tl;dr
Make sure diagnostic tools are written as stand-alone modules so that they can be protected by copyright. Trade secrets need to be kept secret, maintenance passwords can do this if your application is at your customer’s site.
The Details
There are two main ways for a software developer to stop his customer from using software he hasn’t patented. The developer will argue that his software is a trade secret, or that its use is protected by copyright, or both. While these rights will give him a lot of protection they are not absolute. Some times the way code is written has an effect on how the courts protect it.
A case recently decided in California drives home this lesson. A manufacturer built a software diagnostic system into their check scanning equipment. One of their customers used a competitor to service the equipment. The competitor circumvented the password protection (we’re not sure how) and used the internal diagnostic system provided by the manufacturer to service the machines.
One of the questions answered is does the manufacturer have copyright protection over his diagnostic tools? The answer here depends on how he wrote and implemented that code. Copyright has a specific exclusion for use of code in the maintenance and repair of machines. If your diagnostic code is built into the code that operates the machine, if it is necessary for the machine to run properly in the first place, the copyright act specifically allows an owner or lessee of the machine to use that code for maintenance or repair. If your code is a stand-alone module, if it is not activated by turning the machine on but by some separate process, it doesn’t fit inside the exception.
The question of the password and how it was circumvented was the key point in the related trade secret claim. By taking the precaution of password protecting the diagnostic system, the manufacturer was able to say that the system as a whole was a trade secret and that the service provider was not allowed to access it. While there are other considerations, mainly how well did the manufacturer keep his secret, the password gave him a leg-up in the proceeding.
Here’s the case if you are interested: Burroughs Payment Sys., Inc. v. Symco Group, Inc., Case No. C-11-06268 JCS., [Docket No. 33]., 2012 BL 119409 (N.D. Cal. May 14, 2012)
