ECHR: Freedom of Whistleblowers to Impart Information

ECHR, Bucur and Toma v. Romania, Judgement of 8 January 2013 - 40238/02

On 8. January 2013, the European Court of Human Rights (ECHR) handed down judgement in the case of Bucur and Toma v. Romania (40238/02) finding a violation of Article 10 ECHR in the criminal conviction of an ex-member of the Romanian Intelligence Service who had made public irregular telephone tapping procedures. The ECHR held that the interference with the whistleblower's freedom of expression, and in particular with his right to impart information, had not been necessary in a democratic society.

Facts

The first applicant worked in the telephone communications surveillance and recording department of a military unit of the Romanian Intelligence Service (RIS). In the course of his work he came across a number of irregularities. In addition, the telephones of a large number of journalists, politicians and businessmen were tapped, especially after some high-profile news stories received wide media coverage. The applicant affirmed that he reported the irregularities to his colleagues and the head of department, who allegedly reprimanded him. When the people he spoke to showed no further interest in the matter, the applicant contacted an MP who was a member of the RIS parliamentary supervisory commission. The MP told him that the best way to let people know about the irregularities he had discovered was to hold a press conference. In his opinion telling the parliamentary commission about the irregularities would serve no purpose in view of the ties between the chairman of the commission and the director of the RIS. On 13 May 1996 the applicant held a press conference which made headline news nationally and internationally. He justified his conduct by the desire to see the laws of his country - and in particular the Constitution - respected. In July 1996 criminal proceedings were brought against him. Amongst other things, he was accused of gathering and imparting secret information in the course of his duty. In 1998 he was given a two-year suspended prison sentence.

One of the tapes the applicant had made public contained a recording of a telephone conversation between the third applicant, the minor daughter of the second applicant, and her mother on the telephone at the home of the second and third applicants.

Law

Article 10: The applicant"s criminal conviction had interfered with his right to freedom of expression, with the legitimate aim of preventing and punishing offences that threatened national security. Concerns about the foreseeability of the legal basis for the conviction did not need to be examined in so far as the measure was, in any event, not necessary in a democratic society.

Whether or not the applicant had other means of imparting the information:  No official procedure existed. All the applicant could do was inform his superiors of his concerns. But the irregularities he had discovered concerned them directly. It was therefore unlikely that any internal complaints the applicant made would have led to an investigation and put a stop to the unlawful practices concerned. As regards a complaint to the parliamentary commission responsible for supervising the RIS, the applicant had contacted an MP who was a member of the commission, who had advised him that such a complaint would serve no useful purpose. The Court was not convinced, therefore, that a formal complaint to this commission would have been an effective means of tackling the irregularities. It was worth noting that Romania had passed special laws to protect whistleblowers in the public service. However, these new laws, which were all the more praiseworthy as very few other States had introduced them, had been passed well after the activities denounced by the applicant, and therefore did not apply to him. Consequently, divulging the information directly to the public had been justifiable.
  

The public interest value of the information divulged:  The interception of telephone communications took on a particular importance in a society which had been accustomed under the communist regime to a policy of close surveillance by the secret services. Furthermore, civil society was directly affected by the information concerned, as anyone"s telephone calls might be intercepted. The information the applicant had disclosed related to abuses committed by high-ranking officials and affected the democratic foundations of the State. It concerned very important issues for the political debate in a democratic society, in which public opinion had a legitimate interest. The domestic courts did not take this argument of the applicant into account, however.
  

The accuracy of the information made public:  The applicant had spotted a number of irregularities. All the evidence seemed to support his conviction that there were no signs of any threat to national security that could justify the interception of the telephone calls, and indeed that no authorisation for the phone tapping had been given by the public prosecutor. In addition, the courts had refused to examine the merits of the authorisations produced by the RIS for the interception of the phone calls. The domestic courts had thus not attempted to examine every aspect of the case, but had simply acknowledged the existence of the requisite authorisations. Yet the applicant"s defence comprised two arguments: firstly that the requisite authorisations had not been obtained, and secondly that there was no evidence of any threat to national security that could possibly have justified the alleged interception of the telephone conversations of numerous politicians, journalists and members of the public. What is more, the Government had failed to explain why the information divulged by the applicant was classified "top secret"; instead, they had refused to produce the full criminal case file, which included the requests from the RIS and the authorisations of the public prosecutor. In such conditions the Court could only trust the copies of these documents submitted by the applicants concerning the interception of the telephone conversations of the second applicant, Mr Toma. However, these documents showed that the RIS had given no reasons for requesting the authorisation and the public prosecutor had given no reasons for granting it. The first applicant had accordingly had reasonable grounds to believe that the information he divulged was true.
  

The damage done to the RIS:  The general interest in the disclosure of information revealing illegal activities within the RIS was so important in a democratic society that it prevailed over the interest in maintaining public confidence in that institution.
  

The good faith of the first applicant:  There was no reason to believe that the applicant was driven by any motive other than the desire to make a public institution abide by the laws of Romania and in particular the Constitution. This was supported by the fact that he had not chosen to go to the press directly, in order to reach the broadest possible audience, but had first turned to a member of the parliamentary commission responsible for supervising the RIS.

Consequently, the interference with the first applicant"s freedom of expression, and in particular with his right to impart information, had not been necessary in a democratic society.

Conclusion

The ECHR found a violation in respect of the first applicant (unanimously). The Court also found a violation of Article 6 in respect of the first applicant and a violation of Article 8 and of Article 13 combined with Article 8 in respect of the second and third applicants.

Just Satisfaction, Article 41 ECHR

The applicants were each awarded a sum ranging from EUR 7,800 to EUR 20,000 in respect of non-pecuniary damage; the first applicant"s claim in respect of pecuniary damage was rejected.

ECHR, Bucur and Toma v. Romania, no. 40238/02, 8 January 2013, Information Note no. 159

Report for Council of Europe Triggering Debate on ICANN & Human Rights

During the ICANN50 meeting in London that took place from 22 - 26 June 2014, Dr Monika Zalnieriuteand Thomas Schneider presented their Report on "ICANN"s procedures and policies in the light ofhuman rights, fundamental freedoms and democratic values" the preparation of which had been facilitated by the Council of Europe. The opinions expressed in this Report are the opinions of the experts and do not engage the responsibility of the Council of Europe. The Report aims at catalysing community discussion on human rights and internet governance

Main Findings of the Report

International Human Rights Standards:  In order to operate in the public interest, ICANN has to comply with international human rights standards. Particularly, the existence of a number of predominant commercial interests within the ICANN systems suggests the need for the implementation of a solid human rights framework in order to foster the public interest. Human rights are internationally agreed upon values and standards.

Measurable Standards:  The notion of public interest is insufficiently clear to provide guidance in policy development processes; accountability requires measurable standards. Human rights could serve to delineate the notion of public interest.

State Responsibility:  States need to be aware of their responsibility to protect the human rights of their citizens, also with regard to internet governance. Non-compliance with human rights could lead to governments being held to account before national or supranational courts, such as the European Court of Human Rights.

Necessary Consideration:  Human rights and the right to freedom of expression in particular need to be fully taken into account when deciding on the approval or refusal of sensitive new gTLDs.

Crucial Balance:  The positive obligations of states require specific attention to vulnerable groups. It is desirable that the people-centeredness of ICANN"s policy development is further improved. A balance must be struck between economic interests and other objectives of common interest, such as pluralism, cultural and linguistic diversity. Auctions may be an efficient way of allocation from an economic point of view but not from a view of respecting plurality and diversity. ICANN must always ensure that the outcome is in the best public interest.

Vital Rebalancing:  Human rights and the right to private life in particular require a rebalancing exercise with regard to the processing and retention of data under the 2013 RAA as well as to public access to personal information in the WHOIS database.

Suggested Way Forward

As the role of ICANN in the field of internet governance is increasing, its responsibility and accountability have to grow. A more attentive approach towards human rights could help to create an accountable and transparent way of doing business. Therefore the Report recommends to:

• Include reference to human rights in ICANN's Bylaws;
• Define public interest objectives;
• Improve the human rights expertise in and early engagement of the GAC;
• Develop an early engagement mechanism for the safeguard of human rights;
• Review ICANN"s legal basis and explore innovative solutions for developing an international or quasi-international status for ICANN.

Next Steps

It is expected that the debate continues at ICANN51. During the Internet Governance Forum (IGF) in Istanbul from 2-5 September 2014, a side meeting will be held on the report, to present the report to the public at large and have an open and inclusive dialogue and exchange of ideas. We welcome comments on the report below to enrich the debate.

Delay in the End of mobile roaming charges in the EU under consideration

The elimination of roaming fees for using mobile phones in other EU countries could be delayed in what would be a win for big European telecoms operators at the expense of consumers, according to a draft EU proposal.

Outgoing EU telecoms commissioner Neelie Kroes had made ending such charges for people using their phones across borders inside the bloc a banner element in a package to overhaul the ailing telecoms sector and in April EU lawmakers overwhelmingly voted to abolish roaming fees by 2016.

But a new draft of the text from Italy, which holds the rotating presidency of the 28-nation European Council makes no mention of the date proposed by parliament - Dec. 15, 2015.

Though the draft is likely to be further revised, it suggests only a "glidepath", or gradual reduction in roaming fees towards the goal of "roam like at home" (RLAH) - a time where someone using, say, a British mobile phone in Italy will pay the same charges as if they were still in Britain.

"The legislative date for the initial introduction of RLAH, subject to transitional measures and fair use limits, needs to be defined and is a significant political question," the draft document states.

Charges for roaming have been repeatedly cut by the European Commission, the EU's executive, since 2007. Industry sources say ending roaming charges is not in doubt, it is just the timing. Removing a source of revenue prematurely would hinder operators' ability to invest in faster networks, they say.

Kroes's reform of Europe's telecoms sector is aimed at increasing its competitiveness with the United States and Asia and spurring the continent's big operators like France's Orange and Britain's Vodafone to invest in faster networks.

The Italian proposal will be discussed by national experts in Brussels on Thursday and is likely to undergo changes, said EU officials.

Reuters.

Digital Forgetting in the Age of Social Media: Establishing a Comprehensive Right to Cyber-Oblivion

Ioannis Iglezakis

Assistant Professor, Aristotle University of Thessaloniki

Abstract:

In the age of social media where it is almost impossible to escape your past on the Internet, the right to be forgotten enhances the ability of the individual to control the use of his or her personal data. Such a right has been recognized by the CJEU in the Google Spain case as far as search engines are concerned. With the adoption of the Data Protection Regulation by the EU it will form part of the EU legal framework in data protection.

Keywords: Data protection, digital forgetting, right to be forgotten, right to oblivion

1. Introduction

In the age of social media it is almost impossible to escape your past on the Internet, since every status update or photograph, and every tweet may be copied and/or reposted by other users or saved in Internet archives, such as the wayback machine¹, and in cached pages² or even – in case of photographs stored in the cloud – leaked online after an attack by hackers; as a result personal information may be available online, even if it has been deleted in its initial place (Mitrou/Karyda, 2012).

To address the issue of the Web that never forgets, jurists have proposed the introduction of a new digital right, a right to delete personal information from the Net (Mayer-Schönberger, 2009). This right draws its origin from the French and Italian law which recognize the right to oblivion that allows a convicted criminal who has served his time and been rehabilitated to object to the publication of his conviction and confinement.

In the digital world this right acquires a new substance; it is conceived as a right to delete personal information published in the web by data subjects, particularly in social networking sites. Some authors also consider this not as a legal right, but as a value or interest worthy or protection or as a policy goal to be achieved through law or through other regulatory mechanisms (Koops, 2011, Rouvroy, 2008).

The right to be forgotten in enshrined in Article 17 of the Draft Regulation on Data Protection (‘General Data Protection Regulation’, GDPR), which was presented in 2012 by the EU Commission and its adoption is still pending.

The introduction of this right has been the subject of much debate, for it is being criticized as a threat to free speech on the Internet (see, e.g. Rosen, 2012, Fleischer, 2011). Viviane Reding, Vice-President of the EU Commission describes this right as a modest expansion of existing data privacy rights. The Court of Justice of the EU with its decision of 13 May 2014 in the Google Spain case (C-131/12) confirmed this view, interpreting the provisions of Directive 95/46/EEC in such a way as to include a right ‘to be forgotten’ on the Net.⁴

2. Outline of the right to be forgotten

The provision of Article 17 GDPR basically includes a right to erasure of data that requires the controller to delete personal data and preclude any further dissemination of this data, but also to oblige third parties, e.g. search engines, etc., to delete any links to, or copies or replication of that data.⁵

In the initial Draft it was mentioned that this right has particular relevance when the individual made data available as a child. Although this provision was deleted after the vote in the Libe Committee, it is still a fact that a right to erasure of information has particular reference in cases where the information posted by young people in social media becomes obsolete when this person grows old. In more general, embarrassing information may be the subject of a right to digital forgetting that may protect against the negative use of information relating to the past (Costa, Poullet, 2012).

 This applies in five instances, which derive from data protection principles: a) where data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; b) where the data subject withdraws consent on which the processing is based or when the storage period consented to has expired and there is no other legal ground for the processing of the data; c) where the data subject objects to the processing of personal data; d) where a court or regulatory authority base in the Union has ruled as final and absolute that the data concerned must be erased; or e) where the data has been unlawfully processed.

The right to be forgotten which is enshrined in the GDPR is not conceived as an absolute right; thus, a number of exceptions restrict its ambit, the most important being the freedom of expression and information. There is consensus that such a right cannot amount to a right of erasure of history and turn our modern society into a society of ‘lotus eaters’ (Iglezakis, 2014), which would be the case if the Internet was programmed to forget, e.g. if Internet content was programmed to auto-expire (Fleischer, 2011). Consequently, the erasure cannot take place where the retention of the personal data is necessary for exercising the right to freedom of expression.

3. The current EU legal framework and the Google Spain of the CJEU

Authors have taken the view that the existing legal framework in the EU, i.e. the Data Protection Directive (DPD)⁶ does not establish a comprehensive right to effectively control the use of personal data with a view to erase them, but some provisions provide a legal basis for a limited recognition of the right to be forgotten (Ausloos, 2012).

The Court of Justice of the European Union (CJEU), on the other hand, found that the provisions of the Directive can serve as a legal basis for the right to be forgotten vis-à-vis search engine providers. In its decision on May 13 2014, in case C-131/12 (Google Spain SL, Google Inc. v. Agencia Espanola de Proteccion de Datos, Mario Costeja Gonzalez), it ruled that the ‘right to be forgotten’ is rooted in the provisions of Directive 95/46/EEC (Alsenoy et al., 2013).

In this case it was held that an Internet search engine operator is responsible for the processing that it carries out of personal data appearing on web pages published by third parties, i.e., content providers. The Court ruled that the data subject may request the removal of links, which are displayed in the list of results after a search on the basis of a person’s name.

In more particular, in response to the question whether the directive enables the data subject to request that links to web pages be removed from such a list of results on the grounds that he wishes the information appearing on those pages relating to him personally to be ‘forgotten’ after a certain time, the Court held that, if it is found, following a request by the data subject, that the inclusion of those links in the list is, at this point in time, incompatible with the directive, the links and information in the list of results must be erased.

The Court stressed out that even initially lawful processing of accurate data may, in the course of time, become incompatible with the directive where the data appear to be inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed and in the light of the time that has elapsed.

It also added that it should in particular be examined whether the data subject has a right that the information in question relating to him personally should, at this point in time, no longer be linked to his name by a list of results that is displayed following a search made on the basis of his name. If that is the case, the links to web pages containing that information must be removed from that list of results, unless there are particular reasons, such as the role played by the data subject in public life, justifying a preponderant interest of the public in having access to the information when such a search is made.

This decision has had significant repercussions; it was criticized by Wikipedia founder Jimmy Wales who called it ‘astonishing’ and free speech advocates at the Index on Censorship said this ruling "should send chills down the spine of everyone in the European Union who believes in the crucial importance of free expression and freedom of information".⁷ Google received immediately after the decision was issued takedown requests, some of which are indeed ambiguous, such as the request of an ex-politician seeking re-election to have links to an article about his behavior in office removed and a man convicted of possessing child abuse images to have pages about his conviction wiped and a doctor asking negative reviews to be removed from search results.⁸

In order to cope with the flood of takedown requests Google launched a service to allow Europeans to ask for personal data to be removed; it created a a webform through which people can submit their requests for the erasure of links to information regarding them.⁹ This solution was criticized by EU regulators, since it restricted the removal of Internet links to European sites only and it notified the owners of websites that have been removed from search results when it proceeds to such removal.10

4. Perspectives

The CJEU ruling find direct application on search engines and concerns the right of the individual to erasure links to names of data subjects by a list of results displayed after a search is made on the made of his name. However, the court recognized that the data subject has to the right to object to the processing of personal data published on the Internet. As a result, data subject may invoke this ruling when filing takedown requests against content providers. It remains to be seen whether the right to be forgotten would acquire a more general scope of application even before the adoption of the Data Protection Regulation.

REFERENCES:

Alsenoy, B., Van/Kuczerawy, A./Ausloos, J., Search engines after Google Spain: internet@liberty or privacy@peril?, ICRI working paper 15/2013, online available at: https://www.law.kuleuven.be/icri/  and http://ssrn.com/link/ICRI-RES.html. 

Ausloos, J., The 'Right to be Forgotten' Worth remembering?, (2012)  Computer Law & Security Review 28, pp. 143-152.

Costa, L./Poullet, Y., Privacy and the regulation of 2012, (2012) Computer Law & Security Review 28, pp. 254-262.

Fleischer, P., Foggy Thinking About the Right to Oblivion, Privacy...? (Mar. 9, 2011), online available at: http://peterfleischer.blogspot.com/2011/03/foggy-thinking-about-right-to-oblivion.html.

Iglezakis, I., The right to digital oblivion and its restrictions (2014), Sakkoulas ed. (in Greek).

Koops, B.–J., Forgetting Footprints, Shunning Shadows. A Critical Analysis of the “Right to Forgotten” in Big Data Practice, (2011) scripted vol. 8, Issue 3, Dec. 2011.

Mayer-Schönberger, V., Delete: The Virtue of Forgetting in the Digital Age (2009), Princeton University Press.

Mitrou, L./Karyda, M., EU's Data Protection Reform and the Right to be Forgotten: A Legal Response to a Technological Challenge? (February 5, 2012). 5th International Conference of Information Law and Ethics 2012, Corfu-Greece, June 29-30, 2012, online available at SSRN: http://ssrn.com/abstract=2165245

Rosen, J., Free Speech, Privacy, and the Web that Never Forgets, (2011) 9 J. on Telecomm. and High Tech. L. 345.

Rosen, J., The Right to Be Forgotten, 64 Stan. L. Rev. Online 88, February 13, 2012, online available at: http://www.stanfordlawreview.org/sites/default/files/online/topics/64-SLRO-88.pdf

Rouvroy, A., Reinventer l'art d'oublier et de se faire oublier dans la de l'information? version augmentée, (2008) online available at: http://works.bepress.com/antoinette_rouvroy/5/ 

ENDNOTES:

1.       https://archive.org/web/

2.       http://www.googleguide.com/cached_pages.html, http://www.cachedpages.com/, http://www.viewcached.com/

3.       http://www.businessinsider.com/icloud-naked-celebrity-photo-leak-2014-9

4.       Court of Justice of the European Union, case C-131/12 - Google Spain SL, Google Inc. v. Agencia Espanola de Proteccion de Datos, Mario Costeja Gonzalez.

5.       See http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2F%2FEP%2F%2FTEXT%2BREPORT%2BA7-2013-0402%2B0%2BDOC%2BXML%2BV0%2F%2FEN&language=EN

6.       Directive 1995/46/EC.

7.       D. Lee, Google ruling ‘astonishing’, says Wikipedia founder Wales, http://www.bbc.com/news/technology-27407017

8.       J. Wakefield, Politician and paedophile ask Google to ‘be forgotten’, http://www.bbc.com/news/technology-27423527

9.       ”Google launches 'right to be forgotten' webform for removal requests”, theguardian, Friday 30 May, 2014, www.theguardian.com

10.   See J. Fioretti, Google under fire from regulators on Eu privacy ruling, Reuters, July 24, 2014.

A German Minister has asked Google to reveal details of its search algorithm

By Liam Tung for The German View | September 16, 2014

http://www.zdnet.com/germany-wants-google-to-give-up-its-secret-search-sauce-7000033726/

To address Google's "exceptional" power in Europe, Germany's justice minister Heiko Maas has called on the search company to reveal how it creates search engine rankings.

As Google and the European Commission go back to the drawing board over the company's controversial European antitrust proposal, Maas wants Google to give up a far bigger concession,telling the Financial Times Google had to become more "transparent" about its highly secret algorithm that underpins its search engine rankings.

Chances that Google will ever reveal any details of its secret search sauce to regulators and competitors is close to zero, but Maas said it was necessary to address Google's "exceptional" and "extraordinary" power in Europe over both consumers and market operators.

"When a search engine has such an impact on economic development, this is an issue we have to address," he told the Financial Times.

Google handles around 70 percent of web searches in the US, whereas in Germany and France it's closer to 95 percent, according to StatCounter. Comscore meanwhile estimated in February Google had about 75 percent of the overall European search market.

The most contentious aspect of Google's ongoing run-in with European competition regulators is the way it favours its own vertical search services. While earlier this year it seemed that Google's proposals to address the EC's concerns on that score would be accepted, the Commission has now asked Google to improve its suggested remedies. A further threat on the horizon for Google is a potential European investigation into Android, following complaints about Google's Play app store and the bundling of key Google apps with the free OS.

Maas, who is responsible for consumer protection in Germany, said that Europeans should not be afraid of Google as Mahia Döpfner, CEO of Germany publisher Axel Springer, said earlier this year. However the minister believes that Google's dominance in search allows it to unfairly promote its own business interests.

Maas also said that breaking up Google would be a "last resort", but that it is too early to begin considering such a move.

Intellectual property issues for start-ups

Ioannis Iglezakis, Assistant Professor,

Aristotle University

A. Introduction

At present there is a growing number of start-ups, and some of them in the high technology sector are valued at 1 billion dollars or more.[1]

In a startup, Intellectual Property (IP) or intangible assets are often more than 90% of the value of the company and that is not limited to patents, of course.[2] A company that does not develop any IP will find it hard to attract investors, since IP provides them security and leverage. IP also helps companies to secure financing, using IP as collateral.[3]

As it is evident, the legal protection of IP rights is of paramount importance for a start-up, to protect its assets and maintain a competitive advantage. It needs, therefore, to be ensured that the company has exclusive rights to its IP and is not using technology or other assets (e.g. trademarks) belonging to competitors. It should also be confirmed that the company’s IP rights are legally protected with appropriate licenses.

B. Intellectual Property

Intellectual Property protects applications of ideas and information that are of commercial value.[4] There are various types of rights which are included in IP, but the main categories of this branch of law are two: copyright and industrial property. Certainly, the most important types of IP used by start-ups are patents, copyrights, trademarks, and trade secrets. National laws protecting IPR vary among different countries, so we will describe the laws of Greece and the EU in this area.

1. Patents

Patents are granted in respect of inventions which are new, which involve an inventive step and which are susceptible of industrial application (article 5 of Law 1733/87 as amended). In Europe, patents are issued by the state or a national patent office after a substantial examination of their validity, the duration of the validity of the patent is twenty years from application; and the invention should be publicly described in the patent specification.[5]

Patents afford a right to their owner to prevent others from using the invention for the duration of the patent. Thus, it is the strongest means of protection of all IP and may lead competitors in peril, if they use an invention for which a patent was granted. Therefore, a start-up should proceed to a clearance search in the patent office and to see whether a product that it develops is not already patented.

Patent protection is particularly important for a start-up to protect its business and its invention from competitors and simultaneously, and to avoid the risk of facing claims of patent infringement by competitors and third parties.[6]

Software may not benefit from the rigid protection of patent law under Greek law, which provides that computer programs shall not be regarded as inventions (Article 5 (2)(c) of Law 1733/87). This is line with Article 52 of the European Patent Convention which excludes from patentability programs for computers as such. However, this wording gave grounds to grant a patent for software

However, the European Patent Office grants patents for computer programs, if they provide a technical contribution to prior, that is, a further technical effect that goes beyond the normal physical interaction between the program and the computer. Examples include a reduced memory access time, a better control of a robotic arm, etc.

2. Copyright

Copyright grants protection to authors, artists and other creators for their literary and artistic creations, commonly referred to as works. The requirement for granting protecting is that a work is original. In case of computer software the standard for originality is very low. According to Article 1 (3) of Directive 2009/24, a computer program shall be protected if it is original in the sense that it is the author’s own intellectual creation.

In contrast to patents, copyright-protected works are not required to be registered with a state authority. Copyright is afforded when a work is created, but it is hard to prove authorship. Copyright gives the owner or licensee the exclusive right to reproduce, distribute, modify, publicly perform and publicly display a work.

In contrast to patents, copyright protects the expressions of an idea, not the idea or a concept. Thus, the source code of a computer program is eligible of copyright protection, but not the algorithm or the abstract idea or mathematical method on which it is based.

3. Trademark

Trademarks are distinctive signs, i.e. words, names, symbols, slogans, etc., that identify certain goods or services produced or provided by a company.  A trademark when associated with a successful product or service it becomes an asset or prime value to a company.[7] An outstanding example is the word ‘Google’ for Internet searching, the bitten apple logo for computers, etc. Their protection stands as long as they are used and they may continue to be used forever, as there is no limit on the duration of this right.

Under Greek Law, protection is afforded to registered trademarks and also to non-registered trademarks, i.e. to distinctive signs. 

Trademark law prevents third parties from using a trademark which is confusingly similar to the trademark of a start-up.

4. Trade secrets

The law also affords protection to trade secrets, i.e., secret business information, technological know-how, ideas for new products and markets, information about customers, finance, etc.[8] Examples of trade secrets in the high tech area include customer lists, source code, semiconductor manufacturing processes, etc.[9]

Protection of trade secrets is granted by provisions of unfair competition law in Greece, while in common law countries it takes the form of sui generis protection. The said protection is rather limited, since it prohibits the misappropriation of trade secrets, which leaves certain acts, such as reverse engineering, unpunished.

C. Specific Issues

 Something that happens very often is that IPR are developed by the founders before the establishment of a start-up or contractors after its establishment. Generally, in such cases a license should be granted, otherwise rights are not transferred to the start-up, with the exception of software or an invention developed by an employee, which under Greek law are owned by the employer. The failure of a license may lead to legal disputes.

Another problem which may occur is the lack of a strategy for patent protection of products or services. Many start-ups do not file for patent registration due to ignorance of the advantages offered by such protection or simply, because of indifference. Under Greek law (Article 5 of Act 1733/1987) and law in most countries patent protection is not granted for an invention that has been public disclosed, e.g. when a technical paper has been published or the invention was demonstrated at a trade show, with the exception of recognized exhibitions. Disclosing an idea to the public should be carefully planned, because the risk is eminent that rights to file a patent and to protect trade secret may not be enforceable, since patent law requires that an invention is new and not made public, while to claim right on trade secrets requires that the start-up has taken appropriate measures to keep business information secret.

Trademarks may be valuable for start-ups, so their selection should be carefully planned. A generic trademark, e.g. eshop.gr, may be ‘catchy’, but could also turn out to be descriptive and lose the ability for protection.

The use of an infringing trademark could lead to a costly litigation that may worsen the financial situation of the start-up. The cost of changing a logo may also be very high and inhibiting development. Therefore, a search in the trademark office and in a search engine should be carried out, to ensure that a trademark used by the start-up does not infringe third parties rights.

Errors in licensing may prove devastating. An IP license from a third party with a narrow field of use may require renegotiation as the start-up’s products evolve. In that case, the third party can charge a premium for the expansion of the field of use. So, e.g. in copyright law the rule is that a license is not valid for future methods of exploitation.

Similarly, the license to use a third party’s IP should foresee or not preclude the case of a merger; otherwise the merger may fail, as it will miss important assets.

The licensing of a start-up’s own IP should be carefully reviewed, so that the start-up may tie-up fields of use not exploited by the license in order to exploit its technology; and also to grant non-exclusive licenses so that it would not be prevented from using its own technology.

A big risk for a start-up is the use of trade secrets or other confidential information or IP by the founders of the start-up from a prior employer. A lawsuit against the start-up will hinder the functioning of the company, which may be liable to pay compensation and their founders be subject to criminal liability.

Software development is increasingly based on open software products and many start-ups owe their success to its use. However, open source licenses such as the General Public License require that companies using open source software licensed under the GPL must make available source code of the start-up’s software to its licensees and to permit such licensees to modify and redistribute the start-up’s software without charge to third parties. This viral effect of open software has its price: a start-up may find it hard to find investors or sell assets, since investors and acquiring companies demand that no such software is included in the relevant agreements.

Conclusion

To sum up, I would like to stress the following points:

       

•          A start-up should exercise due diligence with regard to choosing a trademark or brand name, because this can come to be a valuable asset of the company. Therefore, before adopting a trademark or a brand name one needs to conduct a search in a trademark database, such as the TMview[10], and a search for a brand name in a database, such as the geminet.gr in Greece.[11]

•              To ensure that the IP rights of the start-up are protected, contractual agreements should be signed with all contributors to the creation of an invention or software, excluding employees. These agreements should provide for the transfer of IP rights to the company. In addition, non-disclosure agreements should be agreed upon with co-founders of the start-up, employees, consultants and others, to establish trade secrets protection.
• 
  
•              To avoid losing patentability an invention should not be publicly disclosed. According to patent law, an application for a patent may be dismissed if there has been prior use or public disclosure of the invention.   
• 
  
•            To protect trade secrets do not disclose essential details of developed technologies and innovations.

REFERENCES:

Cornish & Llwelyn, Intellectual Property: Patents, Copyright, Trade Marks and Allied rights, 2007

DLA Piper, Intellectual Property: Critical issues, http://www.nvca.org/index.php?option=com_docman&task=doc_download&gid=367&

Johnson, A., Intellectual Property for Startups in the Real World, http://gust.com/blog/2012/01/04/ip-startups-real-world/

Juetten, M., Protect Your Intellectual Property -- Before It's Too Late http://www.forbes.com/sites/groupthink/2014/06/03/protect-your-intellectual-property-before-its-too-late/

Kasdan, M. J., Esq. and Zemsky, R. P.,  Esq., Intellectual property for startups, http://www.ey.com/GL/en/Services/Strategic-Growth-Markets/Center-for-Entrepreneurship-and-Innovation---Intellectual-property-for-startups

Kaviar, E. G. J., Five Intellectual Property “Landmines” Startups Face, http://www.wolfgreenfield.com/files/kaviar__5_intellectual_property_landmines_startups_face_copy1.pdf

Rajabali, A., Three Intellectual Property Issues that Startup Founders Can Avoid, online available at: http://startupcalgary.ca/2014/01/three-intellectual-property-issues-that-startup-founders-can-avoid/

---

[1] A Billion-Dollar Club, and Not So Exclusive, The New York Times, http://www.nytimes.com/2013/02/05/technology/growing-numbers-of-start-ups-are-worth-a-billion-dollars.html

[2]. M. Juetten, Protect Your Intellectual Property -- Before It's Too Late http://www.forbes.com/sites/groupthink/2014/06/03/protect-your-intellectual-property-before-its-too-late/

[3] E. G. J. Kaviar, Five Intellectual Property “Landmines” Startups Face, http://www.wolfgreenfield.com/files/kaviar__5_intellectual_property_landmines_startups_face_copy1.pdf

[4] Cornish & Llwelyn, Intellectual Property: Patents, Copyright, Trade Marks and Allied rights, 2007, at 6.

[5] Cornish & Llwelyn, at 7.

[6] Kasdan et al, Intellectual property for startups.

[7] Cornish & Llwelyn, at 9.

[8] Cornish & Llwelyn, at 10.

[9] DLA Piper, Intellectual Property: Critical issues.

[10] For Greece see https://www.tmdn.org/tmview/welcome.html?lang=el

[11] See http://geminet.gr/ossutility/