By Gavin Clarke for The
Register
This article has been reproduced from The Register, with
permission.
OSRM will assess both the risk of the software in use and the
individual company, before passing on the risk to the appropriate
insurance company on the Lloyds market. OSRM expects to announce
the first customers this Fall, and will initially charge
organizations $60 per server.
The partnership between OSRM and Lloyd's will be vendor
independent, differing from many of the existing intellectual
property (IP) protection programs that are primarily designed to
ward off attack from the litigous SCO Group.
Red Hat, Hewlett Packard and Novell in January 2004 all
announced separate protection for customers using their Linux
products. JBoss in April this year announced indemnification for
its middleware, including JBoss application server, Cache and
Hibernate object relational mapping technology.
The type of coverage provided by Lloyd's also promises to be
substantially larger than vendor-backed programs thanks to Lloyds'
size and capital backing.
"This is a huge step," OSRM chairman Daniel Egger told The
Register.
OSRM first announced plans for indemnification with backing from
major financial institutions in March 2004. The group was expected
to provide the service shortly afterwards in 2004, but Egger said
the program had been complicated to arrange.
"We have lined up the capacity. We have the exclusive right to
begin to offer this risk category and we have the customers who
want the cover," he said.
An OSRM study found 15,000 patent issues in the Linux, Apache,
MySQL and Perl/Python (LAMP) stack. While OSRM believes Linux and
open source are, on the whole, safe from IP claims their increasing
use by large companies opens the door to suits from those hoping to
simply cash in.
Arguably, one of the worst-case scenarios is the so-called
"colorable case" where there is no substance to an IP claim,
but a company is forced to waste millions of dollars to defend the
claim or settles early for a large sum to make the case go away.
The average US patent action is estimated to cost $2m, according to
the American Intellectual Property Lawyers' Association.
Those likely to threaten companies and users are commercial
software vendors and a growing number of specialist organizations
that buy IP patents in order to charge users for their use.
"There is a risk, but it's a material risk," Egger said of Linux
and open source. "We are trying to make sure we are not exposing
corporates to risk that makes using Linux uneconomic."
Today's vendor-backed plans are unable to provide full
protection because they cannot risk protecting parts of the
software stack they did not write, he argues. That's a potential
issue for organizations with the full Linux, Apache, MySQL and
Perl/Python stack developed by different companies.
"Our long-term goal is to get to a standardized policy," Eggers
said.
© The Register
2005
