GitHub & other LLM-gen-AI Companies Urge You to Misdirect California Legislature on FOSS Licensing! - Conservancy Blog - Software Freedom Conservancy
Get the latest update on our Vizio court case -->
Close navigation menu
For only 12 more days, the
we'll direct1 newly initiated Sustainerships & SFC donations to our software<br>right-to-repair work & efforts to resolve Bambu Lab's AGPLv3 violations!
$170,982 raised!
$79,025 to go!
Help us reach this goal<br>so we<br>can dedicate long-term full-time SFC<br>staff on our software right to repair work for 3D printers, & take action on Bambu Lab's AGPLv3 violations!
Home / News / Blog
GitHub & other LLM-gen-AI Companies Urge You to Misdirect California Legislature on FOSS Licensing!
by Bradley M. Kühn<br>on July 3, 2026
Another Reason to Give Up GitHub!
Last week, Microsoft's GitHub1 announced they'd joined a coalition of other<br>LLM-gen-AI<br>for-profit entities who oppose updates to the California Artificial Intelligence Transparency Act (“Cal. Bus. & Prof. Code § 22757”). In<br>their statement, GitHub mistakenly claims<br>that the licensing termination requirements of §22757 run contrary to Free and Open<br>Source Software (“FOSS”) licensing principles. This article explains why these<br>statements made on behalf of Microsoft & GitHub incorrectly represents<br>how FOSS licenses work,<br>and why the entire point is moot since the LLM-gen-AI<br>systems in question are not FOSS themselves anyway!
California's Policy Goals
Cal. Bus. & Prof. Code §22757 (and its updates currently under debate in the current session's SB 1000) are — like most legislation we see around new technologies in<br>USA State and Commonwealth legislatures — well meaning and seeks reasonable<br>goals, but remains confused about some details that are obvious to those who deeply understand the technology.<br>Regardless, the law's aim is good policy. Definitely<br>read through its interesting terms<br>found in the amended<br>§§22757.{1,2,3(a)} proposed in SB 1000. I suspect anyone who<br>uses a for-profit, proprietary<br>LLM-gen-AIs<br>(perhaps by choice, or perhaps under mandate from their employer) would strongly prefer<br>LLM-gen-AI vendors to provide the tools and information that §22757<br>mandates.
These policy goals — mandating transparency and allowing users to<br>“trust but verify” these systems — are precisely the<br>requirements that we want deployed widely for any LLM-gen-AI. SFC's<br>own recommendations on LLM-gen-AI, in fact, correlate with and encourage “after market” implementation of some of §22757's requirements. While this law is of course not written the way<br>technology policy wonks would likely write it, on balance, the law<br>is a good one.
Where GitHub (et al.) Hung their Opposition
Of course, GitHub, Mozilla, Hugging Face, Black Forest Labs, (and likely<br>other companies) hate this<br>law. It requires them to do work to treat their users better. No one<br>in the business of proprietary technology wants to do any more of that than<br>is absolutely necessary to keep the customer. After all, it cuts into<br>profits if companies do anything nice for their users that the customers<br>have not directly demanded through a contractual requirement.
These for-profit corporations use<br>misdirection and disinformation to convince the public that this<br>law is bad for<br>FOSS. Cal. Bus. &<br>Prof. Code §22757 (both as on-the-books now, and as proposed for amendment)<br>is not bad for FOSS , and, is generally good for the software right to repair.
Complaints regarding SB 1000 from Big Tech (and their cronies) focus on a<br>narrow point in the amendments (found in<br>§22757.3(b)(1-3)). Herein, I analyze this clause, and refute these companies'<br>falsehoods about how it impacts FOSS. The key portion found in the proposed-amended §22757.3(b)(1-3) reads:
[22757.3](b)
If a covered provider licenses its GenAI system to a third party, the covered provider shall require<br>both of the following as terms of the license:
That the system remains in compliance with this chapter, to the extent it is technically feasible.<br>That the covered provider may revoke, suspend, or terminate the licensee’s authorization to use the GenAI system if the licensee modifies the GenAI system such that it no longer complies with this chapter.
If a covered provider knows that an identifiable third-party licensee modified a licensed GenAI system such that it no longer complies with this chapter, the covered provider shall terminate the licensee’s authorization to use the GenAI system within 72 hours of discovering the licensee’s action.
A third-party licensee shall cease using or making available a licensed<br>GenAI system, including a copy or modified version of the GenAI<br>system, after the licensee’s authorization to use the GenAI system has been<br>terminated by the covered provider pursuant to paragraph (2).<br>This subdivision does not require a covered provider to monitor,<br>investigate, or otherwise inquire into a third-party licensee’s use...