Reviews run for a minimum of one week. The outcome of the review is decided on this date. This is the last day to make comments or ask questions about this review.
Open Source's success derives, in large measure, from reduction of friction at all stages of the development, testing and implementation cycle. One business activity still experiencing significant friction is the legal and contracting process involved in procurement and mergers and acquisition. Eclipse Cardinal seeks to lower this friction by applying open source community development and licensing models to core legal precedent texts, of particular relevance to organisations involved in open source development.
Eclipse Cardinal provides a set of template and precedent documents which act as a useful starting point for lawyers and contractors on a number of core legal topics, including procurement of software, and merger and acquisition (M&A) activities involving open source software.
The Eclipse Cardinal Program has identified areas where template and process documents would add value to legal processes involved in technology, specifically in the areas of procurement and M&A activities involving open source software.
The documents will be hosted in a git-based repository enabling open source development techniques and methodologies to be used. Anyone can raise issues with the documents, fork the documents (for example to create jurisdiction-specific versions of them), and issue pull/merge requests.
Release versions of the documents will be made available in markdown, docx and plain text formats, through a simple and clear web frontend, meaning that users who don’t wish to engage with the development process can easily access them directly. The liberal licensing model will allow unrestricted use, modification and re-distribution.
The initial set of documents was developed by Moorcrofts LLP, a law firm based near London, in England in association with Orcro Limited, an Open Source Consultancy, also based in the UK. Moorcrofts and Orcro are both OpenChain partner organisations (openchainproject.org) and have been working in that capacity to develop:-
1. a due diligence questionnaire and set of warranties for acquiring software from a developer using open source software; and
2. a due diligence questionnaire and set of warranties for use in M&A transactions involving a target which develops software using open source.
These will be hosted by the Eclipse Cardinal Program from day one. We also have a suite of documents drafted to facilitate the supply of services over the internet using microtransaction architectures, which have also been developed by specialist law firms in a number of jurisdictions worldwide. The roadmap includes the development of software intended to facilitate the drafting, assembly, storage and analysis of legal documents. For example, since drafting contracts shares many characteristics with writing software, we propose developing a module for the Eclipse IDE which facilitates this.
Due diligence and warranties for open source development: procurement and M&A
The open source procurement and M&A process has historically focussed on specific releases of supplied software (for example, by analysing the composition of that release, and reviewing the licences for each component within the release). This is becoming less and less effective as a means of analysing and determining compliance risk as software development moves to a CI/CD model (continuous integration/continuous deployment/development).
A much more effective approach is to focus the warranties on the development process itself, and the processes, policies and procedures which the developing organisation uses to manage that development process. An ISO standard, ISO5230:2020 (OpenChain) defines the characteristics that a development program must have in order to manage open source compliance risk effectively, and the standard lends itself to a framework both for due diligence, and for warranties, both in procurement and M&A. The beauty of this approach is that it does not require that the target is compliant with, or even aware of, ISO5230:2020 (but it does mean that applying the process to a compliant organisation is that much more straightforward).
The initial set of due diligence questions for procurement has been developed using the ISO5230 framework, with the input from many active members of the OpenChain project, and the procurement terms have themselves been adapted to form the M&A due diligence and warranty suite.
The Eclipse Foundation is a supporter of the OpenChain Project, and was the first open source foundation to announce that all foundation projects are required to be OpenChain compliant. With its long history of hosting successful open source projects covering bases from open content to open hardware (as well as open source software), it provides a respected and proven support and governance structure.
The existing materials are:
1. A set of procurement documents (representations and warranties) and a due diligence questionnaire developed by Moorcrofts LLP and Orcro Limited, copyright Moorcrofts LLP and Orcro Limited
2. A set of mergers and acquisitions precedent documents (representations and warranties) and a due diligence questionnaire developed by Moorcrofts LLP and Orcro Limited, copyright Moorcrofts LLP and Orcro Limited
Both Moorcrofts LLP and Orcro Limited and Moorcrofts LLP have consented to license all documentation and supporting materials to the public under any open source (OSD-compliant) licence, and also any version of CC-BY and CC0.
The initial set of M&A and procurement documents have been drafted by Moorcrofts LLP and Orcro Limited, taking care to ensure that they were "free-drafted" (i.e. without using the approach, common in professional legal drafting, of cutting and pasting from existing potentially copyright works, such as proprietary templates/precedents). This is intended to ensure that the rights in the documentation can be be freely licensed by Moorcrofts LLP and Orcro Limited under any non-exclusive licence without restriction.
We have undertaken an initial high level search of the trade mark "Eclipse Cardinal" in classes covering software and legal services and have not found any blocking issues to date.
Although the initial documentation for M&A and procurement is ready for immediate publication, we expect a slight lead time to prepare the hosting arrangements and initial project website. Given the imminent holiday season we would ideally like to see the project website and the document hosting ready for announcement at FOSDEM 2024 in Brussels (3rd & 4th February 2024)
As well as hosting the development of legal documentation, the Eclipse Cardinal Program seeks to create and develop software tools to assist with the drafting, assembly, integration, negotiation, storage and distribution of legal documents. The starting point will be a review of the Eclipse IDE, with a view to developing a module which leverages the similarity of legal drafting to writing software. (Both have rigid syntactic conventions, nesting, definitions and variables, cross-references, external references, keywords and operators: all of which can be recognised by the IDE, and used to provide assistance and error-mitigation to the drafter/developer).