19 minute read

The 90/10 rule

Everyone talks about data rights (even when they mean rights in data). There is much less conversation about data custody — who actually has the thing, where it sits, and what that means.

This matters because of an asymmetry that most commercial discussions skip over: custody matters most when rights are weakest. If you have strong IP rights — a patent, a registered trade mark, a clear copyright — and use is visible, you can normally enforce those rights. Sue for infringement, get an injunction, it doesn’t matter who has the copy. But when rights are weak or non-existent — which is the case for most raw data, and arguably for a lot of what’s inside AI models — then custody is the power. Whoever has the thing controls the thing.

The boxes

The first kind of property is the obvious kind. You hold the thing. A coin, a painting, a barrel of oil. Custody is physical. Property rights are inherent — they exist just because the thing exists. You don’t need to register them or create them. The barrel is yours because you have it, until someone proves otherwise. English law calls this a chose in possession — literally, a thing you possess.

Then people realised that being owed something was itself a kind of asset. A debt, a share, an insurance claim — you don’t hold anything, but you have a right to demand something from someone. The asset is a legal relationship, not a physical object. You can’t pick up a debt and put it in your pocket, but you can enforce it in court. David Graeber set out that debt was a pre-cursor to money, so the ‘claim against someone having value’ concept is very old. In the second century, Gaius classified these as res incorporales — incorporeal things. Bracton received that idea into English law in the thirteenth century as the chose in action: a thing you can only claim by action, not by taking physical possession.

These two categories did an extraordinary amount of work. In 1885, Fry LJ declared there was nothing else: “All personal things are either in possession or action. The law knows no tertium quid between the two.” 💬Colonial Bank v Whinney (1885) 30 Ch D 261, 285. Fry LJ was dissenting in the Court of Appeal, but his view was upheld by the House of Lords. That dictum hardened into orthodoxy. For over a century, everything had to go in one of the two boxes.

Then the boxes started creaking. In 1987, the Privy Council dealt with export quotas that didn’t fit either category (Nai-Keung). In 2015, the Court of Appeal saw a “powerful case” for recognising a third category for intangible information (Your Response v Datateam). The courts were circling a problem they could see but hadn’t yet been forced to name.

Then came bitcoin. And it didn’t fit.

What rights actually attach to

In “Data is the new oil” I set out a hierarchy: information, data, a copy of data, and rights in data. That hierarchy is useful here too, because it shows where the law gives you something to enforce, and where it doesn’t.

Thing	Protectable rights?	What custody gives you
Information (bare facts — the FA Cup score, the base rate, how much rain fell)	None. No IP rights in facts about the world.	Custody is the only control. Once someone has a copy, there is no legal basis to restrict use unless there’s a contract.
Data (recorded/structured information)	Maybe. Database right if there was substantial investment in obtaining, verifying or presenting it. Copyright if the selection or arrangement of the database was original.	The rights attach to the database, not the data. Only if a human did something original or substantial. Most raw data has nothing.
The medium (hard drive, server, paper)	Yes — traditional property (chose in possession).	Clear physical custody, but a red herring when data can be copied off the medium without diminishing the original.
Software (code)	Copyright — well established. Code is a literary work.	Custody of source code gives practical power beyond the legal right. Trade secrets, competitive advantage, the ability to modify.
Crypto assets	Third category — the Property (Digital Assets etc) Act 2025. Neither possessed nor owed.	Custody is the asset. “Not your keys, not your coins.” Control of the private key is the entire relationship.
AI model weights	Probably nothing. No copyright (machine-generated, not expressive). No database right in the US (doesn’t exist) or UK (wrong jurisdiction). Trade secrets and contracts only — both dependent on custody.	The open question is not what rights exist. It’s what happens when they don’t.

The row I’m going to go on to talk about is the last one. But before getting there, it’s worth understanding why Parliament created the third box — because the reason tells you what might come through the door next.

The third box

A bitcoin is not a chose in possession — you can’t hold it, touch it, or point at it. It has no physical manifestation. But it’s not a chose in action either — nobody owes you anything. There is no counterparty. No bank holds a balance on your behalf. No company has issued a share. You are not owed a debt.

What you have is a cryptographic secret — a private key — that gives you control over an entry in a distributed ledger. You don’t hold anything physical. You’re not owed anything by anyone. You know a secret that gives you control.

In AA v Persons Unknown [2019], Bryan J held that bitcoin was property — without needing to decide whether it was a chose in possession or a chose in action. But the reasoning left a tension. Was bitcoin property because it was a chose in action after all? Because property law admits a third category? Or was the whole thing a mistake — bitcoin simply isn’t property? More cases followed, each agreeing that bitcoin is property, none fully consistent on why.

The Law Commission — a national treasure, an independent body that keeps the law under review and recommends reform where it is needed — consulted on the classification of digital assets against this property framework. All 549 pages of it are a great read, full of the history and context and tensions. I led on drafting a response to that consultation when I was at Deloitte Legal (page 446 here).

The consultation recommended a third category of personal property: things that are neither possessed nor owed, but that exhibit certain qualities that make them property-like. Parliament agreed. The Act that followed skipped all that detail in an elegant one-pager — my favourite consultation-to-legislation ratio of 549:1 — that says a thing is not prevented from being property just because it is not a chose in possession or a chose in action. 💬Of course it’s very unfashionable to talk in Norman French these days, so the legislation uses thing instead of chose.

In the meantime, cases were still arriving in the courts. In D’Aloia v Persons Unknown [2024] — handed down literally one day after the Bill was introduced to Parliament — the High Court reached the same conclusion at full trial, and noted that its reasoning “aligns with” the new Bill. The courts were building the law in real time. Parliament confirmed it.

The Law Commission went further in its final report: Fry LJ’s dictum that there was no tertium quid, it said, “is almost certainly no longer correct (to the extent it ever was).” That parenthetical — to the extent it ever was — feels quite Whiggish though.

Not proper property

And then Yuen v Li [2026] — the first case to apply the Act — showed why calling something ‘property’ is only half the story. This is where the murkiness and opaqueness of English litigation history really becomes relevant. In researching this essay, I uncovered this banger from Sir John Salmond, penned in 1905 💬JW Salmond, ‘Observations on Trover and Conversion’ (1905) 21 LQR 43, cited in OBG Ltd v Allan [2007] UKHL 21 at [223]:

“Forms of action are dead, but their ghosts still haunt the precincts of the law. In their life they were powers of evil, and even in death they have not wholly ceased from troubling. In earlier days they filled the law with formalism and fiction, confusion and complexity, and though most of the mischief which they did has been buried with them, some portion of it remains inherent in the law of the present day. Thus if we open a book on the law of torts, howsoever modern and rationalized, we can still hear the echoes of the old controversies … and we are still called upon to observe distinctions and subtleties that have no substance or justification in them, but are nothing more than an evil inheritance from the days when forms of action and of pleading held the legal system in their clutches.

In no branch of the law is this more obvious than in that which relates to the different classes of wrongs which may be committed with respect to chattels. In particular the law of trover and conversion is a region still darkened with the mists of legal formalism, through which no man will find his way by the light of nature …”

In Yuen v Li, the claimant’s estranged wife had allegedly stolen 2,323 bitcoin from his cold wallet by covertly recording his seed phrase. He sued in conversion — the strict liability tort for interfering with someone’s property. Attractive, because conversion doesn’t require you to prove fault. Salmond’s ghosts were however also in the courtroom. Cotter J struck the claim out. Bitcoin is property, yes. But conversion is a tort for tangible things — chose in possession. The Act creates a third category, but it doesn’t import the remedies that attach to the first. You can own bitcoin as property. You cannot, in the common law, have it converted.

The claimant wasn’t left without remedies — he could proceed on proprietary restitution, constructive trust, unjust enrichment. But those are equitable claims, not common law torts. They require different things to be proved and give different relief. Being recognised as property is necessary but not all property is the same. The custodial architecture — the cold wallet, the seed phrase, who physically held the device — determines also who has practical power. The legal architecture hasn’t yet built remedies that match.

Cotter J left a door open, noting that “a discrete cause of action drawn by analogy with conversion” might yet emerge for wrongful interference with third-category things. That’s the law reaching for something it doesn’t yet have a name for — a tort of digital custody interference, perhaps.

The important structural observation across all of this is that the how you hold it caused the what it is to change. The legal category had to be invented because the custodial relationship was fundamentally new. Custody of a cryptographic key is a different relationship between a person and a thing than holding a coin or being owed a debt. The architecture of custody drove the architecture of property law — and it is now driving the architecture of property remedies.

The law has periodically stretched the incorporeal-property idea to absorb new forms of value — from Gaius placing obligations among res incorporales in the second century, through Bracton’s reception of that idea into English law as the chose in action in the thirteenth, through to the 2025 Act. Each stretch reshapes what can be owned, transacted, and enforced. Yuen v Li suggests the next stretch will be in remedies, not just classification.

Custody before digital

Even before any of this, the gap between “who has the thing” and “who has the right to the thing” needed legal machinery. The history of that machinery is worth knowing, because the same structural tensions keep recurring.

Bailment is one of the oldest legal concepts in English law. You give someone your thing to hold — your coat to a cloakroom, your goods to a warehouse. They have custody. You have ownership. The bailee has obligations: can’t use it, can’t damage it, can’t refuse to return it. This is not a contract (though it often accompanies one). It is a relationship that arises from the custodial fact itself. The law recognised, centuries ago, that holding someone else’s thing creates obligations whether you agreed to them or not.
Bank deposits are the case where most people’s intuitions are wrong. You think you own the money in your bank account. You don’t. Legally, it is the bank’s money — they owe you a debt. That was established in Foley v Hill in 1848 and it has been the law ever since. Your “custody” of the money is an illusion. You have a chose in action (the debt), not a chose in possession (the cash). The money in your account is yours in the same way an IOU on a napkin is, a debt you can action to recover the money behind it.
Gold in the New York Fed vault. Dozens of foreign central banks store their gold reserves in Manhattan. Physical custody is in New York. Ownership is in Berlin, London, Tokyo. Everyone understands the separation because you can see the cage with your country’s name on it. The gold doesn’t move when it changes hands — they just update which cage it’s assigned to. The custodial arrangement works because the thing is physical, visible, and auditable. You can send someone down to count the bars.
Art in freeports. Billions of dollars of art sits in storage facilities in Geneva and Luxembourg. The owner might be in London. The tax treatment depends on where the thing physically sits — not where the owner is. Custody is geographical, and the geography determines the economics. A painting in a Geneva freeport is in a different tax universe than the same painting hanging on a wall in Mayfair, even if the owner is the same person in both cases.
Bills of lading. A piece of paper that represents goods. You can trade the paper without moving the goods. The document stands in for physical presence. When this emerged, it was revolutionary — the first widely used mechanism for separating custody of the representation from custody of the thing represented. The ancestor of every digital token.
Nominee shareholding. You “own” shares, but a nominee is on the register. Custody of legal title sits with the nominee. Beneficial ownership sits with you. The system works because there are legal rules (trusts, primarily) that govern the relationship between the person on the register and the person with the economic interest.
Escrow. A third party holds a copy of something, to release it if conditions are met. The escrow agent has custody but no ownership and no right to use the thing. A pure custodial relationship — all duty, no benefit.

The pattern across all of these is the same: when custody and ownership separate (whichever way), you need legal and commercial architecture to manage the gap. Bailment. Trust law. Warehouse receipts. Nominee arrangements. Escrow agreements. Each is a technology for bridging the distance between the person who has the thing and the person who has the right to the thing, or a duty in respect of it.

Digital custody

Digital custody has properties that physical custody never had. They cut both ways.

Where digital custody can be stronger

Zero-knowledge proofs let you prove you have something without revealing it. More precisely, you can prove properties of data — that it meets a threshold, that it’s valid, that it hasn’t been tampered with — without giving anyone access to the data itself. Custody and disclosure are fully separated for the first time in history.
Blockchains replace physical control with distributed consensus. Nobody “holds” a bitcoin. The network agrees who controls it. Custody is a state in a ledger, not a relationship with a physical thing. Architecture replaces trust. You don’t need to trust a custodian — you need to trust the mathematics and the consensus mechanism.

Where digital custody can be weaker

Harvest now, decrypt later. State actors are collecting encrypted traffic today expecting that quantum computers will break the encryption in 5-15 years. Someone has custody of encrypted data they can’t read yet. Is that custody? It’s a bet on future compute. Physical custody doesn’t have this property. Nobody can “harvest” your locked safe and wait for a future lockpick to be invented.
PRISM and interception. The Snowden disclosures revealed that governments had access to data ostensibly in the custody of technology companies. The companies were nominal custodians. The state had practical access through the architecture. Unlike physical theft, interception doesn’t remove the original — so the custodian doesn’t even know their custody is compromised. You can intercept data without anyone noticing. You cannot steal a painting without the owner noticing the empty wall.
RIPA section 49. The state can compel you to hand over encryption keys. Failure to comply is a criminal offence — up to 5 years for national security cases. Your digital custody is conditional on the state’s forbearance. The private key that gives you control is also the private key the state can demand you surrender.
Post-quantum vulnerability. Current public-key encryption (RSA, elliptic curve) will be breakable by sufficiently powerful quantum computers. The timeline is uncertain — maybe 10 years, maybe 30 — but the mathematical fact is not disputed. Custody based on cryptographic control is only as durable as the mathematics. The architectural basis of digital custody has a shelf life.

The spectrum

Digital custody runs from “you definitely have it” to “you think you have it but others might also have it without you knowing.” That spectrum doesn’t exist for physical things. Either someone has your painting or they don’t. There is no state in which a third party has a copy of your painting without your knowledge while you continue to believe the original is safe on your wall.

The takeaway is: the certainty of custody is itself uncertain. Physical custody is binary. Digital custody is probabilistic.

Where this goes — AI models

This brings us to the row in the table that had question marks. And the answer, once you work through it, is not that model weights need a new category of property. It is that they probably have no IP protection at all — and that custody is therefore the entire game.

The rights that don’t exist

Start with what a trained model actually is. Billions of numerical parameters — floating-point weights — produced by running an optimisation algorithm over a training corpus. A structured representation of learned patterns. That sounds a lot like a database. And database law is well settled, at least in the UK and EU: if there was substantial investment in obtaining, verifying, or presenting the contents, a sui generis database right attaches.

But almost nobody trains frontier models in the UK. The database right requires the maker to be established in the UK or EEA. If training happens in California — which is where it does happen — the right doesn’t attach. And even if it did, the BHB v William Hill distinction matters: database right protects investment in obtaining contents from third-party sources, not in creating new data. Model weights don’t exist before training. They are created by the process. The investment is in creation, not obtaining.

And the US? The US has no database right. Congress tried to create one four times between 1996 and 2003. Every bill failed — constitutional concerns after Feist v Rural Telephone [1991], First Amendment objections, opposition from the science community and the tech industry. No bill has been introduced since 2004. The idea is legislatively dead.

Copyright? In the US, no. Model weights are machine-generated numerical parameters — billions of floating-point numbers produced by an optimisation algorithm minimising a loss function. No human selected or arranged the individual values. The US Copyright Office has been explicit: human authorship is a bedrock requirement (Thaler v Perlmutter [2023]). The weights are not “original works of authorship” under 17 U.S.C. section 102(a). They encode a learned function — a “process” or “system” excluded by section 102(b). No expression, no author, no copyright.

The UK is more interesting. The CDPA has an unusual provision — section 9(3) — that grants copyright in “computer-generated” works where there is no human author. The author is deemed to be “the person by whom the arrangements necessary for the creation of the work are undertaken.” A lab that assembles the training data, designs the architecture, provisions the compute, and launches the training run has a plausible claim to be that person. The UK is one of very few jurisdictions where machine-generated output can attract copyright at all. 💬The provision dates from 1988, when Parliament was thinking about computer-generated databases and compilations. Whether it stretches to cover LLM weights is untested.

But this is academic twice over. First, nobody trains frontier models in the UK — the data centre capacity isn’t there. Training happens in the US, where section 9(3) doesn’t exist. Second, even if someone did train in the UK, they would face a problem the US labs don’t: the UK has no commercial text-and-data-mining exemption. Section 29A of the CDPA permits TDM only for non-commercial research. Training a commercial model on copyrighted material without licences would be infringement. The government proposed a broader exemption in 2022, consulted on it, and then shelved it after rightsholder opposition. The one jurisdiction whose copyright law might protect model weights is the one where you can’t practically or lawfully train them.

Patents? You can patent a novel model architecture or training method (subject to the Alice eligibility hurdles). But you cannot patent the specific weight values. They are the output of a known process applied to specific data. That is not an invention. 💬There are interesting developments in the UK on patenting software methods for LLM training, but that protects the method, not the resulting weights.

So what actually protects model weights? Two things, neither of which is a property right.

What protects them instead

Trade secrets. The US Defend Trade Secrets Act (2016) and the Uniform Trade Secrets Act (48 states) protect information that derives economic value from not being generally known, provided the holder takes reasonable steps to maintain secrecy. Model weights qualify easily: enormous economic value, maintained behind API access controls, NDAs, and physical security. The DOJ has already prosecuted AI trade secret theft — a Google engineer was charged in 2024 for stealing over 500 files containing TPU architecture and ML model details (United States v Linwei Ding).

Trade secret law does have reach beyond the thief. Under the DTSA, anyone who uses a trade secret while knowing, or having reason to know, that it was derived from misappropriation is liable — even if they are several steps down the chain. If Bob steals Alice’s model weights and passes them to Charlie, and Charlie knows or should know the provenance is tainted, Alice can get an injunction against Charlie. It ain’t the end of things: the law follows the taint, not just the theft. 💬Alice, Bob, and Charlie are the traditional placeholder names in cryptography, as Blackacre is in property law. It felt right.

But compare that with a patent or a copyright. If Charlie infringes Alice’s patent, Alice sues Charlie. She doesn’t need to prove how Charlie got access, what Charlie knew, or whether Charlie acted in good faith. Infringement is infringement. The right runs against the world. Trade secret protection is structurally weaker in two ways.

First, the evidential burden is harder. Alice must prove that Charlie knew or had reason to know the secret was misappropriated. That means tracing the chain of custody, establishing what Charlie knew and when, and showing the taint. With a patent, you show the patent and the infringing product. With a trade secret, you are litigating the knowledge and conscience of the defendant — a far harder case to make, especially when the secret has passed through multiple hands.

Second, and more fundamentally, trade secret protection can be permanently and irreversibly destroyed — and property rights cannot. Release the weights — as Meta did with Llama — and the trade secret evaporates instantly. It cannot be restored. Once the secret is public, every subsequent user is a good-faith acquirer. Reverse engineering is an express defence. Independent development is a complete defence. You cannot accidentally destroy a patent by leaving the specification on a train. But you can destroy a trade secret by losing custody of it for a single moment. The protection is only as strong as the custodial architecture that maintains the secrecy.

And sometimes the destruction is the strategy. Meta released Llama’s weights deliberately — not a custody failure but a custody move. Commoditise the weights layer so nobody can charge for it, while retaining custody of the training pipeline, the data flywheel, and the social graph that feeds both. You don’t need custody of the thing if you have custody of the inputs to the next version of the thing. Destroying trade secret protection at one layer to consolidate power at another is a play the existing legal categories don’t capture well.

Contracts. API terms of service that prohibit model extraction and distillation. Employment agreements with confidentiality clauses. Licensing terms for open-weight models that restrict downstream use. These bind the parties to the contract — but they don’t bind anyone else. A contract is a relationship between specific people. It doesn’t run with the thing.

In England, there is a freestanding equitable doctrine of breach of confidence (Coco v AN Clark [1969]) that can protect confidential information without a contract. The US doesn’t have this — the UTSA preempts common law confidentiality claims in most states. What remains is trade secret law and contract.

The picture is not that model weights are entirely unprotected. It is that the protection is custodially contingent in a way that property rights never are. A patent holder who loses custody of the patented device still has the patent. A trade secret holder who loses custody of the secret has nothing. That asymmetry is the whole point.

What this means for custody

So model weights sit in a familiar place. Not a new category that needs a third box. An old gap — the same gap that bare facts and raw information have always occupied. No IP right attaches. The only protection comes from architecture (keeping the weights secret) and contract (binding the people you give access to).

When there are no property rights, practical power flows from who has the thing:

On-premise versus cloud deployment is a live commercial question in every AI deal. Where the model runs determines who can access it, audit it, modify it, extract value from it. This is not a technical detail. It is the custody decision that determines practical power. A client running a model on their own infrastructure has the thing. A client accessing the same model through an API has a contractual relationship. If the relationship ends, the API client has nothing. The self-hosted client still has the weights. (In practice, encryption and lower level control can make private cloud IaaS closer to ‘on-prem’ than to SaaS)
Fine-tuned models create a custody puzzle. The base model provider has custody of the base. The fine-tuner has custody of the delta. If the fine-tuner has a copy of the full weights, they have practical custody of the whole thing — and no IP right prevents them from keeping it after the contract ends. If the fine-tuning happened through an API, they have custody of nothing except a contract. And model distillation complicates this further: a client with only API access can extract functional custody of the model’s capabilities into a smaller model they control, without ever touching the original weights. The provider’s terms of service prohibit this. But that prohibition is a contract — and as we’ve seen, contracts don’t run with the thing.
Custody of weights is custody of a wasting asset. The frontier moves every 12-18 months. Today’s state-of-the-art weights are tomorrow’s commodity. But the party with custody of the deployed model also acquires a valuable derivative: the usage data. Every prompt, every correction, every preference signal feeds back into training the next model, which attracts more users, which generates more data. Custody compounds. The weights depreciate; the feedback loop appreciates. This is why the custody question that matters most in an AI deal is not “who has the weights?” but “who has the data that makes the next weights?”.
Confidential computing and multi-party computation offer a way to let someone use your data or your model without giving them custody. Process data without seeing it. Run inference without exposing the weights. Custody and use separated. This matters enormously, because in a world without IP rights, controlling custody is controlling use. Confidential computing is the architectural substitute for the property right that doesn’t exist.

The mirror image — what happens when you have rights but not custody

Everything above is about the model-holder’s position: weak rights, so custody is everything. But the training data rightsholders are in the mirror-image position. They had strong rights — copyright, database right, the full armoury of IP — and they gave up custody. They published their work. They put it on the internet. They relied on their rights to protect them.

That reliance turned out to be fragile, because the party who acquired custody used it to build something that became too embedded to unwind.

Google Books. Publishers had copyright. Google scanned millions of books without permission, acquiring custody of the corpus. Fought the lawsuits for a decade. Won on fair use. By the time the legal questions were resolved, the scanned corpus was infrastructure. The rights existed throughout. Custody determined the outcome.
LLMs and Books3. Authors had copyright. Models were trained on potentially infringing material. But the models are now embedded in productivity, education, healthcare, legal work. Shutting them down would be disproportionate — and the law is reshaping around them, not the other way round. This always happens when a fait accompli becomes infrastructure.
Uber. Cities had regulatory authority. Uber broke taxi licensing laws, city after city, establishing custody of the rider relationship. Became so embedded that cities changed the laws rather than banning the service.

The pattern is the same in each case. The rightsholder relied on rights — property or relational — instead of controlling custody. The party who acquired custody built on top of it until enforcement became disproportionate. Then the rightsholder was left negotiating the terms of a reality they didn’t choose. Rights set the terms of the deal. Custody set the power dynamic. 💬I am not setting out an opinion here on the moral stance of product development as a means of legal reform. Laws are not perfect — they keep changing them — and improving them is a social good. But deliberately breaking the law to establish a fait accompli is a different thing from building something that exposes a gap. Breaking the law, good laws and bad ones, should be a last resort in the face of tyranny.

This is sharpest for AI training data, because training is a one-way function. The data goes in. The trained capability comes out. The original data is not meaningfully recoverable from the weights. If the model never outputs verbatim copies, how does anyone prove infringement? That is why New York Times v OpenAI focused on verbatim reproduction — because verbatim output is the only smoke that makes the infringement visible and provable. Without smoke, there is no practical enforcement, regardless of what the rights say on paper. The New York Times is not suing to shut OpenAI down. They are suing to get a seat at the table. The outcome will be a commercial deal — licensing, revenue share, attribution — not an injunction.

The iron rule is this: if you have rights but not custody, your rights are a negotiating position. If you have custody but not rights, your custody is the position. The model-holder who keeps the weights behind an API has practical power. The rightsholder who published a book and now objects to how it was used has a lawsuit. Both are real. They are not equal.

The punchline

“Possession is nine-tenths of the law” has been true for centuries because the person who has the thing has practical power regardless of paperwork. In the digital world, the equivalent of “possession” is access and control — determined by architecture (encryption, API keys, cloud infrastructure, deployment model) as much as by contract.

The commercial architecture and the technical architecture are inseparable. That is why custody, not just rights, needs to be at the centre of any data or AI deal.

The 2025 Act cracked open a third box for crypto because the custodial relationship didn’t fit the existing categories. Model weights are a different problem. They don’t need a new box. They sit in the oldest gap of all — the gap where no IP right exists, where bare facts live, where the only protection is keeping hold of the thing. The state could create a new right. It hasn’t. And until it does, the commercial architecture being built now — the custody arrangements, the API access terms, the deployment decisions being negotiated today — will be the architecture the law inherits when it finally arrives.

It usually is.

Share on

Twitter LinkedIn