OpenLogic Moves To Help Prevent License Lawsuits
Until just over two years ago, the General Public License, the all-pervasive Open Source license used by tens of thousands of Open Source projects, had never been the subject of a violation lawsuit — not once in its eighteen year history. September 2007 brought an end to that, unleashing a flurry of lawsuits against some of the biggest names in technology, a flurry that is still underway. In an effort to end the violations — and the litigation that comes with them — one company has officially launched its own resource for Open Source compliance.
While meeting the terms of a specific Open Source license may not be particularly difficult — many bear fairly light obligations — the task of making that compliance happen in a corporate environment is not necessarily as easy. The sheer number of available licenses under which Open Source software is available is by itself enough to make one's head spin.
Beyond that is the reality of the corporate sphere — the left hand does not always know what the right hand is doing, much less what the myriad of divisions, departments, and development centers are up to. Though it tends to be ascribed to malice — and no doubt, some is the result of it — it is far from improbable for license violations to slide through the development process on blindness alone. (Hanlon's Razor perhaps puts it best: "Never attribute to malice that which can be adequately explained by stupidity.") How, then, will this blindness come to an end?
OpenLogic, a commercial venture that provides Open Source-based services aimed at enterprise customers, and well known for founding the Open Source Census — thinks it has an answer. Though the effort — christened the Open Source Fulfillment Center — has been underway for some time, it was officially launched on Thursday, just days after the latest, and largest to date, round of license-violation suits was announced. OpenLogic executives cited the newly-filed litigation as a prime reason for companies distributing Open Source software as part of their product offerings to avail themselves of the Center's services.
According to OpenLogic, the center will offer three sets of services:
- Advisory and Planning: OpenLogic offers its customers advice on the development of the processes and procedures needed to comply with the open source licenses, including distribution of source code. This includes a review of proposed processes by outside legal counsel with expertise on open source licensing.
- Application Audit and License Analysis: OpenLogic's experts use a variety of tools to scan and analyze software and identify any embedded open source code. OpenLogic provides its customers with a warranted and indemnified report of open source software and licenses, the relevant license obligations, potential license conflicts and a "compliance checklist".
- Fulfillment: In order to comply with the terms of the GPL, companies must offer the open source code to its customers. This can be challenging with many consumer products where the open source software is embedded in the product. OpenLogic's Open Source Fulfillment Center includes an online web site (created and hosted by OpenLogic) where customers can download the appropriate open source code as well as a physical fulfillment option.
In addition to stressing the importance of complying with the letter of Open Source licenses, company representatives highlighted the need for companies to understand the licenses themselves. Said attorney Jason Haislmaier: "This week's copyright infringement lawsuit...underscores the importance of understanding and complying with all the open source software embedded in your products."
Additional information on the Center and its offerings is expected in January.
Justin Ryan is a Contributing Editor for Linux Journal.
- Bruce Nikkel's Practical Forensic Imaging (No Starch Press)
- Transitioning to Python 3
- Progress on Privacy
- Stepping into Science
- Linux Journal December 2016
- Radio Free Linux
- CORSAIR's Carbide Air 740
- The Tiny Internet Project, Part II
- FutureVault Inc.'s FutureVault
- A Better Raspberry Pi Streaming Solution