Meet ZOOOM Partners: KU Leuven Centre for IT & IP Law – imec
You can find below a short interview with our partner KU Leuven Centre for IT & IP Law – imec, represented by Thomas Margoni and Matteo Frigeri.
Could you share a bit about your organization or university, including your role in the ZOOOM project? What expertise does your team bring to the table?
The Centre for IT & IP Law is a research center at the Faculty of Law and Criminology of the University of Leuven (KU Leuven), with currently a staff of over 85 researchers specialized in legal and ethical aspects of IT innovation and intellectual property.
Researchers working at the Centre for IT and IP Law focus on the fundamental re-thinking of the current legal framework, necessitated by the rapid evolution of technology in various fields, such as government, media, health care, informatics, digital economy, banking, transport, culture, etc. Their research is characterized by an intra- and extra-juridical interdisciplinary approach, constantly aspiring cross-fertilization between legal, technical, economic, ethical and socio-cultural perspectives.
The Centre for IT & IP Law has a solid track record as a law and ethics partner of large international and interdisciplinary research projects. It is internationally renowned for its expertise in the areas of Artificial Intelligence & Autonomous systems, Data Protection & Privacy, eHealth & Pharma, Ethics & Law, Intellectual Property, Media & Telecommunications and (Cyber)security.
The Centre for IT & IP Law is a member of the Leuven Center on Information and Communication Technology (https://www.kuleuven.be/LICT/) which combines the complimentary expertise and experiences of electronics engineers, computer scientists, sociologists and legal scholars in the ICT field at KU Leuven in a multi-disciplinary research center that aims to play a leading role in the worldwide ICT research scene, as well as of imec, high-tech research and innovation hub for nanoelectronics and digital technologies, which unites more than 850 researchers in ICT and ICT driven technologies located at 5 Flemish universities.
What motivated you to join the ZOOOM project? What aspects of the project resonated with your goals or interests?
It is not exaggerating to say that we masterminded ZOOOM. The project idea was born out of a workshop on intellectual property issues of collaborative manufacturing. In one of the workshop’s sessions, we discussed how open source is often wrongly seen as a business model.
The main question that we wanted to address with ZOOOM was: how can companies align their business model with the use of open technology? We wanted to figure out why companies choose to use open source components and / or release their products under open source licences. What drives them? How does open source fit in their overall intellectual property management strategy, if at all? How can businesses in patent-intensive industries still use and benefit from open source? What business models can open source enable?
We really wanted to understand how open source as a development and licensing model enables business opportunities.
Looking back, what do you consider the key achievements of the ZOOOM project so far? How has your organization benefited from being part of this initiative?
We have developed a comprehensive, yet perhaps a tad bit coo complicated framework that is a first attempt at bridging thinking about business models with thinking about IP strategies. This is a first step. We are seeking to pilot this framework with companies, research organisations, technology transfer offices and other stakeholders to see how it could evolve and become more useful in knowledge generators’ day-to-day activities.
How do you see the future of open source in the EU, particularly in terms of technological innovation, legal frameworks, and social or economic impacts? What challenges or gaps do you think still need to be addressed?
The future belongs to open source, and open technology more generally. We have had plenty of time to figure out how to establish stable, predictable and reasonable open source compliance processes.
Decades of community efforts to raise awareness about the importance of reliable open source compliance processes have come to fruition. We now have an internationally recognised standard for open source supply chain compliance management – OpenChain ISO/IEC 5230. The growing adoption of this standard by big companies like Google, Microsoft, IBM, Cisco, Arm, and many others is evidence that businesses today are serious about their open source compliance programmes. Where are the main challenges then? We see them in three main directions. One is how to transfer the success of open source software to other subject matter, like hardware and data. The second is how can companies make money while producing open source without feeling robbed by big tech cloud companies. And finally, there is the question of the place open source should have in a regulatory environment that is increasingly focused on regulating the very practice of software engineering.
The first, expansionist challenge, if we may put it that way, refers to replicating the success of open source software to other subject matter, like hardware, data, or hybrid artefacts like machine learning models. From a legal perspective, the main challenge is that we have nothing like the Berne Convention, which harmonises copyright globally, for any other type of subject matter. It may sound like a paradox to some, but open source licensing is so successful precisely because it relies on the status of computer programs as literary works in practically every jurisdiction across the world. How would open source licensing work for other types of subject matter if we have no uniform understanding of the nature and scope of rights that cover it? For example, hardware may be covered by copyright, design rights, database rights, patents, trade secrets and whatnot.
The second challenge is how to incentivise companies to release their software under OSI-approved open source licences and still make money. The examples of Elastic, MongoDB or HashiCorp are not isolated cases. There is discontent among commercial open source companies that the fruits of their labour are being used by big cloud providers without these latter actually giving anything back to the community. This, they say, has justified their decisions to relicense their software under the Server Side Public Licence, the Business Source Licence, and other non-open source licences. One common feature of these licences is that they impose certain field of use restrictions. These companies understand very well that field of use restrictions collide with the principle of non-discrimination against fields of endeavour that is part and parcel of the Open Source Definition. Whether you make money with open source or not, has no implications on whether you can use and release software under an open source licence. At the same time, though, they say that if they want to survive, something has got to change. So they changed the licence. These practices have sparked heated debates in the open source communities. Some folks have labelled the behaviour of these companies as greed but we don’t think the situation needs to be dramatised. Some of these companies have legitimate concerns, and we cannot act as if these don’t exist. However, if that’s the case, then one may ask the question: ‘Have they really thought through their business model and IP strategy if open source licensing has suddenly become an existential threat to their business?’ We think that ZOOOM and, hopefully, follow-up initiatives should focus precisely on how companies can align their business model with an appropriate IP strategy. We say IP strategy and not open source strategy on purpose. Open source is a fantastic way of utilising the brainpower of a global pool of talented developers into an innovative product. But it is not the only way to make software and some companies should weigh in their options before making any cardinal decisions that may have long-term implications for their business. If there’s one thing we agree with, it is that project relicensing, especially when the direction is from copyleft/permissive to proprietary, is not something that open source communities take lightly. And neither should companies.
Finally, the regulatory challenge concerns that growing number, in the EU at least, of limitations in the form of regulation of the practice of software development. These limitations stem from a panoply of legal instruments such as the (upcoming) AI Act, the AI Liability Directive, the Cyber Resilience Act, and the Digital Services Act, and indeed export regulations. We believe this is the first time in history that general-purpose software has been the subject of so much regulation. When open source licensing first emerged, software was hardly subject to any regulation. Discussions on the legal implications of software were limited to its status under copyright and patent law. Naturally, this allowed organisations like the FSF and the OSI to concentrate their efforts on the issues of licences, licence compatibility and compliance. These times are long gone. The practice of software development is now subject to increasing regulatory pressure. Should we shift our attention from traditional copyright licensing to, more broadly, legal terms that favour openness and freedom? This is a very difficult question that requires alignment of businesses, society and the various open source communities.
ZOOOM is not going to be able to answer categorically any of these questions. We don’t think anyone can. What we can do, however, is start the discussion about these questions.
Visit KU Leuven – Centre for IT & IP Law website for further information on their activities and collaboration opportunities!