Open-Source Insurance

* * Beatles-Beatles writes to tell us that several insurance agencies have formed a partnership to offer open-source compliance insurance. From the article: " The insurance will cover up to $10 million in damages, including profit losses related to noncompliance with an open-source software license. The policy could, in some cases, cover the cost of repairing code that was found to infringe on open-source licenses such as the General Public License, which is used with the Linux operating system."

This JUST happened?

[caenorhabditas]

I seem to remember interning for (ironically enough) an insurance company's IT department a few summers ago and hearing about how they took out liability insurance on pretty much all of the open-source tools they used. This even included things like Perl, where the chances of being sued are fairly small, just to be absolutely sure. Furthermore, it sounded like they'd been doing this for a while.

I suppose that their policies might not have covered the costs to get it into compliance and other such expenses. Still, I'm sure that huge companies like IBM have been careful to insure against such possibilites for years. It would be foolish for them not to.

Silly?

[Savage-Rabbit]

Defending copyright infringement of any source code is ridiculous. You can't accidently copy a line from someone else's program to yours. Infringement is only deliberate.

That issue is not quite simple. Like the another poster pointed out you can end up with code that looks alot like an OSS implementation quite by chance simply because there is a very limited number of ways to solve a certain problem. Another way you could end up in trouble because of OSS could happen is if one of your developers decided to cut corners on a project and rips code from and Open Source project without telling you or if you merge with another company and find out that they have built Open Souce code into the application code that you acquired in the merger. If these developers strip off the comments and hide their tracks well it might not be obvious at all to you or your code reviewers that the code came form an OSS project. One other way you could get into troube over Opens Source software is if you produce a commercial application that links to Open Source libaries. From what I know it is not at all legally clear in some countries whether this quaifies your commercial application as a derivetive work. If somebody takes you to court over this and the judge rules an app that links to Open Source code is a derivative work you would be in trouble. In all of these cases (except perhaps the last one since it is still a legal gray area) it would be hard to accuse you of 100% evil and deliberate IP theft or infringement and I can see how an insurance that protects you during a resultant law suit and the subsequent repair work to get rid of the infringing code might come in handy if it isn't to expensive, especially for a startup company.