Learn Docker With My Newest Course

Dive into Docker takes you from "What is Docker?" to confidently applying Docker to your own projects. It's packed with best practices and examples. Start Learning Docker →

Protecting Your Code and IP When Doing Contract or Freelance Work

blog/cards/protecting-your-code-and-ip-when-doing-contract-or-freelance-work.jpg

When taking on freelance work, you'll often be asked to sign away all rights to any code you write on the project.

Quick Jump: Full Time Employment and Contracts Are Different | These Companies Usually Aren't Out to Get You | Steps to Get Your Contract Amended

I run into this scenario a lot as a freelance developer. Companies will request that any code you write for their project will 100% belong to them. They want to own all of the IP (intellectual property) for every line of code and they’ll ask you to sign contracts to agree.

A vast majority of companies just take existing contracts they have for their full time employees, tweak a few sentences to make it apply to contract work and then call it a day.

So it’s no surprise that you’ll eventually get to the section of the contract on code ownership and you’ll get hit with a wall of text that says you forfeit the right to use, reuse, copy, talk about, write about or distribute any line of code outside the context of this project.

Full Time Employment and Contracts Are Different

The limitations imposed by the above contract are pretty strict but if you’re a full time employee and that’s the only code base you’ll be working on for the next few years, then it’s not totally out of the picture to be OK with that – especially if you don’t plan to have any open source or side projects which a lot of employees have no interest in anyways.

But if you’re a freelance or contract worker, everything changes. Chances are you’re going to be working on many different contracts for different companies and personally I find a substantially large amount of contract workers also like to do open source work and are more open to write about what they are learning.

If you sign away your rights to every line of code you write for 1 specific contract, then you may end up putting yourself into a situation where you would be in a contract violation to ever work on another project, even if all companies involved have nothing to do with each other.

These Companies Usually Aren’t Out to Get You

Most of the time the person asking you to sign the contract hasn’t thought about working on coding projects from the perspective of a contract worker.

They may or may not be technical either, so you should never approach the situation as if they are trying to bully you into an uneven relationship that’s going to prevent you from ever working again.

I can only think of 2 situations in ~20 years where a potential client was super weird about things like this. Ultimately I thanked them for their time and turned down the work. It’s as easy as that. You can always find better contracts to work on.

Steps to Get Your Contract Amended

It starts by reading the existing contract(s) in detail. Don’t just skim them. Make sure you read every word because if things go sour for whatever reason, that contract is likely going to dictate the outcome of any dispute.

You should be on the look out for any ambiguous terms related to who owns the code you’ll be providing and make a note of it. Ambiguity is the number one enemy of any contract. Things should be crystal clear for everyone involved with a 0% chance of something being misinterpreted.

Most contracts you come across are going to be worded differently.

As an aside, notice how I didn’t write “All contracts you come across…“. Chances are all of them will be different in some way, and technically they will be if you want to include things like swapping out company names (even if the contract itself has the same wording), but using “all” could be considered untrue since you can’t predict the future.

I only brought that up to demonstrate that you need to really dial into the exact words used in the contract. You should be on the highest alert possible when reading it over to find phrases that aren’t clear or are unreasonable.

Next up, you should make a distinction between general code and unique business logic / trade secrets. I’m not a lawyer so I’m not going to paste anything from an existing contract, plus in every case so far the wording ended up being different because the company’s lawyer wrote up my non-legal explanation of it into legal-babel (but in a good way).

As another aside, notice how I wrote “every case so far” in the previous paragraph, which states every encounter before the date of this blog post was different (which it was), but I’m not committing to saying every case will be different for the rest of humanity. Just another case of being careful with your wording!

Now, the really interesting thing here is what constitutes the difference between general code and unique business logic? That’s really the money question and it’s pretty tough to be crystal clear on this, but here’s a few examples that hasn’t failed me yet.

If you’re working on a Flask contract and you happen to import the freely available Flask library into your project and set up a Flask app factory function, then you shouldn’t be restricted from reusing or sharing this code in other projects.

This is purely generic. It’s something openly documented and for a decent amount of lines in that function, things can only be done in 1 way because that is Flask’s API. Surely you shouldn’t be prevented from reusing that again in another project.

Another example would be setting up a specific service in a Docker Compose project. If the project uses PostgreSQL 11.3, the snippet of code you use in your docker-compose.yml file will very likely be identical across another project that happens to use PostgreSQL 11.3.

It’s not reasonable to say you can’t reuse that code. That would mean you could never take on another contract where someone else is using PostgreSQL 11.3.

A third (and final) example would be general patterns that are openly documented or are already licensed. For example, if you based the contract’s project on an app structure / skeleton that is open source with an MIT license then that code is already licensed.

I don’t think a company can legally sub-license that to something more restrictive than MIT. Meaning, they can add rules to it but they can’t remove the original MIT license’s claims. I’m not a license expert but that is my understanding of it and I can’t find anything that says otherwise. Let me know in the comments if you have a definitive answer.

The last step is to apply the above to your project and ask the company’s decision maker to amend the contract with a reasonable code licensing agreement.

I mostly work on Flask and Docker contracts so my examples are tuned to that but I’m sure you can think of many examples in whatever tech stack you’re working with.

So once you get a few examples in mind, go ahead and ask to set up a call with whoever issued you the contract so you can discuss everything.

I find it’s a lot faster to do this over a call instead of email because it’ll likely require a bit of back and forth that doesn’t translate too well to asynchronous back and forth text .

Just remember, they are your friend (most likely!). It’s not supposed to be a confrontational call. Just lay out why you think it should be changed and be prepared to rattle off a bunch of examples that make sense for your contract.

My recommendation would be to have things written up so that you retain full ownership of the generic code, and that you license that code to them as MIT. And of course, the company would have full ownership and rights to any proprietary code you write for them.

This way they can continue selling or profiting from your generic code and can modify and distribute the code as they see fit. In other words, it won’t hinder them from using the code in any way they see fit (in 99.99999% of use cases).

If that’s not possible to set up, then the next best thing is for them to retain 100% ownership of all of the code (both generic and unique trade secrets) but then they license the generic code back to you as MIT.

This way you can still reuse, openly talk about or distribute that generic code in any projects you see fit without worrying that you’re going to get smoked in a lawsuit.

Truthfully out of ~20 years of freelancing, I’ve gotten sued 0 times over a contract breach and I was never even questioned once about code being reused in a contract violation scenario. In other words, no one has ever brought it up.

On that note, I’m an honest guy. I’m always up front with all of my clients that I wouldn’t ever in a million years even think about sharing trade secrets or any code that could ever be traced back to their company specifically, and if I was ever not 100% sure on something (like a group of general functions that might be questionably unique) then I’d run it by them first.

With that said, if you can’t negotiate an MIT license from either party for the generic code, then make sure you come to some other agreement that allows you to use the generic code without troubles in other projects outside of that one contract.

Some companies may even allow you to reuse the generic code without a license, but only in certain ways – and sometimes those ways might be illogical. Such as, you’re not allowed to copy / paste the generic code from their project into another project, but you are OK to type it out character by character.

I know, in that case the end result of the code is identical and there’s no way to really prove that you typed it out instead of pasting it, but if those are the terms they came up with, then those are the terms.

In the end, just be respectful of their code and their decisions. If you’re ever unsure of something after you’ve signed a contract then reach out to them to get clarifications.

In most cases the more understanding you are, the more understanding they will be.

What is your strategy for reusing generic code in freelance gigs? Let me know below.

Never Miss a Tip, Trick or Tutorial

Like you, I'm super protective of my inbox, so don't worry about getting spammed. You can expect a few emails per month (at most), and you can 1-click unsubscribe at any time. See what else you'll get too.


Comments