Every situation is different
Last year, I applied to join the JET Program, which would have sent me to Japan to help teach English in a public school for a year or two. The organizers give the participants a little mantra: Every Situation Is Different. What works well in one school, or one town, or one apartment search, may not carry over to another. If people are giving you advice that seems bad, they say, there's probably a good reason for that -- something unique about your situation.
I wasn't accepted for the JET Program, but that's okay, because now I'm FSF's new compliance engineer, which is even better. Even though I've been in this job for less than two months, people are already asking me how the compliance process works. This is a hard question to answer, because like the JET people say, every situation is different.
Every compliance case starts with some kind of report about a violation. Even these come from all over: some people follow our reporting instructions and mail us, others post to mailing lists or forums, sometimes we hear about a problem through the press. Then we have to confirm the violation. How do we do that? It depends on what kind of violation it is. If the violator is distributing GPLed software on a web page without a copy of the license, we can simply download it and take a look for ourselves. If a router manufacturer includes GPLed software in their hardware without providing the source or an appropriate written offer, we have to use various tools to figure out exactly what code they're shipping.
After the violation has been confirmed, we contact the violator to start bringing them into compliance. Our approach to these negotiations varies a lot depending on whether the violator is a small team of hackers or a corporation, what kind of violation it is, how friendly they are to free software, any cases we've had with them in the past -- I could go on and on. Things don't always go the way I expect, either. I've dealt with corporations who were very friendly and fixed problems promptly, and individuals who dragged their feet and made a huge stink about the process. It all depends.
I know we don't talk much about FSF's compliance work; this is just one of many reasons why. But it's important work: the many developers who have assigned their contributions to us expect it, and there aren't a lot of other organizations enforcing free software licenses. So expect to start hearing more about the Compliance Lab, here and elsewhere. And in the meantime, if you have any questions about what we do, please feel free to send us an e-mail.