Skadden’s IP and Technology team in London kicks off its series of bite-sized insights about key issues shaping the tech landscape. In the first episode of “Bytes,” Emily Griffin demystifies open source software (OSS) and copyleft licensing—a topic that frequently catches companies unprepared. While OSS forms the backbone of modern tech stacks and powers everything from infrastructure to AI models, many licenses come with conditions that can create unexpected legal obligations. Emily explains the crucial distinction between permissive licenses like MIT and Apache, which impose minimal requirements, and copyleft licenses like GPL, which impose stronger obligations. Tune in to learn the three essential steps that can protect you from breaching license terms.
“SkadBytes” is presented by Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates. This podcast is provided for educational and informational purposes only and is not intended and should not be construed as legal advice. This podcast is considered advertising under applicable state laws.
Transcripts
Voiceover (:
Welcome to Bytes from SkadBytes, jargon-free, byte-size insights from Skadden's IP and Tech team on the key issues shaping the tech landscape.
Emily Griffin (:
Hi, I'm Emily Griffin from the IP and Technology team here in Skadden London. Here's your debunking byte on open-source software, also known as OSS, something that often catches companies off guard. OSS refers to source code made publicly available, not necessarily free in price, but free to use, modify, and distribute. It's the backbone of most modern tech stacks, powering everything from infrastructure to AI models. However, many OSS licenses come with conditions. Some are permissive, like the MIT or Apache licenses, letting you use the code with minimal obligations. For example, the use of the open-source software under the MIT license is unrestricted as long as you include the original copyright and license notice in any copy of the developed software. Others are copyleft licenses like the GPL. These impose stronger obligations. If you modify GPL license code or incorporate it into your software, you might need to make available the modified code, and in some cases, even any software that incorporates it under the same or equivalent copyleft terms.
(:
It's important to distinguish between strong copyleft like the GPL, which can require publication of your entire software if it incorporates the license, or weak copyleft like the GPL, which typically applies only to specific linked components or libraries. Even if the copyleft open-source code is only a small part of your commercial software, it can impose publication obligations on your broader software. Breaching the restrictive copyleft license terms can have serious consequences and can result in the loss of license and copyright infringement claims.
(:
There are several steps you should take to ensure you're protected. First, ensure that you and especially your DevOps team know exactly what open-source components are in your product and what licenses apply. Second, assess the risk and establish governance. Not all OSS is equal. A small permissive component is unlikely to cause any problems, while a core dependency under a strong copyleft license is likely to be problematic in the long term. Third, conduct regular OSS scans to catch and remove any copyleft that might've accidentally slipped into your software. So, remember, while OSS is an important driver of tech innovation, make sure your company has implemented the necessary safeguards to avoid any hidden liability.
Voiceover (:
Thanks for listening to Bytes. Be sure to subscribe for more tech insights. Additional information about Skadden can be found at skadden.com.