Non-Commercial Computer Software Rights and Government Misconceptions About What It Buys

by PilieroMazza PLLC

PilieroMazza PLLC

This article is the third installment in a series on Data Rights in Federal Contracts. We first wrote about what data rights were; then about technical data and how to protect it; and now we will discuss ownership, license rights, and the protection of rights in non-commercial computer software. Because non-commercial computer software is treated like non-commercial data under the FAR (a topic discussed at length in the prior installment of this series), we will focus now on how non-commercial software is treated under the DFARS. That said, the general principles discussed herein also apply to software under the FAR so contractors working for civilian agencies should take note as well.

First, “computer software” is defined as “computer programs, source code, source code listings, object code listings, design details, algorithms, processes, flow charts, formulae, and related material that would enable the software to be reproduced, recreated, or recompiled.”  See DFARS 252.227-7014(a)(4). And the definition does not include computer databases or computer software documentation—those are treated somewhat differently. For such computer software to be non-commercial it must not (1) have been sold, leased, or licensed to the public; (2) offered to the public for such purposes; (3) be available for commercial sale, lease, or license in time to satisfy the contract requirements; or (4) satisfy any of the elements in 1-3 above and require only minor modification to meet the government’s requirements. If you do not meet these requirements or the definition of “computer software,” the Intellectual Property (“IP”) related to the items you produce would fall under separate FAR or DFARS clauses.

Second, as a general rule, it is critical to note that the government should never take ownership or attempt to take ownership over any IP, including non-commercial computer software. I have seen a number of procurements where the government states something like: “because this software is non-commercial software developed solely with funds under this contract, pursuant to DFARS 252.227-7014, such software is owned by the government.” This assertion, however, is patently false. Neither DFARS 252.227-7014, nor the similar FAR provisions, grant title to non-computer software, or any IP for that matter, to the government, regardless of whether the government paid for the software or its development. Instead, the title/ownership rights to the non-commercial software remains squarely in the hands of the contractor who developed the software. The government only gains certain license rights to use the software. This is similar to when a consumer buys Microsoft Word or Adobe Photoshop, that consumer does not own the Microsoft or Adobe code, it merely purchases a license to use the software according to the terms of the software license given, i.e., the text that pops up when you install software and you accept but you never actually read.

Like any consumer, the government can use the software in various ways depending on the license it is given based upon the requirements of the FAR and DFARS, but the applicable regulations do not provide any mechanism for the government to take actual ownership. This is due to the long-standing public policy that the government ownership of IP keeps that IP out of the broader economy and is a waste of resources that could otherwise be used to both grow the gross domestic product of the country, as well as lead to other advances that would be squandered if title rested with the government itself.

When it comes to the types of rights the government can be given for non-commercial computer software, generally they fall into three categories: (1) unlimited rights; (2) government purpose rights; and (3) restricted rights. The way each of these rights is assigned and the implications are the same as we discussed in the last installment of our Data Rights in Federal Contracts series. However, take note that, for computer software, “restricted rights” are generally the same as “limited rights” when it comes to technical data. Thus, all of what was discussed under “limited rights” in the last installment applies here to “restricted rights” software. The difference in regard to all of these license rights is that, instead of using the technical data legends, contractors developing software would have to use the legends found in DFARS 252.227-7014 in order to assert any restriction on the government’s rights. The failure to use the proper legend can lead to a waiver of rights and grant the government unlimited rights in your software, even if developed entirely at private expense. Thus, the contractor could inadvertently give the government a right to provide source code developed by a contractor at their own expense to another contractor who could then compete for work using that same code. Clearly, that would be a horribly inequitable result but one that could occur under the plain language of the DFARS. While the CO can allow a contractor to correct a non-conforming legend—say if the FAR legend is used on a DOD contract instead of the DFARS legend—the CO is not required to allow such a correction. Thus, it is important to get the legend right the first time.

For computer software, we recommend putting that legend in numerous places to ensure there is no question as to what items the contractor is asserting a restriction of the government’s rights. The key places for the legend would be on any physical media you deliver to the government, within any End User License Agreement pop-up language used in the software, and within the source code itself. This is especially important if parts of the code were developed at private expense while other parts were developed purely at government expense under the current contract. In those cases, you could restrict the government’s rights to use the portions of the source code that you developed at private expense and, in so doing, perhaps end up restricting the government entirely as the fully-integrated software likely relies upon the restricted rights elements to function. So, always remember that software restrictions can be placed on source code at the lowest practicable level of usability. Therefore, if you have code that was developed at private expense and can function independently, but the government is asking for you to add modules and the like, you can restrict that initial software element.

Lastly, you should always look carefully at the specific terms and clauses put in your contracts. Many times the DOD will include a requirement that the offeror, in its proposal, designate the specific items in which it plans to assert restricted rights or government purpose rights and that, if the items are not listed in the proposal, then the ability to restrict the rights to certain items can be waived. While the government can allow you to assert rights after award, they do not have to do so, especially if the government asserts that the assertion of rights would alter the award determination or where it would otherwise prejudice the government. Because of this, it is always a best practice to identify each item and to assert rights in the proposal itself to avoid conflicts and possible terminations for default.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© PilieroMazza PLLC | Attorney Advertising

Written by:

PilieroMazza PLLC

PilieroMazza PLLC on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.