So you're saying signal requested their own program be removed from the snap store? Sorry, I'm a little confused on terms. When you say snap maintainer, are you saying you are the maintainer of the signal snap package, or that you're a maintainer of snap itself?
If that's the issue, it's (at most) a trademark violation instead of a copyright violation, which means the DMCA complaint was filed under false premises.
I don't see where the source was being offered by the distributors of this package which would mean they were in violation of the AGPL and it was therefore a copyright violation.
The AGPLv3 only requires that you make the source available, that can even be on request, that can be on a CD. You can even, to quote the AGPLv3 itself, charge for that CD "for a price no more than your reasonable cost of physically performing this conveying of source."
But that's not what's going on here. If the source is unchanged, it's perfectly valid (and often done) to just point people upstream. That is providing the source. And the code used to build their snap is available*, and you can see all it does is repackage upstream's official package.
A trademark violation is a copyright violation, because a trademark is copyrighted at first inception, before anyone adds the '™'.
A company is also compelled to take actions like this to maintain the rights to thier own trademarks.
That's my understanding; IANAL.
There's no need to downvote me, as I'm only engaging in polite conversation, just explain it. And if you can support your argument with qualifications, that would be nice.
It sounds like people are saying that a company can have their trademarks used by downstream distributors of AGPLv3 software, if the license doesn't explicitly prevent that, which just seems wrong. The codebase license is not a license to other company IP
I also don't understand why an entity couldn't do a DCMA takedown based on a trademark violation.
You can't (legally) do a DMCA takedown for a trademark violation. You can use a copyright license that requires a user of a copyrighted work to respect your trademark (or whatever, basically). Then if someone doesn't meet those terms, the copyright license is revoked, and they are in violation of copyright law. However, this is legally just a DMCA takedown for a copyright violation.
Link to where Signal added these terms? You've posted a variant of this claim several times on this post but as far as I can see Signal-Desktop is licensed under a pure AGPLv3 which definitely does not have such terms.
This is not correct. The trademark doesn't affect the copyright but you need both in order to publish binaries with the original name and logo in a store.
You need a copyright license to use the binary. You need a trademark license to use the trademark. See the firefox -> iceweasel kerfuffle
At a naive level, this sounds like the sort of supply chain attack we've all been taught to fear. Asking seriously: has this build been replicated? is the source different from mainline? if so, what changed and who changed it?
That’s also how free software distros work, and have always worked, in general: their job is[1] to prioritize the interests of the users as they see them over the vision of the developers, so that the users can choose the distro that reflects their interests most and still be able to use the software.
What are the terms that Signal attaches to the binaries?
If unmodified binaries are redistributed, there is no trademark violation. It's nominative use, and simply not misleading the public because it's the genuine article. Any obstacle to redistribution must therefore come from the copyright licensing terms (if the binaries are available to the general public), or from an individual agreement with the original recipient of the binaries (so no direct free, public downloads even if the binaries are technically under an open-source license, and export compliance is a bit more difficult). Not sure which applies here, but it's not a trademark issue.
