Open Source Due Diligence in M&A: Open

Source Software Identification, Tracking,

Approval for Use, Risk Allocation

Today’s faculty features:

1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific

The audio portion of the conference may be accessed via the telephone or by using your computer's

speakers. Please refer to the instructions emailed to registrants for additional information. If you

have any questions, please contact Customer Service at 1-800-926-7926 ext. 1.

THURSDAY, AUGUST 30, 2018

Presenting a live 90-minute webinar with interactive Q&A

Heather Meeker, Partner, O’Melveny & Myers LLP, Menlo Park, Calif.

Tips for Optimal Quality

Sound Quality

If you are listening via your computer speakers, please note that the quality

of your sound will vary depending on the speed and quality of your internet

connection.

If the sound quality is not satisfactory, you may listen via the phone: dial

1-866-258-2056 and enter your PIN when prompted. Otherwise, please

send us a chat or e-mail sound@straffordpub.com immediately so we can address

the problem.

If you dialed in and have any difficulties during the call, press *0 for assistance.

Viewing Quality

To maximize your screen, press the F11 key on your keyboard. To exit full screen,

press the F11 key again.

FOR LIVE EVENT ONLY

2

Continuing Education Credits

In order for us to process your continuing education credit, you must confirm your

participation in this webinar by completing and submitting the Attendance

Affirmation/Evaluation after the webinar.

A link to the Attendance Affirmation/Evaluation will be in the thank you email

that you will receive immediately following the program.

For additional information about continuing education, call us at 1-800-926-7926

ext. 2.

FOR LIVE EVENT ONLY

3

Program Materials

If you have not printed the conference materials for this program, please

complete the following steps:

• Click on the ^ symbol next to “Conference Materials” in the middle of the left-

hand column on your screen.

• Click on the tab labeled “Handouts” that appears, and there you will see a

PDF of the slides for today's program.

• Double click on the PDF and a separate page will open.

• Print the slides by clicking on the printer icon.

FOR LIVE EVENT ONLY

4

Open Source Due Diligence in M&A: Prepping for the Technology M&A Exit

Heather Meeker, O’Melveny & Myers

Strafford

August 30, 2018

You are about to

enter the

compliance zone

6

Which answer will get you a better valuation?

Please send us all your employee invention

assignment agreements.

• Answer 1: Here they are

• Answer 2: Huh?

Explanations are OK. Blank looks are not.

7

Do the dilly

before the dilly

does you.

8

More professionalism = higher valuation

9

Why Does a Buyer “Due” Diligence?

• Avoid unexpected third party liability

• Confirm valuation of the deal

• For open source issues, diligence is

particularly important becuase indemnities

do not handle problems well, compared to

other IP problems– Most IP problems are solved with money

– Open source probably are usually solved with

engineering or administrative work

10

Process

11

Open Source Diligence Process

• Always includes a self-disclosure

• May include a review of policies

• Often includes a “code scan”

– e.g. Black Duck/Synopsys or Palamida/Flexera

• All code reviews find issues

• Scope of review is key

12

Forensic Scan Process

• What kind of tools?

– Audit tools (e.g. BD)

– GREP tools (e.g. FOSSOLOGY)

• Scan is usually ordered/paid for by buyer

• Scoping of scan is key

• Seller provides review package

• Buyer reviews results

• Seller usually gets to see results

• Buyer asks for remediation or remedies

13

Representations

14

A Representation in the Wild

(obfuscated)

Company’s use of and activities with respect to any

open source software in connection with the Business

do not and will not (i) require the licensing, disclosure or

distribution to any other person of any software or

intellectual property owned by or licensed to Buyer or its

licensees or licensors (“Buyer Materials”) (ii) prohibit or

limit the receipt of consideration in connection with the

licensing, sublicensing or distribution of any Buyer

Materials to other persons, or (iii) allow any person to

decompile, disassemble or reverse engineer any Buyer

Materials.

15

Why this rep is a problem

• It tries to disallow copyleft, but is overbroad.

• It includes freeware, scripting code, standard

exceptions for enforceability of reverse

engineering prohibitions

• Based on a 1990s clause from Microsoft,

and has become a Frankenstein.

• If you challenge this clause, the lawyers who

presented it probably cannot explain defend

it

16

A Better Approach

• Disclosure

– Exhibit ____ lists all Open Source Software

included in the Company Products.

• Compliance

– Company’s use and distribution of the Company

Products is compliant with all applicable Open

Source Software licenses.

• No materiality or knowledge qualifiers work here

• These work with standard reps regarding (a) non-

infringement and (b) source code disclosure

obligations.

17

Common Issues

18

Top Problems

• No information (complete abdication of

compliance)

• No notices (particularly in mobile apps)– Web notices

– Consider making source code available

• No source code offer

• Incomplete/incorrect source code

• No build instructions

• MySQL and similar problems

• Code with no licenses

• CC-SA (stack overflow)

19

Top Non-Problems

• Use of unmodified LAMP stack components

• Development tools

• “Viral” effect

20

Variations on the Theme

• Use of data sets in AI

• Use of map data (OSM, ODBL)

• Standards licensing

21

Disclosures

22

Reviewing the Disclosure Schedule

• Dual licensing

ambiguity:

“GPL/LGPL”

• Missing license

versions

• Including

proprietary code

• SPDX

abbreviations --

https://spdx.org/l

icenses/

23

Remediation

24

How Problems are Addressed in the Deal

• Pre/post closing covenants

• Pre-closing conditions -- unusual

• Work before signing -- very common

• Special indemnities -- not so useful

• Do nothing -- common in acquihires

• If you are seller, don’t jump the gun

25

The 5 Rs

• Remove

• Replace

• Reengineer

• Recode

• Relicense

26

THANK YOU!

• For more information

or questions, contact:

hmeeker@omm.com

• 510-463-1116

• Free e-book: go to

www.heathermeeker.com

and follow the “Useful

Links”

27