Software-based IP Infringement
By Bill Claybrook
December 17, 2003
In a white paper that I have written entitled Computing without Indemnification and Warranty Contracts: A Business Risk for Open Source Software Users? [ http://aberdeen.com/ab_abstracts/2003/12/12030008.htm ] I included a passage from an IP attorney, Michael Overly. He said that he placed a clause in a contract (for a software purchase) for one of his clients that stated "The software supplier warrants that there is no open source software in the software." The supplier, at first, refused to approve the clause but eventually relented.
I have been hearing rumors for the past few months that open source code, some of it GPL licensed code, is making its way into proprietary software products. According to the GPL license, a system incorporating GPL-licensed code is an extended version of that code. The GPL license says that any extended version of the resulting program must be released under the GPL license if it is released at all. This means that if a developer at company ABC inadvertently uses GPL-licensed code in ABC's proprietary software, then the proprietary software should be released under the GPL license. Why would something like this happen in the first place?
Developers are often under pressure to deliver code to meet strict product development deadlines. This can tempt developers to "borrow" code that works, or can be easily made to work, from some other source. While developers today are more knowledgeable about licensing and IP infringement than I was as a developer that included Unix kernel development several years ago, it is still the case that some developers might be tempted to borrow code distributed under a different license than their own code. This borrowing is not limited to just open source code; a developer could borrow from someone else's proprietary code to put in his proprietary code. However, since open source code is readily available on the Web, the probability is much higher that open source code would make its way into proprietary code, than say Microsoft Windows code making its way into some other firm's proprietary code.
How can a software company, open source or proprietary, protect itself from possible IP infringement claims? I know of one company that can help --- Black Duck Software [ http://www.blackducksoftware.com/ ] . I visited Black Duck Software last week to get a demo. Black Duck develops and distributes software solutions that manage and mitigate software development risks. Black Duck aids companies and their legal counsel in identifying and validating open source software, proprietary software, and combinations of the two --- for internal or commercial use. This enables Black Duck customers to pass software audits and ship violation free software. Black Duck's software works in cases where software distributed under various licenses can be part of the same software product, and the licenses are not restricted to just open source licenses. This can be very useful, for example, for companies that are developing proprietary software to run on Linux (or porting existing proprietary software to Linux), and they are worried that the proprietary software