chicago internet lawyer

Chicago Internet Lawyer

Revision Legal is Chicago’s Internet law firm. Our attorneys, admitted to practice law in the State of Illinois and located just outside of Chicago in Michigan, have experience in handling Internet law matters in the Northern District of Illinois, which includes Chicago and the surrounding suburbs. Our Chicago Internet lawyers have handled the following Internet law cases in federal and state court:

  • Copyright infringement lawsuit against electronic software distributor;
  • Cybersquatting lawsuit against former business partner;
  • Trademark infringement lawsuit against Internet software distributor;
  • Domain name theft lawsuit against former employee;
  • Trade secret theft of customer list;
  • Unauthorized access to a computer system; and
  • Typosquatting of numerous domain names containing Plaintiff’s trademark.

Our Chicago Internet lawyers are also experts in transactional Internet law matters. Our attorneys can help you with:

  • Defensive domain name registrations;
  • Trademark registrations;
  • Keyword advertising infringement;
  • Internet minimum advertising policies;
  • End user license agreements;
  • Terms of use agreements and privacy policies;
  • State-law privacy compliance;
  • User-generated content and Section 230 of the Communications Decency Act;
  • E-commerce transactions; and
  • Website purchase and sale agreements.

If you seek a Chicago Internet lawyer, contact Revision Legal’s attorneys today at 855-473-8474.

telemedicine terms of service

Telemedicine Terms of Service Agreements

The internet has forever changed the way health and medical services are provided. The last 10 years have seen a rapid expansion in telemedicine and telehealth services. In response many states have developed statutes to define and regulate telemedicine. For example, Vermont developed a statute (8 V.S.A. § 4100k ) requiring health insurance companies to cover and pay for telehealth services in the same manner as more traditional face-to-face provisions of health care.

Telemedicine Defined

The general definition of telemedicine is receiving/providing medical care remotely via the internet or telephone. The Vermont statute above defines telemedicine as:

“Telemedicine” means the delivery of health care services such as diagnosis, consultation, or treatment through the use of live interactive audio and video over a secure connection that complies with the requirements of the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191. Telemedicine does not include the use of audio-only telephone, e-mail, or facsimile.”

This is a very different definition than the one proposed in 1996 by the Federation of State Medical Boards (“FSMB”) under the Model Telemedicine Act (“Model Act”). The Model Act defined telemedicine as “the practice of medicine across state lines.” The Model Act did not gain many adherents. But, interestingly enough, practicing medicine “across state lines” is the key legal issue with telemedicine.

In practice, telemedicine has existed for as long as the telephone has existed. Patients with a long-term relationship with a family doctor have likely experienced a “phone consultation.” You have a bad cough or something non-life-threatening; you call your doctor; he or she talks to you over the phone and prescribes a medication. Your doctor says something like: “Make an appointment and SEE me if your symptoms do not improve.” That is a form of telemedicine.

With the advent of the internet and internet-based video services like Skype, telemedicine has became even easier. Now with the omnipresence of mobile devices, each with a camera and video recorder, providing remote medical services is almost expected.

Telemedicine: Legal Practice Issues

Conceptually, telemedicine presents almost no legal issues other than potential malpractice issues for the healthcare provider. That is, telemedicine is basically a doctor meeting with a patient via electronic interface rather than face-to-face.

In practice however, telemedicine is being promoted via websites advertising a quick and easy method to obtain medical services and prescriptions. A good example is getRoman.com, a website dedicated to providing medicine for erectile dysfunction. See here. There are a maze of legal issues that have to be navigated for websites like this including:

  • State laws with respect to who may provide medical services within the state
  • State and federal laws with respect to prescribing medications — stricter standards
  • Which state medical law is applicable? The medical laws of the doctor’s state or the patient’s state?
  • Which state law and what body of law applies to the website?
  • Licensure for the medical providers — related to the first issue
  • Medical malpractice and standard of care issues — what is the standard of care for a virtual examination?
  • Is the website providing “medical services” — legal difference between offering diagnosis and prescribing medications as opposed to simply providing conduit services, education and information
  • Federal and state privacy, confidentiality and security — HIPAA, etc.
  • FDA regulation of medical apps and medical devices — if healthcare is now delivered via mobile device, is that a “medical device” subject to FDA Class I regulation; what about programming in the app?
  • Medicine ethics with respect to corporate structures, fee-splitting, and advertising

As can be seen, as a practical matter, the legal issues are numerous. If you are providing telemedicine services, you should consult with proven internet law attorneys who are on the cutting edge of technology and legal knowledge.

Using a Website Terms of Service Agreement to Solve Some of the Legal Issues

As telemedicine websites proliferate, some are attempting to use the website Terms of Service (“TOS”) Agreements to help solve some of the problems. One particularly bad problem is being criminally prosecuted for prescribing medications across state lines. For example, back in 2007, in the case of US v. Valdivieso Rodriguez, 532 F. Supp. 2d 316 (US Dist. Puerto Rico 2007), seven doctors were charged with 41 counts of having participated in a scheme to distribute drugs through the internet in violation of federal laws and the laws of Puerto Rico. The federal charges were brought pursuant to the Controlled Substance Act (“CSA”).

Under the laws of Puerto Rico, a doctor can only prescribe medications to residents of Puerto Rico. As such, when the doctors remotely prescribed medications — via the internet — to persons outside of Puerto Rico, according to the prosecutors, they were practicing medicine “outside the scope of professional practice … with whom they lacked a doctor-patient relationship” in violation of the CSA. The District Court upheld the charges as against various motions to dismiss.

The getRoman.com website attempts to avoid the Valdivieso issue via its TOS Agreement. See here. Its TOS Agreement specifically limits the availability of the internet service to California, Florida, Georgia, Kentucky, Illinois, New York, Nebraska, Michigan, Montana, Ohio, Pennsylvania, Virginia, Washington and Texas. The getRoman.com TOS then goes on to say that “[h]ealth care providers providing Services through the Site are licensed to practice in the states in which they treat patients.”

Whether that gets the doctors beyond the Valdivieso situation is fact-dependent. Can the medication be delivered to addresses outside of the covered state? Are Texas doctors interacting with Texas web-users? Will authorities really care since these are ED medications?

It will be interesting to see how the court deal with telemedicine websites and their various TOS Agreements. These websites are relatively new and our research did not uncover any cases yet reported dealing with TOS Agreements for websites like getRoman.com.

Telemedicine and TOS Agreements: Contact Revision Legal

If you would like more information about TOS Agreements or have other questions about business law, internet law, data breaches and other legal issues related to IP, contact the lawyers at Revision Legal. We can be reached by email or by calling us at 855-473-8474.4

You Might Also Like:

 

Browsewrap and Clickwrap Agreements

FTC Brings Charge for Misleading Consumers

Updated Guidelines for Online Endorsements

Import Businesses: Beware of FCC Regulations

data security update

7 Reasons to Read FTC’s 2017 Privacy & Data Security Update

The Federal Trade Commission (“FTC”) recently released its 2017 Annual Privacy and Data Security Update (click here; for the direct link to the Update, click here and then click on the PDF link provided). We see seven compelling reasons to read the 2017 FTC Update and to take data breaches seriously:

1. The Number of Data Breaches Increases Every Year

There were over 850 computer security attacks in 2017. The number of breaches has been increasing every year. The data breaches involve billions of people around the world. Billions with a ‘B’ – this is not an exaggeration. For example, the recent Equifax data breach involved 145 million customers; a data breach from India mobile phone carrier involved 120 million consumers; data breaches from a number of popular Chinese websites resulted in the theft of personal and financial information on 1.85 billion customers.

2. Costs can be Massive

The cost of a data breach to your company can be massively burdensome. Vast amounts of employee time will be needed to:

  • Fix the security breaches
  • Deal with governmental investigators
  • Notify customers and clients
  • Handle the public and media relations
  • Respond to the lawsuits

Aside from loss-of-productivity costs, your business will be paying for outside legal counsel, experts, auditors, settlements, and fines. See our post on the high cost of data breaches.

When Target stores had a significant data breach in November 2013, filings with the Securities and Exchange Commission show that in the following four years Target spent an average of $50 million a year dealing with the after-effects of the breach.

In another example, Anthem, a health care provider, recently agreed to pay $115 million to settle 100 lawsuits filed against it for a 2015 hack of customer information. Anthem was hacked and the private data of 79 million customers was stolen. Anthem agreed to either pay each customer $50 or purchase for them two years worth of credit monitoring.

Pause to consider this for a moment – the per-customer settlement is minor, but due to the immense number of customers impacted, the $115 million settlement became the largest data-hack settlement at the time.

3. Cyber-Threats are Constantly Evolving

Threats to your computer systems are constantly emerging. Every software update and each hardware improvement is a potential target for exploitation by hackers and criminals. These activities are being directed at your company ON PURPOSE and with bad intent. Such threats demand your immediate and full attention.

4. Cyber-Threats are Now Internal

Most people focus on the external threats, but internal threats are becoming the new normal. We recently wrote about a rogue administrator in United States v. Thomas, No. 16-41264 (5th Cir. 2017). Mr. Thomas was the Company’s IT Operations Manager.  Unhappy that a co-worker had been fired, Mr. Thomas spent a weekend sabotaging his employer’s computer systems and network and then quit without warning. Mr. Thomas was convicted, but his employer’s business suffered significant disruption.

As another example, in a widely reported case from the United Kingdom, an IT auditor for WM Morrisons Supermarkets, a large grocery store chain in the UK, received a disciplinary warning for employee misconduct. Not happy about being disciplined, he retaliated by deliberately publishing personal and financial data on nearly 100,000 of his coworkers including names, addresses, phone numbers, bank data, etc. The employee was charged and convicted of various crimes. However, Morrisons was recently held liable in a class action lawsuit brought by several thousand of the affected employees. Recently, a UK court held that Morrisons was legally responsible for the data leak. See report here. These examples show that you cannot be too careful with respect to securing your computer and network systems from both external and internal threats.

5. Non-Monetary Costs can be Massive

Lax cybersecurity is not just a threat to consumer data, but also to your company’s trade secrets and property.

Dun & Bradstreet, for example, had a valuable asset stolen by hackers in 2017. It was an exclusive database for marketing and email campaigns. This database gave Dun & Bradstreet a significant competitive advantage that was lost when the database was stolen. Adding insult to injury, Dun & Bradstreet had acquired the database in 2015 as part of a $125 million purchase of a smaller company called NetProspex. Very likely, the largest asset owned by NetProspex was just this database. As another example, HBO lost confidential data which led to the unauthorized release of HBO programming, including a script of a then-upcoming episode of Game of Thrones.

6. Your Business can be at the Mercy of Hackers

Further, lax cybersecurity is a direct threat to your business and your ability to function. Ransom can be demanded and your business can be vulnerable to malware like WannaCrypt/Cry. WannaCrypt infected millions of computers in May 2017 across 74 countries. The malware encrypted as many files as it could on a given computer system and then demanded $300 or $600 in Bitcoin to restore the files. This malware also installed a backdoor to the computers and servers which allowed remote control and access. For those infected, business operations came to a standstill.

Your company can also be vulnerable to ransom demands to avoid bad publicity and legal liability. Uber had a data breach in October 2016 which the company tried to hide and then paid the same hackers $100,000 to help in the concealment.

7. Hackers can Damage Your Business Reputation

Nearly three-fourths of cyberattacks seek money, stealing money directly from financial accounts or credit card numbers, demanding a ransom, or something similar. But between 10% and 15% of security breaches are hacktivism — criminal behavior designed to punish or embarrass your company for political or social reasons. We’ve recently written on these types of breaches here.

Data Breach Attorneys: Contact Revision Legal Today

Contact us via email or call us at 855-473-8474.

 

You Might Also Like:

Cybersecurity Best Practices

Chipped Credit Cards and Internet Fraud

Cyber Attacks Explained

Tips To Avoid Data Breach Litigation

How Grumpy is Your Cat?

Stone sculptures of jewelry-adorned cats dating back to at least 500 BC have been discovered in Egypt. Feline goddesses were recorded in texts dated thousands of years earlier. In 1888, a farmer in Egypt stumbled upon a tomb containing eighty-thousand mummified cats. While it is estimated that the first domesticated cats appeared ten thousand years ago in the Fertile Crescent, savvy persons have long recognized that an international cat-cabal has quietly controlled human development for at least as long. It is no accident that cats dominate the internet.

On January 23, 2018, a jury in the Central District of California awarded more than $700,000 to Grumpy Cat Limited after it sued several parties for copyright infringement and trademark infringement. The jury awarded $230,000 for the copyright infringement claim and $480,000 for the trademark infringement claim.

The complaint stated that “Grumpy Cat (a/k/a Tardar Sauce) is one of the most famous and recognizable felines in the world due to her perpetually grumpy expression.” The complaint asserted four federal copyright registrations and three federally registered trademarks concerning Tardar Sauce. Without its federal registrations, the plaintiff would have had a much more difficult time obtaining the judgment described above.

Humans should take a lesson from cats and think about long term survival. Obtaining copyright registrations and federal trademark registrations may not seem like an immediate need, but it is much better to have a registration for both and never need to litigate than to find yourself in litigation wishing you had a copyright or trademark registration.

The cost of registration is minimal while the benefits are invaluable. Tardar Sauce gets it. Do you? If you are on the fence about seeking copyright and/or trademark protection, find a cat and talk it over.

Call Revision Legal. We know a lot of cats.

data breach attack

10 Common Data Breach Attack Techniques

Among the more frustrating aspects of cyber security is the constantly evolving nature of the threat and the multitude of data breach attack techniques. One vulnerability is patched only for another to be found/created; one technique is foiled only for a different tactic to arise. Here we give a brief discussion of motivations and offer a list of the ten most common cyber attack/data breach techniques. Hat tip to the incomparable website Hackmaggedon.com which has been tabulating and compiling cyber attack reports for several years.

There were over 850 data breach attacks in 2017, many of which led to theft of customer personal and financial information. Not only is the number of breaches on the rise, but costs are rising, too. The New York Times reported that, through March 2017, Target spent more than $202 million on settlements, legal fees, and other costs following the November 2013 breach. Anthem Inc, the largest U.S. health insurance company, recently agreed to pay $115 million to settle hundreds of lawsuits stemming from a 2015 hack of customer information.

Cyber Attack Motivations

In general, at a broad level, one can identify several motivations for cyber attacks. The owners and operators of Hackmageddon.com offer these four:

  • Cyber crime
  • Cyber-espionage
  • Hacktivism
  • Cyber warfare

Cyber Crime

Nearly three-fourths of cyber attacks are criminal in nature, an attempt to directly steal money from financial accounts, steal credit card numbers, demand a ransom, or something similar. The hack on Target stores in 2014 is a typical example. Cybercrime is, by far, the largest concern for businesses and certainly the focus of regulators.

Cyber Espionage

Close behind is Cyber-espionage. These attacks, of course, are efforts to gain access to trade secrets and other confidential business information. A widely-reported example from March 2017 was the theft from Dun & Bradstreet of a 52GB database containing data on 33.7 million people in the highest profile industry and government jobs. Dun & Bradstreet is reported to have paid a substantial sum for the database which was used for targeted email promotions; it was a substantial loss to Dun & Bradstreet to have the database in the hands of its competitors. Where motivation can be determined, in any given year, these types of attacks are 10-15% of the total.

Hacktivism

Hacktivism is often in the news, but is generally ignored and/or overlooked by businesses since the purpose of hacktivism is social or political, not financial. As an example, in February of 2017, an anonymous hacking group targeted and shut down various dark web sites that were purportedly hosting child pornography. As with cyber-espionage, the total number of attacks is low. These types of attacks are 10-15% of the total, ebbing and flowing in various countries with various election cycles.

Cyber Warefare

Cyber warfare is defined as either government sponsored attacks or cyber attacks that are intended to just cause chaos. Essentially, a generalized war on the internet and flow of information. These are, year-to-year, the least frequent types of attacks.

10 Common Data Breach Attack Techniques

As noted, attack techniques are constantly evolving. A list of the most common techniques from 10 years ago would look very different than the list for the last couple of years. This evolution is not only code driven, but device driven. Android mobile devices have become significant targets of cyber crime and, thus, the number of techniques used for breaching mobile devices has multiplied.

Here the top 10 attack techniques for the last couple of years:

  • Malware/point of sale: Probably a third of all attacks target point of sale terminals with the intent to obtain credit card and debit card information; Home Depot and Target suffered such attacks.
  • Ransomware: This form of attack saw significant increases in 2017 (example: WannaCry). Malware generally threatens ether to publish secret or embarrassing data or to perpetually lock out the victim from his or her own computer systems unless a ransom is paid; another variant is to demand ransom to hide the existence of the data breach itself — example Uber
  • Account hijackings: Individual, business, and now more common “cloud account hijackings” — email, computer, system accounts are hijacked to allow theft of personal and financial information; can be the basis for transferring money directly from financial accounts, using credit and debit cards or ransom demands.
  • Structured query language (“SQL”) code injection: Database sites and applications are particularly vulnerable to SQLI attacks since they are designed to allow searchability and interaction from the internet; if not properly protected, hackers can change coding, which is sent to the database server through the web application; this can, for example, allow access to the server without the need for a passcode, which then can allow the hacker access to linked/non-segregated systems/networks, etc.; this can allow uploading of malware, hijacking of accounts, and the like.
  • Denial-of-service: Singular or distributed — the main type of attack used in cyber warfare and, often, hacktivism; hackers send a flood of traffic to the victim’s system or website from hundreds, thousands, or potentially hundreds of thousands of sources; the intent is to overload the victim’s traffic and bandwidth causing the system to shut down and the site to go offline; often accompanied by efforts to sneak in trojans and other malware under cover of the mass of traffic.
  • Domain name server (“DNS”) hijacking: Hackers either infect the system so that internet queries are redirected to a domain name server controlled by the hackers; this is a version of domain name theft; intent is to steal web traffic or financial information via false “enter payment information” pages or to trick webusers into downloading malware.
  • Malicious cross-frame/Java Script: Similar to DNS hijacking; malware loads a legitimate looking page on the victim’s computer/device to steal data that the user inputs or to send the user to a website/page that the hacker controls.
  • Zero-day vulnerability: A new dispersal technique; malware is often mass dispersed across the web; however, zero-day dispersal is new; malware that targets a program or system vulnerability is released but activation is “held back” until the vulnerability is discovered (the so-called “zero day”); the malware is programmed to immediately complete its task — theft, breach, download of malicious code — on the “zero day”; because the malware does not activate immediately, it may gain wide circulation before the zero day.
  • Brute Force: No deception, just blunt force automated trial and error method used to locate passwords or data encryption standard keys; if, for example, the password is five digits, the program literally tries to go through every single combination of numbers and letters until the password is uncovered.
  • Credential stuffing: A version of brute-force hacking — repeated automated efforts to gain access to accounts by using partial login information. This is considered a exceptionally serious attack technique. A large volume of data breaches have partially compromised customer information for hundreds of million of individuals.

Data Breach Attorneys: Contact Revision Legal Today

If you need more information on data breaches and on preventing data breaches, contact Revision Legal. We can be reached by email or by calling us at 855-473-8474.

You Might Also Like:

10 Data Security Management Tips to Prevent a Data Breach

Your Company Needs A Data Protection Officer

2017 Data Breaches — Severity and Frequency On The Rise

automated trademark registration

Trademark Applications: Think Twice About Automated Registration

Properly cared for, your trademark can develop into the most valuable asset you own. At a gathering of staff from several Coca-Cola bottling plants, a senior executive reportedly declared that “the company could lose all its plants, lose all its staff, lose its access to the sources of its raw materials, lose its capital and its accounts, but as long as it had [its trademark], it would be possible to walk into a bank and receive sufficient credit to replace the entire global infrastructure.”¹ Unlike other forms of intellectual property like a patent or a copyright, your trademark can live forever. Given its potential value and import, even fledgling companies should recognize that their trademarks are sacrosanct.

Automated Trademark Registration Services: To Good To Be True

Too often, clients come to us with trademark applications filed through automated services like trademarkengine.com or similar services. The price for such services looks too good to be true because it is. Once a federal trademark application is filed, there are many significant limitations on how it can be amended. A trademark attorney with years of experience dealing with the Trademark Office can help you identify problems that you did not know existed. In most cases, it is important to identify these issues as soon as possible. Being forced to change your brand after a year in business is often a death sentence to a young company.

Preventative Medicine: The Office is Open

Like medical work, a little bit of preventative legal advice is much more cost effective than triaging an early mistake. If you have used a DIY trademark filing website, you may be facing an Office Action from the Trademark Office that illustrates this point. Office Actions often read as though there is no hope for registration. In most cases, however, applicants have options. We specialize in navigating the thorny procedural issues that arise when dealing with the Trademark Office. We also litigate trademark disputes in federal courts across the country. Our expertise gives us a unique perspective that allows us to spot potential issues that attorneys who focus only on trademark applications or trademark litigation would miss.

Your trademark is your reputation. We want to help you protect it.

 

¹Rosemary J. Coombe, The Cultural Life of Intellectual Properties: Authorship, Appropriation, and the Law 56 (Duke University Press 1998).

How Strong is Your Trademark? 5 Levels of Distinctiveness [Infographic]

Picking a mark to represent your brand can be one of the most important decisions you make. Think about the brands we see everyday. Apple. Coca Cola. Microsoft. These are immediately identifiable both with the company and the products they produce.

Just how strong is your trademark?

On one end of the spectrum, are descriptive or generic marks. These are the weakest marks, and either can’t be trademarked, or require that the mark acquire secondary meaning first.

Proceeding by increased strength are suggestive, arbitrary, and fanciful terms. Each has it’s own requirements for trademark registration, with fanciful being the strongest of all marks and most likely to receive trademark registration.

strength of a trademark

The benefits to trademark registration are numerous. In order to receive the benefits of trademark registration, care should be taken to select a mark that is high on the scale below.

These issues should be considered when determining whether to apply for trademark registration, or even better, before significant investment is made into building a brand.

You can see each type of trademark strength, plus examples, in the infographic below. If you’re in the branding stages of your company, or considering a rebrand, keep it handy! You’re going to use this guide for reference as you develop ideas to identify your brand.

 

 

9 Top Trade Secrets You Need to Protect Now

In practice, a trade secret can be pretty much anything. The federal Trade Secrets Act, 18 U.S. Code § 1839(3), defines a “trade secret” as:

… all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs, or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing if—

(A) the owner thereof has taken reasonable measures to keep such information secret; and

(B) the information derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by, another person who can obtain economic value from the disclosure or use of the information.

Despite the fact that almost anything can be a trade secret, some types of trade secrets are more common and typical than others. Here are the most common types of trade secrets that you need to protect.

1. Secret Recipes

Every major food and beverage company has trade secrets related to recipes and cooking processes. Coca-Cola, for example, protects its secret recipe safely locked away in a custom-built vault at the World of Coca-Cola, the company’s museum in Atlanta. See report here.

As this Forbes article details, Coke had the FBI investigate and prosecute some former employees for trying to steal some of Coke’s secret recipes. Ironically, competitor Pepsi, Inc. turned in the would-be-trade-secret-thieves. The defendant got eight years in prison.

Other famous example include KFC’s secret recipe of 11 herbs and spices for its original recipe fried chicken, the formula various Heinz condiments, and the formula for WD-40.

2. Manufacturing Processes

Manufacturing processes are among the most common examples of trade secrets. One of the most historically famous example is the secret of harvesting the silkworm’s thread. This was discovered in 2700 BC or so. The Empire of China kept the method secret for hundreds of years and the secret formed the economic foundation of the famous Silk Road Trade Route from China to modern-day Turkey. The Empire made revealing the secret process punishable by death, as well as trying to take silkworms and eggs out of the Empire.

An interesting modern example involving broccoli seeds comes from this trade secret case Caudill Seed & Warehouse Co, v. Jarrow Formulas, 161 F. Supp. 3d 513 (W.D. Kentucky 2015). In that case, two competitors were litigating competing trade secrets claims with respect for methods of removing a chemical called myrosinase from broccoli seeds. Myrosinase is an additive in certain types of herbal dietary supplements. The plaintiff used a process to remove the myrosinase by soaking the seeds in water and then drying the extract. The competitor simply used broccoli powder at lower temperatures so that the myrosinase did not lose its effectiveness.

It is likely that every business has a protectable trade secret that is a process or method of accomplishing some part of its business.

3. Research and Development, Including Failed projects

Again, this one is almost stereotypically considered a “trade secret.” Many overlook the commercial value of failed R&D projects. In much the same way as the vending example, when you discover what does not work, that is valuable because a competitor knowing that has a “leg up.” As another Forbes Magazine article explains with respect to WD-40:

“In the case of WD-40 , the product’s name comes from the 40th try by scientists in 1953 to come up with a “water displacement” formula for a rust-prevention solvent and degreaser for the aerospace industry. Not only is that formula a trade secret, but so are the formulas and work that went into the preceding 39 attempts. If a competitor learned about those failed attempts alone, it might still save a lot of research and development time.”

4. Client and Customer Lists

It has become well-known that client and customer lists are valuable trade secrets. Customer/client lists are one of the most common claims made in trade secret misappropriation cases. A quick case law search shows that in 2017 alone, no less than 150 cases were filed in state and federal courts where it was alleged that customer lists were misappropriated as trade secrets.

5. Client Buying Habits

As valuable as customer contact information is, client buying habits are even more valuable. Remember, the touchstone of a “trade secret” is information that has “commercial value”; that is, if the information was known to your competitor, your competitor could undercut your marketshare.

Take a mundane example of a vending business. You have a snack and drink machine at the nearby firehouse. Over the months and years, through trial and error, you have learned that the firefighters and the other first responders and employees like plain chips, bbq-flavored chips, and cheddar-cheese flavored chips, but otherwise, not much will sell. That is commercially valuable information because a competitor will have to go through the same trial and error to learn the same information about the buying habits of the folks using the vending machines at the firestation. Your competitor will lose money like you did at first trying to sell nacho-flavored chips, cheese puffs/crunchies, hot and spicy flavors, etc. The same reasoning applies to all the items in the vending machines: Coke or Pepsi? Hershey’s or Nestles or Mars or Dove brand chocolate?

6. Rare and Unique Vendors/Suppliers

In a similar manner as client lists, information about unique vendors and suppliers has large potential commercial value. Obviously, vendors and suppliers that are easily located on the internet do not fit this category. Having sources for rare and unique raw materials, goods, and services is a competitive advantage.

7. Software Algorithms/Programs

Famously, Google, Inc. has, over the years, refused to trademark, copyright, or seek patent protection on any of its search engine algorithms because, in each case, Google would have to publicly disclose the information. Google would rather protect the information as trade secrets.

The tech industry landscape is littered with countless other examples.

A similar trend can be seen with driverless car technology. Here again, Google and its spin-off subsidiary Waymo are involved in a high-profile legal fight with Uber with respect to trade secrets for driverless cars. See news report here. Google/Waymo alleges that 14,000 pages of secret data and information about Google’s driverless car technology was stolen by a former Google employee. That employee was working for Google and it is alleged that Uber was using the trade secrets to develop its own driverless car technology. At its core, the Google argument is the same as every other trade secret dispute: The information will give a competitor a “leg up” or “jump start” into the marketplace.

8. Behavioral Data on Well-Known Vendors/Suppliers

Just like your customers and clients, your suppliers have certain habits and common behaviors. These might include price discount practices, grace periods for payments, time-lags between orders and delivery, negotiation strategies and histories, etc. If your business has kept track of that type of information. If you have kept that information secret, then such information is a “trade secret” even though it relates to vendors and suppliers who can be readily identified from public information.

9. Genetic Information

Genetic data is another unusual type of information that is now widely recognized as a “trade secret” if steps are taken to keep the information secret. This is holding of a case filed by Del Monte against Dole with respect to a pineapple variety developed by Del Monte that was sweeter and contained more vitamin C, fiber, color, and a milder texture than “normal” pineapples. See Del Monte Fresh Produce Co. v. Dole Food Co., 136 F. Supp. 2d. 1271 (S.D. Fla. 2001).

Protecting Your Trade Secrets: Contact Revision Legal

If you want more information about trade secrets, about protecting your trade secrets or have other questions about business law, internet law, data breaches and other legal issues related to IP, contact the lawyers at Revision Legal. We can be reached by email or by calling us at 855-473-8474.

 

You Might Also Like:

Trade Secrets

New Federal Trade Secrets Law

How To Protect Your Trade Secrets

Too Much Secrecy And Trademark Priority

Social Media Policy

Revising Your Official Social Media Policy Guidelines: Lessons From Google

In today’s market, every business has or should have an official company social media policy guideline or policy statement. Even if your business is small, a policy statement is essential. Indeed, TWO social media policy statements might be necessary if your business uses employees to promote “the brand,” to promote sales and/or to promote interest in the store and/or sponsored events.

Like nearly all social media platforms, Google has features that allow online users to provide reviews. Yelp.com is a well-known example of a website dedicated to providing customer review. But Yelp is hardly unique; literally thousands of websites encourage consumer/user reviews of various sorts.

Like many web-platforms, Google has issues guidelines for those wishing to post reviews. See here for the latest version. Google’s Review Policies provide some good lessons for how to promulgate useful and common-sense social media policies for businesses. We wrote about some of these issues with respect to using social media endorsers and guidelines issued by the FTC. “Disclosure” seems to be the central idea behind the FTC guidelines. “Authentic” and “Don’t Do It” seems to be the the dual ideal behind Google’s guidelines. Based these, your business may need to review and revise your social media policies. An experienced business and social-media-savvy attorney can help. Here is what you need to know.

Social Media Policies: Excerpts From Google Local Guides Review Policies

The most current Google Review Policy begins with a summary that is a good touchstone for creating company social media policies. The summary states:

Summary: “Make sure that the reviews on your business listing, or those that you leave at a business you’ve visited, are honest representations of the customer experience. Those that aren’t may be removed.”

The Review Guide continues and states:

Preamble: “Whether you’re going to a place or you own one, you want ratings, reviews, photos, and recommendations that are helpful and trustworthy. Reviewing a place is a great way to share both positive and negative opinions. But please follow the policies listed below when writing your review.”

As noted above, these two provisions are attempting to facilitate review that are authentic and personal, rather than manufactured or purchased. The provision related to “CONFLICT OF INTEREST” hones in on the point and brings in the idea of “not doing” certain types of reviews or engaging in certain behavior. That provision states:

Conflict of interest: “Reviews are most valuable when they are honest and unbiased. If you own or work at a place, please don’t review your own business or employer. Don’t offer or accept money, products, or services to write reviews for a business or to write negative reviews about a competitor. If you’re a business owner, don’t set up review stations or kiosks at your place of business just to ask for reviews written at your place of business.”

Note that there is another Google Review Policy that you can find under the “Maps User Contributed Content” tabs. Under that policy, the conflict of interest provision state:

“Maps user contributed content is most valuable when it is honest and unbiased. The following practices are not allowed:

  • Reviewing your own business.
  • Posting negative content about a current or former employment experience.
  • Posting negative content about a competitor to manipulate their ratings.”

Some have argued that these Google Review Policies are directed at tamping down on disparagement by disgruntled former workers against former bosses and employers. See one example here. But the Google guidelines themselves have broader implications for your business; this is not just about former employees, but also about current employees and how your business engages with customers. The prohibition against “review kiosks” and “review stations” has an broader target than disgruntled employees.

Social Media Policies: What is a Social Media Policy Statement?

Like any company “policy statement,” a social media policy statement is a one or two-page document that concisely lists the “dos-and-donts” with respect to your employees using social media with respect to your business. Such statements are sometimes free-standing, but they are bundled into an employee handbook.

Social Media Policies: Lessons From Google Local Guides Review Policies

The Google Review Policy Guidelines provide several good examples of behavior and activities that should be in any good social media policy given to employees. Among those are:

  • Do not post online reviews with respect to our COMPANY
  • Do not offer money, products, or services to someone else to write reviews for our COMPANY
  • Do not accept money to write reviews
  • Do not write or encourage anyone else to write negative reviews about any competitor of COMPANY
  • Encouraging authentic and truthful review written by someone else is acceptable BUT don’t delay or waylay customers as they leave to have them write reviews

Sometimes businesses can create their own worst nightmares with respect to inauthentic reviews. Often these ill-advised efforts originate with marketing and research and development departments. These departments want input and information to facilitate efforts to improve the product, customer service, customer satisfaction, customer loyalty, etc. So, naturally, they think: let’s get more reviews. Then they think: Let’s give incentives to our employees for them to encourage the customers to write reviews. This backfires since employees quickly learn that the easiest method of getting the customer “to write a review” is to write the review for the customer. Famously, this has happened at several prominent restaurant chains. Waitresses and bartenders were given bonuses for certain increased levels of customer reviews. Soon after the incentive program started, review began to increase. But it also became clear that the reviews were not “real.” It turned out the employees started saying things like: “hey hun/hey doll, will you write a review?” and if the customer was non-committal, with a big friendly smile, the next statement was: “Here, let me see your phone. I’ll write it for you.” Most often the response was: “Sure.” Obviously, from a marketing and R&D perspective, that is a “review” but not an authentic or useful review.

The foregoing are just some of the matters that should be included in your company’s social media policy guides for employees. As noted, if you have management-directed employees, you need a separate set of policies for them. Likewise, your marketing and R&D departments might need a set of policies too, about how to generate authentic and useful online reviews.

To learn more about the Google guidelines, contact the professionals at Revision Legal. If your business has a substantial online presence, 2018 may be the time to review company policies and procedures — and the employee handbook — to review or create your media social policy statement(s). Revision Legal offers a wide array of legal services related to the internet, business law and consumer protection.  We can be reached by using the form on this page or by calling us at 855-473-8474.

You Might Also Like:

Updated Guidelines for Online Endorsements

FTC Brings Charge for Misleading Consumers

FTC Issues Updated Policy for Deceptively Formatted Ads

New German Social Media Laws

New German Social Media Laws For 2018

As the calendar turned to 2018, a new German social media laws are set to be vigorously enforced requiring social media sites like Twitter, Facebook, etc. to remove hate speech, fake news, and “criminal content.” See BBC report here.

While the new German law applies only to websites with 2 million or more members, that could change. The law might soon be applied to your company’s website.

Details on Netzwerkdurchsetzungsgesetz

The new German law is called Netzwerkdurchsetzungsgesetz — or “NetzDG” for short. NetzDG was passed by the German Legislature back in June 2017 and actually became effective in October. However, it was announced that the law would only be mildly enforced until January 1st to give internet companies time to put into place policies and procedures. The new law is intended to speed up the process of removing criminal content.

Previously enacted statutes already require that websites remove criminal content; the new law adds a quick turnaround — 24 hours after notice — and significant fines — 50 million euro (approximately $60 million). The new law also requires the networks to offer users “an easily recognizable, directly reachable, and constantly available” complaint process for “prosecutable content.” The networks must also report back to the person who filed the complaint about how they handled the case and the networks can be forced to reveal the identity of those posting the criminal content. “Criminal content” is anything, which includes libel, slander, defamation, incitement to commit a crime, hate speech against a particular social group, and/or threats.

As the BBC reports, “Facebook, Twitter and YouTube will be the law’s main focus but it is also likely to be applied to Reddit, Tumblr and Russian social network VK. Other sites such as Vimeo and Flickr could also be caught up in its provisions.”

As noted, NetzDG requires that “evidently illegal” content be taken down within 24 hours. Internet companies have seven days if certain content is not obviously illegal. According to the BBC report, Facebook has recently hired hundreds of new employees to handle the new requirements.

The law was proposed because studies showed that various internet platforms were terrible to good on removing hate speech and other types of criminal content. See report here. For example, the studies showed that Twitter was terrible in that only about 1% of criminal content was removed. Facebook did better at about 50%, and YouTube was the best with a 90% take-down rate.

NetzDG Has Already Sparked Controversy in its First Week

In just its first week, NetzDG has already sparked several controversies. First, Twitter accounts for several German right-wing politicians were shut down for posting hate-speech. One of the politician was Beatrix von Storch. She was banned from Twitter for 12 hours for tweeting the following:

“What the h**l is happening in this country? Why is an official police site tweeting in Arabic? Do you think it is to appease the barbaric, gang-raping hordes of Muslim men?”

This was in response to Happy New Years tweets by City of Cologne police force sent in German and other languages, including Arabic. See report here.

A German satirical magazine, called Titanic, entered the fray and also had its Twitter account suspended for two days for violating hate speech laws. After von Storch was suspended, Titanic created a parody “von Storch” Twitter account and proceeded to tweet von-Storch-esque posts including negative comments about Muslims. Twitter flagged and removed the tweets and then suspended the Titanic Twitter account.

The whole episode created a dramatic political firestorm. The author of the legislation, Germany’s Minister of Justice Heiko Maas, defended NetzDG by saying that “calls to commit homicide, threats and insults, sedition or Holocaust denial were not exercising freedom of expression, but attacking the freedom of expression of others.”

NetzDG Already Creating Streisand Effects

With respect to lawmaker von Storch and others banned by Twitter, the bannings created significant Streisand effects. Ms. von Storch is a member of the German right-wing AfD as were the other politicians who were banned. The AfD party reported that, after the bannings, roughly 10,000 new followers began following the Twitter account for the AfD bringing the total number of followers of that account to nearly 1 million.

Twitter Offers Clarification on NetzDG

Following a week of controversy, according to the reports, Twitter released a statement clarifying its stance. Twitter announced that accounts belonging to prominent world leaders would enjoy a special status and less likely be banned or suspended. Twitter stated on its corporate blog:

“Blocking a world leader from Twitter or removing their controversial Tweets would hide important information people should be able to see and debate.”

Consequences for Business

US and EU businesses are caught between competing social and political forces. Unfettered movement of ideas and people on the internet is generally good for business. But governments are increasingly demanding that private businesses enforce public laws. This is problematic since these laws are not without controversy and the requirements carry significant costs for any e-commerce business. There are direct costs such as the need to hire hundreds of new employees, indirect costs such as potential lost business from angry customers, and potential costs in the form of possible fines.

In the case of the new German law, businesses are subject to charges of censorship from consumers/users — charges that come from both the political left AND the political right. Customers can and do boycott. US based fast food restaurant Chick-Fil-A has been dealing with boycotts for several years because its owners support anti-gay/lesbian political groups and ideological positions. A new restaurant is opening in Detroit, and a local paper began its article with this: “Homophobic chicken lovers rejoice.”

Contact the Internet Lawyers at Revision Legal Today

If you want more information about NetzDG, contact the professionals at Revision Legal. Internet law is at the core of Revision Legal’s practice with trademark, corporate, e-commerce, and litigation practice areas based on our experience and passion for helping online businesses grow. We are internet-focused attorneys; we understand the languages you speak; we know the complex and unique issues you face. Contact us via email or call us at 855-473-8474.

 

You Might Also Like:

Lumosity Deceives the Public; Result: $2M Settlement

FTC Brings Charge for Misleading Consumers

Updated Guidelines for Online Endorsements