Leveraging Open Source Code in Your Software 

A Guide to Managing Legal Risks

Open source code offers pre-written, readily available libraries that accelerate development cycles and enhance functionality. 

However, for companies, incorporating open source code can be a double-edged sword. Popular open source licenses like GNU, MIT, and Apache may have vastly different terms. Some 'copyleft' licenses (also known as viral licenses) may even place restrictive conditions on software built using code or libraries covered by these licenses that require them to also be released under the same license.

While open source code fuels progress, neglecting proper management can expose you to substantial legal, reputational and financial risks.

The Peril of Unmanaged Open Source

The core problem here lies in developers unknowingly integrating open source libraries without fully grasping the associated licenses.  

This isn't just a hypothetical situation. It is a real problem with real consequences. 

Linksys, a manufacturer of networking equipment, included BusyBox in their routers. BusyBox is a software suite that provides essential tools for embedded systems like routers, typically operating on a stripped-down version of the Linux operating system.  These tools allow for functions like configuration, network management, and basic file manipulation.  

When software developers at Linksys included BusyBox in their routers, they unknowingly (or perhaps willfully) violated the terms of the GNU General Public License (GPL) under which BusyBox is distributed. 

The GPL is a copyleft or viral open-source license, meaning that any software that incorporates GPL licensed code must itself be open-source and adhere to the GPL's terms.  

Linksys failed to comply with the GPL in two key ways. 

This violation resulted in negative publicity for Linksys and created challenges for developers in the router enthusiast community who wanted to modify and improve the firmware on their Linksys routers. However, things could have been much worse. It is not inconceivable that a court could have imposed penalties on the company and forced it to release its entire router software under the GNU GPL. 

The open source opportunity: A responsible approach

The good news is that open source doesn't have to be a liability.  

A vast array of open-source libraries exist under permissive licenses like MIT, Apache, or BSD. These licenses grant companies much greater flexibility in incorporating the code into their projects, often with minimal requirements like including a copy of the license and attributing copyrights.

To navigate the open-source landscape safely and reap its benefits,  companies should establish a well-defined Intellectual Property (IP) Rights Plan. This plan serves as a roadmap for developers, ensuring they:

Open source, open for business

By implementing a well-structured IP Rights Plan, companies can leverage the power of open-source code with confidence.  

Understanding and adhering to license terms fosters responsible use, mitigates legal risks, and unlocks the true potential of open source collaboration. Remember, a little planning goes a long way in ensuring your innovative projects leverage the best of open source, while safeguarding your company's intellectual property.