Alert January 24, 2006

Open Source: Answers to 10 Common Questions

In recent years, there has been a tremendous buzz about open source software. Many constituencies believe that it is the ultimate destiny of the software industry, while others remain unconvinced that open source represents a viable business model. There is no doubt, however, that open source software is changing the software industry and is here to stay – in some form.

Here we answer some frequently asked questions about open source software and address some common misconceptions.

1. What is open source software?

The term “open source software” historically referred to software developed by volunteer programmers lacking any common affiliation other than an interest in developing a solution to a particular problem. The results of these “projects” were freely distributed in source code form1, with support provided via e-mail, bulletin boards and chat rooms. What started as a niche among software developers, however, has grown to the point where large corporations and government agencies regularly look to open source software for collaboratively developed solutions, and innovators in other technology areas, such as biotechnology and product design, are considering analogous collaborative approaches. What many people learned – and continue to learn – from open source is how people with an interest in solving a problem can work collaboratively to do so.

2. Is all open source software the same?

No. There are many different types of software that are open source. Likewise, there are different levels and types of commercial and community involvement, ranging from projects with a few hobbyists working nights and weekends to highly committed corporations that have entire businesses based on open source software. In addition, there are many different open source licenses.

3. Does use of open source software save time and money?

Open source software fosters software re-use, which can save time and money. However, it still needs to be specified, tested and deployed just like other software. Large open source projects can shave tens of thousands of dollars in up-front license fees from a company's IT budget, but training, compatibility, troubleshooting and license management costs can reduce that savings.

4. What are the different types of open source licenses?

At one extreme, some open source projects allow their code to be copied and distributed as part of other applications without any significant restrictions. At the other extreme, some licenses require that source code for derivative works be distributed, and that those derivative works be licensed under the same terms as the original open source code. In some circumstances, if a company includes and distributes such open source software in its proprietary software, the company might be required to distribute source code for at least some of its proprietary software under an open source license. And there are dozens of other license variations in between these two extremes. Just as when companies license commercial software, companies should understand the terms under which open source software is offered.

5. Do I even need to worry about complying with open source licenses?

Yes. Open source developers retain rights in their software and license the software under specific terms. Because software is covered by copyright law, unauthorized copying and/or distribution of code without a license from the copyright owner is prohibited. Use of software in a manner not consistent with its license terms runs the risk of being considered copyright infringement.

6. How do I get support for open source software?

Commercial software typically comes with support – either as part of the software license or as a separate support agreement. Likewise, some open source software vendors (generally the more established distributors such as RedHat and Apache) also offer support, and in fact many of these vendors rely on support revenues to maintain their business. For the smaller, lesser-known projects, third-party support providers may be available, but end users otherwise may need to rely on their own staff or the community of developers working on the project.

7. How does open source software affect my intellectual property?

Because software is protected by various intellectual property regimes (e.g., patents, copyrights and trade secrets), use of open source can affect a company’s IP rights in many ways. Companies that distribute proprietary software products should consider whether use of open source in their products would result in a potential loss of copyright or trade secret protection. Some open source licenses also may be interpreted as licenses to any of the company’s patents that cover the distributed code. Some licenses also include a “patent termination” clause that revokes any license to the open source software should a company assert patents against any current licensee of the open source software.

8. How does using open source software affect my litigation risks?

Some commercial offerings include indemnification protection, shielding the licensee from any IP claims made by third parties. Most open source software does not include such protection and instead relies on the members of the community supporting the project to police and defend themselves. This can be at least a theoretical risk if key portions of a company’s system are based on code that is taken “as is,” and may be a significant practical risk in some circumstances. The degree of risk will depend in part on the community involved, and the importance of the software to the company’s business.

9. How do companies make money giving their software away?

It seems contrary to conventional business practice, but many software companies are now providing their software (and in some cases the source code) free of charge. To compensate, these companies offer one or more alternative models for generating revenue. In a “services and support” model, a company sells services (e.g., implementation, customization, support and updates, etc.) for open source software it has developed or obtained from others. Some companies use a “dual license” model where different license terms – e.g., commercial and open source licenses – are available for the same software for different prices.

10. How can I safely implement open source into my development process?

As with any new technology or practice, companies can develop procedures that facilitate the identification, review, approval and ongoing compliance with the various license terms and internal guidelines. Typically, this involves scheduling management and developer time to review open source usage before it makes its way into a final product, maintaining a list of approved open source software and the associated licenses, and performing periodic or ongoing audits, possibly using new “code auditing” tools that are available.

___

Like most innovations, open source emerged as the result of a confluence of factors. Even while software solutions became larger and more complex, management’s tolerance for long, costly development efforts shrank. The Internet made it easier for developers to collaborate and share problems and solutions. Also, many of the “basic” functional processes of large-scale applications became “commodities” – much like windshield wipers and tires became commodities for the automobile industry in the early 20th century.

It is no surprise then that the use of open source software is increasing. Using it can save development time and reduce some IT expenditures, but along with these benefits come certain risks. Like any other business decision, however, companies that take the time to analyze and understand these risks, and make informed decisions, can benefit from using open source.