Interesting.. You wrote:
There is a general understanding that unless explicitly marked in the contents
of the script (the text file that is the Bash program), a Bash script is freely
available for use and modification by anyone. In some cases there is a
copyright notice or a license that allows (or disallows) sharing or
modification. These are always explicitly stated at the beginning of the script
and obvious to anyone who reads or modifies the script.
This is, of course, not correct under current law, marking is not required for
copyright protection. pretty much everything is born copyrighted. Putting
markings on it helps you claim for willful infringement (i.e. the recipient
can't claim "I didn't know") which helps on the damages situation. And, under
the Berne convention, marking is required to assert your rights in some
countries (All Rights Reserved is also required in some places) Likewise,
under current law, registration of copyright isn't required. Registration
allows you to collect statuatory damages for infringement, though.
For trade secrets, it's a bit trickier. The recipient has to know that it's
trade secret, but that can be done by marking on the delivery media, by a
separate document, or even by verbal communication (here, this is proprietary,
don't disclose it). And you have to take some means to protect it: claiming
something that is trade secret that is printed on bus stop benches won't fly.
In any case, just because scripts aren't obfuscated doesn't mean they're not
subject to trade secret protection. If the owner of the secret takes some
precautions to prevent wide disclosure (e.g. warning the recipient of its
proprietary nature). This is the aspect that will surely be the core of
litigation: would a "reasonable person" have known that the material was
subject to trade secret protection. As we all know, reasonable people differ,
and the attorneys on both sides will trot out examples of marking and
disclosure practices: good, bad, and indifferent. As Doug noted, "special
measur
es" need to be taken, but there's no bright line standard for those measures,
and, in practice, they can be pretty lax (and would be expected to be
proportionate to the value of the secret.. the secret formula for Coke is
probably more protected than the schedule for sweeping the floor in the
manufacturing plant... both provide competitive advantage to Coke, but one is
probably more important)
Something that a lot of tech people in industry (particularly those coming
from academia and working with open source) probably don't really fully
understand is that pretty much everything you do for your employer is probably
proprietary in some sense, and there is probably a written policy to that
effect, which you, as an employee, are expected to be aware of. Or your
supervisor told you, or the nice personnel person told you when you hired in 20
years ago, etc. Mundane operational details of the business might be claimed
to provide competitive advantage, especially if they're not "industry standard"
(humorously, if the employer has some really lame practice that's horrible,
that might make it protectable.. then you could argue in court about whether it
had any value). This is why there are "document review" departments and
periodic training: It helps reduce the problem of "inadvertent disclosure" and
"I didn't know".
This is the really tricky thing about trade secret: inadvertent disclosure can
ruin the protection. There have been cases of deliberately (and nefariously)
"losing" trade secret info to spoil the protection. And then, there is a
somewhat notorious case of documents from Intel(?) that were in an envelope at
a hotel desk or convention(?) with a person's name on it. Turns out there was a
competitor (AMD?) with an employee of the same name, who accidentally got the
documents handed to them (Hi, I'm John Smith, I think you have something for
me.), opened the envelope, realized the problem, handed them right back, but in
later action, it was alleged that this was sufficient to break the protection.
I don't recall all the details, and it probably settled out of court. It's
really complex.. "the bell, having been rung, cannot be unrung" (the phrase
shows up in tons of legal writings), but in reality, if the inadvertent
disclosure wasn't too big, etc.
Important things:
1) The language it's written in or obfuscation or not makes no difference.
2) the size of the work makes no difference. "Candy/Is dandy/But liquor/Is
quicker" is/was copyrighted by Ogden Nash (used here as fair use, and anyway,
the copyright may have expired)
3) the intellectual effort in the work makes no difference (unlike patents,
there's no requirement of novelty) (unless you're trying to claim trade secret
protection on something that's already public knowledge.. the thing might be
public, but the fact that you selected that particular one might be trade
secret.)
Jim
I am not a lawyer, but I spent all too many (hundreds) of hours in depositions
and meetings and court where one of the main issues was the "was there adequate
notice of the trade secret status of the information" as well as "did they
steal it", not to mention the always popular "can you describe the secret with
specificity and particularity". If the bad guy steals the trade secret and
then keeps it secret, it's fairly hard to show that they actually have it.
There are also folks who have developed techniques to evade the restrictions of
an NDA ("Sure, I signed it, but that exceeded the scope of my corporate
authority, so it's invalid. " "Technically, I wasn't an employee that
afternoon, even though I was in the morning, and I was the next week, but hey,
for that afternoon, I wasn't an employee, so I'm not bound by the NDA signed by
corporate. Sorry about giving you that business card with the company name on
it, but it was what I happened to have in my wallet")
________________________________________
From: beowulf-boun...@beowulf.org [beowulf-boun...@beowulf.org] On Behalf Of
Douglas Eadline [deadl...@eadline.org]
Sent: Thursday, August 11, 2011 05:04
To: beowulf@beowulf.org
Subject: [Beowulf] All Your BASH Are Belong To Us
Most of you are probably not aware of this story
about trade secrets and Bash scripts on HPC clusters
(I was not until a few months ago)
http://www.clustermonkey.net//content/view/308/33/
--
Doug
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
_______________________________________________
Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing
To change your subscription (digest mode or unsubscribe) visit
http://www.beowulf.org/mailman/listinfo/beowulf
