Legal commons (tools & practicies) for Open Source compliance

The main objective of this discussion is to gather and share project ideas from lawyers.

Here are some examples that had been mentioned during the workshop, feel free to complete this list by adding your ideas :


Hermine : community-driven project launched with end-user partners few months ago.
- How can we built something shared in each organisation which is open enough (as open as possible and as close as necessary). Think about what can be shared beyond the projects and in the projects.
- We are working on this project since a year now, and we have a database with interpretation of hundreds of licences.


APIToS : Legal interface and standardisation. As part of a research project, we aim at building a legal framework making API Terms of Service easily understandable and shareable, for a saner and safer digital infrastructure. We produced a FACT licence relying on a balance of rights and obligations between API providers and users (see

  • how can a TOS be effectively read and understood by a human being, a lawyer or a computer?
  • how can we encourage the use of a legal tool (as a prototype) to obtain useful feedback (giving that this tool will only be fully effective once such feedback has been collected and integrated).


REUSE can also be mentioned. REUSE was started by the Free Software Foundation Europe (FSFE) to provide a set of recommendations to make licensing your Free Software projects easier.


OPSO (Open Source Program Office) is designed to be the center of competency for an organisation’s open source operations and structure.

This can include setting code use, distribution, selection, auditing and other policies, as well as training developers, ensuring legal compliance and promoting and building community engagement that benefits the organisation strategically.

OSPO Zone can also be mentioned for sharing and promoting world-class materials on good governance for Open Source Programme Offices.

During the second workshop, a number of elements were discussed that could be added to the list :

  • Sharing of experience cases to know what could have been done better via test case base (ex : checking algorithms and tools),
  • Need at teaching level to help people understand it : programming language, improvement of knowledge about IP of students, teach Open Source,
  • Need of a specific search machine,
  • There is a need of Automatic way/software to collect SBom.

Centralise Open Source compliance at a European level

FOSSology : FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web UI are provided to give you a compliance workflow. In one click you can generate an SPDX file, or a ReadMe with the copyrights notices from your software.

OSS Review Toolkit
OSS Review Toolkit : The OSS Review Toolkit (ORT) is a FOSS policy automation and orchestration toolkit which you can use to manage your (open source) software dependencies in a strategic, safe and efficient manner.

Joinup Licensing Assistant (JLA)
On 17 Marsh 2021 the JLA was presented at EOLE - Paris. The JLA is now a mature and functional solution.
Test it here.
On this page you will select the most convenient licence based on its legal content, and in case of multiple possibilities, compare the content of up to 5 licences.
In case or merging and distributing components covered by several licences, try the Compatibility checker where you may combine inbound and outbound licences.

1 Like