Setting Your Code Free (Without Scaring the Lawyers): Licensing & IP Considerations When Doing Code Releases and Contributions
Download as PPTX, PDF0 likes280 views
This document discusses how companies can contribute code to open source projects while managing legal risks. It outlines the stages a company may go through with open source from initial use to contributing code. Key considerations for companies include intellectual property ownership, ensuring contributions are properly licensed, and choosing an open source license that aligns with business goals. The document provides checklists for companies to review open source contributions and properly prepare code releases.
Setting Your Code Free (Without Scaring the Lawyers): Licensing & IP Considerations When Doing Code Releases and Contributions
- 1. Setting Your Code Free (Without Scaring the Lawyers) Heather Meeker All Things Open 3:15, October, 20, 2015
- 2. The Open Source Corporate Lifecycle • Early Days – Using third party open source software – Compliance policies, audits and due diligence • Teenage Period – Making your first contributions to open source projects • Wisdom – Setting your code free
- 3. Why Does my Company Care?
- 4. Name and Reputation • Whose name will be on the contribution – yours or your company’s? • Does your company want recognition for funding your activities? • Does your company want to influence the path of the project?
- 5. • Inadvertent licensing of IP rights • effect on patent enforcement – Effect of royalty-free licenses Intellectual Property “Leakage”
- 6. Who owns the code? • Your company owns copyrightable works you create in the course of employment (“work made for hire” doctrine) • Your company probably owns patentable inventions you create (via an employee invention assignment agreement) • Works or inventions created on your own time may not be included, but “on your own time” may be a hazier concept than you think
- 7. Setting Your Code Free • Why? – Engineer recruitment and retention – Influence infrastructure development – Leverage community maintenance – Corporate citizenship
- 9. Company Policy for Open Source Contributions • Business Review: – Does the contribution further the interests of the company? – If not, does it further the interests of the individual employee, and is the company neutral?
- 10. Company Policy for Open Source Contributions • IP Review: – Is the copyright valuable for proprietary licensing? (If so, don’t contribute) – Is the company seeking patent protection on an invention embodied by the contribution? (If so, don’t contribute, or stop writing the patent) – Is the contribution a trade secret? (Don’t be silly!)
- 11. Contributions and Licensing • What license governs your contribution? • Contribution License Agreements (next slide) • If there is no “contribution” agreement, it is the outbound license. (e.g. contributions to a GPL project will be contributed under GPL) – “Rights In = Rights Out”
- 12. Contribution Agreements • Apache CLA is most common • Some contribution agreements require an assignment of rights • Almost all contribution agreements have patent licenses in them • Determining the effect on company patents will be the biggest issue
- 13. Checklist for Contributions Eliminate third party code Eliminate employee names, personal information Eliminate inappropriate comments Remove unused code Apply copyright notice
- 14. Releases
- 15. What License? • This is not the right question • You have over 60 choices, none of which your IP lawyers will like • Only about 6 are realistic choices • You should instead focus on your goals
- 16. Two Axes Copyleft Permissive Patent Grant No Patent Grant GPL3, LGPL3, Eclipse, Mozilla GPL2, LGPL2.1 Apache 2.0 BSD, MIT
- 17. Question 1 • Do you want maximum adoption, or do you want to restrict use in proprietary products? – If you want maximum adoption, you want to use a permissive license – If you want anything else, you should use a copyleft license – You can always go from less permissive to more, but not the other way
- 18. Question 2 • Do you care about limited patent grants? – If you have no patents, and will never have any, then you are probably not a technology company, and you should choose BSD/MIT or GPL2/LGPL2.1 – If you have patents, but will never have any covering the code, you should choose BSD/MIT or GPL2/LGPL2.1 – If you have patents, and are very concerned about licensing them for money, and they read on the code, DON’T RELEASE THE CODE UNDER AN OPEN SOURCE LICENSE – If you have patents, but they don’t read on the code, use a license with a patent grant, like Apache 2.0, MPL 2.0, or GPL/LGPL3
- 19. Checklist for Releases Pick a name that does not include company trademarks Make sure you have the people and resources to steward the project Set up repository (e.g. GITHUB) Apply license notices Analyze export restrictions
- 20. My new book: “Open Source for Business” Available on Amazon.com, in paper and Kindle formats.
- 21. THANK YOU! Heather Meeker, O’Melveny & Myers, Silicon Valley Office, [email protected]