OSBC 2010 - Highlights - Day 2

Day 2 of the 2010 OSBC again had several interesting sessions, including some insightful legal sessions.

A. Maximizing the Value of an Open Source Business

If you are looking for a nuts and bolts "how to" session on building an open source business from the ground up, this is the type of session you need to attend. Benchmark Capital's Rob Beardon made it through only half his presentation on "Tactics and Metrics for Scaling an Open Source Business" because of the volume of audience participation. Beardon, along with assistance from Zack Urlocker (former MySQL VP) and other open source veterans in the audience, sketched the following blueprint:

Guiding Principle: the value of an open source business is directly proportional to the size of the community and the company's ability to influence and monetize it.

Key Areas:

1. Foundation - every open source business must start with the following attributes to be successful:

• Technology - must add value by solving a customer's problem
  
• Community - must attract the best in the field with the promise of innovation and disruption
  
• Business Model - choose between the "owner/builder" (innovation) and packager/distributor (commoditization) models
  

2. Tactics - position for rapid scalability with viral awareness, then generating adoption, THEN sales

3. Metrics - traditional metrics are not relevant. State of the art is to measure web traffic, customer acquisition percentage and lead nurturing tools

A successful open source business will be able to create a "closed loop demand management" workflow that fuels growth. It is important to note that this methodology is not much different that standard "Entrepreneur 101" tactics, but is highly tuned to the particular needs of an open source business with a goal of a liquidation event for its VC vendors.

B. Legal Matters in Open Source
I attended several legal sessions on Day 2 as well. I won't recount all the details of the discussions, but here are some of the most interesting points:

1. GPL Enforcement. Karen Sandler, General Counsel of the Software Freedom Law Center, gave a thorough review of common open source software license incompatibility. Of note was her helpful clarification on the requirements of the GPL (Sec. 3 of v2, Sec. 6 of v3). In particular, she confirmed that the common practice of including only a download link to source code is not enough to satisfy the "written offer" requirement of the GPL. However, she also emphasized that a download link might be enough for all practical purposes as long as it is relatively easy to find the source code. This is true at least for the SFLC, which is more interested in software freedom than litigation. This is likely a relief for many developers that try their best to comply, even when the details often elude them.

2. Best Practices. Virginia Tsai Badenhope of Big Fix provided some great pointers in her session on how to handle open source within an organization. Her comprehensive checklist consisted of 5 categories:

• Inventory and assess usage of open source
• Comply with terms of open source licenses
• Implement an open source policy to whatever degree necessary to meet the business needs
• Update outbound licenses to ensure they reflect the use of open source
• Update inbound licenses to ensure suppliers make proper representations and warranties for open source

The details under each of these categories will vary depending on the company and particular circumstances, but it is critical to have a set of procedures in place to ensure nothing slips through the cracks.

3. Affero GPL. In his session on Open Source Litigation, Catalin Cosovanu from Wilson Sonsini primarily discussed litigation on enforcement of the GPLv2, but audience questions quickly transformed the discussion into the legalities of the Affero GPLv3. For example, the lack of definitive caselaw on the meaning of "distribution" under the traditional v2 means that the more comprehensive notion of "conveyance" under the could trigger more legal claims and lead to more uncertainty, particularly in the Affero network context. The network terms of Affero also make the notion of "corresponding source code" more ambiguous, particularly in a cloud environment. Finally, even simple questions like "where should the written offer appear?" are not as simple in the Affero context.

OSBC 2010 - Highlights - Day 1

For the third year in a row, I attended to Open Source Business Conference. Though I missed the morning keynotes, Day 1 was very enjoyable. I saw old acquaintances, met new ones and heard some insightful discussions on open source, the cloud and more. The unofficial themes of the day can be summarized as follows:

OSbc -> osBc -> Cloud -> Data

I use this shorthand to mean that the "open source" discussion has evolved from an emphasis on what open source means to software development; to an emphasis on the business opportunities open source provides; to open source as a critical element of the cloud movement and the next step in evolution of open technology; and, finally, to the principal that control of data will ultimately determine success in the cloud, further evolve technology and challenge the "open" movement.

I attended 3 sessions: a panel on the future of open source success, a discussion of Oracle's use of and participation in open sourece (note - I now work for Oracle), and Tim O'Reilly's future-focused closing keynote. Here are what I found to be the most interesting messages:

A. Open source solutions are commonly accepted by paying customers.

This theme came up in multiple contexts. Many open source products are widely used in the end user and enterprise IT environments. Many are also making significant profits. Customers seek open source for the quality of the products and the ability of open source to provide solutions that other vendors are not addressing. Cost savings is no longer the main benefit sought.

B. Open source continues to drive innovation.

Many software and business categories are still highly susceptible to the disruptive impact of open source alternatives. Open source has also impacted how software companies think about the sales and marketing processes. It cuts the cost of sales by removing the need to engage customers until they decide the software is valuable. Also, the high volume nature of many open source businesses has forced companies to design more efficient lead scoring and other sales processes.

C. However, open source might be approaching its limits.

The success of open source in the high volume, commodity sales model in open source might not be duplicated in other contexts. Also, implementations of so many value-add models over the years indicate how hard it is to identify the right balance between free and paid offerings. Each open source offering must monetize the unique solution it provides to customer problems, and support alone almost certainly will not be enough.

Possibly the biggest indication of the limits of open source is the dearth of public "pure" open source companies like Red Hat. Large companies have steadily acquired many of the most prominent open source companies and projects. While this is not necessarily bad for open source, it means that the impact of pure open source has been diluted throughout the industry instead of concentrating the potentially disruptive power.

D. The cloud is the natural evolution of the open source revolution, and is more transformative than open source.

Open source is likely the precursor to a much larger disruptive force - the cloud. Both the technology and spirit of the open source movement are critical to innovations in cloud technology. Cloud technology is already changing the way we look at operating systems and application stacks.

E. The cloud is important but still has significant limits - data ownership and control.

Companies that control the cloud infrastructure likely have limited commercial opportunities. Much like the experience of telco equipment providers, once the technology is deployed, few customers remain. By contrast, those companies that control how data is used within the cloud have great flexibility in providing compelling business offerings.

F. Rights and obligations concerning data will be the critical issue to address.

Tim O'Reilly illustrated the point best by asking whether we (the public) want a single company (like Google) controlling all our data. Everything from restaurant reviews to personal health records could be held by a single party that has its own ideas on how to use such information - good or bad. O'Reilly further emphasized the potential impact by highlighting the trend toward devices that contain sensors and wirelessly stream the resulting data to the cloud. The stakes are likely higher for data held by governments and the open source methodology could drive openness in this context.

G. Several companies and technologies were named as ones to watch.

1. VMWare - VM Ware has a chance to build an entire stack from operating system to applications, which might be a serious threat to Microsoft.

2. Red Hat - as the most prominent pure public open source company, the community had high expectations that the company would serve as a hub to aggregate an open source stack. Many believe Red Hat missed its opportunity to do so.

3. Google - Google has the unique ability to easily and efficiently integrate open source, cloud technology, and data

4. Opscode - provider of open source datacenter configuration management and infrastructure framework tools

5. Gluster - provider of open source data storage and management solutions

6. Erply - online solution for running an online business including everything from invoicing to relation management; great for open source startups looking for low-cost, powerful business solutions

7. Pentaho - rapidly growing open source business intelligence solution

8. Eucalyptus - open source "Infrastructure as a Service" cloud solution