 |
|
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Of the three companies --Hewlett-Packard, Novell and Sun--offering some form of Linux indemnification, Novell stands apart in that, by virtue of its acquisition of SuSE, it is a provider of its own Linux distribution. This is quite different from other solution providers at the center of the intellectual property (IP) maelstrom, such as IBM, HP, and Sun. In lieu of distributing Linux, each of them integrates existing distributions into their hardware offerings. In fact, all three companies resell multiple versions of Linux from multiple distributors, including SuSE and RedHat.
This situation is a source of confusion for some people, since it's difficult to understand how an integrator can offer indemnity on a Linux distribution it resells when the original distributor of that Linux has no indemnification program itself. Novell, which provides distributions to IBM, HP, and Sun, is the only Linux distributor so far offer to indemnification. Having just launched its program in January 2004, Novell was the last of the three indemnifiers to come forward with such a program. Much like the indemnification programs from HP and Sun, Novell's program is unique in terms of who is covered, what the obligation to Novell is, and exactly what sort of protection a customer gets. Perhaps the most distinguishing feature of Novell's program, and the source of some badmouthing from Novell's competitors, is that Novell has put a limit on the monetary damages that it's willing to pay in the event that a court orders its customers to pay up due to the misappropriation of IP. This controversial caveat has become the source of several fear, uncertainty, and doubt (FUD)-spreading campaigns on behalf of Novell's competitors. In fact, virtually every non-Novellian that I spoke with--competitor or not--was casting aspersions upon Novell's program on the basis that the financial limits apply to Novell's total outlay for the defense that Novell will mount on its customers' behalf plus the damages that may have to be paid to SCO. In fact, I heard this same story so many times that I assumed it was completely true until Novell set the record straight. Like HP and Sun , Novell's program also includes assumption of the complete legal defense (including appeals) and all of the costs associated with that defense in the event that its indemnified customers are sued. In other words, the announced limitations apply to the damages, but not to the legal defense. As ReedSmith partner Joe Rosenbaum explains in his guide to indemnification, assumption of the defense in the event of such a lawsuit is a fairly standard part of indemnification. At the indemnifier's discretion, it can either assign its own internal legal team to the defense or it can retain an external law firm that specializes in IP and software licensing-related lawsuits. More often than not, when more than one of a solution provider's customers is sued for infringement, the attorneys charged with the defense will move to consolidate the cases into what is essentially a reverse class-action defense. Another important feature of Novell's indemnification program that was mischaracterized in my many conversations with those supposedly in the know is that it is not limited to lawsuits brought against its customers by SCO. In other words, if some other company or individual comes forward with a similar IP infringement claim against Novell's indemnified customers, Novell will cover that as well. This is an important point for two reasons. First, comparing Novell's program to HP's program, which Novell's most closely resembles, Efrain Rovira, HP's worldwide director of marketing, confirmed for me what critics of HP's program have been saying: the protection HP is offering is strictly limited to lawsuits brought by the SCO Group. Second, as Open Source Risk Management founder and CEO Daniel Egger told me, there's a chance--especially if SCO has any success with its lawsuits--that more companies will come forward with additional suits. As I learned in my interview of Egger, a man who has built an entire business model out of minimizing legal exposure for those deploying open-source licensed products, SCO's lawsuit barely scratches the surface of the legal risks involved with using open source solutions like Linux. Egger contends that if SCO ends up with the winning hand in this round, we will probably see many more lawsuits that target the providers and users of key open source linchpins. Compared to SCO's suits, which are based on copyright-related IP rights, Egger feels that it's only a matter of time before a patent-related suit like the one that Eolas is so far winning against Microsoft, surfaces. Whereas copyrights may apply to specific source code (in other words, an implementation), some believe that patent suits are easier to win because of the way ideas and techniques (as opposed to implementations of those ideas or techniques) can be turned into very broadly applied IP rights. Either way, regardless of whether the suit involves copyright infringement or patent infringement, or whether it comes from SCO or any other company, Novell will go to the mat for you in terms of mounting a legal defense, and will cover you, up to a point, for any damages should that defense fail. It must also be noted that Novell's indemnification program isn't just for any user of SuSE Linux or customer of Novell. As Bruce Perens explained to me over dinner at LinuxWorld, when your read the fine print, you'll find that most indemnification programs usually place some obligations on the customer as well. Novell, being no different, does indeed have some provisos. The first of these is that it only applies to deployments of SuSE Linux Enterprise Server 8.0 (SLES). The program is not available for any of SuSE's other versions of Linux including Standard Server 8.0, SuSE's Desktop Linux, SuSE Linux Professional 9.0 and SuSE Linux Personal 9.0. Based on the liability limitations and the financial obligations to customers that qualify, it's also pretty clear that Novell's indemnification program is strictly for enterprises that have made a significant commitment to Linux. Not only must you be an SLES customer, but, according to Novell's Web page that describes the program, you must also have an ongoing subscription to Novell's upgrade protection as well as "a qualifying technical support contract from Novell or a participating Novell or SUSE LINUX channel partner." According to Novell spokesperson Bruce Lowry, the total outlay will vary from organization to organization depending on its size and whether a support contract was purchased directly from Novell or from a qualified partner. In providing a low-end configuration as an example, Lowry said, "At the very minimum, a support contract directly from Novell is at $5,800. In terms of upgrade protection, that also varies based on number of servers you are buying. The list price for two CPUs on a X86 platform is $399. For eight CPUs, it is $919. Prices are higher on Itanium or AMD platforms." Lowry also emphasized that few if any of Novell's enterprise customers forego support and upgrade protection anyway. So, to the extent the program is targeted at enterprises already footing this bill, indemnification comes at no additional cost. Just doing the math, it's easy to see how Novell's programs aren't for small- or even medium-size businesses. Even if a small business had eight single processor servers and its support contract was $5800, its annual outlay to Novell would be less than $7,000. Assuming that it was sued three years after signing up (the indemnification only applies if sign-up for support and upgrade protection happened on or after January 12, 2004), a small business' out of pocket costs would be around $20,000 (with a couple of minor exceptions, Novell will base its damage-coverage calculation on cumulative fees) which means, using the 125 percent rule, that it's covered for approximately $25,000 in monetary damages if Novell's defense doesn't work out. That's hardly enough to cover the potential damages. If $25,000 is the coverage that a small, eight-server business is entitled to receive, one can imagine--using the 125 percent rule--the type of fee-paying customer that Novell had in mind when it came up with the $1.5 million maximum coverage figure (which is closer to the size of the sort of lawsuits that would interest SCO). According to Lowry, it's just those sorts of enterprises that Novell's programs target and for a variety of reasons. "I can tell you that the continuous coverage criteria requires that customers have a certain level of ongoing financial commitment to Novell to qualify for coverage of claims," said Lowry. "This program is not designed to give the customer who buys one server indemnification (nor is that customer likely to be the target of an IP violation claim, given the limited financial gains that would accrue even in successful prosecution). Instead, it's aimed at the enterprise that goes out and buys several hundred servers. This is the type of customer more likely to be concerned about IP and also more likely to be the target of any eventual IP claims. So the program will apply to enterprises that are spending not just a few thousand dollars on Linux with Novell, but are making a commitment in the tens of thousands of dollars in terms of upgrade protection. We don't believe this will be a cost that's prohibitive for most enterprises. Most enterprise customers already buy upgrade protection on infrastructure purchases like this. We don't want to create the impression that any small user of Linux can now be indemnified by Novell. That's why indemnity is only offered on [Enterprise Server]."
You can write to me at david.berlind@cnet.com. If you're looking for my commentaries on other IT topics, check the archives.
|
|
|
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
|
|
|
|
|
|
 |
|
 |
|
 |
|
 |
|
 |
|
 |
|
|
|
|
|
