Procurement to source disclosure: compliance best practices
By Denver Gingerich

The best way to ensure copyleft compliance within your organization is to ensure every department is committed to holding up their end of the copyleft bargain. Doing so requires coordination between teams, but is not difficult if you have the right procedures in place. We'll discuss ways to make this happen, as well as some of the commonly ignored areas to which one should pay special attention.

Monday 11:40 a.m.–12:10 p.m.

Complying with the terms of each free software license that a company uses is crucial. But sometimes doing so can be a challenge, especially if not everyone is on the same page. Ensuring that people at each stage of the process are aware of the license obligations and ensuring the obligations are followed are key to delivering properly compliant software to your customers.

In this session, we will describe concrete ways that software using copyleft licenses can be properly vetted and delivered. We will offer tips on what to watch out for at each step of a company's distribution chain to ensure the company's license compliance obligations can be achieved from the time that free and open source software first enters the company (whether that be from a third-party supplier, or from a developer pulling code from GitHub) until it is distributed to or used to provide a service to a customer.

Denver Gingerich

Denver is the FLOSS License Compliance Engineer at Software Freedom Conservancy, managing the technical side of Conservancy's compliance work part-time, triaging new reports and verifying complete corresponding source (CCS). Denver is also the founder and lead developer of JMP, a free-as-in-freedom chat gateway that lets you text and call people using a real phone number without a phone. His roles elsewhere have recently included financial trading software development on Linux and previously involved writing system software for hardware companies, including Linux driver writing at ATI (now AMD) and Qualcomm. Denver also writes free software in his spare time, with patches accepted into Wine, Linux, and GNU wdiff.