Daniel Egger doesn't give much credence to the SCO Group's lawsuits against IBM and members of the Linux and open source communities. But he does admit to seeing a bigger picture
"I'm struck by how weak their claims [are]," Egger said. "But I'm also struck by how much disruption a weak suit against Linux could cause."
Egger, CEO and founder of Washington D.C.-based Open Source Risk Management, a vendor-neutral provider of open source protection and consulting services, saw an opportunity for his startup last summer as the SCO furor built and more Linux distributors and hardware vendors began offering their versions of indemnification.
OSRM today announced the details of its new Open Source Legal Defense Center, a set of legal defense services and connections to legal advice on intellectual property issues for enterprises that are potential SCO targets, as well as for developers contributing to the Linux kernel.
"Big companies that are willing to stand up to a suit from SCO don't need us," Egger said. "Where this is really important is for enterprises big enough to get sued, but too small to absorb the cost of paying $3 million to $5 million to beat back a suit. That's a major burden."
Egger, who has inked luminary Bruce Perens to OSRM's board of directors and was counseled by members of the Free Software Foundation and Groklaw editor Pamela Jones, added that some enterprises might want to consider his firm's services as a supplement to the limited indemnification protection offered by Hewlett-Packard Co., Red Hat Inc. and others.
HP, for example, included a caveat with its protection plan that says a customer must have purchased a Linux solution from HP, running on HP hardware. The customer also must not have modified the source code. Red Hat, meanwhile, instituted its Open Source Assurance Program in October. The program is an open source warranty, Red Hat said, that guarantees the integrity of the code in Red Hat Enterprise Linux. And if an IP issue arises with the code, Red Hat promises to replace it. Others, such as IBM and Dell Inc., have decided not to indemnify their customers.
"Enterprises should consider us for supplemental coverage," Egger said. "If HP's coverage is for only HP hardware and you're running other parts of your shop on a different platform, what are you to do then?"
Enterprises will have three offerings to choose from initially. The first is a basic coverage package similar to an insurance policy, where companies would pay a premium of 3% of the maximum amount of coverage they choose (i.e. $30,000 annually for $1 million of coverage). There is also a package for companies that have received demand letters from SCO. For $100,000, enterprises will have access to a central forum of confidential resources about issues common among potential defendants. Companies would also be given access to IP lawyers.
The third package is for developers contributing code and bug fixes to the Linux kernel. For a $250 annual membership, developers have access to OSRM's IP experts and can receive $25,000 in legal backing if named in lawsuits because of their contributions to Linux.
OSRM added that it has certified versions 2.4 and 2.6 of the Linux kernel as free of source code that could merit a copyright claim, and it offers its clients protection against litigation for those versions only.
"The greatest interest we've had is from companies bidding on jobs or providing Linux solutions for their customers and want to supplement their protection," Egger said. "They can give their customers deeper pockets to make their offer competitive. That is turning out to be a strong area of demand."
FEEDBACK: Would your enterprise buy Linux insurance to protect itself from legal action?
Send your feedback to the SearchEnterpriseLinux.com news team.