Posted by Michael Riskin on January 3, 2018
There have been interesting developments on the GPL enforcement front of late. Earlier this year, a court in the Northern District of California (in the case of Artifex Software, Inc. v. Hancom, Inc., which was recently settled out of court) found that breach of the GPL license was also a breach of contract. Later, in the same matter, the court found that a plaintiff who dual-licenses software under both commercial and open source terms can base its monetary relief for breach of the open source license on the value of the commercial license fees it would have received from the defendant had defendant’s use of the software been licensed under the commercial license.
Back in April and May of 2017, many in the open source community were following closely the lawsuit by Artifex, the developer and licensor of Ghostscript, a PDF interpreter, against Hancom, a South Korean company that produces an office suite called Hancom Office, in addition to other products. Hancom had incorporated Ghostscript, which is licensed by Artifex under a commercial license as well as the GNU General Public License (GPL) (specifically the Affero GPL), into Hancom’s word processing software product.
At that time, Judge Jacqueline Scott Corley denied Hancom’s motion to dismiss, and in her order she addressed Hancom’s assertion that, because there was no signature by the parties to the GPL, there was no mutual assent and therefore no contract between the parties. The order explained that the license states that if a Ghostscript user makes use of the Ghostscript software without purchasing a commercial license, then the user accepts the terms of the GPL. Because Hancom did not obtain a commercial license but used the software, Hancom assented to the GPL license, thus creating a contract.
While courts have found that breach of an open source license can result in IP infringement, until now courts had not definitively ruled whether breach of an open source license is a breach of a contract. With Judge Corley’s ruling in the denial of Hancom’s motion to dismiss, and with Artifex and Hancom having reached a confidential settlement, this ruling remains on the books.
The court also addressed an important issue in open source law — whether an open source licensor can obtain an order requiring the licensee to distribute the source code to a derivative work it created. Although the court did not made a definitive ruling on the issue, it expressly refused to dismiss Artifex’s request for such an order. The court noted that this type of order is appropriate only if damages are impractical to calculate or inadequate and that “the ultimate imposition of such relief is extremely dubious.” Nevertheless, the court recognized that the obligation to share source code for derivative works under the GPL, so that others may further advance and develop the open source, is a key part of the consideration for an open source licensor to make its valuable source code available for free under the terms of the GPL. The court therefore left the door open for GPL licensors to argue in the future that money damages are inadequate to address the harm that comes from failure to share derivative works based on GPL software.
A lesser discussed aspect of the denial of the motion to dismiss was the issue of whether the copyright claim preempted the breach of contract claim. In order for the contract claim to be preempted by a copyright claim, the contract claims must address rights which are different from copyrights, such that the contract itself has an “extra element” to it beyond copyrights. Judge Corley examined whether the GPL license has such an element. She found that copyright law does not contain any open source obligations, and because the GPL contains specific obligations regarding a licensee’s making a derivative work open source and subject to the GPL, this obligation was an “extra element.” This analysis further supports the finding of a contract claim for breach of the GPL.
Furthering the “breach of the GPL is breach of a contract” thinking, the court in its September, 2017 denial of Hancom’s motion for summary judgment found that it was appropriate to measure damages by the license fees Hancom would have paid Artifex had it obtained a commercial license for its use of Ghostscript. Hancom argued that because no fees are charged under the GPL, a violation of the GPL cannot give rise to monetary damages. The court disagreed and found that, while it can’t impose the terms of the commercial license on Hancom, “a jury can use the value of the commercial license as a basis for any damages determination.” This is a favorable finding for providers of software under both commercial and open source terms. It provides licensors with a quantitative tool for enforcement against users of software who attempt to avoid commercial license fees by taking software under open source licenses without complying with the associated obligations.
Although Artifex and Hancom have reached a settlement, the terms of which are confidential, this case has provided two helpful guideposts in open source law, where practitioners and businesses are often left to their own analysis (and sometimes a prayer) to determine how best to understand the rules of the road.
Get the latest AppSec news and trends sent directly to you.