introduction to open source licensing
TRANSCRIPT
Karen Copenhaver
Mark Radcliffe
Peter Vescuso
Webinar
January 28, 2009
Introduction to Open Source Licenses
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 2
Speakers
Karen Copenhaver
Partner at Choate Hall & Stewart
Counsel for the Linux Foundation
Mark Radcliffe
Partner at DLA Piper
General Counsel for the Open Source Initiative (OSI)
Peter Vescuso
EVP of Marketing and Business Development, Black Duck Software
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 3
Agenda
An Introduction to Open Source Licenses Background and history of open source
– Why use it– History of the open source movement– Definition of open source– Myths
Legal framework:– Intellectual property and licensing
Types of Open Source Licenses
Q & A
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 4
Why Use Open Source Software?
The Promise The Challenges
Significantly reduce development costs – up to 90% – and accelerate time to market
Billions of lines of available code
Find the right code License obligations Pedigree
Source code exits, why re-invent the wheel?
Lower costs
It’s free but not a free lunch….
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 5
History of the Open Source Movement
1984 - The GNU Project at MIT, Richard Stallman, and the Free Software Foundation
1991 - Linus Torvalds releases first Unix-like kernel; combines it with GNU software to form first release of Linux operating system
1994 – Red Hat is founded to distribute and support Linux commercially
1995 - A community of developers start work on the Apache Web Server
1997 - The Cathedral and the Bazaar is published by Eric Raymond
1998 - The term "Open Source" is coined, the Open Source Initiative (a non-profit organization) is formed
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 6
Free Software Definition
“Free Software” is a matter of liberty, not price. (Free Speech, not Free Beer)
The freedom to run the program for any purpose.
The freedom to study how the program works, and to adapt it to your needs (requires access to source).
The freedom to redistribute copies so you can help your neighbor.
The freedom to improve the program, and release your improvements to the public, so that the whole community benefits (also requires access to source).
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 7
Principles of Open Source Licensing from the OSI
Who is the OSI (Open Source Initiative)?– The OSI are the stewards of the Open Source Definition (OSD) and the
community-recognized body for reviewing and approving licenses as OSD-conformant.
Open Source Definition– 1. Free Redistribution– 2. Program must include Source Code and must allow distribution in
source code as well as compiled form. – 3. Must Allow Modifications and Derived Works– 4. Integrity of the Author's Source Code– 5. No Discrimination Against Persons or Groups– 6. No Discrimination Against Fields of Endeavor– 7. Distribution of License – no additional license can be required of
others who redistribute the program– 8. License Must Not Be Specific to a Product– 9. License Must Not Restrict Other Software– 10. License Must Be Technology-Neutral – not predicated on any
individual technology
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 8
OSI Approved Licenses (www.opensource.org )
72 LicensesMicrosoft Reciprocal License (Ms-RL)MIT licenseMITRE Collaborative Virtual Workspace License (CVW License)Motosoto LicenseMozilla Public License 1.0 (MPL)Mozilla Public License 1.1 (MPL)Multics LicenseNASA Open Source Agreement 1.3NTP LicenseNaumen Public LicenseNethack General Public LicenseNokia Open Source LicenseNon-Profit Open Software License 3.0 (Non-Profit OSL 3.0)OCLC Research Public License 2.0Open Group Test Suite LicenseOpen Software License 3.0 (OSL 3.0)PHP LicensePython license (CNRI Python License)Python Software Foundation LicenseQt Public License (QPL)RealNetworks Public Source License V1.0Reciprocal Public LicenseReciprocal Public License 1.5 (RPL1.5)Ricoh Source Code Public LicenseSimple Public License 2.0Sleepycat LicenseSun Industry Standards Source License (SISSL)Sun Public LicenseSybase Open Watcom Public License 1.0University of Illinois/NCSA Open Source LicenseVovida Software License v. 1.0W3C LicensewxWindows Library LicenseX.Net LicenseZope Public Licensezlib/libpng license
Academic Free License 3.0 (AFL 3.0)Affero GNU Public LicenseAdaptive Public LicenseApache Software LicenseApache License, 2.0Apple Public Source LicenseArtistic licenseArtistic license 2.0Attribution Assurance LicensesNew and Simplified BSD licensesBoost Software License (BSL1.0)Computer Associates Trusted Open Source License 1.1Common Development and Distribution LicenseCommon Public Attribution License 1.0 (CPAL)Common Public License 1.0CUA Office Public License Version 1.0EU DataGrid Software LicenseEclipse Public LicenseEducational Community License, Version 2.0Eiffel Forum LicenseEiffel Forum License V2.0Entessa Public LicenseFair LicenseFrameworx LicenseGNU General Public License (GPL)GNU General Public License version 3.0 (GPLv3)GNU Library or "Lesser" General Public License (LGPL)GNU Library or "Lesser" General Public License version 3.0 (LGPLv3)Historical Permission Notice and DisclaimerIBM Public LicenseIntel Open Source LicenseISC LicenseJabber Open Source LicenseLucent Public License (Plan9)Lucent Public License Version 1.02Microsoft Public License (Ms-PL)
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 9
Open Source Myths For those fond of the discussion of deadly diseases:
You cannot use open source software in a proprietary environment [or you will die]
All open source licenses require the release of source code for everything.
The easiest answer is to “just say no.”
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 10
Open Source Myths For those who like simple answers:
None of these agreements are enforceable so it doesn’t really matter anyway.
No one will ever know.
Our corporate policy says we don’t use open source.
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 11
Legal Framework: IP and Licensing
Intellectual Property– Patent– Copyright
Licensing
Commercial terms– Article II of the Uniform Commercial Code
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 12
What is a patent?
An exclusive right to exclude– Making– Using– Selling– Importing
Invention must be useful, novel and non obvious
Granted by the federal government (Title 35, U.S.C.)- 20 years after filing (after June 8, 1995 (some extensions for drugs))
Examples: drugs, computer software, diapers
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 13
What is a copyright?
Original works of authorship– Fixed in any tangible medium of expression– Capable of being discerned by someone
directly or through use of a machine
Gives the owner the right to prevent others from using the property– Copying– Creation of a derivative work– Inserting in a compilation or collective work
Protects expression (not the idea)
Federal protection – U.S. Copyright Act of 1976
For a limited term (at least 70 years)
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 14
Who owns a copyright?
The author, unless the author is an employee– The ownership of an employee’s works is automatically vested
in the employer
Why does ownership matter?– Only the owner can enforce a copyright– Only the owner can transfer ownership of the copyright to
another Assignment of a copyright must be in writing
– Only the owner can license others (directly or indirectly) A license can be granted orally or in writing, expressly or by
implication
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 15
What is a license?
Permission by the owner of property to take some act that the owner has the ability to control
What is a sublicense?– A license granted by a licensee– The right to grant a sublicense must be expressly stated in a
license and will not be implied
Copyright
Patent
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 16
What is the license for a book?
A book is not licensed, it is sold.
The sale of a book is not the sale of the copyright, it is the sale of a copy.
The rights of the owner of a copy of a copyrighted work are in the copyright statute.
Buying a book does not give you the right to copy the book.
Fair use gives you certain rights to copy portions of the book.
The sale of used books demonstrates the difference between the sale of a copyrighted work and a license for a copyrighted work.
Software has become a sale of a license not a sale of the software
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 17
What is the same between commercial (aka “closed source”) and open source licenses?
Both are based on ownership of intellectual property
Both grant certain rights and retain others
Both are governed by the same laws
Both may include provisions which may be incompatible with the obligations of other licenses
License obligations can be incompatible, but the issue is whether the obligations are triggered
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 18
What is different about open source licenses?
Different goals
Written by developers not lawyers
Encourages uncontrolled combination and reuse
Certain legal issues regarding contract formation remain open for open source licenses (a similar issue has arisen for shrink wrap, click wrap and browse wrap licenses)
Open source licenses have no acceptance procedures
Some open source licenses impose sharing obligations on users
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 19
Commercial Terms: Article II/UCITA Software is “goods” under Article II of the Uniform
Commercial Code
UCITA – Uniform Computer Information Transaction Act (Maryland/Virginia)
Other warranty laws apply to some “consumer” software such as Magnusson-Moss Warrant Act (Federal) and Song Beverly Warrant Act (California)
UCC approach: “default” provisions apply if not addressed in contract. For example:– Consequential damages will be awarded if not disclaimed, i.e.,
lost profits– Infringement indemnity– Merchantability (Average quality in the trade: what does it mean
for software?)
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 20
Article II Concepts
Acceptance
Warranty
Limitation of Remedies
Indemnity
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 21
Types of Open Source Licenses:Restrictive, Permissive, Other
Restrictive (aka Copyleft, reciprocal)– Requires licensor to make improvements or enhancements
available under similar terms– Example is the GPL: Licensee must distribute “work based on
the program” and cause such works to be licensed at no charge under the terms of the GPL
Permissive– Modifications/enhancements may remain proprietary– Distribution in source code or object code permitted provided
copyright notice & liability disclaimer are included and contributors’ names are not used to endorse products
– Examples: Berkeley Software Distribution (BSD), Apache Software License
Single User License– Apple– Lucent
Miscellaneous– Zlib/libpng
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 22
Top 10 Most Commonly Used Licenses in Open Source Projects
Note: The table above lists the top 10 licenses that are used in open source projects, according to the Black Duck Software KnowledgeBase. This data is updated daily. This snapshot was taken the day this presentation had to be submitted on January 27, 2009. Visit: http://www.blackducksoftware.com/oss
• Top 10 licenses account for 94% of OS projects
• Rank by # of projects using the license
Rank License 1 GNU General Public License (GPL) 2.02 GNU Lesser General Public License (LGPL) 2.13 Artistic License (Perl)4 BSD License 2.05 GNU General Public License (GPL) 3.06 Apache License 2.07 MIT License8 Mozilla Public License (MPL) 1.19 Common Public License (CPL)10 zlib/libpng License
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 23
Touch Points within the Organization
Inbound Licenses – Internal use which may be in the form of tools, operating
systems and other network infrastructure or applications
Outsourcing and SAAS– Software which you depend upon but never bring into your
data center
Outbound – Contributions by the company or contributions by employees,
or in the form of products or projects– Alone or combined with closed source offerings
Acquisitions– All of the above by a target entity
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 24
Conclusion
Open Source is here to stay
Will complement not replace traditional models
Not every “Open Source” license is truly Open Source
Must understand the risks you are assuming
Need an open source strategy combined with the right tools and automation technology
Copyright © 2006 Black Duck Software, Inc. All Rights Reserved.
Page 25
Next in the Black Duck Legal Webinar Series: Understanding the Top Ten OSS Licenses
The webinar will cover:– The most commonly used licenses– The critical terms– “License incompatibility" issues– Best practices for dealing with these licenses
Day and time: – Wednesday February 11th at 2PM EST
To sign up:http://www.blackducksoftware.com/files/legal-webinar-series.html
Questions?