Open Source in License Management: Opportunities and Challenges
The term open source is no longer just a niche topic for developers. At the latest with increasing digitalization and the use of revolutionary technologies, open-source software (OSS) is increasingly coming into focus - also in the news and business discussions. But what exactly is open source software and what impact does it have on companies, particularly in the area of license management?
What is Free & Open-Source Software (FOSS)?
To understand open source correctly, it is worth taking a look at the term Free & Open-Source Software (FOSS). A common misconception is that "free" in this context means "free of charge". In fact, it is about "freedom" - the freedom to use, understand, modify and redistribute software. The Free Software Foundation (FSF) puts it aptly: "Free as in free speech, not free beer."
A key feature of FOSS is the open-source code, which can be viewed and adapted by anyone. This distinguishes open source fundamentally from proprietary software, whose source code remains closed and use is heavily regulated by license conditions.
The role of the Free Software Foundation (FSF)
The FSF was founded in 1985 by Richard Stallman after he realized that he could not customize the software of a new laser printer because it was proprietary. Since then, the FSF has campaigned worldwide for the freedom of software users, promoting the development of free software and protecting its legal foundations.
FOSS is subject to certain license conditions that guarantee the right to use, reproduce, distribute and modify it. These conditions differ with regard to copyright notices, provision of the source code, copyleft clauses and other aspects that are crucial for companies
Proprietary vs. open-source software
The biggest difference between proprietary software and open-source software lies in their flexibility. While proprietary software may only be used in the specified form, open source allows two options: direct use of the software or adaptation of the source code to create your own version.
But with this freedom comes obligations: Companies must ensure that they use OSS in accordance with the rules and comply with all legal requirements.
Open-source compliance as a corporate task
For companies, the use of open-source software means one thing above all: the need for a structured compliance strategy. The most important tasks here are:
- Compliance with copyright law
- Creation of legal certainty
- Minimization of entrepreneurial risks
In many smaller companies, there is often no specific person responsible for the license management of open-source software. While the IT department usually takes care of proprietary software, responsibility for open source often lies with the development departments. However, this can lead to problems, as it is not always ensured that open-source software is used correctly and in compliance with the license.
In larger companies, on the other hand, specialized open-source license managers are increasingly being established to ensure compliance with licensing regulations and minimize risks. For already established license managers, it makes sense to expand their area of responsibility to include open-source license management, as they already have a great deal of know-how in the field of software licenses and can therefore provide valuable support in this area.
From my own experience, I know that the topic of open source can seem overwhelming at first. The introduction to the topic is made possible by seminars, after which license managers can deepen their experience. This was also the case for me. Today, I am able to answer many questions myself, clarify them internally or, in case of doubt, consult our customers' legal department.
Digital sovereignty & cyber resilience
One driving force behind open source is the digital sovereignty of Germany and Europe. In a world dominated by US tech giants, dependence on proprietary solutions is a risk. What if non-American companies are denied access to important servers? Open source offers a solution here, as it allows more control over critical infrastructures and technologies.
In addition, the Cyber Resilience Act will come into force in 2027, bringing new standards for software developers. The confident handling of SBOM (Software Bill of Materials), a documentation of the components contained in software, will be particularly important. Many companies still have some catching up to do here - a clear signal to prepare for upcoming requirements in good time.
New tasks for license management
As license managers, we are very familiar with the challenges of software licensing. We can not only point out risks to our organizations, but also suggest solutions and establish processes for the correct handling of software. Why not for open-source software too? ISO/IEC 5230 provides a valuable framework here. This international standard defines the most important requirements for a high-quality open-source license compliance program.
The software landscape is changing - and license managers are right in the middle of it. Whether the topic of open source is actively taken in hand can therefore be influenced by license management. It is essential to deal with the new challenges.
If you have any questions or challenges relating to software and licensing (including open source, of course), please do not hesitate to contact us!
Author: Volker Albrich