SAN FRANCISCO — After the billions it spends to make its company the
poster boy for Linux, IBM said the last thing it wants to
do is launch a patent attack against the Linux kernel.
“I can assure you, we have no intention of asserting our patents against
the Linux kernel… unless of course we are forced to defend ourselves,”
Nick Donofrio, IBM senior vice president of technology and mnufacturing,
said during his keynote address to LinuxWorld attendees here.
The same can be said of enterprise Linux vendor Red Hat , whose CEO Matt Szulik told internetnews.com that
companies like his should be the ones to take care of indemnifying customers
from legal threats. To that end, the company expanded its Open Source
Assurance Program in a new partnership with Black Duck Software. The deal
highlights Black Duck’s protexIP product line, which helps track and
identify open-source code in development projects in an effort to avoid any
potential licensing compliance issues.
But mainstream Linux companies are under suspicion following an
independent study
by insurance firm Open Source Risk Management (OSRM). The group revealed
this week that the Linux kernel might have 283 non-court approved patents,
including one-third by leading Linux vendors like IBM, Cisco, HP, Intel,
Novell, Oracle, Red Hat and Sony. The study also found 27 untsted patents
owned by Microsoft .
OSRM supporters suggest that each and every one of the untested patents
is a potential time bomb that could wipe out small- to mid-sized Linux
distribution houses and their customers.
In defense of its commitment to protecting its open-source investments,
Donofrio challenged the Linux community to join together in establishing
procedures that avoid infringement claims as it moves forward… and to
resolve them promptly if they arise.
At the same time, Donofrio said, “The answers won’t be
found by resorting to protectionism or by raising trade barriers to stem the
outflow of jobs. Myopia isn’t a winning strategy. Nor are status-quo tactics
such as wringing out marginal productivity and cost-control gains at the
expense of investing in new, innovative directions.”
Big Blue knows about patents. In 2003, IBM received 3,415 U.S. patents, the eleventh consecutive year that IBM received more U.S. patents than any other company in the world.
It’s just that kind of dominance in the marketplace that prompted
open-source pundit Bruce Perens to worry about corporate “friends of Linux”
who may turn on the community, given the chance. The creator of embedded
Linux software Busybox suggests that trusting corporations to protect
customers from any patent litigation is a ruse, because larger companies
cross-license with each other.
“We can’t be ostriches about this and put our heads in the sand about
this,” he said. “The only time IBM’s Intellectual Property and Licensing
team and its Linux team meet together is in the CEO’s office.”
The expert in the Free Software and open-source communities, who presented
his third bi-annual “Open-source State of the Union,” also pointed out that
indemnification supplied by vendors like HP and Novell or the combinations
of groups like OSDN and Red Hat barely scratch the surface. Industry
analysts said fighting patents costs between $2 and $6 million each.
“There have been some settlements with infringement in open source,”
Perens said. “In each case, the developer has signed over their patents to
the plaintiffs, who then will hold on to it themselves.”
Instead, Perens called for written contracts by Linux vendors that would
ease the fears of customers and developers.
“I would like signed documents stating that individual users would be
safe. After all, the goals of corporations change,” he said. “In that way,
when I get sued for doing work on Busybox, I can take the document to my
lawyer.”
Perens also said he would like to hear from the IBMs and HPs of the world,
so, as he put it, “If I get sued by Microsoft, they won’t stand back
and say they won’t get involved because Microsoft is a partner.”
While Perens’ suggestions might ring true in the enterprise, OSRM’s plan
may backfire.
The grassroots Linux community has accused Perens of having a conflict of
interest because he sits on the OSRM board of directors. OSRM legal counsel
Dan Ravicher, who is a respected founder and executive director of the
Public Patent Foundation and senior counsel to the Free Software Foundation,
and ORSM Director of Litigation Risk Research and Groklaw writer Pamela
Jones have also been accused of “selling out” because they both have a
vested interest in seeing OSRM succeed.
OSRM itself however said it will not reveal any hard specifics on the 283
patents it said were in involved in the Linux kernel. Ravicher explained that being aware of the particulars of a patent
could potentially expose a developer to risk.
“There’s what I call a perverse rule in patent law that says if you are
aware of a patent and then later found to have infringed on it, the court
can punish you for willful infringement by tripling the amount of damages
awarded against you,” explained Ravicher. “If you can say you weren’t aware
of it, then the court can’t claim that you acted willfully, because you
didn’t have knowledge.”
Ravicher said OSRM has several “interested parties” in several market
sectors but would not identify any of them. The company is also in the
process of getting certified with the insurance industry board, though lack of certification
does not preclude it from taking on clients. Ravicher said the company is
also expanding its coverage to other open-source platforms such as GCC,
MySQL, and Apache Tomcat.