The SCO Group's Open Letter to the Open Source Community
LINDON, Utah, Sep 9, 2003
Darl McBride, CEO of The SCO Group (Nasdaq: SCOX), sent the following letter, dated
Sept. 9, 2003, to the Open Source community:
The most controversial issue in the information technology industry today is the
ongoing battle over software copyrights and intellectual property. This battle is
being fought largely between vendors who create and sell proprietary software, and
the Open Source community. My company, the SCO Group, became a focus of this controversy
when we filed a lawsuit against IBM alleging that SCO's proprietary UNIX code has
been illegally copied into the free Linux operating system. In doing this, we angered
some in the Open Source community by pointing out obvious intellectual property
problems that exist in the current Linux software development model.
This debate about Open Source software is healthy and beneficial. It offers long-term
benefits to the industry by addressing a new business model in advance of wide-scale
adoption by customers. But in the last week of August, two developments occurred
that adversely affect the long-term credibility of the Open Source community, with
the general public and with customers.
The first development followed another series of Denial of Service (DoS) attacks
on SCO, which took place two weeks ago. These were the second and third such attacks
in four months and have prevented Web users from accessing our web site and doing
business with SCO. There is no question about the affiliation of the attacker --
Open Source leader Eric Raymond was quoted as saying that he was contacted by the
perpetrator and that "he's one of us." To Mr. Raymond's partial credit, he asked
the attacker to stop. However, he has yet to disclose the identity of the perpetrator
so that justice can be done.
No one can tolerate DoS attacks and other kinds of attacks in this Information Age
economy that relies so heavily on the Internet. Mr. Raymond and the entire Open
Source community need to aggressively help the industry police these types of crimes.
If they fail to do so it casts a shadow over the entire Open Source movement and
raises questions about whether Open Source is ready to take a central role in business
computing. We cannot have a situation in which companies fear they may be next to
suffer computer attacks if they take a business or legal position that angers the
Open Source community. Until these illegal attacks are brought under control, enterprise
customers and mainstream society will become increasingly alienated from anyone
associated with this type of behavior.
The second development was an admission by Open Source leader Bruce Perens that
UNIX System V code (owned by SCO) is, in fact, in Linux, and it shouldn't be there.
Mr. Perens stated that there is "an error in the Linux developer's process" which
allowed UNIX System V code that "didn't belong in Linux" to end up in the Linux
kernel (source: ComputerWire, August 26, 2003). Mr. Perens continued with a string
of arguments to justify the "error in the Linux developer's process." However, nothing
can change the fact that a Linux developer on the payroll of Silicon Graphics stripped
copyright attributions from copyrighted System V code that was licensed to Silicon
Graphics under strict conditions of use, and then contributed that source code into
Linux as though it was clean code owned and controlled by SGI. This is a clear violation
of SGI's contract and copyright obligations to SCO. We are currently working to
try and resolve these issues with SGI.
This improper contribution of UNIX code by SGI into Linux is one small example that
reveals fundamental structural flaws in the Linux development process. In fact,
this issue goes to the very heart of whether Open Source can be trusted as a development
model for enterprise computing software. The intellectual property roots of Linux
are obviously flawed at a systemic level under the current model. To date, we claim
that more than one million lines of UNIX System V protected code have been contributed
to Linux through this model. The flaws inherent in the Linux process must be openly
addressed and fixed.
At a minimum, IP sources should be checked to assure that copyright contributors
have the authority to transfer copyrights in the code contributed to Open Source.
This is just basic due diligence that governs every other part of corporate dealings.
Rather than defend the "don't ask, don't tell" Linux intellectual property policy
that caused the SCO v. IBM case, the Open Source community should focus on customers'
needs. The Open Source community should assure that Open Source software has a solid
intellectual property foundation that can give confidence to end users. I respectfully
suggest to Open Source developers that this is a far better use of your collective
resources and abilities than to defend and justify flawed intellectual property
policies that are out of sync with the needs of enterprise computing customers.
I believe that the Open Source software model is at a critical stage of development.
The Open Source community has its roots in counter-cultural ideals -- the notion
of "Hackers" against Big Business -- but because of recent advances in Linux, the
community now has the opportunity to develop software for mainstream American corporations
and other global companies. If the Open Source community wants its products to be
accepted by enterprise companies, the community itself must follow the rules and
procedures that govern mainstream society. This is what global corporations will
require. And it is these customers who will determine the ultimate fate of Open
Source -- not SCO, not IBM, and not Open Source leaders.
Some enterprise customers have accepted Open Source because IBM has put its name
behind it. However, IBM and other Linux vendors are reportedly unwilling to provide
intellectual property warranties to their customers. This means that Linux end users
must take a hard look at the intellectual property underpinnings of Open Source
products and at the GPL (GNU General Public License) licensing model itself.
If the Open Source community wants to develop products for enterprise corporations,
it must respect and follow the rule of law. These rules include contracts, copyrights
and other intellectual property laws. For several months SCO has been involved in
a contentious legal case that we filed against IBM. What are the underlying intellectual
property principles that have put SCO in a strong position in this hotly debated
legal case? I'd summarize them in this way:
1. "Fair use" applies to educational, public service and related applications and
does not justify commercial misappropriation. Books and Internet sites intended
and authorized for the purpose of teaching and other non-commercial use cannot be
copied for commercial use. We believe that some of the SCO software code that has
ended up in the Linux operating system got there through this route. This violates
our intellectual property rights.
2. Copyright attributions protect ownership and attribution rights -- they cannot
simply be changed or stripped away. This is how copyright owners maintain control
of their legal rights and prevent unauthorized transfer of ownership. Our proprietary
software code has been copied into Linux by people who simply stripped off SCO's
copyright notice or contributed derivative works in violation of our intellectual
property rights. This is improper.
3. In copyright law, ownership cannot be transferred without express, written authority
of a copyright holder. Some have claimed that, because SCO software code was present
in software distributed under the GPL, SCO has forfeited its rights to this code.
Not so -- SCO never gave permission, or granted rights, for this to happen.
4. Transfer of copyright ownership without express written authority of all proper
parties is null and void.
5. Use of derivative rights in copyrighted material is defined by the scope of a
license grant. An authorized derivative work may not be used beyond the scope of
a license grant. License grants regarding derivative works vary from license to
license -- some are broad and some are narrow. In other words, the license itself
defines the scope of permissive use, and licensees agree to be bound by that definition.
One reason SCO sued IBM is due to our assertions that IBM has violated the terms
of the specific IBM/SCO license agreement through its handling of derivative works.
We believe our evidence is compelling on this issue.
The copyright rules that underlie SCO's case are not disputable. They provide a
solid foundation for any software development model, including Open Source. Rather
than ignore or challenge copyright laws, Open Source developers will advance their
cause by respecting the rules of law that built our society into what it is today.
This is the primary path towards giving enterprise companies the assurance they
need to accept Open Source products at the core of their business infrastructure.
Customers need to know that Open Source is legal and stable.
Finally, it is clear that the Open Source community needs a business model that
is sustainable if it is to grow beyond a part-time avocation into an enterprise-trusted
development model. Free Open Source software primarily benefits large vendors, which
sell hardware and expensive services that support Linux, but not Linux itself. By
providing Open Source software without a warranty, these large vendors avoid significant
costs while increasing their services revenue. Today, that's the only viable Open
Source business model. Other Linux companies have already failed and many more are
struggling to survive. Few are consistently profitable. It's time for everyone else
in the industry, individuals and small corporations, to understand this and to implement
our own business models -- something that keeps us alive and profitable. In the
long term, the financial stability of software vendors and the legality of their
software products are more important to enterprise customers than free software.
Rather than fight for the right for free software, it's far more valuable to design
a new business model that enhances the stability and trustworthiness of the Open
Source community in the eyes of enterprise customers.
A sustainable business model for software development can be built only on an intellectual
property foundation. I invite the Open Source community to explore these possibilities
for your own benefit within an Open Source model. Further, the SCO Group is open
to ideas of working with the Open Source community to monetize software technology
and its underlying intellectual property for all contributors, not just SCO.
In the meantime, I will continue to protect SCO's intellectual property and contractual
rights. The process moving forward will not be easy. It is easier for some in the
Open Source community to fire off a "rant" than to sit across a negotiation table.
But if the Open Source community is to become a software developer for global corporations,
respect for intellectual property is not optional -- it is mandatory. Working together,
there are ways we can make sure this happens.
Best regards to all,
Darl McBride CEO The SCO Group