Thursday, April 25, 2019

Intellectual property protection in outsourcing

The nature and importance of intellectual property varies by industry and type of business. Software development outsourcing requires a high level of knowledge sharing between customer organizations and suppliers. Therefore, the intellectual property rights of stakeholders involve one form or another. As a result, intellectual property management and data protection issues are becoming increasingly important for companies that use offshore/nearshore outsourcing.

Intellectual property that may be transferred to suppliers may include software, data, business and technical processes, trade secrets, inventions, know-how, and other confidential information and author works. In addition, some of them may belong to a third party and require a license.

Both customers and suppliers must properly manage their IP and adhere to their overall business goals in order to effectively manage information sharing. The benefits of sharing intellectual property assets must exceed the risks associated with outsourcing.

The World Intellectual Property Organization [WIPO] emphasizes two key issues related to intellectual property in offshore outsourcing: ownership of intellectual property and "unintentional, unintentional or intentional disclosure of confidential information and trade secrets" [loss of business knowledge]. However, in most cases, these issues can be overcome by properly conducting IP due diligence, thoroughly evaluating suppliers and adopting appropriate IP protection measures.

Intellectual property due diligence

Customer organizations should conduct IP due diligence and risk assessment before completing any outsourcing program. As a result, companies will be able to protect their intellectual property and clearly define which features should be retained internally and which features can be outsourced.

Intellectual property due diligence may include the following indicative steps:

· Identify areas that are critical to your business

· Carefully assess business knowledge and determine if moving it to an outside or offshore location will affect company practices

Identify and document all intellectual property assets associated with outsourced tasks

· Determine ownership in the identified IP


  • Carefully review third-party or co-owned IP

· Identify existing or suspected breaches of contracts, infringements, disclosure of confidential information and trade secrets

·Assess how foreign legal infrastructure protects intellectual property

· Determination of jurisdiction and enforcement [applicable law, enforceability, dispute resolution mechanisms]

· Define the termination of the arrangement, expiration or withdrawal clause

· Identify other intellectual property-related responsibilities [if applicable]: ongoing maintenance and upgrade of intellectual property; payment of transfer fees; product liability, intellectual property insurance, etc.

After conducting an IP due diligence, the organization can continue to evaluate potential outsourcing partners. The results can be used during the negotiation of the outsourcing agreement to provide possible intellectual property related issues.

Actual business negotiations can only be initiated after meeting the supplier's reputation, resources and business culture compatibility. They should focus on the steps that both parties need to take to protect and ensure the proper use, sharing, licensing, development and improvement of intellectual property during and after the relationship. It should also include any relevant intellectual property assets of third parties.

Select outsourcing suppliers in the context of intellectual property related issues

When outsourcing, customer organizations should carefully review the ability of potential partners to protect confidential business information and prevent misappropriation, misuse, destruction, loss or theft.


  • Check if the vendor has an appropriate documented and enforceable information security management strategy



  • Review data security and intellectual property protection practices of outsourced vendors and the processes they have developed to protect confidential information for clients



  • Check if other security policies can be implemented to protect sensitive data



  • Provide suppliers with the minimum know-how or data needed to complete a project



  • Adhere to clearly documenting all source code for the project as it becomes the property of your company and is protected by law



  • Carefully review physical security and personnel practices, policies and procedures



  • Need strict human resource screening, looking for employee retention figures



  • Find out if the supplier is doing business with your competitors; if so, make sure there is no contact between the teams



  • Choose an established partner to complement your business strategy and understand how to achieve the required level of security

Practical measures to protect intellectual property rights

Intellectual property is one of the company's most valuable assets. This is especially true for SMEs and startups because it may be the only tangible asset. When outsourcing works, the risk of not protecting intellectual property will escalate further. This is why customer organizations must effectively deal with related issues and use all types of intellectual property protection: physical, electronic and legal.

Physical and electronic protection of intellectual property


  • Treat data security as an emergency



  • Limit the number of people who have access to complete information



  • Ensure that outsourced suppliers have physical security facilities [mechanical and electronic access control, intrusion detection, video surveillance, etc.]



  • Check if offshore teams use computers without removable media to reduce the risk of unauthorized access to IP



  • Make sure internal employees know what information can and cannot be shared



  • Use firewalls, VPNs, encryption and other measures to prevent security breaches in the electronic environment, which can lead to supply chain disruptions



  • Protect important information, such as source code, with passwords and access codes and make sure they are not widely available [onsite and offshore]



  • Always keep the original copy of the source code



  • Make sure that any test data used does not display real information

Legal protection of intellectual property rights

· Determine which country's legal system will apply and have jurisdiction over contract disputes

· Try to understand the legal system and culture of the two countries

· Understand how IP enforcement works in the country where the provider is located

• Negotiate clearly defined contracts that specifically address business knowledge and intellectual property related issues and hold suppliers accountable for their employees' actions. This will ensure proper protection, avoid disagreements and prevent litigation

· Clearly define compliance audit procedures before participating in outsourcing relationships

· Clarify license and source code ownership

· Consider open source software issues


  • Enforce personal privacy in the context of database protection obligations [if applicable]

· Relying on non-disclosure and non-competition agreements with suppliers or their team members to maintain the confidentiality of important business information

· Identify possible dispute resolution and arbitration mechanisms





Orignal From: Intellectual property protection in outsourcing

No comments:

Post a Comment