Slashdot Mirror
Seeking Someone to License the Heart of Your Company?
dcdukeu asks: "We're a small software company that is about to enter into an 'Acceptance Period' with a much larger company for the purpose of determining if they want to license the source code and intellectual property of our main product. This involves giving them our source code, whitepapers, and providing the technology transfer of how things work. Once they receive this they get 45 days to determine if they want to move forward and incur royalties plus payment minimums. What I want to know is if other people have dealt with this before and what would they recommend in terms of how we can turn our information over to them in a time sensitive way (e.g. after 45 days the documents they receive cannot be viewed any more). We are basically giving up everything we have and training them before they say 'yes' or 'no' as to whether or not they are going to move forward. Thoughts?" Unless there are numerous protections already in place to prevent the larger company from running with the information gleaned from this transfer, this so does not sound like a good idea. If you've been in a similar situation before, what suggestions would you have for dcdukeu?
that the larger company aint M$
I think the best thing that you can do here is to get them to sign some legal document saying they won't touch your stuff after the expiry date. No matter how hard you try, you won't be able to stop them copying things (screenshots work, even if nothing else does), but if you have a contract it might make them think twice.
you are giving someone else access to your most business critical information.
This is one of those situations where you NEED expert advice you can rely on - and potentially sue if they f**k it up.
Alex
The only time I've been in a similar situation I was lucky because I could hand over a piece of hardware and say "go on then, assess this". But software? Source? Training and documentation? You're about to be raped, buddy.
I can see you're in a bad place - really wanting to make this deal happen, but you have to look at the risks. Three suggestions:
1, Turn the deal on its' head, get them to bring their software, source, docco and people to your place. Work to integrate the two and see if the execs like the end result.
2, Get them to define what it is they are hoping to achieve and have a third party consultancy assess your code to see if it fits the requirements.
3, Stay with the original gig but get them to sign a really viscious NDA preventing them from producing some derivative work or entering into the same market for 'n' years. They probably won't go for it, but hey.
Good luck, sounds like exciting times.
Dave
I write a blog now, you should be afraid.
Before you give them anything, have them sign an agreement that they will destroy any material they receive from you in 45 days. If you find they are using your information after 45 days, you can take them to court and show the court their signatures. IANAL so I don't know if this would work very well or not, but it's an idea.
"I don't trust goats," --To Catch a Spy
Shut up, be happy. The conveniences you demanded are now mandatory. -- Jello Biafra
My uncle (he wrote WordStar) learned a very expensive lesson in the 80's when he did a similar R&D disclosure. The Companies (MS, Lotus, Corel) copied the work and later released their 'own' products and stiffed my uncle on roytalies. After years of court battles the cases we're lost. What you can do today is patent protect your core technology. Patents infrigment cases are defended by the US patent Office process rather than your States Licence agreement/contract laws.
"Get them before they get....
GET A GOOD LAWYER NOW.
As a rule this sort of practice sucks. If the product is good enough, sell it on your own. If the big company wants it, make them pay up front just to see everything, they can afford it. The only defence you have is to contact all of the competitors of the big company and make them aware of what you have and the current situation. Hopefully you can get a bidding war going.
In general make sure you have the CEO of the big company as a signatory on any documents, make sure they are witnessed etc. Make it clear that you will go after the company and the indivdual if you have any problems. You can't win against the CEO but you can drag him through the mud.
If you're in this position, you really should ask yourself if you're not in the wrong swimming pool. Small fish get eaten in the big pool. You might want to rethink your stratagy, if you're looking at a situation where you have to essentially let someone read the book before they decide if they want to buy it.
In short, you're facing a socialogical problem, you're not going to find an acceptable technological solution for it, anymore then the BSA et all is going to solve piracy through technological means.
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
You wish to electronically lock them out after 45 days.... what if they hit the print button before then?
....
....or print screen for n number of pages
As the big company for the names of other companies that they've done similar deals with, then go talk to those other companies.
Then hie thee to a lawyer, and then to the U.S. Patent Office (or the patent office of your own nation).
Put everything in writing.
And yes, get a lawyer immediately. People will make life choices thinking a big gig will come through, but more than likely it will NOT happen. I have not heard of deals like this ever ending happily for the smaller company. Just because your client is larger and probably well known, there is no guarantee of "safety" in making such a lopsided deal with them.
First, I'm -not- a lawyer; thus, this does -not-
comprise legal advice, just "my two cents"...
(I'm writing from Australia where one woman has
reportedly served time in jail for providing
"word processing" services that were interpretted
as comprising the provision of legal services.
[I understand that she shared the -expensive-
law-firm provided divorce forms/papers/court-
submissions, used in -her- divorce proceedings
with another person, for a fee, by way of trying
to recoup some of the legal fees she'd incurred.]
And I don't want to be in jail for this post.
Now, there's clearly a -risk- involved to
the poster's company, et al. (eg its employees &
shareholders).
There is the hope & chance of reward.
Before signing on the dotted line, I'd be esti-
mating the value of each, as well as the value
of my IP to the bigger company...
and negotiating into the 45-day arrangement
a "Risk Fee" (by any name), i.e. payment of
a non-refundable amount that you feel justifies
your putting your IP at risk...
perhaps calculating a "rental" fee - sizable
due to the short term of the period of rental.
Of course, the payment would be applied to
the Source License fee, if they want to use
the IP after 45-days.
Moreover, the proposed arrangement does -not-
preclude others' suggestions that a -clear-
"for evaluation only; not for commercial use"
clause in you Non-Disclosure Agreement.
Of course, a non-refundable, advance payment
of [whatever you call] the "Risk Fee" -before-
they see your IP means you have more cash to
pay your 'legal eagles' in case of a breach
of the NDA.
What am I missing, here?
BTW, is the posting of such a question in
the hot-bed of the Open Source development
community provocative?
If you do this, first: prepared to be so incredibly reamed. American companies have long sice lost the concept of business ethics. They are NOT buying your source, they are looking to buy your engineers, understand this. Why? becuase if they aren't interested in your engineers, then they aren't interested in maintianing your code, which means if your code can be profitable to them then they are going to steal your source or at least the concept behind it *no matter what*, prepare yourself for this.
If you must give them code, do it by providing actual *sealed* machines minus networking cards, and disk drives and usb ports (CD is ok, only if it is NOT writable). Seal up the box professionally with security seals that will show tampering. Place keyboad loggers and other spyware on it to watch and record what is done on this box. Go overboard and force the use of tempest-resistant fonts and lock down the system such that new software cannot be installed and add a *hardware* clock that will accurately mark off 45 days. On that day, have the system nuke the hard drive.
"Your superior intellect is no match for our puny weapons!"
Basically what you are doing is giving them 45 days to steal all your intellectual property. You said it yourself, you're going to do the "information transfer" and then they have the option of paying you or not. Do you think that the information you transfer is going to be able to be removed from the brains of the people who look at it?
If you've figured out how to do something they want, they should pay for it up front. Period. None of this "let us look at it for 45 days and then we might pay you if we decide we still want it".
About the only way this isn't going to turn bad is if this is something they really can't do themselves. If they can do it themselves, what is stopping them? Perhaps they hope to figure that out from looking at your stuff.
If you really do want to do this you need to get about 3 DIFFERENT lawyers involved, preferably an Intellectual Property lawyer, a Corporate (agreements) lawyer, and probably a third one for good measure. You have to make sure there isn't anything that they can gain from this, or if they do gain something they have to pay you for it.
In addition, you need to figure out exactly what they are wanting to see. If they just want to make sure the code isn't a nightmare and it is reasonably written, perhaps getting a third party involved to do the review might be a good idea. Or as someone else suggested, get them over to your place of business.
The key here is to transfer as little as possible before they commit to paying you. It sounds like you guys are giving them everything before they pay you. I think I'll repeat myself and say that this is a very bad idea. Get the vaseline ready. You'll need it.
The other question is the long term piece of this. A lot of the time these types of deals end up being great for a couple of years and then the two companies either split the sheets and one ends up going broke, or one eats the other one. As you're the smaller company, the chances of you being on the bottom when this happens are quite good. Are you thinking about the long term repercussions of this?
One last thing I'll say. Don't let your greed get in the way of your common sense. Quite often people loose their good judgement when lots of dollar signs flash in front of their eyes.
Good luck! And remember the vaseline.
That way it is much less worthwhile for them to bother going through the potential legal hassles involved with stealing your stuff.
Of course, if they feel confident that they can get away with stealing your stuff anyway, it would just mean that they get it at half price.
Also, keep in mind the difference between copyright and patent. Copyright is yours whether or not you file with the government. Not so with patents. If they use your idea before you patent it, I believe that that constitutes prior art.
Don't bother trying any spiffy copy protection. 45 days is enough for them to get the idea even if there were no way for them to get a copy of the source (worst case for that: they take screenshots with a digital camera and ocr them).
And, obviously, don't trust me, ask your lawyer.
Why is Grand Theft Auto a much more serious crime than Reckless Driving?
get one, or a few.
Write a contract that basically costs them 50% of thier corperate net worth if they are found using your IP without paying for it after 45 days, NO EXCEPTIONS for any reason. Define your IP rediciously well, make *any* information that you transmit to them during the 'trade' your property, weither you have a contract or trademark on it, and do not transmit any information except during the 'trade'.
if they won't sign that, then they are trying to ream you, and they should come up with another plan. Make sure someone who has control over that much of thier corperation is the endorser, it'd be better if you could cause a high up to be personally responsible, but if they are incorperated that'll probably be impossible.
More likley allow them to send ONE auditor over and look at stuff, under supervision (but not direction). Even better have them hire a 3rd party contracter (they shouldn't be hard to find in todays economy) that will review your code for 45 days and send a report back. Neither of these solutions could possibly cost them a penny more (well the 3rd party might) than having them devote a few developers reviewing your IP in house for a month and a half.
There is not one good reason I can think of they would recuire your entire IP to be transmited to them, there are alot I can think of for them to audit your IP.
I live in a giant bucket.
If you have patents or patents pending, you're sweet. If you don't, then basically you're having to trust the other party, who it sounds like have more laywers than you (read up on Trade Secret law). If you don't trust the other party, why are you going to do a deal with them?
Either that, or your management is clueless about these types of transactions.
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
of the Xerox-Steve Jobs-Bill Gates idea stealing fiasco?
You saw what happened there. learn from it.
This is fundamentally impossible. I mean, if they were really desperate, they could just take pictures of the screen showing the source. But more realistically, there are simply too many ways for them to bypass any restriction you put in place.
The only way you stand a chance here is with a contract in place preventing them from looking at the source code after 45 days and specifying huge consequences if they do. And to be honest, even that is very iffy.
Oceania has always been at war with Eastasia.
Step 1:
/* scripts if tampering is detected.
Hire lawyers. As many as you need.
Step 2:
Buy a few nice laptops. Configure BIOS to disable floppy, USB, serial, sound, PCMCIA, network, external VGA, external mouse, external keyboard etc. Basically lock down the BIOS completely. Set BIOS passwords. Install Linux, create user account with just enough privelidges to preview your technology. Disable all network capabilities, floppy, USB etc just to be sure. At this point the only way to get data off the machine is to point a video camera at the screen, which would be a pain in the ass. If you can buy tamper detecting tape or glue, use it to lock down the hard drive. You cannot keep them from getting to the drive, but you could tell that they tried. Also, try locking down the runlevels to keep them from getting places they shouldn't. Think about rm
It's too easy for them to take the idea and not pay for it. Even if it means they have to do some moderate amount of development themselves. Like another poster said, they may have all they need except one crucial piece which viewing your source code will give them.
I also have some anecdotal evidence. First off, look at Microsoft's history -- littered with the carcasses of "partners." You don't want to end up like one of them (Spyglass, Stacker, many more).
My own personal anecdotal evidence: I lost a large sum of money investing in LynkUs (their website is now gone, and I can't find it in Google's cache). They were a Tampa-area company which provided two-way paging service, useful for stockbrokers to communicate with all their clients at once rather than phoning each of them serially. It also had medical applications, which is what got them screwed over.
They are now a one-person company operating out from home; basically, a shell waiting for the lawsuit .
I'm still hoping that something will come of my investment, but as of right now it's a total loss. I pray that the same doesn't happen to your company. Be careful!
Several (not just one, several) attorneys should review this for you prior to you giving up the family jewels.
I feel fantastic, and I'm still alive.
And they can evaluate it for 45 days.
Why do they want to access your code/docs?
Possible reasons:
- They want to see if it is well written, well formated, rigourous, well documented, mantainable, etc, before they buy it. I mean, "no one" likes bad code.
- They want to do [develop] a similar technology and want to see your specs, code, docs to give them a head start when they start developing their own tech - this basicly gives them more ideas for their design document, and possibly gives them a couple of ideas for the most "nasty" stuff do be done. Remember that if your product has competition you'll possible lose money and have to sell it cheaper.
- They are already doing (developing) a similar technology BUT are stuck in one or more places, and looking at your source may give them the anwsers to the problems their facing.
- It's also possible that they want to know if your companies developers program good enough, possibly to try and hire them later [or even merge with your company at some point].
- etc, etc, etc... Think about some more reasons and protect yourself according to them. Make sure the deal is worth the risk.
So basicly, they can have "good" (acceptable) reasons, like the first one, and they may have more obscure reasons like those that follow the first one.You'll have to protect your company from this. Specially because it's your main product and if you lose it your company can get out of this deal in a really bad shape.
Some sugestions that may come handy:
Get a laywer and make a written agreement that specifies what they can do with it [and specify what they can't:
and so on].
Put everything you can't think of in that contract and state that if they break any rule in it (AND don't buy your product), they have to pay you big time - (estimate the value as YOUR_PRODUCT_VALUE*350%) - this way they ain't gonna feel like stealing your code and they'll accept it if they are well intentioned.
This way, you are saffer and get a "little something" wich you can use to pay more laywers. If their layers are really good, increase the %.
There's no way you can guarantee that they can't copy it.
They can use a pen and a piece of paper to take notes about your code, docs, etc, etc or they can even memorize portions it, and you can't sue them for that, cuz you don't know if they have it in their minds - ok, bring the lie detection machine in.
They'll have to think something like "If we double cross these guys they'll take shitloads of money from us and it cost more than just paying for the code or paying our developers to develop a similar thing.".
What you can do is use several defense mechanisms in order to increase the deal's security.
It's a risky deal. Prepare yourself.
Having gone through this two years ago, and it's looking like I'll do it again in the near future, let me suggest that you _not_ let A Big Company look before they buy.
...
Instead, make some objective Representations and Warranties in the acquisition contract -- say, your server (if you have one) can handle N clients, or the software handles functions X, Y, and Z. The objective is to have a fixed set of expectations that can be proved of disproved.
If the acquiring company wants to grab your good work for free, it will have to take you to court and prove to a judge (and maybe a jury) that your software doesn't do what you said it would do.
My two cents
It's Linux, damnit! Pay no attention to renaming attempts by self-aggrandizing blowhards.
The only way to do this without bending over is to have an iron-clad contract which states that if the company does not want your code after the 45 days, then they are not to develop a competing system for the next 5 years, otherwise they will incur a payout that is 5 times the cost of the software in the first place. The same contract is to be signed by the individual engineers that read the code.
IANAL
'Acceptance Period' with a much larger company for the purpose of determining if they want to license the source code and intellectual property of our main product.
Contrary to the majority Slashdot opinion, I wouldn't worry too much about the deal. Get a good lawyer who does this sort of work exclusively and you will be just fine.
45 days isn't all that long either. We (a Fortune 500 company) often get hardware and software for months before we make up our mind. (More than once, we had Cisco gear on loan for so long the model has been discontinued or replaced before we got around to approving it for purchase.)
When viewing source, the company viewing it is almost always in the more dangerous position. Once they see your code, should they every come up with a similar application, they will have to jump through hoops to prove it isn't based on your code. That can be very expensive.
Usually when I do this sort of review I'm looking for clean, well-commented code and good overall documentation. I am not a programmer by trade so I'm generally not evaluating the code itself but the overall maintainability.
Buying code from a company as small as you seem is dangerous. Often times, there are only a couple programmers who really know the application. Should they get run over by a truck or leave the company, I want to make sure that the code is clean enough that someone else (either in your company or mine) can pick up the torch and keep my business running.
It's not enough to have an excellent product today. I want to know that the product can change with our needs. That's the real reason I want to see the code and documentation as well as the finished product.
In summary, get a good lawyer and relax. This is common practice and a lawyer who has done it before will keep you from getting screwed.
InitZero
Just GPL it all. Then they won't be able to steal anything!
That's totally secure, right?
sulli
RTFJ.
As for white papers about algorithms/data scructures/etc, print them on non-photocopiable paper and have them sign a time-limited-give-me-your-first-born kind of NDA.
Pedro Côrte-Real.
For awhile our company was trying to win an account from a much larger firm. We had to jump through all the hoops and detail what we were doing. They almost took the info and dump us. I think they knew they could recreate what we had but there were some other services they needed from us. Becareful.
Yes but every time I try to see it your way, I get a headache.
I've never seen this level of IP disclosure in a licensing scenario. Is it a black box or not? Who would be responsible for end-user support?
In contrast, I have seen repeated cases where companies have not exercised due diligence in their acquisitions of technology and/or firms, in whole.
I would propose an independent expert (mutually agreed upon), be given on-site access, to assess and evaluate the design, code, and training material. I would not provide copies of any material and/or training until the license deal is signed.
0. A lot of the posts assume you're selling them the technology, not licensing it. You've got more flexibility in a licensing situation--in most cases there is no need for them to see the code at all, just to determine if it meets their needs. (see 2)
1. A patent is a very good idea, if you really have anything patentable. A provisional patent can be filed in a day and costs -lt $100. It lets you say "patent pending" and serves as a 12-month placeholder for a formal, expensive patent application. Even if you never follow through, or if your designs turn out to be unpatentable, if they don't know which parts are patent pending and which aren't, they'll be less likely to reproduce any of it.
2. Are they licensing your code as an engine or piece of a larger application? In other words, can you give them just an API? If so, obfuscate the code and give them a watered-down API doc that just gives them the methods they need to integrate with their systems. The goal is to hide as much of the internal architecture and actual methodology as possible.
3. A lawyer is essential. But, you'll never be able to prevent them, contractually, from creating a similar technology if they don't buy yours. Obviously, they need one, otherwise they wouldn't be thinking of licensing yours. You can, and should, use a contract to
4. Combine the review contract with the licensing contract. If they're serious about licensing, then make them go through the trouble of agreeing on and drafting all the terms of the licensing contract before they can touch anything. If you can swing it, spell out what specific, measurable conditions must be met during the evaluation. If they're met, the contract should allow for two options: licensing or consolation payment. If they're not met, then the contract could allow you some time (10 days, 30 days, whatever) to address the deficiency and satisfy the requirements--otherwise, you've got nothing to squawk about. While there's no such thing as a "standard" license, this approach is pretty standard.
5. Most importantly, trust your instincts. If someone (or a company) wants to screw you, they're going to find a way to screw you. If it doesn't feel right, don't do it. Even if it does feel okay, be prepared for anything. Either way, you'll be much more savvy next time. There's always a next time.
OK, I really have no idea about the implications of this, or whether it is legal: Why not put a clause in your legal contract that says the larger company will have to pay any legal costs on your part should you decide to even pursue them in the courts for a possible violation... It should serve as a stark warning to them should they decide to do wrong by you - and before anyone suggests its not fair, just think about the risk you're about to take ;) you have to cover your own back.
congratulations!
;-)
If you get screwed (in your oppinion), make sure to visit www.rottencompany.com and warn the others about that company.
Anonimously, of course
then just say "no".
Three times I've seen first hand a certain "large" company play this game with smaller companies. For their ~$100K initiation fee they walk away with everything. There's that whole "why buy the cow if the milk is free" aspect to these transactions. Why pay millions when the business plan, product architecture, and source code are nearly free for the taking. If the larger company is that interested in your market space then you have to anticipate what will happen if they don't go through with the deal... remember, they want the part of the market that you service. A competitor with all your trade secrets, tools, and a huge pocketbook will be able to crush your company.