Monday, May 17, 2010

Will the Defensive Patent License be able to make patents 'less evil' for Free and Open Source Software?

About a week ago, a NetworkWorld article entitled "The Defensive Patent License makes patents less evil for open source", reporting in advance on "a software patent license in the image of the GPL" that is being developed by two law professor from UC Berkeley, drew a significant level of attention in the FOSS community.

While I agree with the FFII's very skeptical view on "collective shields against software patents", I have a lot of respect for Jason Schultz, one of the two authors of the upcoming Defensive Patent License ("DPL"). As a staff attorney with the Electronic Frontier Foundation, he was involved with a number of high-profile intellectual property cases, consistently defending the freedom to innovate.

If the disease can't be cured, let's at least deal with some of the symptoms

Software patents are becoming an ever bigger problem:Unfortunately, the push for the total abolition of software patents hasn't made any headway at all in quite a while. Five years ago, the European Parliament threw out a proposal for an EU software patent law that would have exacerbated the situation. This was a major victory for the FOSS community to which I'm proud to have made my contribution with the NoSoftwarePatents campaign.

Since then, there hasn't been any legislative process on substantive patent law (the rules for what can and cannot be patented) in any major market in the world, and the anti-software-patent movement simply hasn't been able to launch any initiative of its own. A new worldwide campaign, EndSoftPatents.org was launched, and I wish Ciaran O'Riordan best of success with it, but I can't see any tangible political progress.

As long as businesses are either in favor of software patents (basically all large IT companies and also some small and medium-sized ones) or only speak out against them without putting their money where their mouth is, politicians won't change anything. It's equally non-obvious to a non-programmer why software patents are bad as it is to a vast majority of programmers why they are undesirable. Almost all politicians are non-programmers and as long as there isn't "muscle behind the hustle" in business terms, they won't abolish software patents against the will of big industry. On the contrary, Europe is working on a broader patent reform that critics such as the FFII believe will strengthen software patents.

In light of the overall situation, I do believe that initiatives such as the Defensive Patent License (DPL) should be evaluated thoroughly and pragmatically. They won't do away with software patents and they don't claim to. Can they still be helpful in some ways? What are their strengths and weaknesses, possibilities and limitations? Let's try to be constructive.

The DPL is still work-in-progress

It's too early to comment on the details of the DPL because, as the aforementioned NetworkWorld article explains, it hasn't been finalized yet.

There's no definitive release date. I've received indications that it won't be this month. It might be sometime next month, but it could also be later.

Nevertheless, I felt it made sense at this point to write down some general thoughts that don't depend on what exactly will be in the final version of the DPL, such as my previous rationale for approaching this constructively.

The DPL is not FOSS-specific -- but it's FOSS-like and the FOSS movement could be a key beneficiary

The aforementioned NetworkWorld article on the upcoming Defensive Patent License (DPL) puts it into a FOSS context, and the similarity between the two acronyms GPL (General Public License) and DPL (Defensive Patent License) isn't coincidental: the authors of the DPL indeed think of a somewhat GPL-like approach to sharing intellectual property.

But it's important to keep in mind that the DPL isn't tied to any particular software licensing model. Participation will be open to proprietary/closed-source developers just as well, without requiring them to switch a FOSS license for their program. The DPL will only affect their patents.

Absolutely zero deterrent effect on "patent trolls" (non-producing entities)

One thing that can already be said, even before the DPL is published, is that there's just no way it could possibly have even the slightest deterrent effect on a so-called "patent troll" (a non-producing entity asserting patents against companies that, unlike a troll, have actual products on the market).

The only way that owning patents can serve as a deterrent that makes others think twice before attacking you with their patents (and ideally makes them refrain from doing so) is if you own patents you could use against them: mutually assured destruction (or if not destruction, then at least "mutually assured damage").

That concept described the role of nuclear weapons in the Cold War. It can apply to a situation involving two companies with products on the market: both would have to fear that the other can prevent them from continuing to sell their products. But a "troll" doesn't have products and therefore you can't hurt him with your own patents.

It's amazing how many commentators (professional journalists as well as commentators in online forums) who write about patents don't know that basic fact. That's why it's so important to explain it over and over: Trying to use patents against a troll is a non-starter because you don't have any target to attack, no country on which you can drop your own nuclear bomb.

The only way you can hurt a troll is by getting his patents invalidated. I'll address that in the very next paragraph.

Patent busting isn't a matter of having any patents of one's own

If you destroy all of them (or at least all those that have any commercial value), you can destroy the troll's business. But for the process of invalidation, it doesn't matter whether you own any patents yourself. The judges won't care.

If you want to get a patent invalidated, it may be helpful to show prior art (earlier inventions that show that the patentee wasn't the first to come up with something and therefore shouldn't have been granted the relevant patent.

Prior art is not the only way to invalidate patents but it's probably the most common one. That's because patent offices often fail, especially in the field of software, to really find out all of what's already been created. A large number of patents that are granted can therefore be invalidated.

A patent is one of various forms of prior art that can help to get another patent invalidated, but then it doesn't matter who owns it. All that matters is when it was filed: before or after the patent you try to take down.

If an open-source project publishes some timestamped code, that is just as useful for purposes of patent invalidation as a patent application (but without the hard and soft costs of the latter). Even if potential future use as prior art played a role in your decision to file for patents of your own, you wouldn't need the DPL for that purpose. So the DPL must deliver benefits in respects other than prior art.

Deterrent/retaliatory potential

Having identified "patent trolls" and "prior art" as two areas in which the DPL won't be able to add any value (not just very little value but literally zero value), let's now look at a field in which it will be very hard but maybe (or I should say: hopefully) not impossible for the DPL to have a noteworthy useful effect: retaliation.

At least those patent holders who have products of their own on the market certainly have to consider whether they attack a "have-not" with no patents of his own or someone who may have one or more patents he could use for retaliatory purposes in order to achieve a non-aggression pact, which in connection with patents is typically called a cross-licensing deal.

Like I said, the DPL hasn't been finalized yet. I haven't been able to obtain any information about its content beyond what NetworkWorld reported. If I took the NetworkWorld article literally, I would have to conclude that the DPL isn't going to increase a participant's retaliatory potential either. If you're a little guy and have only a few patents of your own, the DPL -- based on what NetworkWorld writes -- wouldn't give you any more leverage in dealing with a mega patent holder. You could -- based on that article -- use only your own patents to make a counterthreat, not those of other supporters of the DPL. But to file for your own patents, you don't need the DPL: to do so, you need a patentable idea and a patent attorney and have to pay the same fees with or without the DPL.

It could be that there are clear legal limits for the extent to which a a license for patent-sharing can actually accomplish the objective of enhancing every participant's deterrent potential. Maybe it just isn't possible for a license such as the DPL to enable you to use anyone else's patents for retaliation, in which case one couldn't blame the authors of the DPL for having missed an opportunity but one would nevertheless have a factual basis for calling into question the usefulness of the DPL.

However, since the DPL is still work-in-progress, I still have hopes that maybe there will be a positive surprise as far as the concept of "mutually assured damage" is concerned.

Access for those who don't own patents yet

[Update] It has meanwhile been confirmed to me (but wasn't clear to me based on the reports I had read) that the DPL will also be accessible to a company that doesn't have patents yet but commits for a certain period of time to offer any future patents of its own (if and when it will obtain any, without being required to do so) under the DPL. It's a good idea that the benefit of the DPL will be available to those who make such a commitment in order to broaden the target audience to which the DPL is appealing and to encourage participation even by those who so far haven't played the patent game at all. [While I have been able to receive direct information from the DPL's authors concerning this aspect of the DPL, they haven't yet had a chance to comment on my other observations. I might do a follow-up post should I receive further feedback.]

FOSS projects and legal entities

I'm also curious to see how FOSS projects will be able to accede to the DPL. In case of projects run by companies (JBoss and MySQL were, prior to being acquired, examples of that approach), it would be easy. It might also work for foundations such as Mozilla and Xiph.Org. But what about other FOSS projects which basically exist as virtual teams on SourceForge and similar sites, without any formalized umbrella? We will see when the DPL is published if and how its authors plan to involve such projects.

One clearly intriguing aspect: the all-or-nothing approach

Of the few things that have become known about the DPL so far, there's one that I really consider very intriguing:
Members of the DPL contribute all of their patents in their patent portfolio – they don’t pick and choose (and this is what differentiates it from other defensive patent pools).
This commit-all-or-go-home approach would at the very least make the DPL a litmus test for patent pledges. If the DPL achieved a significant degree of acceptance, then anyone who made or will make a "pledge" related to only a subset of his patent portfolio can be asked: if you're for real, why didn't you go with the DPL? Why did you decide to reserve other patents for aggressive purposes?

The first open-source patent pledge was made by IBM in January 2005, and I criticized it very harshly that same day. I said that IBM was just being hypocritical. I pointed out on that occasion and also later that year, in a slashdot op-ed entitled "Patent Pools and Pledges - Panacea or Placebo?", that it just wouldn't work if a mega patent holder like IBM makes a one-time pledge of 500 patents while obtaining that number of new patents roughly every month.

As IBM's use of patents to intimidate the founder of the Hercules open-source mainframe emulator shows, IBM still had a large number of non-pledged patents to bring into position against Free and Open Source Software and the very notion of interoperability. Of the 173 patents IBM asserted (67 of them pending), 171 (99%) were outside the pledge anyway, but to add insult to injury, IBM also used two of its 500 once-pledged patents. Not only did IBM prove that a pledge of 500 out of tens of thousands of patents is practically worthless but also did IBM demonstrate that it would try to bring up utterly absurd arguments for not letting an 11-year-old open-source project benefit from the pledge. A French magazine (LeMagIT) found the best way to describe that kind of pledge on its website: Promesse à géométrie variable (a promise whose scope can be redefined afterwards)

So the original "patent pledge" concept has been an abject failure. I've opposed it from Day One, a fact that is well-documented on the Internet. Five years later more people than ever will agree with me that it was just a PR stunt by IBM (then followed by others, such as Sun Microsystems). It was meant to kill two birds with one stone: lulling politicians and FOSS developers into a false sense of security concerning patents and misleading everyone as to the patent-related intentions of IBM, not only the biggest patent bully on the block but also one of the most ruthless ones.

By contrast, I have no doubt that the authors of the DPL are absolutely sincere and really want to protect not only FOSS but also other software developers to the extent that a license can help reduce the threat from patents. The contribute-all-or-nothing rule is part of that honest approach.

How useful the DPL is going to be remains to be seen. Being better than IBM's and similar pledges is a low hurdle and I'm quite confident the DPL will set a far higher standard in that regard. The toughest test, however, will be inhowfar such a initiative can affect not only the decisions of benevolent parties but also those of malicious aggressors. Only getting the "good guys" to contribute to a defense initiative isn't enough to make a really noteworthy difference if there isn't going to be a major impact on the "bad guys". That will be a key criterion for gauging the potential effectiveness of the DPL.

For now we have to await its publication, then its adoption. I definitely look forward to seeing and reviewing it and will then post my comments on it to this blog.

If you'd like to be updated on patent issues affecting free software and open source, please subscribe to my RSS feed (in the right-hand column) and/or follow me on Twitter @FOSSpatents.