All questions
Intellectual property rights and data protection
in Intellectual property rights
Intellectual property protection for software is mainly sought under copyright and patent laws in India. From a copyright perspective, fintech software solutions can be protected under intellectual property law, as “literary work”, which includes computer programs and computer databases. Registration for copyright protection is not mandatory, but is recommended from an enforcement point of view.
In terms of copyright, the author of the work is considered the first owner of the copyright. However, in the case of software or business models developed by the employee in the course of his or her employment under a service contract, the employer of the company will be the first owner of the software in the absence of any agreement to the contrary. There is no special compensation to the employee in this regard, as is a general industry practice.
While “business methods” and “computer programs per se” are explicitly prohibited from being patented under Indian patent law, little leeway is given to computer programs which are related to inventions and are components of those inventions. Therefore, if a computer program is required in connection with a new functionality, there is a high probability that a patent will be granted. However, compared to copyright laws, there is no corresponding provision under patent laws that gives employers the right to the inventions made by their employees in the course of their employment.
Furthermore, the government has given countless relaxations to technology startups in the area of intellectual property rights. For example, a start-up operating a qualified business, which includes the innovation of new products, is entitled to tax exemptions under applicable laws, subject to meeting certain criteria. The government has also launched the Support for International Patent Protection in Electronics & IT scheme to provide financial support to technology startups to strengthen their competitiveness through innovation and protection, while separately offering specific intangible benefits to startups that include fast-tracking patent applications and 80 percent discount when submitting patents.
The government has established a dedicated department for IP-related support services, which aims to:
- spreading awareness and facilitating support;
- promoting IP in the ICT ecosystem; and
- create a favorable infrastructure for a strong IP ecosystem.
ii Data protection
The IT Act regulates data protection and security practices in India, according to which “sensitive personal information” is characterized as personal information related to passwords and financial information, among others. Entities that collect, receive, hold or handle this sensitive personal information are required to provide a privacy policy, and while collecting or disclosing the information, consent must be obtained from the relevant user or data subject, which can later be withdrawn. Transfer of this information to any entity or person inside or outside India is permitted, subject to certain conditions.
Under the existing data protection and privacy framework, an entity is only required to obtain active consent from a user in relation to the collection or use of data, pursuant to which the entity may perform digital profiling. However, the government has been working to introduce comprehensive privacy legislation to bring the data protection regime in India in line with more robust international standards, such as the EU’s General Data Protection Regulation. The government recently published the draft Digital Data Protection Bill, 2022 (DDPB) for stakeholder feedback. The key features of the DDPB are that it does not categorize personal data based on sensitivity, and also provides for imposition of fines and penalties only if non-compliance is “significant” by the prescribed authority, with no possibility of imposition. of criminal liability. These features along with the skeletal nature of the DDPB stand in stark contrast to the earlier draft Data Protection Act, 2021 and Privacy Act, 2019. The DDPB is currently under review by the government after receiving comments from stakeholders and is expected to be tabled for the Storting.
