Open source compliance isn’t just for software vendors. More and more business-critical tools take the form of mobile applications, downloadable software and web interfaces, from email and customer relationship management to data analysis. These products may use open source components to varying degrees, although they are offered as a proprietary offering.
What is software?
Software is simply a compilation of instructions directing a sequence or action. These instructions are first written in a human readable form, usually a programming language, known as source code. the source code is then translated into machine readable object code enabling a device, such as a computer, to understand and process specified instructions.
Human readable source code is treated like any other particular tangible expression of an idea, obtaining copyright protection when it is written, created or compiled. These underlying software elements may be licensed like any other intellectual property, generally considered in the form of a copyright license agreement.
Open Source and intellectual property rights
The source code of the licensed software on a free or one Open source base is simply the one that allows holders of use, to modify, to improve, and to share software and provides access to the source code necessary to do so. While open source software is often made available to the public at no cost, free does not refer to the cost, but to these freedoms licensees are granted.
The copyrights are retained by the developer and although they are called free and open, OSS licenses may contain strict requirements and conditions regarding the use, modification and distribution of a licensee. As stated by the Free Software Foundation, an early participant in the OSS movement and steward of the definition of “free software”, “” free software “is about freedom, not price. To understand the concept, you have to think of “free” as “free speech”, not “free beer”.
Open source software is often a starting point for project development because it can be faster and more cost effective than creating something from scratch or customizing existing software.
Types of OSS licenses
Although the specific freedoms may vary, OSS licenses are generally classified as (1) permissive licenses or (2) restrictive (also known as reciprocal, viral or copyleft) licenses.
Permissive licenses (like Apache 2.0, BSD, MIT) offer licensees the right to freely modify, adapt and combine OSS code with proprietary code to create derivative works that do not contain major restrictions on such modifications or on how the resulting works may be subsequently licensed.
On the other hand, restrictive licenses (like GPL, AGPL, LGPL) go further by requiring licensees to in turn re-license their specific developments under the original license (and as a condition, also make the modified source code available) . Although provisions vary, the more restrictive OSS license terms will apply to some extent not only to the source code and original software, but to any derivative works based thereon. As the restrictively licensed OSS is used with proprietary projects for which the source code is believed to be firm or not available to the public, owners should be careful not to unintentionally license their own software under the terms of the open source license.
OSS practical advice:
- Understand and plan intellectual property strategies – how intellectual property rights will be monetized and / or benefit the organization, customers, other stakeholders.
- Create guidelines for use (and track any use of) open source software / components – be aware of license terms that affect the ability to protect or enforce intellectual property or disrupt intellectual property strategies (e.g., patent licensing).
- Audit the terms of the license when considering licensing or acquiring rights to business-critical software with intellectual property strategies in mind.
- When you come across open source software with overly restrictive terms, look for alternatives with similar functionality that may be available under a proprietary license.
Any organization or business that deals with open source should be aware of the risks and compliance requirements. In addition to IP issues, we recently wrote about security issues that should be addressed when using open source software.