"Open Source Legal Update: 2012 at Open Source Think Tank Napa"
Open Source Think Tank 2012: Legal Update Mark Radcliffe, Partner DLA Piper, Silicon Valley Office firstname.lastname@example.org www.lawandlifesiliconvalley.com/blog Global Platform Largest law firm in the world with 4,200 lawyers in 30 countries and 76 offices throughout Asia, Europe, the Middle East and the US 1st in M&A deal volume globally Ranked #1 among the world’s leading global law firms 1st in Venture Capital and Private Equity deal volume Ranked in the top 5 for US IPOs by US Issuer Adviser More than 550 DLA Piper lawyers ranked as leaders in their fields 2 Global IP and Technology Practice More than 400 IP and Technology lawyers – 56 offices in 24 countries Highly-ranked, full service, global IP practice Litigation, prosecution and transactions Patent, trademark, copyright, trade secrets, domain name, Internet, anti- counterfeiting, anti-piracy, privacy Acquisition, development, licensing, enforcement, technology transfer Global patent litigation and patent enforcement United States Netherlands Australia Germany Italy UK Asia Full service law firm advantage – benefit from cross-practice knowledge base Regulatory and government affairs, litigation, antitrust, etc. 3 2012: OSS Has Arrived Red Hat announces $1.13 Billion year from “free” software Jim Whitehurst: “The strength of our fourth quarter was a fitting conclusion to a remarkably strong year for our business. Our investments to expand our geographic sales footprint and add sales people with targeted industry and product knowledge has accelerated our growth,” stated Jim Whitehurst, President and Chief Executive Officer of Red Hat. “Red Hat is the first pure-play, open source company, and one of only a select few software companies, to have achieved the billion dollar revenue milestone. The open source technologies which we provide are being selected by more customers every day as they re-architect the infrastructure of their data centers for greater efficiency, agility and cloud enablement.” 4 2012: The Future is OSS Corporate use of OSS as a strategy Collaboration: Learning New Rules Major potential legal shift Copyright Protection of API (Oracle v. Google) Cloud standard wars Patent wars OSS Management Demands becoming ubiquitous New tools SPDX Project Harmony 5 2012: Year of Corporate Engagement OSS as Critical Part of Innovation Strategy Hewlett Packard: WebOS Genivi Yahoo: Hadoop (Hortonworks) Rackspace/NASA: OpenStack Foundation NYSE: OpenMAMA Microsoft Reorganization (effect uncertain): The (Open Technologies) subsidiary provides a new way of engaging in a more clearly defined manner. This new structure will help facilitate the interaction between Microsoft's proprietary development processes and the company's open innovation efforts and relationships with open source and open standards communities. 6 Business Imperatives to Survive and Thrive: Collaboration HBR: Innovation through Global Collaboration: A New Source of Competitive Advantage (2007) Complexity of products, so one firm cannot master all of the skills Growth of skilled labor in developing countries Emergence of unique skills and capabilities in other regions Cost of coordination of distributed work has gone down due to open architectures and technology In sum, collaboration is no longer a “nice to have.” It is a competitive necessity. 7 Goverance: Critical Decision Points What do you make open Goals Differentiation Community Strategy Entire project: Yahoo (Hadoop), NYSE (OpenMAMA) Gradual: NetFlix Project Characteristics Community Ensuring “fairness” for various constituencies Corporate governance Linux Foundation/Apache Separate foundation Manage internally 8 Strategic Challenge: IP & Collaboration IP is valuable $1.1 Billion sale of patents by AOL to Microsoft $4.5 Billion sale of Nortel patents $40 Million sale of Friendster patents Corporate attitude IP is valuable, we need to own it If we pay for it, we own it Collaboration requires “sharing” and ownership shifts Ownership of platform IP (what is platform, what is app?) Use of technical solutions: API/technical design Linux example: Linux: 10,000 contributors and 70% of contributions from large companies such as IBM, Intel, SGI, MIPS, Freescale, HP and more than 500 other companies Critical Lesson: Need to learn a new IP strategy for collaboration 9 IP & Collaboration: Companies need to Rethink their IP Strategy 10 OSS Goverance: OpenStack Foundation Model Project management: Project Technical Lead Project Planning Board Advisory Board 11 OpenStack Foundation Goals Make OpenStack the ubiquitous cloud operating system Deliver high quality software releases that companies can rely on to run their business Ensure interoperability among OpenStack clouds Nurture a healthy community, with broad participation and a sharp focus on the OpenStack Mission Grow the ecosystem around OpenStack to strengthen the platform and provide opportunity Build and protect the OpenStack brand to the benefit of the community's participants 12 OpenStack Foundation Responsibilities One of the Foundation's main purposes is to empower and coordinate the resources of the community effectively, providing leadership in key areas that are required to fulfill OpenStack's mission: Development process and release management Developer, user and ecosystem community management Meet the needs of real world users by producing great software, and fostering their involvement in the community to provide feedback and direction Brand management (PR & marketing, trademark policy) Event management (Twice-annual Summit & Conference, meetups etc) Legal affairs (CLA process and docs, trademark defense) 13 OpenStack Foundation: Public Policy Board Definition and ownership of the OpenStack mission and vision. Coordination and alignment across OpenStack projects and community driven requirements. Managing the process for adding additional projects both to the incubation program and to the core set of projects, assuring compatibility with OpenStack's mission. Ensuring inter-project architectural consistency and coherent API definition. Establishing policies to maximize efficiency across projects and assuring compatibility across projects. Board All PTL Five elected members Four appointed members (Rackspace) 14 OpenStack Foundation: Project Management "Each project community should be self-managing by the contributors, and all disputes should be resolved through active debate and discussion by the community itself." Led by Project Technical Lead (PTL) Elected every six months. Nominations/elections Nomination: 5 weeks prior to design summit Election: 4 weeks prior to each design summit Elections held open for no less than three days 15 Advisory Board Goals Provide guidance on the OpenStack mission Provide guidance on the OpenStack governance structure Provide guidance on the OpenStack brand usage guidelines Provide guidance on increasing OpenStack adoption Evangelize on behalf of OpenStack 16 2011 Legal Developments New Version of MPL Patent provisions (Apache) Termination (GPLv3) New approach to license incompatability Android litigation continues Google buys Motorola Mobility Oracle v. Google Remedy changes: loss of automatic injunction for copyright infringement (Perfect 10 v. Google) : We therefore conclude that the propriety of injunctive relief in cases arising under the Copyright Act must be evaluated on a case-by-case basis in accord with traditional equitable principles and without the aid of presumptions or a “thumb on the scale” in favor of issuing such relief. 17 Navigating the New World of OSS: The Future is Foggy 18 Oracle v. Google Copyrightability of APIs Conceptually, an API is what allows software programs to communicate with one another. It is a set of definitions governing how the services of a particular program can be called upon, including what types of input the program must be given and what kind of output will be returned. APIs make it possible for programs (and programmers) to use the services of a given program without knowing how the service is performed. APIs also insulate programs from one another, making it possible to change the way a given program performs a service without disrupting other programs that use the service. Potential for major change in scope of “derivative work” under GPL licenses Potential for API Wars 19 Cloud Standard Wars (next year, API Wars?) Open Stack Cloud Stack OpenNebula (Europe) Amazon/Eucalyptus Companies to watch VMware Red Hat Nimbula, Nebula, Piston, Cloudscaling, Morphlabs 20 Patent Wars 21 Patent Wars: Shareholder Pressure Carl Icahn to Motorola Mobility (July 21, 2011) “patent portfolio, which is substantially larger than Nortel Networks’ and includes numerous patents concerning 4G technologies, has significant value … There may be multiple ways to realize such value given the current heightened market demand for intellectual property in the mobile telecommunications industry.” Starboard Value LP to AOL (Feb 24, 2012): “(i) a significant number of large internet-related technology companies may be infringing on these patents, and (ii) AOL's patent portfolio could produce in excess of $1 billion of licensing income if appropriately harvested and monetized. Unfortunately, several of these parties have expressed severe frustration that AOL has been entirely unresponsive to their proposals regarding ways to take advantage of this underutilized asset” 22 Patent Wars Android patent wars continue Microsoft has licensed its patents to device manufacturers who make 70% of Android phones Possible settlement by Apple Steve Jobs: "I'm going to destroy Android, because it's a stolen product. I'm willing to go thermonuclear war on this.” Cost $400M (Professor Lemley, Stanford) March 2012 (Bloomberg): People familiar with the situation, however, note that top-level executives at both Apple and Samsung have communicated lately about potential settlement options. Apple CEO Tim Cook does not seem to share his predecessor's passion about laying all foes to waste. Cook appears to view litigation as a necessary evil, not a vehicle of cosmic revenge. Companies Reloading with More Ammunition Google: Motorola Microsoft: AOL 23 Patent War Lessons OS Projects and Companies Need a Patent Protection Strategy Moral objections will not help if you get sued Cold War: need to get armed Android History On launch, Google had 600 patents (few or none in mobile) Motorola Purchase: $12.5 Billion Learning from Android: Facebook Buying patents from IBM, Friendster & others Yahoo litigation: Facebook counterclaim used 75% purchased patents New Strategy: File early, but look to buy 24 OSS Policy OSS is everywhere Buyers are demanding to know Venture capitalists are demanding as part of financing due diligence Acquiring companies are demanding Industry initiatives SPDX Project Harmony 25 Overview of Open Source Policy Cross Functional Team Product Planning/Management Legal, Security & Export Compliance (including encryption) Engineering Integrated Processes Component Evaluation, Selection and Management Community interaction and contribution Management License Management Release Management Release Planning Release Delivery Security Review Export Compliance Review 26 Best Practices: Strategy Systemic Baked in to the culture & workflow Event Driven Component approval request Planning a release Accepting a code drop from a vendor/outsourcer Performing a build Creating a release Embrace Supply Chain Techniques ERP systems brought together different users and processes Workflow automates task creation Notifications Process Monitoring Central repositories of data Business Process Integration is the key 27 Best Practices: Structure Define criteria for approved software Licenses Use (internal/product/website) Sources Support Other Define criteria for unapproved software ? Consider use cases: internal use, hosted applications, distributed software Consider scope of application: internal development, independent contractor, outsource vendors, M&A Define conditions for participating in the Open Source Software communities Employee Education No compliance without education 28 Best Practices: Coverage Define how development teams and other functions Search, select, approve, track, validate, track & monitor Inbound approval processes Code from internal teams, external sources Outbound compliance processes Distributed code Create a baseline of your code Prioritize Perform code analysis Plan remediation Document the origins of the code base Determine all components and licenses in use Verify usage is approved Create a catalogue of approved components and licenses Validation processes 29 Common Mistakes in OSS Policies Legalese: make it understandable General policy intended for certain products/business model/groups Failure to cover all sources of software Consultants and contractors M&A Third party licensors Policy too strict or impractical, so VOA: Violated on Arrival Does not allow for edge cases Does not provide for modification to meet changes Business model Product lines Development approaches Lack of continuous education and management attention 30 Summary We won, but new issues arise Governance is a critical new issue Change IP strategy for collaborations Watch the Google case Arm yourself for the patent wars (prosecute and consider buying patents) Management of OSS evolving (new tools, such as SPDX) 31