The legal challenges of intellectual property protection for data

Data is the primary building block of the digital economy. Data is, therefore, logically termed as 'new oil' and 'infrastructure' of digital economy. In digital economy, Artificial Intelligence (AI) and Machine Learning (ML) tools overwhelmingly rely on the volumes of data which are fed to create new inventions or works. Similarly, data driven global giants such as Google, Amazon and Facebook require great volume of data to keep their business up to date and concomitantly, they remain in control of huge amount of data produced by the users. Reasonably, there are number of ethical and legal conundrums involved in dealing with data issues which range from privacy, personal security, personal data protection to ownership, processing and control over the data. Till date, the legal provisions, for example EU General Data Protection Regulation, (GDPR) 2016, have mainly addressed these issues, precisely giving emphasis on protection of natural person's data and processing thereof. Thus, intellectual property protection over data with creative and economic values has remained largely unattended. However, given the creative nature, economic and other values attached to data, it remains a critical question as to whether data can be protected as intellectual property. If so, who owns the data? Broadly, what are the legal challenges of intellectual property protection for data?

In EU, Database, as opposed to raw data, is protected under either copyright law or sui-generis system. In the former case, it must be original expressions whereas in the latter case, there must be substantial investment in obtaining, verifying and presenting the contents of the database. As far as the IP protection of data is concerned, there remain legal and practical challenges. Relevantly, three forms of intellectual property, namely, copyright, patent and trade secret may attract the attention in dealing with data. As copyright protects the original expressions and not the ideas, therefore, readily available and non-rivalrous data with little creative or original expressions is not protectable. Thus, figure and data presented in the copyrighted works is free from legal protection unless originally expressed. Patent protection for data could be of little help. It inherently lacks novelty and non-obviousness. Readily available data may be equated with products of the nature and as such is non-patentable or falls within the exclusion clause of patentability. Trade secret seems to be nearly appropriate for IP protection of data. However, such protection is only applicable for corporations, if they generate or compile and keep it secret from the competitors and values attached to because of the secrecy. Critically, it is always susceptible to be known by competitors in due course without resorting to any unlawful means. Beyond the IP paradigm, such data of company or corporation may also be protected through the agreements with employees and any other third parties in case of joint ventures.

The existing IP system does not sufficiently provide legal mechanisms to protect data. Moreover, data per se is kept open without IP monopoly because of the public policy or public interests. However, global big corporations are pressing the issues to protect the data since their business models are overtly data driven. The concerns exist that the corporate ownership of data might hinder the public policy issues, innovations or knowledge generation and most significantly access to the knowledge. Again, question remains that how far people's data is safe with the corporations? The world has experienced the misuse of data by Cambridge Analytica and many other corporations. Further, the traditional concept of 'consumer' is now shifting towards new concept of 'prosumer' where users not only use but also contribute to the development of novel dataset of the corporations, for instance, through the 'keywords' search in google search engine. This value addition, in one way, demands the openness of data for all. In another way, if at all, any proprietary rights are recognised, then, the prosumers should have a due place, in any form, on the scheme of legal regime.

Till date, AI or ML generated contents are not protected under the existing IP regime. However, 'data ownership' would be a crucial factor in both the input and output processing of data, if AI and ML generated contents are to be protected in future. Since IP protection of data inherently is not possible, at least not under current legal framework, a policy solution as data producer's right- a new special property right for the data producers, has been suggested in EU by the legal scholars and experts. However, the proposal is also subject to criticisms from both theoretical and practical perspectives.

In Bangladesh, ICT division is considering data related draft Polices, Laws, Rules and Regulations such as Internet of Things (IoT) Strategic Paper, 2019, National Strategy for Artificial Intelligence in Bangladesh, 2019-2024, National Core Data Inoperability Standard (NCDIS), 2019, and National Core Data Definition Standard, (NCDDS), 2019 for adoption and some of them are already adopted. Bangladesh is also considering enacting new Patents and Designs law, Copyright Law, Personal Data Protection Law. While adopting the relevant Polices, Laws, Rules and Regulations, Bangladesh should duly address the legal challenges of intellectual property protection for data as well.

The writer is Senior Lecturer in Law, East West University, Bangladesh.