A whistle stop tour on copyright, trade marks, design rights, patents, website compliance, data security and putting your data in the cloud, presented by IP lawyer Brian Miller, Solicitor.
Handwritten Text Recognition for manuscripts and early printed texts
How to Prevent Your Organisation’s IP from Being Stolen by Brian Miller Solicitor
1. 1
How to Prevent Your
Organisation’s IP from Being
Stolen
Brian Miller
Senior Associate
IP, IT & Commercial
Stone King LLP
2. 2
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
COPYRIGHT
What Is Copyright?
Definition
• Subsistence
– Literary (includes computer programs)
– dramatic,
– musical and
– artistic works
• no copyright in idea
3. 3
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
How Do I Protect It?
– Unlike trade marks, cannot register copyright
– make sure you
• save a copy
• do not amend
• back it up
• lock safely away or encrypt
COPYRIGHT
5. 5
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
COPYRIGHT
What Happens if Someone Copies My Work?
– Be sure that it is your work that has been
copied
Has the “Copy Test” Been Satisfied?
– Must be “substantial”
– General rule of thumb: >50%
– If satisfied, do not delay
6. 6
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
COPYRIGHT
How Long Does It Last?
• original literary, dramatic, musical and artistic
works)
– life of the author plus 70 years
– computer-generated works: 50 years
• films: life of principal director plus 70 years
• Broadcasts: 50 years
• Sound recordings: 50 years
• Typographical arrangements: 25 years
7. 7
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
Why Register?
• Cannot easily protect a name
• Preventing infringements costly without
• Protected from the date of registration
• No need to prove reputation
• Protection nationwide
NB. groundless threats
8. 8
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
How Do I Register?
• Easy application process
• Supply name and/or mark to IPO
• Work out “classes”
• £200 per mark plus £50 per class
9. 9
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
How Long Does It Take?
• 4 weeks before advertisement
• 8 weeks for opposition
• 4 weeks for final processing
• Total time: 4 months from receipt of application
10. 10
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
What Does It Protect?
• Name and logo
• In classes for which registered
Where?
• United Kingdom only
• If EU or overseas protection required, register:
– EU trade mark (EEA protection)
– international mark (Madrid Protocol); or
– individual mark in the countries of concern
11. 11
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
How Do I Protect My Mark After Registration?
• Fundamentally need do nothing (other than renew)
• ™ during application, ® after
• if mark used or copied, do not delay
12. 12
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
TRADE MARKS
How Long Does It Last?
• Ten years
• Can renew indefinitely
• “Use or lose”
13. 13
DESIGNS: DESIGN RIGHTS
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
• Process and reasons for registering similar to TMs
• For registration to be valid, design must:
– be new
– have individual character
• Period of protection:
– five years
– Renewable for up to twenty-five years
• Unregistered designs similar to copyright
14. 14
INVENTIONS: PATENTS
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
• Process and reasons for registering similar
• detailed specification must be:
– watertight
– reveal process of production
– capable of registration:
• new
• have an inventive step: not obvious
• capable of being used in industry
• not on a list of excluded items
15. 15
INVENTIONS: PATENTS
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
– software generally not patentable in UK and EU
• must renew it every year after the 5th year for up to 20
years protection
• Fees vary (generally much more expensive)
16. 16
WEBSITES, DOMAIN NAMES & HOSTING
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
WEBSITES
How Do I Know If I Own the Code In My Website?
• Commissioning Developers
• Ensure contract watertight on copyright
• In absence of agreement, copyright vests in the developer!
• Employees
• CDPA, s.11(2): employer is first owner BUT
• Must be ‘in course of employment’
• Is it the developer’s work?
• Possession is 9/10ths…
Make sure these rights are in the contract..
17. 17
WEBSITES, DOMAIN NAMES & HOSTING
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
DOMAIN NAMES
How Do I Know If Own My Domain Name?
• Ensure your organisation is the registered owner of the
domain (check on WHOIS, eg. www.123-
reg.co.uk/domain-names/)
• registrations in employee’s name to be avoided
• Don’t forget to keep tabs on renewal
18. 18
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
Whois record for nspcc.org.uk
Domain name:
nspcc.org.uk
Registrant:
NSPCC
Registrant type:
UK Registered Charity, (Charity number: 216401)
Registrant's address:
NSPCC
42 Curtain Road
London
EC2A 3NH
United Kingdom
Registrar:
Webfusion Ltd t/a 123-reg [Tag = 123-REG]
URL: http://www.123-reg.co.uk
Relevant dates:
Registered on: before Aug-1996
Expiry date: 11-May-2013
Last updated: 08-Jun-2011
19. 19
WEBSITES, DOMAIN NAMES & HOSTING
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
DOMAIN NAMES
What’s to Stop Someone Registering A Similar Name?
• nothing!
• buy identical domains for generic and TLD domains
• if cybersquatter appears, complain to registrar
• allowing cybersquatters can result in
– damage to brand
– theft of business or donations
• register a trade mark relating to domain name
20. 20
WEBSITES, DOMAIN NAMES & HOSTING
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
DOMAIN NAMES
How Do I Know My Domain Name Does Not Infringe
Another’s?
• Carry out checks (Google)
• Check Trade Marks Register and Trade Marks Journal
• Look on Companies House for similar company names
• Use a specialised agent if concerned
21. 21
WEBSITES, DOMAIN NAMES & HOSTING
ENSURING YOUR ORGANISATION'S IP IS
PROPERLY PROTECTED
HOSTING
How Do I Know I Control My Hosting Account?
• unless account in organisation’s name, you don’t
• developers often prefer to use own hosting
• agree in contract that:
– account in organisation’s name; or
– full access to be given, both during and after term
– developer to transfer all digital assets/code upon
termination
22. 22
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Domain Name
• Check name not infringing a third party’s rights
Make Sure You Own Your Content
• no good paying for someone else’s content
• ensure adequate warranties regarding ownership
• extracts from other sites an infringement unless “fair dealing”
• “thumbnails” of another’s photos will infringe copyright
• lifting standard terms will infringe copyright
• defamatory statements can create liability
23. 23
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Disability Discrimination
Equality Act 2010
• website owners, broadcasters and services providers
• duty to ensure sites and services are user-friendly
• applies to visual impairment and other disabilities
• no clear guidelines as to what “accessible” means…
24. 24
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Disability Discrimination
Guidelines issued by World Wide Web Consortium (W3C):
• ensure information in colour available without
• have a button to increase size of text
• ensure background/foreground colours contrasted
• compatibility with text reading software
• for every non-text element, text-equivalent version
• can turn off blinking, updating, scrolling, moving objects
25. 25
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Display of Mandatory Information
Electronic Commerce (EC Directive) Regulations 2000:
• full name and address of site owner
• email and other contact details (‘contact form’ not sufficient)
• company registration number and registered charity number
• if subject to an authorisation scheme, particulars
• VAT number (even if the website is not being used for e-
commerce transactions)
26. 26
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Privacy Policy/Notice
Data Protection Act requires data to be processed “fairly”
Not processed fairly unless data subject knows
• identity of processor
• purpose(s) for which information will be processed
• any further information necessary to enable fair processing, eg.
– how the data will be used
– to whom the information will be transmitted
– whether the information is likely to leave the EEA
– means of gathering information, including use of cookies
Displaying a privacy notice obvious way to satisfy these legal requirements.
27. 27
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Privacy Policy/Notice
"Sensitive (personal) data" (e.g. about a person's health)
– must only be collected if explicit consent obtained
– statement all subjects have right to see information
– opt-out box providing an opportunity to refuse
28. 28
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Cookies
Website operator must not
• store or gain access to information
• stored in the computer of user unless user
– “provided with clear and comprehensive information…
– about the purposes of the storage of, or access to,
that information” and
– “has given his or her consent”*
* Privacy and Electronic Communications (EC Directive) (Amendment) Regs 2011
29. 29
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
So How Do I Obtain a Valid Consent?
• ‘pop-ups’ one method
• referring to a Privacy Policy not ideal
• see ICO’s guidance notes for technical detail (or look at
its Privacy Notice)
30. 30
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
So How Do I Obtain A Valid Consent?
31. 31
ALL WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Terms and Conditions of Use
• advisable if any degree of interactivity possible by user
• ensure applicable law stated
32. 32
E-COMMERCE WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Formation of Contract
• Ensure customers agree to standard T&Cs
• If contract created online, must:
– include details of:
• technical steps to conclude a contract
• means of correcting errors
• language of the contract
• any applicable code of conduct
– allow customer to access, store and reproduce T&Cs
– acknowledge receipt of order
33. 33
E-COMMERCE WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Distance Selling Regulations
No. of detailed requirements concerning:
• provision of information
• statutory right of cancellation
• supply goods within 30 days
• allowing consumers to open/return goods
• providing a refund within thirty days
34. 34
E-COMMERCE WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Online Advertising
• no one source for all rules
• CAP Code main rules (enforced/administered by ASA)
All marketing communications should:
• be "legal, decent, honest and truthful"
• not include anything likely to cause offence
• not be misleading and can be substantiated
• be prepared with a sense of responsibility to consumers/society
• respect the principles of fair competition
• not bring advertising into disrepute
Code not statutory but adverse ASA adjudication is bad publicity
35. 35
E-COMMERCE WEBSITES
HOW DO I KNOW MY ORGANISATION’S
WEBSITE IS LEGALLY COMPLIANT?
Payment Processing
Online card payments must be PCI compliant
• Number of stringent requirements
• Best to outsource to a provider
– Eg Worldpay, Paypal
• Failure to comply can mean large fines and removal of
merchant status
36. 36
LEGAL PROS AND CONS OF PUTTING
DATA IN THE CLOUD
Security
• If provider not using adequate security, data never safe
– Adequate firewalls
– Adequate encryption
• Data Protection Act, Principle 7:
“Appropriate technical and organisational measures shall
be taken against unauthorised or unlawful processing
of personal data and against accidental loss or
destruction of, or damage to, personal data.”
– IT guru must do due diligence on cloud provider
– If you cannot show this, you could be liable if breach
37. 37
LEGAL PROS AND CONS OF PUTTING
DATA IN THE CLOUD
Security
Same applies to your website security:
Personal data accessible by a third party
=
Breach of the Data Protection Act
Get your website penetration-tested regularly!
38. 38
LEGAL PROS AND CONS OF PUTTING
DATA IN THE CLOUD
Who Are You Contracting With?
• May be a number of providers involved
• Confirmation sub-contractors bound by same standards
of
– Security
– Confidentiality
• Main provider needs to carry can
39. 39
LEGAL PROS AND CONS OF PUTTING
DATA IN THE CLOUD
Where is My Data?
• If data stored or transferred outside EEA, 8th Principle:
– requires adequate security measures to be in place:
– Non-US countries: model clauses signed up
– US states: entity on US Government’s Safe Harbor
List
• ICO recommends getting
– list of countries where data is likely to be processed
– details of the safeguards in place
• “If in doubt, don’t use a provider you cannot trust!”
40. 40
LEGAL PROS AND CONS OF PUTTING
DATA IN THE CLOUD
Conclusion
Covered a lot of ground:
• copyright, trade marks, designs and patents
• ensuring your website, domain names and hosting are
– within its ownership and control
– legally compliant
• putting your data in the cloud: do the advantages
outweigh the risks?
For a whistle-stop tour of today’s workshop, go to
QuickPoints on the firm’s website:
– Is Your Website Legally Compliant
– Cloud Computing: What You Need To Know