Ten things your lawyers need to know about open-source

In ever-growing numbers, CIOs want to take advantage of the many benefits that free and open-source software have to offer their companies.

But there's a snag. Their lawyers can be grouchy when it comes to open-source. They claim opening the door to open-source software carries unacceptable legal risk. Many imply naively or wrongly that proprietary software doesn't carry its own risks. Some describe open-source software in pejorative terms and repeat the biased conclusions of well-financed FUD (fear, uncertainty and doubt) programs. They point to assertions made by high-profile CEOs that proprietary software companies will soon come knocking on their doors looking for money to compensate them for intellectual property that open-source allegedly infringes.

Some lawyers may even counsel their clients to steer clear altogether (as if that were a choice), never mind if that means losing out on the strategic opportunities open-source offers.

As a CIO you may ask, what's gotten into my lawyers? Isn't it their job to provide legal support and counsel for the business decisions I make? Why the differences in attitude between CIOs who are bullish on open-source and lawyers who advise caution? CIOs who find the answers to these questions will discover some simple ways to make better use of their lawyers and get the support they need for deploying or producing open-source.

Here are 10 things CIOs should tell their lawyers to help them become more productive and supportive members of their teams.

1. "Get educated on the business case for open-source." Unfortunately, lawyers counseling technology companies don't always understand the business reasons underlying the legal opinions and advice they are asked to provide. Take time to explain the business reasons and benefits behind your decision to embrace open-source.

2. "Understand the basics of how open-source is built through the distributed software development model." Knowing how code is developed and shared, how contributions to projects are tracked and how decisions are made to include code (or not) will help them understand the extensive peer review and code vetting that takes place -- which in turn places open-source on more solid legal ground than the proprietary software companies would have them believe. Find opportunities for your lawyers to talk with engineers involved in open-source so they can hear firsthand how the development process works and how it produces results that are better from both a technology perspective and a legal perspective than they might expect.

3. "Force your way into our business discussions about how to deploy or produce open-source. Educate us on the legal issues as those discussions progress and our decisions take shape." Getting your lawyers involved early means you can solve problems or mitigate the risks before they arise. Make it a practice to include them early in your thinking about adopting open-source.

4. "Don't propagate FUD. Question the claims made by proprietary software vendors and arrive at your own legal conclusions, in consultation with other lawyers experienced in open-source legal issues if needed." Let your attorneys know you expect them to question and then research the legal risks associated with open-source, but that those same issues should be examined for proprietary software as well. The development and use of all software carries risk. Those risks are largely the same for open-source and its proprietary alternatives.

5. "Resist the temptation to create a new open-source license for software we develop; use an existing Open Source Initiative-approved license if possible." Like it or not, some attorneys' bread and butter is drafting software licenses. However, each new open-source license makes more work and creates more legal risk for end users. Worse, a multitude of open-source licenses often results in less code being reused because the licenses under which they are distributed are incompatible. If an existing license doesn't address your business needs, encourage your lawyers to work with the steward of an existing license to seek changes that could result in that license working for you.

6. "Odds are we have (or will soon have) open-source software in our corporate environment. Establish and implement processes and procedures for managing this inevitability." Surprising at it may sound, CIOs and their lawyers often believe that if they tell their engineers and employees not to bring unapproved software (whether proprietary or open-source) into the corporate environment, they won't. The reality is it happens. Instruct your attorneys to partner with your IT department to develop policies and procedures for software as it comes into your company, as well as develop a mandatory product-review process that occurs before any software product is shipped.

7. "Join in the long-term effort to insist on reform of the patent system, particularly where software patents are concerned." The proliferation of software patents is the single biggest threat to proprietary and open-source software. Task your lawyer with voicing concerns in one of the several legal forums or associations where reforms are debated and lobbying efforts are mounted, such as the U.S. Patent Bar, the American Bar Association or the American Intellectual Property Law Association.

8. "Find short-term means of reducing the threats posed by software patents. Develop a legal policy that allows us to support the burgeoning software patent commons." Encourage your lawyers to find ways to make your company a good corporate citizen and help reduce the patent threat in the short run, whether through patent pledges or contributions of patents to the patent commons. While pushing the U.S. Patent and Trademark Office for legal reform of the patent law and patent legislation abroad, tell them to find ways to join the growing group of companies that are signaling to the open-source community that software patents they hold aren't a threat to open-source.

9. "Participate in the GPL reversioning process." The GNU General Public License, the most popular of all open-source software licenses, is being updated over the next 12 months. Targeted for completion in early 2007, the resulting product, GPL 3.0, will affect technology companies and software users worldwide. Even if you don't plan on licensing software you develop under the GPL, your company will be exposed to software that is. Don't let your lawyer shy away from engaging in the process. It's one of the most important and well-constructed efforts ever attempted to forge consensus among diverse stakeholders, and it's one we as an industry can't afford to see fail.

10. "And finally, help us find ways to give back to the community from which our company derives benefit and support us in our efforts to do so." This touches on the crux of the difference between the CIOs who understand the potential of open-source and the lawyers who fear its unknowns. If your company is to successfully take advantage of one of the most important technology developments of the century, it will require the support of each and every employee and adviser. It will mean taking simple steps, such as replacing adjectives such as "viral" with "copyleft," and more serious steps such as lending time, energy and resources to the institutions that support open-source, like the Software Freedom Law Center, Free Software Foundation Inc. and the Open Source Initiative -- even if the form of that support is constructive criticism.

Diane M. Peters is general counsel at Open Source Development Labs Inc., a nonprofit, industry-supported organization dedicated to increasing the adoption and growth of Linux.

Copyright © 2005 IDG Communications, Inc.

Bing’s AI chatbot came to work for me. I had to fire it.
Shop Tech Products at Amazon