How to Navigate the Open Source Legal Maze: Linux Encryption and Export Compliance Regulations
The percentage of open source software (OSS) in commercial software solutions is growing rapidly, but the legal maze for releasing and exporting these products is still as intricate as it was 25 years ago.
Although the export regulation and licensing area is given less attention, it continues to grow in importance. Different governments have different regulations for software; what's universal is that export regulations center on the use of encryption software. Yet it is often difficult to answer questions about the existence or use of encryption software for OSS that a developer uses (but did not write).
Attendees will learn:
- Best practices to identify encryption in software
- Effective license compliance processes and Open Chain Specifications
- How to avoid license compliance mistakes
- Open source tools that can assist with creating IP and export compliance reports
- Developing and maintaining an export management and compliance program
Davide Ricci, Director of Product Management, Open Source Platform Marketing, Wind River
Davide has a strong technical and business background built in over 10+ years of experience in open source software for devices and the IoT industry. He currently runs the Open Source Platforms Product Management team, leading a globally distributed international product management and engineering team through product definition, product vision, product direction, and execution. He is a big believer that great open source technology sparks innovation, and that technology must always foster the right ecosystem in order to drive industry success.
Mark Gisi, Senior Intellectual Property Manager, Wind River Systems
Mark Gisi has been responsible for managing Open Source policies, processes and programs for the past 10 years. Mark has extensive experience managing the use of open source software to both maximize ROI and mitigate risk. That includes managing Open source software to go beyond reducing costs such as: accelerating innovation; fostering internal code sharing and reuse; accelerating product adoption; obtaining ROI on strategically positioned open source projects; strengthening an organization's brand; and facilitating the attraction/retention of highly skilled technical staff. Mark is a key contributor to the Linux Foundation's SPDX and Open Chain projects. Mark holds a MS degree in Computer Science and a BS degree in Math.