Thank you for sharing!

Your article was successfully shared with the contacts you provided.
We have reached an auspicious moment in the spread of open-source software. A growing number of companies, from startups to Fortune 500 stalwarts, are choosing to use some form of open-source software. The Free Software Foundation is about to release Version 3 of the General Public License, the most widely used open-source scheme. And yet too many businesses are still stumbling into open-source problems because they didn’t look before they leaped. The new GPL version, however welcome in some ways, will inevitably create new challenges. It is imperative that companies protect themselves by securing the necessary rights to exploit licensed software on the way in and by understanding exactly what rights they may be granting on the way out. The most common type of open-source license is the reciprocal license, such as the GPL. According to reports, two-thirds of all open-source software is licensed under the GPL, which provides users with the right to access the software’s source code, copy the software, modify the software, and distribute the software and any modifications to it. But a wide array of other open-source licenses offer a broad spectrum of rights, as well as certain restrictions. Technology companies are embracing the concept, both by offering open-source software and by granting licenses and covenants not to sue for use of their intellectual property in open-source software. The Open Source Initiative identifies multiple licenses covering many popular software products. The Apache Web server, Linux operating system, Firefox browser, MySQL relational database, OpenSSL security protocols, and Sun StarOffice office suite are all available under some kind of open-source license. Companies using such licenses include Apple, IBM, Intel, Nokia, Ricoh, and Sun. But nobody has yet figured out how to make using open-source software under reciprocal licenses simple or trouble-free. MUST LICENSE? One special concern is the concept of mandatory licensing. Programmers today have an almost endless supply of previously written code that is available to be put into a new product. From a technical standpoint, use of that source code may be perfectly fine. From a legal perspective, however, incorporating that code into software can have significant consequences. For example, if code released under the GPL is incorporated into the code base of a new product, then some or all of the product’s software will very likely be considered a derivative work of the GPL’ed code and, thus, some or all of the software becomes subject to the GPL. This can be a disaster for a company that had wanted to maintain its product as proprietary and had designed a specific licensing strategy for that product and the IP rights covering it. Another key consideration in evaluating the use of open-source software is the protection of the company’s other IP rights. Open-source software can lead to the unintended granting of rights in other patents, trademarks, copyrights, and trade secrets. For instance, a company owns the copyrights in software that its developers independently create. But if outside software used under an open-source license is incorporated into the company’s software and modified, the company may then be required to license its copyrights in the modified work. The story with trade secrets is similarly straightforward. If a trade secret is embodied in the source code, then making the source code publicly available, as required by the GPL, removes the element of secrecy. One additional wrinkle with respect to trade secrets: Mandatory licensing reaches just to the material needed to view and run the source code. If a trade secret were used only to generate the code, the code could be made open-source, and the trade secret would still remain secret. Open-source code is often protected, in part, with a trademark. A trademark in the name of the software is likely outside any mandatory licensing. No matter how widely the source code is distributed, the trademark owner can still enforce rights in the name. Moreover, in Planetary Motion Inc. v. Techsplosion Inc. (2001), the U.S. Court of Appeals for the 11th Circuit found that simply giving away software meets trademark law’s basic requirement that the mark be used in commerce. A trademarked logo that is embedded in the source code is trickier. GPL Version 2, which dates to 1991, is unclear on whether later users may distribute images of the logo or if these images are outside the license. GPL Version 3 will clarify this by adding a clause allowing developers to add license terms to protect trademarks. Possibly the greatest clash between open-source licenses and IP values occurs in the area of patent law. The current GPL includes what the Free Software Foundation calls a “liberty or death” clause. Section 7 of Version 2 specifies that if, as a consequence of an allegation of patent infringement, conditions are imposed on a company that contradict the conditions of the GPL, the company is not excused from the GPL. In other words, the conditions are not severed. Section 7 goes on to say that if compliance with the GPL’s obligations and “any other pertinent obligations” cannot simultaneously be satisfied, the software may not be distributed at all. For example, if a patent license would not permit royalty-free redistribution of the software by all those who receive copies directly or indirectly through the company, then the only way the company could satisfy both it and the GPL would be to refrain entirely from distributing the software. This leaves open-source licensors and licensees vulnerable to a whole host of potential problems with distribution and use. And the GPL Version 2 offers no additional guidance; other than the specific mention of infringement in Section 7, it does not explicitly address licensing of patent rights. While it refers to the right to copy, distribute, and modify, it is silent regarding the right to use or run the software. Indeed, it explicitly assumes that running the program is not restricted. This vague treatment of patent rights creates serious ambiguities in determining what specific IP rights are being licensed in and licensed out. The GPL Version 3 proposes to handle patent licensing explicitly. In Section 11, open-source licensees are granted a covenant not to sue by the licensor under any of the licensor’s “essential patent claims.” The reference to “essential” claims limits the scope of the covenant to only those claims that cover the licensed software. No one who distributes a work can sue any other user of that work, or another work based on it, for infringement under any patent claims deemed essential. Though this is certainly a step in the right direction, disputes will inevitably arise regarding what claims of the relevant patents are “essential” and whether the licensor has the necessary rights to grant a covenant not to sue under those essential claims. GPL ATTACKS Another budding GPL controversy relates to the Free Software Foundation‘s new stance on digital rights management (DRM) in software. Though Version 2 is silent on the issue, Version 3 “combats” DRM head-on. First, if object code (not to be confused with source code) is distributed, the author is required to provide authorization keys to get around the DRM restrictions. The example used: If a DVD player is modified with DRM restrictions, it still must be able to play all the DVDs that it could before the modifications. Second, if the software works with an online service, the service cannot be required to differentiate between the versions with and without DRM. Along these lines, if the company distributes software within a DRM system under Version 3, it must provide others with the ability to bypass the DRM to interoperate with the GPL code. And in a nod to the Digital Millennium Copyright Act, Version 3 states that no code distributed under the GPL constitutes an effective technological measure, which under the DMCA cannot be bypassed. The hope is that the DMCA will not be deemed to cover any GPL software. The Free Software Foundation is also proposing in Version 3 to grant distributors the right to add a very limited set of licensing terms relating to trademarks (as noted above), attribution, and origin of material. Section 7.b.4 is a so-called Affero clause: If a user can interact with GPL’ed source code over a network, that user must be able to download the source code in the same session. The section also bars the addition of a choice-of-law clause, a required-arbitration agreement, and a clickwrap license. Lastly, some key terminology has changed in Version 3 in an effort to make the GPL — specifically, the copyright-related terminology — less country-specific and more global in scope. Version 2 uses terms such as “distribute,” “modify,” and “derivative works,” while Version 3 speaks of “conveying,” “propagating,” and “works based on.” Many of the uncertainties associated with open-source software can be avoided — or, at least, strategically addressed — through the development and implementation of clear and sound corporate policies and procedures. The first step is to gather baseline intelligence by conducting a detailed due-diligence review of current software and licenses — inbound, outbound, and internal. The next step is to develop policies and procedures to be followed with open-source software. The goals are to avoid igniting legal challenges over open-source licenses and to maximize the company’s position for future investment, acquisition, partnering, licensing, etc. Imagine a software company that has spent years developing the leading customer relations management (CRM) software. The company has aggressively pursued all forms of IP rights covering the software, including patents, trademarks, and copyrights. Strict confidentiality and nondisclosure agreements shield all proprietary aspects of the software as trade secrets. Due to the product’s success, the company finds itself in a position to be acquired or go public. But with that opportunity comes detailed due diligence on the company, its software, and its IP. Due diligence turns up a problem. Unbeknownst to management, one of the programmers of the CRM product used a piece of open-source code licensed under the GPL. That code was checked into the source-code repository and became part of the program. The same piece of code was then used by several other programmers in other parts of the software. This is where the viral effect of the GPL kicks in: As a consequence of this previously unrecognized use of GPL’ed code, the company may now be forced to make all source code for its proprietary product publicly available. The company’s ability to restrict use, copying, modification, and other exploitation of its IP is severely compromised. The value of the company, its product, and its IP drops substantially as a result, and the acquisition and IPO opportunities evaporate. The lesson in all this is simple: Over the course of the next several months the proposed GPL Version 3 will continue to evolve and the issues associated with the new provisions will evolve, too. But whatever the final draft looks like, companies must move through the open-source software and licensing landscape with their eyes wide open.
Martin M. Zoltick is a partner at D.C.-based Rothwell, Figg, Ernst & Manbeck, where he handles the acquisition, exploitation, enforcement, and defense of IP rights. David B. Orange is an associate, focusing on patent prosecution, litigation, and licensing.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.