Open Source Software – risk or opportunity?
8th November, 2013
Open source software is now widely used by many businesses in developing software products and Ward Hadaway's specialist IT lawyers have advised numerous companies on the legal issues arising from its use.
However, in our experience, OSS is a topic which continues to arouse concern and confusion.
Here we introduce some of the legal issues which can arise from the use of open source software in software development projects.
What is Open Source Software?
Open source software is a type of software which allows the user to copy, modify and redistribute the software source code (i.e. human readable code). This is unlike traditional “proprietary” or “closed source” licensing models which generally only allow the user to access the software in “machine-readable” object code form.
Under these traditional models, software suppliers keep the source code confidential so that only they can support, maintain and further develop the software.
What types of Open Source Software are there?
There are numerous different types of open source software licence. However, in general terms, open source software licences can be split into two categories:
So called “Academic Licences” are generally permissive placing few obligations on the user or licensee wishing to use the software. Often the only obligation is to indicate that the open source software has been used. Examples of Academic Licences include the MIT and BSD licences.
So called “Reciprocal Licences” are more restrictive. They generally provide that the open source software can be used and modified for internal use, but that any modified versions of the software which are made available to the public (“distributed”) must only be distributed on the same terms as the original open source software. As a consequence, it is sometimes said that reciprocal open source licences are “viral” in nature. An example of a Reciprocal Licence is the widely used GPL Licence.
What are the benefits of using Open Source Software?
Using open source software can have significant advantages for software developers. It is widely and freely available and can significantly reduce the time and cost involved in developing software applications.
There are also active communities of software developers committed to improving and maintaining certain open source software products.
However, it is essential that software developers understand that open source software is subject to licence conditions and requirements which must be respected.
What are the risks associated with using Open Source Software?
The main risks which can arise from the uncontrolled or inappropriate use of open source software are as follows:
Reciprocal open source software licences usually impose a requirement that any person who “distributes” software which is derived from the open source software, must do so on the terms of the open source software licence.
Since open source licence terms often provide that source code for the software must be made available to others, this has caused fears that software businesses could be required to disclose the source code for their own closed source or proprietary software, if it is combined with open source software. This is sometimes referred to as the risk of “contamination” or “infection”.
It is recognised that certain types of open source software licence are incompatible with other types of open source software licence. In addition, reciprocal open source software licences are generally incompatible with traditional closed source/ proprietary software licence terms. This can cause difficulties and complexity when preparing licence terms for products containing software from various sources.
Most open source software licences contain at least some requirements about how the software is used. These can range from simple obligations to acknowledge that open source software has been used, to more detailed obligations (e.g. to publish source code). If software developers use open source software and fail to comply with these requirements there is a risk that this could result in adverse publicity (e.g. in the press of development community) or even legal action.
Since most open source software is licensed on an “AS IS” basis, it does not usually come with the types of guarantees and warranties you would expect to receive from a supplier of proprietary software. The risk that software may infringe intellectual property rights owned by third parties is a particular concern.
What can you do to minimise the risks associated with Open Source Software?
If you develop software products, it is essential that you understand what open source software may have been used in the products you have developed. You can carry out an audit of your products and specialist software is available to identify what open source software may be contained in a given product.
Having established what open source software is used, it is important to review the terms of the relevant open source software licences to ensure that you are complying with relevant provisions.
This can be difficult for two reasons. Firstly, there remains considerable uncertainty about the legal effect of the some provisions contained in open source licence agreements. This is because the wording used in some licences is unclear and because some of the key provisions have never been ruled on by a court.
Secondly, the requirements contained in open source licences can often depend very precisely on how the software has been used in a given software product. As a consequence this process can require close collaboration between technical teams and legal advisers.
Moving forward, it is important that all development staff are fully aware of the issues which can arise from the use of open source software and that robust policies and processes are put in place to ensure that all use of open source software is carefully controlled. This can be done by providing training to development staff and by developing and implementing an Open Source Software Policy.
How can Ward Hadaway help?
We can assist by working with you to advise on how the requirements contained in open source licence agreements apply to your products, by developing and helping to implement Open Source Software Policies and by providing training to development teams on this important topic.
If you would like to discuss open source software or other legal issues connected with software development project further, please get in touch.
Please note that this briefing is designed to be informative, not advisory and represents our understanding of English law and practice as at the date indicated. We would always recommend that you should seek specific guidance on any particular legal issue.
This page may contain links that direct you to third party websites. We have no control over and are not responsible for the content, use by you or availability of those third party websites, for any products or services you buy through those sites or for the treatment of any personal information you provide to the third party.
