Cape Town – March 10, 2020

Today’s world thrives in a technologically rich environment, whereby an infinite amount of valuable paper, analog and/or digital data is exchanged on a daily basis between companies.

As a consequence, companies/licensors have increasingly taken to having any proprietary digital data registered with the competent authorities so as to have all rights of access and use to such paper, analog and/or digital data protected under relevant intellectual property legislation (“Licensed Data”).

This prevents the exploitation of the Licensed Data by a third party without first obtaining the applicable license setting out its exploitation rights.

A Due Diligence exercise is generally carried out to audit the quality and quantity of assets a company owns. In respect of Licensed Data, conducting a due diligence exercise assists the licensor in (a) evaluating and attributing the fair value to the Licensed Data; (b) assessing whether the Licensed Data is adequately protected; (c) determining whether the Licensed Data is being used within the boundaries of the license afforded to the licensee; and (d) discovering the existence of any third party infringements.

Therefore, there are certain elements that should be assessed prior to licensing data to or from a third party and these include, but are not limited, to the following:

(i) Contractual obligations – an agreement should be executed between the licensor and licensee to define the scope of the data being licensed , as well as the purpose for which the licensee requires the Licensed Data, method of delivery, specific hardware and software specifications and the duration the licensor is licensing the Licensed Data to the licensee.

(ii) Users – the license granted to the licensee should clearly establish who (i.e. specific persons, employees and/or subcontractors) is permitted to access and use the Licensed Data. The onus shall be on the licensee to ensure compliance with any restrictions imposed on the use of the Licensed Data by the licensor.

(iii) Location restrictions – for companies with an international presence, it would be advisable that the jurisdiction in which the Licensed Data may be used, stored and accessed is specified.

(iv) Privacy – with the increasing demand for the protection of personal information and the need for implementing cybersecurity measures, it is important to address how any personal data will be stored and the security standards that need to be implemented by the licensee to prevent any possible data breaches.

(v) Data infringement claims – establishing the existence of any third party claims to the Licensed Data and whether the appropriate licenses and registrations are in place for the data is recommended.

In a nutshell, the goal of a Data Licensing Due Diligence exercise is to ascertain the level of risk associated with any Licensed Data.

Failure to address any risks may result in a considerable financial loss to either the licensor or licensee.

It is therefore paramount to consider the various legal requirements (i.e. intellectual property rights, rights to privacy and contractual obligations) prior to undertaking any transaction involving Licensed Data.

Dr. Rushmina Murtuza