I\'m Not an IT Lawyer: Why Does Open Source Matter to Me?
Download as PPT, PDF1 like560 views
This document discusses open source software and provides guidance for lawyers on addressing open source legal issues. It defines open source software, notes common misconceptions, outlines when open source use may present legal concerns, and provides tips for evaluating a client's open source code use and compliance with open source licenses.
I\'m Not an IT Lawyer: Why Does Open Source Matter to Me?
- 1. Jennifer Buchanan O’Neill Vice President and Managing Assistant General Counsel, Product Development I’m Not An IT Lawyer: Why Does “Open Source” Matter to Me? October 14, 2009 American Bar Association
- 2. Notices and Disclaimers Copyright © 2009 Jennifer Buchanan O’Neill. All rights reserved. Apache is a trademark of The Apache Software Foundation. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. The statements and opinions expressed herein are those of the author and are not necessarily those of CA, Inc. (“CA”). To the extent permitted by applicable law, the content of this presentation is provided “AS IS” without warranty of any kind. In no event will the author or CA be liable for any loss or damage, direct or indirect, arising from or related to the use of this information, including, without limitation, lost profits, lost investment, business interruption, goodwill or lost data, even if expressly advised in advance of the possibility of such damages. Neither the content herein nor any software product referenced serves as a substitute for your compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, standard, policy, administrative order, executive order, and so on (collectively, “Laws”) referenced herein or otherwise. You should consult with competent legal counsel regarding any such Laws. CA CONFIDENTIAL -- PREPARED IN ANTICIPATION OF LITIGATION
- 3. Overview The line between intellectual property lawyers and general practitioners was once a clear one. IP lawyers filed patent applications, registered trademarks, and counseled their clients on whether reprinting an article was “fair use” of a copyrighted work. Generalists negotiated contracts, prosecuted and defended litigation, and drafted corporate filings. In the current economy, a generalist may not be able to consult an IP specialist. And the pervasive quality of technology means that IP issues are present in many transactions, particularly with respect to the use and licensing of software. You don’t have to be a programmer to help your client address these concerns. But inevitably, you will need to understand the concept of open source. CA CONFIDENTIAL -- PREPARED IN ANTICIPATION OF LITIGATION
- 4. Agenda What is “open source” code? When may the use of open source code present legal concerns for my client? What do I need to know to evaluate my client’s use of open source code? CA CONFIDENTIAL -- PREPARED IN ANTICIPATION OF LITIGATION
- 5. What Is Open Source Code? “ Source code” is human-readable instructions for the software program Source code is compiled or converted, creating “object code” that the computer can read and execute Commercial software is generally licensed in object code form under a proprietary license “ Open source” software is licensed in source code form, at no charge, under terms freely available to the public The end-user of open source code can modify it and distribute those modifications
- 6. The Urban Legends of Open Source Open source code is not public domain Open source is not freeware Open source is not shareware Open source may still be subject to regulation Open source may be licensed by companies for use with their proprietary products and services
- 7. The Urban Legends of Open Source (cont.) Open source licenses are enforceable First major appellate case addressing open source: Jacobsen v. Katzer , 535 F.3d 1373 (Fed Cir. 2008) Violation of conditions may constitute copyright infringement Violation of covenants may constitute breach of contract Potential remedies include statutory or actual monetary damages, specific performance, injunctive relief
- 8. Where May Open Source Be An Issue? Inbound technology licenses Professional or technical services agreements Business process outsourcing Employment agreements Mergers and acquisitions Internal business use
- 9. Where May Open Source Be An Issue? (cont.) Joint research and development/CRADAs Customer sales contracts In-house software development Participation in industry alliances and standards bodies Internal policies for Internet and email usage
- 10. What Do I Do Now? If my client wants to license code from a third party: Require that party to identify all open source code that it uses and distributes, together with the governing license and a description of how the code is used Assess that party’s compliance with applicable licenses. AVOID BEING A DOWNSTREAM INFRINGER. Obtain sufficient contractual protections against infringement in the form of warranties and indemnification If my client wants to license code to a third party: Determine what open source code has or will be used by your client, including documentation of any modifications made Assess compliance and remediate any potential issues prior to external distribution of code For proposed future use, evaluate internal controls to verify whether compliance is feasible
- 11. What Do I Look For? Where can I find the license agreement? Online open source community or project web site User documentation Clickwrap agreement accompanying software LICENSE, NOTICE, or other *.txt file in the program’s source or object code Confirm licensing on a third-party site like Ohloh or Koders Look for dual/tri-licensing scenarios Determine requirements for use, redistribution and modification of code Wide range of licenses with different ramifications for commercial users Scan the source code if there’s any doubt as to origin
- 12. Other Key Concerns What is the impact to your client’s patent rights? Many licenses include a royalty-free patent license granted by each contributor to each end-user. Licensed patents are typically those patent claims that are necessarily infringed by using or selling the contribution or the open source component containing it. Those licenses may also contain “ patent retaliation ” clauses. An end-user may lose all patent licenses granted under the license if it institutes litigation against anyone alleging that the software infringes its patent rights.
- 13. Other Key Concerns Is the open source component critical to your client’s business (as a service provider or otherwise)? Verify how the open source project or community ensures the pedigree of the code. Contributors may have submitted code under terms other than those of the community Proprietary code may have been incorporated in violation of applicable licenses Established open source communities like Apache Software Foundation and Eclipse Foundation have implemented best practices for maintaining integrity of contributions. Review terms of the project’s Contributor License Agreement (or equivalent) Again, when in doubt, SCAN the code
- 14. Questions? About CA CA (NASDAQ: CA), the world's leading independent IT management software company, helps customers optimize IT for better business results. CA's Enterprise IT Management solutions for mainframe and distributed computing enable Lean IT—empowering organizations to more effectively govern, manage and secure their IT operations. Founded in 1976, CA today is a global company with headquarters in the United States and 150 offices in more than 45 countries. CA serves more than 99% of Fortune 1000® companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide.
Editor's Notes
- #3: CA (NASDAQ: CA), the world's leading independent IT management software company, helps customers optimize IT for better business results. CA's Enterprise IT Management solutions for mainframe and distributed computing enable Lean IT—empowering organizations to more effectively govern, manage and secure their IT operations. Founded in 1976, CA today is a global company with headquarters in the United States and 150 offices in more than 45 countries. CA serves more than 99% of Fortune 1000® companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide.
- #5: Jennifer Buchanan O’Neill is Vice President and Managing Assistant General Counsel at CA, Inc., where she leads the Product Development practice group and provides legal counsel on inbound and outbound technology licensing, product development and marketing, mergers and acquisitions, product-related litigation, and regulatory compliance. Ms. O’Neill previously served as Senior Counsel of Intellectual Property and Strategic Sourcing for CIGNA and as in-house counsel for a number of divisions of IBM Corporation. Prior to her employment by IBM, she served as Deputy Assistant General Counsel of Finance and Operations for the United States Environmental Protection Agency, where her duties included negotiating the agency’s cooperative research and development agreements, copyright and publication contracts, and other licensing arrangements. Ms. O’Neill clerked at the United States Court of Appeals for the Federal Circuit and the Fourth Judicial Circuit of Virginia. She has a strong interest in open source licensing and has worked closely with that community in the establishment of best practices for the contribution, licensing and maintenance of code. She graduated from Duke Law School in 1993 and received a B.A. in political science and philosophy from Grove City College in 1990.