Protecting you Intellectual Property. Who owns your IP?

Introduction

In about four or five years I can see a major problem with intellectual property that has been stored in the cloud.   At the moment everyone is in a hurry to get their information into the cloud for the case of convenience and cost savings.   Most cloud based suppliers will have you sign a terms and conditions agreement (T’s and C’s), the problem is that not many people have actually taken this contract and had it signed off by a legal practitioner.

Information transferred from your on site location to the new cloud based area is not an issue as this can be proven to belong to you, but what about information created in the cloud.   Information added to databases after the fact.   This is the information that everyone believes is theirs but in truth of fact actually belongs to the cloud provider.

No one seems to know where the line is being drawn in the sand and everyone is of the opinion that the information is theirs and is only stored in the location.    What happens when someone wants to push the issue?

Who owns your copyright information

Meta data is one of the keys to copyright.   Everything on the Internet has a meta data component and the web relies on the information for searching and storage.   The meta data on your web site is normally managed by you or the company looking after your web site.   This is not a problem except when it comes to the agreement between you and the company doing the web site management.

The hosting company has no access to or management of the meta data, making the information contained in your web site yours and yours alone, that is after you have checked your web management companies agreement.  The issue is information that is processed by a cloud application going into a cloud based storage component.

There is also another problem, some office based systems actually insert their own meta data into the information that you create on premises.   This is also a considerable problem for copyrighted information.   Do you own that information or does the company who supplied the software own it.   I know that in most cases you can turn off the injection of software meta data into documents or databases but it is not the default setting of the software.

A couple of systems, Google apps, Microsoft 365, amazon S3 all have agreements that ensure that the information created is the responsibility of the original owner – the person or company who uploaded it.   People who upload information to Flicker, big stock photos, Facebook and the like, are also usually protected by a Creative Commons agreement, this allows others to use the information – data, photos and the like – for none commercial use.   It is licensed that way to protect the creator.

What about the rest of the companies that are supplying systems for the SME market.   What is their agreement like?

What can you do about it

This once again it comes down to buyer beware.    It is your responsibility to make sure that what you are not exposing your critical business information to someone who, because you use their system, thinks it is theirs.   I know this thinking is unusual but for the sake of convenience and cost saving being in the situation where the last 3 years of your business is not yours could, I think, be a problem.

Not sure, but if you are like me, that would be a severe problem for my business.    Maybe a strategy to ensure that everything that goes to a cloud based system is kept on site to ensure that in a dispute you can actually prove that you created the content well before it became the “property” of the hosting or cloud support company.

You can also check that everything you create has your meta data incorporated into it, not the software or cloud providers meta data.

Not being a legal person, my first point would be to get good legal advice from someone who specialises in this area.

Making sure it is yours

The Internet may appear open to everyone, but in reality everyone is trying to ensure that the information that they create is kept securely under their control.   What you do not want to have happen is the new drawings of your super widget to get out into the virtual world and you loose the ownership of it to someone who has a better or more expensive legal team. (this time I am not talking about having it stolen).   You have to make sure that the intellectual property of your business stays with you till you see fit to release it to anyone else.

Normally there is a SLA in place that ensures that the “hosting or cloud company” will do everything in their power to protect that information but when it comes down to it, it is still your copyright and your responsibility.

Just a quick one, Creative Commons is an open agreement that ensures that information that you store on a third parties system is still yours although it can be accessed and used by others.

Conclusion

This is not the end of the problem.   The more cloud based companies try to lock in their clients the more problems this copyright problem is going to be.   This is just the start.   We will shortly start to hear of cloud based companies taking their clients to court or getting taken to court by their clients over the copyright of the information that has been stored since the original storage contract was digitally signed.   When that happens it will definitely get interesting.    As the saying goes – watch this space.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.

Leave a Reply