OPENSOURCE SOFTWARE LICENSING: LEGAL IMPLICATIONS AND CONSIDERATIONS

This article is written by Aarathi Namboodiri of 10^th semester of SASTRA Deemed University, Thanjavur, an intern under Legal Vidhiya

ABSTRACT

The evolution of software technology has brought about significant changes in the functions it supports, catering to the diverse needs of users, both individuals, and organizations. Open source software (OSS) has emerged as a pivotal aspect of this transformation, allowing users to access, modify, and distribute software freely under specific licenses. Despite the apparent simplicity of open source principles, the legal landscape surrounding OSS licensing is complex. This paper explores the legal implications and considerations associated with OSS licensing, focusing on key legal principles in different jurisdictions. It discusses landmark cases, such as Jacobsen v. Katzer, which established the enforceability of OSS licenses under copyright law. Furthermore, the paper analyzes compliance with OSS license terms and the importance of license compatibility to avoid conflicts between different licenses. It discusses recent legal developments and important cases, such as Versata Software Inc. v. Ameriprise Financial Inc., Oracle v. Google, and CoKinetic Systems Corporation v. Panasonic Avionics Corporation, highlighting the implications for software companies and users. The paper also addresses recent developments in OSS collaboration, license selection policies, and tools for license compliance. It emphasizes the need for organizations to develop robust license compliance strategies to mitigate legal risks and ensure the sustainable development and distribution of opensource software.

Keywords

Open source software, OSS license, Copyright law, Patent law, European Union, Switzerland Law, The Open Source Initiative, Copyleft, Non-Copyleft (or Permissive), GPL, Apache License, MIT License, Significant developments, Open Daylight

INTRODUCTION

Over the years, the landscape of software technology has undergone significant transformations, leading to a fundamental shift in the functions supported by software. This evolution has been fueled by the development of various software applications that cater to the diverse needs of users, ranging from individuals to large corporations. Among these developments, open source software (OSS) has emerged as a prominent force, offering users access to source code under licenses that permit them to utilize, modify, and distribute the software freely. E.g. Borrowing source codes and writing your own program and then integrating it.

The Open Source Initiative (OSI) has established a widely recognized definition of open source software, which serves as the standard reference point for governments worldwide. This definition, based on the Debian Free Software Guidelines, underscores the principles of transparency, collaboration, and innovation that underpin the open source movement.[1] As evidenced by the 2023 Open Source Security and Risk Analysis (OSSRA) conducted by Synopsis, the prevalence of OSS components in software projects has reached unprecedented levels, with approximately 96% of examined code bases incorporating OSS elements.[2]
However, despite the apparent simplicity of open source principles, the legal landscape surrounding OSS licensing is intricate and multifaceted. OSS licenses operate as unilateral contracts, wherein users accept the terms by engaging with the software. These licenses are broadly classified into two categories: Copyleft and Non-Copyleft (or Permissive). While proprietary software typically employs copyright to restrict users’ freedoms, Copyleft licenses, such as the GNU General Public License (GPL), aim to uphold user freedoms by mandating that derivative works remain open source.

DIFFERENCE BETWEEN COPYLEFT AND COPYRIGHT LICENSING

There are several types of open-source software (OSS) licenses, each with its own set of conditions and requirements. One of the most well-known examples of OSS is the Linux operating system, which is released under the GNU Public License (GPL)[3]. OSS licenses often come with various conditions, including requirements for users to issue licenses on the same terms to others who use software that incorporates the OSS. Additionally, these licenses may impose limitations on the enforcement of any patent rights held by licensees and dictate whether software containing the OSS must be distributed via the platform that originated the OSS.

1. GNU General Public License (GPL):

• Owned by the Free Software Foundation, the GPL is available in two variants: the General Public User License (GPL) and the Lesser General Public User License (LGPL).
• These licenses are considered copyleft licenses, which means they ensure that any modifications made to the source code are subject to the same license terms as the original software.
• The GPL is a strong copyleft license, requiring that any derived software be made freely available under the same terms. In contrast, the LGPL is a weak copyleft license, allowing modifications to binary files without extending the same license terms to the derived product.
• It’s important to note that merely using OSS with a GPL or LGPL license does not automatically imply acceptance of its terms; acceptance occurs only when the source code is modified.

2. Apache License:

• The Apache License includes a patent license grant without the reciprocity found in the GPL.
• This means users can utilize their proprietary code, modify the source code, and retain ownership of the resulting derived product as their intellectual property.
• Users can distribute the derived software under their own licensing terms, which is not permitted under the GPL.
• Additionally, the Apache Contributor License Agreement (CLA) terms exempt users from sharing the modified software, making it commercially friendly.

3. MIT License:

• The MIT license shares similarities with the Apache License but remains silent on the Contributor License Agreement (CLA) requirement for sharing modified software.
• Like the Apache License, the MIT License allows users to use, modify, and distribute the software freely, with fewer restrictions compared to copyleft licenses like the GPL.

Each of these OSS licenses offers different levels of flexibility and requirements, catering to the diverse needs and preferences of developers and users in the open-source community

Table 1 – Showing different types of open source software[4]

KEY LEGAL PRINCIPLES

United States Law

In the United States, open-source software (OSS) licenses are primarily enforced through copyright law. One landmark case that solidified this enforcement mechanism is Jacobsen v. Katzer[5]. In this case, Jacobsen alleged that Katzer/Kamind had infringed the terms of the Artistic License, an open-source license, by incorporating portions of Jacobsen’s code into their software without following the license terms.

Initially, the district court ruled that the Artistic License was an unlimited non-exclusive license and that its terms created mere covenants, not copyright conditions. Consequently, the defendants were not held liable for copyright infringement, but rather for breach of contract, which does not presume irreparable harm.

However, the Federal Circuit reversed this decision upon appeal. It ruled that the terms of the Artistic License indeed created copyright conditions, not mere covenants. The court reasoned that although open-source licensing typically involves no monetary exchange, copyright holders still derive economic benefits from these licenses, such as enhanced reputation and market share. Therefore, requiring users to comply with the license terms, including disclosure and explanation of changes, serves the copyright holder’s economic interest.
The Federal Circuit’s decision reinforced the enforceability of open-source licenses in the United States and established that compliance with such licenses is legally binding, even if no monetary consideration is involved. This ruling was crucial for the open-source community, as it clarified the legal status and enforceability of OSS licenses under US copyright law.

European Union Law

The EU Public License (EUPL), which offers a uniform framework for open-source licensing inside the EU, and copyright laws both apply to OSS licenses in the EU.

Switzerland Law

In Switzerland, software is protected under the Copyright Act (CopA). This protection is automatically granted upon the creation of the software, without the need for registration, publication, or any other formalities. Consequently, there is no central registry for copyright ownership in Switzerland.

Under the CopA, developers, or authors, are granted several exclusive rights over their software. These rights include the ability to control the reproduction, modification, and public availability of the software. However, it’s essential to note that copyright protection extends only to the source code of the software and not to the underlying idea or functionality.
As a result, while direct copying of source code constitutes copyright infringement, replicating the idea or function of the software without copying the source code may not infringe copyright. To protect the idea or function of software, developers can seek patent protection. Contrary to common belief, obtaining patent protection for software in Europe is feasible with relatively few restrictions, providing an additional layer of intellectual property protection beyond copyright.

Indian Law

Software and other intellectual property are protected in India by the Copyright Act, 1957. Although open source licenses are not specifically mentioned, OSS is covered by copyright laws. In the above circumstances, the Indian Patent Act is equally relevant. However, the legal environment in India is still developing for open source software, with little case law addressing OSS licensing issues in particular. Nonetheless, contract law and copyright laws are applicable, and OSS license observance is typically required.

Global Landscape of Distributing Open-Source Software

The legal landscape surrounding open-source software (OSS) distribution is multifaceted and encompasses various legal frameworks, including copyright law, patent law, trade regulations, and data protection laws.

Copyright law serves as one of the primary legal frameworks governing OSS distribution. OSS licenses typically rely on copyright to grant users specific freedoms and obligations. International copyright treaties, such as the Berne Convention and the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS), provide a foundation for copyright protection globally. Complying with these treaties is crucial for ensuring the legal validity of OSS distribution worldwide.

Patent law also intersects with OSS distribution, particularly in jurisdictions with robust patent systems like the United States and Europe. While OSS licenses often grant users the right to use patented technology included in the software, patent infringement claims can still arise. Navigating patent issues requires careful consideration of jurisdiction-specific laws and potential conflicts between patent and copyright protections.

Trade regulations add another layer of complexity to international OSS distribution, especially concerning encryption technology and export controls. Export regulations, such as those imposed by the United States, restrict the export of certain software, including OSS containing encryption technology, to specific countries or entities. Developers must adhere to these regulations to avoid legal consequences and ensure compliance with export controls.
Moreover, data protection and privacy laws play a crucial role in international OSS distribution, particularly concerning software that handles personal data. The European Union’s General Data Protection Regulation (GDPR) imposes strict requirements on the processing and transfer of personal data, affecting OSS projects distributed globally. Developers must implement privacy-enhancing measures and comply with relevant data protection laws to protect user privacy and mitigate legal risks.

LEGAL CONSEQUENCES AND POINTS TO TAKE

Respect for the License Terms

Assuring adherence to the conditions of the applicable license is among the most important factors for consumers of open source software. There may be legal repercussions for breaking these terms, including damages, injunctions, and the loss of the ability to use the product. Examples of case law, like Jacobsen v. Katzer[6], emphasize how crucial it is to strictly follow the provisions of the OSS license.

Compliance with Licenses

The compatibility of different open-source licenses is a critical consideration in OSS distribution, as conflicting licenses can pose challenges when combining or distributing software incorporating code governed by incompatible licenses. This issue underscores the importance of understanding “license compatibility,” which is a complex and evolving area of OSS licensing law.

A significant case demonstrating the complexities of license compatibility is Artifex Software, Inc. v. Hancom, Inc.[7] In this case, Artifex Software, the developer and licensor of Ghostscript, a PDF interpreter, sued Hancom, a South Korean company, for incorporating Ghostscript into its word processing software without complying with the terms of the GNU General Public License (GPL) under which Ghostscript was licensed.

The court found that breach of the GPL license constituted a breach of contract, establishing a significant legal precedent. The court ruled that Hancom had assented to the GPL license terms by using Ghostscript without obtaining a commercial license, thus creating a contractual obligation to comply with the GPL terms. Moreover, the court addressed whether an open-source licensor could obtain an order requiring the licensee to distribute the source code to a derivative work it created. While the court did not make a definitive ruling on this issue, it acknowledged the importance of sharing source code for derivative works under the GPL, leaving the door open for GPL licensors to argue for such relief in the future. Additionally, the court addressed the issue of whether copyright claims preempted breach of contract claims. It found that the GPL contained specific obligations regarding a licensee’s making a derivative work open source and subject to the GPL, constituting an “extra element” beyond copyright, thus supporting the breach of contract claim. Furthermore, the court ruled that damages for breach of the GPL could be measured by the license fees Hancom would have paid Artifex for a commercial license, even though no fees are charged under the GPL. This ruling provided licensors with a quantitative tool for enforcement against users who attempt to avoid commercial license fees by exploiting open-source licenses without complying with associated obligations.
While the case was settled out of court, it provided valuable guidance in open-source law, particularly regarding license compatibility and the enforceability of open-source licenses through breach of contract claims.

Patent Challenges

If open source software contains patented technology, patent problems may also emerge with regard to licensing. Even if many open-source software licenses (OSS) come with guarantees or patent grants, users should be mindful of the possibility of patent infringement and adopt the necessary safety measures to reduce it.

WHEN DO LICENSES FOR OPEN-SOURCE SOFTWARE BECOME LAWFUL?

Open source licenses typically come into legal effect when the software is distributed. If users do not distribute the open source software, the terms of the license are not applicable to them. This means that internal use of the software without distribution is generally unproblematic.
Distribution of open source software can take various forms, including making the software publicly available on a website, uploading it to a repository like GitHub, sharing it via peer-to-peer networks, or installing it on a server accessible to others. Once distribution occurs, the user must comply with the relevant terms of the open source license.
It’s important to note that the definition of distribution may vary depending on the specific terms of the open source license. When software is distributed, the open source license agreement is established between the original author of the software (licensor) and the user who distributes it. Recipients who receive the distributed software do not enter into a sublicense agreement with the distributing user but instead enter into a license agreement with the original licensor. This distinction is crucial in understanding the legal relationships established by open source licenses.

CASE LAWS

Versata Software Inc. V. Ameriprise Financial Inc & Ors.[8]

The case between Versata and Ameriprise, along with the involvement of XimpleWare, highlights the complexities surrounding software licenses, particularly the GNU General Public License version 2 (GPLv2), and how they intersect with copyright and contract law.
Ameriprise allegedly breached the Master License Agreement (MLA) with Versata by allowing non-permitted contractors access to the DCM software, prompting Versata to terminate the agreement. Additionally, Ameriprise counterclaimed that Versata violated the GPL by incorporating XimpleWare’s VTD-XML software into the DCM software without making the source code freely available, as required by the GPL.

XimpleWare filed a lawsuit against both Versata and Ameriprise for copyright infringement and breach of contract, claiming that Versata used its source code without proper authorization and that Ameriprise distributed the software without fulfilling the GPL’s requirements.
The case was settled out of court in February 2015, resolving both the patent and copyright infringement claims. However, the federal court ruled that Ameriprise’s counterclaim regarding Versata’s alleged GPL violations was not preempted by copyright law, indicating that the GPL imposes additional obligations beyond copyright law.

This ruling raises questions about the extent to which software companies can restrict their contractors from subcontracting or redistributing software licensed under the GPLv2. Additionally, the court’s statement regarding patent rights suggests that even if a licensee breaches the GPL, it may not automatically terminate the rights of other compliant licensees.
Mark Radcliffe emphasizes the importance of complying with open source licenses, warning that enterprises that fail to adhere to the terms of these licenses may face legal consequences. This case underscores the need for careful attention to licensing obligations in the use and distribution of open source software to avoid potential litigation.

Oracle v. Google[9]

The Oracle v. Google case and the CoKinetic Systems Corporation v. Panasonic Avionics Corporation case are both significant in the realm of open-source software and copyright law.
In the Oracle v. Google case, Google’s implementation of Java APIs in the Android operating system without a formal agreement with Sun, the original developer of Java, led to a legal dispute after Oracle acquired Sun. Oracle sued Google for copyright infringement, claiming that Google copied API names and other elements. The district court initially ruled that APIs were not protected by copyright, but this decision was overturned by the Federal Court. The Supreme Court upheld the Federal Court’s decision in 2015. Subsequently, the Federal Court addressed Google’s fair use defense and held Google responsible for copyright infringement. This case underscores the complexity of copyright law as it applies to software APIs and the importance of understanding fair use principles in software development.

a lawsuit against Panasonic Avionics in the New York Federal Court, alleging that Panasonic violated GPLv2 open-source licensing requirements. CoKinetic claimed that Panasonic’s refusal to distribute the source code prevented competitors from building software for in-flight entertainment services, thereby infringing the copyrights of software developers who contributed to Linux. The dispute was settled out of court, highlighting the potential legal consequences of violating open-source licensing agreements and the importance of complying with such agreements to avoid litigation.

Both cases serve as reminders of the legal complexities surrounding open-source software licensing and copyright infringement. It’s crucial for companies to understand and adhere to open-source licensing requirements to mitigate the risk of litigation and ensure compliance with copyright laws.

SIGNIFICANT LATEST DEVELOPMENTS

The recent developments in the realm of open-source software (OSS) and licensing highlight the importance of license compliance, collaboration, and strategic considerations for companies and developers.

One significant aspect is the Android patent litigation, which underscores the need for companies to navigate patent issues when developing and distributing software, particularly in the mobile operating system space. Additionally, license compliance and adherence to standard procedures are crucial for companies and software programmers to avoid legal disputes and ensure the integrity of OSS projects.

A key advantage of OSS is its flexibility, allowing companies to modify and create derivative versions of software through a process called “forking.” However, companies must also consider the risks associated with forks and ensure compliance with licensing terms.
FOSS licenses, including the widely used GPLv2, rely on copyright law to enforce their terms and conditions. While litigation involving FOSS licenses is relatively rare, companies should prioritize compliance to avoid potential disputes. Many commercial entities recognize the importance of supporting FOSS projects as part of their strategic initiatives.
Government adoption of open source software varies, with uneven implementation across different jurisdictions. Initiatives like GitHub’s license selection policy and platforms such as choosealicense.com aim to assist developers in choosing appropriate licenses for their projects.
Collaboration in the open-source community has seen growth, with alliances like the AllSeen Alliance and projects like OpenDaylight advancing software-defined networking and communication standards.

Legal victories, such as Google’s success in the fair use case involving Java APIs, and developments like the censure of Patrick McHardy and dismissal of the Hellwig lawsuit, shape the landscape of open-source litigation.

Various software tools are available for license compliance, including scanning tools, component identification tools, and knowledge bases. These tools help organizations track open-source component usage and generate reports to ensure compliance.
Ultimately, adherence to license compliance is essential to avoid lawsuits and maintain positive public relations. Companies should develop comprehensive license compliance strategies to navigate the complexities of OSS licensing effectively.

CONCLUSION

Open source software licensing presents various legal implications and considerations for developers, users, and businesses. Understanding the terms and conditions of OSS licenses, as well as the relevant legal frameworks, is essential for compliance and risk management. By understanding the legal framework governing OSS licenses and staying abreast of relevant case law and developments, stakeholders can effectively navigate the complexities of open source licensing and maximize the benefits of collaborative software development.

REFERENCES

1. Wikipedia, https://en.wikipedia.org/wiki/Open-source_software#cite_note-7 (Last visited on 06 March 2024)
2. https://www.synopsys.com/content/dam/synopsys/sig-assets/reports/rep-ossra-2023.pdf
3. Dr Qi Zhang, Use of open-source software can affect your IP and rights, Baxter ip, May 20 2022
4. Ipleaders, https://blog.ipleaders.in/open-source-licenses-recognized-indian-copyright-law-explore-best-open-source-license-business/ (Last visited on March 04 2024)
5. Jacobsen v. Katzer Federal Circuit, August 13, 2008, No. 2008-1001
6. Supra 5
7. Artifex Software, Inc. v. Hancom, Inc., Case No.16-cv-06982-JSC, 09-12-2017
8. Texas case: Versata Software, Inc. et al. v. Ameriprise Financial, Inc. et al., Case No. D-1-GN-12-003588; 53rd Judicial District Court of Travis County, Texas (May 3, 2013).
9. Oracle America, Inc. v. Google, Inc., No. 17-1118 (Fed. Cir. 2018)

---

[1] Wikipedia, https://en.wikipedia.org/wiki/Open-source_software#cite_note-7 (Last visited on 06 March 2024)

[2] https://www.synopsys.com/content/dam/synopsys/sig-assets/reports/rep-ossra-2023.pdf

[3] Dr Qi Zhang, Use of open-source software can affect your IP and rights, Baxter ip, May 20 2022

[4] Ipleaders, https://blog.ipleaders.in/open-source-licenses-recognized-indian-copyright-law-explore-best-open-source-license-business/ (Last visited on March 04 2024)

[5] Jacobsen v. Katzer Federal Circuit, August 13, 2008, No. 2008-1001

[6] Supra 5

[7] Artifex Software, Inc. v. Hancom, Inc., Case No.16-cv-06982-JSC, 09-12-2017

[8] Texas case: Versata Software, Inc. et al. v. Ameriprise Financial, Inc. et al., Case No. D-1-GN-12-003588; 53rd Judicial District Court of Travis County, Texas (May 3, 2013).

[9] Oracle America, Inc. v. Google, Inc., No. 17-1118 (Fed. Cir. 2018)

Disclaimer: The materials provided herein are intended solely for informational purposes. Accessing or using the site or the materials does not establish an attorney-client relationship. The information presented on this site is not to be construed as legal or professional advice, and it should not be relied upon for such purposes or used as a substitute for advice from a licensed attorney in your state. Additionally, the viewpoint presented by the author is of a personal nature.