Software development process and lawyer

Question

On any if you ask a question about licenses, patents or copyright everybody will refer you to the lawyer (see SO’s “ask-a-lawyer” tag). I’m trying to setup a software development process where there will be place for a lawyer. But I cannot find any well known process that includes a lawyer, what activities a he or she performs. Can you referrer me to some publicly available resource that will explain lawyer activities and part in a software development process (RUP, MSF, XP, etc.)?

It’s really hard to convince a customer to pay money for something for activities that will cost more than project development :-) How currently organizations handle legal expenses for customer projects in most cases: via overhead or via time and materials?

Answer 1

I don't think you'll find a "lawyer" milestone in any software development process. It seems a waste of time to find one to cite for your customer's benefit. Even if you could, I doubt that it would provide enough cover for the objections you're worried about that will cost more than software development.

There are lawyers that specialize in open source software, but the only "free as in beer" law that I know is "pro bono".

The best argument I can think of to justify this is to figure out what a patent fight would cost if you don't bring in a lawyer.

If you know the probability of being hit with such a suit you could multiply the average cost times the probability to come up with a dollar figure to compare to the lawyer's fees. That might be a more convincing argument than citing a software development methodology.

Answer 2

You don't need a lawyer as part of a software development process but you should get a lawyer whenever a legal document is involved (a license agreement or a contract for example).

Just like a small business should have lawyer write employee contracts but doesn't keep a full time lawyer in-house for that, you get a lawyer for a few hours to write you license or contract and then you fill in the names - or pay the lawyer another hour to fill in the names for you.

Once you know what legal requirements you have to fulfill in your fields (and for most software I believe there are none) you don't need a lawyer for development, all the contract work is outside the scope of the software project - at least until a salesperson adds a new feature to a contract to close a sale.

Answer 3

Since it looks, from the comments, like you're specifically trying to avoid infringing on anyone else's patents in your software development process, I'll address that point in particular.

I don't know of any software process methodology that specifically addresses the point of "lawyer-clean" code, but plenty (most?) of them address "clean" code in general (via code reviews), so getting it "lawyer-clean" is more-or-less just another phase of code review.

In practice, the costs of having a lawyer review all (or some "risky" subset) of your code base as it's developed is unlikely to be cost-effective for a customer, and I doubt you'll find anyone willing to pay for it -- the risk/benefit ratio, especially for custom code (which nobody else is going to see source for). I can theoretically envisage some ultra-paranoid company wanting it, so there might be a niche market for it, like high-reliability/formal verification development tools/processes. Don't expect it to ever be mass-market.

Also, on the other side, you'd have to find a lawyer willing to do all of the hard yards in understanding your code and finding any relevant patents that might apply. I know a couple of patent-searching lawyers (doing IT for them was a speciality of a former job), and it's not a simple task to identify which patent(s) might infringe a chunk of code you've written. I'd expect that you'd almost need a patent lawyer per developer to keep up with the output volume, and the rates they'll charge will make the most outrageous hourly rate you've seen from an IT contractor seem like chicken feed.

Lawyers are also notoriously conservative creatures -- they'll typically say "no go" to anything that looks even vaguely suspect. You can't second-guess them, either, otherwise all those carefully-crafted protections you're selling to your customers are utterly worthless, so your code will have to be squeaky-clean to pass the lawyer(s)' scrutiny. Good luck writing code at a reasonable pace without using any new technology, process, or algorithm from the last 25 years...

Finally, assuming all of the above comes together, and you find a customer, a lawyer or several, and you manage to produce code that passes their paranoia filters, what do you do if your lawyer(s) miss a patent, and your customer gets sued? They'll sue you, and you'll have to sue the lawyer who stuffed up (or, rather, his/her professional indemnity insurance) to get any money out of them. What's more, all the patent search agreements I've seen have been of the "all care, but no responsibility" form. You might be able to crack that facade, with some extra legal maneuvering, but it'll cost you more again.

Very similar things apply to trademarks, incidentally. Copyright is a different beast, and something that your lawyer won't be able to detect in advance (how do they know that a programmer hasn't ripped a pile of code out of a previous employer's product?). For copyright, your best protection is to educate your developers on what constitutes copyright infringement, and thwack hard anyone dumb enough to break the rules.