Metaphysical Detectives and Emotional Spies

FOSSBazaar is no longer being updated. The information on this site is preserved for your convenience but may be out of date. Please visit Linux Foundation's Open Compliance Program for current information and activities.

Andrew Grant's picture

In one recent deal we were left with the thorny problem of Indemnity and who pays for it. Typically, if you are using proprietary code you are buying a pig in a poke (buying something in a black sack that the vendor says will do  the job). The case of indemnity arises if a patent troll claims ownership and then sues the user for a multi-million dollar sum. The legal team then refers to the contract and points the troll's complaint at the software vendor who defends the claim (on the basis they know what's in the software and where it came from because they "own" it.)

Now, it gets more complicated when companies acquire companies who acquire other companies who may have mashed together their apps over time. The enterprise needs to make sure it is not open to legal risk yet this places the burden of cost for defence and code parentage on the vendor - another cost that would need to be borne by Open Source vendors when dealing with the Enterprise. 

So in Intellectual Property terms who owns what, do they really own it or just say that they do becomes vital. In reality, you have to get forensic to understand where the code comes from. Like russian dolls what is it built on, where did that snippet come from or that capability and what's inside the next doll. It becomes more difficult when you consider resale - what if the core application engine owned by the vendor has additional capability added to it that is "owned " by the enterprise. 

If that is resold and there is a legal challenge then indemnity kicks in and it becomes a question of governance and expensive IP lawyers.

In terms of governance, knowing what your code is and where it came from and any obligations arising is a really important issue as for a vendor there is a cost to defend these cases, for the enterprise there is cost in making sure they are protected from excessive litigation.

So code parentage and obligations become paramount. If you don't know, then I'll give you the number for the Metaphysical Detective Agency. Or have a chat with some of the bloggers on this site.