In recent years, information privacy is being considered a scare commodity, as it is relatively convenient and simple to collect large amounts of information that can be identified to specific individuals. Many commentators have pointed out the relationship between intellectual property and privacy issues. For instance, both are concerned with the control of sensitive information.
Intellectual property is related to the control of data generated by an individual and is a creative work, while privacy is concerned with the control of non-creative data, which are generated by an individual. This article will consider the links between the two concepts from a privacy professional’s perspective.
Introduction to Intellectual Property
Certain economists and privacy advocates are encouraging giving individuals property rights in their personal data, in order to promote information security. From this perspective, proponents argue that this would allow individuals to negotiate with firms regarding the uses they would agree to for their personal data. This would also force businesses and organizations to internalize a higher proportion of societal costs of processing personal data.
In October 1998, the US Digital Millennium Copyright Act (DMCA) was signed into law. This piece of legislation implemented two 1996 World Intellectual Property Organization (WIPO) treaties, addressing a number of significant copyright-related issues. The Act effectively encouraged copyright owners to make their databases more available through digital distribution methods, by including technological protections in the form of penalties for copyright infringement, or piracy.
In January 1998, the EU’s Database Directive came into effect. This Directive provided two levels of protection:
- It offers copyright protection for original selection and arrangement of facts in a database
- It offers sui generis protection for non-original databases, thus prohibiting the unfair extraction of a substantial part of any database reflecting significant investment.
Essentially, a database could receive both types of protection simultaneously. It could receive copyright protection for the selection and arrangement of data, as well as sui generis protection against the extraction of a substantial part of the data. Sui generis protection lasts for 15 years, while copyright protection lasts for the life of the author, plus 70 years.
While the DMCA and EU Database Directive were substantial steps towards ensuring privacy, a study of over 750 e-commerce sites in the EU and the US showed that the websites were still selling products and services to consumers in a manner that fell short of international standards. For instance, most sites would collect personal information, but fail to tell consumers how their data would be used, how security is maintained and the rights that consumers would have over their won information.
In a March 2011 White House analysis of intellectual property legislation and enforcement, entitled Administration’s White Paper on Intellectual Property Enforcement Legislative Recommendations, some trends were identified that may indicate that US governmental policy toward enforcement may be sacrificing privacy for copyright enforcement. In this analysis, the Administration recommended three legislative changes, which essentially give enforcement agencies the tools required to respond to infringement:
- Clarify that, in appropriate circumstances, infringement by streaming, or by means of other similar new technology, is a felony;
- Authorize DHS, and its component US Customs and Border Protection (CPB), to share pre-seizure information about, and samples of, products and devices with rightholders to help DHS to determine whether the products are infringing or the devices are circumvention devices; and
- Give law enforcement authority to seek a wiretap for criminal copyright and trademark offenses.
The document also pointed out a number of other legislative recommendations made by the office of IP Enforcement. However, networking technologies that are needed for the advancement of communication technologies and security are making it so that such legislation is increasingly difficult to enforce. This results in more lobbyists and government officials pushing for even more stringent privacy-violating legislation.
This article takes a look at the relationship between privacy and intellectual property issues. Intellectual property is related to the control of data generated by an individual and is a creative work, while privacy is concerned with the control of non-creative data, which are generated by an individual. The article takes a look at regulations currently in effect, namely the US Digital Millennium Copyright Act (DMCA), and the EU’s Database Directive.
CIPP Exam Preparation
In preparation for the Certified Foundation Examination (Foundations), a privacy professional should be comfortable with topics related to this post, including:
- Information types – intellectual property (IP) (I.A.c.ii.4.)