November 19, 2004, 9:30 AM — If purchasing software were as straightforward as buying a car, users would not have to think twice about the risk of intellectual property lawsuits.
Say General Motors Corp. (GM) claims it owns a patent on power steering and alleges infringement by Ford Motor Co. GM would have to sue Ford, not drivers who bought Ford cars, according to legal experts.
But software, unlike cars or most tangible consumer products, is licensed. Some software makers, particularly in the open-source market, where code is often contributed by noncommercial developers from all over the world, use licenses to limit their liability and exclude user protection from intellectual property lawsuits. This protection would otherwise be implied by law, experts said.
"People who buy software have less protection than people who buy cars," said Bruce Sunstein, a patent attorney at Bromberg & Sunstein LLP in Boston. "The license terms have been designed to protect software vendors."
Underscoring a growing awareness of this issue on the part of users, Microsoft Corp. last week expanded its intellectual property indemnification program to cover most of its customers. Previously the company covered only so-called volume license buyers -- customers who buy its products in bulk. The Microsoft plan protects customers from exposure to legal costs and damages related to patent, copyright, trade secret and trademark claims. The protection has no financial cap.
With the expanded program, Microsoft is seeking to set itself apart from rivals, especially those in the open-source community.
Users are showing more interest in indemnification programs, particularly for Linux after The SCO Group Inc., which claims that Linux includes some of its copyright-protected code, earlier this year threatened infringement lawsuits.
The type of protection offered by software indemnification programs varies widely. Vendors typically offer comprehensive protection for proprietary products, but not for open source software.
Novell offers SUSE Linux Enterprise Server 8 customers protection against copyright-infringement claims only. The protection is also capped and tied to restrictions such as the requirement to purchase a maintenance contract. Hewlett-Packard Co. (HP) offers indemnification for Linux products it sells, but only against SCO claims, and the buyer must sign a support contract and use HP hardware.
Linux vendor Red Hat does not indemnify customers, but promises to replace Enterprise Linux code for users if a court were to find that the product infringes a copyright.
IBM Corp. does not indemnify the Novell Inc. and Red Hat Inc. Linux products it sells.
Many Linux vendors can't match Microsoft's blanket indemnification because they don't have the financial means, experts said. The median cost to each party in a patent infringement suit with more than US$25 million at risk is $4 million, according to data from the American Intellectual Property Law Association.
"Red Hat is not nearly the size of Microsoft. It could never take on a limitless indemnification obligation for its users. It really would not be worth the paper it was written on if you had a substantial enough IP claim," said David Elkins, a partner at Squire, Sanders & Dempsey LLP, in Palo Alto, California.
Another reason some users are getting more concerned about lawsuits is that there are a growing number of companies that acquire patents specifically to use the threat of lawsuits to extract money from companies, according to Dan Ravicher, executive director of the Public Patent Foundation.
At HP, indemnification is discussed in the "vast majority" of talks with customers who buy direct from the company, according to Martin Fink, vice president of Linux at HP.
However, while indemnification is a topic in sales discussions, the jury is still out on whether software buyers really need such protection.
"The chance that a corporation will find itself the unwitting target of a third-party IP (intellectual property) lawsuit ... is low. It
