Category Archives: Electronic Communication

Cybersecurity Patent Strategies vs. the Growing Barriers to Software Patents

Posted on February 1, 2018 | Leave a comment

More and more companies who offer blockchain and other next generation cybersecurity technologies are seeking patents to help protect their competitive position. The U.S. Patent and Trademark Office’s (USPTO’s) Technology Center 2400, which covers networking, multiplexing, cable and security technologies, includes over 200 Patent Examiners who focus on security technologies. TC 2400 issued over 33,000 patents in 2017. During this period, the USPTO’s overall allowance rate was 59.4%.

Despite this apparent boom, patent applications covering cybersecurity technologies have faced increasing scrutiny since the June 2014 U.S. Supreme Court decision in Alice Corporation Pty Ltd. v. CLS Bank Int’l. In Alice, the Court found that a software implementation of an escrow arrangement was not eligible for patenting in the U.S. because it merely involved implementing an “abstract idea” on a computer. The Court did not define the term “abstract idea” other than to describe it as a building block of human ingenuity, or a fundamental concept, including concepts that involve a “fundamental economic practice.”

Since then, the USPTO has issued several guidance documents, and lower courts have issued several opinions, describing when software is and (more often) is not eligible for patenting under Section 101 of the Patent Act. The USPTO typically denies, and courts often strike down, patent applications and patents covering methods of manipulating data, completing financial transactions, and algorithms that do not require any particular hardware other than a general-purpose computer.

Patent applications that focus on financial applications of blockchain technologies often face patent-eligibility hurdles. A search of the USPTO’s Patent Application Information Retrieval (PIR) system indicated that as of January 2018, over 90% of the published applications and issued patents having the term “blockchain” and any combination of “cryptocurrency,” “coin,” or “currency” in the claims were assigned to the USPTO’s Technology Center 3600. (TC 3600 includes the USPTO’s business methods examining unit.) Over 80% of these patents and patents applications received a Section 101 rejection on first action. In addition, the allowance rate in TC 3600 remains far below that of the USPTO’s overall statistics.

Claim Drafting Strategies Continue reading

Leave a comment

Posted in Business and Transactions, Electronic Communication, Patents

Tagged , , , ,

Defensive Patent Strategies for Blockchain and Distributed Ledger Technologies

Posted on January 26, 2018 | Leave a comment

Many companies who offer next generation cybersecurity technologies are experiencing significant growth in both corporate share value and revenue. To help protect against competition, many companies are seeking patents to cover their blockchain and other distributed ledger technologies, security awareness training systems, and innovative real-time data analytics methods.

As of January 2018, United States Patent and Trademark Office (USPTO) records revealed just over fifty granted patents in which the phrase “blockchain” or “distributed ledger” appeared. Twenty-five of these patents included those terms in the title, abstract or claims. Some of the patents were awarded to cryptocurrency startups that launched or are about to launch initial currency offerings (ICOs). Others were awarded to U.S. software and business services industry titans who already have large patent portfolios. Approximately one-third of those patents were awarded to businesses that appear – at least for now – to be non-practicing entities, which could signal a risk of patent litigation on the near horizon.

A strategically developed patent portfolio can have several benefits. In addition to increasing corporate value and providing a weapon against infringement, patents can serve as a defensive mechanism against high-stakes patent litigation. A competitor who holds patents may hesitate before filing a patent infringement suit against a company that owns a strong patent portfolio that it can assert in a counterclaim. Strong patent portfolios also can provide companies with the opportunity for favorable cross-licensing arrangements, with fewer royalties being paid and potentially more royalties coming in.

Patent applicants must consider how to draft effective patent applications. Tips for doing this include:

  • Distributed ledger technologies typically require actions by multiple entities. However, it can be difficult to establish infringement of a patent claim unless all elements of the claim are used or performed by a single entity. Patent applications should draft claims with a single infringer in mind, rather than to a distributed system.
  • The U.S. and many other countries around the world take a negative view of software patents that cover mere “abstract ideas” rather than innovations in technology. A new business application of an existing blockchain technology is unlikely to be patentable. Instead, patent applications should cover innovations that provide a technical solution to a technical problem.

Patent strategies for distributed ledger technologies also need to consider the tension between the limited monopoly that a patent provides and the open source platform that a distributed ledger necessarily requires.

For the last few years, several companies have openly discussed and favored the idea of a blockchain “patent pool” in which stakeholders share access to each others’ blockchain-related patents. The Blockchain Patent Sharing Alliance (BPSA) is one such entity that is trying to gather a critical mass of stakeholders and companies. In addition, in 2016, the Linux Foundation formed the Hyperledger Project, which seeks to create an open-source framework for distributed ledger technologies.

Some stakeholders are taking matters into their own hands. In 2016 blockchain developer Blockstream publicly pledged that it will never use its blockchain patents as a weapon. Instead, Blockstream pledged that all of its blockchain software patents are available under the terms of a defensive patent license. Under that license, Blockstream will only use its patents for “defensive purposes” against a party who brings or threatens a patent infringement claim against Blockstream or against a user of Blockstream’s technologies.

Third in a four-part series. For other posts in this four-part series, see:
Intellectual Property Strategies For Next Generation Cybersecurity Technologies
Trends in Patenting Blockchain Technologies
Cybersecurity Patent Strategies vs. the Growing Barriers to Software Patents 

Leave a comment

Posted in Business and Transactions, Electronic Communication, Patents, Software

Trends in Patenting Blockchain Technologies

Posted on January 22, 2018 | Leave a comment

With the recent rise in values of cybercurrencies such as bitcoin, and with increasing interest in initial currency offerings (ICOs), businesses around the world are rushing to build value with new blockchain technologies and applications.

This presents many opportunities to patent innovative blockchain and other distributed ledger technologies. This is a relatively recent trend. The first recorded appearance of the word “blockchain” in any U.S. patent or published patent application was in 2012, approximately three years after the launch of bitcoin.

As of January 2018, United States Patent and Trademark Office (USPTO) records revealed:

  • 25 granted patents with the term “blockchain” or “distributed ledger” in their title, abstract or claims; and
  • at least 275 published patent applications include one or both of those terms in the title, abstract or claims.

When the data set is expanded to patents and applications that include the word “blockchain” anywhere in the text, the list grows to 56 granted patents and over 500 published applications. These include:

Patent Number Title Grant Date Assignee
US9862222 Digitally encoded seal for document verification 2018-01-09 UIPCO LLC
US9853819 Blockchain-supported, node ID-augmented digital record signature method 2017-12-26 Guardtime IP Holdings LTD.
US9836908 System and method for securely receiving and counting votes in an election 2017-12-05 Blockchain Technologies Corporation
US9824031 Efficient clearinghouse transactions with trusted and un-trusted entities 2017-11-21 International Business Machines Corporation
US9807106 Mitigating blockchain attack 2017-10-31 British Telecommunications PLC
US9785369 Multiple-link blockchain 2017-10-10 Accenture Global Solutions Limited; GSC Secrypt LLC
US9794074 Systems and methods for storing and sharing transactional data using distributed computing systems 2017-10-17 Nasdaq Technology AB
US9747586 System and method for issuance of electronic currency substantiated by a reserve of assets 2017-08-29 CPN Gold B.V.
US9749140 Systems and methods for managing digital identities 2017-08-29 Cambridge Blockchain LLC
US9722790 Identity management service using a blockchain providing certifying transactions between devices 2017-08-01 Shocard, Inc.
US9641338 Method and apparatus for providing a universal deterministically reproducible cryptographic key-pair representation for all SKUs, shipping cartons, and items 2017-05-02 SkuChain, Inc.
US9338148 Secure distributed information and password management 2016-05-10 Verizon Patent and Licensing Inc.; Cellco Partnership

Most of the granted patents cover new or improved aspects of the blockchain itself. Only a small number of U.S. patents have issued to date for new applications of existing blockchain technologies. This is likely because many companies are merely using existing blockchain technologies to implement different types of transactions.

Over half of the granted patents were examined within the USPTO’s Technology Center 2400, which covers networking, multiplexing, cable and security technologies. TC 2400 includes over 200 examiners who focus on security technologies.

In each of the past three years USPTO Examiners from TC 2400 have participated in a Cybersecurity Partnership meeting, in which the USPTO has interacted with stakeholders in the cybersecurity and network security sector to share ideas, experiences, and insights. Information that the USPTO shared in these meetings includes:

  • The top 15 filers of patent applications for information security and cryptography technologies in each year during 2014-2016 included Amazon, Google, IBM, Intel, Microsoft, Qualcomm, Samsung, Symantec, and Tencent. Top filers in 2015 and 2016 also included Bank of America, Cisco, and EMC.
  • While the vast majority of U.S. patent applications for information security and cryptography technologies have been filed by U.S. companies, the USPTO has also received a significant number of filings from companies that are based in Japan, China, Korea, Germany, France and Israel, among other countries.
  • The average pendency (time between filing and either grant or abandonment) of patent applications for information security and cryptography technologies was approximately 27 months in 2016.

Globally, as of January 2018 World Intellectual Property Office (WIPO) records show 197 published Patent Cooperation (PCT) applications with the term “blockchain” or “distributed ledger” in their title, abstract or claims. However, relatively few of these PCT applications have reached the national stage. The European Patent Office database includes only 21 such patents and published applications. According to a recent report from Clarivate Analytics, in 2016 China experienced significant growth in new patent filings for blockchain technologies and is second only to the U.S. for new filings involving blockchain technologies.

This post is the second in a four-part series. For other posts in this series, see:
Intellectual Property Strategies For Next Generation Cybersecurity Technologies
Defensive Patent Strategies For Blockchain and Distributed Ledger Technologies
Cybersecurity Patent Strategies vs. the Growing Barriers to Software Patents 

Leave a comment

Posted in Business and Transactions, Electronic Communication, Patents, Software

Tagged , , ,

Fox launches GDPR Check app

Posted on January 12, 2018 | Leave a comment

Fox Rothschild LLP has launched a new mobile app to help businesses catalog their data management practices and determine necessary steps to comply with the European Union’s General Data Protection Regulation (GDPR), which will take effect in May 2018.

GDPR Check maps an organization’s data management practices in 17 areas that are key to determining compliance, and it produces a report for each key area that a company can share with its attorneys and compliance team.

For more details on the GDPR Check app and a link to the free download in the Apple App and Google Play stores, vist the GDPR Check announcement on the Fox Rothschild website at this link.

Leave a comment

Posted in Business and Transactions, Electronic Communication, Software

Tagged ,

White House Consumer Privacy Bill of Rights provokes debate

Posted on March 19, 2015 | Leave a comment

In February 2015, Privacy Imagethe White House proposed a draft “Consumer Privacy Bill of Rights” that the Obama administration believes will provide a baseline of clear protections for consumers, as well as greater certainty for companies who currently have to navigate a patchwork of state privacy laws across the country.

The Consumer Privacy Bill of Rights is part of a policy memo titled “Consumer Privacy in a Networked World:  A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.” The document calls on Congress to pass legislation that adopts the Consumer Privacy Bill of Rights. The document also asks Congress to give both the Federal Trade Commission (FTC) and individual state attorneys general authority to enforce the Bill, although only the FTC could seek financial penalties.

The Consumer Privacy Bill of Rights proposes specific obligations on companies who collect data from individual considers that will preserve the consumers rights to:

  • Individual Control (the right to exercise control over what personal
    data companies collect from consumers and how the companies use it);
  • Transparency (the right to easily understandable and accessible
    information about privacy and security practices);
  • Respect for Context (the right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data);
  • Security (the a right to secure and responsible handling of personal
    data);
  • Access and Accuracy (the right to access and correct personal
    data in usable formats);
  • Focused Collection (the right to reasonable limits on the personal
    data that companies collect and retain); and
  • Accountability (the right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights).

The Consumer Privacy Bill of Rights has been criticized by consumer advocacy and industry groups alike, as well as by the commissioner of the FTC. Nonetheless, it has provoked a discussion that may help establish a uniform standard for protecting consumer data across the United States. Just days after the administration released the proposal, a group of senators who criticized it re-introduced a bill that would regulate data brokers who collect and sell personal and sensitive information about consumers.

Leave a comment

Posted in Electronic Communication

Tagged , ,

IP Protection for Websites

Posted on November 14, 2014 | Leave a comment

33004976_sFor many businesses, a website is among the company’s most valuable intangible assets. A company’s website (or mobile site) serves as its front door, calling card, storefront, and corporate bio for actual and potential customers.

However, many businesses fail to protect this asset until it is exposed to risk. For example, small businesses who rely on a single employee or contractor to develop and maintain the site can face problems maintaining and updating the site if that employee or contractor relationship ends. Or, they may find a competitor copying the features that provide the most business value.  

What can companies do to avoid these issues?  Useful practices include:

  • Own the code.  Many companies hire outside contractors to design and maintain the company website. When doing this, it’s critical that the development agreement provide the company with rights to control, modify, copy and use the code — whether through ownership or license. A company who pays for software development typically does not have the right to copy, modify or distribute it unless the development agreement specifically says so.
  • Control the code.   It’s also important that the company receive copies of all developed code, even if the contractor is hosting the website. If the contractor fails to perform, loses a key employee, or simply starts to charge more than the company wants to pay, the company will find it impossible to go in another direction unless and until it has the  code. Too often, companies fail to include this requirement in their development agreements. Or if they do, they don’t enforce it until a problem occurs — at which point it may be too late.
  • Identify your trademarks.  A website is the first place that many customers will go to discover information about the company’s products or services. The names of many products and services may be trademarks, even if the company hasn’t registered the marks with the U.S. Patent and Trademark Office (USPTO). Although not legally binding, the use of a “TM” symbol with unregistered marks can help put others on notice of the words or phrases that a company considers to be its valuable trademarks.
  • Consider trade dress protection.  Trade dress protection, which is available under U.S. trademark law as well as state laws of unfair competition, covers the distinctive features of product’s physical appearance.  Several federal district courts, including those in Pennsylvania, CaliforniaLouisiana, Washington and Texas, have held that the overall “look and feel” of a website can be trade dress that is entitled to protection under the federal trademark statute.  To receive trade dress protection, the look and feel must (1) be distinctive, (2) have secondary meaning, and (3) be non-functional.
  • (Maybe) patent the unique features. Many websites contain unique functionality that can be considered to be a patentable invention under U.S. patent law.  While patenting software has become much more difficult in the wake of the U.S. Supreme Court’s decision in Alice v. CLS Bank, patent applications that claim  significantly more than just an abstract idea can still find success at the USPTO.

 (Image credit:  sssrrussia / 123RF Stock Photo)

Leave a comment

Posted in Electronic Communication, Software

What cloud computing services need to know about the Aereo decision

Posted on July 22, 2014 | 2 comments

In June. the United States Supreme Court issued its much-anticipated decision in American Broadcasting Cos. v. Aereo, Inc. The decision effectively shut down the Aereo service, at least temporarily as it explores fundamental changes to its business model to permit it to continue distributing content while complying with the Court’s decision.

The Aereo service in question offered subscribers the ability to watch television broadcasts over the Internet, streamed in substantially real time as the programs were being distributed over-the-air by the original broadcasters. Aereo implemented this service via a network of antennas. When a subscriber selected a program, Aereo would select an antenna, deliver the program to the subscriber via the antenna, and dedicate the antenna to the subscriber until the program was complete.

The question that the Court considered was whether Aereo’s retransmission violated U.S. copyright law.  The Court focused on the section of the Copyright Act that gives a copyright owner the exclusive right to “perform the copyrighted work publicly.” The Copyright Act defines that exclusive right to include the right to “transmit or otherwise communicate a performance . . . of the [copyrighted] work . . . to the public, by means of any device or process, whether the members of the public capable of receiving the performance . . . receive it in the same place or in separate places and at the same time or at different times.”

Aereo argued that it did not transmit any performances “publicly” but rather only enabled the transmission of content privately, to a single subscriber at a time. However, the Court found that Aereo’s overall system could transmit a program to many subscribers, and that its activities constituted a “public” performance. In particular, the Court stated:  “we conclude that when an entity communicates the same contemporaneously perceptible images and sounds to multiple people, it transmits a performance to them regardless of the number of discrete communications it makes.”

The Court’s conclusion, if taken out of context, could cause cloud storage service providers to be concerned. Services that allow users to store music, video and other content online for on-demand delivery may indeed wonder whether their services permit “public performance” when a user accesses stored online content.

However, the Court took care to say that its ruling was limited to an interpretation of the Copyright Act’s Transmit Clause, which the Court said was intended to apply “to cable companies and their equivalents, [and] did not intend to discourage or to control the emergence or use of different kinds of technologies.” The Court noted that the term “public” in this context “does not extend to those who act as owners or possessors of the relevant product. And we have not considered whether the public performance right is infringed when the user of a service pays primarily for something other than the transmission of copyrighted works, such as the remote storage of content.”

Thus, not only did the Court state that it was not addressing remote storage systems, it also hinted that it would not consider distribution of remotely stored content in a cloud storage service to be a violation of copyright law because those distributions were not to the “public.”

So, at least for the present, remote storage services can take comfort in lower court decisions such as Cartoon Network LP v. CSC Holdings (2nd Cir. 2008), which held that remote DVRs may operate without violating copyright law.

 

 

2 Comments

Posted in Copyrights, Electronic Communication

Court action against FCC’s “net neutrality” rules could change rules of Internet service

Posted on January 15, 2014 | 1 comment

The “open” nature of high-speed Internet service in the United States may be at risk based on a new appeals court ruling that struck down the Federal Communication Commission’s “net neutrality” regulations.

Since 2010, the FCC regulations, known as the “Open Internet Order,” have prohibited broadband service providers (ISPs) from blocking access to lawful content. as well as from blocking applications that compete with the  provider’s service offerings. The Order also prohibits providers of fixed broadband service (i.e., non-mobile broadband) from unreasonably discriminating in transmitting lawful Internet traffic, such as by granting preferred status or speeds to websites that are affiliated with the provider or who pay a fee to the provider.

The Court’s decision in Verizon v. Federal Communications Commission struck down most of the Open Internet Order.  In particular, the Court said that the FCC went beyond its regulatory authority in imposing the anti-blocking and anti-discrimination rules on ISPs.

Notably, the Court did not say that the FCC could never impose such rules on ISPs. Instead, the Court found issue with the way that the FCC imposed the rules on ISPs. Specifically, the Court faulted the FCC for creating rules that could be considered common carrier obligations and then imposing them on ISPs that were not considered to be “common carriers” under the Communications Act.

The Court did uphold the Order’s requirement that ISPs disclose to consumers accurate information about their network management practices, performance and commercial terms of service.  So, although an ISP can now block or slow a particular website, it must disclose that practice to its subscribers.

The FCC is expected to appeal the decision.  Alternatively, the FCC could attempt to re-write the rules within the guidelines of the decision. Either way, it will be interesting to see whether any broadband service providers change the way that they deliver services to consumers. Under the Court’s ruling, an ISP who is also a cable service provider could block or slow certain over-the-top services so long as they disclose that fact to subscribers. An ISP could charge a higher fee for access to certain sites, or perhaps a reduced fee to consumers who are  willing to accept a more limited scope of the World Wide Web.   Alternatively, some ISPs may use the Court’s ruling as an opportunity to attract new consumers by pledging to make all sites freely available without blocking or discrimination.

Either way, consumers are likely to see changes in their broadband service soon based on the new ruling.

1 Comment

Posted in Electronic Communication

New Data Breach 411 app helps companies navigate data breach laws

Posted on January 6, 2014 | Leave a comment

It’s a general counsel’s worst nightmare. Sensitive data. Gone. Stolen by faceless thieves who breached the company’s seemingly secure network.DataBreach411-2

As my partner Scott Vernick of Fox Rothschild recently stated:  “Data breaches can severely impact a company’s reputation and have debilitating consequences to businesses big and small.”

A new mobile phone app launched by the Fox Rothschild Privacy and Data Security Practice provides a guide to swift damage control in situations like this. The app—called Data Breach 411—can help companies who are affected by a breach navigate the various laws and regulations relating to data breaches. Currently, 46 states have laws in place addressing how organizations should prepare for and respond to the loss or theft of data.

According to Vernick:  “Our app is a ‘one stop shop’ for in-house counsel and privacy officers to instantly access the relevant state-specific details on what they need to do, who they need to notify, when and how. The ability to access these state rules at your fingertips can make all the difference in terms of what’s at stake for an organization: loss of reputational integrity, public trust and business, and time-consuming and costly remediation efforts.”

Information available via the Data Breach 411 app include:

  • State Security Breach Statutes: An alphabetical listing of the states that have data breach laws in place and links to all the relevant notification statutes.
  • HIPAA/HITECH Statutes: Breach notifications rules and other pertinent information related to the loss or theft of personal health information.
  • Resources: Links to credit agencies and credit monitoring services as well as the FTC website. Also, a section on COPPA – the Children’s Online Privacy Protection Act – and relevant information surrounding the mining of data on minors. This section also includes links to Fox’s Privacy Compliance & Data Security Blog and its HIPAA, HITECH and Health Information Technology Blog.

The Data Breach 411 app is currently available for free in the iTunes Store. An Android version will be available soon. To download the app, click here.

Leave a comment

Posted in Electronic Communication

Does your website privacy policy describe how you handle “do not track” requests? If not, read this . . .

Posted on October 7, 2013 | Leave a comment

A new California state law is prompting businesses around the country to update their website privacy policies to more fully describe how the business handles certain customer data.

California’s Online Privacy Protection Act (CalOPPA) already required any commercial website or online service that collected personally-identifiable data from California residents to post a privacy policy. The new law amends CalOPPA to mandate that privacy policies explicitly describe how the website or service will respond to “do not track” requests from users.

My partner Mark McCreary prepared a detailed summary of the CalOPPA amendment and its additional disclosure requirements.  Mark’s summary is available via this link.

Leave a comment

Posted in Electronic Communication