The release of Mr Arun Jain, CEO of the Indian Software Company Polaris arrested in Indonesia and acquittal of Elcomsoft in the DMCA case in which a Russian software programmer Mr Dmitry Sklyarov was arrested in USA come as a relief to the software sector shocked with the extreme impact of legal negligence.

The growing aggression of some Companies in protecting their legal rights and resorting  to pressing criminal charges against executives on whom the law enforcers can lay their hands for the moment as against resolving the dispute through more civilian means  characterizes the two cases.

Polaris case indicates how despite an arbitration clause being there in a contract, criminal charges can be pursued and how the judicial and law enforcement systems in a foreign country could be made to act in sympathy to the local party. Even if the case is ultimately settled, it is likely that the Company will have to bear a huge financial loss not envisaged earlier.

It is therefore necessary  for all software companies to develop a system whereby every commercial quotation is weighted for not only the possible uncertainties in manpower and time estimates but also the legal risk factor. While a well drafted contract can be a good insurance for the legal risk, it cannot completely cover the vagaries of some countries. This has to be quantified as a "Country Risk". Similarly each client, and his industry environment contribute certain risk factors which need to be factored in.

It is not clear if the software companies in India are providing adequate attention to this factor. It is a fair guess that "Legal Compliancy" within an organization or an estimation of "Financial impact of Legal Risks in Projects" are factored into a project quotation which is normally drawn by a team of software developers who mainly estimate the manpower and time estimates of a contract. All other uncertainties are buried under the profit margin which gets squeezed in a competitive situation.

In order to get over this lacuna in the Indian system, Nasscom should develop a "Country Risk Profile" , "Client Risk Profile" and "Industry Risk Profile" of different overseas countries, the prospective clients therein and businesses they are in. This information should be shared with the industry who should also exchange their experiences with the Nasscom in this respect.

Probably Nasscom should set up a task force for this purpose which should include experts from the Indian Credit Rating Agencies such as CRISIL and ICRA as well as a few from the ECGC. The taskforce can evolve a proper system to monitor the legal and business risks associated with the software contracts for necessary action.

In the Elcomsoft case the Jury has held that even though the software under debate might have been illegal, it cannot be said that the Company was intending to break law. We shall discuss the impact of this case on Indian software industry in another follow up article.

Naavi

December 23, 2002

Related Articles in naavi.org

Some Questions Nasscom Should Answer-December 2002

This is Business Terrorism December 2002

Legal Negligence Can Be Devastating- December 2002

IS Managers...Beware, This week you may be heading to Central Prison!!-June 2002

There is No Quality without CCL Compliancy -May 2002

Preparing For Cyber Law Compliancy- May 2002

ISP Managers Beware...You may land in jails..if.. May 2001

CEO s and CTO s- Keep your anticipatory bail ready. -December 2000

Are You Cyber Law Compliant?-November 2000