Roberto Galoppini's
Commercial Open Source Software

OpenLogic just announced three webinars on best practices for open source governance.

How to Inventory Your Use of Open Source Software webinar will cover topics like how to use OSS Discovery software to take inventory and how to implement an ongoing audit of open source usage.

How to implement an Open Source Policy and Approval Process for Open Source Compliance webinar will disclose potential risks associated to open source usage, and how open source policies can help enterprises to manage open source licenses.

Understanding Open Source License Obligations in the Enterprise webinar will cover most common licenses’ obligations, and how to comply with them.

Register on line.

PAAL2008, Open and Free Public Administration, will be held this week on the 17th and 18th of April in Pula (Cagliari).

The second conference on FOSS in public administrations has a rich two days program, if you are in Sardinia this week and you have good command of Italian consider join the event.

For further information contact them.

Technorati Tags: open source conference, PAAL2008, Sardinia, Pula, Cagliari

Although there are dozens of open source licenses, the terms in copyleft licenses such as GPLv2 and GPLv3 seem to cause the most angst for enterprises using open source. Companies are concerned that they are putting their own IP at risk when using these licenses. In this webinar, you?ll gain a better understanding of copyleft licenses and how to manage the risks for your organization.

Topics covered in this webinar will include:

• An overview of copyleft — what it is and isn’t
• Managing potential risks to the organization
• Overview of potential lawsuits and recent cases
• Answers to common questions on copyleft licenses

Presenters in this webinar include:

Stormy Peters - Director of Community and Partner Programs for OpenLogic
Attorney Robert J Scott - Managing Partner of Scott & Scott

Register now.

Last November the Free Software Foundation published the GNU Affero GPL v3 (AGPL), a modified version of the GPL v3 aimed at ensuring cooperation with the community in the case of network server software addressing the SaaS issue. At the end of January Fabrizio Capobianco of the Funambol fame decided to submit the AGPL to OSI for approval.

On the 13th of March OSI approved the AGPL, sweet victory for Fabrizio, I am sorry for Chris Di Bona, who previously successfully submitted the GPLv3 for approval, but from now on developers can happily close the “GPL Loophole” blessed by the Open Source Initiative.

I hope at least Benjamin Mako Hill, who is sitting in the FSF board, might help to spread the word among developers, following his own words:

I’m going to push the FSF to help start several conversation and to begin to follow up on what I think was an important first step with the AGPLv3. While this is not a major organizational priority yet, it’s a major action item that I will beg pursuing through the FSF. If you feel strongly about this issue, whatever your position, become a member, stay involved as these projects develop, and have your voice be heard. We don’t know the answers yet and we need your input as much as we need your action.

If you are a developer and you can’t stand the GPL loophole consider contact Mako and FSF, to turn AGPLv3 into a FSF’s priority.

In the meanwhile firms like Wavemaker, a company developing an open-source framework for visual AJAX web development, are now using AGPL, and while I keep thinking SugarCRM won’t adopt the AGPL, maybe others will follow.

Your guess?

Technorati Tags: OSI, open source licenses, AGPL, Affero GPL, Wavemaker, Funambol, FabrizioCapobianco, SugarCRM

The European Union Public License is one year old now. The EUPL License, created by the European Commission to release software as Open Source, is available in all official EU languages (English, French and German).

Life in vitro by IRRI Images

Upon invitation of the IDABC Programme, legal experts and OSS practitioners from across Europe have met on 25 January 2008 in Brussels to discuss their experiences with the EUPL.

Reading the workshop presentation, I learned that the European Commission understands very well how difficult is to turn the in-vitro conception into a living reality. About 50 lawyers were involved in the legal quality verification of the various linguistic versions of the license, but only CIRCA, IPM and eLINK were actually distributed under the EUPL license.

The European Community is definitely not a software house. We might better spend our resources on different goals, but maybe we need more time to give up on trying to get EUPL acceptance.

I wish a more pragmatic Europe, now.

Technorati Tags: European Community, Open Source License, EUPL, IDABC

The second day of The First International QualiPSo conference - “Boosting innovation and growth by fostering Open Source Software trust and quality” - I arrived just in time to attend the “Legal issues in OSS” debate, moderated by Stéphane Dalmas (INRIA).

The end or a new beginning? by kreativekell

Stéphane insistently asked the panelists why Europe should accept what he called “US-centric FOSS licenses”, eventually ending to let the audience yawn at the second question on the same topic. I bring some statistics on the table, saying that roughly 75% percent of open source software, at least on SourceForge, is released under GPL/LGPL (of which about 65% under GPL), and I don’t see the point to create a (European) license when EU is definitely not a software house.

I also asked Till Jaeger, of JBB Law in Germany and one of the driving forces behind the Institut für Rechtsfragen der Freien und Open Source Software, if the AGPL was going to take over in his opinion, at least among small European OS firms. Till represented FSFE in Germany and Harald Welte in GPL enforcement cases, and he said that among the local firms he is advicing AGPL is an emergent phenomenon.

Last but not least Phil Robb introduced the audience to HP vision to setup methodologies, process and tools to manage licenses’ complexity.

The following forum - “Business models and strategies” session - was moderated by Franz Kurdofer, Principal Consultant at Siemens, who opened the session saying that QualiPSo future work would be to recommend the best open source strategies depending on selected business models.

Jean-Noel de Galzain, CEO of Wallix, started apologizing because, he said, he had to set up his presentation in the ten minutes he had before. His speech basically was about Wallix, a promising European OS firm I didn’t know before, but we lost the chance to hear from his voice a definitely much more interesting story.

Diego Lo Giudice, Principal Consultant at Forrester, being the only analyst among the panelists was supposed to be the keynote speech of the session. His taxonomy of open source business models was basic [slide 19] (SaaS, Product Focused, Service Focused) and filled with inaccuracies, such as listing OpenLogic among SaaS-based firms or citing Funambol’s ten million downloads mark (a number I really wish Fabrizio to reach before doomsday!). He eventually closed his speech with a slide about real truth about the future beyond 5+ years, displaying only a big ‘?’.

Do we have to think that Forrester analysts have no idea of what will be the possible evolution of the OSS market? This may explain why just a few years ago most of the consulting firms were convinced that OSS was a “flash in the pan” and would have never reached significant market share…

Björn Lundell, chairman of the Open Source Sweden, a one-year old industrial Swedish Open Source Association, showed a slide [30] relating “commodification” of FOSS, ranging from not differentiating to differentating, to cooperation, from intra company to inter company.

Cédric Thomas, CEO of the OW2 Consortium, talking about productized services said that the subscription is a healthy market, and that despite there is a lot of traction for SaaS he doesn’t see it replacing the dominant purchase and license mode.

I asked the panelists about the Sun-MySQL deal, and I noticed that none of them spoke about open source business models, mentioning only specific aspects like licensing. The result was that the company’s strategy, or how a specific firm differentiates itself and deals with the competition, was not effectively described, neither understood.

Jean-Pierre Laisné, Bull, formerly Chairman of the Board for the ObjectWeb Consortium, moderated the last forum “A network of OSS competence Centres“. He was the only one conducting the session proactively, posing interesting questions to the panelists and doing so eventually catching the audience attention.

Petri Räsänen, President of COSS, one of the oldest European FOSS competence centers, stated:

Are you trying to create a compentence center from scratch? It takes years!

Petri said that the COSS is stimulating FOSS firms to work together with a common “vertical” goal, agreeing with me about the importance of avoiding horizontal aggregation of firms. In this respect I suggested Jean-Pierre to look deeper into the horizontal vs vertical debate, considering the lack of information about consortia and associations in QualiPSo’s deliverables.

I asked Marco Fioretti, Linux Journal Editor, a comment about the conference:

In several moments the conference sounded to me like some LinuxWorld show of 6/7 years ago; sure, OSS is a very smart business strategy both for producers and corporate users, but we already knew it and even Qualipso knows it. Personally, however, I have the feeling that Dana Blankenhorn is right when he says that this may be the best way to make EU officially accepts OSS as soon as possible. I’m not necessarily happy about it, of course…

(Just to recall, Dana wrote “the insights aren’t that deep. They don’t seem to be much more than what you would get from an hour’s worth of Googling.”)

Summarising:

• Considering that QualiPSo aims at facilitating the reusability of the results of the project to let the QualiPSo competence centers able to deliver consultancy services on FOSS based business models, a better understanding of business models is a must;

• Getting involved people from FOSS communities is also a must, especially to avoid self-referentiality. Talking about OSS and not presenting what self-sustaining communities (like Debian or KDE) are doing restrict the range of observed phenomenons (consider that half of the linux kernel is community-developed…)
  .
• While it is encouraging to know that the Commission is investing quite a lot in OSS, it seems that smaller and more focused projects have obtained in the past (and are obtaining now) more “bang for the buck”.
  .
• Up to now, most competence centers across EU have demonstrated little impact on the creation of a regional/national OSS market. What Qualipso is doing in improving the situation?
• For your next conference, organize your roundtables so every panelist has the opportunity to show its true competences…

Technorati Tags: commercial open source, qualipso, EC funded, StephanéDalmas, TillJaeger, PhilRobb, Jean-PierreLaisné, MarcoFioretti, Petri Räsänen, CédricTomas, FranzKurdofer, DiegoLoGiudice, Jean-Noel de Galzain, Björn Lundell, Open Source Sweden, COSS, INRIA

Open Source Software (OSS) and the DoD, a Webinar sponsored by DACS will be held by David Wheeler on the 2 of November at 3:00 PM - 4:30 PM EST.

David Wheeler by swhisher

Open source software (OSS) has become widespread, but there are many misconceptions about it - resulting in numerous missed opportunities.
This presentation will clarify what OSS is (and isn’t), rebut common misunderstandings about OSS, discuss the relationship of OSS and security, discuss how to find and evaluate OSS, and explain OSS licensing (including how to combine products and select a license).
It will show why nearly all extant OSS is COTS software, and thus why it’s illegal (as well as foolish) to ignore OSS options.

Title:Open Source Software (OSS) and the DoD
Date: Monday, February 11, 2008
Time: 3:00 PM - 4:30 PM EST

System Requirements
PC-based attendees
Required: Windows® 2000, XP Home, XP Pro, 2003 Server, Vista

Macintosh®-based attendees
Required: Mac OS® X 10.3.9 (Panther®) or newer

.. and what about Linux-based attendees?

Space is limited, Reserve your Webinar seat now!

Technorati Tags: Open Source Government, DavidWheeler, dacs, webinar, open source procurement, open source governance

(Read on …)

Benjamin Mako Hill, who recently joined the FSF board put an appeal on line, as earlier did Peter Brown,  FSF Executive Director.

Now is the time to join and give to Free Software Foundation. 2008 is going to be extraordinarily important year for free software.

Eben Moglen likes to quote Gandhi’s “first they ignore you, then they laugh at you, then they fight you, then you win” progression when describing the free software movement. As I pointed out when I joined the FSF board, we’re beginning to see powerful interests fighting free software. It’s going to increase in the next few years. Things will probably get a lot uglier for free software before they get better. We can win but things are far from settled. The FSF is the front-line organization in this fight and we need a robust and proactive foundation, and an active and involved membership, if we’re going to win.

Here are the issues that I’m going to pushing the FSF to pursue in the next year.

Expanding activism outside our traditional technologist communities:

In part through the work of projects like Defective By Design, we’ve seen the tide turn for DRM on music in what what may be the FSF’s greatest success last year. I’m going to push the FSF to continue the campaign to attack DRM for video, eBooks, and the other places it is cropping up.

The most remarkable thing to me about Defective By Design is that its participants and supporters are not, for the most part, people who develop or use GNU/Linux or even know what GNU is! If advocacy for software freedom involves a conversation we can only have with people who understand what POSIX is and how one uses it, we’ve already lost. Through DbD, BadVista, and other projects, the FSF has made major strides in the last year. It need to do much more and needs your support to do so.

Get proactive about software patents:

As a community, we’ve had our head in the sand about software patents for far too long. There are companies and patent trolls sitting on massive, growing piles of software patents. They are not our friends and they do not mean us well.

One cannot write non-trivial software today without running a serious risk of infringing patents. The software patents minefield we’ve found ourselves in is a very fundamental threat to the success of free software and we’ve already begun to see the first casualties and costs. We must eliminate software patents. Now.

The US is very important in this fight (much patent law is “exported” from the US) and almost no organization is working on software patent elimination there. Not enough people are thinking and acting strategically on this issue. The FSF is planning to make major steps in this fight in the coming year and we need your support to do so.

Web services and the changing face of software:

This last year, I worked to help launch the new version the AGPLv3. The license addresses the role of copyleft for software like web-services which, due to the legal particulars of the GPL, did not extend to the purveyors of web services. Of course, access to source code does not make the users of all web-services free (e.g., the GMails and the Facebooks).

Nobody seems to know what freedom for webserver entails. There might not even be good answers. In the next year, I’m going to push the FSF to help start several conversation and to begin to follow up on what I think was an important first step with the AGPLv3. While this is not a major organizational priority yet, it’s a major action item that I will be pursuing through the FSF. If you feel strongly about this issue, whatever your position, become a member, stay involved as these projects develop, and have your voice be heard. We don’t know the answers yet and we need your input as much as we need your action.

I am glad Mako  is willing to push AGPL, even if I doubt AGPL will really help to solve the GPL loophole. Loophole or not, I really wish to help FSF to raise funds, and I hope this post helps.

Technorati Tags: free software foundation, FSF, AGPL, MakoHill,

My post about SugarCRM’s original way to abide the GPL yesterday has been reported by Matt Asay, raising the open source brand issue. Building a brand takes time and money, and just like in any other market drives the demand. What is specific to open source branding?

Logo meltdown by Asta

On the 20th of August 1997 the Linux trademark dispute was resolved, since then anyone in the open source community knows about the importance of brand names. Later on Red Hat started to protect its trademark, bringing the dispute on a commercial ground.

The non-excludable nature of open source code makes difficult to prevent competitors from “stealing” customers, and the argument on the table is, in Matt’s words:

You can give away your software. You should never give away your brand.

Trademark laws all over the world enable consumers of products to know the (real) source of the products they use, allowing them to distinguish those products from the products of other vendors. Consumers this way can’t be fooled into purchasing a product or a service of one company while believing it is a product of another company.

Few open source firms have the ability to deliver worldwide open source services and support, and the demand for entrepreneurial open source ecosystems is much greater than the supply. Newcomers and open source incumbents could better exploit the opportunity to collaboratively create ecosystems. Open source product firms could re-invent different channel programs, providing qualified resellers with the real ability to deploy even complex solutions. On the other hand newcomers should stop thinking that re-branding third-parties’ open source products is enough.

There are still just two ways to make money from OSS, named “best code here” and “best knowledge here” approaches, but none of them scale very well, unless you know how:

• to become the market leader;
  .
• to manage collaborative software development.

But appropriating returns is critical and Open Source Franchising is still a good option.

PS: Matt, “badgeware” is probably the most used expression referring to the visibility constraint, which I am not saying is bad at all. Protecting Open Source IP is important, I agree.

Technorati Tags: oss, open business, open source brand, open source marketing, sugarCRM, MattAsay

After discussing why SugarCRM would have no reason to adopt the AGPL, yesterday I happened to download the Sugar Community Edition from the download page. The About page let me wonder about a possible attribution loophole in the GPLv3.

A new light by MumbleyJoe

Some licensing background first. Here an excerpt from the About page of the Sugar Community Edition 5.0:

The interactive user interfaces in modified source and object code versions of this program must display Appropriate Legal Notices, as required under Section 5 of the GNU General Public License version 3.

In accordance with Section 7(b) of the GNU General Public License version 3, these Appropriate Legal Notices must retain the display of the “Powered by SugarCRM” logo. If the display of the logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices must display the words “Powered by SugarCRM”.

Surprisingly it looks almost like the previous version of the about page (courtesy of Koder search engine):

All copies of the Covered Code must include on each user interface screen:
(i) the “Powered by SugarCRM” logo and
(ii) the SugarCRM copyright notice
in the same form as they appear in the distribution.See full license for requirements.

I am not a lawyer, but f I got it right, Section 7 of the GNU GPL version 3 permits modifications to the license for certain terms. Section 7 (b) asserts that for material you add to a covered work, you may supplement the terms of this License with terms:

b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it;

Section 7 became a viable tool to reintroduce somehow the attribution addendum contained in the SugarCRM Public license (Exhibit A).

The question is: is requiring a logo a reasonable author attribution? I presume this is the case, at least in Eben Moglen’s opinion. Moglen in his “SugarCRM’s Sweet Taste of Freedom” stated that SugarCRM is to be applauded, and I believe he knew already what I just found myself.

Badgeware is not only OSI approved, but it is also endorsed by the Free Software Foundation now, with its flagship license. The debate is over.

Back to my analysis about SugarCRM’s licensing strategy, it is now clear that SugarCRM and SugarCRM’s VCs do still care a lot about brand protection. Their unique selling points are really strong, but as a matter of fact they found a way to accomplish both goals: branding and the adoption of a much more compatible license.

Kudos to SugarCRM’s lawyers to sort it out.

Technorati Tags: oss, open business, commercial open source, sugarCRM, GPL, FSF, OSI