Previous Thread
Not standard at all. As a matter of fact, even when a purchasing company wants to protect themselves the sourcecode is only put in escrow, it's not made available to them.
I know it's tough because they're a large client but I would look at it as getting this one deal and losing your product for future deals if said consultant is unethical and uses your source code to compete or losing this deal over this and still having your product to sell.
I can't believe that a company would back up a consultant asking for your trade secrets if you explained to them that this is like the consultant asking you to send naked pictures of yourself before he can approve the deal ;). I know that's extreme and you won't really say that, unless you have to ;), but I think you'll get the idea of how you can stress to the client that it's very odd behavior.
Lisa
Categories: Operations and Legal
We have a large company that is deciding to go with our software. They have already tested it and said they want it. However, they hired a consultant to analyse the software. He is a programmer himself and has software in the same industry. He does not have a similar product to ours, but has been known to promote one of our competitor's products. He now claims that he cannot complete his analysis of our software without getting a copy of our sourcecode. I explained that we do not let anyone outside our company get copies of our sourcecode, but he claimed that it is standard in the software industry, and said he could not complete his analysis without it. The company that wants our product has told me that they did not specifically ask the consultant to analyse our sourcecode, but they do want him to complete his analysis.
Can anyone tell me if it is "standard" practice in the industry for software company to give thier sourcecode to third party consultants for analysis? Even when the third party consultant is a potential competitor?
- member since: 11/07/2001
- rank: 16 of 53480
- 91 blog entries posted
- 2 forum threads started
- 208 comments
I'll back Lisa 110% on this. The request to review your source code is definitely NOT a standard practice.
If this is a use license, review of source code is not relevant to the transaction. Functionality and features are relevant, and these factors are easily tested in an evaluation environment with in object code form.
The only time that source code reivew is relevant is in an acquisition scenario or if there is a proposed source code license. In these situations, the review is never permitted by the other party to the transaction. The school solution is to hire an independent consultant fluent in the source code language, and pay him (or her) to reivew the code and to answer certain specific questions that are agreed upon in advance (e.g. is the code written efficiently?, is is properly commented?, etc.), and you would get to review the answers before the other party sees them.
This consultant is up to no good.
Chip
Disclaimer: my comments on this forum are for informational purposes only; they do not constitute legal advice, and should not be construed as such.
:eek: I sense there is more to this than meets the eye. Be careful.
I've had this request made somtimes in RFP situations and have politely said no. If they insist, beware.
---
Robert Dubicki
I certainly agree exactly with Chip's analysis -- this is highly unusual except where the source code itself is going to be part of the transaction.
However, that said, in spite of a programming background, I am less excited about source code than most people. I think the value of source code is often over-rated. If he truly wants to *see* the source code, the easiest way to solve the problem and get on with the sale might be to let him *see* the source code. I emphasize *see*. Under no circumstances do you deliver the source code to him. But I perceive little potential harm in letting him inspect, in your offices and under your constant supervision, selected source code in printed or on-screen form. You could start by offering "a few examples" but if necessary let him examine all but perhaps one or two modules that you withhold because they contain proprietary algorithms. I don't see the point, exactly, but I don't see what harm comes to you either. No one is going to spend an hour looking at source code and come away able to construct a replica of your software from memory. (If they could, nightly backups would be superfluous -- in the event of a disaster, your programmers could just re-key the software from memory.)
Thank you for the comments. You helped me verify that this is not standard practice in the software industry.
-Rick
View unverified member's comment - posted by memphishank
- member since: 11/05/2001
- rank: 54 of 53480
- 58 articles authored
- 61 forum threads started
- 1023 comments
Have you asked the customer why they are interested in an examination of your source code? I.e., what do they want to see? Or not see?
I agree with Hank that it's wrong to automatically assume a ripoff in the making, but I also agree with all the others that the examination is probably not necessary. E.g., if they're worried about IP infringement, or open source components, or purple furry widgets, your license agreement can handle that: You simply guarantee there are no purple furry widgets, etc. etc.
Yes, some companies will still ask for more -- don't they always? -- but as long as you can placate their fears, you don't have to do it their way.
Open source software has also conditioned buyers expectations, so that they now want to see the code.
David Locke
Have you asked the customer why they are interested in an examination of your source code? I.e., what do they want to see? Or not see?
I agree with Hank that it's wrong to automatically assume a ripoff in the making, but I also agree with all the others that the examination is probably not necessary. E.g., if they're worried about IP infringement, or open source components, or purple furry widgets, your license agreement can handle that: You simply guarantee there are no purple furry widgets, etc. etc.
Yes, some companies will still ask for more -- don't they always? -- but as long as you can placate their fears, you don't have to do it their way.
Sound advice. Also, as a little further emphasis on the non-standardness of this proposed deal ... for a number of years I worked for the US government in a position where I purchased significant amounts of code in the form of custom applications. I was required by Federal Acquisition Regulation to secure the source code for the benefit of the government.
I _always_ had the source code put in escrow with a third-party ... I would never allow anyone on my staff or under contract to examine the code .. as the prospective consultant has asked ... not only does the company producing the source code need to protect themselves from IP theft, the buying side is crazy if they gain access to the developer's IP ... makes them liable for suspected leaks, allegations of copying, etc. A deal to be avoided by both parties in my view.
Add Your Reply
Copyright © 2013
Capable Networks LLC and Computing Technology Industry Association, Inc. All Rights Reserved.
RSS |
Privacy Policy |
Advertise With Us |
Terms of Use |
About Us |
Contact Us |
Site Map
Our Capable Community Network:
DVR playground |
Explore3DTV |
MediaSmart Home |
My Open Router |
DijitCommunity |
Robo Community |
Sansa Community |
TechLore |
TiVo Community
SoftwareCEO - The resource for software CEOs and executives for software marketing, software sales, software business, software services & much more.
