This is a broken argument when you consider how the AGPL interacts transitively.
If this argument is based on users not modifying the code themselves, then you could use this loophole:
* I make changes to an AGPL app and distribute it to you
* You take my version verbatim and run it as a SaaS. You do not have to provide the source, as you yourself didn't modify it.
If this is the case, then the AGPL is meaningless, and equivalent to the GPL.
Alternatively, the "modified version" property persists across distribution. In this case, any time a third party contributes code upstream (without copyright assignment), they would be making upstream itself become a "modified version" in perpetuity. There is no concept of "upstream" in the license itself to provide an out here.
If this is the case, all users of the software are required to disclose that fact to their network users and provide source.
So pick your poison. Either the AGPL is broken and equivalent to the GPL, or it actually requires all users to follow the requirements of that section, regardless of whether they themselves have modified the code.
The real answer here is that the AGPL is a horribly vague license, the SaaS viral provision is extremely poorly written, nobody knows what it'll mean when interpreted by a judge, and you just should never use it. It's a bad license. A bad EULA.
I think the obligation would attach to the user running the service regardless of whether they were the person who made the modification. Looking at the actual text I see
>License explicitly affirms your unlimited permission to run the unmodified Program.
Logically you would be liable for providing a copy of the software running to your users and he or she would be liable to provide source to you. Merely placing more links in the chain wouldn't abrogate someone either you or they from sharing their modifications.
I think you should read more about the licence before criticizing it so harshely. AGPL was created as an answer of this exact loophole that existed in the original GPL.
Not saying that those licences are perfect an there is definitely grey areas, but what you are stating is not true.
Please read my comment more carefully before claiming what I said isn't true.
The "loophole" in the GPL is that you can modify the software, then only provide access to it, not a copy of it, and the users do not need to receive the modified software, because the GPL is a copyright license and has no bearing on what you can and cannot do as long as you don't copy the software itself.
(Whether this is a "loophole" or a desirable property is very much open to individual opinion)
What the AGPL does is say "Aha! If you modify the software and make it remotely available to users, then you must share your changes with them anyway!". And thus the loophole now becomes: modify the software, give it to someone (but nobody else), and then they can provide access to it as a service, without distributing the software itself, because they didn't modify it so the clause doesn't apply to them.
But maybe your interpretation (of the very vague clause 13 of the AGPL) is that the fact that the software was modified "sticks" even after you give it to someone else. In that case, as soon as anyone contributes changes upstream, then upstream becomes a "modified" version and all users of the software are now required to offer source code to anyone they provide access to it to, regardless of whether they themselves have modified it.
So you get to decide: either the AGPL can be trivially bypassed, or it actually requires all users of the software (in normal open source contribution models) to prominently advertise that to anyone they offer remote access to, modified or not. What's your interpretation? What will a judge's be? Neither of the two are what was intended, anyway.
Logically what you actually do is you ask a lawyer to tell you what a judge would probably say in order to spend merely hundreds to low thousands instead of 10s of hundreds of thousands embroiled in lawsuits.
You could also spend nothing and adhere to the strictest letter and spirit of the law instead of trying to get away with something.
If this argument is based on users not modifying the code themselves, then you could use this loophole:
* I make changes to an AGPL app and distribute it to you
* You take my version verbatim and run it as a SaaS. You do not have to provide the source, as you yourself didn't modify it.
If this is the case, then the AGPL is meaningless, and equivalent to the GPL.
Alternatively, the "modified version" property persists across distribution. In this case, any time a third party contributes code upstream (without copyright assignment), they would be making upstream itself become a "modified version" in perpetuity. There is no concept of "upstream" in the license itself to provide an out here.
If this is the case, all users of the software are required to disclose that fact to their network users and provide source.
So pick your poison. Either the AGPL is broken and equivalent to the GPL, or it actually requires all users to follow the requirements of that section, regardless of whether they themselves have modified the code.
The real answer here is that the AGPL is a horribly vague license, the SaaS viral provision is extremely poorly written, nobody knows what it'll mean when interpreted by a judge, and you just should never use it. It's a bad license. A bad EULA.