The Significance of the Vizio Judgment for Open-Source Compliance Programs
In a recent ruling, the superior court of california has made a crucial decision that strenghtens the rights of consumers regarding products that contain Open Source Software (OSS). In the case of Software Freedom Conservancy Inc. (SFC) v. Vizio Inc., the court allowed a smart TV buyer to further pursue a breach of contract lawsuit against a product provider using open-source software in its source code, irrespective of copyright claims.
SFC, a nonprofit organization had purchased smart TVs from Vizio that contain software under the GNU General Public License (GPL) and GNU Lesser General Public License (LGPL). To redistribute code under those licenses, the code must be made available to the recipients - past court decisions already proofed that the conditions of the GPL/LGPL are valid and enforceable. Therefore, SFC wants Vizio to distribute the relevant source code to software developers and other consumers, so they could fix and enhance the software they purchased from Vizio.
Originally filed in 2021, SFC’s complaint alleges breach of contract. According to SFC, Vizio does not make the corresponding source code for these programs available to purchasers of its smart TVs. SFC claims that Vizio provided source code upon request but lacked essential files and scripts necessary for compiling the software.
What’s Different in this Case
SFC v. Vizio is not your regular GPL violation lawsuit as it is a breach of contract claim. Past GPL litigation always focused on infringement of copyright. For copyright infringement claims, the plaintiff is a copyright holder of the affected work, which means that only developers that contributed to the project can file suit.
The decision of the superior court now allows SFC to further pursue the breach of contract lawsuit after Vizio filed a motion for summary judgement to stop the suit. The court sees “sufficient evidence […] that suggests third parties were intended to benefit from the license through the right to receive the source code” (Minute Order in the Case Software Freedom Conservancy, Inc. vs. Vizio, Inc., 12/29/2023). While this doesn’t necessarily imply a direct violation of the GPL by Vizio, it does create an opportunity for consumers to initiate legal actions concerning the distribution of source code.
What Does It Mean for Businesses?
The Vizio judgment could set a precedent for companies using or intending to use open source software in their products. It might mean they not only have to worry about copyright claims from open source contributors but also contractual claims from open source licensees (customers) demanding access to the source code. While therer are a small number of copyright holders that can file a traditional copyright infringement claim, there are numerous consumers that could now be eligible to initiate litigation to enforce licensing terms. Additionally, this could mean that companies have an easy way to file lawsuits against competitors that lack full compliance. Therefore, the risk of being confronted with legal consequences just increased significantly. This heightens the relevance and value of open source compliance programs, designed to guarantee that companies adhere to all applicable licensing terms.
For companies with solid compliance programs, nothing really changes, especially if they are on good terms with the open source community. For companies without an open source compliance program, this ruling should be a wake-up call to establish a strong compliance program following existing best practices.
A basic compliance program should include the following:
-
Regularly review the open source software used in products and the licenses governing them. Use software composition analysis tools (SCA) to automate as much as possible
-
Ensure understanding of the obligations arising from the used licenses, particularly regarding the provision of source code or other information to third parties.
-
Implement policies and procedures to ensure compliance with these obligations. This involves providing copyright and license notices as well as providing the source code if the license demands it.
-
Train your employees to increase awareness.
-
Periodically audit and adjust your compliance program based on recent legal and industry developments
Final Thoughts
In conclusion, the Vizio judgment has the potential to completely change the license litigation landscape. This legal precedent underscores the critical importance of robust compliance programs for all businesses incorporating open source software into their products. Additionally, even companies with existing compliance programs should reevaluate and enhance their policies and procedures to reflect the heightened risk of legal battles.
What this signifies for the open-source community is a call to reinforce collaboration, transparency, and shared standards. The open source community and companies using open source should work collectively to improve compliance across the industry. This will help ensure that companies continue to use open source software heavily and open source in general continues to thrive and benefit everyone.