Seven out of 10 Android and iOS apps that contain open source "failed to comply with basic open source licence requirements," according to a new analysis.
OpenLogic, which makes open source software support, scanning and governance tools, said it analysed 635 mobile applications for Android, iPhone and iPad, out of which 66 contained open source software under the Apache, GPL or LGPL licences. The vendor found that 71 percent of the 66 apps violated key obligations required by the open source licences.
Although the review targeted only 66 open source apps, there are many more such programs running on Android, iPhone and iPad, or at least in the works. Black Duck Software recently examined 3,800 free and open source mobile projects begun in 2010 and found that 55 percent were geared toward Android and 39 percent toward Apple's iOS.
Complying with open source requirements seems to be a sore spot for mobile developers, if OpenLogic's survey is any indication.
"Many mobile and tablet developers may not have a complete picture of the open source they are using and the requirements of the open source licences," Kim Weins, senior vice-president of products and marketing at OpenLogic, said in the survey announcement. "This has real-world implications. For example, the Free Software Foundation has stated that the GPL and iTunes licences are not compatible and Apple has already pulled several apps from the store that were determined to be under the GPL. Google has also received takedown requests for Android market apps that violated the GPL. App developers need to pay attention to open source licence compliance to ensure their apps are not impacted by legal actions."
The Android operating system itself is open source, using the Apache licence as well as the GPL for Linux components. But Google is being sued by Oracle, which claims Android infringes on Java patents and copyrights. Apple's iOS is proprietary.
OpenLogic's scan of Android and iOS apps found that most of the open source ones violate GPL requirements such as providing source code or an offer to get the source code or the requirement to provide a copy of the licence. Most mobile apps using the Apache licence violated requirements to provide a copy of the licences or notices and attributions.
Failure rates were similar on Android and iOS. The Android apps' compliance rate was 27 percent and iOS was at 32 percent.
OpenLogic also said that two Android applications contained LGPL Version 2.1, a licence which "could have potential conflicts with Apache 2.0, the major licence of the Android operating system".
Further, OpenLogic said it "found several apps with extensive EULAs that claimed all of the software included was under their copyright and owned by them - when in fact some of the code in the app was open source".
OpenLogic did not identify any specific apps, but said its selection targeted "top paid and free apps for iPad, iPhone and Android across a variety of categories," including "apps from the top 20 companies in the Fortune 500." Categories included "banking applications, sports and game applications, applications from the world's most recognised brands and media organisations and popular applications from smaller companies."