IP protection critical in outsourcing
changed world order”; “Like it or not, outsourcing is here to stay”; “2010 revenues of US$50 billion” –
all are statements now being made about the Indian outsourcing industry. Among the range of activities that are now out- sourced to India – payroll administration, call centres, medical transcription – soft- ware development is the nation’s most renowned area of expertise.
Global corporations often outsource all or part of the software development processes needed for their regular project activity. On the basis of specifications provided by the client, service providers develop the software and provide it to the client who, in turn, licenses or sells the entire package to its own clients.
The three most common outsourcing models involve sending work to either a dedicated (or “captive”) service provider; a local Indian partner (in this model, the entity doing the work is a joint venture between the client and the service pro- vider); or a third party vendor.
A range of issues need to be addressed when negotiating an outsourcing con- tract. It is important to protect those interests of the client which, if neglected, may lead to serious consequences; skil- ful crafting is required to make contrac- tual provisions enforceable.
An area of particular concern is the protection of intellectual property rights (IPR). In a typical outsourcing contract relating to R&D, engineering or soft- ware development, each employee and any subcontractor assigns all the IPR rights in new inventions to the client. Contention may arise with respect to ownership of products developed and created by the service provider; assign- ment of invention in such products even- tually depends upon the negotiations among the parties. even outright theft. In view of this, at the outset the agreement must specifically:
- Establish ownership of any IP in existence at the time of execution of the outsourcing agreement;
- Establish ownership of any IP devel- oped or improved during the course of the outsourcing relationship;
- Precisely define what constitutes a modification (including such items as who makes the modification, when, why, and by what process);
- Determine if change control proce- dures apply during modifications;
- Restrict the vendor from disclosing any proprietary software or other infor- mation to third parties;
- Define IP loss;
- Include affirmative representations and a warranty by the vendor to adhere to Indian IP laws (not only to the extent of the protections afforded under Indian domestic law, but as broadly as applica- ble law will allow);
- Define prohibited activities under the non disclosure agreements (NDAs);
- Provide strong penalties for breach of the IP provisions (representations and warranties must provide for real-life protection);
- Negotiate for either money in an escrow or a bank guarantee to be invoked for breach of the IP provisions;
- Clearly define ownership of service deliverables;
- Place an expatriate technology officer on the board of the service provider (the presence of a client representative can highlight and prevent potential prob- lems); and,
- Conduct periodic audits to evalu- ate conformity with the IP protection standards.
Normally, the client requires the pro- vider to indemnify it in the event of a can attempt to negotiate an unlimited indemnity right for copyright and trade secrets.
One often-overlooked matter when drafting outsourcing agreements is sub- contracting rights. It is not unusual for the service provider to subcontract one or more functions without notifying the client, who may learn of this only when trouble arises. Therefore, the agreement should include a section defining sub- contracting rights.
It is important to ensure that the ven- dor can only subcontract with the writ- ten consent of the outsourcer – essen- tially, the subcontracting process and the agreement should be transparent. The vendor should remain contractually liable for the subcontracted functions, and the subcontractor’s level of service, systems, and control must be on par with that of the vendor. Finally, the subcontractor must be subject to the terms and condi- tions of the IP provisions of the outsourc- ing agreement.
Data protection is a crucial issue in relation to IPR in India. With recent changes to the IT Act, Section 43A now provides for data protection, includ- ing compensation for failure to protect data, making service providers liable for damages if they fail to implement and maintain “reasonable security practices and procedures”. While this term is not further defined, the explanation to sec- tion 43A shows that the parties involved are at liberty to identify the best security practices and to agree mutually accept- able terms.
There is no doubt that a distinctive legal regime addressing and promot- ing IP protection will create confidence among investors and foreign companies, and mute critics of outsourcing. Any outsourcing arrangement that involves sharing or developing proprie-vider will typically seek to limit breach of a third party’s IPR. While a protary software is vulnerable to dispute and the extent and amount of its IPR exposure, the client
Priti Suri is the proprietor of PSA