© 1995 Donald M. Cameron
(all rights reserved)
Toronto, Ontario, Canada
January, 1995
Physicists talk of the duality of light. Sometimes light acts like a particle. Sometimes light acts like a wave. Physicists aren't sure if light is a particle or a wave but manage to go about their daily business using both models.
The same duality is found for data in the legal universe: Is it property or not? The debate is not new. Past trends lead to interesting extrapolations.
In some contexts, data has some of the characteristics of "property".
Licence agreements commonly refer to data as "confidential information" or "trade secrets", "owned" by the Licensor. The contract claims ownership in the trade secret or confidential information and the parties agree to maintain it in secrecy.
Data can be exigible just like other forms of property. Computer software which is a trade secret is exigible to a writ of seizure and sale.
To be treated as proprietary data, the data must have been created by the owner, been created for the owner, or been purchased from its creator.
The data must be "private" and not "public" information. Public information includes information which the public either knows or has available to it in books, articles or from other sources.
The whole body of the information need not be completely novel. A compilation of publicly-available data unique to one person can nevertheless be confidential information or a trade secret (often termed "know-how") which a Court will protect.
The system design and specifications created by a programmer can be a trade-secret or confidential information where the design and specification is not general but is specific in nature, if it was treated as confidential and was subject to a danger of being copied as evidence by the restrictive licensing agreement which customers were required to sign.
The owner of the data must surround the data with physical and legal protection to limit access to the data to persons under an obligation to maintain its confidentiality. In other words, the information must be treated by the owner as being confidential. Passwords, security devices and physical isolation of data are indications that the owner of the data considers it to be confidential.
Sometimes your data is your data except when it is stored in data files that are part of someone else's software.
In Geac J&E Systems Limited v. Craig Erickson Systems Inc. et al., the Court ruled that, in the circumstances of that case, data files were part of the software. By examining data files to learn their structure, the software was being used. The licensees of the software were not permitted to show the "software" to anyone else under the terms of the licence agreement. Therefore, the licensees of the accounting software could not have their new supplier, Craig Erickson Systems Inc. ("CES"), export the licensee's data electronically using a program CES developed after looking at the data files on the licensee's computer.
In the Geac case, licensees of a program owned by Geac called the J&E Secondary modules (an accounting program for the construction industry) wanted to transfer their data into a format compatible with Procon, a new program offered by CES, a competitor of Geac. CES was licensed to use a related product, the J&E Primary module, but did not have a licence for the Secondary modules. Madam Justice Lang had ordered Craig Erickson Systems Inc. not to use or support the Secondary module software, including the program documents, which were defined by her order to include file layouts in particular.
CES employees looked at the Secondary module data files on a licensee's computer to see where the customer's pertinent data was located in order to extract that data and put it into the Procon data files. Geac objected to the electronic conversion performed by CES asserting that CES was "using" the Secondary module software as defined by Madam Justice Lang in her order, and brought contempt of court proceedings against CES.
According to Mr. Justice Ferrier, who heard the contempt application, looking at a data file to see how the data is organised constituted use of the software (as defined in the order) which was used to make the data file.
His logic was as follows. File layout documents are created by programmers developing the computer program so that the portion of the program they write can properly use the data files. Mr. Justice Ferrier understood that by saying that "software" included the file layout documents, Madam Justice Lang was using the term software not in the way programmers often use it (to mean the computer program itself) but rather in a broad sense, to include all aspects of a computer system (other than hardware) that allows hardware to work. If the file layout documents were part of software, then so was the information contained in the file layout documents. This information described the file structure (the way the data is organised in the data files). Mr. Justice Ferrier said that this information was also found in the data files themselves. Looking at the data files to see how the licensee's data was stored made use of information about the file structure and therefore indirectly used the information which originated in the file layout document and hence "used" the software. CES was doing indirectly what it was prohibited from doing directly and accordingly had breached Madam Justice Lang's order.
An appeal from Mr. Justice Ferrier's order is pending before the Court of Appeal.
What are the implications for business? If you want access to your data, be sure you have not contracted with someone else regarding their data so as to restrict your access to your data.
The European Community ("EC") adopted the Council Directive of May 14, 1991 on the Legal Protection of Computer Programs. In an effort to harmonize the European laws dealing with computer software, the EC has mapped out new territory for software protection. For example, in the area of software maintenance (such as repairing errors), the Directive allows modifications to be made which are "necessary for the use of the program". The EC Directive goes part way to solve the commercial problem raised by the Geac case.
In R. v. Stewart, the Supreme Court of Canada held that confidential information is not property which may be the subject matter of theft under s. 322 of the Canadian Criminal Code.
In the fall of 1981 a union was attempting to form a bargaining unit at the Constellation Hotel near the Toronto International Airport. The hotel management kept a confidential list of its 600 employees for payroll purposes. The list was in the form of a computer print-out. Wayne John Stewart, a consultant, was approached by someone who, he inferred, was associated with the union, to help in obtaining a list of the hotel employees to assist the union to solicit employees to obtain a bargaining unit at the hotel. Mr. Stewart asked Jan William Hart, an employee of the hotel employed as a security person, to procure the information and suggest various methods of obtaining the information. The information was to be copied from the confidential records of the hotel without removing or otherwise affecting the records themselves.
With respect to the count of theft, the issue at the trial of Mr. Stewart was whether confidential information was "anything" under s. 322(1). The trial judge, Mr. Justice Horace Krever, held that to be "anything" within the meaning of s. 322(1), the thing must be capable of being property and, after reviewing the authorities, concluded that confidential information is not property.
The Crown appealed to the Ontario Court of Appeal on the counts of fraud and theft. Two of the three judges of the Ontario Court of Appeal (Houlden & Cory JJ.) held that there is a right of property in confidential information that has been gathered through the expenditure of time, effort and money by a commercial enterprise for the purpose of its business. The third judge, Mr. Justice Lacourciere, dissented, holding that confidential information was not of itself protected under the Canadian Criminal Code, but suggested that counselling its disclosure might constitute counselling a criminal breach of trust.
The two judges who formed the majority and who allowed the appeal convicting Mr. Stewart of counselling the commission of theft each gave reasons for their decision. Cory J., held that not all information is property but found support for considering confidential information as property in civil cases. He found that Mr. Hart would have had the intent required by s. 322(1)(a) to (d) because he would have intended to deal with the information in such a manner that it would not be returned in the condition it was in at the time it was taken or converted. It would have lost its confidential character.
Houlden J. agreed with the reasons of Cory J. and added further conclusions on the case. He highlighted the increasing importance of this area (at pp. 29 and 30):
"Information and its collection, collation and interpretation are vital to most modern commercial enterprises. Compilations of information are often of such importance to the business community that they are securely kept to ensure their confidentiality. The collated, confidential information may be found in many forms covering a wide variety of topics. It may include painstakingly prepared computer programmes pertaining to all aspects of the firm's business; meticulously indexed lists of suppliers with comments as to their efficiency, reliability and time required for delivery; laboriously compiled lists of customers and their needs; instructions as to manufacturing processes learned from months of experimentation and trial; lists of employees, including reference to their physical well-being and disciplinary history that may be required to be kept confidential in compliance with the terms of a collective bargaining agreement. For many businessmen their confidential lists may well be the most valuable asset of their company. Their security will be of utmost importance to the firm."
He then went on to recite the cases holding that copyright is a form of property including lists compiled for business purposes. The list of hotel employees was an unpublished literary work to which copyright attached. He concluded that copyright constituted property of a nature that constituted "anything whether animate or inanimate" under s. 322(1) of the Criminal Code but then limited property which might be the subject matter of theft by stating at p.33:
"It should be noted that compilations such as this will only be capable of being stolen if they are confidential."
Houlden J. did not discuss s. 38 of the Copyright Act, which deems unauthorised copies of copyright material to be the property of the owner of the copyright. Quare, if he had been directed to that section, he might have concluded that the hotel would have been the owner of the property in the unauthorised copy of the employee list, and may not have restricted his limitation of theft to only confidential compilations.
The Supreme Court of Canada held that in order for something to be "anything" capable of being stolen it must be:
1. of a nature that it can be subject to a proprietary right, and;
2. capable of being taken or converted in a manner that results in the deprivation of the victim.
Mr. Justice Lamer held that as a matter of policy, confidential information should not be property for the purposes of s. 322. Additionally, Mr. Justice Lamer held that confidential information did not satisfy the second requirement to be "anything": pure intangibles can only be converted, not taken. He held that except in very rare circumstances, confidential information is not of a nature that it can be taken or converted. There is no deprivation and hence no conversion.
The decision of the Supreme Court of Canada echoed the comments made by the trial judge:
"If this interpretation should be thought to be inadequate to meet the needs of modern Canadian society, particularly because of its implication for the computer age, the remedy must be a change in the law by Parliament."
The European Community feels that there is a need for increased protection of databases. Copyright protects the "form" data takes but does not protect the data itself. Where there is insufficient "form" (for example in a short work), there is no copyright. Where there is insufficient originality, the work is not protected by copyright.
The Commission produced a draft database Directive on April 15, 1992 which proposed new rights dealing with databases. The draft was revised on October 4, 1993.
One interesting new intellectual property right proposed by the Directive is the right to prevent unauthorized extraction of data which protects the effort of an author who creates a database which lacks sufficient originality for copyright protection. Persons with access to the database are prevented from extracting and re-utilizing the contents of the database for commercial purposes. The right is reminiscent of the "sweat of the brow" threshold common to U.S. copyright law prior to the Feist decision.
The right is proposed to last for 15 years. Compulsory licences are contemplated where the data found in the database cannot be independently created, collected or obtained form other sources. Under such circumstances, the data must be made available on "Fair and non-discriminatory terms". For databases produced by "public bodies", one can extract and re-use insubstantial parts of the database for commercial purposes.
Like the American Semiconductor Chip Protection Act, protection under the European Directive is to be available only to nationals of members of the EC and countries such as Canada will obtain such protection only if they offer comparable protection to databases and if a bilateral agreement is reached.
Should Canada enact a right to prevent unauthorized extraction? If we do not, will the database industries move to Europe where such protection exists? Will the right to prevent unauthorized extraction prompt "me-too" legislation such as the foreign equivalents to the Semiconductor Chip Protection Act ?
Data is the fuel of the information highway. The ability to control the reproduction and re-use of data will determine who can use the data and for what purpose.
Recent trends in Europe show that the legal model for data is evolving towards making data look more like "property" than not.
The old legal models for data do not fit its positionnor importance in the economy. New models must evolve to respond to commercial and social needs. New categories of intellectual property will be created to protect data as it evolves into a unique form of "virtual" property.