Debunking a law firm's open-source FUD

Update below with White & Case's response. Spoiler: they weren't happy with my interpretation of their e-mail.

White & Case, a leading international law firm, has been struggling in the face of the recession, laying off 70 associates in late 2008.

Perhaps nothing makes its struggle as clear as its attempt to drum up business by scaring prospective and current clientele into retaining its services to address the very scary open-source legal threat, as a recent e-mail sent out to a friend suggests:

From: "Rieck, Christopher"
Date: April 13, 2009 8:09:09 AM PDT
To: xxxxx
Subject: Open Source Decision - New Legal Penalties on Developers?

Hi Dave,

Open-source licensing--the innovative (if controversial) tool that makes source code available to the general public on certain conditions--is a growing movement most closely associated with Linux and other major software products.

The movement may well have been given a great boost by a recent court decision that makes it easier to enforce open-source licenses. But the unintended side effect may be that many software developers who incorporate bits and pieces of open-source code in commercial programs will now face greater risks of significant legal penalties for doing so.

Last December, a decision by the U.S. Court of Appeals for the Federal Circuit in the matter of Jacobsen v. Katzer held that breach of an open-source license can support a claim for copyright infringement--with associated remedies. The Court's ruling may also require recognizing that the open-source copyright owner has standing to sue downstream licensees for copyright infringement....

"Following this decision, commercial software developers should be even more cautious of incorporating any open-source code in their offerings. Potentially far greater monetary remedies (not to mention continued availability of equitable relief) make this vehicle one train to board with caution."

This is an interesting perspective, one that explicitly cuts against the generally positive perspective on the lawsuit that Mark Radcliffe and other experts on open-source law have suggested.

Indeed, legal expert Larry Lessig calls the Jacobsen decision "huge and important," and explains the appellate court's finding in very different terms than White & Case:

In nontechnical terms, the court has held that free licenses such as the (Creative Commons) licenses set conditions (rather than covenants) on the use of copyrighted work. When you violate the condition, the license disappears, meaning you're simply a copyright infringer.

This is the theory of the (GNU General Public License) and all (Creative Commons) licenses. Put precisely, whether or not they are also contracts, they are copyright licenses which expire if you fail to abide by the terms of the license.

Does that sound dire? I don't think so, either.

No, it simply means that White & Case's clients can't pilfer from the open-source community without contributing back. Since when is this something to fear?

So while it may be good business for White & Case to spread FUD (fear, uncertainty, and doubt) within its clientele to drum up business in a weak economy, the case it references is a big win for clarity around open-source licensing. This is something to celebrate, not fear.

It's also a reason to retain a different law firm, one that recognizes the opportunities in open source and isn't fixated on risks mostly of its own invention.

UPDATE: Jonathan Moskin, a partner at White & Case, responded to this post with the following:

As we explained in our e-mail to CNET, this decision may have given the open-source movement a great boost by making it easier to enforce open-source licenses. The purpose of our e-mail was to spark meaningful discussion with CNET and other publications on the issues in the decision, of which Mr. Asay was most certainly aware and which would have been clear to your readers, had the e-mail not been selectively edited to remove the invitation at the note's end.

For those who are interested, I actually could quote the e-mail in its entirety, and it would only augment my argument. I apologize to Mr. Moskin, if I misrepresented the intent of his e-mail: I was taking the words at their face value, and as an open-source advocate, I don't appreciate that value very much.

It is absolutely the case that there are legal risks in open source, but the same is 100 percent true of proprietary software. Indeed, the same risks that Mr. Moskin points out in open-source software exist in proprietary software.

Regardless, I apologize if I misread his e-mail. I'm also sorry if I seemed callous to those at his firm who lost their jobs. Unemployment is a terrible thing. I wasn't in any way trying to minimize it and apologize if it seemed that I did so.

Follow me on Twitter @mjasay.

[Random_Walk]

Depending on which state they reside in, don't lawyers have to follow certain marketing guidelines as required by law? This scare tactic letter looks a lot like a blatant violation in at least a couple of states I can think of offhand. Again, depending on state, they could face suspension, disbarment and fines if anyone called them on this particular flavor of BS.

Personally, if they've already had to lay off folks (especially in an economy where world+dog will sue for any reason just to get paid), then I suspect that they've got bigger problems than just the amount of BS that they can pump out.

[semimu1]

I dont agree with the tactic, but your response is also very skewed towards open source advocates. In fact, the decision does leave open the question: what is the penalty for distributing a copyrighted material without a license? Those penalities are pretty well established under current law (which is what W&C were using as FUD). That issue is unclear in both cc and GNU licenses.

If you are going to argue unbalanced coverage, please try and balance your response.

[odubtaig]

Find a software EULA which does make that clear, then argue bias.

[Matt Asay]

This is an open-source blog. My entire career is tied up in open source. And you were looking for me to *not* argue the open-source side?

[D. C. Toedt]

In a former life I was general counsel of a publicly-traded software company. IMHO, the White & Case memo isn't the least bit FUD-ish. It's a sober assessment of a very real concern. There are a few programmers out there who can't be bothered with "legal stuff," such as doing the extra work it takes to comply with FOSS license conditions. Such people can get their companies in real trouble. For lawyers who know about such things, this is a non-trivial concern.

If I'd received the White & Case memo while I was in-house, I'd have appreciated the information. Even if I'd seen it before, it's always nice to be sure you're getting the word about important things like this.

[trevorbsmith]

First, a significant service that lawyers provide to clients is providing information to minimize risk. The White & Case email seems to be just a notification to clients that new law has been written and that clients should check with W&C if they have questions about their use of open source code. Frankly, a lawyer would be an idiot if s/he didn't "warn" his/her clients and there might even be an argument that it would be negligence to fail to "warn" in this case.

Second, without commenting on the presentation or style of the W&C email, nothing in it seems to be factually incorrect. (DISCLAIMER: I haven't read the case in question, I'm just comparing the interpretation in the email you like with the one you don't like.)

Third, business clients sometimes do things they should not. Sometimes that may include using open source code and breaching the license (maybe modifying, distributing, but NOT making source code available?). For THOSE clients, the W&C email is vital information, not FUD as you claim.

Fourth, this kind of email is STANDARD business practice, at least in law firms I'm familiar with. It likely has nothing to do with the recession or layoffs. I submit that it's irresponsible to suggest a link between the two unless you have some actual evidence of such.

FWIW, I agree that the second email you quote is written more clearly, but not every lawyer is John Grisham. Shrug.

[tzs108]

I don't get it. The law firm's letter said the same thing Lessig said. How can you call the former FUD, and then praise the latter?

[Matt Asay]

No, the law firm's letter did not say the same thing Lessig said. The firm chose to pay minimal lip service to the positive side of the decision, then focus the vast majority of its email on all the bad things that can come from this.

It could easily write the same thing -- if not worse -- about proprietary licensing. Presumably it has already done that, and was trying to find more to write about/bill about with open source. Good luck.

[jimmyed2000]

The FUD is real.

Microsoft has worked out how to live with open source. In order of preference they would like you to:
1) Pay for Microsoft software
2) Use open source under a Microsoft licensing scheme (e.g. Linux under the Novell deal)
3) Use open source that violates their patents so they can force you to make license payments
4) Use open source that does not violate their patents
5) Use their competitor's software

I'm not sure of the ordering of #4 and #5

The recent TomTom suit is an example of case #2. We know they have a portfolio of patents they claim they can use against the consumers of open source. They won't reveal their patents because they don't want the offending code to be re-written or forewarn people so they can pick a different implementation (allowing people to move from #3 to #4).

Any software or hardware company that is embedding open source code into its products or has developers that have access to the internet should do IP audits:
* Developers are grabbing code samples from the internet without any thoughts of copyrights or IP violations.
* Developers are grabbing open source libraries from the internet without any thoughts of copyrights or IP violations.
* Knowing exactly what you are using enables you to identify what your exposure is when Microsoft does reveal a card (like the FAT filesystem case that hit TomTom).

As Larry Augustin blogged recently everyone should be scrubbing FAT from their products -
http://lmaugustin.typepad.com/lma/2009/02/linux-microsoft-and-patents-its-time-to-get-the-fat-out.html

[Papa Chango]

I agree that the FUD is real and hasnt ever stopped.

Very often when people are told about Microsoft's tactics, the first reaction is that things dont work like that, that its only our imagination but the documents from Comes v. Microsoft show us that everything we thought Redmond did was true, and then some.
Boycottnovell.com has tons of great documents from this court case and you can read internal memos and emails by heads of Microsoft written by the people themselves, not some interpretation.

As for your story about ambulance chasers trying to scare up business, I am shocked that this happens. Shocked I say. I mean, we all love lawyers (as much as foot fungus), dont we?