Is it legal to reverse engineer certain features of a closed source application and then integrate those features into a closed or open source application that may be either a commercial or non-commercial application ?
Brownie points for an answer covering the situation in India.
The short answer is no for the purposes you've stated in your question, but keep reading to see exactly what is allowed. Also worth reading are the two links included herein.
In the U.S., Section 103(f) of the Digital Millennium Copyright Act (DMCA) (17 USC § 1201 (f) - Reverse Engineering) specifically states that it is legal to reverse engineer and circumvent the protection to achieve interoperability between computer programs (such as information transfer between applications). Interoperability is defined in paragraph 4 of Section 103(f).
It is also often lawful to reverse-engineer an artifact or process as long as it is obtained legitimately. If the software is patented, it doesn't necessarily need to be reverse-engineered, as patents require a public disclosure of invention. It should be mentioned that, just because a piece of software is patented, that does not mean the entire thing is patented; there may be parts that remain undisclosed.
Also of note is that in the U.S. most End-User License Agreements (EULAs) specifically prohibit reverse-engineering. Courts have found such contractual prohibitions to override the copyright law which expressly permits it (Bowers v. Baystate Technologies, 320 F.3d 1317 (Fed. Cir. 2003)).
In other words, for your purposes, it sounds like it would be illegal to integrate features from a reverse-engineered program into another program for commercial or non-commercial use. If you were trying to enable interoperability (again, see Section 103(f), noted above), that would be different.
From what I can find, the direct reverse engineering of software, in whole or in part, for use in your own software for commercial use, is protected under copyright. The protected reasons for reverse engineering are similar to those in the United States. According to the article Trade Secret, Contract and Reverse Engineering (also note end note 5), the copyright act broadly protects actions (including reverse engineering) for the following purposes:
Additionally, due to section 23 of the Indian Contract Act, which handles all contracts including License Agreements, a contract is declared void if it goes against public policy. Section 52 of the Copyright Act declares public policy concerning reverse engineering, which is that it is permitted in a limited way. A contract (or EULA), prohibiting reverse engineering in software to the extent permitted by the Copyright Act, may not stand in a court of law.
Section 52, subsections (aa) through (ad) of the Copyright Act explain these protected acts (see Indian Copyright Act 1957, page 33, along with section 18 of these revisions from 2012). Another source (though possibly a bit outdated) is Software Patent and Copyright Laws in India (a paper) with its footnotes.
Article 6 of the 1991 EU Computer Programs Directive allows reverse engineering for the purposes of interoperability, but prohibits it for the purposes of creating a competing product, and also prohibits the public release of information obtained through reverse engineering of software (source).
That makes the answer NO, at least for the EU (you didn't state the country to which your question applies).
I still maintain that the question is too open-ended as it stands.
I think RCE always includes the aspect of ethics. Just like a nuclear scientist possesses a wealth of specialized information that can be used for good and bad, so does the reverse engineer.
Strictly speaking implementing a feature is fishy. Very fishy indeed. ReactOS would be a good example of how to deal with that situation. The method is called "clean room reverse engineering". Even more fishy would be to re-implement something based on the implementation details but without the clean room approach.
Roughly the point here is that one party looks at the original implementation and code (the reverse engineer). S/he documents the implementation details. As you can imagine this may be important in cases such as ReactOS which strives for binary compatibility. If you read the book "The Old New Thing" by Raymond Chen you will understand immediately what I mean.
Another party (the developer, so to speak - important point is that those parties are indeed different individuals, I think schizophrenia doesn't count, though) then uses that documentation of the implementation details and re-implements it. Now, IANAL, but given ReactOS which thrives on contributions of developers from all over the world hasn't been sued to nirvana, so I suspect this is legally alright. Whether you or others deem it ethical is another thing.
... what I don't understand from your question: why re-implement something that exists in proprietary form? Sure, to provide interoperability (say OOo reading the MS Office formats) this makes sense. But overall isn't it smarter to use ideas from the existing application and implement these? Probably extending them and surpassing the existing function in features and functionality?
The problem with ideas is that there are countries with software patents and the big players are lobbying heavily even in jurisdictions such as the EU to get legislation passed to allow software patents openly. For now they only exist in niches of existing legislation and due to the fact that the officials of the EPO (and national POs) aren't necessarily the most knowledgeable in new technologies.
You should be on the safe side with interoperability for the most part, even with FLOSS, again drawing from the de facto state where projects such as OpenOffice.org and LibreOffice weren't sued to nirvana either. The same holds for Samba, where Microsoft even invited developers of the project to talk to the Microsoft developers.
Your best course of action will be to seek legal advice in your country. It doesn't mean that this applies to other jurisdictions as well, but it will give you a start.
Although the EU directive mentioned by Remko exists, in Germany the copyright holders have pushed through quite extensive changes to the "Urheberrecht" (abbrev: UrhG), which isn't quite identical with copyright from countries whose legislation is based on Common Law (notably the USA). These changes also resulted in the addition of so so called "Hackerparagraph" in the penal code (§ 202c, StGB).
That paragraph stipulates (free form translation of the Legalese, original text in the above linked Wikipedia article):
This is the most important part and you can see why Germans take "pride" in the body of judicial literature which allegedly surpasses the amounts of literature to be found in the biggest libraries.
Anyway, the problem should be obvious and if it isn't I shall duly point it out. The problem is that there is no definition in the law what comprises such tool. Is IDA Pro such a tool? What about OllyDbg? What about WinDbg? What about GDB or Immunity Debugger? What about Metasploit? There are literally so many possibilities for violating that law that organizations such as the CCC and its members and sympathizers have criticized it many times over. To no avail.
TL;DR: in Germany this is an even more slippery slope. It even resulted in cases where books became virtually useless in the German edition because the author is liable under the Hackerparagraph.
I think questions beginning with the clause "Is it legal to..." can only ever be correctly answered with certainty in a court of law. And as @0xC0000022L mentioned, you'd need to start by specifying which country you're asking about.
Short of going to court, I think such questions can only ever be answered correctly with the phrase, "It depends."
From the other answers, it seems well-known within this community that reverse engineering something is very closely connected to both copyright law and the Computer Fraud and Abuse Act, both of which (as the links attest) are hotly contested right now in the US.
Harvard Law School has recently published a massively open online course on copyright. The professor published a book on copyright reform in 2004. He also started Noank Media, Inc. in 2007 to try and implement one of the ideas in his book in China. Although his MOOC lectures and readings are all available globally, I'm taking this course through edX right now, and even with the benefit of several law students to help answer questions, there's still a tremendous amount of information and ambiguity to consider (even limiting the scope of my answer here to copyright and not dealing with the CFAA). As @JMcAfreak wrote, the DMCA also applies, and my guess is that there are several other laws that could also potentially apply to your question in the US.
What I've learned after 8 weeks in this course is that you'd need to spend at least 12 weeks reading case law before really being able to answer the question you pose here. And as Aaron Swartz discovered, the stakes are incredibly high, and computer programmers and reverse engineers (who may routinely do some—potentially illegal—act thousands or millions of times through the use of a computer program) are especially vulnerable to multiple counts of illegal acts where the penalties add up very quickly.
If you're considering doing something that makes you ask the question, then you also need to consider who might be most motivated to pursue you for illegal activity as a result, and if that's a wealthy individual or business entity, then you probably shouldn't risk it. If Shepard Fairey had used a reference photograph for his Obama HOPE poster owned by an entity less affluent than the Associated Press, then I'm sure that situation would have ended very differently for him.
