Welcome to our series of interviews with the people behind the OpenChain Project. While open source is mostly about software, and governance is mostly about licenses, it is also the story of thousands of individuals collaborating. We hope these interviews will inform and inspire our readers, and encourage more people to participate in open source and OpenChain.

Our eleventh interview is with Leon Schwartz from GTC Law Group PC & Affiliates

You have been involved with technology for a while and you now have a leadership position in open source. Can you tell us a little about how you joined your company, why you are involved in technology development, and how you first discovered open source?

Since I work for a law firm advising companies regarding open source and not an actual tech company, my experience is likely a little different than others you have interviewed.  My love of software began as a kid playing a pirated version of Star Trek on a Soviet-era clone of the IBM/360 mainframe, but my first experience with open source was huddled in a dorm room, hacking together Linux drivers for a cd burner.  I developed software (which, of course, incorporated open source software) for start-ups and large companies for years and after graduating from law school I chose to join GTC in part so that I could continue to work in the software field, even if I was no longer writing software for a living.  For a committed techie like me, GTC was an obvious choice.  For starters, there was an entire group of lawyers and paralegals devoted to the legal aspects of open source use and most of them are former software developers.  Because of GTC’s depth of experience in this field that many others only dabble in, we often get to advise on the most complex questions and get to work with some of the foremost innovators in tech, helping them navigate the often-confusing (and sometimes contradictory) world of open source.  I love what I do and I wouldn’t trade it for any other job out there! 

Your involvement in open source is very interesting. Software is behind most of our technology and open source is behind most of our software. However, in relative terms there are few coordinators, managers or lawyers with significant experience of this approach to technology. How did you become one of these experienced lawyers and do you have any ideas for broader acceptance of the use of open source?

Combining almost a decade of software development experience with nearly the same amount of time guiding clients through their open source review and compliance efforts helps me understand and balance legal and development concerns and to effectively navigate and resolve situations where these concerns are at odds with each other.  Our group at GTC also handles open source due diligence and strategy in all types of transactions (e.g. mergers, acquisitions, divestitures, IPOs, joint ventures, investments, etc.) which gives us a great perspective on what does and does not work in the area of open source compliance, from the perspective of both buyers/investors and sellers.  All this experience allows us to provide the kind of real-world advice that clients need at a time of huge growth in use and acceptance of open source software.  Despite this growth, open source software is not well-understood by most corporate lawyers, whose default answer when it comes to using open source is often “no.”  It is our job as lawyers and technologists that are at the forefront of this “revolution” to continue to demystify open source software and to educate both clients and colleagues and to arm them with the ability to understand, evaluate, and mitigate its risks without simply rejecting open source software outright.

OpenChain is all about open source compliance in the supply chain. Our industry standard builds trust and our reference material helps companies build processes to meet the standard. Approaching this discussion for the first time can be a little intimidating. Most people are modest about their understanding of licenses or choosing the “best” approach to solve a business challenge. It may be a strong word to use, but often a certain sense of fear makes people hesitate. How did you learn to approach this issue with a positive and open mind?

A great man once said that the only thing we have to fear is… fear itself.  The software world has changed dramatically over the last decade, with some estimates suggesting that open source comprises more than 60% of most codebases.  That said, lawyers are built to be risk-averse and can be reluctant to endorse approaches that depart from existing models with well-defined risk profiles.  An important thing to remember is that Rome wasn’t built in a day and that a robust compliance program cannot be put in place overnight.  The OpenChain Specification is a great roadmap and can make it easier to put a process in place, but starting is often the hardest part, and so “starting small” is often the best approach – allowing the compliance program to grow as confidence in the process grows.  I often tell clients that the worst thing you can do is do nothing.

One thing the OpenChain Project is concerned with is diversity. Our project is developing a long-term industry standard and our strategic perspective is measured in many years or even decades. To access the potential in our community we need to make sure gender or personal choices never make people feel unwelcome or excluded. In some markets like China and Korea around half of the people we work with are female. In other markets, such as Japan and the United States, the percentage of women is far less. Have you faced challenges because of gender and how did you overcome them?

I grew up in a household where both of my parents wrote software for a living (you could say that software was in my blood) and it wasn’t until college that I became aware of the huge disparity in the number of men and women in the field and the difficulties women often face in our industry.  It had simply never occurred to me that an idea could be judged by the gender of the person who had it!  Not only should we never make anyone feel unwelcome or excluded, but we should actively encourage participation by everyone and anyone; you never know who the best ideas will come from!  The fight for true equality cannot and should not be fought solely by those negatively affected by inequality, it is up to all of us to combat prejudice and avoid perpetuating practices and structures that create unfairness.

The next question is directly related to the last one. Because the OpenChain Project is concerned with diversity we must acknowledge that every part of our project needs to continually improve. Our social structures, our meeting formats, our processes to create or improve material. Everything needs to be considered to find any challenge to making people welcome and empowered. Can you assist us in this process with some suggestions for improvement?

Since I am relatively new to the OpenChain Project, I do not (yet) feel qualified to provide suggestions for improvement, but one thing that we can all do is to support organizations whose goal is to encourage, support, and increase diversity in the tech industry and to encourage organizations we are part of to make this part of their goals, as well.

All around the developing world age is a topic. Our populations are getting older and the social distance between young and old people seems to be growing. People in their early twenties seem to have very little in common with people in their forties or fifties. Of course this is understandable and of course it has always existed between generations. However, in the context of open source, our population is aging too, with the average age of participants around 30~55. Maybe we have more older people than young people. Do you have any suggestions for how we can make young people interested and welcome in projects like OpenChain?

Getting people of any age interested in compliance programs is not an easy task, because compliance is often seen as a “speed bump” or a “roadblock” in the way of development.  At GTC, we focus on building – and helping clients build internal consensus for — real-world compliance programs that act more like a navigation system, allowing developers to work their way through and around problems and risks while using open source software.  As a generalization, younger developers tend overwhelmingly to want to leverage open source software in their projects; if they see that compliance programs are not meant to prevent this, they are more willing to participate in framing the compliance programs and processes to make sure that they continue to work for them.  Making compliance a part of the regular product life-cycle also increases acceptance and involvement, and this is why the OpenChain Specification has such great potential to be a game-changer.  Finally, as far as attracting younger generations to participate in large collaborative projects, I think it is important to engage them in the ways that they communicate with each other.  Whether it’s through GitHub, Slack, or Instagram, projects that aim for a younger generation of participants need to embrace (and make good use of) social media.

There is a big difference between tactical activities that solve day-to-day problems and strategic activities that solve bigger challenges. OpenChain is basically focused on strategy. This means our participants think about the future and it means we also have to think about how many tactical actions can serve a strategic mission. People often ask how to do this and they often mention that it is hard to think strategically when many business metrics are based on quarterly activities. Do you have any suggestions based on your own experience?

It is important to stress the relationship between short-term goals and longer-term strategic missions; one cannot exist without the other.  For example, when clients with long-established processes approach us for help creating and implementing an open source policy, the task can be quite large, with many moving parts.  By breaking it down into a series of smaller tasks with individual milestones, we can both continue to work towards the long-term goal of a robust open source policy and show progress in a way that fits within quarterly metrics.  Likewise, it is important not to let decisions made in the short-term derail longer-term strategy.  For example, when reviewing the use of an open source component, it is important to think how decisions made for this particular component may impact the larger open source policy that is being implemented.

We have asked many serious questions in this interview. Each of your answers is extremely valuable for our current and our future community. OpenChain is all about sharing knowledge and helping everyone do better. However, we are not only a dry, factual community. We also have many positive social relationships and there is a hope or a goal that OpenChain can be fun too. We are all together collaborating to solve interesting challenges. Do you have any tips for how people can come into a project like OpenChain and find the experience rewarding personally as well as in a business sense?

I have been very lucky to both work with and for some really amazing people throughout my professional life.  Most of us spend more time with our coworkers than we do with our families, so it is important to do everything we can to surround ourselves with people who have a positive influence on us, both professionally and personally, and this includes any project or group that we join.  When joining a new organization, I always try to be open and approachable and try to spend more time listening than speaking at first (which is not always easy for me).

Finally, you have been so kind to answer these questions in English. However, the future of open source and OpenChain is not in English, but instead in communication from Mandarin to Hindi to German. The future is making sure people in each nation can work together freely. We already hold the local work group meetings in the local language but is there a way we can reduce language barriers even more?

Actually, my first language was Russian, and though I am fluent in both, I write/type much faster in English, so I am quite thankful that was the language used for this written interview!  Breaking down language barriers to communication is crucial and holding local meetings in the local language is an excellent idea.  This is also an area in which technology is evolving rapidly, increasingly allowing people with no common language to communicate effectively and in near-real time.

Thank you Leon for your time and thoughts!