Blog » 6 Ways You Can Protect Intellectual Property While Outsourcing Software Development
Table of Contents
It is a common practice for a company to outsource software development for a variety of reasons. 43 percent of companies in the United States outsource programming jobs. The reasons vary between companies and individuals, but include cost savings, speed of development, access to talent, and reduced time to market.
But how can you balance the need for outsourcing with the need for protecting intellectual property?
Whatever your reason might be for outsourcing software development, you likely have some amount of trepidation in sharing your ideas and data with an outside entity. Maybe you’re a startup wanting to develop an amazing new app. How can you share your idea with a third party safely and not risk them claiming it as their own?
Technology Rivers has worked with start-ups, entrepreneurs, and enterprise businesses ready to put new ideas into action. We understand the importance of protecting intellectual property. All of our clients come to us with new product ideas and solutions that they want to get out on the market quickly, and without jeopardizing the innovative concepts on which they are based. We recognize the value of confidentiality and trust and have put development processes in place to safeguard our customers.
Don’t worry—it is possible to safely work with an outsourcing firm without fear of losing your intellectual property. You just need to do some work up front to make sure you are choosing the right partner, and you need to put some measures in place that will protect you and your ideas. Your first step is getting a better handle on what intellectual property is in the first place.
1. Know What Does IP Encompass Where Software Is Concerned
Intellectual property encompasses the creations of the mind. It can include inventions, artwork, literary pieces, designs, symbols, trade secrets, and images. Intellectual property can be protected by the law in the form of patents, copyright, and trademarks.
When companies are at the point of outsourcing software development work, they likely don’t have any sort of protection like a patent for the product they are working on. In fact, many end-product apps won’t qualify for a patent. In 2019, the United States Patent and Trademark Office revised their patent-eligibility guidance in such a way that fewer apps can even qualify for a patent. So, without using copyrights, trademarks, and patents, how can you be assured that your intellectual property is safe in the hands of your outsourcing partner?
2. Get Familiar with the Options for What and How Much to Outsource
Just because you want to outsource application development does not necessarily mean you have to hand all of your ideas and data over to one firm. There are different ways you can keep certain information private. By deciding exactly what you share and with whom, you can protect your most sensitive material.
Everything but the Secret Sauce
It is possible to outsource software development without sharing the core “secret sauce” element of your product by only having parts of the project outsourced. The more classified portion can be kept in-house. Once the outsourced portion is complete, an internal team can merge the outsourced and “secret sauce”.
Outsource to Multiple Groups
Another option is to outsource the work to different companies, thus reducing the number of vendors or individuals who have access to the entire project. For example, you could outsource the mobile app development to one firm, API development to another firm, admin portal, QA, and testing to a different group. This may increase the development cost, but will enforce the good practice of having all these sub-projects work with some process, and also help cross-validate each other’s work. The parts can be integrated internally once all components are completed, or could be the responsibility of one group. In this way, the entire project is not able to be compromised.
3. Examine the Processes of Potential Partners
You must perform your due diligence when assessing potential outsourcing firms. Asking the right questions about what processes they have in place for protecting IP is critical.
The questions below are a great place to start.
- What employment agreements do they have with their employees and consultants? (see “Ensure You Have the Proper Agreements in Place”)
- Do they subcontract any of their work? If so, how do they ensure IP protection?
- Do they use the proper tools for project management?
- Where do their servers and source code reside? If something happens in a local office, do they have a backup support system in place?
- How does their team communicate and how are documents shared among the team members?
- How do they ensure data and documents are removed from the possession of employees who leave or are terminated?
- Do they allow people to use personal tools or email, or do they only allow company-authorized resources to be used? (see “Always Have Transition in Mind”)
- What is their security policy for laptops and internet access?
- Do they have processes in place for employees who are working remotely?
At Technology Rivers, we ensure all of our source code and data are stored on the cloud and/or on US-based servers. In this way, we can avoid any outage due to any catastrophic event at an offshore location.
Conduct research upfront to ensure you’ll be working with a high-quality company that has the proper processes in place. The right processes are what will ultimately protect your work and information.
4. Always Have Transition in Mind
In the end, the work produced by an outsourcing firm is yours. Just because receiving this final product happens at the end of a project does not mean companies should only think of this transfer at the end of a project (which is often what happens). It’s best to work through the entire project with this end-transition in mind.
For all the client projects at Technology Rivers, we deploy all the applications to client provided servers and accounts. In case of cloud deployments, we deploy to client-owned AWS or Google Cloud accounts. All the source code is stored on BitBucket, GitHub or GitLab as per client preference.
In the last 5 years, we have witnessed numerous cases where vendors are not willing to provide access to source code and servers once they realize the vendor is transitioning to another firm, or if there are any disputes. It is possible to avoid these problems by having upfront discussions and processes in place.
It shouldn’t take days once the work is complete to get everything from your outsourcing partner. Transition should not be a separate step at all, but rather built into the process on your end. You do not want to pay for deployment at vendors servers, and then later on move to your servers. Make deployments on your own servers from the start. Make sure communications happen on your email system, or use a communication platform like Slack to which you can control access.
Many non-disclosure agreements (which we cover in the next section) stipulate that all confidential information be destroyed at the end of the project. But it’s not uncommon for the outsourcing firm to be contacted months after the project has ended because there is some piece of information the client does not have. Make sure you have all of the information all of the time by keeping transition in mind from the beginning and throughout the project.
5. Ensure You Have Proper Agreements in Place
You have chosen an outsourcing firm whom you trust, and you’ve set up a process with which you’re comfortable, but you still need some legal help to make sure you, your intellectual property, and your company is fully protected and end up with what you set out to attain. A comprehensive contract between you and your partner will set up the protection you need as you move forward. Below are some of the necessary components you will likely want to include in this contract.
Transfer of Intellectual Property
In the United States, software development is covered by copyright law. This means that the writer of the code retains ownership of said code and holds the copyright to the software. It makes sense that a writer owns what they have written, but when you’re outsourcing your software development, in the end, you need the code and the software itself to be yours.
Your contract must assign your company exclusive ownership of the code written by your outsourcing firm. By assigning everything created under the contract as a “work made for hire,” you gain ownership of all assets created including code, designs, wireframes, documentation, and diagrams.
Non-disclosure agreements (NDAs) should be signed by the company itself as well as by individual employees working on the software. This is what guarantees that your great app idea does not get shared with anybody and remains a secret until you decide to reveal it to the world.
You have an agreement with the outsourcing firm, but it is important to have some agreements directly with the individuals who are working on a project to ensure those individuals can be held accountable directly by you for any violation. A joinder agreement is what puts responsibility not just on the firm, but on their individual employees as well.
Alternatively, a joinder can be used when an agreement will likely have additional parties in the future, but those parties have not been determined when the contract is signed. The original agreement can require that any subcontractor has to sign a joinder to the original contract stipulating that they will also be subject to all of its terms and conditions.
A non-compete agreement ensures that individuals who worked on your project cannot compete with you in any way for an agreed-upon amount of time.
6. Choose a Partner You Can Trust
Trust for an outsourcing partner might be something that has to develop over a period of time. We have witnessed this over and over during our work with different clients for several years. In a few cases, when we began working with them, our tasks were project-based. We developed specific portions of what was needed, like designing app functionality or a customer-service portal. As we have developed a trusted relationship with these clients, we are invited to work with them on their core product engineering. We now are a trusted partner for most of their software development needs, because our ongoing relationship has given them confidence and trust in our integrity and ability.
Do your research and make sure you are hiring a firm you can trust. Speaking with several potential choices will give you a better idea of how different companies approach projects and partnerships. Ask upfront about their development process and how protection of your ideas and final product are built into that process. Choosing a company that will handle your software development is an important choice. Take some time to make sure you are choosing the right partner.
By understanding intellectual property and how it is handled under the law, you’ll have a better idea of what you should do to protect your own. By thoroughly vetting potential partners, understanding their process and your own, and knowing how contracts can protect your work and ideas, you can hire with confidence. In the end, trusting your outsourcing company is the key. Don’t let fear or confusion regarding intellectual property rights stop you from creating the next big thing.
Other Issues to Consider
There are a few other issues regarding software development of which you should be aware before outsourcing the development of your project.
The code that your software contains is not all original code. Using only original code to develop new software would be akin to reinventing the wheel every time a car is built. There will be code in your software that comes from third parties, including open-source software. Copyright for this code cannot be assigned to you, and you need to be sure your new software operates within the terms of the license for the third-party code.
Be sure your outsourcing firm gives you a complete list of all of the software packages that were used in creating your software. In addition, they should provide a warranty stating that they have not infringed on a third party’s intellectual property by using it in your software. Finally, the contract should include an indemnity clause that gives monetary protection for any actions taken against you for use of the third-party software.
Laws in Other Countries
What has been outlined here concerns the laws and regulations in the United States. If you choose to outsource software development overseas (or at least across national borders) you need to look into how IP rights are handled there. It’s even worth hiring an attorney from the home country of the company with whom you’re working.
Also, just because there is a law in place in another country does not mean that it is easily enforced. Relying on laws should actually be the last resort. Your process and the outsourcing firm’s process should do the bulk of the work toward reducing risk and providing protection.
The world of software technology is competitive. If you think you have the next best app, communication platform, or remote-monitoring system, it can be hard to know who you can trust to help you make it a reality. After all, how can you protect an idea?
Are you considering outsourcing your next digital project, and looking for a trusted partner that can solve your software development needs? Contact us today to learn more about our process, and how we can create a successful partnership for your venture.
Please note: This post is not meant to serve as formal legal advice. It is always a good idea to work with your legal professional for your software contract needs.
Join the conversation here.