By Christopher P. Singer --
In a Notice published in the December 17, 2009
Federal Register (74 Fed. Reg. 66955),
the U.S. Patent and Trademark Office announced changes to its previously published
procedures (October 27, 2009 Federal Register Notice, 74 Fed. Reg. 55200) relating to usage of public key infrastructure (PKI) certificates. According to the Notice, the revised
procedures are effective as of December 17, 2009.
As background, the PKI certificate is the unique electronic
code that is provided by the PTO's Electronic Business Center to registered
practitioners and allows for access to Private PAIR and the filing of applications
and follow-on documents through the EFS-Web. The prior PKI subscriber agreement allowed certificate holders to
designate only a single employee or contractor to use the certificate "under
the direction and control" of the holder. By the letter of this rule, it seemed that if more than one
person other than the certificate owner and the single designee were using the
certificate, such usage would be in violation of the user agreement. For practitioners employed by
organizations of any size, or having a limited number of registered
agents/attorneys, this could potentially present a significant bottleneck in
EFS-Web and/or Private PAIR usage, or create an inadvertent violation of terms
of the agreement. In response to the October publication, the Office received a
number of responses, inquiries, and comments from current users of EFS-Web and Private
PAIR. The Office, in response to
the outcry, has decided to expand the PKI usage procedures to allow for the
designation of more than one user other than the certificate holder.
In particular, the newly published procedures allow
for a "reasonable number" of authorized users to have access to and
use a single PKI certificate as long as the usage is under the direction and
control of the PKI certificate holder. The Notice notes that designated users "should be paralegals or
support staff of the certificate holder" specifying that the designee "must
be either an employee of the holder's organization or an employee of a
contractor." The overall
motivation for the change in procedures arises from the desire to "provide
users more flexibility and meet users' needs for multiple concurrent usage of
the USPTO electronic systems." Nevertheless, it is important that each PKI certificate holder directs
the usage of his or her individual certificate, as any submission associated
with a PKI certificate is treated as though it was made by the holder.
One important consideration to keep in mind relates
to restriction on technology export. Particularly technology and software in unpublished patent applications
may be subject to export controls outlined in the Export Administration
Regulations (15 C.F.R. §§ 730-774). The agreement explicitly states, "[i]f a designated employee is not
a U.S. citizen, I understand that the designated employees' access to the
technology and software constitutes an export" and that "[a]ccess to
such technology and software by any person located outside the United States or
by a foreign national inside the United States constitutes an export that may
require a license from the U.S. Commerce Department's Bureau of Industry and
Security ("BIS"). I
agree not to use (and to make sure that each designated employee will not use)
or permit the use of the USPTO certificate in a manner that would violate or
circumvent the Export Administration Regulations."
The Federal Register Notice includes thirteen FAQs
that describe certain hypothetical user arrangements and whether those
arrangements are appropriate under this usage agreement. The Notice concludes by presenting the
actual revised PKI subscriber agreement in full (about one and a half pages).
Comments