I am attending the OSDL Linux Enterprise Summit in Burlingame, just south of San Francisco. Interestingly a good proportion of the attendees are corporte lawyers. The focus right now is on getting the law right to avoid future difficulties. Following are some highlights from day one.
Open Source Licensing, Larry Rosen
- Used to be mainly about copyright, but is now needing to deal with patents as well.
- The differences of Composite versus Derivative works and the exact legal meaning of many others terms are being defined. Their is a lack of case law (a good thing!) which makes it a challenge.
- Larry has a book called Open Source Licensing. He is hoping Justice Scalea of the Supreme Court reads it when considering open source.
Reviewing Use of OSS in the Enterprise, Karen Copenhaven>
- Most organisations have a contingent liability due to breach of open source licenses.
- Session mainly on the need for and conduct of a Legal Review process
.e.g. Product contains OSS with breach who in turn distributes that to another customer, thus propogating the breach - Potentially a big threat to OSS use, because it may be easier to just say no to OSS. In reality most organisations are spinning up their lawyers instead.
- Commercial software companies are starting to offer indemnities. 5 years ago no one did. HP is an example of providing indemnities for Linux.
- A common approach is to get the lawyers to review a project and put it on an approved list. It is not sufficient to have a list of approved licenses. The pedigree of the source must be examined.
- Black Duck makes tools to automate open source review.
Andrew Morton
I ran into Andrew who I have met before. We talked about adoption of the 2.6 kernel. He is the maintainer of 2.6. He moved over to the US from Wollongong, Australia about 4 years ago and is doing some work for the OSDL for his employer Digio. His quote, which is the quote of the day – “Open source is inevitable”.
Novell
Plenty of Novell people were on hand today. The head of server marketing thinks that 20% worldwide desktop use is achievable in the next 5 years. Currently it is at 3.5% but just a few years ago it was barely measurable.