The best things come in threes? From three-legged races to “Three is a Magic Number” by School House Rock (a childhood Saturday morning memory for those of you too young to know what I’m talking about), tricycles, and three-piece suits, to name a few. Wikipedia suggests that things that come in threes are “…inherently funnier, more satisfying, or more effective than other numbers of things.” Perhaps it’s also true for situations regarding Open Source Software (OSS) where legal counsel plays a key role in three very important steps:
- Setting policy
- Guiding next steps
- Leading the open source discovery journey
Open source use is popular because it decreases the time-to-market and it’s free—as long as it’s used properly and distributed in a way that meets legal terms and conditions, license compliance obligations, and best practice security risk management. Litigation can be costly if, for example, you find yourself in an OSS license infringement lawsuit. That “free” software just incurred a heavy price tag, not to mention the potential bad publicity that can put a negative stamp on a reputation for a long time to come. It’s legal’s responsibility to help organizations manage both the use and consumption of open source.
Open source due diligence is a major part of M&A efforts. The acquiring company wants to know everything there is to know about the target company before signing on the dotted line, including all financials, technology in use, and—you guessed it—what OSS is being used, where and how. Not properly reporting out on open source use can impact the go/no-go decision. Legal counsel can positively impact the open source discovery journey during M&A efforts regardless of what side of the table you sit on. Guiding a company toward automating the open source scanning process with a Software Composition Analysis scanning tool or engaging with a vendor that provides robust audit services should be at the top of the “do now” list.
Here’s a valuable tip. Want to be an open source hero? Encourage the developers and engineers you work with to be a part of the open source community. The community is diverse and highly motivated, but the continued sustainability of OSS is dependent not just on developers willing to contribute to projects, but to those using open source to support the community, thank the community, and share wisdom and experiences that help ensure the ongoing positive role open source plays in today’s technology landscape.
If you’re legal counsel looking for additional information on how you can help set OSS policy, guide next steps, and lead in the Open Source Software discovery journey, check out this webinar to hear more about the legal power of three.