Matt Asay asks “Why should a customer care about IP assurance?” He and Savio Rodrigues both make what appears to be the same error: comparing IP to “environmental rules or workplace safety regulations”. There is a critical difference, of course: if the EPA or comes after Microsoft, and I use Microsoft products, I can’t be sued. If a patent holder comes after Microsoft, and I use Microsoft products, I can be sued, since patent law allows penalties both for manufacture and use of infringing products. (Joe Shaw correctly cites the relevant law here.) That’s fundamentally different from most other forms of law, where customers typically aren’t liable for the sins of the vendor.
Is the risk of getting sued for use very small? Absolutely. Is that risk overblown by hostile organizations who have used it to scare customers away from competitors, or to ‘tax’ those competitors? Yup. (And in a world with a more competent antitrust enforcer, there would be antitrust concerns about this behavior.) But the risk to the customer, however small, is non-zero. So competent lawyers from large organizations must advise their clients that there is a risk, and most organizations are just too risk averse to ignore that. Hence, customers care.
Savio has another way to argue that the risk really is basically zero:
You know, I’d actually love to see Microsoft sue a customer because of IP issues. Exactly how much would they sue for to offset the millions of dollars worth of negative publicity and brand destruction?
I’d love to think that this can be used as a security blanket, but I’m not sure that’s actually the case. The damage could easily be small- just as a vast majority of Americans think ‘well, it’s OK that they tapped his phones without a warrant- he’s a criminal, and I’m not’ or, historically, have thought ‘it is OK that they restricted his first amendment rights, he’s a communist, and I’m not’, I have a nagging feeling that a majority of software buyers would think ‘it is OK that they went after him for patent violations- he’s a patent violator, and I’m not’. Never underestimate the ability of people to rationalize away those sorts of things when they think they don’t apply to them. And besides- what are they going to do if they are angry? Stop buying Exchange? Windows? Office? Seems unlikely. So I don’t think this particular security blanket works- organizations still have to assume that the risk is real, even if it is small and hence perhaps discountable.
[Edit later: Matt has a comment worth reading in response. I think he and I mostly agree on the causes of the problem; I did want to clarify, though, that patent law is substantively different from the other areas of law he and Savio cited, and think that was worth doing.]
correct me
What, no credit for me? *sulks* :)
I think this is one of the reasons that historically people *do* buy Microsoft products. Microsoft has been sued god knows how many times for patent infringement, and the settlements ALWAYS include protection for their customers. And it will probably always be more profitable to sue Microsoft than any of their customers.
Unfortunately, this is much harder to offer for open source companies/products. If someone finds, say, GNOME is infringing on their patent, there isn’t much profit in suing the GNOME Foundation or random developers. The profit would come from suing some large corporation that uses GNOME. (Most likely one that has publicly trumpeted their mass switch to Linux/GNOME.)
There have been several risk averse corporations I have worked with who refused to allow any type of open source software in their organization, even ones from large commercial backers like Sun or IBM, as they considered the risk too high.
Luis, you claim I made a mistake, and then you make my point for me. Does this make a mistaken threesome? :-)
I wasn’t saying that there is *no* risk but rather that the risk is minimal AND (I didn’t make this point on my blog, but I’ll make it now) there are sufficient guarantees in every standard contract to mitigate what risk there is. Namely, that the vendor will rewrite, replace, defend, and/or refund. Given this, there is little or no reason for IP indemnification. It’s a mostly useless safety blanket that frankly isn’t worth much even if it’s unlimited. (How many vendors could actually stand behind a $100M damages claim? I can count them on one or two hands – does that mean these are the only ones from whom customers should buy? Of course not.)
IP indemnification is a farce foisted on the industry by big and small patent trolls (Microsoft included). As the GC of the Very Large Software Company I referenced noted, and which I repeat here, a few years ago no one asked about this. In Europe they still don’t. It’s a recent American fetish, and an unhealthy one.
I Was Wrong About IP Assurance…
I’ve asked a few times why IP assurance is a customer concern. But I’m not a lawyer, or one in training. Lucky for you, Luis Villa (a lawyer in training and OSS guy) jumped in to correct me. “…make what appears to be the same error: comparing IP t…
[…] good, can potentially be dragged into court on a charge of patent infringement. (This is not the first installment of this reminder.) This misunderstanding of how patent law functions gives people a false sense of […]
[…] good, can potentially be dragged into court on a charge of patent infringement. (This is not the first installment of this reminder.) This misunderstanding of how patent law functions gives people a false sense of […]