IP Theft as plagiarism
My parents and the nuns at St. Camillus drilled the Ten Commandments into our little heads. I had no idea what "adultery" was, and in grade school never found an opportunity to commit that particular sin, but the rest were pretty clear. Thou Shalt Not Steal is very unambiguous, and very easy to adhere to.
Though we were being taught moral behavior for its own sake, stealing always had practical barriers as well. Shoplift a candy bar and the proprietor might catch you and for sure Mom and Dad would create their own special version of hell.
I'm not sure if the moral teachings or the potential repercussions ultimately shaped our worldview, but now most of us cannot conceive of nicking the GPS from that car with the inadvertently left-open window. When the shopkeeper mistakenly gives too much change, of course you return the extra.
And of course a civilized person doesn't steal music or videos. Or Intellectual Property (IP). Even if the risks of being found out are miniscule.
The music/video discussion is an old one. Though I think the RIAA and MPAA are both wrong, and will have to come to terms with the digital world, those who illegally download this material are wrong, too. It's theft. You may disagree with copyright law (and I think the current duration is absurd) but the rules are clear.
Professors rightfully complain about pirated material turning up in term papers. But with so much on-line it's hard to see how a teacher, in reviewing dozens of manuscripts, can elicit the stolen from that a student created. Tools do exist to ferret out plagiarism, but I wonder how many professors use them.
Just like that watchful shopkeeper, the open source community has organizations enforcing license compliance. The Software Freedom Law Center has brought many IP scofflaws to justice. But, illegal use of IP, especially when buried in firmware, is also like illegally downloading music: odds are most violators will get away with their crimes.
Even the well-intentioned majority may have trouble complying. The Free Software Foundation recognizes over 50 different licenses. Others also exist. Terms vary considerably between them. Navigating the maze of rules may not be easy.
How does one even know the provenance of a chunk of code if, for instance, you reuse a package inheritied after acquiring a business? What about code created by an offshore firm, one where IP protection might be more casual than in the US?
GPLv3 is over 5600 words, nearly twice the length of GPLv2. Though great care was taken to keep the legalistic lingo at bay it's not a License for Dummies. GPLed code is wonderful stuff, but tread carefully lest an innocent mistake compromises proprietary software.
Companies like Blackduck offer services that help insure companies don't violate open source licenses. That seems a very useful service, though I'd imagine it's not cheap.
For some reason the theft of bit streams is widely viewed very differently than that of real property. Yet transgressing an IP license could cost millions. What's your company's policy?
Jack G. Ganssle is a lecturer and consultant on embedded development issues. He conducts seminars on embedded systems and helps companies with their embedded challenges. Contact him at email@example.com. His website is www.ganssle.com.