A graduate student in Europe doing a thesis on software licensing, bless his heart, writes to inquire about examples from one of my recent blogs on a tango between SaaS and open source.
He asks: "I think the area of SaaS and open source (OS) is very interesting at the moment. What I'm wondering is how to go to ... open source and SaaS in terms of licenses. The GPL V.2 with its loophole can be a problem: If I build a web application, make it OS under the GPL and want to produce revenue through a SaaS model (e.g.: monthly fee/user) that simply won't work out well. Anybody can come along and add some features to the original code tree and set up a hosted service, offering it for a lower price than I ever could -- and he doesn't have to give anything back.
"Looking at Zimbra and SugarCRM, they both use a modified versions of the MPL that isn't OSI-certified as far as I know. They use open source as a marketing channel and build their competitive advantage on top of features that they provide under a propietary license -- but exclude [that code] from the OS version.
"I didn't find any examples of another vendor who builds an OS application on an OSI-certified license and is making revenue through a SaaS delivery model."
Who can help the lad out?
What's more, is there a defacto standard in the making for how to best use open source in a SaaS model that does not leave the provider open to code and revenue hi-jacking? My thoughts have been that SaaS providers should use OSS as platform and deployment infrastructure alone, while keeping the applications as their intellectual property. That both reduces risks and total costs.
But in cases where the applications are at least partly make of GPL-based OS, is there a risk if they use OSI-compliant licenses? How about SOA services with partly OS components? Good questions.