Securing Intellectual Property (eBook)

Front Cover 1
Securing Intellectual Property 4
Copyright Page 7
Contents 8
Preface 16
References 18
Chapter 1: Elements of a Holistic Program 20
Introduction 21
False Memes Lead People the Wrong Way 21
From the Industrial Age to the Information Age 21
Chapter 2: Trade Secrets and Nondisclosure Agreements 26
Introduction 27
Contents 27
What Is a Trade Secret? 27
Basis of Trade Secret Law 27
Trade Secret Law vs. Contractual Protection of Confidential Information 28
Technology as a Trade Secret 29
Source Code as a Trade Secret 29
Product Ideas-Flying under the Radar Screen 29
Confidential Business Information 30
Confidential Information from Third Parties 30
Limits to Trade Secrets 30
How Long Trade Secrets Last 30
Patents vs. Trade Secrets 30
Can More Than One Company Have the Same Trade Secret? 31
Care and Protection of Trade Secrets 31
One Person in Charge of Confidentiality Measures 32
Controls on Access to Confidential Data 32
Entry Control and Badges 33
Confidentiality Legends on Documents, Code, and Other Data 33
Agreements with Third Parties to Protect Confidentiality 34
Confidential Undertakings by Employees and Contractors 34
Employee Guidelines 35
Speeches, Paper, and Presentations 35
New Employee Orientation 35
Exit Process 35
Nondisclosure Agreements and Confidential Disclosure 36
Mutual or Unilateral NDAs 36
Defining “Confidential Information” 37
What Written Information Is “Confidential Information”? 37
What Oral or Visual Information Is “Confidential Information”? 38
Carve-Outs from Confidential Information 38
Prohibition of Disclosure 39
Use of Confidential Information 39
When Does Protection Time-Out? 39
Risks from Others’ Confidential Information 40
Two-Stage Disclosure 40
Watch Out for “Residuals” Clauses 40
Are There Oral Agreements for Nondisclosure? 41
Disclosure Agreements that Are the Opposite of NDAs 41
When You Negotiate a Deal, Should NDAs Be Superseded? 42
Confidentiality Clauses Generally 42
Violations of Trade Secret Law 42
What Is Illegal under Trade Secret Law? 43
What Is Not Illegal under Trade Secret Law? 43
What if Trade Secrets Are Disclosed? 43
Dealing with Violations of Trade Secrets 43
Remedies Short of Litigation 44
Is Taking Trade Secrets a Crime? 45
Can Software Trade Secrets Be Licensed or Sold? 45
Use of Counsel in Managing Trade Secrets 46
Chapter 3: Confidentiality, Rights Transfer, and Noncompetition Agreements for Employees 48
Introduction 49
Note on Terminology 49
About Employment Law Generally 50
Contents of Employee Agreements 50
Confidentiality Provisions 50
Definition of “Confidential Information” 51
Regarding Use and Protection of Confidential Information 51
Confidentiality and Pre-Employment Communications 52
Provisions in Aid of Enforcement 52
Capturing Intellectual Property Rights 53
Special Rule for California and Certain Other States 54
Cooperation in Rights Transfer 55
Documents and Records 55
Noncompetition and Nonsolicitation Provisions 55
State with Limitations on Restrictive Covenants 56
About Consideration 56
Getting Employees to Sign 57
Enforceability of Provisions 57
Nature of the Employment 57
Reasonable Scope and Duration 58
Noncompetition Clause 58
Automatic Extension of Restricted Period 59
“Blue Pencil” 59
Enforcement of Noncompetition Agreements by Employers 59
Do Not Delay in Addressing a Breach 59
Remedies Short of Litigation 60
Preliminary Injunction 60
Obtaining Assurance of the Absence of Conflicting Prior Agreements 60
Chapter 4: IT Services—Development, Outsourcing, and Consulting 62
Introduction 63
In This Chapter 63
IT Consulting Business Model 63
Development Deals 64
Why Outside Development? 64
Scale of Development Deals and the Development Forms 65
Development Can Be a Risky Business 65
Need for Planning and Risk Management 67
Process Overview 67
Writing and Responding to RFPs 68
Elements of an RFP—From the Customer’s Point of View 68
Responding to RFPs—From the Developer’s Point of View 70
Agreement 71
Getting the First Draft on the Table 71
Structure of a Development Agreement 71
Development Planning 72
What Is to Be Delivered to the Customer? 73
Requirements for Providing the Deliverables 73
Software and Data to Be Provided for Use in Development 73
Oversight and Management 74
Price and Costs 74
Acceptance 74
Postacceptance 74
“Detailed Design” 74
Dealing with Informal Specifications 75
Project Management Provisions 75
Personnel Assigned to Development 76
Change Management Provisions 76
Acceptance Procedures 77
Payment Provisions 77
Milestone-Based 77
Time and Materials 78
Combinations and Variations 79
Right Schedule 79
Intellectual Property—Ownership and/or License 79
What Intellectual Property Is at Stake? 80
Copyright in the Software 80
Patentable Inventions 80
Trade Secrets 80
Goals in Negotiating Intellectual Property Clauses 81
Common Means to Deal with Intellectual Property in Agreements 81
Developer Owns/License Grant Clause 82
Work-Made-for-Hire Clause/Patent Clause 82
Foreground Intellectual Property and Background Intellectual Property Clause 83
Other Variations 84
Avoiding Jointly Owned Intellectual Property 85
When the Web Developer Is Also Providing Web Hosting? 85
Subcontractors 86
Noncompetition Clauses 86
Provisions on Confidential Information 86
Training and Support 87
Warranties 87
Disclaimers and Limitations 87
Date Processing (Y2K) Warranties 87
Open Source Provisions 88
Intellectual Property Warranties and Indemnities 88
Insurance 89
Clause on Customer Nonsolicitation of Developer Employees 90
Termination 90
Dispute Resolution 91
Boilerplate Provisions 91
About Offshoring 92
Other Types of Consulting Businesses and IT Services 93
Legal Issues in Development and Consulting Businesses 94
Employment Issues 94
Building a Brand 94
Conclusion 95
Chapter 5: How to Sell Your Intellectual Property Protection Program 96
Introduction 97
Questions to Ask and People to Approach 98
What Is Your Business Differentiation from Your Competitors? 99
Who Do You Have to Protect These Differentiators From? 100
What Are the Probabilities in Terms of Likely Attackers, Targets, and Objectives? 101
If the Competition Obtained or Tampered with Your Intellectual Property, What Harm Would Be Done? 102
What Security Measures Would Be Cost-Effective and Business-Enabling? 102
Notes on Figure 5.1 103
Notes on Figure 5.2 104
Executives and Board Members 104
Research and Development 104
Manufacturing 104
Sales and Marketing 105
Human Resources 105
Operations 105
Risk Identification 105
Implications of IP loss 106
Notes on Figure 5.3 107
Implementation Plan 107
Potential Inhibitors 107
Identified Milestones 108
Notes on Figure 5.4 108
Notes on Figure 5.5 109
Executive Commitment 109
Business Value Statement 109
Notes 110
Chapter 6: Case Study: The Mysterious Social Engineering Attacks on Entity X 112
Introduction 113
Fundamentals of Social Engineering Attacks 114
The Mysterious Social Engineering Attacks on Entity Y 116
Guidance for the Workforce 118
How to Recognize Elicitation 118
How to Handle the Caller 119
How to Report the Incident 119
General User-Oriented Guidance on How to Detect and Defeat Social Engineering 120
Chapter 7: When Insiders and/or Competitors Target a Business’s Intellectual Property 122
Introduction 123
Lightwave Microsystems 123
America Online 124
Casiano Communications 125
Corning and PicVue 126
Avery Dennison and Four Pillars 127
Lexar Media and Toshiba 129
SigmaTel and Citroen 131
3dGEO – China 132
Chapter 8: When Piracy, Counterfeiting, and Organized Crime Target a Business’s Intellectual Property 134
Introduction 135
Technology Counterfeiting 138
The Apparel Industry 139
The Entertainment Industry 140
Chapter 9: Physical Security: The “Duh” Factor 142
Introduction 143
Chapter 10: Protecting Intellectual Property in a Crisis Situation 160
Introduction 161
Chapter 11: Top Ten Ways to Shut Down Hackers 168
Introduction 169
Go Undercover 169
Shred Everything 169
Get Decent Locks 170
Put that Badge Away 171
Check Your Surveillance Gear 171
Shut Down Shoulder Surfers 171
Block Tailgaters 172
Clean Your Car 172
Watch Your Back Online 172
Beware of Social Engineers 173
Appendix 1: Mutual Non-Disclosure Agreement 174
Introductory Note 175
Mutual Non-Disclosure Agreement 175
Appendix 2: Evaluation Agreement (Pro-Recipient) 180
Introductory Note 181
Evaluation Agreement 181
Appendix 3: Employee Agreement 184
Introductory Note 185
Employee Agreement 185
Exhibit A 192
Exhibit B 193
Exhibit C 194
Appendix 4: Software Development Agreement 196
Introductory Note 197
Software Development Agreement 197
Schedule - Specifications 216
Schedule - Milestone and Payment Schedule 216
Appendix 5: Software Consulting Agreement (Favors Consultant) 218
Introductory Note 219
Software Consulting Agreement 219
Schedule 1 227
Schedule of Work 227
Appendix 6: Software Consulting Agreement (Favors Customer) 228
Introductory Note 229
Software Consulting Agreement 229
Appendix 7: Web Site Development Agreement 240
Introductory Note 241
Web Site Development Agreement 241
Appendix 8: Web Hosting Agreement 252
Introductory Note 253
Web Site Hosting Agreement 253
Schedule A 263
Schedule B 264
Schedule C 265
Schedule D 267
Appendix 9: U.S. Department of Justice Checklist for Reporting a Theft of Trade Secrets Offense 268
United States Department of Justice 269
Checklist for Reporting a Theft of Trade Secrets Offense 269
Index 274