Slashdot Mirror
Protecting Your Code While Allowing Source Access?
foo_48120 asks: "My small development shop, myself and four employees, is taking on a fairly large job that will run a substantial part of the clients business. To protect themselves they want the source code to the project. Frankly I don't blame them. We bid aggressively to get them to underwrite our own efforts to build this code, which we plan to resell again and again. That is the basis for our company.
I have no problem with them holding the source but need to make it clear that we own the code and that they have a license to use it in their business. They may at their discretion hire others to modify the code, but would still be required to pay their maintenance contract and be prohibited from reselling it or using it to run an additional business. How do you provide open source without escrow, yet protect what we are documenting up front as out intellectual property rights in the ownership of this code?"
Of course third party developers may break things and we would not be responsible for that or for fixing it without further renumeration.
Ideally, if we make them happy then we will do all future upgrades and add on modules as well. I am not worried about that. I do want to know if anyone has experience in the writing of such a licensing agreement? Perhaps they could provide me with a sample copy of their text?
Let's leave aside for now the issue of totally open source vs. closed source. There are times when you want the product to be proprietary as we do, however I want them to feel comfortable using our code so that if a proverbial plane were to fly into our building and wipe us all out then they don't go down the tubes with us."
I ran my consulting business under the same premis for 15 years. The contract they signed with me included, among other features, their right to the source code with the restriction that they could not use it as the basis for competition against me. Terms included where a conflict could be ajudicated, the amount of damages, etc...
Running with Linux for over 20 years!
When it comes to selling source code, that's the only method that works.
... How do you provide open source without escrow, yet protect what we are documenting up front as out intellectual property rights in the ownership of this code?"
First off, find out that what you are talking about is not open source. If it was open source, or a compatible license, than your client company would be free to redistribute.
Second, it's called a contract. And lawyers. Slashdot is neither. Just (have a lawyer) draft a contract specifying exactly what can be done and saying anything not listed is expressly forbidden unless written permission is granted.
Dacels Jewelers can't be trusted.
Look into a Exclusive Use rights clause in your contract. There's nothing saying that you can't agree to let them use the software and have a copy of the source as a deliverable. However, you can limit their ability to resell/reuse the component.
Additionally, create an Intellectual Property clause in the contract spelling out specific ownership rights/responsibilities.
Insert IANAL comment here.
Quidquid latine dictum sit, altum sonatur.
They may at their discretion hire others to modify the code, but would still be required to pay their maintenance contract and be prohibited from reselling it or using it to run an additional business
So, you've got the possibility that you'll be responsible for supporting the product even though other people are modifying it? How are your people going to have expertise in the work being done by these others?
This sig has been temporarily disconnected or is no longer in service
That's not a very good answer to the "How do you provide open source without escrow" question, now is it?
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
They are paying you to code something for them. You are a contract firm. What you code for them is their property. Would you get to keep your code if you worked for a company? No, the code would belong to them. This company is paying you for the code, and so, when you are done, then the code belongs to them. They lose their monetary investment if you get to keep the code and resell it to their competitors.
If you offer them outstanding service and support throughout the time they use your product, they will come back over and over again to you. They will want you, and only you to maintain the code, as well as to provide upgrades. If you start jacking them up, have poor business relations with them, they will look for alternatives, and they will take your code, no matter how many clauses you place in your EULA.
Veni, vidi, vici.
Technically speaking, there really isn't any way to prevent this. If they are to have maintenance access to your code, then there is no way to keep them from giving the code to someone else.
The only thing I can think of that might work would be to add extensions to the language you use (like extra keywords) and provide your own closed-source compiler, which is hobbled so it only works on the original system, perhaps with some kind of hardware dongle, or net connection that connects to your server to verify the compiling machine's serial number and some cryptographic key.
This wouldn't prevent it from being hacked, but it might make it difficult enough to make the prospect less likely.
bytesmythe
Hypocrisy is the resin that holds the plywood of society together.
-- Scott Meyer
Seriously, why are you even bothering to "Ask Slashdot?". This is a legal issue, you'll need legal contracts and agreements, all of that. Talk to a fucking lawyer.
:)
You clearly don't know the difference between what you talking to a lawyer costs, and what talking to the slashdot-crowd costs
this sig has intentionally been left blank
Assuming you are in the United States, your work is still covered under US Copyright law. Just because you are giving them access to the source code, does not give them redistribution rights, or the right to make a derivative without expressed permission.
So, all you should need is an (C) Your Co.
All Rights Reserved.
If that doesn't work, a handy lawsuit works wonders.
Black and grey are both shades of white.
That would totally negate them having the code to begin with.
It sounds like they want the code so that they can make changes to their business software when and how they want it.
If you intentionally make it difficult or impossible to do what they're entitled to do (it sounds like they're wanting to basically buy a copy of the code, like a book or something), then you're in violation of the spirit, if not the terms, of the contract.
Plus, if you're not nice to the people who are paying you lots of money, you're less likely to get repeat business from them.
There are two basic ways (as we see it) to do this. Keep ownership and grant a license that has a specific list of allowed uses or just the reverse where you give them ownership but retain specific license for yourselves.
You can usually make it work as you need it with either party having ownership, since ownership just means they have final say, can change the license, and get any non-specified (default) rights.
Keeping in mind this is only one small part of the whole contract and I don't promise this is safe or useful for you as it is... here is a paragraph right out of our standard contracts:
(b)Grant of License. Steem hereby grants to Client, upon the terms and conditions set forth in this Agreement, a non-transferable, non-fee bearing, single use, worldwide right and license, without the right to sublicense, for software developed by Steem for use with the Web Site. Any artwork, graphics, or designs created to Client specifications for use in the Web Site become property of the Client upon the Web Site Launch. However, Steem retains the right to display any created artwork, graphics, or designs as part of Steem's portfolio of design work. Steem retains sole rights and ownership of all interactive code. The provisions of this Section 7 will survive indefinitely regardless of the completion or termination of this Agreement.
RudeDude
Perl/Linux/PHP hacker
You just need to write an obfuscator then, something that takes the inhouse code and changes variable names and adds bogus modules and subroutines.
I know developers who do this part without really trying that hard...
Many of us at Slashdot have been in similar situations. As such, we know there are certain details to keep in mind regardless if the use of a lawyer or some other type of consultant is necessary. For example:
I play rugby and in a recent match I landed on my foot wrong and parts of my foot went numb. Now, I asked some friends of mine and what do you think they said? "Go talk to a fucking doctor?" No, because they have had past experience with similar situations. They gave me anecdotes about past injuries they had, how they felt, etc. some of which helped, some did not.
Now this is the same here, all of the info given here may not be helpful, but the few comments that are made could tremendously help the person asking the question. So please, if you have something to say about the situation, say it, if you don't, try to help in whatever way you can -- remember, we're a community here.
This is my digital signature. 10011011001
Programmers are morally obligated to give the code to their users and allow their users to freely modify and redistribute the code.
When did this happen?
Is [insert popular novelist here] morally obligated to give away his/her novels, allowing the readers to freely modify and redistribute the text?
I respect the open source movement and I think free (as in speech and beer) software is a Good Thing(tm), but I think saying coders are morally obligated to give away their source code is a step too far.
Here's a question for you:
You said "for their protection". Protection from what, precisely?
If they are concerned that you, as a company will cease to exist, and they will no longer be able to modify their code, then the previously mentioned escrow service should be perfectly fine with both of you. If this is another issue, the question of relevance comes to mind. If they want it to be sure that the software is "secure" from buffer overflows, etc, then you will need to hire a lawyer and write some sort of ironclad document to make sure they can't steal it, sell it, or claim any royalty fees on it. If they want it for any other purpose, I don't see them having a ligitimate claim to the software. I mean, sure, they're your employers, but unless there was something funny in the bid documents, they probably don't have any "right" to see the code.
hmmmm?
What? You had better share that insight with all of the commercial software vendors out there quickly before they go out of business! Make sure to include Microsoft, Oracle, IBM, etc...!
Programmers are morally obligated to give the code to their users and allow their users to freely modify and redistribute the code. Again... WHAT? I am not aware of any code of morals saying that developers have an obligation to give away their code. Can you explain to me, all GNU and FSF rhetoric aside, why my company should spend countless resources to create a product that we give the code away for and let people do as they wish with it? I personally don't get that logic.
Slightly offtopic (but not by much): I think that the ideal license is one that says something like: "By purchasing this software you get rights to the source code, to do with as you like *within* your organization. If you plan on offering your changed product outside of your organization, you must sign an approved Royalty agreement with the Publisher..."
Don't bite the hand that feeds and don't assume that you can make money by putting a product out as OSS and that someone will pay you to extend or support it.
I don't mean to sound flippant.. but i'm in a line of work where, when i work during the day, i assume that that work is done, and that tomorrow, i'm going to get paid for working tomorrow.. and not to keep getting paid and repaid for the work i did last week.
.i give it freely to the companies, and their use of it is what they will of it, except that they must reference the writer - me - when they use the data. They are not allowed to say "this analysis was done by us" I only ask that they say "this analysis was done by gsfprez".
Is the concept of "pay me for work" completely dead? Must everything be "pay me for work, and keep paying me for years later too?"
Why do you not just simply charge them for getting a job accomplished, and then, if they want you to come back, tell them it will cost them more money?
If you think that there is something to your work, and if the source code get distributed, then you may see that others will want to pay to have you come and work for them to help them integrate whatever it is that is so wonderful that you wrote up.
What you sound like you want is "pay us now, but we want to hold our code hostage so that any time someone uses it, you want to get paid."
If you were to ask 3 times as much for your work, and they got an unlimited use of your code, would that be sufficient?
IANACIAAA (I am not a coder, i am an analyst), so please, this is not a "you suck" post.. this is an honest question.... where does my idea fall flat, if it does, please tell me, i want to be educated.
So that you can get a sense of where i'm coming from.... what i do every day is i sell out my brain power (and those of my partners here) by the hour.
I get paid to give someone a analysis of this, or an analysis of that... and i tell them "that will take 6 months and cost you $100,000". My reputation is good, so i get more people to come back to me and keep hiring me to do more work for them.
I do not hold my output hostage..
What else they do with the data, i don't care, and its not my business....I have gotten plenty of work simply from others seeing my output, and they were impressed.
My customers always have new problems, and i'm here to help them when those problems come up. They also have partners, and so, they come to us for help because they saw what were were able to accomplish.
When they do, they ask me how much it will cost.... they pay us then....
rinse, lather, repeat.
guns kill people like spoons make Rosie O'Donnell fat.
First off there are other companies that "license" their source code, like ICS. You could always find one of these companies and ask them how they do it.
Second, this does simply sound like a licensing issue. You trust your customers not to hack the license keys for the binary form of your product, or to redistribute it. So perhaps it's all about trust....
"Not knowing when the dawn will come, I open every door." - Emily Dickinson
"How do you provide open source without escrow, yet protect what we are documenting up front as out intellectual property rights in the ownership of this code?"
/. know-it-alls.
By hiring yourself a good lawyer.. and not taking law advice from a bunch of pimple-faced
-gerbik
"Programmers are morally obligated to give the code to their users"
WRONG! It is at programmers discretion. A progammer wrote the program to fulfill the users requirements for software. It can be interpretted both ways, unless the user specifically wants the source-code, the programmer has no obligation to give it to them.
Generally in contracts I've seen the user retains the rights to that specific binary, but not the source-code. Meaning that the programmer/company can make dirivitives of it, but not hand out the exact same program.
Rather then say open-source every second, in the vastly competitive software development world it is not feasible to say open source all the time. I like open source as much as the next guy, but if they open sourced their program their software technologies could be stolen, and honestly who would know? If they gave the source-code away, even under the GPL, you could modify it and no-one would be the wiser. Yes some people could complain about infringing on the GPL, but if the progammers are good enough at changing things, nobody would know and now your out a good technology.
In a last thought, why is closed-source so bad? If your company spent 5 years and millions on researching an algorithm for X, I personally see no reason why can't make a bit of profit off it and keep it closed source as long as they don't play the patent/copyright/trademark game and take away everyone elses rights to anything similar.
It's a shame that some companies would sink to these levels, but we live in mainly unethical world where business rules everything (or atleast in North America).
Never, ever lose a file again. Ever.
GPL: The Guido Public License
Preamble
The licenses for most software are designed to take away your freedom to share and change it. By contrast, the the Scarpelli family's Guido Public License gives you more freedom with the benefit of protection for you, your family and your business. The Guido Public License applies to most of the Scarpelli Family Software Foundation's software and to any other program whose authors commit to using it. (Some other Scarpelli Family Software Foundation software is covered by the Guido Library General Public License instead.) You can apply it to your programs, too.
Accidents, fires and floods happen. The Guido Public License protects you.
We protect our rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy and distribute the software.
Failure to abide by the rules of any of the Guido Public Licenses will mean a visit from Guido Scarpelli himself.
You don't want that.
Trolling is a art,
The parent is modded as "Funny", but this is a real strategy, called "source shrouding". Doing a thorough job of it is nontrivial, because it requires a full language parser to morph everything correctly. But the result can be e.g. program source with no comments, no unneeded whitespace (including newlines), and all identifiers replaced with x00001, x00002, etc. It's not a guarantee against someone managing to modify it, but it sure raises the barrier.
That said, the other posters on this thread are quite correct in saying that the "right" approach is to craft a contract that specifies how your code may be used.
When all you have is a hammer, everything looks like a skull.
Well, for one thing, the model of selling a product doesn't work in the software development industry.
I just heard a thunderclap. I think it was the sound of Bill Gates' bank account entering the atmosphere of your argument. I estimate about five minutes until it re-enacts the scene from the end of The Forge of God when it meets up with Scott McNealy's.
"...always new atoms but always doing the same dance, remembering what the dance was yesterday." -Richard Feynman
Well my past experience is this:
Go ahead and give them the code. When they start modifying it, taking it to 3rd parties, and using it at other businesses, stare at the ground and tremble your lower lip. That night, get into an argument with your wife and kick the dog.
Best Windows Freeware
And you don't know the difference between professional legal advice and mindless techie ramblings.
I think your advocacy might go better if you didn't sound so astonished that your preferred scheme actually worked for someone. (Albeit someone in a business niche that has next to nothing to do with what this guy does.)
And isn't someone going to flame him for claiming that Lunix is buggy and hard to use unless you buy it with Red Hat support?
What I'm listening to now on Pandora...
You just need to write an obfuscator then, something that takes the inhouse code and changes variable names and adds bogus modules and subroutines.
And I suppose you bill the client for the time it takes to obfuscate and confuse the code? Or you eat the cost?
Trusted relationships are enforced by contracts all of the time. Comfort yourself with some analogies from other industries, then define the terms of the contract and call your lawyer.
That reduces your problem to catching them if they break ranks with the agreement. Rich comments and the occasional random readme in the source tree (e.g., Java package.html files, copyright headers/footers) help give your code a signature.
Something else just came to mind here. What about splitting the code into libraries versus their proprietary code (unique to their project) and only give the source to the latter? It doesn't sound applicable for your current project, but you may find yourself with an opportunity to reduce your risk later by doing this.
You are checking your backups, aren't you?
If I'm an architect and design a house for you, you get to live in the house. But if an architecture magazine publishes an article on it, I get the royalties, not you. And it's my reputation as an architect that is improved.
The actual issue here is, "How much is the client paying for?" Are they buying use of the end product? of course. Are they buying all rights to and use of the design or source? Probably not all rights and use. So, therefore, the challenge is to work out an equitable and profitable distribution of rights and use between the original client and the artist/programmer.
This post is asking, "What are the methods that are established for describing who gets which uses and rights on a piece of software that was part of a custom contract?"
Open source implies that they have all the rights you specifically say that they will not be granted. Your scheme is closer to Microsoft's Shared Source scheme, or what we often refer to as "source under glass" - Look, but don't touch. Source, yes; open, no.
I'm sure there will be those here who will take an activistic viewpoint and urge you to do something different. I will not. You have every right to release code under any terms and conditions you may legally obtain, and more power to you. But my opinion is that you ought not use the phrase "open source" unless it meets the OSI mark requirements (which your plan most certainly would not).
...although bear in mind that a lawyer engaged in copulation may not have his/her mind completely on the job.
Not a problem - screwing is part of their job description.
Do you have Linux and a DotPal? Click here now!
Oh...wait...you mean that wasn't sarcasm? You actually wrote that with a straight face? Now *that* is funny.
Let's see how your opinion of free software changes after Mommy and Daddy stop paying for school and you have to get a job. Your tune will change when you realize that people who give away software won't be hiring you, because....they have no money to pay salaries! Hell, where does Linus get his paychecks? Not from a company releasing its intellectual property for free. As for consulting...you want to add up all the dollars spent on software (binaries) compared to consulting services? It isn't remotely close. Nice try.
This whole "all source code should be free" crap is only popular among people who don't work for a living (and, somehow, Stallman). When you own your code, and make a living off of it, it's amazing how your views tend to change. It's kind of like how the hippies of the 60's became the 80's Me-generation - money and power (and closed source code!) is only bad when someone ELSE is controlling it.
But thanks for the troll, that was a good one!
-Looking for a job as a materials chemist or multivariat
--Keeping the flame wars alive, one post at a time
Agreed. Get a very good intellectual property lawyer, or better yet, a lawyer in a firm that deals with business issues and has IP specialists on staff. I was in this very same position with a software application my company had started writing, and a medium-sized business in the Midwest was interested in it. It would have saved them quite a lot of money over commercial applications, plus it would have been fully customized for their business. And on top of it, we could go on to sell the software to other companies for more money. Good for both parties.
The other company was worried about us being able to finish the project to their specifications. We'd develop a contract with them, send it to them, and their lawyers would change it to basically ensure that we would at some time be in breach of contract. If that happened they would get the source code. We were already willing to share the code with them as part of the deal so long as they didn't resell it or market it themselves. No need to get hostile about it. We learned quite rapidly that only lawyers can fight lawyers (without massive time committments on our part), and by spending the extra money on a good set of lawyers, including an IP specialist, we saved ourselves lots of future headaches and problems.
In the end we ended up not doing business with the company, and we lost the sale and opportunity. The other business spent ten times what we would have charged to implement a generic software package for their needs, and to cutomize that package to work with their business. Do I feel bad about it? Yeah -- it sucks to lose business like that, and it was a good opportunity. But I would have felt much worse if I hadn't involved expert lawyers along the way to protect us and explain what the other side was trying to do (the good parts along with the bad things they were doing).
Conventional escrow doesn't work when customer needs it - when your company fails. A bankruptcy judge will review your company's assets, and may find that the source code is the only marketable asset, and must be preserved for your debtors. Judges have voided escrow contracts in order to maintain the remaining value of the company.
Thus, your customer is wise to ask for the source up front. And if your company is bankrupt, it's not going to matter much to you - except that you'll know you didn't screw the customer.
You need a lawyer. It's a pretty simple contract, once you've explained the parameters.
If you want to use Free-Software-friendly attorneys, I can direct you to several, but pretty much any attorney will do.
Bruce
Bruce Perens.
And their company isn't the first to happen upon this situation.
You always ask your friends about similar situations they may have encountered before you go into some situation. Fools would go ahead and get a lawyer without first discussing it with people who might have had experience with the situation.
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
You clearly don't know the difference between what you talking to a lawyer costs, and what talking to the slashdot-crowd costs :)
;-)
You clearly don't know the difference in the quality of advice that a lawyer will give and what talking to the slashdot-crowd will give
In this case you get what you pay for. Seriously, when my brother-in-law who's a realtor has a problem getting his wireless networking problems debugged, do you think he should send out an email to his real-estate buddies? What kind of advice do you think he'll get? They all usually have very strong opinions from what "they knew worked" in the past. It's also usually dead wrong. It's the same here.
Mmmm.. Donuts
An honest client simply needs to know the rules. If they are unsure of your intent, their lawyer will ask you to clarify.
Even if you got a lawyer to write it, a crook isn't going to care...
Thats my job-security. Nonsensical variable names, meaningless functions etc... It would be a nightmare for even a very experienced programmer to decipher some of my source codes, especially for larger programs... So spaghettify the source code then give it to them. In 5 years when they figure it out it probably wont matter much by then, as it would be quicker just to re-write it from scratch.
-- Will program for bandwidth
Lawyers are better at telling you if what you're trying to do is going to work than telling you what to do. That's where we come in...
Asking Slashdot will likely generate a lot of dumb ideas that won't fly legally, but it also at times generates the occasional 5-Insightful that contains the idea that neither you nor your lawyer would have thought of. Get the idea from Slashdot, run it past the lawyer, and you might just get an idea that would not have been used otherwise.
of "Open Source" in a dictionary, making the exercise pointless, he is likely to find many other words in there.
.gasp, beautiful.
.or even have our code corrected by an outside party if that's what it takes to make beautiful code.
For instance, after modifying the code his firm is indeed likely to renumerate it, i.e., give it a different version number.
For doing this his firm will expect to be *remunerated.* It's from the Latin remuneratus, derived from munis, from which we also derive the English words "munificent" and even "money."
( Munis is a gift, to remunerate is to *re*gift, i.e., effect an exchange)
This note brought to you by the ever hated Slashdot Lexical Patrol ( also known as SLaP), who believes that language is form of code and believes code should be well formed, it's terminology and functions properly called and invoked and even. .
Our patron saint is William Strunk, Jr., along with his acolyte E.B. White and our Demigods include such figures as Gibbon, Thoreau, Conrad ( who managed in a "foriegn" language no less), Yeats, Voltaire and Kipling ( The OS booted up like thunder!).
Just as Knuth is ( and should be) venerated, so should geeks venerate and study the "code" of these honored figures.
We all write faulty code at times. It's no shame to have to debug and reversion. .
In fact, I rather imagine that some of the more ironically inclined are about to take a hearty whack at this missive itself.
KFG
--
Damn the Emperor!
No, but /. is the place for him to get ideas as to what to tell the lawyer to put into the license.
A lawyer is like a complier. You write code in English, he compilies it into airtight Legalese. However, if you give him a bug in the unput, his contract can still crash.
an confidential inhouse one, and an obfuscated one to give to the company, full of misleading variables names, fake variables, incorrect subroutines, etc. Of course, they both compile correctly.
....OW..OW.OWOWOWOWOWOWOWOW! It's a joke! Stop hitting me!
so we convert it to perl then?
OW.. OW
Do not look at laser with remaining good eye.
The problem is, there is no information that the Slashdot community can give you about legal situations that could be useful. Lawyers aren't allowed to answer (essentially) at all unless they are retained as council. The asker is certainly going to need to speak with a lawyer; period. Why not skip the uninformed legal advice and skip straight to the people who can help navigate the situation. Now, "Does anyone know a good lawyer for handling cases such as blah blah blah" would be a great slashdot question. If it's just for fun and to share anecdotes, that's fine too, but I'd probably stick that into the question somewhere just to avoid the "talk to a lawyer" contingent.
Well, theoretically of course; they will still be there, since tons of people wouldn't actually read the question. I'd suggest putting "I ALREADY HAVE A LAWYER AND AM JUST POSTING THIS FOR INTERESTING AND FUN ANECDOTES" in bold at the top. Although I'm not sure about the wisdom of discussing potentially private legal strategies in public...:-)
Having said that, it is pretty low down dirty and slimy to have a company PAY YOU to write a program, PAY YOU to maintain a program, PAY YOU to give them a copy of the program, then you turn around and claim that they are bound by a license. If they commissioned the work to be done, you shouldn't be trying to shove a license up their butts.
It's just my opinion, but I've had to deal with these kind of consulting companies. If the customer is reading this story, some advice: Hire yourself a different consultant.
And if the consultant is reading this post: You are over stepping your ethical rights. They paid for it, they should control it.
-- Ken Kinder ken@_nospam_kenkinder.com http://kenkinder.com/
First we're talking about IP, copyright, and trademark. You don't talk to 'a lawyer' becuase most lawyers pass the regular Legal Bar and not those for IP, which are much more difficult.
Second, this kind of issue is best discussed with slashdot AND a lawyer, AND newsgroups, AND maybe a second lawyer.
Third, (I agree) -- talk to a lawyer . :) I have worked with IP lawyers who do non-profit work for free, and personal work for very low cost ($10/hr, more or less). This sounds like you are getting professional work done, but IP lawyers aren't that expensive.
Most of us think of 'Hiring a Lawyer' as an unattainable task, or costing thousands of dollars for extensive work, like is done in court cases. Finding an IP lawyer is easy. Look in the phone book, call the people who don't have full-page ads, and find one that charges between 25-50 per hour and specializes in IP. Find a small business with several lawyers and a single receptionist that has a low, reasonable hourly rate for small projects like that.
In this case where there was extensive bidding going on for the project, the small cost of $200-300 for a day with a competent lawyer should have been included as part of the bid. They probably should have spent $50-100 for a morning with the lawyer while working on the bid, just in case.
//TODO: Think of witty sig statement
I'm getting married next year, and my fiancée and I, like most couples, are hiring a photographer.
We hired the photographer to take OUR images, when TV news crews do that, they need to have you sign a release to use the footage. Your likeness belongs to you, and no one else.
For $5000 you'd think we own the photos right? WRONG! The negatives are held by the photographer. Each photo has a "Do not duplicate" stamp on the back....nice huh?
I think i'm going to start charging my clients for all the computers and network gear I install, but i'm going to have them sign an agreement saying I own the gear, and they have to pay me to make any alterations to the network or systems! Can you imagine that?
-ted
...believes code should be well formed, it's terminology and functions properly called and invoked...
I would like to call your attention to the fact that the character sequence "it's" is a macro that is expanded by the preprocessor to the sequence "it is". Thus the sentence fragment above, once preprocessed, reads "...believes code should be well formed, it is terminology and functions properly called and invoked..." This bit of code, as it were, is clearly not well formed.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Asking Slashdot will likely generate a lot of dumb ideas that won't fly legally, but it also at times generates the occasional 5-Insightful that contains the idea that neither you nor your lawyer would have thought of.
/. should have been "-5 Dead Wrong".
Unfortunately, a large number of "5-Insightful" comments on
Voting is a lousy way to arrive at the truth.
Your foot will probably heal by itself. It might heal faster given certain generic treatments (ice, stretching or immobilization or whatever.) And if it doesn't get better in a couple of weeks, you go see a doctor anyway, who goes "tsk, tsk, you should have seen me last week" but fixes you up all the same.
But the contract that he writes and signs will effectively "own" his business and the payrolls of four other people for the next year. If he forgets to dot a legal 'i' or cross some legal 't', a troubled client might take serious advantage of him. Hiring a lawyer to draft the contract will help cover those clauses that might otherwise expose him to some unforseen liabilities.
I'm not saying that his client is shady, or that he isn't honest. I'm saying keep in mind that three years ago every dot-com had a million dollars of venture capital to fund these projects. These days, money is not so free and customers may have their financial situations change. If his client starts feeling the money belt tighten, this guy had better have an airtight contract to make sure that 1) he gets paid for work he does; or at least 2) he can stop working if he doesn't get paid.
The Slashdot crowd will no doubt have some ideas regarding coverage of intellectual property, and I'm sure that's what this guy wants to read. But he needs to spend a few dollars on a decent contract lawyer to ensure that his company's future isn't thrown away by a PREVENTABLE turn of the die. Isn't protecting a million dollar investment worth $5000?
John
My company GPL's everything we write.
We only charge access to the cvs server (basically a subscription).
This is for companies who find they want to manage the code themselves, or hire thier own programmers.
IN the end though, you still need programmers. Whether it be us, or someone else, they will have to contribute those changes back into the community.
So, many companies stick to component subscriptions, and then use the API's against software they write explicitly, which is private.
Very similiair to what Nvidia does right now with XFree86.
The company gets too keep thier software process unique, and fundamental to thier business edge. (i.e. nobody can buy the process they use...)
While at the same time, the components they use to power that software get updates from said company to our cvs server for others to use.
Very nice arrgangement. I haven't found any company yet that has had an issue with the GPL cvs server arrangement we use.
We are a component company.
-hack
Got Geometrodynamics? Awe, too hard to figure out? Too bad.
Instead of relying on the courts, make them take out a bond payable to you upon a pre-determined proof of contract violation.
It's a hell of a lot more bulletproof than the courts, and oftentimes bond issuers will make them put up some hard assets as collateral (property, buildings, tools, or a big cash percentage) which is no big deal if they're honest, but fucks them right in the ass if they're not.
The bond issuer will be legally required to pay the bond based upon the contract surrounding the bond's payment terms, but they don't care that much since they've got the pink slip to the factory. Sure, they'd rather not liquidate the factory, but that's the business they're in and they're good at it.
Jury trials are a huge hassle, and even if you're right you don't always win, and even if you win you lose due to costs, delays and lame jury awards (contract to Republican fear mongering, they're not always generous).
Just because you get the source, is not sufficient to qualify as Open Source.
The Open Source Definition is effectively the same document as the Debian Free Software Guidelines, and as such both have conditions that require that the software be alowed to be redistributed, even if modified or aggregated:
Debian: GNU/Linux done the Linux way
We're not talking about The Open Source Definition (OSD) here, we're talking about giving a client access to the source code, and stopping them from distributing. Technical measures will fail (you could make it more difficult, but without legal backing you're screwed anyway), so you need legal. I'd remove the Open Source terminology from it entirely and get a lawyer to draft up a contract. Put in something that says they have to follow certain procedures when using the source code to lower the risk of it getting out, and that they have to pay damages if the source code is leaked.
This is a very common issue at the company I work for. Any company that does custom engineering work (we do computer hardware, electrical design, installation, and of course software) for more than a single customer MUST retain ownership of their code simply because you can't afford to rewrite all of your software every time you get a contract with a different company.
When we quote a project, we do it based on the amount of work it will take to accomplish it, but we don't sell them hours of engineering work. We sell them a working system. If we budget 500 hours and it takes 1000 hours to write some custom piece of software, the customer doesn't have to pay us twice as much for the project. We sell them a system, with the license to use the software, and we give them a copy of the code as a deliverable for them to modify and use for the specific system we sold them.
Most people think companies like ours try to retain ownership so that the customer has to pay us royalties, but the fact is, we rarely, if ever, charge for maintenance. We sell a warranty with the system, so we fix any bugs that arise. If we do a good job, they hire us back to make changes to the system, which we do get to charge for. However, our customer can just as easily go to a different company and hire them to make the change, because our software license permits that.
The real reason we have to retain ownership is so that we can freely copy portions of code from previous projects to use in future projects. Say, for instance, we wrote a code module that abstracts a certain piece of hardware. If we used that same piece of hardware on another project, we would want to use the same code module to make our life easier. Unfortunately, if our previous customer owned the software, we would have to pay THEM royalties to use that software!!! The fact is, retaining ownership of that code gives us a competitive advantage in future projects, because some of our development is already done, so we can try to under-bid our competition (who are doing the same thing we are, by the way).
In fact, writing software today is rarely a case of writing code from the ground up, and selling it to someone. Now our job is to take existing pieces and put them together to form a system. That's why companies in our industry are called "Systems Integrators".
"I have never let my schooling interfere with my education." - Mark Twain
Note that work for hire applies to employees but not contractors! A few clients have been burned because they didn't know or care about this, and their contractors neglected to raise the issue. Requiring the contractor to agree to assign the copyright to the work to you is the usual way of handling this.