Weekly Data Privacy Alert – 13 March 2017

Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from the EU, France, Germany and the UK.


  • European Data Protection Supervisor Issues Opinion on Proposals to Enhance Consumer Protection in the Digital Sphere


  • The CNIL Publishes a Six-step Methodology to Prepare for the GDPR


  • Berlin Data Protection Commissioner Provides Information About Working Paper on Biometrics in Online Authentication
  • Schleswig-Holstein Data Protection Commissioner Warns Against Deteriorations in the Protection of Data Under the Draft Law on the New Data Protection Act
  • Federal Data Protection Commissioner: Automated Driving shall not Introduce Electronic Tachographs Through the Backdoor
  • Bavarian Data Protection Authority: Patient Files may not be Stored in Unlocked Filing Cabinets in a Publicly Accessible Cellar Corridor


  • House of Lords Committee Releases Report on Driverless Vehicles

For more information on any of these items, or data privacy issues generally, please feel free to call any of the following individuals:

Annette Demmel (Germany)

Caroline Egan (Birmingham)

Stephanie Faber (France)

Francesca Fellowes (Leeds)

Supreme Court Tosses Laches Defense To Patent Damages

Yesterday, the Supreme Court reversed the Federal Circuit’s en banc decision in SCA Hygiene Prods. v. First Quality Baby Prods., 807 F.3d 1311 (Fed. Cir. 2015) (en banc), and effectively abolished laches (unreasonable, prejudicial delay) as a defense to patent infringement claims or damages.  The Court’s decision does not disturb the Federal Circuit’s additional holding that laches can bar equitable relief in patent cases. The Federal Circuit decision had held that laches could be used to defend against patent damages even if incurred within the Patent Act’s 6-year limitation period.

Writing for the 7-1 majority, Justice Samuel Alito’s opinion invoked the Court’s decision in Petrella v. Metro-Goldwyn-Mayer, Inc., 134 S. Ct. 1962 (2014), a copyright case involving the same question.  The decision reiterates the Court’s view that “laches . . . cannot be invoked to bar legal relief . . . [i]n the face of a statute of limitations enacted by Congress.”

Justice Stephen Breyer, the lone dissenter, wrote that laches “fills a gap” that can exist in patent cases. For example, “a patentee might wait for a decade or more” to see if the alleged infringer’s product becomes successful and, if so, then file suit for six years’ damages, backward from the filing date, without fear of a laches challenge.  He also criticized the majority for discounting “a long history of prior case law that shows with crystal clarity that Congress intended the statute to keep laches as a defense.”

The bitter irony of that criticism will not be lost on the Federal Circuit: it typically is on the receiving end of Supreme Court criticism that the lower court glosses over historical Supreme Court precedent in favor of bright line rules.  In SCA, however, the shoe is on the other foot:  now the Supreme Court has grasped at the bright line, finding that, historical precedent notwithstanding, the statute precludes the application of laches.

Can Personal Data Be Used As Payment For Free Online Services?

On 14 March 2017, the European Data Protection Supervisor (EDPS) issued its Opinion on the protection of personal data when it is used in lieu of payment for “free” online services.  The EDPS is an independent EU body responsible for advising the EU institutions on data protection matters.

The Opinion was issued following a request by the EU Council in regard to a package of legislative proposals on contracts for the supply of digital services (e.g. social media platforms and cloud computing services) and the online sale of digital goods (including films, computer programmes, mobile applications, etc.) Among the aims of the proposed directives is to provide protection to consumers who are required to disclose their personal data as a condition of the supply of “free” online services.

Continue Reading

Weekly Data Privacy Alert – 6 March 2017

Please click here to read the latest data privacy alert from the Squire Patton Boggs Data Protection & Cybersecurity team. This week’s alert covers news from the EU and the UK.


  • European Data Protection Supervisor Issues Opinion on European Travel Information and Authorisation System


  • Information Commissioner: UK Should Seek to Obtain Adequacy Decision After Brexit
  • Government Unveils Digital Economy Strategy
  • Court of Appeal Rules on Discretion, Proportionality and Motive in relation to Subject Access Requests

For more information on any of these items, or data privacy issues generally, please feel free to call any of the following individuals:

Caroline Egan (Birmingham)

Francesca Fellowes (Leeds)

French Competition Authority Fines SFR EUR40 million for Broken Merger Commitments

In a decision dated 8 March 2017, the French Competition Authority (the “FCA”) fined jointly Altice Luxembourg and SFR Group EUR 40 million on the basis that SFR Group failed to meet its commitments with regard to the deployment of optical fiber.

When SFR was taken over by Numericable in 2014, the FCA authorized the merger subject to the following conditions (i) SFR had to continue building out the infrastructure to connect buildings to the optical networks and (ii) SFR had to honor its maintenance obligations. These commitments aimed at preventing SFR Group from impeding the deployment of the optical fiber in high density areas.

According to the FCA, two years after completion of the merger, the pace of the connection had slowed down noticeably and the deterioration in the network maintenance conditions was obvious, to the detriment of the other operators.

In addition to the fine, the FCA took new orders to force SFR to meets its commitments. SFR also faces periodic penalty payments if it does not meet the new timetable for the buildout. SFR announced that it would appeal the decision.

How does the GDPR apply to Big Data?

In March 2017, the ICO issued an update to its 2014 Report on Big Data in light of the imminent implementation of the GDPR. The updated ICO report has added a focus on artificial intelligence and machine learning to its discussion of big data. The ICO argues it is the combination of the three that makes up ‘big data analytics’.  The ICO looks at big data analytics from the GDPR perspective and provides practical guidance for compliance in its new report.

Continue Reading

U.S. International Trade Commission Postpones Oral Argument In Carbon And Alloy Steel Products

The USITC’s investigation in Certain Carbon and Alloy Steel Products, Inv. No. 337-TA-1002 was instituted to investigate alleged violations of Section 337 by the Chinese steel industry based on claims of trade secret misappropriation, false designation of origin, and (atypically for a 337 proceeding) antitrust violations.  While the trade secret misappropriation claims were withdrawn, the presiding administrative law judge granted respondents’ motion to dismiss the antitrust claims for failing to establish antitrust standing (i.e., plead a cognizable antitrust injury).  Although the Commission only recently announced that it would hold an oral argument concerning the ALJ’s dismissal of the antitrust claims on March 14, 2017, the Commission has issued a notice postponing the argument until April 20 in order to allow more time for public comment.

For more information about the antitrust aspects of this case, please see our previous blog posts, available here: March 1; December 20; November 21.

House Committee Passes H.R. 1313 Allowing Employers to Collect Genetic Information under Workplace Wellness Programs

iStock_000016692030_LargeOn March 8, 2017, the House Committee on Education and the Workforce approved a bill, H.R. 1313 – Preserving Employee Wellness Programs Act, which would allow employers to require employees to undergo genetic testing and share such information under a workplace wellness program. The Committee favored the bill claiming it would allow employers to offer employee wellness plans, help them promote a healthy workforce and would lower health care costs.  However, employees who refuse to test could be subject to higher insurance premiums.  The committees on Energy and Commerce, and Ways and Means are considering the bill, and it is expected to be included in the larger healthcare replacement of the Affordable Care Act (“ACA”).

If H.R. 1313 passes into law, employers will still need to meet the requirements of workplace wellness programs and state laws regarding storage of sensitive personal information. When collecting genetic information employers should also consider their legal obligations to safeguard such data and, in the event of a breach, provide breach notifications to the affected individuals.

Currently, employers are prohibited and restricted from asking to collect genetic information from employees under the Genetic Information Nondiscrimination Act (“GINA”), the Americans with Disabilities Act (“ADA”) and other state laws. The bill specifically states that GINA and other protections will not apply to genetic testing conducted under a workplace wellness program or a program relating to health promotion or disease prevention.

Under GINA, group health plans (such as employer health plans) are not allowed to request or require genetic testing. Wellness plans are only allowed to disclose employee genetic information to employers in aggregate form so that an individual’s identity remains anonymous. However, employers are allowed to offer genetic testing to employees and receive the test results from employees on a voluntary basis.

Patent Trial and Appeal Board Reverses Subject Matter Eligibility Rejections Based on Incomplete Analysis

Last week, the Patent Trial and Appeal Board (“Board”) issued two decisions reversing final rejections under 35 U.S.C. § 101. Rather than performing an in-depth analysis of the claimed subject matter, the Board based these reversals on an incomplete subject matter eligibility analysis by the examiner. These appeals originated from Art Unit 3690, which focuses on finance business methods. In December 2016, the USPTO released three fact patterns to demonstrate complete analyses of eligible and ineligible subject matter specifically for business methods. Without identifying the judicial exception based on what the claims recite, or explaining the reasons that the additional elements do not result in the claim amounting to significantly more than the judicial exception, a § 101 rejection may be reversed, as demonstrated below.

Appeal of Application 10/184,012

In the first appeal, the Examiner characterized the claims as being “directed to the abstract idea of validating that a person is the true owner of a funding account (e.g. a checking account) in order to enable the person to authorize future payments from the account.” The Examiner noted that this description fell into two of the USPTO’s categories of abstract ideas: “fundamental economic practice” and “method of organizing human activities.” The Examiner then alleged that the additional elements in the claims failed to amount to significantly more than the abstract idea, without identifying any additional elements considered or reasoning on why they failed to be significantly more than the abstract idea. Western Union responded by arguing that the Examiner failed to establish a prima facie case of ineligible subject matter by merely providing a single conclusory sentence addressing the additional elements.

Assuming that the claims were directed to an abstract idea, the Board nonetheless found that the Examiner’s rejection had not “adequately explained why the claims fail to recite limitations that are ‘significantly more’ than the abstract idea itself.” In particular, the Board noted that the final rejection lacked any explanation on why the claims would not provide an improvement to the technical field of electronic check processing. Without this rationale in the rejection, the Board found that a prima facie case of ineligible subject matter was not established, and reversed the Examiner’s rejection.

Appeal of Application 13/571,926

The Board’s second decision reviewed whether MasterCard had received a similarly deficient rejection in application 13/571,926. Claim 1 recites:

1. A method of processing a reservation, comprising:

receiving, by a receiving device, reservation information for a reservation, wherein the reservation information includes at least a preauthorization amount, payment information, a merchant identifier, and a predetermined period of time;

storing, in a database device, the received reservation information;

identifying, by a processing device, a unique identifier associated with the stored reservation information;

transmitting, by a transmitting device, at least the unique identifier associated with the stored reservation information and predetermined period of time to a merchant associated with the merchant identifier for a future financial transaction pertaining to the reservation information;

receiving, by the receiving device, data identifying, within the predetermined period of time, fulfillment of the reservation; and

transmitting, by the transmitting device, the stored payment information for payment of the financial transaction based on the preauthorization amount.

In the final rejection, the Examiner noted that the claims recited a fundamental economic practice by using the claim’s preamble of “processing a reservation” as the abstract idea, and then found that this fundamental economic practice was merely implemented on a generic computer system. In response, MasterCard argued that the claim’s preamble yielded an “overly broad” characterization of the claims, and only described the overall objective of the claims.

Looking at the specification, the Board found that the transmitting step of claim 1 took the claims beyond the abstract idea of “processing a reservation” by disclosing “the reservation of a future financial transaction including providing payment information by a party for the benefit of a third party.” In failing to consider the transmitting step, the Board agreed that “processing a reservation” was an overly broad characterization of the claims. Even when considering the transmitting step, the Board found an insufficient basis in the record to determine whether the claims would still recite a fundamental economic practice.

Both of these reversals serve as excellent examples of how an incomplete subject matter eligibility rejection may be treated by the Board. Applicants must receive adequate reasoning for a § 101 rejection that permits the applicant to understand and respond to the rejection; otherwise, an applicant may be able to overcome the rejection by arguing that the reasoning provided by the examiner is inadequate to support the rejection.


Apple’s attempts to trademark its iWatch are rejected – what are the wider implications?

An interesting judgment recently emerged from the Beijing IP court. The court rejected Apple’s attempts to trademark the standby screen on its iWatch, finding that the overall design lacked distinctiveness because it was too complex for consumers to recognise it as a trademark. In this article, first published in Intellectual Property Magazine (and reproduced with kind permission), Paolo Beconcini and Lin Jolin analyse the court’s decision and highlight the practical implications for anyone seeking IP protection in China.