[ISN] Source code stolen from U.S. software company in India

[InfoSec News]

http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,95045,00.html

by John Ribeiro
AUGUST 05, 2004
IDG NEWS SERVICE

Jolly Technologies, a division of U.S. company Jolly Inc., reported
yesterday that an insider at its research and development center in
Mumbai stole portions of the source code and confidential design
documents relating to one of its key products. As a result, the
company has halted all development at the center.

Jolly Technologies is a vendor of labeling and card software for the
printing industry. It set up its R&D facility in Mumbai less than
three months ago, according to a statement from the parent company.

The company said that according to a report obtained from its branch
in India, a recently hired software engineer used her Yahoo e-mail
account, which now allows 100MB of free storage space, to upload and
ship the copied files out of the research facility. The company
detected the theft and is trying to prevent the employee from further
distributing the source code and other confidential information.

The vast majority of U.S.-based software companies require their
employees to sign an employment agreement that prohibits them from
carrying the company's source code out of a development facility or
transferring it in any way.

Though the Indian branch of Jolly Technologies requires employees to
sign a similar employment agreement, the sluggish Indian legal system
and the absence of intellectual property laws make it nearly
impossible to enforce such agreements, the company said.

Representatives of San Carlos, Calif.-based Jolly Technologies in
Mumbai are working closely with local law enforcement authorities,
seeking their assistance in taking corrective action against the
employee and to prevent such crimes from occurring again.

The company said it has decided to delay further recruitment and halt
development activities in India until better legal safeguards are in
place.