Legal Issues Affecting the Use of Open Source IT Solutions in the Enterprise Julia Sitarz Student, University of Connecticut WIPO Conference May 2007
Download
Report
Transcript Legal Issues Affecting the Use of Open Source IT Solutions in the Enterprise Julia Sitarz Student, University of Connecticut WIPO Conference May 2007
Legal Issues Affecting the Use of
Open Source IT Solutions
in the Enterprise
Julia Sitarz
Student, University of Connecticut
WIPO Conference May 2007
Global Web Server Use (May 2007)
Source: Netcraft
Apache
IIS
Other
10.00%
31.00%
59.00%
Web Server Use Among Fortune 1000
Companies (Oct. 2006)
Source: Port80 Web Server Survey
54.90%
23.30%
5.80%
16.00%
Apache
IIS
Other
Netscape
What is Open Source/Free Software?
• Software for which the source code is
available for use, copying,
modification, distribution and re-use
• (“free as in free speech, not as in free
beer”)
• Free Software Foundation
• Open Source Initiative
• Total Cost of Ownership (TCO)
What is Open Source? Cont’d
• Source Code
– can be read and adapted by human users
• Object Code (Binary Code)
– consists of 0s and 1s,
– legible only to computers,
– needed to execute program on
computers
Open Source vs. Proprietary
• Open Source Software
– Source Code available to users
– Enables study, modification, and creation
of derivative works and interoperable
programs
– Examples: Linux operating system
• Proprietary Software
–
–
–
–
Typically distributed only in Object Code
Restricts access to Source Code
Modification prohibited by contract terms
Examples: UNIX operating system,
Microsoft operating system
Open Source Legal Risks
• Untested license terms
• Copyright infringement
• Patent infringement
How can businesses best manage these
risks?
Open Source Licenses and
Copyright Law
GNU General Public License (GPL)
• Employed by majority of Open Source
projects worldwide
• Emerged in reaction to perceived change in
software development industry in 1980s
Richard Stallman’s 1984 GNU Manifesto:
GNU, which stands for Gnu’s Not Unix, is the name for
the complete Unix-compatible software system which
I am writing so that I can give it away free to everyone
who can use it. (…) I consider that the golden rule
requires that if I like a program I must share it with
other people who like it. Software sellers want to
divide the users and conquer them, making each user
agree not to share with others. I refuse to break
solidarity with other users in this way. (…) Copying
all or parts of a program is as natural to a
programmer as breathing, and as productive. It ought
to be as free. (…) GNU is not in the public domain.
Everyone will be permitted to modify and redistribute
GNU, but no distributor will be allowed to restrict its
further redistribution. That is to say, proprietary
modifications will not be allowed. I want to make sure
that all versions of GNU remain free.
Software Copyright
• Grants copyright owner the exclusive
rights to copy, distribute and modify
the program
• Software copyright holders permit or
prohibit certain acts via licenses
– Proprietary licenses assert restrictions on
• Use – no decompiling, reverse engineering
• Copying – only for backup
• Redistribution – only as authorized agent
– Open Source licenses makes source
code available, and liberally permit use,
copying, modification and redistribution
GNU General Public License, § 2(b)
The “Copyleft” Clause
2.
• …b) You must cause any work that
you distribute or publish, that in whole
or in part contains or is derived from
the Program or any part thereof, to be
licensed as a whole at no charge to all
third parties under the terms of this
License…
2 Main Kinds of OS Licenses
Non-restrictive
• No restrictions on
distribution of
derivative works
• Do not prevent
code from being
used in non-Open
Source applications
• Example – the BSD
License
Restrictive
• Apply restrictions
on distribution of
derivative works to
ensure that the
code will always
remain free
• Example – the GPL
Legal Challenges to Open Source
• SCO v. IBM –
– trial date vacated pending resolution of SCO v.
Novell
– SCO v. Autozone –
• stayed pending outcome of SCO v. IBM
– SCO v. DaimlerChrysler –
• summary judgment entered against SCO
– Red Hat v. SCO –
• stayed pending outcome of SCO v. IBM
– SCO v. Novell –
• hearings on Motions for Summary Judgment
scheduled for May 31
The Problem of Patent
Infringement…
A software patent covers the functionality of the
code, not merely its expression.
Doctrine of Equivalents
Patent Protection for
Software –
U.S. and European Examples
Software Patent Developments
• EU Directive on the Patentability of
Computer-Implemented Inventions
– Tabled due to lack of consensus
• U.S. Patent Reform?
– KSR International Co. v. Teleflex, Inc.
• Supreme Court decision calling for more court
flexibility in applying the obviousness standard
• Could make it easier to invalidate some
patents on the basis of obviousness
• Considered victory for software companies
Patent Problems with Linux
• OSRM study
– Found Linux potentially infringed 283
patents
– City of Munich migration halted
• Mitigating Factors:
– Patents have not been court-validated
– Approx. 1/3 of patents held by Open
Source-friendly companies
– Any project on the scale of Linux would
be likely to infringe a similar number of
patents
Patent Détente or Beginning
of Enforcement Campaign?
Microsoft/Novell patent agreements
Microsoft’s recent statements to media
GPL Version 3 response
Advising Business Users of OS
• First question – how will Open Source
software be used?
– Without modification, in standard form,
like any other commercial program?
– Modifying or adjusting functionality,
customization for internal purposes only?
– Using the source code to develop other
software for distribution?
Managing Compliance with Licenses
• Assess code base to determine what
licensed materials are there, and what
obligations those licenses impose
• Explore appropriate remedies
• Implement automatic and auditable
controls
• Assist employees to understand their
obligations under Open Source
licenses and intellectual property law
Conclusion:
OS Risk Management for All Companies
• Understand that risks are associated
with the use of any software
– Recognize improbability of “mutually
assured destruction”
• Input risk analysis into Total Cost of
Ownership comparison
• Consider market means of shifting risk
– Indemnification through OS vendors
– Insurance