The intangible elements of commercial contracts

13 August, 2013

This is the seventh and penultimate article in the Back to Basics series looking at contract law and how it can be applied to meet the needs of the contracting parties. This article focuses on the intangible elements of a contractual relationship, in particular, intellectual property, confidentiality and data protection.



Intellectual Property

Every business will own some form of intellectual property (IP). IP results from the expression of an idea, whether it is a brand, an invention, a design, a piece of marketing literature or another intellectual creation. It is important for businesses to know how to protect and exploit these intellectual assets.

There are a number of different rights which the owner of IP will have. These are collectively known as ‘intellectual property rights’ (IPRs). The main IPRs are:

  • Copyright 
  • Trade marks
  • Patents
  • Design rights

IPRs are important as they enable a business to protect its image and to retain control of how its products are sold and marketed. A summary of the key IPRs is set out below.




Copyright applies to all sorts of written and recorded materials, from software to songs, drawings to photography. As the name suggests, copyright essentially provides the creator with a right to prevent others copying a creative expression.

Copyright applies to any recorded medium but it does not protect ideas. For example, copyright will prevent someone from photocopying or rewriting a page from a Harry Potter novel without permission from the copyright owner but it will not prevent someone from writing a book about a boy wizard. 

Copyright exists automatically once a work has been created and lasts for up to 70 years. Copyright protection does not need to be applied for or registered.



Who owns the copyright?

It is important to be aware that the IP in written works, including software and databases, and musical or artistic works, including photographic works, will be owned by the author or creator of that work. The only exception to this is where the work is made by an employee in the course of his or her employment.

This means that, unless an alternative position is agreed in the contract, where a supplier is commissioned to create a piece of work for a customer, the supplier will be the owner of the IP in that work even if the customer has paid the supplier for that work. For this reason, it is important that the contract clearly sets out who owns the copyright in the work and what rights the other party has in relation to that work.

The box below (Protecting IP in a contract) sets out some examples of how IP ownership and usage rights can be dealt with in a contract.


Trade Mark

A trade mark is a sign which is capable of distinguishing goods or services of one business from those of another business. A trade mark may consist of a word or words, designs and logos, letters, numerals, colours, holograms, the shape of goods, packaging, smells and sounds.
A trade mark is a powerful marketing tool, and can become a valuable property right for a business. It is therefore important that trade marks are protected.

Statutory protection is available for registered trade marks. In order to be registerable, trade marks need to be distinctive rather than merely descriptive. Trade mark registrations need to be renewed every 10 years.

A registered trade mark gives the owner the exclusive right to use that mark for the goods and/or services that the trade mark covers in the UK.

Even without a trade mark registration, it may be possible for a business to take action if another business uses the same trade mark. However, this would need to be pursued as a common law action for passing off which can be difficult and expensive to prove. For this reason, many businesses choose to protect their brands with a registered trade mark. 




A patent is a monopoly right, giving the patent holder the right to prevent others from using the invention that is the subject of the patent.  This is registrable and will afford the owner up to 20 years protection, after which, the invention will be deemed to be public property.

In order to be patentable, an invention must:

  • be new;
  • have an inventive step that is not obvious to someone with knowledge and experience in the subject;
  • be capable of being made or used in some kind of industry; and
  • not be specifically excluded.

Certain types of innovation are specifically not-patentable. Although there are broad principles that apply across the world, the exact details vary from country to country.

Anyone considering a patent application should contact a patent attorney who will be able to explain the process of applying for and obtaining a patent. It is important that advice on patent applications is taken at an early stage before an invention is disclosed to a third party or put into production (unless there is a confidentiality agreement in place), as an invention will lose the ability to be patented once it has been made public.



Design rights

There are two types of design rights in the UK – registered and unregistered.

To obtain Registered Design protection, the owner of the design must register it with the Intellectual Property Office (IPO), satisfying the registration requirements, and must pay a registration fee.

Registered Design can be used to protect two-dimensional designs or surface patterns as well as shape and configuration. Registered Design gives the owner exclusive rights in a design, in the UK, for up to 25 years. The owner can stop people from making, selling and marketing products to the owner’s design.

By comparison, Unregistered Design Right gives the owner automatic protection for the internal or external shape or configuration of an original design (for example, the shape of a Coca-Cola bottle) and enables the owner to prevent others from copying the shape or configuration design. However, Unregistered Design Right does not provide protection for surface patterns and other two-dimensional design aspects.

From a practical perspective, it is more difficult to prove infringement of an Unregistered Design Right as the owner must be able to prove that its design was copied, or that the potential for copying existed, whereas, with Registered Design, it is enough to simply show that a product has been created featuring the same design.



One product, multiple IPRs

It is possible for a product to be protected by a number of IPRs. For example, a website can have copyright protection for the text, photographs, artwork and logo. The logo and brand name can also be registered as a trade mark and products advertised on the website could be protected by patents and/or design rights.



Protecting IP in a contract

Clauses governing the ownership and use of IP can be some of the most important, and hotly negotiated, provisions in a contract. Set out below is a summary of some of the main options for IP clauses.

  • The supplier retains ownership of its IP and the customer does not have a right to use that IP.
  • The supplier retains ownership of its IP and grants the customer a right (licence) to use the IP for the purpose set out in the contract. If a clause of this nature is used, it is advisable for the contract to expressly state what the customer can/cannot do with the supplier’s IP, when the licence will end (for example, when the contract terminates) and whether the licence is exclusive (i.e. the supplier will not grant the same right to another party during the lifetime of the licence) or non-exclusive.
  • The supplier retains ownership of the pre-existing IP in the contract work, granting the customer a licence to use that IP and transfers (assigns) to the customer any bespoke IP created for the customer.
  • The supplier assigns the IP in the contract work to the customer.



Confidentiality is the legal requirement to keep a secret.

In general, the law will uphold a party’s obligation to keep a secret and will provide protection when this is breached.

There is a common law obligation of confidentiality. However, a party hoping to rely on this common law obligation will be reliant on the courts finding that the information was disclosed in circumstances imparting an obligation of confidence. As a result, a party who will be disclosing confidential information in connection with a contract should always seek to include a confidentiality clause.

There are many forms of confidentiality clause ranging from a short paragraph obliging each party to keep the other party’s information confidential, to a long multi-page non-disclosure agreement which requires the recipient to keep certain information secret, and also seeks to control the use of that information.


Is it actually confidential?

Once information becomes public, that information will no longer be regarded as confidential and may not be protected by an obligation of confidentiality.


Definition of confidential information

The definition of confidential information is a key element of a confidentiality clause. It may be tempting to make the definition as wide as possible, for instance, by describing all information disclosed by a party as confidential. However, merely describing information as confidential will not necessarily turn information that is not inherently confidential into confidential information, and there is a risk that a court could hold that the definition is too wide to be enforceable. It is therefore necessary to weigh up the risk of using a widely drawn definition of confidential information that may not be upheld by the courts, against the risk of using a definition which is too narrow to catch the information to be protected. In practice, it is prudent to expressly set out certain information which the parties want to ensure is definitely covered by the definition and to have a more general catch all to cover information of a confidential nature which is not expressly listed.


Read the definition of confidential information carefully

It is not usual for confidential information to be defined as information which is marked or otherwise indicated as confidential by the disclosing party. However, this approach is vulnerable to human mistake and, in practice, the indiscriminate marking of materials as “confidential” may devalue the definition in the contract.

Where a contract does define confidential information as information which is marked as confidential, the disclosing party will need to ensure that it has a process in place to accurately mark information before it is disclosed.


Duration of confidentiality obligations

Another point to be mindful of is the duration of the confidentiality obligations. It is important that the contract makes it clear how long the obligations are to remain in force and whether they are to continue following termination of the contract (which is likely to be what the parties will want).

It is fairly common, particularly in contracts with a US counterparty, for confidentiality obligations to be time limited to 3, 5 or 7 years after disclosure (or after termination of the contract). If this is the case, the disclosing party will need to consider whether they will want the information to be kept confidential after this period and should seek to amend the clause accordingly.

Different types of information will have different requirements for the duration of the confidentiality obligations. For example, financial performance information may only be commercially sensitive for a number of months/years, whereas, the recipe for Coca-Cola has famously been a trade secret for over 100 years.


Data Protection

Where a contractual relationship includes the disclosure or processing of personal information, the contract should address the applicable data protection issues.

The processing of any information about an individual which could identify them (such as names, addresses, email addresses) and which is held on a computer or in an organised filing system, will be subject to the restrictions set out in the Data Protection Act 1998 (DPA).

The DPA defines processing very broadly to include obtaining, recording, holding, using, disclosing or erasing data.

In all circumstances where personal information is being processed, there will be a data controller and a data processor (although one person can be both the data controller and the data processor). The data controller is the person who determines the purposes for which and the manner in which any personal information is processed. For example, a business will be the controller of the personal information relating to its employees and customers.

The data processor processes personal data on behalf of the data controller. For example, where payroll administration is outsourced to a third party, that third party will be the data processor.

The DPA provides that data controllers must:

  • only collect personal information that is needed for a specific purpose; 
  • ensure that the personal information held is relevant and up to date; 
  • only hold as much personal information as the business needs, and only keep it for as long as it is needed;
  • allow the data subject of the information to see it on request;
  • maintain appropriate technical and organisational security measures to prevent unauthorised or unlawful processing, accidental loss of or destruction or damage to personal information; and 
  • not transfer personal information outside of the European Econmic Area (EEA) unless the destination country ensures an adequate level of protection for the rights of the data subject in relation to the processing of personal data.

All of the obligations under the DPA fall on the data controller. However, the DPA requires the data controller to pass on obligations to the data processor. For this reason, a contract which covers the processing of personal information should include an obligation on the data processor (usually the service provider) to process the personal information on behalf of the data controller (usually the customer) in accordance with the DPA.

Further, the customer will usually want undertakings from the service provider that it will have suitable technological and organisational measures in place to protect the information from any unauthorised or unlawful processing, it will want to be able to inspect those measures to ensure that they are sufficient and it will want to ensure that the data processor will not transfer any personal information outside of the EEA without the data controller’s consent (to enable it to ensure that the destination country ensures an adequate level of protection).


Coming up in the next article

The final article in this series will take a look back at some of the key issues which have been covered so far and will address the all-important question, what is the contract for in the first place?

Reviewed in 2015