Navigating Open Source Software

HOW BIG IS YOUR OPEN SOURCE SOFTWARE PROBLEM?

HOW WILL YOU DEAL WITH IT?

HOW WILL YOUR CUSTOMERS DEAL WITH IT?

Brooks Kushman works withclients to identify these issues and create customized solutions to address complex

Open Source Software issues.

1

Open Source Software (OSS) is appealing to software developers because of its accessibility, cost savings, and improvement to product development timing. While OSS is free of charge, it is not free of legal implications. Legal risks associated with use of OSS could include liability for copyright infringement if license terms are not complied with, and waiver of your company’s intellectual property rights in the resulting product. It is critical to understand and manage OSS licensing terms if they apply to your software, before your products are introduced in the supply chain.

An OSS compliant company with a robust compliance process may have an advantage over its competitors from a customer’s point of view. A proper compliance process may insulate you and your customers from liability for violation of OSS license terms.

ROAD MAP TO COMPLIANCE

OPEN SOURCE COMPLIANCE

Digital OSS audit

Understand key OSS terms

Comply with terms

Manage supply chain

Develop sensible OSS compliance policy for your supply chain

2

THE DIGITAL OSS AUDIT

The threshold problem associated with OSS is not knowing the extent to which it is in your product, and what license(s) apply to the code. While your suppliers and developers may identify what OSS they are aware of in your product, the larger issue is the unknown OSS code that is in the product.

To positively identify and manage OSS in your product, a digital audit is required. The digital audit will identify all OSS in your product, and which license agreement(s) apply to the OSS.

OSS LICENSE TERMSThere are hundreds of OSS licenses in circulation. The licenses typically include terms concerning distribution of source code and object code, display of copyright notice, OSS incompatibility, modification to OSS, and in some cases waiver of intellectual property rights in the resulting products.

We group OSS licenses into three main categories depending on their terms:

“Red” licenses that most companies are not willing to or are incapable of complying with. Understanding which OSS terms apply to your product is critical to OSS compliance and risk management.

“Yellow” licenses that will require further discussion depending on details of particular software and product at issue

“Green” licenses that most companies are capable of complying with

3

PRACTICAL LICENSE COMPLIANCE BY YOU AND

YOUR CUSTOMERS

The obligations imposed on you by the OSS licenses follow the product as it is distributed to your customers. Once you understand exactly what OSS you are dealing with and what license terms the code is subject to, your company can develop a plan for compliance. For example:

• Do you or your customers need to publish source code, object code and the OSS license to your customers (and their customers)?

• Does the copyright notice have to be embedded in the code, provided in documentation together with the product, or displayed on a screen when OSS executes?

• If you modify the OSS following introduction of your product in the supply chain, do you have to notify all of your customers?

4

OSS license compliance is not just your problem,

it’s your customers’ problem.

LEGAL RISKS FOR FAILURE TO COMPLY WITH OSS TERMS

OSS remains the property of its owner — not you. You are only permitted to use OSS in according with the terms of the applicable license(s). If your company or your customers use OSS in violation of applicable terms, your product may be subject to claims of copyright infringement and/or breach of contract.

Also, depending on how you use OSS in your product, you may waive your company’s intellectual property rights.

MANAGING OSS COMPLIANCE IN THE SUPPLY CHAIN

Larger organizations who deal with OSS on a regular basis, and who have products that are developed across a multi-tier supply chain, may want to implement a more formal approach to managing OSS as part of the purchasing, development, sales, and audit processes. Key components of such an infrastructure may include:

• A clear open source usage and compliance policy.

• Determining which OSS licenses your company is willing to accept and distribute software under.

• During the development phase, requiring developers to formally disclose all OSS included in the product.

• Requiring suppliers to identify and certify acceptable OSS in their deliverable.

• Requesting suppliers to indemnify you for breach of their OSS certification obligation.

• Cooperating with your customers to ensure compliance with the OSS terms applicable to your product.

5

Many open source issues a company runs into relate to inbound open source, meaning the use of third-party code released under an open source license. However, there can also be decisions to make on an open source project related to the publication of code by a company or its employees. For example, under what license should the code be released? If the project will accept contribu-tions, is a contributor agreement required? Is a patent license required? Is there anything in the code that should be held back as trade secret? Once you have an understanding of these issues, your com-pany can create an open source contribution policy to address any outbound open source questions.

OUTBOUND OPEN SOURCE

7

John’s practice focuses on software and electrical patent litigation. He serves as lead counsel for clients in patent infringement cases in Federal District Courts nationwide and the Federal Circuit Court of Appeals. In addition to patent litigation, John handles non-litigation IP threats and licensing offers including “FRAND” negotiations, and provides corporate guidance on effectively developing and leveraging IP portfolios. John is also the Chair of Brooks Kushman’s open source compliance practice. He has represented companies in a variety of industries on open source compliance issues and has performed software audits on com-plex systems and advises clients on complex software licensing issues.

John LeRoy | jleroy@brookskushman.comShareholder, Chair Open Source Compliance

Isaac’s practice primarily focuses on the preparation and prosecution of patent applications in the computer science and electrical arts. He works with companies of all sizes on the management of domestic and global patent portfolios. He has worked with clients in a broad range of industries including computer software, consumer electronics, telecommunications, automotive, and medical devices. Isaac brings a creative approach to his practice and works alongside clients to solve a variety of complex technology issues. He works with clients to perform digital audits of source code embedded in their products and creates legal compliance strategies to insulate clients from risks.

Isaac Slutsky | islutsky@brookskushman.comShareholder

Rachel’s practice focuses primarily on domestic and foreign patent prosecution in the electrical arts. She works with several of the firm’s clients on managing global patent portfolios. She has extensive experience with products in high-tech markets such as consumer electronics, automotive, medical devices, network technologies, and manufacturing. Rachel enjoys working closely with clients to fully understand the client’s business objectives and becomes an extension of their team. She works with the firm’s clients to create open source compliance strategies resulting from digital audits. She also works with clients on protecting their software, including filing copyright registrations for their source code.

Rachel Smith | rsmith@brookskushman.comShareholder

BROOKS KUSHMAN’S OSS TEAM

Whether you are managing a large, multi-national

patent portfolio or pursuing funding to jump-start

your portfolio, Brooks Kushman is well positioned

to guide you in the right direction to effectively

and efficiently protect your intellectual property.

Clients turn to Brooks Kushman to defend their

companies’ greatest innovations and brands. Our

team of IP professionals works alongside our

clients at every stage of the process to ensure

quality, responsiveness, cost savings, and more

importantly, results.

UNIQUE.JUST LIKE YOUR IDEAS.

8

www.BrooksKushman.com

Michigan | California