Our colleague David Berlind posts this thoughtful piece on the issue of patents as they relate to Web services standards. David says OASIS, or the Organization for the Advancement of Structured Information Standards -- the leading venue for "ratifying" certain Web services standards -- is actually a patent shelter for the big vendors.
David cites a recent InfoWorld article which describes how the Apache Foundation has hit a roadblock in implementing WS-Security, a standard approved and released by OASIS in the spring of 2004: "Although WS-Security is available for implementation royalty-free, it still must be licensed from Microsoft and IBM. Apache has raised concerns about this, mostly pertaining to a non-transfer clause that appears incompatible with open source licenses that allow for uninhibited transfer of technologies, Apache officials said."
The question is, the larger commercial vendors talk quite a bit about supporting openness, but could they get hard-nosed at some point in the future when they're feeling competitive heat, and call out the lawyers?
OASIS is the product of commercial vendor coopetition, and was not formed with open-source software in mind. But now, open-source is fast becoming a huge part of corporate IT operations. Apache's application server projects, for one, are starting to give commercial providers a run for their money. The recent Evans Data survey on Web services and SOA, which I authored, reveals that at about a third of Web services developers now embrace open-source application servers such as Apache/Tomcat. Apache has just about caught up with Microsoft’s .NET-based application server platform (includes IIS), which still leads with 37%.
The bottom line: a calcified, creaky, and lopsided patent structure threatens to gum up the two best things we have going for us in this decade — Web services and open source.
Some say that major infrastructure vendors such as IBM, Microsoft and BEA Systems moved their standards development efforts from the World Wide Web Consortium (W3C) to OASIS because they could better lock in their patented technology under OASIS' terms.
Earlier this year, CNET's Paul Festa reported on an effort to boycott OASIS on the basis of its patent policy announced at the beginning of the year. According to a letter from some leading open-source software luminaries, OASIS' policy (detailed here):
- "…permits standards to be based upon so-called 'reasonable and non-discriminatory' patent license terms — terms which invariably and unreasonably discriminate against open source and free software to the point of prohibiting them entirely. It would lead to the adoption of standards that cannot be implemented in open source and free software, that cannot be distributed under our licenses…"
- "…The OASIS patent policy will encourage large patent holders to negotiate private arrangements among themselves, locking out all free software and open source developers."
OASIS CEO Patrick Gannon has responded that his group's policy "is as strong as the W3C policy in terms of specifying work to be royalty-free. Our policy states that standards may incorporate work that is patented, but that they have to disclose it. And in almost all cases, that results in a royalty-free license for that work." OASIS said that it revised its policy to specify three modes for standards work: RAND, or reasonable and nondiscriminatory licensing; RF, or royalty-free, on RAND terms; or RF on limited terms.
Let's learn from the SCO debacle. Let's compete on the basis of how well our solutions meet the needs of businesses and organizations. May the best products win where they're supposed to win — in the marketplace. We don't want lawyers telling us which software we can and cannot use.