Blog post

Is "Open Source Company" An Oxymoron?

By Brian Prentice | August 20, 2009 | 11 Comments

Gartner has long since tied the definition of Open Source Software to the underlying license agreement. If software code is covered under a license recognized by OSI it’s open source. Otherwise, it’s not.

Simple and straightforward.

The focal point for any open source activity has been the project. That’s the center of gravity for community participation. That then poses a very interesting question. Is there such thing as an “open source company.” Or, is it just a superfluous marketing overlay?

In order for this to be a valid concept there needs to be set of criteria that can unambiguously qualify, or disqualify, an organization from being an open source company? What should that be? Let’s consider the options.

Maybe it’s the mere existence of an open source solution in an organization’s product portfolio. That scarcely seems fair as it would make Microsoft as much an open source company as Red Hat. Maybe it should be the number of open source products as a percentage of the whole portfolio? What that percentage is I have no idea but let’s, for argument’s sake, make that at least 50%. But again, that would make Daffodil CRM more of an open source company than Oracle. Not taking anything away from Daffodil but their modest CRM solution doesn’t really compare to Oracle’s pretty significant commitment just to Linux alone.

Maybe then we should look at revenue? If, for example, an organization makes a majority of their revenue from open source then we should consider them an open source company. Unfortunately, it’s not logical to bestow a category to a vendor only if it’s a majority of their revenue. We wouldn’t, for example, deny SAP the right to be considered an important business intelligence vendor because they don’t derive a majority of their revenue from those products. Apple an mobile phone company? Not by those rules. Additionally, that would take Google right out of consideration since they make their money from search-driven advertising. Surely Google – with their commitment to using and contributing to existing open source projects while also creating new ones – should be considered an open source company.

But if we go back to Gartner’s definition of open source software it does highlight an important point about a software provider’s revenue. The right to modify and redistribute – key provisions in an OSI license agreement – make it pretty silly for one organization to try making money directly from an open source project. The more successful they are in doing so, the more likely someone will come along and snatch a portion of their revenue by forking the project. Therefore, organizations make their money indirectly. Open source ultimately ends up being surrounded by a layer of proprietary, commercial offerings.

All organizations are the same – the only difference is in the approach they choose. Some organizations will link proprietary software products to open source offerings. This is clearly the strategy that VMWare hopes to use with their recent acquisition of SpringSource. Other organizations will use proprietary services. That’s what Red Hat and Accenture are doing (given that the expertise needed in provisioning support and development capability is hired in and managed by these companies). In fact, I’d suggest you can look at Google the same way  – they provide an advertising service on top of an OSS operating environment.

The thing is that we are rapidly moving to the point where all software companies will, to some extent, be an open source company. So, what’s the point of trying to create an arbitrary distinction that really is little more than an attempt to paint one type of business model (like the services approach) in a better light the others.

At the end of the day there are open source projects and communities that support them. Then there are companies which seek to leverage open source projects, and their communities, for commercial advantage. But, there is no such thing as an open source company.

Simple and straightforward.

Comments are closed


  • An “open source company” is a company that has “bet the farm” on developing open source software, nothing more and nothing less.

    Oracle is not an open source company.

    S. Fermigier, founder and chairman, Nuxeo (an open source company).

  • Josef Assad says:

    Maybe a company could be termed an “open source company” if none of its business practises have aggravated any elements of the open source definition for a specific period of time.

    Granted, that rules out a lot of companies but it is certainly one relatively straightforward way to sort the open source companies from the ones that aren’t.

  • Stefane – thanks so much for your comments. I appreciate your contribution.

    I’m sure this is something you feel strongly about but I really have to disagree with you on multiple levels. Why should a small startup with say $5-10m of venture capital funding be seen as somehow betting the farm while VMWare’s $420m doesn’t count. If the small startup goes under they’ve lost a small amount of someone else’s money. If SpringSource turns out to be a dud then VMWare has lost a huge amount of their own money.

    Oracle spends billions on open source technology and is now overseeing some of the most important open source projects, including their own Linux distribution, and somehow they’re not an open source company? But Nuxeo is?

    I hope you understand why I’m a bit skeptical about your position.

    How about all those “commercial open source” companies which are are equally committed to selling a proprietary functional superset of their open source product? Are they betting the farm or just using open source as a loss leader to sell their commercial offering?

    Besides, I personally have a concern about a company being overly committed to developing an open source project. Ideally a successful open source project should have a vibrant and participating community. the more successful an open source project is the less a company should have to be betting their farm.

    Sorry, but I still feel the same. Open source applies to projects. Companies are just companies.

  • Josef – thanks for your thoughts. Sorry, I’m a bit confused. Business practices are separate from the open source definition. If a company has software covered under an open source license, they are legally bound to honor those license conditions. Maybe you can clarify what you’re getting at?

  • David Dennis says:

    Sorry Brian, the term may be ambiguous, but it’s definitely not a oxymoron.


  • Brian,

    1. Who said every open source startup had to be VC-funded (and who said 5-10 M$ was “a small amount of money”) ?

    2. When I say “bet the farm”, I say that the company derives a significant amount of revenue from its open source offering (Carlo Daffara said to me on twitter that their definition mandates > 30% of OSS-related revenue), and also that the company would be dramatically different, in terms of mission / vision / values, if it wasn’t doing any open source business.

    Oracle is not an open source company (fails both definitions).

    Sun was a hardware company, but Sun software division was an open source company (its three major products, Solaris, Java and Glassfish were open source or based on open source projects they were leading).

    VMWare is not an open source company, they have zero revenue (AFAIK) based on open source products, and, more importantly, they have a policy regarding software patents that is completely at the opposite of the open source values.


  • Kim Weins says:


    I think there is a flaw in your original premise. You state that:

    “In order for this to be a valid concept there needs to be set of criteria that can unambiguously qualify, or disqualify, an organization from being an open source company?”

    There are many adjectives we can apply to companies that everyone accepts, but have just as much ambiguity. “Software company” (is IBM one? is Sun one?), “successful company” (which definition of success) etc.

    In your post, you suggest many possible criteria for defining an “open source company” and then discard them all because they are imperfect. Life (and business) are not always this black and white. In pretty much every single Gartner Magic Quadrant, you have to create hard lines in areas that are truly grey. How do you decide which companies are “part of” a particular category? How do you decide which criteria to use to score the companies that you do include. Gartner comes up with criteria (which can never be perfect) and go from there.

    Just because there is not a single set of criteria that everyone agrees on doesn’t mean the concept has no validity.

    Kim Weins, OpenLogic

  • Stefane – first off, I did not say that every open source startup had to be VC-funded. I was simply using that as an example of comparative financial commitments. And yes, $5-10m is small compared to $420m.

    But the part of your argument I really don’t understand is the “…derives a significant amount of revenue from its open source offering…”. Maybe you can explain how your run your business, but most companies I’ve seen don’t make money directly from an open source project. They make money from services or ancillary products attached to the open source project. Consider the commercial open source company that has a free, community supported, Mozilla (or derived version) licensed product. They make no money from that. Then they have the premium version which is paid for, company supported and has a company-specific proprietary license agreement. Are they an open source company by you’re definition?

    I maintain my position – “Open source company” is a marketing moniker. It is being used by a subset of the IT provider community to carve out a niche. It’s purpose is to exclude some companies in order to gain an advantageous position in the minds of their target market.

    But from my position as an analyst – a job which requires me to help customers make sound sourcing decisions – the concept of an “open source company” is meaningless when it comes to assessing an organization as a potential supplier.

  • Hi Kim – I appreciate the thoughts and I do take your point. There will always be some ambiguity in a definition. But the issue here is one of relevance. We are no longer in an environment where some organizations are embracing open source as a way to establish a commercial venture while others are are fighting it. Nowadays, it is increasingly hard to find providers that don’t have some type of open source strategy. The old dichotomy of strict open source vs. strict proprietary is dead and gone. So, what’s the point of defining something when it essentially applies to everyone?

    The whole “open source company” debate has devolved into an “I’m more open source than you are” exercise. Again, that’s a marketing effort. But the danger of playing this criteria game is that it obscures the true impact of open source – it is now a pervasive and unavoidable part of the IT landscape.

  • Shava Nerad says:

    Google is a company that has committed significant resources to open source.

    However, Google is *not* an “open source company” — if I go to them and ask them for the code for their search algorithms so I can contribute to the project, they are unlikely to release it.

    This is a fallacy almost exactly of the sort:

    Socrates is a man
    All men are mortal
    Socrates is mortal
    ERGO: All men are Socrates

    I have to admit, the error is classic, but it is an error.

    People have argued that Google supports all sorts of things (degradation of privacy, say) — and they put a great deal of resources into Google Street View, which has been successfully challenged on those grounds — but I don’t think you will be arguing that Google is a privacy deprivation company?

    Heinz produces a decent certified organic ketchup, but no one is going to argue that Heinz is a “certified organic company.”

    Open Source is not a product, but a practice, and I think this is where your argument gets confused. Like good privacy practices, or acting in a way such that your practices make your products certifiably organic (which involves much more than testing your tomatoes as they are delivered to market!), open source is a web of practices.

    Like good privacy practice and *unlike* being certified organic, there isn’t a check-off definition that every party has agreed on to define what open source “certification” might be.

    But let that community define itself as it will, I think? For a company to be an “open source company,” open source has to be an *organizing principle* for their work, and by their work I mean their central efforts, preferably *all* their central efforts, not some side project.

    Otherwise, they are a conventional company that does some open source work.

    Shava Nerad
    first publicist for the FSF (“fired” by rms for lack of orthodoxy!)
    former executive director of The Tor Project (, which *is* an open source project
    Current CEO of Oddfellow Studios, which plans to do some open source work.

  • Hi Shava – thanks for the comments. If it wasn’t for the fact that the “open source company” moniker is being used as a marketing badge – hence an effort to sway sourcing decisions – this would be academic. But given that it is then it’s a perfectly reasonable effort to question the demarcation.

    I don’t agree that open source is a practice. As I mentioned, it is a licensing agreement. True, there are practices that surround open source but that is orthogonal to it’s core definition. And while I’m all for the community defining itself the problem is you then need a definition for the community! After all, the companies that other people don’t think are open source (Microsoft, Google, Oracle, VMWare, etc.) would think that they are in fact part of the open source community hence deserving of having the open source company moniker apply to them.

    Like I said, there’s a simple solution here. Open source applies to projects. That makes things much simpler because we can all agree on that.