Who owns what with regards to industrial data, what risks can arise, and how to protect your business from them.
DATA is the most important raw material in industry. Yet few understand who owns it after it is created, or what rights they have while storing it. A lot of the issues that data ownership presents are not what they seem at first glance. This article explains who owns what with regards to industrial data, what risks can arise and how to protect your business from them.
Forbes reports that we produce 2.5 quintillion bytes of data every day. This huge quantity of data allows businesses to extrapolate trends, fine tune their systems and create simulations with a high level of realism. Although for many, this means that data has been commoditised to a certain extent — being freely traded like any other currency — for private businesses, data is still very much a valuable asset from which to gain a competitive advantage. Here, establishing ownership of the data becomes an important issue.
Before diving into more complex matters, lets address the simple answers to the simple questions. The platform on which you store information does not own your data, just as when moving house you might store your books in a storage box, but the removals company doesn’t own them. In the case of industrial data it should be securely encrypted, meaning that even if someone could access your books, they wouldn’t be able to read them!
Furthermore, all questions of ownership should be clearly delineated within the user contract. Therefore, the contract is the best way to fully understand how much protection you have, and fully comprehend all the niceties of who owns what in every situation.
Now for the more complex issues. In industry it is very common for companies to lease all kinds of parts, from pumps to machine tools. It is also likely that one or both of the companies in question, the provider and the company renting the product, will want to record data. They may even use a third party for the recording process. As such, there could be an argument for split ownership of the intellectual property created.
Luckily, most of this information will not be interoperable. It may deliver deep insight into the machinery, but small variables could make the information useless when applied to any part not in the exact condition of the original. Variables including humidity, altitude, temperature or, in the case of a pump the makeup of the fluid being pushed through it will have a huge impact on the inferences that can be drawn from the data. This represents a natural defence against misplaced or stolen data.
However, this is not a foolproof protection. For example, let’s say you produce a slurry for a specific chemical product. The pump must be finetuned for the slurry’s specific granularity, because it contains a variety of specifically-sized pellets that are central to its use.
To make sure you don’t crush the pellets, you should finetune the pump that you have leased and in so doing share the tuning data paired with sensitive information to the pump company. Armed with this information, the pump company could theoretically deduce the process. If you lease multiple parts from the same company, they could, over time, deduce your entire process.
With your entire process in one hand, and all of your finely-tuned data in the other, there is nothing to stop the leased equipment provider from selling the information to a competitor or otherwise misusing it. They would also be able to access all the benefits of your painstakingly-made improvements at zero cost.
To stop this from happening there are many ways to protect your IP. The first is to only release certain information, for instance only the vibration information, about the part. This will allow finetuning to be performed while protecting your IP.
Another method is flushing your data. This is for occasions when the sensitive information must be stored within the part itself. Flushing your data means that, after your lease is over, the device has all of your sensitive information, such as recipes or formulas, wiped from it.
If all your data is collected by smart sensors, a novel method of protecting it, while allowing all parties to obtain useful analysis, is to use an IoT platform, such as GE Digital’s Predix. This allows the user to take in all primary sources of data and then send the applicable parts and analysis to the relevant parties. This allows for seamless transparency in data ownership and privacy.
Overall, the best way to protect your data is to set out clearly in your contract who owns what. Thinking through the outcomes that could be created by mishandling sensitive data before signing those contracts is sensible. Stipulating precisely what can be retained, what has to be anonymised and what must be deleted after a run is complete is the only way to completely protect your IP.
After all, you can build walls to protect yourself but if you hand out keys to everyone what good are they?
By applying these suggestions, we can make sure that the vast quantity of data that is generated every day in our manufacturing plants, buildings and warehouses is not wasted or misused. Instead we can make sure that the data is protected, whilst also bearing fruits useful to all.