Munich's Linux Migration Raises EU Patent Issues

J ROC writes "Techweb has a story about the German city of Munich's Windows-to-Linux migration. It appears the move to replace 14,000 Windows desktops with Linux has hit a bump. Green Party alderman Jens Muehlhaus, who is a supporter of open-source software, has petitioned the mayor to examine the status of software patents in the European Community. The issue involves a proposed directive on software patents that is being considered by various European governments. Muehlhaus fears that a patent owner could issue a cease-and-desist order against Munich, thus hurting the operation of various city departments."

So would MS software be immune?

[PhilipPeake]

I would think that given MS's past history of "borowing" ideas, they are as open to patent issues as anyone else. So what do they suggest Munich (and everyone else) do? Stop using software?

Re:So would MS software be immune?

[justsomebody]

No, it suggests taht Germans should reconsider their vote about patents.

Last time they voted German representatives voted for the patents (after all their talk how they are against them, they were satisfied with few minor corrections of original proposition and voted YES)

btw. If I remember correctly Eric Raymond said that those little changes would do even more damage as original proposal

Re:So would MS software be immune?

[ron_ivi]

Even more that Eolas, the Timeline patents that Microsoft infringed upon cost Cognos 1.75 million just because Cognos used Microsoft's infringing components.

I hope Munich carefully audits all of Microsoft's source code before deploying it as well.

Re:So would MS software be immune?

[ron_ivi]

On, and once again I'd like to state the need for a third-party source-code auditing service that the large auditing company could provide to make sure that software (both open source and commercial) doesn't infringe on other people's copyrights and patents.

It's concerning to me how many people may be using illegal software from closed souorce vendors who stole source code from other projects. I would hate to build a business on a software package only to later have the vendor discontinue support because he got caught for having illegally stolen copyrighted software and incorporated it in his work.

With open source, I can feel pretty safe - based on the many eyes who see the check-in comments, someone would complain if they saw their stolen code. With proprietary software, I probably wouldn't even have a way of knowing until my vendor gets shut down.

Re:So would MS software be immune?

[ron_ivi]

Tell that to Cognos, who lost the lawsuit with Timeline eventhough it was Microsoft that had the infringing code.

What you say aobut the vendor being responsible would only be true if the infringing vendor had sublicing rights. In Microsoft's case, they didn't: for more info...

Microsoft originally licensed the patents with the understanding that it would be able to sublicense the patents to their customers and to third party software developers who use Microsoft software and tools. Microsoft intended to provide this sublicense to its customers for free to ensure that the patent claims didn't directly affect customers. Microsoft sources told me that for this privilege, the company paid substantially more than other vendors for its license, although the exact figure isn't public. Microsoft filed suit against Timeline shortly after signing the license agreement in June 1999 because Timeline claimed that Microsoft didn't have the sublicensing rights. See the Microsoft PressPass article at http://www.microsoft.com/presspass/press/1999/jul9 9/timelinepr.asp for additional information about the suit Microsoft filed against Timeline. In December 2002, the Seattle Supreme Court ruled in favor of Timeline on this matter.

How does Closed-Source make this better?

[tmasssey]

If Windows is infringing on a patent, how is Munich protected? Closed Source, Open Source, whatever: if you steal a patent, you're in trouble. Either way.

Is Closed Source better just because it's harder to *know* when you steal?

Re:How does Closed-Source make this better?

[Ogerman]

Is Closed Source better just because it's harder to *know* when you steal?

First of all, patent infringement is not stealing, so refrain from using that silly, emotionally-loaded misnomer. Secondly, it's hard to *know* about patents regardless, whether the software is open of closed. Most patent infringement occurs accidentally. It's not like copying somebody's elses code -- where you know you didn't write it yourself. If you try to analyze any given piece of open or closed software, it will take you years of professional research to determine whether it bumps into any patents. Having the code doesn't even usually matter because most patents cover tiny aspects or nuances of functionality. This is why software patents themselves are so bogus -- they are all, by definition, trivial. In fact, they're so trivial that it's usually hard to even find them! (hence the term "patent minefield") The state of the art in software is advanced by millions of trivial, evolutionary steps forward. None of those steps deserve monopoly rights.

This idea is GENIUS!!!

[erroneus]

I wish I had thought of it! The only way to make the government see that software patents are bad is to show them that they've got something to lose!! GENIUS!

Re:What's the problem here?

[r.jimenezz]

I think the way in which the article was submitted to Slashdot is good (i.e. the "department" Timothy put it in and the submitter characterizing the issue as "a bump".

Unfortunately, the article's body is a bit less objective and states the project "was placed in jeopardy". Not that I understand much about German law, but it seems to me as if the Green Party is simply making sure that eveything is being contemplated. Notice that both alderman Muehlhaus and Mueller, the Party's spokesman, are pro-open source.

I think this is in fact good for the project. This goes to show that the patents issue (worldwide, not only in Europe) is becoming a growing concern for more and more sectors. Seeing that they are being careful about this actually makes me think they remain very serious about seeing this project get finished well.

So, to address more directly your question: it is not about a particular patent causing problems, it is about being warned that the situation may eventually arise.

And so it begins

[nurb432]

And you all thought Microsoft was just collecting patents for defensive reasons..

Just wait.. this is only the beginning of IP concerns that may derail the freedom to compute..

Contracts and commercial law

[JohnQPublic]

Closed source is better for patent-threatened users because there are contracts in place and because of "fitness for use" laws. I can't speak about Germany, but in the USA if you sell me something and it violates somebody else's patent, you need to make things right for me. And if "you" are some large company, making it right can involve patent cross-licensing and no cash changes hands. Outfits like Microsoft, Sun, HP, and IBM do that all the time.

Open Source is great, but as the licenses make clear, *you* wind up holding all the liabilities. There aren't any warranties, and there's no implied fitness for use. If Open Source software violates somebody's patent, it may be possible for them to sue you for infringement. They can certainly sue you to require you to "destroy" your copies of that software.

Hence all the concern about software patents.

Re:Contracts and commercial law

[colinrichardday]

Munich didn't get its Linux by downloading ISO's, it got that Linux from IBM and SuSE (now part of Novell). I suspect those companies can handle such problems.

Re:Contracts and commercial law

[nathanh]

Open Source is great, but as the licenses make clear, *you* wind up holding all the liabilities.

Says who? Darl said this 1000 times and now we have people like yourself parroting it, but I've yet to see anybody with legal knowledge state the same thing.

Should have been obvious from the EU directive

[retrosteve]

They've stated the headline backwards! It should be:

EU software patent directive makes Munich's Unix migration difficult.

The moment Germany caved on Software Patents they ensured that free software would require licenses simply to continue to exist and be compatible with any commercial software.

Hence, any government (e.g. Munich) hoping to use open source or free software will eventually be unable to do so and still retain compatibility with common commercial software. It's a foregone conclusion.

Case in point: Samba. It's only a matter of months before Microsoft uses patents to kill Samba and all similar communications compatibility with Open Source software. How will this affect Munich?

I really do hope this brings the German delegation to the EU back to their senses, but I fear it's too late. By the way, the ffii site seems to be down. Anyone know why?

Mod parent up!

[JohnQPublic]

I think this is in fact good for the project. This goes to show that the patents issue (worldwide, not only in Europe) is becoming a growing concern for more and more sectors. Seeing that they are being careful about this actually makes me think they remain very serious about seeing this project get finished well.

That's an excellant point. This isn't necessarily a bad thing for Open Source. In fact, as things stand, it sounds like it's in Munich's best interest to press for an anti-patent answer from the EU. And as the parent notes, the two named individuals are pro-source.

Re:What's the problem here?

[A1kmm]

I don't see how this is specific to OSS. After all, the same could be true about any software, Free, free, commercial, open, closed, in-house, public domain, etc... There are so many patents, many of them vague, out there, and no company or government(not even those departments dealing with patents) knows them all. Combine this with the fact that every line of source code could violate multiple patents given the simplicity of patents, and the combination of certain lines of code could also violate patents while each line by itself doesn't. So to check a program of size n against a patent database of size m is takes at least O(2^n m) of human resources. No one can supply this much time for any realistic software. Hence, we can never be sure that software we use doesn't violate any patents.

Clearly, whatever platform they are currently using faces the same problem, so unless they have identified a specific problem, this should not affect the migration.

OSS patent violations get fixed quickly

[Entropius]

As everyone has pointed out, patent violations can be found in all sorts of code.

However, the OSS community has historically been quick to write certifiably clean replacements for any code that has even a slight chance of being tainted.

Re:What's the problem here?

[thrillseeker]

I don't see how this is specific to OSS. After all, the same could be true about any software

The difference is that OSS doesn't have the luxury that closed-source does of being able to hide its kitty litter - everything is in the open is OSS by its very nature. Closed-source may operate for years with no one being the smarter that multiple patents are being violated.

Why do they think patent only affect FOSS?

[walterbyrd]

The only time that I know of end users being sued for a patent violation, was in the case of msft's sql server.

Why do they think that FOSS is more suseptable than proprietary?

Unless, they are afraid of a particular propriety software company, which has been filing about 10 patents a week lately (almost all for stuff they didn't invent).

Re:What's the problem here?

[B747SP]

OSS doesn't have the luxury that closed-source does of being able to hide its kitty litter

That, and the bit where if you buy closed-source software, and it turns out to have some form of dodgy encumberance, then there is someone to.. ah.. how-you-Americans-say-in-your-language?..ah-yes... point the lawyers at. You generally don't get left holding the bag all on your own.

As the saying goes, if OSS software breaks, you get to keep both pieces (however in this context, the patent holder may well like to have his piece back :-(

All together now... "software patents are evil".

Wait...

[WebCowboy]

Open Source is great, but as the licenses make clear, *you* wind up holding all the liabilities. There aren't any warranties, and there's no implied fitness for use.

And this is different in what way from Microsoft Windows? This is an exerpt from the Windows XP EULA:

Except for the Limited

Warranty and to the maximum extent permitted by applicable

law, Microsoft and its suppliers provide the Product and

support services (if any) AS IS AND WITH ALL FAULTS, and

hereby disclaim all other warranties and conditions, either

express, implied or statutory, including, but not limited

to, any (if any) implied warranties, duties or conditions

of merchantability, of fitness for a particular purpose,

of reliability or availability, of accuracy or completeness

of responses, of results, of workmanlike effort, of lack

of viruses, and of lack of negligence, all with regard to

the Product, and the provision of or failure to provide

support or other services, information, software, and

related content through the Product or otherwise arising

out of the use of the Product. ALSO, THERE IS NO WARRANTY

OR CONDITION OF TITLE, QUIET ENJOYMENT,

QUIET POSSESSION, CORRESPONDENCE TO

DESCRIPTION OR NON-INFRINGEMENT WITH

REGARD TO THE PRODUCT.

Basically what MS warrants is that if the media is scratched or it or the packaging are otherwise defective, or through defect Windows is not able to boot to a state in which your machine is able to perform its basic functions, then you are entitles for a replacement or refund within 90 days.

Beyond that any other warranty depends on how much warranty coverage your juristiction can force Microsoft to provide by law, or in the case of corporate customers on what is covered in a supplimental contract. In the case of legally minimum warranty I am now aware of ANYWHERE in the world that legally forces a vendor to indemnidy its customers from legal action involving patents. However, end users generally are not the target of patent violation cases--patent holders go after the manufacturer/vendor instead (even SCOs cases against Autozone and DaimlerChrysler don't involve patents--and they even skirt around copyright. They are basically contract disputes based on shaky ground).

In any case, Microsoft provides NO MORE WARRANTY than any Linux distributor might for a retail box or ISO download of their product. That being said, a major corporate or government enterprise would negotiate a special contract with the vendor.

In the case of the Munich Linux project, I cannot see how the city of Munich could be stuck with an order to suddenly stop using their software. The worst case scenario would be that the firms contracted to do the project (IBM and Novell) could be told to cease-and-desist Linux operations, which would delay the project or disrupt future expansion or support. I imagine that this would be handled by the contract between the city and IBM/Novell. A big enterprise customer generally is VERY through when it comes to risk management.

They can certainly sue you to require you to "destroy" your copies of that software.

Whatever the details, I've NEVER heard of a case where end users were ordered to destroy ANYTHING because it violates a patent. Could you give an example where, say, not only Red Hat would be ordered to stop distributing a software product due to patent violations--all its customers would be ordered to stop using the product too?

That would be like General Motors suing an aftermarket parts supplier for producing illegal replacement parts for Chevrolet Malibus and be granted the authority to send all registered owners of Malibus court orders to take their cars into dealers for examination and possible replacement of the parts. Such a remedy would be considered ridiculous.

Sorry, proprietary tech end-users can get sued

[kjj]

Click here to read about a patent case involving Rockwell and a lawsuit generating company called Solaia. They decided to go after Rockwell's costomers and not just Rockwell. The customers sued Rockwell and Rockewell is now going after the Solaia's lawfirm for making the suit. This thing makes the SCO case look like a picnic, but in this case only proprietary software and technology and licensing is involved. Now of course these end-users are actually big corporations like Clorox and Shell which is probably one reason the suits were filed. I have not heard of patent suits where customers at a department store or mall get sued for their purchase, but do not rule out that possibility. It could happen. The point is using proprietary systems and licenses with big corporations does not put you in the clear of liabilities.

clarifying the intention behind this

[FlorianMueller]

In reading some of the replies here, I see that many people figured this out and some were confused due to the fact that indirect reports on something can easily be misunderstood.

The FFII (www.ffii.org, just that the website is inaccessible while I am writing this) identified more than 50 conflicts of the Linux "base client" of the city of Munich (from their migration feasibility study) with software patents that had been granted or are about to be granted by the European Patent Office.

For some background information: The European Patent Convention of 1974 does not allow software patents. It excludes program logic from patentability. The European Patent Office has been granting software patents anyway (in fact, about 30,000 already), and now the European Union wants to take a decision on the patentability of program logic. That decision could go in any of three directions:

legalize software patents all the way (that's what some of the EU institutions want, and it's the will of the governments of Germany, UK, France, Sweden and other countries)

abolish software patents entirely (that's what the European Parliament voted for in September of 2003, and that would be best)

continue with status quo (which means that the situation remains unclarified for now... that would not be ideal but still infinitely better than legalizing software patents in the EU)

What the Greens want is for governments such as the German one to consider the implications of software patents to their own IT strategies. It's not just that the city of Munich migrates to Linux. There is a "Migration Guide" book that was published by the German Federal Ministry of the Interior, and in that migration guide they tell, in no uncertain terms, every public administration in Germany that they should migrate to open source as fast and as much as they can. That type of recommendation is reduced to absurdity by simultaneously supporting software patents, which in the opinion of Linus Torvalds, Alan Cox and many other developers are the ultimate threat to Linux.

The European governments have a simple decision at hand: Do we want a competitive environment in which open source and small and medium-sized enterprises can present every purchaser of software (governmental agencies, enterprises, private households) with alternatives? Or do we want an oligopolistic market in which only a few powerhouses cross-license thousands or tens of thousands of patents at a time, and can at their choosing leverage those patents against their competition?

It's another question whether open source is more endangered by software patents than closed source. For the most part, everything that is bad about software patents simply applies to open source as well, just that FOSS is particularly successful at breaking into monopolistic and oligopolistic markets (as the Linux migration project of Munich shows). What comes on top of all of this is that access to source code makes it easier to identify and substantiate patent infringement assertions. In my opinion, that open-source-specific aspect is not nearly as important as the fact that FOSS is a strong competitor to various patent powerhouses.

Generally, software patents simply make software development hugely more expensive. Without software patents, you need to know how to program, you purchase a computer for maybe $1,000, and you can contribute to an open source project. With software patents, you need to play that absurd cross-licensing game, and you can't do that without thousands or tens of thousands of patents, which in turn means that unless you're a multi-billion $ organization, patents are only a risk to you and no protection at all.

EU decision-making timeline on software patents

[FlorianMueller]

I promise this is my last next-to-top-level posting on this thread :-)

Here's the EU situation. They want to clarify and sort of supersede the European Patent Convention of 1974.

The initiative at the level of the European Union started in 1999 when the European Commission started to look into this.

On 02/20/02, the European Commission formally proposed a "Directive on the Patentability of Computer-Implemented Inventions", totally pro-swpat.

On 09/24/03, the European Parliament said No but in a very smart way. Instead of just turning it down, they simply amended it to the effect that it was turned around by 180 degrees. They turned a pro-swpat directive into an anti-swpat directive.

It then went to the EU Council, which is the representation of the EU member states. That's where the responsibility of the government of a country like Germany comes in. On May 18 of this year, the EU Council reached a "political agreement" on a pro-swpat directive. Basically they dropped the essential amendments of the EU Parliament, went back to the text of the Commission, and even went beyond by particularly allowing "program claims". So the EU Council came up with the most terrible legislation of swpats that anyone in the EU has proposed to date.

Now, the press reported on that May 18 thing as though it were a final decision. It's not final at all. It was not a formal vote on May 18, just a tentative vote. The formal decision is now expected to occur on September 24, and in the meantime, the Dutch parliament has made a resolution that the government of the Netherlands should abstain. On May 18, they were in support of swpats, so technically there is no more majority right now but the EU Council procedure is such that the May 18 thing might be passed without a vote (just by no one protesting... they call that an "A item", adopted without debate). Every country that supported swpats on May 18 could still change its mind, including Germany. It's just that they usually don't do that because it would violate an unwritten code of diplomacy. The whole idea behind this "A item" thing is that they want the civil servants of the national governments to work out as many things as possible so that the ministers, who the Council is formally composed of, don't have to deal with each and every issue. The EU passes thousands of laws and regulations every year and the fewest are sorted out by the ministers.

Even if the EU Council were to pass its May 18 pro-swpat directive, that legislation would still not take effect. It would go back to the EU Parliament, and then there is so much that can happen in procedural terms that I'd better stop it for now and let's talk about this if and when we get there :-)

Re:What's the problem here?

[tftp]

Not exactly. For example, imagine that a company sells a program; one copy of this program can send a BMP picture to another copy of the same program over the network. And the pictures, while in transit, are compressed into patented GIFs (let's assume that GIF is still patented), and encrypted too.

To find out that the GIF patent is used in the program without paying royalties one has to either see the source code, or to crack the encryption. In either case it is not trivial, and can not happen accidentally, just because someone was searching on Google, for example. The company can use the patent for free and get away with it.

The OSS has all the code available, and the use of GIF would become obvious and instantly searchable. As big companies amass more and more patents on everything under the sun, OSS will be more and more vulnerable; for sure, all the new things will be locked out of OSS since they will be heavily patented. I am sure MS learned their lesson with SMB, and whatever they are putting into new designs will be both patented and encrypted.

some more background info -- Re:what is going on?

[FlorianMueller]

Your question in the subject line is well taken.

The EU legislative process involves three different bodies (EU Parliament, EU Commission, EU Council) but the two latter ones are pretty much the same on the swpat issue.

It is interesting to observe that democratically elected representatives of the people have so far taken anti-swpat positions: The European Parliament on 09/24/03 and the Dutch "Tweedekammer" on 07/01/04. However, the EU Commission and the so-called "Working Party" (a committee of civil servants basically) of the EU Council are pro-swpat.

There are three reasons why this is so:

Those civil servants on the patent workgroup of the Council are typically the national patent administrators. They are senior civil servants and some of them are on the controlling board of the European Patent Office. They don't need a pro-patent lobby to lobby them. They ARE a pro-patent lobby themselves. Those people believe that patents are the greatest blessing that has ever been given to mankind, and their own influence and career is linked to the patent system in one way or another.

Large corporations such as Siemens, Ericsson, Nokia, ABB, Bosch and others aggressively push the national governments of the EU member states for swpats. They might pay dearly for that in the end because they aren't really good at making patentable "inventions" in the software space but they believe it just benefits the large companies and they can then cross-license with the other big guys. Those European corporations basically do the lobbying job for the American large corporations that want those swpats even more but can't take as visible a position in the European debate as they'd like to (they do it indirectly through industry associations that they have hijacked, such as BITKOM in Germany). The political influence of those European corporations is huge. If the CEO of Siemens wants to talk to the chancellor (head of government) of Germany, he probably just calls him directly on his cellphone.

There are many companies, particularly software companies (not only in open source!), of small and medium size, which should be concerned over this political development and should collectively run a forceful campaign. Swpats will never be the mainstream political topic that, for instance, the war on Iraq is, but if properly presented, it can be a significant topic. After all, every public administration, virtually every enterprise and a vast majority of all households needs software. However, the management of most SMEs is too unsophisticated in political terms. I'm now making an effort to get some of them to figure this game out. Unless they are ready to join the fray and do something impactful (which is not just minor things like writing open and non-open letters to politicians), they'll lose out all the way. SMEs typically think that they should only focus on their core business and shouldn't ever spend management time, let alone money, on the political front. Large corporations are typically much smarter in that regard (they not only have more resources, they also do understand that politics are a business priority). The shortsightedness of most small and medium-sized companies in this respect is stunning.

It's nothing short of remarkable how successful the FFII and other anti-swpat activists in Europe have been under those circumstances, without a substantial amount of funding!