Blog: VLP Speaks

Add to Portfolio

Seven Myths and Half-Truths About Open Source Software

Posted on Oct 28, 2015 in Privacy, Blog by Michael L. Whitener

Marc Andreessen – Netscape founder and now venture capitalist – famously wrote a few years ago that “software is eating the world.”

Today you could say: open source software (OSS) is eating the software world.

How popular is OSS? According to the Future of Open Source Survey results announced in April, 78 percent of responding companies run part or all of their operations on OSS, and 66 percent create software for customers built on open source. The survey also indicates that OSS use has nearly doubled in the past five years.

The inroads being made by OSS into the software industry are no surprise, given the OSS benefits of flexibility, increased innovation, shorter development times and faster procurement processes – all at reduced costs. Yet OSS remains widely misunderstood and even feared. This post aims to correct seven common misperceptions about OSS.

    1. All OSS license terms are basically alike. Not true. The latest version of the GNU General Public License (GPL) 2.0, the granddaddy (and still most popular) of the OSS lineage, runs on for nearly 6,000 words, specifying in detail how source code and object code can be copied and distributed, what modifications can be made (and the consequences of modifications), when fees can be charged and what notifications must be provided. The MIT license, by contrast, is under 200 words. Yet all OSS licenses do hew to certain principles, including the right to redistribute the software and to make modifications to the source code.
    2. OSS is “free” software. Only in a sense. As the GNU folks like to say, OSS is “free” as in free speech, not “free” as in free beer. The Open Source Initiative has declared that OSS must be available for redistribution without payment, but that doesn’t restrict an OSS licensor from charging a fee. The GPL 2.0 license, for instance, is explicit that licensees may be charged fees for (1) the physical act of transferring a copy of the software and (2) a warranty protection plan (trumping the warranty disclaimer that otherwise applies).
    3. OSS will “contaminate” your proprietary software. Yes, this can happen (half-truth). But it’s important to understand that the OSS universe is divided between “restrictive” (sometimes called “copyleft”) licenses and “permissive” licenses. With restrictive OSS licenses, “derivative works” (i.e., modifications to the software or combinations with other software) become subject to the OSS license. Consequently, the integration of restrictive OSS into a company’s proprietary software could have the unintended consequence of requiring that the proprietary source code be made publicly available on the same terms as the OSS. But permissive OSS licenses are designed to be compatible with commercial “closed source” software licenses. Little wonder that the popularity of permissive OSS is rapidly overtaking restrictive OSS.
    4. With a permissive OSS license, you can use the OSS as you please. Not true. “Permissive” is a relative concept in the OSS world. Even the most bare-bones OSS license agreement contains terms that licensees must comply with, such as a copyright notice, endorsement restrictions, a warranty disclaimer and provisions requiring that certain conditions be passed down to subsequent licensees.
    5. OSS isn’t subject to copyright infringement claims. This issue was addressed by the US Court of Appeals for the Federal Circuit in a 2008 case, Jacobsen v. Katzer. The court rejected the lower court’s conclusion that OSS copyrights may not be legally enforceable if they’re licensed under terms that are “intentionally broad.” Instead, the court concluded, OSS licenses are entitled to no less legal recognition than traditional software licenses.
    6. OSS license terms apply equally to on-premise software and SaaS delivery. There has been quite a bit of controversy over whether a software as a service (SaaS) provider that hosts an OSS application must follow the open source rules and make the OSS source code available to its customers. Because OSS license terms generally apply to “distribution” of the software, the consensus view is that hosted software made available via web browsers is not being distributed and therefore does not trigger the obligation to publish source code. The GNU Affero GPL closes this loophole by explicitly applying copyleft principles to software accessed via a network.
    7. OSS is a flash in the pan. On the contrary, the competitive advantages offered by OSS are proving to be highly durable. OSS is indeed eating the software industry.

In light of the surging popularity of OSS, one might suppose that companies have been diligent about setting down clear rules for when and how OSS is used within the corporate environment. Apparently that’s not the case. The OSS survey cited earlier found that only a third of organizations have a formal policy for evaluating OSS or tracking its use.

My next blog post will address why OSS has been called “the CIO’s boon and the GC’s burden” and provide advice on structuring a corporate OSS compliance policy

Michael Whitener is a partner at VLP Law Group. His legal practice focuses on two areas: (1) technology transactions, including software licensing and alliances, cloud computing, web hosting and outsourcing agreements; and (2) corporate compliance, particularly regarding data privacy and anti-corruption laws.

The VLP Speaks blog is made available for educational purposes only, to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site, you understand and acknowledge that no attorney-client relationship is formed between you and VLP Law Group LLP, nor should any such relationship be implied. This blog should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.