pages tagged defensivePublicationshroy.euhttps://hroy.eu/tags/defensivePublications/hroy.euikiwiki2023-10-30T21:03:18ZNew defensive publication from ownCloud: file syncing encryptionhttps://hroy.eu/posts/owncloud-encryption-defpub/2023-10-30T21:03:18Z2014-10-21T15:18:22Z
Announcing the first defensive publication from ownCloud<hr><br><p>Last month, I worked with Björn Schießle on ownCloud’s first
defensive publication. This one covers ownCloud’s encryption system.</p>
<p>The challenge is that ownCloud is a free software server for file
syncing and file sharing, and you can connect it to different storage
backends. However, you don’t necessarily want these storage providers to
access data unencrypted.</p>
<p>Thus, being able to use encryption to protect user data is paramount,
but not trivial. Users of local encryption tools such as GnuPG will know
that.</p>
<p>Fortunately, ownCloud has offered an <a
href="https://github.com/owncloud/core/tree/master/apps/files_encryption">encryption
system</a> for <a
href="http://blog.schiessle.org/2013/05/28/introduction-to-the-new-owncloud-encryption-app/">more
than a year</a>.</p>
<p>The source of their defensive publication is available <a
href="https://github.com/linuxdefenders/owncloud-encryption/">on Linux
Defenders’ repositories</a>. In order to make it, I started working from
Björn’s <a
href="http://blog.schiessle.org/2013/05/28/introduction-to-the-new-owncloud-encryption-app/">blog
post</a>. It turns out that Björn already had documents describing their
encryption system which were used for internal purposes. They were very
useful to make figures and illustrate the publication. The point is that
making a defensive publication is not very difficult, most of the time,
pieces are already available and you just need to put them together and
to <a href="http://defensivepublications.org/">submit them to Linux
Defenders</a>.</p>
<p>Encryption for file syncing servers is an important feature worth
protecting from further patents, and that a lot of patents get applied
for about all sorts of “cloud” systems. Just publishing this as a <a
href="http://defensivepublications.org/">defensive publication</a> does
not cost anything, but its benefits are great: a defensive publication
is a statement of prior art that prevents everyone from being able to
exclude anyone to implement what the publication specifies. By
submitting it to the <a
href="http://priorart.ip.com/IPCOM/IPCOM000239206D">IP.com database</a>,
Linux Defenders make sure that the free software community’s innovations
are accessible to patent office examiners who are responsible for
reviewing and granting claims to patent applications.</p>
<p>If you’re also interested in making a defensive publication, we’re
about to <a
href="https://hroy.eu/work/oin/tutorial-linuxdefenders/defpub-guide/">publish
our tutorial</a>. This will <a
href="https://hroy.eu/work/oin/tutorial-linuxdefenders/defpub-guide/">guide
you</a> through the steps and the parts that can make a good defensive
publication. Your feedback is welcome!</p>
How to produce defensive publicationshttps://hroy.eu/posts/defpub-workflow-rfc/2023-10-30T19:54:26Z2014-09-05T07:33:37Z
A proposal and request for comments on how to make it easy for free software projects to produce defensive publications against patents.<hr><br><p>Last month, I <a href="https://hroy.eu/posts/intro-defpubs/">introduced what
defensive publications are</a>: documents describing something (a new
feature, a new algorithm, a new system) in order to prevent further
patents.</p>
<p>Defensive publications are needed because on the one hand, even when
the source code is available to the public, it is not necessarily
accessible to the patent office examiner who’s reviewing patent
applications. This is why we submit defensive publications to their
databases: it makes the review process more aware of what free software
projects develop.</p>
<p>On the other hand, while pushing code to a public repository is easy
for a project contributor, writing and submitting a defensive
publication is not as straightforward.</p>
<p>On of my goals is to help fix this, so that producing defensive
publications gets as easy as possible for Free Software projects. So,
during this month, amongst other patent-related activities, I published
a first version the <a
href="https://github.com/LinuxDefenders/defpub-template/">a defensive
publication template</a> on <a
href="https://github.com/LinuxDefenders/">Github</a>. Hopefully, I will
be able to improve on this version and push other useful things for the
whole <a href="http://linuxdefenders.org/">Linux Defenders</a>
programme. Your feedback would be very appreciated!</p>
<p>A prior observation before explaining how the template works:
obviously, writing defensive publications is not a developer’s top
priority. But writing a defensive publication is not something that can
be left entirely to lawyers (although we can help). Writing a defensive
publication requires insights on:</p>
<ul>
<li>how the code works, how the system is designed</li>
<li>how other solutions, especially prior solutions and current trends
develop</li>
</ul>
<p>For this reason, developers are in a privileged position to write
defensive publications. The situation is not entirely unlike that of
writing documentation. Writing documentation is probably not a
developer’s favourite task (and indeed the state of some documentation
is evidence of this). However, we know that a good documentation is also
a sign of a project’s health and so we make process and tools to
facilitate this task. Fortunately, writing a defensive publication is
not much different from writing documentation, and so we should be able
to <em>kill two birds with one stone</em>.</p>
<h3 id="how-does-it-work">How does it work?</h3>
<p>Once you have identified some part of your software that you want to
write a defensive publication about:</p>
<ol type="1">
<li><p><a
href="https://github.com/LinuxDefenders/defpub-template/archive/master.zip">Download
and extract the template</a></p>
<p>The <code>README</code> should guide you. Especially, you can find
examples of things to use to start your own publication, such as
figures, flowcharts, etc.</p></li>
<li><p>Update variables like:</p>
<pre><code>TITLE
PROJECT
URL
DESCRIPTION
TAGS</code></pre>
<p>(I’ll probably write a script to automate that…)</p></li>
<li><p>Create an <code>abstract.yaml</code> file in <code>src/</code>
(you can one from the <code>example/</code> directory) and also update
the <code>tags</code>. You can edit the abstract itself, later at the
end.</p>
<p>This will later appear on the list of <a
href="http://defensivepublications.org"
class="uri">http://defensivepublications.org</a>.</p></li>
<li><p>You can start writing your document in <code>src/</code> - You
can write in any format provided that you are able to produce a PDF at
the end so we can submit it to the patent office. Right now the template
is very much focused around <a
href="http://johnmacfarlane.net/pandoc/">pandoc</a> which is able to
convert a lot of different kinds of texts, like Markdown to LaTeX. You
can follow the <code>README</code>.</p></li>
</ol>
<p>As you see, it’s a bit rudimentary now, but the idea behind with this
template is that you should be able to take relevant bits of your
documentation and integrate them directly into your defensive
publication’s source files. Then you can use <code>pandoc</code> to
combine all the files together in the relevant order.</p>
<p>That way you don’t have to duplicate content, but rather you reuse
relevant parts of your documentation that describe your software for the
defensive publication.</p>
<p>Once you’ve done that, you need to write the abstract and probably
write an introduction if you need to give more details. Another part to
introduce your publication can be a description of the current state of
the art relevant to your software: basically, what’s the problem your
software solves and how other solutions try to address this problem in
your field.</p>
<p>The template comes with a file <a
href="https://github.com/LinuxDefenders/defpub-template/blob/master/example/template.pdf"><code>example/template.pdf</code></a>
that should guide you through the different parts that make a defensive
publication.</p>
<h3 id="get-involved-with-us">Get involved with us</h3>
<p>If you are interested in writing a defensive publication or have more
questions, don’t hesitate to join <a
href="http://irc.lc/freenode/linuxdefenders/">#linuxdefenders</a> on the
IRC freenode server.</p>
<p>Also, I’m very much interested in your feedback. What’s your opinion?
What do you need to write a defensive publication as easily as
possible?</p>
<hr />
<p>Next month, I should be able to show an example from <span
class="selflink">defensive publications</span>, with additional
explanation and comments!</p>
Intro to Open Invention Network’s defensive publicationshttps://hroy.eu/posts/intro-defpubs/2023-10-30T20:13:50Z2014-07-28T13:13:05Z
What I’ve been working on the last three weeks, my internship at Open Invention Network starts<hr><br><p>Three weeks ago, I started working for <em>Open Invention
Network</em> as an intern<a href="https://hroy.eu/tags/defensivePublications/#fn1" class="footnote-ref" id="fnref1"
role="doc-noteref"><sup>1</sup></a>. <a
href="https://www.openinventionnetwork.com/">Open Invention Network</a>,
or OIN in short, aims at creating a safe environment for Linux and
Linux-based systems to thrive in spite of all the threats that patents
constitute to software developers.</p>
<aside class="dyk-patents2009 sidenote right">
<strong>Did you know?</strong> In 2009-2011 in the US, $20 billion was
spent on patent litigation and patent purchases. In 2011, for Apple and
Google, this spending exceeded spending on research and development. <a
href="http://www.nytimes.com/2012/10/08/technology/patent-wars-among-tech-giants-can-stifle-competition.html?_r=2&pagewanted=all"
title="In the smartphone industry alone, according to a Stanford University analysis, as much as $20 billion was spent on patent litigation and patent purchases in the last two years — an amount equal to eight Mars rover missions. Last year, for the first time, spending by Apple and Google on patent lawsuits and unusually big-dollar patent purchases exceeded spending on research and development of new products, according to public filings.">(source)</a>
</aside>
<p>As one of my activities with <a
href="https://www.openinventionnetwork.com/">OIN</a> in the <a
href="http://www.linuxdefenders.org/">Linux Defenders</a> program, I am
helping Free Software (aka Open Source) projects submit “defensive
publications.”</p>
<p>Defensive publications are sort of anti-patents:</p>
<ul>
<li>while patents are claimed to <em>exclude others</em> from being able
to implement something,</li>
<li>defensive publications <em>prevent anyone to exclude others</em>
from being able to implement something.</li>
</ul>
<p>They’re called defensive because they can be used against further
patent applications or they can be used a posteriori to defend oneself
against patent infringement claims. Indeed, if the software is already
accessible by the public before a patent on it is submitted, there’s no
way you or anyone would be infringing on a patent on that software.
Actually in that situation the patent should be invalidated. Then you
might ask: why do I need to write defensive publications if I have
already published my source code? – Unfortunately, that’s because just
releasing source code is not effective to protect yourself against
patents.</p>
<p>In theory, it is true that you are immune from infringement of
subsequent patents as soon as you’ve made your software source code
publicly accessible online, for instance using a public version control
system like Github.</p>
<p>In practice, it’s not really effective. Here’s why:</p>
<ol type="1">
<li><p>the life of patents begin at the patent office where patent
applications are submitted, then reviewed by patent office staff:</p>
<blockquote>
<p>Patent examiners have a strong sense of the technology that is
patented, but <strong>they’re missing an understanding of what has been
and is currently being developed in the open source world</strong>. As
shocking as it may seem, the result is the examiner formulating an
inaccurate sense of what is innovative. As the final arbiter of a very
significant monopoly grant, they are often grossly uninformed in terms
of what lies beyond their narrowly scoped search. This is not wholly
their fault as they have limited resources and time. However, it is a
strong indication of a faulty system that is so entrenched in the
archaic methods under which patent offices have been operating.</p>
</blockquote>
<p>As <a
href="http://creative-destruction.me/2014/01/21/defensive-publications-shedding-light-on-innovation/">Andrea
pointed out</a>, patent office staff will usually not go to software
repositories and read source code in order to find prior art. That’s why
making it easy for them to read about what you’ve done in software is
necessary. That’s what defensive publications are supposed to
do.</p></li>
</ol>
<ol start="2" type="1">
<li><p>The life of patents end in several ways, whichever comes
first:</p>
<ol type="1">
<li>The patent was filed more than 20 years ago or the patent holders
have not paid their yearly patent-taxes, it’s now in the public
domain</li>
<li>an authoritative court decision has striked out the patent as
invalid (and there’s no appeal pending)</li>
<li>the patent office reverts their decision to grant the patent</li>
</ol>
<p>The problem is that in each of these cases, the process can be quite
long. Litigations can go on for several years, especially since a patent
holder will probably try to appeal a decision that invalidate its
patent.</p>
<p>As for the patent office procedures, they can take a decade. For
instance, it took more than 15 years to strike down a single very broad
Amazon patent application<a href="https://hroy.eu/tags/defensivePublications/#fn2" class="footnote-ref" id="fnref2"
role="doc-noteref"><sup>2</sup></a>.</p>
<p>Meanwhile, the patent will constitute a potential threat that will
effectively encumber the use and distribution of your software.</p></li>
</ol>
<p>Basically, <a href="http://www.defensivepublications.org/">defensive
publications</a> consist in documenting one aspect of software projects
that’s focused on solving a challenge and does it in a new, innovative
way. The document would give some context about the state of the art and
then describe in more details how the system works, usually by using
meaningful diagrams, flowcharts and other figures.</p>
<p><a href="https://www.flickr.com/photos/opensourceway/6554315093/">Not
like this one:</a></p>
<!--![Created by Libby Levi for opensource.com](https://farm8.staticflickr.com/7155/6554315093_d4a9119a17_o.png)-->
<table class="img">
<caption>
Created by Libby Levi for opensource.com
</caption>
<tr>
<td>
<img src="https://hroy.eu/posts/intro-defpubs/666x-typical-patent-software-fig.png" width="666" height="374" alt="Parody of a software patent figure" class="img" id="typical-patent-software-fig" />
</td>
</tr>
</table>
<p>And who’s going to read defensive publications? At <a
href="https://www.openinventionnetwork.com/">OIN</a>, we maintain a
website <a href="http://www.defensivepublications.org/">to list
defensive publications</a>. Then, we submit them to databases used for
prior-art examination by patent office examiners. So the target audience
for these defensive publications is the patent office that reviews
patent applications. A good defensive publication should use generic
terms that are understood even by someone who’s not programming in the
same language as the one used for the program.</p>
<p>Defensive publications may be no more than a re-arrangement of what’s
already written on the project’s blog, or in the documentation. They can
be useful to explain how your program works to other programmers. In
some aspect, they look like a (short!) scientific publication.</p>
<p>For software that works in areas heavily encumbered with patents like
media codecs, actively submitting defensive publications can safeguard
the project’s rights against patent holders. For instance, consider that
<a
href="http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/15/patent-trolls-now-account-for-67-percent-of-all-new-patent-lawsuits/">patent
trolls now account for 67% of all new patent lawsuits</a> and as shown
in a 2012 study, <a
href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2146251"
title="Startups and Patent Trolls">startups are not immune to patent
threats</a>.</p>
<p>So part of my job is to work with Free Software projects to help them
submit defensive publications. I have been working with Pablo Joubert on
a defensive publication around search engines making use of <a
href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed
hash tables (DHT)</a>. Pablo was involved in the <a
href="http://seeks-project.info/">Seeks project</a> and has now started
a new project building upon <a
href="http://seeks-project.info/">seeks</a>. It was very interesting for
me to learn more about how <a
href="https://en.wikipedia.org/wiki/Distributed_hash_table">DHT</a> are
used in peer-to-peer networks and how we can make use of them for new
awesome applications like social search. Now, Pablo also has a document
that explains concisely what the project is and how it works. This could
be the preamble to the documentation 😉</p>
<p>I’ve also worked on a guide to defensive publications and I am
starting to think on how a tutorial might look like. I hope you will
find that useful. I’ll write more
<a href="https://hroy.eu/tags/OpenInventionNetwork/">about that next time</a>!</p>
<p>If you are interested, don’t hesitate to join <a
href="http://irc.lc/freenode/linuxdefenders/">#linuxdefenders</a> on the
IRC freenode server.</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1"><p>Since I passed the bar exam in December last year, I now
have to fulfil two 6-month internships.<a href="https://hroy.eu/tags/defensivePublications/#fnref1"
class="footnote-back" role="doc-backlink">↩︎</a></p></li>
<li id="fn2"><p>It’s patent <a
href="https://register.epo.org/application?number=EP99105948">EP0927945</a>
The patent’s abstract begins like this: “A method and system for placing
an order to purchase an item via the Internet.” This patent was filed at
the European Patent Office in 1998.<a href="https://hroy.eu/tags/defensivePublications/#fnref2"
class="footnote-back" role="doc-backlink">↩︎</a></p></li>
</ol>
</aside>