Free and Open Source Software Licensing: Legal Foundations and Advanced Practice
Free and Open Source Software (FOSS) now forms the backbone of modern innovation, powering everything from global cloud platforms to artificial intelligence. Yet few legal professionals possess the depth of expertise to navigate this complex, rapidly evolving domain. Free and Open Source Software Licensing: Legal Foundations and Advanced Practice is a unique executive education programme designed to fill that gap, equipping participants with the legal insight and strategic understanding essential for the digital era.
Delivered over 15 intensive online contact hours, this course offers a rare opportunity to learn directly from Andrew Katz, one of Europe’s leading authorities on open source licensing, Open Source Consultant to Bristows and CEO of Orcro Limited (Open Source Compliance). With decades of experience advising international technology companies, public institutions, and start-ups, Andrew brings unparalleled practical knowledge and real-world perspective to every session.
This is not a general overview; it is a focused, high-impact programme that bridges legal theory and commercial application. Participants will explore the philosophical and legal foundations of the open source movement while mastering the operation of key licences including GPL, LGPL, Apache, BSD, and MPL. The curriculum also delves into compliance and enforcement, licence compatibility, risk management, and the intersection of FOSS with AI, patents, and standards: issues that are redefining the boundaries of IP and technology law.
Through live interactive lectures, case-based learning, and guided discussion, participants will develop the confidence to advise, negotiate, and implement open source strategies in complex organisational settings. Designed for legal practitioners, in-house counsel, and technology leaders, this course delivers immediate professional value and a lasting competitive edge.
Join this exclusive 15-hour online programme and learn from one of Europe’s foremost experts. Gain the clarity, authority, and foresight to lead in the age of open innovation
Key information
When: 1-5 June, 9:00 - 12:00 p.m. each day
Location: Online
Fee: £1,300
We are pleased to offer a 10% discount for QMUL alumni.
A group discount of 20% is available to organisations registering 3 or more people. Please get in touch for further information.
Course Outline
The course will consist of ten 1.5-hour lectures, amounting to a total of 15 hours of instruction. The lectures will be delivered over a period of five consecutive mornings, with two 1.5-hour sessions held each morning.
The agenda is below:
Session 1: What is Open Source? Setting the Scene
This opening session sets the foundation for the course. It traces the evolution of free and open-source software, outlines the core principles underpinning the movement, and examines the forces that have made open source a cornerstone of modern technological development. Participants will gain an understanding of how contemporary software systems - often comprising tens of thousands of components - rely predominantly on open-source code. The session also introduces the key legal and operational challenges associated with open source, which will be explored in greater depth throughout the course.
Session 2: Legal Foundations of Open Source Licensing
Licensing lies at the heart of the open-source ecosystem. This session introduces the legal frameworks and principles that enable open collaboration and innovation. Participants will examine the distinction between permissive and copyleft licences, exploring how different licensing models affect compliance obligations, commercial strategy, and software development practices.
Session 3: Philosophy, Community, and Economics of Openness
Open source extends far beyond licensing—it represents a social, philosophical, and economic phenomenon. This session explores the ideological foundations of the Free Software Foundation and the Open Source Initiative, illustrating how their respective philosophies have shaped global communities and iconic projects such as the Linux Kernel and the Kubernetes. The discussion also addresses how freely shared software underpins multi-billion-pound industries, drives innovation, and supports governmental objectives in digital sovereignty and economic growth. Emerging challenges to open-source models posed by SaaS, containerisation, and AI-assisted development are also examined.
Session 4: Advanced Licensing and License Compatibility
This session delves into the complexities of licence compatibility and interaction between software components. It analyses exceptions and mechanisms designed to preserve the Four Freedoms and compliance with the Open Source Definition. Participants will also explore contributor licence agreements, developer certificates of origin, and the generation of “compliance artefacts”: the accompanying materials required when distributing open-source software. Practical examples will illustrate how these materials are produced and shared with end users. The session concludes by examining “source-available” licences that resemble open source but fall short of compliance - highlighting their associated legal risks.
Session 5: Compliance in Practice – Building Effective Governance
Using the OpenChain ISO/IEC 5230:2020 standard developed by the Linux Foundation as a framework, this session explores practical methods for implementing and sustaining open-source compliance. Through case studies, participants will learn how to integrate OpenChain processes to support developers, mitigate risk, and ensure licence obligations are met efficiently. The session also introduces OpenChain’s suite of policy documents and tools for building effective compliance pipelines.
Session 6: Compliance Tooling in Practice
Modern compliance processes are increasingly supported by dedicated software tools—many themselves open source. This hands-on session introduces leading compliance solutions such as ScanCode, demonstrating how these tools assist in licence identification, risk management, and documentation. Participants will gain practical insights into selecting and deploying appropriate compliance technologies.
Guest lecturer: Alex Murphy, Senior Compliance Engineer, Orcro Limited
Session 7: Beyond Software - Open Content, Open Hardware, Open Data, and Open AI (1 hour)
Open innovation extends beyond software. This session surveys adjacent domains—open content, open hardware, and open data—each with distinctive legal and economic dynamics. Participants will review key licensing instruments such as the Creative Commons suite, the CERN Open Hardware Licence, and open data licences. The session concludes with an analysis of open AI licensing, contrasting the Open Source Initiative’s formal definition of “Open Source AI” with the more fluid use of the term across industry.
Guest Lecturer: Vik Khurana, Partner, Bristows LLP
Session 8: Open Source in M&A and Commercial Transactions
Open source plays a significant role in due diligence and risk assessment during corporate transactions. This session explores best practices for identifying and managing open-source exposure in mergers, acquisitions, and commercial agreements. Participants will learn how the OpenChain Capability Model can be applied to evaluate an organisation’s maturity in open-source governance and mitigate transactional risk. A case study will illustrate practical application.
Guest Lecturer: Toby Crick, Partner, Bristows LLP
Session 9: Open Source, Patents, and Standards (1 hour)
This session addresses the intersection of open source, intellectual property, and technical standards. Participants will explore how open-source communities mitigate patent risk through mechanisms such as the Open Invention Network and LOT Network. The session also analyses the crucial relationship between open standards and interoperability, contrasting them with proprietary standards and examining their implications for innovation and market access.
Session 10: Open Source and Regulation – Cyber Resilience Act, AI Act, and Product Liability Act (2 hours)
As open source becomes integral to critical infrastructure, regulators have begun to recognise both its benefits and its unique governance structures. This session examines the evolving regulatory landscape, including the EU Cyber Resilience Act and AI Act, and the specific provisions relating to open source. Participants will learn how to manage compliance while leveraging transparency as a competitive advantage. The session also introduces Software Bills of Materials (SBOMs) and the SPDX standard, exploring their role in managing cybersecurity, licence compliance, and export control risks.
Instructors
Professor Noam Shemtov is the Chair of Intellectual Property and Technology Law at the Centre for Commercial Law, Queen Mary University of London, where he also serves as Director of the Queen Mary Intellectual Property Research Institute.
He has led research projects and studies funded by UK Research Councils and by industry, national, supranational and commercial organisations.
In recognition of his contributions to the innovation sector, the European Patent Office named Professor Shemtov as one of its “50 Leading Tech Voices” over the 50 years of the European Patent Convention.
Professor Shemtov also holds visiting appointments at universities in Spain, France, and the Netherlands. He is a qualified solicitor for the Supreme Court of England and Wales
Andrew Katz is a consultant at Bristows. With over 30 years’ experience in the technology field, Andrew is a leading free and open-source software lawyer. His clients range from startups to multinationals and he also advises foundations, public sector bodies, academic institutions and trans-national bodies.
Andrew regularly advises clients on technology law, computer software licensing and distribution, open source licensing, business structures and compliance, open hardware licensing, open data, the legal aspects of AI, and particularly IP and regulatory aspects of large language models.
He is a Fellow of both the Free Software Foundation Europe and the Open Forum Academy, and a visiting lecturer at Queen Mary, University of London, where he teaches free and open source software law. He is co-author of Open Source Law, Policy and Practice (Oxford University Press, 2022), as well as a number of other books and papers on open source law and technology law. He is currently a visiting researcher on standards and open source at the University of Skövde, Sweden.
He has also recently launched an initiative to manage risk in the open source and AI software supply chains, through the structures of process, procedure and insurance. Andrew’s previous clients include Canonical Limited (Ubuntu), The Linux Foundation and The Eclipse Foundation.
Andrew has been a board member of the Telecommunications Industry Association, the MariaDB Foundation, Public Software CIC, and general counsel of OpenUK. In 2019, he founded and became CEO of Orcro Limited, a company which provides advice and consultancy on Open Source compliance and supply chain management. Orcro is an accredited partner of the Linux Foundation’s OpenChain Project. He is also project lead of the Eclipse Foundation’s Corinthian Project, a multi-national project to manage risk in the software supply chain by publishing template documents legal documents intended for use in technology transactions.
Vik Khurana is a partner at Bristows and heads their Artificial Intelligence practice, leading our cross-disciplinary team advising clients operating throughout the AI ecosystem.
He advises some of the world's leading foundation AI model developers on their product launches, advising on the legal, risk and regulatory aspects of some of the most impactful AI models on the market. Vik also advises other technology businesses on AI innovation and deployment, helping to structure partnerships, protect and exploit IP, and navigate emerging regulatory environments.
In addition, Vik supports clients in all sectors – including life sciences, consumer products, government and financial – on AI governance and risk management, implementing responsible AI procedures designed to maximise the opportunities of AI while managing the risks.
Vik hosts our popular technology law podcast, The Roadmap, each month diving into the technology trends that are re-shaping modern businesses. He is an Officer of the Technology Committee at the International Bar Association, and is the Vice-Chair of the Technology Transactions Group at the Society for Computers & Law.
Toby Crick is a partner at Bristows where he advises on and negotiates commercial, technology and outsourcing agreements. He has particular expertise in working with clients to help them manage and structure complex deals and is recognised for his work on digital transformation, software and telecoms projects.
The primary focus of Toby’s work is on technology, communications and outsourcing projects where he has acted on both the client and supplier side in sectors such as financial services, telecommunications, healthcare, manufacturing, insurance and life sciences. Toby also advises on other complex commercial transactions and he has particular expertise on deals involving the use and exploitation of technology and intellectual property.