Some of the academic researchers that use Madagascar are sponsored by companies who require a period of confidentiality before deliverables can be made public. During discussions at the workshop, the issue of the interaction between the confidentiality agreement and the GPL was raised.
I am not a lawyer and what follows is not legal advice, but just describes my understanding of the issue.
Let us assume a researcher (called R) who wrote a program P linking with GPL-ed library G (in our case, G=rsflib). If Researcher R distributes the program P to anyone, then he will have to license P under the GPL because it is linking with a GPL-ed library. R is free to use G in any way he wants for his own purposes, and he is not required at all by the GPL to distribute program P. If, however, he chooses to distribute program P, he simply has no choice than to release it under the GPL, regardless of what contracts he may have with others. If he restricts the rights of the users by breaking the GPL, then he loses the right to use library G, it’s that simple. Notice again the starting assumption that researcher R received library G under the GPL. If he negotiated a private agreement with the author of G, and received G under another license (paying or not for it, it does not matter), then that is a different case, not treated by this analysis.
Researcher R, as the copyright holder, has the right to release the code to anyone he pleases, when he pleases, under whatever license he pleases. R is therefore free to release program P only to his sponsor companies Ci , (where i is a number between 1 and the number of sponsors) for the first Y years as agreed with the sponsors, then to release it to the general public. In all releases P will be licensed under the GPL.
Now comes the tricky part: Researcher R cannot break the GPL and restrict the freedom of whomever releases the code to, including companies Ci. This means that any of the companies Ci are free to redistribute the code under the GPL to whomever they see fit, whenver they see fit. Should there be any stipulations in the sponsorship contract stating that Ci cannot make public the code of program P during the first Y years, then such stipulations are illegal, and thus null and void. As expected, GPL is all about maximizing the freedom of the users!
Bottom line, there are no contradictions between GPL and sponsorship contract stipulations stating that researcher R has to release program P only to his sponsors for the first Y years. The contradictions can appear only if the contract stipulates that the sponsor Ci is restricted from redistributing the program. In reality, once sponsor Ci has received program P with a GPL license, he is free to redistribute it to anybody, as long as it is doing so under the GPL too.
This situation may get sponsors worried that one of them will “betray” the confidentiality pact. However, such cases are practically impossible to occur, since sponsor Ci, by entering the sponsorship contract, practically stated that it is in his best interest that the number of companies that get access to P is restricted for the first Y years. If Ci releases program P to a non-sponsor before the lapse of the Y year term, then he is in effect acting against its own interest. It is conceivable that Ci would release P to a non-competitor N (such as a contractor for optimizing codes or doing associated research). Then N would have the legal right to redistribute program P under the GPL, and would apparently not be constrained by self-interest since he is not competing with the competitors of Ci. However, he will in practice not do so, since Ci has the power to publicize that N acted against the interests of his patron (even if in a manner that is not punishable by law). Ci can thus ensure that N will lose other clients if he further released P. It is hard to conceive what benefit N would have from releasing P that would counterbalance the loss of clients. The chain of plausible transmissions before the end of the first Y years stops here. The only margin case remaining is the one in which N has a one-off relationship with Ci or is closing the business and does not want any more clients, and has a reason to bother to release P. However, this is totally improbable.
Therefore, in practice researcher R can release program P under the GPL to his sponsors Ci only for the first Y years, and to the general public after that, and both R and Ci can rest assured that the program will not be made public before the lapse of the Y-year term. The only assumptions made were that everybody obeys the law and acts in his own self-interest. The only case that allows P to be released before the term is entirely improbable. For all practical purposes, researchers sponsored by industry through typical agreements can use GPL-ed libraries without any problems.