European Commission fooled by IBM Red Hat merger risk to source code


It is now one year since IBM Red Hat announced restrictions on the availability of the Red Hat Enterprise Linux (RHEL) source code.

At the time, various people wrote to me commenting that I had been right in my concerns about the direction of open source software and the increasingly fake communities like the FSFE misfits who pretend to be FSF.

The IBM Red Hat merger required regulatory approval from the European Commission. An enormous report was produced about the risks of the merger and the source code question was in there. It was foreseen and the European Commission did nothing to mitigate the risk or place conditions on the merger to protect all the other companies who contributed to that source code.

Let's go through it step-by-step:

Red Hat was founded back in 1993. We can look through the early messages from the leaked debian-private secret cubby house to see what things were like in that era when the first Linux distributions were born. For example, this was the time when Red Hat offered people in Debian the option to buy shares during the IPO:

Subject: RedHat Surprise
Date: Wed, 21 Jul 1999 00:09:50 -0500 (EST)
From: Matthew R. Pavlovich <mpav@purdue.edu>
To: debian-devel@lists.debian.org, debian-private@lists.debian.org

In light of RedHat's recent offer to many debian developers, I want to
make a suggestion to those who do not accept RedHat's method of making the
offer.  

Do not send back a nasty e-mail message cursing them for spamming.  If you
feel obligated to tell them your opinion, please consider using your
non-debian e-mail address.  It is very easy for people to mistaken the
opinion of one for the opinion of the whole.  EVERY e-mail message you
send with a debian.org e-mail address reflects Debian as an organization.  

Redhat did not have to include anyone in their offer.  This is a very
considerate and thoughtful gesture on their part.  Redhat is good for
Linux as a whole.  We may have some differences, but IMO they should not
be viewed as our enemy.  They are going to be investing a lot of money
into Linux development, which means good paying jobs for open source
developers.  

IF YOU READ ONE SECTION, READ THIS:
-------
I am not saying anyone is wrong for having an opinion or that they should not express it, the focus of my point is to stress taking into account
the fact that individual opinions are taken as opinions of the entire
organization.

 Matthew R. Pavlovich  

On 28 October 2018, IBM announced their plans to purchase Red Hat for $34 billion.

On 27 June 2019, the European Commission announced their approval of the merger in a two page document.

The Commission published a full report into the proposed merger (M.9205). The report tells us about all the risks considered by the European Commission. It is 131 pages long.

The commission noted that the open source and "freely available" features of Red Hat Enterprise Linux are distinctive features of the product and the business model:

Red Hat offers Red Hat Enterprise Linux (“RHEL”), a Linux distribution that accounts for some […]% of Red Hat’s overall revenues (in FY 2018). The RHEL source code is open source and therefore freely available; Red Hat instead charges for annual subscriptions that include technical support, updates, security, and IP protection. In FY 2018, Red Hat’s RHEL revenues were USD […] (EUR […]), of which approximately USD […] (EUR […]) were generated in the EEA.

The commission was aware of CentOS, it is mentioned in point 345:

(345) Red Hat also contributes to the CentOS community, which distributes a Linux distribution for developers based on RHEL and to the Fedora community which distributes a Linux distribution based on the latest technology from the Linux kernel community. Red Hat does not sell support subscriptions for CentOS or Fedora and derives no revenue from these activities.

IBM Red Hat (referred to as the Notifying Party) told the Commission:

(348) The Notifying Party submits that the Transaction is unlikely to raise any unilateral effects concerns in Server Operating Systems ("OS") market (and any sub-segment thereof) for the reasons set out below.

and here is the meat:

(379) In the fourth place, the Notifying Party claims that Red Hat’s market power is further limited by the fact that RHEL is open source and therefore can be forked, i.e., a company may choose to take the open source code and develop it with community support under a different distribution.

As regards incentives

(380) According to the Notifying Party, the merged entity would also not have the incentive to degrade RHEL’s interoperability (whether by changing RHEL’s source code or by refusing to certify RHEL) or to raise RHEL’s relative price when combined with third party products competing with IBM.

[ ... snip ... ]

(382) Second, the incentive to engage in any anticompetitive exclusionary practices would be further reduced because, according to the Notifying Party, such practices would be perceived as hostile by Red Hat’s customers, developer community, and ecosystem partners, and would therefore alienate them. As Red Hat’s success relies both on the support of developers and the ecosystem partners (to be able to sell in a wide ecosystem), […].

[ ... snip ... ]

(427) Second, the Notifying Party claims that Red Hat’s market power is further limited by the fact that OpenShift is open source and therefore can be forked, i.e., a company may choose to take the open source code and develop it with community support under a different distribution.

[ ... snip ... ]

5.3.8. Potential input foreclosure of RHEL competitors by withholding access to RHEL’s source code

5.3.8.1. Potential concern

(504) Red Hat’s business is based on open source technologies and, as a matter of principle, the source code of all of the software that Red Hat develops is licensed under terms that permit any recipient to access, use, change or share this source code. With respect specifically to RHEL’s source code, Red Hat’s practice has so far enabled competitors (including Oracle ) to access and use this source code in order to offer clones of RHEL (“RHEL clones” or replicates of RHEL). The main RHEL clone is Oracle Linux which was launched in 2006.

(505) Based on feedback from the market investigation and in particular on a concern raised by Oracle, the Commission has assessed a potential competitive concern, whereby the Merged Entity would have the ability and the incentive to foreclose access to RHEL’s source code which is a key input in order to enable competitors to offer replicates of RHEL.

[ ... snip ... ]

(509) First, under the General Public Licence (“GPL”), Red Hat’s distributees, including its customers and developers, are free to distribute RHEL open source code under the GPL and could do so easily and promptly in response to any foreclosure attempt.

There you have it. IBM Red Hat's submission to the European Commission appears to be giving RHEL customers an authorization to download and re-distribute copies of RHEL.

Now we see where the European Commission was fooled by these arguments, just like everybody else who contributed to RHEL for decades has been fooled too:

5.3.8.3. Commission’s assessment

(516) Overall, the Commission considers that, post-Transaction, the Merged Entity will not have the ability and incentive to foreclose the competitive pressure exercised by RHEL clones, either (i) directly by restricting third party’s access to RHEL’s source code or (ii) indirectly by degrading access to releases of updates and patches for RHEL’s source code in such a way that it would effectively become impossible to continue marketing RHEL clones, or (iii) by implementing a combination of (i) and (ii), for the reasons set out below. In any event, the Commission considers that such foreclosure strategy would not have a significant detrimental effect on competition.

[ ... snip ... ]

(520) Oracle further explains that this could be achieved without infringing the GPL by a combination of (i) not making available the source code to third party other than the direct recipients of the binary and/or (ii) degrading access to releases of updates and patches for RHEL’s source code, i.e, by changing the method and/or timing for such releases. With respect to the former, Oracle explains that the GPL requires the distributor to provide complete corresponding source code to all direct recipients of the binary, but not necessarily to the public at large. In this respect, Oracle claims that Red Hat’s current contract terms “restrict the customer’s ability to share the source code with others” and that, while so far Red Hat has not done so, the Merged Entity could seek to enforce these contractual terms in order to prevent Oracle from accessing RHEL’s source code. 349 With respect to the latter, Oracle explains that such behaviours would not infringe the GPL since this open source licence does not provide any specific obligations around the method and timing of sharing updates and patches to the source code.

As regards the Merged Entity’s ability to restrict third party’s access to RHEL’s source code

(521) The Commission considers that it is unlikely that the Merged Entity would have the technical ability to completely foreclose its competitors’ access to RHEL’s source code through contractual restrictions without infringing the GPL. This is based on the following reasons.

Oracle warned the Commission about what would happen. The Commission didn't believe it. They had the wool pulled over their eyes.

More news and policy statements regarding my campaign for Dublin Bay South:

Please print my brochure if you want Ireland to change