The low-down on Open Source Law

Open Source Law founder, Brendan Scott, discusses the legal implications of FOSS in Australian government and enterprise organisations

Do you have an idea of how many Australian enterprises have a formal policy in place regarding open source software?

Not enough. Several years ago I wrote a short paper called "The Open Source Legal Landscape". It highlights that open source enters an organisation through different pathways to closed source. Typically these pathways are not subject to management review (for example, because there is no "purchase" involved) and are therefore largely invisible. The first part of managing open source usage within an organisation is understanding and regulating these pathways. The second part is to educate the users about responsible FOSS use. You need a policy to address these (and other issues). For the reasons I outlined above you should have someone from the "Monday set" helping you with your policy.

Where do the most significant or prevalent legal implications stem from regarding the use of open source software in enterprise?

Open source provides flexibility in implementing solutions, so you can be much more creative with your problem solving. Therefore the legals need to be a creative as well. You also need to interface with existing (closed source) licences to ensure you're going to get the cost savings you thought you were getting. This means being proactive about your open source strategy so you can renegotiate your closed source licences in time to get savings. For example, if you pay a flat fee for whole-of-organisation licensing then replacing half of your closed source with open source won't give you any cost reduction. You will need to negotiate a change to the licensing at a renewal ahead of time (e.g. to change it to give a proportional discount based on the number of copies installed)

So open source issues in enterprise are about understanding and implementing a long term strategy for the adoption of open source. Existing enterprises have spent 20 years under a closed model and the idiosyncracies of its licensing have become embedded in IT practices and expectations. One of my clients was setting policy for open access to certain categories of data across Australia. I worked with them and we discovered this meant that there needed to be the ability to extend and modify existing tools. This in turn meant that the APIs for those tools needed to be licensed in a broad way not only today, but the APIs needed to be protected against closure in the future. I negotiated API licences from their suppliers and now organisations around Australia are taking the benefits of open data sets and open APIs for the toolsets.

The piecemeal substitution of some open source components will give some savings, but you need to take care that your closed source vendor does not simply use the next version of their software to shift the lock-in to a different level in the tool chain.

How have Australian organisations and enterprises dealt with the move from GPL 2 to GPL3?

When GPL v3 was being drafted the SFLC enaged me to provide advice on the impact of Australian law on the licence (the SFLC did this for a number of different jurisdictions around the world). One of the aims of the drafting process was to ensure that GPL v3 was as consistent as possible with various legal systems around the world and many projects have adopted GPL v 3. I'm not aware of anyone raising any serious problems with the licence under Australian law.

How is open source software impacting the way vendors monetize software?

Closed source software has the characteristics of what economists call a "natural monopoly". This means that, left to its own devices, it will tend to evolve into a market in which there is one winner and a multitude of losers. Open source and open standards change this dynamic by introducing competition to the mix. The more interesting question therefore is how can we have a dynamic software industry unless we have open source and open standards. Governments around the world are increasingly realising this.

Do you agree that many organisations and enterprises are hesitant to deploy open source because they don't know how? What can be done to improve this?

I suspect that a major problem for the uptake of open source in an organisation is vendor capture. Vendors make their clients' decisions easier by providing them with a lot of product information. Ordinarily this is good, but in some cases vendors can cover decision makers with so much information that there is not enough information about alternatives.

Every organisation has someone who is passionate and knowledgeable about open source. Management needs to find that person and start at least listening to them. They should be conducting small open source pilots to familiarise themselves with migration issues. Finally, they should be talking to their peers, because everyone has an open source good news story, whether it's VoIP, CRM, databases or whatever. I actively try to connect my clients with each other if they're willing and have a commonality of interest.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ACTBIASCreativeEvolveISOLinuxMicrosoftNSW HealthOpen AccessOpenOfficeRTAWaugh Partners

Show Comments