I’ll start off with the traditional “I am not a lawyer” disclaimer.
I just read Computerworld’s article about McAfee’s statement that open source licenses are a “risk factor” for their business. Jeez. Who would have thought that a company that makes their livelihood off of fighting viruses (mostly in proprietary closed source software) would be such a whiner. OK, I know that those “risk factors” probably include everything that could possibly go wrong so that the company or executives won’t get sued by shareholders. And I know that some associate at a law firm got paid $300 an hour to read about the GPL lawsuits in the newspaper and then add a new risk factor as a way to up their billable hours. But, come on, you can’t really be serious.
If we’re going to get that paranoid, companies might as well start including risk factors for the proprietary software they use. Companies could include risks like:
I think all of my suggested risk factors are a lot closer to reality. Yes, companies do need to pay attention to open source licenses. Yes, companies do need to comply with open source licenses. Yes, an open source software license could have ambiguities. Yes, there is a possibility you could get sued if you don’t comply with an open source software license. Yes, open source needs to be part of your governance or compliance program.
But all of those statements are equally true for proprietary software.
If you pay attention to open source license compliance, you won’t need to worry about updating your “risk factors”.
Allowed tags: <a> link, <b> bold, <i> italics
If you read a post on The Enterprise OSS Blog, please leave a comment. Let us know what you think, even if it's just a few words. Comments do not require approval, but they are moderated.OpenLogic reserves the right to remove any comments it deems inappropriate.