INTELLECTUAL

PROPERTY RIGHTS
AND
PATENTS

By
M.D.NAGENDRA PRASAD
 UNIT - V

 Course Objective, CO5– Understand the Principle and Registration of Trade secrets.
 Knowledge Level – K 2
 Syllabus
 Introduction to Trade Secrets, Maintaining Trade Secret ,Employee Access Limitation,
Employee Confidentiality Agreement , Trade Secret Law, Trade Secret Litigation, Breach of
Contract .
 Introduction to Trade secrets

 A Trade secret is a formula, pattern, physical device, idea, process or compilation of

information, which is not generally known or reasonably ascertainable, by which a
business can obtain an economic advantage over competitors or customers.
 Financial information, Technical and Scientific information, commercial information
are treated as Trade secrets.
 Trade secrets examples are formula of a drink, recipes, new invention for which
patent application has not yet been filed, marketing strategies, manufacturing
techniques, computer algorithms.
 Maintaining Trade secret
 Following are the various ways to protect trade secret,
 Restrict access to the information ( locking it in a secure place such as vault, bank locker).
 Limit the number of people who know the information.
 As anyone comes in contact with the trade secret directly or indirectly need to be signed non-
disclosure agreements.
 Mark the written material related to trade secret as proprietary.
 Advantages of Trade secret over patents are unlimited duration, no application required, no
registration costs, no public disclosure or registration with government agency, effective
immediately.
 Famous Trade secrets are formula for Coca-Cola, the Big Mac special sauce, KFC chicken
recipe, WD-40 formula
 Employee Access Limitation, Employee
Confidentiality Agreement
 Contract law
 When there is an agreement to protect the trade secret such as Nondisclosure agreement (NDA),
Confidentiality agreement (CA), anti-reverse engineering clause.
 Where a confidential relationship exists.

 Principle of tort/unfair competition

 Misappropriation by competitors who have no contractual relationship. Examples such as theft,
espionage, subversion of employees, bribery, hacking.

 CDA and NDA includes the following as important elements, Ownership of inventions, Non
disclosure provisions, Non solicitation provisions, Non competition provisions.
 Non applicability of Trade secrets
 Following are not protected under trade secrets,
 The clean room :- The clean room refers to a room in which a team of engineers, designers,
researchers or scientists work together for a specific purpose. Each and every activity is
documented.
 The clean room act as an evidence to prove that the information which is identical to some
others trade secret has derived through team efforts.
 It also ensures that the information was not copied, theft or gained through any other improper
means.
 Reverse Engineering :- Any information which is obtained through reverse engineering of a
product will also be unprotectable under trade secret.
 Observing the item in public use or on public display.
 Obtaining the trade secret from published literature.
 Trade Secret Law, Trade Secret Litigation

 Specific trade secret laws are TRIPS, United States Uniform Trade Secrets Act (UTSA), Economic
Espionage Act.
 No particular law that protects trade secrets in India. Trade secret protection has been upheld on
the basis of principles of equity and on common law action for breach of confidence.
 Trade secret litigation comprises of two aspects,
 (1) Violation of trade secret law takes place, when the confidential information is obtained through
misappropriation.
 (2) Violation of non disclosure agreement takes place when a party in the contract breached the
agreement.
 The legal actions for the invasion of trade secrets are provided by Contract Act,1872 , Information
Technology Act,2000 , Section 405 to 409 and 418 of the criminal procedure code. For the trade
secret disclosure penalties, damages and imprisonment are levied as per the laws.
 Breach of Contract
 Breach of contract takes place when a party fails to fulfill the promise made in an agreement.
 When a employee fails to fulfill the promise and discloses the trade secret to other parties, then it is
known as breach of contract. As employee is failed in maintaining the secrecy.
 Contract Act, 1872 is the law applicable for breach of contract.
 Contract is nothing but an agreement enforceable by law.
 The ten essential conditions for a contract,
 (1) Offer, (2) Acceptance, (3) Consensus, (4) Lawful Consideration, (5) Capacity to Contract, (6) Free
consent, (7) Legal object, (8) Possibility of performance, (9) Intention to create a legal relationship, (10)
Writing and registration.
 In India, violation of trade secrets will be covered under section 27 of the Indian Contract act. It restricts
parties in contract from disclosing any kind of information.
 The special contract acts like, Agency law clearly defines the duties and responsibilities of the employer
and employee. It provides the eligible remedies for the possible damages occurred to the owner from the
agent. The agent is liable to the owner for the loss occurred due to him.
 Introduction to Cyber Law
 Cyber law is like any other legal rule or policy that should be followed in our day to day life to stay out
of any kind of trouble. These laws are formed by keeping several issues into consideration such as our
society, morals, computer ethics, etc. The only difference is that cyber law is applied to the internet
and internet-related technologies only. Cyber law is formed to maintain discipline and justice in the
cyber world. This area in the legal system is introduced because the crime related to computers and
other technology was increasing rapidly. These types of crimes were not falling under the category of
any existing legal category therefore a separate section was formed named Cyber Law.

 Cyber law is the part of the overall legal system that deals with the Internet, cyberspace, and their
respective legal issues. Cyber law covers a fairly broad area, encompassing several subtopics including
freedom of expression, access to and usage of the Internet, and online privacy. Generically, cyber law is
referred to as the Law of the Internet.

 Cyber law, also known as cyber crime law, is legislation focused on the acceptable behavioural use of
technology including computer hardware and software, the internet, and networks. Cyber law helps
protect users from harm by enabling the investigation and prosecution of online criminal activity.
 Introduction to Cyber Law
 The first cyber law was the Computer Fraud and Abuse Act, enacted in 1986. Known as CFAA, this law
prohibits unauthorized access to computers and includes detail about the levels of punishment for
breaking that law.

 Cyber law is created to help protect people and organizations on the Internet from malicious people on
the Internet and help maintain order. If someone breaks a cyber law or rule, it allows another person or
organization to take action against that person or have them sentenced to a punishment.

 There are different forms of punishment depending on the type of cyber law broken, against whom
offended, where the law is violated and the place where violated person lives. In many situations,
breaking the rules on a website result in your account becoming suspended or banned and IP address
gets blocked. If committed a more serious offence such as hacking, attacking another person or website,
or causing another person or company distress, additional action may be taken.

 Cyber laws are important to punish criminals who commit serious crimes related to the computer such as
hacking, online harassment, data theft, disrupting the online workflow of any enterprise, attacking
another individual or website.
 Introduction to Cyber Law
 These laws cover many areas & activities occurring online and serve a variety of purposes. Some laws are
formed to protect to defend people online from malicious activities, some laws explain the policies if
using computers and the internet in a company. All these wide categories fall under the cyber laws.
Some of the wide range areas encompassing the cyber laws are:

 Scam/ Treachery:- Cyber laws exist to protect people from online frauds and scams, these laws prevent
any financial crimes and identity theft that happen online.
 Copyrighting Issues:- The Internet is the source of multiple types of content, but it is not right to copy
the hard work of any other person. There are strict policies in cyber laws against copyright that protects
the creative work of companies and individuals.
 Online Insults and Character Degradation:- Online platforms like social media are the best platform to
speak your mind freely but there is a thin line between the liberation of using the right to speak and
defaming someone online. Cyber laws address issues like online insults, racism, gender targets to protect
a person’s reputation.
 Online Harassment and Stalking:- Harassment is a violation of both civil and criminal laws. This crime is
a major issue in cyberspace. The legal system has some strict laws to prohibit these despicable crimes.
 Data Protection:- People using the internet risk their privacy while being online and often rely on cyber
laws and policies to protect their secrets. Also, companies should maintain the confidentiality of data of
their users.
 Information Technology Act

 The Information Technology Act in the year 2000 is the Second Law in India governing the field of
Technology. Popularly known as IT Act.
 The First one was Indian Telegraph Act in the year 1885.
 The Intention of the IT Act is “An Act to provide legal recognition for transactions carried out by
means of electronic data interchange and other means of electronic communication, commonly
referred to as "electronic commerce", which involve the use of alternatives to paper-based methods
of communication and storage of information, to facilitate electronic filing of documents with the
Government agencies.”
 IT Act is aided by other Acts and Statutes such as The Indian Penal Code, The Evidence Act, The
Criminal Procedure Code , etc.
 Information Technology Act
 IT Act is broadly classified into three aspects – Administrative, Civil issues, Criminal and Penal.
 Administrative :- Recognizing E-Commerce, Legal enforceability and authentication of electronic
documents, Methodology and process, a special adjudicating officer and cyber law appellate tribunal, their
role and duties therein.
 Civil :- Runs parallel to Administrative ventures of the IT Act, Describes what constitutes civil infringement
of rights, Prescribes civil duties.
 Criminal and Penal :- Recognizes and provides for penal measures against crime in cyber space, digital
crimes or crime against computer resource, Related issues to redress, monitor, restrict, investigate, cyber
crime is also provided herein.
 IT Act recognizes the cardinal philosophy of cyber disputes i.e., computers are weapons as well as victims.
 Information Technology Act
 Section 2 of the Act defines :
 (i)"computer" means any electronic magnetic, optical or other high-speed data processing device or system
which performs logical, arithmetic, and memory functions by manipulations of electronic, magnetic or
optical impulses, and includes all input, output, processing, storage, computer software, or communication
facilities which are connected or related to the computer in a computer system or computer network.
 (j) "computer network" means the interconnection of one or more computers through
 (i) the use of satellite, microwave, terrestrial line or other communication media and
 (ii) terminals or a complex consisting of two or more interconnected computers whether or not the
interconnection is continuously maintained.
 (k) "computer resource" means computer, computer system, computer network, data, computer data base
or software.
 (l) "computer system" means a device or collection of devices, including input and output support devices
and excluding calculators which are not programmable and capable of being used in conjunction with
external files, which contain computer programmes, electronic instructions, input data and output data,
that performs logic, arithmetic, data storage and retrieval, communication control and other functions.
 The new amendment also defines, Cyber Cafe (s 2 (na)), Cyber security (s 2 (nb)), Electronic signature
(apart from DSC), Communication devices (s 2 (ha)), Indian CERT (s 70 B (1))
 Information Technology Act
 Section 4 – Legal recognition of Electronic Records
 If any information is required in printed or written form under any law the Information provided in
electronic form, which is accessible so as to be usable for subsequent use, shall be deemed to satisfy
the requirement of presenting the document in writing or printed form.
 A general provision for recognizing electronic documents.
 Section 5 - Legal recognition of electronic signatures.
 Section 6 - Use of e-Records & signatures in Government & Its Agencies.
 Section 7 and 7(a) - Retention of Electronic Records & audits.
 Section 8 - Publications of rules and regulations in the e-Gazette.
 Section 9 - No right to claim and insist on electronic documents.
 Section 10 - Central Govt. retains the power to make rules with respect to e-Signatures (type, manner,
format & process).
 Section 11 - Discuss about the attributor(sender) of electronic record.
 Section 12 - Discuss receipt for acknowledgement where nothing has been stipulated.
 Information Technology Act
 Section 16 – Central Government to prescribe security procedures.
 Section 17 to 34 - Appointment and Regulation of Controller and certifying authority.
 Section 35 to 39 - Obtaining Digital Signature Certificate.
 Section 40 to 42 - Duties of Subscriber of DSC- exercise due care to retain the private key.
 Section 43 and 43(a) – Relates to the unauthorized access of a computer and Failure to protect data.
 Section 44 - Penalty for failure to furnish information, return etc.
 Section 46 and 2(1)(c) - Adjudicating officer.
 Section 61 - Civil Court excluded from jurisdiction.
 Section 65 - Tampering with Computer Source documents.
 Section 65 B - Detailed process for the analysis of the digital evidence in question.
 Section 65 B(4) - Requires a certificate from the examiner of digital evidence.
 Section 66 - Penalises any contravention u/s 43 if carried out with a fraudulent or dishonest motive.
 Information Technology Act
 Section 66 A - Punishment for sending offensive messages through communication service etc.
 Section 66 B – Punishment for dishonestly receiving stolen computer/resource etc.
 Section 66 C - Punishes identity theft (DSC, passwords, or such unique identification).
 Section 66 D - Punishes personating, by means of Computer resource.
 Section 66 E - Punishes violation of privacy rights.
 Section 66 F – Punishes Cyber Terrorism.
 Section 67 A - Punishment for publishing or transmitting of material containing sexually explicit act, etc.. In the
electronic form.
 Section 67 B - Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc.
in the electronic form.
 Section 67 C - Preservation & retention of information by intermediaries.
 Section 68 - Provision and punishment for violation of orders from the Controller.
 Section 69 - Powers of the Govt. to issue direction for monitoring, intercepting or decrypting any information
through any Computer Resource.
 Section 69 A - Powers for blocking of public access.
 Section 69 B - Power to authorize monitor and collect traffic .
 Information Technology Act
 Section 71 - Penalty for Misrepresentation before the Controller or the Certifying Authority.
 Section 72 – Penalty for breach of Confidentiality & privacy, the provision applies to those persons who are
empowered under this Act with such a database or records.
 Section 72 A - Penalty for disclosure of information in breach of Lawful Contract –(an amendment to include
even the employees of private organizations or such intermediaries working therein).
 Section 74 - Publication of Signature or signature certificates for fraudulent purpose.
 Section 76 - provides for confiscation of any related computer accessory, system part etc if the same is
believed to be used in any violation of this Act or rules.
 Section 78 – Power to investigate offences .
 Section 79 - Exemption of Intermediaries and service providers if they establish that they have exercised
due diligence on their part.
 Section 84 B - Punishment for Abetment.
 Section 84 C – Punishment for attempt.
 Section 90 - State Govt. has powers to make allied rules.
 Relevant Application of IPC Sections and others
 Section 503 - Sending threatening messages by email
 Section 499, 500 - Sending defamatory messages by email
 Section 463, 470, 471 - Forging electronic records
 Section 420 - Bogus websites, cyber frauds
 Section 416, 417 - Email spoofing
 Section 383 – Web Jacking
 NDPS Act – Online sale of drugs
 Arms Act – Online sale of Arms
 Cyber Crimes and E-Commerce
 Cyber crimes against persons. Examples – melissa and lovebug viruses.
 Cyber crimes against Property. Example – Computer vandalism.
 Cyber crimes against Government. Example – Hacking Government networks.
 Few examples of cyber crimes are Tampering the computer documents, Hacking computer
systems, Publishing obscene material on internet, Breaching of confidentiality and privacy.
 E-commerce (electronic commerce) is the buying and selling of goods and services, or the
transmitting of funds or data, over an electronic network, primarily the internet. These business
transactions occur either as business-to-business (B2B), business-to-consumer (B2C), consumer-
to-consumer or consumer-to-business. The terms e-commerce and e-business are often used
interchangeably.
 Advantages of e-commerce are Wide availability, Speed and easy accessibility, International
reach, Lower cost, Personalization and Product recommendations.
 Disadvantages of e-commerce are Limited customer service, Not able to touch, Waiting time.
 Data Security
 Data security refers to the process of protecting data from unauthorized access and data corruption
throughout its lifecycle. Data security includes data encryption, hashing, tokenization, and key
management practices that protect data across all applications and platforms.
 Types of Data security controls,
 Authentication :- Authentication, along with authorization, is one of the recommended ways to boost
data security and protect against data breaches. Authentication technology verifies if a user’s
credentials match those stored in your database. Today’s standard authentication processes include
using a combination of ways to identify an authorized user, such as passwords, PINS, security tokens, a
swipe card, or biometrics.
 Access control :- Authentication and authorization happen through the process called access control.
Access control systems can include,
 Discretionary access control (the least restrictive), which allows access to resources based on the
identity of users or groups.
 Role-based access control, which assigns access based on organizational role and allows users access
only to specific information.
 Mandatory access control, which allows a system administrator to strictly control access to all
information.
 Data Security
 Backups and Recovery :- Prioritizing data security also requires a plan for how to access your company’s
and client’s data in the event of system failure, disaster, data corruption, or breach. Doing regular data
backups is an important activity to help with that access.
 Encryption :- Data encryption software effectively enhances data security by using an algorithm (called
a cipher) and an encryption key to turn normal text into encrypted cipher text. To an unauthorized
person, the cipher data will be unreadable.
 Data masking :- Data masking software hides data by obscuring letters and numbers with proxy
characters. The data is still there, behind the masking. The software changes the data back to its
original form only when an authorized user receives that data.
 Tokenization :- Tokenization substitutes sensitive data with random characters that are not
algorithmically reversible. The relationship between the data and its token values is stored in a
protected database lookup table, rather than being generated by and decrypted by a mathematical
algorithm (as in the case of encryption). The token representing the real data is used across different
systems as a replacement, while the actual data is stored on a separate, secure platform.
 Deletions and erasure :- When electronic data is no longer needed and must be permanently cleared
from the system, erasure can overwrite that data so that it is irretrievable. Erasure is different from
deletion, which is a process that simply hides data in such a way that makes it easy to retrieve.
 Data Security
 Cloud Data Security :- Protection platform that allows you to move to the cloud securely while protecting data
in cloud applications.
 Hardware security module :- Guards financial data and meets industry security and compliance requirements.
 Key Management :- Solution that protects data and enables industry regulation compliance.
 Enterprise Data Protection :- Solution that provides an end-to-end data-centric approach to enterprise data
protection.
 Payments Security :- Solution provides complete point-to-point encryption and tokenization for retail payment
transactions.
 Big Data, Hadoop and IofT data protection :– Solution that protects sensitive data in the Data Lake –
including Hadoop, Teradata, Micro Focus Vertica, and other Big Data platforms.
 Mobile App Security :- Protecting sensitive data in native mobile apps while safeguarding the data end-to-end.
 Web Browser Security :- Protects sensitive data captured at the browser, from the point the customer enters
cardholder or personal data, and keeps it protected through the ecosystem to the trusted host destination.
 E-Mail Security :– Solution that provides end-to-end encryption for email and mobile messaging, keeping
Personally Identifiable Information and Personal Health Information secure and private.
 Confidentiality, Privacy
 Confidentiality refers to protecting information from being accessed by unauthorized
parties. In other words, only the people who are authorized to do so can gain access to
sensitive data.
 A failure to maintain confidentiality means that someone who shouldn't have access has
managed to get it, through intentional behavior or by accident. Such a failure of
confidentiality, commonly known as a breach.
 Access to confidential data requires specific authorization and/or
clearance. Types of confidential data might include Social Security numbers,
cardholder data and etc.
 Data privacy is a part of data security and is related to the proper handling of data.
 Privacy is about the safeguarding of user identity.
 International aspects of Computer and Online Crime
 Following are the organizations does action against computer and online crimes, and those actions by the
organizations can be classified as Professional law-enforcement efforts, Regional efforts, Multi-National
efforts, and Global International efforts.
 Professional law-enforcement efforts,
 International Criminal Police Organization (Interpol)
 Regional efforts,
 The Asia-Pacific Economic Cooperation (APEC)
 The Council of Europe (COE)
 The European Union
 The Organization of American States (OAS)
 Multi-National efforts,
 The Commonwealth of Nations
 The Group of Eight (G8)
 The Organization for Economic Cooperation and Development (OECD)
 Global International efforts,
 United Nations (UN)