Reverse engineering of competitor’s software cost company big

Companies developing software to mimic the functionality of competitors’ products should beware the broad scope of what may constitute reverse engineering. A recent federal case from the Fourth Circuit underscores this idea.

Background – the Development Process

Plaintiff SAS and defendant WPL are competitors in the market for software used to manage and analyze large and complex sets of data. Plaintiff for many years has distributed its proprietary software applications (the SAS System) that run programs written in the eponymous language SAS. WPL sought to create an application to compete with the SAS System, namely, an application it could take to market that would run programs written in SAS. It successfully developed such an application (called the WPS), and customers began dropping the SAS System in favor of the WPS.

As part of its efforts to develop the WPS, defendant obtained a license to use the “Learning Edition” provided by plaintiff – an environment designed for programmers to learn how to code in SAS. Among the provisions in the software license agreement for the Learning Edition was a restriction against reverse engineering the software.

In developing the WPS, defendant did not try to decompile the Learning Edition, or otherwise “tear it down” or “look under the hood.” Instead, it would run SAS code through both the Learning Edition and the WPS, evaluate the outputs from both systems, and tweak the C++ code comprising the WPS to get the outputs to match.

Trial Court Litigation

Plaintiff sued defendant in both U.S. federal court and the U.K. alleging a number of claims, including copyright infringement, breach of contract, deceptive trade practices, and fraud. Of particular importance was the breach of contract claim – plaintiff claimed that defendant’s method of developing the WPS, through adjusting the WPS code based on output compared with Learning Edition output – was reverse engineering prohibited under the terms of the Learning Edition license agreement.

The lower court agreed with plaintiff, and found defendant liable for breach of contract due to reverse engineering, at the summary judgment stage. The case proceeded to trial on other issues where, along with the damages for breach of contract and for deceptive trade practices, the court awarded almost $80 million in damages to plaintiff. Defendant sought review with the Fourth Circuit. On appeal, the court affirmed the lower court’s decision on the reverse engineering issue.

Appellate Court: This Was Reverse Engineering

More specifically, defendant had argued on appeal that the lower court’s summary judgment on the breach of contract/reverse engineering claim was improper because the term “reverse engineering” in the license agreement was ambiguous. Plaintiff and defendant offered competing definitions for what they thought reverse engineering ought to mean. Defendant proposed a narrow definition – essentially, that reverse engineering must have as its objective the re-creation of source code. Plaintiff, however, offered a broader definition, encompassing other efforts to “analyze a product to learn the details of its design, construction, or production in order to produce a copy or improved version.”

The differences in definitions were important – defendant had not sought to, nor did, access or copy the source code of the Learning Edition. If the definition of reverse engineering were limited to the re-creating of source code, then the development of the WPS should be okay.

But the court did not agree with defendant. Finding the language in the software license agreement to be unambiguous, the court observed that “nontechnical words are to be given a meaning consistent with the sense in which they are used in ordinary speech, unless the context clearly requires otherwise.” The court then consulted dictionary definitions for the term “reverse engineer” and also evaluated the broad vs. narrow definitions proposed by the parties in light of other prohibitions (e.g., against “reverse assembly” and “decompilation”) in the same provision of the license agreement. Simply stated, the court found that the agreement was clear on what conduct constitutes reverse engineering, and defendant’s actions fit within that scope.

SAS Institute, Inc. v. World Programming Ltd., — F.3d —, 2017 WL 4781380 (4th Cir. October 24, 2017)

See also:

Evan_BrownAbout the Author: Evan Brown is a Chicago technology and intellectual property attorney. Call Evan at (630) 362-7237, send email to ebrown [at] internetcases.com, or follow him on Twitter @internetcases. Read Evan’s other blog, UDRP Tracker, for information about domain name disputes.

Cruz campaign still facing copyright and breach of contract liability over songs used in political ads

Court denies motion to dismiss copyright and breach of contract claims over songs used in YouTube and TV political ads.

Months after Ted Cruz ended his presidential bid, his campaign, and the advertising company hired to create ads for the campaign, still face liability over two songs used in YouTube and television ads. A federal court in Washington state has denied the defendants’ motion to dismiss copyright infringement and breach of contract claims brought against them.

An employee of the Cruz campaign’s advertising company allegedly downloaded two songs from Audiosocket, and then used those songs in two separate campaign ads. Audiosocket and the copyright holders sued for infringement and breach of the licensing agreements under which the songs were provided.

The court rejected the defendants’ arguments. It held that the plaintiffs had adequately pled the existence of their copyright registrations, and that the claims for breach of the licensing agreement were not preempted by the Copyright Act. Because the licensing agreement expressly prohibited the songs to be used for political purposes, the breach of contract claims were not “equivalent” to a copyright infringement claim, and therefore not subject to preemption under 17 USC 301.

The case is a reminder of the risks that companies and organizations face when hiring outside vendors to procure and create content. The hiring party should seek, at minimum, to ensure that the vendor has obtained the appropriate rights in the content it will integrate into the deliverables provided under the arrangement. And the vendor should utilize appropriate internal protocols and form documents to help ensure that the content it provides to its customer does not infringe. That kind of diligence will help avoid unpleasant situations between vendor and customer that arise when third parties claim against both of them that intellectual property rights have been infringed.

Leopona, Inc. v. Cruz For President, 2016 WL 3670596 (W.D. Washington, July 11, 2016)

Wedding photographer not responsible for risque photos of bride posted online

Bostwick v. Christian Oth, Inc., 2012 WL 44065 (N.Y.A.D. 1 Dept. January 10, 2012)

Plaintiff bride logged onto her wedding photographer’s website and saw photos of herself wearing only underwear. She emailed an employee of the photographer, who promised to take the offending photos down. But they remained on the website even after plaintiff shared the online password with her family and friends.

So she sued the photographer for breach of contract, fraud and concealment, and negligent infliction of emotional distress. The trial court threw the case out on summary judgment. Plaintiff sought review, but the appellate court affirmed.

Breach of contract

The court found that defendant was authorized by agreement to post the photos. Defendant owned the copyright in the photos and otherwise had the right to put the proofs online. Any demand by plaintiff that the photos be taken down did not serve to revoke any of defendant’s rights, as plaintiff never had the rights to make such a determination to begin with. Moreover, the court found that because the agreement between the parties had an integration clause which provided that any amendments had to be in writing, the subsequent communications between plaintiff and defendant’s employee did not serve to amend the contract. (This decision by the court is puzzling, as the communications about taking the photos down were apparently by email. Other New York courts have held emails sufficient to amend written contracts.)

Fraud and concealment

To have been successful on her fraud and concealment claim, plaintiff was required to show, among other things, that she reasonably relied on defendant’s statement that the underwear photos had been taken offline before she gave the password to her friends and family. The court found in favor of defendant on this point because plaintiff could have checked to see whether the photos were actually taken down before she allowed others to access the photos. What’s more, the court found that the failure to take the photos down was not “concealment” but merely an oversight.

Negligent infliction of emotional distress

Despite its sympathy with plaintiff, and an acknowledgment that having others see the photos would be embarrassing and upsetting, the court found that plaintiff failed to establish a case of negligent infliction of emotional distress. This part of the case failed because plaintiff did not show that she had been exposed to an unreasonable risk of bodily injury or death. There was nothing in the record to cause plaintiff to fear that she was exposed to physical harm.

Court enforces online terms and conditions incorporated by reference in invoices

Clickwrap and browsewrap agreements are not the only enforceable online contracts.

Fadal Machining Centers, LLC v. Compumachine, Inc., 2011 WL 6254979 (9th Cir. December 15, 2011)

Plaintiff manufacturer sued one of its distributors over unpaid invoices. Defendant moved to dismiss, citing to an arbitration provision in the terms and conditions on plaintiff’s website. The district court dismissed the complaint and plaintiff sought review with the Ninth Circuit. On appeal, the court affirmed.

It held that the district court did not err in concluding an arbitration agreement existed between the parties. Though the language of the hard copy distribution agreement did not address arbitration, it provided that plaintiff could unilaterally establish terms of sale from time to time. Each invoice referred to plaintiff’s website’s terms and conditions. The court found that these referred-to terms and conditions “clearly and unmistakably delegated the question of arbitrability to an arbitrator.”

The decision supports the notion that contracting parties (particularly merchants selling goods) may rely on provisions not spelled out in any documents exchanged between them, but appearing online and incorporated by reference. In other words, certain online contracts other than clickwrap and browsewrap agreements may be enforceable.

Court: Mark Zuckerberg lives in California

Ceglia v. Zuckerberg, — F.Supp.2d —, 2011 WL 1108607 (W.D.N.Y. March 28, 2011)

Well, maybe that title is a bit of an oversimplification. Technically the court said that Facebook’s founder is domiciled in California. The issue came up in a breach of contract case against Zuckerberg and Facebook in federal court in New York.

Last year, one Paul Ceglia sued in New York state court, claiming he owns 84 percent of Facebook. Zuckerberg and Facebook removed the case to federal court. Defendants can do that if the court would have subject matter jurisdiction over the case. Since a breach of contract case arises under state law, there needed to be diversity jurisdiction in the case — that is, the parties must be domiciled in different states. (The amount in controversy must also be above $75,000. An 84 percent cut of a multibillion dollar company would seem to meet that criterion.)

Zuckerberg claimed that California had become his domicile since 2004. Ceglia challenged that assertion. In the ConnectU v. Facebook litigation, Zuckerberg had claimed New York as his domicile. And Zuckerberg had the burden of proving his change in domicile by clear and convincing evidence. The court found that such evidence existed, including the following biographical tidbits:

  • He currently resides in California and has done so continuously since the summer of 2004.
  • He has no other residences.
  • He does not own real property in New York, California or elsewhere.
  • In 2007, he purchased and registered a vehicle in California.
  • He does not own or lease any other vehicles.
  • Zuckerberg has paid California resident income taxes since 2004.
  • He lists his California residence on his federal income tax returns.
  • He has not filed taxes in any state other than California since 2004.
  • Since at least 2007, he has been registered to vote in California and has voted in California.
  • He possess a valid California driver’s license issued in 2006.
  • His bank and brokerage accounts list his California residence and his investment advisors are located in California.
  • Zuckerberg receives his mail at a California post office box and at his Facebook office.
  • Most significantly, however, he is the owner, founder and CEO of a multi-billion dollar corporation with over 1,600 employees and a principal place of business within walking distance to his current residence in Palo Alto, California.

The court found that these facts overwhelmingly showed that as of June 2010 (when Ceglia filed the lawsuit), Zuckerberg had changed his domicile to California and intended to remain there indefinitely. Since diversity jurisdiction existed, the court ordered the case to remain in federal court.

Customer violated software license by letting attorneys use application

The Compliance Store v. Greenpoint Mortgage Funding, — F.3d —, 2010 WL 4056112 (5th Cir. October 18, 2010)

A federal court in Texas has decided a case that could have notable implications for both providers and users of software. The court took a narrow view of the rights that licensees of software have to authorize third parties (i.e., independent contractors) to use software on behalf of the licensee.

Plaintiff software provider sued its customer for breach of the software license agreement after plaintiff learned that the customer allowed its attorneys to input data using the software. Plaintiff claimed that the use was not permitted by the terms of the license agreement.

Customer moved for summary judgment on the breach of software license claim and the district court granted the motion. Plaintiff software provider sought review with the Fifth Circuit Court of Appeals. On appeal, the court reversed.

The appellate court held that the license agreement should not be read to permit use of the software by a third party not expressly provided for in the agreement, even though such third party’s use of the software was on behalf of or for the benefit of the licensee.

The district court had relied on two earlier Fifth Circuit cases — Geoscan v. Geotrace Technologies and Hogan Systems v. Cybresource International — to look beyond the express language of the license agreement and hold that use of the software by defendant’s attorneys was permitted. The district court found such use to be permitted because it was done on behalf of or for the benefit of defendant.

But the appellate court distinguished Geoscan and Hogan Systems, finding that neither case stands for such an expansive proposition. Unlike the agreements in those cases, the license in this case contained no provision that permitted use by third parties on behalf of the licensee. Moreover, among other things, defendant was expressly prohibited from transferring or sublicensing the technology and was prohibited from assigning its rights under the license agreement. The software license agreement also contained a provision that served to excluse all third party beneficiaries to the agreement.

Photo courtesy Flickr user coiax under this Creative Commons license.

Software contractor not bound by EULA it clicked on behalf of client

BMMSOFT, Inc. v. White Oaks Technology, Inc., 2010 WL 3340555 (N.D.Cal. August 25, 2010)

Plaintiff, a software development company, sued defendant, a company that was performing software installation services for it client, the U.S. Air Force. Plaintiff alleged that defendant violated the End User License Agreement (“EULA”) for the software by copying and distributing the software in violation of the terms of the EULA.

Defendant moved for summary judgment, arguing that it should not be bound by the EULA, since when it purportedly clicked on the “I Agree” button during installation, it was doing so as an agent on behalf of a disclosed principal, namely, the federal government.

The court agreed, finding that the purchase orders clearly disclosed that defendant would be installing the software on behalf of its government client. And the terms of the EULA were clear in designating that the “You” authorized to use the software was not the defendant, but the government, at the location specified in the order.

So the court threw out the breach of license claim. One is left to wonder why facts that support copying and distribution of the Software in a manner prohibited by the terms of the EULA would not also support copyright infringement. But apparently there was no such claim in this case. Perhaps there are some nuances of the defendant’s conduct that would not necessarily violate a condition, but be merely a breach of covenant.

Enhanced by Zemanta

No standing to sue Microsoft under XP EULA

Johnson v. Microsoft Corp., No. 06-900, 2008 WL 803124 (W.D. Wash. March 21, 2008).

A number of plaintiffs filed suit against Microsoft in federal court in Washington state, alleging, among other things, that the installation of Windows Genuine Advantage (“WGA”) (which enforces the validity of a user’s version of XP) violated the XP end user license agreement (“EULA”).

Microsoft moved for summary judgment against two of the plaintiffs, arguing that they did not own the computers at the time WGA was installed, and thus these plaintiffs lacked standing. The court agreed and entered summary judgment against these plaintiffs.

The court rejected these plaintiffs’ arguments that they had standing as computer users and business owners to raise the breach of contract claims. The plaintiffs had transferred their ownership to a company before WGA was installed. The parties were therefore not parties to the EULA and lacked privity with any party. Moreover, they could not be treated as third party beneficiaries of the EULA, so they lacked standing.

Scroll to top