USPTO Address Leakage: Tech Issues Continue
USPTO inadvertently leaked tens of thousand of trademark filer addresses
It is no mystery that USPTO continues to have technical issues. Just yesterday, we got breaking news of another problem.
We learned that USPTO suffered a major breach. Over 14,000 applicant addresses were exposed. This only affected trademark filers based on current knowledge. If your client was affected, USPTO will have reached out to your client already. If you filed for your client, you will likely also be notified. Please check in with your clients to make sure that they are keeping their emails open to check for a potential email from USPTO.
We are going to cover what you need to know this week in Nonobvious.
What Happened, and USPTO’s Tech Issues
Trademark filers are required to provide their personal addresses when submitting an application, though this is never published. USPTO makes certain bulk data available for research purposes. For example, there is a database on trademark assignments; there is another on case file data. Sometimes, USPTO makes data available to select researchers for specific papers—for example, this cool paper from UCSD on patent litigation relied on district court data provided by USPTO. Mass data like this, however, is not supposed to expose the private information of individuals. Yet, 14,000 personal addresses were leaked.
It is difficult to quite make sense of USPTO’s explanations. Its statements and behavior seem contradictory.
On the one hand, it is no secret that USPTO has had teething problems as it undergoes a major IT overhaul. USPTO’s CIO said that its digital transformation required a culture shift—back in 2020, when this all started. Since then, USPTO has undergone technical changes that are, well, underwhelming. It replaced PAIR with the Patent Center, which some attorneys love but others dislike. And the DOCX transition has been quite buggy, with not one but four types of common errors. It has gotten to the point where attorneys are saying that a “safety net” is needed. And indeed, USPTO is blaming an issue from an IT migration for exposing this data.
On the other hand, the dataset is discretionary. USPTO’s bulk datasets are typically mass publication data, but USPTO’s research datasets are fixed other than when they are updated with new data. The private data is not supposed to be there in the first place, so it is unlikely that it would be added later. It is unclear how an IT transition would add addresses to a dataset that was already published; that would require modifying the dataset. Perhaps it is more likely that the addresses were added from the start due to a fat finger or due to some type of human error during the update process. An IT issue could have caused this, but the nature of the dataset makes it seem fishy.
At the very least, the IP community is owed a root cause analysis and a full disclosure of how this occurred once the analysis is complete. Last year, USPTO discovered that one of its developer tools for checking on the status of an application was not secure, resulting in the publication of 61,000 trademark filer addressed. However, it did provide some more color on the subject.
On a deeper level, something is going wrong with the digital transformation given the significant number of problems. That doesn’t mean that it should stop or even slow down; however, it does require a level-set.
Meet the Author!
Are you going to the AIPLA Spring Meeting in Austin or INTA in Atlanta?
Well, so is Evan, the author of Nonobvious!
Come say high. Just reach out on LinkedIn to schedule a meeting at either conference. Looking forward to seeing you there.
Weekly Novelties
Two large Chinese companies have abandoned 75 applications for patents in quantum computing and shut down some quantum computing programs (IEEE)
At the same time, quantum computing is making up an increasingly large part of IBM’s new patent portfolio (Quantum Insider)
The newest front in drug price lawfare has a new, creative entrant: a filing for cert against Valeant utilizing the False Claims Act (PatentlyO)
Carmichael IP’s Stephen McBride argues for a change to the way obviousness-type double patenting works (IP Watchdog)
Activision-Blizzard lost a $23 million jury trial over accusations that it infringed on a multiplayer streaming patent for games (Ars Technica)
The EU’s first UPC ruling has come down on a SEP and it aligns closely with German precedent; many were wondering if the UPC would blaze its own trail, but so far, not so (National Law Review)
If noncompetes become illegal, expect a surge in trade secret litigation and patent filings, argues one lawyer (Bloomberg Law)