Open Source Compliance and Due Diligence Group
Our open source software practice group provides your team with actionable, real-world advice. Our attorneys and paralegals, many of whom have experience as software developers, can tailor practical solutions for your open source related questions and concerns.
Open source software is being leveraged to an ever-greater extent as software development is pushed to move faster and with broader interoperability; statistics show that nearly every commercial codebase contains or relies on open source software. Whether brought into development environments in source code or binary format or through the use of APIs or as datasets, open source software can in many cases make up over 80% of a proprietary product’s code base by the time development is completed. The corresponding open source licenses present a set of requirements and obligations that is different from that of typical commercial licenses for software, including a risk of having to release your proprietary code under an open source license.
The potential issues presented by the interaction of open source and proprietary software are complex and require an approach that is both nuanced and pragmatic. For over 15 years, our open source group has been an industry leader in helping technology companies navigate these complex issues, including in the context of mergers and acquisitions (supporting both buy- and sell-sides of deals), investments and IPOs and have helped clients around the world to develop compliance programs and implement robust and practical open source strategies.
Some of Our Open Source-Related Legal Services
- Assist with creation and implementation of practical open source policies and procedures, including automating open source review and approval as much as possible
- Conduct open source and third-party software compliance review of code bases, whether for acquisition readiness, on-going operations or on the code of a target company during a transaction
- Develop diligence playbooks and plans for buyers and investors
- Prepare materials a seller will need to effectively navigate diligence
- Advise regarding open source contributions, strategic “open-sourcing” of software to achieve certain goals and review of contributor license agreements
- Help operationalize and identify the appropriate tooling for open source review and compliance, including software composition analysis and other code scanning and compliance tools
- Assist with remediation planning and execution, including negotiating with counterparties on your behalf
- Prepare notice and attribution files, schedules for transactions, and other disclosures
- Review use of third-party APIs and data sources
- Assist with OpenChain standard compliance and certification
- Provide guidance for highly nuanced use cases leveraging our technical depth and years of experience
Tony Decicco founded and oversees GTC Law Group’s open source compliance and due diligence practice consisting of attorneys and paralegals almost all of whom are former software developers. Tony has advised clients regarding the use of open source software since at least 2005 and frequently speaks on related topics. In addition, he has reviewed the results of literally thousands of code scans.
Tony’s clients range from start-ups to Fortune-100 companies. Given his extensive experience on both the buy and sell sides of mergers and acquisitions, patent purchases/sales and IP/technology licensing transactions, he is a trusted advisor to clients on all sides of the table. For acquirers and investors, a key strength is his ability to leverage this experience to quickly identify and assess IP-related risks. On the sell side, this experience translates to grooming clients and positioning IP assets to maximize value and minimize issues during rigorous due diligence.
Prior to joining GTC, Tony was a member of the IP & Technology, Internet & E-Commerce and M&A practice groups at Skadden, Arps, Slate, Meagher & Flom. Tony holds an Honors B.Sc. in Biochemistry from McMaster University, an M.A. in Economics and a J.D., both from the University of Toronto, where he was a law review editor.
Andrew Poling is a senior associate in GTC Law Group’s Open Source Compliance and Due Diligence practice. Since 2007, Andrew has advised clients, from boot-strapped startups to Fortune-100 companies, regarding the risks and use of open source software. He has extensive experience representing large, serial acquirers, and has also represented clients in numerous sell-side transactions. Over the course of these transactions, he has reviewed the results of hundreds of code scans. Andrew has also presented on open-source software licensing related topics around the Boston area.
Before law school, Andrew was a software developer and database architect for Custom Learning Designs, Inc., where he designed, developed and managed projects including e-learning websites, programs, and games. He holds a B.A. from Boston University in Computer Science and a J.D. from Northeastern University School of Law. Andrew is admitted to the Massachusetts Bar.
Stephen Pakan focuses on M&A due diligence and transactional matters. Steve spent his time prior to law school in the biotechnology field where he both performed bench laboratory work and software programming, including work on gene sequencing, genetic sequence design and microfluidic robotics. He has experience on both buy and sell sides of mergers and acquisitions and technology transactions, including for Fortune-100 companies. Steve has worked on open source software and data licensing and diligence related to artificial intelligence and machine learning. He also has experience in internal diligence readiness matters, including implementing several code scan related technology solutions.
Prior to joining to GTC, Steve was a project manager for Autonomy, Inc. and held internships at The Mathworks, Inc., Stratify, Inc., The Massachusetts Information & Technology Division, and the Suffolk Superior Court of Massachusetts. Prior to Law School, he was a research associate for Bayer Diagnostics, GlaxoSmithKline, and Codon Devices, where he contributed to the research and development of HIV genotyping, avian flu vaccinations, and directed gene synthesis. Steve holds a J.D. from Northeastern University School of Law and a B.S. in Biotechnology from Cornell University.
Leon has almost two decades of professional experience with open source software: at GTC Law Group for almost a decade, he has helped a range of clients from startups to Fortune-500 companies navigate the legal risks associated with the use of open source software in commercial products by crafting practical, real-world-applicable open source software policies, identifying risks through diligence, and guiding both sellers and buyers through various transactions (including mergers, acquisitions, investments, and divestitures).
Prior to this, he designed and developed patient data management systems, medical device software, and web applications for both startups and large multi-nationals.
Leon also speaks often on the topic of open source software, its increasingly important role in the world, and strategies for both consuming and creating open source software.
He holds a B.S. in Computer Science from Rochester Institute of Technology and a J.D. from Northeastern University School of Law. Leon is fluent in Russian.
Brad specializes in providing open source software-related advice, including risk identification and management strategies for businesses of all sizes. Prior to joining GTC, Brad was a managing attorney for Ford Motor Company, leading the open source software legal team advising the enterprise on risk mitigation strategies and license compliance company wide. Prior to Law School, Brad was a software developer for Omnivex Software. Brad holds a J.D. from the University of Detroit Mercy, an LL.B. from the University of Windsor, and a B.Sc. (Eng.) in Computer Engineering from Queen’s University.
Jason Lancaric joined GTC in 2013 and provides support to the M&A, Tech Transactions & Licensing and IP Strategy & Prosecution practices with a focus on IP due diligence support. Prior to joining GTC, his past work involved a mix of software development and TV/film production. He holds an Honors B.Sc. in Computer Science and a law clerk diploma.