Some Linux Users Violate Sarbanes-Oxley 233
Goyuix writes "According to the IT Observer, publicly owned companies who are using Linux, could be violating the federal securities laws as part of Sarbanes-Oxley. The article goes on to say that companies are required to "disclose ownership of intellectual property to their shareholders." How are these companies supposed to really list out all the IP owners if they were to install a full desktop or server environment - there could be literally thousands of parties listed! What are the current Fortune 500 companies doing, as many of those use Linux in one form or another?" update several people have pointed out that this is about companies who are violating the GPL, not everyone.
Not just Linux (Score:5, Insightful)
Ownership != utilization (Score:5, Insightful)
Can't violate the GPLv2 if all you do is use Linux (Score:2, Insightful)
Mere use of Linux by a company cannot ever be a violation of the GPLv2 that Linux is licensed under.
This is FUD issued by a company that wants you to buy their BSD based embedded OS product.
explain to me again (Score:4, Insightful)
i'll have to read again, but it looks like this is f/oss trying its hand at the fud game.
What are the Fortune 500 doing? (Score:4, Insightful)
The auditors don't seem to be having a problem with it. Wonder how much Microsoft paid IT Observer for that FUD?
What a stupid misleading article (Score:2, Insightful)
"But if companies violate the license, the consequences can be more severe than they think. If companies are violating the GPL, they don't have the right to use that software. And if they don't have the right to use the software, they're violating federal law if they claim that they do."
Well no poop? So they're saying that violating the GPL is like violating an EULA
Wasabi Systems? (Score:2, Insightful)
The same Wasabi Systems that sells products based on NetBSD?
Yeah, no bias there.
In the past, such violators were merely required to release their code to the public
The article is also wrong in that it spreads the "forced open source" myth. GPL violators aren't required to release their source code. They FSF generally asks them stop infringing on the copyright of the GPL software.
One way to do that is to comply with the GPL, another is to stop using GPL software. They don't have to release any code they don't want to.
GPL Violation == Sarbanes Oxley Violation (Score:4, Insightful)
This is because they are required to list what intellectual property the company owns to shareholders and if it is later found out that the company doesn't really own it, because it is based on a GPL'd software, then is that a Sarbanes-Oxley violation.
I'd have to say, it looks like one, but I'm no MBA, nor a JD.
Any OS? (Score:2, Insightful)
Wasabi is a Bad BSD Vendor (Score:3, Insightful)
Although started by some really bright netBSD folks, they've ejected all of their really bright founding engineers and are resorting to scare-tactics and other garbage like this to try to gain market share.
Stupid tricks like this hurt free software in general. I hope Wasabi garners enough ill-will from this stunt to hurt their business in a serious way.
Re:Not just Linux (Score:3, Insightful)
But I don't know how "violation of the GPL" really connects with "ownership of IP."
From TFA:
"According to the study, the problem lies with the requirements of the Sarbanes-Oxley Act that companies disclose ownership of intellectual property to their shareholders. The study indicates that dozens of companies are discovered each year to have violated the terms of GPL, and if they are public companies, they are violating Sarbanes-Oxley."
Huh? Taking this statement at its face value: A company that receives software under the GPL does not "own" any "IP." They merely have a license to use the IP embedded in the software. Whether or not they violate that license has no bearing on "ownership" of IP... and if they don't "own" any IP in the GPLed software, then they haven't violated Sarbanes-Oxley by failing to "reporting" any kind of ownership.
"Linux is a powerful operating system," says Jay Michaelson, an author of the study and Wasabi Systems' General Counsel. "But if companies violate the license, the consequences can be more severe than they think. If companies are violating the GPL, they don't have the right to use that software. And if they don't have the right to use the software, they're violating federal law if they claim that they do."
Huh? Last I checked, the GPL was a private license. If they violate a private license in any way, then they are liable for breach of contract, which is in no way "federal law." The only "federal laws" they are violating are federal IP laws - but again, those laws only create private causes of action by the IP owners. License violations do not create liability to the federal government (unless the federal government actually owns the IP.)
As best I can tell from TFA, this gentleman means that companies are modifying GPLed code and then reporting it to shareholders as their "owned" IP - but that this claim of IP "ownership" is incorrect and fraudulent, since their violation of the GPL precludes them from "owning" their modifications. But TFA is way too light on details to be confident of this interpretation... and I'm not completely sure that the GPL works that way, anyway.
- David Stein
Missing the bigger picture (Score:4, Insightful)
"WHAT is the main reason and who are the authors behind the SOX wording" about this disclosure requirement.
It COULD be a specious attempt by lobbyists on the part of their supporters to FORCE the companies using GPL/FLOSS/Linux to disclose themselves so that ms and their henchmen can start targetting the companies that (public or private) are using Linux/free/free software. It has the 'beneficial' effect of causing their competitiveness or chance of success to be diminished or at least perceived as rogue, reckless, uninformed...
Moreover, it indirectly helps ms by causing the commercial (non- or anti-Linux/GPL/FLOSS) companies/developers to target and entice those companies 'back into' the fold if they have escaped or managed to get one foot out of the field.
This isn't to say that employees don't talk. Of course employees talk, whether complaining or bragging about their companies. BUT, by forcing companies to list that they are anti-ms or unwilling to be 100% in ms' farm, then the shareholders who WANT to be in ms' fold (for stock/portfolio reasons) just MIGHT call for the necks of the IT managers.
Just one jaded/cynical/scary thought...
Anyone else can add to or refine my ideas here...
Re:Can't violate the GPLv2 if all you do is use Li (Score:3, Insightful)
That's a nonsensical statement. Copyright protection does not need any triggering.
> The FSF has said they don't care about modifications that you don't
> distribute, but legally the GPL does apply to you if you merely
> modify without distributing, since it is the only license that
> grants you rights that you would not normally have under copyright
> law.
A distinction without a difference. Modifying without distribution does not require anything of you.
Not using, abusing (Score:3, Insightful)
The article said that if you violate the GPL, you violate SOx. This would therefore be A Good Thing (TM) as it would give even more power to the FSF to clear up abuses.
Misinterpreting articles in this way sends the wrong message to managers, however, who might think they're better off with M$. And no, managers don't read the article.
IMHO, the same company would be violating SOx as much if they bundled any M$ or other proprietary DLL/EXE/bitmap image into their software without explicitly mentioning it.
Yum yum yum, I love FUD (Score:5, Insightful)
Why stop at Linux, or free software in general? If a company makes an embedded device that uses a pirated copy of a proprietary RTOS, that would violate the Sarbanes-Oxley law too.
This seems to me a fundamentally good law (at least this provision): companies must not claim to have rights to use or distribute software, unless they actually do have those rights!
So why is anyone linking this provision to Linux?????? The only reason is because it's easy to get Linux for free, so incompetent people think they can do whatever they want with it. No one would make the same mistake with Microsoft software, simply because it's wrapped in a menacing 10 page EULA.
Thats nonsense and/or FUD (Score:3, Insightful)
Proof this article is pure FUD - Wasabi's agenda (Score:3, Insightful)
Although you would never know it from the title, the article refers exclusively to people who *violate* the GPL. It's like saying that people who drive cars may face jail terms for DUI.
Take a look at Wasabi Systems website: "Wasabi Certified BSD, a certified, tested, and optimized version of the BSD operating system, offers the rich functionality of BSD Unix without Linux's troublesome GPL License." In other words Wasabi is a direct competitor with GPL'd software. Right on the front page of Wasabi's web-site they are bashing the GPL. Nothing like an unbiased "study" I always say. I wonder who wrote the article, no mention of that. Hmmm.
"If companies are violating the GPL, they dont have the right to use that software."
Is that even acurate? My understand of the GPL is that it does not restrict, only distribution.