In the wake of the ongoing SCO lawsuit, open-source developers must take steps to ensure they don't become the victims of further legal action.
In a presentation at Linux.conf.au 2004 in Adelaide, specialist Australian IT lawyer Jeremy Malcolm said that while it was widely anticipated in the open-source community that SCO's lawsuit against IBM for alleged copyright infringement would eventually collapse, the case had drawn attention to the relative lack of control over copyright and patent infringement within many projects.
"The open-source community has been quite lucky not to suffer an attack like SCO has brought sooner," Malcolm said.
SCO is expected to release details of the code that it says has been illegally included in Linux on 23 January. However, the trial is not due to take place until 11 April, 2005. "In between those two dates, there's a lot of uncertainty for the open-source community," Malcolm commented.
One of the biggest potential risks for developers is unwitting infringement of patents. "The fact that you don't copy any code doesn't necessarily clear you," Malcolm said. "You have to honour patents that you may not even have heard of."
To ensure that development projects don't fall apart over legal concerns, Malcolm recommends ensuring contributing developers sign a document certifying that their contributions are original.
"The best protection for an open-source project against liability is to make the developers the ones who have the liability on their shoulders," he said. Developers who have worked for former employers on software and later decide to contribute to similar open-source projects should also seek permission from those employers to avoid potential issues, Malcolm added.
Talkback
How is this any different for Linux developers than _all_ software developers. Patents you haven't seen (that by the way didn't benefit you or influence you) and unreal contracts by employers who want to own the product of your every waking hour, regardles of job hours or working description.
This is all software writing, especially in America.
I agree that Linux needs more protection against patent suits, since an end-user can be forced to pay damages for violating a patent that he or she was not even aware of.
Even winning a patent defense is usually costly, since you usually have to search for prior art. However, the Groklaw.net web site provides free state of the art legal research for cases like this, and OSDL has offered to pay legal expenses.
We should have a list of all Linux projects that specificly require developers to certify that their contributions are original work, and that their employers have agreed. Also, a complementary list of projects that do not have this requirement. Users that are worried could refuse to install projects that do not have this policy.
However, the best defense of a patent suit is a patent that you can claim the plaintiff is violating. The Open Source Software/Free Software movement (OSS/FS) has some of the best innovators in the software world. All that is needed is for them to build a patent portfolio for defense of OSS/FS.
Meanwhile, you mentioned SCO.
SCO responded to IBM on Monday's deadline with 60 pages of answers to IBM's questions and an unspecified number of documents. SCO also filed with the court a certification of compliance with the court order and an affidavit with the reasons they could not answer all IBM's questions.
It is now too late to submit more information to IBM. The January 23 court hearing is for oral arguments on whether SCO has sufficiently answered all IBM's questions with specificity, and on whether SCO can prove a valid need for confidentiality on all the answers that it labelled confidential.
The court order required SCO to answer IBM's interrogatories 1-9 and 12-13 with specificity, by file and line number, without further negotiations with IBM. For example, #12 asks SCO to define all parts of Linux that SCO claims rights to, and for each, the nature of those rights.
Neither the certification nor the affidavit mentions copyrights. If, as SCO's spokesman Stowell remarked, no information on copyrights was submitted to IBM, then Stowell's remark is a public admission that SCO deliberately defied the court order.
The penalties for failing to meet a court order to compel are severe, and include the possibility that the judge will dismiss SCO's suit, and order summary judgment on IBM's counterclaims. If so, we won't have to wait for 2005.
Open source software has been around for 20 years, and there are over 60,000 oss projects at Sourceforge.net.
If there were any legal dangers here, then they would have shown up long ago. There are countless cases of proprietary ISV's being sued for IP violations. How many have we seen for OSS.
I think this fellow is just trying to drum up some business. Remember, lawyers have a motivation to stir up trouble, because they make money helping people get out of trouble.
It's cllaed the GPL and its legal. And you call yourself a lawyer.