The software patent affair

Law firm Chapman Tripp has published an article criticising the Government’s decision to exclude software from patentability. While the article makes some valid points, it does not deal with some points fairly.

The article claims:

The [software patent] exclusion was the product of intense and successful lobbying by members of the “free and open source” software movement… In its April 2010 report to Parliament on the Patents Bill, the Commerce Select Committee acknowledged that the free software movement had convinced it that computer programs should be excluded from patentability.

I’m sure this assertion of mighty lobbying power (the ability to sway an all-party, unanimous recommendation no less) would be flattering to any professional lobbyist, let alone FOSS supporters – if only it were true (it is not evidenced in the Commerce Committee report). A range of entities made submissions against software patents, including the statutorily independent University of Otago, InternetNZ, a number of small businesses (and my independent self, I modestly add). There were also submissions the other way, though interestingly the most submissions in favour of retaining software patents were from patent attorney law firms. It is also notable that other organisations including NZICT, which is a strong supporter of software patents and engaged in heavy after-the-event lobbying, did not make any submissions on the issue.

The article adds the comment:

The Committee said that “software patents can stifle innovation and competition, and can be granted for trivial or existing techniques”. The Committee provided no analysis or data to support that proposition.

The fact that a Committee “provided no analysis or data” to support its recommendations is hardly noteworthy – that is not it’s job. Submitters provide analysis and data to the Committee, not the other way around. The material in support of the proposition is in the submissions.

The article sets up an unfair straw-man argument:

Free software proponents reckon that software should be free and, as a result, they generally oppose intellectual property rights. They say that IP rights lock away creativity and technology behind pay-walls which smother innovation. Most authors, inventors and entrepreneurs take the opposite view.

I don’t claim to know what “free software proponents'” views on all manner of IP rights are, but when it comes to software patents in New Zealand, the evidence strongly suggests that the “authors, inventors and entrepreneurs” of software (FOSS or not) are opposed to software patents (see my posts here and here). This includes major companies, including NZ’s biggest software exporter Orion Health (see Orion Health backs moves to block patents).

While the New Zealand Computer Society poll showing 81% member support for the exclusion is not scientific, it is at least indicative. In any case, opponents of the new law (mainly law firms) have consistently asserted a high level of opposition to the exclusion without any evidence to support that view.

The article leads to the warning:

If New Zealand enacted an outright ban on computer-implemented inventions we would be breaking international law. … Article 27(1) of TRIPs says that WTO members must make patents available for inventions “without discrimination as to… the field of technology…”.

The authors rightly point out that breaching TRIPs could result in legal action against the Government by another country. However, that conclusion is premised on the basis that software is an “invention”. A number of processes and outcomes are not recognised as inventions for the purpose of patent law in different countries, including mathematical algorithms and business methods. The question of whether software is (or should be) an invention was commented on by a Comptroller-General of the UK Patent Office:

Some have argued that the TRIPS agreement requires us to grant patents for software because it says “patents shall be available for any inventions … in all fields of technology, provided they are…..capable of industrial application”. However, it depends on how you interpret these words.

Is a piece of pure software an invention? European law says it isn’t.

The New Zealand Bill does not say that a computer program is an invention that is not patentable. It says, quite differently, that a computer program is “not a patentable invention”, along with human beings, surgical methods, etc.

Article 27 has reportedly rarely been tested (twice in 17 years), and never in relation to software. The risk of possibly receiving a complaint under a provision (untested) of a multilateral agreement is not new. The New Zealand Law Society notes this in its submission on the Patents Bill (which does not address software patents):

The proposal to exclude plant varieties under [the new Act] is because New Zealand has been in technical breach of the 1978 Union for the Protection of New Varieties of Plants (UPOV) treaty since it acceded to it in November 1981.

What’s 30 years of technical breach between friends? Therefore, in fairness I would add a “third way” of dealing with the software patent exclusion: leave it as it is, and see how it goes (which is, after all, what the local industry appears to want). As I wrote last year, “Pressure to conform with international norms (if one emerges) and trading partner requirements may force a change down the track, but the New Zealand decision was born of widely supported policy …”

If the ban on software patents as it currently stands does not make it into law (which is a possibility, despite clear statements from the Minister of Commerce that it will), it won’t be the end of the world. In fact, it will be the status quo. There are pro’s and con’s to software patents, and the authors are quite right that New Zealand will be going out on a limb by excluding them. The law can be changed again if need be. In the meantime, I refer again (unashamed self-cite) to my article covering the other, and much more popular, ways of protecting and commercialising software.

A small boost for NZ privacy – cloud questions remain

The recently-enacted Privacy (Cross-border Information) Amendment Act 2010 improves New Zealand’s privacy framework, but also highlights the challenges to privacy caused by the internet. The new law amends the Privacy Act 1993 in 2 main ways:

  • It strengthens cross-border privacy co-operation by providing for the referral (by the Privacy Commissioner) of complaints to overseas authorities; and
  • It establishes a “mechanism for controlling the transfer of information outside New Zealand where the information has been routed through New Zealand to circumvent the privacy laws of the country from where the information originated” – so, an anti-circumvention measure.

The cross-border co-operation provision is a small but good step. There are ongoing international privacy initiatives, such as the recent APEC Cross-border Privacy Enforcement Arrangement, and an essential aspect of any international arrangements is the ability for local authorities to interact with their foreign counterparts.

The anti-circumvention measure also assists in this regard, to prevent New Zealand being seen as a “privacy haven” – one that permits “data laundering” if you will . As the Privacy Commissioner Marie Shroff says:

Ensuring that European business and regulators see New Zealand as a safe place for information processing is important for New Zealand’s reputation.

The anti-circumvention measure was added as Part 11A of the Privacy Act 1993. Section 114B(1) states:

The Commissioner may prohibit a transfer of personal information from New Zealand to another State if the Commissioner is satisfied, on reasonable grounds, that:

(a) the information has been, or will be, received in New Zealand from another State and is likely to be transferred to a third State where it will not be subject to a law providing comparable safeguards to this Act; and

(b) the transfer would be likely to lead to a contravention of the basic principles of national application set out in Part Two of the OECD Guidelines and set out in Schedule 5A.

This provision will be useful, for example, to help promote New Zealand data centres hosting data for overseas clients. New Zealand firms who do host or receive data from overseas (it does not apply to New Zealand-sourced data) should have processes in place for ensuring that the “transfer” of data out of New Zealand can be halted if required by the Privacy Commissioner issuing a transfer prohibition notice.

But in the age of cloud computing, are things that clear-cut? Often, the cloud (or the internet in general) makes it hard to know just where data is located. A New Zealand firm may receive data from overseas, and “host” that data in its facilities, but if the New Zealand provider itself uses cloud-based storage, what appears to be data being hosted in New Zealand may in fact be hosted overseas again. A key benefit of cloud computing is that providers can (in theory) transfer data anywhere in the cloud seamlessly. Data can be divided to multiple places at once, and be transferred without notice at about the speed of light. In these situations, who on earth will know what information is where? All of which makes the language of section 114B(1) – “if information has been, or will be, received in New Zealand from another State” – sound rather quaint, as if they are dealing with courier packages.

The challenges of privacy controls in the cloud-era are well known. Just how much regulation is ultimately attempted, necessary or desirable remains to be seen, bearing in mind that most users are willing to trade privacy for functionality.

Tech Law news 8 April 2010

Global privacy regime mooted

New Zealand’s privacy commissioner, Marie Shroff,  has suggested that a United Nations treaty may be required to protect privacy.  She said:

“The reason for this is [a global regime] would bring legal certainty… We have to look at whether and how we can regulate to provide certainty for businesses and protections for individual citizens”

Legal certainty is a very good thing though as I said the other day, there is unlikely to be an “imposed” global regime, and Ms Shroff denied the proposal would be “some sort of a bureaucratic initiative to impose more regulation on business”. The continued development of international guidelines (also suggested by Ms Shroff), co-ordinated enforcement, and even UNCITRAL-type “model law” is more likely here (a TRIPS-like treaty could be a possibility). New Zealand’s “privacy principles” approach works well, and the Privacy Commissioner plays a good and efficient domestic role – could the New Zealand regime be a model template? Standards would also assist and reinforce the nascent “self-regulation” by the industry, such as the Digital Due Process Coalition launched recently.

New Zealand TV listings copyright row

Kiwiblog has commented on Sky TV’s recent attempts to prevent a software developer from distributing software that could be configured to copy its TV listing, claiming their listings are protected by copyright (more on this another day).

Net nuetrality setback

A US court has ruled that the Federal Communicationc Commission does not have the authority to stop an ISP prioritising traffic, meaning that the ISP can take steps such as choking file-sharing traffic. Some see this as a major setback for maintaining net nuetrality, while others are more sanguine. For the record, New Zealand does not have any internet nuetrality regulation.

The long reach of the e-law

The global reach of the internet sometimes creates practical difficulties for law enforcement and, for private litigants, in “getting a remedy”. In essence, one country’s laws do not have (without special arrangements) “extraterritorial” effect in another country. But that does not mean that just because something or someone is located overseas, a court in another country cannot claim jurisdiction.

This issue has arisen several times in defamation proceedings, where a person complains that they have been defamed in another country, even though they would not be able to sue for defamation in that second country. A few years back, an Australian court ruled that an article posted on the internet is considered published wherever it is downloaded. So an article written in the United States by a US citizen, and not actionable in the US, could be actionable in Australia if it is defamatory under Australian law.

Another example, this time involving criminal law, is currently underway with the Australian Human Rights Commission threatening to lay charges against the US-based operator of Encyclopedia Dramatica over an offensive entry on Aborigines.

Similarly, a UK court recently confirmed that English criminal law can apply to internet content accessible in the UK, regardless of where in the world it is hosted. Meanwhile, three US-based Google managers were convicted in absentia by an Italian court for “allowing”  disturbing footage of an Italian boy being bullied to be posted online, and not removing it.

In other cases, specific legislation (e.g. section 7A of the Crimes Act) or public policy may compel or be used to justify a court exercising jurisdiction. For example, in New Zealand the Commerce Commission has successfully prosecuted overseas residents for breaches (in New Zealand) of the Fair Trading Act.

In summary, it does not typically matter that a server, or a person, is located outside of the jurisdiction. The fact that conduct occurs in a jurisdiction (e.g. material can be accessed in a jurisdiction in the same manner as if the server or material were located there; conduct by an overseas person is “aimed” at the local jurisdiction)  is often sufficient.

Lex mercatoria and e-commerce: a small step

A court decision has taken a small step – in the right direction – towards recognising customary practices and policy considerations in applying online terms and conditions.

In the case Miller v Facebook (15 January 2010, US District Court, Georgia), the plaintiff claimed that part of Facebook’s terms and conditions did not apply – specifically, the clause requiring any claims to be brought in Facebook’s home state of California (known as a “forum selection” or jurisdiction clause). The court said:

“striking the forum selection clause could wreak havoc on the entire social-networking internet industry. If this court were to determine that the forum selection clause contained in Facebook’s TOU was unenforceable, the company could face litigation in every state in this country and in nations around the globe which would have potential adverse consequences for the users of Facebook’s social-networking site and for other internet companies”

The court therefore upheld Facebook’s forum selection clause.

Common law legal systems (such as New Zealand, the UK, the US and Australia) have long recognised “customs of merchants” (the lex mercatoria) in applying and shaping the law. There are good reasons why the common law has done so, going back many centuries: it provides certainty for commerce, recognised accepted “best practice”, and promoted uniformity conducive to trade. To ignore it would have been to potentially disrupt and destabilise commercial dealings.

For the same reasons, as the common law is continuously evolving, the customs of “e-merchants” should also be taken into account by courts.

This is likely to be relevant to the enforceability of website terms and conditions. There have been a number of cases in the past year involving disputes over whether or not website terms are binding (for example Website disclaimers – yes, they do work). Some have argued that a standard link to a disclaimer is insufficient. There are a number of legal grounds for finding it is sufficient (and a growing number of cases have upheld them – successful challenges are rare).

However, there is good argument that such practice is now also customary. Many websites have a disclaimer link, often at the bottom of the page. It is commonly understood that when you use a website, there may be “Terms of use” or “Disclaimer” link. That is accepted and, today, could be said to be the custom for online business. The common law should not disregard the accepted, reasonable and necessary practices established by modern merchants.

Although the Facebook decision is only a lower-court procedural ruling, it provides an encouraging demonstration of a court’s willingness to consider the new lex mercatoria (and other policy considerations), and the perils of the law ignoring them, relating to e-commerce.