STRATEGIC INSIGHTS

Intellectual Property & The Law

Open-source software may be gaining ground in academic and government circles, but biotech users need to be aware of licensing pitfalls. By Steve Henry and Liza Vertinsky

December 15, 2003 | Biotech research, particularly in genomics and proteomics, is increasingly driven by software and hardware that enable the generation, manipulation, and analysis of vast amounts of complex scientific data. Despite mixed views on the role of bioinformatics in the life sciences, no one disputes the importance of computers as indispensable tools of research.

As these digital tools pervade laboratories and the surrounding business infrastructure, so do the challenges and opportunities of open-source software (OSS). Companies such as Celera, which developed software tools to decode the human genome, and Affymetrix, which sells specialized chips and systems to identify genes and proteins, are already attuned to the issues surrounding the use, development, and distribution of OSS. Other companies would be wise to follow suit, and learn to tap the benefits of OSS while avoiding the pitfalls.

The OSS model is premised on a broad community of users freely contributing software code and modifications. Frequently the contributions are incorporated into the overall work without much, if any, independent investigation as to whether they are original creations or infringe on any third-party rights. Contributions are made on an "as is" and generally voluntary basis, without warranties or indemnities, which leads to a number of risks that need to be managed and weighed against the opportunities.

On the opportunity side, open-source software is "free" in the sense that people have freedom to use and modify the software, generally without paying any license fee. Users are given the source code to make this possible. Projects are based on a community model: A group of like-minded developers make contributions, check one another's work via full disclosure of source code, improve on one another's contributions, experiment, and endeavor to answer all questions. In theory, the code is constantly expanded, improved, and made more stable, reliable, and robust.

If Linux, a Unix-like operating system, is the prototypical example, OSS theory has been proven in practice. With a large community of developers, Linux users have had access to a wide variety of improvements, the pace of innovation has been quite rapid, and open forums for discussion and idea-sharing have grown as fast as the code.

The freedom afforded by open-source licenses, and the low (or zero) cost of those licenses, has been warmly received by the academic and government communities in biotech. Governments around the globe are increasingly interested in open-source software — some even requiring their purchasing agents to favor open-source bids. They like the idea of lowering costs and giving domestic companies inroads into the software market.

One example of this trend is Massachusetts' recent adoption of an "open standards, open source" policy for all future software purchases. Other state governments are reviewing similar policies, and it may not be long before government grants also include OSS requirements — perhaps even refusing to fund the acquisition of proprietary software products when open-source alternatives exist. The implications are clear for biotech and bioinformatics companies that rely on government funding for product development.

Adopting open-source tools lets a company build its own software by incorporating the prior work of others and avoiding duplication of that work. As such, OSS can save huge amounts of time and money — but only if the terms of the open-source license from prior developers are acceptable, and continuity of development and support is adequate. Biotech and bioinformatics firms will need to seriously consider integrating open-source components where the license terms are acceptable in order to remain cost-competitive.


Insurance? What Insurance? 
But as biotech companies increasingly become users of open-source software (i.e., those who use the code internally, without redistribution), they need to concern themselves with potential claims that the software infringes a patent or copyright of a third party, and that it wasn't properly licensed to the user. Ordinarily such a risk is managed through indemnification from suppliers, but these agreements are often unavailable with OSS licenses.

This type of risk was highlighted for open- source users earlier this year when software vendor SCO Group began seeking licensing revenue for what the company claims are large parts of its intellectual property that can be found within Linux. SCO filed a $1-billion lawsuit against IBM in March, alleging misappropriation of trade secrets, unfair competition, and other illegal actions related to the latter's Linux business. In July, SCO warned Linux users that it may file copyright infringement lawsuits against them if they don't license its UnixWare software for $699 per processor per user.

Hewlett-Packard responded by saying it planned to indemnify its Linux customers against legal action from SCO, covering any customer that has acquired Linux on an HP server or workstation and offering to take over any litigation against its customers by SCO. This practice may spread to other OSS vendors, but absent such contractual protection, users must rely on due diligence on the OSS software in question and its suppliers.

If you're developing and distributing a product that uses OSS, you have the added burden of managing compliance with the terms of use in the license of each and every OSS tool incorporated into your product. License terms will vary, so a system of managing compliance and staying within the guidelines is critical.

Perhaps most important, some open-source licenses are "viral" and attach themselves to all derivative works, obligating the software developer to distribute its own product, developed at great expense, under open- source terms. That means competitors will be free to copy, use, and redistribute your code, often without payment. Loss of ability to prevent copying and to charge for copies could devastate bioinformatics firms and hurt the biotech companies that have funded, and relied upon, proprietary software tools.

The task of removing open-source code from your product can be nasty, complex, and time-consuming. If you are creating and marketing your own software, you should warn your developers about the risks of downloading and using open-source code. Likewise, establish procedures to verify that your developers, in fact, refrain from using any open-source products except ones distributed under benign licenses. Similar control should be exercised over independent contractors hired for product development.


Does It Add Up? 
Further, be aware that if you offer warranties and indemnifications to your customers against patent and copyright infringement, most of the time you will do so at your own risk. You will not, in turn, be able to avail yourself of warranties and indemnifications from your own open-source suppliers. You will be on your own to defend the claims. This may lead to difficulties obtaining insurance, or cause investor concerns about not owning the intellectual property rights in your company's products.

Concerns about reliability and validation might also have implications for regulatory approval of biotech products and procedures. If not managed properly, these expenses and considerations could easily offset the costs saved by developing with open-source code.

Steve Henry is a shareholder with and chair of the Intellectual Property Transactions Group and a member of the Electrical & Computer Technologies Practice Groups at Wolf Greenfield, in Boston. He may be reached at shenry@wolfgreenfield.com.

Liza Vertinsky is an associate with the Biotechnology and Intellectual Property Transactions Practice Groups at Wolf Greenfield. She may be reached at lvertinsky@wolfgreenfield.com.



ILLUSTRATIONS BY MARK STEPHEN