As the way we live and work has increasingly moved into virtual environments (I like to call it a legal metaverse), the boundaries between physical, digital, and biological worlds become blurrier by the day. Sensors lie within devices installed across every aspect of our home, office and mobile environments, connected from the edge of each of your devices to networks that are both local and cloud-based (with many in a foggy place between the two). The ensuing data traffic requires massive computing power for transfer, storage, analysis, and response. The migration to automated cloud computing power has further accelerated the deployment of containers across the public, private and hybrid cloud ecosystems for the transfer, storage, analysis, and response layers. Kubernetes and Docker have emerged as ubiquitous technologies to build, deploy and manage containerized applications using automation, and investors have noticed. Understanding the key legal issues will enable more successful client relationships for both vendors and customers, and inevitably growth and value creation.
A container is an executable unit of software that packages application code with the ancillary components needed to deploy in public, private, and hybrid clouds, enabling it to run on any IT infrastructure. We call it a “container” because it stands alone, away from the host operating systems. It has revolutionized how businesses build and scale their applications.
Kubernetes, developed and designed by engineers at Google, is an open-source container orchestration platform that automates many manual processes involved in managing and scaling containerized applications. One of the significant advantages of using Kubernetes is that it gives you the platform to schedule, manage and run containers on clusters of physical or virtual machines, also known as VMs.
Docker is an open source containerization platform that helps developers build, deploy and manage containers. While it is an open source project initially created in France, it moved to the United States and was acquired by Mirantis in 2019. It is backed by a vibrant developer community that shares containers across the Internet via a Docker Hub. Docker accomplishes orchestration tasks with its tool called Docker Swarm. While distinct technologies, Kubernetes and Docker are complementary and can work together to deliver computing power.
As the virtual world explodes with data, containers are the paradigm by which they are growing, and Kubernetes and Docker are the tools by which they are built, managed, deployed, and optimized.
The space has become an attractive and robust ground for investments and dealmaking. By way of example, according to CrunchBase News, San Jose, California-based Lacework, with a cloud security platform including securing workloads in Kubernetes, closed a $525 million round led by Sutter Hill Ventures and Altimeter Capital that values the company at more than $1 billion. IBM’s Red Hat acquired Mountain View, California-based StackRox, a Kubernetes-native security platform. Previously, the enterprise business of Docker was acquired by Mirantis.
For businesses that operate with data, managing the adjacent legal relationships will be essential. Is your vendor providing you with Software-as-a-Service product that will enable you to within your clusters of containers? Or is it a professional services firm moving clients to one or another cluster or orchestration platform? Or are they writing code to manage Kubernetes? What are the standards of quality that will be met? Who owns the code? Is there a license-back to re-use that same code or derivative code for other customer engagements? Or are you the vendor?
If you are a vendor and offer the intellectual property to clients, whether in software or code, you need to own it, license it, and have the right to sub-license it. If you are a software company, this starts by making sure that every employee or consultant signs an invention assignment agreement.
Whether you are the customer or you are the vendor operating with clusters, the data in the container must be protected and handled pursuant to applicable legal norms. While we used to worry only about the European Union’s General Data Protection Regulation (GDPR), there are even more intrusive regulations with teeth coming out of California, and even China. Compliance with data protection regulations is subject to audit, and in any investment or M&A process, a deep diligence dive. Failure to protect data will cause an investor or a buyer to disconnect from your zoom.
Kubernetes and Docker should continue to see interest from venture capital as well as strategic investors, since containers and virtualization technologies make a company’s applications and other assets more portable to other cloud services, not locking them into one provider and allowing an enterprise to choose between hybrid and hybrid public cloud options.
New technologies that monitor and understand what the data is saying are on the horizon. The next wave of cloud-orchestration platforms is here. Making sure that legal relationships are well defined will enable your company to benefit, thereby increasing both your business and your value.
This article originally published in IP Watchdog Oct 13, 2021. Reproduced with permission.