I suppose it was too much to expect Facebook to adopt a permissive open-source license for its application platform. It's too bad, as it had the chance to forestall growth from Ning, Ringside, and other social networking upstarts by making competition impractical.
Instead, by choosing CPAL, Facebook has ensured that it can be open source without anyone actually using its source. Was that the intent?
As OStatic explains, CPAL requires display of an attribution notice on derivative works. This practice, which effectively requires downstream code to carry the original developer(s)' logo, came to be known as "badgeware." It was approved by the OSI but continues to be viewed with suspicion within the open-source community.
I've written before about how most open-source licenses don't apply themselves well to the networked economy. Only the OSL, AGPL, and CPAL contemplate web-based services. It's not surprising that Facebook opted for one of these licenses, but I am surprised it chose the one least likely to lead to developers actually modifying the Facebook platform.
If the point was to protect the Facebook platform from competition (i.e., derivative works), Facebook chose a good license. If it was to encourage development, it chose the wrong license.
But if the purpose was to prevent modifications of the platform, why bother open sourcing it at all?
For more traditional software projects, customers derive value from being able to modify the source code. But Facebook's customers are unlikely to do so, and now its partners (and competitors) won't do so, either. CPAL may make sense in some contexts, but I'm not sure this is one of them, unless Facebook actually intends for no one to modify its source code....