Trademark Discussion for 20-Oct
7 views
Skip to first unread message
Mike McCamon
Oct 15, 2020, 4:56:13 PM10/15/20
to Global-board
I know we have a rather full Board Meeting agenda for next week but I do want to draw your attention to one topic that I will be presenting in this my final OWASP Board Meeting.
--
Early in 2019 I championed the effort to register our most valuable trademarks. As the slides indicate, there were many reasons for this effort; most important of which was to protect the OWASP Foundation's reputation in the minds of AppSec professionals. Ever so slowly and throughout these past 18 or so months we have been progressing on this project having secured key trademark registrations in the EU and US. Registration of our marks is not fully complete, but we are at a stage where we should begin a licensing and policing effort of our marks.
Attached you will find our current proposal. The concept is very simple. If a corporation is a Member of the Foundation, they will need a license to use our marks in commercial products but it will be at no charge. If however, the company is not a member, they would need to pay a license fee in addition to entering into a license, otherwise face the risk of litigation for use of a registered trademark.
To be more illustrative, if a company named McDonalds has a commercially available training class called "OWASP Top 10 Certification", McDonalds would require a license. McDonalds could choose to support the entirety of our work by becoming a Corporate Member or if not, by simply paying a license fee for the right to use "OWASP" in their class name (or description btw). If McDonaolds chooses to not enter into a license, the OWASP Foundation has the option to take legal action to enforce the Foundation's rights of their registered trademark. Also McDonalds could also simply change their class name or description to not include the term OWASP.
One question you may have would be, what if a member Bill Smith who works at McDonalds and is the trainer, does that get McDonalds off the hook? No. If a trainee pays McDonalds for the class, or for that matter promotes the class, then McDonalds needs a license for their commercial use. The fact that Bill Smith is a member, is irrelevant.
What if Sue Jones delivers a training class named "OWASP Top 10" at a Global AppSec event? In this case Sue is acting as a contractor of the OWASP Foundation and would be excluded for needing a license since the entity that is commercially promoting the class is the OWASP Foundation.
While this concept may seem new to some of you, this model is very common for organizations to protect the integrity of their name; and to trade on the goodwill and value created in the market. Also this concept comes with inherent tension, as the OWASP Foundation will need continued investment in the value of their marks such that companies might want to license them.
Andrew and I have discussed my handoff of this important work. I do believe this is at least a 12-month startup effort followed by an ongoing strategy and tactical supporting role(s). In some of my previous experiences, we needed to create a full time role to administer such a program but in each case the revenue was a high multiple of cost.
Lastly, I want to assure you that taking this approach does not "sell us out" as an open source community. The Linux Foundation, WikiMedia (wikipedia), and EFF are just several examples of other open source communities who have registered and protected their marks. In fact if done well, I see this work as providing the necessary funding to FURTHER the mission of the OWASP Foundation into perpetuity. Others have transacted on the value of this community's decades of hard work, it is okay to ask for their support of our mission today and into the future.
--------------------------------------------------
Mike McCamon
Associate Executive Director, OWASP
o +1.781.876.6253 | m: +1.408.430.2767
Mike McCamon
Oct 15, 2020, 4:58:58 PM10/15/20
to Global-board
Once you have had an opportunity to digest this proposal and believe it's worthy of consideration please notify either Andrew or the Chair that you would like to sponsor or second the motion noted in the slides.
Richard Greenberg
Oct 15, 2020, 5:49:33 PM10/15/20
to Mike McCamon, Global-board
This is good work and helps protect the foundation moving forward. Thank you.
Richard Greenberg, CISSP
OWASP Global Board of Directors
ISSA Honor Roll & Distinguished Fellow
President, OWASP LA www.owaspla.org
President, ISSA LA www.issala.org
https://www.linkedin.com/in/richardagreenberg
(424) 307-4440
OWASP Global Board of Directors
ISSA Honor Roll & Distinguished Fellow
President, OWASP LA www.owaspla.org
President, ISSA LA www.issala.org
https://www.linkedin.com/in/richardagreenberg
(424) 307-4440
--
You received this message because you are subscribed to the Google Groups "Global-board" group.
To unsubscribe from this group and stop receiving emails from it, send an email to global-board...@owasp.org.
To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/global-board/CADvcYBiG9XKr9cGhYJAEpG2u91TXj7f5T8LwBOqdqZxJ9LihyQ%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages