On Friday, Microsoft acknowledged that the code for the Windows 7 USB/DVD Download Tool improperly included GPLv2 licensed code and they did not comply with GPLv2. Like the GPLv2 licensed code found in the Linksys operating system, the software had been written by a consultant. Peter Galli’s blog was very frank:
we are now able to confirm this (inclusion of improperly licensed GPL v2 code) was indeed the case, although it was not intentional on our part. While we had contracted with a third party to create the tool, we share responsibility as we did not catch it as part of our code review process. We have furthermore conducted a review of other code provided through the Microsoft Store and this was the only incident of this sort we could find.
They will be making the source code of the relevant software available under the GPLv2 next week. They also acknowledged that they will be taking steps to avoid this problem in the future. The open source community should welcome Microsoft’s frank and appropriate response. A recent post on the FSF Europe email list noted that app stores are becoming a major source of violations and companies who host them need to consider how best to deal with the liklihood of these type of problems.
This problem illustrates the critical nature of an open source (I would now say “third party software use policy” because so much proprietary code is also available for download) use policy. Yet Gartner noted last year that 69% of companies surveyed do not have a formal policy for evaluating and cataloguing OSS use.See my earlier post, http://lawandlifesiliconvalley.com/blog/?p=107. These use policies need to cover not just internal development but all sources of code which includes code from third parties, consultants and M&A transactions.
5 Comments
RSS feed for comments on this post. TrackBack URL
Sorry, the comment form is closed at this time.
Contractor includes GPL code in deliverable – customer has to publish its own source code…
The customer was Microsoft – see this posting by Mark Radcliffe, general counsel of the Open Source Initiative.
If you liked this post, please subscribe to the feed. On Technology Contracts is home to the TATE Compendium, a community library of t…
Trackback by On Technology Contracts — November 16, 2009 @ 9:11 am
[...] Law & Life: Silicon Valley » Microsoft and Windows: Lessons on Managing Open Source Software Us… lawandlifesiliconvalley.com/blog/?p=306 – view page – cached Just a reminder, these posts are not legal advice. This site is the personal blog of Mark Radcliffe and the opinions expressed are those of Mark Radcliffe and not those of his clients, DLA Piper… Read moreJust a reminder, these posts are not legal advice. This site is the personal blog of Mark Radcliffe and the opinions expressed are those of Mark Radcliffe and not those of his clients, DLA Piper or the clients of DLA Read less [...]
Pingback by Twitter Trackbacks for Law & Life: Silicon Valley » Microsoft and Windows: Lessons on Managing Open Source Software Use [lawandlifesiliconvalley.com] on Topsy.com — November 16, 2009 @ 10:03 am
Social comments and analytics for this post…
This post was mentioned on Hackernews by jacquesm: Weird how it gets spun as a ‘danger of open source’.It’s simply being careless. If they have a review process and it did not catch this it can’t be much of a review.The really worrying thing here i…
Trackback by uberVU - social comments — November 16, 2009 @ 10:38 am
[...] Contractor had included GPL code, so Microsoft decides to publish its own source [...]
Pingback by Shared Items – December 2, 2009 « Bramanga.com — December 2, 2009 @ 9:42 pm
[...] of its failure to comply with the GPL in its distribution of the Windows 7 USB/DVD Download Tool http://lawandlifesiliconvalley.com/blog/?p=306. In addition, Microsoft provided three drivers to Linux under [...]
Pingback by Law & Life: Silicon Valley » Top Ten Open Source Legal Developments: 2009 — December 31, 2009 @ 11:26 am