Android-powered smartphones have been creating quite a stir among the tech crowd lately -- and not necessarily the kind of buzz that Google was hoping for. Oracle sued Google for infringing several patents, and it also accused Google of copying Oracle's computer code, in violation of its copyrights. When a prominent blogger reported that he had found additional evidence that Google had copied Oracle's code, a flame war broke out. For example, this Engadget article reporting on the issue generated more than 750 comments, most of which brought more heat than light to the issue.
But there's more to this story than Google's "borrowing" of Oracle's intellectual property. The Android programming code is publicly available, and the increased attention has brought increased scrutiny. Recently, Ray Nimmer, a well-known copyright law professor, observed that there could also be a problem with the way Google used some key Linux software code, called kernel header files, to create a vitally important element of Android. In fact, the way that Google used these files creates a legal quandary for manufacturers of Android devices and many developers writing code and applications for those devices.
What did Google do this time?
Google built Android around Linux, which is an open source operating system licensed under the GNU General Public License version 2 (GPLv2). The GPLv2 is a "copyleft" license: it grants everyone the freedom to copy and modify the Linux code, but that freedom carries conditions, including the requirement that any modified software code and any works "based on" it must be made freely available to all. The very point of the GPLv2 is to make it impossible for anyone to take GPLv2-licensed code and make it private and proprietary.
Working with open source software thus demands careful attention to legal and technical details. I regularly advise clients on the proper use of open source software, and I understand well the difficulty of reusing code licensed under GPLv2, especially for developing proprietary software. I was therefore intrigued by Prof. Nimmer's explanation of the way Google had used the Linux kernel header files when it created Android.
The fact that Android is built on open-source Linux makes it attractive to many developers and users, but it presents some concerns for others. As Android has become more popular, clients have been increasingly interested in building applications that run on Android or even using the Android code in their own mobile devices. For many such clients, it is critical to their success that they can charge license fees for their products and keep their code secret to protect it from competitors. Google understood this, which is why it made Android available under the Apache Software License, a license that was much more business-friendly than the GPLv2.
But Prof. Nimmer's article raised questions about what Google had actually done, so I began to look at the Android code. What I found really surprised me: Google took a novel and quite aggressive approach to developing a key component of Android -- the Bionic Library. That library, a type of C Library, is used by all application developers who need to access the core functions of the Linux operating system. Google essentially copied hundreds of files of Linux code that were never meant to be used as is by application developers, "cleaned" those files using a non-standard and questionable technical process, and then declared that the code was no longer subject to the GPLv2, so that developers could use it without becoming subject to copyleft effect that would normally apply to GPLv2-licensed code taken from the Linux kernel.
Why does it matter?
My full analysis of the legal issues can be found here, but in short, I have serious doubts that Google's approach to the Bionic Library works under U.S. copyright law. At a minimum, Google has taken a significant gamble. While that may be fine for Google, because it knows about and understands the risks, many Android developers and device manufacturers are taking that same risk unknowingly. If Google is wrong, the repercussions are significant for the Android ecosystem: the manufacturers and developers working with Android would be incorporating GPLv2-licensed code into applications and components and taking on the copyleft obligations of that license.
What is potentially even more interesting is what happens if Google is right. If that is the case, Google has found a way to take Linux away from the open source community and privatize it. Perhaps the community believes it can rely on Google to "do no evil" with that kind of power, but can it rely on others to be so magnanimous?
This article provides information, not legal advice. The views expressed are my own individual views and should not be attributed to any clients.