One of my colleagues recently raised the question of litigation threats in regards to open source. As open source gains prominence in corporate North America, it becomes a juicier target for patent infringment lawsuits. In a way, it’s quite flattering; the big tech companies are so awash in lawsuits to the point that getting sued can be viewed as a sign of virility.
However, as open source projects are typically not rich enough to hire a batallion of black-suited lawyers, the open code policy can become a liability for everyone involved, including the corporate users it is wooing.
Of course, it’s a two-way street. Because code is open, developers can police themselves to ensure no plagarized code ever gets checked in. But my colleague pointed out that searching for prior art is tricky even for a seasoned patent agent. For open source to gain acceptance in the corporate boardroom, the code has to be 110% secure from messy IP lawsuits.
In light of the agonizing SCO v. IBM case, many third-party Linux distributors have stepped up to tha plate to offer legal indemnification to its customers. Red Hat’s Open Source Assurance Program is a good example of this. (Hiring some new legal muscle doesn’t hurt, either.)
Linus himself has made it easier to track changes with their new Developer’s Certificate of Origin. This way, every contributor must “sign off” on his or her code changes. The development path becomes documented much better and as a result, infringment claims become easier to source.
Pamela Jones of Groklaw laments, “It’s a crying shame watching Linus having to learn the dark side’s wicked ways so as to route around them, but to his credit, he is learning and applying his brains and skills to the task.” However, I’ve argued that open source software’s major failing is not technical in nature; it’s the perception that they’re diamonds in the rough. Indeed, this is yet another step to garner the trust and legitimacy that Linux deserves.