27 Jul 2017 Communication is Key: AgTech and Big Data
A Growing Industry
With a decreasing labor supply, increased demands for year-round food, transparency in the supply chain, and environmental sustainability have precipitated the growth of the AgTech industry. This phenomenon—discernible on a global scale—has been most evident in California, which is well-known for its large agricultural market. Silicon Valley, in particular, is the hub for both large venture capital and technology startup communities. Working in collaboration with these entrepreneurial communities in Silicon Valley, farmers and growers have been able to implement and utilize technologies to increase crop yield, conserve resources, and automate manual labor to meet the increasing demand for nutritious, safe foods.
The introduction of precision agriculture into traditional farming practices has yielded a plethora of technologies, such as weather monitoring software, GPS soil sampling, remote sensors, drones, autonomous vehicles, and control and management systems. For example, remote sensing technology can help determine a variety of queries, including what factors may be stressing a crop at a specific point in time to estimating the amount of moisture in the soil. GPS soil sampling produces data that can be used to determine seeding and fertilizer quality. Farmers may choose to incorporate any or all of these technologies into their farming practices to improve their accuracy, farm efficiency, and to help manage costs.
According to a 2014 Survey by the American Farm Bureau Federation (the “2014 Farm Bureau Survey”), the use of precision technology has reduced the cost of seed, fertilizer, and pesticides by an average of 15% and increased crop yields by an average of 13%. More than half of the survey respondents who are actively farming indicated that they plan to invest in new or additional precision and data technology in the next year or two. In light of the increased interest within the farming community to incorporate technologies into farming practices, AgTech startups and companies have developed various types of hardware and software applications. Regardless of the different types of technology being used, however, they all share one particular trait: They all collect data.
Applications of Data in the AgTech Industry
Today, massive volumes of data can be analyzed and used for decision-making in a variety of different sectors. The AgTech industry, in particular, utilizes large amounts of data to inform farming practices. Different levels of data are being collected by Agriculture Technology Providers (“ATPs”), which are technology companies that provide the hardware, software, and data analytics services for farmers adopting technology into their farming practices. Such levels of data include site-specific data, metadata, and big data. Site-specific data includes information about seeding rates, soil nutrients, fertilizer, pesticides, and water. Metadata includes information about the number of acres in a farm, the different inputs being applied, and the types of crops that are being studied. Big data includes aggregated data from numerous farming operations on different farms, which can then be used to inform farming practices. The term “farm data” is used to collectively refer to all of the aforementioned data.
While farmers acknowledge the importance of storing the data collected from their farming operations, for both recordkeeping purposes and real-time analysis, most have expressed distrust towards ATPs. The 2014 Farm Bureau Survey shows that most farmers remain wary of risks involved in big data collection. A majority are concerned that others could use their farm data for commodity market speculation without their consent. This distrust of ATPs largely stems from questions of data ownership, accessibility, and protection.
Data Ownership and Rights
There is a consensus in the farming community that data collected directly from a farm is owned by the farmer. However, who owns the farm data that is being analyzed and generated by ATPs for the farmers using their services? This issue, as a matter of law, has yet to be resolved by Congress. Currently, farmers are left to their own devices and must rely on the terms included in service contracts with ATPs.
In ATP service contracts, both the ATP and farmer want to include a license for the ATP to use the data collected from the farmer’s operations. The scope of such data rights is determined by the bargaining power of both parties. Naturally, farmers want to keep the scope of the license narrow, limiting the ATP’s right to use the farm data only to the extent necessary to provide services to the farmer. ATPs, on the other hand, may want to obtain broader licensing rights to use the data for any purpose. However, most farmers would likely disagree with these terms. Attorneys representing either side should be mindful of this issue, and may negotiate the scope of the license to permit the ATP to use the farm data to improve its services as part of a reasonable commercial agreement.
A rather contentious issue with respect to farm data rights is the scope of the ATP’s right to use anonymous and/or aggregated data. Anonymous or aggregated data, in the agricultural context, is data collected from a farm that is stripped down and anonymized so as not to include identifying or proprietary data. Such data is then combined with data from other farms, which is utilized by the ATPs to provide farmers solutions, recommendations, and insights to inform their farming practices. Although the farmer owns the underlying data, it is unclear whether such data still belongs to the farmer when it is mixed with data collected from other farms or external sources. In fact, solutions, recommendations, and insights gleaned from such data lie with the ATPs. Naturally, ATPs will desire to obtain a broad, perpetual license to use anonymous or aggregated data. Farmers, on the other hand, perhaps should aim to limit the scope of such usage to grant ATPs limited access, or no access, to proprietary farm data.
Attorneys negotiating commercial contracts on behalf of their clients, including farmers and ATPs, should also be mindful of the fact that different categories of data are not created equal. In other words, more sensitive data (e.g., personal data) may oblige the holder and processor of such data to comply with stricter laws and regulations, as opposed to less sensitive data (e.g., land data) that may not be accorded any protection pursuant to U.S. laws or regulations. These obligations to protect data generally fall on the ATP; however, other types of data could be categorized as trade secrets and would obligate the farmer to follow certain standards to retain trade secret protection. Regardless of whom the attorney is representing, having properly defined terms in place for different categories of data may prevent both sides from being obligated to comply with stringent regulations and standards.
Data and Privacy Security Laws and Regulations
Although a majority of farmers are concerned with unauthorized access to their farm data, there are currently no federal or state privacy or data security laws in place to specifically protect such data. Most federal and state data privacy laws solely address the protection of personal information, which is information that identifies a natural human being (e.g., first and last name, social security number, etc.). The Federal Trade Commission Act (the “FTC Act”), although not specifically tailored to protect the individual’s privacy and data security, grants the FTC broad enforcement authority to prohibit unfair or deceptive business practices involving the collection, use, processing, protection, and disclosure of personal information. According to the FTC, a business’ failure to take reasonable and appropriate steps to protect personal information is an unfair act or practice that constitutes a violation of the FTC Act.
Over the years, the FTC has brought enforcement actions against businesses failing to (i) comply with statements in their posted privacy policies; (ii) encrypt personal information while it was in transit or stored on in-store networks; and (iii) employ sufficient measures to detect unauthorized access or conduct security investigations. Although the FTC Act does not specifically address farm data, it may give the FTC authority to bring enforcement actions against ATPs that mishandle personal information or lack reasonable and appropriate data security procedures and practices. Unfortunately, farm data currently does not fall under the FTC’s classification of personal information, with the exception of an individual farmer’s name and address.
State data privacy laws, like their federal counterparts, address the regulation of personal information. California, in particular, is a pioneer in the data privacy arena, enacting several data privacy laws that have far-reaching implications on the national level. For example, the California Online Privacy Protection Act requires operators of commercial websites and online services that collect California residents’ personally identifiable information to conspicuously post their privacy policies. California’s Data Breach Notification law requires businesses and governmental agencies which collect unencrypted personally identifiable information to notify California residents of data security breaches. These laws, in conjunction with other California data privacy laws, have provided more extensive protection of personally identifiable information for California residents. Farm data, so far, has not been included as ‘personally identifiable’ under California laws.
One may ask why farm data has not been accorded protections under federal and state privacy laws. The main reason for this discrepancy stems from the underlying policy of such laws’ intent to protect individuals’ highly sensitive information. Farm data, such as information about seeding rates or inputs, is not highly sensitive information that can identify natural humans. This data is more accurately categorized as sensitive business information.
Due to the lack of legislative safeguards in place for the protection of farm data, many farming collectives have banded together to come up with data security standards for ATPs to comply with. The American Farm Bureau Federation’s Privacy and Security Principles of Farm Data outline key provisions that should be incorporated into ATP service contracts, such as easy-to-understand language, explicit consent provisions requiring ATPs to obtain affirmative consent from farmers to use their data, transparency of data collection, adequate processes for farmers to retrieve their own data, restrictions on the sale or disclosure of farm data to third parties, and reasonable security safeguards to protect against risk, loss, or unauthorized access to farm data. As of 2016, at least 39 organizations and ATPs have affirmed these principles. Although these principles do not necessarily carry the force of law, ATPs looking to establish trust and transparency within farming communities should take care to implement them.
Big data is not a passing fad. Its potential for optimizing efficiency and resource conservation in the fields, and its ability to inform and improve current farming practices, has prompted farmers to incorporate data-collecting and analytical technologies into their farms. Although the benefits of its usage likely outweigh the risks, farmers and ATPs should work together to ensure reasonable contractual and procedural safeguards are in place to prevent the unauthorized access, disclosure, loss, and destruction of valuable farm data.
Because there are currently no federal or state laws specifically addressing protection for farm data, privacy protections generally arise from contractual obligations. Although agriculture is known to be a “handshake” industry, it is vital for farmers using ATP services to be well-informed regarding the importance of having a formal agreement. Access to proper information regarding data security principles and practices will help dispel farmers’ distrust towards ATPs and elevate them to a higher bargaining position. In doing so, farmers and ATPs will have equal footing, thus providing for a more cohesive and collegial ecosystem for both communities.
 See Remi Schmaltz, What is Precision Agriculture?, AgFunder, https://agfundernews.com/what-is-precision-agriculture.html (last visited Jul. 25, 2017).
 American Farm Bureau Federation, American Farm Bureau Survey Shows Big Data Use Increasing, Big Questions Remain, American Farm Bureau Federation, http://www.fb.org/newsroom/american-farm-bureau-survey-shows-big-data-use-increasing-big-questions-rem (last visited Jul. 25, 2017).
 See Todd Janzen, Is Farm Data a Trade Secret? Janzen Agricultural Law LLC, http://www.aglaw.us/janzenaglaw/2015/9/30/is-farm-data-a-trade-secret (last visited Jul. 25, 2017)(breaking the definition of a trade secret into its five core elements and applying them to farm data).
 See American Farm Bureau Federation, American Farm Bureau Survey Shows Big Data Use Increasing, (77.5% of farmers surveyed said they feared regulators and other government officials might gain access to their private information without their knowledge or permission).
 See Ieuan Jolly, Data Protection in the United States: Overview, Thomson Reuters, https://uk.practicallaw.thomsonreuters.com/6-502-0467?transitionType=Default&contextData=(sc.Default)&firstPage=true&bhcp=1 (last visited Jul. 25, 2017).
 See Federal Trade Commission, Privacy & Data Security Update (2016), Federal Trade Commission, https://www.ftc.gov/reports/privacy-data-security-update-2016 (last visited Jul. 25, 2017).
 See Joel B. Hanson, Liability for Consumer Information Security Breaches: Deconstructing FTC Complaints and Settlements, 4 Shidler J.L. Com. & Tech. 11, May 23, 2008, available at https://digital.law.washington.edu/dspace-law/bitstream/handle/1773.1/412/vol4_no4_art11.pdf?sequence=1.
 Consumer Federation of California, California Online Privacy Protection Act (CalOPPA), Consumer Federation of California, https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/ (last visited Jul. 25, 2017).
 See Lothar Determann, New California Data Security and Breach Notification Requirements, Bloomberg, https://www.bna.com/new-california-data-n57982067883/ (last visited Jul. 25, 2017).
 See American Farm Bureau Federation, “Privacy and Security Principles for Farm Data,” American Farm Bureau Federation, http://www.fb.org/issues/technology/data-privacy/privacy-and-security-principles-for-farm-data (last visited Jul. 25, 2017).
 Id.Disclaimer: This blog and website are public sources of general information concerning our firm and its lawyers, as well as the information presented. They are intended, but not promised or guaranteed, to be correct, complete, and up-to-date as of the date posted. This blog and website are not intended to be, and are not, sources of legal opinion or advice. The materials, information, and communications on this blog and website do not apply to any particular person, entity, or situation, and do not apply to you or to your specific situation. You will need to consult with an attorney and/or other appropriate professional about your specific situation. Thank you.