The Federal Circuit Recognizes Enforceable Rights in Works Subject to “Open Source” Copyright Licenses
In Jacobsen v. Katzer, No. 2008-1001, 2008 U.S. App. LEXIS 17161 (Fed. Cir. Aug. 13, 2008), the United States Court of Appeals for the Federal Circuit recently held, for the first time ever, that copyrights in materials licensed to the public via “open source” license agreement may, in certain circumstances, be enforced in an action for copyright infringement, and not merely through the traditional means of an action for breach of contract based upon the terms of the “open source” license agreement.
“Open source” or “public” copyright licenses allow copyright owners (the most common of whom these days are authors of computer software source code) to retain a degree of control over their works while simultaneously allowing the general public, for free, to use, copy, and even modify the original works, so that, through collaboration, a better and more useful work will result and become part of the public domain. For example, open source software licenses allow computer programmers to view copyrighted computer source code and make changes and improvements to it. Through collaboration, computer programs can be written and debugged faster and cheaper than if the copyright holder were required to do all of the work independently. In exchange for this collaboration, the copyright holder permits users to freely copy, modify and distribute the software code.
The benefits associated with open source licenses are vast. In Jacobsen, the Federal Circuit noted that the Massachusetts Institute of Technology, (“MIT”), licensed all of its 1,800 courses to the public through an open source license. See Jacobsen, 2008 U.S. App. LEXIS 17161 at *10. In addition, the GNU/Linux operating system, Perl programming language, Apache web server, and the Firefox web browser have all been licensed to the public through open source software licenses, as well as the collaborative Internet-based encyclopedia called Wikipedia. Id. By some estimates, there are close to 100,000,000 works licensed under various open source licenses. Id. The Wikimedia Foundation estimates that the Wikipedia website has more than 75,000 active contributors working on some 9,000,000 articles in more than 250 languages. Id. Thus, individuals and businesses use open source copyright licenses to shift the cost and burden of making successive revisions to software source code. Commercial software developers often adopt open-source software components and include them in their own applications. Some open-source implementations of commonly-used technologies are so widely adopted in commercial software applications that they have nearly become de facto industry standards.
However, prior to August 13, 2008, no United States federal court had recognized any enforceable rights in works that were subject to “open source” copyright licenses. While copyright owners have long been able to sue infringers for breaches of the terms of open source copyright license agreements, prior to August 13, 2008, they had not been successful in suing infringers of the copyrights in the underlying works for copyright infringement, usually because the act of copying was permitted under the terms of the open source license.
In Jacobson, the plaintiff, Robert Jacobson, was the author of a computer program called DecodePro. It allowed model railroad hobbyists to use their PCs to program the decoder chips that control model trains. DecodePro source code files were available to the public through a website called SourceForge. Jacobsen’s “open source” copyright license agreement allowed copying of the DecodePro source code so long as Jacobsen’s name and SourceForge’s name were included in the copy, along with a description of how the files or source code had been changed from the original version. The defendant, Katzer, developed a competing program that included portions of the DecodePro source code. However, Katzer’s source code did not identify Jacobsen or SourceForge and did not identify the changes he made to the DecodePro source code. Jacobsen sued Katzer for violating the terms of the open source copyright license agreement.
The district court held that there could be no copyright infringement because the open source copyright license agreement contained an intentionally broad grant of copyrights to the general public which included, among other things, the right to copy the software.
The Federal Circuit disagreed. It held that the license agreement’s requirement of attribution (i.e., the requirement that Jacobsen and SourceForge be identified in both verbatim and modified copies of the source code) and the requirement that modifications from the original source code be identified in modified versions were contractual conditions. The court held that, because the conditions were not satisfied, Katzer’s use of the DecodePro source code exceeded the scope of the open source license agreement and, therefore, infringed upon Jacobsen’s copyrights in DecodePro. The court stated:
Copyright holders who engage in open source licensing have the right to control the modification and distribution of copyrighted material . . . The choice to exact consideration in the form of compliance with the open source requirements of disclosure and explanation of changes, rather than as a dollar-denominated fee, is entitled to no less legal recognition . . . It is outside the scope of the [open source license] to modify and distribute the copyrighted materials without copyright notices and a tracking of modifications from the original computer files.
Jacobsen, 2008 U.S. App. LEXIS 17161 at *19-20. Through this decision, the Federal Circuit has effectively extended the law of copyright infringement to encompass the breach of terms contained in open source license agreements, provided, however, that those terms are construed as contractual conditions precedent to the transfer of rights from the copyright licensor to the licensee. Those who violate the terms of open source license agreements are now potentially liable for statutory damages and attorneys’ fees under the Copyright Act of 1976 (i.e., 17 U.S.C. § 101, et seq.). Moreover, infringing conduct may be enjoined if irreparable harm is likely or has occurred as a result of the breach.
Big companies such as Oracle, IBM, and Sun Microsystems have all engaged in open source software development. Jacobsen is a significant decision because it will very likely lead these companies to expand their open source development efforts and will very likely encourage other commercial software developers to engage in open source software development.
Nevada's New Encryption Law
by John L. Krieger
Consistent with many other states in the Union, Nevada is committed to protecting the personal information of private citizens. Nevada’s new encryption law, which just went into effect on October 1, 2008, adds another layer of protection to the state’s privacy laws. If you own or operate a business in Nevada, you need to be aware of the new law and talk to your IT people to make sure your business is in compliance.
Under the new law, a business in the state of Nevada is required to encrypt the electronic transmission of a “customer’s” personal information before it can be sent outside the business’s “secure system.” The law defines “encryption” as the “use of any protective or disruptive measure, including, without limitation, cryptography, enciphering, encoding or a computer contaminant,” to prevent or impede access to any data, information or program or that causes the data, information or program to be unintelligible or unusable. At its most basic level, encryption is a means of preventing an unauthorized person from obtaining certain electronic information from your computer or system.
The new law exempts electronic transmissions made by facsimile from compliance. However, it’s questionable whether a fax sent via email or network scanner – as opposed to a traditional fax machine – would constitute a “facsimile” for purposes of the exemption.
The law doesn’t define the terms “customer” and “secure system of the business.” To be safe, though, the law should be interpreted broadly enough to cover any electronic transmission outside of a company’s firewall-protected local network.
The new law doesn’t contain any criminal penalty provision. However, violation of the law would most likely serve as the basis for a civil lawsuit by a customer seeking restitution due to a business's negligent disclosure of the customer's personal information. At the very least, a violation of the law might provide evidence of poor business practices.
Importantly, there are two vague areas under the law that could become a trap for the unwary. First, the new encryption law borrows the definition of “personal information” from another Nevada statute that is devoted to the security of personal information. In this other statute, “personal information” is defined as a natural person’s first name or first initial and last name, combined with either that person’s: (1) social security number, (2) driver’s license or identification card number, or (3) account number, credit card number, or debit card number, in combination with any required security code, access code, or password that would permit access to the person’s financial account. Throughout that statute, the term “personal information” appears without a modifying term in front of it. The new encryption law, however, includes the word “any” before the term “personal information.” Whether “any personal information” under the new statute will break apart the required combination of a name and some other identifying information and be read broadly to encompass any one element of the “personal information” combination will be something the Nevada courts will have to decide.
Second, the new law applies to businesses in the state of Nevada. What constitutes “in the State,” however, is not clear. Certainly, companies incorporated in the Nevada would fall under the law. But, businesses located outside of Nevada should not automatically assume they don’t have to comply with the law. It’s not unreasonable to assume that a Nevada court would look at the holdings in past cases and apply general “conducting business” principles, which look to the nature of the business and the quantity of business conducted in Nevada. The Nevada court could find that the nature and quantity of the out-of-state's business justifies finding that a “foreign” company is a business “in the State” for purposes of the new law.
Companies subject to the law should take action now to ensure they’re compliant with the law. The company’s e-mails and data transfers to third parties could be covered and, therefore, require industry standard encryption. Although the new encryption law may not apply to personal information stored on a server or laptop, Nevada’s other privacy statutes would protect the disclosure of personal information from those sources. Companies would do well to modify their practices and update their internal policies to cover stored as well as transmitted data.
United States District Court Clarifies Ground Rules for Metatag Usage
By Shane Olafson
In Soilworks, LLC v. Midwest Industrial Supply, Inc., 2008 WL 3286975 (D. Ariz. Aug. 7, 2008), the United States District Court for the District of Arizona confronted the issue of trademark infringement via the use of metatags. Metatags are unseen lines of computer code that allow search engines to direct searchers to relevant sites. Companies regularly promote themselves on the Internet by using metatags to direct search engines to their websites. In an of itself, this is a perfectly acceptable practice. Problems arise, however, when companies use their competitors’ trademarks as metatags for the purpose of redirecting their competitors’ customers to their own websites. That is exactly what happened in Soilworks.
The Soilworks court noted that, because metatags are invisible to website visitors, the traditional test for trademark infringement (likelihood of consumer confusion) was not readily applicable. The court also noted, however, that there exists a variation of trademark infringement that does not require such confusion. Under the “initial interest confusion” theory of trademark liability, liability accrues when the defendant uses the plaintiff’s mark “in a manner calculated to capture initial consumer attention,” regardless of whether consumers were likely to be confused about the source of the products.
Courts in the Ninth Circuit (including Arizona) have varied in their analysis of how initial interest confusion is to be established in metatag cases. In Soilworks, the court noted the prior inconsistencies, and clarified that a modified approach should be taken with respect to metatags. Specifically, the court noted that, while not perfect, the traditional eight-factor test for assessing consumer confusion (commonly known in the Ninth Circuit as the Sleekcraft factors) should still be looked to for guidance. The court adopted a modified analysis, identifying the “three most important factors in the context of the Internet,” or the "Internet trinity." Namely, the similarity of the marks, the relatedness of the parties’ goods or services, and the marketing channels used. Because all three factors favored a finding of initial interest confusion, the court granted summary judgment and found the metatag user liable for trademark infringement under the Lanham Act. With respect to the remaining five Sleekcraft factors, the Court noted that they either favored a finding of infringement, or were "of little import in the initial interest confusion analysis."
In sum, companies with an Internet presence must be very careful regarding use of a competitor's trademarks within metatags or keyword advertising. Even in the absence of any actual customer confusion, the initial interest doctrine may act to impose liability for such use.
One-on-One with Jonathan Fountain
What is your most important possession?
The little green turtle that my grandmother made for me when I was very young.
Who are your real-life heroes?
My mother. She raised me by herself while working full time as a “camera” girl and later as a “cigarette girl” at various Las Vegas Strip resorts.
Who have been your mentors?
There have been several. Many of the partners in Lewis and Roca’s intellectual property practice group including Michael McCue, West Allen, and John Krieger; and Fred Acomb and Michael Hartmann at Miller, Canfield, Paddock and Stone in Detroit, Michigan.
What is your most marked characteristic?
I think that I’m a good listener; it makes me a more effective lawyer.
What is the toughest decision you’ve had to make?
Leaving Las Vegas to attend law school at the University of Michigan.
How would your friends describe you?
What is something nobody would guess when they first meet you?
That I was born and raised in Las Vegas.
What is your favorite free-time activity?
Going out of the way places in my Jeep.
If your life was a movie, who would you like to play you?
It’s a toss up. Either Denzel Washington or Glenn Close
To view this newsletter in PDF format click here.
This Newsletter has been prepared by Lewis and Roca LLP for informational purposes only and is not legal advice. Readers should seek professional legal advice on matters involving these issues.