Source code theft is not a problem unique to India. But companies should be aware that there have been cases where source code and trade secrets were stolen by rogue employees.
Luckily the police and authorities seem to be aware of the issue. But this is of no comfort to businesses operating in India who have suffered from the problem. The risks faced by Indian businesses remain high.
Pursuing cases through the legal system is the preserve of medium to large IT companies. If you are an Indian entrepreneur just starting out, theft of your source code could destroy you before you begin.
There are two obvious industry sectors in India that could be targets for source code theft. One is Indian businesses who operate in IT development themselves. Another is the burgeoning IT outsourcing sector.
When a company outsources they would use an outsource partner. Unfortunately, when you work with an outsource partner, vetting developers is almost impossible.
In this post we offer advice to Indian developers and companies who are looking to outsource. So they can be sure that their source code and trade secrets remain secure.
Intellectual Property Law in India
Intellectual property legislation has existed in India since 1957. But the first intellectual property law was only passed in May 2016. This law ensured that India was in compliance with the TRIPS (Trade-Related Aspects of Intellectual Property Rights) agreement.
TRIPS, administered by the World Trade Organisation (WTO,), governs intellectual property law. It introduced this into the international trade system for the first time. It remains the most comprehensive global agreement on IP at the time of writing.
This means that India has an IP legal framework that is in compliance with intellectual property law worldwide.
Famous Source Code Theft Cases in India
The first case of source code theft in India occurred in August 2002. An employee, Shekhar Verma, who was fired from his job at Geometric Software Solutions Ltd. (GSSL) offered to sell stolen source code to someone who was actually a federal agent in the FBI’s cyber-crime unit.
The stolen source code belonged to Solidworks, an american computer aided design software company. They had outsourced development work to GSSL. Shekar Verma was later prosecuted.
The legal process, as in every country, is very slow to deal with these sorts of complaints. In the case cited above, it took several years for the individual found guilty of the crime to be tried.
Time is a crucial factor with source code theft. It’s important to remember that file sharing technology is now far more advanced. If the exact same crime occurred today, the criminal could have got away with it.
How Indian software startups and established enterprises can protect themselves against theft
There are various legal frameworks in place that software companies can use to protect themselves from source code theft. But the basics that startups and other businesses need to be aware of are:
- Copyright Law – Your source code is protected as a “literary work” from the moment the first line is written. This means your code is protected under copyright law
- Patent Law – If your product has a completely unique function, feature or process you can apply for a patent. This is time-consuming and expensive, but it does offer some legal protection
- Trade Secret Law – Trade secret law is a very specific segment of intellectual property legislation that protects business critical information against use by unauthorized third parties
These legal avenues can protect your business, but for any enterprise they can be very costly. We provide a solution for Indian software companies that can protect against source code theft before it occurs. We will discuss how we can help your business later.
Advice for businesses outsourcing to India
There are many positives to outsourcing your software development to India. You get access to a talented and diligent workforce and you have the potential to cut costs. But, outsourcing does leave your business vulnerable to malicious insiders.
As a company looking to outsource, you will be working with an outsource partner. Your outsource partner will be responsible for recruiting staff to work on your code. This increases the risk of code theft as you cannot vet who your partner recruits.
So, it’s possible that you could have someone working on your code who bears a grudge. Not even a grudge against your business but the outsource partner agency.
The same legal protections regarding source code (copyright law, patent law and trade secret law) all still apply to your business if you are outsourcing. You will have legal recourse not only in India but in your home country.
But, in some ways, established businesses who outsource to India face the same issues as Indian businesses and startups. The legal system can take a long time to get moving and it can be very costly to get to a resolution. Through using software that monitors employees businesses operating in India can safeguard themselves against source code theft. This can work in tandem with a strong legal framework that will protect the very core of your business.