INTELLECTUAL PROPERTY LAW - DATA

IN “THE INTERNET OF THINGS” – WHO OWNS DATA?

The internet is a vitally important communication medium for governmental, business and social users. The Internet of Things also provides great benefit to internet users. However, the Internet of Things is only useful if connected devices are able to capture, transfer, analyse, report and act on data.

So, then, who owns the data on the Internet of Things?

In this age of communication and information technology, data is of great importance. The concept of ownership of data is not straightforward. Superficially, no one owns data. There is no currently recognizable proprietary right in a piece of data itself. For instance, the owner of a Smartphone does not “own” the data relayed to the user on how to use that phone, be informed or be entertained by it. However, once that data is documented or collated, and becomes an aggregation, for collection of such data. However, there is only a proprietary interest created if someone has invested time and effort in carrying out that aggregation or collection process. Individual users are unlikely to have made such a relevant investment.

There are two reasons why legally important consequences flow from the types of collections that can be owned and the types of persons who can own them.

First, the person who exploits collections of data can generate enormous value and wealth. An example might be the stock market fluctuations of a particular corporation’s stock. On their own, the data is relatively valueless. No one can say that the opening or closing price of a particular stock, as relayed via a computer or mobile phone, creates proprietary rights. However, market intelligence based upon an analysis and collection of that stock price can be extremely valuable. The associated question is the identification of the person who is able to exploit the data and who can prevent others from exploiting it without permission or without payment.

The second reason why the issue of ownership of data collections is important is to separate potential ownership interests of the different participants in the data processing chain. The players involve in the data processing chain are numerous: there can be users, hardware manufacturers, App developers, providers of database architecture as well as the purchaser or user of the data. Who in that chain can said to be the owner of the data aggregation? The answer to this question is crucial in determining who has the economic rights to exploit the aggregation under Australian intellectual property law.

Under Australian copyright law, aggregations of data can be protected by database right.

Generally speaking, there will be a database right if three criteria are satisfied:

There has to be a defined database – this is a collection of independent data which are arranged in a systematical methodical way and which are individually accessible. Not all data qualifies. The data must be capable of being collected in a methodical way to allow for future retrieval. This will be satisfied if there is capture, transfer and analysis of data;
There must have been substantial investment in the obtaining or verification or presentation of those data. The concepts of obtaining and presenting are crucial. There must be an “investment” in the collection of the data and in the subsequent arrangement and organisation of that data; and
The maker of the database (or multiple makers) has or have to have substantial economic and business connections with Australia.

If these criteria are satisfied, the maker will be the first owner of the database right.

How, then, do you identify the maker where there are number of participants all coming into contact with the data in various ways?

The maker will probably be the entity who:

Takes the initiative in obtaining, verifying or presenting the contents of the database;
Assumes the risk of investing in that obtaining, verifying or preventing the process.

To undertake this analysis, there must be an investigation of participation in the process and who is commercially responsible for that participation. The person physically doing the collecting and the presenting may not be the maker from the legal perspective, especially where that person has been hired by another to provide a service under a contract which transfers all intellectual property rights. Under European Union Data Laws, subcontractors are specifically excluded from the definition of “maker” for data aggregation purposes. The maker will be the person who made the commercial decision to collect the data and made the commercial investment in carrying out the collection.

This suggests that intellectual property laws tend to favour persons who are at the top of the data collection food chain. They are more likely to be defined as makers. In this, such chains are little different to other property chains.

Data collection rights are no different from other intellectual property rights. Ownership of database rights can be allocated by contract. However, with that power of allocation comes considerable risk. Appropriate ownership provisions in relevant agreements will need to be drafted. Otherwise, potentially overlapping responsibilities will give rise to considerable disputes, particularly having regard to the potential value of the data collection.

****

This article is intended only to provide a summary of the subject matter covered. It does not purport to be comprehensive or to render legal advice. No reader should act on the basis of any matter contained in this article without first obtaining specific professional advice.

DISCLAIMER: We accept no responsibility for any action taken after reading this article. It is intended as a guide only and is not a substitute for the expert legal advice you can get from De Marco Lawyers and other relevant experts.