IMPACT®

News is emerging that Skype has dropped its effort in the German Courts to challenge the validity of GPL2, still the most commonly used free software licence despite the launch last year of GPL3.

The case is to do with the use of GPL2 licensed software that Skype used in its Skype-phones, and Skype's failure to supply the source code to that software with that phone, as required by GPL2.  As we reported in August 2007, the German Courts ruled that by failing to comply with this requirement Skype had breached the licence terms (see The Register for more details). Skype then took the case to the Appeal Court.

Based on reports on Groklaw and Welte's blog, the German Appeal Court gave Skype's arguments as to invalidity and breaches of anti-trust (i.e. competition) law very short shrift. On the issue of GPL2's requirement to publish/make available source code, Welte reports that one judge made a comment along the following lines:

"If a publisher wants to publish a book of an author that wants his book only to be published in a green envelope, then that might seem odd to you, but still you will have to do it as long as you want to publish the book and have no other agreement in place".

The case was brought by Harald Welte, the world's GPL-compliance policeman, who has been the force behind other successful cases where GPL2 has been enforced in the German Courts. Whilst the individual cases themselves may seem trivial, these decisions have really helped reassure FOSS-using organisations and their clients that the licences are sound.

Given that the case ended because Skype decided to end its appeal, rather than because the Appeal Court gave a ruling, there will be no official decision for us lawyers to get stuck into. Hopefully though, a  definitive record of the comments of various judges on GPL2 during the appeal will appear.

The Information Commissioner's Office has launched a new model publication scheme for public authorities. With the current model scheme expiring on 31 December 2008, the ICO is asking public authorities to adopt the model scheme by 1 January 2009 and has said from February 2009 it will be conducting "spot checks" on public authorities to check for compliance.

IMPACT looked at the legal basis for and nature of publication schemes in our post on the draft version of the model publication scheme in January this year.

The new model scheme is a very high-level document, and public authorities must supplement it with detailed information as to:

• for each of the 7 classes of information listed, the specific information that they will be publishing
• how they will publish the information - the ICO states that a website is the preferred method

To assist public authorities with completing these details, the ICO will be publishing guidance for different categories of public authorities. The first to be published is the guidance for central government.

The fourth meeting of NODUS, the group for East Midlands IP&T practioners, was a well attended and lively event.

IP barrister Jeremy Reed of Hogarth Chambers gave an enlightening talk on software patents and recent legal developments. To say the least, this is a complicated area and Jeremy managed to give a talk interesting to both those very knowledgeable in the area (i.e. the patent agents) and to us with a less deep understanding. Key points were that:

• Conflict between the UK and the European Patent Office (EPO) approaches to software patents
• EPO law in this area is still developing

Jeremy refused to gaze into his crystal ball and predict the outcome of the ongoing Symbian case, or whether in ten years time IP professionals would still be scratching their heads trying to work out what the the law was on software patents.

The wooden spoon goes to the UK Intellectual Property Office for cancelling on sending a representative to talk on software patents on the basis of the Symbian case.

In February we reported that social networking giant Myspace Inc had managed to get the myspace.co.uk domain name using the Nominet Dispute Resolution Procedure. Well, that's all changed because the owner of the domain name, Total Web Solutions (TWS), has succeeded in appealing against the Nominet decision.

From an Information Overlord report, it seems that the Nominet Appeal Panel's view is that Myspace Inc hadn't successfully established that TWS' use of the domain name had become abusive. A question of evidence, then. For more details see the Information Overlord report and the Appeal Panel Decision itself.

As you will know from our last post, I attended the Society of Computer & Law's Annual Lecture on Wednesday evening, delivered by Professor Lawrence Lessig. There's already a number of items of content and opinion about the lecture (links at the bottom of this page), including an audio recording of the event itself, so rather than reinventing the wheel I provide links to that content at the end of this post. What follows is an opinion on the main argument that the Professor presented in the Lecture.

Lessig's speech was titled "Corruption 2.0". Lessig, a well-known advocate for more permissive interpretations and implementation of IP law that fit with the "free culture" of online collaboration, remixes (also called mash-ups) and non-harmful use of copyright materials. Bill Jones, who chaired the event, noted that Lessig had recenlty declared that his work in this area was a "closed book" and his focus was now elsewhere. The talk was slick, the presentation style impressive. Steve "Stevenotes" Jobs must be quaking in his boots.

Lessig's "new focus" is on what he terms "political corruption" and the effect that this could have on the future direction of the internet. His well-argued view is that the powerful Washington DC political lobby largely favours a zero-privacy maximum security approach to the internet, and that Hollywood lobbys for a "non-permissive" interpretation of IP laws. At the same time, a lot of legislators are apparently ignorant of the benefits for society of permissive IP and internet laws. Lessig thinks that there is likely to be a "i-9/11" - an internet event (caused by hackers / criminals operating online / botnets / malware) of devastating impact. When "i-9/11" happens, he said that with ignorant legislators in US Congress, the risk is of the anti-privacy pro-security and the non-permissive IP law lobby's efforts resulting in a significant curtailment of internet freedom via changes to the law.

All very good so far, but in my opinion Lessig lost the audience with his argument that these political lobbies are "corruption" and that the way to fight the threat to the internet was to fight this corruption.

Whilst I absolutely believe Lessig to be an influential and inspiring thought leader when it comes to the digital world, Lessig is the first to suggest that in the past he may have argued subjects from angles that - whilst logically correct - aren't necessarily the best angles to win the argument. (For example, see his "Free Culture" book for self-criticism of the way he argued in Court the unsuccessful case of Eldred v Ashcroft.) With his new campaign, I think Lessig risks repeating past mistakes in this respect.

Unfortunately, we live in a society where many people stop listening the minute you mention politics. When you talk of "political corruption", matters get even worse. "Corruption" is such a vague term, it's often a matter of personal opinion whether something is or isn't "corrupt". When it comes to lobbyists' influence on internet privacy/security and IP laws and how this could effect future laws governing the internet, by calling this "political corruption" Lessig risks losing the interest and attention of a huge amount of people, most of whom will use the internet every day and really value it as a resource and communication form. Even if some people are persuaded that "political corruption" is a big risk, they may well think that it isn't something that can be successfully tackled. A friend who attended the Lecture overheard another audience member comment: "It's all very well, but doesn't Larry realise that the world just doesn't *work* like that?" Lessig may have logic on his side but he may still lose the argument because of these human factors.

If the real issue is ignorance about the value of internet freedom on the part of legislators and the electorate, rather than argue against "political corruption", Lawrence Lessig may have more success arguing for the benefits and need for internet freedom - an extension of his highly successful advocacy for "free culture". However, the man is someone I admire and certainly not someone to be underestimated, so even if you don't (yet) understand his arguments on or agree with him on "corruption 2.0", you'd be a fool to dismiss a campaign that is still in its early stages.

Links

Peter Wainman at Naked Law on the SCL Lecture

Laurence Eastham at SCL on Corruption 2.0

SCL Audio Recording of the Lessig Lecture

I'll be attending the Society of Computer & Law's Annual Lecture this evening. Here's some blurb about the event and contact details if you are interested in seeing if there's any last-minute tickets available:

"Technology policy has never been more critical. Privacy, security and the appropriate balance for copyright are now central policy making challenges, if the economic and social potential of the Internet is to be realized. In this lecture, Professor Lessig will build upon the work of Oxford Professor Jonathan Zittrain to identify a critical dynamic in policy making affecting the Internet, and how technologists have become central to that dynamic. The threats to privacy, security, and the proper protection for copyright are not technical, but political. The remedies to those threats will not just be political, but in an important sense, also technological. Professor Lessig will describe this dynamic, and describe the emerging movement in the United States to address it.

SCL confidently expects that there will be a considerable call for tickets from members and  non-members alike and therefore you are advised to apply for your tickets as soon as possible either online or by emailing caroline.gould@scl.org"

Lawrence Lessig is an influential US lawyer and writer, who many IP/IT lawyers will know through his writings about "free culture" - the free software and online collaborative movement. He's now changed his focus to political corruption, as evidenced by the Change Congress movement that he co-founded with Joe Trippi. If you're attending the Lecture, I look forward to meeting you.

If you can't attend, you can still find out what Lessig is on about. If I'm right, Lessig will be giving what he describes as his "Change Congress" speech. With him being firmly embedded in "free culture", you won't be surprised to learn that there are a number of versions of the speech online. You also won't be too shocked to know Lessig is publicising this content on his Lessig Blog.

Have a good day!

The Information Commissioner's Office has confirmed its support for extending the Freedom of Information (FOI) regime to contractors and outsource service providers to the public sector. The ICO, the enforcer of the FOI and and Data Protection Act in the UK, gave the confirmation in a public response to a Ministry of Justice consultation on FOI. In its response, the ICO said:

"The [ICO]... observes the fast pace of change in the delivery of public functions and services in terms of public and private sector remits, for example in the Health Service. It is vital that the FOI Act keeps pace with these changes in order that public confidence in the regime is maintained and compliance with right to know legislation cannot be reduced by funding external organisations to carry out functions or contracting out. Where public authority functions are transferred to other organisations in principle FOI obligations should follow."

Key points to the ICO's response:

• The ICO favours a staged approach to extending FOI, gradually widening its remit rather than doing to the complete extension in one go. The ICO says this will enable it to manage its resources, and enable lessons to be learnt from each stage of expansion.
• The ICO doesn't think that all contractors/outsourcers to the public sector should be subject to FOI. The ICO: "would suggest that careful consideration needs to be made about the value that can be gained from adding organisations against what information is already accessible via the Act. The Commissioner considers that a bar set in the region of £1million for public sector contracts might provide a suitable starting point for considering whether public sector contractors are brought within the Act."
• The ICO lists five private organisations (not subject to the FOI regime) for whom it has received FOI complaints/enquiries: Press Complaints Commission, Financial Ombudsman Service, Royal Institute of Chartered Surveyors, ICTIS (now PhonepayPlus, and Financial Reporting Council. The ICO doesn't offer any 'firm views' on whether they should be covered by FOI.

The ICO is very influential at present, having acquired a very high profile as a result of the very public in losses of personal data by both public and private sector bodies in 2007 and so far in 2008. We will have to wait and see whether this influence is apparent in the Ministry of Justice final proposals on FOI.

Not a subject we can cover on IMPACT today, but the Society of Computers & Law website has a report on this: EDPS and the ePrivacy Directive Review.

Benjamin Duranske of Virtually Blind hosts this week's Blawg Review. Whether or not you keep up with Blawg Review, the resulting post is an interesting and entertaining insight into the legal issues associated with virtual worlds. According to Duranske, 3D worlds such as Second Life are a glimpse at the future:

"The 3D internet is coming next, and now is a great time to get familiar with it."

Duranske's post briefly covers legal issues to do with virtual worlds such as intellectual property rights, dispute resolution and employment law. Well worth a look.

If, like me, you find these kind of worlds interesting in theory, but tricky to use in practice (system crashing, walking into walls and disjointed conversations), Duranske's prediction on the 3D internet isn't something that you'll be cracking open the champagne to celebrate.

That said, virtual worlds are already popular and some have proved profitable for both their operators and more entrepreneurial users. Some worlds have been around for years and so this doesn't look to be a part of the internet that will be abandoned by users when the next Facebook comes along. In addition, user interface technology is improving all the time - for example, touch screens (iPhone), motion-sensitive controllers (Nintendo Wii). Technological advances in this area could mean that interacting with virtual worlds becomes more of a pleasure than a pain.

Notably, user creativity virtual worlds has also resulted in a new film form: machinima. We were lucky enough to be part of the panel of a legal session at the Machinima Festival Europe 07. An article on the main legal issues,  wrote after the event, can be found in the February/March 08 issue of Computers & Law magazine, and a summary will appear on IMPACT in the near future.

Just spotted this from the BBC:

'Youngest inventor' patents broom

A five-year-old boy is thought to be the UK's youngest person to patent an idea after inventing a labour-saving broom to help his father sweep leaves.

Sam Houghton, of Buxton, Derbyshire, was just three when he came up with a double-headed broom to collect large debris and fine dust simultaneously.

After passing the rigorous patenting process, his idea is now protected from anyone who might copy it.

Bakewell is a place that, until now, was more known for its tarts (of the food variety) than for innovation.

Sam's dad is Mark Houghton, a patent agent at Derbyshire-based Patent Outsourcing Limited. The BBC reports that, thanks to this, the only cost of the patent application was a £200 official fee. Presumably Mark's other clients will be hoping he can prosecute their patents for a similar cost!

IMPACT educational aside: If you want to read more about patents and the 'rigourous patenting process' mentioned by the BBC, check out our overview of patents.

(Pictured: A non-patented single-headed broom yesterday)

Ann Critchell-Ward and Alex Newson, of Freeth Cartwright LLP's IP & IT law team, will be attending this year's INTA Annual Meeting. INTA is the International Trade Mark Association.

The event, which in 2008 is being held in Berlin from 17 - 21 May, is one of the largest and most important events on the trade mark professional's calendar, with over 8,000 trade mark owners, managers, advisors, and providers of related services due to attend from across the globe. This will be INTA's 130's Annual Meeting.

At the event, we will be meeting with clients, the suppliers with use for the IT behind our trade mark services, and our contacts from other firms. We'll also be attending a Meet the Bloggers session.

If you are attending INTA and would like to meet with either of us, please contact the team and we'll get something sorted.

Trade mark lawyers will be interested in a recent ruling by the European Court of Justice (ECJ) in the case of Adidas v Marca Moda, C&A Nederland, H&M & others.

The ruling arises from a reference to the ECJ from the Dutch Supreme Court, in a case to do with Adidas' well known three stripes, which it uses on almost all of its sports gear. Adidas has various trade mark registrations for the three stripes.

The ruling is heavily technical, and readers can find a detailed report by Jeremy Philips on Class 46. Here's a quick summary of the key facts and bits of the ruling...

A number of retailers in the Netherlands, including H&M and C&A, had started retailing clothes that featured similar stripes (e.g. H&M sold sports gear with two stripes). Adidas sued these retailers for trade mark infringement. The retailers sought to rely on a number of provisions of the Trade Mark Directive to argue that Adidas' trade marks were either invalid or did not prevent the usage on clothes by others of types of stripes except for three stripes (i.e. two stripes good, three stripes bad!) The ECJ ruled that, because the Adidas three stripes were so distinctive, Adidas could rely on its trade marks to bring infringement actions against others who featured stripes on their clothes.

The above summary deliberately over-simplifies things, so once you've taken in the key facts, head to Class 46's report for the fine detail.

On Friday I had the privilege of attending the first ever European Licensing & Legal Workshop of Free Software Foundation Europe. Thanks and congratulations to the FSFE Freedom Task Force (FTF) for organising such a successful event.

The Workshop, which was held in Amsterdam, comprised a day of talks, discussion and networking for members of the organisation's European Legal & Technical Network. Some 54 lawyers and licensing experts from across Europe (plus a few who had travelled from Australia and the USA) attended the event, which was chaired by Shane Coughlan, the driving force behind FTF.

To slightly understate the situation, free software & open source (FOSS) is a movement with a degree of politics to it, with factions taking different positions on issues such as what materials should be caught by FOSS licences and if/how software patents should be dealt with. (In fact, it is so factionalised that some would argue you can't even describe it as a single 'movement'.)  More importantly, it is a movement that inspires a huge amount of creative activity, and offers a credible alternative to "proprietary" software, and presents an alternative source of business for IT companies. It was a significant achievement of both FTF and the Workshop attendees that the event focussed on the latter and left out the politics. I will write a more full report on the event later this week.

Looking across the blog rolls on some the other law blogs recently, I found the IP Finance Blog. This:

"looks at financial issues for intellectual property rights: securitisation and collateral, IP valuation for acquisition and balance sheet purposes, tax and R&D breaks, film and product finance, calculating quantum of damages--anything that happens where IP meets money."

The IP Finance Blog is brought to us by an eclectic international crowd, including: Jeremy Philips, one of the most influential people in IP law and a thoroughly nice bloke too; Roya Ghafele, an economist who focuses on IP, currently a researcher at the University of California Berkeley; Darren Olivier, a trade mark lawyer based in the UK who works for South African firm Bowman Gilfillan; and IP lawyer Neil Wilkof of Israel law firm Herzog, Fox, and Neeman.

Whilst the blog only appeared at the start of 2008, the contributors have already published an interesting collection of posts. If you're interested in IP and its links to cold hard cash, the IP Finance Blog is worth adding to your newsreader.

Details have been released of the next meeting of NODUS, the organisation for IP & IT legal professionals in the East Midlands. The meeting is being hosted by Browne Jacobson at their Nottingham office.

Nick McDonald of Browne Jacobson has issued the following email to NODUS members:

"I can now confirm the speakers at the event, who are as follows:

• Jeremy Reed (Hogarth Chambers) - speaking on "Software Patents and the Recent Developments in the Law"
• A patent examiner from the UK-IPO - speaking on "The Role of the Patent Examiner"

Should be very interesting.

I look forward to seeing you on 7 May 2008 at 5pm. Drinks and nibbles will be provided!"

If you are an IP or IT legal advisor, patent or trade mark attorney based in the East Midlands and you'd like to attend NODUS, please contact Nick at: nmcdonald@brownejacobson.com

The Article 29 Working Group of EC data protection commissioners has given an Opinion on the handling of personal data by search engines. The headline grabber so far has been the statement that search engines should retain personal data about users for no more than 6 months.

The Opinion follows the Working Group's requests to Google and other search engines last year for information about their data retention policies. According to a BBC News report:

"The report issued a set of obligations to search engines firms, including:

• Search engines should get informed consent from users if they correlate personal data across different services, such as desktop search
• Search engine providers must delete or anonymise (in an irreversible and efficient way) personal data once they are no longer necessary for the purpose for which they were collected
• Personal data should not be held by search engines for longer than six months
• In case search engine providers retain personal data longer than six months, they must demonstrate comprehensively that it is strictly necessary for the service
• It is not necessary to collect additional personal data from individual users in order to be able to perform the service of delivering search results and advertisements
• If search engine providers use cookies, their lifetime should be no longer than demonstrably necessary
• Search engine providers must give users clear and intelligible information about their identity and location and about the data they intend to collect store or transmit, as well as the purpose for which they are collected"

The dominant search engine Google, retains user personal data for 18 to 24 months, anonymising it after 18 months. Perhaps unsurprisingly, it has already criticised the Working Group's opinion on its Public Policy Blog.

The Article 29 Working Group's views on data retention periods at the search engines are also unsurprising, given the concerns it voiced last year about current periods being too long - see our August 2007 analysis of Google's data protection policies against the Working Group's comments.

Next steps

It's going to be interesting seeing how the Working Group and the various data protection authorities of individual EU jurisdictions take this forward. Google and the other search engines are highly unlikely to accept without a fight any request from data protection authorities to reduce their data retention periods. The Opinion's other "obligations" may receive a warmer reception.

The Working Group's Opinion certainly isn't the end of its battle with the search engines over their use of personal data. Expect more developments in the next year.

Out-law reports on the new Banking Code, which will see customers regarded as liable for losses from their bank (e.g. from hackers gaining access to their account) if they do not act with reasonable care.

One of the key examples of not using reasonable care given by the Code is failing to comply with the advice in clause 12.9. The clause is a vague list of steps that customers should take to keep safe online, including not using "out of date" anti-virus/firewall software. On the one-hand, such vagueness is arguably a necessity because being over-specific would risk the Code being out-of-date (just like that anti-virus software!) very quickly. On the other hand, given that we are talking about the difference between a bank customer being able and not being able to recover from the bank what could be a significant amount of their money, this is a point that many will feel should be addressed clearly and comprehensively.

Andres at Technollama does a nice job of pulling apart 12.9. To his list of questions, I would add:

• The "anti-virus" requirement seems to be only relevant to bank customers who use the various versions of Windows, all of which are the target of thousands of viruses and bits of spyware. The other 2 main types of operating system, Apple Mac OSX and Linux, have few reported items of viruses/malware on the loose. If a customer using Mac/Linux calls their bank about losses from their account and tells them they use Mac/Linux and therefore don't have anti-virus installed, they may struggle to reclaim their losses from the bank simply through technical ignorance on the part of their bank.
• What about bank losses if a customer has in the past accessed their account in an internet cafe or from their office PC? Access to your bank anywhere is one of the main benefits of online banking, but in using another organisation's PC, you have to trust that organisation to have good IT security but you cannot guarantee this.
• What about losses suffered if the customer uses their mobile phone as a method of accessing their account? Mobile banking is predicted to be a big growth area, but IT security software for mobile phones isn't exactly commonly used.

Brendan Scott, a leading open source lawyer, has produced a useful analysis of the legal issues to do with free software licensing as applied to "Software as a Service" (SAAS).

SAAS is the term often used for web-based applications (e.g. Google Docs), although those of us who already suffer acronym overload prefer the more plain-English "online service".

Brendan makes some interesting observations. In summary:

"The thrust of the argument is that the manner in which a SAAS model is implemented using FOSS might determine whether or not the implementation is legal/licensed. Conversely it may provide a means for businesses to “monetize” open source applications if they control sufficient copyrights (although probably not possible with software under GPL v3)."

The analysis is based on Australian law, and it would be good to see the same exercise applied to the law of other jurisdictions (and no, we're not volunteering just at this moment!)

Have a good weekend

As you will know if you are looking at the blog, reading your RSS or receiving the IMPACT email, we're back online. A domain name issue of fiendish technical complexity (or so our IT people tell us) caused a server password prompt, meaning the site was effectively down for a few days. Thanks to those that contacted us about this.

The Information Commissioner's Office (ICO) may be unhappy with its existing powers, but it is not afraid to use them. Yesterday, the ICO announced the successful prosecution of a small London solicitors firm for failing to notify the ICO of its data processing despite repeated reminders. The duty to notify is imposed by the Data Protection Act 1998 (DPA).

The level of fine - just under £2,000 - is small, less than half of the £5,000 maximum. Depending upon your interpretation, this could either reflect the fact that the prosecution was for a technical breach of the DPA, or it could indicate that the Courts have not yet cottoned on to public concern about data protection. Regardless, the threat of prosecution should prove a powerful incentive to most businesses to comply with the DPA.

The fact that this is the 3rd solicitors prosecution firm prosecuted in just 6 weeks suggests that the ICO is stepping its DPA compliance campaign up a notch.

This latest DPA news comes at a time when Richard Thomas, the ICO himself, has just been awarded the Privacy Leadership Award by the International Association of Privacy Professionals, for his sterling work in publicising privacy and data protection issues. (Thanks to Information Overlord for spotting this.)

This is a quick heads-up on two recent trade mark infringement judgments, both to do with the use of a third party's trade mark in a keyword advert. Keyword adverts are the sponsored links that sit alongside ordinary search results on search engines such as Google and Yahoo!

UK case: Victor Wilson v Yahoo ("Mr Spicy")

The first is a UK High Court ruling in Victor Wilson v Yahoo!, discussed earlier this month by the IPKat. The claimant owned a Community Trade Mark for "MR SPICY", registered for food and drink. When users searched against this phrase on Yahoo!, adverts for Sainsburys and Pricegrabber appeared. This happened because those third parties had chosen to use the word "spicy" as one of their keywords.

The High Court ruled that the use of "spicy" as a keyword did not infringe the "MR SPICY" trade mark. The Court held that the only use of the mark was by users of the search engine. In addition, the Court ruled that use of "MR SPICY" as a keyword would not have been trade mark infringement because this was not "trade mark use".

This ruling clarifies the UK law position on the use of trade marks as key words. However, it does not address the use of trade marks within keyword adverts themselves. The position on the latter point is made clear by Article 9(2) of the Community Trade Mark Regulations which expressly lists "using the sign... in advertising" as something that can constitute trade mark infringement.

US case: "Smart Money Clip"

Out-law.com provides a report on this case (link above). The key facts are as follows:

• The claimant (plaintiff in US legal terminology) had registered the trade mark "SMART MONEY CLIP" for money clips
• The defendant registered the term "SMART MONEY CLIP" as a Google keyword
• The defendant featured this term in the keyword adverts themselves, which were for money clips

Here, the North Californian District Court found that the defendant's usage was trade mark infringement. Whilst a good result the claimant, the ruling will slightly irritate IP lawyers because the Court did not distinguish between "up front" and "behind the scenes" use - in other words, what if the defendant had registered "SMART MONEY CLIP" as a keyword, but hadn't used the term in the actual advert?

IMPACT comment

These are not the only recent trade mark rulings to do with keyword adverts. Earlier this month, we reported that the German Courts had ruled that "using a competitor company's name as a search engine keyword (e.g. Google's AdWords service) is lawful provided it's clear that the advert in question is for the advertiser's own products/services, not those of the competitor."

Put together, the 3 rulings indicate that keyword advertisers should steer clear of using the trade marks of competitors as part of their adverts. The UK and German rulings also suggest that advertisers targetting those jurisdictions can use competitor trade marks "behind the scenes", as keywords, without fear of a successful trade mark infringement claim.

This post isn't intended to be a comprehensive summing up of trade mark law on keyword advertising; if you have written one or know of one then please let us know and we'll post a link. Have a good week!

Looking at the latest ICO press releases, we see that last month the ICO found Skipton Financial Services to be in breach of the Data Protection Act. This arose out of the theft from a Skipton contractor of a laptop containing the unencrypted personal data on 14,000 Skipton customers. The reason for the finding was that the data was not encrypted.

Skipton has signed an undertaking that it will ensure the secure of personal data, to encrypt 'sensitive' data held on laptops, and to perform risk assessments where contractors are processing personal data for the company.

The uncertainty over whether computer software is patentable in the UK continues, following a decision by the High Court last week which the UK Intellectual Property Office has announced it will appeal. The ruling relates to an application by Symbian for a patent to do with Dynamic Link Libraries (DLL).

From Symbian's perspective, the High Court ruling applied the less restrictive policy of the European Patent Office on software patents, therefore allowing the patent. From the UK IPO's perspective, the ruling was a mistake because the High Court wrongly applied previous case law, and it has announced an appeal to rectify this mistake. The Society of Computers & Law news page has a good summing up of the story, as does BBC News.

In terms of the subject of the patent application, whether or not Symbian's new DLL technology could or should be patentable is a moot point. DLL technology has been used by operating systems for a very long time; since the earliest days of Windows and no doubt in other operating systems too (here, my techie knowledge fails me!), and it is difficult to see what particular technical advance Symbian could have made. Andres over at Technollama is not shying away from an opinon on the issue.

Until the judgment on the appeal is given (don't hold your breath, it will be some time), uncertainty over the patentability (or extent of patentability) of software in the UK will continue. Even after that, the technical test for patentability for software will be probably still be beyond the understanding of all except patent agents and barristers specialising in the area.

The Information Commissioner's Office has released a survey of 1,000 people across the UK, which it claims shows that the public has 'woken up' to privacy. Whilst the survey itself is a huge set of figures (28 pages of them, a real treat for stats fans), an ICO press release and a BBC News article help shed some light on the survey's implications. Most notably, over 70% of those surveyed felt powerless over how their personal data is looked after (see page 3 of the survey) and over 85% refuse to give personal data when given the option.

This survey should prove of great interest and relevance to organisations that handle (or want to handle) personal data; with public trust in this area having disappeared, organisations must look to regain it. In our view, openness and transparency about data protection policies and processes would certainly assist. For most, the privacy policy on their website is the nearest thing they have to a public statement on their data protection policies and practices. For organisations that rely on personal data to do business (and therefore, public confidence and trust in their handling of that data), now may be the time to make their data protection policies public.

Reports in the Financial Times today suggest that Apple, massively influential in the music industry through its iTunes store, is about to shake things up again with a scheme allowing unlimited downloads from the store in return for a monthly fee.

Given how zealously Apple likes to retain control over its technology, and how this is mirrored by the record industry's love of control over its content, it's highly unlikely that the resulting service will be DRM free because Apple will want/need some means of dictating how long users can keep hold of downloaded music. Charles Arthur in the Guardian shares this opinion.

If this service goes ahead, it is likely to give DRM (digital rights management) a new lease of life. DRM is also used for other new and popular services such as BBC iPlayer and the movie rental facility that US users of iTunes can access. Whilst this technology is not exactly liked by many, it continues to be popular amongst content owners as way of stopping (ok, trying to stop) people from sharing their content. For short-term access and rental services, the technology is ideal. So, DRM, we won't be saying goodbye to you any time soon...