Source Code Protective Orders: Patent vs. Copyright and Trade Secret

Attorneys working in software-related IP litigation often agree to protective order restrictions on source code designation, access, and use, without analyzing the implications for how code is examined by experts.

Failure to negotiate appropriate protective order terms may limit your expert’s ability to review and analyze code completely and efficiently, and further, may dramatically increase code examination time and cost. Therefore, before agreeing to stipulate to protective order terms that will govern code examination, it is advisable to first consult with your expert to ascertain the type(s) of analysis he or she plans to undertake.

Protective orders for source code review in software patent litigation serve the purpose of preventing, or otherwise mitigating any risk of, disclosure of code elements to competitors, who, in some cases, are the opposing party. Limiting disclosure prevents competitors from acquiring a “road-map” to circumventing a patent owner’s invention, or patent owners from expanding their claims. As such, protective orders used in software patent litigation exhibit features which make them highly restrictive on how a software patent infringement expert conducts their analysis.

For example, access to produced code for expert witness review in patent litigation may be limited to:

1. normal business hours;
2. at a controlled location (e.g., counsel’s office); and
3. in a secured room without internet or network access to other computers, tools, or media devices to perform their analysis, all of which reduce the risks of proprietary code from becoming public knowledge.

Moreover, some protective orders contain prohibitions against, or very strict limitations on, copying code, such as permitting photocopies or handwritten notes for preparing court filings, pleadings, or expert report exhibits. Here is an example of a protective order appropriate for source code review in patent litigation: U.S. Dist. Ct. N.D. Cali. Model Protective Order for Software Patent Litigation.

The circumstances of code review for software patent litigation perhaps make these restrictions appropriate. However, they make code review in software copyright infringement litigation more challenging. The relevant issues and expert analyses are fundamentally different. Code review in software patent litigation considers whether the code practices the protected claims of the patent. The comparison is a single set of source code against claims of a patent, which entails reverse engineering a single unit of source code to ascertain its purpose and function. This analysis may later be discarded once it is determined the unit of code is beyond the scope of the claims.

Code review in software copyright infringement cases consider whether code is copied or derived from another party’s code. Answering this question entails a different process: comparing entire code sets against each other to determine whether and to what extent allegedly copied code is derived from the other, and whether any resulting similarities are anything other than coincidental or are of particular import. Because the volume of information that must be compared is often much larger and more complex (e.g., code set to code set, instead of code units to patent claims), performing copyright infringement analysis necessitates assistance from automated tools and access to publicly available information to answer the relevant questions.

The circumstances and purposes for the respective analyses are different. The tools used to perform the analyses are different, and the factual findings and opinions resulting from the analyses are different. These differences make it all but impossible to perform the required review under conditions like those described above for patent code reviews. Accordingly, the scope of the protective orders in copyright and trade secret code reviews should also be different.

The purpose of protective orders for source code examination in software copyright and trade secret litigation is also to prevent public disclosure of proprietary source code, which could result in competitors developing competing products, or, in the case of trade secrets, destroy its status as a trade secret. Thus, “Confidential” and/or “Attorneys Eyes Only” designations in protective orders are appropriate, just as with protective orders designed for patent code reviews. Access to code is conditioned upon an expert agreeing to be bound by the protective order terms by signing the provided form, or seeking written permission from the disclosing party.

However, in copyright and trade secret cases, access to code sets (from both parties), analytical software tools, and public information are necessary to perform an appropriate code comparison, and thus limitations on an expert’s use of its forensic resources, including Internet access, are inappropriate. In such cases, copies of the code may be stored at either the receiving party’s attorney’s office, or their expert’s office. In many cases, copies are permitted within reasonable means, perhaps by the number of copied pages or percentage of the whole code set, or may not be limited at all. In other cases, circumstances may dictate an on-site code review involving only a limited number of code reviewers accessing and analyzing code currently in use, and permit copying by the reviewers for their report, but the restrictions and means of copying are comparatively less stringent than in software patent litigation. Here are examples of protective orders containing clauses appropriate for source code review in copyright litigation:

Atlantic Technology Enterprises, Inc. v. Lincoln Park Savings Bank (Section 6(d), requiring designation of “Confidential-Attorneys’ Eyes Only” and permitting disclosure to outside expert witnesses of such designated material who have signed an agreement to be bound to the protective order)

Fantasy Interactive, Inc. v. HTC Corporation (Section 4.2(c) permitting disclosure of “Confidential” information to experts and consultants who have signed the “Acknowledgement and Agreement to Be Bound”, but otherwise containing no restrictions on access, copying, or designating source code)

Cedarcrestone, Inc. v. Affiliated Computer Services, LLC, n/k/a Xerox Business Services, LLC (Section 7(c) requiring copies of information to be retained in the office of outside counsel for the receiving party or offices of experts to which it has been disclosed)

ECIMOS, LLC v. Carrier Corporation (Sections 1 and 2, specifying the number of reviewers for on-site code review, Section 6 preventing the opposing party, but not the reviewers, from copying source code)

These types of protective orders are preferred in software copyright and trade secret litigation because they enable expert witnesses to undertake the more expansive analysis that is required in such cases, while obligating the expert to adhere to Confidentiality and Attorneys Eyes Only restrictions.

In sum, protective orders in software patent, copyright, and trade secret litigation are important to protecting the client’s interest, but the circumstances and purposes in each case differ, and may impose harsh limitations on how an expert can proceed with their analysis, impacting costs and effort required. As such, it is advisable to consult your software failure expert witnesses prior to entering into a stipulated protective order to understand the impact that the protective order will have on the expert’s ability to perform their necessary work.