fine, but if you use it from your personal laptop at home to connect to your personal PC at CERN, it is not private anymore, even if that connection is "just" to edit holiday pictures. The same holds true for software used to edit those holiday photos when you edit them on a CERN PC. Once "CERN" hardware (or your employer's hardware) is involved, it usually isn't "private" anymore.
Team size: Some software, like "Slack", can be used for free but also offer a "Pro" subscription for "small teams". But what "small" and "team" means, they don't really say. The Computer Security team is small (eight fine people using lovely Mattermost), as are many other teams at CERN. But if you include people from all over the Organization, "small" becomes "large". And the licence conditions change drastically.
Locality: And then there is "locality". The conditions may state that the software may only be run, for example, at CERN. What does that mean? On a device connected to the CERN network with an IP address assigned to CERN? What about CERN Terminal Servers running that software or me remotely connecting to a PC in my CERN office? Does it run at CERN or outside since it is ported to my display abroad? What about having it installed on a device owned by CERN but connected somewhere else? Can or can't I use that software on my CERN laptop from home? Or while waiting in the airport lounge? Or should the airport pay the licence for me (which they won't)? Or my internet service provider? Few licence conditions are crystal clear on that.
In addition, we have had cases where the "free" software was registered with a CERN email address. But what does that imply? Is CERN liable? Is Google liable if I register with an @gmail address? I think you get the idea.
As far as CERN is concerned, CERN IT acts as a service provider to its community, providing network connectivity, (virtualised) computing clusters, databases and storage spaces. And CERN provides a plethora of IT services and applications with the corresponding licences (e.g. for Windows, Linux, macOS, control systems). Most of those services and applications come conveniently free. Some others might require a contribution to their costs. Additional services and software may be purchased via an EDH purchase requisition (DAI) but are subject to the approval of the CERN Cloud or Software Licence Offices, the Web Governance Board, the CERN Electronics Engineering Committee (ELEC) or the Computer Aided Engineering Committee (CAEC) in order to avoid creating a cacophony of similar solutions and spending money on software that has already been purchased centrally.
So, before using any cloud service, software or application, check its licence conditions. Similarly for any software you purchased via your institute, university or even privately: can it be used (for free) for professional purposes at CERN? Please check with the CERN Cloud or Software Licence Offices if in doubt. Because very often "free+free" can become costly...
