[Code of Federal Regulations] [Title 37, Volume 1] [Revised as of July 1, 2008] From the U.S. Government Printing Office via GPO Access [CITE: 37CFR384.5] [Page 756-757] TITLE 37--PATENTS, TRADEMARKS, AND COPYRIGHTS CHAPTER III--COPYRIGHT ROYALTY BOARD, LIBRARY OF CONGRESS PART 384_RATES AND TERMS FOR THE MAKING OF EPHEMERAL RECORDINGS BY BUSINESS ESTABLISHMENT SERVICES--Table of Contents Sec. 384.5 Confidential information. (a) Definition. For purposes of this part, ``Confidential Information'' shall include the statements of account, any [[Page 757]] information contained therein, including the amount of royalty payments, and any information pertaining to the statements of account reasonably designated as confidential by the Licensee submitting the statement. (b) Exclusion. Confidential Information shall not include documents or information that at the time of delivery to the Collective are public knowledge. The Collective shall have the burden of proving that the disclosed information was public knowledge. (c) Use of Confidential Information. In no event shall the Collective or any other person or entity authorized to have access to Confidential Information pursuant to paragraph (d) of this section use any Confidential Information for any purpose other than royalty collection and distribution and activities directly related thereto. (d) Disclosure of Confidential Information. Access to Confidential Information shall be limited to: (1) Those employees, agents, attorneys, consultants and independent contractors of the Collective, subject to an appropriate confidentiality agreement, who are engaged in the collection and distribution of royalty payments hereunder and activities related thereto, who are not also employees or officers of a Copyright Owner or Performer, and who, for the purpose of performing such duties during the ordinary course of their work, require access to the records; (2) Board members of the Collective, and members of Collective committees whose primary functions are directly related to royalty collection and distribution, subject to an appropriate confidentiality agreement and for the sole purpose of performing their duties as board or committee members of the Collective, as applicable, provided that the sole confidential information that may be shared pursuant to this paragraph (d)(2) is confidential information contained in monthly statements of accounts provided pursuant to Sec. 384.4(f) that accompany royalty payments; (3) An independent and Qualified Auditor, subject to an appropriate confidentiality agreement, who is authorized to act on behalf of the Collective with respect to the verification of a Licensee's royalty payments pursuant to Sec. 384.6 or on behalf of a Copyright Owner with respect to the verification of royalty distributions pursuant to Sec. 384.7; (4) Copyright owners whose works have been used under the statutory license set forth in 17 U.S.C. 112(e) by the Licensee whose Confidential Information is being supplied, or agents thereof, subject to an appropriate confidentiality agreement, provided that the sole confidential information that may be shared pursuant to paragraph (d)(4) of this section are monthly statements of account provided pursuant to Sec. 384.4(f) that accompany royalty payments; (5) In connection with future proceedings under 17 U.S.C. 112(e) before the Copyright Royalty Judges, and under an appropriate protective order, attorneys, consultants and other authorized agents of the parties to the proceedings or the courts; and (6) In connection with bona fide royalty disputes or claims that are the subject of the procedures under Sec. 384.6 or Sec. 384.7, and under an appropriate confidentiality agreement or protective order, the specific parties to such disputes or claims, their attorneys, consultants or other authorized agents, and/or arbitration panels or the courts to which disputes or claims may be submitted. (e) Safeguarding of Confidential Information. The Collective and any person or entity identified in paragraph (d) of this section shall implement procedures to safeguard all Confidential Information using a reasonable standard of care, but no less than the same degree of security used to protect Confidential Information or similarly sensitive information belonging to such Collective, person, or entity.