yacc: public domain?

Geoff Kuenning geoff at desint.UUCP
Thu Jan 10 19:13:59 AEST 1985 

In article <4866 at utzoo.UUCP> henry at utzoo.UUCP (Henry Spencer) writes:

>Anyone who has granted access to this stuff without imposing a non-disclosure
>requirement as a condition of access is in violation of their Unix licence,
>and AT&T could sue them for their shirts over it.

So?  Does U of Toronto require literally *every* student who has ever taken a
Unix course or had a Unix signon to sign a nondisclosure?  If so, you are the
exception, not the rule.

Besides the obvious case of university students, there are also public access
Unixes.  I know of installations in Chicago and San Francisco.  Both have
'guest' logins, and will grant a login to anyone who asks, as well.  There
are also several budding commercial timesharing Unix systems.

I can also point out at least several cases of Unix systems which are on
dialup phone lines accessible to any "cracker," and which have guest logins
with no password.  Several 68000 companies, for example, provide "demo"
phone numbers with guest logins.  (In fact, I have seen systems that don't
even have a root password!).

Finally, there are the commercial installations.  When a TRW employee hires on,
he or she typically signs a blanket nondisclosure/invention ownership
document.  Two or more years later, he/she is given a UNIX login.  But was it
made clear that this involved a specific nondisclosure responsibility to AT&T?

Also, a number of AT&T customers (OEM's) have been sloppy about UNIX licenses,
especially in the early days.  I know of more than one 68000-based system
which the owner paid cash for, legally, yet never signed a nondisclosure.

My point is that, although technically you are right (all of these people are
guilty of violating the nondisclosure agreement), legally AT&T has no
recourse against these people.  One of the requirements of trade secret law
is that AT&T must make a sincere good-faith effort to maintain the secrecy of
their material.  My position (if sued by AT&T) would be that the number of
people who have had non-restricted access to all or part of UNIX is prima
facie evidence that AT&T has not taken sufficient care to restrict their
trade secret.  In particular (warning:  I am working from rusty memory on
the contract;  forgive me if I blow it):

    (1) Many editions of the AT&T contract have not explicitly prohibited
	granting access to the "publicly-readable" files.  I am pretty sure
	that I have seen contracts listing /usr/src as the only thing that
	must be protected as an AT&T trade secret.
    (2) Most editions of the contract have said nothing about who may be given
	logins on the system, although there is a provision that anyone who is
	given "access" to the *sources* (not the timesharing system as a tool
	or entity) must be bound by nondisclosure.
    (3) AT&T has been aware for some time of the existence of university
	students who use Unix.  I suspect AT&T has taken no action to
	make sure that these "ordinary" users are bound by non-disclosure.
    (4) The same goes for public-access Unixes, which have been around for at
	least two years now -- plenty of time for an aggressive company to
	learn of their existence and write them a nasty legal letter.
    (5) Finally, AT&T has not (in my perception) been very aggressive about
	seeking out and prosecuting violators of their trade secrets.  In my
	experience, it is normal for your average Unix wizard to leave his or
	her job with tapes under the arm.  The last guy I worked with who had
	access, had tapes of V7, SIII, and BSD.  All illegal, to be sure, but
	nevertheless AT&T hasn't made much news suing those types.  Even former
	AT&T employees are among the violators.

Note that, under US trade secret law, all of the people responsible for letting
the cat out of the bag are liable for damages to AT&T.  However, anyone who
learned these secrets *from* those people can use them at will.  So, although
AT&T can sue a bunch of people for a bundle, the "secrets" are no longer
AT&T's property in the sense that anyone can be sued for using them.

If one accepts that Bell cannot successfully defend "trade secret" protection
on their binaries/public files, many of Henry's other comments become
irrelevant.

>Whether it is in the public domain in practice is another story.  Quite
>possibly one could argue that illicit access to Unix materials, including
>sources, is so common that AT&T cannot realistically claim that the
>stuff is secret any more.  The problem is, AT&T would fight such a
>contention tooth and nail, and being right is not comforting when you
>are facing a legal battle of that magnitude and expense.

This is true.  As Ed Gould pointed out, no wise person is going to volunteer
to be a test case.  But AT&T is in a bit of a bind here.  If they don't fight
AND WIN a test case pretty soon, the thing is going to be so open and shut
that even you and I could afford to fight them off.

DISCLAIMER:  As before, I am not a lawyer.  The legal opinions expressed
herein are gleaned from layman-oriented articles and are probably completely
bogus.  Trust them at your own risk.
-- 

	Geoff Kuenning
	...!ihnp4!trwrb!desint!geoff

More information about the Comp.unix.wizards mailing list