Data licensing: Taking into account data ownership and use

In today's technology-rich environment, companies increasingly recognize the value of data as a business asset that should be protected and can be exploited through licensing to third parties. Companies and their counsel therefore can encounter a range of agreements that implicate the protection and treatment of data and related intellectual property (IP) rights. Where one party is seeking to exploit a data feed or has developed a database it wishes to license, data issues may be the specific focus of a transaction. However, data issues also arise as an ancillary consideration in other licenses and commercial transactions, in particular technology services arrangements.

Approaches to data licensing

Because data may be protected by one or more IP right, a third party's use of data requires a license from the data owner or a sublicense from a party licensed by the owner to grant sublicenses to the data. While similar in some respects to other types of IP licenses, data licenses present several unique licensing issues concerning, for example:

• Data ownership and use
• The treatment of original, derived and usage data

Among other reasons, this is because a party, for example, a service vendor, may:

• Receive or collect and compile data from another party, for example, a customer
• Generate information or data from the other party's data on that other party's, or its own, behalf

For example, in a transaction where a vendor is processing and generating data from data received from the customer in connection with the vendor's provision of services to the customer, the parties will likely have competing interests. The vendor in this case may want to:

• Analyze and use the customer data to provide services to the customer
• If possible, process and aggregate the customer data for commercial exploitation by creating new products and services, using the processed data to enhance its internal operations, products or services, or licensing the data to third parties

The customer typically will want to:

• Maintain the confidentiality of its data
• Prohibit use of the data other than for its benefit
• Obtain access to, and if possible, ownership of, any new data sets resulting from the vendor's processing of the customer's data

A data license also should address the manner of delivery, maintenance and control of the data, as well as data security policies, practices and protocols, in particular where the data comprises personal or sensitive financial, technical or commercial information.

Data ownership and use

In any data licensing transaction, a key negotiated point is accounting for the licensor's ownership of and the licensee's permitted use of the data.

Data ownership

The party licensing out the data, whether it is a vendor or customer, should ensure the agreement accurately addresses its ownership of or other rights in the data by:

• Obtaining acknowledgements of its rights in the data from the licensee
• Including in the agreement an appropriately tailored definition of the licensed data set

Where the licensor owns the data, it should seek a specific acknowledgment from the licensee that the data provided under the agreement is the licensor's sole and exclusive property. In addition, to achieve the maximum scope of protection for its data, the licensor should seek acknowledgements that:

• The licensor has expended significant resources gathering, assembling and compiling the data, and that the data is the valuable property of licensor
• The licensor reserves the right to obtain additional fees for the usage of additional data or for additional manners of usage is an original compilation protected by U.S. copyright laws and comprises and contains the trade secrets of the licensor

In some circumstances, an appropriately narrow definition of licensed data will be appropriate. For example, in a data feed agreement where the licensee is not permitted to generate any derived data. This will help ensure:

• The licensed data is limited in scope
• The licensor reserves the right to obtain additional fees for the usage of additional data or for additional manners of usage

However, in a services agreement, the customer may want to use a broader definition to capture all data the vendor collects or receives directly or indirectly from the customer to perform the services and any related data resulting from services performed by or on behalf of the vendor for the customer. In this case, the definition may help prevent ambiguity regarding the service provider's data ownership. For example, the agreement may:

• Specify that all "Customer Data" (or "Company Content") is owned by the customer and define customer data as: "all data that is owned, licensed, leased or developed by or on behalf of company, whether provided to vendor by company or provided by a third party to vendor in connection with vendor's provision of services to company, including any such data that is loaded into, or located in, any data files, tables, objects or other storage medium developed or maintained by or on behalf of vendor, including related data that results from hygiene, cleaning, and database build services performed by or on behalf of vendor."
• Provide that all derivative works of, based on, derived from or otherwise using any customer data are themselves considered to be customer data. This may cover, for example, all output, copies, reproductions, improvements, modifications, adaptations and translations.
• Designate or allocate ownership of usage data reflecting any access to or use of the services by or on behalf of the customer or its authorized users.

Data use

Both the data licensor and licensee should carefully consider legal and business considerations regarding data use. The data licensor should consider what rights it can grant consistent with its business model. The licensor will usually seek to limit use of the data by the licensee. For example, where data is used by a vendor-licensee on behalf of a customer-licensor in a services relationship, the licensor typically:

• Prohibits the vendor from using the customer's data, except as necessary to provide the services or perform its other contractual obligations
• Specifies which, if any, uses of the customer's data are permitted
• Requires that the vendor maintain the confidentiality and security of the customer's data
• Requires the vendor to promise that it will not use or attempt to use customer data in any other manner or for any other purpose

The data licensee must consider what rights it needs and expects. It should ensure that the license is sufficiently broad to address all anticipated uses of the data. For example, a service provider that receives a license to its customer's data may seek to analyze and use customer data for the provider's own commercial benefit. It also may argue that the services depend on the provider's ancillary use of its customer's data, for example, to aggregate the data to provide data trending and analysis to its customer and similarly situated persons.

Where the customer-licensor finds the vendor-licensee's ancillary use of data to be acceptable, it should specify in the agreement:

• The scope of customer information the vendor may use
• The permitted uses of that information
• The licensee's promise not to make any other use of the information

Daniel Glazer, Henry Lebowitz and Jason Greenberg, Fried, Frank, Harris, Shriver & Jacobson LLP and Practical Law Intellectual Property & Technology

For more information on Data Licensing, see Practical Law's Practice Note, Data as IP and Data License Agreements