the Versata v. Ameriprise case. To recap briefly: Versata sued Ameriprise for allegedly breaching its license to Versata’s “DCM” software. Ameriprise counterclaimed, alleging that because DCM contained third-party software licensed under the GNU GPL, Ameriprise was entitled to use the software freely and obtain the corresponding source code. (The producer of the GPL-licensed software went on to sue them both.) What hasn’t been widely reported is what happened between Versata’s complaint and Ameriprise’s counterclaim: Ameriprise privately notified Versata of the violation and encouraged Versata to settle quickly to keep it under wraps. “We have become aware of an issue that persuades us that it would benefit both Ameriprise and Versata to end this litigation promptly,” wrote Dorsey & Whitney lawyer Peter Lancaster, on behalf of Ameriprise. After describing the GPL’s copyleft provision, Lancaster continued: “A public debate between the parties could have a substantial impact on Versata’s business wholly apart from its relationship with Ameriprise. The author and owner of the copyright to Ximpleware’s software and the Free Software Foundation may also have an interest in Versata’s actions, and we believe that it would benefit Ameriprise and the Court to involve one or both entities in this case should it continue much longer.” (The full letter is embedded below.) In short: if you settle our case, we’ll keep quiet about your GPL infringement. Ameriprise’s offer wasn’t illegal or even unethical (at least according to the rules governing attorney conduct), but it provides a telling glimpse into how too many companies approach FOSS: Versata apparently didn’t even know it had incorporated GPL-licensed software in its application, and when Ameriprise discovered it, its first thought was to conspire with Versata to conceal it. It’s impossible to know how often companies successfully avoid liability for FOSS license infringement by ignoring it or hiding it away, but it didn’t work for these parties, and it’s a poor strategy. If your company uses FOSS (and it does), you can do better. Know what you’re using and what your obligations are: adopt a FOSS intake policy, design compliance into your engineering process, and empower your engineering staff to collaborate with your management and legal team when issues arise. ]]]]> ]]>
Computer Fraud and Abuse (CFAA) updates and Analysis – March 23, 2022. Court denies Motion to Dismiss in United States v. Thompson. Why this matters for Computer Law?