Can You Really Get Sued for Using Open Source?

If you’ve heard lately (via Steve Ballmer at Microsoft) that you put your company at greater risk of being sued because you are using open source software (OSS), don’t believe it.

Actually, there is, depending who you talk to, either an equal or somewhat reduced risk of liability from OSS than proprietary software. This is because OSS code is peer-reviewed by a group of proud developers who often have the ability to recognize other developers’ handiwork.

Infringement on other developers’ work is often caught by this process and the developer responsible for passing off other people’s work as their own shunned by the open source community at large, said Diane Peters, general counsel for the Open Source Development Labs.

“I think this is one area where there is actually less risk with open source, and the reason has to do with the methodology,” she said. “Developers are notorious for speaking their minds about other people’s code.”

Also, most software development is covered by copyright law, not patent law; although the functionality that software provides can be patented, the code cannot. This means that if two developers (either open- or closed-source) simultaneously come up with the same code to solve a particular problem, but have not seen each other’s work, there is no infringement and therefore no grounds for legal proceedings or damage claims.

This is an important distinction because many end users believe that because the code is open it is also open to abuse. This is not the case, since most open-source licenses (there are more than 50 of them) allow for source-code modification, and the nature of the open-source community ensures that blatant ripoffs will probably be spotted.

Also, if you (the end user) are abiding by the terms of one of these open-source licenses, then there is no danger of either copyright or patent infringement, said Jim Gatto, an intellectual-property partner in the Northern Virginia office of Pillsbury Winthrop Shaw Pittman, LLP.

“Anyone who is downloading the software and using it and abiding by the open-source license, they don’t have to worry about patent infringement,” Gatto said. “But if someone outside the (open-source) chain wants to develop their own product that has similar features, but they didn’t get the software through my chain (the open-source license chain), then I can sue them for patent infringement.”

But for end users, this can happen just as easily with proprietary code as open source, so the risk is equal no matter whose solutions you are using, said Paul Kirby, an analyst with AMR Research.

The reality, though, is that end users almost never get sued. Take the SCO v. IBM case: Everyone interviewed for this article agrees the case is going nowhere, has very little merit and has alienated SCO from the rest of the industry. The net benefit to SCO? Basically nothing.

If a software vendor like Microsoft, for example, were to try this tactic, customer backlash would probably be severe. Especially since there are now alternatives to Microsoft’s products available through — you guessed it — the open-source community (MySQL database, OpenOffice, Apache Web server, etc.), said Kirby.

“It is an academic possibility that customers may be sued — but a reputable vendor isn’t going to do that,” he said. “In practice the only case of litigation we’ve seen so far is the SCO case. I’m not an attorney, but it doesn’t seem like the SCO case is going anywhere. They have no business left. They seem like a failed vendor who resorted to litigation as a business model, which is absurd.”

There is one area where proprietary software still has open source beat, and that is the ability of enterprise customers to negotiate the terms of their licenses, said OSDL’s Peters. But this really applies only to very large customers. For most companies this is not an option and, in either the open source or proprietary case, they simply have to accept the terms of the license if they want to use a solution.

The reality is that most software companies will never sue end users over patents unless the case is strong. Patent infringement lawsuits are expensive and what the plaintiffs most often are after when suing a competitor is cross-licensing of the patents in question so they can get royalties. This is hardly a formula that would work with end users.

“I’m not aware of a single patent infringement lawsuit brought against an open source user at all,” said Pillsbury’s Gatto. “Right now it certainly is a marketing thing that Microsoft is using, and others, but Microsoft in particular, alleging that there are all these potential infringement claims (with Linux), but it’s not materializing or it hasn’t yet. I think it will not materialize to a great extent against end users. That’s one of the big myths.”