02 Aug 2004
Patents pose an ever-present threat to software of all kinds, because any person that uses or distributes software that infringes a patent is liable and can have money damages and an injunction awarded against them - regardless of whether they were aware of the patent or had any intent to infringe it. As such, patents are also a risk to free and open source software.
This risk is one the free and open source community has long acknowledged. For example, the GNU General Public License ("GPL"), the most widely adopted and well known free and open source license, stated more than a decade ago that, "any free program is threatened constantly by software patents." Hewlett-Packard executives, in a 2002 internal memo recently leaked to the press, said that "Microsoft intends to sue companies shipping Free and open source products that potentially violate their patents." The community is already aware of the general threat.
What is new today is that the threat has been measured and quantified forthe first time ever in regards to a specific software program. Open Source Risk Management (OSRM) recently completed the first-ever independent evaluation of potential patent infringement by the Linux kernel. This is a review that, for valid legal reasons, Linux vendors did not have the freedom to perform (see Lemley, "Ending Patent Law's Willfulness Game," cited below). OSRM's conclusion: while patents certainly do not spell doom for royalty-free distribution of Linux; there is a level of patent infringement risk that Linux users and developers should be mindful of and prepared to address. More specifically, the study found that not a single software patent fully reviewed and validated by the courts is infringed by the Linux kernel. Yet, the study also determined that 283 software patents not yet reviewed by the courts could potentially be used to support claims of infringement against Linux. To be clear, this is not a level of potential infringement greater than that of proprietary software; comparable proprietary software faces the same level of potential infringement.
Ending the speculation around the issue by actually measuring it gives the free and open source community and Linux customers knowledge to deal with the issue proactively and on their own terms; instead of waiting for an aggressor to force the user into action on its opponent's terms. There are a range of approaches for dealing with patent risk, none of which are mutually exclusive.
Specifically, five steps that end-users and developers of Linux can take to minimize the patent threat include:
Each of the above has a complementary role to play in managing the threat patents pose to free and open source software in general, and to the Linux kernel in particular.