Link This |
Email this |
Blog This |
Comments (3)
What precautions should I take if I decide to use open source software?
March 22, 2007
In our last post, we explained a few things about open source software. If you decide to download and use open source software, or if you are already using it, there are some precautions that you should consider taking.
First, keep in mind that while most open source software is free to download and use, there are often other costs associated with using it, including time and effort devoted to research, obtaining support, and possibly, obtaining appropriate legal advice. These costs should be included in the assessment of whether free, open source software is a better deal at the end of the day than commercial, proprietary software.
Second, remember that even if open source software is free to download and use (and most of it is), it is still distributed subject to a license. Just the same as with commercial programs that you purchase, you should keep copies of relevant documents for open source programs. That includes information on the version of the program that you downloaded, the license that accompanied that version of the downloaded program, and the location from which the program was downloaded.
Third, familiarize yourself with the provisions of the license that accompanies the software. Just what "familiarizing" yourself should entail depends upon your level of confidence and experience in evaluating such material and the level of investment that you will be making in the program. Downloading and using the Mozilla Firefox browser for casual use shouldn’t require deep thinking. But if you wish to widely deploy open source software for mission-critical functions in your business, consulting an attorney to assist you in understanding the limitations of the relevant open source license is a wise investment.
In particular, any use of open source software that involves modifying the program source code requires careful consideration. While most open source software licenses impose no significant limitations on use of the licensed program in unmodified form, the opposite is true if you modify the program; the most widely used open source license places significant limitations on the distribution of any modifications of a license program.
Fourth, be cautious in downloading open source programs from sources that you aren’t familiar with, or that aren’t well-recognized sources. Because open source software is free, and others are free to distribute it (provided certain rules are followed), almost any Web site can make open source software available. It is possible for open source software to be modified to include unwanted, security-compromising features, or bundled with malicious software (a/k/a "malware"), so obtaining it from a trusted source is important.
Fifth, consider that your business may already be using open source software without your knowledge. Because open source software is free and readily downloadable, it shouldn’t be a surprise if your employees or your IT department have taken advantage of its easy availability. It’s a good idea to inquire, and document any existing use of open source software that you find. It’s also advisable to have a technology use policy that requires, at a minimum, that employees get permission before downloading and using open source software. (In a future post, we will take up the subject of technology use policies, why you should probably have one, and the basics of what it should contain.)
If you happen to be a technology company that produces commercial, proprietary software, performing an audit to determine how open source software is being used in your shop is a critical precaution. In particular, if you determine that open source code has been incorporated into a proprietary, commercial product that has been or is being distributed, consultation with an attorney experienced in dealing with open source licensing issues should be undertaken immediately.
The posts on this blog reflect the personal views of Jeffrey D. Neuburger, in his individual capacity, and do not necessarily represent the views of his law firm or his clients, and are not sponsored or endorsed by them. The information contained in this blog is provided only as general information for educational purposes, and no warranty or representation is made about the accuracy of the information provided. Blog topics may or may not be updated subsequent to their initial posting. This information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice. This blog should not be used as a substitute for competent legal advice from a licensed attorney in your state.
Posted by Jeff Neuburger on March 22, 2007 | Comments (3)
