There were a few standout speakers.
Gary Spiegel and Joyce Chow, of Sun Microsystems and Apple, respectively, gave a talk on open source business models. They spoke about the spectrum of choices available to a for-profit business when it wants to release its code on an "open" basis. Some well-known business models include, for example, the use of open source to lure web-traffic or drive hardware sales revenue. As another example, the tiered products model uses open source code to upsell closed versions.
The best presentation of the day was by Gabe Holloway of Leonard, Street and Deinard and Marc Visnick of Johnson-Laird Inc., a firm that does something called forensic software analysis. Their fresh presentation discussed how code is actually used; for example, whether it is distributed or not and whether it links statically or dynamically. These are, we think, important points of analysis when relying upon open source software. Gabe and Marc ran through slides explaining the difference between each form of linking from a software coder's point of view. Their piece-by-piece analysis probably makes them good resources for in-house departments looking for a way to determine (i.e., guess) whether its company's code is in compliance.
The other presentation I'll talk about here was by Richard E. Fontana of Red Hat, Inc. Richard's presentation was nominally about open source "best practices." It was well done--not so much because he described best practices but because he treated open source licensing philosophically while being realistic about how to advise large developers who rely upon open source. Richard describes open source as a "culture" and as a "community-led experimental law reform effort to build a new legal regime for software on top of (and manipulating) traditional software IP/licensing law." He made some very insightful and level-headed comments. According to Richard, lawyers dealing with open source often lack a familiarity with open source history and culture, adequate knowledge of the subject's technology, and an appropriately non-formalist perspective. I absolutely agree, not because I have perfectly achieved all of these things, but because these elements are critical to giving good advice. It is important that software lawyers who lack these elements, in at least moderate degree, to stay out of the way.
One of Richard's other points was that legislation, regulations, and case law provide little guidance when working with open source software. I would propose that the terms of open source licenses also provide only limited and unreliable guidance. Richard posits that open source principles are a sort of Lex Mercatoria founded more in the expectations of its participants than any written law. Cool stuff, Richard. I'm not one to drink gushing mouthfuls of open source Kool Aid, but your points made a lot of sense to me.
Finally, as Richard sees it, generally speaking, open source publishers do not enforce their copyrights. It is a small number of assertive GPL licensors who are proving the rule. Indeed, non-material non-compliance is largely ignored or worked out at the upstream level. According to Richard, whole provisions of the GPL2 and GPL2.x have been widely read out of that license. He also believes that most material GPL violations come not from a downstream publisher misusing code it knew (or easily should have known) is governed under a copy-left license; but, rather, result from use of what is believed to be appropriately licensed binaries. In other words, as I understand it, the real risk is difficult for a well-meaning downstream publisher to root out through diligent review.
Posts
0 comments:
Post a Comment