In addition to the various forms of indemnification that have been designed to offer some protection from those being sued by The SCO Group for misappropriation of intellectual property (IP), there are two defense funds as well. One of these - the Open Source Now Fund -- is run by Red Hat and the other announced earlier this year was established by the Open Source Development Labs.

When IT managers are considering their options for making sure their companies are legally protected against claims of IP misappropriation, they'll need to know: Can these defense funds be relied on as a form of protection? My answer: No.

There's nothing wrong with the defense funds. In fact, they are a testimony to the solidarity of Linux supporters at a time when SCO is threatening to tear their house down. These funds, and the money that has so far been contributed to them by everyone from individuals to industry giants such as IBM and Intel, will no doubt be useful should a defendant against SCO require support. But, before you can get money from a defense fund, you have to be sued. And, regardless of whether you meet the qualifications for either of these defense funds, waiting until you get sued to find out if you're eligible for support is not nearly as good as arranging for that support ahead of time.

Since you have no contract with the defense funds, they have no obligation to you. This is unlike indemnification or open source insurance where, because of a contract you have with the providers of those forms of protection, they have an obligation to give you the support they've promised once you've been sued.

		Special Report: Managing the legal risks of Linux  The SCO legal train: Know your options  Protect Thyself 101: A primer on indemnification  Novell's protection: Covers more than SCO  HP's protection: SCO-only, but no dollar limit  Instead of indemnification, consider insurance  Defense funds: Taste great, but less filling  Is Red Hat the canary in SCO’s coal mine?  What did SCO buy--Unix or the Brooklyn Bridge?

Red Hat's positioning of the Open Source Now Fund for developers rules out most enterprises as candidates since most of them are open source users rather than open source developers.

Furthermore, in interviews with SCO's SCOSource vice president Chris Sontag, I learned that even if the company were interested in going after developers, it would only be a few key ones such as kernel developers Linus Torvalds and Andrew Morton and then larger companies like IBM that have committed huge development resources to Linux. SCO doesn't seem very interested in going after other open source developers because most developers haven't wrongfully, knowingly, or irresponsibly misappropriated SCO's intellectual property. In that light, the Open Source Now Fund is not only of highly questionable value to IT managers, but also to most open source developers. The OSDL's defense fund, on the other hand, according to OSDL CEO Stuart Cohen, "is for any user of Linux, or Linux-based applications that gets sued by SCO." In that respect, it is similar to Hewlett-Packard's indemnification program, which is available to any type of user (using HP's gear), running any distribution, but only if they get sued by SCO. But that's where the similarities end.

Another point of differentiation for the defense fund versus indemnification or OSRM's open source insurance offering is that you're on your own when it comes to arranging for your defense. With indemnification and open source insurance, the provider handles the defense for you.

According to Cohen, "This is for covering defense expenses. We are not providing defense services or legal defense." In other words, OSDL's program is strictly about financial resources for the defense (and no damages). This sounds to me like a quick way for OSDL to squander its resources. After all, one reason that other companies can offer indemnification and open-source insurance is that they plan to take on the burden of defending their clients, and to make sure they're using their resources as efficiently as possible; there's a strong likelihood that they'll consolidate their clients' defenses in a reverse class-action-style defense. In OSDL's case, monies are dispersed on a per client basis, and its up to each one to arrange for their own defense. One requirement however, Cohen told me, is that OSDL must approve of the selected attorney.

Unlike indemnification or open-source insurance where a lawsuit contractually triggers the automatic release of defense resources (and perhaps monies to cover damages if the defense is lost), Cohen says the process for releasing the OSDL-arranged defense fund's resources hasn't been worked out yet. What Cohen was able to say so far is that, "Using established criteria, the OSDL's Board of Directors will look at each individual situation to see how to disperse funds." But when asked what the established criteria are, or what the process is for qualifying and whether it works by turning in receipts for legal expense incurred, Cohen said that he hoped the OSDL would be announcing that soon.

Two people that don't have to apply for defense will be Linus Torvalds and Andrew Morton, both of whom are now OSDL employees. Critics of the OSDL's defense fund argue that it's for employees first, and others second. In response to that criticism, Cohen told me "If we cover all of OSDL's expenses and all of Linus' expenses, we would barely take anything out of the three million dollars we've made. On top of that, Linus has not been sued." Neither has Morton. But if SCO can't get a judge to side with its interpretation of the terms of its purchase of Unix from Novell, but still ends up with some ownership of Unix (along with some intellectual property rights), it may focus on the parties who were either responsible for the copying of copyrighted material, or who oversaw the contribution of copied material by others without double checking. In that case, two people - Torvalds and Morton - come to mind.

Nevertheless, Cohen made certain points about OSDL's defense fund very clear. "We care about two things," Cohen said. "First, providing peace of mind for users; and second, accelerating the use of Linux. We will do whatever we have to do to provide peace of mind. Right now, we have a legal defense fund in place, we will be there to help with the defense." Unfortunately, with so few details worked out, and with no guarantee from the OSDL that all comers will get the legal resources they need should they be sued by SCO, one can only conclude that, as it's currently structured, the defense fund offers little if any peace of mind.

You can write to me at david.berlind@cnet.com. If you're looking for my commentaries on other IT topics, check the archives.