Click here to close now.


Linux Containers Authors: Derek Weeks, AppDynamics Blog, Elizabeth White, Liz McMillan, Dana Gardner

Related Topics: Linux Containers, Java IoT

Linux Containers: Article

i-Technology Viewpoint: Mark My Words - Trademarks and Open Source

i-Technology Viewpoint: Mark My Words - Trademarks and Open Source

In programmer heaven, all software is open source software. Solving problems is as easy as downloading the code you need - none of which comes with any nasty copyright baggage - and the only part you need to write for yourself is the coolest, most interesting algorithm, which compiles, runs, and works on the first try. Naturally, there aren't software patents in heaven, either: I don't think there are any patent examiners who could get through the pearly gates, do you?

When you get there though, I would think twice about using that little red hat logo.

Programmers, now politicized by the free software movement, spend a lot of time arguing about copyrights and patents - whether they're morally right or wrong and how widely they should be enforced. But they don't think much about trademarks. Trademarks, in a way, are the most bulletproof form of intellectual property: more effective than copyright, cheaper to enforce than patents.

What's in a Trademark?

Trademarks are really all about consumer protection. This is why trademark laws are so strong and the penalties for violating them can be so high. When you infringe a trademark, you're not just hurting the owner of the trademark, you're hurting all consumers, everywhere. There are two basic kinds of trademark infringement: passing off and reverse passing off. If you write your own operating system from scratch and call it Red Hat Linux, don't answer the doorbell. That's called "passing off" your goods as those of another - in this case a company with a valuable trademark and a strong reputation, whose lawyers will be paying you a visit.

If you take Red Hat Linux and repackage it unadulterated as God Bless You-nix, that's reverse passing off, or claiming another's product as your own. In each case, consumers are being fooled as to the source of what they are buying.

Trademarks in the Open Source World

All of this works pretty much as expected in a commercial setting. However, when it's combined with an open source software model, things get a bit, well, interesting. For instance, by definition, any open source software project lets you modify and distribute its software royalty-free. But most open source projects will be more conservative about letting you use their trademarks. Take a look at the policies for the use of the red hat, the GNOME footprint, the Debian swirl, or the Mozilla red lizard (, 2003-November/msg00098.html,, and, respectively). All of them impose some kind of criteria for products bearing the mark. These criteria range from quality, to interoperability, to the amount of open source code the product contains.

The most popular logo in the open source world, of course, is the penguin named "Tux." This trademark has not been managed with systematic trademark use policies. Consequently, the reputation and trademark strength associated with the mark are weak. The use of the penguin has provided fodder for plenty of amusement (see the discussion of the meaning and history of Tux on, but it is not consistently applied. The most common representation is the bowling-pin shaped tuxedo-marked cartoon bird designed by Larry Ewing, but even the average computer programmer, much more so than the average consumer, would be hard pressed to tell you exactly what product it represents. The only conditions for use of this logo are acknowledgment of the author of the logo - no conditions regarding the product on which it is placed. This type of condition is associated more with copyright than trademark.

There is, of course, a copyright in the appearance of any logo. But a logo that represents neither a source for products nor a level of quality for products is, in the end, not really a trademark. Tux is usually described by the software community as a mascot rather than a trademark, and that's probably closer to the truth.

"Linux," on the other hand, is a trademark registered by Linus Torvalds. The use of the Linux mark is policed by the Linux Mark Institute, The institute was created after a dispute over ownership of the trademark arose. This dispute arose because the mark was not being policed and was not registered - a state of affairs that allowed others to claim rights in it. Linux has been used more consistently than the Tux logo. However, some would argue that it's generic.

Confusion over what constitutes a "Linux" product is evidenced by the ubiquitous reexplanation of the difference between Linux and GNU/Linux.GNU describes a set of tools promulgated by the GNU Project. These tools are usually part of a product distribution that contains the Linux kernel. See Wikipedia's definition of "Linux": "Strictly, the name Linux refers only to the Linux kernel, but it is commonly used to describe entire Unix-like operating systems (also known as GNU/Linux) that are based on the Linux kernel and libraries and tools from the GNU project" (

We see that the open source business community handles the issue of passing off much as any other industry. They do the same for reverse passing off. Even the most noncommittal of open source agreements, the BSD license, contains an express statement limiting your right to use trademarks. For instance, the form of BSD license available on the Open Source Initiative Web site says: "Neither the name of the <ORGANIZATION> nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission." In other words, no trademark license. This might lead you to think that any organization granting such a license is not worrying about reverse passing off. Remember, though, that even the BSD license requires you to display appropriate copyright notices, and earlier versions contained the "advertising requirement" that became so unpopular and disused in the open source community.

There is a good reason for the similarities between trademarks in the open source world and in the rest of the business world. It's not because open source projects are trying to give with one hand and take away with the other. Trademark law is different from copyright or patent law. It is, loosely put, a "use it or lose it" regime. To be more accurate, it's a "use it correctly, or lose it" regime. This rule, in legalese, is called dilution or blurring. If you own a trademark, and you let others use it on their products without supervision, you will eventually lose your rights in it. The legal way of putting this is that a trademark owner must exercise quality control, or his trademark rights may be diluted to the point that his trademark rights are no longer enforceable. The hobby horse example here is "aspirin," once a trademark, now a generic designation with no trademark value.

While an open source license may give you complete freedom to modify and distribute code, it can never give you freedom to distribute modified code under the licensor's trademark, or the rights in the trademark will eventually evaporate - an event that will benefit no one. Remember that this is all about consumer protection. If consumers trusted Red Hat to distribute a robust, reliable product, and Red Hat let everyone use its name, consumers would no longer know if they could trust a product called "Red Hat." That's dilution in a nutshell.

When the Sky Fell

I know what you're thinking: I worry too much. If you think open source and trademarks can't collide, think again. Once upon a time, AT&T licensed Unix to lots of universities in source code form, and those universities openly shared improvements and adaptations of the code. Translation: Unix was very much like an open source product, though that phrase would not be coined for another 20 years. One of the recipients of Unix was the University of California at Berkeley, which modified Unix extensively, most notably developing networking code that made Unix work with TCP/IP-based networking products. Then AT&T stopped licensing the Unix source code, turned Unix into a proprietary product, and began charging high prices for licenses. Berkeley, responding to popular demand, began distributing its own version of Unix, called "Networking Release 1," under the BSD license. (To be precise, the facts were more complicated. Berkeley tried to engineer all of AT&T's copyrightable code out of the product. Whether they succeeded is a moot point, given the disposition of the lawsuit.)

A few versions later, Berkeley Software Design, Incorporated, was formed to distribute a commercially supported version of the Berkeley code. That product, sensibly, was known as BSD Unix. AT&T released its own, closed-source, version of Unix, System V. But BSDI was selling its open source product for 90% less. So AT&T sued BSDI, making both copyright and trademark claims. The court found that AT&T had lost its copyright interest in the Unix code used by Berkeley. The case was settled. Essentially, BSDI won. But BSDI promptly agreed to stop using the trademark Unix. (Once again, the facts were debated. Whether BSDI actually used the Unix trademark in an infringing way was disputed - and mooted by BSDI's agreement to cease using the mark.)

The moral of the story is that copyrights are fragile. They can be lost and engineered around. (It is not so easy to lose them today. AT&T lost its copyright under the pre-1978 rule, under which publication without copyright notice caused a work to fall into the public domain. This rule has changed; today, a positive statement ceding a work to the public domain is necessary to lose a copyright.) Patents, too, can be engineered around, and half of them are invalidated when their owner tries to enforce them. Patents, and to a lesser degree copyrights, can expire, but trademarks can last forever. Trademarks claims are often so fearsome that a defendant in a trademark infringement suit will give up without a fight. BSDI fought AT&T's copyright claims and won. It gave up the trademark battle with barely a squeak.

The sky fell once. Having to change brands in midstream is the business equivalent of the sky falling. A company's trademark is usually considered its most important and valuable piece of intellectual property. The conventional wisdom is that the single most valuable piece of intellectual property in the world is the trademark Coca-Cola - not the formula for the product, the trademark. Changing a trademark for a successful product can be more expensive and more damaging to the value of a business than reengineering the product. Part of this is a cautionary tale. Never assume that you can use a trademark with impunity, even when you have a license to use the copyrights that form the basis of the trademarked product. The open source projects that control the red hat, the footprint, and the lizard will not let you do that. They can't, because they are the custodians of those marks for the consumer's benefit.

The Next Battleground?

This is more than a cautionary tale; it's a peek into the realities behind how intellectual property works for open source in the business world. Ask anyone how to make money in the open source space and they will tell you roughly the same thing: services, support, and widget frosting. Are those things protected by copyright or patent? Maybe, maybe not. But they are definitely protected by trademark. Companies can, arguably, exercise even more control over their licensees via trademark than they can via copyright. Trademark owners can - and must - supervise all use of their marks. Supervision, however, is anathema to free software, which is premised on the ability to modify software freely, without supervision.

All this would not be so troubling, but the idea of officially sanctioned versions is, in a way, even more important in the open source world than it is elsewhere. In the open source world, reputation is everything.

Skeptics often ask what keeps open source code from forking infinitely. After all, everyone has the right to create his or her own version of open source code. To those familiar with open source, the answer is simple: people trust the official releases of open source code because of the reputation of the gatekeepers of the source tree. Remember, trademark is the same as reputation. Some forking has taken place in the open source world, and trademark battles have not ensued. But what if two factions wanted to release competing versions of Linux - or any other open source project? Which faction would get the right to designate their version with the trademark?

The day may come when those who determine the official versions of large open source projects like Linux will control one of the most valuable pieces of intellectual property in the world - its trademark. Is this the next intellectual property battle in the open source world? Many people are poised to fight a patent fight - but is anyone prepared for the havoc that a trademark fight could cause?

It's a distressing possibility. So distressing, that it makes me think perhaps there are no trademarks in programmer heaven. If there are, I suppose, the question is which one: cross, star, many-armed god? I think, with all due respect, these are all too valuable, too controversial, and too weighed down with historical baggage. I would bet on the only free one: the penguin.

The author's professional bio can be viewed here.

More Stories By Heather Meeker

Heather Meeker is a shareholder at the Silicon Valley office of Greenberg Traurig, LLP, an international law firm well known for its intellectual property practice. She specializes in drafting and negotiating intellectual property transactions for software and other technology clients, with an emphasis on open source software. She is co-chair of the ABA committee to open source. Heather was a programmer/analyst before becoming an attorney.

Comments (6) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
Aldo Castaneda 11/17/04 07:50:11 PM EST

Ms. Meeker,

I appreciate your response to my comment.

I'm actually working on the "you need a lawyer to do it" part as I'm in my second year of law school.

As to brand "dilution." In your opinion does that concept apply equally to brands whose value arguably derives from trusted functionality and/or reliability (the code in this case) as it does to commercial consumer brands such as say Coke whose value dervies from consumer associations to more abstract lifestyle values which given their more subjective qualities are perhaps substantially more prone to dilution?

One more question if you'll indulge me (That makes two questions I suppose)?

Do you think the nexus of Open Source/Trademark/Financing is fertile ground for a law school thesis? If so is there a particular topic that you view as particularly timely?

Thank you.

Thank you.

-Aldo Castaneda

Heather Meeker 11/17/04 06:30:49 PM EST

Mr. Castaneda, thanks for your comment. It seems to me that the open source community has been, in general, quite tolerant of the development of brand value on open source projects. Most people who view open source as a viable business model would stress that branding is very important, and the way to develop a valuable business is by developing a valuable brand. If you are one of a "loosely assembled team of developers" working on an open source project, and you hope to create commercial value in the project, it's very worthwhile to put some time into mapping out a branding strategy -- whatever it may be. Licensing trademarks for profit is tricky, though. (It is one of those "don't do this at home" things -- you need lawyer help to do it.) You can leverage a brand, but only so much -- before it becomes diluted and loses its value.

I hope that helps, and thanks for reading the article.

Aldo Castaneda 11/17/04 12:42:59 PM EST

So given your conclusion with regard to the importance of trademark rights as to Open Source projects - Do you think that the early co-development of code along with trademarks is the key to unlocking the distributed economic potential in open source development?

In other words, can a loosely assembled team of developers open code gain financial leverage by selling rights to trademark usage and at the same time let the code be "free"?

Is trademark the goose that laid the Open Source Golden egg?

Seems it would not be too hard, assuming the release of an official version of code to figure out share ownership as a function of code developed. So that when trademark rights are licensed financial returns (this could be from speculative financing as well) could be distributed accordingly.

Is this already being done? Assuming this might work are problems around defining "share ownership" as a function of code contributed too subjective? Is valuation of the trademarket too nebulous? Would the "community" be adverse to this notion, as it is a for profit concept, albeit one that does't impede the end-user access to functionality?

Thank you 11/13/04 04:24:51 AM EST

Nice article. Hopefully the Groklaw community will enjoy this one too. Thank you Heaather!

Good Job! 11/13/04 04:16:09 AM EST

Great article to wake up to on a Saturday morning, thanks!

Good Job! 11/13/04 04:15:35 AM EST

Great article to wake up to on a Saturday morning, thanks!

@ThingsExpo Stories
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningful and actionable insights. In his session at @ThingsExpo, Paul Turner, Chief Marketing Officer at...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
We all know that data growth is exploding and storage budgets are shrinking. Instead of showing you charts on about how much data there is, in his General Session at 17th Cloud Expo, Scott Cleland, Senior Director of Product Marketing at HGST, showed how to capture all of your data in one place. After you have your data under control, you can then analyze it in one place, saving time and resources.
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, exploreed the current state of IoT connectivity and review key trends and technology requirements that will drive the Internet of Things from hype to reality.
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessions, I wanted to share some of my observations on emerging trends. As cyber security serves as a fou...
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now all corporate assets – people, objects, and spaces – can share information about themselves and thei...
Continuous processes around the development and deployment of applications are both impacted by -- and a benefit to -- the Internet of Things trend. To help better understand the relationship between DevOps and a plethora of new end-devices and data please welcome Gary Gruver, consultant, author and a former IT executive who has led many large-scale IT transformation projects, and John Jeremiah, Technology Evangelist at Hewlett Packard Enterprise (HPE), on Twitter at @j_jeremiah. The discussion is moderated by me, Dana Gardner, Principal Analyst at Interarbor Solutions.
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true change and transformation possible.
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound effect on the world, and what should we expect to see over the next couple of years.
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" in this scenario: microservice A (releases daily) depends on a couple of additions to backend B (re...
The cloud. Like a comic book superhero, there seems to be no problem it can’t fix or cost it can’t slash. Yet making the transition is not always easy and production environments are still largely on premise. Taking some practical and sensible steps to reduce risk can also help provide a basis for a successful cloud transition. A plethora of surveys from the likes of IDG and Gartner show that more than 70 percent of enterprises have deployed at least one or more cloud application or workload. Yet a closer inspection at the data reveals less than half of these cloud projects involve production...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Carter, IBM General Manager Cloud Ecosystem and Developers, and a Social Business Evangelist, wil...
PubNub has announced the release of BLOCKS, a set of customizable microservices that give developers a simple way to add code and deploy features for realtime apps.PubNub BLOCKS executes business logic directly on the data streaming through PubNub’s network without splitting it off to an intermediary server controlled by the customer. This revolutionary approach streamlines app development, reduces endpoint-to-endpoint latency, and allows apps to better leverage the enormous scalability of PubNub’s Data Stream Network.
Container technology is shaping the future of DevOps and it’s also changing the way organizations think about application development. With the rise of mobile applications in the enterprise, businesses are abandoning year-long development cycles and embracing technologies that enable rapid development and continuous deployment of apps. In his session at DevOps Summit, Kurt Collins, Developer Evangelist at, examined how Docker has evolved into a highly effective tool for application delivery by allowing increasingly popular Mobile Backend-as-a-Service (mBaaS) platforms to quickly crea...
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk was on IBM Cloudant, Apache CouchDB, and ...
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi’s VP Business Development and Engineering, explored the IoT cloud-based platform technologies driving this change including privacy controls, data transparency and integration of real time context with p...
I recently attended and was a speaker at the 4th International Internet of @ThingsExpo at the Santa Clara Convention Center. I also had the opportunity to attend this event last year and I wrote a blog from that show talking about how the “Enterprise Impact of IoT” was a key theme of last year’s show. I was curious to see if the same theme would still resonate 365 days later and what, if any, changes I would see in the content presented.
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical to maintaining positive ROI. Raxak Protect is an automated security compliance SaaS platform and ma...