Commentary - Sometimes you have to move slowly to get ahead in the long run.
As more software companies use open source software (OSS) to create proprietary software products, the risk of OSS contamination has grown increasingly high. There is no doubt that utilizing OSS can cut back on development cycles and help plug the gaps of your proprietary software. But if not executed properly, companies can quickly fall victim to the costly consequences of software contamination.
Contamination most often occurs when software developers combine OSS with their own proprietary code. By nature, that contamination may render affected software open source as well. Depending upon the specific open source license under which the OSS is licensed for use, that contamination can then prevent the developer from enforcing patents covering the proprietary code or from otherwise imposing restrictions on use of the proprietary code. If the developer does not then distribute the combined software under the terms of the open source license, the developer violates the OSS license. Such an offender is then open to copyright infringement claims.
Common causes of contamination
There are a number of ways that OSS can contaminate proprietary software, and while most are inadvertent, knowing where violations arise is the best way to avoid them.
Ignorance is no defense: Chances are good that between a team of developers, someone is using code that originated from outside sources. Don’t assume that due diligence was conducted for every bit of code that your software developers include. If you acquire and use software in a manner that is in violation of an OSS license, you are likewise in violation and could be held responsible for any legal repercussions – even if you didn’t realize that this code was included in your software product.
How to avoid contamination
Open source contamination can be a very serious legal issue, one that can cost your business significant time and money. Here are some quick tips to preventing contamination during your software development cycle:
Set a companywide policy: The easiest way to avoid software contamination and violation of OSS license terms is to not use open source software. This may seem like an overly simplistic solution, but if you don’t use OSS, you’re obviously not going to violate the associated license. Many companies that develop software have a “zero tolerance” stance on using OSS in order avoid contamination issues. However if you do choose to use OSS, it’s best to identify which OSS licenses may leave your software product vulnerable and make it company policy to avoid those particular OSS licenses. Finally, if you plan to allow any and all OSS usage, make sure that all licenses are reviewed by a copyright or intellectual property expert beforehand and be certain to only include code that is compatible with your company’s business model. This will ensure that the license is fully understood and that there is no risk of contamination through ignorance.
Carefully review software you did not create: Oftentimes, software that is purchased or acquired via a merger or acquisition goes unchecked for contamination issues. “I didn’t know we were in violation, we didn’t create the software” is not a legitimate defense against a licensing violation. All third-party software your company did not create should be checked for contamination issues and Term of Use violations. The originating developers may not be as familiar with OSS, made a mistake or deliberately violated a license; you just cannot know for sure unless you check.
Dr. D’vorah Graeser is the founder and CEO of Graeser Associates International (GAI), an international healthcare intellectual property firm. Dr. Graeser has been a U.S. Patent Agent for more than 15 years and has extensive experience and expertise in the biomedical field. Her firm specializes in the preparation, filing and prosecution of medical device, biotechnology, pharmaceutical, bioinformatics and medical software patents. The firm also develops customized intellectual property strategies for companies with interest in selling their ideas and products internationally, primarily in the U.S. Europe, China, Brazil and India. For more information about Graeser and Associates International, please visit http://gai-ip.com/.