China: IP In The Cloud: The China Perspective

Last Updated: 21 December 2017
Article by Nick Beckett and Matt Pollins

China is in the middle of a rapid shift towards cloud technologies. Execution of the 13th Five Year Plan will deliver substantial investment into cloud computing and the sector is undergoing unprecedented growth. Meanwhile, organisations operating in this digital economy face an increasingly complex intellectual property (IP) environment, as China becomes a global IP centre and scales up IP protection, enforcement and penalties for infringement. Indeed, the number of cloud-related IP lawsuits in China grew 158% between 2011 and 2016. Against this backdrop, organisations face an important question: how can they take advantage of the enormous opportunities presented by the cloud in a way that manages this complex IP landscape? In this post, Matt Pollins and Nick Beckett from CMS look at the practical steps organisations can take to protect themselves and succeed in the cloud.

China's "Internet Plus" economy and the role of cloud computing

China is undergoing a rapid digital transformation. The "Fourth Industrial Revolution" is well underway, as the Government's "Internet Plus" initiative sees the integration of digital technologies into organisations in every industry across the nation.

The 13th Five Year Plan, which prioritises digital technologies and innovations, is the driving force of this digital transformation. As part of the Plan, China's broadband coverage will reach 70% of households by 2020. Mobile internet will reach around 85% of the population, adding a staggering 400 million additional internet users.

Against these seismic shifts in technology development and adoption, the opportunity for organisations to leverage digital technologies to drive growth and improve services is clear – whether it is the shift towards cashless payments, the growth of tele-health or the explosion in e-commerce sales. And, not content with maximising the opportunities arising from growth in the domestic market, Chinese companies are going global, launching international enterprises, from e-commerce to digital media.

At the core of China's digital transformation is cloud computing. The sector has grown an average of 40% year-on-year since 2011 and there is no sign of the pace of cloud adoption slowing. China's digital economy is being built on cloud services, often provided by third party cloud service providers. The cloud offers the opportunity to expand into new businesses and markets faster than ever before. However, this new opportunity comes with new challenges and, like every transaction with a supplier, customers need to assess any associated legal considerations. Like our previous posts on the position in Europe and South-East Asia, this post focuses on an often-overlooked legal consideration in moving to the cloud: IP.

"Infringers will pay a heavy price": China ramps up IP protection and enforcement

China is fast becoming a global centre of innovation. As the country shifts from "Made in China" to "Created in China", China is investing heavily in the development, commercialisation, protection and enforcement of IP rights.

This trend applies across all categories of IP rights – but patents are perhaps the best example of China's changing IP landscape. Chinese patent applications soared 45% in 2016 and the country is on-track to overtake the United States and Japan as the biggest user of the international patent system by 2019, according to the World Intellectual Property Office (WIPO). At a domestic level, China's patent office is already by far the world's busiest, handling about one million applications a year.

China's IP laws are also evolving to reflect the changing IP landscape. In 2017, President Xi Jinping himself made rare public comments about the need for China to further strengthen its protection of IP rights. President Xi also emphasised that China would introduce even heavier sanctions for infringement: "Wrongdoing should be punished more severely so that IP infringers will pay a heavy price". In 2015, China published a draft Fourth Amendment to its Patent Law, increasing statutory damages five-fold and expanding a number of patent and enforcement provisions.

China already sees more IP lawsuits than any other country and dispute resolution mechanisms are adapting to adjudicate these disputes more quickly and effectively. Since 2014, China has launched specialist IP courts in major cities, in addition to specialist IP "tribunals" across the country. China is one of only a limited number of countries across Asia to have such specialist dispute resolution mechanisms.

Clearly IP has become a national priority in China. This increases the range of protections available to organisations that develop IP, which is good news for the digital economy. However, it also increases the IP risks for organisations because the increasingly complex landscape raises the risks of inadvertent infringement – and the penalties for such infringement are becoming ever-more stringent.

As a result of these developments, every digital business needs to have an IP strategy, both in terms of protecting its own assets and in terms of defending itself against potential infringement claims. This is no different for companies who use the cloud than those using on-premises servers. However, the cloud gives rise to a number of new IP considerations.

How can IP be infringed in the cloud?

Unfortunately, IP risks do not disappear when information is stored in the cloud. Let's say Company A is one of the growing number of digital, technology-powered businesses in China. If the cloud services it uses, or the applications and services it runs on those cloud services, incorporate code that is owned by Company B, then Company A may have infringed Company B's intellectual property rights – including copyright and/or patents.

If Company B decides to bring an infringement claim, it could be very costly for Company A – not least since Company B might be one of a growing number of patent assertion entities, companies that exist to acquire and enforce patents, primarily in the field of software, through litigation.

The number of patent assertion entities active in China's technology sector is on the rise. There are several reasons for this. China's filing systems are increasingly efficient, making the process for securing patent protection faster than in many other countries. New patent examination guidelines are friendlier to software patent owners because they reduce the complexities associated with prosecution procedures. China's specialist IP dispute resolution courts are capable of resolving disputes more quickly than non-specialist courts. And the penalties for infringement are becoming ever-more stringent, as outlined above.

As a result of these developments, the number of cloud-related IP lawsuits in China increased 158% between 2011 and 2016.

What are the key IP infringement risks in the cloud, and how can they be addressed?

We see three key IP infringement risks as organisations in China move to the cloud – each of which we believe can be addressed by putting in place the right organisational processes.

1. The confidentiality and security risk – is my proprietary information kept confidential and secure?

Much has been written about the need for confidentiality and security in the cloud – however, this is usually looked at from a data protection or cybersecurity perspective. These issues also matter from an IP perspective.

Organisations are increasingly using the cloud for all categories of data – including commercially-sensitive data and proprietary information. The shift from "Made in China" to "Created in China" means that Chinese organisations are developing more proprietary IP rights. This also means that Chinese organisations are a target for malicious actors who recognise the value of their commercially-sensitive data and information. If that data and information were to leak into the public domain through a breach incident, it could carry immense value for competitors and malicious actors. Not only could the organisation lose the first-mover advantage, which could be relevant (amongst other things) to future patent applications, it could also find itself having to bring an IP claim against an unscrupulous competitor who leverages the stolen technology without its consent.

Of course, this does not mean that organisations should view the cloud as intrinsically less secure and therefore limit themselves to on-premises solutions. In fact, with billions of dollars of investments in cloud security by the biggest players, cloud actually has the potential to enhance security versus on-premises solutions.

The answer, instead, is to carry out thorough due diligence on the service provider and its security and confidentiality practices. This should happen both at an operational level (for example, is the service provider certified against national security standards, such as China's DJCP, and international security standards, such as ISO 27001?) and at a contractual level (e.g. does the service provider make binding contractual commitments as to data security and confidentiality?)

2. The service provider risk – what happens if their technology infringes third party IP and I get sued?

What about a situation in which an IP infringement claim is caused not by the cloud customer's own materials and code but because of the service provider's code? This is certainly a risk area that cloud customers will want to ensure is addressed, particularly at a time when patent assertion entities are becoming more active in China and around the world.

On the one hand, the cloud customer may take the view that, in all likelihood, the infringement claim will be brought against the cloud services provider – not least if the cloud services provider is a large international company with deep pockets. This is true, to an extent, but the large cloud services providers also have very large and sophisticated legal teams, not to mention a vast catalogue of many thousands of patents, which it can use to defend or counter-sue. A cloud customer may not have all of these protections – and, in the eyes of the patent assertion entity, may be more inclined to settle.

The practical solution lies, as always, in a fair allocation of risk between service provider and customer in the services contract. There is no magic in this issue – just as they would in any services contract, customers can and should be asking their services provider for indemnity protection in relation to third party claims. The problem is that the standard contracts of major cloud services providers often contain limited or no indemnity protections in favour of the customer.

Fortunately, the position is starting to change. Given the growing focus on legal and regulatory considerations with cloud adoption, cloud services providers are starting to compete not just based on technical specifications and service offerings but also based on their contractual offerings. Microsoft, for example, recently announced that it would expand its "Azure IP Advantage" offering into China through its partnership with 21Vianet. The offering provides uncapped IP indemnification coverage against third party claims. Microsoft is believed to be the first major hyperscale cloud provider to offer uncapped indemnification "as standard" in its contractual terms for cloud services in China. It remains to be seen whether uncapped indemnification will become an industry standard but undoubtedly IP indemnification is an "ask" that customers should now be raising with their service providers in China.

3. The international risk – navigating international IP laws as Chinese businesses go global

China's digital economy is not just developing on home soil. Organisations in China are increasingly active overseas, launching and investing in technology-powered businesses in other jurisdictions around the world.

The commercial opportunity to leverage domestic success to drive international growth is clear. However, international expansion carries new IP risks for technology-powered businesses. The international landscape for IP, like that in China, is changing rapidly. The risks of infringement and stringent enforcement by patent assertion entities are much the same as in China – but with the added challenge of having to navigate fragmented and unfamiliar legal frameworks for IP.

One example is South-East Asia, where we previously outlined the fragmented nature of the IP landscape and the risks of facing litigation in unfamiliar jurisdictions. So how can organisations in China navigate the international risk?

First, it is important to get data location transparency from the service provider. Without knowing where the data is located, the cloud customer cannot know which jurisdictions could potentially be relevant to an IP infringement claim. The service provider should be able to provide details of the locations in which it stores data in its cloud services (and this is of course relevant for other reasons, such as cybersecurity, data protection and country risk).

Second, the customer will want to consider whether its contractual IP indemnity protections, as outlined above, protects it against claims that occur outside of China.

Conclusions – managing IP risks to successfully leverage the cloud in China

Digital transformation is already a national priority for China – and it is already a boardroom priority. It is becoming a matter of when, rather than if, organisations will take advantage of the full spectrum of new technologies, including cloud computing.

A key part of this journey will be managing the associated legal and regulatory considerations that arise through the use of these technologies. Just as organisations have found ways to manage regulatory compliance risks, such as privacy, data security and cybersecurity considerations, so too will they need to find solutions to manage the IP risk. Cloud service providers need to play their part – and the measures above are the bare minimum that cloud customers should expect their service providers to support.

The position will no doubt continue to evolve as the 13th Five Year Plan and associated changes in IP strategy are executed. But as China transforms through cloud technologies as part of its "Internet Plus" initiative, and as the country shifts from "Made in China" to "Created in China" by placing more emphasis and value on intangible assets, management of IP risk in the cloud will be a key measure of success.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

To print this article, all you need is to be registered on Mondaq.com.

Click to Login as an existing user or Register so you can print this article.

Authors
 
Some comments from our readers…
“The articles are extremely timely and highly applicable”
“I often find critical information not available elsewhere”
“As in-house counsel, Mondaq’s service is of great value”

Related Topics
 
Related Articles
 
Related Video
Up-coming Events Search
Tools
Print
Font Size:
Translation
Channels
Mondaq on Twitter
 
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).
 
Email Address
Company Name
Password
Confirm Password
Position
Mondaq Topics -- Select your Interests
 Accounting
 Anti-trust
 Commercial
 Compliance
 Consumer
 Criminal
 Employment
 Energy
 Environment
 Family
 Finance
 Government
 Healthcare
 Immigration
 Insolvency
 Insurance
 International
 IP
 Law Performance
 Law Practice
 Litigation
 Media & IT
 Privacy
 Real Estate
 Strategy
 Tax
 Technology
 Transport
 Wealth Mgt
Regions
Africa
Asia
Asia Pacific
Australasia
Canada
Caribbean
Europe
European Union
Latin America
Middle East
U.K.
United States
Worldwide Updates
Registration (you must scroll down to set your data preferences)

Mondaq Ltd requires you to register and provide information that personally identifies you, including your content preferences, for three primary purposes (full details of Mondaq’s use of your personal data can be found in our Privacy and Cookies Notice):

  • To allow you to personalize the Mondaq websites you are visiting to show content ("Content") relevant to your interests.
  • To enable features such as password reminder, news alerts, email a colleague, and linking from Mondaq (and its affiliate sites) to your website.
  • To produce demographic feedback for our content providers ("Contributors") who contribute Content for free for your use.

Mondaq hopes that our registered users will support us in maintaining our free to view business model by consenting to our use of your personal data as described below.

Mondaq has a "free to view" business model. Our services are paid for by Contributors in exchange for Mondaq providing them with access to information about who accesses their content. Once personal data is transferred to our Contributors they become a data controller of this personal data. They use it to measure the response that their articles are receiving, as a form of market research. They may also use it to provide Mondaq users with information about their products and services.

Details of each Contributor to which your personal data will be transferred is clearly stated within the Content that you access. For full details of how this Contributor will use your personal data, you should review the Contributor’s own Privacy Notice.

Please indicate your preference below:

Yes, I am happy to support Mondaq in maintaining its free to view business model by agreeing to allow Mondaq to share my personal data with Contributors whose Content I access
No, I do not want Mondaq to share my personal data with Contributors

Also please let us know whether you are happy to receive communications promoting products and services offered by Mondaq:

Yes, I am happy to received promotional communications from Mondaq
No, please do not send me promotional communications from Mondaq
Terms & Conditions

Mondaq.com (the Website) is owned and managed by Mondaq Ltd (Mondaq). Mondaq grants you a non-exclusive, revocable licence to access the Website and associated services, such as the Mondaq News Alerts (Services), subject to and in consideration of your compliance with the following terms and conditions of use (Terms). Your use of the Website and/or Services constitutes your agreement to the Terms. Mondaq may terminate your use of the Website and Services if you are in breach of these Terms or if Mondaq decides to terminate the licence granted hereunder for any reason whatsoever.

Use of www.mondaq.com

To Use Mondaq.com you must be: eighteen (18) years old or over; legally capable of entering into binding contracts; and not in any way prohibited by the applicable law to enter into these Terms in the jurisdiction which you are currently located.

You may use the Website as an unregistered user, however, you are required to register as a user if you wish to read the full text of the Content or to receive the Services.

You may not modify, publish, transmit, transfer or sell, reproduce, create derivative works from, distribute, perform, link, display, or in any way exploit any of the Content, in whole or in part, except as expressly permitted in these Terms or with the prior written consent of Mondaq. You may not use electronic or other means to extract details or information from the Content. Nor shall you extract information about users or Contributors in order to offer them any services or products.

In your use of the Website and/or Services you shall: comply with all applicable laws, regulations, directives and legislations which apply to your Use of the Website and/or Services in whatever country you are physically located including without limitation any and all consumer law, export control laws and regulations; provide to us true, correct and accurate information and promptly inform us in the event that any information that you have provided to us changes or becomes inaccurate; notify Mondaq immediately of any circumstances where you have reason to believe that any Intellectual Property Rights or any other rights of any third party may have been infringed; co-operate with reasonable security or other checks or requests for information made by Mondaq from time to time; and at all times be fully liable for the breach of any of these Terms by a third party using your login details to access the Website and/or Services

however, you shall not: do anything likely to impair, interfere with or damage or cause harm or distress to any persons, or the network; do anything that will infringe any Intellectual Property Rights or other rights of Mondaq or any third party; or use the Website, Services and/or Content otherwise than in accordance with these Terms; use any trade marks or service marks of Mondaq or the Contributors, or do anything which may be seen to take unfair advantage of the reputation and goodwill of Mondaq or the Contributors, or the Website, Services and/or Content.

Mondaq reserves the right, in its sole discretion, to take any action that it deems necessary and appropriate in the event it considers that there is a breach or threatened breach of the Terms.

Mondaq’s Rights and Obligations

Unless otherwise expressly set out to the contrary, nothing in these Terms shall serve to transfer from Mondaq to you, any Intellectual Property Rights owned by and/or licensed to Mondaq and all rights, title and interest in and to such Intellectual Property Rights will remain exclusively with Mondaq and/or its licensors.

Mondaq shall use its reasonable endeavours to make the Website and Services available to you at all times, but we cannot guarantee an uninterrupted and fault free service.

Mondaq reserves the right to make changes to the services and/or the Website or part thereof, from time to time, and we may add, remove, modify and/or vary any elements of features and functionalities of the Website or the services.

Mondaq also reserves the right from time to time to monitor your Use of the Website and/or services.

Disclaimer

The Content is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements or provide advice on which reliance should be placed. Mondaq and/or its Contributors and other suppliers make no representations about the suitability of the information contained in the Content for any purpose. All Content provided "as is" without warranty of any kind. Mondaq and/or its Contributors and other suppliers hereby exclude and disclaim all representations, warranties or guarantees with regard to the Content, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by law, Mondaq expressly excludes all representations, warranties, obligations, and liabilities arising out of or in connection with all Content. In no event shall Mondaq and/or its respective suppliers be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use of the Content or performance of Mondaq’s Services.

General

Mondaq may alter or amend these Terms by amending them on the Website. By continuing to Use the Services and/or the Website after such amendment, you will be deemed to have accepted any amendment to these Terms.

These Terms shall be governed by and construed in accordance with the laws of England and Wales and you irrevocably submit to the exclusive jurisdiction of the courts of England and Wales to settle any dispute which may arise out of or in connection with these Terms. If you live outside the United Kingdom, English law shall apply only to the extent that English law shall not deprive you of any legal protection accorded in accordance with the law of the place where you are habitually resident ("Local Law"). In the event English law deprives you of any legal protection which is accorded to you under Local Law, then these terms shall be governed by Local Law and any dispute or claim arising out of or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts where you are habitually resident.

You may print and keep a copy of these Terms, which form the entire agreement between you and Mondaq and supersede any other communications or advertising in respect of the Service and/or the Website.

No delay in exercising or non-exercise by you and/or Mondaq of any of its rights under or in connection with these Terms shall operate as a waiver or release of each of your or Mondaq’s right. Rather, any such waiver or release must be specifically granted in writing signed by the party granting it.

If any part of these Terms is held unenforceable, that part shall be enforced to the maximum extent permissible so as to give effect to the intent of the parties, and the Terms shall continue in full force and effect.

Mondaq shall not incur any liability to you on account of any loss or damage resulting from any delay or failure to perform all or any part of these Terms if such delay or failure is caused, in whole or in part, by events, occurrences, or causes beyond the control of Mondaq. Such events, occurrences or causes will include, without limitation, acts of God, strikes, lockouts, server and network failure, riots, acts of war, earthquakes, fire and explosions.

By clicking Register you state you have read and agree to our Terms and Conditions