How can my business use open source without risk of litigation?
Aren't businesses who bring open source apps making themselves vulnerable to potential legal claims against those apps by proprietary vendors? (Naturally, SCO is an example with Linux code; but the issue of software patent infringement seems broader than that.) How can my organization use open source software without risk?
The first question appears to assume that source code for open source applications is generally derived from a protected proprietary source and used thereafter without permission, which is hardly a safe assumption. Indeed, the parenthetical example illustrates the flaw in the assumption as there is no public evidence to date that the Linux kernel violates any statutorily protected rights. Moreover, because only open source applications are accompanied by the application source code, it is easier to determine whether an open source application infringes on proprietary code than it is to assess whether proprietary code infringes on protected rights.
Having said this, there are many relationships involving electronic and computer interconnectivity today and risk, including the risk of infringement, is attendant to all of them. The issue here is the extent to which parties have mitigated the risk through negotiation and proper documentation and shifted as much of the risk to third parties, such as insurance companies. In the open source context, this includes a complete understanding of the applications with which any open source application will interface and the scope of the General Public License or similar licensing agreement in that environment. So, while nothing is risk-free, some cogent planning, due diligence and negotiation should create a manageable risk environment.
This was first published in March 2004