Open Source distributions in a cloud-native world: from a technical to a legal point of view
0Presented at EclipseCon 2023 in Ludwigsburg, Germany by Lina Böcker (Partner at Osborne Clarke Germany) and Angelika Wittek (Independent).
Are you contributing to an Open Source project? Great! And do you know how to distribute the software in a cloud-native world? Or what making software publicly available legally implies, especially when it comes to containers and AI generated code? Are tech and legal two contradicting things?
If you want to learn about up-to-date insights, this talk is for you! Bonus: We will share insights on the Cyber Resilience Act from a legal perspective.
We will start drawing up the legal framework between copyright, patent law and different OSS licenses, explaining some terms and the change of their meaning in the past few years (such as distribution) and having a closer look at a modern interpretation of the EPL 2.0 and other popular licenses.We will consider different software architectures, such as “classic” and cloud native. In doing so, we will examine the composition of components, interfaces, infrastructure, platforms and the connections between them, as well as the different kinds of build artifacts from war files over fat jars to binaries (e.g. Quarkus). On top, we will look at the implications of packaging applications into containers.
Using these example scenarios, we will analyze from a lawyer’s angle how the legal requirements need to be reflected in the composition of software applications and what the practical consequences are for contributors in the Eclipse ecosystem. We will, in particular, give some hints on how to deal with (a lack of) license compatibility, specific license obligations and other requirements that might result from working with Open Source Software.
At the end Lina will give an outlook to the current status of the Cyber Resilience Act and its implications for the Open Source ecosystem from a legal perspective.