Intro
As a license, open source specifies terms covering the copyrighted work (the OSS software) as decided by the software owners and including any third-party, child packages. Although OSS packages and their respective licenses typically used in today’s apps are royalty-free, there still remain obligations per the OSS software licenses’ terms. However, obligations may go unfulfilled and pose certain compliance risk.

OSS license compliance issues
Problematic OSS licensing usually falls into a handful categories:

• Incompatible license terms
  This is normally because a package contains components licensed under both “copyleft” terms and “non-copyleft” terms. Copyleft requires any software using the package to also be licensed under the copyleft license. This creates a compatibility problem when non-copyleft OSS components (a.k.a., “permissive” and “commercially-friendly”) are also present or an organization does not wish to license its own app under copyleft terms.
  
  Ordinarily, incompatible license terms present the only OSS license issue that may ultimately require a code change (e.g., replacement with a compatibly-licensed component), but even then alternatives are often available thus leaving application impact truly as a last resort.
  
  
• Improper license format/content
  Generally a relatively small number of distinct licenses covers most of today’s open source. Regardless, a package or its child OSS may have not clearly provided its terms, such as the type or form of the license, and may raise ownership, liability, usage, and other questions.
  
  
• Improper “attribution”
  Open source licenses normally require apps using the software to give it credit (i.e., “attribution”). This may be in a “notices” file or within source files themselves, but regardless, attribution is often incorrect or missing.

Final Thoughts
Compared to a typical closed source license, open source license terms may seem relatively straightforward, especially permissive/commercially-friendly licenses whose terms are set forth in a few, short paragraphs. However, today’s apps are composed of hundreds–if not thousands–of individually-licensed components, each potentially having one or more of the problems listed above.

DISCLAIMER
Sector 7G Consulting LLC (“Sector 7G”) does not provide, nor should anything from Sector 7G be construed as, legal advice nor the establishment of legal representation or attorney-client privilege. Additionally, Sector 7G strongly encourages review of all licensing with legal counsel.