Black Duck Blog

Timothy Kenny
Director of Marketing
Tkenny@blackducksoftware.com
We just delivered a webinar which covered the basics of open source, including open source definitions, and the different types of licenses.

Open Source Software legal experts, Karen Copenhaver and Mark Radcliffe, were both on hand to talk about the associated risks in using open source software. Mark and Karen pointed out that although there are risks associated with using open source, when managed and used correctly, the benefits will outweigh the risk.

Open source software has significant benefits and is free, but it is not free of obligations. Gartner Research recently found that while virtually all mainstream IT organizations leverage open source in one capacity or another, fewer than 30% currently have an OSS governance policy in place. With over 1,900 different licenses available today, each with their own obligations, it can be difficult to properly manage the use of open source.

Karen Copenhaver gave a comprehensive review of the legal framework including intellectual property and licensing. Karen answered questions such as:

• Who owns a copyright?

• What is a patent?

• What is a license and what is a sublicense?

• What is the same between commercial and open source licenses?

• What is different about an open source license?

Mark Radcliffe gave a great overview of the history of the open source movement. Mark pointed out that it was in the year of 1998 where the term “open source” was coined.

Mark also covered the various types of open source licenses which include:

• Restrictive: Requires licensor to make improvements or enhancements available under similar terms. The GPL would be an example of this kind.

• Permissive: Modifications/enhancements may remain proprietary. An example of this would be Apache.

• Single user license: Apple, Lucent

We’d be interested in your feedback as well as any additional questions.

Follow us on twitter @black_duck_sw and find us on Facebook.

Timothy Kenny
Director of Marketing
Tkenny@blackducksoftware.com
We just delivered a webinar looking at how trademarks and open source licenses work together.  Open Source Software legal experts, Karen Copenhaver and Mark Radcliffe, were both on hand to talk about the basics of trademark law an implications for open source projects.

Trademarks have come to play an increasingly important role in the open source community. While it may seem that the strict control required by trademark laws would be inconsistent with the freedoms preserved by the open source licenses, trademarks actually are an integral part of the rights which will make open source software successful.

Karen Copenhaver gave a comprehensive review of the typical misconceptions associated with trademarks.  She explained that one of the most common misconceptions is,“If the copyright does not say anything about trademarks, then there is no need to worry.” This simply is not the case.

Mark Radcliffe gave a great overview of what exactly trademarks are, different types of rights associated, and advice on how to secure and maintain them.

Mark was quoted as saying, “Trademarks are valuable assets for open source communities.”

We’d be interested in your thoughts as well as any additional questions.

The recording will be made available shortly.

Timothy Kenny
Director of Marketing
Tkenny@blackducksoftware.com
There are a number of recent legal cases stemming from companies continuing to struggle with licensing and management of other people’s code. From 14 consumer products company’s getting caught up with BusyBox to a decision served up by a Paris appeals court, there are many examples of companies finding open source unknowingly baked into their supply chain. Here’s a summary of four recent cases.

Timothy Kenny
Director of Marketing
Tkenny@blackducksoftware.com
With 65% of the more than 220,000 open source projects available on the Internet using GPL licenses, they are the most widely used open source licenses in the world, that’s one big cube. No matter which way you twist it, the way that software development organizations integrate code licensed under the GPL and AGPL into their applications and services, and depending on how that code is deployed, can expose a company and its intellectual property to significant risk.

Windows 7 USB/DVD download tool was found to contain GPLv2 code. Microsoft is claiming that the code in question was not intentional, but they are sharing the responsibility of the error with the third party contracted to create the tool. They made the source code as well as binaries for the tool available under the terms of the GPLv2.

Despite widespread adoption of GPL-based code, developers and end-users continue to try and solve the puzzle regarding the three main issues of GPL license use and obligations:

* What constitutes a derivative work?
* What constitutes a separate and independent work?
* What constitutes distribution?

Although these issues can be complex, we have seen some practical approaches for addressing them. Karen Copenhaver (Choate, Hall and Stewart) and Mark Radcliffe (DLA Piper), two of the software industry’s most prominent IP lawyers and domain experts with the GPL, recently discussed issues surrounding GPL license use along with some excellent tips and approaches in learning how to address them.

Timothy Kenny
Director of Marketing
Tkenny@blackducksoftware.com
The proliferation of open source use combined with recent legal actions has raised industry awareness that open source code must be managed in compliance with its license obligations. Eyes closed and head down is not going to cut it as this proliferation continues. With development budgets as dry as a desert, the development productivity benefits of open source are an oasis.

Best Buy, Samsung, Westinghouse and JVC are all among 14 consumer electronic companies named in a copyright infringement lawsuit, filed by the Software Freedom Law Center (SFLC). Each company is being charged for selling products containing BusyBox in violation of the terms of its license, the GPLv2. From 2007 until now, this kind of violation has been a growing issue among many consumer electronic companies. Leading development organizations are establishing policies around open source usage and implementing engineering development processes which insure that software products remain in compliance.

Open source Legal experts, Karen Copenhaver, partner at Choate Hall & Stewart and Counsel for the Linux Foundation and Mark Radcliffe, partner at DLA Piper and General Counsel for the Open Source Initiative (OSI), recently presented on the best practices for managing the use of open source code. During the presentation they both pointed out that the recent activity of legal actions in the industry has been promoting the need for companies to manage compliance on both inbound and outbound processes. It is important for companies to be aware of the top implementation approaches in order to reduce risk and exposure.