Adam Kessel, principal, Fish & Richardson, P.C. presented, "Patents and Open source Known and Unknown Risks." For more information, please visit our website at www.blackducksoftware.com.

1. Patents and Open Source
Known and Unknown Risks
Adam Kessel
Principal, Fish & Richardson P.C.

2. Roadmap
• Can patents and open source coexist?
• Open source license patent provisions
• Patent (and other) risks raised by open source
• Litigation case studies
• Best practices / playbook

3. Can patents and
open source coexist?

4. Quick Intro to Software Patents – Why Get Patents?
• Freedom of Action
• Deter attacks by operating companies
• Cross-licensing
• Out-licensing
• Counterclaims
• Deter copying by competitors
• Deter trade secret misappropriation
• Add value to business deals
• Independent profit center
• Licensing and/or sales

5. Quick Intro to Software Patents – Why Not Get Patents?
• Legal expense/uncertain ROI
• Engineering distraction
• Eliminates trade secret protection
• Shifting landscape may reduce value
• Bilski/Alice (2008/2014) – patentability questions, particularly for software
• eBay (2006) – injunctive relief harder to get
• KSR (2007) – easier to prove patents obvious
• PTAB proceedings under the America Invents Act (2012) – easier to challenge
validity, uneven playing field, litigation often stayed
• TC Heartland (2017) - patent owner has less control over venue
• Bad P.R. for some audiences, including open source community

6. Why are patents useful in open source context?
• “offensive” use
• Patent claim scope often differs from OS license scope
• Patent rights to complement copyright/license/contract/unfair competition claims to
pursue bad actors
• Dual licensing
• Against use of the invention outside the open source project (this may encourage
adoption of the open source project)
• where the invention is incorporated in open source projects but was not part
of your company’s contribution
• Inventions that are related to but not part of the contribution (or the combination of
the contribution with the work)
• Can still be sold/licensed to third parties with separate interests

7. Why are patents useful in open source context?
• “defensive” use
• All the same reasons as for offensive use; and
• If you are sued on the work you can often counterclaim on the same subject
matter
• If you stop using the open source code and don’t plan to use it again
• Prevent others from filing on same idea; create prior art and record of first
invention at Patent Office
• Particularly important in post-AIA “first to file” system

8. Can a patent owner get relief if it also practices open source?
• Royalty free cross-licensing does not preclude reasonable royalty
• Multiple networked royalty free cross-licenses, e.g., OIN, LOT, W3C, etc, that
have thrived despite the potential for similar argument in those contexts
• Injunctions are already difficult in U.S. patent litigation; any licensing, including
open-source licensing, may weigh against injunctive relief
• From a defensive perspective, where an accused infringer’s software is open
source (and thus “free”), may complicate the patent owner’s damages theory

9. Open source license
patent provisions

10. Patent clauses in open-source licenses generally fall into one of three categories:
• Patent licenses (or covenants not to sue);
• Who grants the license?
Generally, only contributors (including in some cases modifying distributors or arguably pass-through distributors) -
however read the provisions of the OS license, e.g., the copyleft license, at issue.
• Which patents does the license include?
a) The contribution alone or b) The combination of the Contribution with the Work (see e.g., Apache 2.0)
• Which activities does the license allow?
• Defensive termination
• Apache 2.0 used by Apache Project, Cloud Foundry, etc
• Facebook react.js BSD+patents (deprecated in 2017)
• Other patent provisions
• GPL v3 provision regarding entering into restrictive patent licenses
• Custom patent licenses, including field of use limitations, that supplement common OS licenses
Open Source Patent Provisions

11. Open Source Patent Provisions
• Pass-through
distributor (PTD)
• Modifying distributor
(MD)
Open
Source
Code
Open
Source
Code
Contributors
PTD
Distribution
Open
Source
Code
Modified
Version
Contributors
MD
Distribution

12. Open Source Patent Provisions
Which activities does the license allow?
• Patent licenses do not typically allow:
(a) Infringement based on downstream modification to
the contributor version
(b) Infringement based on combinations of the
contributor version with other software or hardware;
and
(c) Claims infringed by the OS software without the
contribution

13. • Apache
• Subject to the terms and conditions of this License, each Contributor hereby grants to You a
perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in
this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise
transfer the Work, where such license applies only to those patent claims licensable by such
Contributor that are necessarily infringed by their Contribution(s) alone or by combination of
their Contribution(s) with the Work to which such Contribution(s) was submitted.
• MIT
• Permission is hereby granted, free of charge, to any person obtaining a copy of this software
and associated documentation files (the "Software"), to deal in the Software without restriction,
including without limitation the rights to use, copy, modify, merge, publish, distribute,
sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions…
Open Source Patent Provisions – Grant of License

14. • GPL 2.0
• You may modify your copy or copies of the Program or any portion of
it…provided that you…cause any work that you distribute or publish…to be
licensed as a whole at no charge to all third parties under the terms of this
License.
• Each time you redistribute the Program (or any work based on the Program),
the recipient automatically receives a license from the original licensor to copy,
distribute or modify the Program subject to these terms and conditions. You
may not impose any further restrictions on the recipients' exercise of the rights
granted herein.
Open Source Patent Provisions – Grant of License

15. • GPL 3.0
• Each contributor grants you a non-exclusive, worldwide, royalty-free patent
license under the contributor's essential patent claims, to make, use, sell, offer
for sale, import and otherwise run, modify and propagate the contents of its
contributor version.
• A contributor's “essential patent claims” are all patent claims owned or
controlled by the contributor, whether already acquired or hereafter acquired,
that would be infringed by some manner, permitted by this License, of making,
using, or selling its contributor version, but do not include claims that would be
infringed only as a consequence of further modification of the contributor
version. For purposes of this definition, “control” includes the right to grant
patent sublicenses in a manner consistent with the requirements of this
License.
Open Source Patent Provisions – Grant of License

16. Defensive Termination Provisions (e.g. Apache 2.0)
• Apache provision:
• "If You institute patent litigation against any entity (including a cross-claim or counterclaim
in a lawsuit) alleging that the Work or a Contribution incorporated within the Work
constitutes direct or contributory patent infringement, then any patent licenses granted to
You under this License for that Work shall terminate as of the date such litigation is filed.“
• Which claims trigger the provision?
• Which rights are terminated?
• Can the license be restored?
Open Source Patent Provisions – Defensive Termination

17. GPL 2.0
• Prohibits distribution where patent royalties are required
• If, as a consequence of a court judgment or allegation of patent infringement or for any other
reason (not limited to patent issues), conditions are imposed on you (whether by court order,
agreement or otherwise) that contradict the conditions of this License, they do not excuse you
from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your
obligations under this License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent license would not permit royalty-
free redistribution of the Program by all those who receive copies directly or indirectly through
you, then the only way you could satisfy both it and this License would be to refrain entirely
from distribution of the Program.
Open Source Patent Provisions – Anti-Discrimination

18. GPL 3.0
• Explicitly prohibits discriminatory licenses
• A patent license is “discriminatory” if it does not include within the scope of its coverage,
prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that
are specifically granted under this License. You may not convey a covered work if you are a
party to an arrangement with a third party that is in the business of distributing software, under
which you make payment to the third party based on the extent of your activity of conveying the
work, and under which the third party grants, to any of the parties who would receive the
covered work from you, a discriminatory patent license (a) in connection with copies of the
covered work conveyed by you (or copies made from those copies), or (b) primarily for and in
connection with specific products or compilations that contain the covered work, unless you
entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
Open Source Patent Provisions – Anti-Discrimination

19. Unexpected Risks

20. • Loss of exclusive rights
• Intentional
• Unintentional
• Copyright
• Patent
• Trademark
• Breach of contract/copyright claim
• Exposure to damages or injunction
• Bad PR
• Lack of indemnity / warranty
• Security (monoculture)
• Reliability (varies widely)
• Uncertainty / code provenance
• Exposure to patent claims
• “Abandonware”
• Settlement complications
• Deal closing complications
Risk Laundry List

21. Unexpected Open Source Risks
Open Source is everywhere

22. • Merger & acquisition
• Venture investment
• Business deals
• Product releases
• Litigation case studies
• Surprise claims
• License enforcement
Unexpected Open Source Risks

23. “Unexpected” Litigation Case Studies
• Twin Peaks v. Red Hat (2012 NDCal)
• GPL counterclaim in mirror file system case
• IBM v. Asus (2008-9 ITC)
• Successful GPL license defense involving routers
• Ximpleware v. Versata (2013-5 NDCal)
• Patent and copyright claims on XML parser arising out of separate commercial litigation in
Texas
• German Enforcement

24. Implied License, e.g., under GPL v2 – XimpleWare?
• Implied license: The XimpleWare court noted that the direct patent infringement did not apply because the defendants had
a license under the GPLv2 for internal use: "The act of running the Program is not restricted, and the output from the
Program is covered only if its contents constitute a work based on the Program (independent of having been made by
running the Program)."
• Breach does not negate license to those downstream: the court further stated that, "Because an express license is a
defense to patent infringement, XimpleWare’s direct infringement claims against Versata’s customers turn on whether the
customers’ distribution is licensed under the GPL. The reason is that the GPL provides that even if the original licensee—
here, one of the Versata entities—breaches its license for whatever reason, third-party customers of that original license
retain the right to use XimpleWare’s software so long as the customer does not itself breach the license by 'distributing'
XimpleWare’s software without satisfying attendant conditions.”
• Rights beyond use are still largely unresolved
Open Source Patent Provisions

25. • Implied licenses for licenses that are silent on patent rights
• “Vertical” vs. “Horizontal” licenses
• Apache 2.0 questions
• How to determine if claims are “necessarily infringed”?
• Is claim construction necessary?
• Later-acquired patents?
• Downstream modifications of licensed contributions?
• Licensed claims limited to contributions or to other code in work that potentially infringes same claims?
• Can license be restored?
• Patent damages where there is an open-source alternative
• Patent damages where accused software is open-source
• Issues outside the USA
• Implied patent licenses may be more limited elsewhere
• Scope of Open Invention Network License
• Effect of pledges such as Open Patent Non-Assertion Pledge, License on Transfer Network
Uncertainties with respect to open source patent licensing

26. Best Practices /
Playbook
Patents and Open Source

27. Process:
Typical scenarios where Open Source is raised to patent portfolio managers
1. Invention disclosure form (IDF) submitted with indication subject matter will be part of
OS project
2. Patent team consulted on impact of requested OS participation on patent strategy
May be difficult to determine impact - might require study of code and individual claim
language
3. Third party code - considering bringing some third party code into the code base,
e.g., M&A context
Patents and Open Source

28. Potential Responses, e.g., for Scenario (1) - IDF at time of OS request
a) Proceed with OS contribution/do not pursue patent
b) Proceed with OS contribution and pursue patent,
c) Do not proceed with OS contribution and pursue patent.
So how does one determine when to raise IP as a consideration in a proposed
OS participation, when an OS participation is approved, whether an associated
invention should be patented?
Patents and Open Source
28

29. Factors for giving OK to OS request / decision whether to pursue patent
• License terms of Open Source
• Scope of contribution (and Work) now and in the future
• Potentially impacted patents
• Talk to submitter and/or review proposed submission, use keywords, tech area, business area,
institutional knowledge and/or companies of interest
• Need for patent protection in tech area
• Note: Use a peel the onion approach
• Consider whitelisting or blacklisting certain OS licenses (and perhaps certain types of patents)
• Is potentially impacted patent in litigation or a candidate for litigation?
• Is potentially impacted patent a highly rated patent or a patent that is tagged as being relevant to
a company of interest?
Patents and Open Source
29

30. • Perform regular source code audits to determine OSS in current use, and
confirm compliance with the applicable license provisions.
• Implement routine inbound and outbound tracking systems to limit need for
expensive/cumbersome audits once baseline level of compliance is
established.
• Maintain a whitelist of acceptable OSS licenses, a blacklist of rejected OSS
licenses, and a validation process to approve OSS licenses not on either list.
• Prior to making major software purchases, require vendors to provide OSS
audits.
General OS Takeaways
30

31. Questions?
31
Adam Kessel
Principal - Boston
Fish & Richardson P.C.
kessel@fr.com
617-368-2180