paint-brush
The Cost of Using Open Source Software as a Developer: A Tech Lawyer's Perspectiveby@tobiasch
636 reads
636 reads

The Cost of Using Open Source Software as a Developer: A Tech Lawyer's Perspective

by Tobias C. H.September 30th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Using Open Source Software usually means concluding lots of contracts about the use of the software. The contracts include a contract about the usage of the respective Open Source software. Each contract is a separate contract for each software component you'll integrate into your product or service. This means you conclude 76 contracts - 76 contracts by integrating only one Open Source project within your software project. This can become pretty challenging, even with supporting tools like Black Duck and recurring license texts like the MIT License or Apache License 2.0.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - The Cost of Using Open Source Software as a Developer: A Tech Lawyer's Perspective
Tobias C. H. HackerNoon profile picture

A few months ago, a client of mine looked at me like I was an alien when I told him: "Nothing is for free, not even Open Source Software."


Maybe you also think: "What the heck is he talking about?"


Fair enough. You don't have to pay royalties for using Open Source Software. You also don't have to pay external lawyers to negotiate license terms (since there is nothing to negotiate when it comes to Open Source Software).


But, what you do have to pay for as a developer or software company is the investment in ensuring that your use of Open Source Software is compliant with the license terms.


And that's a big one. Let me tell you why.


Well, most of my clients were surprised when I told them that every time they use Open Source Software within their product or service, they conclude a contract (most often with the originator of the Open Source Software). A contract about the usage of the respective Open Source Software. Or, in other words: An Open Source Software LICENSE Agreement.


To be clear: I'm talking about a separate contract for each Open Source Software component you'll integrate into your software products or services.


That means:

  • 50 Open Source Software components = 50 contracts
  • 500 Open Source Software components = 500 contracts


That's a lot. Isn't it?


And I hope you counted right. Because you have to count recursively, or in other words, you have to count not only the Open Source Software you are integrating but also all the other Open Source Software components upon which this Open Source Software was built.


Suppose you integrate an Open Source Software component, which is built upon 15 other Open Source Software components, and those are built upon 5 other Open Source Software components. In that case, you end up integrating 76 Open Source Software components (1+(15*5)), which means you conclude 76 contracts - 76 contracts by integrating only one Open Source Software project within your software…


Now, if you stop reading at this point, you've already learned an essential point many others don't know or don't actively think about: Using Open Source Software usually means concluding lots of contracts. And I'm serious about this. Because I'm still hearing my clients' voices whispering in my ears, saying: "But Tobi, it's FREE software. There is NO contract at all."


And that's simply… Ummm… Not true.


Not to mention the fact that you shouldn't mix up Free Software with Open Source Software - but that's maybe a piece for another article.


So, why do I think it's essential for you to know that using Open Source Software means concluding (lots of) contracts? Because I experienced that after explaining this to my clients, it significantly changed their perception of Open Source Software usage and helped them to classify its impact on their business more accurately.


Consider what it means for you as a developer or software company if you conclude all the applying Open Source Software Licenses. Of course, it simply means you're accepting all the foreign terms and conditions with various obligations. And suppose you're planning to fulfill them (you better should), you're required to know and understand all of them.


Given the sheer number of contracts stated above, this can become pretty challenging, pretty fast, even with supporting tools like Black Duck and recurring license texts like the MIT License or the Apache License 2.0.


Now, challenge yourself: Have you (or your colleagues) really read and understood all the "terms and conditions", all the Open Source Software License texts that apply to your software projects?


I ask this because it's the essential requirement to establish Open Source Software compliance processes within your company. And trust me, that can be a big one.


In case you're not convinced yet, here are some issues that need to be tackled when using Open Source Software in your products or services (to name a few of them):

  • Copyleft Effect, forces you to distribute your whole product or service under the respective Open Source Software License (for example, see the GPLv3 License).
  • License Incompatibilities, that force you to swap out conflicting Open Source Software components to avoid license violations.
  • Security issues, that may come with Open Source Software.
  • Etc.


To round this up:


If you want to use Open Source Software and if you want to be a serious player in the market, you have to ensure Open Source Software compliance for your products and services, not only to protect yourself but also your business partners.


And that means you have to invest in:

  • Manpower
  • Specialized knowledge
  • Good processes


You can invest in-house by building interdisciplinary teams. Or you can invest externally, usually by hiring a specialized lawyer. Either way, to ensure Open Source Software compliance, you need to invest in it.


You have to pay its price.


And that's a good thing. Because it's crucial to keep the glory world of Open Source Software alive.


Thanks for reading! Tobias C.H.


Also published here.


P.S.: If you liked this post here are 3 things you can do to support me

❤️ Like my article
🤞Subscribe if you're interested in Open Source Software articles for developers from a tech lawyers perspective
🐣 Follow me on Twitter (@tobias_c_h)