1. Post

   Get a Handle on Data Protection Risks and Seize New Business Opportunities

   Almost all companies process personal data, which makes them data controllers obligated to comply with data protection legislation. In this respect, the new regulation makes data protection a part of corporate risk management on an entirely new scale. In order to ensure that they identify, manage and minimise these risks properly and efficiently, companies must look beyond their own business risks and keep in mind whose risks they are really dealing with. Data Protection Risks Are Individual Risks The purpose of personal data legislation is to protect the rights of individuals—you, me, everyone—to data privacy. The risk that personal data will be abused also primarily affects individuals. If you look at the numbers, the legislator has really spelled this out in the new regulation: the word ‘risk’ appears in the new regulation about 70 times—a ten-fold increase over the current Data Protection Directive. The Data Protection Regulation emphasises the data controller’s duty to plan its data processing procedures in such a way that the risks on the level of individuals are taken into account proactively. This requires more of companies than just incorporating data protection risks into their existing risk management processes—risk awareness needs to be present in data protection work that data controllers engage in on every level. Without making an assessment of the potential effects on individuals, the effective implementation of data protection legislation is impossible. How can companies choose the correct legal grounds (such as determining whether the data controller’s legitimate interests are in balance with the rights of individuals) or determine the proper level of data security without knowing what the risks to the individual are? Be Systematic According to the principle of privacy by default , companies need to identify and account for risks to individuals well before starting to process data. Companies should adopt some kind of privacy impact assessment to systematically assess and document the risks relating to data processing. One of the major changes being brought by the new Data Protection Regulation is accountability . It is no longer enough that a company’s actions are compliant, they have to be able to demonstrate it. The risk management methods mentioned above are a key part of fulfilling this obligation. Systematic data protection procedures that take the risks to individuals into account will not only shield companies from fines and other penalties, but maintain the public’s trust in the company. This trust then forms the foundation for the next step, in which data protection ceases to be a risk and becomes a business opportunity . This should be the long-term goal of every company.

   Published: 20.3.2017

2. Post

   Trademarks, Design Rights and Patents – Do You Have the Right Tools in Place?

   This can be seen particularly clearly in regards to intellectual property rights. A trademark is not a must have extra protection for a trade name, a design right is no award for good design, and the number of patents does not necessarily prove the innovativeness of a company. Neither does the mere existence of these rights guarantee that a company will succeed in the market. Why not? Strategy in Line with Business? It is back to basics. It is difficult to stand out from others in competitive markets. Companies often use every possible means to achieve an edge over their competitors with respect to technology, marketing and design. The strategy that a company uses in securing an edge in these areas, the company DNA, should also be reflected in the views of the company, no matter its size, towards intellectual property rights and, particularly, how those rights are utilised. A well-planned strategy is essentially a half-executed one. However, putting resources into securing intellectual property rights goes to waste if the company has no vision of how those rights actually boost its business. The IP strategy used may be active or passive, and depending on the markets and field of business, as well as on the company size, the level of risk tied to a company’s IP rights strategy can vary greatly. Have You Considered the Risks? Let’s change our perspective: it is nearly always a business risk if intellectual property rights – whether owned by the company itself or by its competitors in the field – have not been cleared and even further, if the company’s own rights have not been evaluated and possibly registered and secured by agreements. However, these registrations and agreements rarely have the desired effect if they are not diligently executed and consistently used. A considerable trademark portfolio may look really impressive, but if the portfolio cannot be efficiently enforced or used due to the low level of protection provided for it, then it is worthwhile to ask why registrations for such rights were filed in the first place? The answer in such situations is often something like: 'I do not know, I have been with the firm only for a couple of years'. A well-documented IP strategy is helpful in a situation like this, too. The good thing about the nature of strategy work is that its results are not written in stone and the work is ongoing. Hence, further revisions can and should be made. Well-planned use of your tools is really your key to success. So, in the spirit of the Nordic World Ski Championships in Lahti, you may well ask: where is the problem if your set of skies failed you? Equally relevant: what could be done about it before the next race?

   Published: 27.2.2017

3. Post

   Drones to Fly More Freely: Four Changes to the Regulation

   Today, drones are a billion-dollar business  (article in Finnish). Creativity seems to be the only limit for business opportunities. In a report last year, the international accounting and consulting firm PwC estimated that the global drone business is worth over 127 billion dollars. The development of the drone business is mirrored by the increasing regulation that has developed over the past few years. The Finnish Transport Safety Agency's newest regulation on the use of remotely piloted aircraft and model aircraft  entered into force at the beginning of 2017. The regulation was previously updated just over a year ago. As there are currently no pan-European rules, the field is still predominantly regulated on the national level. The new regulation is another step in a more liberal direction in a situation in which many other countries are tightening their regulation. In principle, the departing point for the Finnish rules is safety and operator self-regulation. Though the new regulation is mostly in line with the previous one, the below liberalisations and clarifications will be a positive thing for many companies and enthusiasts in the field. The situation, however, is constantly developing, and the Finnish regulation may change direction as work towards a common European framework nears completion. 1) Indoor Use Explicitly Excluded from the Scope of the Regulation The new regulation is not applied to flying indoors, such as flying in aircraft hangars, because such activities do not pose a danger to other aviation. In this respect, the scope of the new regulation is the same as the old. The difference is that the new regulation explicitly states that it is not applicable to indoor use. In this context, indoor is defined as a space from which the remotely piloted aircraft or model aircraft cannot get out of. Indoor use must, however, be agreed on with the owner of the building, who is usually responsible for the security arrangements. 2) Light Model Aircraft Freed from the Regulation The weight and characteristics of remotely piloted aircraft and model aircraft vary a great deal depending on the model. In addition to remotely piloted aircraft, the regulation also applies to the use of model aircraft in Finland, but only if they weigh more than 250 grams. Light model aircraft are, thus, excluded from the scope. No minimum weight is provided for remotely piloted aircraft. 3) Flying Remotely Piloted Aircraft over a Densely Populated Area or an Open-Air Assembly of Persons – Determining the Take-Off Mass Made Simpler Professional photography using remotely piloted aircraft has become more common over the past few years at various types of events. Professional photographers, among others, got headaches from the old regulation’s weight restrictions concerning remotely piloted aircraft which are flown over a densely populated area or an open-air assembly of persons. The new regulation clarifies the weight limit for remotely piloted aircraft to be used over a densely populated area or an open-air assembly of persons. Now, the seven kilogram take-off mass limit is calculated without attached rescue equipment, such as parachutes. Operators found it difficult to calculate the total weight of rescue equipment and aircraft in certain situations, and this change is intended to better promote the use and development of a variety of rescue equipment. Model aircraft are still subject to the unconditional prohibition to fly over an open-air assembly of persons. 4) Use of a Video Link Not Considered Visual Line-of-Sight Visual line-of-sight ( VLOS ) is a quite strict requirement for the use of remotely piloted aircraft and model aircraft in both the old regulation and the new one. The new regulation takes into account recent developments in aviation technology by setting separate provisions for first-person view ( FPV ) flying using a video link. The regulation expressly states that first-person view operations are not regarded as visual line-of-sight operations. Under the new regulation, however, the use of model aircraft via video link is permitted under certain conditions. This requires the use of at least one assistant to ensure the safety of the operation. The assistant must be able to observe other traffic and obstacles and to assess the need for steering clear of other aircraft, reliably and without instruments. The assistant must have direct visual contact with the model aircraft and direct voice contact with the pilot, without communication devices. So, the rule for the use of model aircraft remains visual line-of-sight to the aircraft − the requirements for using an assistant are to ensure visual line-of-sight in first-person view operations. It should be noted, however, that flying remotely piloted aircraft ( RPA ) via video link is also possible using an RPA observer to ensure visual line-of-sight.

   Published: 16.2.2017

4. Post

   Procurements Units to Check Criminal Records

   Background Checks for Winning Tenderers Even before the reform, procurement units had to rule out suppliers that they knew, for example based on information in the media, to have committed a serious crime. What is new is that the procurement unit now has an express obligation to check that the winning tenderer has not committed a crime leading to mandatory exclusion before signing the agreement. The procurement unit’s background check obligation applies to larger procurements for goods and service and construction contracts, i.e. those exceeding the EU thresholds. The act also provides the opportunity to carry out corporate backgrounds checks in competitive tender processes exceeding the national thresholds. The procurement unit carries out the background check by asking the winning bidder to submit criminal record excerpts on the members of its administrative, management or supervisory bodies and on persons exercising representation, decision-making or supervisory powers in the company. The company requests the criminal record excerpts from on these persons itself from the Legal Register Centre. Prior to requesting the information, the company must obtain the consent of the persons in question. No Copying or Storing of Criminal Record Data Criminal records are sensitive personal data that companies must have legal grounds to process. It is clear that criminal record excerpts cannot include data on crimes other than those expressly stated in the Act on Public Contracts. In accordance with the Act on Public Contracts, a company participating in a competitive tender process cannot copy or store criminal records for itself. In practice, this means that each person must keep their own criminal records excerpt and submit it separately for each tender process to the tendering company, which will then send the excerpt on to the procurement unit. This can cause practical problems if the number of tendering processes and excerpts to be summited is high. Bidding companies would be well advised to create efficient internal process to handle these filings. The procurement unit must dispose of the criminal records excerpt or return it directly to the person in question once the person’s background has been checked from the excerpt. Information provided in the criminal records cannot be disclosed to people in the procurement unit who do not need it. The Newer the Criminal Record Excerpt, the More Reliable It Is The Act on Public Contracts states that the criminal record excerpt cannot be more than twelve months old. This is understandable, as it makes it possible to use the same excerpt for more than one tendering process. On the other hand, a year is a long time, and it is possible that a member of a company’s management could commit an offence during that time. So from the perspective of the accuracy of the information, older excerpts constitute a risk for the procurement unit. Of course, employees are obligated to inform their employers changes to their data. Collected Data Forms a Register From the perspective of employer obligations, collected criminal record data forms its own register or at least a new data category, and the matter must be discussed in cooperation negotiations prior to starting the collection of the data. Procurement units, for their part, have an obligation to record the fact that criminal record excerpts have been collected from the necessary parties. This forms its own register and the units incur the related data controller obligations, such as the obligation to draft a file description. The data protection legislation set to change in a year  will tighten the requirements for maintaining registers even further. Many suppliers are currently reviewing their current data protection practices, and procurement units should also take a close look at the data protection issues relating to competitive tender processes.

   Published: 1.2.2017

5. Post

   Will the New Year Deal the Tax Man the Best Hand?

   Tax Authority Given Free Discretion Under the old rules, the taxation of a particular year could be rectified to the detriment of the tax subject no more than approximately six years after the fact. The key issue was that making a rectification after such a long time had passed required clear fraudulence or error: it was a requirement that the tax subject had either failed to file a tax return entirely or had filed an incomplete, misleading or false tax return. Otherwise the rectification would have to be carried out within a much shorter timeframe or the taxation would remain in force as originally imposed. The old rectification rules will continue to be applied to rectification of taxation for 2016 and preceding years. As of the start of the 2017 tax year, the requirement for tax subject misconduct was removed. This means that taxation can now be rectified even if the taxpayer has, to the best of its knowledge, submitted correct information to the tax authority if the tax authority interprets the situation differently to the taxpayer. At the same time, the period for rectifying taxation was shortened to three years. However, the tax authority was given the discretion to extend the rectification period by one year if it receives information affecting taxation exceptionally late or the tax subject is considered to have impeded taxation. However, there is an exception that is particularly significant to corporations. Under this exception, the rectification period for transfer pricing issues and intra-group financing and structural arrangements is still six years. Despite the rectification period remaining six years, rectification no longer requires fraud or error on the part of the tax subject. That same extended rectification period also applies under certain conditions to rectifications based on information obtained through international information exchanges between tax authorities. However, rectification is not possible under the new rules if the Tax Administration has already—for example, when carrying out taxation—investigated and expressly decided the matter. Three Years of Uncertainty? The new rectification procedure raises many questions. When will the Tax Administration be deemed to have investigated and expressly decided a matter in a way that precludes rectification? Even under the old rules, it has been a challenge to get the Tax Administration to expressly investigate and decide an open tax question even if asked directly via a tax return. At worst, even after receiving a tax decision, taxpayers have remained uncertain of whether the Tax Administration has expressly decided a tax question or not investigated it at all. Another question relates to when the possibility to rectify taxation ends—or whether it has ended. As the new system allows rectification to be carried out without error on the tax subject’s part, the tax subject has no real way to be sure the result of taxation is final until the three-year period has run out without hearing from the Tax Administration. In a worst case scenario, the Tax Administration would send a decision on extending the rectification period in the Christmas mail of the last year, which would prolong the uncertainty. One can only hope that the Tax Administration doesn’t start seeing intra-group situations everywhere and handing out extensions just to hold on to its rectification right for as long as possible. Certainty through Advance Rulings? The Tax Administration has gained notoriety, among other things, in the case of ‘tax penitents’ who reported their secret foreign investments. Last November, it refused to publish the criteria under which it decided to pass on some—but not all—of the tax penitent cases on to a police investigation. The Tax Administration’s secrecy raised a number of questions concerning the equity of the procedure, which later lead to a complaint to the Parliamentary Ombudsman. The stated goal of the reform of the rectification process is, among other things, to improve due process for tax subjects. However, if the tax authorities behave as unpredictably and secretively as in the tax penitent case, the results will be a wild contradiction of this goal. Hopefully these dark clouds remain just bad dreams. This is possible, given that various advance proceedings and more efficient cooperation with its customers have had a prominent place on the Tax Administrations agenda of late. Only time will tell whether this procedural reform will lead to any big surprises when the time comes to rectify taxation for 2017 and later years. What won’t be the least bit surprising is that advance rulings will grow in importance as corporations seek predictability in their taxation.

   Published: 25.1.2017

6. Post

   Supranational Iron Fist Tightens Grip – Finnish Companies also at Risk from Sanctions

   EU Sanction Regime Clear – Beyond It, Uncertainty The purpose of sanctions is to get the targeted states, groups or persons to alter their behaviour and actions in the manner desired by the party imposing them. Typically, sanctions restrict trade, financing, the possession of property or free movement. The EU’s sanction regime is clear. Its regulations apply to persons and companies operating in EU territory. Violations of sanctions are provided for on the nation level. In Finland, the matter has been regulated in the Santions Act by a reference to the provisions of Chapter 46 of the Criminal code. What has particularly given rise to uncertainty and concern in Finnish companies recently are non-EU sanctions regimes. The most significant of these the US sanctions governed by the OFAC (Office of Foreign Assets Control) and the BIS (Bureau of Industry and Security as well as permit and supervision systems. The OFAC and BIS both require companies to comply with supranational legislation, which means that a Finnish company could unintentionally fall into the US jurisdiction even if its operations themselves have no connection to the US. Violations of Sanctions Can Lead to Billions in Fines We have all heard in the media about European banks and oil companies that have been ordered to pay large fines due to violating OFAC regulations. The best-know example is probably BNP Paribas, which was alleged to have brokered monetary transactions to countries and parties on the sanctions list. The whole affair ended up carrying a 9 billion dollar price tag for the bank. There are also Finnish private individuals on sanctions lists and known listed companies that are subject to investment bans. I think one would be justified in asking what grounds there are for this kind of supranational jurisdiction. At the same time, it’s worth considering whether Finnish companies should be worried. OFAC Restricts Trade with Iran, among Others The OFAC is an iron fist of supranational jurisdiction that causes corporate directors continual headaches and uncertainty. The primary sanctions in the OFAC regime are targeted at particular countries and persons (Specifically Designated Nationals). The system also recognises secondary sanctions that indirectly target persons and companies outside the US that operate with parties subject to primary sanctions. The OFAC only adopted secondary sanctions a few years ago, and they mainly target Iran. US persons cannot be involved with parties subject to secondary sanctions. Monetary transactions can also be restricted. Under the tripartite treaty signed a year ago by the EU, US and Iran, secondary sanctions are being rescinded with respect to fields in the nuclear embargo, but risks still remain. How Does this Iron Fist Squeeze Finnish Companies? Finnish companies may encounter unexpected problems, for example, if they employ US citizens or US residents. Even though sanctions against Iran have been rescinded, US citizens can have no part in trade with Iran. Some European companies have signed recusal letters under national legislation with their US employees, which they using to try to work around persons at risk. Problems can also arise if a Finnish exporter does not sufficiently determine whether its products and services include US-sourced components or parts. Even if a Finnish company is not prevented from trading, for example, with Iran, many cargo carriers and shipping companies still refuse to ship goods to Iran. Many European financial institutions also refuse to be a party to payment transactions relating to Iran. Untested in Court As a mental exercise, I’ve thought about a scenario in which a Finnish court would be called upon to confirm a fine imposed by the OFAC against a Finnish company refusing to voluntarily pay the fine to the US authorities. If the Finnish court were to take a dim view of such confirmation, pressure would be likely to be applied through secondary sanctions aimed at preventing the insubordinate company’s ability to operate in the US and dollar markets. During the Obama administration, sanctions legislation and the related penalty practices have, with the exception of Iran, been made more strict. It remains too early to say what direction the new resident of the White House will take on sanctions practice, but based on his statements to date, I would begin preparing for the system to get even more complicated.

   Published: 23.1.2017

7. Post

   My Business Partner’s Business – Not My Business?

   Knowing your business partner – whether it is your supplier or your client – is crucial for your company’s success today. If you disagree, you are free to put your company’s reputation in the line of fire, but you should at least be aware that the potential legal consequences are severe. Let me elaborate a bit more.   The Law Sets the Bar First of all, we have a bunch of legislation in place both domestically in Finland and internationally that requires you to check the backgrounds of your business partners. Business deals that look good on paper may actually be illegal. When the Law Remains Silent What if the law does not require you to do a background check of your business partner? Should you still conduct one or just chase the biggest sales and profit figures of the quarter?                                 There is no one-size-fit-all solution to this question. However, I urge companies to seriously consider taking into account the reputation of their company in the long-run and stakeholder expectations for overall responsible business conduct. It comes down to the management to draw the line with respect to how they want profits to be generated and business to be conducted. Business partner background checks can be necessary even in the Nordic context. When carrying out these kinds of checks, we have come across, e.g. links to financing for jihadists and the mafia. In addition, one interesting case involved what is called a ‘vanishing company’, which is a company that collects money from the public and then vanishes. The direct benefit of these background checks is, of course, peace of mind for management, who can be confident they know who they are dealing with. Strengthen Your License to Operate What is different from the past is how and where your profits can be made while still maintaining your sustainability license to operate. Risky scenarios should be always identified and mitigated. If needed, companies should have the courage and business incentive to call off the deal if necessary to safeguard the company’s long-term reputation and sustainable sources of business profits. Your business partner’s business is, therefore, unavoidably also your business concern.

   Published: 10.1.2017

8. Post

   Can a Good Reputation be a Business Risk?

   The public image of a company is often just a result of the effect of marketing actions, whereas a good reputation also requires that attention be paid to fundamentals, such as comprehensive engagement of upper management, the inclusion of reputation risks in an extensive risk management strategy, transparency, uniform behavioural models and a self-critical attitude. All that Glitters is not Gold Despite reputation issues having been front and centre for a while now, many companies have failed in their reputation risk management efforts. The common element in many cases where a company has sailed onto the rocks is often the gap between a company’s reality and it public image. This phenomenon can be fed by short-term profit seeking, off-kilter incentive schemes, management silos, poor internal communications and a simple lack of understanding. The wider the gap between reality and public perceptions, the greater the reputation risk. Recent textbook examples of companies that have developed a large gap between image and reality are certain European auto industry companies. They have traditionally had a spotless public image, which has been reinforced over time through marketing and communications. At the same time, however, the commitment of the upper management has been weak, incentive schemes have guided internal goals in other directions, internal communication has been insufficient and cost-cutting measures have been targeted at functions that have little direct financial impact but are critical in a wider picture, such as limiting the investigation of reports coming in through whistle-blower channels to only certain areas. Finnish business culture has no shortage of these kinds of cases either. Risks Require Boardroom-Level Attention Forbes Insights carried out a study in 2014 that interviewed the upper management of nearly three hundred global companies. The study found reputation risk to be the most significant strategic risk. Despite this, investments in reputation risk management remain small, and the actions that are taken often focus on irrelevant issues. Companies may even give reputation risk little more than a passing mention in their ERM systems. It is impossible to overstate the importance of the board’s role in addressing this. Responsibility for the matter cannot be delegated to the operative levels of the organisation. Reputation risk is something that should be the subject of continual scrutiny on the board’s agenda. Nearly all of the companies that have seen negative press recently have previously had a good public image. This means that the gap between image and reality can come as a complete surprise to the board, and there may be no contingency plans in place for the possible repercussions. Negative publicity can take up a disproportionate amount of management’s time and resources, when dealing with the fallout becomes a new core function for an indeterminate period of time. Beyond Compliance An increasing number of companies have launched their own compliance programmes and functions as part of their risk management efforts. While this is a step in the right direction, rolling out a compliance programme in the organisation is not a comprehensive solution to the problem. Many companies simply rely on behavioural instructions, policies and e-learning available online. However, once compliance systems have been built, the search for and investigation of other vulnerabilities is often forgotten. When done right, compliance is a good tool, but it is not enough to content oneself with unless other risk elements are also identified. Challenging and renewing entrenched routines is something that no company can do too much of. A long-standing good reputation, if left unquestioned, can easily become an unforeseen business risk.             

   Published: 9.12.2016

9. Post

   3D Printing Set to Change Life as We Know It

   What makes 3D printing particularly fascinating is that it is a link in the continual chain of ground-breaking inventions inevitably replacing existing methods to the extent that we cannot even imagine life before the new technology. Can you imagine living without your smartphone? What are we talking about exactly when we talk about ground-breaking inventions. Take, for example, one of the first drivers of global trade, spices. The spice trade developed, because it was thought that spices helped preserve food. The bottom fell out of that business when American Frederik Tudor invented a way to preserve natural ice and ship it around the globe in 1806. Frederik’s business had the rug pulled out from under it, in turn, when artificial ice and then refrigerators were invented. The story of ground-breaking inventions is an inevitable march of progress in which it is easier to look back than forward.      The Third Industrial Revolution is Already Here 3D printing is one of the keys to the third industrial revolution. The third industrial revolution means, among other things, that the reduction of overall labour costs, for example, due to automation, as well as the increase in the amount of education required of the labour force could shift some production from countries it was moved to due to mass production and low labour costs back to the countries it originally departed from. What 3D printing makes possible is a unique way of combining the accuracy of digital methods, the repeatability of mass production and the individuality of hand craftsmanship that nearly completely eliminates the costs of customisation. The business of shipping, at least certain kinds of goods, could very well suffer the same fate a Tudor’ ice hauling business: shipping some kinds of products will be unnecessary, because they will be manufactured on site and on demand. In addition to the technology developing and becoming more affordable, there is a third factor feeding into the rise of 3D printing: a strong personalisation trend of consumer goods. Making a personalised product using traditional manufacturing methods is very expensive, but the economies of scale provided by mass production are less significant with respect to 3D printing. The luxury of personalisation will be within the reach of an increasing number of people. The benefits are not just limited to consumers. The automotive and aircraft industries are already making extensive use of 3D printing. For example, Airbus has set itself the goal of 3D printing an entire airplane in one piece by 2050. The potential benefits in the health care devices industry is huge, and 3D printing is already being used to manufacture hearing aids and various prostheses. The Robohand project has provided over 2oo people in Sudan with functional and affordable 3D printed prosthetics hands. What does this ground-breaking development of 3D printing mean from the perspective of intellectual property rights? 3D Printing and IPRs To holders of intellectual property rights, 3D printing may sound ominous, and it is clear that this new technology will not be without its problems. By taking the tangible and making it digital, 3D printing could, for example, cause the manufacturing industry to encounter the same types of copyright problems experienced by the music and film industries. For example, you could make a digital copy of a vase on your desk using a 3D scanner and then use that scan to print hundreds of exact copies of the vase. This means that the challenges of digital copyright will soon also apply to physical reality, and the management of rights to physical objects could become as difficult as the management of music rights has become due to digital technology and online piracy. Who is the Infringer, Who is Liable? From the perspective of copyright or design rights, it may be difficult to intervene even in extensive home printing if it doesn’t meet the criteria of commerciality that legislation sets for such an infringement. Another interesting question is who is committing the violation and how: is it the person scanning a protected product, the person uploading it onto the Internet, the person printing it or all of them together? What about who is liable for damage caused by a printed product, for example, to its end user. Will legislation be able to keep up? For example, the basic concepts of copyright law, such as the exclusive right to reproduce copyright protected works, are technologically neutral by nature. Copyright was originally designed for an analogue world, and its concepts are struggling to keep up with rapid technological development and digitalisation. In fact, the current extensive definition of reproduction can lead to impractical and haphazard results. Indeed, as the physical and digital worlds increasingly begin to overlap, 3D printing is set to be a major focal point for the difficulties of reconciling technological neutrality and reproduction. Will 3D Printing Actually Change Anything? I believe that, above all, 3D printing will usher in a new way of understanding intellectual property rights. It will function as a reminder that not all objects can be protected by IPR s. In addition, 3D printing will force companies to develop new ways of thinking and to come up with new solutions and business models for physical objects, just as the music and film industries have had to do following the digitalisation of music and movies. 3D printing will not reduce the importance IPRs, but will perhaps offer us the opportunity to re-evaluate how IPRs work. In the end, 3D printing is just one new technology for manufacturing digital and physical copies of objects that may be protected by IPRs. Rights holders will still need to be alert and adapt to new circumstances by taking a fresh look at their business models. It is great to see that this is already being done in Finland. I also believe that new paradigms will have to be developed for consumer goods, unless rights holders want the get bogged down in the same kind of piracy wars as the music and film industries. The difference, of course, is that these past battles have spurred the development of a fairly extensive set of options that the holders of rights to physical objects can use to intervene in violations. What should be clear, however, is the 3D printing and the digitalisation of the physical world will not reduce the need for companies to plan, maintain and defend their IPR portfolios and to take technological development into account in their contracts. I believe quite the opposite, in fact.

   Published: 30.11.2016

10. Post

    Robotics and AI: A Solid Contract Is the Best Shield

    What has received less attention, however, is the fact that there is little to no legislation specifically concerning robotics and AI, which currently have to be fit into existing legal frameworks. So, what is the deal with robots and AI from a contractual perspective? Is This Sale of Tangibles, Too? When buying a robot vacuum for their home or a toy robot for their children, the laws that would probably first come to your mind in Finland—assuming  you think about those sorts of things—would be the Sale of Goods Act and the Consumer Protection Act. These acts state that goods must be fit for the purpose such goods are usually used for. While the Sale of Goods Act does also apply in B2B sales, there is more freedom of contract than in consumer sales, giving the parties a great deal of leeway to agree on their responsibilities and obligations.  AI in Business Operations What about when a company buys robotic or AI systems as part of its business operations? Despite all the hype surrounding AI, it is still essentially a procurement of software like any other, and AI contracts struggle with the same kinds of issues as traditional software procurements.  There are many issues that need to be agreed, such as: We can get the answer to the issue of the purpose of an algorithm by applying the Sale of Goods Act. The supplier cannot reasonably be made liable for actions that do not conform to the limitations set for the algorithm. However, the supplier could be thought to be liable for the flawless functioning of the algorithm within the original parameters set for it. Here is where we come to the really interesting question: where does the supplier’s liability end if a robot or AI system is able to independently develop and alter its own code?   Who Owns Data? The raw material for an AI is usually data. The current saying is that data is the new oil, though it would be more accurate to say that data is the new operating environment. No matter how you phrase it, though, data is certainly a new currency . So, how does current legislation account for the ownership of data? Can anyone own data from a legal standpoint? With the exception of personal data, there is often no legal owner of data. Of course, exclusive rights to data can be obtained in certain situations, such as the protection of catalogues. Data can also be defined as being confidential through an agreement. In certain situations in Finland, data can be protected as business secrets under the Criminal Code, the Employment Contracts Act or the Unfair Business Practices Act. There is also an EU directive concerning the protection of business secrets. If you are entering an agreement on business partnership that will result in data being created—either as a by-product or the main product—and that data is not personal data, you and your business partner should agree on who owns that data, how it can be used and how you can access it during and after the joint project. You should also agree on the format the data is to be handed over in. Reaching an agreement after the fact can be difficult, as there may not be an applicable norm to guide business partners in that situation. New Technology Highlights the Importance of Contracts One thing, at least, is clear: the importance of contracts is set to increase as novel and existing technologies are used more and more. When drafting contracts for procurements of or services involving robotic or AI systems, make sure that you know what contractual terms and conditions are best suited to the deal. When leveraging new technology , you need to be able to look into the future and try to predict the potential benefits and risks.

    Published: 22.11.2016