As patent researchers, we know that the actual contents of our searches—the search terms, the records we view, and even the names of our work files—can be highly sensitive information.

But are we doing everything we can to protect this sensitive data as we do our searches over the internet?

HTTP, or Hypertext Transfer Protocol, is the basic protocol for communicating over the World Wide Web. The protocol allows websites (and the associated web servers) and web browsers to establish connections and transfer information.

HTTP is the default mode of communication on the web. This is beginning to change, and groups such as the Electronic Frontier Foundation are pushing for such change, but HTTP is still the dominant method of information transfer between websites and web browsers.

Plain HTTP presents at least two problems for security-minded researchers.

HTTP traffic is unencrypted… and much of it is cleartext

“Cleartext” is a telecommunications term that refers to text that can be read and understood by ordinary humans without additional processing. Because HTTP traffic is unencrypted, much of it is sent as cleartext.

This means that potentially sensitive information—your login credentials, your search parameters and other identifying text—is sent in a manner that could be read easily by someone who intercepts or eavesdrops upon your connection—if you send it via HTTP.

In shared networks such as those found in public wi-fi hotspots, HTTP-only connections are particularly vulnerable.

If your network is visible to those with the appropriate tools and access, ordinary HTTP communications are readable to anyone with the ability to capture and view the information. If these are people you trust, you may not have a problem, but given the sensitive nature of patent searches, do you want to merely hope for the best?

Unauthenticated servers

In addition, HTTP does not require authentication of the servers providing the information to the web browser. Communications sent via ordinary HTTP are more susceptible to “man-in-the-middle” attacks—interception or even modification of information by malicious agents.

What is HTTPS, and why is it better?

HTTPS, also referred to as HTTP Secure, HTTP over TLS (Transport Layer Security, the newer protocol), or HTTP over SSL (Secure Sockets Layer, the original protocol), is a way of protecting information transferred between clients and servers over the World Wide Web.

HTTPS improves the security, privacy and integrity of HTTP communications by encrypting communications between clients and servers while also requiring that servers provide authentication credentials to identify themselves.

HTTPS is thus designed to give us greater confidence that:

  • the website we are talking to is the one we think we are talking to
  • that others cannot easily read the communications we send to the websites we visit
  • the traffic that passes between our web browsers and servers will not be tampered with by a third party

HTTPS is the protocol we expect to see used whenever we conduct financial transactions over the web. However, it is also the protocol that more and more security and privacy experts are recommending for all our communications over the web.

Extending the use of HTTPS to our activities as patent researchers serves us and our clients, and our commitment to HTTPS also shows our clients our commitment to their information privacy and security.

The catch, however, is that it is not always easy to “Go HTTPS” for every site we visit.

If you are a LexisNexis® TotalPatent® user, “going HTTPS” for your search session is, in fact, as easy as one simple click. Just check the checkbox beside the text “Use a Secure Connection (SSL) for Entire Session” when you sign in, and you will use HTTPS for your entire session. Note that your login credentials are always sent via HTTPS.

However, HTTPS is not always a given. HTTP is still the default mode for many websites, including websites as prominent for patent researchers as the USPTO’s own website—at least as of 8월 21, 2015; check the United States Government’s Pulse Website at for the USPTO’s current status.

So think about your go-to intellectual property research sources. Do you know which ones offer you the option to search via HTTPS? Do you know which ones offer no such option at all?

These are questions worth thinking about. And HTTPS? Definitely: an option worth demanding.

Related Content

Improve your Prosecution Efficiency: How to Automate Office Action Responses – Webinar Recordi... Listen as David Stitzel, IP Solutions Consultant at LexisNexis IP, demonstrates how the Office Action Response tool can help you gain back time spen...
Setting the Tone of Prosecution with Patent Analytics There is no perfect formula for prosecuting a patent, but there is plenty of information out there that can be used to help anticipate a patent examin...
Patent Litigation and “The Ice Cream of the Future” Dippin’ Dots are enjoyed around the world. The delicious ice cream pellets can be found most commonly at amusement parks and have been known to hit th...

By continuing to use the site, you agree to the use of cookies. Cookie Policy

이 웹 사이트의 쿠키 설정은 "쿠키 허용"으로 설정되어 최상의 브라우징 환경을 제공합니다. 쿠키 설정을 변경하지 않고 이 웹 사이트를 계속 사용하거나 아래의 "동의"를 클릭하면 동의하는 것입니다.