Reverse engineering of a proprietary computer program is not necessarily, and in this case was not, a misappropriation of trade secrets. Aqua Connect, Inc. v. Code Rebel LLC, 2012 U.S. Dist. LEXIS 17962, No. CV 11-5764-RSWL (C.D. Cal. Feb 13, 2012).
In the words of the court:
Plaintiff alleges that Movants downloaded a trial version of Plaintiff's Aqua Connect Terminal Server software ("ACTS") and subsequently reverse engineered ACTS in violation of the End User License Agreement ("EULA"), which Movants had to agree to in order to use the trial version of ACTS. Plaintiff alleges that Movants misappropriated the trade secrets within ACTS and used that information to create and distribute a competing software product.
Defendant brought a motion to dismiss for failure to state a claim based on Federal Rule of Civil Procedure 12(b)(6).
The court found that the plaintiff had "only pled that Movants acquired Plaintiff's trade secret through 'reverse engineering,'" and therefore "Plaintiff has not pled sufficient facts to support a cognizable trade secret misappropriation claim."
California's version of the Uniform Trade Secrets Act "specifically states that '[r]everse engineering alone shall not be considered improper means'" of acquiring trade secret information. The fact that the plaintiff's EULA prohibited reverse engineering "may support a cognizable breach of contract claim," but "the mere presence of the EULA does not convert reverse engineering into an 'improper means' within the definition of California trade secret law." Alternatively, there was no trade secret misappropriation under a theory that the defendant had a duty to maintain secrecy, because the defendant had none.
Some states follow California and explicitly exclude reverse engineering from by itself constituting an "improper means" giving rise to trade secrets misappropriation (for example, Illinois and North Carolina). Many others, however, do not (for example, Michigan, Pennsylvania, and Delaware). I would be curious to hear any reports of decisions from the latter states or their ilk concerning reverse engineering.
In any event, one can see the logic to this decision. Is not the Aqua court correct that nothing in the applicable trade secrets law gives rise to a misappropriation based on the facts as pled?
On the other hand, surely a software vendor should be able to distribute its product without fear of losing proprietary source code. True enough, yet trade secrets law is but one mechanism for protecting software code and programming methods. Other laws, such as contract law, as discussed in the Aqua court's decision, as well as copyright law (which does itself have some exceptions for reverse engineering), can often fill the seeming void in trade secrets law. Indeed, I must be missing something -- I would be curious for any insight concerning why the plaintiff here did not allege copyright infringement, as apparently it did not.