• At Kemp Little, we are known for our ability to serve the very particular needs of a large but diverse technology client base. Our hands-on industry know-how makes us a good fit with many of the world's biggest technology and digital media businesses, yet means we are equally relevant to companies with a technology bias, in sectors such as professional services, financial services, retail, travel and healthcare.
  • Kemp Little specialises in the technology and digital media sectors and provides a range of legal services that are crucial to fast-moving, innovative businesses.Our blend of sector awareness, technical excellence and responsiveness, means we are regularly ranked as a leading firm by directories such as Legal 500, Chambers and PLC Which Lawyer. Our practice areas cover a wide range of legal issues and advice.
  • Our Commercial Technology team has established itself as one of the strongest in the UK. We are ranked in Legal 500, Chambers & Partners and PLC Which Lawyer, with four of our partners recommended.
  • Our team provides practical and commercial advice founded on years of experience and technical know-how to technology and digital media companies that need to be alert to the rules and regulations of competition law.
  • Our Corporate Practice has a reputation for delivering sound legal advice, backed up with extensive industry experience and credentials, to get the best results from technology and digital media transactions.
  • In the fast-changing world of employment law our clients need practical, commercial and cost-effective advice. They get this from our team of employment law professionals.
  • Our team of leading IP advisors deliver cost-effective, strategic and commercial advice to ensure that your IP assets are protected and leveraged to add real value to your business.
  • Our litigation practice advises on all aspects of dispute resolution, with a particular focus on ownership, exploitation and infringement of intellectual property rights and commercial disputes in the technology sector.
  • We have an industry-leading reputation for our outsourcing expertise. Our professionals deliver credible legal advice to providers and acquirers of IT and business process outsourcing (BPO) services.
  • We work alongside companies, many with disruptive technologies, that seek funding, as well as with the venture capital firms, institutional investors and corporate ventures that want to invest in exciting business opportunities.
  • Our regulatory specialists work alongside Kemp Little’s corporate and commercial professionals to help meet their compliance obligations.
  • With a service that is commercial and responsive to our clients’ needs, you will find our tax advice easy to understand, cost-effective and geared towards maximising your tax benefits.
  • At Kemp Little, we advise clients in diverse sectors where technology is fundamental to the ongoing success of their businesses.They include companies that provide technology as a service and businesses where the use of technology is key to their business model, enabling them to bring their product or service to market.
  • We bring our commercial understanding of digital business models, our legal expertise and our reputation for delivering high quality, cost-effective services to this dynamic sector.
  • Acting for market leaders and market changers within the media industry, we combine in-depth knowledge of the structural technology that underpins content delivery and the impact of digitisation on the rights of producers and consumers.
  • We understand the risks facing this sector and work with our clients to conquer those challenges. Testimony to our success is the continued growth in our team of professionals and the clients we serve.
  • We advise at the forefront of the technological intersection between life sciences and healthcare. We advise leading technology and data analytics providers, healthcare institutions as well as manufacturers of medical devices, pharmaceuticals and biotechnological products.
  • For clients operating in the online sector, our teams are structured to meet their commercial, financing, M&A, competition and regulatory, employment and intellectual property legal needs.
  • Our focus on technology makes us especially well positioned to give advice on the legal aspects of digital marketing. We advise on high-profile, multi-channel, cross-border cases and on highly complex campaigns.
  • The mobile and telecoms sector is fast changing and hugely dependent on technology advances. We help mobile and wireless and fixed telecoms clients to tackle the legal challenges that this evolving sector presents.
  • Whether ERP, Linux or Windows; software or infrastructure as a service in the cloud, in a virtualised environment, or as a mobile or service-oriented architecture, we have the experience to resolve legal issues across the spectrum of commercial computer platforms.
  • Our clients trust us to apply our solutions and know-how to help them make the best use of technology in structuring deals, mitigating key risks to their businesses and in achieving their commercial objectives.
  • We have extensive experience of advising customers and suppliers in the retail sector on technology development, licensing and supply projects, and in advising on all aspects of procurement and online operations.
  • Our legal professionals work alongside social media providers and users in relation to the commercial, privacy, data, advertising, intellectual property, employment and corporate issues that arise in this dynamic sector.
  • Our years of working alongside diverse software clients have given us an in-depth understanding of the dynamics of the software marketplace, market practice and alternative negotiating strategies.
  • Working with direct providers of travel services, including aggregators, facilitators and suppliers of transport and technology, our team has developed a unique specialist knowledge of the sector
  • Your life as an entrepreneur is full of daily challenges as you seek to grow your business. One of the key strengths of our firm is that we understand these challenges.
  • Kemp Little is trusted by some of the world’s leading luxury brands and some of the most innovative e-commerce retailers changing the face of the industry.
  • HR Bytes is an exclusive, comprehensive, online service that will provide you with a wide range of practical, insightful and current employment law information. HR Bytes members get priority booking for events, key insight and a range of employment materials for free.
  • FlightDeck is our portal designed especially with start-up and emerging technology businesses in mind to help you get your business up and running in the right way. We provide a free pack of all the things no-one tells you and things they don’t give away to get you started.

Digital asset theft: software and ex-employees

We are at a defining point in the digital revolution as we realise the risks associated with creating and relying upon digitised technology.

Recently the focus in the media has been on cybersecurity and hacking, which is unsurprising given that the UK Government estimates that 81% of large UK businesses and 60 per cent of small companies suffered a cybersecurity breach in the past year.[1] However there are other sources of risk too: employees leaving a company may already have access to the information that the hackers need to break perimeter fences to see, and they may well move to a competitor at some stage in their career, armed with knowledge as to the importance of that information to their ex-employer’s business.

In fact, there are three major sources of risk for a company’s digital assets—from hackers, from employees, from competitors—and they arise in part because digital information can be generated, copied and moved freely and (often) with relative anonymity. This article is the first in a series of 4 articles that examines the legal and practical response to these three digital asset risks, and it focuses upon departing employees.

Introduction

A study by Symantec in 2013 revealed that half of employees who left or lost their jobs in a 12-month period kept confidential corporate data, and 40 per cent of them planned to use that information in their new jobs.2 According to the study:

“Employees not only think it is acceptable to take and use IP when they leave a company, but also believe their companies do not care. Only 47 percent say their organization takes action when employees take sensitive information contrary to company policy… .”

This apparent apathy towards the risks posed by employees is perhaps surprising given that employees have access to sensitive information relating to their employer.

The issue of departing employees taking information to a competitor is a perennial problem; however, the digital revolution has arguably made the issue harder to tackle. For one thing, it is easier to copy and carry off the premises information that is in digitised form. Taking software as an example, it is easy to envisage a situation where a key software developer, upon leaving his ex-employer after many years of service, takes a copy of the source code and other design material relating to the software and, with relative technical ease, incorporates aspects of that code into the code base for his new employer’s software. Alternatively, even without copying the source code, that employee would have a great deal of knowledge about the infrastructure of his ex-employer’s code, how it sells, to which customers, and for what amount. Such actions by an ex-employee could have a deeply adverse impact on his ex-employer’s business.

The remainder of this article examines what a software house can do in that situation: which legal rights exist in software; what the ex-employee is legally allowed to do; and practical steps that need to be taken by an ex-employer if they suspect their rights have been infringed. Although this article refers to this specific example of a departing software developer, many of the principles discussed below are relevant to any type of employee departing a business with experience of and access to their ex-employer’s digital assets.

IP rights in software

“Software is a great combination between artistry and engineering.”3

It is certainly true that software is a multi-layered creation: a bundle of technical and artistic elements, some hidden from view and others easily visualised when the program runs. There is the code base, which is usually kept secret, and which relies on individual building blocks: programming language, data, methods, routines. And then there is the part that the consumer interacts with—the visual content on the screen displays, graphics and sound effects. For this reason, it is unsurprising that different IP rights protect different aspects of software. This can be useful in circumstances of infringement, such as when an ex-employee leaves to join a competitor and create a competing program, because if the particular facts mean that one form of protection does not apply, there are several other IP rights that an ex-employer could try to allege have been infringed.

Copyright

People often consider copyright to be the principal IP right protecting software. In the early 1990s, a European directive known as the Software Directive[4] required all EU Member States to protect computer programs, by copyright, as literary works. Under UK law, copyright arises automatically on the creation of an original literary, dramatic, musical or artistic work by virtue of the Copyright, Designs and Patents Act 1988 (CDPA). In order to qualify for copyright protection, a work must be original, which means the work must not have been copied directly or indirectly from an existing source and must be the author’s own intellectual creation.[5] At first sight, it might seem strange that computer programs are classified as “literary works”; however, as we shall see from the case law below, the scope of this copyright for computer programs has been restricted largely to the code base, which is arguably a literary work.

Code base

Article 1(2) of this Software Directive describes the limits of the copyright protection conferred on computer programs as follows:

“Protection in accordance with this Directive shall apply to the expression in any form of a computer program. Ideas and principles which underlie any element of a computer program, including those which underlie its interfaces, are not protected by copyright under this Directive.”[6]

Numerous cases have held that the “expression in any form of a computer program” includes the source code and object code of that computer program.[7] However, the difficulty with limiting the scope of copyright to this extent is that it is easy to reproduce the functionality of computer programs exactly, without ever needing to copy the source code or object code. In the case of a departing ex-employee, who has worked in the development team of his previous employer, he could (according to this legislation) reproduce the functionality of his previous employer’s software exactly, provided he does not copy the code base and assuming no other right exists (see below). This has understandably caused consternation among software houses seeking to protect the functionality of their computer programs.

The first case before the English courts to consider the issue of functional copying of software was Navitaire v Easyjet.[8] The claimant developed a ticketless airline passenger booking system (OpenRes) for Easyjet, which consisted of software that called on data from a database which recorded every passenger and every flight on an Easyjet aeroplane. Easyjet instructed another software company to create a software program which would have substantially the same user interface as OpenRes, so that users would not notice any change in functionality or appearance. It was agreed between the parties that there had been no code copying; the code base for each product was structurally different and written in different programming languages. However Navitaire claimed the “business logic” of the OpenRes software had been taken. Navitaire likened the defendants’ actions to taking the plot of a novel and rewriting it, and claimed that, if a competitor copied the functionality of a computer program to a high level of detail and complexity, that should count as indirect copying of the source code: it is almost as though the code is being copied, just in a non-textual sense.

Pumfrey J in Navitaire concluded that the interface aspects of OpenRes that had been copied (e.g. the prompts to input information, the outputs arising from them) were commonplace in booking systems of this type; those aspects of themselves did not attract copyright protection.9 However, this case certainly did not rule out the possibility of the “business logic” of a computer program ever being protected.[7] 

In 2006, the case of Nova v Mazooma[8] supported the Navitaire decision. The claimant in this case was the designer of a video arcade game called Pocket Money, which was based on the game of pool. They took action against two designers of video arcade games who created visually similar games. Once again, there was no allegation of source code copying. Both the High Court and Court of Appeal held that the only similarities between the claimant’s computer game and the defendants’ games were ideas, taken at a high level of abstraction, and nothing had been taken in terms of program code or program architecture.12 Accordingly it was held there was no infringement of copyright under the Software Directive.

The case of SAS v WPL[9] went even further and positively confirmed that someone who is lawfully licensed to use a software program can observe how it functions even if their specific purpose purpose in doing so is to create rival software with the same functionality. This is pursuant to s.50A CDPA, which states that a lawful user of a computer program can observe, study or test the functioning of a computer program in order to determine the ideas and principles which underlie any element of the program if he does so whilst carrying out acts he is entitled to carry out (e.g. loading or running the program)—and that any licence term to the contrary is void.

In this case, the claimant (SAS) was a software developer which developed analytical software capable of carrying out a wide range of statistical analysis and data processing. Users of the SAS software were able to write their own applications in a programming language called SAS language. The defendant wanted to provide an alternative software package that would also carry out customers’ existing SAS language applications. The defendant therefore developed a rival software package called World Programming System (WPS) and emulated the SAS program as closely as possible: in fact, where the SAS software lacked certain functionality, the WPS software replicated the error messages that were produced by the SAS program exactly. There was no allegation of source code copying.

The claimant’s position was that the defendant was only allowed to emulate the functionality of its SAS program to the extent necessary in order to compete. Arnold J held that it was perfectly possible to create a computer program which replicated the functionality of an existing program. However he did accept that:

“copyright protection is not limited to the text of the source code of the program, but extends to protecting the design of the program, that is, what has been referred to in some cases as its ‘structure, sequence and organisation’… But there is a distinction between protecting the design of the program and protecting its functionality. It is perfectly possible to create a computer program which replicates the functionality of an existing program, yet whose design is quite different”.[10]

Therefore the High Court seemed to suggest that, while the functionality of a computer program was not protected by copyright under the Software Directive, the design and architecture of the program could be. The Software Directive does indeed state that “preparatory design material” is protected as part of the copyright conferred on a “computer program”.[11]

To summarise, case law suggests that claims for “altered” copying of more abstract features of the source code, such as the general structure, design features or architecture of a computer program, may succeed if it can be shown that a substantial part of the author’s own intellectual creation has been copied. However it is not copyright infringement under the Software Directive for an ex-employee or competitor to copy the functionality of the software alone.

GUI and screen displays

Given that the Software Directive does not extend copyright protection to the functionality of software, software houses have sought to fill the gap by claiming that visual content displayed when the software runs can be protected as literary and artistic copyright works in their own right.

In Navitaire, the claimant attempted to argue that the screen displays produced by OpenRes comprised literary and artistic copyright, which had been copied. The court accepted this argument and said that, while the skill and labour that had gone into creating the original screens had been modest, it had still been taken and therefore the copyright in those screens had been infringed.16

The High Court in Nova accepted that the individual frames stored in the memory of a computer (for example, a bitmap image of the pool table) were “graphic [artistic] works” within the meaning of the CDPA.[12] In that same case, the High Court rejected the argument that a computer game could be a “dramatic work” because a dramatic work was a work of action that was capable of being performed before an audience. Although they did not rule out that a game could ever be a dramatic work: the court simply said that, on the facts, the particular features of this game, and the way it was played, were too general to be described as features of a dramatic work or to be capable of performance.18 The case on dramatic work was not pursued on appeal to the Court of Appeal.

Therefore, while copyright in the Software Directive does not help if an ex-employee leaves and replicates the functionality of the software, but without taking the code base, the functionality or “look-and-feel” of the GUI screen displays can be protected as artistic works (graphic works or icons on screen), literary works (written content on screen) and musical works (music played in a video game). Therefore software needs to be viewed as a bundle of independent works, each capable of separate copyright protection. According to the particular facts of each case, these separate copyrights may be helpful in order to pin down a defendant.

Code constituents

Recital 14 of the Software Directive makes clear that “logic, algorithms and programming languages” are not protected insofar as they comprise ideas and principles.

Despite this, there have been several instances where software houses have attempted to claim protection for their in-house programming language under the Software Directive. Programming languages, alongside algorithms, databases and methods, are the building blocks of the code base and may represent greater relative value than the source code itself, which can be rewritten fairly easily.

In Navitaire, the claimant sought to protect elements of the code base, including single-letter and single-word commands entered into the software by call centre staff taking bookings (e.g. the letter A for availability). Navitaire claimed that Easyjet had copied 44 per cent of these OpenRes commands. There were two types of commands: simple commands which have only one outcome, and complex commands which can have different outcomes depending on the suffixes with which they were combined (e.g. one complex command is A13JUNLTNAMS, where the flight date is 13 June, the originating airport is Luton (LTN) and the destination airport Amsterdam (AMS)).[13] The court held that single letters/words could not attract copyright protection and considered that, even if any of the user commands had potentially constituted copyright works, they were likely to be a computer language excluded from copyright protection under the Software Directive.

In the SAS v WPL case, the programming language (called SAS Language) was very important because customers would use the programming language to build the statistical applications that they needed. If SAS was granted copyright in the SAS Language, it would mean that any customer wishing to use SAS Language applications would have to secure a licence from SAS. The High Court, supported by the Court of Appeal, ruled that the programming language that SAS used and the data file formats were not protected by copyright under the Software Directive.[14] These specific constituent elements of the code base are also not likely to be protected as artistic, dramatic or musical works. Yet they are highly valuable and therefore, as explained in the rest of this article, we need to look beyond the realms of literary copyright under the Software Directive and dramatic/musical/artistic copyright under the CDPA in order to protect them.

Practical points for copyright infringement of software

  • A departing employee (and his new employer) can explore the front-end of the software provided he has a licence for the software, but cannot look at the code base, if they are looking to develop competing software.
  • Although s.50A CDPA allows the ex-employee and/or his new employer to study how the software works with a view to replicating the functionality exactly, there are limits to how much observation a lawful user/licensee can perform in circumstances where they are trying to emulate the software. Section 50A CDPA goes on to say that a lawful user cannot decompile its licensed copy of object code back into source code if it intends to create a program which is substantially similar in expression to the program decompiled or to do any other act which is restricted by copyright.
  • Even if the ex-employee has not taken the source code with him, he may still have infringed copyright by: (1) copying artistic, dramatic or literary content from the software; (2) copying the program architecture from preparatory design materials.
  • Copyright infringement requires you to prove a causal connection between the original work and the copy. Therefore it is worth calling in forensic experts early on in any internal investigation into copying of software in order to preserve that evidential link.

Databases

The legal definition of a database is “a collection of independent works, data or other materials arranged in a systematic or methodical way and individually accessible by electronic or other means”.[15]Databases are likely to feature prominently in most software programs. For example:

  • a computer program featuring a look-up table or catalogue, i.e. a compilation of data accessed by a software routine in the underlying object code of the program; or
  • carefully selected algorithms, mathematical methods and user commands in the code; these struggle for protection under most forms of IP protection, but may find some success with database rights.

Databases are protected by copyright and also via a sui generis database right that was introduced by the EU Database Directive[16] into UK law in 1998. In order to be protected by copyright, the database must “by reason of the selection or arrangement of their contents, constitute the author’s own intellectual creation”.[17] The sui generis database right arises if there has been a substantial investment (qualitatively or quantitatively) in the obtaining, verification or presentation of the contents of the database. Therefore the key limitation on protection of databases (via copyright and the sui generis right) is that, neither of those tests protects the data created in the database per se, but rather the way it has been selected/arranged or the investment that went into obtaining, verifying or presenting the data.

To take an example, software test data generated by a software house is highly valuable but the data itself is unlikely to be protected by database copyright unless it has been selected/ arranged in a manner that constitutes the author’s own intellectual creation, and it is even less likely to be protected by the sui generis database right because case law has ruled that this right does not protect investment in creating the data in the first place, only the way it is obtained, verified or presented.[18] In such cases, the best way to protect test data might be to keep it confidential (see below). Running database arguments in software cases has had limited success. In Cantor Gaming v Gameaccount the High Court held that the copyright in a database holding details of players of an online golf game was infringed by being stored on the defendant’s server and in back-up copies. On the specific question of copying of the database, the court commented that “once it is shown that a part of a work literally reproduced is not functionally useless, it is a short step to showing that a sufficiently substantial part has been reproduced”.[19]

By contrast, in Navitaire, the claimant failed to persuade the court that the schemas (structure) of the OpenRes database had been copied to an extent that gave rise to copyright infringement.26 However, during the course of migrating from OpenRes to its new software supplier, the defendant had made interim copies of the entire database by way of taking screen shots and this was held to be an infringement.

Where an ex-employee departs his employment and seeks to create a functionally similar piece of software to that sold by his former employer, even if there is no evidence of source code copying, it may be that the ex-employee has secured a commercial advantage by copying a database that is functionally important to the software.

Practical points for databases in software

  • Bear in mind that the law does not recognise an IP right in “data” by itself, but only the structure of databases i.e. the way the data is selected or arranged (for database copyright) or the investment that was made in order to obtain, verify and present the data (for sui generis database right).
  • If a software house creates data itself, including test data, that data is unlikely to be protected by the sui generis database right.
  • If the data merely exists, but is not organised in a particular way, consider protecting it as confidential information (e.g. test data) — see below.

Confidential information

If information is obviously confidential, the courts will step in to protect it. The test under UK law for whether a misuse of confidential information can be prevented is whether: (1) the information has the necessary quality of confidence; (2) it was imparted in circumstances importing an obligation of confidence; and (3) there is threatened or actual use or disclosure of the confidential information.[20]

Most software companies ensure that their source code is a trade secret and only disclosed in very limited circumstances and even then only under NDA, e.g. to third parties who are creating compatible software. However there are a number of other elements in software that could be confidential in addition to source code:

  • Source code constituents: there are aspects of the code, such as formulae, algorithms, data, mathematical methods, which as we have seen from the above, are not protected by other IP rights, but are highly valuable in the hands of a competitor.
  • Source code comments: source code contains comments from the programmer reminding them of why they structured the code in a particular way, or the location of important code sections. This information may be confidential.
  • Test data: the process of testing and debugging the software often takes a lot of in-house resource within software houses and the code fixes (not to mention the test data and know-how relating to those fixes) would be highly prized in the hands of a competitor.
  • Preparatory design plans: as well as being protected by copyright, the preparatory designs for the software are also likely to be confidential assuming they cannot be “reverse-engineered” once the software is released to the public.

Two issues that software houses commonly face when asserting confidentiality over software are:

  1. While algorithms, data or mathematical methods in the code might be highly confidential prior to release of the software, they are often discoverable by looking at the front end of the software when it is running,or by a process of “reverse-engineering”. In the case of Mars vTecknowledge, an algorithm used by Mars in its drink machines to discriminate between real and fake coins was held to be “public” information despite the fact the algorithms were encrypted, because it was deemed possible for specialists to decrypt the algorithms.[21] 
  2. Sometimes the aspect of software that has been copied is an aggregation of information already in the public domain e.g. algorithmsthat are published but spread across multiple scientific papers. This is not always fatal to a case for breach of confidence: Megarry J in the case of Coco v Clark held that information constructed solely from materials in the public domain may possess the necessary quality of confidence provided there is something new and confidential brought into being by the application of the skill and ingenuity of the human brain.[22]

The court is usually keen to imply an obligation of confidenceinto current employer-employeerelationships; however, matters become slightly more complex once an employee leaves his or her employment.

In the case of Faccenda Chicken v Fowler,[23] the court ruled that, following termination of employment, an ex-employee could not be prevented from using information that, even though once confidential, became part of his own skill and know-how applied in the course of his service for his ex-employer; however, he would be expected to keep genuine trade secrets confidential. The dividing line between what amounts to mere know-how, which a departing employee can disclose to his new employer, and a genuine trade secret, which he must keep confidential, is not clear. Courts have often stressed that it depends on the circumstances of a particular case but that the following issues are relevant: the nature of the employment; the nature of the information; steps taken by the employer to impress on the employee the confidentiality of the information; and any difficulty of isolating the information in question from other information which the employee is free to use or disclose.[24]

This lack of dividing line creates difficulties in situations such as where a software developer leaves his employer after many years of service to join a competitor: the developer will have a great deal of valuable information relating to business methods of his former employer, practices for carrying out data testing, bug fixes, planned updates and new releases of the software, and even specific customisations requested and desired by customers. At what point does this information stop being everyday business know-how and start to be classified as a trade secret belonging to his former employer?

In November 2013, the European Commission adopted a proposal for a directive on the protection of trade secrets; the purpose of this directive is to harmonise the civil law on trade secrets and how they are enforced across the EU. Legal circles were hoping that this legislation might finally resolve the difficulty about what is confidential information and what is a trade secret and hence protected post-employment; however, as presently drafted the legislation merely defines a “trade secret” rather than explaining whether post-termination restrictions affect an employee’s disclosure of trade secrets to their new employer.

Practical points relating to breach of confidence action

  • If you wish to bring a breach of confidence action, the court will expect to see what measures you had in place to keep the information in question (e.g. source code or test data) confidential, and that you only ever provided it to third parties under NDA.
  • It can be very powerful to bring a pre-action disclosure request before the court for the specific piece of information that you allege the defendant holds. Provided this request is granted by the court,it can force the defendant to reveal the “smoking gun” that will help you win the case.
  • It can also be a useful pressure point to include an ex-employee’s new employer in legal proceedings. All employers are vicariously liable for the actions of their employees. In fact the court may also be willing to imply that the new employer owes a duty of confidence to the ex-employer if they knew the employee was abusing confidential information,[25] or turned a blind eye to what the developer was doing. [26] You should therefore always write to the new employer to put them on notice that you suspect one of their employees has misused confidential information.
  • Often, once confidential information is in the hands of a competitor, or is made public, it can be difficult for the court to grant a legal remedy that reverses that, and makes the information secret again. In such circumstances, the courts are willing to grant a “springboard injunction” which prevents the former employee from gaining a head start over their former employer through their use of the confidential information. This type of injunction usually keeps them (or their new employer) off the market by preventing them from using the information for a period of time.

Other intellectual property rights

For the sake of completeness, it is worth mentioning a few other intellectual property rights that might also assist in proceedings relating to software infringement:

Patents

It is clear from the above that, in circumstances where software performs some inventive new function, perhaps backed by algorithms or mathematical methods in the source code, it will be difficult to protect those functions by virtue of copyright (because they form part of the functionality of the software) or confidential information (if those algorithms and methods are viewable from the front end of the software). In principle, discoveries, scientific theories and mathematical methods, schemes, rules and methods for performing mental acts or doing business, and computer programs as such are explicitly excluded under EU/UK law from patent protection as well.[27] However, in practice, there is some scope for registration of software and business methods implemented by software.

In Europe and the UK, for example, it is possible to register a patent for a programmed piece of hardware (e.g. computer hardware, servers, printers, terminals) that provides a technical effect or contribution due to the software installed on it.[28] The key point is that the programmed hardware hardware must make a technical contribution to the art (field in question), or have a technical effect, that is greater than just the software, or the business/mathematical method per se (e.g. the software must do something more than just speed up what a human could do).

Patents are a monopoly right, which makes them very valuable to a patent owner: once a patented invention has been registered, it is possible to stop any invention that infringes that patent, even if it was independently created. The downside of patent protection is that they require a certain amount of public exposure and publication, therefore, some software houses choose to keep their inventive methods secret, rather than risk publishing their software, particularly when there is a risk that the patent may never proceed to grant.

Design rights

It is possible to register designs for user interfaces, icons and screen layouts at a UK-wide or European level. A design is defined as“the appearance of the whole or a part of a product resulting from the features of, in particular, the lines, contours, colours, shape, texture or materials of the product or its ornamentation”.[29This definition could include graphic works in a computer game. However the definition of “product” is limited to “any industrial or handicraft item other than a computer program; and, in particular, includes packaging, get-up, graphic symbols, typographic type-faces and parts intended to be assembled into a complex product”.37

The effect of this exclusion of “computer programs” is not entirely clear. The Office for Harmonisation of the Internal Market (OHIM) provided guidance on what the provision means from the perspective of designs registered in the EU, confirming that it does not preclude screen images, menus, icons and other kinds of graphical elements of a program from being registered.[30]

A design right is infringed if it does not produce a different overall impression on the informed user. The informed user is not just the “average consumer” but is more discriminating and has an awareness of the design field in question. If a particular piece of software contains designs that create a different overall impression on customers, design rights law could be a useful form of protection (e.g. the designs of avatars in a computer game).

Unfair competition

In the UK, there is no general law of unfair competition; however, there is a tort to prevent businesses passing themselves off as their competitors. This tort of passing off could be used in a case of rival software being created with the same “look and feel” and functionality as a well-known computer program.

In order to make out a case for passing off, the claimant would have to prove that:

  • it owns goodwill or reputation in some identifying “get-up” in the software—this could be the brand name of the software, or the individual features of labelling or packaging or, potentially, even the look and feel of the GUI or screen display designs provided that the get-up is recognised by the public as distinctive specifically of the claimant’s goods. This means that the graphics and “look and feel” of the software must be very well known to members of the public;
  • a misrepresentation has been made by the defendant to the public (whether or not intentional) leading, or likely to lead, the public to believe the defendant’s software originates from the claimant; and
  • the claimant suffers or, is likely to suffer damage as a result of the defendant’s misrepresentation.

It is not enough to show that the design of the infringing software merely ‘brings to mind’ the first computer program—the public must believe the second computer program is connected with, or endorsed by the makers of the first computer program. Evidence of any actual confusion among members of the public would greatly help the chances of success in a case of passing off.

Conclusion

It is a striking feature of many of the cases discussed in this article that the principal IP infringement case often failed, only for the court to uphold another IP right. For example, in the Easyjet case, the claimant failed on its case of copyright infringement under the Software Directive because the code base had not been copied, but it succeeded in showing that literary and artistic copyright in the screen displays, as well as a database, had been unlawfully copied.

In SAS v WPL, the claimant lost on all its arguments of infringement except for one allegation that the defendant had, in creating its own user manuals for WPS, copied a substantial part of the copyright in SAS’s user manuals.

While it may seem at first sight that software is protected by a confusing array of different IP rights, these overlapping regimes are very important in protecting software from different forms of unlawful exploitation. Taking the example of an ex-employee reproducing his ex-employer’s software for a new employer, if that ex-employee has only copied the functionality, and did not have access to the code base, there is little point in asserting a case of copyright infringement under the Software Directive. However, in the course of replicating the software closely, it is highly likely the ex-employee will have relied on other documents or information in which the ex-employer owns copyright, database right and/or rights of confidence.

Cases involving digital asset infringement therefore require careful handling to ensure that the appropriate legal regimes are considered and matched to the background facts. In turn this means that it is important to call in forensic experts early on, not only to ensure the evidential trail linking ex-employees to an infringement is preserved, but also to discover which information an ex-employee might have accessed and used. This is key to ensuring that claimants only pursue IP infringement cases that are likely to succeed in court.

This article was originally published in the Computer and Telecommunications Law Review. For further information, please contact Alison Rea. 

[1] See https://www.gov.uk/government/news/cyber-security-insurance-new-steps-to-make-uk-world-centre [Accessed August 7, 2015].

2 See http://www.symantec.com/about/news/release/article.jsp?prid=20130206_01 [Accessed August 7, 2015].

3 Bill Gates.

[4] Council Directive 91/250 on the legal protection of computer programs, replaced by 2009/24/EC (Software Directive)

[5] This test comes from EU directives, including the Software Directive, and has been adopted by the Court of Justice of the European Union (“CJEU”). Occasionally the UK courts refer to the originality test for copyright that has been used in the UK courts for decades, namely whether the author created the work through his own skill, judgment and effort; the UK courts insist the European test is a restatement of the UK test. There is limited judiciary commentary on this issue. For the sake of consistency, this article refers to the originality test for copyright as being “author’s own intellectual creation”.

[6] Software Directive art.1(2) (emphasis added),

[7] By way of example, see Bezpečnostní softwarová asociace — Svaz softwarové ochrany v Ministerstvo kultury (C-393/09) EU:C:2010:816; [2011] E.C.D.R. 3 paragraph 34

[8] Navitaire Inc v Easyjet Airline Co [2004] EWHC 1725 (Ch); [2005] E.C.C. 30.

[9] Navitaire [2004] EWHC 1725 (Ch); [2005] E.C.C. 30 at [129].

[10] Navitaire [2004] EWHC 1725 (Ch); [2005] E.C.C. 30 at [130]

[11] Nova Productions Ltd v Mazooma Games Ltd [2006] EWHC 24 (Ch), [2006] E.M.L.R. 14

[12] Nova v Mazooma [2006] EWHC 24 (Ch), [2006] E.M.L.R. 14 at [247]–[253].

[13] SAS Institute Inc v World Programming Ltd [2010] EWHC 1829 (Ch); [2010] E.C.D.R. 15.

[14] SAS v WPL [2010] EWHC 1829 (Ch); [2010] E.C.D.R. 15 at [232]

[15] Software Directive art.1(1) states that: “For the purposes of this Directive, the term ‘computer programs’ shall include their preparatory design material.”

[16] Navitaire [2004] EWHC 1725 (Ch); [2005] E.C.C. 30 at [313]–[317].

[17] Nova v Mazooma [2006] EWHC 24 (Ch), [2006] E.M.L.R. 14 at [104].

[18] Nova v Mazooma [2006] EWHC 24 (Ch), [2006] E.M.L.R. 14 at [116].

[19] Navitaire [2004] EWHC 1725 (Ch); [2005] E.C.C. 30 at [79]–[89]

[20] SAS Institute Inc v World Programming Ltd (C-406/10) EU:C:2012:259; [2013] Bus. L.R. 941 at [39].

[21] Database Directive art.1(2).

[22] Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases (Database Directive).

[23] Database Directive art.3.

[24] British Horseracing Board Ltd and others v William Hill Organisation Ltd (Case C-203-02) [2004] ECR I-10415

[25] Cantor Gaming Ltd v Gameaccount Global Ltd [2007] EWHC 1914 (Ch); [2007] E.C.C. 24 at [95].

[26] Navitaire [2004] EWHC 1725 (Ch); [2005] E.C.C. 30 at [274]

[27] This tripartite test comes from the case of Coco v AN Clark (Engineers) Ltd [1969] R.P.C. 41 Ch D.

[28] Mars v Teknowledge [2000] F.S.R. 138 Ch D at [5] and [29]–[31].

[29] Coco v A N Clark [1969] R.P.C 41 at [47].

[30] Faccenda Chicken Ltd v Fowler [1986] 1 All E.R. 617 CA (Civ Div).

[31] Force India Formula One Team Ltd v 1 Malaysia Racing Team SDN BHD & Ors [2012] EWHC 616 (Ch) at [237-238]

[32] Vestergaard Frandsen A/S v Bestnet Europe Ltd [2013] UKSC 31

[33] Vestergaard Frandsen A/S v Bestnet Europe Ltd [2013] UKSC 31, para. 26

[34] Article 52(2) European Patent Convention 2000 (“EPC”)/ section 1(2) Patents Act 1977

[35] Case T 931/95 Controlling Pension Benefits System/PBS PARTNERSHIP [2000] OJ 2001 441

[36] Registered Designs Act 1949; repeated in art.3(a) of the Community Designs Regulation (6/2002) (CDR) with the exception that the word “or” is replaced with “and/or”. 

[37] CDR art.3(b)/ s.1(3) RDA.

[38] OHIM Examination Practice Note 2/2005, May 2, 2005