Man touching technology screen showing how data intensive technologies are impacting the protection of intellectual property

Data Privacy and Cybersecurity Collides with the World of Intellectual Property in the New Decade

The past ten years brought with them a seemingly never-ending array of data intensive and increasingly “intelligent” technologies. While data security and privacy remain paramount, an increasingly data-intensive technological, economic, and social landscape will mean that the ownership and control of data will become increasingly important and likely oft-contested. It is here that the worlds of data privacy, security, and protection collide with the world of intellectual property. This is a trend we can expect to grow in the decade ahead, as data intensive technologies like artificial intelligence (“AI”), blockchain, and the Internet of Things (“IoT”) and the Cloud continue to break new ground, altering the legal and security landscape in the process.

Artificial intelligence-based technologies

Over the past decade, AI-related patent applications have grown remarkably as companies and inventors look to protect their rights and stake a claim of exclusivity in this rapidly growing and cross-cutting technological space. AI and IP rights have the potential to raise issues for IP-seekers, IP-holders, and governments in the years ahead. Various forms of IP can apply with respect to the technologies themselves, whether they are in the contexts of machine learning, deep learning, natural language processing, etc. Executives and security professionals alike will need to contend with these overlapping rights to develop an effective IP strategy for AI technologies: patents are a tool for protecting the functions of the technologies, copyright may pertain to the source code, and database ownership right—and the legal tools for protecting and enabling access, privacy, security, and control. There are also fundamental questions up for debate—and clarification— through contract law or legislation—about how IP that is created by technologies themselves will be treated.

Blockchain

Blockchain and other distributed ledger technologies also saw increased attention and promotion during the past decade. Heralded as a means of providing greater certainty and protection to intangible assets and financial instruments (amongst other information). These technologies also have the potential benefit of being used to maintain and assert IP rights by tracking usage and curtailing infringement in digital contexts. For example, blockchain and distributed ledger technologies can be used in the context of verifying usage of copyright-protected works and ensuring creators and rights-holders are compensated accordingly. Blockchain start-ups have started employing their technologies to ensure the rights-holders of musical works are compensated fairly. Possible applications of this technology to ensure privacy and security of sensitive information, such as in the HealthTech and broader health care landscape, abound. Working in these spaces and with these technologies requires properly crafted and enforceable end-user license agreements (“EULAs”) as well as other forms of IP agreements.

The Internet of Things and the Cloud

The Internet of Things (“IoT”) and connected technologies that rely on “Cloud”-based servers for storage and retrieval have seen remarkable uptake since first being launched. First-movers like Amazon Webservices have been able to lower the operating costs of data-intensive companies by providing reliable and secure options that do not require extensive internal infrastructure. These types of services and products that rely on network connection look to further expand in the decade ahead as 5G networks are deployed. The convenience and cost-effectiveness of these technologies are clear for both companies and consumers; however, the IP implications can be profound. Data breaches are merely the primary example of what can go wrong when proprietary rights and security are not proactively strategized. From an IP prospective, rights-holders should work to ensure than any IP provisions within their service agreements are scrutinized to ensure that actual and potential uses of proprietary information are inline with their business objectives. This can include ensuring that technological protection measures (“TPMs”) are in place to help layer technical as well as legal security of information.

Data ownership and the regulatory spectre

Diverse in their application and subject matter, AI, blockchain, and IoT-enabled technologies are linked by a common reliance on data as both input and output. In the years ahead, the ownership and control of data for commercial and internal purposes will be an inflection point for organizations and their customers as well as the public at large. Currently, debates are occurring about the collection, storage, and use of data associated with individuals as well as the legal structures to maintain privacy and security. At the same time, IP and other legal means for asserting or claiming ownership of data are also being called into question. Whether databases, data structures, and datasets are to be treated as compilations (and subject to IP law like copyright) or information (which can then be subject to appeals to fair use and fair dealing provisions) is attracting scrutiny. Customer data collection and use is being analyzed to determine what, if any, IP-rights can and should be claimed. Here, TPMs and associated contract terms can be built into EULAs and associated IP agreements to provide greater legal certainty to organizations and businesses. In the context of the recently implemented General Data Protection Regulation (“GDPR”) in the European Union and calls to re-examine the business practices of data-intensive companies like Amazon, Google, and Facebook in the United States, IP practitioners as well as digital security and privacy professionals will need to keep their eyes open to new or increased regulatory or legislative attempts to codify data ownership and usage provisions.