The global and independent platform for the SAP community.

Is the SAP community learning from the No Ears Rabbit legal battle?

The Berlin Regional Court has ruled in favor of the screenwriter of "Keinohrhasen," Anika Decker, in her copyright lawsuit against Til Schweiger's production company. The ruling could have a signal effect, also for the SAP community.
Ralf Meyer, Synomic
11 March 2021
Open Source
avatar
This text has been automatically translated from German to English.

One of the reasons given by the court for its ruling in the Kleinohrhasen case was that "due to the above-average success of the films, there were indications that the plaintiff might be entitled to further participation". Copyright law provides for the "subsequent adjustment of an originally appropriate remuneration in the event of above-average success". Even though this case "only" concerns books and films, Sections 32 et seq. of the Copyright Act nevertheless apply by analogy to all works protected by copyright, including software.

So-called open source license trolls have developed a flourishing business and successfully sued many companies, such as telecom providers, for six- to seven-figure euro amounts. Even though license type issues such as LGPL or "copy-left" clauses are still the focus of lawsuits against open source software users, the case described above could further stimulate the business of license plaintiffs and lawyers.

For many years, E-3 Magazine Editor-in-Chief Peter Färbinger has been telling us that educational work is important for the SAP community. Analogously, this applies to companies and software developers, because without a complete overview of which software (including open source) is being used in which version and under which licensing conditions, no one can reliably assess licensing or potential security risks.

Since most companies use at least dozens, usually hundreds or thousands, of different open source components, this is a very difficult task. However, there are proven solutions that automatically search for open source solutions used in the company and warn when components do not meet management's licensing requirements, are outdated or have known security vulnerabilities.

Even if this sounds abstract to readers, it becomes an important success criterion at the latest in the context of due diligence, such as for a strategic partnership with SAP (solution extension/premium qualification), venture capital financing or the company takeover (M&A). Especially in the Covid-19 lockdown situation - without visit opportunities - it could be seen that even with professional preparation, things can still be unclear and complicate or delay M&A negotiations. Without proper tools and preparation, this would likely lead to early termination of negotiations for strategic opportunities.

Regardless of the licensing issue, the number of cyber-security attacks on companies has increased dramatically in recent years and in 2020 even experienced players such as Software AG have been hit hard. Unfortunately, one must also observe that the "quality" of these attacks is reaching completely new levels, and government agencies are increasingly getting involved in cyber attacks, even against companies (see, for example, Stuxnet or the current SolarWinds hack, the presumed largest cyber attack against the Western world). Successful attacks usually cause major economic damage, including downtime, costly damage repair and loss of image.

So what can the SAP community do? Follow Peter Färbinger's recommendation, educate themselves and use open source and security monitoring solutions, such as the free solution VersionEye from Mannheim, which is itself open source and offers both powerful license and security monitoring, or Snyk from Israel for software container monitoring.

Since many companies have partner networks, not only their own security situation should be monitored, but also that of partners. This is where the LocateRisk solution from Darmstadt comes in. Characteristic of professional cyber attacks is often the concealment of attacks and destruction of forensic traces - also in logs and data backups. This is why the new distributed ledger-based solution Chainkit may be needed.

avatar
Ralf Meyer, Synomic

Ralf Meyer is Managing Director of Synomic and co-founder of IA4SP.


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 20, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.