9 open source license best practices
9 open source license management rules for startups
Open source software is free like a puppy is free. Make sure you know the hidden costs and pitfalls before you adopt.
Open source software can be a double-edged sword for startups. It can be a startup's lifeblood, because it helps you innovate rapidly without starting from scratch. But, as they say, open source software is free like a puppy is free: The true cost of open source software is obeying open source licenses.
Misuse of open source software can delay or derail investment and corporate exit opportunities. But you can easily comply with open source licenses if you follow these simple rules.
- Don't use software without license terms. Some software on the internet doesn't contain licensing notices, but that doesn't mean that it can be used freely. The people posting the software may not have complied with upstream licensing terms. Or the author of the software may not yet have applied a license to the software—open source or otherwise. "No license terms" means no license: You should either avoid using the software or ask the author to apply a permissive license.
- Don't violate open source licenses. Open source software use may be difficult for a software owner to track, but that does not mean use and noncompliance go unnoticed. Violating open source licenses can expose a startup to legal liability and public embarrassment, and can even compromise investments or acquisitions. It can also cause potential customers to refuse to buy your products out of fear of downstream liability. Developers have taken great effort to make their software open source—including foregoing licensing fees. Misuse of the software is unfair to those developers and harms the innovation they hoped to facilitate.
- Keep track of what software you are using. Someday you will have to provide a list of the open source software you are using. Potential investors and acquirers will ask for the list, and maintaining an up-to-date list will save you considerable time and effort when that request comes. Most open source software downloads include a "license.txt" or "copying.txt" file. Keep a copy of that license and note what software it covers. Most startups track licensed software in a simple spreadsheet.
- Understand permissive and copyleft licenses. Open source licenses fall broadly into two types: permissive (BSD, MIT, and Apache) and copyleft (GPL, LGPL, Eclipse Public License, Mozilla Public License, and Common Development and Distribution License). Most companies—and their customers—have no legal concerns over using software under permissive licenses. Complying with copyleft licenses takes more care, however, and may be inconsistent with certain plans for keeping software proprietary.
- Comply with notice requirements. Whether permissive or copyleft, all open source licenses have notice requirements. Typically, this means you need to include a copy of the applicable license when distributing open source software. It's generally not sufficient to merely include a link to or short form of the license. It's important to develop a license notice delivery strategy that complies with most open source licenses without confusing or alienating your customers.
- Do not contribute to or release open source software before consulting an attorney. Contributing to and releasing open source software can be a boon for the public, but it may not be the right choice for your business. Once you make a contribution or release, any intellectual property rights you had in the software will be unlikely to form the basis for valuation of your company. Your lawyer can help you understand your choices between degrees of proprietary and open source software and guide this important business decision.
- Ensure your employees and third-party developers follow these rules. Whether an open source violation is caused by your employee or a third-party contractor, the resulting legal and publicity issues will fall in your lap. You can avoid these issues through proper training and tracking of open source software.
- Plan for the future. Startup business models can change rapidly, and a SaaS model can quickly become a distributed software model. Following the rules for distributed software, regardless of your current model, can provide flexibility for shifting to a distributed software model without having to remove certain open source software and change associated functionalities.
Adopting these rules will help you leverage the benefits of open source software while limiting the risk to your startup's viability for investments and acquisitions. Third parties interested in your startup will want to know how you handle open source software. Make sure that you are prepared and able to provide them with positive and professional answers.