www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geir Magnusson Jr. <ge...@apache.org>
Subject Re: Corporate Contributions
Date Fri, 25 Mar 2005 00:54:44 GMT

On Mar 24, 2005, at 5:51 PM, robert burrell donkin wrote:
>
> i also find it hard to understand how any contribution by a UK employee
> could put any downstream users at risk. if an employee takes existing
> code copyrighted by their employer and intentionally makes it available
> without permission then this is theft. a buyer acting in good faith who
> purchased stolen goods is not liable (though stands to lose the good in
> question which would mean that implementation would have to be 
> rewritten
> around the stolen material, i suppose). this applies in a very
> straightforward fashion to open source contributions (from UK 
> employees,
> at least): providing that the copyright has been assigned to the ASF 
> and
> has no obvious signs that it has been stolen, then it can be safely
> accepted.
>

I see at least two risks.

First, is the SCO problem - that someone will be able to come and shake 
them down after they have made a significant investment of 
infrastructure and development around the software we create and 
distribute.  Think about it - what if there was something in httpd that 
allowed someone to go to Amazon and "offer" them a license or require 
they drop their web servers....  It's probably a fairly easy 
calculation to figure out what you could squeeze out of them.

Second, I'm worried about how an OSS project could be disrupted or even 
hijacked - let some employee commit employer code and/or do work a 
project in a significant way, and then after enough of that work 
becomes core and fundamental to the project, announce it wasn't 
permitted by employer and that the ASF must remove said code, which in 
the absence of some indication that the employee had the right, we 
would do.  That would have a significant adverse affect on a community, 
and could allow in certain circumstances, that employer to fork the 
project by licensing the employees work under a license we can't deal 
with, and letting the project continue under their control....
  	
> if the ASF is serious in going down this route then maybe some
> consideration of the consequences on committers outside the US may be
> appropriate...

Of course :)  We may not get a perfect solution, but I believe that we 
can improve on the situation.

geir
-- 
Geir Magnusson Jr                                  +1-203-665-6437
geirm@apache.org


---------------------------------------------------------------------
DISCLAIMER: Discussions on this list are informational and educational
only, are not privileged and do not constitute legal advice.
---------------------------------------------------------------------
To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
For additional commands, e-mail: legal-discuss-help@apache.org


Mime
View raw message