The Academic aspect of FOSS Legal Issues
Searching in the web for FOSS legal issues you can find articles , posts in blogs -forums and various piece of information. The aim of this post is not to to show how to search for this kind of information but to mention how universities and the academic interpret legal issues related with FOSS..
Let’s see what’s going on then :
a) The Software Freedom Law Center published , before 5 years , a great paper called A Legal Issues Primer for Open Source and Free Software Projects ( it is also available as PDF). So if you are a software user, this is a great read and gives you a better understanding of why software licenses are so important. Furthermore if you are a software developer, and particularly if you are a developer working in the FOSS world I couldn’t find any reason not to read this paper.
b) Fitzgerald, Brian F. and Suzor, Nicolas P. in 2005 published a paper with title “Legal issues for the use of free and open source software in government”[Melbourne University Law Review, 29(2), pp. 412-447.]. It is also available in PDF format and you can download from here.
c) Andrés Guadamuz González [University of Edinburgh, UK] published a paper , in 2005 , with title “The calm before the storm? Legal challenges to open source licences” . It is also available in PDF format and you can download from here
d) Steve H. Lee [Harvard University,MA,USA] published a paper [in draft form] , in 1999 , with title “Open Source Software Licensing” . It is also available in PDF format and you can download from here.
For sure you can find more papers and publications related to FOSS legal issues , in my opinion I listed the most important ones.
Top FOSS Legal Issues [part1]
Taking about FOSS and law issues could last for years…To be more concrete I found some stuff relate to FOSS lawsuits…In this post I will list the Top 10 legal issues [with some details] for 2007 , as this year was a very active one. Let’s the issues then :
1. Publication of GPLv3. The GPLv2 continues to be the most widely used FOSS license, yet the law relating to software has developed significantly since the publication of the original publication of the GPLv2 in 1991. However the new GPLv3 license is much more comprehensive than GPLv2 and addresses the new issues which have arisen in software law in the last 15 years.
2. SCO’s Attack on Linux Collapses. SCO filed lawsuits claiming that Linux infringed SCO’s copyrights in UNIX. These suits suffered a fatal blow when the court in the Novell litigation found that SCO did not own the copyrights in UNIX. The ownership of the copyrights is essential to prosecute cases for copyright infringement. The melt down of SCO’s strategy was complete when it filed for bankruptcy soon after this loss.
3. First Legal Opinion on Enforcing a FOSS License. In August, the district court in San Francisco surprised many lawyers by ruling that the remedies for breach of the Artistic License were in contract, not copyright. Most lawyers believe that the failure to comply with the major terms of an open source license means that the licensee is a copyright infringer and, thus, can obtain “injunctive relief” (which means that the court orders a party to cease their violation). On the other hand, if the remedy is limited to contract remedies, then the standard remedy would be limited to monetary damages. Such damages are of limited value to open source licensors. The district court decision has been appealed.
4. First US Lawsuit to Enforce GPLv2. The Software Freedom Law Center filed the first lawsuit to enforce the GPL for the BusyBox software in August. Subsequently, it filed three other lawsuits. Although the first three lawsuits were against small companies, the most recent lawsuit was against Verizon. These lawsuits represent a new approach for the SFLC which, in the past, has preferred negotiation to litigation. SFLC has settled two of the lawsuits. Each of the settlements has required that the defendants pay damages, another new development. These suits may be the first of many.
5. First Patent Infringement Lawsuit by Patent Trolls against FOSS Vendors. IP Innovation LLC (and Technology Licensing Corporation) filed suit against Red Hat and Novell in what may be the first volley in a patent war against a FOSS vendor. Acacia is a well known patent troll which has been buying patents for some time and works through multiple subsidiaries. The FOSS industry provides a tempting target because of its rapid growth. These suits could slow the expansion of FOSS because many potential licensees express concern about potential liability for infringement of third party rights by FOSS.
6. First Patent Lawsuit by a Commercial Competitor against a FOSS Vendor. Network Appliances, Inc. (“NetApps”) sued Sun Microsystems, Inc. (“Sun”) for patent infringement by Sun’s ZFS file system in its Solaris operating system. The ZFS file system posed a challenge to NetApps products because it permits the connection of less expensive storage devices to the operating system.
7. Microsoft Obtains Approval of Two Licenses by OSI. Microsoft Corporation continues its schizophrenic approach to FOSS by simultaneously asserting that the Linux operating system violates Microsoft’s patents and submitting two licenses for approval by OSI. In October, the OSI Board approved the Microsoft Public License (Ms-PL) and the Microsoft Reciprocal License (Ms-RL) as consistent with the Open Source Definition.
8. German Court Finds that Skype Violates GPLv2 The enforcement of the GPLv2 in Germany continues with a Munich court finding that Skype had violated GPLv2 by not including the source code with the binary version of the software (instead, Skype had included a “flyer” with a URL describing where to find the source code version). The suit was brought by Harald Welte, who has been the plaintiff in virtually all of the German enforcement actions for GPLv2. Harald runs gpl-violations.org, an organization which he founded to track down and prosecute violators of the GPL.
9. New License Options. Two of the most controversial issues in FOSS licensing, network use and attribution, were addressed in new licenses adopted this year. A “network use” provision imposes a requirement that when a program makes functions available through a computer network, the user may obtain the source code of the program. Essentially, it extends the trigger requiring providing a copy of the source code from “distribution” of the object code (as required under the GPLv2) to include making the functions available over a computer network. An “attribution” provision requires that certain phrases or images referring to the developing company be included in the program. This provision was very controversial on the License Discuss email list for OSI. The Free Software Foundation published the Affero General Public License in the fall which expanded the scope of the GPLv3 to include a “network use” provision. A limited form of attribution was included in the GPLv3. And OSI approved the Common Public Attribution License which included both the “network use” and “attribution” provisions.
10. Creation of Linux Foundation. The Open Source Development Labs and the Free Standards Group merged to form the Linux Foundation. The FOSS industry is unusual because of the extent to which it depends on non profit entities for guidance. These entities include the OSI, Free Software Foundation, Mozilla Foundation, Apache Foundation and Eclipse Foundation. This merger provides a much stronger platform to promote Linux and open standards.
Seems that 2007 brought to the light legal issues , lawsuits and very interesting piece of information related to FOSS. We can see that Free and Open Source software is not only related with software development but also with courts and various lawsuits.
Reference : http://lawandlifesiliconvalley.blogspot.com.es/2007/12/2007-top-ten-free-and-open-source-legal.html
Top FOSS Legal Issues [part2]
As in the previous post we saw the first part of the Top 10 FOSS Legal Issues , in this article we will focus on other Top 10 FOSS legal issues not for the year 2007 but for the year 2012.
1. Android Patent Litigation. The litigation surrounding the Android operating system has continued around the world. Although some of the cases have settled, the litigation has continued to result in multiple decisions in different countries. One of the most important decisions occurred in Silicon Valley: on August 24, 2012, the jury awarded Apple Computer, Inc. (“Apple”) $1.05 billion in damages for Samsung’s violation of its patents. The decision is particularly interesting because the lawsuit involved four design patents and three utility patents (Since we represent some of the parties in other matters, I offer no opinion on the correctness of the decision). Many intellectual property lawyers have been skeptical about the value of design patents, particularly in comparison to utility patents. This decision will undoubtedly cause a re-assessment of the value of design patents. However, more recently, in the same case, the judge refused to grant Apple a permanent injunction against the distribution of the Samsung products found to be infringing. This decision will be appealed and we will not know the final answer for some time. The multiple cases will undoubtedly continue next year.
2. Protection of APIs: Oracle v. Google. A separate but related case also involved the Android operating system. Oracle sued Google for the alleged infringement of Oracle’s copyrights in the Java software (which it had acquired from Sun Microsystems, Inc.) and certain Oracle patents. Oracle alleged that Google’s Android operating system infringes the copyrights in “twelve code files and 37 specifications for application programming interface packages”. The results of the dispute were complicated because the judge first had the jury make a decision about copyright infringement but reserved for himself the decision about whether the application programming interfaces (“APIs”) were copyrightable. Thus, in early May, the jury found that Google had infringed the copyrights in Oracle’s APIs (although they deadlocked on whether the copying was “fair use”).
3. EU Copyright Law Does Not Protect Computer Language and Functions. The SAS Institute, Inc. (“SAS”) v. World Programming, Limited (“WPL”) decision in the European Court of Justice involved the scope of copyright protection for computer programs and has important implications for FOSS and the scope of “derivative works” under copyright law http://curia.europa.eu/jcms/upload/docs/application/pdf/2012-05/cp120053en.pdf. The case addresses issues similar to the Oracle v. Google case described above (in fact, Judge Alsup asked for a briefing from the parties in the Google case after the SAS decision was announced). The case involved the copying of the scripts and certain functions of the SAS analytical software. The SAS software enables users to write and run their own application programs in order to adapt the SAS software to work with their data. These “application programs” are called “scripts” and are written in a language which is peculiar to the SAS software. WPL recognized that a market existed for alternative software capable of executing application programs written in the SAS language. WPL produced the ‘World Programming System’, designed to emulate the SAS components as closely as possible in that, with a few minor exceptions, it attempted to ensure that the same inputs would produce the same outputs. This approach would enable users of the SAS software to run the “scripts” which they have developed for use with the SAS software on the ‘World Programming System’.The court found that such functions and programming language were not protected under the EU Directive on Protection of Computer Programs: Article 1(2) of Council Directive 91/250/EEC of 14 May 1991 on the legal protection of computer programs must be interpreted as meaning that neither the functionality of a computer program nor the programming language and the format of data files used in a computer program in order to exploit certain of its functions constitute a form of expression of that program and, as such, are not protected by copyright in computer programs for the purposes of that directive.
4. Expansion of Open Source Initiative. The Open Source Initiative (“OSI”) has decided to broaden its base by expanding its role as an advocacy organization. The OSI has reached started membership programs for individuals and affiliated organizations (as a matter of transparency, I am outside general counsel to the OSI on a pro bono basis). OSI describes this change as follows: “The OSI is moving its governance from a model of volunteer and self-appointed directors to one driven by members. Our high-level objectives in doing so are to provide a broad meeting place for everyone who shares an interest in open source software, with the continuing aim of strengthening the OSI so that it can more effectively fulfill its goals over the long term.” The Affiliate Program has successfully signed up over twenty open source organizations include among others the Linux Foundation, Mozilla Foundation, Debian and OW2.
5. Unlicensed FOSS. One disturbing trend is the posting of FOSS modules without licenses. Simon Phipps focused on this problem in his recent blog, particularly on the problems raised by the terms of service at Github. James Governor, the founder of analyst Red Monk, is quoted by Simon as stating: “”younger devs today are about POSS – Post open source software. f*** the license and governance, just commit to github” http://www.infoworld.com/d/open-source-software/github-needs-take-open-source-seriously-208046. As I mentioned in my earlier post, http://lawandlifesiliconvalley.com/blog/?p=708, this approach will undercut the major desire of most FOSS developers: the broad use of their code. The lack of a license ensures that the software will be removed from any product meant to be used by corporations. Corporations are very sensitive about ensuring that all software that they use or which is incorporated in their products is properly licensed. I have worked on the analysis of hundreds of software programs and the response to software without a clear license is almost always “rip it out”. In addition, as I discuss in more detail in the post, this approach could also subject the developer to liability under the Uniform Commercial Code (an admittedly low probability).
6. Qualification of FOSS under the Trade Agreement Act. Talend, a licensor of open source enterprise software, has recently received a ruling from the U.S. Customs Service corroborating that its software complies with the Trade Agreements Act of 1979 (19 USC 2511 et seq.) (“TAA”). FOSS adoption by the US Federal government must comply with many regulations, some of which can be difficult given the nature of modern software development.
7. Contributor Agreements Redux. Recently, the issues of contribution agreements arose in the departure of Nikos Mavrogiannopoulos from the GnuTLS project http://lwn.net/SubscriberLink/529522/854aed3fb6398b79. GnuTLS is “a secure communications library implementing the SSL,TLS and DTLS protocols”. The project was commenced in 2000 under the GNU project. As is true of all GNU projects, the copyrights in the contributions are assigned to the Free Software Foundation (“FSF”). When Nikos left, Richard Stallman reminded him that he could fork the project, but that the FSF would retain ownership of copyright in the project code. The LWN article concludes that the basis for copyright assignment “seems to be weak”. I disagree with this conclusion and Bradley Kuhn makes some very cogent arguments in the comment sections. Copyright assignment does provide the manager of the FOSS project (in this case, FSF) with significant advantages in enforcement as well as changing the license of a project. Without an assignment, a licensee can raise several potential defenses (such as a license from an alleged joint copyright owner) whose strength is uncertain. In addition, any change in the project license would require the approval of each contributor to the project. However, copyright assignments also mean that the community needs to be comfortable that the project strategy of the project manager is aligned with the community. However, as FOSS projects continue for a longer period, this alignment may be more difficult to determine in advance. And this approach also poses practical problems for the FOSS project manager: the project manager needs to be very disciplined about getting the written assignments from all contributors. Such assignments may be difficult to obtain from developers employed by a corporation because corporations are reluctant to assign intellectual property rights. This dispute emphasizes the importance of FOSS projects and their contributors carefully considering the needs of the project when deciding on how to obtain the necessary rights in contributions. Project Harmony provides information and proposed agreements to assist FOSS projects to make these decisions http://harmonyagreements.org/. Once determined, the method of implementation of a contribution agreement is important: the Eclipse Foundation also provides an excellent summary of their approach to due diligence issues relating to accepting contributions http://www.eclipse.org/legal/EclipseLegalProcessPoster.pdf.
8. Rise of Open Source Collaborations. Open source collaborations have become an increasingly important strategy for companies to address major software development problems. This trend is best illustrated this year by the creation of the OpenStack Foundation (“Foundation”). The Foundation takes over the OpenStack project from a Rackspace who had managed project for several years (as a matter of transparency, I represent the Foundation). OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter. The Foundation is run by a board of twenty four members, with eight members representing individuals, eight members representing Gold Members and eight members representing Platinum Members. The Foundation has over 150 corporate members and more than 6,000 individual members http://www.openstack.org/. In a second example, Deutsche Bank announced in September the formation of the Lodestone Foundation to coordinate the development of IT solutions for capital market companies http://lodestonefoundation.com/. The OpenStack Foundation and the Lodestone Foundation join the many foundations who manage open source collaborations for combinations of corporations which include, among others, the Linux Foundation, Genivi Alliance and Eclipse Foundation.
9. UK Government Adopts Open Standard Principles. The UK government adopted Open Standards Principles in government IT procurement through a Cabinet Report http://www.cabinetoffice.gov.uk/resource-library/open-standards-consultation-documents. The report adopted Open Standards to encourage “software interoperability, data and document formats in government IT specifications.” One of the goals of the adoption of the Open Standard Principles was to ensure that FOSS and proprietary software could compete on an equal level. One important requirement of UK Open Standard Principles is that the patent rights for the standards must be available on a royalty free basis: “rights essential to implementation of the standard, and for interfacing with other implementations which have adopted that same standard, are licensed on a royalty free basis that is compatible with both open source and proprietary licensed solutions.
10. More Standardized Process on FOSS Compliance by Large Companies. In my practice, I have seen an acceleration of an existing trend: many large companies are much more focused on FOSS compliance and are developing standardized procedures to ensure compliance. I work with many small companies entering into commercial relationships with large companies as well as large companies entering into commercial relationships and purchasing smaller companies. Although some technology companies have developed and implemented such procedures for commercial relationships for several years, such processes have recently become much more widespread and sophisticated. They range from elaborate contractual provisions relating to remedies to special procedures for “remediation” through removal of certain modules and developing functionally compatible software. Although a limited number of technology companies have also implemented a separate due diligence process for FOSS compliance in acquisitions for several years, these practices are also spreading more widely to both technology companies and non-technology companies. Acquiring companies are even willing to change the form of a transaction to avoid potential FOSS compliance problems: recently, I worked with a company that shifted an acquisition from a merger to a sale of assets primarily based on FOSS compliance concerns. This development emphasizes the need for small companies to have a structured approach to the management of the use of FOSS and to be able to demonstrate such management to both potential commercial partners and potential acquirers.
Reference : http://lawandlifesiliconvalley.com/blog/?p=721
- 