The Standards Blog

Home

Monday, July 6th, 2020 @ 01:22 PM
Contributed by: Russ Schlossbach
Views: 152

James Joyce Birth Certificate - Courtesy Wikimedia Commons/O'Dea at Wikimedia Commons, CC BY-SA 4.0Of the fundamental structural questions that drive discussions within the open source community, two that continually spur fervent debate are (a) whether software code should be contributed under a Contributor License Agreement (“CLA”) or a Developer Certificate of Origin (“DCO”), and (b) whether code developed by an employee or independent contractor should be contributed under a CLA signed by the developer as an individual or by her employer under a corporate CLA.  

Are there any clear answers to these questions? As so often is the case, the answer to that question is, "it depends."

Tuesday, June 16th, 2020 @ 03:37 PM
Contributed by: Andy Updegrove
Views: 458

Dept.%20of%20Commerce%20Seal%20140.pngThe long face-off between the Trump administration and Huawei involving standards development has finally been resolved. Well, yes and no, on which more below.

Initially the issue was whether standards setting organizations (“SSOs”) would be able to permit the Chinese 5G technology company and scores of its affiliates (collectively, “Huawei”) to participate in their working groups. But over time, the political landscape shifted – many of the SSOs where the action was taking place took the position that their processes were sufficiently open to make the issue moot. But some of the most active American technology companies came to a different conclusion, thereby making it impossible for them to participate without risking liability to their own government (more details can be found here).

Monday, June 8th, 2020 @ 02:41 PM
Contributed by: Andy Updegrove
Views: 254

The Declaration of Independence, by John Turnbull, courtesy Wikimedia CommonsThe first assertion of liberty in the U.S. Declaration of Independence reads as follows:

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.

Is there any American that would stand up and say – no – that’s wrong? It’s impossible to imagine.

And yet…

Tuesday, May 12th, 2020 @ 04:29 PM
Contributed by: Andy Updegrove
Views: 213

Dept.%20of%20Commerce%20Seal%20140.pngRegular readers will know that the addition of Huawei and scores of its subsidiaries to the U.S. Bureau of Industry and Security Entity List last May has had a serious impact on standards setting organizations (SSOs). Specifically, the related rules bar companies from disclosing certain types of U.S. origin technology to companies on the Entity List, and technology is exactly what is disclosed in the course of standards development. Due to a lack of guidance from the Department of Commerce, SSOs have been left wondering whether they can allow Huawei and its subsidiaries (collectively, “Huawei”) to participate in their technical activities. When they decide that the answer is yes, U.S. companies must then decide whether they read the regulatory tea leaves the same way. Many have not.

Over the past two weeks the situation has taken a more hopeful turn. The impetus for this change has a lot to do with the law of unexpected consequences – in this case, the results of the Department of Commerce refusing to provide the type of certainly that the private sector needs when political winds shift.

Wednesday, April 15th, 2020 @ 09:22 AM
Contributed by: Andy Updegrove
Views: 531

Huawei%20Logo%20140.png

A few weeks ago it seemed likely that the US Department of Commerce, Bureau of Industry and Security (“BIS”), would issue new guidance that might free standards setting organizations (SSOs) from the difficult position they have found themselves in for almost a year. But that didn’t happen. Instead, most SSOs have concluded that they still cannot allow Huawei and its affiliated companies to return to the working groups that are creating the essential standards that will make the roll-out of 5G networks become possible.

How much does that matter in the context of the overall U.S.-Chinese confrontation? The answer is a great deal, as continuing to bar Huawei and other Chinese telecom giants from standards development may weaponize the patent portfolios of those companies in a way that could prove disastrous for the U.S. and other Western nations.

Wednesday, March 25th, 2020 @ 09:16 AM
Contributed by: Russ Schlossbach
Views: 228

DoJ%20Logo%20140.pngIt’s well recognized by courts and regulators in many countries that standard setting among competitors can be procompetitive and good for consumers.  As noted by the 5th Circuit Court in 1988, “it has long been recognized that the establishment and monitoring of trade standards is a legitimate and beneficial function of trade associations . . . [and] a trade association is not by its nature a ‘walking conspiracy’, its every denial of some benefit amounting to an unreasonable restraint of trade.”(1)

But regulatory sands can shift, and especially at a time when broad and dramatic changes (political and otherwise) seem to be the rule rather than the exception, it makes sense for collaborative organizations to keep vigilant, and to review their policies and procedures on a regular basis to help ensure antitrust compliance.

Wednesday, March 18th, 2020 @ 05:14 PM
Contributed by: Joanna Lee
Views: 191

rsz_caronavirus_image.jpgAs the world goes into social lock-down to prevent further spread of the COVID-19 virus, many conferences, face-to-face meetings, and other in-person gatherings are being cancelled or postponed.  While the mass cancellations are disappointing and disruptive for everyone involved, they are potentially devastating for non-profit associations—such as open source foundations and standard setting organizations—that rely on in-person events to sustain themselves financially and facilitate collaboration and community.  If you participate in the leadership of a collaborative association that hosts conferences or other large events, read on for tips on how to navigate likely challenges in the upcoming months.

Thursday, March 5th, 2020 @ 11:27 AM
Contributed by: Andy Updegrove
Views: 168

Courtesy Visitor 7/Wikimedia Commons - Creative Commons Attribution-Share Alike 3.0 Unported license.There’s been a lot of activity in diverse parts of the standards and open source software development world of late. Here’s a selection of items you may have missed that I think might be of greatest interest.

Is there nowhere to hide? Streamlined targeted advertising comes to television. The on-line world has seen ever more laser-like ad targeting of viewers, particularly on dominant platforms like Google and Facebook. The same practice has existed in the print world in a more limited way for even longer, where sophisticated regional printing centers swapped ads in national magazines based on zip codes or other data. But what about television?

Tuesday, February 25th, 2020 @ 07:59 AM
Contributed by: Joanna Lee
Views: 231

Scanning Tools 140When you incorporate open source (OS) code into larger programs, it is risky to assume that the official license for the project is the only license you need to comply with. This is true even if the only OS code your company consumes comes from software projects with permissive rather than copyleft licenses.  (For an explanation of the difference between copyleft and permissive OS licenses, and why copyleft-licensed code cannot be used in proprietary applications, please see this earlier post about OS license types ).  Any OS component could be subject to a myriad of OS licenses that you might be unable to identify without performing a source code audit and scan.  This is why regular use of source code scanning tools (a.k.a. software composition analysis software) is essential to any open source compliance program.

Wednesday, February 19th, 2020 @ 12:53 PM
Contributed by: Russ Schlossbach
Views: 170

DoJ Logo 140If you participate in standards development organizations, open source foundations, trade associations, or the like (Organizations), you already know that you’re required to comply with antitrust laws.  The risks of noncompliance are not theoretical – violations can result in severe criminal and civil penalties, both for your organization and the individuals involved.  The U.S. Department of Justice (DOJ) has in fact opened investigations into several standards organizations in recent years.