Friday, January 1, 2016

Trade Pacts and Trade Secrets

I already pointed out that:
The TPP chapter leaked by Wikileaks mandates that countries “judicial authorities shall, at least, have the authority to [...] order the destruction of devices and products found to be involved in" any activity that circumvents controls that manufacturers build into their software or devices. This makes the equipment white hats use to find vulnerabilities in, for example, things in the IoT subject to destruction.
Now, Glynn Moody at Techdirt points to a column in The Globe and Mail by Dan Breznitz, professor of Innovation Studies at the Munk School of Global Affairs at the University of Toronto. Breznitz explains that the TPP not merely greatly increases the intellectual property protections for both copyrights and patents, but also for trade secrets. Below the fold, details of some of the ways in which added protection for trade secrets is a catastrophically bad idea.

Unlike patents, which grant protection in return for disclosure of information to the public benefit, trade secrets provide no public benefit. So the protection they are granted is less. The company has a cause for civil action for breach of contract or trust against the agent of disclosure, but cannot act against others taking advantage of the public disclosure. The TPP stands this on its head:
Article 18.78 [of the TPP text] adopts a potentially very broad concept of a trade secret, a very wide range of activities that might constitute a breach and a very broad potential class of persons who might be liable. Worse, it also calls for criminalization. The potential risk for would-be entrepreneurs to start a business in anything that even remotely relates to their past job are now enormous. ... Even more disturbing, Articles 18.74 and 18.75 profoundly expand the enforcement measures, including significant provisional ex parte proceedings, and narrow the discretion of the courts. Those provisions apply to all intellectual property rights, including trade secrets. These extra-potent tools would be used not only where they are appropriate, but also where they aren’t – such as to stifle competition and innovation.
Breznitz illustrates one risk of this using the well-known history of non-compete clauses:
Michigan, following a similar logic behind the TPP view of trade secrets, historically enforced non-compete covenants that prevented people who worked for company A from leaving and starting to work for company B, or from opening their own businesses. This doctrine was used by Detroit automobile companies to reduce labour mobility and stifle innovation. California did not follow this route and is now home to Silicon Valley, the engine of U.S. innovation prosperity. Michigan instead is the home of Detroit, also a shining case of innovation – in how to handle the bankruptcy of a large municipality.
Manufacturers of Things in the Internet can treat any information whatever about the functioning of their Thing that was not public before they started work on it as a trade secret. Under the TPP regime, anyone outside the company doing pretty much anything with this information would be subject to criminal penalties. This is similar to the problems caused by retroactive classification of public information; conduct that at the time appeared legal can later be criminalized. Penalties would clearly apply to disclosing the information, such as a vulnerability. Presumably, the penalties would even apply to you as the "owner" of the Thing and the victim of the vulnerability! This makes the problems of DRM in the IoT far worse.

Returning to the problems of digital preservation, I've written that the major problem for emulation is copyright. Patents are less of a problem because they do eventually expire; Disney will make sure that copyrights never expire. But trade secrets never expire either, and the information about the internal operations of hardware and software needed for emulation to work is also likely to be regarded as trade secret. Criminal sanctions for disclosing this information are likely to make emulation too great a risk for anyone, even national libraries, to pursue.

No comments: