OSRM Certifies Linux Kernel Free of Copyright Infringement

OSRM Certifies Linux Kernel Free of Copyright Infringement

by Pamela Jones
Groklaw

April 19 2004

There are three announcements from OSRM making headlines today:

OSRM certifies the Linux kernel is free of copyright infringement
OSRM has opened a legal defense center. Individual programmers can get coverage.
Bruce Perens has joined the Board of Directors of OSRM.

Media coverage here [ http://news.zdnet.co.uk/business/0,39020645,39152296,00.htm ]:

"The New York-based company is launching the insurance-like offering after a six-month study that compared Linux with several versions of Unix. The evaluation uncovered no copyright problems with versions 2.4 or 2.6 of Linux's heart, or kernel, a finding that contradicts SCO's legal attack on IBM, AutoZone and DaimlerChrysler.
"'We have come out of the examination process with the strong belief that there are no meritorious copyright infringement claims in the kernel,' said John St. Clair, OSRM's executive director."

Note that you do not have to give up your freedom to modify code.

And the legal protection includes a plan [ http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci960272,00.html ] for individual coders:

"The third package is for developers contributing code and bug fixes to the Linux kernel. For a $250 annual membership, developers have access to OSRM's IP experts and can receive $25,000 in legal backing if named in lawsuits because of their contributions to Linux.
"OSRM added that it has certified versions 2.4 and 2.6 of the Linux kernel as free of source code that could merit a copyright claim, and it offers its clients protection against litigation for those versions only."

Of course, SCO tries to put a FUD spin on all this:

"'Everything we have looked at and found would run contrary to what they're finding,' spokesman Blake Stowell said. But SCO has no objection to OSRM's business: 'If people feel there's risk involved in running open source, I supposed the business they've created is a good one.'"

As I've said before, in the interview now in Salon.com, when you buy insurance for your car, is it because you don't trust the workmanship or have doubts if Ford had the rights to the machinery that built it? Or is it because you realistically know there are bad people in the world who might steal your car or your radio or scratch your windshield by throwing a rock at your car? It's the same with software. There's nothing dangerous about GNU/Linux software. What you need protection from is people, bad people. Here's what Daniel Egger says on this subject:

"'We decided to go straight to the heart of the matter and evaluate whether we could defend the Linux kernel. We determined that we can; and we will. Our clients will receive legal protection equal to, if not beyond, what they receive with proprietary software licenses,' said Daniel Egger, founder and chairman of OSRM. 'Along with many others, we agree that lawsuits like SCO’s are legally weak. But we recognize the business issue for Linux users is that even cases without merit cost significant time and money to defend. This is not about bad software; there is nothing inherently more risky about using Open Source. This is about providing a united defense against those trying to profit from a legal system that permits frivolous but expensive claims.'"

Disclaimer: I am Director of Litigation Research at OSRM, so I don't normally report on OSRM. However, this news is major, and I'd be delinquent as a reporter, my other hat, if I didn't let you know the kernel has been certified free of copyright infringement. Here are the two press releases that were released this morning.

**********************************************************

Open Source Risk Management Certifies Linux Kernel Free of Copyright Infringement
OSRM to Indemnify Linux Kernel Users Against Potential Copyright Litigation

NEW YORK, April 19, 2004 — Open Source Risk Management (OSRM), the only vendor-neutral provider of Open Source risk mitigation and coordinated legal defense services, today certified the Linux kernel as free of source code that could provide a basis for meritorious copyright infringement claims. After a rigorous six-month process of examining the individual software files in the Linux kernel and tracing their origins, OSRM found no copyright infringement in Linux kernel versions 2.4 and 2.6. As a result, OSRM will offer clients legal protection against copyright litigation for these versions of the Linux kernel.

“We decided to go straight to the heart of the matter and evaluate whether we could defend the Linux kernel. We determined that we can; and we will. Our clients will receive legal protection equal to, if not beyond, what they receive with proprietary software licenses,” said Daniel Egger, founder and chairman of OSRM. “Along with many others, we agree that lawsuits like SCO’s are legally weak. But we recognize the business issue for Linux users is that even cases without merit cost significant time and money to defend. This is not about bad software; there is nothing inherently more risky about using Open Source. This is about providing a united defense against those trying to profit from a legal system that permits frivolous but expensive claims.”

OSRM is offering the industry’s first and only vendor-neutral Open Source indemnification, providing users of the Linux kernel legal protection for around 3% of maximum desired coverage; which is on par with other IP defense insurance rates. For example, $1,000,000 in coverage would cost $30,000 per year. As a vendor-neutral entity, OSRM is able to objectively assess legal risks, and offer protection that still allows clients the freedoms of Open Source like modifying and sharing code.

OSRM’s method for providing protection differs in important ways from that of an insurance company. OSRM proactively works with clients to assess and mitigate their risks, and then helps implement a set of best practices for mitigating legal risks around their use of Open Source. Clients also benefit from all the resources of OSRM’s Open Source Legal Defense Center, including shared legal research, documentation and other legal services. Unlike insurance companies, which provide funds for hiring lawyers, OSRM itself hires and provides specialized lawyers for its clients. These lawyers are chosen from OSRM’s carefully selected panel of leading intellectual property defense litigators; all of whom have extensive experience with the many highly technical Open Source legal issues.

***********************************************************

Open Source Risk Management Launches Open Source Legal Defense Center

Coordinated Legal Services for Linux Developers
and Potential SCO Defendants Enable More Efficient, Expert Defense

NEW YORK, April 19, 2004 — Open Source Risk Management (OSRM), the only vendor-neutral provider of Open Source risk mitigation and coordinated legal defense services, today announced the creation of the Open Source Legal Defense Center. This center will offer Open Source developers and end users coordinated legal defense services, provided by leading experts in software intellectual property (IP) law from top legal firms across the United States. As most Open Source lawsuits address common technical and legal issues, OSRM can offer clients substantial cost efficiencies and stronger defense by providing shared technical information and specialized legal counsel. Based in Washington, D.C., the center is initially offering two targeted membership programs: one for potential corporate SCO defendants, and another for individual contributors to the Linux kernel.

Approximately 1,500 corporations in the U.S. received letters from SCO threatening litigation over their use of the Linux operating system, which SCO alleges infringes its intellectual property rights. OSRM will provide coordinated legal defense services for these potential SCO defendants, enabling them to build a more powerful defense at significant cost savings. This center will act as a central forum for confidentially gathering and sharing resources about issues common across the potential defendants; and will give clients access to highly specialized IP lawyers who are already fully knowledgeable about these very technical lawsuits. Members will be able to contribute resources anonymously and communicate in complete confidentially with other members facing similar issues. Corporate membership in the program is $100,000 annually for resources that would cost in the millions if developed independently.

"By threatening this group of large companies with litigation, SCO made their risk on Linux IP issues largely uninsurable. Ironically, what SCO also did is provide a compelling incentive for them to band together in united defense. We are providing them the infrastructure and forum to do so," said Daniel Egger, chairman and founder of Open Source Risk Management. "This program builds on the success we have had with our confidential OSRM Working Group meetings, which have brought together CIOs and General Counsels of Global 1000 Companies to discuss risk mitigation strategies and best practices for Open Source IP defense."

OSRM is also offering the full resources of the Open Source Legal Defense Center to individual contributors to the Linux kernel. Individual developers will have access to the same panel of specialized IP legal experts available to OSRM's large corporate clients, and can seek advice and services to help protect and defend their own intellectual property rights. As part of this $250 per year membership, developers will also receive $25,000 in legal backing from OSRM if they are named in future lawsuits involving their contributions to Linux.

"The Open Source community has already proved itself capable of very impressive 'distributed research,' collaborating on technical information that has proved critical in defending against SCO's allegations to date," said Daniel Egger. "OSRM intends to support this community response by providing further infrastructure to help Open Source users navigate the intricacies of the U.S. IP legal system."

For more information about this program, visit www.osriskmanagement.com.

About Open Source Risk Management

Supported by top Open Source leaders and intellectual property (IP) legal experts, Open Source Risk Management (OSRM) is the industry’s only vendor-neutral provider of Open Source risk mitigation, indemnification, and coordinated legal defense services. OSRM helps organizations assess potential legal risks around their use of Open Source, and design risk mitigation solutions based on a set of best practice protocols. Additionally, OSRM provides indemnification for legal claims against Open Source, currently offering legal backing for the Linux kernel versions 2.4 and 2.6. Through its Open Source Legal Defense Center, OSRM also works in tandem with highly specialized software IP lawyers to offer coordinated legal defense services.

For more information, please visit http://www.osriskmanagement.com.

Linux is a trademark of Linus Torvalds.

08:00 AM EDT