Source Code Repositories: Reviewing the Right Version of a Program

July 14, 2017 - from DisputeSoft's Josh Siegel

When examining software for evidence of copying in a misappropriation case, an expert attempts to examine the allegedly infringing program as it existed on or about the date of alleged copying. Programs evolve constantly due to regulatory changes, new operating system requirements, customer feedback, bug fixes, and many other external demands. Such updates may result in substantial alteration to a program over time, and the code that comprises a program on the date of alleged copying may differ significantly from the program’s code at the time of litigation. The code of the program at the time of litigation may contain little or no indication of copying, while previous versions of that same program may show significant evidence of copying. In some cases, a group or individual who has copied code may attempt to delete and rewrite some of the copied code over time in order to hide the fact that the program began as a copy of an existing work.

Using the change management features of a source code repository, an independent expert can “roll back” all of the updates made to a program to a specific date. This technique allows the expert to review and compare two programs as close to the date of alleged copying as possible, when the programs would likely be the most similar. If a plaintiff alleges that copying occurred on more than one date, an expert can use the version management feature of a code repository to analyze and compare code as close in time possible to each of the dates in question.

Once an expert has access to the accused program’s code as it existed on the date of alleged copying, he or she can form opinions about whether copying occurred. Programmer comments on updates, comparisons between software programs, or simply an unusually large addition of source code all are important clues that help a trained eye recognize software misappropriation.