www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Corporate Contributions
Date Thu, 24 Mar 2005 23:32:10 GMT
At 12:41 PM 3/24/2005, Geir Magnusson Jr. wrote:

>I've proposed asking that a CCLA be required from everyone with an employer specifically
to protect the employee as well as the ASF, to prevent accidentally (or intentionally) submarining
IP into a project.

There is an additional theory I'll relate as heresay, IANAL,
but to limit the unwanted spread of trade secrets, intellectual
property etc requires adequate supervision by the employer.

I'd be fascinated to see any case law, but one could argue that
open source contributions are one of the (technically) most
transparent external activities one can engage in outside of
one's employer.  An engineer moonlighting for another firm would
be totally outside the view of one's employer.  But anyone can
see one's public activities on the internet.  

<me>googles "Geir Magnusson" and chuckles</me>

It seems counterproductive to require a CCLA.  If it is a malicious
contribution, we can deflect the onus back on the employee, and
ultimately on the owner of the intellectual property if they were
party to 'submarining' our code base.  Their claim to own code they
'planted' in our code base would (IMHO) be laughable.

It's sort of like leaving a $20 bill on the table at McDonalds,
and leaving the establishment.  Your 'ownership' of that $20 bill
becomes most dubious.

The real risk is an employee who doesn't understand their employment
contract, and doesn't know to see a CCLA based on their employment
contract, state law, and their Employer's awareness / complicity in
their open source participation.  The most dangerous situation is
a jurisdiction in which the Employer owns all IP the employee creates,
and was never made aware of the employee's participation.

So perhaps modifying the CLA to point out that these situations can
lead to problems, remind them they are asserting they have the legal
right to grant their code submissions, and point them to the CCLA
if the situation is either ambiguous or if they explicitly do not
have such rights.

There's a second side effect, assuming we must have a CCLA from
every employer opens the ASF to huge issues today.  There is no
reason to go that far overboard, IMHO.

Bill <IANAL> Rowe

DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org

View raw message