"SCO holds the rights to the UNIX operating system software originally licensed by AT&T to approximately 6,000 companies and institutions worldwide....

In recent years, a UNIX-like operating system has emerged and has been distributed in the enterprise marketplace by various software vendors. This system is called Linux. We believe that Linux is, in material part, an unauthorized derivative of UNIX....

Commercial software is built by carefully selected and screened teams of programmers working to build proprietary, secure software. This process is designed to monitor the security and ownership of intellectual property rights associated with the code.

By contrast, much of Linux has been built from contributions by numerous unrelated and unknown software developers, each contributing a small section of code. There is no mechanism inherent in the Linux development process to assure that intellectual property rights, confidentiality or security are protected. The Linux process does not prevent inclusion of code that has been stolen outright, or developed by improper use of proprietary methods and concepts....

As a consequence of Linux’s unrestricted authoring process, it is not surprising that Linux distributors do not warrant the legal integrity of the Linux code provided to customers. Therefore legal liability that may arise from the Linux development process may also rest with the end user.

We believe that Linux infringes on our UNIX intellectual property and other rights. We intend to aggressively protect and enforce these rights.

SCO's letter to commercial Linux customers, May 12, 2003

IBM says:

"SCO devised a scheme to profit from the UNIX rights that it acquired from Original SCO, though UNIX was in no way developed by SCO. Although most, if not all, of the UNIX technology that SCO purports to own is generally known, available without restriction to the general public or readily ascertainable by proper means, SCO undertook to create fear, uncertainty and doubt in the marketplace in regard to SCO's rights in and to that technology.

 Recognizing that there is little value in its UNIX rights, SCO did not limit its scheme to that technology, rather, SCO devised and executed a plan to create the false perception that SCO holds rights to UNIX that permit it to control not only all UNIX technology, but also Linux — including those aspects generated through the independent hard work and creativity of thousands of other developers and long distributed by SCO itself under the GPL.

SCO undertook to carry out its scheme by, among other things, (a) bringing baseless legal claims against IBM and threatening to sue other companies and individuals, (b) conducting a far-reaching publicity campaign to create the false and/or unsubstantiated impression that SCO has rights to UNIX and Linux that it does not have and that IBM and others have violated SCO's rights and (c) otherwise seeking to condition the market to believe that SCO has rights to UNIX and Linux that it does not have and cannot properly enforce"

IBM's counterclaim filed in the United States District Court for the district of Utah, Aug. 6, 2003
 

So goes the brief filed by IBM as a counterclaim to SCO in the United States District Court for the District of Utah on August 6, 2003. And meanwhile nothing much changes. Headlines tell a seemingly never-ending story of noisy claims and counterclaims: "SCO’s owns Unix"; "Unix code can be found in the Linux kernel"; "The title to Unix copyrights and patents remains with Novell;" and now, "SCO has violated the GPL." 

The battle of words and lawsuits has escalated unabated, month after month, and everyone by now has caught wind of accusations and denials. The brouhaha took center stage when the SCO Group started suing IBM earlier this year for $1 billion, which then tripled to $3 billion. Then, Novell stepped into the fray. In June, Novell declared that SCO had no right to terminate IBM's UNIX License, which is perpetual and irrevocable. To make it "official," Novell exercised its retained rights to UNIX on June 12th by waiving and revoking any of SCO's purported rights to terminate IBM's license.

Still, what really sent the FUDometer spinning was a letter sent by SCO to executives of the Fortune 1000 and Global 500 companies warning them of the possibility of liability if they use Linux without taking out a license from SCO. At the same time, they began briefing analysts on the strength of their position vis à vis IBM.

While there are many analysts to be found now advising customers to just watch the carnival without worrying about ever being held responsible for using Linux without paying SCO, there are some respected names urging more than a modicum of caution. On this side of the spectrum is George Weiss of Gartner Group, who says, like it or not, SCO’s claims cannot be shrugged off just yet. In a FirstTake note issued in May, Weiss went against the grain of other analysts who openly doubted the SCO letters would have any effect, and said the best advice was for business people to minimize Linux in mission-critical systems until the merits of SCO’s claims or any resulting judgments become clear.

“If you plan large Linux deployments on the platform of Dell Computer, Hewlett-Packard, IBM, Sun Microsystems or other major vendor, seek a comprehensive support contract,” he went on to say. “IS organizations, with advice from their legal departments, should perform due diligence on Linux or other open source code (explore its source, integrity and any encumbrances) as a pre-requisite to adoption in the enterprise.”

Before one condemns Weiss for deepening the mud-pools of fear, uncertainty, and doubt, one has to look to the frontlines and ask some questions: How sure are executives about the licenses that govern the proper use of computer code at their company? Would it not be best if they sought legal confirmation that they were doing the right things with the chosen technologies? So from Helsinski to Wall Street, IT managers are laughing less and caring more about tapping their legal eagles for peace of mind on whether to take steps about Linux in their companies and better understand the legal implications of possible court decisions

Just last week, a poll of Open readers revealed that 3 out of 4 respondents believed that senior executives were falling victim to SCO's campaign. So don't be surprised that the GNU General Public License, which governs the Linux kernel, will be at the core of the continuing legal debates.

Mikko Välimäki, a partner in the Helsinki-based firm of Turre Legal Consulting, is a troubled witness to the fallout of FUD about Linux and the license that governs it, the GPL.  He finds an angst clouding the Linux scene in Europe as some companies are concerned about protecting themselves in the SCO firestorm. A specialist in computer and company law, Välimaki has written, spoken, and worked extensively with issues of copyright, Open Source business modeling, and licensing, including the GPL.

“One cannot deny that some businesses are now more reluctant,” says Välimaki. Because Turre Legal Consulting advises a number of technology clients whose business is based on GNU/Linux, and as the controversies grew, Turre decided this month to issue written advice over what the companies should do about SCO’s Linux warnings.

Välimäki says the decision was also the result of pressure by a number of companies relying on Turre’s counsel. Both Välimäki and other members of the firm decided that, any personal inclinations aside to spread SCO’s claims on bread and set them out for the cats, their personal views would need to be put aside as they had to engage in responsible advice for the business clients they serve. “If someone asks our business advice, we must be careful and deliver the facts,” he states. Their written statement is an attempt to enable a better understanding for companies using or distributing GNU/Linux systems.

They recommend not to buy any Linux IP licenses from SCO, but at the same time, Turre Legal Consulting recommends that companies recheck their licensing policies to make sure that no third-party code is used before its rights have been cleared. “Code clearing may require project auditing with a competent lawyer and updates to internal license usage policies,” they write.

“We urge companies to make individual judgment of possible legal risks and uncertainties before they engage in an important business activity which involves or depends on software under GPL or LGPL such as GNU/Linux operating system, GCC development tools or MySQL database. These risks must be evaluated in the event of due diligence, mergers, acquisitions and other financial transactions.”

What if 1, 5, or 60 CIOs decide to hold off on serious Linux deployments? What happens to deals they would have struck with systems integration people, independent software vendors, consultants, analysts, trainers, freelance programmers, making a living off their skills and expertise to drive the growth of business-ready Linux?

Bruce Perens is one Open Source evangelist who has thought about fallout: “SCO management also fails to grasp its liability for the harm it is causing to countless customers, developers and software projects involved in Linux,” he has written. “Their untruthful campaign caused the loss of sales and jobs, and damaged Linux companies and developers in a myriad of ways.”

Loss of jobs? Squashed business plans? Cancelled checks? Is this not the stuff of which redress is sought? What, we asked, would happen if the pendulum swung entirely against SCO? What if the courts were to decide that SCO’s threats and claims were frivolous? Would this be cause for legal retribution by angry businesses claiming their livelihoods were damaged by jobs lost, time wasted, or business deals wrecked?

“Highly unlikely but in principle it is possible,” answers Välimki. “I am more familiar with European legal systems, and in most western European countries whoever is liable for a harm must typically return the one who has suffered to the financial position held before any harm happened.” This would involve compensation, for example, from lost profits, he adds. That retribution is not won easily. “The problem is that you must prove—‘figures, please’—how much harm the other party has caused. In the United States, the system is more complicated, including punitive damages if a company abuses its market power.”

The issue of market-power abuse may just be the most serious chink in the SCO armor and IBM is going after it with a battle axe. Like Red Hat's pleading in Delaware to force SCO to disclose the details of the code that they claim has been copied, IBM too is concerned with SCO's refusal to declare precisely what is the offending code that is buried in the Linux kernel. IBM's counterclaim in the Federal District Court, however, raises the stakes for SCO to Homeric proportions:

Rather than particularize its allegations of misconduct by IBM and others, SCO has obfuscated and altered its claims to foster fear, uncertainty and doubt about its rights and the rights of others. In letters dated April 2, 2003, and May 5, 2003,... IBM expressly asked SCO to advise IBM as to what SCO contends IBM has done in violation of any of its agreements, and what SCO contends IBM should do to cure such violations. SCO refused. ...

 SCO has obfuscated its claims and has hidden its supposed evidence because the evidence does not demonstrate the breaches and violations that SCO has alleged. Moreover, key developers and influential leaders in the open-source community, including leaders of Linux kernel development, have stated publicly that they are prepared immediately to remove any allegedly offending material from the Linux kernel. Rather than permit remediation or mitigation of its alleged injuries (which are non-existent), SCO has declined to reveal the particulars of the alleged violations in order to artificially and improperly inflate the price of its stock.

Quicker than you can say multimedia Martha, IBM has begun to lay out issues for the SEC and—better yet—New York State Attorney General Eliot Spitzer. Along these lines, IBM's court document notes that:

SCO's campaign has not been limited to press releases and public interviews. SCO has also propagated falsehoods about its and IBM's rights in non-public meetings with analysts. SCO has solicited and participated in these meetings to misuse analysts to achieve wider dissemination of SCO's misleading message about UNIX, AIX and Linux and to damage IBM and the open-source movement.

Does this have SCO and its legal team at all worried? Appearances may be deceiving, but the public harangues are just beginning. Next week, "The glitz and glamour of fabulous Las Vegas" will be the venue for SCO Forum 2003. And apparently the world is not enough for this James Bond-themed view to a kill. Things explode with a special session dubbed "Got UNIX in your Linux? A Legal Overview" with David Boies and Mark J. Heise, partners,  Boies, Schiller & Flexner LLP, and Chris Sontag, Sr. VP, SCOsource Division, The SCO Group.

Perhaps this session should consider the question: Will that singular letter-writing campaign by SCO sent to 1,500 companies help kill Linux’s future in business, which has been showing real momentum, or will those letters help kill SCO’s chances to prosper as a business? Will the courts land on the side of a newly “legal” Linux with payments due to SCO, or will rulings be on the side of the license inspired by those who champion a collaborative development process and a covenant to modify and redistribute code in order to improve it?