Common Legal Issues in the Software Industry
Common Legal Issues
In the software industry, the most common legal issues we encounter usually involve contracts and litigation, and include employment-related issues, regulatory issues, and various issues dealing with ownership of intellectual property. I would like to highlight a few of these issues below.
Legal Issues in Employment
There are five major themes relating to employment. One is the interpretation of terms and conditions of employment. Internationally, depending upon the country, employees are subject to an employment agreement or a collective bargaining agreement, bonus and commission plans, and stock option arrangements. Interpreting these arrangements and policies often becomes a matter of concern, especially when changes in management and/or human resources personnel have occurred.
Ts and Cs of Employment Agreements: Three clauses, specifically non-compete, non-solicitation, and proprietary information protection in confidentiality agreements signed in the software industry upon commencement of employment have caused much consternation in software companies, recently. Non-competes are not enforceable everywhere. As a general rule, they are unenforceable in California. Employers can try to place restrictive covenants on certain individuals when they leave the company, so that confidential information and trade secrets will not fall into the hands of a competitor. Non-compete clauses must be drafted very carefully, especially internationally. Employees may contract with a company in one country pursuant to local law, which may not be enforceable elsewhere. For example, an executive may leave his/her company to work for a major competitor on another continent. That makes it difficult to enforce non competes. Therefore, there is a lot of raiding of talent, and it's almost impossible to eliminate. My suggestion would be for legal and human resources personnel to work closely with hiring management to carefully draft employment agreements to plan for many contingencies, rather than utilize standard boilerplate, with minimal customization. Proprietary information of a company includes trade secrets, confidential knowledge, data, inventions, ideas, processes, formulae, source and object codes, data, programs, other works of authorship, know-how, improvements, discoveries, developments, designs and techniques and information regarding plans for research, development, new products, marketing and selling, business plans, budgets and unpublished financial statements, licenses, prices and costs, suppliers and customers, and information regarding the skills and compensation of other employees of the company. It is essential to a company's success to sensitize its personnel to the criticality of such information and to assign ownership rights thereto at the start of employment or consulting engagement and to consistently enforce such rights. Companies should also educate all employees regarding the distribution of proprietary information to third parties. The legal department can make good use of company intranet resources by posting procedures for negotiating, executing, and retaining non-disclosure agreements. Establishing and maintaining a worldwide central repository for such agreements can be a significant time-saver when last minute meetings and invitations to demonstrations and events arise. The company should have a firmly established policy on permissible changes to template agreements and maximum terms of duration. In addition, emphasis should be placed on diligently and consistently marking materials "confidential," or "for internal use only," as appropriate, to ensure compliance with agreement terms.
Codes of Conduct: Second, Sarbanes-Oxley, SEC, and stock exchange requirements have now mandated codes of conduct for U.S. companies. My former company had to establish a code of conduct by its annual shareholder meeting this year. As general counsel, I was starting to receive a significant number of e-mails requesting interpretation of the code-and we had a rather lengthy one at twenty-seven pages. We reviewed our company policies and decided to have just one code (addressing all mandates) and then localize and translate it only as necessary to comply with regional laws and regulations. The reason that this is a hot area is that individuals want to make sure they are not violating company policies in this new era of heightened scrutiny and enforcement. For instance, employees often request clarification as to whether they can receive certain gifts from vendors or partners of the company. Anonymous reporting mechanisms (e.g. via a hotline or e-mail) are now required pursuant to "whistle-blower" regulations, and companies may be able to reduce the number of frivolous accusations against personnel by educating employees and consultants and supplementing their codes of conduct with extensive examples and clarifications of policies.
Termination: The next area of importance concerning employment is termination. We have witnessed an increase in employee initiated complaints and litigation in this area due to the downturn of the economy in recent years. I've encountered several frivolous wrongful termination lawsuits, specifically by highly-compensated individuals, such as software account executives and management personnel. In my experience, software company sales commission plans tend to be complicated and difficult to understand. In addition, many plans give management the unbridled power to make arbitrary adjustments to commissions and bonuses. This results in frequent disputes between sales personnel and management regarding compensation. For example, in June, 2004, a Newport Beach, California commissioned salesman won an $11.9 million jury verdict in a wrongful termination suit against his former employer who the man said retaliated against him after he complained that the company owed him past wages in the amount of $111,000. The salesman sold data storage hardware and had been a company employee for eighteen years. In April, 2001, the company changed its incentive plan under which the salesman was paid. The new plan excluded large accounts from which the salesman had previously secured large orders for the company's products. The company applied the new plan retroactively and would not pay the salesman the commission he was due on previously placed orders. The salesman filed a complaint with the Division of Labor in September, 2001 and the company fired him in December, 2001. The jury awarded a $2.9 million verdict after a seven week trial and $9 million in punitive damages. Marx vs. Storage Technology Corp., BC279509 (L.A. Super. Ct. verdict June 29, 2004). Companies would do well to stay abreast of current case law in this area and be forewarned. It is a good idea to have employment counsel working with sales operations to ensure that the commission plans are clearly drafted, should the company be required to explain the plan to the labor department and/or a jury in a commission dispute. Another factor which fuels this type of dispute is that many individuals rise to the ranks of management in software companies because they're excellent sales or marketing people who are well connected in the industry. Unfortunately, they are not always excellent managers. They have the right contacts to market and sell big software installations because of their background and tenure, but they're not doing a good job of managing down through the ranks. They fail to maintain adequate documentation and have necessary but difficult frank conversations with employees. The software industry tends to foster a "revolving door" mentality, so a given sales or marketing representative might have three or more managers within a two- to three-year period because his/her bosses continue to be recruited by competitors, etc. I've witnessed a lot of churn in certain areas of the world-the Northern region of Europe, especially, i.e. the U.K. and the Netherlands.
Reductions in Workforce: The fourth legal issue is termination based on reductions in the workforce. In general, it is difficult for U.S.-based companies to reorganize and do business internationally, especially in Europe where the law tends to be more "pro-employee." They find it particularly hard in areas where there are mandated workers' councils or the equivalent, such as in Italy, Germany, and France. Maintaining written, up-to-date and clear job descriptions and documenting employee workplace conduct, including periodic performance reviews, is very important for management to provide adequate justifications as to why one person is being terminated and another will remain with the company. Frequently, management is not as diligent in its record keeping as it should be. I have found that a company's culture contributes significantly to the number of lawsuits filed in response to reductions in force. If a company has a reputation for dealing with unwanted employees by eliminating their jobs, rather than dealing with performance issues head-on, a post-termination lawsuit becomes almost a reflex. Terminated employees then try to extort monies from their ex-employer, hoping to gain a few more months of compensation, knowing that it is far less expensive for the employer to do so than fight the protracted legal battle, especially internationally, where cases can drag on for years. The legal department can send a firm message to such would-be plaintiffs by aggressively defending frivolous lawsuits and publicizing puny settlements. However, this must be backed up by a true change in management culture to have a lasting impact. Holding management accountable for performing their true management functions is the responsibility of the CEO and executive team.
Discrimination: The final area of concern is discrimination, where claims are on the rise. There are currently more than fifteen protected classes in California, and we see many different types of discrimination claims brought-actually almost anything you could think of. I was at an employment law seminar recently and the speaking attorney said, "How many of you think that you could file some type of discrimination claim?"There happened to be a lot of females in the room who raised their hands, and the attorney went on to say, "If you're a male or a female, you are in a protected class." The crowd laughed and many remarked that this "Q&A" had really heightened our awareness.
Continual training for managers and employees in the areas of mutual respect, interviewing "do's and don'ts" and conduct in the workplace can go a long way to preventing problems and reminding employees that the company is serious about fostering diversity. Web-based training is a revolutionary new interactive tool that provides 24/7 access to participants, as well as many automated features, such as the generation of reminders, attendance tracking, and certificates of completion. In the event of litigation, this documentation can be used to help demonstrate the company's good faith effort to educate its employees and maintain compliance.
A good way to avoid and/or resolve legal issues arising from employment is to confer regularly with human resources personnel and keep a log of recurring issues. Then, perform a policy review and overhaul every two to three years, in concert with code of conduct and employment and independent contractor agreement updates. Also, have bonus and commission plans reviewed by counsel annually. Finally, educate management regarding the importance of documentation in the workplace and trends in employment law issues.
License Auditing: A unique legal issue for software companies is user license enforcement. In my experience representing several companies, often there is no adequate mechanism or tool to efficiently and unobtrusively measure license usage. Many times a licensor hasn't built the appropriate tools to monitor its software usage, or it doesn't have access to the licensee that it needs to audit, as a practical matter, and then must rely on the licensee's own audits, which many times are inaccurate.
Auditing generally either arises in a business context when a licensor wishes to sell additional software to a licensee, based upon observed or projected growth rates in the licensee population, or less frequently, to ensure compliance. As many software licensors do not have dedicated auditing personnel, the salesperson is frequently the customer-facing individual who broaches the unsavory issue of compliance, to enhance his/her sales productivity. This is an awkward position for the salesperson to be in and frequently strains customer relationships.
One of the most proactive ways to solve this problem is to carefully draft the contract language during the initial license negotiations. It's helpful to draft licensing language that includes an internal management escalation process so that if a disagreement about usage arises, explicit remedies exist to resolve it. For example, if a customer begins to exceed the number of paid licenses allowable, the customer explicitly agrees to immediately pay for all other licenses to bring the licensee into compliance; otherwise, the customer's license to all of the licensor's software will terminate, including customer support thereon. Communications can be routed through predefined channels within management with an explicit agreement to submit to arbitration and/or mediation, if necessary, to avoid immediate escalation to litigation.
It should be noted that this approach would be problematic and therefore unacceptable to licensees with "mission critical" applications which depend on third-party software. Thus, if a customer's licenses and support were discontinued in the event of a bona fide dispute, they could suffer potentially irreparable harm by having their business impeded in some fashion. This could result in litigation-commonly an action for declaratory and injunctive relief, to buy time for the licensee to determine its usage and identify and secure alternate software licensors.
Limitation of Liability and Patent Infringement Indemnification: These two concepts are key to the licensor/licensee transaction and are typically heavily negotiated. Increasingly, software licensees are attempting to shift all risk of loss to the licensor. Infringement indemnification is routinely sought and granted for countries other than the U.S., even though software providers have not filed for patent rights in said countries. It is bewildering that software providers allow lay people to negotiate and revise these clauses, without a final review of the entire contract by skilled legal personnel. Such contracts are ticking time bombs and often the risk goes undetected until an infringement suit is brought against either the licensee or licensor. Frequent review and revision of software license agreement templates and auditing of executed agreements is essential to adequately assess the legal risks of doing business and to remain properly insured against loss. I recommend a worldwide template review every two years and quarterly audits of all executed agreements to ensure compliance with company policy.
Key Regulatory Issues
Sarbanes-Oxley Act: In July of 2002, the Sarbanes-Oxley Act was passed, forever changing the landscape of corporate governance. More reporting is now required of public companies and all procedures in the functional business areas that affect financial reporting must be documented. It is no longer sufficient to have an informal, oral process, policy or procedure-it has to be reduced to writing. Companies have now formed disclosure committees, consisting of finance and corporate communications personnel, which meet regularly to discuss topics, events, and information that may be of a significant interest to investors, such that public disclosure is required.
There have been many changes in SEC and stock exchange rules that involve increased "busyness" that is really not "business"-i.e., it doesn't translate to the bottom line. My department had been exceptionally proactive about compliance in terms of insider trading, SEC transaction reporting, records retention, and training in the Foreign and Corrupt Practices Act before Sarbanes-Oxley, so we were well ahead of the curve. My understanding is that our situation was the exception rather than the rule, and that many public companies, especially smaller ones, have been struggling to come into compliance and implement good governance practices.
Then NASDAQ also came out with enhanced guidelines. NASDAQ does not always follow the SEC or the other stock exchanges, so companies might be more prudent to wait until rules are finalized before taking a stand or changing their processes or procedures. There have been times in which one rule-making body has diverged significantly from others. Unfortunately, it hasn't always been possible to sit back and wait for finalization of the rules, because some were retroactive and others took effect immediately.
Consultants used this climate of uncertainty as a marketing tool and tried to create urgency and panic in their target customers. During the first year post-Sarbanes-Oxley, we were inundated with information and seminars, and everyone seemed to want to get on the consulting bandwagon. Innovative products such as Web-based education and a variety of software tools emerged for code of conduct training and key legislation, such as the Foreign and Corrupt Practices Act, as well as increased enforcement of insider trading laws and record retention requirements. My company successfully introduced Web-based training to help meet compliance demands.
Auditing fees have nearly doubled on average in the last two years and the increase in department spending is on the average of 20 to 40 percent, according to the American Society for Corporate Secretaries. We found that our department spending increased by approximately 14 percent from 2002 to 2003, but I believe that was because we had begun some of these initiatives before Sarbanes-Oxley was passed, so one could argue that we were already spending considerably more money by being proactive beforehand.
One strategy for companies to avoid or resolve regulatory issues is to expand the risk management function to include compliance. At my former company, we combined the functions of compliance officer with a risk manager, reporting to the general counsel. Having someone who is in charge of compliance with a dotted line reporting into the Audit Committee of the board of directors has been helpful. That person, working closely with the general counsel, can work to build a framework for compliance for the company.
Intellectual Property Ownership Issues
Choosing the appropriate legal and tax structures for subsidiaries and other affiliated entities is very important for software companies. The tax and legal departments should work closely to determine which entity should own the rights to the software and how assets are valued and held. Patent infringement litigation is a constant threat affecting shareholder value and one lawsuit with an unfavorable result could put a company out of business. Building an IP portfolio by establishing an aggressive Patent Incentive and Award Program for employees and consultants can be instrumental in negotiating a cross-license for technology in the event of a lawsuit. In addition, a software company's failure to build a sizable portfolio of IP rights could be grounds for a shareholder lawsuit.
M&A Activity: We are currently in a period of increasing consolidation of software companies. Having a comprehensive acquisition strategy, due diligence team, and well-defined processes for conducting M&A activity are important to avoid problems later on with patent infringement, branding, and integration. We have found that involving experienced intellectual property attorneys very early on in the due diligence process can avert possible infringement and branding issues. Having IP attorneys review marks and patents quickly, and reach out to international counsel, so that IP rights can be protected in a timely manner, is key. Laws regarding the timing of patent filings in the U.S. and internationally have become more stringent in recent years and thus this area merits close review and consideration. IP counsel should work closely with the acquiring company's chief technology officer, and/or others who are evaluating the acquisition from a technical perspective, to properly assess the value of the technology.
In addition, it is important to establish a chain of title for IP rights involved in the acquisition from inception to present, and to have the seller warrant such good title. This may help avert ownership issues and infringement disputes post-acquisition by disenfranchised employees and/or affiliates of the seller.
We have also found that post-acquisition implementation can be problematic when acquiring technology from a geographically distant company. Maintaining multiple development locations, even temporarily, can foster cultural, communication, morale, scheduling, and performance problems. These problems often translate into IP ownership issues, lack of awareness and enforcement of open-source code policies, and missed deadlines. Excellent cross-functional teamwork and early planning on both sides of the transaction are essential to tackling these challenges and ensuring successful integration of technology and personnel.
Customization: Other interesting issues relating to IP ownership arise in the context of professional services linked with software sales. Clarifying the goals of the software provider and customer up front is important. The provider must determine whether this particular solution is a "one-off," specific to this customer or repeatable and possibly sellable to other customers. Does the customer need an exclusive or non-exclusive license? Will the customer need the source code for a particular customization and in what circumstances? It is important for companies to maintain the appropriate intellectual property rights to meet these goals, and not give them away, either intentionally or unintentionally, when professional services personnel are out in the field customizing systems for customers. There are a myriad of issues that arise surrounding ownership when there is a custom implementation, which increases the need for skilled counsel in the contracting process. Beginning with a request for proposal, all documentation must be prepared carefully and reviewed by the entire respective project teams through implementation of the project. Otherwise, disputes later on are almost a certainty.