Dear Doctor, I am using open source to develop our new product but have heard that I need to worry about this, as this could contaminate the product and may mean that I don't own the IP. What can I do to protect myself?
Bethan Lloyd says...
As one of the key features of open source software (OSS) is the sharing with future users of the source code, there is a risk that by using OSS to develop your own code, the OSS licence terms will compel you to share the software code with all users the product is distributed to and therefore make the whole product “open” (even if you want it to be proprietary and closed).
This could subsequently result in the code being modified, adapted and re-licensed.
Similarly, many of the OSS licences are poorly drafted, and are likely to conflict with your customer licences – and each other, thus further infecting your software/app that you may be developing.
Potential investors will be wary if the IP in the product is not sufficiently protected, and so it is vital that procedures are implemented to protect your proprietary interest in the product.
There are several steps you can take to reduce the risk of OSS contaminating your software:
Use of OSS
Don’t over-rely on OSS if you intend your software to be proprietary.
Consider using an OSS management programme to track your use of OSS. The programme can also monitor the licences attached to the OSS you use.
Ensure your developers are fully informed about the risks associated with using OSS, and that they take steps to technically separate the OSS if/when it is used.
If you are going to rely heavily on OSS, consider appointing an expert familiar with the main licensing and compliance issues.
Implement a company-wide policy for the use of OSS (or any third party products). Ensure that the use of any OSS is pre-approved by your technology expert.
When drafting customer licences, make sure that these expressly carve out the OSS that has been used. Seek legal advice from a technology specialist if you are unsure how to draft your licence to make your software proprietary and not at risk to being “open”.
In summary, good internal practice, a clear system for tracking the use of OSS and support from external legal or technology advisers are essential to guarantee your product remains contamination-free and then you can get on with the harder job of flogging it to the market.
This article was co-written by Anthony Day, a Legal Director in the Tech and Sourcing team at DLA, London.