Earlier today, I published a story on eWEEK about Microsoft's apology to Plurk, a Taiwanese IT startup that produces a microblogging application. Microsoft had been developing its own microblogging application for the Chinese market, Juku, which apparently copied a chunk of Plurk's code. Plurk claims that some 80 percent of its client and product code base found its way into the MSN China product. Microsoft claims it was all the fault of a third-party vendor tasked with developing Juku.

"The vendor has now acknowledged that a portion of the code they provided was indeed copied," Microsoft said in a statement published on its Website on Dec. 15. "This was in clear violation of the vendor's contract with the MSN China joint venture, and equally inconsistent with Microsoft's policies respecting intellectual property."

In addition, Microsoft's statement said, corporate practice is to "include strong language in our contract that clearly states the company must provide work that does not infringe on the intellectual property rights of others."

Considering that this incident came a few weeks after Microsoft apologized for the improper incorporation of open-source code in its WUDT (Windows 7 USB/DVD Download Tool), it made me wonder: What sort of policy does Microsoft usually have in place for vetting its applications' code? I assumed there was some sort of procedure in place; after all, to not have some sort of backstop is to risk a hefty lawsuit or payout. (Just ask Plurk; I'm sure its giant check is already in the mail.)

So I asked Microsoft. And as I described in my original article, instead of receiving an answer about what Redmond does to secure its code, I received ... nothing.

"Unfortunately, we do not have any further information to share at this time beyond what we have available online at PressPass," a Microsoft spokesperson told eWEEK. "I apologize for any inconvenience this may cause you."

Wonderful.

In lieu of any information from Microsoft, I asked my eWEEK colleague Darryl Taft, who has ably covered the developer space for longer than I've been able to grow a beard, what he knew about any Microsoft internal code-vetting procedures. He told me:

"I know that when the code in question is clearly open source code they tend to use tools like Black Duck (which was founded by a former MS exec) or Palamida ... to vet the code. But for plain old code, I am not aware of any uniform standard they might use other than something like Black Duck. Because Black Duck has a component called Protex that helps resolve IP issues by identifying potential license conflicts, it's supposed to work for third party software as well as open source stuff."

That may indeed be the case--I'm trying to approach third parties for confirmation. In Microsoft's Plurk apology, it hinted that Microsoft's own code-vetting procedures for work by third-party developers are currently under review. This seems a wise course of action; it may be all well and good to make developers sign a contract with "strong language" saying their work must indeed be their own--but with two code-plagiarism incidents in as many months, it doesn't seem to quite be doing the trick.