Apps and Open Source: A Developing Debacle?

HHR Advisories & Publications

In the rush to take advantage of the boom in the apps market, developers may have–consciously or not–overlooked the fact that some of the software building blocks they were using to create apps were governed by their own license restrictions, which may have been violated by the developers.  A recent report published by OpenLogic found that 7 out of 10 apps that contained open source software were in severe breach of the open source license requirements.  OpenLogic reviewed 635 leading mobile Apple iOS and Google Android apps in a license compliance assessment.  The results show that about 10 percent of the apps contained code that was subject to an open source license (either the General Public License, Lesser General Public License (GLP/LGPL) or Apache license), and over 70% percent of these were apparently using the open source code in a manner that violated key obligations required by the open source licenses. While certain of the violations found by OpenLogic related to requirements for attribution and/or provision of copies of the underlying open source license with the new works, in certain instances some of the apps may have required the developers to provide the source code for the app itself (that is, the open source code caused the app to go "viral").  OpenLogic did not identify specific apps in its review but states that it targeted the "top paid and free apps for iPad, iPhone and Android across a variety of categories," including apps from the top 20 companies in the Fortune 500.  The apps at issue included banking, sports and game applications, as well as apps from household brands and media organizations. Perhaps this result isn't surprising.  Many developers–and the publishers that retain them–often don't have a complete understanding of the open source license requirements and how they may impact the actual use of the code in a specific app.  Other confusion may arise from the proliferation of outsourcing or the inadvertent bundling of original source code with protected source code.  Even when developers were aware that their app contained open source, the End User License Agreements or documentation accompanying the apps may not have been properly drafted to fully comply with the open source license requirements. It is unclear what the ultimate impact of these findings will be.  Violation of an open source license can form the basis of a copyright infringement claim (exposing the entity using the code to statutory damages, as well as the possibility of an injunction).  Jacobsen v Katzer, an open source copyright infringement case, established that violators of open source software may be subject to claims under copyright law, including statutory damages up to $150,000 per infringing work and injunctive relief.  Injunctive relief was granted in Software Freedom Conservancy, Inc. and Erik Anderson v Best Buy Co., Inc. et al., a case where the defendant allegedly sold and distributed electronic products embedded with firmware that contained either a copy or derivative work of the plaintiff's open source software, BusyBox, without complying with the open source license.  In addition to awarding treble statutory damages ($90,000) for willful copyright infringement and attorneys' fees and costs, the court entered a permanent injunction against the defendant prohibiting distribution of its infringing HDTVs and ordered the forfeit of infringing HDTVs in its possession to the plaintiff, to be donated to charity. While it is difficult to assess the litigation risk in the app space, a more critical concern for commercial application developers is the potential diminution of value that might result from the use of open source code (i.e. non-proprietary components) that might be included in their apps.  Strategic partners or potential acquirers might become concerned about hidden claims (either with respect to ownership of the app or for violation of an open source license).  Prudence would seem to compel developers and publishers to carefully scrutinize the code being incorporated into newly-developed apps and gain mastery over any open source license requirements.