The Software Freedom Law Center (SFLC), provider of pro-bono legal services to protect and advance Free and Open Source Software (FOSS), announced it has published a white paper on its position regarding alleged General Public License (GPL) violations in relation to the Sarbanes-Oxley Act (SOX).Some have recently argued that corporate executives face increased risk of criminal liability under the Sarbanes-Oxley Act of 2002 (SOX) if their companies develop and distribute code licensed under the GNU General Public License (GPL). The argument, as it has been made, raises significant concerns about SOX compliance, but it fails to clarify the scope and context of these points. We have reviewed these issues and, as discussed more fully below, there is in fact no special risk for developing GPL'd code under SOX. Under most circumstances, the risk posed to a company by SOX is not affected by whether they use GPL'd or any other type of software. Arguments to the contrary are pure anti-GPL FUD.

First, SOX only applies to companies that are required to file periodic reports with the Securities and Exchange Commission (SEC). This includes companies that have filed registration statements to offer securities to the public, companies that list their securities on stock exchanges or companies that register their shares and become subject to continuing SEC reporting requirements because they have more than $10 million in assets, 500 or more shareholders worldwide and, in the case of foreign private issuers, 300 or more shareholders resident in the United States. Other companies are not subject to SOX at all.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access