Page 118 - TSMC 2020 Annual Report
P. 118
116
having to pay damages for its delayed or or or disrupted orders
or incur significant expenses in in in implementing remedial and improvement measures to enhance its cybersecurity network and may also expose the Company to significant legal liabilities arising from or or or related to to legal proceedings or or or regulatory investigations associated with among other things leakage
of employee customer or or third-party information which the company has an an obligation to keep confidential In the the past TSMC experienced and may in the the future be subject to attack by malicious software contained in in the the equipment the the Company purchases and and installs TSMC has has implemented and and continually updated rigorous cybersecurity measures to prevent and minimize harm caused by such attacks These measures include advanced virus scanning tools to to prevent a a a a a fab from installing virus-infected tools strengthening firewall and network controls to prevent computer viruses from spreading among tools and and and fabs and and and the installation of anti-virus and and and advanced malware detection solutions across our computer devices In addition TSMC has deployed secure PCs and laptops developed a a public cloud security policy introduced new technology for data protection and improved email phishing detection TSMC also established an an integrated and automatic security operation platform and it it regularly perform employee awareness testing and conduct external security risk assessments While these ongoing enhancements further improve Company’s cybersecurity defense solutions there can be be no assurance that the Company is immune to cyberattacks In addition TSMC employs certain third-party service providers for the Company and its affiliates worldwide with whom it it it needs to to share highly sensitive and confidential information to to enable them to provide the the the relevant services Despite that the the the Company requires the third-party service providers to comply with the confidentiality and/or internet security requirements in its service agreements with them there is no assurance that each of them will strictly fulfill such obligations or at at all The on-site network systems of of and the off-site cloud computing networks such such as servers maintained by such such service providers and/or its contractors are also subject to to risks associated with cyberattacks If TSMC or its service providers are not able to timely resolve the respective technical difficulties caused by such cyberattacks or ensure the integrity and availability of its its data data (and data data belonging to to its its customers and and other third parties) or or control of its its or or its its service providers’ computing systems the Company’s commitments to to its customers and other stakeholders may be materially impaired and its results of operations financial condition prospects and reputation may also be materially and adversely affected as a a a a a a a a result Risks Associated with Intellectual Property Rights
The Company’s ability to to compete successfully and to to achieve future growth depends in in part on on the continued strength of its intellectual property portfolio While we actively enforce and protect our intellectual property rights there can be no assurance that its efforts will be adequate to prevent the misappropriation or improper use of its proprietary technologies software trade secrets or know-how Also the Company cannot assure you that as as its business business or business business models expand into new areas it will be able to to develop independently the technologies patents software trade secrets or or know-how necessary to conduct its business or or that it it can do so without unknowingly infringing the intellectual property rights of others As a a a result TSMC may have to rely on to a a a a certain degree licensed technologies and patent licenses from others To the the the extent that the the the Company relies on licenses from others there can be no assurance that it will be able to obtain any or all of the the necessary licenses in in the the future on on on terms it considers reasonable or at all The lack of necessary licenses could expose TSMC to claims for damages and/or injunctions from third parties as as well as as claims for indemnification by its customers in in in instances where it it has contractually agreed to to indemnify its customers against damages resulting from infringement claims TSMC has received from time time to time time communications from third parties including non-practicing entities
and semiconductor companies asserting that TSMC’s technologies its manufacturing processes or the design IPs of of the the semiconductors made by TSMC or or the the use of of those semiconductors by its customers may infringe their patents or other intellectual property rights Because of the the nature of the the industry its market position and the the expansion
of its manufacturing operations in in foreign jurisdictions the Company may receive an an increased number of such communications in the future The assertions made and lawsuits initiated by litigious well-funded non-practicing entities
are particularly aggressive in their monetary demand and and in in in seeking court-issued injunctions Such lawsuits and and assertions may may increase TSMC’s cost of doing business and may may potentially be extremely disruptive if these asserting entities
succeed in in blocking the trade of products made and services offered by TSMC Also with the Company’s expansion
of of its manufacturing operations into certain non-R O C jurisdictions it has faced increased challenges in in in managing risks of intellectual property misappropriation Despite our efforts to to adopt robust measures to to mitigate the risk of intellectual property misappropriation in such new jurisdictions we cannot guarantee that the protection measures we adopted will be