ThinkingOpen

I will be in New York on August 8th to speak on a panel at this year’s American Bar Association (ABA) Annual Meeting. The panel, titled “Life after GPLv3: New Developments in Open Source Software Licensing” is sponsored by the ABA Section of Intellectual Property Law and is being held at 2:00 PM on the 8th at the Waldorf-Astoria.

We have structured the panel as a series of brief presentations by the panelists followed by a general Q&A session on the presentations. While the title for the panel is a bit innocuous, the presentations will cover a variety of relevant open source topics, including: GPLv3 and the GPLv3 drafting process (including differences between GPLv2, GPLv3 and other open source licenses), open source patent concerns, legal strategies for using open source software in connection with proprietary software, and issues raised by open source software under the Sarbanes Oxley Act of 2002 and other corporate regulations.

My presentation will include a brief history and update on the “BusyBox lawsuits” brought over the last year by The Software Freedom Law Center (SFLC) on behalf of its clients Erik Andersen and Rob Landley (the two principal developers of the BusyBox open source utility) alleging copyright infringement based on a violation of version 2 of the GNU General Public License (GPL). I will be including information based both on my personal experience working with defendants in several of the BusyBox cases as well as discussions with others involved in the suits. Details on the panel and the other panelists are included below.

For those of you based in New York or headed to the ABA Annual Meeting, please let me know if you would be interested in getting together while I am in town.

2008 ABA Annual Meeting
Section of Intellectual Property Law

2:00 p.m. – 3:30 p.m.
CLE Program: Life after GPLv3: New Developments in Open Source Software Licensing.
co-sponsored by the Section of Science & Technology Law

The past year has seen significant legal developments concerning open source software licensing, most notably, the publication of the GPLv3 license, which is much more comprehensive than GPLv2 and attempts to address the changes in software law over the past 15 years, as well as initial efforts to enforce open source software license requirements in the courts. This panel will explore the new GPLv3 license, how it differs from GPLv2, the status of GPLv3 adoption and recent litigation concerning the enforcement of GPL and other open source license terms affecting GPLv3 or other open source license use.

Moderator
Sue Ross, Fulbright & Jaworski L.L.P., New York, NY

Speakers
Gabe Holloway, Leonard, Street and Deinard, Minneapolis, MN
Terry Ilardi, IBM Corporation, Armonk, NY
Jason Haislmaier, Holme Roberts & Owen LLP, Boulder, CO
Jim Markwith, Microsoft Corporation, Redmond, CA

Adding to the already substantial list of lawsuits filed on behalf of its clients Erik Andersen and Rob Landley (the two principal developers of the BusyBox open source utility), the The Software Freedom Law Center (SFLC) has announced today the filing of yet another suit alleging copyright infringement based on a violation of version 2 of the GNU General Public License (GPL) in connection with BusyBox.  The current suit has been filed against Ethernet solutions provider Extreme Networks.  As with the previous suits brought by Andersen and Landley (against Monsoon Multimedia, Xterasys Corporation, High-Gain Antennas, Verizon Communications, Bell Microproducts, Inc. and Super Micro Computer, Inc.) , the complaint against Extreme Networks alleges that Extreme makes and sells various products containing firmware in which BusyBox, or a modified version of BusyBox, is included.  Specifically, the complaint names the Summit X450 Series network switches as one of the offending products offered by Extreme.  According to the lawsuit, Extreme continues to distribute this product and others with firmware containing BusyBox without making the source code to BusyBox available in accordance with the terms of the GPL.   As the complaint notes, under the terms of the GPL, Extreme is obligated to provide the source code of the BusyBox software to recipients of products with firmware containing BusyBox.

According to the complaint, Extreme was first notified of the requirements of the GPL as early as July of 2006 by a “third party” who requested a copy of the Busy Box source code.  The complaint further alleges that the SFLC later contacted Extreme in February 2008 on behalf of the BusyBox developers and that the parties have had multiple interactions since that time in an attempt to settle the allegations against Extreme.  The complaint continues, however, that Extreme has failed to respond to the latest notice provided by the SFLC on June 26, thus prompting the lawsuit.  As with the complaints in previous cases, the complaint filed against Extreme  requests that an injunction be issued against the defendant and that damages and litigation costs be awarded to the plaintiffs.

The take away from this latest suit is fairly simple.  As the campaign of lawsuits brought by BusyBox continues to roll forward (and it appears safe to now call it a “campaign”), and as mentioned in connection with the previous BusyBox suits, product vendors (particularly in the wireless and terrestrial networking space) should take note of whether and to what extent the products distributed by their organizations (including products produced by third parties) contain BusyBox or other open source software.  And, as shown by the timeline in this and the other BusyBox cases, those vendors should take seriously any contact from the SFLC or other organizations inquiring about potential violations of the GPL or other open source licenses.

News out of Boston that Red Hat has settled the long-running patent infringement lawsuit filed against it by Firestar Software and a later suit filed against the company by DataTern.

Filed on June 26, 2006, the lawsuit by Massachusetts-based software vendor Firestar Software, Inc. was brought against Red Hat in connection the Hibernate 3.0 software product acquired by Red Hat through its then-recent acquisition of JBoss. In the lawsuit, Firestar alleged that JBoss and Red Hat are infringing U.S. patent number 6,101,502 (issued on August 8, 2000) through their activities relating to Hibernate. While software patent infringement lawsuits had become increasingly frequent in the world of proprietary software at the time of the lawsuit, the suit was viewed as the first of its kind relating to a widely distributed open source software product.

The specific financial and other terms of the settlement were not disclosed. However, Red Hat indicates that the settlement includes broad terms covering “all software distributed under Red Hat’s brands.”  Of particular note, the settlement also protects all “upstream predecessor versions” as well.   In addition, Red Hat indicates that the settlement protects “derivative works of, or combination products using, the covered products from any patent claim based in any respect on the covered products.” Perhaps most importantly (for shareholder of Red Hat in particular), the company indicates that the settlement is sufficient to enable RedHat (and its users) to continue to distribute its open source software products in compliance with the terms of all applicable open source licenses.

In its press release on the settlement, Red Hat indicates that the settlements leave Red Hat with one remaining patent infringement suit against it — based on a complaint filed in October 2007 by IP Innovation LLC and Technology Licensing Corp, both subsidiaries of patent troll (er, “holding company”) Acacia Media.

The Software Freedom Law Center (SFLC) has announced today that it has filed a new round of lawsuits on behalf of its clients Erik Andersen and Rob Landley (the two principal developers of the BusyBox open source utility) alleging copyright infringement based on a violation of version 2 of the GNU General Public License (GPL). The defendants in the new lawsuits are Bell Microproducts, Inc. (dba “Hammer Storage“) and Super Micro Computer, Inc., each well-established distributors of a wide range of storage and other computer hardware products and components. These two new suits bring the total of lawsuits brought by the SFLC on behalf of the BusyBox developers to six (the previous four having been filed against Monsoon Multimedia, Xterasys Corporation, High-Gain Antennas, and Verizon Communications.

The complaints against Bell Micro and Super Micro were filed on June 10, 2008 in the United States District Court for the Southern District of New York and are available online at — Erik Andersen and Rob Landley v. Bell Microproducts, Inc. d.b.a. Hammer Storage and Erik Andersen and Rob Landley v. Super Micro Computer, Inc. The complaints are similar in many respects to the complaints previously filed by filed in the Monsoon Media, Xterasys, High-Gain and Verizon suits. In each case the complaint alleges that the defendant “makes and sells various communications and hardware devices” containing firmware that contains BusyBox (either directly or in modified form). In the case of Bell Micro, the complaint specifically targets the Bell’s “MyShare HN1200 network attached storage device” and with Super Micro the complaint specifically names the “AOC-SIM1U+ IPMI 2.0 System Management Card“. Under the terms of the GPL, each complaint alleges that the defendant is obligated to provide the source code of the BusyBox software to recipients of the named products containing the firmware containing BusyBox. According to each lawsuit, Bell Micro and Super Micro continue to distribute products containing firmware containing BusyBox without source code in violation of the GPL, despite having been contacted by SFLC. Each complaints seek an injunction against each company and requests that damages and litigation costs be awarded to the plaintiffs.

It remains to be seen if the current cases will be settled out of court (as has happened in each of the prior cases brought by BusyBox to date) or continue on and become the first lawsuit alleging a violation of the GPL ever to go to trial in the U.S. Regardless, these cases signal that after a brief hiatus Eric Andersen and Rob Landley (and the SFLC) appear again to be interested in enforcing the GPL against alleged violators in court rather than pursuing out of court settlements. As mentioned in connection with the previous BusyBox suits, now is the time to take steps to identify whether and to what extent your organization is using BusyBox and other open source software and to ensure that you are in compliance with the open source software licenses applicable to that software.

What does the Sarbanes-Oxley Act of 2002 (or “SOX”) have to do with intellectual property you ask? While these two topics have historically made for strange bedfellows, the importance of managing intellectual property assets and issues surrounding those assets under Sarbanes-Oxley is increasingly becoming a potential trap for the unwary.

Passed into law in 2001 in large response to the then-recent corporate corruption and fraud scandals involving the likes of Enron, WorldCom, HealthSouth, Tyco, Adelphia and others, Sarbanes-Oxley represents one of the most sweeping changes in U.S. securities laws in the past 70 years. In the wake of these scandals, SOX attempted to bolster investor confidence by increasing transparency and accountability in financial accounting involving public companies here in the U.S. SOX has proven, however, to be much more than a law addressing financial accounting. SOX is written broadly to trigger obligations with respect to any and all assets that have a material impact on the financial condition of a public company — including IP assets.  As intellectual property assets have come to comprise an increasingly more material part of the value of most all companies (not just “technology” companies, but all companies that rely on technology to conduct their day-to-day operations), intellectual property has come to play an ever more material role in the financial condition of those companies. As a result, intellectual property assets and the management of those assets and issues relating to those assets has (and will continue) to pose an increasingly more important issue with respect to SOX compliance (notably, even as to companies for which it has not posed an issue in the past). While the issue of SOX and IP will be front and center for public companies, even private companies that plan in the future to become publicly traded or that are planning an exit by merger or acquisition with a public company, should be wary of the potential risks posed by IP under SOX.

Earlier this week I covered this topic and discussed the growing importance of the management of intellectual property assets under Sarbanes-Oxley in a presentation at the 2008 Intellectual Property Institute in Denver. I had the pleasure of sharing the stage for the presentation with Dean Salter, one of my partners at Holme Roberts & Owen and truly the “dean” of the Denver securities law community. As usual when presenting with someone of Dean’s stature, I probably ended up taking away from the presentation just about as much as I contributed. The materials from the presentation are available online if you would like to read more about this topic. We will also be giving the presentation as a webinar later this year. Stay tuned for details.