Introducing the Open Compliance Program

jzemlin's picture

I’m extremely proud to launch a major addition in our legal programs today: the Open Compliance Program.
 
Those of you who follow Linux know its use as an embedded OS has skyrocketed in recent memory, delivering a sea change in the consumer electronics and mobile industries. We think complying with open source licenses is relatively straightforward and far easier than complying with proprietary licenses, especially in an enterprise software setting. (Just ask a CIO who has an undergone a software audit recently. And that’s most of them.) But knowledge, after all, is power. And some companies need help, especially operationally, in defining and following best practices. That’s where we come in. We have the collective experience of our staff as well as the ability to galvanize our members to deliver information, training, tools and a standard that will help the industry coalesce around best practices and save money at the same time. Just as in open source, we feel collaborative development and re-use of resources in compliance matters will deliver great efficiencies of scale. We fully expect the Open Compliance Program to deliver real cost savings to all who participate as well as enable companies to fulfill their license obligations.
 
We have support from virtually every major player in the world of enterprise and mobile computing: Adobe, AMD, Cisco Systems, Google, HP, IBM, Intel, NEC, Nokia, Novell, Samsung, Sony Electronics and many more. We also have support of the legal community including Eben Moglen of the Software Freedom Law Center and others. We are able to generate this type of support partly because of the kind of organization we are (a nonprofit foundation) but also because we benefit from having members who are already very good at collaborating on open source matters, and because this program is the right choice at the right time.
 
I also want to be very clear: complying with open source licenses is actually easier than complying with proprietary ones. (One reason: there is no money involved.) There are countless software audits of users every year, and settlements often range in the tens of millions for large companies. You may not have heard about those cases since they do not get the attention the very few open source cases do, but make no mistake, complying with proprietary licenses is not easy or cheap.
 
Three things you should know about the Open Compliance Program
 
1. It will lower costs for every company who uses open source by giving training, a guidebook of best practices and access to resources to make it much simpler to comply with license obligations

2. It will help spread the use of open source software as it will eliminate the very few legal cases and most importantly the FUD around legal compliance that some vendors like to spread.

3. It’s a collaborative project. The tools are open source and we welcome participation in making them better. The SPDX workgroup welcomes participation from all in the consumer electronics supply chain. Please download our resources and sign up to receive the checklist and give us your best practices at compliance (at) linuxfoundation dot org.
 
This program augments our other protection programs, which include The Linux Foundation Legal Summits, administering the Linux trademark, education and collaboration on patent issues, and more.
 
I hope you find this program useful. You can find details here. We are very excited to deliver what we feel is real value in the legal arena and we continue to add to our work in promoting, protecting and advancing the Linux operating system.