Best Ways to Protect Intellectual Property in Academia

Intellectual property, as defined by the European Parliament Factsheet on Intellectual, industrial and commercial property, “encompasses […] inventions (patents), trademarks, industrial designs and models and designations of origin, and artistic and literary property”.

In other words, it refers to any data you originally produce. It is a remarkably precious resource, primarily for its value in predictions and making decisions. For example, data gathered from a group of people’s communication and writing style can serve to filter those desirable for a certain position, like a function of an office or university program.

The way people use language is one of many predictive factors a college admissions officer can use, if we're talking about application success rates.

The study was conducted by Gary Lavergne, James Pennebaker, Joey Frazee, David Beaver, and Cindy Chung, from the University of Texas, Austin.

Their data-driven approach to college success trends showed that using impersonal, concept-centric language in writing contributed to a higher GPA than using subjective, narrative-centric language. This trend was present throughout the academic career pathway, from admission, through grades, to graduation.

This is just a small example, but data in academia has enormous power and potential. Therefore it is imperative to properly protect one’s intellectual property in the realm of academic endeavor.

Know where your data is stored

In terms of intellectual property in the academic world, research papers, research proposals etc. obviously make up the bulk. The problem with keeping them safe is that they are rarely housed in a centralized manner.

That’s a natural consequence of the decentralized nature of research beyond the individual level. Even individual efforts, such as student research papers, are often housed with third parties like writing assistants.

On the level of institutions, data will shift and migrate to follow the interests and goals of different research teams, funding agencies, and every single individual among the student body and staff.

So, to set up a solid foundation for security, it is imperative for academic institutions to prioritize, and then itemize, their data.

Make a list of every topic, area, or problem that your institution is currently researching, either independently or as part of a joint effort. Then decide which ones have the most priority, which data is the most sensitive.

Next, record in detail for each research effort who is working on it, from where, and with whom it might have been shared. From this, determine which data is the most vulnerable.

Compare the two, and prioritize protecting the information that is both sensitive and vulnerable. Follow up with either category, based on your institution’s goals and policy.

Enlist the researchers themselves

Data security is more than a team effort, it is a network effort – it has to be if you want it to succeed.

Of course universities have their own IT teams and go-to cybersecurity people, but they are merely the first line of defense. For a comprehensive and effective data protection strategy, everyone involved has to contribute.

Staff and students endanger proprietary data on the daily, typically unaware. The most common risks include copying and distributing research to and from various cloud storage solutions and personal devices.

In order to reduce the risk, universities and other academic institutions should utilize their research inventory (built by the above mentioned itemization). Identify the teams and individuals whose data is being the most mishandled. Determine who is the most likely to be a victim of data theft in any form. Then invite those people into a conversation and warn them, and teach them how to keep data safe. The more effectively you convey that their own personal work is at risk, the more likely they will be to follow through with security measures. Provide real-life examples of high-ed data theft to strengthen the message.

Increase the security of off-location research

In other words, tend to the safety of data produced in collaborative and remote efforts. Working on the go and linked with colleagues from all over is a staple in academia. Especially this year, with everything going virtual, research data is bouncing around online more than ever.

However, just because it’s always been done doesn’t mean it’s been done right. Theft of intellectual property is easier now that everyone is working from home, as the boundary between personal and professional devices, storage, and files is all but dissolved.

Continuing from the previous point, incite collaboration between technology departments and researchers. Cybersecurity teams need to understand the research processes and data sharing patterns.

For example, assess the way university staff and students utilize SaaS platforms to handle information, methods, and results. Inspect their use for the common small-scale errors that might result in genuine data safety threats.

In summary

There are many specific steps and strategies you can take to keep your academic data safe. You can put measures in place to control access to and possible use of university databases as well as individual documents.

You can review and rework research procedures and collaboration policies. You can even go ahead and get law enforcement agencies involved in devising solutions.

At the end of the day, whichever specific approach you decide to employ, remember that institution-wide cooperation is key. Establish due rapport between researchers, both among staff and students, and members of the IT department or cybersecurity team.

Take careful stock of all research data that your institution currently owns, and see where each item is housed. Establish what is at greatest risk of theft and where the most sensitive data is.

Finally, address the issue of remote collaboration. Assess the backstage workings of the shared storage your researchers might use, and find a way to mitigate the risks of transferring professional files onto private devices.