Open Source Software Licenses
There are dozens of Open Source Licenses which comply with the Open Source Initiative approval process and Open Source Definition. There are even more open source licenses which do not. As you might expect, each of the licenses possess its own peculiar terms, stipulations, provisions, constraints, liabilities and other self declared conditions. Due to their uniqueness and potential for liability, careful examination by trained legal council is a must to avoid possible license violations and legal challenges.
Below are the more common (and trusted) open source licensing types.
GNU Public License (GPL)
This common license states that the code may be used for any purpose, including being sold for profit. However, if any portion of the code is copied for inclusion in new software, the resulting code must acknowledge that it contains GPL-licensed code and the new software must be freely distributed.
Lesser GPL (LGPL)
LGPL is a modified form of the GPL license that is often used by software developers to ensure library compatibility with proprietary software. The LGPL allows closed source code to link with LGPL licensed libraries without requiring the resulting code to be publicly distributed.
Unfortunately, nearly all customer relationship management software and enterprise resource planning software projects choose not to use one of the more universally accepted open source licenses and instead opt for their own self created licenses which grant themselves favored status and impose unnecessary due diligence, confusion and risk on would-be end users.
Open Source Indemnification
As open source continues its journey into the enterprise, the concern that a company may risk lawsuits for using applications that infringe on copyrights, patents or other intellectual property (IP) protections has gained wide spread attention ever since SCO filed litigation against Linux end user companies and other much larger companies such as Microsoft have gone on the public record with claims of dozens of patent violations.
The potential threat of end-user IP infringement lawsuits exists for both commercial and open source software. However, as most open source projects receive code contributions from a high number of virtual and unvetted contributors and as most open source licensors explicitly disclaim liability for these types of legal infringements (not to mention most open source companies don't have the legal or financial resources to withstand or pay on lawsuit judgments), open source software bears much higher legal risk for end users than commercial software applications.
Within the customer relationship management software and enterprise resource planning software markets, almost all open source business software makers fail to provide end users meaningful indemnification or any reasonable intellectual property protection. As most enterprises will not put themselves at legal risk for unintended IP infringements, the lack of both full scale end user indemnification and adoption of recognized open source license agreements (as opposed to their self crafted, one-off open source agreements) will continue to prevent open source business software adoption, success and growth above the small business market segment.
On May 14, 2007, Microsoft effectively granted notice to open source customers that they are illegally using open source software systems which violate Microsoft patents. More specifically, Microsoft alleges that the Linux kernel violates 42 of its patents, the Linux GUIs violate 65 patents, the OpenOffice suite violates 45 patents and various other free and open source programs violate 68 other patents.
Advocates on both sides of the open source debate defended their positions with near equal vigor and support - suggesting the debate will likely only be decided by the legal system. Microsoft has yet to specifically state its intellectual property intentions. According to a Microsoft spokesperson, "The company's longstanding preference is to license rather than litigate." While Microsoft's allegations, threats and enforcement actions are unclear, they nonetheless provoke uncertainty and caution in the minds of buyers and corporate IT professionals wanting to stay clear of IP legal claims.