On 9 May 98 at 9:29, Steve Schear wrote:
The issue of applicable patents opens up the topic of locations
where these patents are and are not enforceable. After discussions
with several well-known crypto developers, its my understanding that
a number of countries (e.g., Australia, New Zealand and South
Africa) do not recognize algorithmic patents. This would seem to
give a considerable advanage to companies from these locations
fielding OpenPGP products. This might apply whether or not their
customers were in countries which did recognize the patents, other
than major corporations which are nearly always 'good citizens',
since enforcement of patent infringement against end-users is
considered impractical.
You should not misunderstand that issue. If in a particular
jurisdiction *algortithms* cannot be subject-matter of a patent claim
this does not mean that you can't infringe a particular patent by
loading a piece of software into a computer.
For example, the European Patent Convention (EPC) as well as the
German Patent Act exclude "computer programs as such" from patent
protection. However, there is e.g. an EP 0 482 154 B1 claiming, inter
alia, a "device for the conversion of in each case a given first
binary digital block of a first length (N) into an associated
second binary digital block of equal length with the use of at least
one freely selectable binary control block, characterized [...]" .
If you load some IDEA code into your computer you effectively have a
device as described with claim 1.
A device can be patented if it is of a "technical" nature (and, of
course, it must be also novel and inventive). Ciphering apparatuses
have a dedicated section in the International Patent Classification,
giving a hint that in former times before the software age there were
indeed complex and clumsy electro-mechanical crypto "apparatuses"
which had been considered as being of "technical nature". Maybe that
the patent Examiner of the EPO had this in mind when granting a patent
for a "device" performing IDEA processing. Whatever the reasons for
granting this patent might be, the protection is in force and effective,
inter alia, in Germany. Despite the fact that both the German Patent
Act as well as EPC exclude "computer programs" from patent protection!
I did not investigate the legal situation in Australia or South
Africa but only wanted to give a hint that in some jurisdictions you
might run into trouble if you should ignore software-related patents
despite the fact that algorithms or "computer programs as such" are
excluded from patent protection.
In general a sound discussion of patent infringement issues must be
based in a jurisdiction-by-jurisdicion way on the particular claim
wordings granted by the competent authority for each jurisdiction.
With regard to OpenPGP this would mean that for every involved and
identified patent a patent family search would have to be made. Then,
each identified family member would have to be evaluated with regard
to the desired OpenPGP standard. A *very* big and expensive task! I
cannot imagine that such doing would be possible in the context of
the IETF due to lack of resources.
Axel H. Horns
Patentanwalt
--
Patentanwalt (German Patent Attorney) Dipl.-Phys. Axel H. Horns
D-80796 Munich horns(_at_)t-online(_dot_)de http://www.horns.netplace.de
Voice: ++49.89.30630112 * * * Fax: ++49.89.30630113
PGP fingerprint A4 5F 5F 39 B7 CC E0 32 5D B8 15 55 F3 19 78 C5