Open Source, the GPL, and the App Store

Posted by on
  • Font size: Larger Smaller
  • Hits: 8799

I am a believer in the idea that a large subset of humanity enjoys helping one another to be successful, and that they become better themselves in the process. One way this occurs is with the Open Source movement. People that write software not for the profit that can be made with the software, but to give it away so that others can use it, as an end product to accomplish a task, or even to use as part of another project. This enables the next person to get a jump start on what they're working on in order to become successful faster than they would have been if they'd had to start from scratch.

Ideally the next person becomes a link in a chain so that others can benefit from their work and become successful themselves. Everyone does their part and everyone benefits.

Not all Open Source products are equal however. Just because someone releases their code as open source, doesn't mean you can do whatever you want with it. There is always a license of some sort attached to the code that governs what you're allowed to do. The Open Source Initiative site lists 67 different licenses that they've approved as meeting the existing community norms and expectations of what an open source license should be. Before we go any further, let me clarify that I am not a lawyer, I don't even play one on TV. So you should always consult your own legal council when dealing with legal matters.

Of all of the open source licenses, there are a few that are used more than others. The GNU General Public License (GPL), the Apache License, BSD License and the MIT License are the most popular. The latter 3 are very similar and impose the least restrictions on users of the code they license. The GPL imposes some very specific implications on users of the code it licenses and is the reason I'm writing this article today.

In simplified terms, the Apache, BSD and MIT licenses allow you to use the code they cover in other products and allow you apply a license of your choice to the new product. It doesn't have to be an open source license and so you're not required to provide the source of your product to others. You do have to include the appropriate copyrights for the source you've used that was created by others, and you do have to accept the fact that the source is provided to you AS IS, that there's no warranty of any kind given by the original creators of the code you're using.

The GPL however forces you to use it as the license for your new product. In this way, it has been described as a virus license since it effectively reproduces itself onto your product, and limits what you're allowed to do with your product. That is, you're forced to release the source code of your new product, and you must allow others to redistribute your product for free, in both source and object code. The philosophy behind this is that if you're benefiting from the work of others, you should be forced to share your work in the same way so that others can benefit. These restrictions make the GPL incompatible with the App Store, which means, as an iOS developer, you should avoid using any code that is covered by the GPL.

The reason that GPL code is incompatible with the App Store is the requirement that someone receiving the product be able to redistribute that product to someone else. Since all apps in the App Store have Digital Rights Management (DRM) applied to them, users are unable to directly share the apps with others. Because a developer is unable to give that right to the user, they are effectively barred from distributing their app through the App Store.

Just yesterday, this became an issue on the App Store as the popular app VLC was pulled by Apple due to complaints that it's presence on the App Store was a violation of the GPL. Even though the app was available for free, and the source code to the app was made available at for anyone that wanted it, the DRM issue overrules and thus, no VLC for you.

As a user this is disappointing since the app allows you to play media files that no other app on the App Store, or built into iOS devices can play. But as developer, this is extremely alarming and should cause you to audit all the libraries you've used to ensure none are covered by the GPL, else your apps could suffer the same fate as VLC.

What's most disturbing about all of this, is that it seems as though, this is really just a silly technicality. The fact that a user is unable to share the exact binary they downloaded from Apple doesn't mean they can't share the app with a friend. The user can share the app just by sharing the iTunes link to the download (which is free), or alternately, provide the full source code. So the spirit of the GPL is still possible with the App Store, just not the letter of the GPL.

It would be possible for the Free Software Foundation (creators of the GPL) to release an updated version of the license to make it compatible with the App Store, but since they feel that all DRM is inherently evil, it's unlikely that will ever happen. Arguably, it might be possible for Apple to make DRM optional for certain apps, but that would require fundamental changes to the iOS architecture and might introduce security holes that make it easier to pirate apps. I don't see either side making any compromises here so your best bet, is to just avoid all GPL code and find (or create) alternatives that are licensed under the Apache, BSD, or MIT licenses.

This post is part of iDevBlogADay, a group of indie iPhone development blogs featuring two posts per day. You can keep up with iDevBlogADay through the web site, RSS feed, or Twitter.


  • Guest
    Alex Curylo Monday, 10 January 2011


    Actually, it's more fundamental than you set out. Section 6 of the GPL reads

    "...the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program..."

    Note the "or modify". So GPL compliance requires not just being able to transfer apps directly, which you could argue is something Apple should have a mechanism for; but also being able to transfer apps to which you've added your own address book harvesting code, 1-900 number dialling code, or whatever evilness strikes your fancy. You can take it as pretty much a given that Apple will never allow that. Nor should they.

  • Guest
    Jonathan Cormier Wednesday, 12 January 2011


    Great article. So, code that is licensed under Apache, BSD, and MIT licenses should be compatible with the App Store? and not get yanked like VLC?

  • Guest
    Hans Hubbard Friday, 04 February 2011


    I think you miss the actual point of the GNU GPL. It's not just about sharing the app itself, or even about having source code available for an identical app. It's about being able to control and manipulate precisely the app you are using.

    The fact that iOS enabled apps come to the user fettered with DRM means that there is extra code attached to the app, code that is in no way open or free. This means that at least part of the code running on the user's computer whenever she uses the app is proprietary and therefore not only can she not modify it, but she also can't monitor exactly what the code is instructing her computer to do.

    This in effect breaks away not only from the letter, but from the spirit of the GNU GPL in particular and the Free Software Foundation (FSF) in general. Modifying the GNU GPL to accomodate the burdening of free software with proprietary code (ie DRM) would render the license useless and would be a complete betrayal of the FSF's goals.

    People who want true software freedom should not be looking to iOS to begin with, as developers or users.

  • Guest
    Hans Hubbard Saturday, 05 February 2011


    "...but also being able to transfer apps to which you've added your own address book harvesting code, 1-900 number dialling code, or whatever evilness strikes your fancy. You can take it as pretty much a given that Apple will never allow that. Nor should they."

    That's exactly what the point of the GNU GPL is, to prevent this. If you have the code open for your examination and modification, you know exactly what the app is instructing your computer to do. If you don't (as with Apple's DRM burdens), it is impossible for the user to know what their computer is doing, or for a developer to know what their app will make computers do after Apple is done burdening it with secret proprietary code. You're worried about address harvesting and the privacy of your data? Then don't trust someone to control your computer without your knowledge.

  • Guest
    Steve Saturday, 19 May 2012


    Your post is interesting because it seems to be written with the unstated assumption that the App Store is always right, and anything that isn't compliant (or can't be made compliant) must be wrong.

    "It would be possible for the Free Software Foundation (creators of the GPL) to release an updated version of the license to make it compatible with the App Store, but since they feel that all DRM is inherently evil, it's unlikely that will ever happen."

    Here, you make it sound like the FSF is somehow unique in their position. Yet in 2007 Steve Jobs posted an essay on Apple's website in which he said: "... to abolish DRMs entirely ... is clearly the best alternative for consumers, and Apple would embrace it in a heartbeat".

    Say what you will about the FSF, but at least their positions are entirely self-consistent. Apple has for years been calling for other companies to stop using DRM in their products, while increasing the use of it in their own -- and all the while, saying that it's bad for everybody!

    The FSF's GPL is also easier to follow. In over 20 years, it's changed twice, both updates were opt-in: you can still use 1991's GPL2 if you want, and most projects still do. Apple's App Store is only 3 years old and already has had numerous changes to its policies, and you have no choice to stay with a version of its policies if you don't like the new ones. Already we've seen several useful, popular apps (which aren't open-source or contain any GPL code at all) being withdrawn from the App Store simply because they can't meet a particular updated requirement.

    You're right that I don't see either side making compromises on this matter, and so your best bet is to just avoid Apple's App Stores altogether. Mac software can be sold or given directly to customers, and mobile web apps on iOS can do practically everything iOS apps do (albeit a bit slower), all with no DRM requirement.

Leave your comment

Guest Saturday, 22 November 2014