FOSS Compliance - Complex Made Simple

Many organization and companies make use of Free and Open Source Software (FOSS) without following the license terms. In many cases, these orgnization and companies just don't know how to do it in practice. Therefore, in this track the related concerns and issues will be discussed, and the pratical steps and examples will be provided. This track will introduce the practical steps and core components how to comply with FOSS licenses.


An introduction from our hosts

Lucien C.H. Lin / 林誠夏, Shane Coughlan


08/12 09:30 - 09:35


Beginner / 入門

Open Source Licensing makes a Difference / 開源授權就是不一樣

Florence T.M. Ko 葛冬梅


08/12 09:35 - 10:10

漢語 / Mandarin Chinese

Beginner / 入門

任何想要了解開源授權,或者想要以符合授權條款規定來利用開源軟體的人。 / Anyone who wants to understand OSS licensing or to use OSS in compliance with license terms.

From its rise to becoming an indispensable part of many industries nowadays, Open Source Software (OSS) has only been developed for about 30 years. How come OSS can be developed so rapidely and spread so widely in this short time. Its licensing model, which is different from the past common software licensing model, plays an important role. This kind of licensing model allows users to copy, modify and distribute software directly, without asking the owner of a software for permission additionally. OSS can hence easily be modified and implemented in different industries. Speaker will accordingly introduce the characteristics of OSS licensing model and the related actual articles in OSS licenses. Besides, the commonly used OSS licenses and the differences between these licenses will also be talked about. This talk serves as the introduction of this track and will be held in Chinese so that the majority of audience can better understand the content of the talk and the following sessions.  / 開源軟體從崛起、受到矚目,再到目前許多產業已經不能沒有它的狀況,僅短短發展二、三十年,為什麼開源軟體的發展可以這麼快速?其中一個重要的原因就是它擁有不同於以往的授權模式。開源授權模式允許使用者可以直接重製、修改與散布軟體,而不需要再額外徵詢軟體所有權人的同意,開源軟體因此很容易被改進以及被運用到不同的地方。本場次因此將會介紹開源授權的特性,白話地說明其在授權條款上是如何被實際規定出來,同時也會簡介常見的開源授權條款,以及這些條款間的重大差異。本場次是這個議程軌的基礎導論,用以協助會眾了解接下來的議程內容,所以本場次會以中文進行。

Collaborative notes on HackMD

Software Supply Chain and OSS

Satoru Ueda


08/12 10:10 - 10:50


Beginner / 入門

Anyone who wants to use FOSS in compliance with license terms.

Modern software development projects are based on network of software module providers. The software providers will be:

  • Software platform (such as Operating System) providers
  • Middleware providers
  • Software development kit providers such as semiconductor vendors
  • Outsourcers of software development
  • ODM/OEM manufacturers

Some of those parties may be Open Source Software (OSS) development communities which will surely provide OSS. Some of them will also have possibilities to include OSS into their works. If some of them do not use OSS appropriately what will it become? In this session, we would like to consider the problem of software supply chain from view point of the appropriate use of OSS with some recommendations to the parties belonging to the supply chain.

Collaborative notes on HackMD

Understand and perform the FOSS compliance in a community-driven way / 採社群思維模式做好開源合規

Lucien C.H. Lin / 林誠夏


08/12 11:00 - 11:45

漢語 / Mandarin Chinese

Skilled / 中階

RD and in-house legal staff of ICT companies / 軟體研發人員及公司內部法務人員

The ICT administrative departments in Taiwan usually know little about "community", most of the managers are treating Free and Open Source Software in a traditional way as in IPR management, thus easily to miss and overlook the important part of the obligations under the FOSS licenses, especially the Copyleft ones such as GNU GPL and LGPL. In this session, the speaker shall try to share the observation and experience in the past 10 years about why the FOSS community spirit is proned to be neglected and how the most doable way is to tackle that in the real world practice. 2 to 5 case studying about misunderstanding of FOSS compliance shall be demonstrated, such as the gray line between Shareware and Free and Open Source Software, then the essential points and right ways to avoid and prevent the compliance issues will be communicated and introduced to the audience. / 在台灣,資通訊產業的管理部門對「社群營造」所知甚少,多數經理人以傳統模式來進行自由開源軟體的智財權管理,因為如此,部份重要的自由開源軟體授權義務性要求常容易被忽略與忽視。於此議程,講者將基於其過去 10 年的觀察與經驗,試著分享為何這些自由開源軟體的社群精神會容易被忽略,並且提出如何為實作上最可行的因應之道。2 至 5 個對自由開源軟體合規常見的實例誤解將會被展示說明,例如共享軟體與自由開源軟體之間的灰色區隔線,藉此來向聽眾傳達與介紹,其後避免及預防這些錯誤發生的重要要件及正確之道。

Collaborative notes on HackMD

From OpenChain to FOSSology - Compliance in 2018

Shane Coughlan


08/12 11:45 - 12:15


Skilled / 中階

Project contributors working in businesses

A shared understanding of process and rules is key to the success of open source success. Our global community represents many perspectives, many cultures and many jurisdictions. Approaches and tools have appeared to support a balance between flexibility and accuracy. This talk will explain practical open source compliance solutions for real world challenges. It will highlight a "stack" of compliance projects (OpenChain, SPDX, Reuse.Software, FOSSology, ScanCode, sw360) and explain how they work from high level (e.g OpenChain) to tooling (e.g FOSSology).

Collaborative notes on HackMD

Introduction of OpenChain Japan WG

Shinsuke Kato, Hiroyuki Fukuchi


08/12 13:15 - 14:00


Beginner / 入門

persons who are interested in OSS compliance

OpenChain Japan Work Group aims at fostering environment where engineers in Japan and Asia can appropriately use OSS. The goals of Japan WG are to promotes OSS compliance in Japan and Asia, to resolves issues peculiar to Japan, and to share information and store knowledge among members. This session introduces the overview and activities of Japan WG.

Collaborative notes on HackMD

OIN Linux 系統專利合作計畫



08/12 14:00 - 14:20

漢語 / Mandarin Chinese

Beginner / 入門


Open Invention Network, OIN, 是由 IBM, NEC, Philips, Sony, Redhat, Novell, Google, Toyota 所資助的非盈利性組織, 成立的目標在透過專利交互授權的方式,讓所有參與的成員在使用 Linux 系統免於專利侵權的困擾,以達成開放式創新。加入的成員,除了成員間在 Linux 系統的專利交互授權,還可以免費得到 OIN 所擁有超過一千三百個專利的授權。希望透過這次機會,介紹 OIN 組織和運作方式,讓更多台灣的開源朋友了解也加入我們。

Collaborative notes on HackMD

Different perspectives around compliance

Shane Coughlan


08/12 14:30 - 15:30


Skilled / 中階

Open Source developers in commercial entities

Panel Discussion - Open Source Compliance Today and Tomorrow

Host by Shane


  • Florence T.M. Ko 葛冬梅
  • Hiroyuki Fukuchi
  • Shinsuke Kato
  • Lucien C.H. Lin 林誠夏
  • Satoru Ueda
  • 黃鴻文

Collaborative notes on HackMD


