Protect your IP!
As the CEO, CTO, VPE, or other senior engineering lead on a project, are you aware that your choice of open source library might end up costing you, or your business, millions in copyright infringement damages or kill a potential acquisition?
Most engineers don’t have the time, or frankly, the interest, to understand the implications associated with the open source libraries they choose to integrate into their application. For that reason, it is incredibly important to ensure that the libraries that are in use don’t jeopardize a potential future acquisition or open the company to extensive IP litigation/copyright infringement lawsuits.
This is more than just speculation; in the US, it has been tested in the courts. The Federal Circuit Court has held that software developers may still sue for copyright infringement when they release their software into the “open source” software community. That GPL, or other open source software license might be a ticking time bomb.
That time bomb might be as innocuous as making a minor improvement to a library without contributing it back to the project. It might even be as easily overlooked as distributing a proprietary application with open source software embedded (such as an app on the iOS App Store).
There is a light at the end of the tunnel. Compliance with most open source software licenses is fairly straightforward, depending on the license. Broadly there are a handful of restrictions:
- Modifications and improvements to the software should be contributed back to the source project.
- Copyright notices should not be removed.
- Don’t distribute paid software with open source software embedded (unless you have the correct license)
To ensure long term compliance, it’s important that all open source software used in a project is identified, tracked and regularly audited.