Avoiding a Hostage Crisis with a Contractor

You on Contractors

Disclosure: None of the following should be considered legal advice. You should consult an attorney for any and all legal matters

If you’re new here, I’d recommend that you start here and read about why I’m sharing all of my learnings on building technology products.

If you’re not familiar with the concept of source code and how it’s managed for a project, please read “How Source Code Control Works” before you continue here.

Hostage Crisis

I’ve seen enough relationships with contractors go south in the last couple of years that I could probably write about this topic alone for the next six months. There are a lot of bad actors out there, and you need to be aware of how to protect your intellectual property at all times.

I recently ran across a company that does contract development work for startups. As a part of the contract, the company stipulated that they would grant access to the source code only at prescribed payment / development milestones, and that they would have the right to withhold final delivery until any and all payments were made. The implication is that the contractor has some claim on the created work. Let me say this clearly:

Never ever EVER sign a contract with anyone that gives them any rights to withhold access to the created work product. Payment for services is separate and distinct from ownership of the idea and work product. You must treat them as separate concepts in any contract.

Here’s three simple rules to follow to protect access to your intellectual property throughout the life of your contract relationship.

How to Not Get Held Hostage

  1. Source code is always managed on a source code repository that you control. Regardless of what a contractor may tell you about the convenience or speed of development by using their tools, you MUST ALWAYS control all access to your code. The reasons for this are probably obvious, but in the event that the relationship hits bumps along the way, you might need to change the locks, as it were, and revoke access.
  2. There should be no other copies of your source code, except for developer machines, anywhere else. Contractors should not create other repositories where they manage daily activity, and then check in to your repository at wider intervals. Your repository is the one and only repository. All work product goes here. Period.
  3. Ideally all facets of the management of development take place in a system that you control. Github has a very simple task management system that’s perfect for a project that’s just getting started, or you can use something like Trello if you want.  Don’t use the contractor’s tools because, again, in the event that you need all of that history, you may not have access to it in the future.

You’ll may run into some headwinds by mandating the above rules. You might here disagreements like:

  • “We can use your repositories but it will add cost to the project”
  • “Our team runs best when they use the tools we use for all of our other clients”

These are valid points. However, this is about your project, not the other projects they’re working on. Don’t budge. Contractors align with you, not the other way around, and it’s best to clearly set expectations from the beginning.

If they insist on doing things their way, they’re simply not the right company for you.

Wrapping Up

Just remember:

  • The work product that a contractor creates is YOURS. It’s not yours at milestones, it’s not yours based on payment. Payment for services is separate from ownership and control
  • Define ahead of time how your project will be managed. Create your own repositories and use a management tool for which you control all access
  • Acknowledge that it may take a bit more effort for a contractor to work on your terms, but insist on it none-the-less.

Your Assignment

  • If you’re project is already underway with a contractor, review your contract immediately and see if there is language that allows them to withhold access to any work product. If you’re not sure, ask your attorney.
  • In addition, if the project is not being managed in a source code repository you control, immediately create an account on Github or Bitbucket and make the team move all work to your repository. If there’s pain and additional cost to switch, it’s still worth it. Do it. Now!
  • If you’ve not yet started, create your account on Github or Bitbucket immediately and set the expectations with any contracting firm up front. Here’s some talking points:
    • “I’ve created an account on Github and we’ll be managing all source code for the project there. Is that an issue for your firm?”
    • “What do you use for managing the project? I’d like to use <your tool here, like Github or Trello>. Is that an issue for your firm?”