It was recently pointed out that issues concerning confidentiality of information may not have been adequately addressed; patent submissions may also place additional constraints and restrictions on what individuals or organizations may do with certain information or material for IETF purposes. Indeed, this is but one aspect of a much larger topic that has not been discussed in any real depth. There are other important issues that merit attention in this context, insurance, clear indication of who has signature authority and for what actions, ownership of copyright claims in IETF documentation -- to name a few.
Although CNRI has been responsible for all aspects of the IETF Secretariat for over sixteen years, and, prior to 1998, provided technical leadership to the IETF as well, since then the provision of IETF Secretariat services has been carried out by Foretec Seminars, Inc. under contract to CNRI. CNRI continues to provide the IETF Secretariat function, and maintains the oversight of the IETF Secretariat services provided by Foretec. These CNRI activities are the province of many of the topics discussed in connection with the IASA activity and the IAOC in particular. One of the aspects of this oversight activity is quality control of not only the services provided in support of the IETF, but policies and procedures to govern the contribution and use of information or material that may be subject to patents, copyright or other rights or interests (?intellectual property?).
In my view, the process undertaken on the public list has been very useful in describing what the IETF would like to see happen in the future. Although CNRI has not participated actively in the recent public discussions, CNRI has committed publicly to working with the IETF in its restructuring efforts going forward. If, in due course, CNRI were to come to an accommodation with the IETF leadership as to how best to transition the current situation to a structure more along the lines indicated in the discussions to date, there are still many important issues that would have to be resolved. The issue of managing intellectual property is high up on that list. Whether or not the provision of services is furnished under contract to CNRI or not in the future, to a large extent the matter of managing intellectual property may be separated from the equation.
Among the issues to consider is (if CNRI does not provide the IETF Secretariat function) who will be responsible for administration and quality control over the use of trademarks, and how will that responsibility be carried out; who will be responsible for managing confidential and/or proprietary information or materials developed for or contributed to the IETF and its other constituent bodies such as the IETF Secretariat; and how can intellectual property rights or interests in such information or material best be transferred to other parties in the event a transition is required.
It would be desirable to start a discussion on these topics prior to concluding on the BCP, recognizing that all the long-term issues will undoubtedly not be resolved up front.
CNRI has made the IETF leadership aware of the fact that CNRI may have substantial objections to certain of the proposed roles for ISOC going forward. While none of the issues raised to date appear to be such that they cannot be resolved by the parties, subject to the adoption of appropriate resolutions by both the CNRI Board of Directors and the ISOC Board of Directors, to date, the discussions leading to any resolution of this matter have not taken place. The time is ripe to deal with these issues and not to put this discussion off to some future time.
Absent any other arrangement, CNRI intends to continue to hold the IETF-related assets, including intellectual property rights or interests therein, that have been developed over many years; however, we are willing to consider transferring these assets in a trust arrangement for use by the IETF in the future, subject to oversight by IAOC acting as trustees for the IETF in the public interest. Specifically, in order to enable the IAOC to assume such trust responsibility, it is important to add this task to the list of IAOC responsibilities in the draft IASA (proposed BCP 04), section 3.2 as follows:
Proposed Additional IAOC Responsibilities:
- Serve as Trustees for IETF-related patent, copyright, trademark and other rights or interests in IETF assets, as appropriate, where such assets are placed in trust for the IETF, and coordinate with the IESG and IAB, as appropriate, on such management arrangements. Where appropriate, take appropriate steps to prosecute and maintain rights in any such assets.
- Enter into agreements with ISOC and others for the transfer of any right, title or interest ISOC and others may claim in existing IETF assets to a newly formed trust arrangement set up to hold any copyrights, patents, trademark or other rights or interests owned or claimed by the IETF, such agreements to provide, in particular, that all future copyright claims related to Internet Drafts, Requests for Comment or other documents or other works created for the IETF, whether by the IAD or other persons or organizations providing support services for the IETF, include a copyright notice in the name of the IETF. Where appropriate, contracts with support providers should provide that any work performed for the IETF is work for hire, or, to the extent it may not be deemed work for hire, require that any such provider grant and assign, and agree to grant and assign all right, title and interest in any copyright, patent, trademark or other rights or interests arising in the performance of work for the IETF back to the IETF trust entity established to hold IETF assets in the public interest.
- To maintain protection for IETF-related trademarks, develop quality of service standards for the use of such trademarks, and establish procedures for the licensing of such trademarks by IAOC to all providers of IETF support services, including in particular ISOC, as employer of the IAD, and any successor entity selected to manage any aspect of the IAD?s activities. The IAOC should also determine under what circumstances ISOC, the IAD or any other party is authorized to sublicense the use of any IETF-related trademarks. If the IAOC determines that a service provider fails to meet such standards, the IAOC should make a recommendation to the IETF leadership on how best to proceed.
- Provide guidance to the IAD and other parties, as appropriate, with respect to the administration of the IETF policies and procedures established for the contribution, collection, retention and use of information or material for IETF purposes that may be subject to copyright, patent or other rights or interests. Work with the IESG and IAB to establish guidelines to be followed by the IAD and IETF leadership, as well as any IETF support providers, covering the collection and retention of personally identifiable information and other data that may be subject to confidentiality obligations or data protection laws and regulations in order to ensure compliance by the IETF with any such obligations or restrictions.
- Meet with the IETF leadership at regular intervals to review the existing IETF policies and procedures governing confidential and/or proprietary information or material to determine whether the existing policies and procedures meet the needs of the IETF community.
- Provide guidance to the IAD in entering into appropriate insurance agreements on behalf of the IETF, including coverage for the IAD, IAOC, IESG, IAB, IETF Area Directors and other persons who play leadership roles in the IETF, and, to the extent required, review the costs of relevant premiums. In addition, as part of any arrangement with ISOC, require ISOC to provide appropriate employment and workplace-related insurance for the IAD; and provide oversight with respect to insurance-related requirements to be placed on IETF support providers by the IAD and others, such as insurance to cover injuries or loss suffered in connection with IETF meetings. Provide specific signature authority to the IAD to enable the IAD to enter into and maintain the necessary insurance policies on behalf of the IETF and the IETF leadership.
- In consultation with the IESG and IAB, retain independent legal counsel, where appropriate or required, to represent the rights and interests of the IAOC, IESG, IAB or IETF, and, to the extent that either ISOC or the IAD is not the party giving rise to the need for counsel, work with ISOC and/or IAD to determine how best to cover the costs of any such legal services.
_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf