Open source software has powered the modern internet — from the Linux kernel running most of the world's servers to the libraries underpinning virtually every web application. But 'open source' does not mean 'without legal obligations.' Open source licenses are binding contracts, and the failure to comply with their terms has spawned some of the most consequential intellectual property disputes of the last three decades. As open source consumption has become universal, compliance has moved from a niche developer concern to a boardroom-level legal risk.
“Free software is a matter of liberty, not price. Think of free as in free speech, not as in free beer.”
— Richard Stallman
The GNU GPL and the Copyleft Revolution
The GNU General Public License (GPL), first published by Richard Stallman and the Free Software Foundation in 1989, introduced the concept of 'copyleft' — a licensing mechanism that uses copyright law to ensure that derivative works remain free and open. Under the GPL, anyone who distributes software that incorporates GPL-licensed code must make the source code of the combined work available under the same GPL terms.
This 'viral' or 'reciprocal' requirement has been the source of enormous legal controversy. Companies that incorporate GPL-licensed libraries into proprietary products without understanding or complying with this obligation expose themselves to copyright infringement claims. The Software Freedom Law Center and the Software Freedom Conservancy have pursued GPL enforcement actions against companies ranging from consumer electronics manufacturers to automotive systems suppliers, consistently obtaining source code releases and compliance commitments. The Versata v. Ameriprise Financial case in 2015 was the first U.S. litigation to affirmatively assert that GPL compliance is a binding contractual condition, not merely a copyright notice.
MongoDB and the Server Side Public License
As cloud computing matured, open source projects faced a new threat: cloud providers offering managed services built on their code without contributing back to the projects. MongoDB, Redis Labs, Elasticsearch, and others watched as Amazon Web Services and other cloud giants launched competing managed services based on their open source projects, capturing substantial revenue without returning code or financial support to the original developers.
MongoDB responded in 2018 by releasing the Server Side Public License (SSPL), a new license that extends the copyleft requirement dramatically: any organization that offers MongoDB as a managed service must open source the entire software stack used to provide that service — including infrastructure automation, monitoring tools, and orchestration systems. The SSPL has been controversial within the open source community, with the Open Source Initiative declining to approve it as an open source license on the grounds that its reach is too broad. Nevertheless, it represents an important legal innovation in the ongoing battle between open source idealism and commercial reality.
The SCO Group vs. IBM and the Linux Ownership Claims
Between 2003 and 2010, the SCO Group pursued a series of audacious lawsuits claiming that IBM had improperly contributed SCO's proprietary Unix source code to the Linux kernel, and that Linux users therefore required a license from SCO. At its peak, SCO sent license demand letters to major corporations and claimed damages of billions of dollars.
The litigation ultimately collapsed entirely. Federal courts found that the Unix copyrights SCO claimed to be enforcing had never actually been transferred to SCO from Novell — the entity that had originally acquired the Unix business from AT&T. Without copyright ownership, SCO had no infringement claim to prosecute. By 2010, the core claims were resolved against SCO, and the company was left in bankruptcy proceedings. The saga stands as a landmark lesson in two areas: the critical importance of clear copyright ownership documentation in software transactions, and the resilience of the Linux ecosystem against legal attack.
Open Source Compliance in Modern M&A and Enterprise Practice
The legal risks of open source license non-compliance are no longer theoretical concerns for startups — they are material deal risks in mergers and acquisitions and enterprise software procurement. Sophisticated buyers now conduct rigorous open source license audits as a standard part of technology due diligence, using specialized tools to scan codebases for license conflicts, GPL-licensed components in proprietary products, and components with known security vulnerabilities.
Discoveries of GPL-contaminated code in a proprietary codebase, or of a company's failure to maintain required attribution notices or make source code available, have led to purchase price adjustments, escrow holdbacks, and even deal terminations. Enterprise software purchasers increasingly require vendors to provide a Software Bill of Materials (SBOM) — a comprehensive inventory of all open source and third-party components — as a condition of contract. Building a proactive open source governance program is no longer optional for any company that takes its software assets seriously.
Conclusion
Open source licensing has matured from a philosophical movement into a complex body of law with real commercial consequences. Whether you are a startup building on open source foundations, an enterprise consumer evaluating vendor software, or a company navigating a transaction where software IP is a key asset, understanding your open source obligations and rights is essential. Intel Trademark's licensing practice helps clients implement open source governance frameworks, conduct compliance audits, and resolve disputes with the technical depth and legal precision this area of law demands.
