OSRM POSITION PAPER:
Mitigating Linux Patent Risk
Release Version 1.1
August 2, 2004
Patents pose an ever-present threat to software of all kinds, because any
person that uses or distributes software that infringes a patent is liable and can have
money damages and an injunction awarded against them - regardless of whether they
were aware of the patent or had any intent to infringe it. As such, patents are also a risk
to free and open source software. This risk is one the free and open source community
has long acknowledged. For example, the GNU General Public License (“GPL”), the
most widely adopted and well known free and open source license, stated more than a
decade ago that, “any free program is threatened constantly by software patents.”
Hewlett-Packard executives, in a 2002 internal memo recently leaked to the press, said
that “Microsoft intends to sue companies shipping Free and open source products that
potentially violate their patents.” The community is already aware of the general threat.
What is new today is that the threat has been measured and quantified for
the first time ever in regards to a specific software program. Open Source Risk
Management (OSRM) recently completed the first-ever independent evaluation of
potential patent infringement by the Linux kernel. This is a review that, for valid legal
reasons, Linux vendors did not have the freedom to perform (see Lemley, "Ending Patent
Law's Willfulness Game," cited below). OSRM’s conclusion: while patents certainly do
not spell doom for royalty-free distribution of Linux; there is a level of patent
infringement risk that Linux users and developers should be mindful of and prepared to
address. More specifically, the study found that not a single software patent fully
reviewed and validated by the courts is infringed by the Linux kernel. Yet, the study also
determined that 283 software patents not yet reviewed by the courts could potentially be
used to support claims of infringement against Linux. To be clear, this is not a level of
potential infringement greater than that of proprietary software; comparable proprietary
software faces the same level of potential infringement.
Ending the speculation around the issue by actually measuring it gives the
free and open source community and Linux customers knowledge to deal with the issue
proactively and on their own terms; instead of waiting for an aggressor to force the user
into action on its opponent’s terms. There are a range of approaches for dealing with
patent risk, none of which are mutually exclusive. Specifically, five steps that end-users
and developers of Linux can take to minimize the patent threat include:
(1) supporting structural reform of the patent system;
(2) recognizing that patent disputes can and will be resolved in ways that comply
with the letter and spirit of free and open source licensing;
(3) contributing to historical databases of previously inaccessible prior art to help
prove non-inventive patents invalid;
(4) being prepared to “design around” patents when necessary; and
(5) obtaining patent infringement defense insurance.
OSRM POSITION PAPER: Mitigating Linux Patent Risk Page 2
Each of the above has a complementary role to play in managing the threat patents pose
to free and open source software in general, and to the Linux kernel in particular.
1. SUPPORT BROAD-BASED PATENT REFORM
As the former Director of the U.S. Patent & Trademark Office, James
Rogan, put it himself just last year, the patent system is in “crisis.” The Patent Office
allocates only a few hours to reviewing applications before it issues patents, and thus
often issues patents for “non-inventions;” in other words, they issue patents for
technologies that already exist, but that their cursory review did not reveal. The problem
is that the price tag for proving that the patent is a non-invention falls at random on
alleged “infringers” – an arbitrary tax that burdens true innovators. And it is a high tax to
pay; resolving patent disputes in the courts costs, on average, $2–4 M per case, per the
American Intellectual Property Law Association. Many voices are calling out for reform
of a patent system that is widely considered to be broken – including the Federal Trade
Commission, the National Academy of Sciences, and various independent legal and
economic experts. In the meantime, this system is having detrimental effects on all
segments of technological development.
“Given the current state of the patent system, it would be, if not
impossible, prohibitively expensive, to challenge each of the 283 patents identified as
posing a direct threat to Linux,” said Dan Ravicher, OSRM’s lead outside patent counsel,
also senior counsel to the Free Software Foundation and Executive Director of the Public
Patent Foundation. “Although I have serious doubts that any of them contain valid
claims covering technology critical to Linux, the high costs of patent litigation would
make proving that in court a severe burden for some and, unfortunately, an impossibility
for others. The system is punishing the very people it was designed to help, and it needs
to change; but in the interim everyone must figure out a way to deal with it."
The movement for reform has already begun. Outspoken critics of the
patent system include Bruce Perens, a preeminent free and open source expert and author
of software that is a major component of most commercial embedded Linux offerings
(and a member of OSRM’s Board of Directors) who calls the patent system “defective;”
and Richard Stallman, founder of the Free Software movement, the GNU project, the
Free Software Foundation, and the League for Programming Freedom, who believes
“software patents impede software development and retard software progress.” A number
of leading technology companies actively support the current push for patent reform.
Robert Barr, Vice President and Worldwide Patent Counsel for Cisco Systems, testified
before the Federal Trade Commission and Department of Justice that “rather than
rewarding innovation, the patent system penalizes innovative companies who
successfully bring new products to the marketplace and it subsidizes or rewards those
who fail to do so.” Stephen P. Fox, Hewlett-Packard's Associate General Counsel and
Director of Intellectual Property, like Barr, told the FTC and DOJ that “[patent] risks …
are a growing menace to innovation efforts across the information technology landscape.”
Prominent law professors Eben Moglen of Columbia, John Thomas of Georgetown, and
Mark Lemley of Stanford have also been outspoken about the patent system’s current
OSRM POSITION PAPER: Mitigating Linux Patent Risk Page 3
failings and negative consequences, as have economic experts like Carl Shapiro of
Berkeley University and Josh Lerner of Harvard Business School.
OSRM today joins those voices, and urges free and open source software
developers and vendors to get more active in this regard. “I strongly encourage the free
and open source software developer community to make common cause with those
fighting to fix the patent laws,” said Daniel Egger, OSRM Founder and Chairman. “It is
too easy today to game the patent system, and tax individuals and companies who are
actually leading the development of new technologies. The Linux community has shown
its power when it collaborates to resolve issues of importance; and it is my hope that they
will channel some of their efforts in support of structural patent reform.”
2. RESOLVE PATENT DISPUTES IN ACCORD WITH FREE AND OPEN SOURCE
LICENSING
It is also important to recognize that patent assertions made against Linux
and other free and open source software can and will be resolved in ways that will not
require ending development or distribution. In fact, many patent issues have already
been quietly settled in such a manner. So long as a patent license does not forbid a
distributor of free and open source software from complying with whatever distribution
requirements are placed on it under the applicable free and open source license, the
development and distribution can go on without disruption. For example, such licenses
are clearly anticipated by Section 7 of the GPL, which states that “if a patent license
would not permit royalty-free redistribution of the Program by all those who receive
copies directly or indirectly through you, then the only way you could satisfy both it and
this License would be to refrain entirely from distribution of the Program” (emphasis
added). Therefore, a patent license that would permit royalty-free redistribution would be
GPL compliant and pose no impediment to continued development of the relevant
program.
“There are multiple ways to deal with a patent that is being asserted
against a free and open source software program,” says Ravicher. “One is to prove the
patent invalid. Another is to prove the program does not infringe the patent. Yet another
is to negotiate a patent license that complies with the applicable free and open source
license.”
Some might question whether any patent holder would ever be willing to
license its patents under terms allowing royalty-free redistribution. But, in fact, several,
including Secure Computing and Red Hat, have already done so. “First of all, the patent
holder can always be compensated with lump-sum, annual, and/or milestone royalty
payments,” continued Ravicher. “And, remember, the patent holder that signs a GPL-
compliant license for free and open source software can still enforce its patents and seek
money or injunctive relief against proprietary software.”
OSRM’s position is that in resolving patent issues raised against free and
open source software, litigation should be a last resort. It is generally possible to resolve
OSRM POSITION PAPER: Mitigating Linux Patent Risk Page 4
such disputes in a way that does not impede the relevant free and open source software
program, but which also satisfies the patent holder’s reasonable demands. Mutual
understanding that non-litigation options exist can make dealing with patent risk for free
and open source software much easier.
3. BUILD AN ARSENAL OF PRIOR ART
One of the major failings of the current patent system that is of particular
relevance to software patents is that the Patent Office is often not aware of significant
prior art during the application review process. Without such evidence, the Patent Office
cannot carry its burden to prove that the purported invention is not new or non-obvious.
To address this issue, OSRM is working with the free and open source developer
community through a new project called Grokline to gather specifically focused non-
patent prior art that will help defend against any patent claims asserted against Linux.
Grokline is directed by Pamela Jones, Director of Litigation Risk Research for OSRM
and Editor and Moderator of Groklaw, the award winning website dedicated to
exhaustive and timely reporting on present and threatened litigation against the Linux
kernel and other free and open source software. Community resources like Groklaw and
Grokline are essential to the process of analyzing and rebutting patent threats made
against the Linux kernel or any other free and open source software program. The
community’s efforts will be aided by OSRM's patent counsel, who will help guide the
fact-finding and analysis that is performed there.
“My readers are participants, not just passively interested observers,” says
Pamela Jones. “They have demonstrated their willingness and skill in helping research
copyright issues. Now, moving on to patents, I believe they can help find prior art, if
they receive some specialized knowledge and training. They already have the technical
knowledge to understand patent descriptions. And they know how the Linux kernel
works. Some of them helped write it. All that is required is to teach them certain prior
art search skills and how to know what matters in a courtroom. We plan to do exactly
that, with attorneys creating free teaching tools, manuals and videos, to show all who
wish to help how to find and contribute meaningful prior art.”
4. BE PREPARED TO DESIGN AROUND A PATENT
In some circumstances, re-engineering a section of the Linux Kernel to “design
around” and permanently eliminate an alleged patent threat, by implementing a non-
infringing substitutable replacement, could be the most appropriate community response.
Rapid, inexpensive re-engineering through the proven peer-review methods of open
source software development is the “secret weapon” that will make most threatened
patent litigation against Linux more costly than it is worth.
Re-engineering is a powerful weapon, but it must be used sparingly so that Linux
developers can concentrate on technological advances, not alternative implementations of
current function. OSRM will consult directly with leading kernel developers, and in
particular with the Open Source Development Laboratory (“OSDL”), Linus Torvalds’
OSRM POSITION PAPER: Mitigating Linux Patent Risk Page 5
employer and the “Center of Gravity” for ongoing Linux kernel development, to seek
consensus prior to any future recommendation for re-engineering.
5. OBTAIN LINUX PATENT INSURANCE
Even if ultimately fully successful, none of the four previous methods of
addressing the patent risk to Linux and free and open source software provide an
immediate and comprehensive solution. Patent reform will, unfortunately, take much
time; and each of the other proposals only deal with individual patent threats on a case-
by-case basis. Patent infringement defense liability insurance that protects the insured
from any patent claim made against them, on the other hand, allows the insured to
immediately transfer an entire swath of patent risk to another party. Once covered, the
insured know that no matter who may assert a patent against them, they have available
the resources necessary to mount an effective defense. Specialized resources become
available quickly, comprehensively, and on the users’ own terms.
OSRM will begin underwriting such comprehensive patent infringement
defense insurance, along with its current loss control services, to corporate end-users of
the Linux kernel by the end of this year through its insurance affiliates. It can do this
because the aggregate patent exposure of the Linux kernel represented by the 283 patents
identified through OSRM’s comprehensive patent risk analysis -- particularly when
viewed in light of the software operating system-related prior art provided by the 1,000+
registered Unix and Linux developers who have already contributed their personal
knowledge to Grokline -- is quantifiable and manageable under OSRM’s current risk-
models and protocols.
“Traditional insurance companies simply do not offer liability insurance
against claims of patent or copyright infringement for corporate end users of free and
open source software,” observers Rick Betterley, author of Intellectual Property
Insurance Market Survey 2004. “OSRM is able to prudently insure these exposures
because of its unique underwriting and loss control capabilities, and because it can
marshal the combined talents of its legal defense panel and specialized domain experts to
bring the best defense possible to its insureds.”
Uninsured users of Linux who are approached by patent-holders may not
know how to avail themselves of the sophisticated and legally persuasive prior art
resources already developed by the Linux developer community. OSRM is uniquely
positioned and resourced to guide such Linux-users and their counsel to the informational
resources that will give them confidence that their patent risk with Linux is manageable.
“Users should consider their options, and determine which combination is most
appropriate to address their specific needs. OSRM’s specialized consultants can help in
the assessment; and, if it is found to be an appropriate solution, its insurance can provide
significant protection. Since patent risk mitigation insurance is a direct competitive
alternative to licensing, no Linux user should consider paying for or cross-licensing any
allegedly Linux-related patent -- or entering into a confidentiality agreement that prevents
OSRM POSITION PAPER: Mitigating Linux Patent Risk Page 6
them from seeking help from the community -- until they have considered this new
option, insurance.” says Egger.
Please send questions and comments to positionpaper@osriskmanagement.com.
REFERENCES AND FURTHER READING
Bessen, James and Maskin, Eric, Sequential Innovation, Patents, and Imitation, 2000,
available from http://www.researchoninnovation.org/patent.pdf.
Forgent Proves Once Again That Patents and Software Need to Get a Divorce, Groklaw,
April 24, 2004, available from http://www.groklaw.net/article.php?
story=20040424232421417.
GNU General Public License, Free Software Foundation, 1991, available from
http://www.gnu.org/copyleft/gpl.html.
Lemley, Mark A. and Tangri, R. K., "Ending Patent Law's Willfulness Game," 2003,
available from http://ssrn.com/abstract=472901.
A Patent System for the 21st Century, Stephen A. Merrill, Richard C. Levin, and Mark B.
Myers, Editors, Committee on Intellectual Property Rights in the Knowledge-Based
Economy, National Research Council, 2004, available from http://books.nap.edu/
catalog/10976.html?onpi_newsdoc04192004.
Perens, Bruce, Software Patents vs. Free Software, available from http://perens.com/
Articles/Patents.html.
To Promote Innovation: The Proper Balance of Competition and Patent Law and Policy,
Federal Trade Commission, 2003, available from http://www.ftc.gov/opa/2003/10/
cpreport.htm.
Shapiro, Carl, Navigating the Patent Thicket: Cross Licenses, Patent Pools, and
Standard-Setting, 2001, available from http://faculty.haas.berkeley.edu/shapiro/
thicket.pdf.
Thomas, John R., "The Responsibility of the Rulemaker: Comparative Approaches to
Patent Administration Reform," 17 Berkeley Tech. L.J. 727 (2002).
* * *
No comments:
Post a Comment