Bonum Certa Men Certa

Guest Post: Watch Out for “Patented API” Traps, by Jose X

The Trap in a Nutshell



A patented API is short-hand for saying that an API (a software interface) is defined to parallel a patent so that using the API to build applications creates patented material unavoidably.



This is a trap API. Use it, and infringe.

The story:

Q: Can I "work around" the patent? Q: Can I re-implement the API libraries so as not to have to redesign and recode all apps? Q: Can I map or translate the app automatically into something safe?

A: In general, no, you can't, if the trap is a good one.

This covers the trap in a nutshell.

[The disclaimer: I am not a lawyer, and I have never written a patent application. But.. I do know how software works, and I have developed more than just half a clue about how patents work (in the US).]

Further Basic Discussion



For those that want a little more explanation, we have this link.

..as well as a hypothetical "Tetris" Patent Trap example.

Visual Basic function



"Tetris" Patent Trap



Patent Tetris Patent CoolDraw API Tetris API CoolDraw

We have two patents and two API. One patent and one API are high-level (Tetris). The other patent and API are low-level (CoolDraw). The high-level patent and high-level API are designed together as a trap as mentioned above. Ditto for the low level ones.

Let's look at a few more details on the patents and on the APIs. Then, we'll cover the four main scenarios. Do note the interplay of high-level with low-level. When the levels are the same (and matching), we have stepped onto the trap.

-- Patent Tetris: patents any tetris like game.

-- Patent CoolDraw: patents a cool way to draw on the screen from computer memory.

-- API Tetris: a createTetris function produces a tetris game when you input things like block size, colors, number of rows, time, etc.

-- API CoolDraw: a doCoolDraw function uses a cool algorithm to move values onto the screen.

Case 1: -- Patent Tetris -- API Tetris.

In this scenario, if we use API Tetris within our app so that a tetris game is created, we violate Patent Tetris, guaranteed.

Case 2: -- Patent Tetris -- API CoolDraw.

In this scenario, if we use API CoolDraw within our app so that we draw to the screen, we do not violate Patent Tetris unless we write a lot more code so as to create our own tetris game. It would take many lines of code to violate Patent Tetris.

Case 3: -- Patent CoolDraw -- API Tetris.

In this scenario, if we use API Tetris within our app so that a tetris game is created, we may violate Patent CoolDraw ..or not. It depends on how API Tetris was implemented. Does createTetris write to the screen the way described by Patent CoolDraw?

Case 4: -- Patent CoolDraw -- API CoolDraw.

In this scenario, if we use API CoolDraw within our app so that we draw to the screen, we violate Patent CoolDraw, guaranteed.

Quick Analysis

Case 1 (and Case 4) patent and API are at the same level (and matching). This is a trap. To avoid infringement, you have to redesign and re-code the application using a different API.

Case 2 is the case when people consider "working around" the patent. It's an odd event. You have to write many lines of code in order to possibly be infringing. If you are, you then try to code around it, perhaps by building something a little different than tetris. [In general, avoid infringement by make sure some of the properties of the patent claim are not met.]

Case 3 is the case where if a violation were to exist in the API implementation, you can try to re-implement the libraries and this way avoid re-implementing each and every single app as would be required for Cases 1 and 4.

The reason Case 3 allows you to re-implement the libraries and avoid re-coding up every application is fundamentally because you can re-implement the API but keep fixed the same interfaces and specifications enshrined in the API contract and assumed by the applications. This is not possible in Case 1 and Case 4 because any re-implementation of the same specification, for these cases, will infringe in the same exact way as with the original implementation since it's the specification itself (not any implementation of any part of it) that parallels the patent.

The reason Case 2 does not result in automatic infringement as happens with Case 1 and Case 4 is that the API interface and patent requirements don't match. It's that simple. Case 2 is where the application could possibly end up violating if you code enough with that API or with another. The Case 2 patent is high-level while the API is low-level. Case 3 is different in that the patent is low-level while the API is high-level; thus, Case 3 contrasts with Case 2 because in Case 3 the potential violations would not happen within the application (as with Case 2) but rather within the library.

In short, Case 1 and Case 4 are the only cases (of the four) where any API usage, by definition, specifies that the application will acquire all the properties of the matching patent claim. These are the traps.

Random APIs will not shadow any given patent as occurred in Case 1 and in Case 4. Developers normally would not have to worry. They can expect a Case 2 or a Case 3, if anything. However, Case 1 and Case 4 can be designed on purpose when the patent author and API designer are the same entity. Why would this author create this trap for developers? Well...

-- The patent author is determined to file lawsuits as necessary (maybe via proxies) in order to slow down many and/or key competing applications (eg, FOSS applications).

“You can be given a patent license and even GPL code for the core API, but not for the patented API extensions.”If you are using an API designed by such a vendor (regardless of who implemented the libraries), beware. I see lots of redesigning and re-coding in your future, just to get back to the same point (on a per app basis). Remember that the patent might still be in the pipeline, have been sold to a proxy, or have been developed through a partnership under a different company or alias.

The above nutshell and sample analysis omit many details. There are many corner cases and things are not cut and dried. In a second article to follow (possibly), we will look closer into many details of the trap scenario.

Finally, there is a more insidious trap that exists. You can be given a patent license and even GPL code for the core API, but not for the patented API extensions. You may then find that you can create only simple applications safely (with that core API), even if you decide not to use the patented extension API but build your own. This is more insidious because the patent and copyright licenses given for the core API give the illusion of safety (a green light to proliferate), and is insidious and dangerous all the more so since you might purposely avoid the patented extensions. The trap happens if you use the "safe" core with any extension whatsoever (since the extended patented properties can be very general in nature). The details of this extended insidious trap may form the subject of a third article later on. It's also described further here.

Comments

Recent Techrights' Posts

Links 28/03/2024: Sega, Nintendo, and Bell Layoffs
Links for the day
Open letter to the ACM regarding Codes of Conduct impersonating the Code of Ethics
Reprinted with permission from Daniel Pocock
With 9 Mentions of Azure In Its Latest Blog Post, Canonical is Again Promoting Microsoft and Intel Vendor Lock-in, Surveillance, Back Doors, Considerable Power Waste, and Defects That Cannot be Fixed
Microsoft did not even have to buy Canonical (for Canonical to act like it happened)
Links 28/03/2024: GAFAM Replacing Full-Time Workers With Interns Now
Links for the day
Consent & Debian's illegitimate constitution
Reprinted with permission from Daniel Pocock
The Time Our Server Host Died in a Car Accident
If Debian has internal problems, then they need to be illuminated and then tackled, at the very least in order to ensure we do not end up with "Deadian"
China's New 'IT' Rules Are a Massive Headache for Microsoft
On the issue of China we're neutral except when it comes to human rights issues
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 27, 2024
IRC logs for Wednesday, March 27, 2024
WeMakeFedora.org: harassment decision, victory for volunteers and Fedora Foundations
Reprinted with permission from Daniel Pocock
Links 27/03/2024: Terrorism Grows in Africa, Unemployment in Finland Rose Sharply in a Year, Chinese Aggression Escalates
Links for the day
Links 27/03/2024: Ericsson and Tencent Layoffs
Links for the day
Amid Online Reports of XBox Sales Collapsing, Mass Layoffs in More Teams, and Windows Making Things Worse (Admission of Losses, Rumours About XBox Canceled as a Hardware Unit)...
Windows has loads of issues, also as a gaming platform
Links 27/03/2024: BBC Resorts to CG Cruft, Akamai Blocking Blunders in Piracy Shield
Links for the day
Android Approaches 90% of the Operating Systems Market in Chad (Windows Down From 99.5% 15 Years Ago to Just 2.5% Right Now)
Windows is down to about 2% on the Web-connected client side as measured by statCounter
Sainsbury's: Let Them Eat Yoghurts (and Microsoft Downtimes When They Need Proper Food)
a social control media 'scandal' this week
IRC Proceedings: Tuesday, March 26, 2024
IRC logs for Tuesday, March 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Windows/Client at Microsoft Falling Sharply (Well Over 10% Decline Every Quarter), So For His Next Trick the Ponzi in Chief Merges Units, Spices Everything Up With "AI"
Hiding the steep decline of Windows/Client at Microsoft?
Free technology in housing and construction
Reprinted with permission from Daniel Pocock
We Need Open Standards With Free Software Implementations, Not "Interoperability" Alone
Sadly we're confronting misguided managers and a bunch of clowns trying to herd us all - sometimes without consent - into "clown computing"
Microsoft's Collapse in the Web Server Space Continued This Month
Microsoft is the "2%", just like Windows in some countries
Links 26/03/2024: Inflation Problems, Strikes in Finland
Links for the day
Gemini Links 26/03/2024: Losing Children, Carbon Tax Discussed
Links for the day
Mark Shuttleworth resigns from Debian: volunteer suicide and Albania questions unanswered, mass resignations continue
Reprinted with permission from Daniel Pocock
Links 26/03/2024: 6,000 Layoffs at Dell, Microsoft “XBox is in Real Trouble as a Hardware Manufacturer”
Links for the day
Gemini Links 26/03/2024: Microsofters Still Trying to 'Extend' Gemini Protocol
Links for the day
Look What IBM's Red Hat is Turning CentOS Into
For 17 years our site ran on CentOS. Thankfully we're done with that...
The Julian Paul Assange Verdict: The High Court Has Granted Assange Leave to Appeal Extradition to the United States, Decision Adjourned to May 20th Pending Assurances
The decision is out
The Microsoft and Apple Antitrust Issues Have Some But Not Many Commonalities
gist of the comparison to Microsoft
ZDNet, Sponsored by Microsoft for Paid-for Propaganda (in 'Article' Clothing), Has Added Pop-Up or Overlay to All Pages, Saying "813 Partners Will Store and Access Information on Your Device"
Avoiding ZDNet may become imperative given what it has turned into
Julian Assange Verdict 3 Hours Away
Their decision is due to be published at 1030 GMT
People Who Cover Suicide Aren't Suicidal
Assange didn't just "deteriorate". This deterioration was involuntary and very much imposed upon him.
Overworking Kills
The body usually (but not always) knows best
Former Red Hat Chief (CEO), Who Decided to Leave the Company Earlier This Month, Talks About "Cloud Company Red Hat" to CNBC
shows a lack of foresight and dependence on buzzwords
IRC Proceedings: Monday, March 25, 2024
IRC logs for Monday, March 25, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Discord Does Not Make Money, It's Spying on People and Selling Data/Control (38% is Allegedly Controlled by the Communist Party of China)
a considerable share exists
In At Least Two Nations Windows is Now Measured at 2% "Market Share" (Microsoft Really Does Not Want People to Notice That)
Ignore the mindless "AI"-washing
Internet Relay Chat (IRC) Still Has Hundreds of Thousands of Simultaneously-Online Unique Users
The scale of IRC