[Luni]-understanding the Linux/SCO court case

[jean at kcco.com]

Quoting "Jirsa, Jeff" <Jeff.Jirsa at tfn.com>:

> What I would like to know, is $CO going to be able to get royalties for any 
> Unix derivative OS because "they own the IP".  Does the verdict of the AT&T
> vs. *BSD case stop them from doing that?

First, IANAL but I have done a great deal of reading on this topic, and am
parrotting many of the comments made by attorneys who have commented publicly
(though unprofessionally and with appropriate disclaimers) on the subject.

The verdict of the AT&T v. BSD case means that the BSD code (after having
removed 3 files and a few other lines of code) has been deamed officially legal
and noninfringing.  $CCO cannot touch that.  Any of that code, all of which has
since been released under a GPL compatible version of the FreeBSD license, is
also perfectly legal to use in Linux.

Many FreeBSD enthusiasts erroneously assume this makes them legally immune to
the kind of FUD and innuendo attack $CO is currently launching against Linux. 
This is WRONG.  FreeBSD and any other software project, free or proprietary, is
potentially vulnerable to the exact same kind of attack.  To understand this,
one must understand the attack methodology and its implications.

* The accusation is NOT about original System V UNIX code, which can now be
legally used under the FreeBSD license and therefor also included in any free
software or proprietary project, such as GPLed Linux or proprietary Apple OS X.
* The accussations and public innuendo being made in the media are FUD and have
no bearing on the legal case.  These accusations morph with every retelling and
have not been substantiated in any way (and cannot be, as $CO will not present
any evidence supporting their ever more wild claims publicly)
* The legal case being brought against IBM alleges a contractual violation and
the revealing of trade secrets.  IBM can be held liable for this, if the
allegations prove to be true.  This is extremely unlikely, as it appears the
technology was first developed by the Linux community at large and IBM (namely,
the SMP kernel capabilities of Linux, though as yet no one is exactly certain
what features/code is really the subject of the complaint, as $CO has not
presented any evidence publicly whatsoever), and put into the Linux kernel, and
has yet to appear in any $CO product.  However, regardless, the Linux community
and kernel developers cannot be held liable for a contract violation if they
have not signed a contract with $CO.  I.e. anyone not having a business
relationship with $CO is safe.  Any of their customers may be at risk, depending
on what contracts, if any, they signed.
* Trade secrets, once revealed, cease to be secret.  If it can be proven that
the Linux community and developers acted in good faith (and it can, as all of
the dialog, correspondence, and patch commits are public record), then $CO not
only cannot collect on any damages from the community at large or the kernel
developers not directly employed by one of the contractees (IBM), they cannot
even legally insist that Linux stop using the knowledge so derived.

No matter how you cut it, Linux is in the clear.  The only issue is one of
perception, credibility, and image, which is exactly what this campaign of FUD
and innuendo is all about, and why $CO is being paid so handsomly by Microsoft
to license code Microsoft doesn't need a license for, and which it appears
Novell, not $CO, retains the copyrights and patents on.

> If, and I mean if, there is any original Unix code in Linux (which I highly
> doubt),  will we be able to remove it like the BSD community did and 
> keep plugging away,  without having to give $CO a dime...

Although this is not the official accusation, it has been one of many ever
morphing PR and media accusations/rhetoric emerging from the contemptuous jerks
at $CO.  Were it to be true, however, $CO could collect absolutely no damages
whatsoever, and would probably be found to have licensed the code by having
included it in their GPLed product: Caldera Linux.  Even if the GPLed status of
said code were revoked, $CO could collect no damages as they have refused to
reveal what code is suppossedly infringing for more than six months now,
preventing the Linux community from avoiding infringement.  This is known as
having "dirty hands" and it makes $CO legally ineligable for recovering any
costs or punitive damages whatsoever.  So, long story short, were Linux actually
in copyright violation, simply removing and rewriting the offending code once it
is revealed (in court or elsewhere) is all that is required: there is according
to every IP attorney I've heard or read comment on the subject absolutely no
financial liability for the Linux community, its users, customers, or sellers,
whatsoever, even if the most outlanding of $CO's unsubstantiated claims were to
prove true.

> What about the fact that Caldera sold GPL-based software for years, and now
> as $CO say that the code base is no longer legit?  By reselling Linux, 
> haven't they given total approved of the code?

Since they sold the product for months after having publicly made the
allegations, they have in essence done exactly what you describe, and the most
likely outcome of any court case would be that they willfully and knowingly
published and released the code under the GPL.  Alternatively, if the court were
to find otherwise, they willfully and knowingly violated the GPL, with very real
and verifiable financial costs to other Linux firms, and having willfully and
knowingly violated the Linux copyright and inflicted financial damage as a
result, they would be liable for a great deal of actual and punitive damanges.

The problems Linux is having are not legal.  They are perceptual.

However, it is an opportunity to consider how one might guard against similiar
attacks in the future.  One can expect more aggressive attacks of this nature
from monopolists like Microsoft as Linux gains wider acceptance and cuts more
deeply into their market share.  I would not for a second put it past Microsoft
to infiltrate an open development project they do not like and have one of their
lackeys start slipping copyrighted code into the project, then come along two
years later and make legal accusations for which they have engineered a negative
(for Linux) legal outcome.  For this reason, have some kind of legal affidavit
or public assurance by any coder committing code as part of the cvs, subversion,
bitkeeper, etc. commit process would IMHO be very wise.  We need to nip this
thing in the bud, as this kind of disingenuous FUD, innuendo, or poisoned-well
attack could concievably be levied against any open project (and really, even
any proprietary project...just slip a lackey into a competing company as a new
hire), including FreeBSD.

Jean.