March 7, 2006
The Software Freedom Law Center (SFLC), provider of pro-bono legal services to protect and advance Free and Open Source Software (FOSS), today announced it has published a white paper on its position regarding alleged General Public License (GPL) violations in relation to the Sarbanes-Oxley Act (SOX). The paper, titled Sarbanes-Oxley and the GPL: No Special Risk, is available at: www.softwarefreedom.org/publications/Sarbanes-Oxley.html.
“Recent discussions regarding the GPL and SOX have been wrought with false information and have prompted the SFLC to issue its position on the topic”, said Eben Moglen, chair of the Software Freedom Law Center. “It is our job at the SFLC to provide the best legal advice and resources to our clients. This paper will help users of the GPL, from developers working on FOSS projects to CIOs working at Fortune 500 companies, to clearly understand there is no new need for concern. The fact remains that no criminal charges on the basis of violating the SOX Act have ever been brought against a GPL user.”
The SFLC paper defines the realistic impact of a GPL violation as it could be applied under SOX. The SFLC paper points out that SOX generally applies only to public companies and that disclosure in a company’s SEC reports is not necessary if a company’s use of the license is immaterial to its business. It also states that companies that must comply with SOX bear the full cost of SOX compliance regardless of the licenses of the software they choose. Lastly, the paper explains that if SOX applies to a GPL violation, it is not likely that a company or developer would be criminally liable, since the Act cannot be criminally violated without intentional misconduct.
“The idea that a GPL violation could result in jail time is unreasonable”, said Karen Sandler, attorney at the Software Freedom Law Center. “You take away this unlikely threat, and the argument is reduced only to compliance, and GPL compliance is remarkably simpler than that of alternative licenses”.