I met Aaron Williamson at OSCON this year. Aaron works as a legal counselor at the Software Freedom Law Center in New York. He is an expert on software law and open source licensing. After one of his talks I approached him and asked if I could interview him and share the transcript online. Well, here it is! While we are on the subject of legal matters, here is a disclaimer: This article is not legal advice.
Understanding the legal aspects behind software copyright and licenses is extremely important to software makers. At the very least all software professionals should know the difference between Apache/MIT, LGPL, and GPL. What I learned from Aaron is that no matter what, a copyright is in place by default even if the author does not want the work. To give away the work the author must first acknowledge their copyright, then issue an appropriate license allowing others to use the work. A seemingly innocent copy and paste of a code snip can be considered a copyright violation if you are not careful.
Q1) If I copy and paste a code snippet from a website and then modify it to fit into my system, who owns that section? What if I just use that code as a guide and only re-use the pattern it follows?
A1) That depends on: whether the code itself is copyrightable; if so, what the license to the code is; and whether you copied original expression. Many sites that post code snippets include a term in their terms of use specifying the license for the code. If the site doesn’t specify a license, or otherwise say how the code can be used, you should consider the code “all rights reserved.” While code must contain a certain degree of originality to be copyrightable, that degree is low, and there is no clear line. Since “originality” can be found in not only the literal code but also in its structure and other nonliteral elements, merely copying the code’s “pattern” doesn’t necessarily mean you’re not using copyrighted work. If you find code you want to use on a blog and a license isn’t specified, try contacting the author and requesting to use the code under your preferred license; you’ll find people are usually more than happy to do so.
Q2) Has there ever been a liability case against a software engineer for having a bug in their code that lead to damages? I remember the case of the Terac-25 xray machine being responsible for injuries (http://en.wikipedia.org/wiki/Therac-25).
A2) I am not aware of any case against a free software developer for buggy code. I would guess that disputes have arisen between businesses and their software vendors over bugs in the vendors’ software, but I’m not familiar with any particular cases.
Q3) Are there any best practices from a legal standpoint software developers should follow? Other skilled professions, like law, accounting and medicine have such tenants, but software is still immature in that regard. Is that changing?
A3) For free software developers and companies who use free software, the most important thing is license compliance. Keep track of what code you’re using, whose copyrights are in it, and what the license terms say. Always preserve copyright notices. More on this can be found in our primer and other documents on our website, including Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers (http://softwarefreedom.org/resources/2007/gpl-non-gpl-collaboration.html).
Q4) Is it important to add disclaimers to code samples and or blog posts?
A4) I assume that you’re referring to warranty disclaimers. In many jurisdictions (including individual states), certain warranties attach implicitly to any consumer good, for example a warranty that the product is generally “fit” for the purpose for which it is sold or distributed. There is sufficient concern that software—even community-produced free software distributed only in source code form—will be deemed subject to these implied warranties that most lawyers will recommend disclaiming them explicitly. There is probably a lower risk that code samples on a personal website will be considered “goods” subject to such warranties, but because consumer protection laws vary from state to state, I cannot say with certainty that no such warranty would apply. If you’re asking whether you should add explicit copyright licenses for code samples, I think it’s a good idea. If the code contains sufficient originality to be copyrightable (a relatively low bar) then visitors to your website will need a license to use it.
Q5) What do software developers need to know about patents?
A5) This one is easy. SFLC recently worked with the Debian community to produce an FAQ about patent issues for free and open source software developers. It explains what patents are, the risks they pose to free software developers, and how developers can limit their exposure. The FAQ can be found at: http://www.debian.org/reports/patent-faq. We also have a legal issues primer on our website, at http://softwarefreedom.org/resources/2008/foss-primer.html, that includes a section on patents. These two documents cover a lot of the same basic information, but both are worth reading.