Tuesday, November 29, 2022
HomeUncategorizedPatents and personal data: biometrics innovation and its intersection with Australian privacy...

Patents and personal data: biometrics innovation and its intersection with Australian privacy laws – Lexology

Review your content’s performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
add to folder:
Questions? Please contact [email protected]
The growing demand for highly effective security systems is seeing the rapid uptake of biometric technologies in all industries. This is accelerating the growth of the biometrics industry with an increased focus on investment and innovation. At least one estimate expects the industry to grow from $32.48 billion in 2022 to $59.32 billion by 2026, with Asia Pacific expected be the fastest-growing region over this period.[1]
As biometric technology is dependent on use of biometric information comprising an individual’s physical and/or behaviour attributes, and which is sensitive personal information, the industry is under intense scrutiny to ensure that use of such technologies is compliant with data protection and privacy laws, and more generally, consistent with stakeholder expectations regarding handling of personal information.
Inventors in the biometrics space often query how data protection and privacy laws intersect with their rights to register patents for new biometric technologies. A key concern is whether compliance with local data protection and privacy laws is a necessary precursor to secure registration of patents.
Considering Australian patent law, it is clear that inventors should be aware that patent applications can be refused in Australia if use of the invention is contrary to Australian data protection and privacy laws.
We consider the relevant legislative requirements, its application to biometric technologies and proposed approach to address potential risk of objections during patent examination on this basis, in further detail below.
Objections for being contrary to Australian data protection and laws
Section 50(1)(a) of the Patents Act 1990 (Cth) (Patents Act) provides that an application and specification may not be accepted, and a grant of a patent may be refused, for an invention the use of which would be contrary to law.
The Australian Patent Office’s Examination Manual (Manual) states that refusal to accept patents that are “contrary to law” encompasses anything that would be unlawful under applicable statutes, regulations, ordinances or established case law. This would extend to Australian data privacy and protection laws.
Refusal under section 50(1)(a) of the Patents Act is a discretionary power and the Manual makes it clear that it should only be applied in the clearest of circumstances.
An objection to the grant of a patent can be raised on the ground that a claimed invention is illegal where the patent specification discloses the primary use for the invention as one which is unlawful. In practice objections are usually only taken where an unlawful use, but no lawful use, of an invention has been disclosed. Some examples where this has been applied in the past include:
In both cases, the patent specifications under consideration did not reveal a lawful use of the claimed invention.
In light of the above, it follows that there may be a ground for objection to the grant of a patent for biometric technology where the claimed invention describes a primary use of the invention which is unlawful or contrary to Australian data and privacy laws (and any other local law relevant to the use of the technology).
Approach to reduce risk of objections
To address the risk of section 50(1)(a) of the Patents Act being relied upon as a ground for objection to a patent for biometric technology it would be important to be able to demonstrate a use of the invention that is compatible with law, notwithstanding that there may be ways in which the invention could separately be used unlawfully.
In the context of Australian data protection and privacy laws this would be by ensuring that the invention is described in the patent specification in a manner that could potentially have lawful applications under the applicable laws. Careful drafting has a role to play.
Below sections of this article summarise some of the data protection and privacy laws in Australia which could be relevant to the application of biometric technology. Based on these laws, some general observations can be made.
The primary drafting concern for patents where biometric data is involved in the context of data protection and privacy laws, is ensuring the specification does not describe an invention in a way that precludes compliance with law. Use of biometric information is not inherently incompatible with privacy provided the relevant data protection and privacy laws are able to be complied with in use of the invention.
The key privacy requirements that ought to be in the focus of the patent drafter so as to ensure they are consistent with the working of the invention include:
It is important that the patent specification does not describe a working of the invention that would not allow compliance with the obligations described above.
For example, collection and use of biometric data could be in breach of Australia privacy laws if the invention or the disclosure in the patent specification contemplates the following action being taken:
Australian data protection and privacy laws relevant to biometric technology
Federal Privacy Act
Most of the focus in Australia on the regulation of privacy and data protection is on the Privacy Act 1988 (Cth) (Privacy Act). There are special classes of data like health information, telecommunications activity, workplace and other surveillance, spent criminal convictions and the like which are separately regulated. For completeness we list additional relevant legislation below to give an indication of the broad class of legislation that relates to collection and use of data in Australia.
The Australian Privacy Principles (APPs), established under the Privacy Act provide guidance as to how entities handle, use and manage personal information. The APPs cover:
Under the Privacy Act, biometric information (including biometric templates) will usually be considered to be sensitive information, for example where facial biometrics reveal information about a person’s racial or ethnic origin, or biometric templates which are deemed to be “sensitive information” (See s 6(1) Privacy Act) for which higher protections relating to collection and use apply in comparison to other personal information for example, see APPs 3, 6 and 7 with several examples below:
NSW example
In addition to the Privacy Act there is also state based legislation which may be relevant to biometric information.
By way of example, in New South Wales there are additional state-based laws relating to covert collection of information which may apply to a proposed use of biometric technology:
Surveillance Devices Act 2007
7 Prohibition on installation, use and maintenance of listening devices
(1) A person must not knowingly install, use or cause to be used or maintain a listening device—
(a) to overhear, record, monitor or listen to a private conversation to which the person is not a party, or
(b) to record a private conversation to which the person is a party.
Workplace Surveillance Act 2005
10 Notice of surveillance required
(1) Surveillance of an employee must not commence without prior notice in writing to the employee.
Some other Australian laws that could impact on biometric technology are listed at the end of this article.
Inventors of biometric technology should be aware that under Australian patent law there is a basis upon which a patent application can be refused in Australia if use of the claimed invention is contrary to laws, including Australian data protection and privacy laws.
To reduce the risk of objection to the grant of a patent it would be prudent to draft the patent specification in manner that does not describe the use of the invention in a way that would preclude compliance with the relevant laws.
To be able to undertake this exercise, in the context of data protection and privacy laws, it is important to first determine which data protection and privacy laws are likely to be relevant to the application of the invention claimed. In the case of biometric information this will at the very least, include the Privacy Act.
Following confirmation of the applicable data protection and privacy laws, the drafter of the patent specification will need to ensure that the invention described in the claims can be used in a manner which enables the applicable Australian data protection and privacy laws to be complied with. This will, in itself, require an understanding of the relevant obligations contained in the applicable laws.
Australian laws relevant to biometric technology:
New South Wales
South Australia
Western Australia
Northern Territory
Australian Capital Territory
add to folder:
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].
Patents Act 1990 (Australia)
Privacy and Personal Information Protection Act (No. 133) 1998 (New South Wales)
© Copyright 2006 – 2022 Law Business Research




Please enter your comment!
Please enter your name here

Most Popular

Recent Comments