Home | Computers
With several hundred thousand free open source packages available for download, a commercial software developer should leverage open source whenever possible. However, it is important to understand the license obligations and restrictions that come with your open source software. The courts have ruled that violating the license obligations that come with open source is the same as copyright infringement, and this menas you do have to respect the license obligations when you use open source. With most open source licenses, obligations and restrictions in the license only apply if you distribute the open source, i.e., you distribute the binaries associated with the open source inside the binaries that you ship to your customers. If you use the open source software only as a development tool, the obligations posed by the open source typically do not apply. With most Open Source licenses, the obligations are about attribution, redistribution, and various specific restrictions. Attribution refers to giving credit to the authors and contributors of the open source software. The requirements can include all, some, or none of the following: * do not remove license text or copyrights in the source code * insure proper credit in the documentation * do not imply that the open source authors endorse the commercial product without explicit permission * clearly mark if you make any changes to the open source * if there is a requirement to redistribute the open source, clearly show in the documentation how to get the redistribution; * in any advertising done for the commercial product, explicitly acknowledge the open source component provider. Redistribution refers to making the open source freely of charge and available to the public. This is typically under the same license as the original open source and/or with a compatible license. This can include the original open source, any modifications made by you, and most importantly, any software "based on" the open source code. "Based on" is an interesting phrase that is interpreted differently depending on the license. Some licenses are viral, and can essentially force you to make all of your own commercial software that is linked to the open source software to also be given away free. These licenses are called "copy-left" licenses, and pose the greatest threat to a commercial software company's revenues. Common license restrictions can include: * do not make any additions or changes to the open source * do not distribute this open source software on its own, ie, only distribute it when it is accompanies by significant value added from your own software. * do not remove copyrights in the open source * do not initiate patent litigation against any of the contributors to the open source on the grounds that something in the open source violates one of your patent claims. Violating these restrictions can cause the license to be terminated. While there are many dozen unique licenses, the following discusses some of the common types: The least restrictive licenses are public domain licenses. Source code provided in the Public Domain are free to use without restriction, so you can use the source code without any attribution or redistribution and you can distribute any or all of the open source with or without modifications, as you see fit. These are followed by MIT style licenses, so named, because these licenses follow a template created by MIT. In these licenses, the rights are similar to public domain and the only obligation is attribution. For MIT style licenses, this requirement is often satisfied by leaving the original copyrights that came with the open source software in place and also providing credit to the open source authors in the end user documentation. The next common style is BSD style licenses, originally created by the University of Berkeley, with both an original and a "modified" version of the license available. These licenses contain the same obligations as the MIT license, with the additional attribution requirement that the commercial software provider cannot use the names of the open source provider as a product endorsement without explicit permission. The first version of the BSD license also required that in any advertising done for the commercial product, there was an acknowledgement of the open source provider; however, the 2nd version of the BSD license is far more common. The next common license style is from Apache, which is a large well organized cooperative of open source contributors, with an extensive library of open source software. The Apache 1.1 licenses requirements are very similar to the BSD modified license requirements. The Apache 2.0 license adds that any modifications to the open source code must be clearly marked with a change log. The Apache 2.0 license also adds an important restriction, the patent non-assert clause, which essentially states that if you initiate patent litigation against any of the authors or contributors who helped create this open source, you can no longer use the open source. The next common set of licenses is the Common Public License and its derivatives such as Eclipse Public License, IBM Public License, Mozilla Public License, etc. These licenses all have similar obligations to the MIT license, but they also have additional obligations in attribution and re-distribution. The CPL 1.0 license requires that if the open source is modified, the commercial software developer has to make the original open source code and the modifications available for free. In addition, the commercial software developer has to state in the end user documentation how the user can obtain this open source code along with the changes. Finally, the source code changes made by the commercial developer should be clearly marked. It is important to understand, that the CPL is not viral, ie, it does not contaminate the commercial software developer's proprietary software. The final common set of licenses are the LGPL v2.1 and the GPL 2.0 licenses, which together make up about 70% of all of the open source code inside sourceforge.net, a well known open source repository. The GPL 2.0 license has all the same attribution and re-distribution requirements as the CPL license above. However, the GPL also require any works based on those packages to be offered (re-distributed) under the same "free to the public" terms. Most commercial software companies consider this an unacceptable license for commercial software, because it does drive a change to their basic business model. The LGPL v2.1 license carries a similar obligation to the GPL 2.0 license but has a more restrictive definition of where the re-distribution obligation applies, which makes it friendlier to commercial companies then the GPL license. For example, any commercial software which is not statically linked to the LGPL licensed package does not require re-distribution. However, the LGPL license also carries other obligations such as requiring the distributor of any package which includes the LGPL libraries to allow the end user to replace those libraries. This may cause support or packaging issues for the commercial software company. There are also several dozen unique licenses for individual open source packages. While they can generally be classified as similar to one of the common licenses described above, they often have some unique requirement or feature that needs to be taken into account. To summarize, open source licenses have requirements in attribution, redistribution, and they can have other requirements as well. Understanding the license obligations, and abiding by them, is the true cost of free open source. It is important to understand and manage these license obligations to avoid the risk of lawsuits and other legal issues.
Article Source: http://www.articlesfeed.com
For more actionable insights into the legal disadvantages of open source and how to avoid them, come visit our blog at Source Auditor.
Rate This Article
5 out of 54 out of 53 out of 52 out of 51 out of 5
Not yet Rated
Powered by Article Dashboard
