日本語 English

<br /> <b>Warning</b>: Undefined variable $sitetitle in <b>/home/xb675064/monolith.law/public_html/wp-content/themes/monolith_en/header.php</b> on line <b>117</b><br />

MONOLITH LAW OFFICE+81-3-6262-3248Weekdays 10:00-18:00 JST

MONOLITH LAW MAGAZINE

IT

HOME > LAW MAGAZINE > IT > Key Considerations When Using Open Source Software in Software Development Outsourcing Agreements

Key Considerations When Using Open Source Software in Software Development Outsourcing Agreements

IT

Key Considerations When Using Open Source Software in Software Development Outsourcing Agreements

Open Source Software (OSS) is widely used in many software development settings for its ability to reduce development costs and workload. When outsourcing software development, OSS may also be utilized, but what considerations should be taken into account when entering into a development outsourcing contract?

This article will explain the key points to be aware of when using OSS in software development outsourcing contracts under Japanese law.

Risks of Using OSS When Outsourcing Software Development

When entering into a software development outsourcing contract, it is essential to properly address the risks associated with using Open Source Software (OSS) in the development process. Let’s examine what risks may be involved.

The Obligation to Disclose Source Code May Conflict with NDAs

Some OSS licenses, known as copyleft licenses, allow users to copy, modify, and redistribute the work while the OSS developers retain copyright. An example of this is the GNU General Public License (GPL) created by the Free Software Foundation (FSF).

When using OSS with a copyleft license, there is an obligation to disclose the source code as per the OSS license. This may result in the obligation to disclose the entire source code of the commissioned work, which can conflict with contractual confidentiality obligations (NDAs) or closed commercial distribution policies. Therefore, it is crucial to thoroughly review the licenses of the OSS used when outsourcing software development.

Obligation to Include Copyright Notices and License Documentation

Even with licenses like MIT or Apache, it is mandatory to include copyright notices and license documentation.

Failing to do so can lead to OSS license violations, which may result in the suspension of software use or claims for damages. It is necessary to ensure that accompanying documentation is included when delivering the developed product.

Special Conditions Such as Usage Restrictions and License Compatibility

Some OSS may have restrictions on usage or license compatibility.

For example, the European Union Public Licence (EUPL), formulated by the EU, allows for the replacement with a compatible license upon redistribution, but that compatible license must be one officially defined by the EUPL. Additionally, there are restrictions on the compatibility of the Mozilla Public License (MPL) version 1.1 created by the Mozilla Foundation with other OSS.

When selecting OSS, it is necessary to check not only the license terms but also to ensure that no issues will arise by comparing them with the business plan and sales strategy of the development project.

Risk of Infringing Third-Party Copyrights and Patent Rights

Even with OSS, there are cases where the included code infringes on third-party copyrights or patent rights. For instance, this includes unauthorized copying and pasting of code or the inclusion of derivative works that are not license-compliant. It is essential to ensure that the software development contractor not only adheres to the licenses but also conducts thorough investigations into patent rights and copyrights.

Clarifying the Roles and Responsibilities of the Client and Contractor

In software development outsourcing contracts, there can be a misalignment between the client (ordering party) and the contractor (receiving party) regarding the understanding of and responsibility for OSS.

Particularly, if it is not specified in the contract who will conduct the license investigation and compliance checks, or who will be responsible in the event of an issue, there is a risk of disputes arising later on. It is crucial to clearly define these roles and responsibilities in the software development outsourcing contract.

Case Studies of Troubles Involving Open Source Software (OSS)

Case Studies of Troubles Involving Open Source Software (OSS)

Let’s examine case studies of troubles related to OSS and what can happen when software development is outsourced.

Notable Violation Cases Domestically and Internationally

In the past, there have been instances where companies faced product shipment halts and litigation due to OSS license violations. For example, a router development company was sued for violating the GPL license, resulting in an injunction against sales and an order to pay damages.

In similar cases where software development is outsourced, the company may end up claiming the losses incurred from injunctions and damages against the contractor.

Related article: What is an OSS License Violation? Risks and Countermeasures Companies Should Know, Explained with Case Studies

Legal and Business Losses Incurred Due to OSS License Violations

OSS license violations can lead not only to legal liabilities such as injunctions and damages but also to business losses like reputation damage and customer attrition. Legal claims against the contractor alone may not cover all the losses, making it imperative to avoid such situations.

Essential Clauses to Include in Software Development Outsourcing Agreements Under Japanese Law

When drafting a software development outsourcing agreement that involves the use of Open Source Software (OSS), it is crucial to include certain clauses that address the associated risks.

Explicit Acknowledgment and Consent Clauses for OSS Use

The software development outsourcing agreement should explicitly state the possibility of using OSS and obtain prior consent from the client. Addressing the potential issues that may arise from using OSS in the contract is necessary. Clearly specifying which OSS will be used and to what extent in the software development outsourcing agreement can prevent misunderstandings and disputes between the client and the service provider.

Liability Sharing Clauses (Non-Conformity and Damages)

It is essential to clearly define the allocation of responsibilities in the event of a license violation or infringement of rights. For instance, if the developed software lacks the requested features, liability for non-conformity may be invoked. Without a clear agreement on who bears the responsibility for such license violations or infringements, disputes between the client and the service provider are inevitable. It is advisable to define in the contract the obligations for damages if the service provider uses OSS without authorization, or the extent of responsibility if the client instructs the use of OSS.

For more information on liability for non-conformity in system and software development contracts, please refer to “What is Liability for Non-Conformity in System and Software Development Contracts? Explaining the Amendments“.

Clauses on the Duty to Investigate and Comply with Licenses

In the software development outsourcing agreement, it is important to formalize the obligation of the service provider to investigate and comply with the licenses of the OSS used.

If it is not clear whose duty it is to investigate and comply with the licenses, disputes may arise between the client and the service provider if issues are caused by the use of OSS. By stipulating in the contract that the service provider is responsible for investigation and verification, it is possible to prevent disputes and clarify responsibilities before they occur. Additionally, establishing a duty to provide information on license changes or vulnerability reports can facilitate smooth post-delivery support.

Clarification of Source Code Disclosure Scope and Delivery Format

It is important to clearly define the scope of the source code to be delivered, including the distinction between the parts that include OSS and those that are proprietary.

By specifying the extent of source code disclosure and delivery, it is possible to avoid legal violations and disputes while fulfilling the disclosure obligations required by OSS licenses and balancing confidentiality obligations. Practical solutions, such as providing the OSS portion in binary form in the case of copyleft, are also necessary.

Practical Measures for Using Open Source Software (OSS) Under Japanese Law

Practical Measures for Using Open Source Software (OSS) Under Japanese Law

When utilizing Open Source Software (OSS) in software development, practical measures that become necessary include pre-listing the OSS intended for use, scrutinizing licenses, setting up OSS management tools and ledgers, and establishing OSS usage policies and guidelines.

Pre-listing Intended OSS and License Scrutiny

Prior to starting software development, it is crucial to inventory all intended OSS and scrutinize the terms of their licenses. This allows for the anticipation of potential risks and facilitates easier management.

Setting Up OSS Management Tools and Ledgers

When using OSS, it is advisable to implement management tools and ledgers to visualize and record OSS usage. Creating a Software Bill of Materials (SBOM) enables swift response to any license changes or the discovery of vulnerabilities.

Establishing OSS Usage Policies and Guidelines

By formulating OSS usage policies at the corporate or project level, you can provide consistent instructions to contractors. Documenting selection criteria for OSS and policies for each license type makes it easier to manage during software development.

The Necessity of Consulting a Lawyer for Software Development Outsourcing Agreements

When entering into a software development outsourcing agreement that utilizes Open Source Software (OSS), it is advisable to consult with a lawyer. Let’s examine the specific benefits this can provide.

Risk Analysis and Response from the Development Stage

As we have introduced so far, software development using OSS involves complex legal issues, such as which OSS to use, what kind of clauses to include in the contract, and how to establish a post-contractual check system. Consulting with a lawyer enables you to enter into an appropriate software development outsourcing agreement.

Outsourcing the Legal Department

Large companies may have their own legal departments that can coordinate with the development team. However, smaller companies often lack an in-house legal department. Considering the difficulty of securing talent proficient in both IT and law, the ability to outsource the legal department is a significant advantage.

Summary: Key Considerations for Software Development Contracts Utilizing OSS in Japan

When utilizing Open Source Software (OSS) in software development contracts in Japan, it is essential to have a precise understanding of the license terms and to establish clear responsibility allocation through the contract. Beyond technical convenience, it is crucial to thoroughly manage risks from legal and business perspectives to aim for safe and effective use of OSS.

Guidance on Measures by Our Firm

Monolith Law Office is a law firm with high expertise in both IT, particularly the internet, and legal matters. Our firm provides contract drafting and review services for a wide range of cases, from Tokyo Stock Exchange-listed companies to venture businesses. For more information on contract drafting and review, please refer to the following article.

Areas of practice at Monolith Law Office: Contract Drafting & Review, etc.

Managing Attorney: Toki Kawase

The Editor in Chief: Managing Attorney: Toki Kawase

An expert in IT-related legal affairs in Japan who established MONOLITH LAW OFFICE and serves as its managing attorney. Formerly an IT engineer, he has been involved in the management of IT companies. Served as legal counsel to more than 100 companies, ranging from top-tier organizations to seed-stage Startups.

Category: IT

Tag:

Related Articles

Guidelines for NFT Random Sales: Types that do not fall under gambling crimes

Guidelines for NFT Random Sales: Types that do not fall under gambling crimes

IT

What are the Points to Note in SES Contracts? Explaining the Contract Between the Vendor and the Engineer

What are the Points to Note in SES Contracts? Explaining the Contract Between the Vendor and the.

IT

What Are the Rules Under Japanese Law Governing the Issuance, Holding, and Transfer of NFTs?

What Are the Rules Under Japanese Law Governing the Issuance, Holding, and Transfer of NFTs?

IT

What are the Project Management Obligations in System Development?

What are the Project Management Obligations in System Development?

IT

Does Prompt Have Copyright? A Comprehensive Explanation of Intellectual Property Rights in the AI Era

Does Prompt Have Copyright? A Comprehensive Explanation of Intellectual Property Rights in the A.

IT

Explanation of the Regulation of Stablecoin

Explanation of the Regulation of Stablecoin

IT

Explaining the Terms of Use for ChatGPT: What Are the Considerations for Commercial Use?

Explaining the Terms of Use for ChatGPT: What Are the Considerations for Commercial Use?

IT

The Legal Issues in Blockchains and NFT games

The Legal Issues in Blockchains and NFT games

IT

Can a System Development Contract Be Established Without a Contract Document?

Can a System Development Contract Be Established Without a Contract Document?

IT


tag

Advertisement Review AI (ChatGPT and others) Contract Drafting and Review Cross-border Crypto Assets and Blockchains Cybercrime General Corporate ID of the Defamatory Statement Internet IPO IPO in Japan IT Legal Support for VTuber Legal Support for YouTuber M&A M&A of SNS Accounts Mitigating Reputational Damage Personal Information Protection System Development Terms of Use

Weekly Popular Articles

Return to Top