Compliance scheme aims to dispel open-source concerns

The Linux Foundation has launched the Open Compliance Program, which aims to help businesses be confident that they are not at legal risk when using open-source software
Written by David Meyer, Contributor on

The Linux Foundation has launched a scheme to help companies comply with open-source licences, partly in response to the increasing use of Linux in mobile devices.

The Open Compliance Program, unveiled on Tuesday, is backed by "virtually every major player in the world of enterprise and mobile computing", Linux Foundation chief Jim Zemlin said in a blog post. These companies include Adobe, AMD, Cisco, Google, HP, IBM, Intel, Nokia, Novell, Samsung and Sony.

The scheme gives tools for companies using open source, including a code dependency checker, as well as training materials and a self-administered assessment checklist to ensure compliance. It also provides a directory of compliance officers at companies that use Linux and open-source software in their commercial products.

A new data exchange specification — called Software Package Data Exchange, or SPDX — is also included, to help companies and suppliers report software information in a standardised fashion.

According to Zemlin, the scheme will "help spread the use of open-source software, as it will eliminate the very few legal cases and most importantly the FUD [fear, uncertainty and doubt] around legal compliance that some vendors like to spread".

"Those of you who follow Linux know its use as an embedded OS has skyrocketed in recent memory, delivering a sea change in the consumer electronics and mobile industries. We think complying with open-source licences is relatively straightforward and far easier than complying with proprietary licences, especially in an enterprise software setting," Zemlin said. "But knowledge, after all, is power. And some companies need help, especially operationally, in defining and following best practices. That's where we come in."

The Open Compliance Program is supported by Eben Moglen of the Software Freedom Law Center and others in the legal community. "Compliance with free-software licensing requirements is much easier for product manufacturers and distributors than certain industrial competitors want you to believe," Moglen said in a statement.

"Free software licences are designed to make it easy to copy, modify and redistribute software, commercially and non-commercially. But strong operational compliance engineering measures still play a crucial role, making risk avoidance both inexpensive and wholly effective."

Open-source advocate Pamela Jones wrote on her Groklaw legal blog that the scheme seemed designed to help businesses easily and effectively incorporate open-source tools into their products without friction. "I guess after this, there really will be no excuse not to get it right," Jones wrote.

Editorial standards