Indian IT’s confidence in its delivery discipline is being tested as TCS faces a major setback in a trade secrets lawsuit, and a fresh patent suit in the US, while Wipro has been named in a new patent-infringement case overseas.
The developments are prompting the industry to reassess whether its governance, engineering culture and compliance frameworks can keep pace with the far stricter intellectual-property expectations of global clients, especially as firms move deeper into platforms, products and proprietary AI systems where IP boundaries are tighter and scrutiny is sharper.
Technology leaders, engineering heads and legal experts say the sector has matured, but gaps remain, particularly, as companies move deeper into platform and product development, where IP boundaries are far tighter than in traditional services.
Ritesh Gupta, CTO of Happiest Minds Technologies, said Indian IT providers have grown significantly more mature in safeguarding client IP as they build products and platforms, driven by stricter client expectations, tighter contracts and heightened IP sensitivity in global technology deals. Happiest Minds Technologies defines itself as “a mindful IT company,” that enables digital transformation for enterprises and technology providers.
According to Gupta, tier-1 firms already operate with strong contractual frameworks, secure development processes and clear IP-ownership governance, and mid-sized firms are rapidly catching up.
At Happiest Minds, he said the company follows rigorous legal vetting of client contracts, secured and isolated development environments, role-based access, regular audits and strict mechanisms for open-source scanning and SBOM management.
Gupta said that engineers receive specific training on IP protection, and that the firm restricts public generative AI tools, while maintaining meticulous code tracing to avoid contamination.
He acknowledged that the industry still struggles with challenges such as unintentional code reuse, weak open-source license governance and risks introduced by generative AI. The services mindset is evolving with the discipline required for product development, he noted.
Gupta said the company’s approach embeds compliance directly into engineering processes, so speed never compromises client IP. He argued that the entire industry needs stronger governance, automated compliance tooling, better awareness and a more IP-conscious culture to prevent violations.
Debashis Singh, chief information officer at Persistent Systems, said the industry’s shift from traditional IT to modern platform engineering has demanded a new level of rigour, as legacy architectures built for stability offer little flexibility and often carry institutional knowledge known only to a few.
He observed that the cloud era introduced open, modular architectures and automation that radically compressed delivery timelines, placing modern engineering at the intersection of speed and discipline.
Singh said Persistent maintains strict access limits and clear IP boundaries through zero-trust frameworks, secure private environments and enterprise-grade AI models that ensure no customer environment is used to train AI systems.
He acknowledged that teams historically struggled to understand undocumented legacy systems, but argued that generative AI and intelligent platforms, such as Persistent’s SASVA, now accelerate reverse engineering and documentation, transforming what was once a slow, opaque process.
According to him, 70–80% of legacy understanding can now be automated, though the final 20–30% still requires human expertise.
He cautioned that reliance on reverse engineering introduces risks such as misinterpreted logic or inadvertent IP exposure, which Persistent mitigates through structured governance, DevOps-led automation and strong knowledge management.
Singh said adherence to IP rules ultimately depends on user awareness, ethical AI guardrails, continuous improvement and embedding compliance into everyday engineering, enabling delivery at speed without compromising legal boundaries.
Priyanka S Kulkarni, a senior legal advisor specialising in IP, said the Indian IT industry broadly recognises the legal risk of exceeding authorised access, especially under US and international regulations. But, it must remain vigilant in documenting permissions, monitoring access and ensuring employees understand the exact boundaries of their authorisations, she added.
She noted that while most vendor–client contracts contain confidentiality clauses, many lack precise definitions of permissible access during modernisation or integration work, creating potential exposure around trade secrets and IP ownership.
According to her, blind spots commonly include overly broad internal access, unclear ownership of accelerators and derivative works, weak exit protocols, and scenarios where multiple vendors share overlapping environments.
She said firms should rely on strict role-based access controls, immutable logs, automated alerts, periodic audits and clear revocation processes to create defensible evidence of compliance.
As companies shift from services to platforms and productised offerings, Kulkarni argued that they must adopt more structured IP frameworks covering background and foreground IP, residual rights, co-developed assets and licensing boundaries, backed by robust data-governance, liability and indemnity clauses. She said the platform era demands far tighter legal, contractual and compliance scaffolding than the traditional services model.
The post Legal Heat on TCS, Wipro Prompts Wider IP Rethink in Indian IT appeared first on Analytics India Magazine.
