Recent policy updates point to a new direction for Arduino with Qualcomm at the helm. Will Arduino’s open-source legacy survive?
Shades of VMware. Another acquisition is being changed by its new owners in ways that its users would never have imagined. This time, openness and privacy are being removed.
The acquired company is Arduino, the mostly open-source company that’s most well know for its popular developer boards. It was acquired by chip designer Qualcomm in October, and it appears that practically before the ink had time to dry on the bill of sale, the new owner has issued a new Terms of Service and Privacy Agreement that’s very big on handing all user rights over to Qualcomm.
Although not nearly the size of WMware — which was acquired by Broadcom two years ago — Arduino was also no startup being grabbed to disappear into an integration with an existing product line. The company’s been around since 2005 and over time has amassed a sizable and enthusiastic user community. We’ve written about them — and recommended them — here on FOSS Force.
We first heard about Qualcomm’s moves through a LinkedIn post from Adafruit Industries, an open-source hardware manufacturer with a long history of partnering with Arduino:
“Qualcomm-owned Arduino quietly pushed a sweeping rewrite of its Terms of Service and Privacy Policy, and the changes mark a clear break from the open-hardware ethos that built the platform.
‘The new documents introduce an irrevocable, perpetual license over anything users upload, broad surveillance-style monitoring of AI features, a clause preventing users from identifying potential patent infringement, years-long retention of usernames even after account deletion, and the integration of all user data (including minors) into Qualcomm’s global data ecosystem.”
The good news — I guess — is that for the time being at least, Arduino’s open source properties will remain open source. It’s just privacy and customer care that’s being thrown out the window.
Arduino’s Open History
Since its beginning, Arduino has had a history of openness. The company publishes schematics of its boards, PCB files (which contain design, layout, and assembly instructions for its boards), and IDE software under open-source licenses, meaning anyone can modify and manufacture compatible hardware. The third party microcontrollers on its boards are proprietary, of course, but otherwise the firmware and boards are open.
Previous terms of service were also open and specifically stated that anything posted to the company’s website remained the property of the poster. The only license granted to Arduino was permission to display uploaded material and share it with platform users, a license that ceased to exist as soon as the poster deleted the post.
What’s Changed?
The current terms of service is a long list that has the appearance of seeking to codify the notion that nothing is ever deleted from the internet:
- License to User Content: Anything a user or visitor publishes or uploads — from code to text to images to designs — automatically grants Arduino and its successors a non-exclusive, royalty-free, perpetual, irrevocable, transferable, and sub-licensable license to use, adapt, reproduce, distribute, and display worldwide for any purpose — even after account deletion.
- Content Deletion Limits: When users delete their content, Arduino is not required to delete all copies.
- Restrictions on Reverse Engineering: Users are now prohibited from reverse-engineering, copying, or modifying — or even attempting to understand how cloud platform services work, if you take the wording at face value — except when specific open source licenses allow it, or with Arduino’s written permission. Included here is use of the platform to find or support patent claims against Arduino or its partners.
- Extensive Data Collection and Retention: Personal information — including username, contact details, and even minors’ data entered with parental consent — can be retained and processed globally for up to five years, possibly even after account deletion.
- Transfer of Rights: Any content users provide can now be sublicensed to third parties. Arduino also now reserves the right to transfer its contractual rights and user data as part of business changes, such as a further acquisitions.
- Arbitration and Legal Waivers: US users must agree to binding arbitration for disputes with Arduino, and waive their rights to jury trials and class actions unless they opt using specified procedures.
These provisions represent a major policy shift from Arduino’s previous approach, which was more open and permissive.
‘Military Weird Things and More’
Adafruit’s LinkedIn post made passing mention of “military weird things and more,” which was probably referencing some changes that are directly focused on military and defense agencies. One in particular that definitely doesn’t pass the open source definition smell test, is a provision prohibiting military organizations — including projects sponsored or paid for by military agencies — from using Arduino’s AI and/or cloud services.
There are other military focused provisions that aren’t quite so severe, but all go beyond standard export control language and explicitly enumerate various U.S. and foreign military and intelligence bodies, barring almost all forms of government/military or defense contractor use — with a somewhat strange exception for DARPA.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux
Be First to Comment