Your SlideShare is downloading. ×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

IT:AM Semina Series - Managing your secrets, protecting your assets - London


Published on

IT:AM Seminar Series - Managing your secrets, protecting your assets. Eversheds London, 20 November 2012.

IT:AM Seminar Series - Managing your secrets, protecting your assets. Eversheds London, 20 November 2012.

Published in: Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. IT:AM Seminar SeriesManaging your secrets, protecting yourassetsEversheds LLP,20 November 2012
  • 2. IT:AM Seminar SeriesAgenda• 08:30 – 09:30 The business of secrecy• 09:30 – 09:45 Coffee break• 09:45 – 10:05 UsedSoft GmbH v Oracle International Corp• 10:05 – 10:25 Communications Data Bill• 10:25 – Close Q&A and networking
  • 3. IT:AM Seminar SeriesThe business of secrecyNeil Mohring, Partner
  • 4. The business of secrecySecrecy today – a modern business issue• 80% of your corporate value is intangible• The value of trade secrets is rising, why?• eg: America Invents Act, technology driving more effective data usage, IP is now firmly in the boardroom• Are trade secrets underrated ………or even protected• From Charlie and the Chocolate Factory to date – espionage is alive and well in 2012 .....scene 1
  • 5. The business of secrecyHow does confidence arise?• The necessary quality of confidence – not a precise concept, necessarily flexible – (non public) formulae, algorithms – obviously yes – matters in the public domain – obviously not – encryption may not protect confidentiality if decryption is possible and the encrypted version is published and...• Disclosure in circumstances of confidence – under a NDA – an obviously confidential exchange – a confidential relationship, eg solicitor/client etc
  • 6. The business of secrecyWho owns confidential information?• Distinguish ownership of physical materials and intangible rights – both are important• Confidential materials may also attract protection from intellectual property rights eg copyright, database right• Confidentiality is not an IP right so effective protection is via: – controlling disclosure of physical materials – establishing a contractual/tort based duty in your favour• Trade secret transactions depend on this
  • 7. The business of secrecyAnalysing NDAs – if you’re the discloser• Ensure you have defined what you want to protect and consider duration based on the commercial longevity of the information• Make clear records of disclosure – make it clear that disclosures made are subject to the NDA• Reject residual clauses and consider the risk of a recipient generating new IP based on the disclosed material• Consider governing law and forum for enforcement
  • 8. The business of secrecyAnalysing NDAs – if you’re the recipient• Define what information is covered – reject broad clauses and descriptions• Ensure there is a duration to the obligations• Consider risk of “taint” – is the disclosed information too close to what you are doing?• Consider a residuals clause• Consider ownership of derivative analyses
  • 9. The business of secrecyAnalysing NDAs – mutual disclosure• Is it really a mutual disclosure, have you got the right protections?• Seek a fair middle ground• Consider holding back key information
  • 10. The business of secrecyEscrow clauses – conventional position• Material – software source code• Release events – insolvency, material breach of support• Scope of use – providing software support (by fixing) internally
  • 11. The business of secrecyEscrow clauses – consider other material• Hardware – bill of materials• Firmware• Technical specifications• Other materials
  • 12. The business of secrecyEscrow clauses – consider other release events• Anticipatory insolvency/financial distress triggers• Change of control• Reputational risk – CSR• Service level triggers• General material breach/other breachand any other situations where you would need the materials
  • 13. The business of secrecyEscrow clauses – consider scope of use• Customer support• Software distribution• Hardware manufacture• Subject to a reasonable royalty?and assess these measures against your general business/productcontinuity planning
  • 14. The business of secrecyRoutes to enforcing trade secret protection• Move quickly to limit damage and to increase prospects of obtaining an injunction• Gather evidence by: – identifying links to party suspected of breach – speaking to employees and ex-employees – investigating IT systems and access to trade secrets – obtaining a copy of the solution (reverse engineering or carrying out a code comparison)
  • 15. The business of secrecyRoutes to enforcing trade secret protection• Consider whether an injunction and/or claim would be appropriate and proportionate• Consider whether a criminal offence has been committed• Take steps to protect your secrets from the outset
  • 16. The business of secrecyEmployees and confidential information• Employer/employee duty based on mutual trust and confidence• Includes an implied obligation to respect the employer’s confidential information• Most employers use express confidentiality obligations as well
  • 17. The business of secrecyEmployees and confidential information – aftercessation of employment• Trade secrets may not be used post termination• Other “mere” confidential information is not protectable and the employee can use this (but is this limited to “tools of the trade” know how?)• However, is this activity: – genuine trade secret; or – employee know-how and skill
  • 18. The business of secrecyEmployees and confidential information – practicalmeasures• Garden leave or other covenants• Monitor IT activity• Exit interview - reminder• Review subsequent activity for suspicious similarity
  • 19. IT:AM Seminar SeriesUsedSoft GmbH v Oracle International CorpJames Walsh, Partner
  • 20. UsedSoft GmbH v Oracle International CorpFacts• Oracle – software owner and distributor – software is downloaded by customers from the Oracle website – customer enters into licence agreement with Oracle under which the customer is granted a perpetual, non-exclusive, non-transferable right to use the software• UsedSoft – seller of used software licences, including Oracle licences
  • 21. UsedSoft GmbH v Oracle International CorpDecision• Article 4(2) of the Directive on the Legal Protection of computer programs (2009/24) (“the Software Directive”) provides that the first sale of a copy of a software program in the EU by the copyright holder or with the copyright holder’s consent exhausts the distribution right of that copy within the EU• After the first authorised sale of a copy of a copyright-protected work, the work may be freely distributed within the EU• ECJ consideration: did the downloading of a copy of a software program with the copyright holder’s consent fall within the scope of Article 4(2) and constitute a first sale?
  • 22. UsedSoft GmbH v Oracle International CorpDecision...• ECJ held that Article 4(2) was triggered if the copyright holder authorises a download of a copy and a consequential right to use the software perpetually in return for a payment of a fee corresponding to the economic value of the copy• It also found that there was no difference between an intangible medium (such as a download) and a tangible medium (CD-ROM, DVD etc) for the purposes of Article 4(2)
  • 23. UsedSoft GmbH v Oracle International CorpDecision...• UsedSoft were therefore entitled to rely on the exhaustion of distribution rights under Article 4(2) to continue to purchase and resell Oracle licences• Certain restrictions: – not entitled to split out licences and resell part – original acquirers of software must make own copy unusable at the time of resale – copyright holders are entitled to ensure that the original acquirers copy of the software is made unusable
  • 24. UsedSoft GmbH v Oracle International CorpDecision...• Maintenance agreements do not fall under Article 4(2) but Article 4(2) will extend to the resulting software updates and added functionalities as they form an integral part of the software downloaded
  • 25. UsedSoft GmbH v Oracle International CorpWhat are the implications for software owners?• Undermines the ability of software owners to control the transfer of software• Non-transfer and non-assignment provisions in licensing arrangements will have no effect if ‘licence’ is granted perpetually, for a lump sum fee• Under the principles applied by the ECJ, if these elements are met, then will deemed to be a ‘first sale’
  • 26. UsedSoft GmbH v Oracle International CorpAvoiding the trigger!• Time-limited licences – annually renewable – fixed short terms – longer 15 years+ terms (Note: ‘sham’ terms)• ‘Software as a Service’ model• Pricing structures- avoid lump sum payments• Employ technical methods so as to prevent the licensee’s copy of the software remaining usable on transfer
  • 27. UsedSoft GmbH v Oracle International CorpOther considerations• Provisions for early termination - how are these to be treated? – breach – change of control – insolvency• To what extent will a transferee be bound by the terms of the original licence?• Is any positive action required by the transferor? Supply of dongle, disk, etc?• Associated support and maintenance agreements
  • 28. UsedSoft GmbH v Oracle International CorpWhat are the implications for licensees?• Opens up potential revenue streams- licensees will now have the ability to resell software which is no longer required by them• In order to do this, licensees must ensure that they – obtain a supply copy of the software – obtain a perpetual licence – pay a lump sum licence fee• Licensees should consider the commercial implications of a lump sum fee• May not be as beneficial for sophisticated software
  • 29. IT:AM Seminar SeriesCommunications Data BillJames Walsh, Partner
  • 30. Communications Data BillBackground• All businesses use communications data• Existing laws governing the retention of data apply to public communications providers• Draft Communications Data Bill will permit ‘authorised body’ to order a telecommunications provider to generate, collect, retain and disclose data to authorities that may require it
  • 31. Communications Data BillWhat does the Communications Data Bill provide for?• Secretary of State has power to: – ensure communications data is available from telecommunications operators by public authorities; or – otherwise facilitate availability of communications data
  • 32. Communications Data BillWho is a telecommunications operator?• Telecommunications operator – person who controls or provides a telecommunication system or provides a telecommunications service• Telecommunications system – ...for the purpose of facilitating the transmission of communications by an means involving the use of electrical or electro-magnetic energy• Telecommunications service – ...consists in the provision of access to, and of facilities for making use of, a telecommunication system
  • 33. Communications Data BillWhat is communications data?• Subscriber data – information about those to whom a telecommunications service is provided• Traffic data – information identifying any person, apparatus or location to or from which a communication is transmitted• Use data – information about the use made by a person of a telecommunications service or system
  • 34. Communications Data BillWhat orders can the Secretary of State make?• Broad powers e.g. collection and generation of data, processing and destruction of data• Require operators to enter into arrangements with Secretary of State or other third parties on commercial or other basis to enable operators to collect data• Enforce compliance with requirements regarding specified standards, specified equipment/systems and specified techniques in relation to collection and retention of data
  • 35. Communications Data BillAre there any protections as to how the Secretary ofState can exercise its powers?• Few protections• Secretary of State must consult with Ofcom and Technical Advisory Board (established under RIPA) before issuing an order• However, no obligation for Secretary of State to heed any concerns raised during the consultation process
  • 36. Communications Data BillBest practice• Businesses should prepare for the bill now• Consider: – change control procedures – vendors’ technical resources to collect/retain data – provisions to pass compliance responsibilities to outsourcing providers – termination rights for non-compliance or where a business needs to change communications vendor to ensure compliance• Raise concerns with stakeholders and MPs
  • 37. IT:AM Seminar SeriesQ&AThank you for attendingEversheds LLP