Do Diligence Partners, Inc.
Do Diligence Partners, Inc.
  • Home
  • Services
  • Packages
  • Why Do Diligence®
  • Contact Us
  • Team
  • More
    • Home
    • Services
    • Packages
    • Why Do Diligence®
    • Contact Us
    • Team
  • Home
  • Services
  • Packages
  • Why Do Diligence®
  • Contact Us
  • Team

License Analysis

Open Source Software (OSS) is not a “Free For All”!

With the wide availability of Open Source Software (OSS), it makes sense for companies to take advantage of it. By avoiding “re-inventing the wheel” companies reduce costs and shorten their development timeline, allowing them to get to market faster. However, there are licensing conditions and terms that companies must follow when utilizing OSS in their software products and services. 

Violations of OSS licensing can lead to:

  • Costly and lengthy litigations (high profile examples include Google, Vizio, and Tesla) 
  • Loss of Intellectual Property if license usage requires software to be released into the public domain
  • Costs associated with replacing restrictively licensed OSS components 
  • Customer support issues, if customers are required to download and install Open Source Software


Many Companies Have No Idea They are Out of Compliance!

OSS is subject to a wide range of licensing schemes, from “free” use to “restrictive”. In the case of the most restrictive licenses, commercial software that is a “derivative of” the OSS package is required to apply the OSS license to the combined software package. Unless resolved, this would relegate the commercial software to the public domain, exposing important Intellectual Property to the public.


A widely accepted interpretation of “derivative of” is a software package that is statically or dynamically linked with the OSS package. This is referred to as the “copyleft” provision of these licenses, a play on the term copyright since these licenses are based on copyright law. This is the definition of derivative work employed by Do Diligence®. 


Commercial companies, private equity firms, and investors acquiring or investing in software-based technology companies seek to ensure that the software is indeed proprietary. To do so they hire companies like Do Diligence® to conduct license analysis reviews as part of their technology due diligence process. When this process identifies proprietary software that is affected by a restrictive, copyleft-based license, there are several courses of possible remediation:

  • Replace the software with a commercial version
  • Replace the software with an OSS package with a benign license
  • Develop proprietary functionality
  • Require users to download the restricted OSS package


The most popular restrictive software licenses are the GNU General Public License (GPL), the GNU Lesser General Public License (LGPL), and the Affero GPL License.  In addition to the copyleft provision of these licenses, they contain patent retaliation provisions. 


In other cases, the concerning restrictions of some licenses are based on modifications to the source code for the OSS package. In these cases, the modifications must be provided to the public. 


And in yet other instances, licenses have unique requirements that, while less onerous, may require some effort on the part of the subject company to address. 


The Do Diligence® License Analysis service: 

  • Combines subject company license information with information from source and executable scans
  • Compares the results to its license database
  • Researches to complete missing license information 
  • Engages the subject company to determine the potential impact of restrictive licenses 
  • Produces a report and detailed list of the Open Source and Commercial licenses   

Copyright © 2024 Do Diligence Partners, Inc. - All Rights Reserved.

Powered by GoDaddy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept