SlideShare ist ein Scribd-Unternehmen logo
1 von 44
Downloaden Sie, um offline zu lesen
© 2016, iText Group NV© 2016, iText Group NV
OPEN SOURCE INDIA
Open source: an introduction to IP and Legal
Bruno Lowagie, CTO iText Group NV
© 2016, iText Group NV
Introduction: who and what?
Open Source: an introduction to IP and Legal2
Bruno Lowagie
Original developer of iText
ex-CEO, current CTO at iText Group
© 2016, iText Group NV
Disclaimer: IANAL
• In this talk, I merely share my experience with legal issues.
• “The law” can be different in different countries, and
• Software is usually international and local laws may apply
I’m an open source developer, not a lawyer
Open Source: an introduction to IP and Legal3
© 2016, iText Group NV
Open Source: an introduction to IP and Legal4
Agenda
Intellectual property (IP) of a project
Open source licenses
Case story: IP review of the iText source code
© 2016, iText Group NV
A quick show of hands
Who knows
Stack Overflow?
Open Source: an introduction to IP and Legal5
© 2016, iText Group NV
A quick show of hands
Who knows
Stack Overflow?
Who uses code
snippets from
Stack Overflow?
Open Source: an introduction to IP and Legal6
© 2016, iText Group NV
A quick show of hands
Who knows
Stack Overflow?
Who uses code
snippets from
Stack Overflow?
Who knows
which license
Stack Overflow
uses?
Open Source: an introduction to IP and Legal7
© 2016, iText Group NV
CC-BY-SA version 3.0
Open Source: an introduction to IP and Legal8
© 2016, iText Group NV
Attribution
Summarized:
Explain origin
Add link to question
Add author name
Add link to author profile
Open Source: an introduction to IP and Legal9
http://stackexchange.com/legal:
In the event that You post or otherwise use Subscriber Content outside of the
Network or Services, with the exception of content entirely created by You, You
agree that You will follow the attribution rules of the Creative Commons Attribution
Share Alike license as follows:
a) You will ensure that any such use of Subscriber Content visually displays or
otherwise indicates the source of the Subscriber Content as coming from the Stack
Exchange Network. This requirement is satisfied with a discreet text blurb, or some
other unobtrusive but clear visual indication.
b) You will ensure that any such Internet use of Subscriber Content includes a
hyperlink directly to the original question on the source site on the Network (e.g.,
http://stackoverflow.com/questions/12345)
c) You will ensure that any such use of Subscriber Content visually display or
otherwise clearly indicate the author names for every question and answer so used.
d) You will ensure that any such Internet use of Subscriber Content Hyperlink
each author name directly back to his or her user profile page on the source site on
the Network (e.g., http://stackoverflow.com/users/12345/username), directly to
the Stack Exchange domain, in standard HTML (i.e. not through a Tinyurl or other
such indirect hyperlink, form of obfuscation or redirection), without any “nofollow”
command or any other such means of avoiding detection by search engines, and
visible even with JavaScript disabled.
© 2016, iText Group NV
Share Alike
Copyright law
• allows an author to
prohibit others from
reproducing, adapting, or
distributing copies of the
author's work.
Copyleft
• gives every person who
receives a copy of a work
permission to reproduce,
adapt or distribute the
work as long as any
resulting copies or
adaptations are also
bound by the same
copyleft licensing scheme.
Open Source: an introduction to IP and Legal
©
©
10
© 2016, iText Group NV
Do you have to worry?
Open Source: an introduction to IP and Legal11
Sam Saffron: http://meta.stackexchange.com/users/17174/waffles
Jason Baker: http://meta.stackexchange.com/users/2147/jason-baker
Stack Exchange has been trying to
fix these issues for years now,
but the problem persists.
© 2016, iText Group NV© 2016, iText Group NV
Intellectual property
You’re an open source developer, but:
 Who owns the code you write?
 Who owns the code you use?
© 2016, iText Group NV
A typical project
Open Source: an introduction to IP and Legal13
White zone
Gray zone
Black zone
© 2016, iText Group NV
The White Zone
Open Source: an introduction to IP and Legal14
White zone
Gray zone
Black zone
© 2016, iText Group NV
The White Zone
You have written the code yourself, but
What about your employer? Does your employer own (part of) the code?
Do you have a formal agreement with your employer with respect to
F/OSS?
Where did you get your inspiration? IBM developers are forbidden to look
at any code that is not formally approved by IBM’s legal team. Good
practice or burden?
Open Source: an introduction to IP and Legal15
© 2016, iText Group NV
Employees and IP
Open Source: an introduction to IP and Legal16
Dilbert:
Copyright by Scott Adams
Fair Use
© 2016, iText Group NV
The Gray Zone
Open Source: an introduction to IP and Legal17
White zone
Gray zone
Black zone
© 2016, iText Group NV
The Gray Zone
The code was contributed, but
did the contributor agree with the license?
did the contributor’s employer agree?
where did the contributor get his inspiration?
The code is taken from another project, but
are the licenses compatible?
do you respect the other project’s license?
where did the other project get its code from?
Open Source: an introduction to IP and Legal18
© 2016, iText Group NV
The Gray Zone
Contributor License Agreements
The Apache Foundation demands contributors and their employers to
sign a CLA
SUN used to demand contributors to sign an SCA from the moment
contributions contained more than 20 lines of code
“Fair Use”: does not apply to source code in the USA!
Check License Compatibility
Keep a detailed inventory of all F/OSS projects (subset / derivative work)
Open Source: an introduction to IP and Legal19
© 2016, iText Group NV
License compatibility
Open Source: an introduction to IP and Legal20
Your product: ASLv2
GPLv2
Your product: LGPLv3
ASLv2
© 2016, iText Group NV
The Black Zone
Open Source: an introduction to IP and Legal21
White zone
Gray zone
Black zone
© 2016, iText Group NV
The Black Zone
Unfortunately, you might not have been allowed to use
some specific code that is now part of your project.
Possible solutions:
 Either you ask (and get!) permission, or
 You rewrite the code, or
 You remove the code.
Open Source: an introduction to IP and Legal22
© 2016, iText Group NV© 2016, iText Group NV
Open source licenses
 Copyright versus Copyleft
 How open source licenses work
 Open source business models
© 2016, iText Group NV
Open Source License overview
Open Source: an introduction to IP and Legal24
© 2016, iText Group NV
GPL-style software licenses
It’s all about distribution
Open Source: an introduction to IP and Legal25
License: MPL / LGPL GPL AGPL
Car distribution
(e.g. OEM)
Commercial use? OK for gratis commercial use Commercial license needed Commercial license needed
Bus service
(e.g. SaaS)
Commercial use? OK for gratis commercial use OK for gratis commercial use Commercial license needed
Free/Proprietary Before iText 5:
Improvement engine: LGPL
Car or bus: can be proprietary
Car: must be GPL
Bus: can be proprietary
Since iText 5:
Car or bus: must be AGPL
Or: buy commercial license
© 2016, iText Group NV
Open Core licensing: e.g. iText 7
Open Source: an introduction to IP and Legal26
Open source
Closed source
© 2016, iText Group NV
Business Source License: e.g. MariaDB
Open Source: an introduction to IP and Legal27
All source code is open,
but not “open source”:
it’s “business source”.
MaxScale is only needed
in case of heavy use of
MariaDB.
This prevents perceived
abuse by GAFA & co.
© 2016, iText Group NV© 2016, iText Group NV
Case study
Who owns iText?
 Mapping the white zone
 Clarifying the gray zone
 Refactoring or removing the black zone
© 2016, iText Group NV
Who was asking this question?
July 2006: Eclipse Simultaneous Release
‘Callisto’; tested and approved by IBM
Eclipse/BIRT (Actuate) is part of this release
Project led by Actuate
iText is used in Eclipse/BIRT
License MPL/LGPL: not acceptable for IBM
Research agreement between Actuate and Ghent University with as
deliverable: IP Review
Open Source: an introduction to IP and Legal29
© 2016, iText Group NV
Turning Gray and Black into White
Open Source: an introduction to IP and Legal30
White zone
Gray zone
Black zone
© 2016, iText Group NV
In practice
Source code was vetted by lawyers
Source code was screened using software
Weekly reports listing potential issues
Open Source: an introduction to IP and Legal31
© 2016, iText Group NV
Issue 1: Quick&Dirty XML parser
State machine to parse XML
Source code taken from:
http://www.javaworld.com/javaworld/
javatips/jw-javatip128.html
Open Source: an introduction to IP and Legal32
© 2016, iText Group NV
Read the fine-print!
Open Source: an introduction to IP and Legal33
All contents of JavaWorld, including text,
programs, applets, source code, and images are
copyrighted and owned by IDG or the copyright
holder specified, all rights reserved. No material
may be reproduced electronically or in print
without written permission.
© 2016, iText Group NV
Solution 1
Write JavaWorld and author, get permission!
There were many other places where license information was incomplete
or missing.
It must become your second nature to ask for permission and to
document! document! document!
Open Source: an introduction to IP and Legal34
© 2016, iText Group NV
Issue 2: RC4 encryption algorithm
Names and variables referring to RC4
RC4 was initially a trade secret, but in September 1994 a description of it was
anonymously posted to the Cypherpunks mailing list.
It was soon posted on the sci.crypt newsgroup, and from there to many sites on
the Internet. Because the algorithm is known, it is no longer a trade secret.
The name "RC4" is trademarked, however. The current status seems to be that
"unofficial" implementations are legal, but cannot use the RC4 name.
Open Source: an introduction to IP and Legal35
© 2016, iText Group NV
Solution 2
RC4 is often referred to as "ARCFOUR" or "ARC4" (meaning Alleged RC4,
because RSA has never officially released the algorithm), to avoid possible
trademark problems.
Change all class and variable names:
 Don’t use: RC4_ENCRYPTION
 Use: ARCFOUR_ENCRYPTION
Open Source: an introduction to IP and Legal36
© 2016, iText Group NV
Issue 3: Class IntHashtable
Code taken from ACME.com:
// This is 90% based on JavaSoft's java.util.Hashtable.
// Visit the ACME Labs Java page for up-to-date versions
// of this and other fine Java utilities:
// http://www.acme.com/java/
JavaSoft is a name used by Sun in the past in their Java activities.
ACME indicates use of the class java.util.Hashtable which is subject to unfriendly Sun license
It is unlikely that this code is available under a license that permits this use. Without information
indicating that Sun approved of this usage the class should not be used.
Open Source: an introduction to IP and Legal37
© 2016, iText Group NV
Solution 3
Use the same class released by Apache under the ASL in Apache-
Commons instead of the ACME class.
Open Source: an introduction to IP and Legal38
© 2016, iText Group NV
Issue 4: EPS functionality
Taken from an example released by SUN under a Sample License
The Sample License allowed the use of the code, but…
The source code contained this text:
/*
* Copyright 1998 by Sun Microsystems, Inc.,
* 901 San Antonio Road, Palo Alto, California,
* 94303, U.S.A. All rights reserved.
*
* This software is the confidential and proprietary
* information of Sun Microsystems, Inc.
* ("Confidential Information"). You shall not
* disclose such Confidential Information and shall
* use it only in accordance with the terms of the
* license agreement you entered into with Sun.
*/
Open Source: an introduction to IP and Legal39
© 2016, iText Group NV
Solution 4: remove the code
After a very long argument about the liberal Sample License versus
the strict comment section (which was clearly overlooked at the
moment the code was released to the public), the EPS functionality
was removed from the iText code base.
It’s better to be safe than sorry…
Open Source: an introduction to IP and Legal40
© 2016, iText Group NV© 2016, iText Group NV
Results of this exercise
 We work with CLAs and keep track of contributors
 We changed the license from MPL/LGPL to AGPL
 We created a successful business
© 2016, iText Group NV
Contributor License Agreement
Open Source: an introduction to IP and Legal42
© 2016, iText Group NV
Today: disciplined IP “book keeping”
Open Source: an introduction to IP and Legal43
© 2016, iText Group NV
Commercial open source
Open Source: an introduction to IP and Legal44
Enterprise
closed
source
open
source
commercial
source
FOSS Company
The product is available for
free for those who accept
and comply with the F/OSS
license
If the product is also
distributed under another
license, a commercial
license is needed.
The FOSS company makes
the product available under
a custom license for those
who pay for the product:
• Support,
• Warranty,
• Indemnification,
• Release from the
requirements of the
F/OSS license

Más contenido relacionado

Was ist angesagt?

The effects of the GDPR
The effects of the GDPRThe effects of the GDPR
The effects of the GDPRiText Group nv
 
Four failures and one hit
Four failures and one hitFour failures and one hit
Four failures and one hitBruno Lowagie
 
Tech Startup Day 2015: 4 failures and 1 hit
Tech Startup Day 2015: 4 failures and 1 hitTech Startup Day 2015: 4 failures and 1 hit
Tech Startup Day 2015: 4 failures and 1 hitiText Group nv
 
ETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDFETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDFiText Group nv
 
Digital Signatures in PDF: how it's done
Digital Signatures in PDF: how it's doneDigital Signatures in PDF: how it's done
Digital Signatures in PDF: how it's doneBruno Lowagie
 
Startup Weekend Ghent
Startup Weekend GhentStartup Weekend Ghent
Startup Weekend GhentBruno Lowagie
 
PDF is dead. Long live PDF... with Java!
PDF is dead. Long live PDF... with Java!PDF is dead. Long live PDF... with Java!
PDF is dead. Long live PDF... with Java!iText Group nv
 
iText Summit 2014: Keynote talk
iText Summit 2014: Keynote talkiText Summit 2014: Keynote talk
iText Summit 2014: Keynote talkiText Group nv
 
FIT Seminar Singapore presentation
FIT Seminar Singapore presentationFIT Seminar Singapore presentation
FIT Seminar Singapore presentationiText Group nv
 
Python Development Company - Paragyte Technology
Python Development Company - Paragyte TechnologyPython Development Company - Paragyte Technology
Python Development Company - Paragyte TechnologyParagyte Technologies
 
Open Brighton - Open Source and your business
Open Brighton - Open Source and your businessOpen Brighton - Open Source and your business
Open Brighton - Open Source and your businessOmnis Systems
 
Industrial Approach IOT: Practical Approach
Industrial Approach IOT: Practical Approach Industrial Approach IOT: Practical Approach
Industrial Approach IOT: Practical Approach Agile Testing Alliance
 
The journey to DevOps: What I learned after leading transformation at 2 Enter...
The journey to DevOps: What I learned after leading transformation at 2 Enter...The journey to DevOps: What I learned after leading transformation at 2 Enter...
The journey to DevOps: What I learned after leading transformation at 2 Enter...VMware Tanzu
 
WebRTC for Telcos & Service Providers
WebRTC for Telcos & Service ProvidersWebRTC for Telcos & Service Providers
WebRTC for Telcos & Service ProvidersUppersideConferences
 
WebRTC: The Big Debate, Shut Up and Build Something
WebRTC: The Big Debate, Shut Up and Build SomethingWebRTC: The Big Debate, Shut Up and Build Something
WebRTC: The Big Debate, Shut Up and Build SomethingDigium
 
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...Blacc Spot Media, Inc.
 
From an idea to an apache tlp
From an idea to an apache tlpFrom an idea to an apache tlp
From an idea to an apache tlpChristofer Dutz
 

Was ist angesagt? (18)

ZUGFeRD: an overview
ZUGFeRD: an overviewZUGFeRD: an overview
ZUGFeRD: an overview
 
The effects of the GDPR
The effects of the GDPRThe effects of the GDPR
The effects of the GDPR
 
Four failures and one hit
Four failures and one hitFour failures and one hit
Four failures and one hit
 
Tech Startup Day 2015: 4 failures and 1 hit
Tech Startup Day 2015: 4 failures and 1 hitTech Startup Day 2015: 4 failures and 1 hit
Tech Startup Day 2015: 4 failures and 1 hit
 
ETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDFETDA Conference - Digital signatures: how it's done in PDF
ETDA Conference - Digital signatures: how it's done in PDF
 
Digital Signatures in PDF: how it's done
Digital Signatures in PDF: how it's doneDigital Signatures in PDF: how it's done
Digital Signatures in PDF: how it's done
 
Startup Weekend Ghent
Startup Weekend GhentStartup Weekend Ghent
Startup Weekend Ghent
 
PDF is dead. Long live PDF... with Java!
PDF is dead. Long live PDF... with Java!PDF is dead. Long live PDF... with Java!
PDF is dead. Long live PDF... with Java!
 
iText Summit 2014: Keynote talk
iText Summit 2014: Keynote talkiText Summit 2014: Keynote talk
iText Summit 2014: Keynote talk
 
FIT Seminar Singapore presentation
FIT Seminar Singapore presentationFIT Seminar Singapore presentation
FIT Seminar Singapore presentation
 
Python Development Company - Paragyte Technology
Python Development Company - Paragyte TechnologyPython Development Company - Paragyte Technology
Python Development Company - Paragyte Technology
 
Open Brighton - Open Source and your business
Open Brighton - Open Source and your businessOpen Brighton - Open Source and your business
Open Brighton - Open Source and your business
 
Industrial Approach IOT: Practical Approach
Industrial Approach IOT: Practical Approach Industrial Approach IOT: Practical Approach
Industrial Approach IOT: Practical Approach
 
The journey to DevOps: What I learned after leading transformation at 2 Enter...
The journey to DevOps: What I learned after leading transformation at 2 Enter...The journey to DevOps: What I learned after leading transformation at 2 Enter...
The journey to DevOps: What I learned after leading transformation at 2 Enter...
 
WebRTC for Telcos & Service Providers
WebRTC for Telcos & Service ProvidersWebRTC for Telcos & Service Providers
WebRTC for Telcos & Service Providers
 
WebRTC: The Big Debate, Shut Up and Build Something
WebRTC: The Big Debate, Shut Up and Build SomethingWebRTC: The Big Debate, Shut Up and Build Something
WebRTC: The Big Debate, Shut Up and Build Something
 
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...
Astricon 2014 - WebRTC - The Big Debate, I Say Shut Up and Build Something - ...
 
From an idea to an apache tlp
From an idea to an apache tlpFrom an idea to an apache tlp
From an idea to an apache tlp
 

Ähnlich wie Intellectual property and licensing

Open Source Business Case
Open Source Business CaseOpen Source Business Case
Open Source Business CaseFITT
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementSebastiano Cobianco
 
How can large open source projects be monetized?
How can large open source projects be monetized?How can large open source projects be monetized?
How can large open source projects be monetized?Bruno Lowagie
 
Related OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareRelated OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareOpenStack
 
Open Source And the Internet Of Things
Open Source And the Internet Of ThingsOpen Source And the Internet Of Things
Open Source And the Internet Of ThingsProgrammableWeb
 
Introduction To Open Source Licenses
Introduction To Open Source LicensesIntroduction To Open Source Licenses
Introduction To Open Source LicensesHarley Pascua
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileNat Sakimura
 
Open Source SW Business
Open Source SW Business Open Source SW Business
Open Source SW Business SANGHEE SHIN
 
Copyright in Software and Open Source licensing
Copyright in Software and Open Source licensingCopyright in Software and Open Source licensing
Copyright in Software and Open Source licensingRowan Wilson
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectNat Sakimura
 
Ipr08 2 Beware Of Your Creations Bruno Lowagie
Ipr08 2 Beware Of Your Creations   Bruno LowagieIpr08 2 Beware Of Your Creations   Bruno Lowagie
Ipr08 2 Beware Of Your Creations Bruno Lowagieimec.archive
 
This isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreThis isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreLukas Eder
 
Understanding open source licenses
Understanding open source licensesUnderstanding open source licenses
Understanding open source licensesRogue Wave Software
 
Don't Screw Up Your Licensing
Don't Screw Up Your LicensingDon't Screw Up Your Licensing
Don't Screw Up Your LicensingAnsel Halliburton
 
FITT Toolbox: Open Source Business Case
FITT Toolbox: Open Source Business CaseFITT Toolbox: Open Source Business Case
FITT Toolbox: Open Source Business CaseFITT
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software ConceptsJITENDRA LENKA
 
Open source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsOpen source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsRogue Wave Software
 
OpenChain Conformance: Arm Case Study
OpenChain Conformance: Arm Case StudyOpenChain Conformance: Arm Case Study
OpenChain Conformance: Arm Case StudyShane Coughlan
 

Ähnlich wie Intellectual property and licensing (20)

Open Source Business Case
Open Source Business CaseOpen Source Business Case
Open Source Business Case
 
Open Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk ManagementOpen Source in the Enterprise: Compliance and Risk Management
Open Source in the Enterprise: Compliance and Risk Management
 
How can large open source projects be monetized?
How can large open source projects be monetized?How can large open source projects be monetized?
How can large open source projects be monetized?
 
Related OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareRelated OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera Software
 
Open Source And the Internet Of Things
Open Source And the Internet Of ThingsOpen Source And the Internet Of Things
Open Source And the Internet Of Things
 
iText IP Review
iText IP ReviewiText IP Review
iText IP Review
 
Introduction To Open Source Licenses
Introduction To Open Source LicensesIntroduction To Open Source Licenses
Introduction To Open Source Licenses
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
 
Open Source SW Business
Open Source SW Business Open Source SW Business
Open Source SW Business
 
Copyright in Software and Open Source licensing
Copyright in Software and Open Source licensingCopyright in Software and Open Source licensing
Copyright in Software and Open Source licensing
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
 
Ipr08 2 Beware Of Your Creations Bruno Lowagie
Ipr08 2 Beware Of Your Creations   Bruno LowagieIpr08 2 Beware Of Your Creations   Bruno Lowagie
Ipr08 2 Beware Of Your Creations Bruno Lowagie
 
Open Source Software
Open Source SoftwareOpen Source Software
Open Source Software
 
This isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymoreThis isn't Richard Stallman's Open Source anymore
This isn't Richard Stallman's Open Source anymore
 
Understanding open source licenses
Understanding open source licensesUnderstanding open source licenses
Understanding open source licenses
 
Don't Screw Up Your Licensing
Don't Screw Up Your LicensingDon't Screw Up Your Licensing
Don't Screw Up Your Licensing
 
FITT Toolbox: Open Source Business Case
FITT Toolbox: Open Source Business CaseFITT Toolbox: Open Source Business Case
FITT Toolbox: Open Source Business Case
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software Concepts
 
Open source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsOpen source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the details
 
OpenChain Conformance: Arm Case Study
OpenChain Conformance: Arm Case StudyOpenChain Conformance: Arm Case Study
OpenChain Conformance: Arm Case Study
 

Mehr von iText Group nv

Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photoboothiText Group nv
 
PDF made easy with iText 7
PDF made easy with iText 7PDF made easy with iText 7
PDF made easy with iText 7iText Group nv
 
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyDigital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyiText Group nv
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFiText Group nv
 
iText Summit 2014: Talk: iText throughout the document life cycle
iText Summit 2014: Talk: iText throughout the document life cycleiText Summit 2014: Talk: iText throughout the document life cycle
iText Summit 2014: Talk: iText throughout the document life cycleiText Group nv
 
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...iText Group nv
 
The XML Forms Architecture
The XML Forms ArchitectureThe XML Forms Architecture
The XML Forms ArchitectureiText Group nv
 
Damn, the new generation kids are getting iPads in Highschool!
Damn, the new generation kids are getting iPads in Highschool!Damn, the new generation kids are getting iPads in Highschool!
Damn, the new generation kids are getting iPads in Highschool!iText Group nv
 
PAdES signatures in iText and the road ahead
PAdES signatures in iText and the road aheadPAdES signatures in iText and the road ahead
PAdES signatures in iText and the road aheadiText Group nv
 
Best practices in Certifying and Signing PDFs
Best practices in Certifying and Signing PDFsBest practices in Certifying and Signing PDFs
Best practices in Certifying and Signing PDFsiText Group nv
 
Choosing the iText Solution that is right for you: Community or Commercial ed...
Choosing the iText Solution that is right for you: Community or Commercial ed...Choosing the iText Solution that is right for you: Community or Commercial ed...
Choosing the iText Solution that is right for you: Community or Commercial ed...iText Group nv
 
The importance of standards
The importance of standardsThe importance of standards
The importance of standardsiText Group nv
 

Mehr von iText Group nv (12)

Build your own_photobooth
Build your own_photoboothBuild your own_photobooth
Build your own_photobooth
 
PDF made easy with iText 7
PDF made easy with iText 7PDF made easy with iText 7
PDF made easy with iText 7
 
Digital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case StudyDigital Signatures in the Cloud: A B2C Case Study
Digital Signatures in the Cloud: A B2C Case Study
 
Digital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDFDigital Signatures: how it's done in PDF
Digital Signatures: how it's done in PDF
 
iText Summit 2014: Talk: iText throughout the document life cycle
iText Summit 2014: Talk: iText throughout the document life cycleiText Summit 2014: Talk: iText throughout the document life cycle
iText Summit 2014: Talk: iText throughout the document life cycle
 
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...
iText Summit 2014: Talk: eGriffie and JustX, introducing digital documents at...
 
The XML Forms Architecture
The XML Forms ArchitectureThe XML Forms Architecture
The XML Forms Architecture
 
Damn, the new generation kids are getting iPads in Highschool!
Damn, the new generation kids are getting iPads in Highschool!Damn, the new generation kids are getting iPads in Highschool!
Damn, the new generation kids are getting iPads in Highschool!
 
PAdES signatures in iText and the road ahead
PAdES signatures in iText and the road aheadPAdES signatures in iText and the road ahead
PAdES signatures in iText and the road ahead
 
Best practices in Certifying and Signing PDFs
Best practices in Certifying and Signing PDFsBest practices in Certifying and Signing PDFs
Best practices in Certifying and Signing PDFs
 
Choosing the iText Solution that is right for you: Community or Commercial ed...
Choosing the iText Solution that is right for you: Community or Commercial ed...Choosing the iText Solution that is right for you: Community or Commercial ed...
Choosing the iText Solution that is right for you: Community or Commercial ed...
 
The importance of standards
The importance of standardsThe importance of standards
The importance of standards
 

Último

VuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckVuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckNaval Singh
 
8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.Ritesh Kanjee
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfICS
 
Enterprise Content Managements Solutions
Enterprise Content Managements SolutionsEnterprise Content Managements Solutions
Enterprise Content Managements SolutionsIQBG inc
 
renewable energy renewable energy renewable energy renewable energy
renewable energy renewable energy renewable energy  renewable energyrenewable energy renewable energy renewable energy  renewable energy
renewable energy renewable energy renewable energy renewable energyjeyasrig
 
Mobile App Development company Houston
Mobile  App  Development  company HoustonMobile  App  Development  company Houston
Mobile App Development company Houstonjennysmithusa549
 
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurMinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurPriyadarshini T
 
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...MyFAA
 
Building Generative AI-infused apps: what's possible and how to start
Building Generative AI-infused apps: what's possible and how to startBuilding Generative AI-infused apps: what's possible and how to start
Building Generative AI-infused apps: what's possible and how to startMaxim Salnikov
 
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Inc
 
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT  - SECURITY AND GOVERNANCE  FOR GENERATIVE AI.pptxBusinessGPT  - SECURITY AND GOVERNANCE  FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptxAGATSoftware
 
User Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeUser Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeKaylee Miller
 
Unlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsUnlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsconfluent
 
Revolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridRevolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridMathew Thomas
 
Mobile App Development process | Expert Tips
Mobile App Development process | Expert TipsMobile App Development process | Expert Tips
Mobile App Development process | Expert Tipsmichealwillson701
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleShane Coughlan
 
Einstein Copilot Conversational AI for your CRM.pdf
Einstein Copilot Conversational AI for your CRM.pdfEinstein Copilot Conversational AI for your CRM.pdf
Einstein Copilot Conversational AI for your CRM.pdfCloudMetic
 
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
Unlocking AI:Navigating Open Source vs. Commercial FrontiersUnlocking AI:Navigating Open Source vs. Commercial Frontiers
Unlocking AI: Navigating Open Source vs. Commercial FrontiersRaphaël Semeteys
 
8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdfOffsiteNOC
 

Último (20)

VuNet software organisation powerpoint deck
VuNet software organisation powerpoint deckVuNet software organisation powerpoint deck
VuNet software organisation powerpoint deck
 
8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.8 Steps to Build a LangChain RAG Chatbot.
8 Steps to Build a LangChain RAG Chatbot.
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdf
 
Enterprise Content Managements Solutions
Enterprise Content Managements SolutionsEnterprise Content Managements Solutions
Enterprise Content Managements Solutions
 
renewable energy renewable energy renewable energy renewable energy
renewable energy renewable energy renewable energy  renewable energyrenewable energy renewable energy renewable energy  renewable energy
renewable energy renewable energy renewable energy renewable energy
 
Mobile App Development company Houston
Mobile  App  Development  company HoustonMobile  App  Development  company Houston
Mobile App Development company Houston
 
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young EntrepreneurMinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
MinionLabs_Mr. Gokul Srinivas_Young Entrepreneur
 
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
Take Advantage of Mx Tracking Flight Scheduling Solutions to Streamline Your ...
 
20140812 - OBD2 Solution
20140812 - OBD2 Solution20140812 - OBD2 Solution
20140812 - OBD2 Solution
 
Building Generative AI-infused apps: what's possible and how to start
Building Generative AI-infused apps: what's possible and how to startBuilding Generative AI-infused apps: what's possible and how to start
Building Generative AI-infused apps: what's possible and how to start
 
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
Splashtop Enterprise Brochure - Remote Computer Access and Remote Support Sof...
 
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
BusinessGPT  - SECURITY AND GOVERNANCE  FOR GENERATIVE AI.pptxBusinessGPT  - SECURITY AND GOVERNANCE  FOR GENERATIVE AI.pptx
BusinessGPT - SECURITY AND GOVERNANCE FOR GENERATIVE AI.pptx
 
User Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller ResumeUser Experience Designer | Kaylee Miller Resume
User Experience Designer | Kaylee Miller Resume
 
Unlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insightsUnlocking the Power of IoT: A comprehensive approach to real-time insights
Unlocking the Power of IoT: A comprehensive approach to real-time insights
 
Revolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM GridRevolutionize Your Field Service Management with FSM Grid
Revolutionize Your Field Service Management with FSM Grid
 
Mobile App Development process | Expert Tips
Mobile App Development process | Expert TipsMobile App Development process | Expert Tips
Mobile App Development process | Expert Tips
 
openEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scaleopenEuler Community Overview - a presentation showing the current scale
openEuler Community Overview - a presentation showing the current scale
 
Einstein Copilot Conversational AI for your CRM.pdf
Einstein Copilot Conversational AI for your CRM.pdfEinstein Copilot Conversational AI for your CRM.pdf
Einstein Copilot Conversational AI for your CRM.pdf
 
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
Unlocking AI:Navigating Open Source vs. Commercial FrontiersUnlocking AI:Navigating Open Source vs. Commercial Frontiers
Unlocking AI: Navigating Open Source vs. Commercial Frontiers
 
8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf8 key point on optimizing web hosting services in your business.pdf
8 key point on optimizing web hosting services in your business.pdf
 

Intellectual property and licensing

  • 1. © 2016, iText Group NV© 2016, iText Group NV OPEN SOURCE INDIA Open source: an introduction to IP and Legal Bruno Lowagie, CTO iText Group NV
  • 2. © 2016, iText Group NV Introduction: who and what? Open Source: an introduction to IP and Legal2 Bruno Lowagie Original developer of iText ex-CEO, current CTO at iText Group
  • 3. © 2016, iText Group NV Disclaimer: IANAL • In this talk, I merely share my experience with legal issues. • “The law” can be different in different countries, and • Software is usually international and local laws may apply I’m an open source developer, not a lawyer Open Source: an introduction to IP and Legal3
  • 4. © 2016, iText Group NV Open Source: an introduction to IP and Legal4 Agenda Intellectual property (IP) of a project Open source licenses Case story: IP review of the iText source code
  • 5. © 2016, iText Group NV A quick show of hands Who knows Stack Overflow? Open Source: an introduction to IP and Legal5
  • 6. © 2016, iText Group NV A quick show of hands Who knows Stack Overflow? Who uses code snippets from Stack Overflow? Open Source: an introduction to IP and Legal6
  • 7. © 2016, iText Group NV A quick show of hands Who knows Stack Overflow? Who uses code snippets from Stack Overflow? Who knows which license Stack Overflow uses? Open Source: an introduction to IP and Legal7
  • 8. © 2016, iText Group NV CC-BY-SA version 3.0 Open Source: an introduction to IP and Legal8
  • 9. © 2016, iText Group NV Attribution Summarized: Explain origin Add link to question Add author name Add link to author profile Open Source: an introduction to IP and Legal9 http://stackexchange.com/legal: In the event that You post or otherwise use Subscriber Content outside of the Network or Services, with the exception of content entirely created by You, You agree that You will follow the attribution rules of the Creative Commons Attribution Share Alike license as follows: a) You will ensure that any such use of Subscriber Content visually displays or otherwise indicates the source of the Subscriber Content as coming from the Stack Exchange Network. This requirement is satisfied with a discreet text blurb, or some other unobtrusive but clear visual indication. b) You will ensure that any such Internet use of Subscriber Content includes a hyperlink directly to the original question on the source site on the Network (e.g., http://stackoverflow.com/questions/12345) c) You will ensure that any such use of Subscriber Content visually display or otherwise clearly indicate the author names for every question and answer so used. d) You will ensure that any such Internet use of Subscriber Content Hyperlink each author name directly back to his or her user profile page on the source site on the Network (e.g., http://stackoverflow.com/users/12345/username), directly to the Stack Exchange domain, in standard HTML (i.e. not through a Tinyurl or other such indirect hyperlink, form of obfuscation or redirection), without any “nofollow” command or any other such means of avoiding detection by search engines, and visible even with JavaScript disabled.
  • 10. © 2016, iText Group NV Share Alike Copyright law • allows an author to prohibit others from reproducing, adapting, or distributing copies of the author's work. Copyleft • gives every person who receives a copy of a work permission to reproduce, adapt or distribute the work as long as any resulting copies or adaptations are also bound by the same copyleft licensing scheme. Open Source: an introduction to IP and Legal © © 10
  • 11. © 2016, iText Group NV Do you have to worry? Open Source: an introduction to IP and Legal11 Sam Saffron: http://meta.stackexchange.com/users/17174/waffles Jason Baker: http://meta.stackexchange.com/users/2147/jason-baker Stack Exchange has been trying to fix these issues for years now, but the problem persists.
  • 12. © 2016, iText Group NV© 2016, iText Group NV Intellectual property You’re an open source developer, but:  Who owns the code you write?  Who owns the code you use?
  • 13. © 2016, iText Group NV A typical project Open Source: an introduction to IP and Legal13 White zone Gray zone Black zone
  • 14. © 2016, iText Group NV The White Zone Open Source: an introduction to IP and Legal14 White zone Gray zone Black zone
  • 15. © 2016, iText Group NV The White Zone You have written the code yourself, but What about your employer? Does your employer own (part of) the code? Do you have a formal agreement with your employer with respect to F/OSS? Where did you get your inspiration? IBM developers are forbidden to look at any code that is not formally approved by IBM’s legal team. Good practice or burden? Open Source: an introduction to IP and Legal15
  • 16. © 2016, iText Group NV Employees and IP Open Source: an introduction to IP and Legal16 Dilbert: Copyright by Scott Adams Fair Use
  • 17. © 2016, iText Group NV The Gray Zone Open Source: an introduction to IP and Legal17 White zone Gray zone Black zone
  • 18. © 2016, iText Group NV The Gray Zone The code was contributed, but did the contributor agree with the license? did the contributor’s employer agree? where did the contributor get his inspiration? The code is taken from another project, but are the licenses compatible? do you respect the other project’s license? where did the other project get its code from? Open Source: an introduction to IP and Legal18
  • 19. © 2016, iText Group NV The Gray Zone Contributor License Agreements The Apache Foundation demands contributors and their employers to sign a CLA SUN used to demand contributors to sign an SCA from the moment contributions contained more than 20 lines of code “Fair Use”: does not apply to source code in the USA! Check License Compatibility Keep a detailed inventory of all F/OSS projects (subset / derivative work) Open Source: an introduction to IP and Legal19
  • 20. © 2016, iText Group NV License compatibility Open Source: an introduction to IP and Legal20 Your product: ASLv2 GPLv2 Your product: LGPLv3 ASLv2
  • 21. © 2016, iText Group NV The Black Zone Open Source: an introduction to IP and Legal21 White zone Gray zone Black zone
  • 22. © 2016, iText Group NV The Black Zone Unfortunately, you might not have been allowed to use some specific code that is now part of your project. Possible solutions:  Either you ask (and get!) permission, or  You rewrite the code, or  You remove the code. Open Source: an introduction to IP and Legal22
  • 23. © 2016, iText Group NV© 2016, iText Group NV Open source licenses  Copyright versus Copyleft  How open source licenses work  Open source business models
  • 24. © 2016, iText Group NV Open Source License overview Open Source: an introduction to IP and Legal24
  • 25. © 2016, iText Group NV GPL-style software licenses It’s all about distribution Open Source: an introduction to IP and Legal25 License: MPL / LGPL GPL AGPL Car distribution (e.g. OEM) Commercial use? OK for gratis commercial use Commercial license needed Commercial license needed Bus service (e.g. SaaS) Commercial use? OK for gratis commercial use OK for gratis commercial use Commercial license needed Free/Proprietary Before iText 5: Improvement engine: LGPL Car or bus: can be proprietary Car: must be GPL Bus: can be proprietary Since iText 5: Car or bus: must be AGPL Or: buy commercial license
  • 26. © 2016, iText Group NV Open Core licensing: e.g. iText 7 Open Source: an introduction to IP and Legal26 Open source Closed source
  • 27. © 2016, iText Group NV Business Source License: e.g. MariaDB Open Source: an introduction to IP and Legal27 All source code is open, but not “open source”: it’s “business source”. MaxScale is only needed in case of heavy use of MariaDB. This prevents perceived abuse by GAFA & co.
  • 28. © 2016, iText Group NV© 2016, iText Group NV Case study Who owns iText?  Mapping the white zone  Clarifying the gray zone  Refactoring or removing the black zone
  • 29. © 2016, iText Group NV Who was asking this question? July 2006: Eclipse Simultaneous Release ‘Callisto’; tested and approved by IBM Eclipse/BIRT (Actuate) is part of this release Project led by Actuate iText is used in Eclipse/BIRT License MPL/LGPL: not acceptable for IBM Research agreement between Actuate and Ghent University with as deliverable: IP Review Open Source: an introduction to IP and Legal29
  • 30. © 2016, iText Group NV Turning Gray and Black into White Open Source: an introduction to IP and Legal30 White zone Gray zone Black zone
  • 31. © 2016, iText Group NV In practice Source code was vetted by lawyers Source code was screened using software Weekly reports listing potential issues Open Source: an introduction to IP and Legal31
  • 32. © 2016, iText Group NV Issue 1: Quick&Dirty XML parser State machine to parse XML Source code taken from: http://www.javaworld.com/javaworld/ javatips/jw-javatip128.html Open Source: an introduction to IP and Legal32
  • 33. © 2016, iText Group NV Read the fine-print! Open Source: an introduction to IP and Legal33 All contents of JavaWorld, including text, programs, applets, source code, and images are copyrighted and owned by IDG or the copyright holder specified, all rights reserved. No material may be reproduced electronically or in print without written permission.
  • 34. © 2016, iText Group NV Solution 1 Write JavaWorld and author, get permission! There were many other places where license information was incomplete or missing. It must become your second nature to ask for permission and to document! document! document! Open Source: an introduction to IP and Legal34
  • 35. © 2016, iText Group NV Issue 2: RC4 encryption algorithm Names and variables referring to RC4 RC4 was initially a trade secret, but in September 1994 a description of it was anonymously posted to the Cypherpunks mailing list. It was soon posted on the sci.crypt newsgroup, and from there to many sites on the Internet. Because the algorithm is known, it is no longer a trade secret. The name "RC4" is trademarked, however. The current status seems to be that "unofficial" implementations are legal, but cannot use the RC4 name. Open Source: an introduction to IP and Legal35
  • 36. © 2016, iText Group NV Solution 2 RC4 is often referred to as "ARCFOUR" or "ARC4" (meaning Alleged RC4, because RSA has never officially released the algorithm), to avoid possible trademark problems. Change all class and variable names:  Don’t use: RC4_ENCRYPTION  Use: ARCFOUR_ENCRYPTION Open Source: an introduction to IP and Legal36
  • 37. © 2016, iText Group NV Issue 3: Class IntHashtable Code taken from ACME.com: // This is 90% based on JavaSoft's java.util.Hashtable. // Visit the ACME Labs Java page for up-to-date versions // of this and other fine Java utilities: // http://www.acme.com/java/ JavaSoft is a name used by Sun in the past in their Java activities. ACME indicates use of the class java.util.Hashtable which is subject to unfriendly Sun license It is unlikely that this code is available under a license that permits this use. Without information indicating that Sun approved of this usage the class should not be used. Open Source: an introduction to IP and Legal37
  • 38. © 2016, iText Group NV Solution 3 Use the same class released by Apache under the ASL in Apache- Commons instead of the ACME class. Open Source: an introduction to IP and Legal38
  • 39. © 2016, iText Group NV Issue 4: EPS functionality Taken from an example released by SUN under a Sample License The Sample License allowed the use of the code, but… The source code contained this text: /* * Copyright 1998 by Sun Microsystems, Inc., * 901 San Antonio Road, Palo Alto, California, * 94303, U.S.A. All rights reserved. * * This software is the confidential and proprietary * information of Sun Microsystems, Inc. * ("Confidential Information"). You shall not * disclose such Confidential Information and shall * use it only in accordance with the terms of the * license agreement you entered into with Sun. */ Open Source: an introduction to IP and Legal39
  • 40. © 2016, iText Group NV Solution 4: remove the code After a very long argument about the liberal Sample License versus the strict comment section (which was clearly overlooked at the moment the code was released to the public), the EPS functionality was removed from the iText code base. It’s better to be safe than sorry… Open Source: an introduction to IP and Legal40
  • 41. © 2016, iText Group NV© 2016, iText Group NV Results of this exercise  We work with CLAs and keep track of contributors  We changed the license from MPL/LGPL to AGPL  We created a successful business
  • 42. © 2016, iText Group NV Contributor License Agreement Open Source: an introduction to IP and Legal42
  • 43. © 2016, iText Group NV Today: disciplined IP “book keeping” Open Source: an introduction to IP and Legal43
  • 44. © 2016, iText Group NV Commercial open source Open Source: an introduction to IP and Legal44 Enterprise closed source open source commercial source FOSS Company The product is available for free for those who accept and comply with the F/OSS license If the product is also distributed under another license, a commercial license is needed. The FOSS company makes the product available under a custom license for those who pay for the product: • Support, • Warranty, • Indemnification, • Release from the requirements of the F/OSS license