IP management in the realm of outsourcing contracts begins with communication and education between the vendor and client, which means that both parties need to spend the time defining the types of IP that will be part of the engagement and how sensitive and relative it is to both parties.
Typically, neither clients nor vendors understand all the reasons why people get concerned about IP rights and management. They usually just believe that their data might get stolen or misused. There is also a lack of understanding about the risks associated with different outsourcing destinations. For example, because India is so established as an outsourcing destination the fact that it continues to have geo-political issues goes unnoticed, yet when Russia has a tiff over natural gas with a neighboring country, the outsourcing community goes into a spiral.
Vendors who are incorporated in the US or EU will have IP terms in their contracts that role up to the respective laws of their governing geography and therefore should be sufficient in providing language to protect clients’ rights around IP. Nevertheless, reviewing such contracts, especially the IP section, is critical and goes beyond just legal review. The company’s sourcing desk or PMO needs to play a part in assessing exposure and risk of IP. This exposure can come in the form of where the code is made, what systems it sits on, or where and who has access. These are things that typically the sourcing desk or PMO will know, but not the legal department in all cases or even procurement.
Customers should determine their standards and be satisfied with a potential vendor’s reputation, human, financial, and technical resources and compatibility of corporate culture before beginning negotiations. Negotiations should focus on how both parties can guarantee proper use, sharing, licensing, development, and improvement of both parties’ IP throughout the relationship and after.
Clients should also consider putting financial penalties around the misuse of IP. In other words, if a bank is outsourcing the development of a trading desk and needs to test transactions using customer data or has exposure in some way to sensitive customer information, then the contract should call this out from the beginning and provide some usage guidelines, which, if neglected, would result in financial penalties for the vendor. Again, this can relate to how the data is accessed and by whom, but it needs to be worked out specifically to the actual project.
IP management begins with clarifying what you are protecting and why.
The World Intellectual Property Organization’s report, The ‘Outsourcing Offshore’ Conundrum: An Intellectual Property Perspective nicely summarizes important IP issues for both customers and vendors:
|IP Essentials for the Customer|
|IP Essentials for the Vendor|