What Should Developers, Users
Do?"> For businesses that use Linux, Kuhn advised that they dont overreact to the news. "We dont think an alarmist response to the [OSRM] report is warranted," he said, because "the worlds largest software patent holders are heavily invested in service and support of GNU/Linux systems." "Indeed, many of the patents in question may be held the very organizations that now have a vested interest in continuing patent-unencumbered GPL distribution of GNU/Linux systems."Kuhn cited IBM as an example. "From time to time, we have discovered that various IBM patents read on the GCC [GNU Compiler Collection], an important component of the GNU/Linux operating system."In those cases, we have worked with IBM, who may be the largest software patent holder in the world, to place a letter on file at FSF stipulating that they will not bring patent infringement claims against anyone exercising the teachings of those patents under the terms of GPL. "We believe that anyone who has a vested interest in the success of GNU/Linux systemswhich is most of the worlds major software-patent-holding corporationswill do the same as IBM when the situation arises," Kuhn said. Click here to read about why IBM is not offering Linux indemnification. But what Kuhn doesnt say is that, according to the OSRM report, at least some of the Linux kernel patents belong to Microsoft, which has no cause to love Linux. The report also says at least one Hewlett-Packard Co. executive has feared that Microsoft would use its patents to batter Linux and free software. Levy said he doesnt think there is much of a threat, but for a different reason. "None of the 400 litigation-tested patents that he [Dan Ravicher, leader of the OSRM study] investigated could form the basis of an infringement claim against the Linux kernel," he said. "Only untested patents form the basis of these potential infringement suits." "Until the 283 unidentified patents are tested in court," Levy said, "one cannot even confirm that they are protectable patents, since it is common for companies to try to claim a patent over work that is not protectable. "These 283 potential infringement claims may be less of a warning to users and distributors of Linux systems and more of a commentary on problems within the existing patent system," he said. But Thomas Carey, chairman of the business practice group at Boston-based Bromberg & Sunstein LLP, a firm specializing in intellectual property litigation and business law, said he doesnt think that the potential threat from Linux patents should be treated seriously. "Software patents are very, very serious, especially because the software industry is so used to assuming that they dont apply to software, and developers plow ahead without giving it a moments thought. Then, Carey said, "you get the blockbuster infringement case, like the one Google settled with Yahoo, resulting in a payment, in the form of stock, exceeding a quarter-billion dollars. "There are going to be many more scores like this that are settled for big dollars, and then the software industry will get more disciplined about patent-infringement issues, smoking them out before they develop their products, not afterward," Carey said. So, how should developers handle these issues? Daniel Egger, chairman and founder of OSRM, suggested that Linux programmers not look at patents. "Current U.S. patent law creates an environment in which vendors and developers are generally advised by their lawyers not to examine other peoples software patents, because doing so creates the risk of triple damages for willful infringement." Stine said ignoring others patents would not be wise. "While there are ways to minimize the threat, ignoring the patents as Mr. Egger suggests is not one of them. Vendors should continuously monitor patents and published patent applications to make sure any infringement problems are dealt with early." As for corporate Linux customers, Stine said end-users are not likely to know how the software operates. "Therefore, they should make sure they are adequately indemnified by their vendor" Carey added, "As to Linux in particular, I cant possibly review 283 patents to answer the question." He added that OSRM "seems to be offering an insurance product without being licensed to do so." "They are calling it an indemnity agreement, but whats in a name? A serious Linux user will go to a real insurance company and get real insurance, if thats the path they choose. But when they see what the premiums will cost, they may find that Microsoft is the low-cost answer." Talcott didnt go that far, but he did say lack of indemnification is a concern for vendors and users. "The problem faced by Linux vendors and customers is that Linux suppliers tend not to indemnify their resellers and users for the defense of patent or copyright infringement claims." "A user who gets sued for patent infringement for using a Linux application for its intended purpose is likely to have no recourse to the supplier for defense costs," Talcott said. "This is in contrast to traditional software suppliers, which often include some level of indemnification in their licenses." Click here to read about Red Hats Linux indemnification. Still, Talcott said, "Some companies, such as HP, have been moving in the direction of providing some level of indemnification to customers who use their open-source products. They may decide that further indemnification for patent infringement claims is a marketing feature that is worth the accompanying risk." Check out eWEEK.coms Linux & Open Source Center at http://linux.eweek.com for the latest open-source news, reviews and analysis.