Make sure open source software won't hurt your business
Commercially minded legal advice from an expert software solicitor and qualified software engineer
- Is a business suggesting you use open source software in a project, but you’re not sure whether it's OK?
- Resolve uncertainty about use of open source licensed software, including the GPL, LGPL, Apache 2.0, Creative Commons and Affero General Public Licence licensed software
- Get advice on open source software protection
Software contracts can be complex agreements in business. Then add open source software into the mix.
Select solicitors properly qualified to advise you
We have found that the rights associated with open source software are often more well-known to developers than solicitors. We have come across solicitors that take the attitude open source software cannot or must not form part of SaaS or licensed software.
That can’t be right.
Open source is such a fundamental and indispensable part of a large proportion of projects in the industry. Software start-ups depend on it. Often.
Uncertainty in the business the environment arises because the rights associated with open source software and how it can (and can't) be used is not common knowledge. Some open source contracts are complicated, especially from a legal perspective.
It can become difficult to see the woods for the trees. You don't want a lawyer advising you on contracts like these which they've only just read for the first time - or don't understand the underlying subject of the contract: software, and how it works on a technical level.
Projects and dependencies between packages can complicate quickly. What happens in the real world with the technology needs to be rounded off with the legal rights granted – which is what really matters to protect your business from being criticised or sued.
There is much misinformation and content on internet that does not tell the whole story about open source licences and where how it interacts with proprietary software.
What is right and what is wrong? Misconceptions arise which can build themselves into the community.
Sorry to say: from a legal perspective, a good chunk of it is spectacularly wrong. Especially for the GNU General Public Licenses and Affero Public License.
In some cases, what is a copyright infringement and breach of an open source licence depends on how the software works.
What Matters when using Open Source Software?
One of the lead issues in proprietary software projects which incorporate open source software is ownership of the software, and whether ownership can be transferred.
You might have understandings with your business partners about use of open source software in projects. It is the terms of the contract you use that really matters.
Thinking that using open source licensed under the BSD is not necessarily the answer to the problems with ownership.
And then there's the prospect of being forced to disclose proprietary code bases as a consequence of using open source licences.
Factors: Open Source Legal issues
Amongst the factors that open source software introduce in software-as-a-service delivery and software licensing include:
- licensing conflicts, when you have mixed open source software packages licensed together with the General Public License
- what can be owned, assigned and licensed to the business paying for the services – and what can’t. And why it matters
- intellectual property indemnities in proprietary software licensing contracts
- rights to use of deliverables, and the consequences under OSS licences of someone's intellectual property rights rights have been infringed, whether it's copyright or patent rights
- service levels, and the reliance upon third party open source software to deliver to contractually binding service levels
- warranties relating to ownership of deliverables and the product of the services
- technology refreshment and upgrades
- delivery of source code under an escrow agreement - and whether that is even possible without infringing third party rights and causing a breach of contract
Intellectual Property Indemnities
Ownership and giving intellectual property indemnities become more problematic, such as:
- What happens when you give a full title guarantee to source code and a portion of the source code is made up of open source software?
The service provider does not own the software and so cannot give good title to the software.
- What if the contract says that the customer owns all of the intellectual property rights in a software product, and the developer actually doesn’t and never can?
- What happens if you sign a contract which says there is no OSS is allowed, but there is OSS in the product delivered?
Sometimes it is not as easy as you might think. Simply restricting yourself to BSD licensed software does not avoid or fix the problems that might arise.
Sometimes you cannot work out the answer without looking through Git Repos, to go through the source code in production and the open source code itself in the form it was packaged.
Then you need to know what you're looking for. We've done our fair share of trawling through Git Repos.
Exposure to Business Risk
As a supplier of software or using the software-as-a-service delivery model, get it wrong and your business faces a breach of contract claim from the customer, and perhaps worse (in some cases) the reputational damage arising from criticism of the open source community.
In the worst cases, there may be contractual requirements to produce a non-infringing version of the software or pay out on an intellectual property indemnity.
Then there is the prospect of copyright or patent infringement claims, and having to stop using the software you thought you properly licensed.
There is a lot at stake. it can turn your business on its head.
These are not reasons to not use open source software. They are reasons to make sure your contract handles the legal issues properly and your open source software is licensed an used within its terms.
What a resource open source software is. Used throughout the industry to reduce costs and increase speed of development.
You load up packages, components and libraries maintained by a larger community. Sometimes at a cost and sometimes not. Open source software can also be the project itself, or be part of the project.
These are benefits that most business can’t be without.
Nor should yours.
Protect your business and your outlay of time, money and resources.
Minimise your risk profile. Avoid the pitfalls and traps that catch the unwary.
Avoid real problems when you sell your business or look for investment and take advice now.
It might avoid a devaluation of the business.
Open Source Lawyers: Experience
We have advised on open source in a number of ways.
- Mistakes and conflicts between what people say your rights are and what they actually are. Someone says you are infringing copyright or in breach of an open source licence, when you aren’t
- Getting your software development process right the first time, from a legal perspective
- Advising on the technical steps to comply with these licences – most of which you will not find online.
If you think no-one's looking, wait until you seek investment or another business takes an interest in buying your business
- How open source software can be used in commercial software and development with minimal risk
- How can OSS be built into proprietary software packages without falling foul of the open source licences under which it was obtained – even the most copyleft licences.
- Adopt the processes and procedures that your developers need to be aware of before they use open source software or you distribute it your own
- The fundamental questions:
- “what does this [insert open source licence name] do?”
- “Can we [insert software name] which is released under [insert open source licence name]?”
- And then: "In what circumstances?"
- Are we using this open source in a way which will not offend anyone’s rights?
- What is a sensible licensing model where open source software plays a part?
- An open source developer is making claims against my business. Are they right in what they say? If they are, what do I need to do about it? If not, how do I get them off my case?
Business Advice: Open Source Law
We have recently advised:
- producers of load balancers, application package managers, and platform management service providers;
- businesses in fintech, insurance industry and academia on adoption of open source software
- a unicorn immersed in the open source software business
- a company marketing software and services on Atlassian.
We've also advised business facing different situations:
- companies recover from bad open source practices
- start-ups ad emerging IT consultancy service companies with vested interests in maintaining proprietary interests while using open source software packages
- companies looking to FOSS compliance regimes
- businesses embedding open source into retail products
- businesses on dual licensing arrangements
- checking use of software is when the terms of open source licences
We've also been asked by other lawyers and general counsel in a range of countries to help out interpretation legal issues, use of appropriate licences and GPL disputes, to find out what it all means.
Open Source Experts: Specialist Lawyers
We're software specialists: including open source software.
We offer the following legal services and advice for businesses' open source project management:
- advice open source licenses to avoid
- common open source licenses actually work, and trigger events with the nasty consequences
- dual licensing open source the right way
- review and analysis open source contracts for use for your technical environment and business
- open source software licenses explained
- situations are open source software & IP infringement collide, such as when open source & copyright meet
- situations where open source and proprietary software can be used together in proprietary software solutions
Need a GPL solicitor?
Get advice from a open source specialist lawyer: whether it's the GPL v 2 or v 3, LGPL, Affero Public Licence, the Eclipse Public Licence, MPL, BSD-style Licences, Creative Commons licenses or Apache 2.0. We've advised on all of them.