News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Robert L. Mitchell's picture
Robert L. Mitchell

Reality Check

More posts | Read bio

May 17, 2006 - 10:48 A.M.

FBI: Offshoring still a risky proposition

7 comments

A few years back Boston-based FBI special agent Nenette Day busted a rogue programmer in India who had stolen the source code to SolidWorks Corp's CAD program. The sting, which took place in India, was a success in that SolidWorks was able to recover its software. If you think the perpetrator is rotting in jail, however, you'd be sadly mistaken.

The case is still dragging on in court, and it's unlikely that the defendant will ever serve jail time due to weak laws, Day says. In the SolidWorks case, which involved the theft of intellectual property valued at $750 million, the perpetrator is free, walking the streets and working in another programming job. He is unlikely to see any jail time.

Day provided an update on the SolidWorks case during a presentation last week at the CIO Forum.

SolidWorks was lucky. Once the source code goes out the door it could be posted on the Internet and at that point the damage is done. Prevention is key.

Nondisclosure agreements with offshore organizations won't help reduce this risk because they have no legal standing in other countries. The only way to contractually protect your intellectual property is to have the local outsourcer bind employees to an agreement under local laws, says Day.  But when the laws are weak, she says, even these agreements provide little protection.

Day says before sending source code to a country companies should check what laws are available to protect them - and whether they've been successfully used by prosecutors. The prevalence of corruption in law enforcement can also stop a case. In many parts of the world, for example, it's not uncommon for police to refuse to help unless bribes are paid first.

To mitigate the risk of offshoring, Day says companies should use an offshore partner with tight security practices and release only portions of the source code at any one time so that the offshore programmers never have the complete program.

It's also important to work with an offshore partner who will be committed to working with local authorities to track down and prosecute any perpetrators, should a loss occur.

Still another way organizations are migitating this risk is by offshoring through a U.S.-based company like Gap International Inc. in Springfield, PA.  The consulting company has a division in India where it hires local programmers as employees. While that still won't prevent a disgruntled employee from trying to steal trade secrets, you can bet that a company  that can be sued in the U.S. is going to be very careful. I asked Rich Rothman, director, what would happen if just one disgruntled employee got away with a client's source code? "We'd be out of business," he said without hesitation. 

What People Are Saying

Add new comment

The programmers overseas

Submitted by Anonymous on February 14, 2007 - 12:34 A.M.

The programmers overseas lack the creativity of US programmers. I have spent countless hours fixing the problems created by them on numerous occasions. I don't know why companies insist on outsourcing and buying the crap they create and then having to pay top dollar in the US to have it fixed, when they could have just paid to have it created here in the first place!

Seems to me that ultimately that every one of the outsourcing deals I have ever seen usually ends up coming back to the states in the end and the mess costs more to clean up than they ever may have saved!

Report this comment

After Rich Rothman's comment

Submitted by Robert L. Mitchell on June 29, 2006 - 8:25 A.M.

After Rich Rothman's comment above was posted I followed up with him on the matter. Mr. Rothman feels that there may have been some confusion as to who made the comments above, which were taken at a social event during the CIO Forum conference. After reviewing my notes I decided that it was best to strike the paragraph which he referred, with my apologies.

Attribution notwithstanding, the point that was made - that offshoring to a US-based firm with a division in India has potential legal and security advantages - has some merit.

Report this comment

Just to clarify, the author

Submitted by Anonymous on June 24, 2006 - 11:30 A.M.

Just to clarify, the author has a major inaccuracy- The following excerpt is grossly inaccurate-

Still another way organizations are migitating this risk is by offshoring through a U.S.-based company like Gap International Inc. in Springfield, PA. The consulting company has a division in India where it hires local programmers as employees.

(NO WE DO NOT- We have NO operations in India...)

While that still won't prevent a disgruntled employee from trying to steal trade secrets, you can bet that a company that can be sued in the U.S. is going to be very careful. I asked Rich Rothman, director, what would happen if just one disgruntled employee got away with a client's source code? "We'd be out of business," he said without hesitation.

(THIS IS RICH ROTHMAN and the author NEVER asked me any such question).

Please get your facts straight prior to posting.

Report this comment

For all those 'Benedict

Submitted by Anonymous on May 26, 2006 - 10:17 A.M.

For all those 'Benedict Arnolds of Industry'
that have made it so I only get a third of what I was able to get before their treasonous acts of outsource/offshore may they join Skillings and Lay in prison where they all belong.
Also note that I push for a boycott of all products and services from companies that currently use H1B's L1's and outsource/offshore. They are the ones that are ruining America.
And all I got to say to any and all of the US companies that are following this trend is, DO NOT try and sell me your product or service I will not buy it. I advocate a boycot of all companies that outsource/offshore. (Think of all the personal wealth I will save by not buying!) H1B addicts don't sell to me go to India and sell your product I will not buy it as it is my protest over the selling off of jobs us Americans can do will do and have done.
And when you need someone to come and fix the mess from poor quality code be ready to pay dearly. (I will charge my pre-H1B rate)
I have steered my offsprings from the IT field due to the current trends but then that was easy since they saw the net effect of H1B competition make my hourly rate get smaller and smaller down to a third of what I made before So I have no interest in this field that I have worked in since the days of punched cards I am set to retire to a third world country only to increase my purchasing power to all locally produced items.!! Not to mention all those companies that are also moving the development to India (Microshaft, IBM etc)
I will relish the day when India and Pakistan are locked in their own nuclear war and the outplaced companies that go to India die in India!! RIP
It is no wonder that IT enrollment is down as you Bendedict Arnolds of Industry push for even more H1B's why would any intelligent human being even consider going into a field that you have 'TRASHED' for us the local people for the sake of cheap labor that ain't worth a tinkers damn!
So in the end it is you Bendedict Arnolds of Industry that are treasonous to your own people and should be jailed for treason.

Report this comment

Executives and gummint types

Submitted by Anonymous on May 19, 2006 - 4:13 P.M.

Executives and gummint types are like cattle, they don't understand anything short of a cowprod, or a stampede. They won't do anything until there is a catastrophe that does some real damage. Look at all the warnings prior to 9/11 that were completely ignored. Even 9/11 hasn't been enough to secure our borders, an invading army of 12 million is in the country right now.

Report this comment

The majority of people

Submitted by Anonymous on May 19, 2006 - 9:37 A.M.

The majority of people making the decision to outsource only look at one aspect, usually x is less than y so let's outsource, and not the bigger picture. It won't be until one or two companies have their IP stolen and used against them that this will be understood.

Report this comment

So when the auditors and/or

Submitted by Anonymous on May 18, 2006 - 11:10 A.M.

So when the auditors and/or managers look at the cost effectiveness of this offshoring venture, will they add up all the legal costs of IP protection and prosecution of this rogue employee? No.

It would have been cheaper to keep the work in the U.S. Sometimes offshoring is the more expensive alternative.

Report this comment

Related Posts

Help Haiti disaster relief efforts... with technology
Google China censorship: opinion roundup
No easy fix for Word legal woes
Six of the best: June's IT Blogwatch

Editor's Picks

Attacks likely against Windows, PowerPoint, researchers say

Google Buzz takes the fight to Facebook, Twitter

Micron acquires flash memory maker Numonyx

Judge dismisses Windows anti-piracy software lawsuit

New Russian botnet tries to kill rival

Microsoft e-health research taps Xbox, mobile phones

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.