Friday, July 07, 2006

Intellectual Property

*Disclaimer* I am no lawyer ... and know little of law in the first place, so just my thoughts. No flames please :-) This is not a very general piece on IP ... kind of directed towards some disturbing observations and behaviour I have observed : intention not to sermonize.

First off , just to clarify I am not super fond of patents and closed source development - but I can see justifications for their existance ... irrespective of your views , once you start working for a company and sign the dotted line - you are bound by that contract.

And protecting the intellectual property is typically a clause high up in that list.
That would just be one side of the story ... just as it is important to protect your IP , it is also important to not 'steal' others IP under any circumstances : you can use it only if you have explict permission for it.
I think this second clause is either missing or not very prominent ... for obvious reasons : your employment contract also does not say that you cannot use your company premises as a godown for stolen articles !!
Ok , maybe I am being too harsh in comparing things here ... but the impact is , in reality , not much different : can be more severe.

Let us consider a few examples I have actually seen being practised in various companies by developers : in all these cases ignorance is the reason - and it is not a valid defence.

1) Decompiling or reverse engineering and using this info.
There have been cases published online on how companies have actively tried to subvert the spirit of this ... but bottom line is , this is unethical and leads to tainted code and design.

2) Finding ways of subverting a license and 'including' a protected code within your distribution.
This could be in the form of simple renaming of opensource binaries in your distribution or more 'complex' ones like picking up the code , and integrating it within your codebase : without the license requirements being enforced.
Most developers do not even realise the seriousness of their acts when they are doing these stupid acts.

The list is long , but I just wanted to highlight two of the most common cases I have seen.

This usually happens in two ways :
1) Developer needs a quick fix , searchs the web to find a 'good library' and uses it - without giving much thought to the license.
2) He wants to find out how the competitors has solved a problem he is facing and 'takes a dig' at their product with tools for reverse engineering their code, decompiling , or any other practise forbidden by the license.

OR it could be for purely malacious reasons... which we will discount for now : if you know what you are doing is wrong and still do it - you better be aware of the consequences.

(2) is directly falling under copyright and intellectual property rights violation and should not be attempted under any ciscumstances.
(1) is a common enough case ... when you need to finish a prototype fast enough with insufficient time for due diligence , you do end up with hacks like this. The problem arises when you actually find out when the license is incompatible (typically in most companies , you MUST go through a license review of all third party component used in your product before you can get into beta or final release) ... what do we do now ?!
So beware of falling into this trap.

If any of these 'leak' out into your final product which gets released , you are making not just yourself but also making your company liable for punitive damages. Typically , I find this sort of behaviour very common among 'younger kids'. It is usually ignorance and not malacious intent which is the cause of this ....

Now to the first point - protecting intellectual property.
Usually , I have not seen many developers who are stupid enough to violate this when they are in the employ of a company (yes , I do know of incidents of colossal stupidity when they did try this too) - but as soon as they leave a company , the last few days are a flurry of activity.

Acts such as these are actually violating your company intellectual property related policies :

1) Copying your products codebase to a private repository.
Even if you had worked on that product and made substantial contributions - it still belongs to your employer. Once you leave the employ you have absolutely no rights over it and there is no justification to keep a private copy ... typically , I think it is expected that you clean up the private copies you have - not the reverse !

2) Copying and archiving mails.
This is kind of funny ground. Most of us do get personal mails at our office inbox ... so it is reasonable to want to archive those. But archiving anything else - even innocuous looking bugreports would be a violation. The mails sent to your company aliases could include patent claims in the making , design discussions for future products , presentations , competitive information , etc.
This is a very very frequent practise and I even have friends who have tried to justify this !

3) Leaving backdoors around for the purposes of 'keeping in touch' (vpn access , .forward , etc) ... once you are out , you are out. Friends remain , but professionally your relationship changes - respect that.

I think it would be very wise on the part of the companies concerned to make their new hires go through a course on legal implications of their various acts. Intention should not be to scare a new hire , but make them aware of their actions.
Lot of companies already do have these sort of courses (like mine for instance) ... but it is typically attempted and completed by the employees more as a chore than as a means to actually understand and learn something : a pity.


Post a Comment

Links to this post:

Create a Link

<< Home