As we transition in to a new year, we re-focus our efforts in certain trends in the area of intellectual property law. Four trends are briefly discussed below.
- Data Privacy and Protection
- Big Data Growth and Use
- Post-Grant Patent Review via IPR
- Patent Subject Matter Eligibility after Alice Corp. v. CLS Bank
Data Privacy and Protection
Recent thefts of celebrity images (including nude images) bring to the forefront of national attention the issue of data privacy and protection. Since many of the images appeared to have been taken using mobile devices and stored in cloud-based databases, the reliability of security in these environments has been brought into question. Other recent thefts have involved credit card data from major banks (Citibank, JP Morgan), major retailers (Target, Home Depot, Neiman Marcus), and credit card processors (Global Payments, Heartland Payment Systems). These data breaches involved millions of credit and debit card accounts. However, many smaller breaches have occurred which don’t make headlines or go unreported.
Cloud data storage technology has grown exponentially in developed economies due to lower cost and increased convenience. Many government, business, professional, and individual users have migrated sensitive and confidential data to cloud data storage for these reasons. Even when reasonable security measures are employed the threat of a data breach cannot be completely negated due to the complexity of the system and vulnerabilities created by the human element, i.e. using “password” or “123456” as passwords.
Another issue is the scope of vulnerability. The recent thefts involved photos, but could have just as easily included other data, information, or documents pertaining to boring business matters, commerce, or serious national security data. How long the data is vulnerable is also an issue. Recent celebrity victims stated some pictures were taken years ago and deleted from their devices, yet somehow were resurrected from the trash bin and splashed across certain notorious websites (4chan.org or reddit.com).
Apple has recently announced it next generation iPhone will involve functionality as a mobile wallet or payment mechanism. Mobile privacy was one of the top priorities being confronted by the U.S. Department of Commerce National Telecommunications and Information Administration’s (NTIA) multi-stakeholder privacy and data initiative. Disagreements among consumer groups, regulators, and mobile phone service providers prevented NTIA from making significant progress; however, the importance of the issue will prompt stakeholders to continue their efforts.
These issues and others are more complex than can be dealt with in a single article and are deserving of more in-depth treatment that we present over the 2014 and 2015.
Big Data Growth and Use
We are in the era of Big Data. Businesses of all sizes are taking advantage of the opportunities presented by using large amounts of data to better understand consumer decision-making, political opinions, highway usage, and electrical consumption. Organizations that hope to survive in the coming years will have no choice but to develop strategies to acquire, protect, and exploit ever-increasing amounts of data.
Databases are considered to be compilations under US copyright law; they may be protected by copyright if their selection and arrangement is creative, under the federal Copyright Act. However, the data within databases, if factual, may not be copyrighted as a matter of both US constitutional law (see Feist Publications, Inc. v. Rural Telephone Service Co.) and statutory copyright law (federal Copyright Act 17 U.S.C. § 102(b)).
Those who assemble and own large databases of information are confronted with legal issues pertaining to rights of ownership, use, confidentiality, and security. First as to ownership, it is very important to create and maintain records identifying authors and providing a history of creation of the particular database since the copyright belongs to the author of the database, or the employer when an employee creates the database in the course of their employment.
Secondly as to use, any time third parties are engaged to gather, collate, organize, or manage data they should have clear understandings and contractual obligations as to confidentiality and ownership of database. This is important because state common law may impose a duty on employees and others in a position of confidence to refrain from copying or disclosing confidential information. State contract law may provide protection for copying database contents by contract signatories. However, some state courts have distinguished between those subject to negotiated contracts from those subject to “click-wrap” agreements (clicking a link or opening a wrapper to signify agreement to contract terms) when it comes to enforcement of confidentiality provisions.
Owners should also follow regular audit schedules whereby they evaluate whether appropriate licenses are in place, whether users of the database are properly credentialed, and whether the data is protected by copyright or trade secret laws in the subject jurisdiction. It is good practice to individually negotiate contracts with those who source or use the information in the database.
Third, when the databases are publicly available, owners should require agreement properly structured Terms of Use that ensure those who access the information are contractually restricted from unauthorized disclosure or dissemination. Such Terms of Use should be visible to the user and their access to the data should be conditioned clear and unambiguous assent.
The laws concerning data protection are becoming ever more important to businesses, no matter the sector in which they operate. Yet, not surprisingly, how those laws operate to protect data and databases vary significantly among jurisdictions. This naturally presents a challenge to any business looking to protect and exploit data on a cross-border basis. Companies must pay attention to whether the laws of a particular country make contractual rights in a database stronger or more loosely guarded.
When a database is confidential (as with all financial, credit card, or medical data) owners must clearly communicate the confidential nature to users and obligate then to keep the data confidential. Any access agreements should have confidentiality restrictions that must be accepted prior granting access—and which specify penalties resulting from breach of those restrictions.
Strong technological protection against unauthorized access or copying should be incorporated into any big database. This includes sophisticated passwords and possibly data encryption. When encryption is appropriate, owners should consider using the Advanced Encryption Standards (AES) or the somewhat weaker Data Encryption Standard (DES) as a basis of their efforts.
Post Grant Reviews – IPR
Inter Partes Review (IPR) was created under the America Invents Act as a replacement for the Inter Partes Reexamination process. The change came about due to efforts to make the post-grant review process faster and more efficient. Basic rules of the IPR procedure provide that it can only be used nine months after issuance of a patent or within one year of a party being sued for infringement of patent. The procedure is available for all patents, regardless of when they were applied for or issued.
To initiate an IPR, a plaintiff files a petition arguing that at least one of the claims of the patent are either anticipated or are obvious in light of prior art patents or printed publications. The challenger cannot argue grounds of invalidity other than anticipation or obviousness. The challenger must also provide a claim construction chart for each challenged claim and must pay $9,000 to request the review; if the petition is granted, the challenger must pay an additional $14,000.
Other important points about the IPR process are:
The petitioner/challenger does not remain anonymous; the real party behind the challenge must be disclosed.
The patent owner may or may not choose to file a response to the petition. The patent owner and the challenger are allowed their own brief (3 month) discovery periods when depositions and written discovery can be obtained.
Each party submits a final brief and may request an oral hearing.
The legal standard for reviewing the validity of a patent claim during an IPR is, “a claim in an unexpired patent shall be given its broadest reasonable construction in light of the specification of the patent in which it appears.”
An IPR proceeding shall be administered such that it concludes in one year. The time can be extended by up to six months for good cause by the Chief Administrative Patent Judge, or adjusted by the Board
As of September 3, 2014, the total number of IPR granted has been: 830; IPR Petitions Denied to Date: 183; the Grant Rate: 82%. IPR Petitions Filed in August, 2014 was 159.
The IPR process allows a patent owner a limited right to amend their claims to overcome cited art by the challenger. However the PTAB has a firm limit of 15-pages for any motion to amend. This means when long, multi-part claims are at issue, a patent owner may have very few pages left available for argument after presenting the amended claims in the double-spaced format specified by the PTAB rules. In a recent decision the board explained, “[a]n inter partes review is more adjudicatory than examinational in nature.” Idle Free Systems Inc. v. Bergstrom Inc., IPR2012-00027, Paper 26 at 6 (USPTO PTAB June 11, 2013). This means amendments presented in an IPR context are required to be tightly focused on only those amendments necessary to overcome the cited art. Patent owners desiring “a complete remodeling” of their claims should use ex parte re-examination or reissue. Id.
Patent Subject Matter Eligibility after Alice Corp. v. CLS Bank
Several recent cases have presented the Supreme Court with involving the eligibility of patent claims under § 101. The resulting decisions have blurred the lines between §§ 101, 102, and 103, and arguably removed some of the doctrinal certainty in patent law created by the Federal Circuit over the past 25 years.
In the Alice Corp. v. CLS Bank decision, the Supreme Court had the opportunity to clarify the law as to what makes a claim fall within patent-ineligible categories of abstract ideas, laws of nature, or natural phenomena—however its decision did not provide clarity. Consequently, the law pertaining to patent eligibility is in a state of flux. Predicting how the Patent Office or courts may assess patent eligibility of software patent claims has become very difficult.
In the CLS Bank case the Court unanimously affirmed the Federal Circuit’s per curiam opinion (which had applied the Court’s patent eligibility jurisprudence as to computer-based methods) which held that all of Alice Corp’s claims were too abstract to meet the requirements of § 101. The subject claims were computerized methods for implementing an intermediated settlement that are well-known in the art. Specifically the method used a general purpose computer and computer readable-media to implement a specialized computer algorithm. The Court’s analysis did not draw upon previous distinctions between claims to methods, systems, and computer-readable media.
Recently, the USPTO issued a memorandum to its Examiner Corps, entitled “Preliminary Examination Instructions in view of the Supreme Court Decision in Alice Corporation Pty. Ltd. v. CLS Bank International, et al.” At its core, the memo addressed subject matter eligibility of claims involving abstract ideas, particularly computer-implemented abstract ideas.
The memo was based on the premise that the Alice decision did change substantive patent eligibility law or fundamental examination guidance. The memo also noted that abstract ideas are fundamental building blocks of human ingenuity and are not patentable—inventors must use those building blocks to construct their innovations.
Supporting commentary from IP bar associations emphasized that Alice did not create a per se excluded category of business methods or software, or impose any special requirements for eligibility of business methods or software.
The guidance memo stated that Examiners are tasked with evaluating whether (1) the claim is “directed to” an abstract idea or whether it includes an ‘inventive concept’ sufficient to ‘transform’ the claimed abstract idea into a patent-eligible claim; (2) to assess whether ‘additional features’ are present and the claim is not a drafting effort designed to monopolize the abstract idea; and finally, (3) there should be some application[s] of the claimed concepts ‘to a new and useful end’.
The result of the decision and the memo seems to be that challengers can now use of prior art to render a claimed invention well-known, conventional and thus abstract under § 101.
Ultimately, CLS Bank may be a continuation of the trend whereby the Court places further limits on the scope of patent protection and possibly creating new ways that a patent’s validity can be challenged.
By Greg Marcum
