University Grants Commission Regulations:
Whether Binding on States and Universities

(By S. Muhammad Haneef, Advocate, Supreme Court of India & High Court of Kerala)

1). The University Grants Commission Act, 1956 [herein after referred to as the UGC Act) was enacted to make provision for the co-ordination and determination of standards in Universities and for that purpose, to establish a University Grants Commission. Section 12 deals with “Functions of the Commission”, while Section 14 speaks of “Consequences of failure of Universities to comply with recommendations of the Commission”. Section 26 deals with “Power to make regulations”. In exercise of these powers, the UGC had been issuing Regulations on criteria for award of Ph.D; minimum qualifications for appointment of teachers and other academic staff in universities and colleges and measures for the maintenance of standards in higher education etc.

2). By virtue of Section 26 of the UGC Act, 1956, the UGC is empowered to frame Regulations for the purpose of performing its functions, which includes determination of standard of Universities, promotion and co-ordination of university education, for the determination and maintenance of standards of teaching, examination and research in universities, for defining the qualifications regarding the teaching staff of the university, maintenance of standards etc. Further, as per Section 28 of the Act, every Rule and Regulations under the Act shall be laid before the both Houses of the Parliament and when both the Houses agree then the Rules/Regulations can be given effect with such modifications as may be made by the Parliament and thereafter notified in the Official Gazette. By following the procedure UGC Regulations once passed by the Parliament becomes the part of the Act, and therefore a Central Legislation which comes under Schedule VII List III Entry 25 inter alia Schedule VII List I Entry 66 of the Constitution of India and therefore Subordinate Legislation enacted by the Parliament of India. 

3). As pointed out above, UGC Regulations are Central Legislation and the State Government orders or even Legislations in conflict with the same, to the extent to which the State Legislation is in conflict with the UGC Regulations is void. Though the State legislation may have been purported to be made under Entry 25 of the Concurrent List, but in effect when encroached upon legislations including subordinate legislations made by the Centre under Entry 25 of the Concurrent List or under Entry 66 of the Union List, it would be void and inoperative. Further, The Hon’ble Apex Court in Preeti Srivastava v State of M.P. (1999 (3) KLT SN 31 (C.No.32) SC = (1999) 7 SCC 120) held that, State has right to control education so long as the field is not controlled by any Union Legislation. Further, the Hon’ble Apex Court in Annamalai University v. Information and Tourism Department (2009 (1) KLT OnLine 1146 (SC) = (2009) 4 SCC 590) held that, UGC Act is a Central Legislation and to the extent which the State legislation is in conflict with the Central legislation including subordinate legislation made by the Central legislation under entry 25 of the Concurrent List shall be repugnant to the Central Legislation and would be inoperative. 

4]. The Hon’ble Supreme Court of India in Kalyani Mathivan v. K.V.Jeyaraj(2015 (2) KLT Suppl.145 (SC) = (2015) 6 SCC 363), held that, once the UGC Regulations are adopted by the State Government then the State Legislation to be amended appropriately in par with the Central Legislation. Therefore, the cardinal question that will decide whether UGC Regulations are binding on States and Universities or not is, whether the State/University concerned has accepted or adopted the UGC Regulations. Once the State or University concerned has adopted the Regulations, the State Government or University concerned shall amend their respective Legislations/Subordinate Regulations in tune with the UGC Regulations.  However, A Full Bench of the Hon’ble High Court of Kerala in Radhakrishnan Pillai v. Travancore Devaswom Board and connected cases (2016 (2) KLT 245 (F.B.)) wherein I had appeared for a few of the parties, held that, irrespective of whether the University Acts enacted under Entry 25 of the List III or the Statute framed thereunder are amended in line with UGC Regulations or not, in view of its adoption by the State of Kerala, the universities and affiliated Colleges in the State are bound to comply with the UGC Regulations. Therefore when UGC Regulations 2018 have been adopted by the State Government, it cannot pass any orders which are in conflict with the concerned UGC Regulations. The SLP preferred against the above judgment stands dismissed. Therefore, irrespective of amending of statutes in tune with UGC Regulations, once the Regulations are adopted by the Government or the concerned Universities, the Regulations become mandatory and binding.

5). Therefore, the law as it stands, specifies that, the Government have the option to not adopt the UGC Regulations which are issued from time to time by the UGC. However, once it has been adopted, the Government and Universities & affiliated colleges under it are bound to implement the same notwithstanding an amendment to the University Act/ Statues/Regulations etc in this regard.

6). The Apex Court in Gambhirdan K.Gadhvi v. The State of Gujarat & Ors.(2022 (2)KLT OnLine 1106 (SC) = 2022 Live Law (SC) 242) was posed with an interesting issue to be decided regarding applicability of UGC Regulations when the same has not been adopted by the State Government. The State of Gujarat has not adopted the UGC Regulations (Minimum Qualifications for Appointment of Teachers and Other Academic Staff in Universities and Colleges and Measures for the Maintenance of Standards in Higher Education) 2010 and further no amendment were carried out in the Statutes and Regulations of the Universities in the State, in the case at hand ‘Sardar Patel University’. The Apex Court held that, the eligibility criteria when once fixed by the UGC under its regulations would apply to all the Universities which are aided by the UGC to be bound by the said regulations even in the absence of the same being incorporated under the respective universities Act of the respective States or in the absence of the State Government adopting the Regulations. It was further clarified that, the Government of Gujarat had adopted the revision of pay Scheme 2008 whereby the pay of Vice Chancellors of Universities were revised. In pursuance to the same, the grants from the UGC were accepted by the Government as well. In the circumstances, even though the UGC Regulations were not adopted by the State, the same was held to be binding on the Universities in the State.

7). Thus, to sum up, the UGC Regulations issued by the UGC in exercise of its powers under Section 26 of the UGC Act and following the procedure contemplated in Section 28 of the Act is Central Subordinate Legislation. Once these Regulations are adopted by the States or even aid or grants from the UGC or Central Government in this regard is accepted, the Regulations are mandatory. The State Governments and Universities are bound by these Regulations even in the absence of their legislations amended in tune with the UGC Regulations.

Paradigm of Cloud Computing

(By Dr.Raju Narayana Swamy, IAS)

Cloud Computing : The Concept

Cloud computing involves a subscription based service that satisfies computing and storage needs from a virtually unlimited hardware and communication infrastructure which is managed by a third-party provider. Put it a bit differently, cloud computing occurs when an internet connection delivers hardware power and software functionality to users regardless of where they are or which computer they are using. NIST (National Institution of Standards and Technology) defines it as “Cloud is a model for enabling convenient, on demand network access to a shared pool of all configurable computing resources (storage, networks, services, servers and applications) that are easily released and rapidly provisioned with minimum management effort.” Needless to say, the five critical characteristics that form the hallmark of the above standard definition are – on demand self service, broad network access, rapid elasticity, resource pooling and measured services. By contrast, the Gartner Group defines cloud computing as a style of computing in which massively scalable IT – related capabilities are provided as a service using internet technologies to multiple external users.

Clouds are essentially data centres or server farms on which software and data can be remotely stored, instead of on-site. It is a natural evolution of distributed computing and the general variation of virtualization and service oriented architecture (SOA).  Cloud computing activities are often described as falling into one or more of the following service categories:

a)   Infrastructure as a Service (IaaS): raw computing resources such as processing power and storage.

b)   Platform as a Service (PaaS): platforms for developing and deploying software applications (Google App Engine is a classic example)

c)   Software as a Service (SaaS): end user applications

Apart from the above three service models, there are four deployment models too – public, private, hybrid and community. The essential characteristics of all these models are

(I)  Pay as per use

(II)Use it as and when required

(III) Services provided by a third party service provider

(IV) No change in the ownership of the main property.

Rationale behind cloud computing

The genesis  of cloud computing days back to the early 2000s when organizations started spending money to set up their IT infrastructure for improvement of business by purchasing own dedicated server. As the day progressed, these servers became virtual and easily available publicly through internet. Thus the cloud was born as a model that is easily manageable, accountable and configurable. Perhaps the best example of this kind of service is one that is almost ubiquitous now  : web-based email services like gmail and hotmail. From legal research to word processing, file storage and movie viewing, computer users are able to take advantage of the cloud for a variety of tasks – some mundane and some others extremely sensitive and highly technical (storing and securing personal information for millions of credit card subscribers or health records for insureds being classical examples). Google has introduced Google Chrome OS, an operating system designed to function almost completely through the cloud providing essentially remote computing software that can be updated automatically through the web.

No discussion on cloud computing will be complete without the case study of Animoto – a software provider that converts personal photos into music videos it developed a Facebook application that took the company from 25000 users to 2,50,000 users in three days. At its peak, Animoto was signing up 20000 new users per hour. It launched the service with five virtual servers and by the end of three days expanded to 3500 servers. Animoto’s ability to scale up at such an incredible rate was accomplished by using a cloud provider that was able to add resources as demand for product increased. Mention also needs to be made of the increasing popular concept of netbooks – low cost light weight laptop computers with reduced hardware capacity and processing power – that provide users with vast resources because the cloud is fully accessible. Today companies such as Google, Facebook and Microsoft who need to process large quantities of data operate numerous massive cloud data centres that may each occupy tens of thousands of square feet and contain thousands of computers. Like Feynman’s Los Alamos team – narrated in his wonderful auto biography “Surely You’re Joking, Mr Feynman” – these computing complexes provide computing as a service for many people.

What Cloud Computing can offer us : the next generation of internet

The existing internet provides us content in the form of videos,  emails and information served up in webpages. With cloud computing, the next generation of internet will allow us to “buy” IT services from a web portal, drastically expanding the types of merchandise available beyond those on e-commerce sites such as eBay. We would be able to rent from a virtual store front the basic necessities to build a virtual data center – such as CPU, memory and on top of that the middleware necessary : web application servers, databases, enterprise server bus etc., as the platforms to support the applications we would like to either rent from an independent software vendor or develop ourselves. Together this is what we call “IT as a Service” (ITaaS) bundled to us – the end users – as a virtual data center.

Advantages of Cloud Computing

Cloud computing offers the following advantages :

a)   Scalability in terms of resources : A company can start small and increase its hardware resources as it needs.                                                                     

b)   Flexibility in terms of the different software packages and operating systems

c)   Pay–as–you–go  economic model borrowed from utility computing

d)   Consolidation of System Maintenance and Management : this overhead is shifted from cloud users to its providers

e)   Reliability : The system’s fault tolerance is managed by the cloud providers and users no longer need to worry about it

f)   High utilization and reduced carbon footprint as typically a large number of custom servers is consolidated into a smaller number of shared servers.

Legal Issues

Cloud computing service providers – whether global or regional – will inevitably run up against international law, particularly data protection law and privacy regulations. Each country has its own set of laws – some being dramatically more stringent than others. There are no laws unique to the cloud. But the cloud brings with it some legal issues which while not applying only to the cloud are perhaps now uniquely important to those operating or using a cloud-based service. The most important among these pertains to sovereignty on the internet: location and use of data. A key question with any cloud computing service is “where is the data stored or processed?”. The reality in this regard is that even the cloud service provider may not know where the data is residing.

 Unlike a fixed server in the office or at a data centre, data in the cloud could potentially be located anywhere in the world – even in multiple data centres in multiple copies worldwide. Read these with the fact that cloud computing services involve processing of masses of data that is often commercially sensitive, confidential and “personal information” and the picture is complete. To put it a bit differently, sending and processing data around the globe could in the process fail to comply with data protection and privacy laws in various countries. The EU for example provides a strict legal regime under the EU Data Protection Directive where unless certain steps are taken, companies can be prohibited from transferring personal information to countries that do not give the same level of protection. If a European company is processing data on the cloud and is processing personal information in the EU, it may not be complying with EU laws if data is moved to countries outside the EU.

The classic case of Microsoft Corporation v. US District Court

No discussion on the legal issues pertaining to cloud computing can be complete without a reference to the Microsoft Corporation case. Microsoft is a major player in the cloud industry with a 12% market share. Their innovation – Office 365- is a highly popular cloud based office software and email platform.

It all started in 2013 when the Justice Department asked for access to the email account contents and Microsoft refused that query with a response that data which are not stored in US is outside of US jurisdiction. In 2014, the US District Court for the Southern District of New York issued a search warrant (under the SCA 18 USC) seeking access to the contents therein whose data was stored in Ireland. Francis M.J., the US Judge issued the warrant since he believed that the government presented enough evidence to support the belief that the mail account was being used for narcotics trafficking. Microsoft delivered all contents of the mail account whose data were stored in locations inside US, but advised that the most valuable data were located in their Irish based storage and that to provide the same they would need to transfer the data from Irish based storage to US based storage which they declined to do. Instead they requested for revocation of the warrant. But the District Court denied the motion to quash and ruled Microsoft to be in civil contempt.

Microsoft‘s contention was that a warrant intrinsically includes territorial restrictions and hence in the present case does not cover Europe. The government on the other hand argued that the warrant was applied as a compelled disclosure similar to a subpoena. Therefore the actual physical location of the object is of no consequence if it is under the control of Microsoft and can be delivered by them.

Upon having their motion to quash the warrant dismissed, Microsoft appealed to the US Court of Appeals. The Court deduced that the warrant is against extra territoriality as it may bring international conflicts. Since Microsoft satisfied the warrant by providing all data that were stored in US and only refused to provide data stored outside US territory, the Court of Appeal lacked authority to enforce the warrant. Thus the US Court of Appeals (2015) reversed the District Court’s dismissal of the request to quash the warrant.

      The aforesaid case has had profound implications on the future of internet privacy, ethics in technology, respecting other countries borders and user’s privacy. It needs special mention here that Microsoft successfully illustrated that no matter how big or small the case is, the company take privacy of users very seriously. However the persistent nature of US government’s attempts to access user’s data without their consent has sent shivers down many spines. In a kneejerk response, many users have signed cloud service contracts with oversees cloud providers. Another situation is for users to encrypt their data. Mention must be made here of the Open Whisper Systems encryption algorithm which is known for its high reliability. In fact, the algorithm is so reliable that governments would not bother to request access to the users’ data as they know that even if the data is supplied, encryption will mean that it is not possible to view the contents. Add to these the fact that many countries have decided to pass “data localization laws” and the picture is complete.

The US case is not the first one wherein Microsoft was requested to provide users’ data nor will it be the last time. For instance, in 2013, Brazil asked Microsoft for the same kind of access, but it was for access to Skype application data located outside of Brazil. Microsoft refused to provide the data. The result was that the Brazilian authorities arrested the local manager of Microsoft in January 2014.

The EU, it needs to be mention here, takes this kind of transaction very seriously. An example is a case wherein the European authorities found that by virtue of a US court’s order, the Belgium based branch of an international bank and the SWIFT (Society for Worldwide Interbank Financial Telecommunications) provided some financial  transaction data of a European citizen to the US government. Belgium found this act to be a violation of EU privacy law.  SWIFT was forced to change its network structure in order to remove any possible future transfer of European data to outside of EU unless it complied with EU data privacy legislation.

Issues pertaining to Lock In

A major concern of cloud computing is lock in which refers to the complexity to switch from one cloud service provider to another. Needless to say, it increases dependency on the service provider. Questions that arise in this context are:-

a)   Is the data portable between service providers ?

b)   If service providers change, can the records be accessed ?

c)   What are the obligations on each party regarding an exit plan?

 Vint Cerf, the computer scientist who is often called the father of the internet, has identified the issue of moving data between clouds as one of vital importance. According to him, developing intercloud standards and protocols so that data does not get caught in one cloud is the equivalent now of the issues faced in 1973 when networks could not communicate with each other.

Concerns of data security

Unlike the traditional model  wherein users had control over their data and could implement whatever safeguards they thought necessary to retain control, cloud users neither possess nor control their data. This raises serious apprehensions on the data security front. The issue vis-a-vis cloud computing is that the customer using the services is not aware what part of their data is getting saved on their device and what is getting saved on the cloud. In fact,  data security in the context of cloud computing has to be analyzed in the backdrop of the triad concepts of confidentiality, integrity and availability. Confidentiality is the anticipation of intended or unintended unauthorized disclosure of contents whereas integrity guards both data and system against any illegal modification or deletion thereby ensuring originality and nonrepudiation of data. Availability on the other hand gives the assurance of trustworthy and timely access of information. This  concern  centres on critical applications and data being available. Well publicized incidents of cloud outages include gmail’s one-day outage in mid October 2008, Amazon S3’s over seven – hour downtime on July 20, 2008 and Flexi Scale’s 18 hour outage on October 31, 2008. Availability also means the extent to which user’s data can be recovered when accidents such as hard disk damage, fire and network failures occur. Viewed from this triad, the security issues in cloud computing can be categorized into three broad classes – traditional security concerns, availability issues and third party data control related issues. Common security concerns in the cloud are:-

a)   Data breaches :- The chances of data breaches or losses increase in cloud environment. According to a research carried out by the Ponemon Institute titled “Man in Cloud Attack”, the likelihood of over all data breaches is three fold in a cloud environment.

b)   Hijacking of Accounts:- Hackers having login information to remotely contact data in cloud can cause hijacking. Moreover they can manipulate data through captured credentials.

c)   Denial of Service Attack:- It tries to make websites and servers unavailable to legitimate users.

d)   Insider Threat:- Employees can utilize authorized access to misuse or access sensitive information.

e)   Abuse of Cloud Service :- It affects both the service provider and its client

f)   Insecure APIs (Application Programming Interfaces)

g)   Malware Injection:- These are scripts/codes embedded deliberately into cloud service. Once executed, attackers can eaves drop and compromise integrity.

h)   Side Channel Attacks:- An emerging concern for cloud delivery models using virtualization platforms is the risk of side channel attacks causing data leakage across co-resident virtual machine instances.

Transfer to public cloud involves a change of responsibility and giving accessibility of data to the provider. This can be ensured by building clauses in the contract with the provider which have appropriate provisions for security and help in maintaining legal protections for data stored. The user also must ensure foolproof services within their own systems. Issues like standard of the services being provided, the ownership of IP, service level agreements, liability regimes, warranties and indemnity provisions, confidentiality obligations and termination clauses must all find their places in the contract for cloud based services. Needless to say, the various requirements imposed by law will subsist in addition to the terms of the contract. A classic example in this regard is the provision regarding liability of the parties under the Australian Trade Practices Act.

An interesting example of the inadequacy of standard terms and conditions  to meet the expectations of a business user can be seen from a successful bid by Google to provide cloud based services to the city of Los Angels1. The contract included unlimited damages for data breach, guarantees as to where the data will remain and penalties if the services are not available for longer than five minutes a month.

No discussion on data security in the context of cloud computing will be complete without a reference to mash-up authorization. As adoption of cloud computing grows, more services performing mash-ups of data will be witnessed. A case study in this regard is provided by Facebook, the users of which upload both sensitive and non-sensitive data. This data is used by Facebook to present data to other users and this data is also utilized by third party applications. Since these applications are typically not verified by Facebook, malicious apps running in Facebook’s cloud can potentially   steal sensitive data.

Problems vis-a-vis data privacy

Privacy refers to the right of self determination. It is the ability of an individual or group to seclude information about themselves and thereby reveal them selectively. It has the elements of when, how and extent. A good reference for use in defining universal principles for the protection of personal data and privacy is the Madrid Resolution (2009). The basic principles that must govern the use of personal data include those of lawfulness and fairness, proportionality, purpose specification, data quality, openness and accountability. It needs to be mentioned here that there is a huge divide between developed and developing countries in terms of adequate legislation of protection of personal data.

In the cloud, privacy means when users visit sensitive data, the cloud services can prevent potential adversaries from inferring the user’s behaviour by the user’s visit model. ORAM (Oblivious RAM) is a promising technology in protecting privacy in the cloud.

No discussion on confidential and sensitive data in the context of cloud computing can be complete without a mention of the Odense Municipality case. The view of the Municipality was that sensitive data about students and parents can be processed in Google Apps. However, the Municipality’s use of cloud computing to store sensitive information was rejected by the Danish Data Protection Agency (DDPA). The case confirms that a serious risk assessment must be made before switching to cloud services. It also points out that standards should play an essential role in fostering adoption thereof.

Issues pertaining to incomplete data deletion

A major concern of cloud computing is that it is always possible that data has not been properly deleted and that multiple copies or traces may have been stored. When users delete their data with confirmation, all copies of data should be deleted at the same time. Cloud storage providers should ensure that the deleted data of users cannot be recovered and used by other unauthenticated users. This is particularly important in the backdrop of data recovery technologies that could recover data deleted by users from the hard disks. To avoid data be recovered and unauthenticatedly used, a possible approach is to encrypt the data before uploading to the cloud storage space. A classic example is FADE system which is based on technologies such as Ephemenzer.

Cloud service providers and liability for content

Cloud providers are by no means exempted from any accountability if the material that users store in the service is the ground for a civil or criminal offence. The general rule in this regard is that the provider is exempt from liability for illegal or infringing content on its servers if the following two conditions apply:-

A)  It has no part in determining the content of the transmission or it has no knowledge or control of illegal information stored on its servers and

B)  It acts expeditiously to remove or prevent further storage and transmission of any illegal information it is made aware of.

The latter requirement  is referred to as notice and take down obligation.

However due to the differences in the various regimes, the applicability thereof to cloud computing services must be evaluated on a case-by-case basis, depending on the provisions of the specific country and nature of the service provided on the cloud. In particular, cloud providers in EU and US can generally benefit from all the liability exemptions generically offered to ISPs (Internet Service Providers).

Concerns regarding IPRs

These concerns are closely connected to the question: Who owns the data in the cloud? The answer lies in the observation that normal copyright rules apply if the data being stored in the cloud is fit for copyright protection (ie) it has some degree of novelty and is the product of author’s intellectual work. Thus the user of the cloud service can very well have the author’s right over the work. However, the cloud terms of service may include provisions according to which the provider has some power over the data stored in the cloud.  This is not an actual copyright transfer, but the author might be limited in exercising his monopolistic rights over the copyrighted material. Ownership of IP can be eroded by a formal agreement or dedication of the work to the public domain, but in the cloud computing environment, mere uploading of information in a cloud platform does not entail losing IPRs. But it is important that the rights over the content in the cloud be kept well distinct from rights over cloud assets. By doing so, it is possible for the cloud customer to avoid undesired consequences such as loss of IPRs to the cloud provider. Conversely, the provider’s IPs need to be protected horizontally from unfair business practices by competitors and vertically from possible illicit behaviours by customers. Thus the provider will hold exclusive ownership over the rights used in providing the cloud service (ie) it owns IPRs to the software and the customer will be granted a license to use the technology. In the PaaS and IaaS delivery models, separation of ownership for applications developed by the customers and the tools used to develop them should be made clear in the contract terms. Mention also needs to be made here of the Japanese initiative towards introduction of a new form of IP protection for big data.

Concerns regarding bandwidth costs

With cloud computing, companies can save money on hardware and software, but they could incur higher network bandwidth charges. Bandwidth cost may be low for smaller internet based applications, which are not data intensive, but could significantly grow for data-intensive applications.

Laws, Standards and Regulations pertaining to Cloud Computing

These fall into four broad categories:-

a) Compelled disclosure to the government

Classic examples are

1)   USA : Stored Communications Act (SCA), Electronic Communications Privacy Act (ECPA), National Patriot Act and Fair Information Practice.

2)   UK : The Regulation of Investigatory Powers Act.

3)   Australia : Privacy Act in the APPs, APP12:Access  to Personal Information, Freedom of Information Act 1982.

Moreover policies of national cryptography in UK, Singapore, Malaysia etc., may allow a court order to access cryptography.

b) Regulations dictating how a cloud service provider protects customer data security

Examples are

1)   USA : Gramm – Leach – Biley Act (GLBA), Health Information Technology for Economic and Clinical Health (HITECH), Family Educational Rights and Privacy Act (FERPA).

2)   UK : Privacy and Electronic Communications (EC Directive), Data Protection Act and Directive.

3)   Australia : Privacy Act in the APPs, APP 11: Security of Personal Information.

c) Relating to transfer, retention and privacy of data between the clients and the data storage provider

Examples are

1)   USA : FTC Fair Information Practice, Payment Card Industry Data Security Standard (PCIDSS), Freedom of Information Act.

2)   UK : The Safe Harbor Agreement (defined in data transfer between USA and Europe).

3)   Australia : Privacy Act in the APPs, APP 8 : Cross-border disclosure of personal information, Privacy Act 1988 – Section 16C, Privacy business resource & Sending personal information overseas.

d) Relating to physical location of data storage servers

Examples are

1)   USA : Payment Card Industry Data Security Standard (PCIDSS), NARAregulations.

2)   UK : Euro Data Protection Directive.

3)   Australia : Privacy Act in the APPs, APP 8 : Cross-border disclosure of personal information.

The Legal Framework for Cloud Computing in India

Cloud computing services that deal with personal or sensitive information need to comply with the requirements set out under the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules 2011 relating to security, encryption, access to data subject, disclosure, international transfer and publication of policy statements. Thus a cloud computing service company before trading with “sensitive personal information” having a link to India has to make sure to be in observance with the aforesaid Rules as any non-compliance would invite penalties and imprisonment. Cloud service providers in India may also be required to comply with the Information Technology (Intermediaries Guidelines) Rules 2011.

In addition to the IT Act and Rules, use of cloud computing in banking and insurance sectors is subject to specific restrictions. The RBI’s guidelines on Managing Risks and Code of Conduct in Outsourcing of Financial Services by Banks sets out specific requirements to be complied with by banks while engaging cloud service providers. These requirements inter alia relate to vendor selection, data security, form of agreement, business continuity and disaster recovery or management practices. On the other hand, the Insurance Regulatory and Development Authority of India’s Guidelines on Information and Cyber Security require insurers to comply with requirements in relation to data, application and network security, indent management and information security audit while using services from a cloud service provider.

Conclusion

Cloud services are the best method to offer a dynamic and self adjustable computing and storage resource service to a wide range of clients – from residential users through small businesses to large multi-national organizations. A cloud is a pool of virtualized computer resources and can host a variety of different workloads, including batch-style backend jobs and interactive, nay user-facing applications. It supports redundant, self- recovering, highly scalable programming models that allow workloads to recover from many unavoidable hardware/software failures. However a word of caution is needed here – the cloud ecosystem must be designed to be secure, trustworthy and dependable. Cloud security faces different challenges and issues at various levels in the form of vulnerabilities and attacks – multitenancy, cloud secure federation, vendor lock in, loss of control, confidentiality, data integrity and privacy, data intrusion, virtualization vulnerabilities, cloning and resource pooling, UM hopping, XML signature attack, XSS attack, SQL injection attack and flooding attack, to name a few. Moreover, international law is not agile enough to compete with cloud computing developments. The onus therefore is on international cloud service providers to be familiar with data protection laws and policies of each country that they have a presence in – regardless of their essential understanding about the technology that they are providing via their platforms. In addition, the policies regarding data transfer between countries need to be seriously accounted for in their business plans.

 Issues surrounding development of standards and best practices in the areas of interoperability, escrow and privacy need to be addressed along with questions as to whether adequate due diligence has been carried out along the chain of responsibility. Otherwise cloud service providers will be exposed to an avalanche of claims including those pertaining to liability for data mining and liability under securities laws for improper  dissemination of investment information on social networking websites. The currently pending cases including class action litigations pertaining to Netflix Inc, Facebook “Beacon” Google “Buzz” should be eye openers in this regard. Mention also needs to be made here of the emergence of a parallel form of business called cloud brokering whose objective is to guide the potential enterprise in the choice of a cloud service provider, untwining the tangle of differential features.

In a de jure condendo perspective, a uniform legislative approach would be advisable. Internet services operate in a global market. Hence a unified approach – possibly one based on a WIPO treaty – would provide benefits to cloud customers by establishing uniform terms and conditions which drive consistency in the protection of data in the cloud. Opinions are galore that a “cyber seas” agreement may be the ideal vehicle for this kind of system because it provides a balance between a State’s ability to regulate the cloud and an over seeing international authority. Taking the prudent steps now to harness the cloud may in the near future allow the world to reflect on an entirely man-made global public utility and the beginnings of a truly cooperative world market. Needless to say, ultimately it is the users who will choose the model that makes the most sense given their needs – which may end up being a hybrid of cloud computing and the traditional model.

References

1)     Al – Khouri AM, Data ownership : who owns my data? Int J Manag Inf Technol 2007, 2(1); 1-8.

2)     Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A et al, A view of cloud
computing, Commun ACM 2010; 53(4);50-58.

3)     Azeez A, Perera S, Gamage D, Linton R, Siriwardana P, Leelaratne D et al, Multi-Tenant SOA Middleware for Cloud Computing in Proceedings of the 3rd International Conference on Cloud Computing (CLOUD)2010; 458-465, IEEE.

4)     Bartolini C L, El Kateb D, Le Traon Y, Hagen D, Cloud Providers Viability: how to address
it from an IT and legal perspective ? in Altman J, Silaghi GC, Rana of Editors Economics
of Grids, Clouds, Systems and Services Vol 9512 Computer CommunicationNe works and Telecommunications, Springer International Publishing, 2016; 281 295.

5)     William Voorsluy, James Broberg and Rajkumar Buyya, Introduction to Cloud Computing in Cloud Computing: Principles and Paradigms (Wiley 2011).

6)     Mark H. Wittow and Daniel J Buller, Cloud Computing: Emerging Legal Issues for access to data, anywhere, anytime in Journal of Internet Law, Aspen publishers14(1),2010.

End Notes:

1. Legal issues in the cloud, Mark Vincent and Nick Hart, Computers and Law, January 2021.

Registration of Documents by a Power of Attorney Holder

(By P.B.Menon, Advocate, Palakkad)

This is in continuation of my Article published in 2020 (4) KLT 17 (Journal Section) at pages 20 to 22.

Section 32 and 33 of the Registration Act read with the rules framed thereunder deal with registration of documents using a power of attorney.

2009 (3) KLT 607 (SC) is followed in 2018 (4) KLT 1186 and recently the Apex Court too in 2022 (3) KLT SN 38 (C.No.29) SC) (kindly see the full text) as well as in Amarnath v. Gianchand & Anr., by Apex Court (Civil Appeal 5797/2009 dated 28.1.2022 2022 (3) KLT SN 45 (C.No.34) SC = 2022 (3) KLT OnLine 1203 (SC)) deals with the matter.

After a careful consideration of the said provisions of law in detail, it is held that a sale deed executed by a power of attorney holder (donee) on behalf of the donor, is competent to present the said document for registration before the concerned Sub Registrar for the purpose of registration as the person executed the document and the person who presents the same for the registration are one and the same person for the purpose of S.32 of the Registration Act. So if the document to be registered is executed by his power of attorney holder and presented the same for registration by him, such power should be an authenticated power of attorney and not a registered power of attorney (See AIR 1971 SC 761). It is held therein that such power of attorney holder is not obliged to produce his power before the Sub Registrar for registration purposes and that the inquiry by the Sub Registrar cannot extend to question as to whether the person who executed the document in his capacity of the power of attorney holder of the principal, was indeed having a valid power of attorney or no to execute the document. The production of the power of attorney before the concerned Sub Registrar arises only in cases when the document to be registered is executed by the principal and his power of attorney holder presents the same for registration. So only in such cases the Sub Registrar can verify as to whether it is or it is not an authenticated power of attorney and not in the cases where the power of attorney holder execute the document for registration as well present it for registration, as in such case production of the power of attorney is not necessary and no enquiry too is contemplated by the Sub Registrar. As early as in 1914 PC 16 it is held that presentation of the document for registration is imperative i.e., it should be by one who is clothed with power under a power of attorney which is authenticated. This view is followed by the Apex Court as well.

Now the question is as to what is the legal effect of a document registered when a power of attorney holder having a registered power executes the document and present it for registration. Under law it is a totally invalid document, as the two acts done by the power of attorney holder i.e., execution and presenting the same for registration are done on the strength of a registered power of attorney, which is taboo under the provision of law, which is clarified in Rule 61 and 62 of Registration Rules. All the above cases deal with presentation of document to be registered a power of attorney holder who executes and present it for registration as well as cases when principal executes the document to be registered being presented by his power of attorney holder using a power of attorney which should be an authenticated power. As a matter of fact there is reference only to authenticated power of attorney and the conclusive presumption regarding the same u/S. 85 of the Evidence Act and nothing about a registered power of attorney.

Let us see Rule 61, framed under the Registration Act, which reads thus: “Although a power of attorney may be registered, it is not valid for registration purposes unless authenticated..................”

Further the format of authentication is also shown therein. See Rule 62 too.

In 2022 (3) KLT 41 (C.No.30) SC)(In the full text paragraph 18 to 20) the difference between registration and authentication is clearly stated. In AIR 1950 All. 524 “the authentication is not merely attestation. It means that the power authenticating has assured himself of the identity of the person who has signed the instrument as well as the fact of execution’’. In AIR 1976 SC 263 holds that authentication is to avoid the necessity or as equivalent to an affidavit of identity.

Secondly in para 49 to 53 of the Apex Court, it is clearly stated that the Registration of a document take in 3 essential steps - (1) execution of the document by the executant signing or affixing his left hand thumb impression; (2) presenting the document for registration and admitting to the registering authority the execution of such document and (3) the registration of the document.

It is further made clear what all aspects relating to step (1) and (2) will arise for consideration in a suit for a declaration of title, wherein the validity of such registered document is challenged.

Before I proceed further, a word about execution. In para 49, what is seen stated about execution is “signing or affixing his left hand thumb impression”. As far as my knowledge goes with reference to various case law and provision of law like Succession Act see 63 and General Clauses Act S.3(59), it is only signature or mark of an illiterate and not L.T.I. for the purpose of execution and such LTI is taken only before the Sub Registrar when document is presented for registration on the back side of the first page. Usually no one subscribe his LTI in token of execution in a document to be registered even if illiterate.

In Amarnath case mentioned above, it is stated correctly in para 26 “the expression person executing used in S.32 can only refer to the person who actually signs or marks the document in token of execution, whether for himself or on behalf of some other person”.

Thus we are left without an authoritative decision, regarding the real effect of execution and presentation by a power of attorney holder under a Regd.power and not an authenticated power.

I am of opinion that a registered power of attorney cannot be used by such donee either to execute and present the same for registration and if so used to register a document it will be null and void and illegal too as under the same no title will pass to the purchaser. Real legal effect will be, such registered document will be not valid.

Any criticism or other views on the subject is welcome.

LAMENT IN INTENSE AGONY

(By K.Ramakumar, Sr. Advocate, High Court of Kerala)

This country has gifted to the world Mathematics. It is this country that has given the universe the “OM” which signifies and represents movement of planets as was later ratified by the Russians. Long before Karl Marx was born, this country started believing in “Paritranaya Sadhunam” and had always adopted “Lokah Samastah Sukhino Bhavantu.”

Centuries back we had two renowned universities Thakshasila and Nalanda. Ujjain, the capital of Vikramadhithya was a well-known centre of literature art, music, dance etc.

Modern universities are formed mostly on the western pattern. The High Court of Kerala has this to say about universities:-

“All along, Universities do have a pride of place in country’s cultural and educational ethos. The academia lives in ivory towers, and they frown at intellectual imbecility or improbity leading to compromise on principles and curtailment of academic freedom. For them, supposedly, politics is an anathema, and their pandering to the shifting political whims is an abomination” - C.Premkumar v. M.G. University (2018 (1) KLT 907).

The Madras High Court observed as follows:-

......the University is expected to serve as the beacon light of higher education”

K.V. Jayaraj v. Chancellor of Universities (W.P.No.11350 of 2012).

The universities therefore play a very pivotal role in moulding of young generation in any country. It is not for nothing that the cream of Indian youth once took pride that they had studied in Universities like Cambridge and Oxford. Our universities had always been centers of excellence maintaining high academic standards and manned by eminent educationists and academicians.

Unfortunately, from the commanding heights of excellence and eminence they are now immured to intrigues infights and indulgence etc., the politicians taking over the role from academicians. The Vice-Chancellors of all universities were men of eminence adored by the people of the country. They included Dr.S.Radhakrishnan, Dr.Zakir Hussain, Shri Ashutosh Mukherjee an eminent lawyer of Calcutta High Court and a host of other popular personalities.  The Vice-Chancellor is not holding a mere post carrying pay and perquisites but a position of prominence, respect, regard and adulation.  It was reserved for men of eminence from various walks of life. The High Court of Madras in a brilliant judgement has lamented about the fall from the high pedestal.

“It is true that when the seeds of western education were sown in this country about 150 years ago, men of eminence from various walks of life were appointed as Vice-Chancellors. Several Judges of this Court have adorned the post of Vice-Chancellor of various universities including the Madras University itself. But apart from being great (and rare) Judges, those men were also distinguished academicians, who excelled in various fields. Students of Indian History would know that Sir John George Woodroff who was a Judge of the Calcutta High Court and who retired as the officiating Chief Justice of the same Court, collaborated with Ameer Ali in publishing the Civil Procedure Code: He was a great Sanskrit scholar who authored books on Mantra Sastra and Tantra Sastra, after retiring as the officiating Chief Justice, he served as a Reader in Law in the Oxford University for seven years. Great jurists, both (Lawyers and Judges) such as Sir Subramanya Ayyar, Sir P.S.Sivaswamy Ayyar, Justice F.D.Oldfield were among a few who became the Vice-Chancellors of Madras University, ever since its inception about 150 years. But today, it is not possible to continue with the same legacy for two reasons, namely:

(a) That we do not have such tall men of great eminence, and

(b) That today the field is regulated by law.”

The same Court has pithily put the present scenario as follows:

“Today, Albert Einstein cannot be appointed as the Vice-Chancellor of any university (at least in India)” –

(2014 SCC Online Mad.2701 which was reversed by the Supreme Court in (2015) 6 SCC 363).

Most of the institutions by the people and for the people have failed them totally. The Parliament instead of passing bills is dispersing every day after an acrimonious fight without transacting any business. The executive draws flak for every one of its actions. The Supreme Court has an unbearable weight of arrears of more than a lakh of cases. A second appeal supposed to be admitted and entertainable only on formulated questions of law has to wait for more than twenty years for disposal. So are criminal appeals with a wait of more than five years and writ petitions ten plus years.

These cannot be explained away as just individual decay. Necessarily, it is indicative of institutional deficiency, which needs to be addressed immediately to retain public confidence. Leading lawyers in the past considered it a call of duty to choose the  stressful and strainful life of a Judge, which is why Justices S/Shri R.F.Nariman, Nageswara Rao and U.U.Lalit chose the bench instead of the bar forsaking fabulous financial fortunes. They never canvassed or curried favor to reach a prestigious constitutional position, which again is not just a job with a pay packet, dearness allowance or HRA but shouldering a responsibility to serve the public. Gentle, mild mannered and amiable lawyers are invited to the Supreme Court for interaction but came back humiliated. The best among the lady lawyers, capable, committed and coming from an aristocratic family was similarly summoned to Delhi and she returned hurt. Surprisingly not even a whisper arose from any of the lawyers’ corners.

The late lamented Shri Justice V.R. Krishna Iyer was scoffed at and frowned upon when he made a caustic reference about the red brick building in Curzon road. A down to earth working of democracy though outrageously impermissible.

Individual decay can be diminished but institutional deficiency is inexpiable.

Non-Conventional Trademarks: A Roadmap for India

(By Dr.Raju Narayana Swamy, IAS)

Trademark has been defined in Article 15(1) of the TRIPS Agreement as any sign or any combination of signs capable of distinguishing the goods or services of one undertaking from those of others. It portrays the nature, kind, quality and origin of a product. A brand for a company is like reputation for a person. In an era of aggressive marketing wherein new techniques are adopted by manufacturers and sellers to make their product distinct from those of potential competitors and to capture the attention of consumers, the idea of non-conventional marks has come to the forefront. The word non-conventional mark is general in scope and refers to any mark that does not fall within the traditional categories (letters, numbers, figures, symbols, pictures etc). It can be broadly classified into visual/visible marks (which include motion marks, colour marks, shape marks and holograms) and non-visible categories (which include sound marks, smell marks, taste marks, touch or feel marks etc). Classic examples of the former are the iconic red Christian Louboutin heels, the  lilac tinge used on Milka Chocolate wrappers and even the bright shade of pink attached to Matrel’s Barbie dolls all of which fall under the category of colour marks. Examples of the latter include the scent of roses of a UK tyre company and smell of beer in the dart flights of a London based company as well as the velvet touch trademark of Khvanchkara wine bottles. The trademark on the tooth paste of Glaxo Groups is also a non-conventional trademark – hologram mark to be specific.

It is worth mentioning here that though TRIPS Agreement stipulates a minimum level for protection of trademarks, it leaves a number of factors to the discretion of member countries such as the discretion to keep or not the requirements related to visual perceptibility etc., in their domestic legislation. This discretion raises a number of issues for registration and protection of non-conventional marks in different jurisdictions around the globe. Moreover non-conventional marks are often difficult to register due to issues such as functionality, graphical representation etc. The former refers to those features of the mark which are evolved out of the nature of the good or because of any essential element present in the good or service. A classic case is Nor-Am Chemical  v. O.M. Scott & Sons Co. wherein it was held that the colour blue of the fertilizer is basically because of the presence of nitrogen in it and that hence the blue colour is the functional aspect of the fertilizer. Hence no protection can be sought on the blue colour of the fertilizer which has evolved due to presence of nitrogen in it.  In fact, the reasoning behind functionality suggests the need for a more comprehensive review of the overlaps between other categories of intellectual property and trademark law.1 Here several questions arise.  For instance if Indian classical music compositions or raagas in the public domain can be registered as sound marks, how will that affect the “limited monopoly” logic of copyright law which presumes that cultural works should be freely available where copyright protection did not exist or has expired? Should we address this concern by

      a)         Not allowing public domain materials to be registered or

      b)         Granting a narrow scope of protection if they are registered or

      c)        Incorporating specific defences into trade mark law to allow third party use in a non-confusing manner?2

In the Indian context, while such new types of marks raise interesting conceptual questions, they are also of pragmatic concern to the home audience – right from the days the Indian trademark registry registered a sound mark for Yahoo3 followed by another for Allianz Aktiengesellschaft. Sound mark held by Intel has also been accepted by the Registry. ICICI Bank was the first Indian entity to obtain a registration for its jingle in 2011. The National Stock Exchange (theme song), Raymond: The Complete Man’s Musical Sequence, Britannia Industries (Four note bell sound) Cisco, Edgar Rice Burroughs, Tarzan Yell and Nokia (default ringtone of mobile) have also registered their sound marks in India.

One has also not forgotten the decision wherein the Delhi High Court responded favourably to a trademark infringement claim to protect the shape of Zippo lighters. It is however worth mentioning here that the Zippo decision4 was only of symbolic importance but of very limited precedential value as it concerned an ex parte ad interim injunction order and as there was no detailed analysis applying the infringement tests to shapes. Nevertheless the client driven interest in exploring these possibilities and in reflecting on such marks cannot be brushed aside

The Indian Legal Context

The Trademarks Act, 1999 replaced the Trade and Merchandise Act 1958. The old Act did not grant recognition to non-conventional trademarks whereas the new Act defines a trademark in Section 2(1)(zb) as “a mark capable of being represented graphically and which is capable of distinguishing the goods or services of one person from those of others and may include shape of goods, their packaging and combination of colours.” The revised definition of trademarks under the new Act has been interpreted to be wide enough to include smells, sound, taste and holograms. Graphical representation is however the sine qua non of trademark registration in India. Put in simple terms, this means that the marks should be capable of being printed in a journal or to be precise be in paper form.5 This requirement is a major hindrance to the registration of non-conventional trademarks in India. Several categories like smell and 3D structures are difficult to represent on paper and hence end up getting rejected. However a silver line in the horizon is that the Trademark Rules of 2017 (Rule 2(k)) have extended the definition of graphical representation to include representation via a digitized form as well. Despite all these, the Indian trademark laws unlike EU and US laws are rigid and devoid of flexibility resulting in fewer  registration of non-conventional trademarks vis-a-vis other jurisdictions.

a) Scent Marks

The history of olfactory or smell marks in EU dates back to 1996 when Sumitomo Rubber Company was granted such a mark for rubber tyres that smelled like rose.6 In 1999, an application for olfactory mark that claimed “freshly cut grass as applied to tennis balls” was approved. Subsequently in 2000, John Lewis of Hungerford claimed an olfactory mark on cinnamon smell that is used in relation to furniture.7 But the UK Trade Mark Office rejected the application as it was not capable of graphical representation. It was also reasoned that granting trademarks for a cinnamon aroma in furniture would prevent other traders from legitimately using it in other articles. Lack of consistency in granting olfactory marks created a confusion in the EU which was laid to rest in the Seickmann case wherein Ralf Seickmann applied to the German trademarks registry to register a scent mark. He attempted to represent the mark by

      1)         Indicating the name of the chemical substance, Methyl Cinnamate.

      2)         The structural formula for that substance (C6 H5-CH =CHCOOCH3).

      3)         Indicating laboratories where samples may be obtained.

      4)         Submitting an odour sample in a container and

      5)         Describing the scent in words as “balsamically fruity with a slight hint of

cinnamon.”

Yet each of these methods of representation was problematic. For instance the ECJ ruled that while the description “balsamically fruity with a slight hint of cinnamon” was easily accessible and intelligible, it was not clear, precise or objective. On the other hand, the chemical formula was unintelligible to lay persons. Thus according to the Sieckmann criteria, the graphical representation of a mark must be clear, precise, self-contained, easily accessible, intelligible, durable and objective. On closer scrutiny, the Sieckmann criteria seem to have been developed with traditional visual marks in mind.8 To put it a bit differently while visual marks can satisfy all seven criteria, for non visual marks this appears difficult.

A further impediment to registration of scent marks is that the smell must not originate from the essence of the product. As an instance, Chanel’s application to register its No.5 perfume as a scent mark failed on account of the fact that the peculiar scent was the very essence of the product.9

In the Indian context, Section 2(1)(zb)of the Trademark Act does not eliminate the possibility of a smell mark and in theory a smell mark could be well within the definition of a “mark”. But the graphical representation of the mark is an impediment that olfactory marks have not been able to successfully surpass. Criticisms are galore that by ignoring scent marks, the 2017 Rules promote stagnancy. Suggestions  have come forth from various quarters that techniques like gas chromatography which helps identify a compound having a certain smell can be roped in and that Madeliene camera10 which is the first one to capture scents of objects could be used.

b) Sound Marks

The landmark case in which EU got an opportunity to clarify its position as regards sound marks was Shield Mark v. Joost Kist h.o.d.n. MEMEX. In principle, the ECJ indicated that sound marks can get trade mark registration. But it added that graphical representation has to meet the criteria specified in the Sieckmann case. The ECJ stated that sound represented through a musical note on a musical stave meets all the requirements stipulated therein. But any written description describing the sound would not meet the aforesaid criteria as words do not clearly and precisely indicate rise and fall in pitch. The ECJ opined that onomatopoeia like the Kukelekuuuuu (imitation of a cockrow) represented through written description are not precise as phonetic imitation of the sound may not be exact description of the actual sound. However EU has granted sound marks to non musical representations of sound like the Tarzan’s Yell and the Metro Goldwyn Mayer’s roar of the lion if the application is accompanied by spectrogram or sonogram images.

No discussion of sound mark will be complete without a reference to Harley Davidson’s attempt to register the mark consisting of the exhaust sound of the applicant’s motor cycle produced by V-Twin common crankpin motorcycle engines when the goods are in use as a trademark. This application brought into light several questions regarding registrability of sound marks. Although the exhaust roar of Harley Davidson’s motorcycle seems to be very characteristic, Japanese manufacturers Suzuki, Kawasaki, Yamaha, Honda as well as American manufacturer Polaris objected saying that other motorcycles can also make similar sounds. Further it was not necessary that all motorcycles of Harley Davidson would produce a similar sound.

The registration requirements for sound marks in India are similar to practices in the EU. To be specific, the Rules of 2017 have crystallized the registration in the light of digitization and provide in Section 26(5) as

“Where an application for the registration of a trade mark consists of a sound as a trademark, the reproduction of the same shall be submitted in the MP3 format not exceeding thirty seconds’ length recorded on a medium which allows for easy and clearly audible replaying accompanied with a graphical representation of its notations.”

Needless to say, robust evidence of actual distinctiveness is the secret behind successful registration of a sound mark. Mention also needs to be made here that there have been no Indian cases vis-a-vis enforcement of sound marks till date.

d) Colour Marks

A land mark case in this regard is the Libertel case wherein the ECJ stated that “an abstract colour per se cannot be presumed to constitute a sign. Normally a colour is a simple property of things. Yet it may constitute a sign. That depends on the context in which it is used.”

It is also worth mentioning that if a colour is held functional for any product, then it cannot be registered. For instance, in the Saint Gobain case, it was help that purple does not just help in distinguishing the glass from other products and that it served a functional purpose.

Colour mark is still in its nascent stages in India. A crucial obstacle facing registration of single colour marks in India is the objection u/S.9(1)(a) of the Trade Marks Act 1999 as per which single colour marks are per se held to be devoid of any distinctive character, the reason being that single colours are easily available in the public domain and are part of numerous trade signs. Thus Indian law requires careful analysis along with concrete evidence exhibiting a factual distinctiveness for registration of a single colour. However, there are contradicting judicial decisions in this regard. For instance, in Colgate Palmolive Company v. Anchor Health and Beauty Care Pvt. Ltd.11, the court held that a single colour is entitled to protection under the law of passing off. But in Cipla Ltd v. M.K. Pharmaceuticals12, it was held that the single colour is not a trade mark and is incapable of protection under the law of passing off. It is also worth mentioning that in Dabur India Ltd v. Shree Baidyanath Ayuved Bhawan Pvt Ltd.13 and  Seven Towns Ltd. and Ors v. Kiddiland and others14, the Delhi High Court recognized the principle laid down in Colgate. Thus there is ambiguity and inconsistency surrounding single colour trade marks in India. However a silver line in the horizon is the ruling in the Cadbury case in UK pertaining to the colour purple.15 This might have some influence over common law countries like India.

A combination of colours however is registrable under the Trade Marks Act. Section 10(1) categorically states that

“A trademark may be limited wholly or in part to any combination of colours and any such limitation shall be taken into consideration by the tribunal having to decide on the distinctive character of the trademark”.

The applicant claiming a particular combination of colours must clearly specify so on the application form along with the exact description of the colour combination as per the International Classification system of colours. The 2017 Rules of Trademark (Rule 26(2)) also require reproduction of the trademark in a combination of colours.

Judicial decisions in this  direction are galore. In the Colgate case for instance the Court held that a combination of colours was a trademark under the Act. Moreover in Deere & Co and Ors v.. S.Harcharan Singh and Ors.16, a petition was filed for registration of its yellow and green colours along with the word mark JOHN DEERE and the leaping deer logo, all of which were held to be capable of being registered. However in the case of Britannia Industries Ltd v. ITC Ltd.17 where it has been alleged that the yellow and blue colour combination of ITC’s Sunfeast Farmlite Digestive All Good Biscuit had been copied by Britannia’s Nutri Choice Digestive Zero Biscuit, Delhi High Court opined that ITC was not entitled to an interim injunction as it had failed to prove that this colour combination had become a badge of its goodwill.

d) Movement or Motion Marks

A motion mark comprises of a moving logo, a symbol, a video, a name etc. Computer programmes and animation software help in creating motion marks. The most well known of these marks is Microsoft’s animated sequence of colored dots swirling to form its logo Another classic example is Toyota Motor Corporation’s advertisement which included a freeze frame that saw action jumping into the air at the end of an advertisement accompanied by the catchphrase “Oh What a Feeling”.  Needless to say, the right sequencing of images while depicting the series of movements is critical.

As is amply evident, an application for registration may be rejected if the motion depicted is functional to the good in question. A classic example is the rejection by EU’s OHIM of Lamborghini’s attempt to register its door motion “Lambo doors”.

Movement marks of various goods or services can be recorded in the form of a video and submitted to the Registry as they would satisfy representation in “digitized form” as required by Rule 2(k). However the Trademark Act in India does not define a motion mark. Graphical representation of such marks is also difficult as an appropriate representation of motion mark will include movement of the particular word, logo, symbol etc., of the mark along with the sound which is hard to be represented in written form. Thus motion mark in India per se cannot be presented for registration, but has to be presented as a combination of marks to the Registrar. The strict scrutiny is perhaps the reason why there have not been any instances of application for registration of such marks in India. This is in striking contrast the situation in the US where, for instance, the trademarks of Motion Pictures, 20th Century Fox Movies, Columbia Pictures are registered as motion marks and are widely known.

e) Shape marks

Unique shapes of certain goods like the coke bottle or the triangular shaped Toblerone chocolate always indicated to consumers that it originated from a particular company like the Coca Cola or the Mondelez International. But the concerns with shape marks are

a)  The shape itself may serve to perform a technical function

b)  Shapes may also be protected by design law.

 The landmark case as regards the former concern is Koninkhjke Philips v.Remington wherein the ECJ had to decide whether an electric shaver that is shaped like an equilateral triangle with three heads containing a clover leaf plate design can be granted trade mark protection. Philips which had been marketing its three header electric shaver called phillishave had registered the graphical representation of the shape and configuration of the head of the shaver as a trademark on the basis of use. Remington began to manufacture and sell its DT55 Shaver a three headed rotary shaver whose blade heads were arranged in an equilateral triangle similar to that used by Philips. Philips sued Remington for infringement of its trademark and Remington counter claimed for revocation. The High Court ordered revocation. It held that the mark lacked distinctive character and consisted exclusively of a sign which served to designate intended purpose of the goods and of a shape that was necessary to obtain a technical result. Court of Appeal after staying referred the matter to the European Court of Justice, which in turn gave its opinion on the four issues raised by the Court of Appeal.  The Court stated that a sign consisting exclusively of the shape of a product is unregistrable by virtue thereof if it is established that the essential functional features of that shape are attributable only to the technical result.

Further in Lego Juris A/S v. OHIM (The Office of Harmonisation for the Internal Market and Mega Brands), the ECJ was required to decide whether Lego brick was performing a technical function and as such should not be granted a shape mark. Lego argued that the brick had non-functional characteristics and such should be granted trademark protection. But the Court opined that the Lego brick has a rectangular shape and that the projections on the top perform technical function and as such it cannot be granted a trademark.

In the Indian context, the definition of trademark clearly seeks to protect shape marks. In fact, shape of goods receives recognition as a TM u/S.2(1) (m) and 2(1)(zb). However shape marks also have to meet the conditions of distinctiveness and graphical representation.  Moreover, Section 9(3) of the Trade Marks Act 1999 sets forth three scenarios wherein shape marks would not be allowed the benefit of protection. If the shape attained is due to the nature of goods, then it will not be granted trade mark protection. An example is round shape for a tennis ball. Further if the shape attained is necessary so as to perform a technical result, then as per S.9(3)(b) the shape will not be granted trade mark protection. This clause is similar to the decisions in Koninkhjke Philips v. Remington and in Lego Juris A/S v. OHIM. If the characteristics of an article were meant to perform a function regardless of the fact that there were non-functional traits it may not be granted protection. S.9(3)(c) of the Act excludes shapes that can be protected under patent or design law.

Indian courts have been more or less consistent in their judgments with regard to shape as a trade mark. In Lilly ICOS LLC and Anr. v. Maiden Pharmaceuticals Ltd.18 wherein it has been alleged that the almond shape of the plaintiff’s product had been copied by the defendant, the Delhi High Court passed judgment in favour of the plaintiff as it was of the opinion that the defendant had adopted such shape with deceptive intent. Moreover in Gorbatschow Vodka K.G. v. John Distilleries Ltd.19 the Bombay High Court held the shape of the plaintiff’s vodka bottles to be a trade mark and granted them an injunction against the defendants.

Conclusion

In recent years, trade mark registries have grappled with applications for silhouettes, scents, tastes, texture, short cartoons, body movements and even Tarzan’s yell as trademarks.  As the WIPO Secretariat has noted, “the diversity of signs which enterprises seek to develop as trade marks and to use in the marketplace shows that trade mark law is subject to a dynamic process.” Question such as how to adequately flatten out and represent a sound, scent or texture using words and drawings have been answered in various jurisdictions – the Yahoo registration in India being a classic case study. Read with the fact that trade mark registration systems have historically developed around paradigmatic subject matter, reconciling the conflicting imperatives calls for an overhaul of certain basic assumptions surrounding this area of IP.

Mention also needs to be made here of the discomfort generated by over-broad applications and the range of techniques used by registries and courts in response thereof – an aspect explored by various decision makers in the Dyson litigation.20 Through this application, we see the requirements of a sign (or presumably “mark” in the Indian context)- graphical representation, inherent and acquired distinctiveness and functionality all explored as methods for excluding problematic subject matter. The highlight of the decisions in Dyson is the unease that  surges through them driven by the prospect of allowing the applicant to gain a potentially permanent legal monopoly in a functional concept for vacuuming technology.

The greatest need for using non traditional trademarks arises because market-savvy companies want to design and advertise their products in such a manner that it appeals to the consumer’s aesthetic sense. But there are some underlying problems with the nature of such marks. For instance, it should not be forgotten that non conventional marks are remarkably unsteady badges of origin and are rarely used without additional word or figurative marks to back them up. No manufacturer of mineral water is likely to do away with the company name or brand and rely solely on the shape of the bottle when selling the product.

The Indian experience vis-a-vis unconventional marks has not been a saga of success. There is not a single case of registration of sensory marks (such as smell, taste and touch) in the country. Perhaps India can take a leaf out of the laws of some developed countries and enact necessary provisions in the existing statutes as well as update scientific measures.  A word of caution is needed here – the American approach of “anything goes” attitude seems to be completely unsuited to the Indian legal environment. At the same time the Sieckmann approach of Europe which ensures the courts adopt a stringent test may push out cases where business competition and consumer base expansion warrant use of such marks. The need of the hour is to widen the horizons to provide a robust and flexible structure within which we can allow the gradual evolution of this area so that Indian trademark law can catch up with modern marketing techniques.

(End Notes)

1.   WIPO Secretariat, Trademarks and their Relation with Literary and Artistic Works (SCT/16/5) Sep.1, 2006.

2.   Dev Gangjee, Non Conventional Trademarks in India, National Law School of India Review, 2010 Vol22(1).

3.   P. Manoj, Yahoo Awarded India’s First Sound Mark; Nokia in queue, Live Mint, August 22,2008; Yahoo !  Yodels into India’s Trade Mark Registry; Managing Intellectual Property Weekly News Sep 01,2008.

4.   IA7356/2006,High Court of Delhi,13July 2006,H.R.Malhotra J.

5.   Trademark Rules 2002, Rule2(k).

6.   Paul Leo Carl Torremans,”Trademark Law: Is Europe Moving Towards an Unduly Wide Approach for Anyone to Follow the Example?” (2005)10 Journal of Intellectual Property Rights 127.

7.   John Lewis of Hungerford, UK Application No.2000169.

8.   R.Burrel and M.Handler, Making Sense of Trade Mark Law, IPQ388(2003).

9.   Institut pour la Protection does Frangrances (IPF)’s Community Trade Mark Application, (2005) ETMR 42.

10.Scentography: the camera that records your favourite smells, The Guardian June 28,2013.

11.(2003) DLT 51.

12. (2007) (36) PTC 166 Del.

13. (2012) (51) PT 441) Del.).

14..            (2016) (68) PTC 308 (Del.).

15. Societe des Products Nestle SA v. Cadbury UK Ltd. (2012) EWCH 2637 (Ch).

16. (2015) (63) PTC 433 (Del.).

17. (2017) (70) PTC 66 (Del.).

18. 2009 (39)PTC  666 (Del.).

19. 2011 (47)PTC 100 (Bom.).

20.Dyson Ltd v. Registrar of Trade Marks (C-321/03)[2007] ETMR34(European Court of Justice).