Compliance scheme aims to dispel open-source concerns

Summary:The Linux Foundation has launched the Open Compliance Program, which aims to help businesses be confident that they are not at legal risk when using open-source software

The Linux Foundation has launched a scheme to help companies comply with open-source licences, partly in response to the increasing use of Linux in mobile devices.

The Open Compliance Program, unveiled on Tuesday, is backed by "virtually every major player in the world of enterprise and mobile computing", Linux Foundation chief Jim Zemlin said in a blog post. These companies include Adobe, AMD, Cisco, Google, HP, IBM, Intel, Nokia, Novell, Samsung and Sony.

The scheme gives tools for companies using open source, including a code dependency checker, as well as training materials and a self-administered assessment checklist to ensure compliance. It also provides a directory of compliance officers at companies that use Linux and open-source software in their commercial products.

A new data exchange specification — called Software Package Data Exchange, or SPDX — is also included, to help companies and suppliers report software information in a standardised fashion.

According to Zemlin, the scheme will "help spread the use of open-source software, as it will eliminate the very few legal cases and most importantly the FUD [fear, uncertainty and doubt] around legal compliance that some vendors like to spread".

"Those of you who follow Linux know its use as an embedded OS has skyrocketed in recent memory, delivering a sea change in the consumer electronics and mobile industries. We think complying with open-source licences is relatively straightforward and far easier than complying with proprietary licences, especially in an enterprise software setting," Zemlin said. "But knowledge, after all, is power. And some companies need help, especially operationally, in defining and following best practices. That's where we come in."

The Open Compliance Program is supported by Eben Moglen of the Software Freedom Law Center and others in the legal community. "Compliance with free-software licensing requirements is much easier for product manufacturers and distributors than certain industrial competitors want you to believe," Moglen said in a statement.

"Free software licences are designed to make it easy to copy, modify and redistribute software, commercially and non-commercially. But strong operational compliance engineering measures still play a crucial role, making risk avoidance both inexpensive and wholly effective."

Open-source advocate Pamela Jones wrote on her Groklaw legal blog that the scheme seemed designed to help businesses easily and effectively incorporate open-source tools into their products without friction. "I guess after this, there really will be no excuse not to get it right," Jones wrote.

Topics: Legal, Security


David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't be paying many bills. His early journalistic career was spent in general news, working behind the scenes for BBC radio and on-air as a newsreader for independent stations. David's main focus is on communications, of both... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.