(954) 634-2652
Reverse engineering is a viable method to discover and exploit trade secrets embedded in the public domain or created independently.[1] However, there are several guidelines one must follow to avoid or reduce legal risk. This article discusses those guidelines.
- Conducting a Freedom-to-Operate Search
Before engaging in any reverse engineering, it is prudent to conduct a comprehensive Freedom-to-Operate (FTO) search. This search assesses whether any existing patents cover the technology you intend to reverse engineer. By identifying potential patent rights, you can better understand the scope of protection, avoid infringement risks, and determine whether permissions, such as licenses, are necessary to proceed lawfully.
Once the FTO search is complete, reverse engineering can serve as a valuable tool for uncovering how a product functions, its composition, or its interoperability with other systems. However, while reverse engineering may be legally permissible, its application is governed by key areas of law that impose various limitations.
- Legal Framework Governing Reverse Engineering
Reverse engineering is impacted by multiple legal doctrines, including copyright law, trade secret law, and contract law. Below is a brief summary of key principles.
- Digital Millennium Copyright Act (DMCA) and Copyright Law
Even if software is not patented, copyright law may safeguard the expression of its code, including its structure, sequence, and organization. However, courts have distinguished between the expression of code and the underlying functional ideas or processes that may be revealed through reverse engineering. While copying code verbatim would constitute copyright infringement, reverse engineering to understand these underlying ideas may, under certain circumstances, qualify as fair use.
One significant case illustrating this principle is Sega Enterprises Ltd. v. Accolade, Inc., 977 F.2d 1510 (9th Cir. 1992). In this case, accolade reverse-engineered Sega’s video game software to understand its compatibility requirements and create its own games for the Sega console. Accolade copied portions of Sega’s code during the process, which Sega argued was a copyright violation. However, the court found that Accolade’s actions fell within the scope of fair use.
However, there is a limit to how the information obtained from bypassing technical protection measures can be used. U.S. Copyright Act, Section 1201(f) limits individuals strictly to achieving compatibility and does not provide a blanket right to freely reverse engineer all aspects of software. For example, in the Sega Enterprises case, the Ninth Circuit found fair use where the reversed engineered information was used to develop games that were functional or interoperable with the plaintiff’s software code. However, failure to comply with these limitations can result in legal liability under the Digital Millennium Copyright Act (DMCA). And, software developers and business should carefully consider what is actually being done to access code on how the code is used.
- Trade Secret Law
The U.S. Supreme Court has established that reverse engineering, if conducted on a lawfully obtained product, is a legitimate and “fair and honest means” of uncovering trade secrets. [1] However, trade secret law protects against misappropriation, meaning that if reverse engineering involves acquiring a product through improper means, it may be unlawful.
This case also highlights that individuals may bypass technical protection measures to obtain code. Under the U.S. Copyright Act, Section 1201(f), individuals may bypass such measures to reverse engineer software for the purpose of ensuring interoperability with other independently created software.
Nevertheless, there are limits on how the information obtained through this bypassing may be used. Section 1201(f) limits individuals to achieving compatibility and does not provide a blanket right to reverse engineer all aspects of software. Non-compliance with these limitations can result in legal liability under the Digital Millennium Copyright Act (DMCA).
- Contract Law
Many products, especially software, are distributed under End User License Agreements (EULAs) or protected by Non-Disclosure Agreements (NDAs), which often prohibit reverse engineering. Courts have upheld these contractual provisions. Therefore, violating the terms of such agreements may lead to breach of contract claims, even if the reverse engineering itself would otherwise be lawful.
- Guidelines to Minimize Legal Risks
Given the complex legal landscape, the following best practices can help ensure compliance and reduce the risk of legal disputes during reverse engineering activities:
- Conduct a Freedom-to-Operate Search
Determine whether any patents protect the technology in question. Identifying relevant patent claims can guide your strategy and mitigate infringement risks.
- Assess Applicable Legal Boundaries
Understand and evaluate the legal frameworks governing your reverse engineering activities. This includes analyzing copyright, trade secret, and contract laws to determine what actions are permissible.
- Review and Honor Contractual Obligations
Carefully review all applicable EULAs, NDAs, and other agreements for restrictions on reverse engineering. If reverse engineering is prohibited, violating these terms may result in significant legal consequences.
- Document Processes and Compliance
Maintain detailed documentation of all reverse engineering activities, including steps taken to ensure compliance with legal exceptions such as interoperability rights. This record can be crucial if your practices are ever challenged in court.
- Consult Legal Counsel
Since legal requirements vary depending on technology and jurisdiction, consulting with experienced legal counsel can help you navigate potential risks. Attorneys can provide tailored advice to ensure compliance with current laws and contractual terms.
By adhering to these guidelines and conducting an FTO search as a foundational step, businesses and individuals can better position themselves to use reverse engineering as a legitimate and strategic tool. Understanding the balance between legal restrictions and rights is essential to minimizing risks and fostering innovation. Click HERE is to learn more about Derek Fahey, the author of this article.
[1] Kewanee Oil Co. v. Bicron Corp., 416 U.S. 470, 476 (1974)
[2] Bonito Boats, Inc. v. Thunder Craft Boats, Inc. 489 U.S. 141, 155 (1989).
wordpress theme by initheme.com