Is open source in deep trouble?

No matter what the outcome of SCO's suit against IBM over open-source code, corporations will be wary of any open-source investments, especially those that could unwittingly bring new legal risks.

COMMENTARY--Over the past several years, corporate America has warmed to open-source software programs such as the Linux operating system and the Apache Web server.

Today, software from the open-source community, a worldwide group of developers who share their code freely with one another, competes head-to-head with programs from industry titans such as Microsoft and Sun Microsystems.

However, a legal battle between the Utah-based SCO Group and IBM could throw cold water on the relationship.

SCO is suing IBM for billions of dollars claiming that Big Blue took code from SCO's Unix operating system and added it to Linux. SCO has since revoked IBM's license to use its AIX version of Unix and requested that the judge permanently halt IBM's entire Unix business. Unfortunately for those watching the case, the facts are extremely complex and SCO has been tight-lipped about its evidence. The result is that analysts have pronounced the case everything from the the end of Linux to a complete farce.

Regardless of the case's outcome, however, the specter of liability has already been raised among the notoriously risk-averse ranks of corporate information officers. Already, industry analysts from Gartner have advised corporations to reconsider implementing Linux, especially on "mission critical" systems. In addition, SCO ensured that at least 1,500 of the world's top corporations were aware of the potential risks of using Linux when it sent them letters threatening direct legal action.

News Focus
SCO-IBM battle
Intellectual property

This tactic may seem strange to people who aren't lawyers--how could 1,500 companies infringe property rights they did not know existed when they bought their software? U.S. copyright and patent laws do not include an absolute protection against "innocent infringement" of such rights, although damages may be reduced for acts performed before you have notice of the rights. Once on notice, however, "innocent" purchasers are liable for damages and subject to an injunction if they continue to use or sell copies of the software. For customers and technology partners, this adds an additional element of risk to using open-source software and including such software in their own products.

Even if IBM prevails in this case, lingering doubts about future licensing problems could hinder further adoption of open-source software. Corporate IT spending is just beginning to stir after two years of deep sleep, but corporations will be wary of any risky IT investments, especially those that could also bring new legal risks. The open-source community must face these fears directly if it wishes to continue building their relationship with corporate America.

The specter of liability has already been raised among the notoriously risk-averse ranks of corporate information officers.
First, open-source distributors and integrators should "trust but verify" the origins and IP rights of the code within their products. Many organizations and companies developing open-source software already have methods to check the contributions to their code--that is, who owns what.

Some open-source software projects require contributors to provide legal documentation of ownership in the code they submit and use digital signatures to authenticate those submissions. These types of measures should continue to be improved and be implemented more broadly within the open-source community.

Another confidence-building step would be for the distributors or developers of open-source software to move away from offering their products "as is" and find ways to indemnify customers from any liability for intellectual property infringement. Some in the community might suggest that this step is too radical and that it runs counter to their ideals. However, by not offering at least some degree of comfort to their customers through indemnification, they risk ceding an important market advantage to those proprietary software companies that do.

Beyond the end users, the open-source community should look for ways to build trust among potential technology partners. Today's world of networked software requires interoperability and sharing. The open-source and proprietary communities can maintain their separate worldviews but, as they are interdependent, must find a way to communicate.

Even if IBM prevails in this case, lingering doubts about future licensing problems could hinder further adoption of open-source software.
For its part, the open-source community has to at least understand the vocabulary of the "IP conversation" that occurs among business partners that simultaneously compete and cooperate. Such a conversation allows such partners to efficiently communicate ownership interests in existing products and work constructively on new ones.

While I am optimistic that these adjustments can be made, it may expand the growing rift between those who see open source as a moral, if not religious movement, and those who see commercial opportunity in this alternative development model. For example, the Free Software Foundation believes that no piece of software should ever be "owned." It is clear that IBM, Red Hat and others that are interested in developing sustainable open-software-based businesses must find ways to coexist with proprietary software.

However, it is unclear to me how the corporate community can continue to work with those who reject the entire principle of software ownership and simultaneously protect their investment in their own products.

The open-source community has been an important force for competition and innovation for the information technology industry. Hopefully, it can learn from past and present experiences, including the SCO lawsuit, to improve its intellectual property practices and to mature as a critical part of the industry.

Richard Wilder is a partner with law firm Sidley Austin Brown & Wood and is intellectual-property counsel for the Association for Competitive Technology.