Hundreds of documents and thousands of e-mails (not
counting spam) in a day flow into your enterprise's file and messaging
servers. In addition, there are those transactions that may never get recorded
in printable format files-those that happen over voice and instant messengers.
All this data is information to the enterprise and ultimately IP (intellectual
property). Much of it needs to be secured away from prying eyes and somehow
needs to be instantly available when needed. Based on several factors, you would
back up this information for a period of time and then destroy it safely. In
this article, we will open Pandora's box of IP management and examine
the aspects that govern what you should keep, what you must destroy and how long
you should protect information, along with how to get stored information back
when you require it.
|
KMS vs DMS
It is likely that you have some sort of KMS (Knowledge Management System)
deployed in your enterprise. At the basic level, it would be your Intranet, and
at an advanced level it would be a DMS (Document Management System).
However, even your DMS isn't a full-fledged KMS, since a lot of information
would still be out of its purview, for example your e-mail as we said above. All
of this information centers on the knowledge that your enterprise is creating or
getting access to. Some of this is created internally, while some may come from
(and be owned) by external sources. And all of this is essentially part of your
IP. A typical DMS would not handle all your IP- at the most, it would manage
documents that have been scanned or fed into the system or created inside it and
the communications and notations as entered with the DMS interface. It would
not, for instance, include the idea notations in a plain text file jotted on the
desktop of your marketing manager.
Identify your IP
The first step in managing your IP is of course to know that you have it in
your possession and what exactly it is that you possess. Frequent auditing of
your knowledge base to glean what diamonds are there in it and then ascribing a
commercial value to it, will
certainly help manage that IP a lot better.
The value of that IP would be two fold: one, it would be
the value of commercializing that IP in the form of a product or a service (if
it is possible). And two, its value if lost, especially to competition. Many
enterprises suffer from the fact that they do not realize what intellectual
property they own and how much it is worth (today and a few years down the
line).
The enterprise, therefore, should have a clear intellectual
property policy, demarcating the lines of contribution and development. Also, IP
should form a part of the employment contract, with the employee agreeing to
sign the requisite IP filing forms. IP could be used as a tremendous motivation
tool with the 'authors'
IPR and Indian Law |
Rodney D Ryder leads What aspects should The basic guidelines How should companies What is the role of How do you see this |
Guarding your IP
You can guard it better only once you have ascribed a value to it (as we
said above). Since most 'IP' that gets into the 'lets guard this with our
lives' category is of the internal kind, it can only be stolen from the
inside. This means someone in the organization is in violation of his or her
employment contract. Today, IP can be stolen or leaked in a variety of ways,
some of which may even actually be inadvertent. Consider the following
scenarios.
Carelessness: It could accidentally be mailed
over to an incorrect recipient. Or, if the user is also a member of public
provider services (like e-mail or instant messaging) then problems with that
third party network and systems can accidentally put your IP out on the Internet
for everyone to see and use. It could also be
left behind on USB drives lent to colleagues or friends that are then spotted
and copied out. The way out in both cases is of course
automatic digital encryption of the data during transfer so that only intended
recipients with a valid decrypting key can actually read it.
Willful transfer: Here, an employee with access to
privileged information can transfer the data (by e-mail or in hard copy or in a
variety of formats) to the outside world or to someone who is not authorized to
see it. This would of course constitute willful theft of that IP.
IP theft would first and foremost be a breach of contract.
Further, a well-maintained logbook would ensure that all IP is documented and
its subsequent transfer understood at all levels within organizational
hierarchy. Therefore, periodic auditing of who has accessed what IP can quickly
reveal the (including potential) leaks. This can be done easily with a chain of
custody sign-off forms, where people handling that IP sign off on a log sheet.
IP and
India
something bad happens to them or to someone else in the industry, who is a close
enough competitor. For instance, the idea that someone as high up in the ladder
as the CIO or the CTO could be liable for information entered by a user on the
company's store Web front only came to light in the aftermath of the Bazee.com
scandal. CxOs through the Indian business establishment did a hurried audit of
what exactly lay on their servers that they might have to go to jail for. In the
international community, laws like the Sarb-Ox (US) and the Data Protection Act
(UK) seek to ensure a level of compliance with regard to what companies do with
the data they gather and how they gather it. They also subject it to privacy
laws. In
India
, obviously, this has a long way to go. IP is not even recognized by the Indian
IT Act as a relevant topic (as knowledge handled by the IT infrastructure). It
is covered under the Patents Act, Trademarks Act, Copyright Act and Designs Act.
Confidential information and trade secrets are covered under the Contract Act.
With the ever-growing scrutiny faced by corporate directors
in the wake of recent corporate scandals and government policing, there is an
increasing importance for company directors to oversee intellectual-property
assets more closely than ever before. Intellectual property is ubiquitous in
almost all business sectors. Intellectual property procurement and enforcement
are becoming more and more important to most businesses, and the costs
attributable to intellectual property procurement as well as intellectual
property law suits are growing based on outside counsel costs, time, as well as
the number of suits filed. Furthermore, there are substantial increases in
settlements and judgments in intellectual property litigation. These factors
alone suggest that company directors should maintain intellectual property
oversight. The situation will become stricter and the regime more stringent in
the years to come.
Note: PCQuest does not offer legal advice. The
material presented above should not be construed as legal advice. You are
encouraged to consult your legal counsel before taking any action on this
subject.
Sujay V Sarma