Handicapping SCO versus Linux

New technology always causes legal gray areas. The history of the computer industry proves that things eventually do get straightened out, but not before companies are forced to find their way through a prolonged period of uncertainty. That's certainly the case in the current dispute that pits the SCO Group against the Linux community, says Stuart Meyer, an intellectual property partner with Fenwick & West in Mountain View, Calif.

Meyer, who specializes in such gray areas, worked on the Napster case in addition to a well-publicized copyright spat between Borland and Lotus in the 1990s.

In an interview with CNET News.com, Meyer said that if the court upholds SCO's claims, it could present troubling liability questions for the companies that use, develop or sell Linux. But he cautions against any rush to judgment, noting that it's not at all clear whether SCO has full ownership over the code in question.

Q: What do you make of Hewlett-Packard's decision to indemnify customers that use Linux?
A: Many times, you will hear lawyers say the biggest practical concern for businesses regarding the law is uncertainty. People don't really care what the law is. People can work with whatever legal regime they find out about. If an area of the law is unsettled, it is very difficult for companies to do business planning. Obviously, these companies (like HP) want to promote a technology that has some uncertainty around it. They want to remove some of that uncertainty.

Do you think others, such as IBM and Dell, will follow suit?
You've got Sun Microsystems and HP offering to indemnify. Yeah, there's a big incentive for other people to follow suit.

What are some of the issues on which the SCO case hinges?

You've got this existing legal regime around software, which is the proprietary model.

There is certainly a chicken-and-egg issue that needs to be resolved. Basic ownership issues are up in the air in that case. The premise in an intellectual property claim is that the person bringing the action actually owns the intellectual property in question. In many cases, that is not in dispute at all. Here, there's been a chain of ownership (that is less clear), some of which has involved some open-source licenses at least related (to the intellectual property in question).

What makes the legal issue so complicated?
You've got this existing legal regime around software, which is the proprietary model. The industry has had some time to develop based on that known model. You've got that new model that comes in with open source. Not only is it new, but it interacts in some way with the proprietary model, as we are seeing now in the SCO case. It's only natural that we are going to see a number of speed bumps. It's inevitable that issues like this come up.

Assuming that SCO's claims have merit, where does the liability lie? Is it with the companies that distribute Linux software, the hardware makers like HP and IBM that sell Linux with their gear, or is it with customers who run Linux?
Potentially, it could lie with a number of different parties. Under intellectual property laws, you can be liable if you are either a direct infringer or if you either induce someone else to infringe or do something that contributes to infringement by someone else. The answer could be "all of the above," theoretically.

Would companies have to have known that they were infringing to be liable?
Not necessarily. There is also a knot in some areas of intellectual property that you can be infringing and have "innocence of heart." In patent law, for example, you cannot even know that a patent exists--and just by coincidence come up with a similar invention and be held liable for infringement. In copyright law, you have to actually copy the work, but it could be (akin to) copying a song you had heard before. George Harrison found that out the hard way.

Most people in the open-source community downplay the SCO suit as frivolous. Do you take it seriously?
It's important to take any allegations of intellectual property infringement or misappropriation seriously. What that means is that you can't just rely on some offhand comment about it not being serious and move on. You really do have to have somebody look into it and decide for your own company what the ramifications are.

Many times, I run into people who say I can't believe someone has a patent on this or that. A couple of years later, they wind up in court. Don't read an article and decide based on that that something's not worth your time. It's very dangerous to declare something frivolous, because strange things happen in court. You have to be prepared for those.

In copyright law, you have to actually copy the work, but it could be (akin to) copying a song you had heard before. George Harrison found that out the hard way.

What do you advise your clients who sell Linux to do on their own behalf? On their customers'?
Investigate the matter fully and make an informed business decision. Part of the reason Sun and HP are doing the indemnification is so their customers don't feel as if they have to do their own investigation. You look at your risk exposure, and if your vendor is providing indemnification, that lessens your risk, but it doesn't remove it. Theoretically, the claims could result in an injunction that you stop using Linux. How much of a "chilling effect" do you think the lawsuit has had on development and sales of open-source products?
I don't think that this lawsuit has had any chilling effect, because it's inevitable that the marriage of open-source and proprietary-source software is going to generate disputes. This happens to be the first. If it were not this one, it would be something else. I would consider this lawsuit to be the equivalent of growing pains for an industry just getting used to open source.