Skip Ribbon Commands
Skip to main content

Outsourcing to China?

19/08/2010

The China Sourcing Summit 2010, organised by Technology Partners International, together with the Ministry of Commerce, brought together multinationals and Chinese service providers to explore the global outsourcing market and to showcase the Chinese outsourcing industry. Mallesons Stephen Jaques was one of only three global law firms invited to present at the Summit on legal issues relating to outsourcing to China.

This paper outlines the results of a short survey of our clients about their attitudes towards outsourcing to China, which was undertaken in preparation for participating on the Summit panel. It also discusses some of the key legal issues which need to be considered in relation to any such outsourcing.

Survey of Australian companies on outsourcing to China

We surveyed a number of our Australian clients in preparation for the China Sourcing Summit. We had responses from 24 separate organisations, and from a variety of respondents within those organisations (including legal counsel, CIOs and IT, sourcing and procurement managers).

The survey results clearly indicate that outsourcing to China is on the horizon, with half of the respondents indicating that they would consider outsourcing to China in the next two to five years. It was surprising to see that a number of respondents already outsource business functions to China.

Key findings of the survey

Respondents considered China to have significant challenges to outsourcing; more significant than some other Asian countries such as the Philippines, India and Malaysia.

  • Of the 24 respondents, two had already outsourced to China.

  • Of the 24 respondents, 50 per cent said they would consider outsourcing to China in the future, most of them in the next two to five years. Conversely, the other respondents said that they would not consider outsourcing to China at all.

  • The areas most likely to be considered for outsourcing to China were Application Development & Maintenance and Data Entry & Database Maintenance.

  • Respondents saw the key benefits of outsourcing to China as the labour rates, size of the workforce and skill of the workforce.

  • IP protection, privacy and data security were considered to be major barriers to outsourcing.

IP laws in China

China’s IP laws are comparable to those in many western countries. Since joining the WTO, China has amended its IP laws to be consistent with the requirements of the WTO agreement on Trade Related Aspects of Intellectual Property Rights (TRIPs). However, while the legal framework for the protection of IP in China is generally considered to be adequate, the key issue for business is currently the enforcement of IP rights in China, particularly in relation to piracy and counterfeit products.

When considering outsourcing to China, it is important to put the IP issues in the context of the type of outsourcing being undertaken. The IP issues which need to be dealt with in an application development and maintenance outsourcing will be different to those in a data entry or data processing outsourcing. They will also be quite different to those facing businesses which are threatened by counterfeit or pirated products.

Top IP tips

So, what do you need to know about IP in China if you are outsourcing?

  • Make sure that you have an express written assignment of copyright in any software or other copyright works created by the outsourcer. This is because in China, as in Australia, copyright in a work generally vests in the author of the work (and, in the case of an employee engaged in software development, in the employer of that person). As China is now a party to the Berne Convention, copyright in works created in China are protected globally.

  • Include further assurances clauses in your outsourcing agreement to ensure that your assignment of copyright can be perfected if necessary. There are procedural requirements which need to be met in relation to copyright assignments under the Chinese Copyright Law.

  • If you need to enforce your software rights in China, consider registering your software copyright with the National Copyright Administration. Registration is prima facie evidence of title, but needs to be balanced against the requirement for some of the source code to also be filed with the NCA.

  • Do your due diligence into your proposed outsourcer. Look at their development methodologies, their record keeping, turnover rates, security systems, and compliance culture.

  • Think about the extent to which you need to provide key proprietary software to the outsourcer, particularly if it is a source of competitive advantage.

  • Investigate the third party software licensing issues involved in the outsourcing. Will you transfer your licences to the outsourcer? Can you transfer them at no cost, and can you get them retransferred back to you at the end of the outsourcing? Do your licences allow you to permit the outsourcer to enter data directly into your systems via a Citrix server?

Privacy

Unlike the EU and Australia, China does not have any comprehensive privacy laws. There are various pieces of legislation or regulation which indirectly touch on the protection of privacy, some of which are in Article 40 of the Constitution of the PRC, in the PRC Tort Liability Law and in the Criminal Laws.

However, the critical privacy issue in relation to any outsourcing to China is not the status of privacy laws in China. When looking at outsourcing to China, the key questions which need to be answered are whether or not the outsourcing involves the transfer of personal information out of the country and into China, and, if so, whether or not there are any laws which restrict or prohibit the transfer of that personal information, or make the transfer subject to compliance with particular requirements.

In Australia, the National Privacy Principles (NPPs) in Schedule 1 of the Privacy Act prohibit the exportation of personal information outside Australia unless certain exceptions apply. Such exceptions include situations where the country has privacy legislation which is comparable to the Privacy Act, or where the person to whom the personal information is provided to has agreed to comply with the NPPs.

In practice it is difficult to determine whether or not another country has privacy legislation which is comparable to the Privacy Act. As a result, all companies which engage in offshoring inevitably rely on the contractual promise by the outsourcer to comply with the NPPs.

Bear in mind that the transfer or disclosure of personal information offshore will be impacted by the recently released Federal Government’s proposed Australian Privacy Principles. In particular, the new principles would make a company which discloses personal information offshore liable to individuals should the offshore outsourcer fail to comply with the NPPs in respect of any personal information provided to it.

Top privacy tips

  • Make sure your contract with the outsourcer contains a promise to comply with the NPPs and an indemnity for any breach.

  • Minimise the amount of personal information transferred or disclosed overseas.

  • Protect personal information by the same sort of mechanisms which you use to protect confidential information or trade secrets, including:

  • restricting access on a “need to know” basis;

  • the implementation of typical IT security measures including password controls, password control security, audit logs of access, and restrictions on the ability to copy and extract data;

  • encryption (if appropriate);

  • individual confidentiality agreements with employees of the outsourcer; and

  • training, audit and compliance.

Data security

China has no data security laws as such. There are laws which protect “trade secrets”, and there are tort liability laws, none of which directly protect data. There is also a provision of the Chinese Criminal Law which makes it a criminal offence for employees of government institutions or organisations in certain sectors (e.g. financial, telecommunications or transport sectors) to sell or unlawfully provide personal data, but this only relates to personal data belonging to citizens of the PRC, not foreigners.

The protection of data security in China, like the protection of privacy, therefore relies on having the appropriate contractual provisions with the Chinese service provider, and being able to enforce those contractual provisions.

Enforcement of contracts in China

In the World Bank’s Doing Business 2008 survey, China ranked 20th out of 178 economies in enforcement of contracts. Of course, there are challenges, and sometimes there are unofficial methods of enforcement which can assist. Local government agencies can sometimes be prevailed upon to assist (the bureau of commerce helped us by chairing settlement negotiations). Sometimes using the various chambers of commerce and embassy contacts can also assist.

Top tips for enforcement

  • You should consider dispute resolution clauses carefully and at the outset, rather than at the end of negotiations.

  • For most foreign related contracts, it is not mandatory to use Chinese law, so you can choose the law you are most familiar with.

  • Consider the criminal law if applicable, e.g. theft (Article 264 of the Criminal Law), appropriation of another’s property and a personal suit against the individual legal representative of the Chinese company.

  • In China, mediation or expert determination often has the effect of delaying proceedings.

  • Judgments of a foreign court are generally not enforceable in China. Therefore, the only circumstances in which you should consider enforcing your outsourcing agreement in court is if the Chinese party has foreign assets outside of China which you can enforce against, or if you are enforcing in a country that has mutual enforcement arrangements with China (very few do, but Hong Kong does).

  • You should choose arbitration to resolve disputes. Arbitral awards are enforceable in China under the New York Convention. A local court is only entitled to refuse to enforce the arbitral award if there is some sort of procedural breach (e.g. if there is no written arbitration clause or agreement to arbitrate, or if the arbitration procedure did not comply with the arbitration rules) or if the enforcement of the award would contradict the public interest.

  • You should have an express arbitration clause in your agreement.

  • Be aware that in practice, local courts can simply remain silent and do nothing in terms of enforcing the award.

Disclaimer

Mallesons Stephen Jaques is licensed in China as a foreign law firm and, as is the case for all international law firms, we are not authorised to issue legal opinions on matters of Chinese law. We are, however, authorised to provide information concerning the effect of the Chinese legal environment on our clients’ business activities in China, and the above comments represent our best understanding of the same in relation to the subject matter of this Alert.

Who does this affect?
Any organisation considering outsourcing to China.
What do you need to do?
Think carefully about what you're proposing to outsource to China, the IP and data to be made available to the service provider and the risks to your business and customers. The risk assessment should consider the compliance culture of the organisation you are outsourcing to and the enforcement mechanisms available should something go wrong.
 

 Author(s)

 
 

 Key contact(s)

 
 

 Local Contact(s)

 
followTwitter.png followTwitter.pngfollowTwitter.png