HESSLA: Hackers with a Cause

A hacker group called Hacktivismo has created HESSLA, an open-source license with ambition.

A hacker group called Hacktivismo has created HESSLA, an open-source license with ambition. What kind of ambition? Well, fighting eroding privacy standards, for one. And, if that's not enough, how about fighting for human rights?

HESSLA stands for the Hacktivismo Enhanced-Source Software License Agreement. It borrows heavily from the GNU General Public License (GPL), the most prevalent open-source license. Under GPL, any changes you make to freely available source code must be published if you intend to sell an application based on the modified source code.

The same holds true with HESSLA. But software licensed under HESSLA is also barred from use by governments that violate human rights. HESSLA contains language that would, ostensibly, let licensees take human rights violators to court because use of the license constitutes a waiver of sovereign immunity.

"In other words, if Myanmar or China want to keep violating human rights, then they have no choice but to steer clear from using Hacktivismo's software in connection with any of their wrongful projects," notes a Hacktivismo news release. "If not, then this software license just may be the victims' long-needed ticket into court; their pathway over the obstacle to justice previously presented by sovereign immunity."

HESSLA also prohibits (and makes legally actionable) the use of the software for "monitoring of individuals," and prohibits changes to its software that involve "spyware, surveillance technology or other undesirable code."

This is rather broad language. "Monitoring of individuals" could mean anything from spying to spam filtering. And "other undesirable code" is so vague it's impracticable.

The Free Software Foundation (FSF), crafters of the GPL, is against the license. FSF suggests that while the restriction might seem like a good idea because it targets reprehensible behaviors, it's still restriction.

"[HESSLA] is not a free software license," an FSF policy brief at Gnu.org states. "The ironic result is that the community of people most likely to feel sympathy for the goals of the HESSLA cannot contribute to HESSLA-covered software without violating its principles." In other words, Hacktivismo is fighting oppression with licensing terms that are deemed by some as, well, oppressive.

FSF also suggests that, under U.S. Law, a license like this can't restrict usage of the program, and it would be as hard to enforce as pulling over everyone who speeds on the highway every day.

Still, HESSLA has people talking. With programs in the government like the notorious Total Information Awareness project, and other privacy-eroding concepts like covert monitoring of Web surfing at libraries, some argue HESSLA at least gets people thinking about the state of privacy.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
How much is a data breach going to cost you?