It is though. If you commit copyrighted code that was output by an LLM, you do have to follow the license of that code. If you don’t, that’s copyright infringement.
Even if the code isn’t copyrighted code, then it’s public domain code that can’t be copyrighted:
Copyright is created and enforced by copyright law.
Licenses are created and enforced by contract law.
You can violate a contract without violating a copyright and you can violate a copyright without agreeing to a license. You can also license works that are not able to be protected by a copyright because they are two separate categories of law.
Sure, you can license them, but that license is unenforceable, because you don’t own the copyrights, so you can’t sue anyone for copyright infringement. And you’d have to be a fool to agree to a license for public domain material. You can do whatever you want with it, no license necessary.
because you don’t own the copyrights, so you can’t sue anyone for copyright infringement.
You can’t sue for copyright infringement.
You can, however, use content which is not able to be copyrighted and also still license (under contract law/EULAs) your product including terms prohibiting copying of the non-copyrightable information.
On Zeidenberg’s copyright argument, the circuit court noted the 1991 Supreme Court precedent Feist Publications v. Rural Telephone Service, in which it was found that the information within a telephone directory (individual phone numbers) were facts that could not be copyrighted. For Zeidenberg’s argument, the circuit court assumed that a database collecting the contents of one or more telephone directories was equally a collection of facts that could not be copyrighted. Thus, Zeidenberg’s copyright argument was valid. However, this did not lead to a victory for Zeidenberg, because the circuit court held that copyright law does not preempt contract law. Since ProCD had made the investments in its business and its specific SelectPhone product, it could require customers to agree to its terms on how to use the product, including a prohibition on copying the information therein regardless of copyright protections
You can’t copyright phone numbers, just like you can’t copyright generated code, but you can still create a license which protects your uncopyrightable content and it can be enforced via contract law.
Sure, but if it’s open source, I can just take that code without agreeing to your contract. Since it’s public domain, I can do whatever I want with it. You can only enforce a contract if I agree to it.
If someone 100% generates code to make software then the software isn’t protected by copyright.
That software could be distributed and licensed under an EULA and the fact that it isn’t protected by copyright means absolutely nothing as far as the EULA is concerned.
The copyright status and the ability to license a piece of software under contract law do not depend on one another.
The context of my reply is about LLM generated code and the downstream use of it in a product.
See:
LLMs themselves being products of copyright isnt the legal question at issue, it’s the downstream use of that product.
Assuming that the code is 100% LLM generated and uncopyrightable does not affect the ability to enforce license restrictions created via End User Licensing on downstream uses of that product.
A piece of software that is unable to be copyrighted due to being 100% generated can be licensed and can expect to have that license enforced via contract law.
Ah, ok. This is a conversation about Linux, so that doesn’t apply. Linux is open source, so it wouldn’t matter if someone wanted to enforce a EULA, anyone else could just take the source and do what they want with it.
The Linux Kernel is under a copyleft license - it isnt being copyrighted.
But the policy being discussed isn’t allowing the use of copyrighted code - they’re simply requiring any code submitted by AI be tagged as such so that the human using the agent is ultimately responsible for any infringing code, instead of allowing that code go undisclosed (and even ‘certified’ by the dev submitting it even if they didnt write or review it themselves)
Submissions are still subject to copyright law - the law just doesnt function the way you or OP are suggesting.
they’re simply requiring any code submitted by AI be tagged as such so that the human using the agent is ultimately responsible for any infringing code, instead of allowing that code go undisclosed
This makes zero sense, because the article says that this new tagging will replace the legally binding “Signed-off-by” tag. Wouldn’t that old tag already put that responsibility on the person submitting the code.
Also - what will holding the submitter responsible even achieve? If an infringement is detected, the Linux maintainers won’t be able to just pass all the blame to the submitter of that code while keeping it in the codebase - they’ll have to remove the infringing code regardless of who’s responsible for putting it in.
Kinda, but they’re specifically saying the the AI agent cannot itself tag the contribution with the sign-off - like, someone using Claude Code to submit PRs on their behalf. The developer must add the tag themselves, indicating that they at least reviewed and submitted it themselves, and it wasn’t just an agent going off-prompt or some other shit and submitting it without the developer’s knowledge. This is saying ‘the dog ate my homework’ is not a valid excuse.
The developer can use AI, but they must review the code themselves, and the agent can’t “sign-off” on the code for them.
Also - what will holding the submitter responsible even achieve?
What does holding any individual responsible on a development team do? The Linux project is still responsible for anything they put out in the kernel just like any other project, but individual developers can be removed from the contributing team if they break the rules and put it at risk.
Copyleft doesn’t mean it’s not copyrighted. Copyleft is not a legal term. “Copyleft” licenses are enforced through copyright ownership.
Did you read the quotes from the copyright office I linked to? I am going to go ahead and trust the copyright office over you on issues of copyrightability.
Unless the code the AI generated is a copy of copyrighted code, of course. Then it would be copyright infringement.
I can cause the AI to spit out code that I own the copyright to, because it was trained on my code too. If someone used that code without including attribution to me (the requirement of the license I release my code under), that would be copyright infringement. Do you understand what I mean?
That would be true even if they didn’t use AI to reproduce it.
The problem being addressed by the Linux foundation isn’t the use of copyrighted work in developer contribution, it’s the assumption that the code was authored by them at all just because it’s submitted in their name and tagged as verified.
Yes, that makes sense. People have always been able to intentionally commit copyright infringement. However, it has historically been fairly difficult to unintentionally commit copyright infringement. That’s no longer the case. AI makes it very easy to unintentionally commit copyright infringement. That’s a good reason to ban it outright.
The risk of that is relatively low for kernel contributions, though. Most of the work being done is porting existing protocols/firmware into the latest Linux kernel, not creating novel features.
The larger risk is instability caused by bad, hallucinated code because it was submitted under the assumption of human authorship. In both cases, further review by the Linux team can be done if they understand where that code is coming from.
Banning AI does nothing, because theres no way of knowing who uses it without proper disclosure, which wouldnt happen if it were banned. To use an example from the article, it would be like banning code written with the use of a specific brand of keyboard.
Better to have it properly disclosed than to make it illicit
Wow, what an atrocious analogy. So, you just can’t determine what brand of keyboard someone uses, period. When someone uses an AI, there will be certain patterns that are somewhat more common in their code. Their code will also look different than their previous code. It also tends to produce very large commits. You can also ask them why they did certain things and see how they answer. So you might not be 100% accurate, but there are ways to tell when someone is using AI.
It is though. If you commit copyrighted code that was output by an LLM, you do have to follow the license of that code. If you don’t, that’s copyright infringement.
Even if the code isn’t copyrighted code, then it’s public domain code that can’t be copyrighted:
https://sciactive.com/human-contribution-policy/#More-Information
You’re confusing two separate legal issues.
Copyright is created and enforced by copyright law.
Licenses are created and enforced by contract law.
You can violate a contract without violating a copyright and you can violate a copyright without agreeing to a license. You can also license works that are not able to be protected by a copyright because they are two separate categories of law.
Sure, you can license them, but that license is unenforceable, because you don’t own the copyrights, so you can’t sue anyone for copyright infringement. And you’d have to be a fool to agree to a license for public domain material. You can do whatever you want with it, no license necessary.
You can’t sue for copyright infringement.
You can, however, use content which is not able to be copyrighted and also still license (under contract law/EULAs) your product including terms prohibiting copying of the non-copyrightable information.
This was settled in: https://en.wikipedia.org/wiki/ProCD%2C_Inc._v._Zeidenberg
You can’t copyright phone numbers, just like you can’t copyright generated code, but you can still create a license which protects your uncopyrightable content and it can be enforced via contract law.
Sure, but if it’s open source, I can just take that code without agreeing to your contract. Since it’s public domain, I can do whatever I want with it. You can only enforce a contract if I agree to it.
It doesn’t have to be open source.
If someone 100% generates code to make software then the software isn’t protected by copyright.
That software could be distributed and licensed under an EULA and the fact that it isn’t protected by copyright means absolutely nothing as far as the EULA is concerned.
The copyright status and the ability to license a piece of software under contract law do not depend on one another.
Linux is open source.
I’m not talking about Linux.
The context of my reply is about LLM generated code and the downstream use of it in a product.
See:
Assuming that the code is 100% LLM generated and uncopyrightable does not affect the ability to enforce license restrictions created via End User Licensing on downstream uses of that product.
A piece of software that is unable to be copyrighted due to being 100% generated can be licensed and can expect to have that license enforced via contract law.
Ah, ok. This is a conversation about Linux, so that doesn’t apply. Linux is open source, so it wouldn’t matter if someone wanted to enforce a EULA, anyone else could just take the source and do what they want with it.
The Linux Kernel is under a copyleft license - it isnt being copyrighted.
But the policy being discussed isn’t allowing the use of copyrighted code - they’re simply requiring any code submitted by AI be tagged as such so that the human using the agent is ultimately responsible for any infringing code, instead of allowing that code go undisclosed (and even ‘certified’ by the dev submitting it even if they didnt write or review it themselves)
Submissions are still subject to copyright law - the law just doesnt function the way you or OP are suggesting.
This makes zero sense, because the article says that this new tagging will replace the legally binding “Signed-off-by” tag. Wouldn’t that old tag already put that responsibility on the person submitting the code.
Also - what will holding the submitter responsible even achieve? If an infringement is detected, the Linux maintainers won’t be able to just pass all the blame to the submitter of that code while keeping it in the codebase - they’ll have to remove the infringing code regardless of who’s responsible for putting it in.
Kinda, but they’re specifically saying the the AI agent cannot itself tag the contribution with the sign-off - like, someone using Claude Code to submit PRs on their behalf. The developer must add the tag themselves, indicating that they at least reviewed and submitted it themselves, and it wasn’t just an agent going off-prompt or some other shit and submitting it without the developer’s knowledge. This is saying ‘the dog ate my homework’ is not a valid excuse.
The developer can use AI, but they must review the code themselves, and the agent can’t “sign-off” on the code for them.
What does holding any individual responsible on a development team do? The Linux project is still responsible for anything they put out in the kernel just like any other project, but individual developers can be removed from the contributing team if they break the rules and put it at risk.
The new rule simply makes the expectations clear.
Copyleft doesn’t mean it’s not copyrighted. Copyleft is not a legal term. “Copyleft” licenses are enforced through copyright ownership.
Did you read the quotes from the copyright office I linked to? I am going to go ahead and trust the copyright office over you on issues of copyrightability.
Even if this were true, it would only mean that the GNU license is unenforceable, not that the Linux kernel itself is infringing copyright
Unless the code the AI generated is a copy of copyrighted code, of course. Then it would be copyright infringement.
I can cause the AI to spit out code that I own the copyright to, because it was trained on my code too. If someone used that code without including attribution to me (the requirement of the license I release my code under), that would be copyright infringement. Do you understand what I mean?
That would be true even if they didn’t use AI to reproduce it.
The problem being addressed by the Linux foundation isn’t the use of copyrighted work in developer contribution, it’s the assumption that the code was authored by them at all just because it’s submitted in their name and tagged as verified.
Does that make sense?
Yes, that makes sense. People have always been able to intentionally commit copyright infringement. However, it has historically been fairly difficult to unintentionally commit copyright infringement. That’s no longer the case. AI makes it very easy to unintentionally commit copyright infringement. That’s a good reason to ban it outright.
The risk of that is relatively low for kernel contributions, though. Most of the work being done is porting existing protocols/firmware into the latest Linux kernel, not creating novel features.
The larger risk is instability caused by bad, hallucinated code because it was submitted under the assumption of human authorship. In both cases, further review by the Linux team can be done if they understand where that code is coming from.
Banning AI does nothing, because theres no way of knowing who uses it without proper disclosure, which wouldnt happen if it were banned. To use an example from the article, it would be like banning code written with the use of a specific brand of keyboard.
Better to have it properly disclosed than to make it illicit
Wow, what an atrocious analogy. So, you just can’t determine what brand of keyboard someone uses, period. When someone uses an AI, there will be certain patterns that are somewhat more common in their code. Their code will also look different than their previous code. It also tends to produce very large commits. You can also ask them why they did certain things and see how they answer. So you might not be 100% accurate, but there are ways to tell when someone is using AI.