Use of Open-Source Software in Proprietary Software Products – Part 2

As previously discussed, when using Open Source Software in proprietary products, it is essential to take measures on a procedural level during software development to benefit from the advantages of Open Source products with minimal risks.

The risks do not solely arise from the use of Open Source itself but often also from the license agreements that software companies establish with their customers and partners regarding the use of their products. It is advisable to structurally and timely address the risks associated with the use of Open Source Software during the design of contract templates and in contract negotiations with customers and partners and to reasonably mitigate them.

Here are some examples from the contract practice of software vendors:

1. Limitation of Liability: Customers of software companies typically try to negotiate extensive liability clauses and indemnification provisions in software contracts. For software vendors, it is recommended to establish an arrangement that limits liability for any issues or damages that may arise from the use of Open Source Software in the products, either with a specific cap or for certain events only. If a customer does not agree to a complete liability exclusion for Open Source Software, one can work with so-called “Supercaps,” which are additional liability amounts that apply only to damages related to Open Source and which the software vendor may consider insuring.

2. Disclaimer of Warranty: Similar to liability, it is also advisable to exclude warranties for the functionality as well as the non-infringement of Open Source Software. For instance, solutions can be found that give the customer the assurance that only Open Source Software with appropriate license terms for the intended use is being used, emphasizing that the software is provided “as is.” Additionally, ISO 5230 certification for Open Source Compliance can serve as a good instrument to ensure that all components used are in compliance with this certification, providing a basis for a limited warranty.

3. Usage Restrictions: Clear usage restrictions are recommended, defining how customers can use Open Source Software in their products and processes and ensuring compliance with license requirements. This helps prevent potential license violations and liability risks.

4. Indemnification: Customers often demand extensive and unrestricted indemnification from software vendors, covering the above-mentioned warranties and ensuring that customers are not subject to claims from third parties (e.g., community developers). While such indemnification clauses are not necessary under German law, they have become common in German contracts due to the influence of US standards in this area. It is advisable to negotiate strict limitations for Open Source Software and specific application mechanisms for such clauses. If a software vendor is confident that their proprietary product is free from legal defects and legally “clean,” it may be beneficial to accept more far-reaching and unlimited liability and indemnification obligations towards the customer in exchange for excluding Open Source Software from these liability provisions. Simultaneously, it is advisable to agree on indemnification clauses obligating the customer to indemnify the software vendor from claims by third parties resulting from the customer’s neglect of their license obligations arising from the use of Open Source Software.

5. Customer Obligations: Customer contracts should include provisions requiring the customer to comply with Open Source licenses. The software vendor should ensure that the customer is aware of their responsibility for adhering to the license terms and that they may be liable if they fail to do so.

6. Regular Updates: Customers should be obligated to perform regular updates for the used Open Source Software to benefit from bug fixes and security updates and to ensure that the latest license terms are applied and transparent. This can be enforced through provisions in Service Level Agreements (SLAs) and support agreements, making their validity dependent on regular updates.

Especially enterprise customers place significant emphasis on contractual risks associated with the use of software connected to Open Source Software. When negotiating with such customers, consulting with an expert is essential. This allows finding a balanced and pragmatic alignment of both parties’ interests. Both sides can benefit from the use of Open Source Software without incurring high risks or additional complexity in negotiations. Often, more negotiation success can be achieved even with enterprise customers than initially expected. Open Source Software Compliance, in particular, is receiving considerable attention among enterprise customers, and there is a willingness to engage in discussions on this matter.