• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
In-House Management of Open Source Licenses
 

In-House Management of Open Source Licenses

on

  • 675 views

Recognizing transactions and other in-house activities likely to involve the use of open source code; potential approaches to identifying and negotiating open source terms in licensing and service ...

Recognizing transactions and other in-house activities likely to involve the use of open source code; potential approaches to identifying and negotiating open source terms in licensing and service agreements; best practices for the internal use of open source code

Statistics

Views

Total Views
675
Views on SlideShare
670
Embed Views
5

Actions

Likes
0
Downloads
1
Comments
0

1 Embed 5

http://www.linkedin.com 5

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • CA (NASDAQ: CA), the world's leading independent IT management software company, helps customers optimize IT for better business results. CA's Enterprise IT Management solutions for mainframe and distributed computing enable Lean IT—empowering organizations to more effectively govern, manage and secure their IT operations.    Founded in 1976, CA today is a global company with headquarters in the United States and 150 offices in more than 45 countries. CA serves more than 99% of Fortune 1000® companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide.
  • Jennifer Buchanan O’Neill is Vice President and Managing Assistant General Counsel at CA, Inc., where she leads the Product Development practice group and provides legal counsel on inbound and outbound technology licensing, product development and marketing, mergers and acquisitions, product-related litigation, and regulatory compliance. Ms. O’Neill previously served as Senior Counsel of Intellectual Property and Strategic Sourcing for CIGNA and as in-house counsel for a number of divisions of IBM Corporation.  Prior to her employment by IBM, she served as Deputy Assistant General Counsel of Finance and Operations for the United States Environmental Protection Agency, where her duties included negotiating the agency’s cooperative research and development agreements, copyright and publication contracts, and other licensing arrangements.  Ms. O’Neill clerked at the United States Court of Appeals for the Federal Circuit and the Fourth Judicial Circuit of Virginia.  She has a strong interest in open source licensing and has worked closely with that community in the establishment of best practices for the contribution, licensing and maintenance of code. She graduated from Duke Law School in 1993 and received a B.A. in political science and philosophy from Grove City College in 1990.

In-House Management of Open Source Licenses In-House Management of Open Source Licenses Presentation Transcript

  • Jennifer Buchanan O’Neill Vice President and Managing Assistant General Counsel, Product Development In-House Management of Open Source Licenses May 7, 2010 AIPLA Spring Meeting
  • Notices and Disclaimers
    • Copyright © 2010 Jennifer Buchanan O’Neill. All rights reserved. Apache is a trademark of The Apache Software Foundation. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.
    • The statements and opinions expressed herein are those of the author and are not necessarily those of CA, Inc. (“CA”).
    • To the extent permitted by applicable law, the content of this presentation is provided “AS IS” without warranty of any kind. In no event will the author or CA be liable for any loss or damage, direct or indirect, arising from or related to the use of this information, including, without limitation, lost profits, lost investment, business interruption, goodwill or lost data, even if expressly advised in advance of the possibility of such damages.   Neither the content herein nor any software product referenced serves as a substitute for your compliance with any laws (including but not limited to any act, statute, regulation, rule, directive, standard, policy, administrative order, executive order, and so on (collectively, “Laws”)  referenced herein or otherwise. You should consult with competent legal counsel regarding any such Laws.
    CA CONFIDENTIAL -- PREPARED IN ANTICIPATION OF LITIGATION
  • Agenda
    • Recognizing transactions and other in-house activities likely to involve the use of open source code
    • Potential approaches to identifying and negotiating open source terms in licensing and service agreements
    • Best practices for the internal use of open source code
    CA CONFIDENTIAL -- PREPARED IN ANTICIPATION OF LITIGATION
  • Where May Open Source Be An Issue?
    • Inbound technology licenses
    • Professional or technical services agreements
    • Business process outsourcing
    • Employment agreements
    • Mergers and acquisitions
    • Internal business use
  • Where May Open Source Be An Issue? (cont.)
    • Joint research and development/CRADAs
    • Customer sales contracts
    • In-house software development
    • Participation in industry alliances and standards bodies
    • Internal policies for Internet and email usage
  • What Do I Do Now?
    • If my client wants to license code from a third party:
      • Require that party to identify all open source code that it uses and distributes, together with the governing license and a description of how the code is used
      • Assess that party’s compliance with applicable licenses. AVOID BEING A DOWNSTREAM INFRINGER.
      • Obtain sufficient contractual protections against infringement in the form of warranties and indemnification
  • What Do I Do Now?
    • If my client wants to license code to a third party:
        • Determine what open source code has or will be used by your client, including documentation of any modifications made
        • Determine whether your client’s product must be distributed under an open source license, in whole or in part
        • Assess current compliance and remediate any potential issues prior to external distribution of code
        • Determine to what extent your client is willing to serve as “insurer” of open source code liabilities
  • What Do I Look For?
    • Where can I find the license agreement?
      • Online open source community or project web site
      • User documentation
      • Clickwrap agreement accompanying software
      • LICENSE, NOTICE, or other *.txt file in the program’s source or object code
      • Confirm licensing on a third-party site like Ohloh or Koders
    • Look for dual/tri-licensing scenarios
    • Determine requirements for use, redistribution and modification of code
      • Wide range of licenses with different ramifications for commercial users
      • Scan the source code if there’s any doubt as to origin
  • Other Key Concerns
    • Is the open source component critical to your client’s business (as a service provider or otherwise)?
    • Verify how the open source project or community ensures the pedigree of the code.
        • Contributors may have submitted code under terms other than those of the community
        • Proprietary code may have been incorporated in violation of applicable licenses
        • Established open source communities like Apache Software Foundation and Eclipse Foundation have implemented best practices for maintaining integrity of contributions.
        • Review terms of the project’s Contributor License Agreement (or equivalent)
        • Again, when in doubt, SCAN the code
  • Best Practices for Code Management
    • Document review and approval process for requests to use or distribute open source code, with management and legal as key participants
    • Create database of open source components, identifying applicable license requirements and how/where open source is used by client
    • Create path for publishing source code where required
    • Implement procedure for providing notices, attributions and licensing terms to external customers
    • Require awareness training for developers and IT department
  • Questions?
    • About CA
    • CA (NASDAQ: CA), the world's leading independent IT management software company, helps customers optimize IT for better business results. CA's Enterprise IT Management solutions for mainframe and distributed computing enable Lean IT—empowering organizations to more effectively govern, manage and secure their IT operations. Founded in 1976, CA today is a global company with headquarters in the United States and 150 offices in more than 45 countries. CA serves more than 99% of Fortune 1000® companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide.