Slashdot Mirror
Indemnity Protection for Linux?
spookymonster asks: "I'm a mainframe sysadmin for a Fortune 50 company. I'm also a Linux hobbyist. About 18 months ago, my request for a proof-of-concept z/Series testbed was granted, and the results have been encouraging. Despite this, senior management keeps saying that Linux isn't ready for prime time. Today, I was finally able to corner one of them and ask him what exactly his issue was with Linux. His answer: Indemnity. All our other software vendors provide protection against someone suing us for using their product. Who protects us if a third party sues us, claiming Linux infringes on their copyrights? Sadly, I was at a loss for words. I've done some digging on Google, but haven't really found anything on the subject. With the SCO/IBM lawsuit heavy in the headlines of late, I figured I'd turn to the Slashdot community for answers. How do I respond to questions about Linux and indemnification protection?"
These aren't good answers, but maybe it start you thinking "outside of the box."
1) Will MSFT really provide this indemnity protection? Do they say they will? If so, has that provision ever been tested? If they don't, or won't, then of course it's not fair to compare apples to oranges.
2) OTOH, you might try 'speciality' insurance companies. I have no idea what the rates would be like, but you can certainly buy insurance to cover any eventuality you can imagine--another poster here once talked about purchasing insurance against the loss of moon rock that they were testing. Which is just to say--just because "Linux insurance" isn't on a regular schedule doesn't mean that some actuarian won't give you a price. If you need to make calls, I would start with "Lloyd's of London", known for providing insurance for unusual events.
Finally, I think your concern is a real one--what's to stop me from using code that I developed elsewhere and contribute it back into the Linux source?
--
$tar -xvf
Wasn't there another case some years ago where a hospital built a system in SQL Server that broke due to a bug in SQL Server itself - the hospital had to reimplement the system in Oracle at considerable expense. So, they sued MS for damages. MS successfully defended itself from the suit by arguing that the EULA protected them in cases where their product didn't work as advertised.
So, you buy a database to store data. The database does not work. You have no legal recourse.
I searched google but can't find a link. Is anyone familiar with this case?
So, if you listen to a radio station that plays pirated music and there is a law against listening to radio stations that play pirated music you could, theoretically be charged. However it is unlikely you would be because 1: how do you locate the people listening unless they are part of a members list and 2: there is the question of whether or not you can be reasonably expected to know that the music was pirated.
I think it's the reasonable expectation that surprises me the most about the Microsoft thing. Unless it's stated somewhere in the EULA how could the people using the software be reasonably expected to know that it was causing a patent infringment? I don't know the particulars of the case, having only glanced briefly at the story once before but I would imagine that is someone contests it in court they could be released from having to pay.
It take more faith to believe in evolution than it takes to believe in God
It would be interesting to see how RedHat is going to provide security to me. The original poster was talking about enterprise level Z/OS machines, not a farm of x86 boxen. The world doesn't revolve around the hordes of college geeks and the ubber fast 'leete machines they run. Your bank can't afford to be caught with their pants down, and that is why they go with the IBM flavor of Linux, which is bastardization of SUSE. But, for all who care, IBM offers the exact protection the original poster is requesting. I know, cause there is a Z/OS mainframe box on this floor that we run linux on it. While this one isn't in a development role, the shrink wrap wouldn't have made it into the building without our in-house legal department's approval first.
Show them the software license, specifically section seven which may or may not apply, and sections 11 and 12 which do apply:
Section 7 (in part): If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.
Section 11 (all): BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
Section 12 (all): IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
So the straight answer is that the word indemnification does not occur in the license. Whether the license has no, little, or good indemnification should be judged by a lawyer. It seems as though the GPL protects those who wrote, modified, and distributed the programs in question from those who use the program, but doesn't seem to extend any special protections to those who use the program from their customers or other third parties.
My limited understanding of indemnity is that it's usually in a contract between a software supplier and a client, and the supplier usually carries insurance to cover indemnity claims. Thus, for Linux to have indemnity you'd have to contract to, say redhat, for the software and set up a clause in the contract specifically covering this issue.
-Adam
"I'm not a lawyer, but I play one on slashdot..."
Check out the story on The Register that everyone keeps mentioning, and you'll see a clearer example of what I mean. According to the story, Timeline may be able to demand license payments from Microsoft SQL server customers. A Washington court stated that the fact that Microsoft told customers they didn't need any additional licensing didn't remove the customer's obligation for due dilligence. This is all under the terms of Microsoft's standard licensing agreements; no mention is made of what would happen to customers that had separate indemnity contracts.
If anything, this article supports the argument that separate indemnity contracts are crucial when making large investments in other people's code.
- Despite popular opinion, I am not perfect.
This was, of course, ridiculous: they didn't require their employees to have deep pockets, and when they screwed up, they didn't sue them for millions.
It's not legal (in the US) to sue an employee for screwing up except for cases of gross negligence.
Your favorite