A forum for the support of robust mechanisms of evidence of ownership for intellectual property expressed in any medium
Frequently Asked Questions
They have. However, it takes time for the algorithms to be accepted and for the networking infrastructure to develop to a stage to make the schemes are practical. This takes years, but now the time seems to be right for wide adoption of IPR registration schemes. Not least because so much of what we do now is in the digital domain.
Basically, you should not. You should be aware of the security and legal weaknesses in the schemes. You are encouraged to express your own doubts so that we can keep everyone informed of the best way to use the schemes. No evidential system is perfect and you must decide what is best for your particular area of endeavour.
Do not be put off by the term 'intellectual property' (IP) which probity.org tends to go on about. Most business documents are embodied within 'electronically stored information' (ESI), just as IP is today. The evidence within these is just as important when two parties are negotiating. It is empowering to know that the other party stands by what it has presented at each step during the business process. This is what probity.org's scheme can do (see examples). For example, if any customer can check that the electronic statement they have received from their bank is one that the bank stands by, trust in paperless banking would be significantly enhanced. Having a third-party scheme available that anyone can use at any time simply raises the trust threshold: parties can use it when they feel they need to.
At the moment you cannot get something that fulfills the "grand scheme" probity.org is trying to encourage. There is still a lot of work to do to develop the scheme to ensure evidential rigour and to make it easy to use. probity.org wants to be an 'open source' project and it provides support as its means allow. If you a registration service provider then probity.org would like to hear from you — there is plenty of room for a 'mixed economy' approach. The ones we know about are in the references and they are not schemes based on 'open declaration', which is core to probity.org's approach.
Not quite. There are services fast becoming available for affixing a time stamp to your work based on the use of digests, as probity.org promotes. However, none of them are based on the principle of the widely witnessed event which probity.org favours. There are therefore problems associated with trust and the long term resilience of such services. However, time stamping services certainly have a role to play. The Internet-based IP protection schemes available probity.org is aware of are mentioned in the references. However, these are not an "open" systems and placing all ones evidence with just one other company is a matter that needs careful consideration. However, this is no worse than lodging evidence in the vault of a legal firm.
You may find the services commercially available now to be satisfactory. If not, keep on eye on this site as the schemes develop. Indeed, you can use digests now to register your IP in your ordinary laboratory notebook or day book (see examples) as this is a very simple extension to existing practice. Remember that the original data and the means of reading it must be kept to the same standards as the notebook. If you work in a area where securing IP is important then you should discuss the approach with your colleagues and/or your legal people. There are integrated 'electronic lab book' systems on offer, but the issues of repudiation and curation need extremely careful consideration.
You should be concerned that your ideas are recognised as yours. Even if your attitude is "publish and be damned" then you still have a moral (copy)right to assert. Plagiarism is an old problem and sometimes difficult to prove. It is the very worst form of intellectual fraud. Measures should be available to protect against it and probity.org can help. Before you send a paper or contract proposal off for review it would be prudent to register it. If anything improper occurs in the review process then you will be able to show exactly what your idea was and when you had it. As electronic academic publishing becomes the norm this will be important.
You have copyright and design rights to assert. If you can digitise your work somehow and register the digital version, then you are strengthening your claim. Even taking some digital photographs of your artwork or prototype and registering those will achieve something. Do not forget to save all the data files you register in a safe place so that you can regenerate your registration information. What is registered is just a characteristic fingerprint, not the full information.
With no difficulty. The hashing algorithms are designed to be efficient and can generate digests from files of any size quite quickly on modern computers. The digests are the same size irrespective of the amount of source data hashed. However, be aware that they are designed to be supremely sensitive to the contents. If you change one bit of the file then the digest will be radically different. In an audio or video file such a change is not noticeable (for long) as the data formats are designed to be resilient to "drop outs". Accordingly, the difficulty will be keeping completely digitally intact the original recording so that you can regenerate the digest later. To protect against this then it is a good idea to segment the material and calculate the digests for each segment. If you have a media failure in one of the segments then you still have most of your material still protected.
The digest is almost always shorter than the original material being hashed. In information theory terms, the only way of being able to compress the data without losing information is to encode it i.e. exploit redundancy in the original data. Hashing explicitly does not attempt to do this, quite the opposite. Like cyphers, it is attempting to spread each bit of original data evenly across all the digest bits. Generally, the original data will have many more bits of information than the digest, so both the compression (lack of bits) and the algorithm's intent assures that it is impossible to reconstruct the original data from its digest. Further, the algorithm designers have made sure that nothing can be understood from the digest even if the original data is shorter. The only thing interesting about a digest is that, if there are other identical digests made using the same algorithm, the original data be very confidently assumed to be the same. It is regarded as infeasible to synthesise other data that has the same digest.
Yes. There is quite a bit of "catching up" to be done throughout education, industry and commerce. Even in science and engineering disciplines the laboratory notebook has been regarded as "old fashioned" and not applicable anymore. However, there is no accepted alternative convention: this is what probity.org is trying to bootstrap! Meantime, using a laboratory notebook or day book is still a valuable discipline and a hybrid approach can involve using digests written or printed into their pages. The scheme's applicability is much wider than IP protection: the existence of any electronic document can be recorded using the probity.org scheme.
Hopefully, none: unless you decide to use a commercial scheme. Since the US National Institute of Standards and Technology (NIST) has promoted the idea of publicly-available cryptosystems, this principle has been widely accepted. Of course, the keys to such cryptosystems are not public, which is why they work! There has been parallel development of supporting algorithms called hashing algorithms (or one-way functions or message authentication codes, MACs). There are currently over 20 of these in the public domain devised by the best cryptographers in the world. probity.org does not recommend any particular algorithm but it seeks to inform users about the properties of the algorithms so an informed choice can be made.
DRM is a way of asserting ownership on IP by keeping tight control on the means of making it intelligible. The problem with DRM is that it requires cooperation from a chain of parties, right from the IP originator through the intermediaries ending with the users' rendering equipment or software. There must also be a management layer that ensure that the system works and continues to work if/when the schemes are compromised. There has been considerable consumer resistance to DRM and some large IP owners are gradually responding (e.g. sale of non-DRM'd music files). probity.org's approach is to make it easy for users of electronic IP to register that they have a valid copy, whether it be DRM'd or not. The question would then arise why a user did not register ownership of a copy they had.
Yes, partly. The idea behind "watermarking" is to add some extra data to the original material which is imperceptible and cannot be easily removed. This enables ownership of the IP to be asserted on product that is 'in the wild'. Watermarking paper is a very good analogy except that digital watermarking in not supposed to be easily detected. The technique has been of great interest to those in the publishing business where the illicit copy itself will yield the watermark which only the rights owner can have inserted. However, this does not alone enable the owner to demonstrate the existence of the original at a particular time. Other methods must be used in addition, not least the registering methods recommended by probity.org, either on the original or watermarked versions.
The weakness of digital watermarking is that it is very difficult to make it resilient to subsequent processing (e.g. audio or video compression). Less subtle and traditional methods of "watermarking" are better, such as audible or visible "blemishes". Indeed, there is a long tradition of cartographers putting deliberate mistakes in their maps.
You are in difficulties! Running a rigorous back-up regime is really outside the scope of probity.org recommendations since it is such an essential business requirement. Assuming that there are back-ups for the original data, suitably dispersed, consideration should be given to multiple registrations of the data. This has security problems of its own, but the benefits probably outweigh these, not least gaining resilience against the failure of the registration service(s).
There is a more subtle means of losing the data, however. If you lose the ability to render the data into a form that is intelligible to a human, this is equivalent to losing the original data. Though you have the actual data, its meaning is irrecoverable! Very careful consideration must be given to the file formats used to embody the IP as the readers or renderers — the programs used to render them intelligible — must be available with the data. The programs must be in provably working order. If the data is converted to a more modern file format then it needs to be re-registered since it digest will almost certainly change.
The registration servers used in the probity.org scheme may come and go too. Thus it is a good idea to keep sufficient segments of their data as ancillary evidence. This is possible because the registration data is 'open' and publicly available.
If you find your laboratory notebook scheme works fine for you then there is no reason to change it, though do check that it is evidentially rigorous (e.g. properly bound, sequentially numbered pages). However, it is becoming very difficult to avoid having to make unambiguous reference to data that is in digital form. Examples are the outputs from analytical machinery, reports written using word processors, computer programs etc. At the very least, use of the hashing technique and recording the results can be used (see examples). However, do make sure that the original data is kept intact otherwise the scheme will not work. CDROM/DVD-ROM is a very compact, accessible and cheap way of keeping such data nowadays. However, ensure that you can still render it intelligible.
end of faq
|© 2009 probity.org|