Linux Kernel Patent Insurance on the WayAug 02, 2004, 15:15 (9 Talkback[s])
(Other stories by Jacqueline Emigh)
By Jacqueline Emigh
On Monday at LinuxWorld, Open Source Risk Management (OSRM) will roll out a new patent and copyright insurance program for Linux. "There's already a wait list for the first policy, which will be for the Linux kernel," said Dan Ravicher, a patent attorney who led the OSRM's recent evaluation of the kernel's possible patent infringements.
"The SCO case has been model for those with rights they think they could assert against Linux," Ravicher said during a pre-briefing for Linux Planet. Even parties who are not sure they will win in court "can still sue, and get the visibility," the attorney added.
Launched last August, OSRM calls itself a "vendor-neutral provider of risk mitigation and management solutions." Ravicher, who was hired by the ORSM about three months ago, found during his evaluation that no court-validated software patent has been infringed by the kernel. However, the investigation also identified 283 not yet court-validated software patents that might potentially come into play in patent claims against Linux, if these patents are ever upheld by the courts.
About one-third of these 283 software patents are owned by corporations deemed "friendly to Linux," including IBM, Hewlett-Packard, Red Hat, Intel, Cisco, and Sony, for example. These companies have some current financial interest in widespread Linux adoption.
Yet about 27 of the patents are held by Microsoft, and other patents by indviduals and "shell corporations" with "little to lose" by going to court, according to Ravicher.
OSRM is now starting to underwrite $5 million insurance policies to protect Linux customers and vendors against both patent and copyright infringement suits around the Linux 2.4 and 2.6 kernel. The policies, which will take effect in January, 2005, cover both liability and legal fees. Policy-holders will pay an annual fee. After completing his evaluation, Ravicher recommended that the OSRM offer this sort of insurance.
Some observers point out, though, that the OSRM's Linux kernel insurance is geared to large enterprises. "The insurance is not necessary for most users. It is only for larger companies that have deep pockets, and thus are already often victims of lawsuits. Such companies already carry liability insurance for similar risks, other than software," said Linux expert Bruce Perens.
Insurance policies aren't the only method companies can use to guard against patent infringement lawsuits, acknowledged Ravicher, who specializes in the IS (information systems) and life sciences fields in his legal patent work. Founder and executive director of the Public Patent Foundation, Ravicher also performs pro bono work as senior counsel to the Free Software Foundation. "I am not an OSRM shareholder," he noted.
Other approaches to lawsuit protection include "encouraging patent policy reforms in Congress and the courts, negotiating for open source-compliant solutions, and stockpiling art in order to design around it," for example, according to Ravicher.
"None of these are mutually exclusive. You can get insurance, while continuing to stockpile art and encourage patent reforms," he elaborated.
Pamela Jones, editor of Groklaw, also cites more than one alternative solution to kernel patent issues. "I'd like to see the patent system tweaked, to prevent patents from being used for anticompetitve purposes," Jones said during an interview. "That is the ultimate solution. Meanwhile, insurance is one more option businesses can consider. Whether they need it (is a matter of) a case by case examination. It's perfectly normal to insure against risk in business."
Ravicher contends, though, that unlike other approaches to the problem, insurance provides immediate protection. "Patent reforms will take a while, and you can't be prepared to design around every patent," he said.
Another key advantage revolves around the prospect of lowered legal costs, according to Ravicher, who estimated $3 million dollars as the average cost of defending against a patent lawsuit, even when the courts find no patent infringement. Settling lawsuits out of court can be expensive, too. Enterprises can realize economies of scale by protecting themselves through insurance policies, he maintained.
"Also, there's a perverse rule in patent law that lets the courts assess triple damages in what is called 'willful infringement,'" he added. Businesses can risk these damages if they examine other companies' software patents. OSRM's insurance policy protects against "willful infringement" charges, in that companies won't need to look at the other patents directly, he said.
OSRM decided to offer the Linux kernel insurance policies after determining that possible Linux kernel patent claims constituted an acceptable risk. "The bottom line is that there's really no greater risk than for any other type of software," according to Ravicher.
"All software, in my view, has some level of software risk, mainly because proprietary software companies don't always know how to play nicely with others," concurred Groklaw's Jones. "Is (risk) unique to GNU/Linux systems? No, except that we don't have large patent portfolios for cross licensing. So once again, we rely on our brain power to come up with solutions. Is there a patent risk? Yes, there is, but it is definitely manageable," Jones said.
"Microsoft has announced that it plans to file for 3,000 patents this year. It filed for 2,000 patents last year. And Microsoft mentioned its patent portfolio as a source of future revenue, which indicates to me that it isn't filing just for defensive purposes. How big a hint do we need? If you subtracted them from the picture, I'd say the patent risk would be smaller. But with Microsoft in the picture, asking if there is a risk is like asking, 'Do crocodiles bite sometimes?' Well, are crocodiles more likely to bite if they are staring right at you and heading your way?"
0 Talkback[s] (click to add your comment)