A simple way to describe free and open source software (FLOSS) is that it is software, the source code for which is made freely available to be used, copied, modified, and distributed. FLOSS is offered without requirements for royalty payments. Nonetheless, FLOSS can be used, and often is used and distributed, for commercial gain depending on the wishes of (or permissions granted by) its licensors.
Using FLOSS can be extremely cost-effective, for reasons that include:
— It is available at no charge;
–It allows individuals and companies to use pre-existing code, without needing to “re-invent the wheel,” and permits independence from one software vendor; and
–Particularly with respect to popular software tools and applications, it is constantly updated by developers worldwide and 24X7, so there is potentially a large support base from the FLOSS Community.
However, using FLOSS also has significant risks and downsides, such as:
–There is a myriad of licenses governing the different FLOSS packages; so use of each item of FLOSS code needs to be reviewed and its governing license clearly understood;
–There is very little settled case law around the interpretation and enforcement of FLOSS licenses, which often leads to “Fear, Uncertainty and Doubt” about using FLOSS;
–Some FLOSS licenses (such as the GPL) require that, upon distribution, the source code for the original code and any modifications to/ derivative works thereof, be made available. Thus, there is a risk that any software products that incorporate or use such “copylefted” code must be made available in source code form; and
–FLOSS is made available via the internet, so engineers and others can download it freely with no prior legal or management review of the inbound code or license.
At Matau Legal, we have been working with FLOSS since the late 1990’s, making us an “early adopter” of FLOSS in the legal community. We have broad experience providing advice on the use of FLOSS in commercial products, advising non-profit FLOSS projects about their licensing practices, conducting FLOSS license compliance reviews, developing FLOSS compliance policies and practices, and assisting with remediation plans where there is a risk of non-compliance.