IDG News Service - Monsoon Multimedia Inc. and the Software Freedom Law Center are discussing a settlement regarding Monsoon's open-source licensing violation, but a deal isn't certain.
"Simply coming into compliance now is not sufficient to settle the matter, because that would mean anyone can violate the license until caught, because the only punishment would be to come into compliance," said Dan Ravicher, SFLC's legal director, in a statement. He confirmed that the parties are in settlement discussions but said an agreement hasn't yet been reached.
In a statement, Monsoon said that it has always intended to comply with the licensing requirements and expects to do so within the next couple of weeks.
Last week, the SFLC filed a lawsuit against Monsoon on behalf of two of the creators of BusyBox, a lightweight set of Unix utilities used in embedded systems. BusyBox claimed that even after repeated requests, Monsoon failed to publish its source code.
Monsoon uses BusyBox under the GNU General Public License Version 2, which requires distributors of software that uses the licensed software to make their source code available. Failing to do so is considered copyright infringement.
The SFLC said this is the first known case filed in the U.S. to enforce an open-source license. It is being closely watched as a test of the legal strength of GPL2.
If the case goes to trial, the key decision will be whether the court decides that GPL2 is a license or a contract, said James Gatto, a lawyer who leads the open-source team at New York-based Pillsbury Winthrop Shaw Pittman LLP, which is not involved in the lawsuit.
If the court decides GPL2 is a contract, it would be a blow to the open-source community. That's because the remedy for breach of contract is damages for losses, he said. "Here, what's the loss to a plaintiff that doesn't charge for the software?" he said. The court can also in some cases require specific actions in a breach of contract case, he said.
In a licensing arrangement, the defendant would be charged with copyright infringement, entitling the plaintiff to damages and an injunction.
It is unusual for an open-source licensing issue to reach the courts. Typically, the parties work it out privately. "There's not enough at stake generally for people not to comply," Gatto said.
In Europe, the GPL Violations Project has brought at least one open-source licensing case to court.
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Legal White Papers | Webcasts