We’re pleased to bring to you a guest post by Siddharth Sonkar. Siddharth is a 4th year student at NUJS, Kolkata.
Does Sui Generis Protection of Unoriginal Databases Reconcile Access and Incentive to Actualise Public Good?
Siddharth Sonkar
Recently, theft of databases, especially in the Business Processing Outsourcing (BPO) sector in India has reportedly become endemic, ushering the database industry towards a market failure. Database industry in India loosely comprises companies which generate databases relating to banking and finance stock markets, travel, ticketing or legal information. These companies commercially exploit databases containing information relating inter alia to names, addresses, credit ratings and incomes. Databases are compilations or collections of information or records organised in order to be easily accessed or retrieved.
Is Sui Generis Protection Desirable for India?: an Industry Perspective
Professor Anirban Mazumdar in his book entitled ‘Database Law: Perspectives from India’ points out that databases which are not original in nature also require protection in order to continue to exist in the market. A questionnaire was prepared and circulated amongst database stakeholders such as Microsoft, Eastern Book Company, Adobe and Google. The responses led to the conclusion that databases require updates every three months due to the proliferation of information from changes and discoveries. The responses led to the conclusion that the absence of sui generis protection in India neglects the effort expended in updating existing databases, discouraging people from contributing by updating existing databases. Mr. Apar Gupta makes a similar case in his work. In fact, as early as in 2003, a WIPO expert report assessing the need for sui generis protection of databases in India highlighted that 80% of Indian databases emanate from the government domains, meaning private players in the industry contribute to only 20% of databases today. The dearth of private participation in the creation of databases could be attributable to the absence of sui generis protection of databases in India. The WIPO expert report suggested the adoption of sui generis protection of databases in order to harness the full potential of the Indian database market. The report deemed commercialisation of data, especially in the fields of remote sensing, genomic and bioinformatics, through sui generis protection desirable for India.
While an updated database may not necessarily meet the standard of originality for non-original databases in India (discussed a bit later in this post), the investment made in updating databases does require some protection. This is because updating a database is often done with the intention of maximising profits. An example of an investment incurred in updating a database is the transaction costs associated with data collection through street-by-street service or phone service formatted by data entry operators so as to make the updated information easily accessible to clients. These databases will be produced with the intention of maximizing profits. In case of most compilations of factual data, especially in situations where information is predictably organised, databases fail to meet the prerequisite of originality, resulting in their prejudice from protection.
Need for a Holistic Assessment to Accommodate Third World Concerns
Professor Indranath Gupta in his work entitled ‘India’s Participatory Role in the Database Debate at WIPO’ highlights the criticism of the WIPO report on two grounds: First, since at the time of the report, there was no credible data available in writing, the methodology was mostly based on the perspectives of key personnel in the industry. Second, the report does not clearly address third-word concerns, especially of the academic and scientific communities, with allowing monopoly over unoriginal databases, which could possibly reduce access to databases. He also highlights how the delegation of India has time and again reflected ambivalence in adopting sui generis protection of unoriginal databases, citing the absence of evidence needed to arrive at any consensus in this respect.
In order to corroborate the commonly held perception in favour of sui generis protection, there is a need to conduct a more inclusive empirical study to assess the feasibility of the existing regime within the Indian context, involving stakeholders from inter alia the scientific and academic communities as well in order to achieve a holistic view. Such an evaluation should also observe the relationship between private participation in the database industry and access to information, to see whether there exists a need to better synchronise with the object of copyright law, i.e., to facilitate learning.
Surprisingly, in a span of more than 15 years since the expert report, while a lot has been written in this respect, no such study has been conducted to this effect.
Existing Legal Framework Surrounding Databases in India
I shall now explain the existing Indian framework accommodating protection of databases stemming from the Copyright Act, 1957, Information Technology Act, 2000 the upcoming Personal Data Protection Bill. I also explain the fuzzy distinction between database protection and personal data protection, which indicates how information technology law in India, even after the enactment of the Bill, will only afford protection to databases containing personal information.
Information Technology Law
Rule 6 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 imposes a restriction on accessing data without the prior permission of the information provider. Apart from the SPDI Rules, Section 43 of the Information Technology (‘IT’) Act, 2000 attributes liability on any person who copies or extracts any computer database.
The proposed Data Protection Bill (‘PDPB’) offers protection only against unauthorised processing (collection or use) of personally identifiable information (PII). An example of PII would be a database containing financial information relating to individuals. An example of information that is not PII would be, say, flight schedules. This means that if a database owner creates a database containing information other than that which is personally identifiable, the PDPB (if enacted) will not offer any protection against unauthorised processing (collection or use) of such data. The law will have to fall back upon section 43 of the IT Act under such circumstances. However, when the database would contain PII, the data protection law would require anyone wishing to use that information to follow the principles of data protection enshrined in the PDPB (if enacted), failing which the unauthorised user would invite sanction under the data protection law.
Copyright Law
The Copyright Act, 1957, defines literary work to encompass computer programmes, tables and compilations including computer literary databases. Original literary work is copyrightable based on section 13(1)(a) of the Act. The creation of databases is preceded predominantly by intellectual labour and effort. In order to qualify for protection, the subject matter must reflect originality in the selection or arrangement of the contents in the database. The protection afforded to a compilation or database is limited to its selection and arrangement and not the database as a whole. This is to ensure that information in the public domain is not monopolised by database creators as a result of copyright protection; such monopoly could result in shrinkage of information in the public domain, which in turn would undermine public good derived from access to information.
Standard of Originality in Databases
Though the standard of originality for literary works is low, the threshold for compilations and databases is higher since creativity often becomes a component in determining originality. While most other works easily qualify the test of originality, in case of databases, the determination of originality is often crucial in determining the copyright-ability of the work since facts cannot be created but only discovered. Different jurisdictions use different standards to evaluate originality in databases.
In Feist Publications v. Rural Telephone, the SCOTUS observed that since databases are derivative works, beyond skill and labour, there is a need to ensure that there exists ‘minimum degree of creativity’ in order to claim originality. In Canada, on the other hand, the Supreme Court added another dimension to the concept of originality in CCH Canadian Ltd. Here, the Court held that originality should result from skill and labour that is not mechanical or negligible involving individual skill and judgement.
In Eastern Book Company, the Supreme Court of India held that head-notes of judgements in electronic form constitute derivative literary work. The sweat-of-the-brow and Feist doctrines were rejected. The Court came up with its own unique Indo-Canadian test of skill and judgement which contained a tinge of creativity. The Court further acknowledged that when a compilation is created from original work, it is more than a mere rearrangement of the original work often involving skill, labour, judgement or capital. An original derivative work in the form of a database or compilation could result from a unique selection and arrangement of pre-existing material if skill, labour and capital are used in its creation. Copyright protection has been given to compilation of information on satisfying these criteria.
Due to the Eastern Book Company, non-original databases in India do not receive protection. This results in free-riding of collated information by merely changing its selection and arrangement, a dis-incentive for database owners to put in strenuous labour in updating existing databases, antithetical to the sweat of the brow doctrine.
Sui Generis Protection of Non-Original Databases in the European Union
Realising the anomaly in only protecting original databases, the Directive 96/6/EC adopted by the European Union (EU) offers two-tiered protection to databases: First, it offers copyright protection to original databases. Second, it offers sui generis protection to non-original databases. A non-original database receives protection if a substantial investment is made in obtaining, verifying and presenting its contents. The term ‘substantial investment’ is not defined in the Directive but would have to be assessed in terms of successive alterations, additions or deletions.
The Directive allows the creator an exclusive right to preclude the extraction (or scraping) of or any part of the database. The Database Directive protects against copying of the database but not the use of information or data that may be gathered in the database. The rationale is to prevent the misappropriation of the financial and professional investment made in collecting contents of databases to safeguard the interests of database makers. While the Directive has received some criticism for failing to be upheld by sufficient fair dealing exceptions, the Directive has triggered strong demands from the database industry for similar regimes in other jurisdictions.
Conclusion
It would be prudent for India to deliberate upon the desirability of a new database law which offers a sui generis right to creators of non-original databases. The first step, therefore, is to empirically assess the qualms of diverse range of stakeholders in relation to sui generis protection. The object of copyright law is to facilitate learning by balancing access to information and incentive to make information available in the first place. A sui generis database law could, therefore, balance the competing interests by carving out the sui generis right in a manner that prevents monopolisation of information. This could also be done in two ways: 1) by precluding keeping the duration of protection as 5-10 years, after which the information would seep into the public domain; 2) by safeguarding fair use of these databases by inter alia allowing educational and scientific institutions to access these databases.
Image from here