As the cloud expands, so cloud users’ latent patent risks grow.
Digital transformation is propelling business cloud-wards at prodigious rates: by 2025, 60% of computing will be in the cloud.[i] And scale economies are extending the cloud’s reach out from the data centre, connecting billions of intelligent IoT (Internet of Things) devices at the edge: by 2021, one million new IoT devices will be coming online every hour.[ii]
A series of recent lawsuits in the USA and the EU shine a spotlight on latent patent risks of digital transformation for cloud providers and users. In March 2017 Data Scape, an Ireland-based NPE (non-practising entity, a business that buys patents to sue others for infringement as its only revenue source) acquired a portfolio of patents from Sony. Between November 2018 and February 2019, Data Scape filed over twenty lawsuits in the USA and Germany against well-known technology companies[iii], claiming their cloud-based data storage and synchronization services infringed patents in the portfolio.
Cloud software has always been a soft target for NPEs: the transparency of cloud open source development makes discovery easier; and NPEs can threaten alternative objectives with one action – against the cloud provider for using the allegedly infringing software, and against the provider’s customer for the customer’s workloads using that code.
This is why patent stats consistently show increased NPE cloud activity over the last five years, as NPEs have built their war chests (NPE cloud patent acquisitions grew from 69 to 540 between 2014 and 2018), spent their treasure (NPEs launched 200 cloud lawsuits in 2018, up from 120 in 2015), and reaped rewards (median damages awards were 3.5 times higher for NPEs than other claimants between 2013 and 2017).[iv]
As the cloud extends out to embrace IoT devices at the edge, early trends in the IoT patent space are similar: in the USA, NPEs acquired 125 patents in 2018, up from 10 in 2014; and litigated 13 in 2018, up from 2 in 2014.[v]
It’s imperative for companies innovating at the edge to consider the innovation protections their cloud provider offers. For example, Microsoft took an early lead in designing measures to counter NPE cloud patent litigation with its Azure IP Advantage program. Launched in February 2017[vi], the program provides without further charge to all eligible customers for their applications on Microsoft’s Azure platform (i) uncapped indemnification coverage against IP infringement claims, (ii) patent pick giving access to 10,000 patents to choose from and use in defence of a claim and (iii) a springing licence, sprung for the customer if Microsoft transfers patents to an NPE.[vii]
The Azure IP Advantage program has quickly differentiated itself with this comprehensive set of features for customers. In October 2017, the program was extended to China[viii] and in October 2018 Microsoft joined the LOT (License On Transfer) Network[ix] to increase the strength of the springing licence component for the broader LOT community.
To help customers meet the developing NPE IoT patent threat at the cloud’s edge and in a first for the cloud/IoT industry, Microsoft announced on 28 March 2019 a further expansion by offering cloud to edge, end to end coverage to address patent risk. The program will now extend the protections available through Azure IP Advantage to Azure Sphere and Windows 10 IoT for eligible customers.[x]
In a further development, Microsoft has also donated 500 patents to the LOT Network for LOT to make available to eligible startups as part of their free membership.
Some time in the future, we may look back and wonder how it could be countenanced that the infrastructure and innovation of Industry 4.0 could be put at risk and disrupted by opportunistic use of the patent system. But that’s a different story, and today the reality is that NPEs present a clear and present threat, as the recent Data Scape lawsuits and increasing NPE cloud, and now IoT, patent activity show. As the scale of IoT grows, the types of protections considered for these innovations should be made on the front-end, in anticipation of such threats.