OUT-LAW and Open Source

I went to a breakfast seminar run by Pinsent Masons (aka Out-Law) in Edinburgh this morning. I noticed Royal Bank of Scotland badges, as well as the usual suspects: public bodies, other consultants and developers (some not even in suits!). In fact, the seminar was apparently the best attended they’ve had for a long while, or so claimed John Salmon, the partner introducing the event.

Anyway, back to the main point, which is to get my notes down, starting with the central message:

Evaluating risks is key to choice between Open Source and proprietary software

I guess if you’re going to do IPR, you should do it right. And you need to do IPR: the talk covered enough new ground on IPR protection and risk management to make it worthwhile getting up at 7am for.

Quotes are from OUT-LAW Breakfast Seminar: Open Source software, Spring 2006

From what was said, it sounds like the most (potentially) confusing area is patents. There are many arguments against software patents, but they exist and are enforced, particularly in the USA, so businesses have to take account of them.

There is no case law on the use of copyright law in the enforcement of Open Source software (OSS) in the UK:

UK copyright law favours the individual author and does not easily adapt to a situation where there are hundreds of collaborators in a single work.

On the other hand, the GPL has been shown to be enforceable in Germany.

Another complication specific to the UK: If the Unfair Contract Terms Act or the Sale of Goods Act are relevant, some of the exclusions in OS licences might not be enforceable

The business perspective

With OSS, the risks can be divided between two scenarios:

Organisation considering using OSS

The issues revolve around warranties. Firstly of suitability for purpose and service levels generally – these are are often explicitly excluded even by proprietary software.

The second area is unique to OSS applications: there is no-one to guarantee the user against unexpected royalty demands or claims for breaches of copyright – for instance from the likes of SCO.

Thus there is possibly a need for buying an indemnity – as sold Red Hat and other large consultancy. I’m not sure if they are available through insurance companies

Organisation developing software for resale

Even the GPL allows internally developed software to be kept in-house. but there is business risk in inadvertently infecting in-house commercial code with the GPL. The recommended approach is

  • logging of the use of externally developed software
  • a software policy that specifies what licenses are acceptable and procedures for managing infection by copyleft applications

Of course, if the business is itself developing OSS code, there is no problem

Some thoughts

(1) most (all?) OS software repositories such as Savannah or Sourceforge are sited in the USA and (2) the USA is the country that does software patents on the largest scale (though they also exist in Europe). Since an independently developed application can inadvertently breach a patent, it leaves users of OSS in a potentially vulnerable position.

I wonder if the risks from US litigation are higher if you’re using a OSS application hosted on a US site? Maybe that’s an argument for the use of the EUPL and a European-based repository?


Oh yes – good bacon rolls by the way!


About Peter Cruickshank

Lecturer in the School of Computing and a member of the Centre for Social Informatics at Edinburgh Napier University, Scotland. Interested in information systems, learning, politics, society, security and where they intersect. My attempts at rounding out my character include food, cinema, running, history and, together with my lovely wife, bringing up a cat and a couple of kids.
This entry was posted in ipr, opensource. Bookmark the permalink.

One Response to OUT-LAW and Open Source

  1. Pingback: Anonymous

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s