AI · Software Licensing Beyond the Source Code

Chardet: clean rooms, copyleft and the AI rewrite problem

What an AI-assisted rewrite of a small Python library reveals about the cost structure that copyleft has always depended on

Iveta Yuskeselieva · 16 min read · 29 June 2026 · EU · UK · US
Contents
  1. 01 I.  The rewrite
  2. 02 II.    Whether chardet 7.0.0 is a derivative work
  3.  A.    The United States
  4. B.    The European Union
  5. C.    The United Kingdom
  6. 03 III. The harder question: reimplementation and the limits of copyright
  7. A.    What copyright protects in software
  8. B. The cost that AI doesn’t remove
  9. C. The Thaler trap
  10. D.   The uneven impact of AI-generated code
  11. 04 IV. Conclusion: it depends on the software, and on where the rewrite is headed

Open-source licensing has always depended on more than legal doctrine. It has also depended on cost. A copyleft licence works not only because copyright gives it legal force, but because rewriting the code to avoid the licence is usually slower, riskier and more expensive than complying with it.

AI-assisted reimplementation puts pressure on that assumption. Earlier this year, a widely used Python library licensed under the LGPL was rewritten from scratch by an AI coding tool, working from the public interface and the test suite alone, and released under a permissive licence that discarded the copyleft. The new code bore less than 0.04% similarity to the original. 

Whether the rewrite lawfully escaped the LGPL is a question worth answering, and this article answers it. But the harder question is what happens to copyleft when lawful substitution becomes cheaper than compliance, and when the code that results may not be copyrightable enough to sustain a licence of its own.

I.  The rewrite

Chardet is a character encoding detection library, the kind of unglamorous utility that sits deep in the dependency tree of larger software and is depended upon precisely because nobody thinks about it. Mark Pilgrim created it in 2006 under the LGPL. Dan Blanchard has been its primary maintainer since 2013, with close to seven hundred commits to his name. On 2 March 2026 Blanchard released chardet 7.0.0, described as a “ground-up MIT-licensed rewrite of chardet” using Claude Code. It carried the same package name, the same public API and the same PyPI listing as the library it replaced. Measured against the old codebase, the new one was almost unrecognisable at the level of code: JPlag plagiarism detection returned an average similarity of 0.04%, and a broader structural analysis put the figure below 1.3%.

The method matters as much as the result. Blanchard began in an empty repository, instructed the model not to reference the LGPL source, gave it only the API specification and the test suite, and asked it to reimplement the library from scratch. 

The licence history of the rewrite is itself revealing. Blanchard initially released chardet 7.0.0 under the MIT licence, a standard permissive licence requiring only attribution and licence notice. He later changed it to 0BSD, a public-domain-equivalent licence that imposes no conditions at all and that its drafters describe as permitting use without any restrictions. Blanchard has said the move was deliberate: 0BSD sidesteps the question of whether AI-generated code is copyrightable in the first place, because a public-domain-equivalent licence does not depend on the existence of a copyright it can enforce.

He then published the design documents, the implementation plans and the transcripts of the Claude conversations, an unusually complete record of how the rewrite was produced. He has been candid that this was an approximation of a clean room rather than the real thing. He had spent a decade immersed in chardet’s internals, and in at least three documented instances the model’s subagents referenced parts of the old source, although those turned out to be API surface or files he had primarily authored himself. Imperfect as it was, the process is the closest the software world has come to an AI version of a clean room reimplementation, a technique whose lineage runs back to the 1980s and to Compaq’s celebrated reconstruction of IBM’s BIOS, achieved by isolating the engineers who wrote the new code from the original they were replacing.

The question that the community, and Pilgrim, were left asking was whether a court would find chardet 7.0.0 to be a derivative work of the LGPL original. The analysis below takes the United States, the European Union and the United Kingdom in turn.

II.    Whether chardet 7.0.0 is a derivative work

 A.    The United States

The abstraction, filtration, comparison (AFC) test, articulated in Computer Associates v. Altai (982 F.2d 693, 2d Cir. 1992) and adopted by most federal circuits, would strip the original chardet codebase to its protectable core before any comparison takes place. 

Filtration removes a great deal here. It removes chardet’s purpose, because it’s an unprotectable idea under Section 102(b)), procedures, systems or methods of operation. It removes the general probe-based architecture, to the extent that this is a standard or expected way of approaching character encoding detection. It removes algorithms and detection logic where they are dictated by encoding standards, statistical methods, compatibility requirements or the technical properties of character sets. And it removes the API, which is arguably a method of operation under the First Circuit’s reasoning in Lotus v. Borland and which in any event the Supreme Court addressed through fair use in Google LLC v. Oracle America (2021). 

What survives filtration is thin, and at 0.04% measured similarity between the 6.x line and 7.0.0, a plaintiff would struggle to establish substantial similarity in whatever protectable expression remains. The Ninth Circuit’s analytic dissection approach makes the case harder still: where a work receives only thin protection because its expression is heavily constrained by the underlying idea, the plaintiff must show virtual identity rather than mere substantial similarity. On the known facts, chardet 7.0.0 does not approach that threshold.

B.    The European Union

The European analysis is more direct. Article 1(2) of the Software Directive denies copyright protection to the ideas and principles underlying any element of a computer program and says so expressly of its interfaces. 

The Court of Justice confirmed in SAS Institute v. World Programming (C-406/10) that neither the functionality of a program nor the programming language in which it is written constitutes protectable expression, with the consequence that reimplementing the same capability in different code is lawful. Encoding detection reproduced in independent code is exactly that.

C.    The United Kingdom

 The High Court reaches substantially the same result under English law. In SAS Institute v. World Programming ([2013] EWHC 69 (Ch)) Arnold J applied the Court of Justice’s preliminary ruling and held that functionality, interfaces and programming languages fall outside the protection given to software by copyright. The position has not shifted with the United Kingdom’s departure from the European Union.

Across all three jurisdictions the argument that chardet 7.0.0 is a derivative work runs into the same structural difficulty. Encoding detection is a technically constrained function whose solution space is fixed by external standards, by the mathematical properties of character sets and by published algorithmic approaches, and what is left for original creative expression, the thing copyright exists to protect, is very little. On the known facts, it is unlikely that a court in any of the three would find chardet 7.0.0 to be a derivative work of the LGPL original.

 It is worth being precise about why that conclusion holds, because the reason carries the rest of the article. It holds not because Blanchard’s clean room was pristine, which by his own account it was not, but because the protectable expression in the original was thin to begin with. Where there is little protected expression, there is little for an imperfect clean room to have transferred, and the documented contamination matters far less than it would for software whose value lives in creative architecture. The thinness of the expression is what makes the rewrite safe, and it is also what makes chardet a warning rather than an isolated curiosity.

An AI-assisted clean room is far cheaper than anything the industry was accustomed to, and the cost of that technique was, for forty years, much of what made copyleft work. The question that follows is whether cheap reimplementation renders copyright, and copyleft above all, an obsolete construction.

The answer begins with what copyright protects in software, which is expression and not function. Chardet solves a well-defined technical problem in which the algorithms are largely dictated by the subject matter, so its protectable expression is inherently thin. The position is different for software with genuinely creative architecture. There, the filtration step leaves far more protectable expression intact, and the comparison step may find substantial similarity even in an AI-generated rewrite, because a model may reproduce the creative architectural choices it absorbed in training. The more creative the original, the harder it is to reimplement without reproducing protected expression. 

What emerges is a category of software that is structurally exposed to AI reimplementation: functional, problem-domain-constrained code in which protectable expression is thin. For that category, the legal position and the practical position diverge. In law, copyleft survives untouched. In practice, it may not, because the cost of compliance now exceeds the cost of reimplementation. 

For software with extensive protectable expression the calculus is reversed, since the filtration step leaves enough creative architecture that the comparison step will still catch non-literal copying. 

The dividing line is the filtration step itself: how much survives once ideas, functional requirements, standard practice and domain-dictated logic are stripped away. Where little survives, AI reimplementation can route around copyleft. Where a great deal survives, it cannot.

B. The cost that AI doesn’t remove

There is a second line of defence for copyleft, and it owes nothing to copyright law. Routing around a copyleft licence by reimplementation creates a fork, and maintaining a fork is almost always more expensive and more difficult than complying with the original licence. 

Open-source software does not exist in isolation. It exists in an ecosystem, receiving upstream security patches, tracking changes in the language runtime it depends on, and preserving compatibility with the libraries built on top of it. When a library sits inside the dependency tree of a widely used package, which in turn sits inside thousands of applications, its value is not only its code. It is its maintained position in that ecosystem, and a reimplemented fork has to earn that position on its own: it must demonstrate that it will receive timely security patches, that it will track runtime changes, and that it will not introduce subtle behavioural differences that break the software downstream of it. The economic cost of escaping copyleft is therefore not only the cost of reimplementation but the cost of sustained maintenance outside the community that maintained the original, and even where AI collapses the first cost to nearly nothing, the second remains.

This is also where chardet has to be read carefully, because the maintenance cost protects some software and not others. It protects large, complex, community-maintained projects, where the ecosystem position is the real asset and a fork cannot easily replicate it. It does very little for small, stable, well-defined utility libraries, where the function is narrow, the behaviour settled and the maintenance burden light. Chardet is the second kind, and that is precisely why the rewrite was viable. The protection copyleft once drew from the cost of reimplementation has, for software of this kind, simply disappeared, and the protection that ongoing maintenance might otherwise have offered never forms around a library this small.

C. The Thaler trap

The second pressure on copyleft comes from the law rather than from economics, and it points in the opposite direction. In the United States, Thaler v. Perlmutter holds that a work generated autonomously by AI, without human authorship, is not copyrightable, and the Supreme Court declined to hear the case in March 2026, leaving the D.C. Circuit’s ruling intact. Germany reached a parallel result by a different route. In a decision of 13 February 2026, the Amtsgericht München applied the existing EU and German originality test and held that prompting and iterative correction are not enough to establish authorship, unless the human contribution is reflected in the final output as free and creative choices.

That creates the trap into which the chardet method may lead. An AI rewrite may successfully escape the original LGPL if it does not copy protected expression from the old code. But if the new code’s own protectable expression is attributable too thinly to human authorship, the replacement may have little or no copyright protection of its own. In that case, the rewrite escapes the old licence but cannot fully enforce the new one.

The consequence is structural, because open-source licensing depends on copyright. The GPL, MIT licence, Apache licence and BSD licence all operate as copyright permissions. Each assumes that someone owns an exclusive right to control copying, modification and distribution, and then grants permission subject to stated terms. Remove the copyright, and there is no exclusive right for the licence to condition. The licence label may remain commercially meaningful, but legally it has little to bite on.

That risk is sharpest for copyleft. A developer who releases heavily AI-generated code under the GPL may intend every downstream distributor to release source code under the same terms. But if the relevant code lacks copyrightable human authorship, a downstream company that incorporates and distributes it may not be infringing any copyright by ignoring those conditions. Copyleft is therefore squeezed from both sides. On the attack side, AI-assisted reimplementation can make it cheaper to route around copyleft code. On the defence side, AI-generated replacements may themselves lack enough copyrightable authorship to sustain a copyleft licence. The mechanism loses force on both flanks at once.

Blanchard’s own subsequent decision illustrates the point. His decision to relicense chardet 7.0.0 from MIT to 0BSD, a public-domain-equivalent licence, is a practical acknowledgment of the trap. The MIT licence, minimal as its conditions are, still assumes a copyright holder granting permission: permission to use, copy, modify and distribute, subject to attribution and licence notice. If no copyright attaches to the code, that permission has no legal weight, and the conditions have no legal grip. A public-domain-equivalent licence absorbs that uncertainty by asking for nothing: it places the code in a position functionally identical to the public domain, so the question of whether copyright exists becomes immaterial to the downstream user. For a permissive project whose purpose is simply to allow unrestricted reuse, the move works. For copyleft it cannot, and this is the asymmetry that matters. 

Copyleft does not merely permit use. It conditions permission on reciprocal obligations: distribute the source, keep the licence, extend the same terms downstream. Those obligations need copyright as their source, because without an exclusive right there is nothing to condition. A copyleft project cannot solve the Thaler problem by moving to a public-domain-equivalent licence, because doing so would abandon the very mechanism copyleft exists to enforce. The escape route that chardet took is available only to projects willing to give up control, and copyleft is, by definition, the express decision not to.

D.   The uneven impact of AI-generated code

The erosion is real, but it is not uniform, and it concentrates almost entirely in one place. For software that is never distributed, the loss of copyright changes very little, because trade secret law does not depend on copyrightability. A company that generates its internal tools with AI and keeps the code behind its own walls is protected by secrecy, through employment agreements, non-disclosure obligations and access controls, and the copyright status of the code is beside the point. Most corporate software never leaves the building, and for that software Thaler changes nothing.

For distributed proprietary software the gap that copyright leaves is filled, in practice, contractually, and this is the protection that matters most. Where an AI-generated library is embedded in a proprietary application and that application is licensed to a customer under a commercial agreement, the absence of copyright in the library does little to weaken the supplier’s position, because the customer is bound by the terms it accepted. The obligation not to copy, redistribute or reverse-engineer is a contractual commitment, enforceable as such, and it does not require that the underlying code be copyrightable. A qualification is necessary, since contract binds only the parties to it: a third party who lawfully comes into possession of uncopyrightable code is not held by terms it never accepted, and against that person there is no copyright to assert. For distributed proprietary software, however, the counterparty is usually the party who matters, and contract reaches the counterparty. The functional value of the software, its ability to do the work it was built for, is untouched by any of this, and that value was never a creature of copyright in the first place.

The damage, then, falls on open-source, because the open-source licensing model has no substrate other than copyright to fall back on. Trade secret cannot help a project whose whole purpose is to publish its source, and contract reaches only those who accept terms, not the open distribution that open source depends on. 

As a growing share of open-source code is AI-generated and therefore potentially uncopyrightable, the licences governing that code become progressively harder to enforce, and a body of software drifts toward the public domain regardless of the licence label attached to it. The same shift creates a new category of diligence risk in any acquisition built on a software codebase, because a target that claims valuable proprietary rights in its code must now answer how much of that code was AI-generated, and an answer of “most of it” means the asset is defensible commercially and operationally but not necessarily by copyright.

IV. Conclusion: it depends on the software, and on where the rewrite is headed

The honest answer to whether AI reimplementation has made copyright obsolete is the answer a lawyer gives to most hard questions, which is that it depends, and it depends on two things in particular.

It depends first on the kind of software. Where protectable expression is thin, because the code solves a constrained technical problem dictated by external standards, copyright was always a light protection, and AI reimplementation now makes it lighter still. Where protectable expression is thick, because the value lives in creative architecture, copyright continues to bite, and a rewrite that reproduces those choices remains exposed. Chardet sits at the thin end, and that is the whole reason its story is being told.

It depends second on where the rewrite is meant to go. A reimplementation destined to return to the community under copyleft inherits the full force of the squeeze, vulnerable on the attack side because it can be routed around, and vulnerable on the defence side because, if it is substantially AI-generated, the copyleft it carries may not be enforceable. A reimplementation released under a permissive licence such as MIT loses less, because it asks for little and its conditions are slight, but it loses that little for the same reason: there may be no copyright to license. A reimplementation kept behind proprietary contractual terms loses almost nothing, because contract and secrecy carry the protection that copyright would otherwise have supplied, and the functional value of the code is unaffected throughout.

What the chardet episode marks is not the death of copyright in software but the narrowing of the work it does. For functional code held under contract, copyright was never the thing that mattered most. For thin-expression code headed back into the open, copyright is becoming a less reliable foundation than it once was, and that is a shift the open-source community will need to think through, because the licensing model it built over thirty years rests on that foundation. The question is not whether open source survives this: it will, because the value of open collaboration has never been purely legal. The question is whether the legal tools that have served the community so far are still equal to the environment they now operate in, and, where they are not, what comes next.

Iveta Yuskeselieva

Iveta Yuskeselieva

Technology Legal Counsel

Writing on technology law across the EU, UK, and US: software licensing, AI, cybersecurity, and the commercial questions that sit between them.

If your team is working through this question, I compare notes gladly.

Stay in the conversation.

New analysis delivered directly. No noise.