Keeping Out of the Patent Briarpatch

While in the shower one day, Ole Tange came up with a great idea. He was going to launch a video store in his native Denmark. Only this store was on the Internet; customers would rent and watch videos online.

He put together a rough prototype of his site and showed it to a friend. Sure, it was slick. Sure, it was cool.

But it was also quite likely to get him in trouble. His friend pointed out a few elements that were covered by software patents, which he would have to pay royalties for—even though they were based on “open” standards. In fact, “most of the functionality of the shop was patented,” Tange says.

The MPEG-4 format for streaming video falls under 40 different U.S. and European patents, for instance. One of those patent-holders, Acacia Research Corp. of Newport Beach, Calif., is seeking royalties that can cost a video site such as Tange’s as much as 2% of its gross sales.

Tange abandoned his concept. Now, he and colleague Carsten Svaneborg spend their free time fighting software patent legislation in the European Community through their grassroots Web site, softwarepatenter.dk.

But innovative sites like what Tange hoped to launch aren’t the only digital products caught in the crossfire. Corporations writing their own code have to be careful, too. “Most software products probably infringe on multiple patents,” says Svaneborg. The Federal Trade Commission described the situation in an October report as a “patent thicket that a company must hack its way through.”

Intellectual-property rights are the soft underbelly of corporate information systems. Few companies pursue patents for homegrown software. And few companies worry whether that homegrown software infringes on any patents, either.

“In all of my 18-plus years of my career, I have yet to see a company that has a formal process around protecting their software intellectual property,” says Andy Miller, vice president of technical architecture at the Broomfield, Colo., office-supply distributor Corporate Express. “Companies that don’t have an R&D organization don’t tend to look at things as being patentable or not.”

And they certainly don’t do a patent search before writing internal code. “Unless the patent holder can find out about [infringing code], there’s nothing much that they can do,” says Miller.

But Internet applications are different. Web sites and Internet services have to stand up under public scrutiny because their functions are out in plain view of any sophisticated programmer—or patent attorney.

As the Grateful Dead once sang, “It’s even worse than it appears.” Patents on “electronic shopping carts” and other Web site features can sneak up and bite e-commerce companies. Even improving “open source” software can haunt you. Depending on the licensing scheme, you may have to hand over the copyright to any changes you make to source code.

Corporate Express has tightly controlled any work it does that modifies supposedly “open” code—to prevent its development work from crossing the line into charity.

For example, the company has standardized on JBoss, an open-source Java application server. As a policy, Miller says he keeps developers from customizing JBoss’ code unless there’s a specific problem for which there’s no workaround. When needed, Miller allows those patches and them with the JBoss community. But he requires any work on an open source project to be pre-approved by him.

“We don’t just endorse people working on open source projects willy-nilly,” Miller says.

Some times, a corporation can get some litigation cover by only using code from a “safe” vendor. Sun Microsystems and Hewlett-Packard, for instance, are indemnifying their customers who use Linux against a possible SCO Group suit, because of rights they already hold.

Still, with the atmosphere surrounding the software industry being what it is, there’s only one way to be sure your homegrown code is safe. Keep your lawyer handy.