Software Integrity Blog

Author Archive

Steven S. Fang


Steven assists clients with technology and intellectual property matters, with a particular focus on software, the internet and digital media. He advises clients on the development, licensing, sale, acquisition, distribution, manufacture and supply of technology and content, whether in the form of ink on paper or mobile apps, online platforms and other media and channels. Steven counsels clients on matters relating to free and open source software (FOSS) and open access publishing (for example, Creative Commons), especially as they relate to mergers and acquisitions. He has successfully represented clients in over 70 Uniform Domain Name Dispute Resolution Policy (UDRP) proceedings and recovered hundreds of domain names. He has also successfully investigated and shut down many online operations that infringe client rights and damage client goodwill. Prior to joining KHRG, Steven practiced for 16 years in the Technology Commerce and Intellectual Property Groups at the New York office of Dorsey & Whitney LLP. Steven received his law degree from The University of Texas School of Law. He graduated from The University of Texas at Austin with a B.A. in Philosophy, receiving Highest Honors.

Posts by Steven S. Fang:


Facebook to open source community: Let’s make up

The cries for revolt rang loudly within the open source community, as discussed in my prior post on this subject, and there is apparently insufficient soundproofing at Facebook headquarters to shield its denizens from the cacophony. Facebook has announced that it will release its popular open source React, Jest, Flow and Immutable.js projects under the MIT license, abandoning the Facebook BSD+Patents license for those projects. The start of the trouble After the Apache Software Foundation tagged the Facebook BSD+Patents license as a Category X license, barring software covered by that license from inclusion in Apache projects, Facebook initially hunkered down and suggested that those voicing concerns about the Facebook license simply misunderstand it – basically, “It’s not me. It’s you.” Facebook insisted:

Continue Reading...

Posted in General, Open Source Security, Security Standards and Compliance | Comments Off on Facebook to open source community: Let’s make up


So Apache broke up with Facebook. How does that affect you?

Although the so-called Facebook BSD+Patents license has been in the wild for nearly three years, it recently became the subject of much commotion because the Apache Software Foundation tagged it as a Category X license, the group of licenses explicitly barred from inclusion in Apache projects. Apache’s decision affects only Apache projects, but the rationale for that decision may be of interest to others, particularly large companies or smaller ones that may have plans to be acquired. Addressing patent rights in Facebook’s open source In general, Facebook releases open source software under the 3-clause BSD license with an additional PATENTS file addressing patent rights. (See the new Facebook React license file.) The PATENTS file granted recipients of the covered software an express license to any Facebook patents that would necessarily be infringed through use of the covered software. However, that patent license automatically terminates if the recipient or any of its affiliates asserts a patent claim against:

Continue Reading...

Posted in General, Open Source Security | Comments Off on So Apache broke up with Facebook. How does that affect you?