Handling Open Source Software Legal Risks

From DennisKennedy.blog:

"The following ten tips are intended to help you deal with some of the big legal and practical issues. They are, of course, not intended to cover all issues, but they will give you a good checklist to help guide your discussion and make good decisions.

1. Understand the Different Approaches That the Open Source Licenses Take. It is important not to think about the Open Source licenses in monolithic terms.

2. Pay Special Attention to the General Public License. If you choose only one thing to have policies about and require special review of, it should be the General Public License.

3. Remember the Source Code. In simplest terms, the biggest difference between Open Source software and commercial software relates to the source code of the program.

4. Make Reasonable Comparisons with Commercial Software. It's easy to find frantic concerns about Open Source software over reasons that apply just as easily to commercial software.

5. Think in Terms of Choosing, Rather Than Negotiating, Open Source Licenses. As frustrating as it can be to lawyers, the best approach is to evaluate the available choices and weigh the consequences, not to think in terms of ways to tinker with or improve the terms of agreements.

6. Do Not Confuse Open Source with Public Domain. Make no mistake – Open Source software is real intellectual property that is governed by a real license that puts limits on your rights and imposes certain obligations.

7. Inventory and Assess What You May Already Be Using. It has become very important for both business decision-makers and lawyers to have a good understanding of the technology issues, including what the software does and the alternatives available.

8. Open Source Use Requires Open Source Training. Knowing the right questions to ask is half the battle, but IT staff, contract negotiators and legal personnel, including outside lawyers, must be trained on the legal issues involved with Open Source as well as on the policies and procedures that you decide to take.

9. Reasonable Policies and Procedures Are Not Optional. Many business people believe that if you give a lawyer a look at a business process and he or she will find the need for a written policy. However, a reasonable, evolving set of policies and procedures crafted to fit the business needs and corporate risk comfort level of your company will invariably be the best approach to take.

10. Treat Open Source Policy as a Team Game. If the lawyer only looks at the legal issues and the CIO looks only at the IT issues, you increase the likelihood of finger-pointing when an unexpected, but quite predictable, bad result occurs."