In the 1960s and 1970s source code was passed between a close knit community of programmers at the pre-eminent computer science institutions in the United States, such as MIT, Stanford, Carnegie Mellon and Berkeley.1 Programmers expected that any improvements made to code would be published to the entire community. The movement did not gain widespread publicity until 1998 when Netscape, in an effort to ensure Microsoft’s dominance would not erode open internet web protocols, released the source code to its web browser, Netscape Navigator. Following this announcement, the Open Source Initiative was founded to improve the marketing and distribution of the free software community. Vendors, such as Oracle and IBM, began to announce their support of the open source operating system Linux.
The definition of open source is slightly more contentious than its history suggests. Open source can be best described as a method or philosophy for software licensing and distribution designed to encourage use and improvement of software by ensuring that anyone can copy the source code and modify it freely.2 While organizations differ on whether a license complies with their characterization of open source, most can agree that the meaning of open source has little or nothing to do with the fee charged for the software. This is just one of the many myths of open source software. This article will dissect several of the most prevalent myths of open source software and the legal and business issues surrounding them.
Myth One: Open Source Is in the Public Domain
A piece of software cannot be both open source and in the public domain. The definition of open source and public domain make the contradiction clear. If an item is in the public domain, there are no laws that restrict its use by the public at large.3 Although a majority of the public might believe otherwise, the entire regime of open source depends on copyright law to restrict the use of software. For example, the GNU General Public License (GPL) binds the recipient of open source software to a set of restrictions governing the ongoing licensing of the open source software.4 The "viral" nature of the GPL is possibly its most glaring restriction. A recipient’s modifications of the original software become subject automatically to the GPL, which means the recipient cannot restrict access to the source code of the new and improved version. Further, if the GPL-covered software is combined with any other software (including that which is considered to be proprietary), then the combination must be treated as "open" under the GPL, including that which had been proprietary.
Resolving whether open source software is the same as software in the public domain is crucial. Imagine the following scenario: a software company finds some source code that is in the public domain. They spend years modifying the code and create a new and improved application. The company then seals up the code and sells it to the public for a substantial profit. Tweak the scenario and the difference is drastic: the software company instead acquires some source code covered by the GPL. They create the same ingenious new application and sell to the public without releasing the source code. The creator of the original code licensed under the GPL sues the company for violating the license agreement, seeks damages, and releases the new and improved source code to the public. The legal ramifications of mistaking open source code for code in the public domain could not be more severe for any software developer.
Myth Two: No One Gets Caught Misusing Open Source
The suggestion that open source licenses are not enforced probably goes hand in hand with the myth that it is in the public domain. As open source usage becomes more prevalent and more companies plan their business model around it, the enforcement of open source licenses will undoubtedly increase.
On June 15, 2001, MySQL, a Swedish software company that markets open source database software, filed suit in federal district court against Progress Software Corporation, a U.S. software company that signed an interim agreement with MySQL to market the MySQL software product.5 MySQL alleged that Progress breached the terms of the GPL governing the use of MySQL’s software and, more specifically, that Progress sold a derivative work of MySQL’s software without providing the source code.6 The parties have since settled the dispute, but the case illustrates that open source licensors are willing and able to enforce the terms of their open source license agreements.
Enforcement of open source license agreements is not limited to the typical scenario of a licensor filing suit to ensure a licensee adheres to the terms of it agreement. For example, in 2003 SCO Group, Inc. (SCO) filed suit against International Business Machines (IBM) alleging breach of contract, unfair competition, misappropriation of trade secrets and interference with
contract stemming from IBM’s alleged incorporation of SCO’s proprietary UNIX code into the open source Linux operating system.7 IBM counter-claimed, alleging that SCO was itself a modifier and distributor of Linux and, therefore, was required to abide by the terms of the GPL.8 Those terms provided that SCO would not assert certain proprietary rights over programs distributed under the terms of the GPL. IBM expects that if SCO is found to have implicitly agreed to the terms of the GPL by distributing Linux, then SCO may not have a basis to assert infringement claims against anyone.9
There are also several watch-dog organizations to whom open source license violators can be reported, such as the Free Software Foundation, Inc. and GPL-violations.org. These organizations have adopted a model similar to the now-familiar Business Software Alliance (BSA) and Software & Information Industry Association (SIIA), which conduct audits of proprietary software. Once a violation is reported the organization reports it to the copyright holder for enforcement. These groups then assist the copyright holder with any action and widely report any settlements received.
The age of litigation is upon us. It may be an open source licensor accusing a licensee of misuse or a copyright infringement defendant trying to defend by establishing that the copyright holder violated an open source license agreement. In many ways and forms, misuse of open source code is increasingly the subject of litigation. The fact that open source proponents are beginning to litigate to enforce the licenses that are the foundation of their initiative is evidence debunking the next myth of open source.
Myth Three: Proponents of Open Source Are Hostile to Intellectual Property Rights
One might expect that the proponents of open source software would eschew the intellectual property rights their proprietary counterparts have relied on to generate profit. However, the premise of open source software—allowing complete access to source code in exchange for certain promises—is predicated on the enforceability of the GPL and other similar licenses under copyright law.
The GPL grants recipients of software the permission to copy, distribute and modify the program.10 In exchange for the right to copy the software the recipient is obligated to include a notice of copyright, a disclaimer of warranty and a copy of the original GPL.11 The right to modify the program carries with it the obligation to license the modified work on the same terms as the GPL.12 The goal of these two provisions is to ensure that once a program is licensed under the GPL, the program and its derivatives will perpetually remain open source.
While the objectives of the GPL are apparent, the question is often raised as to whether the GPL and other similar licenses are enforceable. In the United States the extension of copyright law to computer programs avails the owner of the exclusive right to copy, distribute and prepare derivative works.13 Even though the two philosophies, open source and proprietary, are opposed in many ways, each depends on the same set of exclusive rights to achieve its goals. Those who believe GPL licenses are fully enforceable point out that, in the absence of an unenforceable license, copying or modifying an open source program constitutes infringement. Such partisan advocates pose the question: if open source licenses are not enforceable, then where does the recipient receive the right to copy, modify and distribute an open source program? Further, if shrink-wrap licenses (i.e., a unilateral contract requiring no consent) are enforceable (as several U.S. courts have held), then why should open source licenses be treated differently? On the other side, many argue that such licenses are overreaching because they dictate how the recipient’s own creation must be licensed. Despite the controversy, to date no authoritative decision exists on the GPL’s enforceability or validity or that of similar licenses under copyright laws.14
Myth Four: Open Source Presents Too Much Legal Uncertainty
Fear, uncertainty and doubt, or FUD, is the marketing tactic computer software incumbents have long used to ward off upstarts by emphasizing brand recognition over technical merit. It appears the FUD campaign has come full circle with IBM, whose marketing tactics in the early 1970s led an ex-employee to call them FUD,15 now being on the defensive as SCO’s legal battle against IBM and Linux users exploits the supposed legal uncertainties surrounding open source software.
The retailers of open source are taking measures to stem any uncertainty caused by the SCO litigation. Novell, Inc.; Hewlett-Packard, RedHat, Inc.; JBoss Inc.; and Sun Microsystems, Inc. are all offering protection or indemnification programs to shield customers from legal threats arising from the use of Linux.16 Offering protection to customers suggests these corporations have done the research and believe the litigation brought by SCO is unsubstantiated. This raises the question: why protect customers from baseless claims? The answer, of course, is to combat FUD marketing by erasing uncertainty and doubt from the minds of actual and potential customers.
The legal uncertainties of open source persist because there are a myriad of licenses covering a wide range of software. Customer concerns focus on the fact that they cannot, to a specific degree of precision, verify their right to use the open source software and protect themselves from liability. A prime example is a Linux customer who potentially faces a copyright infringement claim solely for subscribing to an allegedly tainted version of Linux. The litigation between IBM and SCO could potentially eliminate some uncertainty by supplying an authoritative answer on the GPL’s enforceability. Rulings on the enforceability of open source licenses will help both retailers and customers make informed decisions about the risks associated with the use of a particular piece of open source software
Myth Five: Open Source Is Not Profitable
"Free as in free speech, not free as in free beer" is the phrase chosen by some to help understand the meaning of open source and free software.17 Slight differences exist between free software and open source software, but neither is intended to convey the principle that the software is free of charge.18 The use of the word "free" in relation to open source is meant to describe the freedoms associated with the software (freedom to copy, distribute and modify) and not its price in the market. The GNU Project, sponsored by the Free Software Foundation, takes the following stance on charging for open source software:
Since free software is not a matter of price, a low price isn’t more free, or closer to free. So if you are redistributing copies of free software, you might as well charge a substantial fee and make some money. Redistributing free software is a good and legitimate activity; if you do it, you might as well make a profit from it.19
The GPL also allows the owner of the software to charge for its distribution.20
Dispelling the notion that open source software is free of charge suggests there is room for profit in open source, but there is even stronger proof that entities can and will profit from open source. Red Hat is proving that open source vendors can profit by adopting a service-based business model focusing on quality, reliability and ease of integration rather than one based on profiting from the sale and licensing of proprietary software. The argument of hard-line proprietary software supporters is that offering software under the open source model will ultimately destroy the incentive to create new software. The response is clear—open source vendors are not offering something for nothing. Rather, they are offering a new way of doing business in the world of software, treating software as a service rather than a commodity.
Licenses other than the GPL exist for organizations to accomplish their business goals. At one end of the spectrum, the GPL license essentially requires a business model centered around programming and support services to generate profit. At the other end of the spectrum, licenses similar to the Berkeley Software Distribution license (BSD) allow commercial organizations to build upon free software to create proprietary software. Between these two types of licenses there exists a small constellation of alternatives and variations, and tension exists between the two ends of the spectrum. Open source purists believe the BSD license is detrimental to the open source initiative because it does not require users of BSD-licensed software to openly release their modifications. However, the Macintosh Operating System is a clear example of the successful creation of proprietary software based, at least in part, on BSD-licensed code.21 The BSD, the GPL and other licenses derived from them offer software developers the ability to satisfy their proprietary and open source goals by selecting the appropriate license for their business model.
Myth Six: Open Source Is Not Reliable
Reliability is the foundation of open source. The ideology behind open source is not new—one of the guiding principles behind patent law is to encourage the disclosure of new technology in order to accelerate innovation. It is difficult to refute the logic in the following statement from the Red Hat website: "[W]e believe open source simply creates better software. It multiplies one company’s development capacity many times over."
There is ample proof that open source is reliable. Many critical components of the internet are run on open source:
- BIND—an open source program at the heart of the Domain Name System (DNS) 22
- Sendmail—nearly all e-mail messages sent over the internet rely on this open source mail transport server, which serves nearly 75 percent of all internet sites23
- Apache—this open source web server hosts nearly 60 percent of all websites, including Yahoo!24
The largest opponent of open source software, Microsoft, admitted the threat presented by open source in the now-famous Halloween documents. The documents, internal Microsoft marketing memos leaked to the public in October 1998, identified open source software as a major threat to Microsoft market dominance and suggested ways to interrupt its progress. The documents stated that "commercial quality can be achieved or exceeded by [open source software]" and characterized Linux as "long-term credible."25 As larger players, such as IBM, HP and Sun, become more involved in the open source movement, the reliability and support surrounding open source will only continue to mature.
Understanding what is and what is not a myth of open source is critical to anyone considering the use of open source in their own products. Notions that open source software is in the public domain and that proponents of open source shun intellectual property law must be discarded. Scrutinizing the above myths to assess their relative validity will allow retailers and customers to gauge the true legal and financial risks associated with the use, modification and distribution of open source code. In today’s market, consulting a lawyer with a firm grasp of open source and its many variant licenses is vital to avoiding the pitfalls and land mines to which any open source venture is vulnerable.
1. Chris Rasch, A Brief History of the Free/Open Source Software Movement, http://www.openknowledge.org/writing/open-source/scb/brief-open-source-history.html.
2. Denis Howe, Free On-Line Dictionary of Computing, http://foldoc.org/?query=open+source&action=Search.
3. If the software has been written in the United States in the last decade, then the only way it passes into the public domain is by the author taking an affirmative step to dedicate it to the public domain; thus, no U.S. law protects it. The other ways a work enters the "public domain" are: (1) copyright protection was never available in the first place (e.g., facts, concepts, techniques, etc.); (2) copyright protection was never properly secured (this applies to older works); or (3) copyright protection has expired. However, just because something is in the public domain in the United States does not mean that it is unprotected in other countries. As a general matter, it is wise to assume that any work of authorship is protected until proven to the contrary.
4. There are dozens, if not hundreds, of different versions of open source licenses. The GPL was chosen for discussion purposes because it illustrates many of the important principles behind the open source movement.
5. Laura A. Majerus, Court Evaluates Meaning of "Derivative Work" in an Open Source License, FindLaw, June 16, 2003, http://library.findlaw.com/2003/Jun/16/132811.html.
7. Kerry D. Goettsch, Recent Development: SCO Group v. IBM: The Future of Open-Source Software, 2003 U. Ill. J.L. Tech. & Pol’y 581, 583 (2003) (hereinafter Goettsch).
8. Id. at 584.
9. Id. at 584.
10. GNU General Public License Version 2, Preamble, June 1991, http://www.gnu.org/licenses/gpl.txt.
11. Id. at clause 1.
12. Id. at clause 2.
13. 17 U.S.C 106.
14. Goettsch at 584.
15. Fear, Uncertainty, and Doubt, Wikipedia, http://en.wikipedia.org/wiki/FUD.
16. Todd Weiss, LinuxWorld: A defiant IBM says Linux indemnification is unnecessary, Computerworld.com, Jan. 21, 2004, http://www.computerworld.com/softwaretopics/os/linux/story/0,10801,89269,00.html.
17. The Free Software Definition, GNU Project, http://www.gnu.org/philosophy/free-sw.html.
18. Why "Free Software’’ is better than "Open Source," GNU Project, http://www.gnu.org/philosophy/free-software-for-freedom.html (outlining the similarities and differences between open source and free software from the perspective of a free software supporter).
19. Selling Free Software, GNU Project, http://www.gnu.org/philosophy/selling.html.
20. GNU General Public License Version 2, clause 1, June 1991, http://www.gnu.org/licenses/gpl.txt.
21. Based on Unix, Apple.com, http://www.apple.com/macosx/features/unix (stating that UNIX users will feel at home in the robust BSD environment that underlies Mac OS X).
22. Tim O’Reilly, Ten Myths about Open Source Software, O’Reilly.com, Nov. 1, 1999, http://opensource.oreilly.com/news/myths_1199.html.
25. Halloween Documents, Wikipedia, http://en.wikipedia.org/wiki/Halloween_documents.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.