Open Source Software & the Technical Due Diligence Process
Open Source has eaten the software world. A typical company is made up of 50% Open Source Software, though companies’ ability to discover and track these packages has not kept up with the development practices. Companies who are targets in Mergers & Acquisitions are required to disclose their use of OSS/3P software and Palamida’s research shows the typical company is only aware of 2% of their ACTUAL usage. This massive undercounting is affecting the ability of these organizations to have a successful exit. Additionally, those who do have a successful exit often require a large amount of remediation before close in order to come into compliance. In this webinar Palamida will discuss the modern technical due diligence process as it relates to Open Source and Third-Party Software, along with the steps that a target or acquirer will go through to validate the Third-Party list. Other topics include common reasons for no-go decisions, and remediation steps that you will have to go through before you sell or buy a company.
In today’s software development environment, ready access to Open Source Software libraries (and other third-party code) is an enormous benefit if used responsibly. By leveraging the intellectual property (IP) of commercial software development partners, outsourced engineering resources, and the open source community, companies can reduce costs, accelerate time to market, access global software innovation, and differentiate its own software products. This expanded opportunity for use of third-party IP, however, comes with the responsibility to comply with a complex set of licensing terms placed on the software by its IP owners in order to avoid claims of infringement for improper use. It also calls for the need to track the use of the third-party software to mitigate financial and legal risks by implementing development oversight to ensure that governance mechanisms are in place to provide for proper payment and compliance to license terms.
Most corporations have a hard enough time managing the third-party IP within their own code bases; doing so in merger and acquisition (M&A) transactions can be even more difficult, as inbound code built by unfamiliar development teams is often a black box of third-party code and licenses. Few M&A teams have the time to thoroughly audit the code they are acquiring or the expertise to analyze the code to evaluate IP risks and compliance issues.
To help answer your questions and navigate the technical due diligence process relating to Open Source Software, The Knowledge Group has assembled a panel of thought leaders and key experts to shed light on this significant topic. Speakers will discuss the legal basics of Open Source Software and licensing, experience from the technical due diligence process with major corporate acquirers, lessons from recent legal cases in Open Source Software, and how to manage Open Source Software risk and formulate a sound compliance policy to avoid the most common risks and pitfalls for both acquiring and target companies during the M&A process.
Key topics include:
- Open Source Software Legal Primer
- Preparing Yourself for An Acquisition As a Buyer
- Preparing Yourself for An Acquisition As a Seller
- Timetable of the Due Diligence Process
- Common Findings and Pitfalls
- Remediation Steps
- Effects on Valuation and Go/no-go Decisions
- Use for Integration with the Acquiring Company
Jeffrey S. Rothstein, Partner
Sidley Austin LLP
- Overview of open source software in the M&A context: buyer’s perspective, seller’s perspective
- Overview of principal types of open source licenses
- The process of open source diligence from a legal viewpoint
- Issues arising from the principal types of open source licenses in M&A
- Addressing open source issues in an M&A agreement
Jeff Luszcz, Founder and CTO
- What does the Open Source Audit / Technical Due Diligence process look like?
- What are acquirers looking for and worried about?
- Quick Overview of Open Source Licensing
- Preparing for the Open Source Audit / Technical Due Diligence Process
- After the Audit Report: Remediation and Integration
Tennille Christensen, Attorney
Tech Law Garden
- Diligence war stories – things I’ve found when brought in to help with a F/OSS audit and solutions applied
- Best practices for using F/OSS within a traditional proprietary or SAAS software company *before* 3rd party due diligence
- Managing a F/OSS project, community norms and legal best practices re: contributions – targeted to companies/organizations that are actively managing F/OSS projects and publishing source
Who Should Attend:
- Companies interested in acquiring or selling technology companies
- Intellectual Property Attorneys
- Technology Transaction Attorneys
- Patent Attorneys
- Open Source Software Attorneys
- Open Source Software Directors/Officers/Professionals
- Compliance Officers/Directors/Professionals
- General Counsel
- In House Counsel
- Senior Management
- Executives (CEO, CIO, CTO, CISO)
- Software Engineers/Developers
- Open Source Professionals in Software/Technology Industries
- Open Source Consultants & Clients in the Software/Technology Industries
As the Founder & CTO of Palamida, a leading provider of Open Source discovery and vulnerability management tools, Jeff helps software companies understand how to best use open source while complying with their license obligations and staying on top of security issues. Jeff also leads the Professional Services team responsible for open source compliance and security audits. His team has performed reviews for some of the largest mergers and acquisitions in the technology industry. Jeff spent six years as a software engineer at NASA Ames Research Center where he implemented software for simulation and visualization of flat panel display technology and their related human factors. Jeff has been active in the Java, Macintosh and Open Source software communities and is the author of several well-known Macintosh software utilities and has served as a technical editor for Wrox Press.
As the Founder & CTO of Palamida, a leading provider of Open Source discovery and vulnerability management tools, Jeff helps …
As co-leader of Sidley’s global Technology & IP Transactions practice, Jeff Rothstein handles a wide range of U.S. and cross-border technology and corporate transactions for clients ranging from startups to the Fortune 500. He devotes a large part of his practice to software, licensing and IP acquisitions for high-technology companies and financial services firms. Of late, that work has included significant attention to big data analytics and the Internet of Things. He has served the satellite industry for many years, where his work has included satellite acquisition and condosat agreements, as well as licensing and IP matters. He also devotes significant time to life sciences matters, where his work includes pharmaceuticals, medical devices and both human and agricultural biotechnology. His practice includes licensing, strategic partnering and collaborations, open source software, IP development, patent purchases, contract manufacturing, contract research, and other intellectual property issues arising in M&A and financing transactions.
Jeff also lectured for many years at Northwestern University on e-commerce, software and bankruptcy law. He is a Trustee of Chicago’s Adler Planetarium and Astronomy Museum, where he has served since 2001. He is a member of the Board’s Executive Committee and chairs the Audit Committee.
As co-leader of Sidley’s global Technology & IP Transactions practice, Jeff Rothstein handles a wide range of U.S. and cross-border …
Tennille Christensen is a former engineer and attorney who specializes in advising companies on technology transactions. Before law school, Tennille worked at several start-up companies, where she became fascinated by the legal issues involved in Free and Open Source Software. During law school, she wrote and published a law review article on the subject The GNU General Public License: Constitutional Subversion? (Summer, 2006, 33 Hastings Const. L.Q. 397). For ten years, a large portion of her legal practice has been aimed at helping companies understand the various risks and benefits as well as best practices associated with using, contributing to, and building businesses based on software licensed under Free and Open Source licenses.
Tennille Christensen is a former engineer and attorney who specializes in advising companies on technology transactions. Before law school, Tennille …
Print and review course materials
Method of Presentation:
On-demand Webcast (CLE)
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE Credit:
Areas of Professional Practice
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Palamida, Inc.
Palamida provides products and services for software composition analysis. Our customers identify and track open source and other externally-written software in their development projects in order to manage and secure their software against risks resulting from intellectual property infringement and security vulnerabilities. Palamida analysts have conducted thousands of audits projects (billions of lines of code) ranging from quick one-day inspections to comprehensive due diligence projects to multi-product internal baselines. In all cases, our analysts use Palamida Enterprise Edition software as well as extensive domain expertise to produce a highly readable and actionable report. Reports can be tailored to specific requirements and can include open source and commercial content, analysis of subcomponents, multi-media content, and cut-and-paste source code. Palamida Professional Services play a crucial role when time is tight and domain expertise is essential in auditing for open source use.
About Sidley Austin LLP
Sidley Austin LLP provides transactional, litigation and regulatory services to businesses, financial institutions and individuals worldwide from 20 offices on four continents. Sidley’s Technology and IP Transactions lawyers advise on leading-edge technology and IP transactions including licensing, development, collaborations and joint ventures, outsourcing, standards setting, IP purchases and sales, and the IP and technology aspects of mergers and acquisitions. With more than 50 Technology & IP Transactions lawyers around the world, we combine our expertise in the applicable law, business understanding, technology know-how and market best practices to deliver solutions to clients from ranging from entrepreneurs and emerging companies to private and public companies, venture capital and corporate investors in the technology, life sciences, energy/cleantech and agribusiness sectors.
About Tech Law Garden