Digital data is becoming a hot commodity these days because it enables AI tools to do powerful things. Companies that offer content should keep up with the evolving technology and laws that can help them protect their online data.
As data becomes available online, it can be accessed in different ways leading to various legal issues. In general, one basis for protecting online data lies in the creativity of the data under the Copyright Act of 1976. Another basis lies in the technological barrier of the computer system hosting the data under the Computer Fraud and Abuse Act (CFAA) and Digital Millennium Copyright Act. It is also possible to protect online data based on contractual obligations or tort principles under state common law. In terms of the data, a company would need to consider its proprietary data and user-generated data separately, but any creative content is invariably entitled to copyright protection. Without owning the data, the company can still enforce the copyright via an exclusive license from its users. In terms of the computer system, a company could evaluate different security measures for restricting access to the data without severely sacrificing visibility and usability of the company, the data and/or the computer system.
In a typical scenario, a company may make its data accessible to the public as is, publicly available in an obscured or tracked form, and/or accessible only to a select group. Let's consider these scenarios separately.
When the data is accessible to the public as is, another party's obtaining the data cannot be considered as computer abuse. SeehiQ
Otherwise, the data can be digitally obscured and effectively tracked before publication with the company's logo, a watermark or another obscuring device, which can complicate or sometimes deter use of the data. That in turn can enable the company to establish a technology circumvention claim when another party compromises the company's intent of copyright management by altering or canceling the obscuring device from the data. See Id. That can even allow the company to make a trademark infringement claim since another party can be damaging the company's branding with the same act. See Id.
In addition, the data can be shielded by a code-based authentication mechanism with a requirement for a login or a verification response, for instance, which can complicate or sometimes deter access to the data. Since such deterrence does not eliminate access, the company would still need to deal with undesirable use by authenticated users or their bot delegates. However, the stronger the authentication mechanism, which can be enhanced with measures to detect and prevent malicious behavior or intent, the better the chance of establishing a computer abuse or circumvention claim. See Ryanair DAC v.
In conclusion, to the extent that access to the data can be limited, a company that offers content is advised to strengthen the design of its content publication channels, such as websites or social media, to not only make it less easy to access and use the data but also make it clearer how the data should be accessed and used. The latter could be reinforced by also enhancing the terms and conditions to define unauthorized use and license restrictions and reserve audit rights.
Disclaimer: This Alert has been prepared and published for informational purposes only and is not offered, nor should be construed, as legal advice. For more information, please see the firm's full disclaimer.
NY 10036-4086
E-mail: solutions@duanemorris.com
URL: www.duanemorris.com
© Mondaq Ltd, 2023 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source