Legal Advice & Tips for Defence Tech Startups in India
India, with the second largest armed forces in the world and the well-grounded “Make In India” initiative for production of defence technology, the country is set to toughen up private sectors in manufacturing high-tech defence weaponry. India comes third in the list in terms of military expenditure after US and China with a gigantic $71.1 billion dollars in number. Under the government’s wings, 194 defence tech start-ups are working and innovating arms, weapons and all kinds of “fit for military use” products through the “startup India” mission. It is therefore essential to know the legal compliances in the realm of defence, technology and national security.
Legal Challenges faced by Defence Tech Start-ups in India
There exists a well-defined legal process for the start-ups that can get their products procured by the Government. While the Government uplifts the private sectors undertaking production and invention of military intelligence and equipment, there are several obstacles and hurdles that must necessarily be avoided.
- Protection of critical data, Research & Development and Intellectual Property Rights
- Issues related to licensing and permits
- Effective contract management
- Artificial intelligence ethics and compliance
Compliances related to Data protection, Cyber Security and Intellectual Property
Patent, Design & Software Coding Copyright: The value of arms/weaponry or any defence technology as well as crucial investment decisions for Research & Development depend largely upon well protected intellectual property rights. Considering the possibility of theft of such designs, the science and technology behind production of military products should be protected by filing patent applications in accordance with The Patents Act, 1970. Now, it is essential to keep in mind that Chapter 17 of the Act provides exclusively for the protection of inventions for the purposes of the Government. One of the relevant provisions to keep in mind is Section 4 of the Indian Patent Act which specifies that no invention relating to atomic energy falling within sub-section (1) of Section 20 of the Atomic Energy Act, 1962 shall be granted. Another essential aspect that crops up is the disclosure of such sensitive information as a specification under Section 9 when filing for patent applications and failure of which may lead to the patent not being granted. The national patent office has a right to keep such applications a secret and not publish the same in the official gazettes if the purposes of the patent is for defence and national security. A very crucial point while understanding the gravity of an unprotected patent is that mere registration of a patent does not lead to an assumption that the patent is valid. Heavy burden of proof lies on the plaintiff to prove that the patent was infringed upon by any third party, if infringement takes place. In the event of inability to satisfy the court with reasonableness that a prima facie case of infringement exists, the case will be lost, this was held in a famous case of Vringo Infrastructure Inc. & Anr. v. Indiamart Indermesh Ltd. & Ors DLHC C.S. (OS) No.314 of 2014. Thus, patent rights play a key role in the case of any kind of invention. It is equally important to be aware of the established points by courts in case of infringements.
Besides patents, designs ought to be protected as well when it comes to defence technology. The design must fall within the definition clause of the Designs Act, 2000 in order to be protected. Section 2(d) defines the term design as any “shape, configuration, pattern, ornament or composition of lines or colours applied to any article whether in two dimensional or three dimensional or in both forms, by any industrial process or means, whether manual, mechanical or chemical, separate or combined, which in the finished article appeal to and are judged solely by the eye; but does not include any mode or principle of construction or anything which is in substance a mere mechanical device and does not include trademarks or property marks.” The Controller General of Patent, Design & Trademark has the same power to ensure non-disclosure of information that may be in the interest of national security and may also cancel registrations in the interest of national security.
Developing high tech software for military use inevitably involves protection of coding used to build the software. The author (who is the owner of the code applied in the software) should obtain copyright to avoid infringement dilemmas. Coding copyrights can be licensed to third parties under written documents through the Indian Copyright Act (which is deemed to be for 5 years in the absence of duration specification under Section 19(5) of the Indian Copyright Act. In a judgement between Pine Labs Private Limited v. Gemalto Terminals India Private Limited 2010 (42) PTC 229 DEL the Delhi High Court has laid down that if the copyright belongs to the author and if the period of assignment is not specified in the document of assignment, the copyright in the software reverts to the author after the lapse of 5 years. Therefore, while drafting an agreement for licensing copyrights it be kept in mind to include the duration in order to avoid conflicts that may emerge subsequently.
Cyber Security: Military intelligence can be detrimental if not well secured through well maintained security check systems and quick response to unauthorised access. Ensuring awareness of complex viruses or malware and maintaining a weekly scan of cyber-attacks is pivotal when it comes to inventing and R&D for defence related matters. It is therefore advisable to ensure protection of such data and bolstering security systems. Cyber-attacks can often trigger weapons and set it off causing havoc and serious repercussions, companies should therefore include a lot of investment in the assurance of cyber security. Despite taking enough precaution and care, it is rarely any defence when the substance involved is dangerous in nature. The Security manual issued by the Government of India includes rule 7.9 & 7.5 for category B & C products, with the stipulation that for companies specifically dealing with products or data that are highly classified, confidential or secret, it is more advantageous to use paper manual for transactions or drawing templates on paper in order to avoid cyber security threats. The manual provides for the appointment of a Cyber information Security Officer (CISO) who shall be responsible for implementing a suitable cyber security policy for the company as mentioned under Rule 2.1.1.
Moreover, The Information Technology Act, 2000 has defined the term “cyber security” under Section 2(nb) as protection of information, equipment, devices, computer, computer resource, communication device and information stored therein from any possible kind of unauthorised access, use, disclosure, disruption, modification or destruction. A key feature of the Information Technology Act is that it applies to anyone who may be outside India, harming or attacking a computer system in India. Considering Defence technology as a geo-political concern, attackers from anywhere in the world fall within the ambit of Indian penal provisions and is therefore, borderless, geography-agnostic and territory free. In the case of Poona Auto Anillaries Pvt Ltd v. Punjab National Bank 2019 SCC Online TDSAT 2425, one of the largest compensations were awarded in the adjudication of cyber-crime where the bank was held liable for negligence in non-maintenance of effective cyber security measures and checks. The reason behind such a judgement implies that if any individual/company/organisation leaves any scope for the possibility of cyber attacks or breach of data, the liability necessarily falls on such individual/company/organisation despite proving that no bad faith existed.
Artificial Intelligence – Ethical Issues & Compliance: Considering the fact that technology is advancing, artificial intelligence will also be used for the development of military equipment by companies that are technologically advanced. Artificial intelligence in defence may be used for training (AR and simulations etc), surveillance, arms and ammunitions, cyber security and for many other purposes. Using artificial intelligence in defence can cause ethical dilemmas and may lead to escalation of tension between countries if the implementation does not go as planned. Since artificial intelligence has not been regulated effectively in India, with the absence of any legislative guidance, understanding the governance of artificial intelligence becomes extremely difficult. Moreover, ethics in artificial intelligence is the number one concern. Ethical issues such as privacy and transparency, threat to human dignity, ownership of data, amongst others. Akin to human rights, ethics in artificial intelligence is a concept that individuals should have a moral obligation towards their machines, analogous to human rights with human duties before the society.
The Indian government has introduced the High-Level Defence AI Council (DAIC) in the year 2019, to provide for a strategic direction towards artificial intelligence driven transformation in defence, provide guidance in addressing issues related to data sharing, enable strategic partnership with industries, decide acquisitions of technology, review ethical, safe and privacy assured usage of artificial intelligence in defence as well as set policies in partnership with government institutions and industries. The ministry is said to be laying down rules and regulations which will govern the use of artificial intelligence in defence. While proper guidelines are awaited, it is detrimental in the interest of national security to ensure that artificial intelligence being innovated are not repugnant with moral, ethics and integrity which appear are patently visible.
Complying with the Security Manual for private companies issued by the Government of India: The manual is issued by the Department of Industrial Policy & Promotion and the Ministry of Commerce and Industry for licensed companies to follow minimum standard of safety and security in the interest of national safety as provided for in the manual. First, the company must obtain a license under Rule 15(2) of the Registration and Licensing of Industries Undertaking Rules framed under Industries (Development & Regulation) Act 1951. Defence products are categorised alphabetically with regard to their level of security. Therefore, there exists categories A, B and C. Category A includes products such as warships, aircrafts, propellants, explosive, weapons and radars. Category B include semi-finished products, sub-assemblies and finished product of lesser degree of security. Category C include very generic nature of product which may not be necessarily used for military purposes altogether. As per Rule 7, once licenses have been granted, security systems must strictly be installed as provided for in the manual within a year. The companies then fall under the title of Indian Licensed Defence Company (ILDC). The security measures that are required to be taken by such companies are compulsory responsibilities. These responsibilities stretch over various security safeguards. Summarising the measure that are to be taken include but are not limited to security measures for the organisation, personnel, documents, computer systems, premises, auditing and waste management amongst others. This manual applies to all Indian Companies involved in the production of defence and military products as mentioned under Rule 1.1.1 (scope). Depending upon the category of the product being manufactured, the manual separately provides for safety measures for each category. So who in the company is responsible for the implementation of these rules? The entire responsibility rests upon the Chief Executive Officer or the head of the company. This necessarily means that the CEO or the head will be held responsible for non-compliance or failure to implement the safeguard measures. There are auditing and inspection agencies who look over the access, grants and overall inspections of the Indian Licensed Defence Company.
Contractual Management or Sub-Contracting: When drafting and negotiating contracts for defence products between the contractor and any third party (including the government), it is essential to keep in mind key points such as the intellectual property rights, licensing agreements etc. The Indian contract Act, 1872 governs contract laws in the country. Under the Defence Procurement Procedure 2016, in most cases the contractor retains the intellectual property rights and the government is just a licensee. The motive behind including intellectual property right clauses in the contracts is to ensure that there are no infringement and liabilities arising out of third-party claims. Further, it is essential to remember that any information shared by the government as a part of the contract or any document or agreement comes under the purview of Official Secrets Act, 1923. Any offences by companies attract penal provisions. Non-disclosure agreements are the essence of such contracts. Whether information is being shared with the government or any individual, a well-prepared non-disclosure agreement is a must before any critical data or information is shared (Rule 8).
In the case of sub-contracting with a third party for the purpose of outsourcing or releasing any classified information to a sub-contractor, the security manual provides for some basic rules to include in the contract terms which are:
• A clause stating that the outsourcing partners personnel and facilities would also be covered under the Official Secrets Act, 1923, whenever the Indian Licensed Defence Company is handling classified material, document, information etc to such sub-contractors.
• Any persons working on projects shall be checked for character antecedents and police verification shall also be obtained before inducting any person on such assignments.
• All other relevant clauses of the Manual of Security shall also be made applicable for the sub-contractor depending on the type of agreement.
• Governance of the sub-contractor by the non-disclosure agreement.
• Terms and conditions relating to the retention, handling and destruction of classified information or material which may be received or generated under the subcontract shall be clearly indicated in the main contract between the subcontractor and the Indian Licensed Defence company.
• In the case of retention of the material or information an undertaking to the Indian Licensed Defence Company nominating a government agency and being guided by the security manual.
In addition to the above rules mentioned in the manuals, it is imperative to include well framed post contractual management clauses as well which must essentially include liquidated damages, contract amendment clauses, inspection, delivery schedule etc.Another equally important clause is the dispute resolution mechanism. The breach of defence procurement contracts are treated similar to breach of commercial contract clauses. The termination clauses and reasons should be stated and the procedure involved to resolve disputes must also necessarily be included. This clause must state the grounds for cancellation, termination, recovery of costs etc. Usually, the government drafted contracts involve the process of arbitration as a dispute resolution mechanism along with the appointment of the arbitrator. If agreeable, any disputes arising or that may arise are resorted to arbitration in accordance with the contract.
Under the new Defence Acquisition Act 2020, if the contract is between the government and the private entity, it has included key clauses in its standard contract documents which renders the contractual obligations between the parties less challenging. These clauses are
(a) Monitoring of projects based on contractual milestones
(b) Title and Risk of Loss
(c) Denial Clause
(d) Buyers Right to the Optimisation of Life Cycle Support and System Enhancements
In the case of Manoj H. Mishra v. Union of India & Ors (2013) 2 SCC (L&S) 507, the workman employed under a public sector atomic power project was held liable with drastic charges for disclosing without authorisation, an accident in the project causing spread of disinformation and disrepute to the project, raising doubts about safety and integrity of authorities. This led to the breach of oath of secrecy and confidential information.
Importance of PPP Model – Public Private Partnership Model & Strategic Partnership Model:At the outset, it is essential to understand the what the Department of Economic Affairs defines a Public Private Partnership model as. A Public Private Partnership essentially means an arrangement between the Government or statutory entity or a Government owned entity on one side and a private sector entity on the other, for the provision of public assets, any other related services for the benefit of the public, through investments and management being undertaken by the private company for a specific period of time, where there is a substantial risk sharing with the private company and the private company receives performance linked payments that conform to specified, pre- determined and measurable performance standards. A Public Private Partnership Model overcomes the challenges that involve fiscal constraints, manpower and product life cycle fund issues. It is a partnership entered into by the two entities on a well framed contract establishing long term relationships between the two. A public Private Partnership Model has a number of advantages such as enjoyment of flexibility, quick responsiveness, financial supports and good decision making.
Strategic Partnership Model: A good example of the model is the amalgamation of Hindustan Aircraft Limited with the Government of Mysore, now called the Hindustan Aeronautics Limited. The Defence Acquisition Procedure 2020 includes a Strategic Partnership Model in Chapter 7 of the Act which outlines the framework for selection of the private sector companies to work with and the requirement to form the partnership with the government (depending upon the capacity and capability of the private company). This partnership is between the Ministry of Defence and the Indian Private entity. In order to enter into the Strategic Partnership agreement a company must be Indian and controlled by a resident Indian or Indian company (Ownership means that 50% of the capital is owned by the resident Indian or Indian company directly or beneficially). After evaluation of the company and completion of the numerous processes involved in the selection criteria, a Request For Procurement (RFP) is sent to the private entity for the defence product. Based on all of the above and after successful completion of all the processes, the partnership is entered into by the two entities called a Strategic Partnership.
Compliance under the Official Secrets Act, 1923: All defence related installations automatically fall under categories of prohibited place which fall under the Official Secrets Act, 1923. A company undertaking any defence related manufacture or production for military purposes must comply with the provisions of the Official Secrets Act, 1923 especially if the government is involved and information is shared. Companies are liable for actions against them if any breach of security takes place which results in compromise of national security and national interest. The relevant provisions of the Official Secrets Act, 1923 then come into effect for attracting penal provisions. These have been mentioned under specific rules in the security manual for all licensed companies undertaking any activity related to defence production.
In the case of Safi Mohammed v. State of Rajasthan (2014) 1 SCC (Cri) 503, documents concerning national security and safety showing pinpoints of army targets were retrieved from employees working at railway quarters which could lead to air attacks from enemy nations. Unable to provide sufficient reason for possession of such documents led to officials being charged under the Official Secrets Act with rigorous imprisonment.
Legal Advice & Legal Tips for Defence Tech Start-ups in India
- Depending upon the category of defence product being manufactured, the level of safety and security is determined accordingly (i.e, Category A , B or C as discussed above). If any company is involved in the manufacturing of the defence products that may lie in more than one category, then either a clear segregation of the areas of manufacturing for different categories of products should be done and subsequently the related security instructions should be applied or, if the areas of manufacture cannot possibly be segregated, the security instructions applicable to the higher level of security should be applied i.e for Category A.
- Companies must ensure thorough background and security checks for all employees or personnel in all levels of management that are acquainted with the in and outs of the manufacturing business especially, if classified information may be shared with the personnel. A record of the individuals information, background, history and character should be maintained. It is also important that all such employees or personnels involved in the operations should be Indian nationals, specifically the Cyber Information Security Officer (CISO) as well as the Company Chief Security Officer (CCSO).
- While filing patent, design or copyright applications ensuring that secrecy discretion is being imposed and the specifications are not published.
- Any obvious or patently visible ethical dilemmas that may be repugnant to morality or integrity while developing artificial intelligence machines or softwares should be avoided. General Data Protection Rules (GDPR) should be complied with for safeguards against automated decision making.
- Essentially, while drafting and negotiating contracts or sub-contracts with any third party (including the government) the points as discussed above should be complied with, including non-disclosure agreements, repercussion in cases of breach, ownership in Intellectual Property, duration of copyright licenses, liquidated damages etc.
The reforms and efforts in the digitisation and technological advancement in the defence sector will lead to a boom of private companies. Indigenisation by the government provides more prospects for Indian companies to be certain of their market. However, since matters of defence are controversial and include national security and interest, treading carefully is of paramount importance. Legal provisions are many and complying with all are equally important since the subject matter involved is of great importance. Breach of any of the legal compliance/provisions can lead to severe repercussions that are are not taken lightly in the eyes of the law when concurrent matters of international relation and national security are concerned.
Authored By: Adv. Anant Sharma & Zeba Khan