IP Management Reply

IP management in the realm of outsourcing contracts begins with communication and education between the vendor and client, which means that both parties need to spend the time defining the types of IP that will be part of the engagement and how sensitive and relative it is to both parties.

Typically, neither clients nor vendors understand all the reasons why people get concerned about IP rights and management.  They usually just believe that their data might get stolen or misused.  There is also a lack of understanding about the risks associated with different outsourcing destinations.  For example, because India is so established as an outsourcing destination the fact that it continues to have geo-political issues goes unnoticed, yet when Russia has a tiff over natural gas with a neighboring country, the outsourcing community goes into a spiral.

Vendors who are incorporated in the US or EU will have IP terms in their contracts that role up to the respective laws of their governing geography and therefore should be sufficient in providing language to protect clients’ rights around IP.  Nevertheless, reviewing such contracts, especially the IP section, is critical and goes beyond just legal review. The company’s sourcing desk or PMO needs to play a part in assessing exposure and risk of IP.  This exposure can come in the form of where the code is made, what systems it sits on, or where and who has access. These are things that typically the sourcing desk or PMO will know, but not the legal department in all cases or even procurement.

Customers should determine their standards and be satisfied with a potential vendor’s reputation, human, financial, and technical resources and compatibility of corporate culture before beginning negotiations.  Negotiations should focus on how both parties can guarantee proper use, sharing, licensing, development, and improvement of both parties’ IP throughout the relationship and after.

Clients should also consider putting financial penalties around the misuse of IP.  In other words, if a bank is outsourcing the development of a trading desk and needs to test transactions using customer data or has exposure in some way to sensitive customer information, then the contract should call this out from the beginning and provide some usage guidelines, which, if neglected, would result in financial penalties for the vendor.  Again, this can relate to how the data is accessed and by whom, but it needs to be worked out specifically to the actual project.

IP management begins with clarifying what you are protecting and why.

The World Intellectual Property Organization’s report, The ‘Outsourcing Offshore’ Conundrum: An Intellectual Property Perspective nicely summarizes important IP issues for both customers and vendors:

IP Essentials for the Customer
  • Account for all IP and associated know-how [whether registered or not, pending registration, or new (in-development)] and fix the limits within which these IP assets are to be made available to the vendor.
  • Ensure that the contract expressly deals with ownership issues relating to jointly created IP or over IP assets created by the vendor during the outsourcing relationship: Who will have ownership rights of newly created information based on customer’s IP data?
  • Be aware of any limits on use of licensed third party IP: Can it be sublicensed to a vendor?
  • Require vendor to take all reasonable measures to protect all licensed IP assets, and especially any confidential information, trade secrets, know-how, etc. disclosed during the relationship.
  • In ascertaining vendor’s legal responsibilities in relation to outsourced function, make sure that their existing agreements, for example distribution, supply, marketing and research collaborations, do not compromise the IP assets to be shared with them: What would happen if the vendor were to sub-contracts part of the outsourced function to independent contractors, consultants, etc.?
  • Identify the vendor’s other customers: Are they potential competitors? If so, what additional safeguards may be needed to safeguard the IP assets to be shared with the vendor?
IP Essentials for the Vendor
  • Account for all IP and associated know-how [(whether registered or not, pending registration, or new (in-development)] and fix the limits within which these IP assets are to be made available to the relationship. Ensure that the outsourcing agreement includes provisions to protect owned (vendor’s) IP and associated know-how.
  • Ensure clarity of ownership or joint-ownership of IP assets created or improved during the course of the outsourcing relationship, whether based on customer’s IP data or not; seek the maximum leeway to use any such jointly owned IP assets for other or different outsourced functions with other customers.
  • Set-up an integrated, well functioning IP protection and security program to safeguard your own and the vendors confidential information, trade secrets and know-how. Enter confidentiality (non-disclosure) and non-compete agreements where and when appropriate.
  • Put in place mechanisms to prevent inadvertent ‘mixing’ of proprietary trade secrets with those of the vendor.
  • Be aware of any limits on use of licensed third party IP: whether it can be used for the purposes of the current relationship.