Open-Source Software: Open to Liability

Justinian Lane ·

Open-source software is a boon to computer programmers: by sharing the source code for freely released software, anyone (with the skill) can modify it for their own needs. A growing movement, open-source software is finding its way into a lot of companies' programming departments.

It's also finding its way into their lawyers' offices -- the licensing requirements of most open-source software are creating new concerns, and new work, for lawyers serving the tech industry.

Under the GNU General Public License that governs a large number of open-source products, open-source code can only be tightly integrated into other open-source products, and a condition of using the code is that the user also publish its modified version of the code. Not everyone knows to do that -- or interprets the license's requirements the same way.


Take Cisco Systems Inc. When the hardware giant bought competitor Linksys in 2003, it claims it didn't realize Linksys had been using products that incorporated open-source code. Cisco eventually incurred the wrath of the not-for-profit Free Software Foundation, which enforces the GPL. Eventually, according to reports published in Forbes magazine and elsewhere, legal wrangling ended with Cisco having to make the costly move of releasing the code. [note: Why was that "costly"?]

With the possibility of these kinds of surprises popping up in tech industry acquisitions, new legal services have arisen to reduce the risk. Most recently, a consulting outfit called Open Source Risk Management has partnered with Lloyds of London underwriter Kiln and broker Miller Insurance Services to offer insurance against open-source liability.

"Everybody is really recognizing these risks and becoming more and more interested in promoting themselves," said Stephen Gillespie, a partner at Fenwick & West. "There is somewhat of a jump on the bandwagon among lawyers." [note: emphasis added]

While some question the need for open-source insurance, there's definitely a lot of money at stake. Apart from related business costs, misusing open-source software can cost $150,000 per violation per copy of the software distributed, Gillespie said.

This is crazy. Bat-shit crazy. (The above is from The Recorder via Law.com)

Isn't one of the major goals of open source software to avoid stuff like this? Yet now greedy law firms like Fenwick & West and underwriters like Lloyds of London are trying to cash in? Chrikey!