Legal Issues

Proprietary Data Rights

Software Rights/Licensing

Warranties and Liabilities

International Data Exchange

When CITIS is being considered and/or developed, the program manager must be aware of some of the legal issues accompanying the use of a CITIS.

Legal Issues

Because CITIS can involve extensive sharing of data between contractors, subcontractors, and NATO/NATO nations activities, a significant number of legal issues have been raised and are still being debated. Some of the most prevalent issues include the questions of proprietary data rights (who owns the data when), software licensing, warranties and liabilities, and international data exchange.

Proprietary Data Rights

NATO/NATO nations should not, in consequence of the delivery of a data item, acquire ownership of the data item or any rights or license to use, copy, or disclose such data item. The extent and nature of rights which the NATO/NATO nations may acquire to use, copy, or disclose data items shall be as expressly stated in the contract. When dealing with intellectual property, there is an increased risk of misuse of proprietary and business sensitive data in digital form. No NATO regulation currently exists to assess liability on third parties for copyright or patent infringement. Even with access limitations, proprietary markings, such as proprietary legends and restrictive distribution statements, may be inadvertently deleted. The problem could be compounded if the CITIS network includes access by other contractors and subcontractors in addition to the prime contractor, because the release of proprietary data to widely accessed databases could amount to abandonment of secrecy with a resultant loss of rights. Finally, there is the potential problem where Contractor A doesn't want Contractor B to have access to its data, but it can be difficult to prevent that access on a robust CITIS network. All of these issues should be considered and discussed by the NATO/NATO nations and the prime contractor in the early stages of CITIS planning.

Software Rights/Licensing

Potential third party licensing problems can arise whenever CITIS is used to launch/access other applications. If the applications being accessed are commercial software packages, the contractor will need to investigate the licensing policies of the software development company. In some cases, they may need to either purchase individual licenses for the maximum number of concurrent CITIS users or purchase a network or site license that allows specified or unlimited usage of the software. If the applications being accessed were developed by either the prime or other contractor, the CITIS developers will need to verify that the application has been released for general use. If access is restricted, those restrictions must be incorporated into the CITIS access rule set that will deny access to anyone without the proper authorization. Care should be taken to identify and grant access to both commercial and contractor-developed applications only to people who actually require that access in order to avoid excessive license purchases and proprietary data conflicts (i.e., don't just automatically grant all CITIS users access to all applications).

Warranties and Liabilities

The contractor warrants that the data provided by them via the CITIS is accurate and complete, but the question of who is responsible for warranting data products created by CITIS users with ad-hoc queries has not yet been answered. The contractor can (and should) be held liable for providing defective data to the NATO/NATO nations, but unfortunately, lack of statutory laws results in the contractor also being held liable for misuse of any data they provide. Until existing laws are changed, the contractor is liable for damages when data provided through CITIS is used incorrectly.

International Data Exchange

International data exchange is complicated by differences in treatment of intellectual data from nation to nation. Some nations do not recognize or protect intellectual property. Export licensing of technical data also creates a barrier to international CITIS implementation. Any data to be released internationally needs prior NATO/NATO nations approval.