An old issue of CIO magazine I was checking out recently contained some very concerning thoughts on the use of open-source software – things that should be carefully considered if you are using them in your organization and on your projects. Open-source sounds like a great option… free technology and all… but the potential consequences of using it can be disastrous.
Legal Issues with Open-Source Software
The premise is that by using open-source software within your company, you could be opening yourself up to severe legal issues – regardless of your intentions. Private companies have had acquisitions fail or have needed to be restructured at a significant loss of value during the due diligence process or they’ve had to cancel or postpone anticipated IPOs.
Apparently there are complex and restrictive licensing requirements in the open-source software niche that are somewhat ambiguous and definitely deserve the proper scrutiny. Many widely used open-source licenses include requirements to:
- Make source code generally available.
- Prohibit using the software for commercial purposes.
- Deny rights to transfer or assign it.
As an example, the GNU Operating System general public license requires as one of its provisions that a company’s products derived from its use must then be licensed to all third parties. What this means is that competitors can potentially examine, copy, and develop derivatives of what would otherwise be considered proprietary code developed by the company. Ouch. On the other side of the coin, there is usually no provision in the open-source license that guarantees that your company did not copy the protected works of others while utilizing it.
Open-Source Risk Management
So what does that mean for your company? What does that mean for your projects?
The wake-up call.
First, it should be a wake-up call. It’s very tempting to consider the use of open-source software as a cost savings measure. It may come with no upfront cost, but way lies ahead could end up being very costly and could bring a software project based on it to a complete halt … permanently. Definitely brings to mind the old adage, “there’s no such thing as free.”
An ongoing risk to the project.
Next, it must be considered throughout the project as an identified risk. Pursue it as you would any other risk. Identify it, monitor it, and definitely assign it to your legal team. Your legal team needs to run point on determining if the open-source solution will work for your project and your needs and not present you with legal issues later on.
Always have a backup solution.
Finally, third, consider non-open-source solutions as back-up options should #2 present a major problem. The last thing you want is a long delay as you completely rework the issue, requirements, and the solution from ground zero again.
Summary / Call for Input
Open-source software can be great – I’m a big fan. I use Open Office every day for something. In fact I ditched Microsoft Office 365 to go back to using Open Office after being a customer for, like, 50 years. Ok … I’m exaggerating a bit there. But open-source legal concerns definitely can have major consequences for a business, or project.
Readers – Do you use open-source software on any of your projects and have you experienced any issues?