[P2P-F] Are Mobile Apps Violating Open Source Licenses?

Samuel Rose samuel.rose at gmail.com
Wed Mar 9 06:22:23 CET 2011


http://www.linuxplanet.com/linuxplanet/newss/7315/1/

=quote

A new study from open source services vendor OpenLogic reports that 71
percent of Apple iOS and Google Android apps are not in compliance.
OpenLogic scanned 635 apps, including both free and paid on the Apple
App store and Google Android Marketplace. Of those 635 scanned apps,
52 apps include Apache licensed code while 16 included GPL/LGPL
licensed code.

Both the GPL/LGPL and the Apache open source licenses require
developers to provide copies of the licenses. With the GPL/LGPL the
license also requires that developers provide a means by which users
can get the source code. OpenLogic has a scanning tool called, OSS
Deep Discovery, which helps to identify when open source code is being
used.

"The lack of compliance was not all that surprising to us," Kim Weins,
senior vp of products and marketing at OpenLogic, told
InternetNews.com. "Developers and companies often don't have a
complete picture of their open source usage or how to comply with the
licenses."

Wiens added that with mobile apps, there is an influx of
non-technology companies who have now become software distributors.
These companies may not have experience with the legal and licenses
issues around open source compliance.

Adding further insult to injury, OpenLogic's study found several apps
that appeared to write their EULAs with no awareness that their app
contained open source.

"It is possible that the developers were aware of it, but the lawyers
that drafted the EULAs were not," Weins said. "This is very common in
companies that we work with -- often no one in the company has a
complete picture of the open source being used."

She added that happens because the companies often don't have the
right processes and tools in place, or because they aren't even aware
that it's an issue.

"In addition, the nature of open source software, which often bundles
other open source software under completely different licenses, means
that even developers can miss some of the licenses for open source
they are including in their code," Weins said.

App stores all have some kind of evaluation process before an app is
accepted. Weins noted that the app stores should take a lead in help
in to facilitate awareness of open source compliance among the
developers.

"Although the developer agreement for an app store will discuss IP
issues and may even reference open source code, there is very little
information to help developers understand what the issues are and how
to follow the rules," Weins said. "In addition, when an open source
compliance issue is raised, it is likely to result in a takedown
request for the app."

OpenLogic sells a product called the OLEX App Store Edition which
provides tooling that can be used by developers to do a self-service
scan on their apps prior to submitting to the app store and by app
stores to track open source compliance.

Overall the goal of OpenLogic's study on open source license
compliance for mobile apps is about raising awareness.

"We will not be reporting or sharing any names of companies or apps
that failed to comply," Weins said. "We will attempt to reach out to
those companies and inform them, so that they can remediate the
situation and come into compliance."

end quote=

-- 
--
Sam Rose
Future Forward Institute and Forward Foundation
Tel:+1(517) 639-1552
Cel: +1-(517)-974-6451
skype: samuelrose
email: samuel.rose at gmail.com
http://forwardfound.org
http://futureforwardinstitute.org
http://hollymeadcapital.com
http://p2pfoundation.net
http://socialmediaclassroom.com

"The universe is not required to be in perfect harmony with human
ambition." - Carl Sagan




More information about the P2P-Foundation mailing list