The Linux Foundation, the nonprofit organisation dedicated to supporting Linux, announced on 10 August at LinuxCon the launch of the Open Compliance Program. What is that you ask? It's a comprehensive initiative to help companies and developers comply with open source licences.
You may not know it, but getting businesses and developers to obey open source licences has become a much bigger problem over the years. I'm not talking about the differences between GPLv2 and GPLv3. I'm talking about companies using open source code and not realising that they can't just use it any way they want.
The reason this has become a problem is that almost every major company is now using Linux and open source software. That's both the good and bad news. With so many companies using, and what's more important, incorporating FOSS (free and open-source software) in their products, there's lots of room for businesses to make big mistakes.
That's especially true in the mobile and consumer electronics space. All you have to do is look at the legal record and you can see that. Company after company builds some neat device and uses FOSS but then doesn't bother to follow the rules on how the software should be used. Then, when they're caught at it, the SFLC (Software Freedom Law Center) or a private law firm comes down like a ton of bricks on the open-source licence violators and they have to pay up for their sins.
There's got to be a better way of getting companies to obey the rules than hauling them into court, don't you think? That's what the Linux Foundation, SFLC and friends thought too, and that's where the Open Compliance Program comes in.
With the help of Adobe, AMD, Google, HP, IBM, Intel, NEC, Samsung, and a slew of other companies, the programmes offers tools, training, consulting and a self-assessment checklist to help companies comply with open source licences,
According to Jim Zemlin, the Linux Foundation's executive director who I spoke to before the show, "This is a vendor neutral, non-commercial compliance programme that offers a comprehensive offering of compliance training, tools and services. As open source has proliferated up and down the product supply chain, so has the complexity of managing open source compliance. Our mission is to enable the expansion of open source software, so we created this programme to give companies the information, tools and processes they need to get the most out of their investment in open source, while maintaining compliance with the licences."
The Linux Foundation couldn't do it by itself, of course. It needed all those industry players and the SFLC on board to make it happen. In a statement, Eben Moglen, the SFLC's founder and chairman, said "Free software licences are designed to make it easy to copy, modify and redistribute software, commercially and non-commercially. The Linux Foundation's Open Compliance Program will make best operational practices for compliance accessible to all and will help commercial and non-commercial parties work together to improve those practices still further. Participation in this programme, along with necessary legal advice and training, should allow any organisation to meet its FOSS licence compliance responsibilities completely, at very low cost."
Zemlin described the programme as being like a vaccine against not just FOSS licence problems but against all the legal troubles a company can get into with software licensing issues. In particular he sees it being very useful for companies in the mobile space. After all, "lots of vendors are involved in building smart phones. You can use this programme across your supply chain to reduce the friction of everyone not being on the same legal page when it comes to licence compliance. This will lower the costs for licence compliance across the industry."