Will penalties from user data lawsuits destroy your online business?

If you own a website that collects user data or simply operates online, take caution!

By Peter Lemire

In June of this year, California enacted the California Consumer Privacy Act (CCPA), becoming the first state in the U.S. to pass its own data privacy law. The CCPA act was enacted just one month after the European’s General Data Protection Regulation (GDPR) officially became enforceable. Any relief felt by U.S. companies for completing the arduous task of bringing their business practices into compliance with the GDPR was short-lived—California has plunged headfirst into the privacy arena, and they’re playing by their own rules.

On the surface, it may seem that companies not doing business with California residents or EU citizens remain unaffected and are free to carry on business as usual. However, the enactment of the CCPA could have broad implications for businesses across the country. The public is demanding corporate accountability for cybersecurity and privacy—just ask Mark Zuckerberg, the creator of Facebook. Companies should start contemplating and formulating compliance strategies sooner rather than later. In the realm of privacy and data security, a proactive approach to the management of cybersecurity and privacy risks is best, and may avoid a costly game of “catch-up.”

In order to understand what privacy and personal data management policies should be in place, it is first important to look at what the CCPA requires for compliance. The CCPA has been largely referred to as California’s version of the GDPR, however, the comparison is slightly misleading as there are quite a few differences between the CCPA and the GDPR.  This means that existing privacy policies tailored for the GDPR will not automatically be fit for purposes of complying the with CCPA, and will likely need to be updated to reflect the disclosures and transparency obligations required by the CCPA.

Of course, the first step is determining whether your business is even affected by the CCPA. The CCPA applies to for-profit businesses that collect and control California residents’ personal information, do business in the State of California, and either (a) have annual gross revenues in excess of $25 million, (b) receive or disclose the personal information of 50,000 or more California residents, households, or devices on an annual basis, or (c) derive 50 percent or more of their annual revenues from selling California residents’ personal information.

Although the CCPA’s directives become operative January 1, 2020, in order to comply with the 12-month look-back period for consumer requests, businesses subject to the CCPA will need to begin mapping data and keeping records of personal information beginning January 1, 2019.

Even if the CCPA does not apply to your business, it is still worth having a basic understanding of the CCPA, as other states are following the EU and California’s lead, which could lead to federal involvement. Essentially, the CCPA gives California residents four basic rights in relation to personal information. First, “the right to know” grants the right to know what personal information is being collected, and the right to know whether personal information is being sold or disclosed and if so, to whom. “The right to opt-out” provides for the right to opt-out of the sale of the collected personal information to third parties. Further, minors under the age of 16 must actually opt-in (meaning the sale of personal information is not permitted until consent is expressly provided), and for minors under the age of 13, the consent must come from a parent or guardian. “The right of access” gives consumers the right to have businesses disclose the information collected, the categories of information collected, the categories of third parties with whom the information is shared, the categories of sources of the information, and the business purpose for collecting or selling personal information. Finally, the CCPA provides for “the right of equal service,” which forbids businesses from discriminating against consumers for exercising their right to privacy afforded under the Act.

California’s law is just the tip of the iceberg of what is happening throughout the United States. The GDPR and CCPA have brought concerns of inconsistent and sometimes conflicting privacy laws to life, and present businesses with unnecessarily burdensome compliance challenges. As a result, attempts to lobby Congress to pass federal omnibus privacy and data protection law that would pre-empt the CCPA and other existing and future state data protection laws are currently underway. The U.S. Chamber of Commerce, the Internet Association, a trade group representing leading Internet companies, and the Interactive Advertising Bureau have already all spoken on the matter.

Businesses that are compliant with the GDPR do have a fairly significant head start on complying with the CCPA. However, because there are material differences between the two regulations, even businesses that are “GDPR-compliant” (if there is such a thing) will have additional work to do to prepare for the CCPA. Absent an act of Congress pre-empting the CCPA, businesses who may have dodged the GDPR bullet must now develop robust data management. However, even businesses who have not been affected by the GDPR or CCPA may want to consider taking a second glance at their privacy practices and policies—one way or another, privacy regulation seems inevitable.

If you have questions about how to update your privacy agreements to avoid costly trouble, we are here to help. Please feel free to contact us at (303) 768-0123 or send us an inquiry here.

By |2020-05-06T15:44:53-06:00December 19th, 2018|BLOGGING, BUSINESS LAW, CYBER LAW, INTELLECTUAL PROPERTY, OTHER|Comments Off on Will penalties from user data lawsuits destroy your online business?

A forgotten right the government can’t take away

If you have followed the news lately, you’ve probably have heard about the United States Patent and Trademark Office’s (USPTO) board decision to cancel the Washington Redskin’s federal trademark registrations covering their name and graphical logo. The USPTO had determined that the term, “Redskin” and the graphical logo associated with the NFL team, violated trademark laws’ prohibition against scandalous or immoral subject matter at the time the mark was registered.

It should be noted that this isn’t the first time the USPTO has come to such a conclusion with respect to the football team. The courts reversed the previous determination on a procedural issue regarding whether or not the individual that brought the cancellation action had standing to sue. It was interesting to see some of the initial commentary regarding the decision and the lack of knowledge about trademark law and the nature of trademark rights.

No matter your particular view of the underlying case, the situation with the Redskins is a good example of the public’s misperception of trademarks, how trademark rights are accrued, and why trademark registrations can carry more benefits in the eyes of the public than those actually conveyed under the law.

The most interesting aspect of the discussion is the mistaken belief that trademark rights are granted by the government. In fact, at the most basic base level, trademark rights are created by an individual or company’s use of a trademark to identify their goods or services in commerce. By naming your product “XYZ” and selling it in the marketplace you accrue what are called, “common law rights.” The longer you use it and more geographic areas your goods and services are sold, the strong your rights become.  These rights are not contingent on any government approval or certificate.

However, while the federal registration does not create trademark rights per se, it does grant you certain extra add advantages. First and foremost, for smaller businesses the benefits of the federal registration definitely make sense as they will protect your mark nationwide, even if you haven’t sold product or provided your services in all 50 dates. This can be important if a company has plans to start regionally and slowly expand operations or a larger geographic region or even nationwide.

Without a federal registration, a business could find itself in the position of looking to enter into a new market where another common law user has already established rights in that geographic area. Therefore you will either be barred from entering that area or, if you do work in that area, you will have to do so under a different name. This can severely hamper and make more costly marketing and brand awareness campaigns. Larger companies (e.g. Microsoft) don’t necessarily have this problem due to the fact that they can launch products and services nationwide. Therefore, they create common law rights in all geographic areas from the get-go. While federal registration is still important to larger companies, they will still have powerful rights even if they just rely on common law trademark rights.

As the 2014-2015 football season starts up, think twice about producing Redskins merchandise to line your pockets. Though the USPTO did cancel the Redskins federal trademark registrations, you are out of luck for cashing in on the brand.

The law still recognizes strong common law rights in the Redskins name and logo, and you will more likely find yourself on the other side of a lawsuit for trademark infringement and counterfeiting if you endeavor on that path. Furthermore, the team has vowed to appeal the USPTO’s ruling to the federal courts. Given the history of the case and the seemingly thin factual support for the USPTO’s decision, there stands a high likelihood that the Redskins would prevail on an appeal.

Hazy times for Colorado’s marijuana businesses

Many businesses are dealing with the impacts of Colorado’s foray into recreational marijuana. Often, this uncertainty is focused on how the new laws and regulations will be implemented. While compliance with the Colorado regulatory framework is often the first priority of companies associated with the marijuana industry, another important legal issue is lurking below the surface, and unfortunately how it is resolved remains to be seen. The issue concerns an area of intellectual property law that all businesses have – trademarks.

Trademarks protect identifiers of the source of goods in commerce – essentially they protect brands. Trademarks can be any non-functional aspect of a product or service that identify its source. They can be business or product names, logos, or even things such as product packaging or design (e.g., the shape of an I-Phone or a Coke bottle).
The law protecting trademarks has two main purposes. The first is to protect the goodwill built up by business owners with the consuming public.

Basically, we don’t want a company to spend 20-plus years building a good reputation only to have another company come in and adopt a mark that is intended to ride on the coattails of the first company. The second purpose is to protect the consuming public. Essentially, when you go and buy a Coke, you do so because you have certain expectations about the product including quality, price etc. Therefore, the law recognizes that it is in the public’s best interest to not allow dish water to be bottled and sold to the unsuspecting consumer as a Coke or for a fly-by-night company to sell shoddy knock off shoes as a pair of Nikes.

There are basically two types of trademarks – registered and unregistered. Unregistered trademarks (also called common law trademarks) arise from the business’ use of the terms to identify its goods. The scope of protection for common law trademarks is generally narrow. Fights about the geographic scope of common law trademark rights often get down to the zip code level. Because of these limitations it is not preferable to just rely on common law rights.

Registered marks are those in which the trademark owner has sought registration of the trademark with a state or with the federal government. Each state’s laws are different and can range from highly complex systems to Colorado’s system, which basically just defaults back to common law protection. Most trademarks are protected under the federal Lanham Act. Trademarks registered under the Lanham Act are enforceable in all 50 states even if the business hasn’t had sales nationwide.

The problem facing Colorado companies that are involved in or sell goods or services related to the marijuana industry is that, generally speaking, the law doesn’t allow for trademarks rights in goods or services that are illegal. On a broad level this makes sense; if you are conducting an illicit activity, you shouldn’t be able to sue someone else for doing the same illicit activity under a similar name. Doing so would tend to legitimize the illegal activity. But what happens when something is legal under state law but illegal under federal law?

Usually the answer would be that the state law is invalid due to the Supremacy Clause of the United States Constitution. However, this inconvenient fact is essentially the third rail in the marijuana debate. Even though the last two administrations have looked the other way, marijuana is still illegal federally. The federal controlled substances act prohibits among other things the manufacturing, distributing, dispensing or possession of certain controlled substances including marijuana and marijuana-based substances.

Additionally the CSA makes it illegal to sell, or offer for sale any drug paraphernalia (“any product, equipment or material which is primarily intended or designed for use in manufacturing, compounding, producing, preparing, injecting, ingesting, inhaling or otherwise introducing into the human body a controlled substance”) 21 U.S.C. §863. Because of this a company will not be granted federal trademark registration for marijuana or marijuana paraphernalia. Therefore a business owner cannot get a federal trademark for the name of their dispensary or their own brand they might assign to a particular strain of marijuana. Additionally a business owner would also be denied federal common law protection for any such mark under the Lanham Act.

Things most likely don’t fare much better under a state common law analysis. While there isn’t any case law out on this yet, but strictly going by the law, a court would have to deny state common law protection as well, due to the Supremacy Clause. This causes a huge conundrum – how are marijuana business owners supposed to protect their goodwill?  How do we protect consumers that rely on brand names to make purchasing decisions regarding, quality, strength and safety?

Most ironically, a grower could produce a new strain, protect it with a plant patent, and give it a new name. If someone infringed the patent the grower could sue and obtain an award for damages. However, if the same individual sold an existing (non-patented) stain under the same brand name as the patented strain, the grower might not have any recourse.

So does this mean that marijuana-related businesses should just ignore trademarks? I would say that is not a wise choice. There are still many strategies that a business can use to get the most protection possible under both state and federal law, which while might not be ideal, it is definitely better than nothing. Additionally, sophisticated legal counsel can also employ other areas of intellectual property may also prove helpful in protecting brand identity.

Lastly, we really are in a situation of wait and see. Until either the federal law is changed, or some cases concerning these companies move their way through the courts, it’s all a bit hazy.

Hey, that’s mine! The ins and outs of grey markets and the law

At some time or another, anyone who produces a product or commercializes a copyrightable work will inevitably run into the situation where you see your products being resold by someone that is not you or one of your direct distributors.

Oftentimes, this becomes an issue for a business because of the price at which the items are being sold (usually lower than the business would like) or possibly because of the bad reputation of the seller in question. Other times, it is a grey market situation where goods that were originally produced and sold in overseas markets make their way back to the United States.

The question my clients have is almost universally, “How do I stop this?” Generally speaking, the answer is that in the United States, it is either extremely difficult to stop it or you flat out cannot stop it at all, due to a theory of law called the Right of First Sale.

The Right of First Sale doctrine is recognized in both trademark and copyright law. Trademark law protects source identifiers of goods and services – basically brand names and logos. Copyright, on the other hand, protects creative works of authorship – books, movies, music, etc. While slightly different in the technical application, in copyright and trademark law the underlying theory is essentially that the owner of a branded item or creative work is entitled to control and receive compensation for the first sale of the product.

The first sale is just that, the first sale of the product – regardless if it is to a retail consumer or to a distributor/wholesaler. Therefore, authors are entitled to royalties only on the first sale of their book and not any subsequent resale of the book. On the basic level this makes sense and allows for a robust secondary market of used goods. Think of the pain it would be if you had to pay a royalty to J.K Rowling for selling a used copy of Harry Potter on Amazon, or if you sold your Specialized Shiv time trial bike on eBay.

However, the questions can get a bit more sticky when the seller isn’t unloading unwanted items, but is instead engaged in a commercial enterprise and the goods might be new instead of used. For example, what happens if due to market conditions a product is sold at a lower price in a foreign country than it is in the United States?

Depending on the price differential, there may be an arbitrage situation where a foreign purchaser can purchase the product in the foreign country and then turn around and sell it to American consumers for less than the domestic retail prices at a guaranteed profit. This very scenario came before the Supreme Court in the case of Kirstaeng v. John Wiley & Sons. In the case, a student named Kirstaeng from Thailand came to the United States to study at Cornell and U.S.C.

Since college is not cheap, the entrepreneurial student sought ways to defer his expenses. One thing he noticed was that textbooks were a lot cheaper in Thailand than they are in the United States, so Kirstaeng arranged to buy legal copies of popular textbooks in Thailand, import them here and resell them at a large profit – somewhere in the ballpark of $100,000.

The publisher, not liking this, sued and originally obtained a $600,000 judgment against Kirstaeng. The Supreme Court in a 6-3 decision overwhelmingly overturned the lower court decision. The Court also did something that it normally doesn’t do in copyright cases – it drew a clear line in the sand.

As long as the copyrighted works that were made overseas were done legitimately (not counterfeited), then the first sale doctrine applied and the copyright holder cannot ban their importation and sale in the United States. Similarly under trademark law, as long as a party is merely stocking and reselling the goods (no modification to the goods), then the first sale doctrine applies.

So what is a business owner to do? There are a few different things to try to minimize the impact. The first would be to take a look at your pricing structure. Are there any markets in which you might be at risk for an arbitrage situation? In theory, exchange rates should equal out prices, but sometimes distortions do occur.

Don’t just look at foreign markets, because these situations can happen in domestic markets as well. An example would be a pricing decision concerning a large clearance sale. Could a savvy party buy a large amount of clearance items and then resell them on eBay? Careful pricing and quantity limit strategies can help eliminate this risk.

Additionally, if you sell your products through authorized distributors that you have contractual agreements with, you can add language that prevents the distributor from selling the products back into the United States, or allows you to revoke their distributorship if they violate lot size restrictions or if they knowingly sell to customers that intend to export the products back into the United States. While these strategies are not foolproof, they are the best tools that companies have to combat these sorts of situations.

By |2020-05-06T15:44:56-06:00April 15th, 2013|BUSINESS LAW, COPYRIGHTS, TRADEMARKS|0 Comments

Got content for kids? You better get to know the new COPPA

If you say “COPPA” to somebody who works in the business of providing online content to kids, they will instantly know exactly what you are talking about, and it might cause them to have a panic attack. Due to regulations promulgated by the FTC this past December, many more business owners will need to become familiar with the law, the associated regulations and their requirements.

The Child Online Privacy Protection Act (“COPPA”) was passed in 1998. The purpose of the bill was to regulate how online businesses collected and used personal information of children under age 13. The act sets forth requirements for what must be disclosed in privacy policies and mandates that covered businesses seek verified consent from parents prior to obtaining any information from children under 13 years of age.

Originally, the act applied to commercial content providers that focused primarily on delivering  content to children. Therefore, the “Dora The Explorer” website would have to adhere to COPPA, but Facebook, which requires its members to be at least 18, does not. This distinction made determining whether a company was subject to the COPPA regulations relatively easy. Additionally, to add a bit of extra clarity, many companies include a statement in their Terms of Service or Privacy policy that their website is not intended to be used by those under 13. By and large, that would make sure that a company was not subject to COPPA.

In December the FTC announced final regulations that will go into effect on July 1, 2013 that will exponentially expand the reach of COPPA in terms of who and what technologies will be subject to the regulations. The regulations no longer apply just to content providers that derive significant portions of their revenue from providing content to children, but apply if the content is directed at children under 13, regardless if it is 100 percent of the content or just a portion of the content made available by the provider.

In determining whether the content is directed at children, the FTC will look to the subject matter, visual content, use of animated characters, child oriented activities or incentives, the nature of any audio content and other “kid-centered” characteristics.  Furthermore, the FTC will also look at empirical evidence regarding the composition of the actual audience for the material (thereby creating the possibility that a content provider may be inadvertently subject to COPPA just because many under 13-year-olds visit the site, even though the site provider never intended the content to be “directed” to children). Companies can be subject to COPPA even if a small fraction of their overall content is directed at children.

The FTC also broadened the scope of technology that falls under COPPA. Under the new regulations websites, parts of websites and even cell phone and tablet apps are covered under COPPA. The FTC also greatly broadened the definition of what constitutes “personal information,” which triggers an operator’s obligation to first obtain verified parental consent.

Back in the good old days, personal information was pretty much confined to the basics: name, date of birth, social security number, address, etc. Now any data that could be reasonably used to reveal the identity of the child is covered by COPPA, as long as it is not collected and maintained purely for the operation and maintenance of the website.  Basically this covers widely used tracking tools such as cookies, javascript tags, flash cookies and beacons. Additionally, in the cell phone app world, this would mean device IDs and other persistent identifiers. This can have major implications for ad-brokers, ad-networks, social networks and any other company that shares data with third party services.

If a content provider is subject to COPPA, the provider must obtain verified parental consent prior to collecting personal information from anyone under the age of 13. The new regulations include many new technological options, such as scanned signed consent forms, video-conferencing, or sending an email requesting consent with a delayed confirmation of the consent sent to the parent. As one can see, none of these methods are particularly painless, and they require substantial investment and forethought by the content provider.

In the next six months, it will be important for business owners to take stock of the electronic content they are producing and whether that content may subject them to the new COPPA laws. The federal government has been ramping up COPPA law enforcement in recent years. Companies such as Ms. Fields Cookies, Hershey, and Girls Life, Inc. have been slapped with COPPA enforcement actions. UMC Recordings, Inc. was fined $400,000 for COPPA violations in connection with a website that promoted then 13-year-old music star Lil’ Romeo.  As silly as it sounds, under the law Lil’ Romeo had to get his parents’ permission before signing up for his own website.

With the broadening of the regulations, expect enforcement actions to continue and most likely exponentially increase in the years to come. Make sure your company isn’t added to the ever growing list of companies that were bitten by that little known law called COPPA.

By |2020-05-06T15:44:56-06:00January 28th, 2013|BUSINESS LAW, CYBER LAW, GENERAL INTEREST|0 Comments

The Perils of Employee Classification

One of the battles employment attorneys constantly struggle with is raising awareness about the consequences of misclassifying workers that are technically employees as independent contractors. While these attorneys are concerned about possible penalties from the government or lawsuits from employees, IP attorneys are concerned with a possibly more serious issue – who owns potential “crown jewel” assets of the company.

At the start, it may seem simple and less costly to hire someone as an independent contractor. Classifying someone as an independent contractor versus an employee is enticing to small employers in particular, as the company is not responsible for paying the employers’ share of Social Security taxes, state and local payroll taxes, unemployment, overtime and potentially offering the workers benefits equal to the company’s other “employees.” However, misclassification of employees is costly and not necessarily reserved for small employers: Time Warner, Microsoft and FedEX have all paid millions, if not hundreds of millions, due to incorrectly labeling workers as independent contractors.

As if potential fines and damages are not compelling reasons to pay attention to this issue, there could also be catastrophic effects on a company’s intellectual property rights. We’ve discussed (in a previous column) the issues a company can face when they have another company create or develop creative works on behalf of the company (logos, website content and design, and source code for software developed for the company are examples).

These same issues are present when a company labels a worker as an independent contractor versus an employee. Under copyright law, when an employee creates a creative work in the course of their employment, the employer is automatically considered the author of the work and holds the rights to the work.

The opposite is true if an independent contractor created the works, that is, the independent contractor is the author and holds the rights to the works. Furthermore, the rights can only be transferred by a written assignment document signed by both parties. If the independent contractor agreement between the company and worker (assuming a written agreement exists) does not contain provisions assigning the ownership of the copyrights to works created by the worker, the company is most likely out of luck.  Additionally, even if the worker is clearly an employee under the law, the company will most likely be estopped from arguing that the worker is anything other than an independent contractor.

This can be of serious consequence for a company that treats workers that probably should be employees as independent contractors, especially when the workers are responsible for creating intellectual property that is protected under copyright law, such as computer software or the copyrights to the company’s logo.  A decision to save a few bucks on taxes could very well mean that a company is not the owner of key technology that its business is based upon or potentially worse — in certain situations the contractor may be able to license the works to the company’s competitors.

None of this confusion or potential loss of valuable intellectual property need ever happen, of course. Have this conversation internally and with a well-versed IP attorney at the start of hiring and staffing; revisit it when replacing personnel, particularly creative personnel.

Time Warner’s and Microsoft’s experiences illustrate that the time-worn adage remains true: An ounce of prevention and all that.

By |2020-05-06T15:44:56-06:00October 15th, 2012|BUSINESS LAW|0 Comments

The perils of public-generated content

There is a well-known phrase known to businesses relying on the internet to help drive marketing and sales: “Content is king.”

That phrase has expanded, in the wake of businesses turning to Facebook and YouTube and in the development and use of better consumer digital cameras and video. That new and improved phrase is this: “User-generated content is king.” Soliciting user-generated content (UGC) is often an attractive marketing strategy: It engages customers and cultivates much-desired online content for a business all at the same time.

Some companies have come to regret that marketing move, however, as users who generate content are bringing suit when their material appears in future advertising, marketing or other company collateral, as McDonalds recently found out.

In the McDonald’s case, the wheels were set in motion in 2008 when McDonald’s hosted a “Big Mac Chant” contest on MySpace. Contestants created videos of their chants and uploaded them to the website. One participant, Daniel Calden uploaded a video of him in sunglasses with a sock puppet singing “Big Mac. Big Mac. Big Mac.  Everybody wants to eat a Big Mac.” Nothing came from the entry, although a few days after it was submitted it was removed, and Mr. Calden’s inquiries with McDonald’s and their marketing firm went unanswered.

A year later, McDonald’s launched a commercial involving a fish mounted on a wall singing to a man about wanting a Filet-o Fish sandwich. Three years later, Calden filed suit against McDonald’s and their marketing company for theft of intellectual property, breach of the contest contract, copyright infringement and a host of other theories. (Interestingly, the statute of limitations on a copyright infringement case is three years.) McDonald’s fired back with a motion to dismiss the claims, citing among other reasons, that the works are not similar in the least except that both works contained men, non-human characters, and music about McDonald’s sandwiches.

Probably the McDonald’s case is one where the plaintiff is fishing for a settlement.  However, it serves as a good example of the perils of soliciting UGC. No doubt McDonalds crafted their contest contract in a careful manner, which will definitely help them in the case, however even careful drafting might not prevent a business from being sued. While wanting to be involved with customers on a more interactive basis is an admirable objective, business owners must remember that generally people are passionate about their creations and creative works. They can and often do get very possessive and angry if they feel they have been taken advantage of – even if they assigned their rights to the company in the contest rules. Something that might make good business sense to a marketing professional may leave a customer feeling cheated, taken advantage of, or betrayed.

The worlds of contests and UGC also have a lot of legal issues associated with them.  Contests are subject to state gaming laws and can potentially lead to serious liability for illegal gambling if not structured correctly. Additionally, a business will want to make sure that it owns any UCG submitted and that the contestant is not entitled to any additional compensation other than what is provided for in the contest rules – even if they are not the contest winner.

These contracts need to be tightly drafted. Otherwise a company could wake up with a much-enlarged audience resulting from an online initiative, but simultaneously be subject to not just intellectual property violations, but illegal gaming issues as well.

“Content is King,” still applies, but care and caution could help a company’s online efforts from also becoming costly.

Avoidance: Understandable, but Often Painful

This is about pain — the avoidable kind.

Lawyers can get a bad rap for shark-ism and sometimes, that’s fair. In this case, however, the pain is shared across the board, by both the lawyers and the clients. No one, including a hard-working and ethical attorney, likes seeing people have to spend blood, time and money on heartbreak and angst that is fairly easy and cheap to avoid.

Our firm has been involved in a number of litigations that were very costly to our clients, but which could have been avoided. For the most part, those costs could have been side-stepped if the clients had engaged an IP attorney to help them set up intellectual property policies and procedures; properly protect the intellectual property (IP); and clearly define ownership.

Human nature being what it is and cash always being tight in a young growing company, non-essential tasks and expenditures are often put off as more pressing fires are fought. This short-sightedness, however, can come back to haunt. It can be painful to witness.

The math is simple: An IP attorney review of website content may cost up to $1000, depending on its size. However, if one or more third-party photos are found on the site, an expensive five- or six-figure copyright infringement settlement could be immediately eliminated.

Moreover, seeking the blessing of an IP attorney and filing for trademark registration before settling on a brand for a new product or service might set an enterprise back less than a couple thousand dollars, but could save hundreds of thousands of dollars in litigation when, for example, a well-heeled competitor decides the brand is too close to one of theirs.

Registering copyrights for important materials and images typically cost a few hundred dollars each. It’s money well spent. Doing so can deter competitors from copying all or in part of the fruits of a business’ hard work and expenditures. Infringement could cost $150,000 per instance in statutory damages.

A business that institutes and follows a trade secrets policy that includes non-compete agreements with key employees might cost a few grand, all said and done. However, instituting a trade-secrets policy could prevent employees from being able to take specific knowledge learned while employed to a competitor. Not doing so, can cause a business to lose a competitive advantage worth hundreds of thousands if not millions of dollars over time.

Having clear and concise intellectual property clauses drafted for use in contracts with third party contractors sets an organization back a few saw bucks. Alternatively, the matter often ends up in federal court as the business and the contractor both claim ownership to a valuable piece of IP. If lucky, the experience will settle before trial and a company may only be out a $100,000 or so.

Many a wise business owner understands these warnings, but immediate demands call out.  The phone rings or a colleague comes into the office, or a deliverable needs immediate attention. Several years later, a complaint and the prospect of spending hundreds of thousands of dollars defending the company in court presents itself.

Sometimes an ounce of prevention truly is world’s better than a cure. No one likes to watch money eaten up after-the-fact on avoidable circumstances. IP protective measures can and often are an easy and preventative business strategy — and the truth is that everyone, including good lawyers, feel better about that.

Kurt Leyendecker is a founding member of the intellectual property law boutique, Leyendecker & Lemire. Leyendecker & Lemire specialize in patents, trademarks and related complex civil litigation. Kurt Leyendecker can be reached directly at 303.768.0123 or Visit for further information, including Leyendecker & Lemire’s weekly blog, “Control, Protect & Leverage.” 

Caution: You’ve been hacked—and sued

The newest legal challenge on the horizon for businesses may be the rise of what is known as “The Copyright Troll.”  Copyright Trolls are generally companies formed by attorneys whose sole purpose is to secure the enforcement rights from content providers (usually movies) and then find infringers (using a special software) — wherein those same attorneys sue the infringers in federal district court.

Simply put, these lawyers build a list of people who illegally download things like movies or photographs and when they’ve built a list, they sue them all on behalf of the movie maker.

A few years back, the movies were pretty high brow, usually independent films that were nominated for Academy Awards. The Hurt Locker is an example. The Trolls filed suit naming several hundred John Does, subpoenaed the infringers’ ISP for the account information corresponding to the IP address that downloaded the movie, and sent out a demand letter.

In truth, a lot of the alleged infringers probably downloaded the movie, which is illegal. The amounts to settle were relatively low — $1,500 -$2,500.  The infringers sheepishly paid the money and learned a bit of a lesson to share with their kids: Don’t steal other people’s copyrighted creative work.  It’s a bit of a slick business model:  Everything is geared for economies of scale and the demand was priced low enough that it didn’t make economic sense to fight it.

However, the current iteration of The Troll takes the business model to another level.  The movies are not as high-brow and generally involve pornography. This change has introduced a shift in the demographics of people coming into our offices with demand letters.

Gone were the thirty-somethings that were good with technology and downloaded pirated movies using bit torrent software even though they knew it was wrong. They were replaced with retirees – grandmothers and great-grandmothers who are not so computer savvy.  By and large, these older folks also have unsecured wireless networks, so neighbors or other third parties download the content using their network.

An additional twist: Most consumer wireless routers do not extend back far enough to provide the alleged infringer with the exonerating evidence of who actually downloaded the content. Additionally, the demands are still relatively low when compared to the cost to legally fight the allegations, but also high enough to cause pain to those on a fixed income.

Here’s the ugly, new situation nearly anyone with a computer can face: A client of ours was out of the country with no one home when a download supposedly took place —some allegedly downloaded pornography on their computer. They received a demand letter from a Troll for $8,000.

Does the elderly couple fight the allegation or pay the eight grand? To prevail, the Troll/plaintiff must prove that the defendant (our client) actually infringed the copyrights, so the accuser must work to win. But once named in a federal lawsuit a defendant is going to be spending money regardless – either they settle the case or they have to defend it. Getting you out of the case will costs thousands at a minimum and more realistically will be in the tens of thousands of dollars.

These instances are concerning because they are also beginning to show a sophistication in those committing the infringement – the ability to utilize viruses or hack passwords. Additionally, the demands from the Trolls seem to be going up as well.  We expect to see demands go even higher than $8,000.00.

While most WIFI routers have the ability to have pretty good encryption that would withstand a brute force attack, must businesses do not use strong enough passwords.  A thirteen character password that is made up of random numbers and letters is generally recognized as being sufficient. Anything short of that and you are most likely at risk. Readily available programs can break weak passwords in under an hour.

Moreover, business owners need to make sure their work computers and any machine that connects to its network are free of bit torrent software, as they could be liable for the infringing acts of their employees.

Finally, businesses should always have up-to-date virus software on all of their computers and perform routine scans to minimize the chance that a third party is entering the network through an infected machine. Not only do these precautions prevent the potential theft of your business data, they can help prevent you and your business from landing in the middle of a German pornography copyright infringement lawsuit. And that ain’t pretty — or cheap.

Moving on up – and out

Some of you may have noticed that our firm has not published a new column in a few weeks now. The reason for this is that we were engaged in a Major Office Move.  You know the kind: anguished over for months, thought about repeatedly at 3 a.m. and again at 6 a.m. and over dinner with your spouse. But our move was inevitable. The firm has grown and along with that, we had outgrown our old office suite in more ways than one. In addition to simply needing much more space, we also wanted to be in offices that better reflected the firm’s character and personality.

This is, technically, our third space in the company’s history and we have been able to learn from our past experiences and plan for the future. For example, we learned that as you add attorneys to your staff, those attorneys tend to schedule meetings with clients and prospective clients. Also, if you have multiple meetings back-to-back and your main lobby is the size of a British phone booth, things will get crowded and look like I-25 prior to T-REX.

Generally speaking, this is not good for business.

While I can’t say that moving a law firm, or any business for that matter, is something I would want to do on a regular basis (particularly when it comes to getting employees packed up and ready to go prior to the movers arriving), businesses can seize the move as a great opportunity to reflect upon where they have been and where they are going.

A few columns ago I talked about the opportunities that spring provides to do some spring cleaning for your business. It was essentially a mini-audit for the business owner to determine if they were covering all the legal details necessary to ensure the vision they have for their company. As we were going through the process of finding new offices, I became aware that the moving process itself forces you to take stock of your company and start thinking about what that company will look like years down the road.

Through the myriad of necessary decisions inherent in moving a business — like office location, size, configuration and the type of building finish and personality — you are organically lead to essentially constructing a strategic plan for the length of the term of your lease.

Where do I want to be located? How many employees do I have now and will have in the future? What does the space say about my company (or does it even matter)? How long do I want the lease to be? What are the main functions of my business and will we be adding any lines of business in the future that might need special accommodations or a special environment?

It’s easy to consider staying put: but if one thing is certain it is the inevitable, change.

It’s easy to think of the headaches of moving, but what if, instead, you and your staff spent the time leading up to the move as a fun exercise of strategic planning, goal setting and visionary pursuits that can revitalize your business and possibly open up opportunities that were not perceived before? What inadvertently happens is that you become more in touch with your company’s mission and can therefore take measure of how successful you are in keeping true to that mission.

Sure: No one necessarily wants to stop and carefully think through the details of a strategic company vision. And the actual act of moving is often painful, much like herding cats.

But a business move can be cathartic. Furthermore, the momentary pain of moving is temporary, yet the fruits of your labor are everlasting – especially if the new space has a great view, like Leyendecker & Lemire, LLC’s new offices. Come see the digs: 5460 S. Quebec St., Suite 330, Centennial, Colo., 80111. We make good coffee.