Are potential legal liabilities holding back Linux adoption?

by Mark Vernon | Sep 20, 2005 7:00:00 AM

Tags: OPEN SOURCE, UNIX, Operating systems, Insurance, Financial Planning, Mark Vernon, Open Source Risk Management, Linux, patent, Mark Webbink, Financial Service IT Newsletter

Takeaway: How likely is it that Linux adopters will face legal challenges due to patent infringement cases? Mark Vernon follows up on recent legal issues concerning Linux adoption in the financial services industry.

I recently wrote an article about the adoption of Linux in the financial services industry. One of the issues raised by readers is the debate over Linux and potential legal liabilities. Most of the attention, to date, has been on liabilities to do with patents. The interest in patents and open source began about a year ago when OSRM (Open Source Risk Management, a U.S.-based insurance provider) announced the results of a study they commissioned from patent attorney Dan Ravicher. His conclusion was that, at most, the Linux kernel may infringe up to 283 patents. But as Mark Webbink, Deputy General Counsel at Red Hat points out: "He did not conclude that the Linux kernel actually infringed any of these patents, but that was largely misconstrued by the mainstream press." Of the 283 patents, approximately one tenth are held by Microsoft.

More recently, OSRM announced that it would provide patent infringement insurance to Linux users for $60 per server. OSRM's offering came after SCO, a UNIX supplier, took action against companies including DaimlerChrysler, Novell, and IBM, because it believed its code had been used in the development of Linux-based systems. OSRM announced that its insurance would be available via brokers and that the risk would be underwritten by Lloyd's of London syndicates.

However, Webbink has questions to ask about this move too. "The announcement was interesting from the standpoint that it contained no quotes from anyone at Lloyd's, and subsequent inquiries by others—not me—to Lloyd's raised significant questions as to the veracity of the CEO of OSRM's assertion," he says. "Moreover, to our knowledge, OSRM is not licensed to broker insurance in its home state of North Carolina or anywhere else in the U.S." OSRM has not been able to clarify the matter for TechRepublic.

As to the larger issue of whether enterprise customers, including financial services firms, are insisting on indemnification for patent infringement claims, the answer is unclear. "While it is frequently raised as an issue, thanks in large part to Microsoft's constant carping on the subject," continues Webbink, "Red Hat has found that it has rarely been a barrier to adoption."

But there is another liabilities issue that could be associated with Linux. This was well put by one recent TechRepublic reader, working for a large software firm specializing in software for the mutual fund industry. He reported that the firm had decided not to use open source software due to the lack of a legal entity behind it. "For them, they feel it is important that they have someone they can hold accountable for any system failures," he said.

He continued, expressing the opinion that such is the litigious nature of modern society, including the financial services industry, that this could be a serious issue for the proponents of Linux. "Simply put, people want someone to sue and [open source] does not offer that," he said.

However, Webbink disagrees. He points first to Red Hat's continued financial success, much of which is directly related to adoption of Red Hat Enterprise Linux within the financial services sector. "Obviously, many of these customers perceive that Red Hat, with a market capitalization in excess of US$2.5 billion, is a sufficiently substantial vendor as to assuage concerns they may have," he concludes.

In fact, the whole debate may prove to be something of a tempest in a teacup. After all, how many companies buy insurance against patent infringement anyway? The point here is that for large companies, the liability is offset by the pressure they can exert on any IT vendors who might try to sue; when infringement does become an issue, negotiation is preferred to litigation. And for small companies, the effort and costs involved in any litigation is hardly warranted by the monies any vendor might recoup.

To put it differently, vendors will encourage patent enforcement, but rarely in the courts. Look at the case of SCO. As Vice President Richard Fichera of Forrester Research said in a statement (Is SCO Toast? All Signs Point To Yes), "Forrester reiterates its recommendation that Linux users not panic about SCO's litigation program and that SCO customers look for alternatives to SCO software when building out systems to support new workloads."

Print/View all Posts Comments on this article

Novell SUSE includes an Indemnification Programmatt.midson@...  | 09/21/05

comparablekhanolkardilip@...  | 09/22/05

More of a support issue ...Too Old For IT  | 10/03/05

re: lack of legal enity behind open sourceJaqui  | 10/03/05

Software is a service - no product liabilityback2basics  | 10/10/05