Cybersecurity technology has become one of the most important industries in the world today. With products that are critical to businesses in countless fields, including finance, healthcare, transportation, public utilities, manufacturing, defense and government, experts have predicted that the global market for cybersecurity technologies will grow by 10% per year through 2020.
Cybersecurity technologies are also one of the biggest drivers in corporate value today. 129-year-old Eastman Kodak Company recently saw the value of its stock jump by 200% after announcing a new service that will use blockchain technologies to help photographers get paid in a new cryptocurrency when others use their photos. A New York-based beverage distributor experienced a 289% share price increase after it simply renamed itself from “Long Island Iced Tea Company” to “Long Blockchain Corp.” and announced that it would start to offer blockchain technology solutions.
Next generation cybersecurity technologies include more than just blockchain-based payment systems. Distributed ledger technologies have applications in multiple fields, including document sharing, video and audio streaming, and biomedical applications. And although blockchain is all the rage at the moment, other cybersecurity technologies such as network attack simulations, network security awareness training through methods such as simulated phishing, and real-time analytics are equally important, if not more so.
With this background in mind, what intellectual property protection options are available for next generation cybersecurity technologies?
Patents cover novel processes and articles of manufacture. A patent, when granted by the applicable patent office, gives its owner the exclusive right to make, use, sell, import or export the invention.
Distributed ledger technologies such as blockchain are based on a decentralized management protocol in which all nodes of a system store copies of the complete ledger with a record of all transactions. Opportunities for patenting blockchain technologies may include:
- new applications of distributed ledger technologies;
- unique methods of creating a ledger, updating a ledger or distributing a ledger among multiple nodes;
- proprietary blockchain technologies; and
- unique methods for assessing integrity of one or more elements of a blockchain.
Most of the U.S. patents granted to date involving blockchain technologies cover new or improved aspects of the blockchain itself. For example, a unique way of creating and/or distributing a ledger in a cryptocurrency system may be patentable.
Only a small number of patents have granted to date for new applications of existing blockchain technologies. This may be because most companies who are using blockchain are not developing new technologies but instead are merely using existing technologies to implement different types of transactions. Innovators who want to patent new applications of blockchain technologies must focus on what new technologies they are bringing to the table, as patent applications seeking to merely cover new business opportunities with existing technologies are much less likely to succeed.
Businesses that develop other cybersecurity technologies such as network attack simulations, security awareness training, and real-time analytics also can build value with a strategic patent portfolio.
Specific patent strategies for cybersecurity technologies will be discussed in more detail in the next articles in this series.
Copyrights cover original works of authorship, such as software code or database structures. The owner of a copyright has the exclusive right to reproduce, distribute, and create derivative works that are based on the copyrighted work.
Because distributed ledger technologies do not include centralized management, many blockchain technologies rely on an open source framework in which certain aspects of the code are open and freely available to all users. However, this does not mean that opportunities for building value through proprietary and copyrighted materials are not available. In open source platforms, many developers offer the basic elements of the platform for free to promote widespread adoption of the platform, while retaining some proprietary code that the developer uses to offer value-added or premium services.
Companies that are developing cybersecurity software must ensure that all developers have signed agreements assigning all copyright in the code to the company. This is especially important if the company uses third party developers or independent contractors, as copyright is held by the author unless expressly assigned to the company.
In addition, it is important that companies who incorporate open source or third party scripts, libraries or other materials in their products obtain and retain all applicable license agreements. “Open source” typically means free, but it does not mean “no strings attached.” Most open source licenses require that users provide some type of attribution to the original author. Some open source licenses (such as the GPL and LGPL) can require the user to make its proprietary code freely available to others, too. Failure to carefully review, understand, and comply with license requirements may result in copyright infringement, and also may significantly devalue a company’s code.
A trade secret is anything that provides an enterprise with value because it is secret. This can include a business process, software code that is not distributed to others, a data set, or other confidential business information. Since blockchain and other distributed ledger technologies rely on an open, permissionless, public process and record, opportunities to assert trade secret protection over blockchain technologies can be limited.
However, other cybersecurity technologies can be ripe for trade secret protection. Real-time data analytics may use proprietary algorithms to yield a gold mine of data. The collector of the data may simply use that data for its own business advantage. In other situations, the data collector may license some or all of the data to others, optionally in combination with other data sets.
Before making a data set available to third parties, the data set owner must ensure that it has secured permission from all third party data suppliers to share the data. In addition, if the data set includes any personally identifiable information, financial information, or protected health information about individuals, the data set owner must comply with applicable privacy laws and regulations governing the use and disclosure of that data.
This is the first of four posts in a series. For other posts in this four-part series, see:
– Trends in Patenting Blockchain Technologies
– Defensive Patent Strategies for Blockchain and Distributed Ledger Technologies
– Cybersecurity Patent Strategies vs. the Growing Barriers to Software Patents