Common Myths: False Sense of Security After Obtaining a Trademark Registration

By: Laura P. Merritt

There are a number of intellectual property myths that attorneys hear over and over again.  Periodically, we’ll feature some of these myths and expose the reality. 

Myth: My company has a trademark registration so our brand name doesn’t infringe on anyone else’s rights.

Reality:  When the U.S. Patent and Trademark Office examines a trademark application, a trademark examiner reviews federally trademark registrations to determine if there are any registrations that might be confusingly similar with the application’s trademark.  This has resulted in some people thinking that if they have obtained a trademark registration they have been given some level of assurance that their trademark doesn’t infringe anyone else’s trademark. 

However, the U.S.P.T.O search does not look at common law, i.e. unregistered, trademarks.  In the United States, trademark rights are acquired by use – not registration.  Therefore, unregistered trademarks can have priority over registered trademarks if they were used first.  This leaves open the possibility that a third party who was using a trademark first may have priority over someone with a federal trademark registration.    

For this reason, it is a best practice to consult with a trademark attorney about the benefits of a comprehensive trademark search and an analysis that would include both registered and unregistered trademark uses.   

Have You Recently Considered Whether Your Website Complies with the Children’s Online Privacy Protection Act?

By Justin F. McNaughton

The Children’s Online Privacy Protection Act (COPPA) is not new, but it seems that many new startups have either not given it much thought or don’t know about it.  As a refresher, COPPA applies to you if: (i) you operate a website directed to children under the age of 13; or (ii) your website has a general audience, but you actually know you are collecting personal information from children under the age of 13.

If you are confident that neither of these are true, then this exercise is completed.  If, on the other hand, that second one bothers you, then please read the rest of this.  More importantly, review the Federal Trade Commission’s guidance on How to Comply with the Children's Online Privacy Protection Rule. 

Although this is certainly not intended to be a comprehensive list of the COPPA requirements, below are some of the general requirements:

• Clearly and prominently provide a link on your home page to your website’s information practices;

• Include in your policy specific information about who is collecting the information, what is being collected, how it is being collected, and how it is being used;

• Before you begin collecting from a child, you must obtain verifiable consent from the child’s parent;

• You must give the child’s parent the option to stop information from being shared with third parties;

• You cannot collect more information from the child than is reasonably necessary; and

• You must provide a procedure for the parent to have the personal information deleted.

This list is not comprehensive, but instead hits the highlights of the COPPA requirements.  Additional information can be obtained from the FTC here and here.  The text of the Act can be found here.

Judges May Consider New Patent Evidence in Challenges to USPTO Rejections

By Kelly Hollowell

Under Section 134 of the Patent Act of 1952, if a patent application is denied by the USPTO, the applicant may file an administrative appeal with the PTO’s Board of Patent Appeals and Interferences, with appeal to the Court of Appeals for the Federal Circuit under Section141. Another option is the applicant may file a civil action against the PTO Director under Section 145.

In the case of Kappos, Under Secretary of Commerce for Intellectual Property and Director, Patent and Trademark Office v. Hyatt, the U.S. Supreme Court addressed  whether an inventor could be allowed enter evidence he had not provided previously to the PTO in challenging a USPTO rejection.

Pursuant to Section 145, Gilbert Hyatt bad filed a civil action against the USPTO Director and asked for the District Court to consider newly proffered evidence in support of his patent application.  The District Court declined to consider the newly proffered evidence and granted summary judgment to the Director.  On appeal, the Federal Circuit vacated the judgment, holding that patent applicants can introduce new evidence in Section 145 proceedings, subject only to the limitations of the Federal Rules of Evidence and the Federal Rules of Civil Procedure.

The Supreme Court affirmed, stating that federal judges can review previously unsubmitted patent evidence when inventors challenge a patent rejection by USPTO.  Specifically, Justice Clarence Thomas wrote in the unanimous decision there are "no evidentiary restrictions" to be placed on patent application challenges beyond the normal restrictions applicable to federal cases.

The full opinion is available here.

Healthcare Data Breaches on the Rise

By Heather J. Hubbard

The Healthcare Information and Management System Society (“HIMSS”) recently released its “Analytics Report: Security of Patient Data,” the third installment of the report in the last six years.  Despite increased confidence in security safeguards, healthcare providers reported more breaches than in past years.  In 2008, only 13% of respondents reported a security breach.  In 2012, that number jumped to 27%.  Of those, 69% had multiple breaches in a single year. 

Why the increased confidence if breaches are actually on the rise?  It could be that almost all healthcare providers are now conducting an annual formal risk analysis.  According to 2012 Analytics Report, 96% did so.  This analysis may provide a false sense of security if the analysis is completed, but the vulnerabilities identified are not properly investigated or addressed. 

Another reason may be that many healthcare companies focus on data breaches from an IT perspective when human resources and employee policies are just as important.  For example, although loss of mobile devices remains a greater risk than in the past, human error is still considered the greatest risk.  Unauthorized access by employees constituted 56% of breaches last year.  Failure of employees to follow policies also creates an increased risk.  Indeed, given the steady rise in outsourcing and third party breaches, it is just as important that a third party business associate utilize adequate background checks and ongoing training for employees as the healthcare provider itself. 

Last, according to Kroll Advisory Solutions, which commissioned the HIMSS Report, “providers continue to prioritize compliance over security” given that compliance is the focus of HIPAA and the HITECH Act.  Even if healthcare providers meet the statutory compliance standards, a security breach can happen and its results can be devastating.  At best, a data breach can cause a serious business interruption.  Or worse, a provider can face governmental investigations, lawsuits and media attention that can negatively impact branding and patient trust. 

At the very least, the HIMSS Report reflects the need for healthcare providers to consider all aspects of security breach risks and prepare a readiness plan should a breach occur. 

DOJ Files Antitrust Suit Against Apple and Major Publishers Regarding E-Book Pricing

By: Emily J. Zibart

Yesterday, the Department of Justice filed an antitrust suit against Apple and five major publishing companies (Hachette, HarperCollins, Macmillan, Penguin Group and Simon & Schuster) regarding the defendants’ practices with regard to e-books.  The DOJ Complaint, available here, alleges that the publishers and Apple conspired to set pricing for e-books in violation of Section 1 of the Sherman Act through the publisher defendants’ adoption in 2010 of the much-discussed “agency” model, whereby e-book pricing is set by publishers, with retailers serving as agents.

The DOJ simultaneously filed a proposed settlement of claims against Hachette, HarperCollins and Simon & Schuster.  If approved, the settlement would in part prohibit the settling publishers from “enter[ing] into any agreement with any E-book Retailer that restrict, limits, or impedes the E-book Retailer from setting, altering, or reducing the Retail Price of one or more E-books” for a period of two years.  Notably, the proposed settlement agreement would not require the publishers to abandon the agency model altogether. 

No Joke: Communications Decency Act Protections

By Emily J. Zibart

On April 1, a number of online sources (including Abovethelaw.com) reported that Connecticut Senator Joe Lieberman planned to propose legislation that would strip internet service providers (ISPs) of their protection under the Communications Decency Act, 47 U.S.C. § 230 (the “CDA”).  Luckily, these stories were later revealed to be a concerted April Fool’s prank, and ISP protections remain intact.   
   
If your website has a “comments” section or otherwise allows users to post content for public viewing, you are subject to the protections of the CDA.  Section 230(c) of the CDA shields ISPs from liability for defamation and other speech-based claims regarding content posted on their sites by third party users.  It was passed in 1996 as a reaction to cases such as Stratton Oakmont Inc. v. Prodigy Services, Inc., 1995 WL 323710 (N.Y. Sup. May 24, 1995), in which the host of a financial message board website was held to the standard of liability for a “publisher” of allegedly defamatory content posted by third parties on the site, due to its exercise of editorial control over the site’s content (monitoring for offensive material, issuing of guidelines for posing, etc.).  In relevant part, Section 230(c)(1) of the CDA provides: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another internet content provider.” 

In applying the CDA to determine whether an ISP is shielded from liability, courts often focus on whether the content was “provided by another internet content provider,” or can be said to have been provided by the ISP itself.  This distinction is exemplified by a 2007 case regarding the practices of the online service Roommates.com, in which the Ninth Circuit Court of Appeals held that the CDA protected the ISP from discrimination claims with regard to actionable content posted by users in an open ended “essay” portion of their profile, but did not provide immunity with regard to “multiple choice” questions formulated by the ISP and automatically populated into users’ profiles.  Fair Housing Council of San Fernando Valley v. Roommates.com, LLC, 489 F.3d 921 (9th Cir. 2007).

The text of Section 230 of the CDA can be accessed here.

How to Control E-Discovery Costs

By Heather J. Hubbard

The costs of e-discovery continue to rise as companies and individuals compile more and more data in this past-faced digital world.  Every case, small and large, can benefit from an e-discovery lifecycle plan.  Although each case must be analyzed separately and there is not a one-size-fits-all approach that will make sense for every matter, at least three variables should always be considered at the outset of any lawsuit or potential lawsuit. 

1.    Early Case Assessment.  Most expenses incurred throughout the e-discovery lifecycle can be minimized at the outset.  Know your relevant time frames, custodians, document types and retention policies well before you send or receive discovery requests.  With this knowledge, you can best approach opposing counsel and the court to seek protections and set protocols based upon proportionality. 
 
2.    Project Management.  The best made plans can become costly when the left hand is not speaking with the right hand.  There should always be a point person from the law firm, client and any outside vendor or IT specialists (the e-discovery executive team) to ensure proper communication and execution.  Each point person is then responsible for managing his/her internal team.  It is critical for the e-discovery executive team to sit down at the outset and come up with a strategy that everyone can fully vet for potential problems and agree upon moving forward.  The team must then meet regularly to discuss progress, glitches and insights to keep the larger teams on schedule and informed for effective and efficient delivery of results.  You would be amazed how much expense is directly related to lack of communication, coordination and misunderstandings. 

3.    Technology.  There are numerous technologies and vendors available to reduce costs.  The following are just a few types available for consideration:  de-duplication (and near duplication), word/phrase searching, sampling, bulk redactions, predictive coding, analytics, mapping, platforms and review tools including reports and trackers with real time information on progress.  Each matter requires different technology to maximize cost savings.  It is important to know your options and alternatives in advance and rely upon those with e-discovery experience to provide thoughtful guidance.