Requirements regarding user account names in view of eOwnership rights in ePCT
Q. Our law firm would like to start using ePCT for handling our PCT applications as we are impressed by the number of useful functions that it provides. One of my associates created a WIPO user account for this purpose and uploaded his digital certificate to authenticate it for ePCT private services. However, when he submitted eOwnership requests to the International Bureau (IB) to confirm online secure access to our international applications, those requests were refused because the First Name and Last Name indicated for the user account was not the name of an individual but the name of our law firm, Johndoe Lawyers, as follows: First Name: Johndoe; Last Name: Lawyers. The name of the firm was indicated as there are several attorneys in our firm who will require shared access to these PCT applications in ePCT. Can you please clarify why the name of an individual is required?
A. It is recalled that by using the ePCT system (private services), you can submit online requests for different actions that you would like to take in relation to an international application, for example, you can submit a demand for international preliminary examination for transmittal to the IPEA, or a withdrawal. You can also review the most up-to-date bibliographic data and documents contained in your application, including those that have not yet been published, as well as certain documents that are not publicly available in PATENTSCOPE after publication (for example, documents relating to international preliminary examination). Any person who needs to access ePCT (private services) to view and perform actions on the contents of an international application should have his/her own digital certificate and WIPO user account. The IB’s security approach for ePCT private services is that user accounts must be in the name of natural persons, so that each action taken is traceable to an individual person. In the case of your law firm, the recommended procedure is for each person who is going to be involved in filing and managing those applications to create his/her own user account and to authenticate it with his/her own digital certificate, which is available free of charge from WIPO. Note that it is not possible for the same digital certificate to be uploaded to more than one user account – digital certificates should not be shared.
Once each person has a user account in his/her own name and associated with his/her own digital certificate, you can establish eHandshakes between your accounts in order to indicate to the system that your accounts are associated. It is then recommended that you all set up default access rights on the eOwnership screen, where you can specify to which eHandshake associates access rights will also be automatically attributed when you are confirmed as the eOwner for an international application (see below):
Using this function, you will avoid having to assign access rights to your associates each time you are confirmed as eOwner for an international application, either by indicating an eOwnership code at the time of filing an international application using compatible software (currently PCT-SAFE, eOLF and ePCT-Filing, which is in pilot phase) or by submitting an eOwnership request to the IB. The above instructions are recommended for ensuring the optimum level of security and integrity when using ePCT private services.
As far as the delivery of notifications is concerned, please note that you should not associate a generic e-mail address with your ePCT user account, as an e-mail address can only be associated to one ePCT user account. Therefore, if you use the generic e-mail address of your company or department, others will not be able to associate that same generic e-mail address with their ePCT account. Furthermore, all ePCT notifications relating to that account will be sent to that generic e-mail address, including e-mails concerning the actual user account itself, such as a forgotten password or username, so this may represent a security issue. It is therefore strongly recommended that an individual or personal e-mail address be specified, and not one that can be accessed by other individuals.
For further information on obtaining digital certificates, see: