NET(net), Inc.


FOSS licenses upheld! by jigordon
February 23, 2010, 9:32 am
Filed under: contract types, copyright, current events, law, open source, source code

After a five-year struggle in US Federal District Court, Robert Jacobson recently prevailed in his copyright infringement claim against Matthew Katzer as a result of Katzer’s alleged misappropriation of open source code from Jacobson’s Java Model Railroad Interface project.

You can read all of the story in more detail at ConsortiumInfo.org.  The end result is a huge win for open source developers as a result of three key findings by the District Court:

  1. Violation of an open source software license constitutes copyright infringement, not just breach of contract (this was first upheld by the Federal Appeals Court in 2008 in this case).
  2. Use of open source code without attribution is a violation of the Digital Millennium Copyright Act.
  3. These violations entitle the Plaintiff (Jacobson) to monetary damages – which, as they’re based on violations of copyright law, are potentially much more substantial than those which may have been limited by contract law.

There are some mitigating circumstances in that the results in this case are not yet dispositive of all future violations, as the ruling of a US District Court is limited to absolute applicability only in its geographic district.  The concern is that a Federal Appellate Court (including the US Supreme Court) could overrule or otherwise reverse this decision.  Worse yet would be another US District Court coming to a different conclusion with a similar set of facts.

But for now, FOSS developers can rest a little easier knowing that their creations are protected by copyright law.



Things that shouldn’t count as force majeure by jigordon
January 5, 2010, 9:32 am
Filed under: contract terms, force majeure, law

Define the term “force majeure” for me.  Looking online, there are several:

  • it’s French for “superior force”
  • act of God: a natural and unavoidable catastrophe that interrupts the expected course of events  (WordNet)
  • a common clause in contract which essentially frees both parties from liability or obligation when an extraordinary event or circumstance beyond the control of the parties (Wikipedia)
  • an unavoidable catastrophe (Wiktionary)

So what’s the common theme?  It’s the ability to AVOID a particular set of actions.  In other words, force majeure events are those which are unavoidable or unforeseeable.  If you only click one link above, do the one for Wikipedia and learn about the three-part test in French and international law for what constitutes a force majure event.  UCC Section 2-615, “Excuse by Failure of Presupposed Conditions” and the Restatement of Contracts 2d, Section 261 “Excused Nonperformance” also include multi-part tests.

But we’ve gotten lax in contract drafting in the US and folks have assumed that force majeure clauses (those that allow a party to not perform as a result of one of these types of events) were continually written with actual unavoidable events listed.  In fact, almost every force majeure clause I now see contains at least one, if not more, of the following things as force majeure events:

  • strikes/labor disputes
  • telecommunication difficulties
  • supply chain problems
  • terrorism and war (sometimes even phrased as “acts of the public enemy”)
  • riots
  • government regulation

Unfortunately, these are not force majeure events.  Why?  Because most of them can be planned for… and even something like terrorism and war (especially when they’re happening right now), should be planned for.  If you can plan for them, they’re foreseeable.  And if they’re foreseeable, they’re not unforeseeable.  See where I’m going with this?  🙂

So when you strike these items out of the force majure event clause, you’re going to get push back because people don’t want to be responsible for planning in all eventualities.  You’re not asking them to do it.  Rather, you’re asking that contract performance not be hindered or halted as a result of things that are capable of having a backup plan.  Which means that you could, if you were so inclined, draft language which allows for these items to be force majeure only if they were part of a backup plan that still was impeded.  In other words, you’ll give these items force majure weight if the party claiming force majeure can show that they had planned for them properly, but still ran into trouble.

Oh, and by the way, force majeure also isn’t one-size-fits-all.  Would you EVER list telecommunication difficulties in a contract with your telephone service provider?  Additionally, force majeure protections should benefit BOTH parties, even if one party’s sole obligation is to cut a check.  Payment can be made quite difficult by floods and hurricanes, just ask the good people in Louisiana, Alabama and Mississippi about business deals during Katrina.



Third Party Providers by jigordon
January 4, 2010, 9:32 am
Filed under: current events, law, maintenance, Outsourcing, Uncategorized

Happy New Year!

I saw an interesting article today that high-tech vehicles were posing problems to some mechanics.  The mechanics claim that they can’t afford the thousands of dollars that are necessary for them to obtain the specialized diagnostic tools for each auto manufacturer.  The manufacturers are claiming that they’re trying to protect their intellectual property.

Sound familiar?  Yup, it’s exactly like the issues Frank Scavo and Ray Wang have written about with regards to third-party software providers being blocked from performing various maintenance/implementation tasks by the contracts and software licenses and services agreements of certain primary vendors.

On the automotive side, it’s apparently gotten to be such an issue that there’s a congressional bill called the Motor Vehicle Owners Right to Repair Act of 2009.  The stated purpose of this Bill is to “protect the rights of consumers to diagnose, service, maintain, and repair their motor vehicles”.  What’s really interesting are the Bill’s findings, among which say that:

  • Motor vehicle owners are entitled to choose which service provider will diagnose, service, maintain, or repair their motor vehicles.
  • Promoting competition in price and quality… will benefit consumers.
  • Only service technician with the necessary tools and information can access the computers to perform diagnosis, service, maintenance and repair…

And the requirements of the Bill, specifically:

  • Duty to Make Tools Available:  The manufacturer of a motor vehicle sold, leases or otherwise introduced into commerce in the United States must offer for sale to the motor vehicle owner and to all service providers on a reasonable and non-discriminatory basis, any tool for the diagnosis, service, maintenance, or repair of a motor vehicle, and provide all information that enables aftermarket tool companies to manufacture tools with the same functional characteristics as those tools made available by the manufacturers to authorized dealers.
  • Replacement Equipment: The manufacturer of a motor vehicle sold, leased, or otherwise introduced into commerce in the United States must offer for sale to motor vehicle owners, and to all service providers on reasonable and non-discriminatory terms, all equipment for diagnosis, service, maintenance, or repair of a motor vehicle.

The only thing the Bill protects for the manufacturer are things that are actual trade secrets.

Wow.  Of course, there are a LOT of people (and more specifically, a lot of trade association and advocacy groups) behind this Bill.

Could you imagine what would happen if this passes and someone realizes that software in cars isn’t that dissimilar to plain old enterprise software?  If only there was a trade association group for buyers of enterprise software apps.  😉

But let’s talk about the other side of the issue for a moment.  Do consumers have a right to have third-party companies provide service?  A right?  No.  I don’t think there’s a right to be able to have third-party providers.  [Keep in mind, when we’re talking about rights, we’re talking about things equal to “life, liberty and the pursuit of happiness…”.]

Absent a right, should third-party providers still be allowed/encouraged?  I’m really torn on this.  On one hand, I’m all in favor of things that inspire commerce.  I like behaviors that create business, allow more people to work… and of course, things that drive down costs and dissipate apparent monopolies.  On the other hand, an individual or organization who creates something should be able to protect their idea/invention and not have to give up the secret sauce simply so that other people can benefit.  But there seems to be a line somewhere that once you cross it should allow for third-party companies to fill available niches.  Maybe it’s where the original vendor is no longer able to provide a quality-level of service.  Maybe it’s a situation where the original vendor is charging exorbitant rates.  I’m not sure.

Anyone have a solution?



Updating Contract Language for the 21st Century by jigordon

Holly Towle wrote an excellent article on the boilerplate contract language issues that might now exist in your contract language.  Read the article… consider the issues… review your templates.  Make some changes.  Of course, you can always just call me and I’d be happy to review your contracts for you.  😉



Who can audit? by jigordon
November 9, 2009, 9:32 am
Filed under: audit, law

I posted the question on Twitter the other day: “How does the SPA have the authority to audit software license use?  In thousands of licenses I’ve never given them that right.”

I was looking for some insight that I might have missed.  In the world of contracts, your license actually will specifically state who has the ability to audit your license usage (if they have the right at all).  And in the world of law, the term “standing” is used to show who actually is allowed to raise a particular issue (via the courts, etc).  So the SPA/BSA/SIIA (SIIA is their current incarnation) (or any other third-party “enforcer”) wouldn’t have the legal right to ever come in and audit your software license use unless there’s language in the license that allows for such audit.

Even general audit language is probably safe to prevent the SIIA from knocking on your door one day.  Typical audit provisions include:

  • explanation of who can come to audit (it usually says that the vendor has the right to audit)
  • time-frame of any audits (I typically am very clear to limit audits to 1 time per calendar year)
  • notice for audits (even bad audit language usually says that the vendor has to notify the licensee of the intent for an audit)
  • who besides the vendor can come audit (if 3rd parties are allowed, I limit to a “big-four” accounting firm and have NEVER been challenged on this limit)

The result is that even with not-so-favorable audit language, I simply don’t see how the SIIA has any right to come and perform an audit, let alone try to sue a licensee for license violations (again, any license that has “no third-party beneficiary” language in it could be used to very clearly show that the SIIA doesn’t have any rights with respects to the license).

Additionally, it’s been suggested that there are two other routes to allow such an audit: the “source” (the licensee’s employee who reports a violation) and the potential for an assignment of audit rights.  As for the source person, unless they’re also the person in the company who can allow someone to come in, that individual probably doesn’t have internal authorization to allow the audit to happen – so I find this unlikely.  The assignment of audit rights potential does exist, and contracts that have poor assignment language could potentially allow the vendor to assign their rights to someone else (and, in fact, it appears that the SIIA attempts to use an assignment of rights in this manner).  So it’s conceivable, but I’ve never seen the language used in that way.

At the end of the day, the lesson is this:

  1. Have strong audit language which clearly states who can perform the audit, on what time basis they can audit and what the results would mean (ie: usually you don’t have to pay any form of penalty unless usage exceeds 10% of the licensed quantity – but you’ll always have to pay for the difference in usage).  Include notice provisions and be very clear about whether the vendor can outsource their auditing… many will use large auditors, which is fine, but you don’t want Andy’s Audit Shack to be performing the audit.  Lastly, if you’re maintaining any kind of uber-confidential information (like SSN’s, bank account numbers, etc), then I would also be clear about what kinds of auditing tools can be used to complete the audit, as many vendors like to install their own auditing software onto your network.
  2. Have clear assignment language which prevents EITHER party from assigning the agreement without the other party’s consent (not to be unreasonably withheld, if you so choose): “Neither party may assign or otherwise transfer this Agreement or any of the rights hereunder, without the prior written consent of the other, which consent will not be unreasonably withheld or delayed.”.

OK – so you’ve done the prior two things and the SIIA comes knocking (physically or with a letter requesting/demanding an audit).  What do you do?  Simple.  Deny them access – in writing.  They’ll threaten, similar to the Big Bad Wolf, to huff and puff and to blow your house down.  But if you’ve got things properly documented, the SIIA simply doesn’t have the legal right to audit.  It doesn’t matter whether the vendor they’re supposedly auditing for is a SIIA member.  It doesn’t matter if they claim to have permission.  (Oh, and interestingly enough, if they name names and tell you which vendor sent them to you, I would check your license agreement with that vendor because many vendors like to include confidentiality restrictions which prohibit either party from even identifying the other.)

Now, regardless of everything I’ve just told you, I also firmly believe that you should always be 100% compliant with your contractual obligations.  So use some form of license management tool to know that you’re only using what you’re licensed to use.



This Week on The Web 2009-10-11 by jigordon

These are the discussions that happened around the web this week – maybe you already read about them, maybe you need to again.  Come join the party on twitter (follow me here and you’ll participate in the conversation live.)

I also realized that many of you might have no idea what you’re seeing below.  Sorry.  These are “tweets”, 140 maximum character messages sent via Twitter.  Within the Twitterverse individual users follow others and have followers (think of it like overlapping Venn diagram circles).  To read a tweet, you have to wade through a bit of jargon used to make the most of the 140 character limitation.  “RT” for example, is shorthand for “Re-tweet” and the @____ is the username of some other individual on Twitter.  Combined together, then, “RT @_____” means that someone else wrote a tweet that I found important and I now want to forward along to my followers.  The URL’s are then also shortened by shortening services like bit.ly to make the most of the character limitation, too.  Lastly, you might see “hash” identifiers “#______” which are ways to tag tweets of a particular flavor for easy searching later and “<” which means that I am commenting on what came before it.



This Week on The Web 2009-08-23 by jigordon
August 23, 2009, 9:32 am
Filed under: book, contract management, contract terms, law, source code, trust, TWoTW

The things that happened around the web this week – maybe you already read about them, maybe you need to again: