Are you a lead software engineer, CTO, or programmer starting your own software business? Then the chances are that you have already come across questions regarding the use of Free and Open-Source Software (“FOSS”). FOSS is an umbrella term covering licenses such as the GNU GPL, MIT, Apache, etc. You have also probably seen people refer to licenses as “copyleft” or “permissive.” If you’re not sure how to comply with FOSS license terms, this article will clarify the basic principles and provide guidance on how to approach these licenses.
Basics of software licensing
Let’s start with the basics. What is a software license? Put simply, it is a form of contract that governs the use or redistribution of the covered software under applicable copyright law. It dictates what you can do with the program copyright-wise (without asking for further permission), but it may also contain terms for patents and trademarks.
In almost all jurisdictions, copyright law applies automatically to any creative work from the moment of its creation, including software. As such, by default, the copyright holder exclusively retains all rights for the work. But what if one wants to allow others the exercise of certain rights? This is where software licenses come into play because non-copyright holders cannot normally exercise these rights. A software license usually permits several or all the following rights: use, copy, modify, distribute and sublicense.
The difference between FOSS and proprietary licenses
A proprietary license grants the licensee the right to use one or more copies of the software, but ownership of those copies remains with the software publisher. This means that the user must abide by some restrictions, such as limited use, a limited number of devices connected to one account, no right to copy, modify or distribute the software. Well-known programs using proprietary licenses are, for example, Microsoft Word and Adobe Photoshop.
FOSS licenses go one or several steps further compared to proprietary licenses. They allow the rights to use, copy, modify, and/or distribute the program, even for commercial use. These rights provide more freedom to users, so the term “Free Software” refers to freedom, not price. For example, the VLC media player and the Blender 3D editor permit you to freely use, copy, modify, distribute and sell them provided you comply with the license’s terms (the GPL).
Proprietary programs may be offered free of charge as freeware. They also often require a paid license to “unlock” more features. FOSS programs typically do not require a paid license and can be used freely for any purpose.
The types of FOSS licenses
There are two main categories of FOSS licenses: permissive and copyleft licenses. It is crucial to understand which category a license belongs to because it has important implications in practice.
Permissive software licenses
A permissive software license, also called BSD-like or non-copyleft, is a FOSS license that carries only minimal restrictions on how the software can be used, modified, and distributed. This means that, when integrating permissively licensed software into your program, you must typically only provide prominent attribution and retain the copyright notice. Other than that, there is no limitation on use. This is as easy as it gets.
Examples of permissive licenses include the following:
- MIT License (also known as Expat License)
- BSD licenses
- Apache License
Businesses prefer and promote permissive licenses because they enjoy wide compatibility with other licenses, including copyleft ones (which are explained below). This feature allows permissively licensed software to be incorporated into or linked against proprietary software. For example, many programming languages and software libraries are licensed under permissive licenses, which allow them to be packaged into proprietary programs.
Copyleft software licenses
A copyleft software license also called protective or reciprocal, is a FOSS license that grants the rights to freely use, copy, modify and redistribute the software with the additional requirement that derivative works preserve the same conditions. This means that compatibility with other licenses is very restricted. If you are selling a proprietary software solution, you are not allowed to ship copylefted code because proprietary licenses are incompatible with copyleft. To give another example, WordPress requires that all third-party developed plugins (gratis or paid) carry a GPL-compatible license, meaning proprietary licenses are not allowed.
It is essential to distinguish when and which works are “infected” by copyleft to achieve legal clarity. For example, does your program constitute a derivative work of the copylefted software? When bundled together, are they considered a single combined program? Does it fall under an exception of the license? You should be answering these questions when using copylefted software in your own project.
Examples of copyleft licenses include the following:
- GNU General Public License (GPL) and other GNU licenses
- Mozilla Public License
Complying with FOSS license terms
FOSS licenses do not mean unlimited free-for-all use; they still carry terms with which you must comply. License compliance can be confusing, but you have nothing to worry about if you understand the basics above. Here are a few tips on how to comply with software licenses:
- Provide prominent attribution and do not modify the copyright notice.
- Identify its classification. Is it permissive, copyleft, or something else? Pay extra attention to copyleft terms.
- Pay attention to license compatibility in case you use multiple software packages licensed differently. You can use the Joinup Compatibility Checker and Compare Tool to help you with this process.
- If you are not sure about something, seek legal counsel. “Infected” proprietary software can become a costly issue to resolve.
It is important to comply with the license terms, otherwise, you risk infringing the software publisher’s copyrights. This can turn bad for you if you are sued. Apart from immediate license termination, you risk claims for unjust enrichment and damages. A lesson to be learned: You should always pay attention to license terms to be legally secure.
Such legal risks may also be assessed by investors during financing rounds and exits. Prudent choice of the FOSS programs you are planning to integrate into your project and full compliance with their terms can be crucial factors for the evaluation of your company.
Using FOSS tools for your company
Using FOSS programs can help in numerous ways. You can integrate them into your own project, which saves you time you would otherwise spend coding, or use them as internal tools for your company and save money. Another advantage is that FOSS programs allow you to be part of an interconnected knowledge network of tech companies, professional developers, and hobbyist programmers. If you ever feel a feature is lacking, you can always file an issue or a pull request to the project’s repository. If the feature is implemented, your workflow will improve.
When you just want to use a FOSS program as an internal company tool, FOSS licenses do not restrict you in any way. For example, if you are developing 3D graphics for a proprietary game, you are free to use Blender for modeling assets without worrying about its copyleft license (GPL). This is because the output of programs does not have to comply with the program’s license. It is entirely possible for a company to only use FOSS tools and sell proprietary software. In other words, the issue of license compatibility and compliance only arises if a program interacts directly with another program.
While the use of FOSS tools as such is generally unproblematic, you should be careful when integrating FOSS code into your own products or when using FOSS products as a base for derivative works. Here, you have to make sure that you comply with the license terms. Be especially careful when it comes to copyleft code. The resulting legal risks of implementation into your product can be grave, and properly assessing the applying rules is a must.
Whether you are applying for your own software license or complying with the terms of another license, legal security should be a priority for your business. Pay attention to copyright terms and stay safe!