With the recent trade restrictionsthat were placed on Huawei, its partners such as Google, Qualcomm, Intel, and others were forced to end all future agreements with Huawei, including revoking Huawei’s Android license. The common understanding is that since AOSP is open source, Huawei cannot be blocked from using it and this will just result in fragmentation with two different versions of Android across Europe and Asia. One with Google’s Android licensing and Play Store and one with alternate branding and a separate app store, much like what happened with Bada/Tizen and the Samsung Wave and Z devices. I am here to tell you that, unfortunately, is not true. Huawei can potentially be blocked from using AOSP, Tizen, KaiOS, PureOS, and Sailfish OS as well.
It is important to remember that open source licenses work within our current copyright framework. They utilize the design of our copyright framework to give almost everyone the right to make copies of the source code, as long as you follow the terms of the licensing agreement. Since they operate within our copyright framework, they break down when the copyright framework breaks down. A country banning its resident companies from engaging in contracts with a specific company breaks how our copyright system works, and as a result, breaks how open source licenses work.
If Huawei cannot enter into a contract with Google, then they cannot enter into the Apache 2.0 licensing agreement with Google, which means that they would not have a license to distribute the AOSP codebase. If they do not have a license to distribute it, then any attempted distribution of that code by Huawei would be a violation of Google’s copyright.
As Reuters highlighted in their article, Google does not intend to end their open source licensing agreements with Huawei, however, they can only maintain that position as long as the U.S. government allows them to. Huawei being on the Entity Listprohibits companies with U.S. operations from exporting parts and components to Huawei, including software components. While Google has acted to comply for any software where Google provides active access to the software (e.g. early access to Android security updates, support from Google throughout the Android Q beta program, being able to install Google Play Services on new devices, etc.), the restrictions equally apply for software that Huawei can use without any Huawei-specific action by Google (such as the AOSP repository). While the U.S. government will not force Google to take down the AOSP repository, they can fine Google for failing to comply with the Export Administration Regulations if Google does not take appropriate steps to prevent unauthorized usage of Google’s intellectual property by a company on the Entity List (including properly pursuing large scale copyright violations).
Thankfully, it likely will not come to that. Attempting to fine Google for not pursuing copyright violations on open source software aggressively enough would likely result in a lengthy legal battle between the U.S. government and Alphabet that neither side would want to engage in, but there are alternatives. Specifically, U.S. law has criminal penaltiesfor large scale copyright violations, which distributing AOSP without a license could fall under. This differs from the usual civil copyright lawsuits that you normally hear about in that this would be brought by the U.S. government itself, rather than by Google.
Huawei has stated that since 2012 they have been building a backup OSin case they can no longer use Google’s Android, however, they may be in for a surprise there as well. While it is possible that this is a complete clean-room OS with no code shared with AOSP or any other OS that a company with a U.S. presence has copyright on, it is extremely unlikely for anything developed in those conditions to be able to hold its own against the 15 years of development that have gone into Android and the 28 years of development that have gone into the Linux Kernel, or the decades of work that have gone into iOS (with its Unix roots). Even Tizen with its Linux Kernel base and more than 14 years of (admittedly fragmented) development from a host of large companies (dating back to the Maemo days) struggles to compete on phones. That leaves Huawei between a rock and a hard place, as in all likelihood this backup OS is either 1) not going to be competitive, or 2) based on something that they can be blocked from using.
If they choose to continue using AOSP without Google’s Android, that leaves them with two possible scenarios.
If Huawei decides to withdraw to operating exclusively in China, they will create a situation where they will be able to continue to use AOSP (assuming they can get all the parts they need to create phones) inEMUI with local app stores, much as they currently are (albeit with slower security patches and slower updates to new Android versions). China is notoriousfor selectively enforcing copyrights of foreign entities. And this is where de jure vs. de facto comes into play.
While Huawei can be banned from entering into a licensing agreement with Google and would be violating U.S. law if they used AOSP or Tizen under those circumstances, the U.S. has limited ability to directly enforce those aforementioned criminal penalties if Huawei does not maintain any activity outside of China. The U.S. government could pressure Google to pursue their copyright in China via a civil suit, however, there would be questionable ability to win that specific suit despite the clear copyright ownership, and Alphabet would be reluctant to spend that time and money on a legal battle.
So while Huawei would be in violation of the letter of the law, in practice they might actually be able to survive in this matter.
However, while China is large, it might not be enough for Huawei. They may wish to expand to an even larger market. If Huawei has their sights on India and Europe, it gets more complicated quickly.
Right off the bat, civil cases become substantially more likely to succeed as they will be able to be filed in jurisdictions that are more favorable to copyright lawsuits from foreign companies. That does not alleviate the difficulty in getting Google to pursue the case, but it isn’t the only change that happens either. At the same time, many of these countries have criminal offenses for copyright infringement of this scale (including Canada, the UK, India, and others). This means that any assets or personnel that Huawei puts in those countries would be at risk of being involved in said case.
It is not guaranteed that it would reach that level and quite a bit would need to go wrong for it to get there, but if the U.S. government wishes, they can follow the letter of the law to that extent. If the U.S. government acts to the full extent that they are capable of, they could potentially prevent Huawei from distributing AOSP based phones in any region beyond China.
While that sounds all doom and gloom, things may turn out much better. This trade ban will be absolutely crippling to Huawei and the many companies that rely on them, so there will be substantial pressure to find a solution and lift this ban. More importantly, the United States Department of Commerce understands those effects and is reluctant to leave trade bans on individual companies in place for extended periods of time, instead working with the companies to try to find a solution.
This reluctance came to the forefront just three years agoin early 2016, when U.S. companies were banned from selling to ZTE, as a result of ZTE violating U.S. trade sanctions on Iran and North Korea. The United States Department of Commerce immediately stated that they would give ZTE a temporary three-month export licensein exchange for cooperating with the ongoing investigation, and would continue to ease them if ZTE continued to cooperate. A year later (after multiple extensions of the temporary export license), ZTE agreed to a plea deal with the Commerce Department that would see their trade restrictions on ZTE be fully lifted in exchange for an $892 million dollar fine, the removal and/or disciplining of the personnel who orchestrated the violation of the sanctions, an independent compliance monitor, a seven-year period where any violation of the agreement would immediately reinstate the ban, and a $300 million security deposit which would be forfeited if ZTE violates the terms of the agreement.
Unfortunately, ZTE proceeded to violatethose terms by only firing 4 of the people involved, and instead giving bonuses to another 35 employees who took part, thereby reinstating the ban. That’s not the end of it, however, as the United States Department of Commerce entered into another plea dealwith ZTE a couple of months later, wherein ZTE would have the restrictions lifted in exchange for paying another $1 billion in fines, having further compliance oversight, changing their board of directors, and putting up an additional $400 million security deposit (as the previous $300 million had been forfeited when the initial plea deal was violated). The U.S. Senate attempted to blockthe plea deal with the National Defense Authorization Act for Fiscal Year 2019, however, the version of the NDAA 2019 that eventually passed the U.S. House did not include that provision. As of publishing, ZTE is still able to operate and no longer has an active export restriction in place (although they still are subject to the compliance requirements of their agreement.)
While it is still early, that process is already drawing parallels to what is happening with Huawei. After the initial trade blacklistthat came about from providing prohibited financial services to Iran (which resulted in Google, Intel, Qualcomm, and others suspending future collaborationwith Huawei), the U.S. Commerce Department almost immediately gave Huawei a three-month export licenseso that they could fulfill existing orders. In that statement, the U.S. Commerce Department highlighted that they would continue to evaluate potentially extending that license beyond the initial 90 days. While that is as far as we have gotten so far, I would not be shocked to see further extensions of that license in exchange for cooperation, culminating in a plea deal in about a year or two from now (maybe even less), much like what happened with ZTE.
If that is the case, then the potential negative effects on AOSP will be avoided. I would be surprised if Huawei’s legal team hadn’t already been contacted by the U.S. Department of Commerce about working on extending the export license, and Huawei realizes that they are just one plea deal (or one won legal battle) away from being able to work with Google and Qualcomm on future projects again. We have seen this happen before, and it turned out fine the last time, with ZTEback on the market and using Android with Google Play. It also (eventually) turned out fine when the U.S. government restricted exporting cryptography(including open source cryptography) from the cold war all the way through to 2000, with notable discussion at the time revolving around Phil Zimmermann’s PGP, Peter Junger’s lawsuit (Junger v. Daley), and Daniel J. Bernstein’s lawsuit (Bernstein v. United States).
Finally, you are going to see a lot of opinions published about this case from people who are not lawyers. That includes me. I am not a lawyer, I am not your lawyer, and you should not use anything stated here as legal advice. If somehow you end up in a situation where the discussion here directly impacts you, you should really go speak with your copyright lawyer. My background is in interpreting tax law (with a specific focus on Excise Tax for new product categories) and I have given talkson the basics of software licensing for developers. While that isn’t enough for you to blindly follow my analysis, that is enough for me to connect the dots, put together the relevant sources, and paint a picture. So please, dive into the sources that have been linked and read through this analysis. If after reading them you come to the same conclusion, share this article around. If you disagree, let me know why in the comments below.