Nat Goodspeed wrote:
My employer's legal department has just stated that we may not use Boost for product development because of a hypothetical lawsuit risk. The reasoning appears to be that some party might rise up and claim that parts of one or more Boost libraries actually belong to it: that an individual developer, perhaps unknowingly, submitted code that was not his to give away because it rightfully belongs to his employer. In this horrid fantasy, the employer would then sue many parties, including anyone who has ever incorporated the affected Boost library into their own products.
The SCO lawsuits make it tough to dismiss such arguments out of hand.
This is disturbing on a number of levels. I want to marshal whatever counterarguments I can quickly assemble. If it states anywhere on the Boost web site that the Boost organization certifies its implementation IP clean... sorry, I wasn't really expecting that. But anything whatever that would bolster the case against this paranoia would be extremely helpful.
Hmmm - wouldn't his same concern apply to any software you don't write yourself? Suppose you use VC 7.1. It comes with dinkumware libraries - does your legal dept require a release from dinkumware?. Assuming it does, how does assure itself that some dinkumware developer didn't use some code/knowledge from his previious job or was inspired by some snippet he found on the net. OK so you get releases and hold harmless clauses from all the past dinkumware developers. Now how about the windows API - after all that's just another library. Are you going to use calls from that? Does your legal department feel confident that no microsoft employee or manager has incorporated code from other sources? If it does, its pretty clear they've not aware of all the lawsuits microsoft has had in this regard. And the fact that none is of the lawsuits have resulted in damages to microsoft customers or users or developers' who have leveraged on such code. Of course anything could happen. I cut a tree on my property and my neighbor sued me. (he lost the case - mostly). Your legal department would suggest I never cut another tree on my property. And from their narrrow perspective they're right. But of course they don't see the whole picture. If your legal department runs your company, you're going to be out of a job in the not too distant future in any case, so you might as well start looking for another job now. Such a decision has technical and econonmic implications far, far beyond what your legal department (and probably management - if its gotten this far) are aware of. Maybe more practical advice would be to suggest to your boss that he get a second legal opinion. This is what I recommend on decisions with a potentially large impact that depend on arcane technical expertise (e.g., kidney transplant, etc.). This should be done more often with all "professional" services - including software developement. This is a much wider variety of opinion and options than one is going to appreciate from just consulting with one practitioner. Robert Ramey