Imagine a bacon-wrapped Ferrari. Still not better than our free technical reports.
See all our reports

The Legal Basics of Software Licensing (or, My App is Done, Now What?)

As a software developer, you might not always develop apps for large enterprises with legal departments. Maybe you’ll make your own app some day, and maybe you’ll be able to let people use it in exchange for money or goods.

So what do you do after you finish developing and launching your totally-unique and innovative application? There are a lot of questions and about a billion pages of material regarding software copyrights, EULAs, contracts, licensing and everything else, but can you say with any real security what happens, and how protected you are, once you release your new baby into the wild?

If you are looking to release an application of your own someday, then this legal overview of software licensing for beginners will help you get started investigating questions like:

  • Who actually holds the rights to my app?
  • Where do copyrights come into play?
  • Who gets to use my app?
  • How much access do they have to the code?
  • Do I need to have a contract with my users?
  • How does setting up an End-User License Agreement (EULA) help me accomplish certain things?
  • Are these laws different in other countries than my own?

Get your freak on with copyrights

Now it’s time to meet Peeter (a highly popular name in Estonia), an ever-so-clever software developer from Eastern Europe. Peeter has just squeezed together a wonderful new piece of software — his very own home-grown version of the good old Tower Defense game, which he quite ambitiously calls “Roar of the Malicious Dragons”. (Since this is homegrown, there was no graphic designer available).

And now Peeter is all set to start making millions from it… or maybe not quite millions, but at the very least he’d like to stay in the driver’s seat of his cool game’s future. Easy, right? Well….

What should a software developer do now?

Unfortunately, Peeter’s just a developer, not a lawyer… so how on earth would he know how this should be played out legally? He has heard that software has “copyrights”, and might have “licenses” somewhere… but still, he is not feeling very comfortable with all this stuff. So what’s exactly going on here?

The thing is, after Peeter’s masterpiece is finished, it has become a copyrighted work and Peeter is the owner of the copyright. This all happens automatically and according to the law. Also, you don’t need to worry much about living in different countries with different national laws – copyright law has been highly standardized internationally. In other words, Peeter is the boss to decide about the future of his dragon madness game.

Obviously, he doesn’t want to just sit on his creation, he wants people to play it. He’ll zip it together, upload it to a public web server and post the link to Reddit… all good?

Well… not exactly. Peeter has not made a single statement about how people are allowed to use his copyrighted piece of software. A lot of people might indeed whistle at its incredible innovation, download and start gaming. These people are either a) not very educated about copyright, b) realistic about the very tiny chance of Peeter ever catching them for unlicensed software use (also a valid point), or c) simply don’t give a darn. All these approaches are very possible. Anyway, lets look at the proper way to handle this.

The default copyright situation with no licensing statements or agreements is approximately this: author holds all the rights, nobody else can do anything with the work (minor exceptions from this do exist).

So, a better way for Peeter to proceed if he wants people to have a nice legal way to defend the towers from dragons is to distribute his work with a license in it, or to be more exact, an offer to conclude a contract which would grant the user a license to play Peeter’s game.

How did a contract suddenly come into this?

The common-sense understanding of a contract usually involves having a piece of paper with the agreement text printed onto it, and then the two parties of the contract giving their signatures onto that paper as an expression of their agreement to the terms printed on that paper, thus concluding the contract and giving it legal power.

More knowledgeable folks have heard statements like “contracts can also be oral”, etc. Anyhow, downloading a piece of software from the internet, installing it on my desktop and starting to use it falls quite far from this imagination of contracts. Yet you should understand that by installing something, you usually engage into a contractual relationship as well. How come?

Actually, contract law theory has never said that the formation of a contract should involve somebody signing somewhere. In fact, it focuses on the intention of the parties (the meeting of minds) to conclude the contract and be legally bound by its terms. If the intention was there, the contract has (usually) been formed. Intention can either be directly expressed (by signing some paper or filing an order), or be implied from the behavior of the parties (“an implied contract”).

A classic example for the latter would be a guy standing next to the cash register in the groceries store, a can of beer in one hand and the exact money in the other. If he hands over the money and walks away with beer, a sales contract has obviously been formed.

Entering into a contract by installing Skype on your computer and starting to use it follows the same pattern. It is a widely known that installation of any piece of software involves clicking “Yes” or “Accept” buttons several times. It is a bit less known that one of those clicks was actually your acceptance to engage into a legally binding contract with the vendor (a “clickthrough” agreement) – one with exactly the same legal effect as if you signed it in ink.

What is less known is that even when you download a software archive that is just zipped together with no installer and you don’t click any “Accept” buttons anywhere (lets say it is a reusable software library like Log4j), having a file like “LICENSE.txt” inside that zip might still mean that by using the lib, you have entered into a contract.

The courts would explain it with legal language like “in the field of software industry, it is a well-established custom to package the license offer inside the software archive, and the end-user must know to look for it and decide if he/she accepts it before using the software”. In other words: you know having such a license file is typical, and you know you should look for it, so if you didn’t then that’s your problem (please pay $250,000 ;-)

EULAs

The contracts that place terms on the use of a piece of software, typically somehow embedded inside the software distribution, are called end-user license agreements, or shortly just EULAs. The main mission of a EULA is to bind an end-user like Peeter with a valid contract, granting him some rights to use the software (remember: he had no rights previously), and at the same time potentially place some terms and conditions on his usage of the software.

Common things to be regulated within EULAs include:

  • Limitation of liability of the software vendor
  • Disclaimer of warranties
  • Choice of law applicable to that contractual relationship
  • Venue for possible disputes, and so on.

Almost anybody from the software industry is at least briefly aware of the open-source software and the open-sources licenses (Apache 2.0, GPL, LGPL, etc).

What these “licenses” really are is standard, ready-made, universal EULA templates. A good thing about them is that somebody (with some legal background, hopefully) has already thought them through. Also, you can find a lot of meta-information about them on the web, describing their pros and cons in language understandable also for a non-lawyer.

These open-source license templates sound like a very good place for Peeter to start. He is not very picky about the legal details…he isn’t looking to get rich, but increasing the RAM on his machine would be a nice thing to get out of his hobby-project in the end of the day. He reads an article on Wikipedia comparing various open-source licenses for 7 minutes, and decides he is good to go with the Apache2 license, although with slight modifications.

The Customizations

Peeter is not a greedy man, besides, he is a realist: who is going to pay him for a tiny bit of computer software anyway?

But Peeter has his own little crusade that he insists bringing into play – his extreme dislike for Microsoft and Windows. He takes the Apache2 EULA template and modifies it slightly to include his zealous agenda. He embeds the outcome into the distribution of “Roar of the Malicious Dragons” as a file called “License.txt” in a very visible place, and makes the installation wizard display the following notice:

Had Peeter just placed his funny-looking term somewhere deep inside his EULA and not made it stand out clearly and proudly, there would be a good chance to argue back language like “this is an unfair standard term, as this is too surprising to be included in the non-negotiable standard terms” and blah blah, questioning the effectiveness of that term. But given the very clear way Peeter has notified it, there’s not much to argue.

This should serve as a warning how a software EULA can create valid legal rights and duties like any other contract can. So be warned! Read the EULAs, unless you completely trust the vendor not to include any surprises, and use a well-tailored EULA yourself to retain precise control of your intellectual property.

The Regrets

A few months later, Peeter’s game has turned into a real hit. Millions of gamers, thousands of addicts. This makes Peeter wonder… is giving it away for free actually reasonable, while himself still eating out at McDonald’s and living with his mother? Hardly!

Well, Peeter, tough luck. After making this work available with a license offering unpaid use for unlimited time for anybody, there’s no going back. The first distribution together with the free license offer is going around (100% legally) in ways which Peeter cannot control nor prevent, thus it is also unimaginable how he could revoke his original offer. He should have read an article about this that would encourage him to think it through in the very beginning!

TLDR: What should you take away from this?

It’s really easy to end up shooting yourself in the foot before the race even starts if you don’t consider some simple protective measures regarding copyrights, licensing and EULAs. Basically, just keep these things in mind:

  • Any software is a copyrighted work; copyright protection is automatic.
  • EULAs are perfectly valid legal contracts, concluded by the behavior of the user (e.g. by clicking through the license).
  • Open-source software licenses like Apache2 are also actually nothing more than just EULAs.
  • Licensing policy might not be possible to change after the initial release! It’s easy to go from restrictive to more liberal, but often impossible to go in the other direction.

I don’t hold regular office hours, but you can reach me at sander@zeroturnaround.com if you have any questions. And please leave comments below :-)

  • Martyr2

    Hey thanks for the simple explanation. It answered a lot of questions I had. One thing you might include for a future post is your rights when you are working for a company and create something. From what I understand you have no rights to anything you create for a company using their resources and if they are paying for your time. I don’t know if you have run across anything about that during your research.

  • Sander

    Thanks for the comment and a nice idea!

    The question of who (by default) owns the rights for works created during working hours at your employer, is probably far more dependent on the particular country we are talking about. For example, in Estonia, this situation has a specific regulation in our copyrights law saying that for works created by the employee, the default owner of rights is the employer.

    Anyway, any law in this situation can only establish the *default* owner of rights, given that the contractual relationship does not override it with something more specific. If you are working as a software developer, or doing any other job which’s outcome is mostly intellectual property, you can be quite sure that this *IS* overridden in your employment contract, and that according to your contract, all rights belong to the employer. Out of the general regulation in the national law and the regulation in your individual contract, the terms in your contract would surely win in this situation.

  • Da

    Brilliant article, thank you very much!