If you’ve ever been worried about incorporating open source software into your products and having to deal with intellectual property issues, you’re not alone. But as long as you do it the right way, you can (and probably should) use open source software for any future projects. Here’s how.
Open source is one of the most amazing parts of software development and the technology industry in general. As a leading custom software development company, we have worked with open-source software in countless projects and this has helped us deliver high-quality applications every time. However, we’ve also found that many of our clients are not particularly familiar with what open source is, how open source licensing works, and how they can protect their intellectual property.
In response, here’s a compilation of some of the most frequently asked questions we get here at FullStack Labs when it comes to open source software and intellectual property rights. Let’s get started.
Today, nearly all software development projects use open source software to accelerate development and get access to high-quality, peer-reviewed technology. After all, open source code is, by definition, publicly-accessible software that is eligible to be modified and shared by third parties.
As a client outsourcing software development, you can use open source software in any project as long as you comply with the licensing requirements (which are often pretty lenient; more on that later). And of course, it goes without saying that the IP for the source code of the open source software is still owned by the original developers.
So yes, you can use open source software in your app. In fact, that’s why open source software exists in the first place: so that people and companies all over the world can create better tech faster and easier.
It’s not rare to hear about organizations that are nervous to use open source because they fear losing their IP rights to the open source code owner or getting themselves into a vulnerable legal position. However, that’s not really the way things work with open source software.
For starters, open source projects exist on a spectrum. Just like there are projects that release 100% of their source code to the open source community, like Python and Go, there are also companies that use a combination of open source code and proprietary code, like Dropbox and Adobe. And there are also those who use 100% closed-source code. Most businesses today choose to be somewhere in the middle of the spectrum.
Why? Simply because using open source doesn’t have to be an either-or decision. Today, it is entirely possible to support open source, keep your app’s IP rights safe, and get the best of both worlds.
To protect their IP rights, open source developers use copyleft licenses. As you can imagine, copyright is the opposite of copyleft. The former is used to protect IP from being copied or distributed, and the latter is used to ensure that open source IP is copied and distributed following certain requirements.
Copyleft can be enforced weakly or strongly depending on the license.
Similarly, copyleft licenses can be classified according to their level of permissiveness, which can either be strict or permissive. The difference between the two is quite simple: strict licenses cannot be mixed with closed-source or permissive licenses, while permissive licenses can.
As of 2021, there are over 80 licenses approved by the Open Source Initiative (OSI). For most use cases, it is recommended to compare them according to the uses they allow or prohibit and additional conditions like:
The risk of implementing any open source licensed work can be determined based on the permissiveness of the license. The MIT, MPL, and GPL licenses are great examples we can use to cover the length of the permissiveness spectrum.
Just like most permissive licenses, the MIT license (also known as the X11 license) doesn’t really impose any limiting conditions. It is used by industry-leading projects like Ruby on Rails, React, Node.js, and the .NET Core. Here are its characteristics:
The MPL license sits in the middle of the permissiveness spectrum since it shares similarities with both the MIT and GPL licenses. As you may imagine, the MPL is used by Mozilla Firefox and other Mozilla software, but it has also been used by companies like Adobe and Sun Microsystems. The following characteristics apply to the MPL 2.0, which is the current version of the license as of the publication date of this article.
A few years ago, the GPL was the most used open source license in the market, but the popularization of permissive licenses has taken attention away from it. It was created by the Free Software Foundation (FSF) and it is used by the Linux Kernel and the GNU Compiler Collection. Currently, there is GPL v2 (1991) and GPL v3 (2007). These are their general characteristics:
Yes, open source software can have multiple licenses as long as the licenses don’t conflict with each other. For example, if you want to upgrade an app with a GPL, you can add MPL software to it and relicense the entire thing under GPL. Following the licensing restrictions, the MPL software will be double-licensed under GPL and MPL.
However, this is most common when merging permissive licenses with other permissive licenses or with restrictive licenses with merging exceptions. In strange cases, you can also combine code with different restrictive licenses, but this normally means that the final application cannot be redistributed, as the licensing restrictions will not be compatible with each other. Conflicts like these can only be resolved if the owners of the open source programs agree on changing the license or adding exceptions to it.
It’s not hard to find unlicensed repositories on GitHub and, if you like the project, it might be tempting to fork it and use it for your own purposes. However, this is not recommended under any circumstances. Even if the source code has no publicly available license, you run the risk of being sued for using it.
So no, do not use unlicensed software. It is always best to be fully aware of what you’re getting into and what kind of restrictions (if any) you will be dealing with.
Avoiding IP and litigation risks when using open source software is pretty simple. Most licenses in this field are quite permissive and even the restrictive ones tend to have a few exceptions. That said, do not underestimate open source licenses under any circumstances. “Weak” copyleft is still copyleft and you must comply with any of its restrictions, as lenient as they may be.
If you’re looking for a truly no-risk approach, then working with a nearshore software development company is the way to go. The expert software developers at FullStack Labs know all about open source software licenses and we will help you determine whether or not a license can interfere with your product goals. Contact us today.
We’d love to learn more about your project.
Engagements start at $50,000.