LIPS, Indian answer to USPTO Concerns
The recent report that USPTO has sent a notice to US legal firms that they
need to obtain “Export License” before outsourcing Patent drafting work to
India has raised doubts whether this could be a deathknell for the
fledgling LPO industry in India. The industry which is estimated to be
worth around US $640 million today employing around 7500 employees is
expected to grow to US $ 2 billion and employment levels of 30000 by 2010.
It would be sad if the anti outsourcing lobby of US is able to cut off
outsourcing of legal work to India under this pretext. More than the loss
of business to India, the greater losers would be US Inventors and
Companies which will see that their patent expenses would increase four to
five times immediately.
Though a leading Economic Daily in India has given out a dooms day
predictions to LPO, Naavi does not believe that such a prediction is
correct.
Firstly, it is necessary to recognize that USPTO is well within its rights
and is perhaps under a duty to inform its clients that some of the
technology information that may be subject matter of patent applications
may have national security implications and its disclosure to other
countries may need to be regulated.
Patent essentially being a legislation to promote publication of
inventions, it is not possible to hold back the information from anybody
including the terrorists once the specifications are published in a
gazette. What USPTO may be trying to protect is not the ultimate
dissemination of technology information but dissemination at a time when
the information may leak out and create loss of patents to the US
inventors.
A “Prohibition” of export of patent related information is not supported
by the system of Patents which encourages global search of prior art and
registration under PCT.
I therefore feel that there is a need to interpret the USPTO move as only
an expression of its concern on regulating the information security when it
moves out of the shores of US. This concern is genuine and if Indian LPO
industry has to justify its existence, it is necessary for them to respond
positively to this concern.
Naavi who is also the founder of Cyber Law College, a pioneering venture in
Cyber Law education in India and an architect of many pioneering services
to the Cyber Law Compliance area in India has now a ready prescription for
the Indian LPOs to ensure that USPTO cannot be manipulated as an instrument
of the anti-outsourcing lobby.
Cyber Law College as a part of its CyLawCom initiatives (Initiatives for
Cyber Law Compliance of IT operations in India) has developed for the first
time in India as well as anywhere in the world an Information Security
Standard for the processing of Legal Information. This “Legal Information
Privacy Standard” or “LIPS” Standard in its version 1008, incorporates 21
information security principles drawn from the established principles of
Privacy Protection and Information Security available in various other
information security initiatives.
The principles are drafted with the idea of simultaneously meeting
compliance standards in ITA 2000, HIPAA and ISO 27001.
All LPOs in India whether they are low end functionaries or high end
functionaries, can adopt these standards through a process of audit.
The end objective of the LIPS is to ensure that the Privacy Interests of
the customers whose legal information is processed in India is well
protected. LIPS is a voluntary standard and non compliance of the standard
is not directly punishable under law.
However, for any data theft or confidentiality compromise, civil and
criminal liabilities under ITA 2000 can be invoked. This includes civil
liabilities upto RS 10 million and imprisonment upto 3 years. The Personal
Data Protection Act which is in process in India may also impose
imprisonment upto 3 years for privacy breach with fine of upto Rs 10 lakhs
and also provide for Civil liabilities. This act is yet to become a law in
India.
Implementing LIPS could be considered as “Due Diligence” for corporates to
shield its executives from vicarious liabilities arising out of any breach
of law by the use of its network.
LIPS implementation is a three step process where the audit team will
first make a “Gap Analysis” and provide the requirements to be fulfilled by
the organization. These have to be then implemented by the organization in
the second phase. In the third phase the audit team will evaluate the
implementation and provide a certificate of compliance with LIPS. This is
subject to internal review once in three/six month and for external review
once in a year.
The first version of LIPS has been launched today the Vijaya Dashami day of
2008, it will be referred to as LIPS1008. The team from Ujvala Consultants
Pvt Ltd will be ready to undertake LIPS1008 audit to interested companies.
Naavi
October 9, 2008
Related Article: Indian LPO Industry Put on Notice