Over the course of my 20+ years practicing law, I have had the honor of working with many individuals at the cutting edge of all aspects of intellectual property. I consider myself very lucky that most of these folks, in addition to being luminaries in the industry, are good people and have welcomed me into their professional world with open arms. To celebrate these individuals, I am inaugurating a series of interviews.
My first interviewee, Donal O’Connell, is best described as a force of nature. His enthusiasm and excitement for everything he does is infectious. I first met Donal in 2007 at Nokia in his role at the time as the beloved “fixer” for Nokia’s IPR department. He had a special knack for mediating issues between the IPR group and other different and complex interest groups within the then-rather-large and diverse workforce. Over the years my knowledge and respect for Donal has only grown. What follows is a slightly condensed and edited interview.
Tell me about yourself and include two obvious things, and two things a casual observer would never have guessed.
I am the Managing Director of Chawton Innovation Services, a company that provides IP education, IP consultancy, and IP software solutions. I am also Adjunct Professor of IP at Imperial College Business School in London. I am an IAM 300 Top Global IP Strategists.
Previously, I was VP of R&D and Director of IP at Nokia. My background is in engineering. I was a software ‘hacker’ in the late 80s and early 90s.
The name Chawton is taken from the village of Chawton in Hampshire in the UK, famous for its association with Jane Austen. Although now living and working in the UK, I spent many years living and working in Texas and as a result have a fascination with all things American, particularly American muscle cars.
What do you think are the two or three most important skills you bring to IP risk analysis/mitigation and where and how did you acquire them?
First let me clarify what I mean by IP risk management. IP risk management is the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analysing, assessing, treating, monitoring, and communicating. However, each company is different and faces different types of IP-related risks in different business environments. Each company needs to develop a unique plan to manage its IP-related risks efficiently and effectively. The IP risk management policies, procedures, and practices will therefore differ from one company to another.
That said, the purpose of any IP risk management program is to manage IP-related risks. IP risk management involves understanding, analysing and addressing IP-related risks to make sure organizations achieve their objectives. Proper IP risk management is an integrated and joined up approach to managing IP-related risks across an organization and its extended networks.
IP risk management is about ensuring that the business really understands its IP-related risks, and then mitigates proactively. The focus should be on risk mitigation and not just of risk evaluation. Risk mitigation covers efforts taken to reduce either the probability or consequences of a threat. Risk mitigation efforts may range from physical measures to financial measures.
When I was Director of IP at Nokia, I helped establish a dedicated IP risk management team within the IP Function at Nokia. This was a small team of IP Attorneys and IP paralegals who only focused on IP risk management.
I have written and published over 30 short papers on the subject of IP risk management as I believe that this has been a greatly neglected IP process. My company Chawton Innovation Services is one of the few companies with a IP risk management solution in the market.
What are two of the biggest challenges in the realm of IP risk management today?
There are a number of challenges. Most companies operate in denial or reactive mode when it comes to IP risk management with few operating in proactive mode. Fire fighting can be fun for a while but it is not the best approach.
Few people in the IP profession have been taught about IP risk management. Few people in the IP sector have been exposed to basic IP risk management tools like a risk register.
What is the next big source of IP risk and why?
Open innovation brings tremendous benefits and is being embraced by more and more organisations. However, IP underpins all forms of open innovation. If handled properly IP can help and support open innovation. However, there are also many IP-related risks associated with open innovation.
Given that software is eating the world, I would also add open source software here. Although embracing open source software can bring tremendous benefits, a company may also face a diverse range of issues associated with open source software which will all need to be properly and professionally managed. Like many things in life, there is both value and risk associated with open source software.
At a very top level, these issues or risks associated with open source software may be divided into the following categories:
Legal
Intellectual property
Security
Operational
Business
What excites you about IP risk management today?
Any business professor will tell you that the value of companies has been shifting markedly from tangible assets (“brick and mortar”) to intangible assets like intellectual property in recent years. Research has indicated that intangibles now account for about 80% of the total value of many companies.
The state of the intangibles within a company can determine its share and corresponding influence on the market. The size and quality of a company’s intangible asset portfolio can have a direct impact on several factors, such as the reputation of the company, the level of returns on investments, and their access to the market, among others.
Risk is the chance of something going wrong, and the danger that damage or loss will occur. By its very nature, there are both rewards and risks associated with IP. For anyone involved in IP, then IP-related risks are part of working life. There is no data available on the scale or size of the risks associated with IP facing companies, but one can assume that it is significant, and probably around this 80% mark.
IP risk management that is handled properly can give a company a competitive advantage.
What advice would you give managers responsible for IP risk?
Firstly, read my published papers on IP risk management to gain a deep understanding of this aspect of IP.
Secondly, establish a robust fit for the purpose of the IP risk management process within the organisation.
IP risk management provides a company with a very important early warning system when it comes to IP-related risks that may cause the company harm. Being able to see adversity on the horizon sooner than competitors is an advantage.
When a company possesses greater understanding and appreciation of their own IP-related risks as well as generic IP-related risks facing their industry sector, then such knowledge enables the company to manage and mitigate these risks more effectively.
When a company has embraced IP risk management, such companies tend to have an established network of specialist IP risk solution providers, such as defensive aggregators, IP insurance providers, anti-counterfeit specialists, etc. So they are not alone.
The psychology associated with risks says that powerlessness makes any risk feel scarier. However, operating in proactive IP risk management mode empowers the organization as people are typically less concerned about IP-related risks that are known, observable, have immediate effects, and/or which can be mitigated against.
Once a company operates in proactive mode for a period, their ability to properly assess the impact and probability of an IP-related risk greatly improves; their ‘anchor’ or starting point when conducting IP risk analysis is more realistic; they rate their chances of success more sensibly; they avoid interpreting risk information in a self-serving manner; they drop any ego-defensive mechanisms; they are more honest when assessing their level of control; and last but not least they just become better at mitigating IP related risks.
What areas of the business do you see having the greatest IP risk today, and why?
This is a challenging question. The obvious IP-related risk is that a business may infringe the IP rights of a third party. However, there may also be IP-related risks associated, for example:
Having too narrow a definition of IP, and ignoring potentially valuable IP assets
The IP terms and conditions in some development or commercial agreements with third parties
The publishing activities of the business
Embracing open source software
Being involved in certain interoperability standardisation activities
Getting involved in some open innovation initiatives
The use of subcontractors
One’s own IP out-licensing program
Employees stealing IP from the company
The scourge of counterfeit products
Trademark disputes with third parties
Trade secrets not being properly managed
What makes a useful IP risk registry?
The IP Risk Register is much more than just a simple list of IP-related risks. It is much more sophisticated than that. The IP Risk Register will also contain IP risk metadata. Metadata is a set of data that describes and gives information about other data. Meta is a prefix that in most information technology usages means ‘an underlying definition or description’. IP risk metadata summarizes basic information about the risk, which can make finding and working with particular instances of data easier.
An IP Risk Register should ideally also log the actions to analyse these IP risks and the actions to mitigate these IP risks, plus metadata associated with these actions.
It should also contain a document management component to help track the various documents associated with IP-related risks, IP risk analysis actions, and IP risk mitigation actions. Metadata associated with these documents should also be logged into the IP Risk Register.
A cost module should definitely be included, to help track the costs associated with the IP risks if and when they materialise and the costs associated with the actions to first analyse and then mitigate these IP risks.
Good search and reporting functionality should also be built into the IP Risk Register if it is going to be a truly value-adding IP management tool.
What do you think about the impact of China, as it relates to IP risk in the next five years?
Certainly many companies, particularly in certain industry sectors, face IP related risks related to China.
China is slowly but surely transforming its approach to IP. China has a national IP strategy. China is encouraging Chinese individuals and companies to embrace IP. It has strengthened its IP Office. China provides IP training at the primary school level. However, China still has issues (e.g. counterfeit products, enforcement of IP rights, interference from Government, hacking).
Companies face IP related risks from other sources as well, many much closer to home.
Connect with Donal O’Connell here.