From Patents to Privacy: Exploring the Ever-Evolving World of IP Law and Cybersecurity with Scott Coulthart
In episode 32 of REDD’s Business and Technology Podcast, prepare for a captivating interview with Scott Coulthart, Partner at Mills Oakley. Hosted by the charismatic Jackson Barnes and insightful co-host Brad Ferris, the episode delves into the ever-evolving world of intellectual property law and cybersecurity.
Scott’s wealth of knowledge and experience in the field of intellectual property shines through as he discusses significant changes and developments in IP law. From the impact of artificial intelligence on patent applications to the implications of the doctrine of exhaustion in relation to patents, Scott provides valuable insights into the evolving legal landscape.
The conversation takes an exciting turn as Scott shares the changes introduced in cybersecurity regulations, particularly in the critical infrastructure space. With the Security Legislation Amendment Critical Infrastructure Protection Act 2022, Scott highlights the enhanced obligations and significant penalties imposed on those managing critical systems. The discussion also explores the recent amendments in privacy legislation, emphasising the increased penalties for privacy and security breaches.
Amidst the dynamic legal landscape, Scott’s expertise and perspective shed light on the challenges and opportunities faced by businesses. From the importance of cybersecurity measures to the impact of data breaches and parallel importations on trademark owners, Scott offers valuable advice and insights for navigating the complex legal terrain.
As the episode concludes, Scott reflects on his new role as a partner at Mills Oakley and his passion for music, teasing the release of his upcoming album. With his wealth of legal expertise and artistic pursuits, Scott’s future is filled with exciting possibilities.
Join the exhilarating conversation and gain a deeper understanding of the ever-changing world of intellectual property law and cybersecurity. Scott Coulthart’s expertise and engaging insights will leave you inspired and informed, ready to navigate the intricacies of intellectual property in the digital age.
00:00 – Opener
00:20 – Intro
00:47 – Scott’s career background
02:56 – Cross-collateralization
04:41 – Working at Hopgoodganim and Scott starting his own law firm
06:49 – ChatGPT and AI taking over Law Industry
09:07 – Using ChatGPT as a tool for getting ideas to solve problems
10:08 – Privacy issues in using AI
11:20 – Scott diving into Technology Law
12:24 – IT Contracts
14:38 – Recent changes in IP Law industry
15:27 – DABUS AI
20:49 – ChatGPT killing creativity?
24:51 – IP Law space on patents
27:17 – Significant changes in trademarks
30:45 – Regulations being introduced in the Cybersecurity space
33:12 – Privacy regulations in Cybersecurity Space
38:10 – What’s next for Scott?
38:51 – Outro
#IPLaw #Cybersecurity #LegalInsights #Technology #IntellectualProperty #DataProtection #Privacy #DigitalSecurity #LegalTech #BusinessTech
If you would like to discuss any of the topics discussed in this episode further with a REDD expert or if you would like to be a guest on the show, please get in touch either via our website, [email protected] or through any of the links below.
Hello and welcome to Redd’s Business and Technology Podcast. I’m your host, Jackson Barnes.
I’m your co-host Brad Ferris.
Today we’re sitting down with a partner from Mills Oakley Lawyers. Scott Coulthart we are talking about IP law, data privacy and general technology law and a bunch of other things, I’m sure. Scott, thanks for coming in. Really appreciate it.
Very welcome. Happy to be here.
Awesome mate. Let’s start with your background way before you were at Mills Oakley. Did you just come out of University Australia into the law in legal industry or where did you start? I
Kind of didn’t. Law was kind of an accident. Okay. I was at school, I was a professional musician. I was teaching and I was performing and I was in a few bands and I loved that. But it would’ve upset my mother if I’d have just done music. And so I decided to do something else as well. I had no idea what I wanted to do. It was either going to be it or law couldn’t choose between the two. In fact, it was supposed to be medicine because back when I was a kid, she’d say Going to buy me an expensive car one day and it’d be become a doctor. Yeah, doctor. Yeah. But I was a bit of a sympathy vomiter as a kid, so that was never going to happen. Happily, I lost that, but I ended up studying it and law because I couldn’t choose between the two.
Did them both. So I became a programmer about a year and a half into my law degree. Cause I was doing the IT at the same time. And so that paid the rest of the way through my law degree as well as playing in a band by that stage. So by the time I finished law, I had five jobs. Wow. And none of which was law. And so Right. I had to find time to fit a legal career in. So I lost a few of the jobs, kept playing in a band and joined a very tiny law firm with afterthought was probably a mistake, but it has to start somewhere. And I did. But I ended up having a specialty in technology law and music law because of what I did in my private time. And that’s pretty much my
History. What did you play in the band?
I was lead singer and guitarist in most of the bands I was
Oh, the front man?
Yeah, the front man in a few bands. Oh. I’ve been sessioning for a number of bands as well. And I’ve recorded with people as a session mu, but in the bands that I’ve toured with, I’ve been front
Man. Yeah. Cool. So cross music law, can I throw a curve ball at the start?
You heard that term before? I
Have, but not in the terms of music law.
Yeah. When you are one band, this is getting a bit old school now, but you’ll sign up for an advance from a record company, could be an album and a publishing deal and you could either have your publishing deal separate to your recording deal, but if the label was being a bit
Not so much dodgy, it’s business smart because they would pay in advance to the artist. Yes. And that advance is repayable through royalties. So cross collateralization means they’ll pay you a publishing advance and they’ll pay you in advance on your recording and they’ll go, cool. If you don’t make the money back on this one, we’ll cross collateralize and we’ll take the royalties for the other one to pay that one off. So anyway,
So the question was,
Had you heard that term before?
Yes, I had. And yes, I was aware of that. But I mean, I was about to say that’s a long time ago. Standard. It was a long time ago, but it was pretty standard. Yeah. Yeah. But I mean, you get it because the label’s taking all the risk. Yeah. That said music hate to hear that, but that’s the truth of it. Yeah. Say, oh, it’s not taking a risk there music. Well, he’s having a bet on you and you’ll no one.
Did you look after any big artists or anything?
I look after number of artists. I wouldn’t say any of them were particularly huge because that was predominantly the music mafia in Melbourne looked after them, but oh, and Sydney for that matter. But I did look after some good name Brisbane artists. Yes. And cool. And they did pretty well. So I must have negotiated the right contracts. Hopefully they were talented, which helps. Nice. You can have a great contract and be a crap MSO and you’re not going to last for long. Yeah. But yeah, no, yeah, it was good fun. I didn’t mind doing that. But I also find that most musos don’t have a lot of money, especially to start with. And it’s a bit hard as part of a bigger practice to sustain that sort of management unless you do it on a percentage basis, which to do in the states. But I didn’t want to do that here. So yeah. So I now predominantly look after in the entertainment space filmmakers and certainly know how to look after all the musical law in that regard. But yeah, so it’s predominantly filmmakers now look after in the entertainment space.
So I saw from your background, you were a partner at Hop, good gammon, and then started your own firm and then went back to special counsel at, and then now partner at Mills Oakley. What made you drive your own and start your own law firm?
A single word answer. I’ll start that. Naivety good. I was doing pretty well at Hop. Good Gammon. It’s a good firm. And I was a young partner there and I think I was the youngest partner there at one stage. And as in youngest person to become a partner there, I was running a good practice. I founded their IP and tech practice there. It didn’t exist before I got there. And then several years into it, just before gfc, which I clearly didn’t see coming, I thought she’d be a good idea to run my own boutique practice at some stage. And I was very much supported by or egged on perhaps my wife who’d run her own business for 20 odd years. And so she said, look, I’ll give it a go. You’re expert, blah, blah, blah. What I didn’t realize then in my naivety is that enormous clients that I was acting for there aren’t going to stay with you when you’re under a small place. Not cause I don’t think you’re skilled, but because your insurance policy doesn’t go to a hundred million dollars anymore and your insurance policy might go to $10 million now, but most of the deals you’re doing for them are larger than that. And so you’re a bit naive to think you can run a small place and do that. Didn’t realize that at the time, nobody told me that. Still ran it for nine and a half years before I thought, why am I doing this? And merged that in with SZA where I am now. Very
Cool. Yeah. All right. So you actually ran the practice and you still grew it, although you couldn’t bring across me big clients like it originally intended. You still grew it. How many found employees?
I found a way to do it. I found a way to do it. So I had six employees Cool. At one stage there and I’d grown up from scratch. So just me originally and then there ended up being four other lawyers in addition to me. Yeah, cool. And we’re running a decent practice, but I had to really get clients help, but bigger clients’ help to be able to act for them. And I’d do it through the auspices of another firm. They’d brief a big firm and then the firm would sub brief me to go and do the work. Otherwise the huge work couldn’t be done by my firm. And I thought, why am I doing this? So it still took me nine and a half years to change it, but there you go. Nine and a half years later I merged in with Mills Oakley and
Yeah, sure. Had some good learnings in that time anyway. Right. Indeed, indeed. And probably did some fun times.
I had a lot of fun times, but it was my reasons for starting it were the wrong reasons.
Yeah, fair enough. Alright, bit of a curly one for you. What year is Chachi PT and AI going to take over the law industry?
I don’t think that’s ever going to happen, but if there were no controls over it, it would take it over within a couple of years. But there are a couple of controls. One’s going to be statutory controls, the other controls are going to be people controls. Law firms are never let that happen. Chat sheet PT is excellent at solving problems, but it can’t humanize anything. It can’t be a human. And a lot of being a good lawyer is about being human and understanding how people tick. And I just think that’s something AI is never really going to get. Right.
What are you seeing with you getting clients coming back to you with chat? BT did this for me already. What are they coming back to you with? Has that changed the way that you are doing law these days? It
Does. It changes it for the better. Again, if I install my own controls on it, and there are, look, I’m a massive fan of chat gbt. Okay. I used it all the time, partly for fun, partly to write songs. My next album’s actually going to be chat GBT and me. Oh yeah. Really? Yeah. I kid youre not. Oh and it’s really good. I’ve even checked the terms and all the IP belongs to me. But I had a client yesterday wanted me to draft a notice to go to their customers, letting them know that they’re going to up their prices by cpi. They just wanted to get the drafting right in accordance with the contract they had that I drafted for them a couple of years ago. But they also, they’re in it. And they said to me, oh look, here’s what chat, here’s how chat gpt said to draft it.
And they sent me chat GPTs version. And it wasn’t too bad actually, but it was very chat gpt and not personally and a little bit over the top even. So whittled that down a bit and made sure I did make enough changes to justify the fee I was going to charge. But I think that’s a good thing for clients to do. How do I use it as a lawyer? I used it as a lawyer and get my team to do it. I never ask it what the law is because it’s not necessarily going to get that right. Even if it does, you don’t want to lie upon it. You can’t outsource to a machine. But I will often, what did I do the other day? So I had someone get me to draft an agreement the other day, a distribution agreement with a particular particular of clause in a specific industry.
And I thought that is so specific. So I thought I’ve got no idea because I haven’t been in that industry before. Drafted plenty of distribution agreements but had no idea how to use this clause in the context of this industry. And so I asked tpt, I said, in the context of this industry, how would you use a clause that provides for this type of earn, blah blah, blah blah. In a distribution agreement context. When I’m acting for the distributor and I went to chat GPT four by the way, which is better than 3.54 is much more intelligent and gives you better answers. 3.5 gets a bit stupid sometimes, but it went bang, come up with these answers. First of all, it gave me the usual disclaimer saying, well I’m not a lawyer but here’s seven things you should look at in that type of course, blah, blah blah blah. And it was absolutely right. And it made me realize I wasn’t an idiot cause I thought of five of them myself, but two of them I hadn’t. Right. Two of them I hadn’t even thought. I thought, yeah, that could be an issue. And so that is pretty good guidance you can use and you’ve got to do the drafting yourself. But I think it’s a good tool that lawyers should use moving forward to give them ideas as to how to solve problems. Cause what it did was solve a little problem for me.
Yeah. What about the privacy side? Are you worried that you know might or not in so much you but a lawyer might put too much detail in there, maybe some client information and ask chatt pt and that’s obviously goes out to the rest of the world. Are you concerned about the privacy side with using AI in general?
Legally? No. Practically yes. Legally no. Because according to their terms, presuming they comply with them, they don’t actually store any of that detail and chat GBT tells you in its terms that it can’t remember anything or any personal details or anything you tell it other than to answer queries that you’ve put to it. And so anybody else, anybody else with another account who asks a query of it, it won’t be able to recall those details. However, it does remember those details in the storage that it makes for you. So if someone else uses your account or hacks into your account or the next time you use your account, it’s storing in on some cloud basis somewhere, the private data you put in. And that’s no better than putting it on a Dropbox or anything like that. Which most law firms are not allowed to do. A lot of law firms do, by the way, but they probably shouldn’t. Certainly if they’re not, they’re as certified, they can’t. And we are so we can’t. So I don’t, no. So from a legal perspective, no I’m not concerned about from practical perspective I am because it is stills your client’s private details stored on a cloud somewhere you’re not in control of.
Brad, any other questions you wanted to ask chat related? No. Rolling back to you. Focusing on technology law, what kind of drove you to wanting to do technology law at the start or being interested in technology before studying that and law? What was the need for that or want
I got interested in it cause I’m a real tech nerd. Okay. I’m a bit of a math se. I love the tech and I love the maths and I dunno why I love the maths, but I do. I’ve always found maths pretty easy. Yeah, fair enough. So programming. So I was a 14 year old programming a Commodore Vic 20 computer, how to make Pacman games in 3,583 bytes, which confused the hell out of Anna nor the hell out of my sister whose computer it was. But she ultimately gifted that fantastic Vic 20 3005 93 bytes to me. And that instilled my love of programming. So by the time I got to university, I was already a pretty reasonable programmer, upped the ante to get through programming, which I found that degree quite easy, which was great. Unlike law was a lot harder by that stage.
I was in bands chasing girls. Anyways, it didn’t really matter. But by the time I’d finished uni, I was totally enamored with programming in a commercial context. And I did have a commercial programming job. But one thing that I had noticed, especially studying and finishing my law degree was that in it, the contracts weren’t terrible in the nineties. Oh hell, even now it’s 2023. But even now, a lot of the IT contracts you see are just abysmal contracts. Not because as a contract they’re terrible because they just don’t suit the transaction and they’re not drafted by someone who knows what any of the terms actually mean in practice. And you often have this massive divergence between what the lawyer thinks the issue is and what the client knows. The practical issue is the lawyer doesn’t understand the practical issue
When you say it’s horrible, horrible for who the person doing the developing work or the business that’s signing the contract,
Whomever’s a party to the contract, it’s terrible for them. Cause the contract doesn’t really match the transaction. I found that all the time. I had these terrible contracts for the sale of land being bastardized into it, license contracts and stuff. And the two just don’t meet. The only bit they got right is the parties. And that was a real endemic issue at the time. And I thought, well I wouldn’t mind sort of fixing that. And so by the time I became a solicitor, I was heavily into getting into as many IT contracts as I could just to fix them because they were all broken. All of them were broken. Now I find them less broken, but still these days you still find a lot that are broken. And so it became an accidental specialty because I kept putting my hand up to do everyone’s IT contracts cause I liked them.
Yeah, interesting. So just your annoyance for when you were doing coding work and the contracts and drove you to focus more on the legal side.
Yeah, my first IT boss, my first commercial IT boss anyway, was a property manager, a good guy, but knew nothing about computers and so left it all to me to program to automate his office basically, which is what I did. And he put me under this contract that he drafted, which was barely a contract. And he didn’t get too offended when I told him very nicely that it was abysmal. So I redraft or he let me redraft it for him. And I did. And I thought, well if this, I can’t be the only person this has happened to. And sure enough not it happened to everybody else who was in it who didn’t have a legal connection. Their contracts were either didn’t exist or were terrible or both.
Right. There you go. What’s some recent changes in your industry? So in that kind of IP patent, trademark kind industry, what, what’s what’s happening legally?
So the most recent changes in IP law, probably from August 21 I suppose, is recent enough. You had a few patent changes like back in 2018. They had that productivity commission report that talked about could we make improvements to the patents and trademarks and designs industries and how do we make things more robust and more economically useful And so that everybody gets benefits. And after that report, eventually legislation came about that actually passed on 25th of August 21 in relation to patents. It only made a tiny change but had big effects. One of the changes it made was to introduce an objects clause to the patents legislation that talked about things like economic wellbeing through tech innovation, transfer and dissemination of tech, all that sort of gear. And that had flown effects for how courts interpret the patents act. And then came those decisions you’ve probably heard of about the Thaler decision with, you haven’t heard of Thaler?
No dais. Okay. So dais is an ai, which we were just talking about before. And dais was invented by Dr. Steven Thaler and dais created of straight through ai, a patentable way, a brand new way of affixing plastic lids in a Tupperware type context to keep the liquid in and keep the fre in. All this sort of stuff would make Tupperware very happy even though it wasn’t theirs. And Dr. Steven Thaler thought, this is great. So I’m going to lodge a patent and I’m going to make dais the inventor. So dais not being a human was the inventor. The patents office said can’t do that. Kind of need a human to be an inventor. The federal court said, you know what, I don’t like that. I think an AI can be an inventor because the patents act doesn’t specifically say it has to be a human. Then the full federal court said no because these changes that they made, the patents act were probably accidentally made this change. But those changes really meant that it has to be a human for there to be that economic incentive for the tax because it would
Be the human telling the AI what to do to put the thing right. Correct. Correct. Is that where it
Landed? Clearly Dr. Steven Nath was the applicant. So that’s fine. There’s a difference between the applicant and the inventor though. And so his argument, which I really love and I wish the high court had accepted his leave to appeal and made that decision, but they didn’t. They refused leave to appeal. So legislation has to change it now. But anyway, the end result is currently accidentally as a result of these changes. And AI can’t be an inventor. You must nominate a human as the inventor. Dr. Steven Thaler wanted it so that he could be the applicant, but his AI dais could be the inventor. So why did he want that? Because well it’s an ideal, isn’t it? Your AI can invent things and get credited as being the inventor. Oh,
Okay. So that’s all it was. So we’ll create more things literally and get credit for it that he made would get credit for,
Is it? Well, he’d be the applicant so he gets all the profits, but he gets to say, my machine made that my machine dais is the inventor. Right. Which still very nice, ideal. I do think one day the law will China don’t think we’re far away from the book changing to allow that because it really doesn’t make a difference. And it achieves the ideal, makes people happy. It’s a good story to tell. Yep. And all they have to do is change the patents act to say an event. It doesn’t have to be human.
Because you had, Brad, you had this question right, about AI creating music. Who owns
The No, we had a, oh yeah. Who owns the copyright effectively? So your album, you’ve obviously obviously checked it out. And I think when chat G B T started to get my momentum and popularity more to the general masses, which was beginning of the year, end of last year, I think there was some situations that I read about where I was saying, well who’s the similar to this patent thing? So who’s the writer who owns the copyright? And I dunno where that actually landed.
It’s a tough question because you’ve got all sorts of different copyrights of music. You obviously, you’ve got the sound file copyrights, which are separate, but then you’ve got the lyrics,
Mechanicals publishing, you’ve got the music
Publishing, all of that, all of that, your chord progressions, bra Sheeran keeps getting sued for that. But he’s not breaking anybody’s breaching anybody’s rights by doing what he’s doing.
He did win. And for the right reasons, although wrong reasoning, but I won’t bore you with that. That’s that’s a whole nother podcast, that one. But the bridge version is chord progressions. Can they be copyrighted? Not really. Not when they’re based upon what are called turnarounds. If you’re a musician, you turnarounds are, and most music is based upon, dunno what turnaround is. No. It’s a sequence of three or four chords put together that humans like turnaround one is one chord. Let’s say your key is a set, you go from C down to a minor to F to G. That’s called turnaround one. And a good half of the songs you’ll ever hear today are based upon turnaround one. Yes. And
So how many notes are there 13 notes or something? Well,
There’s 12 notes. 12 notes. And
There’s, you’re going to have an issue at some point.
Yeah. So there’s endless combinations the longer the song gets them or the more distinct you can be. Yep. So the old argument is, can you have copyright over record progression? The answer is yes, but only if it’s original. But when is it original? All this sort of stuff. And that’s what leads to all these music fights. People like Ed, she are not smart enough to know what turnarounds sound good. And so he writes all these songs with good turnarounds stitched together. And then someone says, oh, this bloke did this back in 1950. And well of course he bloody idiot. It was the same turnaround. But that doesn’t mean anyone’s rights were breached. Yeah, it was done before the earlier fellow too. Yeah. So makes me angry. Those things. Can you tell you?
Yeah, the other thing that we talked about, one of our guests, how did it come up? Mentioned that he thought, I’m paraphrasing and probably poorly, but it was around creativity and chat GT will reduce, I think it was, did we use the word kill creativity? Yeah. And we had a little bit of a philosophical conversation because your example when you asked it a question to help you with a particular case or an idea, I think in that example is a good example where it actually helps your creativity. Absolutely. Cause you were kind of, I’m totally
Side kind of call and response with the machine and you are asking your questions. A yeah, you’re, it’s giving your response. You take that response, you go, okay cool. You think about right. So yeah, we, I’m on that of the fence as well.
It’s going to kill creativity if you just say, here, do this for me cause I don’t want to. Yeah, that just means you weren’t creative in the first place.
And Well that actually, actually meant, that was Lonnie’s podcast I believe. And it was
Oh yeah, that was a lock. And I think he was saying something along the lines of, it’s really interesting that the industries that are getting, I guess job share taken away first is marketing and sales and those kind of jobs, which are there more creative industries that are meant to be getting automated? But
Look, I’ve never got what I want in the first hit. You always have to go back and forth tbt, but then you still have to have a vision in mind of what you want to get to. And that’s where people are getting the results. If people just go in there and they still don’t know anything and they, they’re like, oh, just type something in. Give me the answer. I mean it’s just basically cheating and cheetah’s never prosper. And you’ve got to actually engage with it. You’ve got to have vision. What do I want to get out of it? And then when it spits something out, that’s exactly, yes, that’s where I wanted to go with it. Now I’ll take that and I’ll edit it or it’s a good idea or whatever.
So I mentioned before, I’m doing an album with chat G p T, I’m actually six songs into it already, but it takes six or seven. It only takes six or seven iterations to get the actual song done. But it starts, in my case, it starts with me saying it. All right, write a poem that doesn’t have to rhyme about this topic and with perhaps this turnaround and with this chorus and instantly bang, here it is and it’ll do that. And it reads reasonably well. I might need to change something. Might say, no, make it less dark here and a bit lighter here and a bit darker here. And it will then the third iteration I’ll say, right, what chords would you put to that? Sometimes it says, oh I dunno what chords would suit that. I’m not a musician. Other times. And it seems to do it somewhat randomly, it’ll say, I think based upon this poem you and I have written, we should use these chords and it’ll give you some chords. And then I’ll say, all right, add a chorus here and add a bridge here. And then before you know it, after six or seven iterations like that, you’re done. You’ve got this great song and all I’ve got to do is really play it. Color the music.
Yeah, right. Interesting. Are you worried that other people will ask similar prompts that Chatt and get similar kind of outcome? I’ll just look.
So we do get philosophical, but we can actually have this conversation. So I likened it in another podcast and I think when everyone over everyone’s head, because they didn’t aware of this, but logic we were talking about Logic, logic Pro. Yeah. The digital audio workstation on Mac. Correct. Software earlier and the doors they’re called. So D a W Digital audio workstation was the democratization of production. It’s actually, it now has, previously we were talking about music deals. You had to go to label, you had to get a million bucks, you had to get advance, you had to repay that through royalties because you had to go to a big studio to get all the gear to be able to actually record anything that was of any decent quality now. And so people who might have had good ideas were kind of locked out. The barrier to entry was too high to be able to make an album.
So only the people who had the right connections at the right time knew the right people could grease the right wheels, would get the opportunity to get an advance, make a deal, make an album. Then you have technology comes in and now with this laptop, if you have the right creativity, the right ideas and the right amount of talent you can release, you could record in an hour pushing it. I’m sure it’s been done. A number one hit. You could upload it, you could publish it. The other thing record labels did was distribution. That was the big thing. You had to physically get your music into stores.
The only big addition is the obvious one. You’ve got to produce it as well. And producing is not simply being creative and writing it and recording it. You’ve got to record it. Right. You’ve got to mix it right. You’ve got to master it. You got to EQ it. Right. You’ve got to use the right reverbs. Exactly. Do that tweaking. And you’ve pretty much got to know very much about what you’re doing to be able to do that
Properly. So you just have to have talent. Right. So hypothetically you can do all those things on this device.
Whereas previously it was, yeah, probably a million bucks really if you want to get something like that done. So I think it’s just another tool, right? So if you’ve got the right vision, you’ve got the right creativity, not what you’re going to do. You’re going to use that tool to create the output.
Utterly agree with that. Yeah, that’s exactly right. AI is a tool. It’s a clever tool, but it’s a tool. Yeah,
No, I definitely
Agree that and everyone has equal access to it. So again, it just democratizes the,
Oh, I love it.
It’s good way. Looking at it. Was there anything else that that’s changing in that kind of IP law space?
Yeah, there’s been a couple of things. So one of those other things that changed, there’s another case called cada, I won’t bore you too much with, but it talks basically about something called the doctrine of exhaustion in relation to patents. So until that which was, well that was late 2018 from recollection for the previous a hundred years prior to that, there was an implied license. So if I’m a patent owner and I’ve got a patent over a product and I sell that product in bulk, the purchaser has an implied license from me to use it for the purpose of which it will sell to them. So they can do certain things that they might be able to repair it. They might not be able to, depends on what my patent license, right? Say. But it was an implied license to them to do that. But that all changed with the passage of this legislation and the Calidad case is where the high court decided that was the case.
It changed after that a hundred years to what’s called the doctrine exhaustion. What happens now is I’m that same patent owner. You’ve bought the product, but you are now allowed, I don’t have the exclusive right anymore to use it or to modify it necessarily within limits. The only exclusive I have now, instead of all those exclusive patent rights used to have, the only exclusive I’ve now got is to make it. And so that changed the a hundred plus year old implied license thing. So what that really does is allow people to repair their own things that they bought without having to go back to the manufacturer provided they’re not deemed to be making something new. There’s a whole another whole shit fight. So I dunno if we’re going to bleep that out.
It’s fine mate. Fine.
It’s an adult audience.
It’s fair enough. Yeah. So that’s a whole other fight to do with courts. They always help the courts out. They help us lawyers out. But yeah, that was a fairly significant change, which was good for buyers, good for the general populace so they don’t have to pay expensive repair bills anymore as long as they’re not making any new product. So there was are a couple of minor changes to do with designs and trademarks, which really just greased the wheels for making things a bit administratively easier to get them through. They added things like 12 month grace period for designs and things like that. Prior use defense was actually, there was one significant change for trademarks that was parallel. Importations all about those. Heard about those.
I have heard, refresh my memory.
So somebody, oh this is imports overseas basically
Actually this is a music thing as well. Music industry,
It can be CDs but this, the change was more to do with, oh I suppose CDs, it applies to CDs as well. It applies to all goods, not services. Okay. Yeah, it applies to goods. I do remember where if you imported from overseas something with a trademark on it previously there was a section of the trademarks act called Section 1 23 that said that’s not a breach of the trademark owner’s rights. If that trademark owner specifically authorized the affixing of that trademark to the goods. So that facilitated, authorized parallel importation of goods. Most trademark owners of course want to control the jurisdictions in which they sell things. And so they don’t want you to import it from overseas and start selling ’em at different rates that they are in that jurisdiction or here. So section 1 23 was unhelpful for trademark owners cause they couldn’t control things.
But now they’ve made things even less helpful for trademark owners by changing that a little bit. So that, because one of the things where the poor old importer who thought they were doing the right thing would go awry for them is if they found out they thought reasonably that the trademark owner had authorized the attaching the trademark. But in fact they just got ripped off by the person overseas who took the money. Real trademark, real affixing over there, but no authorization with the trademark owner. So they’d fall a foul even despite section 1 23. That’s changed now. So that if the importer has a reasonable basis for believing that the trademark owner had, if they’ve made reasonable inquiries about it, such as seen as certificate of authenticity or something from overseas and if it looks reasonable and not fake, then it doesn’t matter whether the trademark owner has actually authorized it. As long as the importer’s got a reasonable basis for thinking they did and as long as it’s a genuine trademark, then they’re okay.
So practical example of that, again, we’re going back, but again, people who listen to this I’m sure are familiar with CDs. I dunno if you are. Yeah. But what do you think? So all of this goes back to, again, we’ve been talking music earlier. I had a passion for music worked out I wasn’t going to be a rockstar. So I got started getting interested into the music business side of things and worked on a couple of the major record in my previous life and parallel imports. The practical example was they’re say Sony Australia’s licensed to produce CDs. They own the copyright locally in this territory. So say it’s Australia, New Zealand. And then parallel imports for them would be someone buying a whole bunch of legitimate CDs from Asia potentially and then trying to sell them here. And that was considered a parallel import. Yes, that’s right. Yeah. So practical example.
So yeah, it helps the importers to an extent as long as they’re not just being dodgy and not taking reasonable steps. As long as they take reasonable steps, they’re good.
Why are people a little bit into cybersecurity? Which is a thing we talk about a lot on this show and you probably have spoken about it as all your career in legal with privacy side, but also law firms in particular, a whole lot of sensitive information. So it’s probably quite important. And there was a massive law firm in Sydney that got breached just fairly recently as well, which I’m sure there’s probably been discussions at your firm about that kind of stuff. But what new regulation has been introduced in the last 12 months in that cybersecurity space?
There’s been a few in the last 12 months in the actual security side. There’s this one’s sort of a long name security legislation amendment critical Infrastructure Protection Act 2022. That started in April this year. So April last year, sorry. So that was very recent. 2nd of April, 2022. From recollection it’s a heap of twos. They introduced a risk management program requirement and enhanced obligations if a system is declared by the ministerial power to be of national significance. So if you manage your own or exclusive licensee of a system that’s considered to be of national significance. There’s a whole heap of obligations and freedoms for that matter and rights, but mainly obligations.
But they define placed upon you.
They define They do, yes. Yeah, yeah. So they, they’re go into, I’m very much summarizing, they go into a lot of detail about those things. But there’s a whole new set of obligations required to keep those critical systems secure in particular to avoid those sorts of things at national level as opposed
To your penalties are in place for that.
Oh, significant. Yeah. Yeah. There’s talking thousands of penalty units. So you’re talking six to seven figures of penalties. Right. So pretty big penalties. I mean not every man and his dog in their hotel owns critical infrastructure, but if you do, yes. Very significant obligations. Indeed. I feel
There’s been a lot of talk in the industry, cybersecurity industry about critical infrastructure and the don’t think everyone understands it properly in terms of what you need to do and what the ramification is if you do not put this stuff in place. So yeah, that’s
Understandable. I mean that’s brand new. I mean the Soki Act, obscurity of Critical Infrastructure Act only came in play in 2018. So it’s not like it’s been around since Jesus played fullback for Jerusalem. It’s all brand new concepts that people are just starting to get their heads around so people can be forgiven for not knowing. But make no mistake about it, if you do a control infrastructure, you’re going to get very significant notices from the government telling you what you’re required to do. And those notices are pretty good. Not like they’re getting you in trouble for doing anything. They, they’re trying to take care of you and want you to take care of
It. I mean it’s a good thing they should probably do more. It’s an excellent
Thing. Yes, that’s right. And it’s for national security as well. It’s mainly about national security. It’s less about idiots in Russia picking on poor law firms. It’s more about making sure that that can’t happen or at least trying to reduce it from happening on a national scale. So that’s on the security side. On the privacy side. So security from privacy perspective, the flow-on effect of this national security is flows onto privacy and data breaches to avoid those. There have been recent changes there too as well. Much more recent the, what’s it called, the privacy legislation, amendment enforcement and other measures, ACT 2022 that commenced earlier this year significantly increased the penalties that can be awarded against people who fail to meet their privacy and security obligations. The maximum penalty, for example, for a serious or repeated interference with privacy is now the greater of 50 million bucks or three times the benefit of the contravention or when the benefit can’t be determined. 30% of the domestic turnover of the company involved,
Which is massive.
Massive. Right. And so the bigger the player you are, the more key you’ve really got to take your system because the penalty could just be debilitating. Yep. What kill, but you’ll remember it.
That’s a good thing that went in, make it depending on business. But I think that was a lot of uproar because Optus, when they got breached, got a $2 million fine because that was the penalty, the limit at that time instead of 30% or $50 million.
So that’s post Optus. What was the date on it? That’s post
Optus. That was only early this year. So it was 2022 act, but I don’t think it was passed until early.
Oh right. Didn passed effect early this year. 23. Yeah,
I think it was a lot upper, I think it was March.
It was either March or April this year
I believe if you were in American that same breach happened, they would’ve got a massive fine. Yeah. So it’s probably good they put that thing in place. But it also is a weird concept because cyber
Analyzing people for being victims of crime.
If you are the victim, I heard someone say this one time that if it’s, there’s like a lady walking down the side of the street and has a handbag there and someone comes up and steals the handbag and runs away, do you get out a stick and whack the lady for being on the street? Do you chase the criminal? So weird in the cyberspace is because it’s usually from overseas, the closer to the street,
She’s the closer to the practical example there is that she’s carrying someone else’s handbag with a big sign on. It says there’s a million bucks in here, come and take it if you want. Then you slap the lady with a stick. Otherwise don’t, not at it’s her handbag and she’s got it closed. That’s
True. I assume there’s, they’d have to prove negligence effectively or something like that. Yes, that’s right. And there’s a duty of care.
That’s right. The OIC is only going, the privacy commission is only going to pick on you and issue a fine if they really think you were at fault
And no one’s been penalized yet. Right. Scott, from that
Under the new legislation, I don’t think anyone has been. I think that’s right, but that’s coming pretty shortly I would think. I don’t want to mention the names of any law firms, but there might be an issue there. We’ll see.
Yeah, one’s crazy.
Yeah. Where do you see that space going in terms of legal ramifications for data breaches going forward?
The cynical side of me suggests that it’s people are just going to point fingers more. It’s going to be easier to have the finger pointed at you because it’s not that we’re becoming a nanny state. Just that the necessity for compliance is increasing and the A IIC has a mandate to make sure that this happens, otherwise they get the as
Well. And it’s happening a lot more often.
Right. The threat actors, attackers, hackers, whatever you want to call them, they’re just more prevalent because they’re making money and it’s lucrative.
So where I see it going is that people are going to be a lot more careful initially. People will give you access on prohibitive terms to their systems and all that sort of stuff. So it’s going to be harder and harder to access to. It’s going to be a lot more red tape involved in getting access to people’s systems. And I think those who don’t do that to try and enter into a market without by not doing that, I think are going to get themselves increasingly in trouble. So you’re going to see more businesses closed down, but you’re going to see the bigger businesses get bigger. I know that’s probably not what people want to hear, but I think that’s what’s going to happen.
Yeah. It’s quite hard with the economy and stuff. It’s interest rates and everything going on to moment that it is quite hard for a small business to go, oh, these breaches are scary. I’m going to invest X, Y, Z dollars into making sure we are secure when they’re getting whack with employees wanting more and inflation interest rates going up and that kind of stuff. So it’s a weird time, but
It’s not hard to cover yourself. It’s not hard to cover yourself within reasonable terms. You don’t have to spend a hundred thousand bucks to cover yourself as a small business in terms of privacy and data breaches, you know, breach good people. You brief good people like Red and Arctic Wolf and get them to investigate things cause it doesn’t cost a million bucks to get them to check it
Out. No, you’re right. And to be honest with you, most of the stuff that we see and now friends at mc and that kind of thing is general technology hygiene not being done properly, isn’t it? Most of the time when stuff happens. But it’s a bit of a rabbit war as well because there’s so much you can do with cyber. Yeah. Anyway, that’s a rabbit hole. Let’s go down mate, thanks for coming up. I really appreciate it. You’ve shared some good insights around what that’s having that space AI conversation. Love that. Where that’s going as well. Next for you, obviously you’re starting as partner in Mills Oakley. Yeah.
I’ve just become a partner and so I’m going to see where that takes me and grow that as big as I can and hopefully get fat rich and old.
Makes more albums. Yeah,
Coming out. Well I’m definitely doing that. Yes. Actually I’m about to release another one. Yep. So I’m just doing it myself. I’m not really plugging it or doing anything like that. I’m really the worst businessman for myself in the world. I, I’m happy to look out for everyone. But yeah, no, I’ve just finished 10 song album about to drop on Spotify and all the rest and I’ll keep doing that cause I love doing it. I’ve got a patient wife who likes listening, so Yeah. You know, can make this new intro. Brad, maybe. Come on Scott. Awesome mate. Thanks for coming in. Really, really appreciate it. Cheers. Thanks.