Archive for July, 2009

Avoiding the end of the world

Here’s something that I have been considering recently, given the current economic climate and increased risk of supplier failure. You outsource a key process that is critical to your business – how do you guard against the implications of that supplier becoming insolvent? Michael Stipe may have felt fine, but you may think differently if you are subject to MiFID and SYSC 8.

Traditionally, contracts include things such as escrow arrangements for software, a right to receive exit and termination assistance, and obligations to maintain procedures manuals. But these may be of little use if the supplier goes bust and the supplier (or adminstrator) switches the service off with little or no warning. An administrator may refuse to comply with an obligation to provide termination assistance or sell assets, and it may be days, weeks or even months before you get the software out of escrow and installed on your newly purchased kit. That might be too late to stop your customers from leaving.

With a bit of (legal and technical) thought, there are other things that can be done that allow you to help you get the service restored sooner. Whilst there will undoubtedly be a cost attached to this, that additional money might just be worth it to mitigate the effects of that catastrophic event.


Money matters

We have just published a short update on the new data protection notification fees regime which will take effect in October. For some (not all) organisations with 250 or more staff, the annual registration fee will jump from the current flat rate of £35 to £500. Take this link to see whether your organisation may be affected.

Our update also looks at the Intellectual Property Office’s new credit crunch beating “Right Start” service, which aims to take the sting out of the up front costs of applying for registered trade mark protection. The service launches in October. Worth a look for any organisation which might otherwise be deferring a trade mark application until the economic outlook improves.


A face for radio – Virgin Trade Mark Story

Yesterday I appeared on Radio Scotland’s News Drive programme to talk about a recent case where Virgin/Branson were unsuccesful in getting a rival trade mark application blocked.

Here is a link to the story.

My main point was that in Registered Trade Mark law terms a made up word such as Kodak or Viagra is usually better as it less likely that someone can use that word legitimately.

I also mentioned that it is possible that Virgin knew they were going to lose, but went for it anyway because it would get publicity (Branson is a master of publicity).  And here I am giving him some more. Hmm.

I also got to talk about my favourite TM case Wagamama v  Rajamama. Wagamama managed to use its trade mark stop an Indian restuarant nearby from changing its name to “Rajamama” on the basis that members of the public would think the businesses were connected.  While no longer a key case in terms of trade mark law its still a favourite of mine because of the name. Go on – say it out loud – it will make you smile.



In a Spinvox over data protection…

Another day, another data protection story in the news.

This time, it’s voicemail to SMS text provider Spinvox that has hit the headlines.

Spinvox provides a novel service which claims to use automated technology to convert voicemails into SMS texts or emails. Its entry in the Information Commissioner’s register of data controllers states that in doing this it will not transfer any personal data outside the EEA.

Spinvox has become unstuck over allegations that some of the messages are converted to text by humans (not computers) in call centres outside the EEA. Spinvox claims that such messages are anonymised (by removing identifiers such as the email address and mobile number). However, there are further claims that some of those messages processed by the call centres contained commercially sensitive and personal information, which allow the user of the service (and others) to be identified.

Whether or not Spinvox is actually in breach of the Data Protection Act (DPA) and its notification to the Information Commissioner is unclear. What the story does demonstrate, however, is that you cannot assume that simply removing external identifiers (such as email addresses and mobile numbers) is enough to anonymise the data and take it outside the ambit of the DPA – the content of the information may itself be inherently “personal”.

The story also emphasises the importance of data controllers ensuring that their notifications to the Information Commissioner and privacy policies are correct and up to date and give users true transparency over how their data will be processed – for example, explaining to users that their information may be transferred outside the EEA for processing and explaining the steps that the data controller will take to to keep that information secure.


Big fines make big news

More data security headlines today with the FSA’s announcement that it is fining three HSBC group companies over £3 million in total for failing to operate adequate systems and controls to protect customer information.  I saw this initially on a newsfeed beaming out from the screen in a client reception area.

This illustrates my point from Friday. Fines of this magnitude, attracting this level of media attention, are what will (eventually) force behavioural and attitude change. What greater incentive to avoid a repeat performance than a seven figure fine and headline coverage from the BBC?

The plot thickened further today with the Information Commissioner’s Office reportedly now citing next April as the likely start date for its fining powers, but still no confirmation of this from the Ministry of Justice.  Watch this space..


New Article about Deflation in Supplier Management Magazine

I have an article in Supply Management magazine this week.

Supply Management is the journal for the Chartered Institute of Purchase and Supply (the trade body for procurement professionals).

The ariticle is about deflation and the effect on long term contracts with indexation clauses.   Here is the “speed read” version:-

  1. RPI has been negative for the last couple of months.
  2. Many long term IT contracts have clauses under which any ongoing price, e.g. for maintenance, are linked to an inflation index such as RPI, RPIX, CPI. Similarly many outsourcing contracts have indexation clauses.
  3. Typically these are to protect the supplier against the risk of inflation.
  4. Often these are “upwards only”, i.e. the price can only go up. But this is not always the case.
  5. Arguably purchasers could use any “up or down” indexation clauses to reduce the contract price.
  6. Not all inflationary indexes are negative at the moment. RPIX (RPI excluding mortgage interest) and AEI are still positive.  This shows the importance of selecting the right index at the time of contracting.

Here is a link to the article.



NHS data security – what incentive for change?

This week has seen the latest round of NHS data security troubles, with five NHS Trusts in England and Wales giving formal undertakings to the Information Commissioner’s Office to make sure their handling of personal information meets the requirements of data protection legislation going forward.

Ironically, this comes just the week after it emerged that the Information Commissioner’s Office now no longer expects its power to fine for serious compliance failures to go live before the end of this year.  At the current rate of progress it looks likely that it will ultimately have taken the best part of two years from the enactment of the power, for the ICO and the Ministry of Justice to do what is necessary to put it into operation.

Political attention would appear to have been diverted to the Coroners and Justice Bill (currently in the Lords) and the improvements which it will bring to the ICO’s inspection powers. This is of course another important development for the regulator,  but even stronger inspection powers will not drive major cultural change, unless backed up by suitably heavyweight sanctions..


Twitter: @BrodiesTechBlog feed

July 2009
« Jun   Aug »

%d bloggers like this: