Two Legal Cases to Define Open Source Regulation

How 2 legal cases may decide the future of Open Source software (CIO, 6 March 2015) – The days of open source software free lunches are rapidly coming to an end, and that means enterprises that fail to stick to the terms of open source licenses can expect to be sued. That’s the stark warning from Mark Radcliffe, a licensing expert and partner at law firm DLA Piper. “We are entering a different era for open source, shifting from a special universe where people were cooperative and collaborative to a more hard-nosed commercial one,” he explains. “Now people are applying the same criteria for the enforcement of their open source software rights as for proprietary software, and looking at how they can use them strategically in their business.” Radcliffe says this shift is only just beginning, but for evidence he points to the case of Versata v. Ameriprise. In summary, Versata’s proprietary software product, Distribution Channel Management (DCM), used an open source XML parsing utility that was licensed under GPLv2 from a company called XimpleWare. (XimpleWare also offers its utility with a commercial license to companies that don’t want to be subject to an open source license, but Versata did not use that commercial license.) The problem came when Versata licensed its DCM software to financial services company Ameriprise, and subsequently sued Ameriprise for allowing a subcontractor to decompile Versata’s software—a move Versata contended was a breach of license. Ameriprise then countersued. Because Versata’s software included open source software licensed under the GPLv2 and was a derivative work, Ameriprise alleged, the whole of Versata’s DCM product came under the GPLv2 license, and therefore Ameriprise or its subcontractor could decompile and modify the software at will. It turns out that the text of the GPLv2 license, the required copyright notices and a copy of the source code—all of which should normally be included with GPLv2 software—had been stripped out of the open source portion of DCM somewhere along the line, Radcliffe says. It is not clear who did it or why, or whether it was done inadvertently. “The point is that Versata did not appear to have a process for managing open source software. They ignored it, and their contracts were not set up for it,” he says. Radcliffe recommends that companies have an internal process for managing open source software—not just from internal developers, but also from software that comes with acquisitions or from consultants.


Provided by MIRLN.

Image courtesy of