Law in the Internet Society
Ready for review.

-- NikolaosVolanis - 22 Dec 2009

Intellectual property in Open Source Software and Open Standards: Two strategies against open innovation

By picking up specific examples of misappropriation of intellectual property rights in the context of open source software (OSS) and open standards, this paper attempts their classification under two strategies: a. "Fear, uncertainty and doubt"; and b. "Embrace, extend and extinguish". Both of these strategems have as a starting point a company’s established intellectual property rights portfolio, which is then used to either discourage customers or counter the potential threat of “openness” of an open standard or the potential success of an OSS project.

a. "Fear, Uncertainty and Doubt"

The threat of software patent litigation can create an atmosphere of legal uncertainty that is detrimental to the OSS community, particularly due to its "bazaar" method of production of OSS, which may lead to potential liability for all subsequent developers (as well as users) of a specific software. This collective exposure to patent hold up represents a stronger incentive for patent trolls to attack OSS users, since this may generate economies of scale in litigation. The SCO v. IBM case is a lucid example of targeting OSS users, even though it is not primarily a patent infringement case. On March 6, 2003, the SCO group filed a $1 billion lawsuit against IBM claiming that IBM has, without authorization, contributed SCO’s IP to the open source codebase, Unix-like Linux operating system. In May 2003, SCO sent a letter to members of large US firms warning them of the possibility of liability if they use Linux. Another series of letters was sent in December 2003 alleging copyright infringement related to 65 files in the Linux code tree. Following a series of lawsuits and counter-lawsuits, the cases are still pending before various courts. IBM has explicitly noted (Section E, paras 22-24) that SCO has engaged in a technique, so as to create a false perception that SCO holds the IPR rights to UNIX which permit it to control not only all UNIX technology, but also Linux. This impression has been further reinforced by various statements of SCO’s chief executive officer, regarding potential liability for Linux users.

This technique of creating uncertainty as to the legality of specific software is usually termed "FUD" – acronym for “Fear Uncertainty and Doubt”. It was first used in the computer hardware industry in 1975, as an attempt to describe IBM’s marketing and public relations policy, as a strategy aiming to influence the public by disseminating unfavourable opinions about a competitor’s product, to overstate the estimation of switching costs if current customers decide to migrate to a rival company’s products or to maintain a leverage over a current business partner who could potentially become a rival. Additionally, when said strategy is combined with the threat of enforcing intellectual property rights (IPRs) that belong to the company, then the specific IPRs are not only used to expose individual companies to legal threats, but also to create a climate of legal ambiguity which can be detrimental not only to the OSS community and the industry as a whole.

Since the 1990s, the term has been used to characterise a facet of Microsoft’s response to the open source movement, which has been implicitly acknowledged in the company’s internal “Halloween Documents”. The Halloween documents comprise a series of confidential Microsoft memoranda (drafted by Microsoft employees Vinod Valloppillil and Josh Cohen) on potential strategies relating to free software, open-source software, and to Linux in particular; and a series of responses to these memoranda. Both the leaked documents and the responses were published by Eric S. Raymond, an open source advocate and co-founder of the Open Source Initiative. Marked "Microsoft confidential", these documents identify open-source software, and in particular the Linux operating system, as a threat to Microsoft's dominance of the software industry, and suggest ways in which Microsoft could disrupt the progress of OSS. According to the Halloween Documents, OSS is identified as a “long-term credible” product and thus “FUD tactics cannot be used to combat it”. Still, over the following years, Microsoft has made various announcements regarding the potential dangers of developing or using OSS software, particularly with regard to the General Public License’s (GPL) “viral nature” which “_[...] poses a threat to the intellectual property of any organisation that derives its product from GPL source_”, and to the potential liability for users of Linux, since the latter software allegedly infringes 235 of Microsoft’s patents. This acknowledgement has been recently followed by relevant legal action taken by Microsoft against a company using Linux as the software platform for their products. The latter case was eventually settled out of court.

b. "Embrace, Extent and Extinguish"

A different strategy has been followed in the course of open standards (HTML 4.0 standards in particular), in the seminal antitrust case between Microsoft and the U.S. Department of Justice. As referenced in the proposed findings of the Department of Justice , “[...]_ Microsoft’s response to the browser threat was to “embrace, extend, extinguish”; in other words, Microsoft planned to ‘embrace’ existing Internet standards, ‘extend’ them in incompatible ways, and thereby ‘extinguish’ competitors_.” (Section V.A.3.b. para. 91.3.2). In this context, the first step involves the development of software which is substantially compatible with competing products and which implements the public standard, the second step refers to the adding or promoting features which are not supported by competing products or part of the standards, and thus creating interoperability problems for customers who attempt to use the standard without said additions or features, whereas the third and final step involves the marginalisation of the competitors, by the time these additions or features become a de facto standard because of the company’s dominant position in the market.

A similar example is also the contest between Sun Microsystems and Microsoft, whereby, Sun accused Microsoft of attempting to use the same technique to “extinguish” its Java cross-platform language. Sun allowed users to freely download the tools needed to read and write programmes in the Java language, which has become popular because of its cross-platform interoperability. In this context, Sun licensed Java technology to Microsoft for its inclusion in the Windows platform. However, Microsoft applied a stratagem of “embrace and extend”, by implementing additional features in Java which were not part of Sun’s standard. In this context, if developers wrote software that took advantage of the extra features, this software would only run in Java running on the Windows platform, thus “extinguishing” Java’s cross-platform compatibility that Sun was aiming for. For this reason, Sun sued Microsoft based on patent infringement and antitrust violations. In 2003, the 4th U.S. Circuit Court of Appeals reversed the decision of a lower court, by deciding that Microsoft did not have to distribute a version of Java endorsed by Sun, but on the same time affirmed that Microsoft violated Sun’s copyright by distributing its own version of the language for the Windows platform. In this context, Microsoft was not burdened with a “must-carry” obligation, but simultaneously was prohibited from distributing any version of Java other than that licensed to Microsoft in a 2001 Agreement with Sun. Finally, the companies reached a settlement over Sun’s antitrust claims in 2004.

Final Thoughts

I suspect that the mere presentation of these two strategies helps little to address the underlying questions regarding the use of intellectual property rights in the context of OSS and open standards; to conclude that the aforementioned strategies are based on the misuse of IPRs - and that proper use of IPRs would resolve this tension - would be a rather short-sighted remark, since the effect of IPRs on these areas is systemic. Moreover, this remark overlooks the fact that the judgement on whether IPRs (especially patents) are used or misused depends essentially on the standards of granting a patent by the administration and upholding it by the courts (in this sense, if an abstract software patent (see p.194 etseq.) is granted based on current legislation and upheld by the patent court, its enforcement by its holder would not contitute a legally prohibited abuse stricto sensu, despite its detrimental effect to the software community. In any case, used or misused, IPRs have an impact on innovation fostered by the open source community as well as standard setting organizations that promote open standards. The strategies that we may devise to overcome the potential threat of IPR enforcement (e.g. collecting and keeping prior art information in order to invalidate patents, establishing mechanisms that facilitate better examination and quality of patents, patent pooling, open source insurance, code scanning / code "management") may help mitigate the risks diriving from IPRs, but do not tackle the problem at its source.



Webs Webs

r3 - 29 Dec 2009 - 04:00:36 - NikolaosVolanis
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM