An Introduction to Open Source Compliance in the Enterprise
The Linux Foundation | 01 December 2016
The following is adapted from Open Source Compliance in the Enterprise by Ibrahim Haddad, PhD.
Open source has expanded not only from an idealistic movement led by individuals around software and intellectual property but from one where organizations (e.g., governments, companies, and universities) realize that open source is a key part of their IT strategy and want to participate in its development. Early success in Linux and other open source technologies has spread to all areas of technology.
More traditional organizations are also taking notice and making open source software a priority and using the software for strategic advantage in their operations.
Use of open source in enterprise IT has roughly doubled since 2010, according to the North Bridge and Black Duck 2016 Future of Open Source Survey:
• 67 percent of surveyed companies encourage developers to engage in and contribute to open source projects.
• 65 percent of companies are contributing to open source projects.
• One in three companies have a full-time resource dedicated to open source projects.
• 59 percent of respondents participate in open source projects to gain competitive edge.
As a result, organizations are looking for guidance on how best to participate appropriately in open source communities and to do so in a legal and responsible way. Participants want to share their code and IP, and they need a trusted neutral home for IP assets (trademark, copyright, patents). They also need a framework to pool resources (financial, technical, etc.).
Open source participants need expertise to train them on how to collaborate with their competitors in an effective manner. To that end, The Linux Foundation has published the Open Source Compliance in the Enterprise e-book geared to creating a common understanding on the best ways to create shared value and innovation while adhering to the spirit and legal particulars of open source licensing.
Open source initiatives and projects provide companies and other organizations with a vehicle to accelerate innovation through collaboration with the hundreds and sometimes thousands of communities that represent the developers of the open source software. However, there are important responsibilities accompanying the benefits of teaming with the open source community: Companies must ensure compliance to the obligations that accompany open source licenses.
The 4 Objectives of Open Source Compliance
Open source compliance is the process by which users, integrators, and developers of open source software observe copyright notices and satisfy license obligations for their open source software components. A well-designed open source compliance process should simultaneously ensure compliance with the terms of open source licenses and also help companies protect their own intellectual property and that of third-party suppliers from unintended disclosure and/or other consequences.
Open source compliance helps achieve four main objectives:
• Comply with open source licensing obligations.
• Facilitate effective use of open source in commercial products.
• Comply with third-party software supplier contractual obligations.
• Protect proprietary IP.
In this blog series, we’ll explore the entire process of open source compliance, including a high-level overview of the topic, detailed information on how to establish an open source management program at your organization, and an overview of relevant roles.
In part 2, we’ll cover how software development models have changed and discuss the role of open source compliance under the new multi-source development model.
Read the other articles in the series:
An Introduction to Open Source Compliance in the Enterprise
Open Compliance in the Enterprise: Why Have an Open Source Compliance Program?
Open Source Compliance in the Enterprise: Benefits and Risks
3 Common Open Source IP Compliance Failures and How to Avoid Them
4 Common Open Source License Compliance Failures and How to Avoid Them
Top Lessons For Open Source Pros From License Compliance Failures
The 7 Elements of an Open Source Management Program: Strategy and Process
Download the free e-book, Open Source Compliance in the Enterprise, for a complete guide to creating compliance processes and policies for your organization.
Similar Articles
Browse Categories
2023 Compliance and Security Cloud Computing Open Source Projects Linux How-To 2024 Diversity & Inclusion LF Research Blog Open Source Best Practices Linux Foundation Newsletter 2022 Training and Certification Research Cross Technology Linux lf blog research report linux blog LFX cybersecurity project news software development AI Cloud Native Computing Foundation Legal OpenSearch Topic: Data Announcements Financial Services In the news Networking and Edge lf events Data Governance Energy Featured Events Industry: Finance Industry: Fintech Interoperability LF Energy Open Mainframe Open Models OpenChain System Administration This week at FINOS Topic: Open Source Development Topic: Security Topic: Sustainability Web Application & Development amazon web services aws brand perception cloud native cncf community tools confidential computing challenges developer needs eBPF emerging technologies generative AI human capital japan spotlight kernel lf projects license compliance maintainer openssf research survey sbom skills development tech talent techtalentsurvey updates