Reverse Engineering Cloud-Based Software
.
By Richard Stobbe
Let’s say you provide web-based software in a SaaS subscription model. What if your reseller or strategic business partner works against you to redesign and reverse engineer your software so they can launch a competing product?
This is what happened to Warehouse Solutions (WSI) in the recent U.S. case Warehouse Solutions, Inc. v. Integrated Logistics, LLC (May 8, 2015, Fed. CA 11th Cir.). WSI developed and sold a web-based software product known as “Intelligent Audit” which interfaced with UPS and FedEx tracking systems to allow companies to track and manage packages. Integrated acted as a reseller of “Intelligent Audit”, but was also a competitor to WSI, in the sense that Integrated sold its own package-tracking software. The reseller relationship between WSI and Integrated, however, was never documented in a written agreement. The parties had verbal discussions about the confidential and proprietary nature of the “Intelligent Audit” software.
Although Integrated never had access to the source code for “Intelligent Audit”, it had high level administrator access rights to the software, and therefore had much broader insight into the features, functionality and structure of the software, compared to the typical end-user.
On the side, unknown to WSI, Integrated developed its own web-based package-tracking software product that was visually and functionally similar to “Intelligent Audit”. Integrated even went so far as to give its own software developer access to “Intelligent Audit”. Eventually, Integrated dropped “Intelligent Audit” and began selling its own competing product under the ShipLink brand name.
WSI then sued Integrated for reverse engineering and copying its software, and through various court proceedings, the claims came down to the issue of trade secrets. The court drew a distinction between a software program’s underlying source code, which may be a trade secret, and the program’s “look and feel†and “functionality,†which cannot be protected as a trade secret, since these features are readily apparent to any user. Since WSI did not enter into a written confidentiality agreement with Integrated, the trade secret claim failed, and WSI’s claim was dismissed.
Lessons for business?
1. It’s worth noting that this case turns largely on U.S. concepts of “trade secret” protection under the Trade Secrets Act, and there is no equivalent legislation in Canada. Canadian software vendors are frequently bound by local U.S. laws in their dealings with American customers, resellers and strategic partners, so this case is an important one for Canadian SaaS providers, even though it involves U.S. law.
2. There are situations – such as in AirWatch, LLC v. Mobile Iron, Inc., (Unpublished) No. 1:12-cv-3571 (N.D. Ga. Sept. 4, 2013) – where a software licensor can protect its software as a trade secret, where it uses written agreements to clearly preserve the secrecy of the program’s functions and specifications.
3. Overall, the message for software vendors and SaaS providers is that clear written agreements will always be preferable to handshake deals and verbal warnings about confidentiality.
Calgary – 07:00 MDT
No comments