Full rewrite of the new M&A compliance section.
Again, upon careful reading of the pasted text, it was clearly not as useful as it first appeared, and is in fact somewhat misleading. This rewrite does a better job explaining the necessary focus required for an M&A situation. The section could use some work, but generally speaking IMO this new does a better job than both the pasted text and other texts on the issues I've read elsewhere.
This commit is contained in:
Bradley M. Kuhn
parent
fed5eac075
commit
5bc647b591
1 changed files with 36 additions and 15 deletions
|
|
@ -1309,26 +1309,47 @@ must ensure that CCS is correct and adequate yourself. Good vendors should
|
||||||
help you do this, and make it easy. If those vendors cannot, pick a
|
help you do this, and make it easy. If those vendors cannot, pick a
|
||||||
different vendor before proceeding with the product.
|
different vendor before proceeding with the product.
|
||||||
|
|
||||||
% FIXME-URGENT: Needs a new section
|
\section{Mergers and Acquisitions}
|
||||||
% \section{Mergers and Acquisitions}
|
|
||||||
|
|
||||||
[GPLv3] Section 10 also clarifies that in business acquisitions, whether by
|
Often, larger companies often encounter copyleft licensing during a Mergers
|
||||||
|
and Acquisitions (M\&A) process. Ultimately, a merger or acquisition causes
|
||||||
|
all of the other company's problems to become yours. Therefore, for most
|
||||||
|
concerns, the acquirer ``simply'' must apply the compliance analysis and
|
||||||
|
methodologies discussed earlier across the acquired company's entire product
|
||||||
|
line. Of course, this is not so simple, as such effort may be substantial,
|
||||||
|
but a well-defined process for compliance investigation means the required
|
||||||
|
work, while voluminous, is likely rote.
|
||||||
|
|
||||||
|
A few sections of GPL require careful attention and legal analysis to
|
||||||
|
determine the risk of acquisitions. Those handling M\&A issues should pay
|
||||||
|
particular attention to the requirements of GPLv2~\S7 and GPLv3~\S10--12 ---
|
||||||
|
focusing on how they relate to the acquired assets may be of particular
|
||||||
|
importance.
|
||||||
|
|
||||||
|
For example, GPLv3\S10 clarifies that in business acquisitions, whether by
|
||||||
sale of assets or transfers of control, the acquiring party is downstream
|
sale of assets or transfers of control, the acquiring party is downstream
|
||||||
from the party acquired. This results in new automatic downstream licenses
|
from the party acquired. This results in new automatic downstream licenses
|
||||||
from upstream copyright holders, licenses to all modifications made by the
|
from upstream copyright holders, licenses to all modifications made by the
|
||||||
acquired business, and rights to source code provisioning for the
|
acquired business, and rights to source code provisioning for the
|
||||||
now-downstream purchaser.
|
now-downstream purchaser. However, despite this aid given by explicit
|
||||||
|
language in GPLv3, acquirers must still confirm compliance by the acquired
|
||||||
|
(even if GPLv3\S10 does assert the the acquirers rights under GPL, that does
|
||||||
|
not help if the acquired is out of compliance altogether). Furthermore, for
|
||||||
|
fear of later reprisal by the acquirer if a GPL violation is later discovered
|
||||||
|
in the acquired's product line, the acquired may need to seek a waiver and
|
||||||
|
release of from additional damages beyond a requirement to comply fully (and
|
||||||
|
a promise of rights restoration) if a GPL violation by the acquired is later
|
||||||
|
uncovered during completion of the acquisition or thereafter.
|
||||||
|
|
||||||
In our experience, the process whereby these matters are adjusted in most M\&A
|
Finally, other advice available regarding handling of GPL compliance in an
|
||||||
situations are ludicrously expensive and inefficient. A simple waiver and
|
M\&A situation tends to ignore the most important issue: most essential
|
||||||
release of all claims to GPL compliance against the purchased entity by the
|
copylefted software is not wholly copyrighted by the entities involved in the
|
||||||
purchaser, issued before closure, removes the problem. If the purchasing
|
M\&A transaction. Therefore, copyleft obligations likely reach out to the
|
||||||
entity has adequate software governance systems in place, all software
|
customers of all entities involved, as well as to the original copyright
|
||||||
acquired in the course of the entity transaction is input to the standard
|
holders of the copylefted work. As such, notwithstanding the two paragraphs
|
||||||
governance processes for acquired software, and downstream compliance by the
|
in GPLv3\S10, the entities involved in M\&A should read the copyleft licenses
|
||||||
new merged entity is automatically handled.
|
through the lens of third parties whose software freedom rights under those
|
||||||
|
licenses are of equal importance to then entities inside the transaction.
|
||||||
%FIXME-URGENT: END
|
|
||||||
|
|
||||||
\section{User Products and Installation Information}
|
\section{User Products and Installation Information}
|
||||||
\label{user-products}
|
\label{user-products}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue