Open source software (OSS) has become ubiquitous, but it is still not free.
There are examples of open source software on computing devices all around us. The Linux operating system runs business computers. Many people use Mozilla’s Firefox browser to access the Internet. Google’s Android operating system runs on smartphones and other computing devices.
Even if a collaborative, non-profit community of programmers came together to create the open source software and distribute it with source code, a software license accompanies them.
Some of the OSS licenses are very simple and comprise only two paragraphs. Others have much more extensive provisions. The obvious advantage of such software is that the typical OSS license imposes no fees and allows for copying. At the same time, however, an OSS license usually provides no protections: If the software infringes third-party intellectual property rights, there are no warranties, no indemnities and no remedy. Nevertheless, a software license applies and imposes restrictions on the user that make the “free” software not really “free.” Those restrictions are real.
For example, a restrictive OSS license may require that any addition or modification to the source code also be distributed under the same terms as those contained in the original OSS license, i.e., allowing freedom for others to use, modify and redistribute the “improved” software and its source code.
Those who violate OSS license obligations may be pursued for copyright infringement, patent infringement and unfair competition. The developers’ copyrights to the open source software are fully enforceable. Jacobsen v. Katzer, 535 F.3d 1373 (Fed. Cir. 2008). Potential remedies include loss of the open source license, monetary damages, injunction, seizure of products incorporating the infringing software and, possibly, criminal liability.
To help manage the risks involved in using open source software, a three-step approach is recommended:
- An audit should be performed to understand how and where open source software is used in a particular organization.
- A written policy should be established to govern the organization’s process for adopting and licensing any open source software.
- IT professionals and other users of open source software should be alerted to the OSS policy and educated as to its importance. Periodic reminders of the policy and OSS audits are useful tools to maintain and improve compliance.
Open source software appears in an increasing number of modern devices. Acknowledgement and assessment of the applicable OSS licenses are important preventative measures that should be part of an organization’s intellectual property policy.