25 Nov Open Source Software Law
Generally, Free Software is provided “as is” and with disclaimers of warranties, indemnity or other liabilities. However, some OSS licenses require that recipients who commercially distribute software, including OSS components, be able to assume certain legal obligations, such as indemnification of upstream developers for certain legal claims. An example is the Eclipse v 1.0 public license, which states in part: In contrast, the government generally only gets “unlimited rights” if it pays for all or part of the development of that software. Government-funded software is generally referred to as “non-commercial software” and is therefore subject to different rules. The government has the right to link software to which it has unlimited rights to GPL-covered software. After all, the government can use software with unlimited rights at will. The DISA STIG also notes “4. A compiled utility without warranty is not acceptable. Therefore, a program must be provided with the source code or a warranty; If there is neither, a special exemption is required because it is difficult to check, repair or extend the program, either directly or through someone else. OSS options should essentially be evaluated in the same way that you would evaluate each option, taking into account needs, costs, etc.
In some cases, sources of information on FOSS differ. Note that most commercial software is not intended for use when the impact of a bug of any kind is extremely high (for example, a large number of lives may be lost immediately if the slightest software error occurs). Software that meets very high reliability/security requirements, also known as “high assurance” software, must be developed specifically for these requirements. Most commercial software (including free software) is not designed for such purposes. This page is an educational resource for government employees and government contractors to understand the policies and legal issues related to the use of open source software (OSS) in the Department of Defense (DoD). The information on this page does not constitute legal advice and all legal questions relating to specific situations should be referred to legal counsel. References to specific products or organizations are provided for informational purposes only and do not constitute an endorsement of the product or company. The internationally recognized definition of open source contains ten criteria that must be met for each software license and software distributed under that license to be called “open source software.” Only OSI approved open source licensed software should be marked as “open source” software. Proprietary COTS are particularly suitable if there is a proprietary COTS product that meets the need. Proprietary COTS are usually cheaper than GOTS because development and maintenance costs are usually spread among a larger number of users (who typically pay to license the product). Unfortunately, this usually affects flexibility.
The government generally doesn`t have the right to modify the software, so it often can`t fix serious security issues, add arbitrary enhancements, or run the software on platforms of its choice. If the supplier gets a monopoly or it is difficult to switch suppliers, costs can skyrocket. In addition, the supplier may choose to abandon the product; Software escrow may reduce these risks somewhat, but in these cases it becomes GOTS with the associated costs. Government Off-the-Shelf (GOTS), Ready-to-Use Proprietary Trade (COTS) and OSS COTS are methods for reusing software across multiple projects. Therefore, these are all strategies to share the costs of software development and maintenance and possibly reduce their costs. This control aims to restrict the use of certain types of “binary or machine-executable” software when “the government does not have access to the original source code.” As made clear in the 2009 DoD CIO memorandum, this control does not prohibit the use of free software, because with free software, the government has access to the original source code. “Source Code” means computer instructions written in a computer programming language intended to be read by humans. In general, source code is a high-level representation of computer instructions written by people, but must be assembled, interpreted, or compiled before a computer can execute the code as a program. Free software naturally includes protectable intellectual property rights, especially copyright.
Thus, if a person wants to use open source software, they are required to abide by the associated license terms. Founded in 1998, the Open Source Initiative (OSI) is the self-proclaimed guardian of the definition of open source and the community-recognized body for the review and approval of open source licenses. The OSI has approved over 90 licenses, with open source software also available under countless other licenses. One of the most unusual unauthorized licenses is the chicken dance license (the user must film themselves performing a chicken dance for every 20,000 units distributed). Otherwise, choosing the right open source license for your project will depend on your goals. The DoD-CIO memorandum of 16. October 2009, “Clarifying Guidance Regarding Open Source Software (OSS)” defines OSS as “software for which human-readable source code is available for use, study, reuse, modification, improvement, and redistribution by users of that software.” (i) Redistribution of source code is restricted by law or regulation, including, but not limited to, patent or intellectual property laws, the Export Goods Regulations, the International Traffic in Arms Regulations and federal classified information laws and regulations.