'Open Source Software' (OSS) refers to a type of software that is subject to the terms of an open source licence where, often, the 'source code' has to be made available to users. While there are numerous types of open source licences, a common feature is that users are permitted to modify, adapt or enhance the software, subject to an obligation to make such modifications freely available to other users. In comparison, users of proprietary software have limited rights to modify or sub-licence software and normally cannot access the source code.

OSS is increasingly being recognised as an economical, flexible and robust software alternative to proprietary software. It is these characteristics that have seen predictions by analyst firm Gartner that, by the end of 2009, all businesses will utilise some from of open source software in their business. Presently, the Linux Operating System, one of the most well-known examples of open source software, is widely used by the private and public sector, including the NSW Government. A substantial OSS industry has developed in Australia and internationally which derives its income, not from licence fees but, from software development and customisation services. If your business uses or is associated with software development and programming, open source is relevant to you.

The characteristics of OSS licences give rise to particular legal issues. If the OSS licence terms are not adhered to, it may result in exposure to litigation enforcing the terms of the licence. This occurred in the case of the software utility 'BusyBox'. In this case the software developers (represented by the Software Freedom Law Centre (SFLC) initiated action (which was later settled out of court) against several software companies who had incorporated a portion of OSS code into a larger proprietary software package, without adhering to the terms of Busy Box's OSS licence.

COMPLIANCE

Where OSS is used by a company contrary to the terms of the OSS licence, an OSS rights owner may commence proceedings against the company to enforce the terms of the licence. Supported by industry associations such as the SFLC, OSS rights owners (like BusyBox) are becoming increasingly litigious in enforcing their software licences against companies.

The consequences of breaching an OSS licence agreement may include injunctions, damages and specific performance, not to mention the costs of litigation and potential damage of a company's reputation.

Accordingly, companies should undertake a review of their systems and keep track of what OSS they are operating. Employees should be educated about OSS licences and the implications of using OSS and integrating OSS with proprietary software. In larger organisations, it may be necessary to appoint a compliance officer to monitor and ensure compliance with the terms of any OSS licences.

Steps a company should take to protect itself from potential OSS issues:

  • Establish a compliance checklist, particularly in the case of any in-house software development, to ensure that OSS is not incorporated into in-house software contrary to the terms of the relevant OSS licence.
  • Where appropriate train employees to ensure that staff are well briefed on potential OSS issues.
  • Audit existing software systems and maintain a register of OSS to assist in compliance with the terms of OSS licences.
  • When carrying out due diligence prior to the acquisition of a business, ensure that OSS issues are considered and investigated. Where necessary, obtain appropriate warranties and indemnities from the vendor to cover any identified risk.
  • When obtaining software development or programming services from third parties, ensure that appropriate warranties and indemnities in relation to OSS are obtained.

OVERVIEW OF OPEN SOURCE SOFTWARE LICENCES

The most common OSS licences are:

  • 'GNU General Public License' (GPL) 2.0 and 3.0. Linux is an example of a GPL licence;
  • 'GNU Lesser General Public License' (LGPL) 2.1;
  • Permissive free software licences, such as the 'MIT License' (Massachusetts Institute of Technology and the 'BSD License 2.0' (Berkeley Standard Distribution) ;
  • 'Apache License 2.0'; and
  • 'Mozilla Public License' (MPL) 1.1.

Phillips Fox has changed its name to DLA Phillips Fox because the firm entered into an exclusive alliance with DLA Piper, one of the largest legal services organisations in the world. We will retain our offices in every major commercial centre in Australia and New Zealand, with no operational change to your relationship with the firm. DLA Phillips Fox can now take your business one step further − by connecting you to a global network of legal experience, talent and knowledge.

This publication is intended as a first point of reference and should not be relied on as a substitute for professional advice. Specialist legal advice should always be sought in relation to any particular circumstances and no liability will be accepted for any losses incurred by those relying solely on this publication.