IP in Software: When is an API Protectable?
On May 9th, the Federal Circuit ruled in Oracle v. Google that some APIs, or software application programming interfaces, are subject to copyright. Unless Google can successfully assert a fair use defense on remand, Google will have to pay Oracle for its use of the Java API in Android. The ruling draws disapproval from IP advocates and software developers alike, who predict it will have a stifling impact on innovation.
If the ruling stands, software companies will be able to copyright some aspects of their APIs. The Electronic Frontier Foundation, warns that “allowing a party to assert control over APIs means that a party can determine who can make compatible and interoperable software, an idea that is anathema to those who create the software.” Many developers agree that making APIs subject to copyright law would significantly limit their ability to build compatible programs and build on top of APIs.
Oracle is praising the opinion as a win for “the entire software industry that relies on copyright protection to fuel innovation.” Many big software vendors agree and have said that APIs are creative works that are worthy of protection. Rosenkranz, appellate counsel for Oracle, thinks the alarm in the software industry is unwarranted, given that “Google copied 7,000 lines of code and the structure and organization of whole packages of highly creative software.” He claims that many APIs are not protectable because they are either not computer code or not creative enough.
Rosenkranz’s argument is persuasive, given that Java programming language is open and free for anyone to use, with few limitations, and Google could have used open source code or written its own API packages, but chose not to do that. It is primarily for this reason, along with the finding “that the SSO [structure, sequence, and organization] is original and creative,” that the court concluded that “Section 102(b) does not bar the packages from copyright protection.”
On a broader scale, this ruling does not mean that all software developers must pay to use Java APIs in order to make compatible software. In fact, Oracle offers three different licenses to those who want to make use of the Java API code. Under the free “open source” public license, developers can use the full Java code if they contribute back to the public. Under the Specification License, developers may use the declaring code if they write their own implementing code. However, developers who “want to use and customize the full Java code in their commercial products” must obtain the commercial license, which requires the payment of royalties. This seems fair to both API creators and to software innovators.
The current uproar in the media and software industry over the outcome of this case appears uncalled for. The courts’ ruling in Oracle v. Google is both sufficiently narrow and consistent with settled law about the protectability of SSOs. The court did not rule that “APIs in the broadest sense of the term” are protected by copyright. Instead, this case stands for the proposition that software companies have some ownership over creative and expressive aspects of their APIs.
The outcome of the Oracle v. Google case should not be a cause of concern for software developers. But, because interoperability is not a strong consideration under fair use, software developers making commercial products should be careful when building on whole API packages. If they want compatible SSO functions in their products, they ought to: (1) rearrange the various methods under different groupings; (2) secure a license from the API owner; (3) use an open source license; or (4) build from scratch.