Open-Source Risk Considered
Black Duck Software's customers, who number about 70, are interested in planning for software combinations, analyzing code for compliance, dealing with issues when they arise and documenting code to show contributions, rights and responsibilities.
Several recent software and service offerings indicate there is a market for users of open-source software worried about the intellectual property and related legal repercussions of that use, but how big of an issue, and how big of of a market, is it?
Legal observers and those who provide the services said it is a growing market borne out of the recent use of open-source software, which is neither licensed the same, nor developed and transferred the same as with the historical, proprietary software model.
"What's happened is engineers and developers simply started using open source because they felt it was better than the alternative," Open Source Risk Management (OSRM) CEO Daniel Egger told LinuxInsider. "They did not get corporate buy-in. They just did it and ran ahead of what the corporate types approved of. Now they're filling in and providing the same kind of policies for using open source after the fact, after the open-source software is already in use."
Open Software, Proprietary Customers
Egger, whose company recently announced open-source compliance insurance, explained that the primary market for such services is actually in companies distributing proprietary software.
"They're the ones with the most at stake," he said. "If you're in trouble with open-source developers, it can be bad publicity and it can be painful, regardless of whether the monetary amounts aren't that much."
Egger said the increased interest in knowing the origin, requirements and responsibilities of software code comes as more proprietary software companies use open-source software components.
"It's almost universal now," he said.
Egger also said he expects the market for open-source licensing assessment tools and services to continue to expand.
"I think this will grow because large, corporate infrastructures also have issues with open source," he said.
Egger said it makes sense that companies are concerned about the implications of their open-source software use or distribution, particularly companies that are going into transactions, which is also on the rise.
"They need to have a clean bill of health, because they have to commit to it in writing," he said.
Egger also stressed the global nature of the new market, pointing out that, although there is a perception that copyright is mostly a U.S. issue, two major GPL open-source license enforcements came out of Germany recently.
"The reality is there is a worldwide market and worldwide enforcement of licenses," he said.
New Need For Assurance
Phil Albert, an intellectual property attorney and partner with Townsend and Townsend and Crew, said there is a need for something to offset the potential risks of open-source software use.
"It would be foolhardy for a company to just ignore where their software came from," he told LinuxInsider.
The attorney, who said the software and services from OSRM and Black Duck are indicative of a market, noted that open-source software has become a much bigger deal for the technology industry.
Albert said the historical model of buying software from proprietary vendors and relying on their assurances about liability no longer applies. However, he added, it remains to be seen what business model turns out to be the most practical in terms of addressing the risk.
Know Your IP Rights
Black Duck Software President and CEO Doug Levin, whose company recently offered use of its protexIP compliance assessment service free of charge until 2006, told LinuxInsider that the demand for such software and services is also coming from companies interested in their own IP rights.
"It's really related to companies discovering they have a software asset and wanting to know the origins of the software," he said.
Levin said Black Duck Software's customers, who number about 70, are interested in planning for software combinations, analyzing code for compliance, dealing with issues when they arise and documenting code to show contributions, rights and responsibilities.
Referring to a number of other attorneys, consultants, software companies and others in the space, Levin said he expects the market to be worth US$500 million within four to five years, particularly with more open-source software use growing beyond its early inroads.
"What [companies] are doing is substantially increasing and expanding their use of open-source software higher in the stack," he said. "There's more vertical interest, as well as more specialized interest."