Management and Issues for Software Licensing in, ownership, open source, EULA’s and other issues related to the development, use, distribution and licensing out of software.
SW Utopia v. SW Reality In a perfect world with infinite budgets and infinite development time, you would write from scratch all the code for each program. In the real world of limited budgets and tight deadlines, you will need to use others code and software. How you manage that process is critically important.
Basic questions when managing software. Where did the code come from? Employees? Contractors? Licensors (which includes open source) What do you intend to do with the software? Internal Use Distribution What are the consequences? Obligations, transfer of rights, etc.
Need to manage the software from developer to end user! Software Development Existing Code New Code End Users Internal Commercial Software Employees UR Open Source Software Contractors End Users External Preexisting Proprietary Software Need to manage the software from developer to end user!
Employee Developed SW New Code – Obtaining Title Employee Agreement – Obtain ownership of all IP (CP, Patent, etc.) in work product. Work for Hire (Copyright Only!) Incorporated Code Commercial Code – Obtain license Open Source – Understand license terms Preexisting Proprietary – Could be from prior employer, can you obtain rights?
Contractor Developed SW New Code – Obtaining Title SW Agreement – Obtain ownership of all IP (CP, Patent, etc.) in work product. Work for Hire (Copyright Only!) If can’t own, license sufficient rights Incorporated Code Commercial Code – Obtain license Open Source – Understand license terms Pre-existing contractor code – Obtain license!
Best Practices with SW Contractor Agreements Require notice and approval of all 3rd party software incorporated into deliverables. Obtain license to any background IP (both theirs and any they can sublicense) incorporated into deliverables. Obtain warranty against incorporation of unapproved 3rd party code. Obtain warranty for removal of unapproved 3rd party code and repair with approved code.
Issues with 3rd Party SW Can you obtain necessary rights for internal use? Can you obtain necessary rights for distribution if required? Who is responsible for bug fixes, updates, integration, customization, tech support? What are the costs, how long will they be performed, are you entitled to regular updates, forward and backward compatibility?
3rd Party SW Issues Cont. Who owns customizations, is there exclusivity (even for a set time)? Who is responsible for IP infringement, can you get a meaningful indemnity? What if the SW supplier fails, can you obtain access to the source code to continue to maintain the SW? (Use of SW escrow)
The Other 3rd Party Software – Open Source Open source software may be free of cost, but open source is not free of obligations!
OS is just like any other software – Key Idea OS is just like any other software – It is made available under terms dictating user obligations which must be reviewed to determine: 1. Whether they meet your business requirements, 2. Whether you are able to comply with them, and 3. Whether they require review/approval under university policies. The interactions of each use and each license are unique, this analysis must be done for every case!
Key Ideas Open Source is subject to licensing terms. Can UR meet the obligations today and in the future? Can UR get the customer to agree to the obligations? Open Source can require the transfer of intellectual property rights. Transfer can be in many forms Actual Transfer (obligations to provide new code) Grant of IP (patent, copyright) license Forbearance of rights (covenants not to sue) Open Source can create issues for continuity of supply and services OS comes without warranties or indemnities OS comes without representations of ownership
What is Open Source Software? Typically called open source, freeware or shareware. Source code distributed and available to any and all at no cost but subject to obligations (licensing terms). All users are also free to run, modify, and redistribute the code subject to the license terms. Aggregation of effort by different programmers to a software program. Theory – multiple minds create better software. Different programmers apply their efforts to modify, support and enhance the program. Freeware and shareware are programs that are distributed or made available by one individual or organization at little or no cost, and may come with a variety of license conditions attached. Freeware and shareware does not necessarily come with source code, or the ability to modify and further distribute the software.
Open Source Initiative Distribution without charge Availability of source code Permission to make derivative works Integrity of author’s source code No discrimination against users/groups No discrimination against fields of use Distribution of original license with product License is not product specific No restriction of accompanying software License is technology neutral The Open Source Initiative project lists 10 principles to qualify an an agreement as an “open source” license.
Open Source Software Is Subject to Licensing Terms OSS is free to obtain and use, but is always subject to conditions (licensing terms) User receives software under a license that permits use and/or distribution with conditions Without the license, copyright may prevent most uses, modifications, and further distribution License terms dictate “open source” conditions
What Are Typical Open Source Licensing Terms? User generally given right to use, copy, modify, and distribute software, subject to conditions Distribution less of an issue for internal use (but what counts as distribution is often very unclear) Distributor cannot charge money for license Can charge for other services or products Distributor must allow users to copy, modify, and redistribute the software subject to the open source conditions In some cases, distributor must make source code of software (original and modifications) available to users and others
What Are Normal Open Source Licensing Terms? -Continued “Viral” licenses – Bringing other software into contact with some open source software turns other software into open source software “Not all open source licenses are “viral” And finally, courts are starting to enforce OS licenses and various parties are looking to benefit from finding infringement of open source.
Open Source Licenses are Often Unclear Often they are not written by legal professionals. Often they have no choice of law, so the same license could be interpreted very differently in different jurisdictions Terminology is often undefined. Distribution – Does passing to a different employee count as distribution? Does passing to a consultant count as distribution? Does transferring internally between different corporate entities count as distribution? I Integration- Dynamically or statically linked? Any incorporation? License may be promoting a particular agenda. Anarchist licenses – No commercial use permitted Pacifist licenses – No military use permitted
Possible Risks from Open Source No warranty of title The provider may not actually own or have the right to distribute the software. Source of software is not known. No confidence that free of patent infringement No intellectual property indemnities No recourse if problems arise: Legal Technical
What Are the Potential Problems? Liability for infringement Patent Copyright Damages Injunction Non-IP assertions Turn proprietary software into open source software (“viral” licenses) Unintentional Licensing of IP (Patent licenses) Ability to pull code/replace functionality Some licenses terminate when licensee asserts patent
Assessing Risk When Considering OS LESS RISK MORE RISK TYPE OF USE All Internal Use (example, testing) Internal Use to Provide Service to Customer Distribute in Product to Customer CRITICALITY OF USE Small feature, easily separable, alternatives readily available Important Feature, well integrated, alternatives available but time consuming to implement Basic Function required for operation, highly integrated. Alternatives very difficult and time consuming
Example of using and OS and possible consequences A UR employee downloads open source software The employee attaches UR code or code from another source to the open source software UR uses resulting software Internal use only (no distribution) Risk is likely lower, distribution often triggers most onerous requirements Distribution to customers Risk is higher, likely obligations to share at least improvements if not all other integrated software. Exposure is higher to IP infringement claims. Risks of disruption are higher due to lack of technical support or immediacy of technical support.
Open Source Licenses Several varieties of licenses “Viral” Non-Viral Some open source software may be distributed under multiple licenses Terms of alternative licenses may be advantageous, select the one best for your circumstances Because multiple licenses may be applicable to a given piece of software, a user may benefit from searching to see if a license is applicable that might be more appropriate for the user’s situation.
Types of Open Source Licenses Viral GNU GPL, Lesser GPL IBM Mozilla Apache (1.1 is non-viral, all others viral) Non-Viral BSD MIT W3C (WorldWideWeb Consortium)
“Viral” Open Source Software Imparts “open source” status on other software that “comes into contact” with it. An important issue is the interpretation of a “derivative work” under copyright law, and interpretation varies by jurisdiction. Risk – “proprietary” software becomes “open source” software
OS Licenses – An Example - ZLib This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1. The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required. 2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution.
A Common OS License: GNU GPL – Viral What software is virally infected? Incorporated into GPL software “Derivative Work under Copyright Law” (GPL Section 0) “Modified” GPL files (GPL Section 2) “Conventional Wisdom” Dynamic linked files, are not infected. Static linked files are infected. GPL Section 0 – “a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language.“ But, what if a work containing a portion of a GPL Program is not a “derivative work” under the Copyright Law (I.e., a “fair use”)?
GNU GPL has different Versions A Common OS License: GNU GPL – Viral - Continued GNU GPL has different Versions Version 2: If the appropriate steps are taken and the linking is performed correctly, it is possible to distribute products having OS licensed under Version 2. Version 3: As a practical matter, it is difficult to distribute products having OS licensed under Version 3. (However it can be possible to use OS under version 3 for internal purposes or internally to provide services to UR customers in some circumstances)
Risks/Benefits of Open Source Cost Speed Risks Failure to comply with license Virally infect other UR software Infringe 3rd party intellectual property Inability to sell resulting software Costs saved in development may be costs spent in compliance and profits lost in sales.
OS Best Practices Documentation of all licensing terms at time of down-load. Documentation of exact code down-loaded (unmodified) Softcopy – Good Hardcopy – Better No hyper-links! Have an Archive where the license can be retrieved for review and compliance (The same software with the OS can be in many later generations of products) Archive exact version of open source software Softcopy- Yes! Hardcopy (if reasonable) No hyper-links!
Other Forms of Open Source - Cloud Computing Cloud Computing is a form of Shareware – Free (often) to use the service but includes licensing terms and obligations. Companies offering Cloud Computing include Google, Amazon, MS, etc. Use of Cloud Computing should be treated just like the use of any other open source software and is subject to the same UR requirements.
Compliance A key part of any SW management plan is compliance with all licensing terms. That includes all licensing terms, both open source and commercial license terms. Compliance includes internal behavior (both management and internal end users) but to the extent possible, behavior of 3rd party end users.
Compliance with all licensing terms (Open Source and Commercial SW) Understand all terms and required actions. Obligations to include notices/disclaimers/licenses in code, documentation or as specified Build compliance as much as possible into the actual software. Draft software to minimize compliance issues and negative consequences. (Particularly consequences of viral open source terms)
Flow through of licensing terms to final product Make all downstream software engineers aware of presence of open source software and licensing terms. Make launch team aware of presence of open source software and licensing terms. Comply with all notices and other requirements of all licenses, and monitor compliance.
Other Related SW Issues The End User License Agreement (EULA) How do you get the end user to read the EULA and agree to the terms? Common forms are shrink wrap, click wrap, other forms of obtaining agreement.
Other Related SW Issues Royalty Triggering Events What triggers the payment of a royalty? Manufacture, use, sale, ??? Can you comply with the royalty trigger? Have you considered the entire life cycle of a product and how that may or may not trigger another royalty payment?