Intellectual Property Rights and Software Development
Intellectual Property Rights (IPR) are legal rights that protect intangible creations of the human intellect and the owners of the original work, creations such as inventions, products, artistic works, scientific developments, among others. We interviewed Ewa Konieczna, our project manager, and Burak Unlu, our software engineer, to understand how it works and the challenges faced during IP licensing check implementation. Earlier this year, they finished a project to support the European Space Agency (ESA)’s IP management.
Before getting into details of how IP licensing check works, Ewa, why is IPR important for the space sector?
Ewa: ESA, being a space agency, also creates or outsources specific software solutions such as Mission Operations Infrastructure products. To further distribute those products to the industry of ESA Member States, the Agency needs to make sure it has legal rights to distribute the software and meets all the IP compliance regulations relating to the components used and their related dependencies. The project we were involved in focused on developing a solution to support project management and project planning. Developers and project managers can use our product to verify whether components selected for development are in line with the license they intend to use to distribute the software. As you can see, the topic is not restricted to the space sector but to all industries and companies intending to distribute or sell their software solutions.
What does components or dependencies mean?
Burak: When developing software, not the whole code is newly created. Some components may have already been implemented by other developers or companies and used in the new software. Dependency is how we use third-party software. It is a piece of code we inject into our software.
Which are other industries that IPR is also essential to?
Ewa: For example, we support the licensing check for software development within the ECHO cybersecurity project. Among other activities, companies involved in the project develop solutions and applications to support the cybersecurity needs of various industries, specifically the strategical ones, such as energy, healthcare, and transportation. The products developed within this project have the potential for commercial use, and we need to make sure we have the right to distribute these products. Coming back to what Burak said, if we use components developed by someone else during our product’s creation, we need to make sure the final product can still be sold under our trademark and isn’t infringing anyone else’s right. In a project of this size, many companies contribute to creating the final product, which makes the IP licensing check much more critical in this case. This example shows that attention to software license rights and IPR is relevant to any technology regardless of the industry it will support in the end.
I see companies being interested in protecting their know-how and their intellectual property, while at the same time, I feel like the topic of software licensing is not given sufficient attention. That is surprising because neglecting the verification of how your product has been constructed can have legal consequences and even harm the company.
Why is IPR check for software important?
Burak: IPR check is essential because of the dependencies, they are published on the internet, and many software applications contain dependencies. However, there are often conditions for using them that need to be checked. That is the reason why we need those IPR’s tools. We need to make sure that all components and dependencies are compatible with each other.
What are the possible consequences of not checking the code?
Burak: If you use a dependency or component that you aren’t allowed to, the owner of this dependency or component can open a lawsuit against you. As there are different licenses and permission to use dependencies and third-party applications, dependency and license compatibility need to be checked.
Ewa: Some of the libraries are available under the GPL license, which means that the code is free to be used, as long as the source code of the final solution where it is inserted in will also be made available under that license. You can imagine that the obligation to disclose the source code may not be aligned with the company’s strategy, and if late discovered, may lead to loads of additional work replacing some of the libraries, delay the release of the application, etc.
What are the challenges faced while doing an IPR check?
Burak: We are trying to make sure that all the dependencies or third-party software are compatible. We are trying to automate the entire process, but that is not possible because we are fetching dependencies information from the central storage. However, there is no obligation to publish license or compatibility data on this storage, and sometimes the information there is not correct. That is why we can’t rely exclusively on the tolls, and we must manually check every single dependency and third-party software code. We try to find the source code and detect what kind of license and permission it has.
There is a difference between dependency compatibility and plagiarism. Plagiarism is taking a piece of code that is published. The fact that someone can see a code doesn’t mean that they can use it, even if it looks like a very generic code. Infringing that might have consequences, our IPR tool also checks that. We scan every code line of the software we are reviewing and compare it to the other available codes on the internet. Apart from the dependency check, we also run plagiarism checks to see if any piece of code is taken from another source.
Ewa: It is like writing a paper, you may quote and use someone’s text, but you need to acknowledge the source. Copyright applies to computer software too.
If you would like to know more about the ECHO project or IP licensing checking, please contact us.
To get to know more about Ewa Konieczna and Burak Unlu, visit their LinkedIn profile, and don’t forget to follow us on Linkedin, Twitter, or Facebook to get our updates.
This article was written by Juliane Verissímo - Marketing Department of VisionSpace.