Copyright, Open Source, Clean Rooms and Ignorance of the Law

By -

Recently I was reminded (by being an observer to some drama) of the legal constraints that developers should know but frequently do not know – especially the new self-taught developers. I suspect that even some Computer Science graduates are ignorant here.

Monkey See, Monkey Do –Lawyers Knock!

Jack develops websites and a customer points him to a website that he wants emulated. Jack goes to the site and copy portions of the code from the site. Often the code is nothing more than a JavaScript function or a chunk of CSS. He uses these code fragments exactly as written (no renaming variables, changing line orders etc). He brings in a graphic designer that does a brilliant original design.

 

The site is ready, the customer is happy, Jack drops a check in his pocket.   Two months later, the customer phones Jack – he has just received a letter from a lawyer to take down the web site because it contains copyrighted material.

Jack talks the customer into leaving it up. The site provider gets a similar letter 4 weeks later and dutifully takes down the site. The customer phone Jack, angry that his site is down and the site provider refuse to restore it. Jack moves the site to another provider… and the cycle repeats – except this time the customer does not receive a polite letter but either:

  • Papers indicating he is being sued.
  • Knock on the door by the FBI (under 18 U.S.C. Section 1030 or equivalent)

Things go worst….

 

What is the problem? Simple – items on the internet retain copyright unless licensed or placed explicitly in the public domain. There is no “fair use” of code. The rights problem is actually made more severe with open source – because there are hundreds of contributors, there is a significant chance that one of them did a copying of someone’s code off a website. You have an right to use the open source code – but it does not indemnify you if the code violates a copyright.

 

The person in procession of the violation is always accountable! Someone selling bogus DVD or Viagra is not excused because he did not know it was illegal. The best that they can hope for is a deal if they drop their suppliers into the mess.

Clean Rooms

Old timers know about “clean-rooms” from the days of MSDOS. The name has been re-used. The old meaning was putting developers in isolation to develop a product and protect the firm from lawsuits; for example, because a developer reverse engineered code or behavior.

 

In the internet world it would mean that you can do screen shots of a site and create an equivalent NEVER NEVER looking at a single line of source (HTML, JScript, CSS). If the site has “patents” or “patent pending”, then it is even harder because of patents on things like ‘One Click’, so you cannot even do screen shots.

 

The problem is simple, a license, items placed explicitly into the public domain or a truly original creation is needed.

 

Taking your own code with you to the next firm…

If you are an employee of a firm and wrote this awesome library of routines and then leave the firm I have some bad news for you. You cannot use a single item from that library unless you get explicit written permission from your old firm. You created it; they OWN it. You can recreate the library (literally rewrite the library) and likely will improve it in the process.  Every routine etc must be revised. I usually recommend defining a NEW different naming convention, changing the preferred coding patterns and doing a complete refactor with some improvement in at least 50% of the functions.

 

Consultants have more code re-use freedom

Consultants arrive with libraries of code they have evolved from other projects. The use of this code is often viewed as an unrestricted licensing of the code to the customer without the acquisition of ownership. If the contract specifies “work for hire”, then the consultant should clearly mark what is new and novel in this work, and what is simply an unrestricted license.  If the consultant writes work for hire code that he like, he  is still free to refactor the code and add it to his own repository of code – after doing a clean and complete refactor – ideally with some further improvements.

 

If you are responsible for the management of code….

If your crew produces websites – you have an obligation of due-diligence to make sure they do not violate copyright or perform theft of code (a criminal offense). If you do not have the skills, you need to get someone with the skills to come in and:

  • Present and document that your employees have been instructed on best practices at least once a year.
  • Review some code (often this actually amount to testing the dev if they understand the code they are using or just copied it from elsewhere).
  • Make sure that you have insurance against this (I would recommend at least $1,000,000 policy)

If you do not care…

Several years ago, my wife got involved with VRML and creates a short example, 420 bytes of code, that she used on her website. She put a copyright in it.  One day when she Altavista-ed (pre-google) her name she found it on an Israeli site. We contacted a lawyer in Israel, arranged a contingency agreement and told him to go for it. Two months later we received a check. The offender opted to settle for $1200 for the 420 bytes of code instead of our lawyer going the distance for copyright infringement.

 

Many lawyers have spare cycles and a clean copyright lawsuit on contingency can be an easy sale…  We did it internationally with little hassle.

 

Is it fair? Should copyrights and patent be abolished? I have no comment of those issues – they exists and can result in significant financial pain; they are to be respected.

 

THIS IS NOT LEGAL ADVISE – ALWAYS CONSULT WITH YOUR LAWYER ON LEGAL MATTERS

Comments

Post a Comment

Popular posts from this blog

Yet once more into the breech (of altered programming logic)

By -
Once upon a time, long long ago, I wrote 8-bit programs in Tiny-C with absolute addressing being the only reality.  Then we had Borland Turbo-C with relative addresses and the joys of relative assembly jumps. Enter Windows and the joys of locking and unlocking memory blocks that you must allocated and manage yourself. Then came Visual Basic which evolved into .Net CLR and decreasing awareness of what is happening under the hood.   With VS2010 including F# and enhanced parallelism in .Net4, we actually have to go retro a bit – back to the world of having to understand the hardware. CPU speeds are no longer increasing – I have an old laptop from six+ years ago that ran at 3.2 GHz. This year I updated one of my machines off-the-shelf from Costco.com, an I7-920 with 4 cores and hyper-threading (8 CPUs appears in Task Manager) and 12 GB of DDR3 RAM. This week I ordered from Costco a Phenom II X6 (Yes – 6 REAL CORES) for one of my daughters.  This CPU will (according to YouTube demos) o
Read more

Simple WP7 Mango App for Background Tasks, Toast, and Tiles: Code Explanation

By -
Image
This is a continuation of this post , explaining how the sample app works. Caution : This sample isn’t meant as an example of best patterns and practices. If you see something in the code you would never do, then don’t. Solution File Organization The app has three Visual Studio Projects: the app, the agent, and the shared code library between them. One of the great things about Mango is that now the built-in Visual Studio Unit test functionality is available. By separating out the meat of the work into the SampleShared project, I can also focus my unit testing there. SampleApp1 The app has a MainPage, a ViewModel, and the WMAppManifest.xml file modified to note my ExtendedTask of BackgroundServiceAgent. The Agent is extremely simple with a call to the shared library, an update to the Tile, and a call to pop up Toast. The meat of the work is in the SampleShared library. The AgentMgr manages the background agent : add, remove, find, run now. It is only called f
Read more

How to convert SVG data to a Png Image file Using InkScape

By -
Image
Introduction The project required the need to put the visual pie chart on a web page on the client and in a Pdf file created on the server. I eventually choose to use a Telerik Kendo DataViz Chart control on the client, and use a PNG file on the server for the Pdf file. This blog post will explain the process and code to convert the client-side pie chart Svg data to a Png file, and provide a download to the working code. Prerequisites You need to have a trial version of the Telerik Kendo library installed in order to make the sample code work. You also need InkScape installed. InkScape is the application that does the actual conversion. You will need to change the Web.config appSetting of “ExeDirectoryForInkscape” to represent your own installation location. Any SVG Data Will Work The pie chart was created using the Telerik Kendo DataViz chart control. While I name a specific control, as long as you have access to the SVG data, the same conversion process on the server will
Read more