Mozilla Firefox, Android OS, Python. Open source software is everywhere. Often the product of widespread collaboration by volunteers, early versions of open source software were developed by universities like MIT and nonprofits. Open source software benefits businesses by lowering development costs, opening access to third-party improvements, and popularizing programs which have been vetted by thousands of computer programmers worldwide. Read on for a discussion of how open-source software implicates copyright law and its consequences for business owners.
What is open source software?
Open source software (OSS) is software with source code that anyone can inspect, modify, and enhance. Like all software, the source code of OSS is protected by copyright law. The rights to reproduce, adapt, publish, perform, and display the code exist under United States law without the necessity of registration although registration with the Copyright Office is a prerequisite for filing a lawsuit and obtaining legal relief.
Instead of requiring a traditional payment for a software license, OSS copyright owners choose to share the code publicly under the terms of an open source software license. These licenses vary widely, but generally include the right to copy, modify, and redistribute the code for little or no cost.
Types of open source software licenses
The two main types of open source licenses are known as permissive and copyleft.
Permissive licenses are generally quite unrestrictive and allow users to change and distribute modified OSS with only a few limits. For example, the Apache License 2.0 OSS permissive license grants a “perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license” to prepare derivative works based on the OSS. One major requirement of the Apache License 2.0 is that uses must include the copyright notice and license text requirements. Businesses are free to incorporate OSS under permissive licenses into proprietary software without infringing the terms of the permissive license.
Copyleft licenses, on the other hand, require that any modified OSS must be released under the same license as the original OSS. Users cannot alter the nature of the license when they redistribute modified software that was based on OSS under a copyleft license. The GNU General Public License v3.0 is one of the most common copyleft licenses, giving permission for commercial use, distribution, modification, and patent use as well as private use. Check the specific terms of open-source software license of each computer program before you incorporate OSS into your business software.
Points of Caution/ Recommendations
Conduct due diligence when licensing open source software. Check the fine print of the OSS licenses. Failing to fulfil the terms of an OSS license, such as failing to include the required text in the redistributed code, could invite risk of litigation.
Open source software can carry unpatched vulnerabilities. Be prepared for possibly delayed bug fixes and code improvements for the OSS due to its decentralized software developer base. Companies like Synopsys offer resources on software supply chain security.
Consult with your software developers to determine if there is OSS included in your programs. Beware of overpaying for software that is merely OSS with no meaningful improvements.
Avoid allowing your trade secrets and business information to enter the public domain due to improper OSS integration into your business’s software, especially when licensing OSS under a copyleft license such as the GNU General Public License.
Seek legal counsel to review contracts if you are planning to acquire OSS or if you would like to draft an OSS policy for your small business. If you have questions about or would like to discuss these issues, please feel free to contact us.
Nancy J. Mertzel
Mertzel Law PLLC
1204 Broadway, 4th Floor
New York, NY, 10001
(646) 965-6900