incontestable trademarks

Can Incontestable Trademarks Be Cancelled?

e-commerce intellectual property

Intellectual Property and E-commerce Shops

If you’re the owner of an e-commerce shop, you deal with intellectual property everyday. Intellectual property refers to the creations of the human mind. This includes symbols, images, names, inventions, and literary and artistic works. Intellectual property rights refer to the exclusive rights given to the creator for a specific period of time. This right allows creators, or owners, to benefit from their own work or investment in a creation.

It is the creators’ responsibility to defend their intellectual property. Like any other asset, it is important to protect your intellectual property right. Generally, if you are self-employed, you own the intellectual property, even if someone else did the work. However, rights can be granted in the other party if your contract allows it. If the intellectual property was created as part of your employment for someone else, you will likely not own the intellectual property.

What should be protected and why?

Intellectual property rights afford creators and owners the confidence to collaborate with or invest in others and allow them to maximize the value of their right by licensing or franchising their creation. Intellectual property is typically divided into two categories:

  • Industrial Property – Trademarks, patents, industrial designs, and geographical indications;
    1. Trademark. A trademark is a symbol, design, word, phrase, or a combination thereof that identifies and distinguishes the source of the goods of one company from those of other companies.
    2. Patent. A patent is a property right granted by the United States Patent and Trademark Office (USPTO) relating to an invention in exchange for public disclosure of the invention. This right is granted for a limited time. Patentable materials include any new and useful machine, process, manufacture, or composition of matter.
    3. Industrial Designs. An industrial design is what makes an article attractive and appealing.
    4. Geographical Indications. A geographical indication is a sign used on goods that have a specific place of origin and possesses qualities or a reputation due to that place of origin. These are typically used on agricultural products.
  • Copyright – A copyright protects the original works of authorship including music, literary works, films, artistic works, and architectural designs. Copyright also refers to rights in performing artists in their performances, producers of phonograms in their recordings, and broadcasters in their radio and television programs.  

When to Protect Your Intellectual Property

Let’s say that you have an idea for an invention. Great, but you’re thinking “it’s just an idea” or “I’m not ready to move forward with anything yet”. It’s still not too early. You should protect your idea from the moment you have the idea. For one thing, protecting your intellectual property makes it easier to take legal action against someone who is stealing or copying your work without your permission. Here are some other reasons to protect your intellectual property:

  • It’s easier than you think. Protecting your intellectual property may seem intimidating and unnecessary, but protecting your work, and ultimately your business, is worth it. With copyrights, protection is automatic. Although the copyright does not protect an idea, it does protect the way the idea is represented – by writing it down, for example. Applying for a patent is done through the USPTO. It can be done with a patent attorney or on your own.
  • Protect your business growth. Your business is unique – protect it! When you do not protect your business, you risk the chance of competitors using your work for their own benefit. This could result in a loss of revenue for you. Remember, it’s your responsibility to ensure that no one is infringing on your intellectual property right.
  • You’ll save time and money. The laws governing intellectual property are designed to recognize and protect your exclusive ownership. This helps ensure that you will profit from your work.
  • If you don’t, your competitor will. There is legitimate and predatory competition. One person may legitimately be the “first to file”. If this happens, you could lose your ability to profit from your idea or invention. Others are “trolls”. Generally, trolls focus on highly beneficial intellectual property created by small business owners because they know some cannot afford to litigate the issue.

How often should an e-commerce shop copyright its site?

Items on your website, like pictures, videos, artwork, etc. may be protected by copyright. The Internet makes copying these items easy – anyone can search the web “copying & pasting” or saving whatever they like. As a business owner, you want to make sure that your work is protected and that your employees are not using the protected work of others.

As stated earlier, copyright protection is automatic, but registering the copyright makes it easier to take action against someon.. To register a copyright, you must submit the following:

  1. A completed and signed application,
  2. A copy of the to material to be copyrighted (different materials require different forms), and
  3. A filing fee.

E-commerce shop owners can be victims of copyright infringement. It may be enough to mark your website with “All Rights Reserved” or use the copyright symbol to deter potential offenders. Under the laws governing intellectual property, copyright protection expires seventy years following the death of the person initially responsible for creating and registering the work. If the work was published anonymously, the copyright will expire ninety-five years after the item was published or 120 years after it was created.

For more information about intellectual property, contact Revision Legal’s team of experienced intellectual property attorneys through the form on this page or call 855-473-8474.

Every Mobile App Needs an End User License Agreement

Every developer and every app have different needs, but largely a EULA exists to protect the developer from potential harm that the consuming public could cause. There are three main ways a developer’s app goes beyond what the App Store user agreement already covers.

  • Payments: When there are in-app purchases or, potentially, physical items that users can buy through the app, more laws with different jurisdictional statutes will apply. This isn’t a rare concept; most apps have in-game purchases of some sort. However, Apple does not cover these consumer issues within its own User Agreement, and therefore developers must create their own within the app.
  • User Content: Depending on the application, end users can be required to input information or create new content based on their game play. This is not covered by the generic user agreement and may require additional terms and conditions for the user to agree to in order to avoid third-party conflict.
  • High Risk Apps: This is unlikely in gaming apps, but some new creative games may require the user to do something that is beyond a risk that he or she would incur within the confines of their own home. If this were the case, the developer would likely want liability protections beyond that of the App Store User Agreement.

Where is the EULA placed?

The EULA can usually be found when an app is first opened after being downloaded. This ensures that the user will see the EULA before partaking in any aspect of the app past the initial download. It could also be prompted by taking certain actions in the app that go beyond its EULA. For example, if a monetary transaction is required, then the developer may desire to have the EULA requirement show again prior to the consumer’s continued action.

Mobile App Attorneys

Since mobile apps are becoming more and more innovative, the developer must also be innovative with his or her way of protection. If you have a mobile app or game developing needs, contact one of our Mobile Game Attorneys at 855-473-8474.

 

data security management

10 Data Security Management Tips to Prevent a Data Breach

You may never suffer a data breach, but that doesn’t mean you shouldn’t know how to prevent one.

With recent news of a data breach of 1.5 billion Yahoo accounts, it is clear that all of us, from the biggest to the smallest company, could brush up on our data security management.

You may never suffer a data breach, but that doesn’t mean you shouldn’t know how to prevent one or be prepared for one.

With laws & regulations constantly changing over data protection and the penalties becoming more costly, it’s time to start making data security a priority.

In this short post, we are going to cover ’10 Data Security Management Tips to Prevent a Data Breach’ so you can keep your business running smoothly and securely.

Let’s get to it! Read more

california data breach notification law

California Data Breach Notification Law

California law takes the privacy of its residents seriously. Privacy is an inalienable right guaranteed to California residents by the California Constitution. It was the first state to enact laws protecting the rights of Californians to be notified of data security breaches.

When it comes to data breaches in California, state agencies and businesses have a duty to protect customer information. California residents who are a victim of the data breach have a right to be notified if their unencrypted data was exposed.

Under California Civil Code s. 1798.29(a) and California Civ. Code s. 1798.82(a), state agencies and businesses have an obligation to notify California residents who have been the victim of an encrypted data security breach.

Who is Protected Under the California Data Breach Notification Law?

California’s data breach notification laws protect all Californians. Employees, consumers and residents of the Golden State are protected under these laws. Since California businesses and state agencies are required to notify all California residents of a data security breach, many non-residents are incidentally also notified of the data security breach as a byproduct of these laws.

What is Personal Information?

For the purposes of the California data breach notification law, “personal information” includes a person’s first name or first initial and the person’s last name, in conjunction with any of the following additional data elements:

  • The person’s social security number.
  • A driver’s license or California identification card number.
  • The person’s medical information or health insurance information.
  • A person’s account, credit card number, or debit card number, In combination with that account security code, password or access code, such that unauthorized access to these accounts could be achieved.
  • Information collected through an automated license recognition system.

If the data that was breached was encrypted data, Californians do not need to be notified. Encrypted meaning the data was rendered unusable, undecipherable, or unreadable to the unauthorized person who accessed the data.

Who Must Comply With the Data Breach Notification Laws?

People and companies that conduct business in California, along with California government agencies, are required to comply with the California data breach notification law.

This means that even companies who have their business headquarters in a state other than California are required to provide California residents with notification of a security data breach if they conduct any business in the state of California.

In essence, any business that has access to a California resident will be required to comply with the notification laws. On the other hand, businesses that do not have operations and do no business in the state of California are not required to comply with California’s data breach notification laws.

Requirements for Notification Compliance

State agencies and businesses in California that have had a data breach must satisfy certain notification requirements in order to be in compliance with the law. The notice must be in plain language. The font of the notice must be no smaller than 10-point size, and use clear and inconspicuous headings, such as “Notice of Data Breach”.

The notice must convey the following information:

  • Who is issuing the notification.
  • What happened, including the date range affected by the breach.
  • Identification of what information was involved in the data breach.
  • Whether there was a delay in providing the notification due to an investigation by law enforcement.
  • What the agency or business is doing to resolve the problem.
  • What victims can do to protect themselves.
  • Where to find more information about the data breach. 

Are There Sanctions and Remedies Available to Victims?

If California residents are notified of their involvement in a data security breach in a timely fashion, the victim could be entitled to damages through a private action or claim for liquidated damages.

Talk to a Data Breach Lawyer

Revision Legal understands the dynamic nature of cyber security. Revision Legal has worked with businesses of all sizes to assess data retention risks. When necessary, we provide counsel on the California data breach law. If you have concerns about your company’s exposure or have received a notification that you have been a victim of a data breach incident, contact the experienced data breach attorneys at Revision Legal.

Civil fines are available in some states for a failure to expeditiously notify those affected by breaches. You need the legal team from Revision Legal in your corner today. Contact us using the form on this page or call us at 855-473-8474.

Photo credit to Flickr user Anh Dinh.

This post was originally published in November, 2015. It has been updated for clarity and comprehensiveness.

Cybersquatting and Domain Name Disputes | Internet Lawyers

What is cybersquatting? Cybersquatting, as defined by the Anticybersquatting Consumer Protection Act (15 U.S.C. 1125(d)):

is the registration, trafficking in, or use of a domain name that is either identical or confusingly similar to a distinctive trademark or is confusingly similar to or dilutive of a famous trademark.

In simpler terms, cybersquatting occurs where one registers a domain name containing the trademark of another with the intent to profit from the sale or use of that domain name. Cybersquatting can be devastating to a business. Cybersquatters can divert valuable traffic and, in turn, sales, from a business through the use of the cybersquatted domain name. This is why Congress has seen fit to provide significant remedies to businesses injured by this practice. This includes the ability to obtain up to $100,000 in statutory damages and the transfer of the domain name.

Cybersquatting also applies to domain names that incorporate personal names. Specifically, if you have a valid cause of action if someone registered your name (or something confusingly similar to your name), without your consent and with the specific intent to profit from selling the domain name. Damages in personal name ACPA actions, however, are limited to your costs, attorney fees, and transfer of the subject domain name.

Cybersquatting Resolution Under the UDRP

Finally, cybersquatting can also be remedied under the Uniform Domain Name Dispute Resolution Policy (UDRP). The UDRP is an arbitration provision that is contained within every registration contract associated with the most top-level domains (i.e. .com, .net, .org). And when you register a domain name, the fine print of your registration agreement will contain provisions regarding this procedure. So, by registering most domain name, you also agree to be subject to the UDRP process. This is not a federal court lawsuit. Rather, it is an administrative proceeding before, in general, by the National Arbitration Forum or the World Intellectual Property Organization. The upside is that the cases are decided much quicker and cheaper. But, the downside is the relief is limited to the transfer of the domain only (no monetary damages).

If you have a cybersquatting issue, contact our expert cybersquatting lawyers. Use the form on this page or call us at 855-473-8474.

 

Editors note: this page was originally posted in January, 2013. It has been updated for clarity and comprehensiveness.

Data Breach

8 Reasons You Need a Data Breach Attorney

With growth in digital data has come a growth in data breaches. The need for greater protection means you need a data breach attorney.

Data breaches aren’t restricted to hackers gaining access to your electronic data. It can also apply to people gaining access to printed materials.

Negligence may be to blame. Perhaps an employee lost a company laptop. A survey found that over 55% of data breaches were caused by employee negligence.

Or perhaps your data is at risk from deliberate attempts to break in. Cyber attacks can be both active and passive.

It doesn’t matter if you’re a company worried about protecting data, or an individual worried about how a data breach may affect you. It’s a good idea to consult a data breach attorney.

Read on to discover 8 reasons why you might call one. Read more

social media for businesses

Social Media for Businesses: Risks and Rewards

Revision Legal partner, John DiGiacomo, presented at the Business Owners Speaker Series in Traverse City. He focused on how to minimize the risks of online marketing and social media for businesses. According to John, the biggest mistake companies make is not acquiring social media channels prior to launch. The second biggest mistake is not acquiring or claiming trademark rights on those social channels to protect your brand. Watch more below for the full discussion.

We’ve published previously on acquiring trademark rights on social media:

How to Trademark My Instagram Username

How to Claim Your Trademark as a Username on Twitter

How to Claim your Trademark as a Username on Facebook

Image credit: melodievj10

 

chipped credit card fraud

Are New Chipped Credit Cards Really Safe From Fraud?

Recent reports have indicated that the new chipped credit cards, i.e., credit and debit payment cards equipped with EMV technology, are not as secure as initially hoped, and show that fraud involving payment cards is still on the rise despite the full deployment of the new, more secure technology. The new chipped credit cards were touted as being safer and more secure since the they integrate EMV (which stands for Europay, MasterCard, and VISA) and pin technology, meaning that not only must the user have the chip associated with the credit card, but he or she must also have the appropriate PIN, in order to use the credit card. How is so much fraud being committed with these new chipped credit cards that are supposed to be more secure than the old magnetic strip version?

Fraud Committed with Chipped Cards is Committed in Familiar Ways

Not surprisingly, most of the new chipped credit card fraud involves exploiting old ways of committing fraud. For instance, whether a stolen credit card is chipped or not has little effect when the fraud is done by making online purchases. To make a fraudulent online purchase all you need is the credit card number and the CV code for the card; the chip plays no role. For this reason, online purchasing is the leading type of fraud that is committed with chipped credit and debit cards.

The other way that criminals are exploiting chipped payment cards is by using stolen cards at retailers that have not yet implemented chip reading equipment in their payment systems. There are plenty of retailers who are holding off as long as possible to upgrade their payment systems, which means that they have the older, magnetic swipe reading payment machines.

Additionally, hackers are able to gain access to vulnerable payment systems that are connected to the internet. Once hackers breach the security of a vulnerable payment system, they can install files that will track and transmit payment card data that are used at the compromised payment system. The credit card number and CVV code can be stolen and it is even possible to record and transmit the corresponding PIN code for the card. With the stolen card information, hackers can produce cloned cards, or can use the stolen data for online transactions.

Hackers Create Cards With Chips That Impersonate Real Chipped Cards

Another way that hackers have taken advantage of chip card technology is to create cards that impersonate real chipped cards. Chipped cards are supposed to be harder for thieves to duplicate, so while the new chipped payment cards are more difficult for thieves to clone, they are not necessarily more difficult to impersonate. For instance, there are ways in which a chipped card can be impersonated or mimicked to make an ATM shim, which can be inserted into an automated teller machine to make the ATM dispense cash.

Data Breach Lawyers

Revision Legal understands the dynamic nature of Cyber Security. If your payment system was compromised by a cyber attack, or your customers’ payment card information was stolen in a data breach, you need to work with an experienced data breach lawyer. Revision Legal can help with ensuring compliance with state notification laws and international law. Contact us using the form on this page or call us at 855-473-8474.

Image credit: Finance Blue.

active cyber attacks

Active vs Passive Cyber Attacks Explained

Cyber attacks involve the unauthorized access of private or confidential information contained on computer systems or networks, but the techniques and methods used by the attacker further distinguish whether the attack is an active cyber attack, a passive type attack, or some combination of the two. According to Symantec, both active and passive cyber attack types are defined by unique characteristics and techniques, and each type of attack presents unique challenges to victims, system users, system administrators and cybersecurity professionals. Knowing the difference between passive and active cyber attacks can help system users and administrators identify when an attack is taking place so that action can be take to try and contain the attack.

Active Cyber Attacks

Active cyber attacks are often aggressive, blatant attacks that victims immediately become aware of when they occur. Active attacks are highly malicious in nature, often locking out users, destroying memory or files, or forcefully gaining access to a targeted system or network. Viruses, worms, malware, Denial of Service attacks, and password crackers are all examples of active cyber attacks. Usually, hackers that use active attacks are not much concerned with their activities being detected because by the time the attack is detected the damage is already done or is underway.

Passive Cyber Attacks

Passive cyber attacks often employ non-disruptive and covert methods so that the hacker does not draw attention to the attack. The purpose of the passive attack is to gain access to the computer system or network and to collect data without detection. Many data security breaches involving the exposure of credit card and debit card payment information are the result of passive attacks, as are data breaches where the targeted data collected during the attack is user name, passwords and other personal identifying information.

Passive attacks are usually data gathering operations, which means they usually employ some sort of malware or hack that eavesdrops on system communications (i.e., scrubs email for personal identifying information) or records system communications (i.e., keystroke recording malware). Information that is gathered in a passive cyber attack is usually sold on the blackmarket and dark web for the financial gain of whoever perpetrated the passive attack.  

Use of Both Active and Passive Attacks

There are many hackers that use a combination of active and passive techniques to gain unauthorized access to a system, network, or data. Oftentimes, a passive information gathering technique will be used first, and then once desired data has been collected, the hacker often launches an active attack to make a point or to accomplish some other goal. For instance, it is not uncommon for a hacker to acquire login credentials using a passive attack technique, and then actively access the system to wreck havoc on the network once inside. We’ve written previously about how hackers gain access to computer systems here.

Contact a Data Breach Lawyer

Any business that is subjected to a cybersecurity breach needs to take steps to contain the breach and to notify those who have had their personal identifying information or payment information exposed as a result of the attack. Many states have breach notification laws that specify certain timeframes in which victims need to be notified. You will have to move quickly after a cyber security breach. The professionals at Revision Legal can help. Contact us using the form on this page or call us at 855-473-8474.

Image Credit: GlobeSign