Open Source Risk Management (OSRM) Position Paper on Mitigating Linux Patent Risk (link)

August 3, 2004

02 Aug 2004

Full text

Patents pose an ever-present threat to software of all kinds, because any person that uses or distributes software that infringes a patent is liable and can have money damages and an injunction awarded against them - regardless of whether they were aware of the patent or had any intent to infringe it. As such, patents are also a risk to free and open source software.

This risk is one the free and open source community has long acknowledged. For example, the GNU General Public License ("GPL"), the most widely adopted and well known free and open source license, stated more than a decade ago that, "any free program is threatened constantly by software patents." Hewlett-Packard executives, in a 2002 internal memo recently leaked to the press, said that "Microsoft intends to sue companies shipping Free and open source products that potentially violate their patents." The community is already aware of the general threat.

What is new today is that the threat has been measured and quantified forthe first time ever in regards to a specific software program. Open Source Risk Management (OSRM) recently completed the first-ever independent evaluation of potential patent infringement by the Linux kernel. This is a review that, for valid legal reasons, Linux vendors did not have the freedom to perform (see Lemley, "Ending Patent Law's Willfulness Game," cited below). OSRM's conclusion: while patents certainly do not spell doom for royalty-free distribution of Linux; there is a level of patent infringement risk that Linux users and developers should be mindful of and prepared to address. More specifically, the study found that not a single software patent fully reviewed and validated by the courts is infringed by the Linux kernel. Yet, the study also determined that 283 software patents not yet reviewed by the courts could potentially be used to support claims of infringement against Linux. To be clear, this is not a level of potential infringement greater than that of proprietary software; comparable proprietary software faces the same level of potential infringement.

Ending the speculation around the issue by actually measuring it gives the free and open source community and Linux customers knowledge to deal with the issue proactively and on their own terms; instead of waiting for an aggressor to force the user into action on its opponent's terms. There are a range of approaches for dealing with patent risk, none of which are mutually exclusive.

Specifically, five steps that end-users and developers of Linux can take to minimize the patent threat include:

  • supporting structural reform of the patent system;
  • recognizing that patent disputes can and will be resolved in ways that comply with the letter and spirit of free and open source licensing;
  • contributing to historical databases of previously inaccessible prior art to help prove non-inventive patents invalid;
  • being prepared to "design around" patents when necessary; and
  • obtaining patent infringement defense insurance.
  • Each of the above has a complementary role to play in managing the threat patents pose to free and open source software in general, and to the Linux kernel in particular.


    Full text

    Open Source Risk Management -- OSRM

    Please login or register to read this article

    Register to continue

    Get a month's unlimited access to THE content online. Just register and complete your career summary.

    Registration is free and only takes a moment. Once registered you can read a total of 3 articles each month, plus:

    • Sign up for the editor's highlights
    • Receive World University Rankings news first
    • Get job alerts, shortlist jobs and save job searches
    • Participate in reader discussions and post comments

    Have your say

    Log in or register to post comments