With Licensed data, it takes a lot of trust by owners that users will respect their terms and conditions. Just as good fences make good neighbours, so the use of seeding can help ensure licences are respected and appropriate fees paid, discovers David Reed.
If you ever find yourself on the steps of a courthouse thinking, “I can defend this case” , it is worth pausing to consider what proof the other side might have and whether there is a precedent for their law suit. Second thoughts of this kind are what stops many cases from ever being heard. When it comes to data and allegations of illegal copying or usage, the vast majority of challenges have been settled before coming in front of a judge.
For data owners keen to protect their data assets, that is both a good and bad thing. Good because it means they rarely have to meet the costs of a full-blown court hearing; bad because it means there are few precedents to inform their legal arguments.
Which makes a case from June 2011 all the more important for allowing the proofs of data copying, including the seeding process, to be tested in court (see box). The outcome has created a vital precedent to which any future data owner facing theft of their asset can refer. And it has led to the creation of a database protection and enforcement regime by Birketts, the law firm which won on behalf of Binley’s.
Chris Sleep, associate at Birketts, says: “There have not been many database right cases in the 12 years since that right was created. There has always been uncertainty as to how the costs of a case would justify that type of claim. But database right is an often overlooked, but very powerful one for data owners.”
Relying on copyright for licensed data is risky because it only covers the specific way in which data is presented, such as the categories used to organise a directory, rather than the data within it. But under the Copyright and Rights in Databases Regulations 1997, data owners were granted a new protection of their asset which is more specific.
One reason why companies often fail to establish this right is because assets get transferred or sold during takeovers and restructuring. Data is routinely migrated between divisions with little consideration of its status as a true asset, although an audit trail can be established to demonstrate where ownership of the right now sits.
Although database right has been around for more than a decade, proving and defending it has tended to be expensive. “You used to have to go to a specialist intellectual property lawyer, which is a costly process from a business point of view. You have to weigh that up against your business objective,” says Sleep.
The commercial value of an infringement is often quite small - a few thousand pounds each time - and is low compared to the historical cost of bringing legal proceedings. It is also the case that most data owners would prefer the user to return to being a regular, compliant customer rather than a defendant in a case (apart from egregious abusers, that is).
That led Birketts to put together a more cost-effective approach with clear, simple costings and stages which clients can go through to warn off an offender, long before proceedings are even considered.
Viewed in these terms, establishing database right legally should become best practice not just for commercial data owners, but for any company which invests heavily in its data and relies on it for core business processes. Documenting this internal investment by creating a “bible” and having legal sign-off puts the company in a strong position in the event of any issue arising, which could include unauthorised copying of a database by an employee, for example.
“If you invest in that, enforcement should be straightforward,” says Sleep. “It is best practice to do that, even if it is only essential when it becomes essential, for example if you are looking to sell and running due diligence. It should be done as a matter of course.” Not only does this offer a safeguard, but should a case come t o court, it is likely that costs will be awarded against the defendant. Sleep says the service is generally cost-neutral or even positive.
Should a third party divert from the terms of a licence to use data - or even deliberately breach them - the existence of these proofs will form a good basis to warn them off. Says Sleep: “The success of the work I do is cases being settled out of court. On the other side, I would not have allowed my clients to be exposed in the way that these defendants were.”
One reason why Precision Marketing Group may have defended the challenge by Binley’s may have been the limited seeding evidence available. Paradoxically, this did ultimately help to prove the similarity between the two data sets. But as a single seed record was initially used as proof of copying, it might have seemed winnable.
DQM Group has developed a new generation seeding service which introduces a more robust evidential basis for tracking data usage. Its Hub service combines unique seeds with tracking of data licence terms - it is the mix of these two which allows a data owner to be certain that a user is in violation of their terms and conditions.
“Seeding is really important,” says Christine Andrews, managing director of DQM Group. “It allows a data owner to see how many hands their data has passed through.” There is often a lengthy supply chain between the originator of a record and the ultimate user which can see a file brokered and resold a number of times.
It is during those hand-offs that licence terms tend to get forgotten about. “As data goes from A to B to C to D, terms and conditions may not be relayed on. The data owner may be telling the first party and they agree, but sometimes that party doesn’t pass them on to the next in the chain,” she says.
Jonathan Clough, head of UK data products at Acxiom, agrees that this is what concerns his company. “The misuse we’ve detected is where a bit of control has been lost down the supply chain. With the audit trail seeding gives us, we can get onto that quickly. For us, the focus is on that loss of control, rather than willful infringements.” That underlines Sleep’s point about wanting to bring accidental or ignorant users back into the customer base, rather than going legal.
In the seeding process, a panel of consumers around the country receives any items mailed to data owned by a client of the service, while email addresses are relayed to inboxes at DQM Group and its call centre takes any telemarketing contact. “Seeding highlights what is happening to the data. We may get a phone call from companies trying to sell utilities or PPI when we know it has not been licenced for that purpose,” says Andrews.
Change data is central to much outbound marketing - picking up on house or business moves or any indicators that are typical triggers of switching and buying. Marketers may claim they have sourced these indicators from the public domain, but permissions can not be sourced in this way. Nor can many other variables which a data owner might licence as an enhancement, but not for direct targeting.
The key to DQM Group’s approach is how it creates seeds. “We generate unique names for each set of client data using a proprietary algorithm which substitutes vowels and consonants in real names and addresses. Each client has unique seeds which are never generated twice,” explains Andrews. The company has registered domain names for which it creates email addresses and unique landline numbers, too. All seeds look like genuine records, rather than being obvious phonies to avoid any manual deletion by users.
When a seed is called, operators in the call centre give simple replies and never enhance or validate the data being used, to avoid any claim of proprietary research as a defence. While the vast majority of contacts are within agreed terms and conditions, it is not unusual for a user to exceed frequency rules or include a channel in the mix which has not been paid for. In one case, a seed name was emailed over 500 times by a company selling flights.
“A lot of the time, the misuser’s argument is that the data is from their own CRM system or that they verified the record for that purpose. We can show that these records are not a legal entity - they are not a real person - so that is not possible,” says Andrews.
That gives the seeds a robustness which supports the legal framework and enforcement proposed by Birketts. It also allows seeding to be applied to new purposes in the digital marketing world, such as to track that leads from comparison websites are being used within the terms paid for, which might be for a one-time email follow-up only, for example. Says Andrews: “More and more organisations are looking are creative ways of using seeds to protect their data and check whether it is being abused in any way.”
Having proof of when illegitimate activity has taken place is essential to protect data owners’ revenue streams. That is where seeding plays a critical role and, as the man said, tell that to judge.