An organisation’s intellectual property is often its most valuable asset. Domini Stuart explains why adopting an effective strategy is crucial to safeguard against unknown threats.

    When manufacturers developed hard-copy plans and made their products in local factories, there were very few ways for unauthorised people to appropriate their intellectual property (IP). Now plans are stored in the cloud, goods are manufactured offshore, products and services are sold online – and IP is a lot more vulnerable.

    “It’s exposed at every step along the way,” says Ursula Hogben, legal practice director at online legal services provider LegalVision.

    There has also been a dramatic rise in the number of companies whose value lies largely in intangible assets. These can include anything from software and inventions to processes and methodologies as well as proprietary information such as customer lists and pricing information.

    “We live in a knowledge economy – what’s in the computer is far more valuable than the computer itself,” says Regan Gourley, partner at Cullens Patent and Trade Mark Attorneys.

    Gourley says it is vital for directors to ensure they are on top of developments. “Directors still need to oversee the use of traditional tools such as patents, trademarks, design registration and copyright but they also need to be well-informed about the new, non-traditional aspects of IP.” 

    New challenges

    The shift from physical to intangible has introduced a new set of risks for the board to manage. “Directors should think of IP as an asset on the balance sheet whose value will be amortised over a number of years,” says David Wildman, managing director, forensic and litigation, at FTI Consulting. “One risk is that their initial calculations of how much life they’re going to get out of any particular IP asset could be dramatically shortened.”

    Lawyer David Chin, principal at national IP firm Wrays, specialises in the protection, development, management and commercialisation of IP. Many of his clients rely on innovation for their competitive edge.

    “Failure to capitalise on their IP would jeopardise their position in the market,” Chin says. “It is vital that their boards think strategically about IP and ensure that the IP and corporate strategies are aligned. This enables them to focus on areas of real potential rather than risk wasting resources on IP that has little long-term value.”

    There is also a risk that poorly-managed IP will undermine any attempt at collaboration.

    “Australian companies can benefit significantly by pooling their resources with other organisations in industry, government, research and start-up sectors,” Chin continues. “Collaboration is seen as the path forward in innovation, but the fact that each party will bring different IP to the table can be a significant stumbling block. For example, IP might be encumbered because it was funded by a government grant and is the subject of broad compulsory licences, warranties and/or indemnities. This creates murky areas in terms of ownership and exploitation. An IP expert can apply a range of tools to address these kinds of IP issues but there’s much less risk of the collaboration being compromised if they’re managed before negotiations begin.”

    Chin believes that a good board will create an organisational culture where IP is actively managed from screening, development and protection through to commercialisation.

    “Directors should be confident that there are IP policies and training programs in place to educate employees on the importance of the company’s IP and how it is to be used and commercialised,” he says.

    Fundamentals of protection

    Every board needs access to a comprehensive and up-to-date audit of the company’s IP. “Directors should keep track of exactly what is being developed, whether it is being developed by employees or contractors, where it is kept, what the company owns and how this IP is protected, both practically and legally,” says Hogben. “And, unless they know how much of the company’s value lies in IP assets, it will be impossible for them to decide how much time and money they should devote to protecting them.”

    There should be clear, written details of how information is graded for sensitivity, where each level of information is stored and how it is protected.

    “The fewer people with access to sensitive information, the fewer leaks there will be, so both physical and online access should be limited to those who need it,” Hogben continues. “The practicalities are as important as the legalities, so your policies should include a common-sense approach to the use of laptops, USB sticks and the internet.”

    Agreements with employees and contractors should state clearly that all IP created for the business belongs to the business.

    “A smart employee will want to wind that back a bit so that that they retain the rights of any IP they develop outside of their job that doesn’t relate to the business,” says Hogben. “This can be negotiated, but the takeaway for directors is that a strong ownership clause should be the starting point in every contract.”

    Agreements should also include a “non-compete” clause to make it clear that neither employees nor contractors can start a competitive business while they’re working for your organisation, or for a specified time after they leave.“I also recommend reiterating all of these clauses in an exit letter,” Hogben continues. “This will remind your employees of what they signed up for, and their duties to your company don’t stop when they move on.”

    But even the most diligent organisation can be vulnerable to a determined hacker. Many experts believe that every organisation has been hacked to some extent and that the real problem is that they may not know.

    “This includes companies at both ends of the scale – you can’t assume you won’t be a target if you’re small,” says Gourley. “And, if you’re big enough to invest in the highest levels of protection, hackers might still be able to access your proprietary information by targeting an outside service provider such as an accounting or legal firm.

    “It’s vital that boards acknowledge the level of threat and take steps to ensure that, if they do get hacked, they will find out quickly and can take steps to minimise the impact. They should also ensure that their service providers are not weak points in their protection.”

    Emerging markets

    Protecting IP outside Australia can be complicated and costly, not least because every country has different IP laws. “It would be much easier if IP were dealt with on an international level, and there have been some moves towards that,” says Gourley. “But, as it stands, a country like Australia can’t apply its own laws in overseas jurisdictions.”

    Working with emerging markets is particularly challenging. The Organisation for Economic Co-operation and Development (OECD) estimates that in 2013 alone, theft of IP cost companies operating in the developing world about $US3 billion.

    “When you’re moving into a new territory the first step is to find out what legal options are available to you and then ensure these are all in place,” says Hogben. “It’s very important that you employ local lawyers to help you with this. They not only understand the legislation – they know how things work in practice.”

    She also recommends a number of practical measures. “For example, if you’re having handbags made that carry your logo, you need to know the exact quantity of materials going into the factory, the number of bags created and the amount of material left over so you can be sure the waste isn’t being used to make excellent copies,” she continues.

    “Installing CCTV cameras will make it clear to people on the ground that you’re monitoring the process. And directors should satisfy themselves that someone is responsible for protecting the company’s IP on an ongoing basis by keeping track of what your competitors are doing, searching for your products on the black market and checking whether anyone is encroaching on your IP in any other way.”

    The board should question the integrity of the supply chain. “Management might employ what appears to be a legitimate garment factory in China to make your branded shorts for $2 a pair,” says Wildman. “But are they sure this factory isn’t outsourcing the work to another one in Bangladesh that will make them for $1?”

    Thorough due diligence will also include the organsiation’s corporate structure. “If the factory is operating as a shell company, for example, the people you’re dealing with could disappear overnight with your IP,” Wildman continues. “If management can’t map out and understand the corporate structure, that’s a definite red flag.”

    Wildman is frustrated when companies appear to be blinded by the promise of low costs. “If you’re operating in an environment with no legal regimes of protection, an under-funded police force and a judiciary which has never dealt with complex IP claims you really can’t cry foul when your IP is stolen,” he says.

    Keeping informed

    A board can only oversee IP effectively if the directors stay abreast of changing technology, understand where the risks lie and know the right questions to ask management.

    “I think at least one director should specialise in IP or have responsibility for staying in touch with IP experts,” says Chin. “This will give the board the insight it needs to develop an effective IP strategy and ensure this is aligned with the corporate strategy.”

    As Wildman points out, no business is bulletproof. “There’s no such thing as perfect protection,” he says. “However, if an infringement of your IP ever posed a threat to your business, you should be able to look your shareholders in the eye and say you did everything you could to prevent it.”

    Tips to help directors manage their company’s IP

    David Chin: Good boards recognise the importance of their company’s IP. Great boards know how to use IP and leverage innovation to achieve their company’s corporate goals. Directors should start by establishing a culture of protection and active management, where everyone in the organisation accepts they have responsibility for safeguarding IP. Education, training and clear documentation are all vital.

    Regan Gourley: Boards need to know that someone in the organisation is responsible for managing and monitoring IP, and that they have all of the tools, time and resources they need to do a thorough job.

    David Wildman: Ensure that management has a brand protection plan and also an effective incident response plan. If you discover that your design is being counterfeited or that your customer information has been hacked, prompt action can at least contain the damage. This is not the time to be discussing what you should or shouldn’t do.

    Ursula Hogben: Protecting your own IP is crucial, but it’s also important that you don’t encroach on anyone else’s. The board should check that every idea or design is thoroughly researched to ensure that it really is unique. Not all IP is registered and, as usage alone bestows certain rights, it’s prudent to do a common sense investigation as well as searches of the various registers.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.