DOMA Top 10
legal risks in web development
Michael Cordover (M+K dobson mitchell allport lawyers) · licenced under CC-BY-SA 3.0 AU
Who/what/why
- Webdev turned lawyer
- Top 10 legal vulnerabilities
Like the OWASP Top 10
- Series of tubes = advanced knowledge
- Getting it wrong burns!
1: No written agreement
- The SQL injection of legal vulnerabilities
2: Poor payment terms
- Milestones
- Timeframes
- Interest & debt collection
- Security for payment
3: Insufficient IP clauses
- Who will own copyright?
- When is copyright assigned?
- Is it yours to give?
- What about background materials?
4: Unlicenced materials
- Code snippits
- Stuff made for a former client/employer
- Assets
- "Inspired" copies
- Not just code
5: Lack of indemnities
- Who knows what that even is?
- Host liability
- Using supplied materials
6: Illegal boilerplate
- At best unenforceable
- Unintended consequences
- You might get fined
The software is provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and noninfringement.
7: Poor employee/subcontractor agreements
- Intellectual property
- Non-work/semi-work activities
- Trade secrets/non-compete
8: No portfolio rights
- Use of trademarks
- Confidentiality
- IP ownership
9: Poor specifications
- Keep agreement up-to-date
- Provide a change process
- Clear what's in/out of scope
10: Unlimited liability
- Consequential loss
- Third party failures
- Reliance on advice
- Updates and bug fixes
Michael Cordover
· doma.com.au/talks/top10.html
· CC-BY-SA 3.0 AU
/
#