Linux Foundation delivers compliance checklist

The non-profit-making Linux Foundation has issued an Open Compliance Programme to help organisations get their open source offerings in order, monitoring components which may be subject to intellectual property claims.

The programme includes an assessment checklist, which will be available soon, and software tools to check open source software in use. The Foundation is also offering training courses, at a cost.

“As Linux has proliferated up and down the product supply chain, so has the complexity of managing compliance,” said Jim Zemlin, executive director of The Linux Foundation.

“Our mission is to enable the expansion of free and open source software, so we created this programme to give companies the information, tools and processes they need to get the most out of their investment, while maintaining compliance with the licences governing the software.”

The Foundation said it has signed up the world and his dog to the scheme and name drops: Adobe, AMD, ARM, Cisco Systems, Google, HP, IBM, Intel, Motorola, NEC, Nokia, Novell, Samsung, Software Freedom Law Center, Sony Electronics and others.

"Complying with open source licences is actually easier than complying with proprietary ones. (One reason: there is no money involved.)," said Zemlin. "There are countless software audits of users every year, and settlements often range in the tens of millions for large companies. You may not have heard about those cases since they do not get the attention the very few open source cases do, but make no mistake, complying with proprietary licences is not easy or cheap."