tag:blogger.com,1999:blog-80712120445288740562024-03-13T00:10:33.103-04:00Privacy and IP Law BlogPublished regularly, the Privacy and IP Law Blog addresses recent events in trademark, copyright, computer and privacy law.Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.comBlogger135125tag:blogger.com,1999:blog-8071212044528874056.post-58486674797801824032016-11-17T15:40:00.000-05:002016-11-17T15:40:06.468-05:00Discontinuing the Blog
<span style="font-family: Calibri;">Dear Readers,<o:p></o:p></span><br />
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">I have decided to formally transfer this blog over to the
WordPress site described earlier in this blog.<span style="mso-spacerun: yes;"> (<em>See</em> <a href="http://privacyandip.blogspot.com/2014/10/moving-to-wordpress.html">Moving to WordPress</a>!)
</span>We have now worked out the kinks!<o:p></o:p></span><br />
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">Please join me over at </span><a href="http://www.privacyandiplawblog.com/"><span style="color: #0563c1; font-family: Calibri;">http://www.privacyandiplawblog.com</span></a><span style="font-family: Calibri;">
for continued commentary and legal analysis.<o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Of course, please reach out if you have any questions or
comments about the move.<o:p></o:p></span></div>
<span style="font-family: Calibri;">Best wishes,<o:p></o:p></span><br />
<span style="font-family: Calibri;">Christina Frangiosa<o:p></o:p></span><br />
<span style="font-family: Calibri;">Publisher, Privacy & IP Law Blog<o:p></o:p></span><br />
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-32448737263650383532016-09-09T13:57:00.000-04:002016-09-09T13:57:57.207-04:00TEMPORARY HIATUSDear Readers: <br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 0pt;">
I am pleased to announce that I have joined the IP practice
of the law firm, <a href="http://www.eckertseamans.com/our-people/christina-d-frangiosa"><span style="color: #0563c1;">Eckert
Seamans Cherin & Mellott, LLC</span></a>, in its Philadelphia Office.<span style="mso-spacerun: yes;"> </span>While I’m getting settled, I will not be in a
position to post updates to this blog.<span style="mso-spacerun: yes;">
</span>However, this interruption will only be temporary and I hope to resume
posting on new developments in the IP world again shortly – either here or on a
blog to be created within the firm.<span style="mso-spacerun: yes;">
</span>Please stay tuned.<span style="mso-spacerun: yes;"> </span>If you need to
reach me in the meantime, please email me directly.<a href="https://draft.blogger.com/null" name="_GoBack"></a></div>
<o:p> </o:p><br />
Best,<br />
<em>Christina Frangiosa</em><br />
Privacy and IP Law BlogChristina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-671030828160237112016-06-24T21:27:00.002-04:002016-06-29T23:35:30.150-04:00Business Owners & the New Federal Claim for Trade Secret Misappropriation<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><br />
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:RelyOnVML/>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]-->
<br />
<div class="MsoNormal">
On May 11, 2016, Pres. Obama signed into law the <a href="https://www.congress.gov/114/bills/s1890/BILLS-114s1890enr.pdf">Defend
Trade Secrets Act of 2016, S. 1890, 114th Congr. (2d Sess. 2016)</a> (“<b style="mso-bidi-font-weight: normal;">DTSA</b>”), which provides for the first
time a <u>federal</u> private right of action to litigants for trade secrets
violations.<span style="mso-spacerun: yes;"> </span>Most states – except for
Massachusetts and New York – have enacted versions of the <a href="http://www.uniformlaws.org/Act.aspx?title=Trade%20Secrets%20Act">Uniform
Trade Secrets Act</a> (“<b style="mso-bidi-font-weight: normal;">UTSA</b>”) but
the DTSA provides additional remedies without preempting state laws or
eliminating any of the protections offered by them.<span style="mso-spacerun: yes;"> </span>Business owners will need to take some
actions in the short term in order to take advantage of some of the more
powerful remedies created by the DTSA.</div>
<h2>
<span style="font-size: large;">A Summary of the New Law: </span></h2>
<div class="MsoNormal">
The DTSA is a substantial revision to the Economic Espionage
Act (18 U.S.C. §§ 1831-1839 and 18 U.S.C. § 1961), which previously only
provided criminal penalties and was only enforceable by federal prosecutors.<span style="mso-spacerun: yes;"> </span>An individual trade secret owner’s right to
sue for trade secret misappropriation <u>related to a product or service used
(or intended for use) in interstate commerce</u> in federal court is,
therefore, new.<span style="mso-spacerun: yes;"> </span>So are many of the
remedies available to trade secret owners.<span style="mso-spacerun: yes;">
</span>Below is a summary of key provisions:</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">1.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Who
Can Sue?</u></b><span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
Owners of trade secrets may file an action against those who
“misappropriate” their trade secrets, <b style="mso-bidi-font-weight: normal;">provided
that the trade secrets relate to products or services that are used in (or are
intended for use in) interstate or foreign commerce.</b><span style="mso-spacerun: yes;"> </span>This means that trade secrets associated with
products or services that only travel within a single state could not be enforced
under this Act.<span style="mso-spacerun: yes;">
</span><span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">2.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>What
is “Misappropriation”?</u></b><span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
“Misappropriation” includes either <span style="mso-spacerun: yes;"> </span>(1) acquisition of a trade secret by someone
who knew or should have known that the secret was obtained by “improper means” or
(2) disclosure of such a secret by one who did not have express or implied
consent to do so and knew or should have known that it was a secret or acquired
by “improper means”.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">3.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>What
Counts as “Improper Means”?</u></b></div>
<div class="MsoNormal">
“Improper means” includes theft, bribery, misappropriation,
breach or inducement of breach of a duty to maintain secrecy or espionage
through electronic or other means.<span style="mso-spacerun: yes;"> </span><b style="mso-bidi-font-weight: normal;">More importantly, however, “improper means”
expressly <u>does not</u> include reverse engineering, independent derivation
or any other lawful means of acquisition.</b></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">4.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Available
Remedies</u></b>.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
Potential remedies include: (A) injunctions to prevent the
actual or threatened misappropriation, (B) monetary damages for actual loss and
for unjust enrichment, and, (C) if all other remedies are insufficient to make
the trade secret owner whole, then the owner can recover a reasonable
royalty.<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>A reasonable royalty is not the preferred
remedy, but instead should be a remedy of last resort.<span style="mso-spacerun: yes;"> </span>(See <a href="https://www.congress.gov/114/crpt/srpt220/CRPT-114srpt220.pdf">Senate
Rep. 114-220</a> (Mar. 7, 2016) and <a href="https://www.congress.gov/114/crpt/hrpt529/CRPT-114hrpt529.pdf">House Rep.
114-529</a> (Apr. 26, 2016)).</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">5.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Enhanced
Damages for Willful Misconduct.</u></b><span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
If a trade secret owner can prove that the trade secret
thief misappropriated the trade secret “willfully and maliciously”, then the
court may award exemplary damages (not more than two times the monetary damages
awarded); and award attorney fees to the prevailing party.<span style="mso-spacerun: yes;"> </span>Such an award is within the sound discretion
of the district court.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">6.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Narrow
<i style="mso-bidi-font-style: normal;">Ex Parte</i> Seizure Order</u></b>.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
A trade secret owner’s ability to obtain an <i style="mso-bidi-font-style: normal;">ex parte</i> seizure order (which allows law
enforcement officers to seize allegedly misappropriated trade secrets from a
specific target without providing advanced notice to the target or permitting the
target to be heard in opposition to an order prior to its issuance) is new
under this law.</div>
<div class="MsoNormal">
<span style="mso-tab-count: 1;"> </span>Seizure
is an extremely powerful tool, but has several potent limitations: (a) it is
only available if the trade secret owner can demonstrate that a regular Rule 65
injunction would not be effective against this target because the target “<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>would</u></i></b>
evade, avoid or otherwise not comply” with an injunction order, or “would
destroy, move, hide or otherwise make such a matter inaccessible to the court”;
(b) a seizure order will not be issued if the trade secret owner has publicized
in any way that it is pursuing seizure; (c) the trade secret owner may not
participate in the seizure (instead, this is handled by appropriate law
enforcement personnel); (d) the trade secret owner does not receive the alleged
trade secrets once they are seized from the target (instead, these are held in
the custody of the court); (e) the trade secret owner must provide security (<i style="mso-bidi-font-style: normal;">i.e.</i>, post a bond with the court)
against the possibility of unlawful seizure; and (f) any seizure MUST minimize
any interruption in the lawful business operations of the target.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">7.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Sanctions
for Bad Faith Claims or Wrongful Seizure</u></b>.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
If the target proves by circumstantial evidence that the <b style="mso-bidi-font-weight: normal;">claim of misappropriation was made in bad
faith</b>, the court may award attorney’s fees to the target as a prevailing
party.</div>
<div class="MsoNormal">
<span style="mso-tab-count: 1;"> </span>Further,
<b style="mso-bidi-font-weight: normal;">if a trade secret owner wrongfully
seizes materials</b> that are later determined not to have been
misappropriated, or if the owner sought an excessive seizure, the target may be
entitled to the following:<span style="mso-spacerun: yes;"> </span>(1) “relief
as may be appropriate” (which includes damages for lost profits, cost of
materials, loss of good will and punitive damages); (2) reasonable attorney’s
fee <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>unless</u></i></b>
the court finds extenuating circumstances; and (3) prejudgment interest on any
recovery (beginning on the date the trade secret owner applied for the seizure
owner).<span style="mso-spacerun: yes;"> </span>In this case, the bond posted by
the trade secret owner shall not constitute a cap on the available recovery.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">8.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Federal
Jurisdiction</u></b></div>
<div class="MsoNormal">
Trade secret owners are permitted to bring DTSA claims in
federal district court, but they are not required to.<span style="mso-spacerun: yes;"> </span>Federal courts have original, but not
exclusive, jurisdiction over these claims.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">9.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Statute
of Limitations</u></b></div>
<div class="MsoNormal">
Trade secret owners have three (3) years after the
misappropriation was discovered (or through exercise of reasonable diligence <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>should
have been discovered</u></i></b>) to commence a civil action asserting a claim
of misappropriation under the DTSA.</div>
<div class="MsoNormal">
<span style="mso-tab-count: 1;"> </span>However,
continuing misappropriation is considered a single act – not individual acts of
misappropriation that could re-start the clock for purposes of the statute of
limitations.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">10.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Limitations
on Claims against Employees (a.k.a. Employee Immunities)</u></b></div>
<div class="MsoNormal">
Employers can only obtain enhanced damages and attorneys’
fees from any employee who discloses its trade secrets <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>IF</u></i></b> the employer
notified the employee in advance (either through an agreement or in certain
employment policies if appropriately cross-referenced) of his/her immunity for
liability under certain whistleblowing circumstances.<span style="mso-spacerun: yes;"> </span>“Employees” for these purposes include
contractors and consultants.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraph" style="margin-left: .25in; mso-add-space: auto; mso-list: l0 level1 lfo1; text-indent: -.25in;">
<span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">11.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "times new roman";">
</span></span></span><b style="mso-bidi-font-weight: normal;"><u>Effective
Date</u></b></div>
<div class="MsoNormal">
This Act applies immediately to any misappropriation for
which any action happens on or after the date of enactment (May 11, 2016).<span style="mso-spacerun: yes;"> </span></div>
<h2>
<span style="font-size: large;">What Should Business Owners Do Now?</span></h2>
<div class="MsoNormal">
<u>First and foremost</u> – employers should revise their
form agreements to be used with any employee, contractor or consultant who will
have access to the employer’s confidential information to provide the requisite
notice of whistleblower rights.<span style="mso-spacerun: yes;"> </span>Without
this notice, an employer cannot seek exemplary damages (up to twice the amount
of actual damages awarded) or attorney’s fees if it proves the misappropriation
was willful or malicious.<span style="mso-spacerun: yes;"> </span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<u>Second</u>, trade secret owners need to take stock and
identify clearly what their trade secrets are.<span style="mso-spacerun: yes;">
</span>In particular, if a trade secret owner pursues an <i style="mso-bidi-font-style: normal;">ex parte</i> seizure order against a competitor or an ex-employee’s new
employer, the trade secret owner will have to articulate with some clarity what
the trade secrets are that are alleged to have be misappropriated.<span style="mso-spacerun: yes;"> </span>This identification is intended to aid the law
enforcement officers charged with executing the seizure order to know what to
take, but also allows a trade secret owner to position itself better to avoid
an allegation of wrongful seizure or a bad faith claim of misappropriation as
the litigation develops.<span style="mso-spacerun: yes;"> </span>This
identification will also aid businesses overall by necessitating the creation
of tighter controls over those assets that are truly trade secrets to keep them
from being unlawfully disseminated.</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<u>Finally</u>, if a business becomes the target of an <i style="mso-bidi-font-style: normal;">ex parte</i> seizure order, know that a
hearing must occur no later than seven (7) days after the seizure order was issued. Be prepared to argue that other injunction options may have been reasonably available to support the argument that a wrongful seizure occurred, entitling the target to damages. Even if the business only receives a threat of an <em>ex parte</em> seizure, consider whether the exceptional circumstances justifying an <em>ex parte</em> seizure were actually present in your case. <strong>Take any such threats seriously, and contact your attorney immediately if you receive a demand letter making this claim or if a seizure order is executed against you -- because your time to respond in either case will be very short.</strong></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Copyright © 2016, Christina D. Frangiosa.<span style="mso-spacerun: yes;"> </span>All rights reserved.</div>
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:DoNotShowPropertyChanges/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
<w:UseFELayout/>
</w:Compatibility>
<w:DoNotOptimizeForBrowser/>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="371">
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="6" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
mso-pagination:widow-orphan;
font-size:11.0pt;
mso-bidi-font-size:10.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}
</style>
<![endif]--><br />Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-10571938132300653512016-05-31T23:09:00.002-04:002016-05-31T23:09:54.422-04:00Five Simple Things Businesses Can Do to Better Secure Their DataNews of data security breaches at one company or another has become so common that perhaps we are becoming immune to the significant impact these breaches can have on those whose information are affected. Not only can identity theft destroy an affected individual's credit and limit his/her future buying choices, but also it is becoming clear that, philosophically, perhaps our private data really aren't private anymore. Think of how easy it is to search public records online and find out personal details about a person well beyond what the phone book would have listed in days past. It is harder and harder to keep secrets when the Internet is involved.<br />
<br />
Notwithstanding such developing immunity to the shock of a data breach at any particular company, data breaches are very serious events for a company – of any size. In the aftermath, it is not unusual to hear business executives announce that they "never want to go through that again."<br />
<br />
So, what can you do to minimize your company's risk for data breach? Here are my top five recommendations:<br />
<ol>
<li><strong>Hire the right people</strong>. Whether you rely on internal IT support staff or if you outsource to a third-party vendor, make sure you have the right resources in place to accomplish your goals. Discuss your expectations (particularly about data security) with these personnel at the beginning of the relationship and set realistic goals for achieving a secure system.</li>
<li><strong>Conduct the necessary due diligence</strong>. Before you hire that new IT security director internally or engage that new third-party vendor, be sure that they actually have the skills in place to accomplish the levels of data security you envision. Interview your candidates (whether individual or vendor) to determine that their services match your needs. Make sure you know what services you are signing up for. If you want a company to be actively testing your network for potential weaknesses, make sure that such services are covered by the fees you are paying; typically, they are more expensive than services that simply patch your existing software with newly-released security updates from the manufacturer.</li>
<li><strong>Pay Attention to Suspicious Conditions</strong>. Watch for signs that someone else may be making changes to your network. (For instance, user names and passwords suddenly not working, the appearance of new administrator accounts, system unavailability particularly for remote access, significant slowdown of processing speed during periods of regular use, etc.). Just like we are all being warned in public transportation venues that "if you see something, say something", if you suspect that your data may not be secure, do not ignore that suspicion. Involve your IT personnel and be sure that you are effectively maintaining the security of your network.</li>
<li><strong>Update all Software as Recommended by the Manufacturer</strong>. Security patches are rolled out all the time, particularly after the manufacturer learns of potential weaknesses in security. If you keep your software updated with these patches as part of your regular routine, you decrease your risk of exposure. Same with anti-virus and anti-malware software: they are only as secure as that last update that was applied. Keep the virus and malware definitions up to date to reduce your risk of intrusion by known entities.</li>
<li><strong>Only Collect Information that You Absolutely Need</strong>. If you do not need access to customers' credit card numbers, don't ask for it. And, if you do need access, do not retain it any longer than necessary to complete the transaction. In particular, where credit card numbers are concerned, there are other regulations, standards and guidelines about what you can keep and for how long. See <a data-mce-href="https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security" href="https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security">Payment Card Information Data Security Standards</a> ("<strong>PCI DSS</strong>") for more details. With respect to the data you decide to keep, maintain your sensitive data in encrypted form as much as you can to reduce the risk of third-party access. Once you decide not to maintain certain sensitive information any longer, be sure that you comply with federal, state and local laws governing the safe destruction of documents or electronic data that embody personally identifiable information ("PII") or competitively sensitive data, such as trade secrets.</li>
</ol>
In general, businesses who are proactive about putting in place and maintaining effective data security protocols have a much better chance of avoiding the exposure that results from a data breach. Of course, there's no guarantee that you might not be targeted by a malicious and very determined third party, but consider a thief's potential options: (1) hack that network that is protected by multi-layer and multi-factor data security; or (2) walk through that open door provided by another company who is not managing their IT security effectively. If you were the thief presented with these options, wouldn't you take the path that presents the least resistance? Don't be the "open door."<br />
<br />
Copyright (c) 2016, Christina D. Frangiosa, All Rights Reserved.Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-88523949651728763892016-02-10T23:55:00.000-05:002016-02-10T23:55:18.647-05:00Mobile Device Security Policies for Employers – Small and Large
<span style="font-family: inherit;">As a business owner, perhaps you have seen articles about setting
ground rules for BYOD (a.k.a. employees bringing their own devices to work to
use for work purposes).<span style="mso-spacerun: yes;"> </span>Placing restrictions
on access to Company information, however, should not be limited only to those
BYOD devices.<span style="mso-spacerun: yes;"> </span>Instead, if the Company
issues Company-owned devices to employees for use on Company systems, similar
ground rules should be put in place to set expectations and provide the
backdrop for any disciplinary action that may be needed later if an employee misuses
Company information or loses an unsecured device.<o:p></o:p></span><br />
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: inherit;"><b style="mso-bidi-font-weight: normal;"><u>Here are some questions
to keep in mind as you develop policies for Company-owned devices issued to
employees</u></b>:<o:p></o:p></span></div>
<span style="font-family: inherit;">
</span><br />
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">1.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you have</b> <b style="mso-bidi-font-weight: normal;">an “Acceptable Use” policy in place</b>?<span style="mso-spacerun: yes;"> </span>Does it apply to both Company-owned and BYOD
devices?</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">2.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you restrict</b> <b style="mso-bidi-font-weight: normal;">the employee’s use of Company-owned devices</b>?<span style="mso-spacerun: yes;"> </span>(E.g., to be used for business purposes only,
avoid storing personal information on the device, all information on the device
shall be considered “owned” by the Company)</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">3.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Have you retained the right to take back
any equipment that an employee does not use properly</b>?<span style="mso-spacerun: yes;"> </span>Similarly, do you ensure that Company-owned devices
are surrendered upon termination?</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">4.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you require <u>strong</u> passwords to
secure all portable devices (both BYOD and Company-owned)</b>?<span style="mso-spacerun: yes;"> </span>(You should.<span style="mso-spacerun: yes;">
</span><i style="mso-bidi-font-style: normal;">See, e.g.</i>, Eric Griffith, “</span><a href="http://www.pcmag.com/article2/0,2817,2368484,00.asp"><span style="color: #0563c1; font-family: inherit;">How to Create Strong
Passwords</span></a><span style="font-family: inherit;">,” <i style="mso-bidi-font-style: normal;">PC Magazine</i>, Nov. 29,
2011, for some good tips.).<span style="mso-spacerun: yes;"> </span>Once you
require passwords, remind your employees not to tape them to the front of their
devices – instead, suggest alternate ways of remembering the unique passwords
they just created.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">5.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">What about using portable devices on public
or unsecured networks</b>? (For instance, at the coffee shop while waiting for
that triple-shot latte.)<span style="mso-spacerun: yes;"> </span>Have you
provided guidelines and training to your employees to avoid disclosing
Company-sensitive information across such public networks?<span style="mso-spacerun: yes;"> </span>This is especially important if the
information is mission critical or could destroy the Company’s tactical
advantage if its competitor were to access it.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">6.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you require employees to report
immediately the theft or loss of a Company-owned device</b>?<span style="mso-spacerun: yes;"> </span>Prompt reporting allows the Company to block potentially
damaging intrusion attempts or to change the affected employee’s passwords to
prevent unauthorized access.<span style="mso-spacerun: yes;"> </span>The
Company’s hands will be tied if the employee does not report the loss until
several days later.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">7.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you provide rules about whether Company
documents can be downloaded to external devices and under what circumstances</b>?<span style="mso-spacerun: yes;"> </span>Consider mobile device management software to
control the downloading of Company information to the device, to track the
location of Company-owned devices and to enable remote wiping if the device is
lost or stolen.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">8.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Who handles the system updates to the
device</b>?<span style="mso-spacerun: yes;"> </span>The Company?<span style="mso-spacerun: yes;"> </span>(Probably, unless it’s a BYOD device.)<span style="mso-spacerun: yes;"> </span>The employee?<span style="mso-spacerun: yes;">
</span>(Probably only if the device is personally owned by the employee.)<span style="mso-spacerun: yes;"> </span>If it’s a Company obligation, then ensure
that the device is accessible to the Company when needed (i.e., “on demand”) to
fulfill this requirement.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">9.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Will the employees’ family members be
accessing the device</b>?<span style="mso-spacerun: yes;"> </span>(More likely
if it’s the only device in the house – less likely if there are other options
available to the family.)<span style="mso-spacerun: yes;"> </span>Consider
restricting use of Company-owned devices to employees only.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">10.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you prohibit the downloading of
unauthorized content to the device</b>?<span style="mso-spacerun: yes;">
</span>Whether it’s pornography, another company’s trade secrets or pirated
videos streaming the latest (copyrighted) episode of a favorite show, none of
these things belong on most companies’ business equipment and could expose the
Company to liability from a third-party who owns the rights to the content.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">11.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Do you require encryption or
password-protection when transmitting particularly sensitive Company
information to outsiders</b>?<span style="mso-spacerun: yes;"> </span>If not,
you should.<span style="mso-spacerun: yes;"> </span>Take everyone opportunity to
protect the Company’s trade secrets and try to keep them from public dissemination.<span style="mso-spacerun: yes;"> </span>Having a reliable system in place increases
the changes that a court would conclude that the Company’s trade secrets are
deserving of such protection in the event of a breach.</span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.75in; mso-list: l1 level1 lfo1; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;">·<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";">
</span></span></span><!--[endif]-->Notably, in the 2012 Target data breach, the
large, well-funded entity (Target) was not the source of the leak that allowed
hackers to steal thousands of customer credit card numbers.<span style="mso-spacerun: yes;"> </span>Instead, it was the HVAC servicing company
that had minimal security protocols in place and effectively acted as the front
door to enable the hackers to steal the data over a surprisingly long period of
time.<span style="mso-spacerun: yes;"> </span></span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 12pt 0.5in; mso-list: l0 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: inherit;"><span style="mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin;"><span style="mso-list: Ignore;">12.<span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><b style="mso-bidi-font-weight: normal;">Does the Company have record-keeping
requirements (statutory, regulatory, etc.) that would apply to an employee’s
use of a portable device</b>?<span style="mso-spacerun: yes;"> </span>Are
employees who work remotely required to keep Company records and maintain
certain Company files?<span style="mso-spacerun: yes;"> </span>If so, consider
implementing rules identifying when such record keeping should occur and
provide guidelines for destroying extra copies or other pages that the employee
might otherwise throw out in the trash at a remote site.<span style="mso-spacerun: yes;"> </span>(Some states have “safe destruction of
documents” laws intended to reduce the likelihood of identity theft or other
unauthorized access of personally-identifiable information.)<o:p></o:p></span></div>
<span style="font-family: inherit;">
A few
closing thoughts – take every precaution to keep Company data secure.<span style="mso-spacerun: yes;"> </span>Always require the installation and use of anti-malware/anti-virus
and other security tools to limit a potential thief’s ability to misuse the
Company’s data or to leave code behind that continues to collect the data even
after the potential thief has appeared to withdraw.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span><br />
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: inherit;">The
more conscientious you are about keeping Company data secure, the more likely
you are to avoid severe consequences (or at least reduce them) in the event of
a data breach – whether the breach is caused by the concerted efforts of
outsiders or by wrongful conduct of your own employees or by unintentional mishaps
(such as the employee leaving the device in the back of a cab during a hectic
business trip).<span style="mso-spacerun: yes;"> </span>Watching the doors is
always worthwhile.</span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
Copyright (c) 2016, Christina D. Frangiosa, All Rights Reserved.</div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-13832300620297496622015-12-30T00:24:00.003-05:002015-12-30T00:28:48.759-05:00Common Questions – What's Involved in Registering a US Trademark?<div style="text-align: left;">
<span style="font-family: Calibri;">So, you’ve decided to launch a brand name in the U.S. and are contemplating registering it in the U.S. Patent & Trademark Office (“<b style="mso-bidi-font-weight: normal;">PTO</b>”).<span style="mso-spacerun: yes;"> </span>What can you expect?<span style="mso-spacerun: yes;"> </span>Not every application is the same, so there will be variations in exactly what happens in the prosecution of your application, but hopefully this will serve as a “<b style="mso-bidi-font-weight: normal;">Trademark 101 Primer</b>” to describe the basic process overall.<span style="mso-spacerun: yes;"> </span>(<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">Note - this post is for general information purposes only and does not provide any specific legal advice.<span style="mso-spacerun: yes;"> </span>Contact your trademark attorney to discuss any areas of specific concern.</i></b>)<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><u><span style="text-transform: uppercase;"><span style="font-family: Calibri;">Basics<o:p></o:p></span></span></u></b></div>
<div style="text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">What is a Trademark?</b><span style="mso-spacerun: yes;"> </span>It’s a word, phrase, symbol or design, or a combination of words, phrases or designs, that identifies and distinguishes the source of the goods of one party from those of others.<span style="mso-spacerun: yes;"> </span>A service mark performs the same function as a trademark, but applies to the source of a <u>service</u> rather than of a <u>product</u>.<span style="mso-spacerun: yes;"> </span>(For simplicity, this post refers to trademarks and service marks collectively as “trademarks.”)<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">How Valuable is a Good Trademark?</b><span style="mso-spacerun: yes;"> </span>The value of a good trademark lies in its ability to convey to the public the source of a particular good or service.<span style="mso-spacerun: yes;"> </span>The key is to develop a mark unique enough that customers associate it with your goods or services – and only your goods and services.<span style="mso-spacerun: yes;"> </span>While temptingly simple, choosing a mark that <u>describes</u> your goods and services will not create any trademark value.<span style="mso-spacerun: yes;"> </span>Customers won’t know to distinguish your goods from others in the same market.<o:p></o:p></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Can</b> <b style="mso-bidi-font-weight: normal;">Rights Develop Based on Use?</b><span style="mso-spacerun: yes;"> </span>Federal registration is not a requirement to protect trademarks in the U.S. – instead, rights in a particular trademark can be established simply based on use in connection with particular goods or services in the marketplace (aka “common law trademark rights”).<span style="mso-spacerun: yes;"> </span>Nevertheless, federal registration offers more comprehensive protection than reliance upon common law rights, including providing nationwide notice of the owner’s claim to the mark.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><u><span style="text-transform: uppercase;"><span style="font-family: Calibri;">Trademark Application Process<o:p></o:p></span></span></u></b></div>
<div style="text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">Is Pre-Application Searching Required?<span style="mso-spacerun: yes;"> </span></i></b>No, it’s not required, but it’s a good idea for a variety of reasons.<span style="mso-spacerun: yes;"> </span>See my prior post on </span><a href="http://privacyandiplawblog.com/2015/04/common-questions-benefits-of-trademark-searching/"><b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="color: #0563c1; font-family: Calibri;">Common Questions – Benefits of Trademark Searching</span></i></b></a><span style="font-family: Calibri;"> for more details.<o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">Overview of the Application Process</i>.<span style="mso-spacerun: yes;"> </span></b>The chart below gives a birds-eye view of each application track (Use-Based vs. Intent to Use-Based; both are described below).<b style="mso-bidi-font-weight: normal;"><o:p></o:p></b></span></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsypaq2LXBjpgN5Akj0IItYnbDYAZ9YuSnVhnI2xLTGLUN7t7iCm_QbSLuCuOH_t4IyS2tPC2lgC78ezx0rvgIjUoTStg0q-r4WDyyx8jcr66L2NHUtG5eSgfd9xix9hd1UOY3-KOU8Op7/s1600/Frangiosa-TM+Office+Flowchart.jpg" imageanchor="1"><img alt="Flowchart - Trademark App Procedures" border="0" height="270" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsypaq2LXBjpgN5Akj0IItYnbDYAZ9YuSnVhnI2xLTGLUN7t7iCm_QbSLuCuOH_t4IyS2tPC2lgC78ezx0rvgIjUoTStg0q-r4WDyyx8jcr66L2NHUtG5eSgfd9xix9hd1UOY3-KOU8Op7/s400/Frangiosa-TM+Office+Flowchart.jpg" title="USPTO Initial Application Procedures" width="400" /></a><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;">Components of the Initial Application for Registration<o:p></o:p></span></i></b></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">One of the first steps in registering a proposed trademarks or service mark is to determine exactly how you are using (or intend to use) a mark and then to determine the applicable class or classes in which the mark should be registered.<span style="mso-spacerun: yes;"> </span>An applicant may elect to apply for registration in all of the applicable classes in its first application, or apply for the core classes and wait until later to file in other applicable classes.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span>1.<span style="mso-spacerun: yes;"> </span><b style="mso-bidi-font-weight: normal;">Determining Classes<o:p></o:p></b></span></i></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">There are current 45 potential classes (see </span><a href="http://www.uspto.gov/trademark/trademark-updates-and-announcements/nice-agreement-tenth-edition-version-2014-general"><span style="color: #0563c1; font-family: Calibri;">Nice Classifications</span></a><span style="font-family: Calibri;">) – each one triggering a separate filing fee (see </span><a href="http://www.uspto.gov/learning-and-resources/fees-and-payment/uspto-fee-schedule#TMProcess"><span style="color: #0563c1; font-family: Calibri;">Current Filing Fees</span></a><span style="font-family: Calibri;">).<span style="mso-spacerun: yes;"> </span>When you file an application to register a trademark based on a particular description of goods or services (regardless of which classes you designate), you may later clarify or limit the goods or services offered in connection with that mark – but not expand or broaden them or change the way the mark looks on the drawing page submitted to the PTO. <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">Accordingly, it is critical to work out with your trademark lawyer the ways in which you already use the mark, or plan to use the mark, before the application is filed.</i></b><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span>2.<span style="mso-spacerun: yes;"> </span><b style="mso-bidi-font-weight: normal;">Drawing Page<o:p></o:p></b></span></i></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">Every application must include a clear drawing of the mark that you want to register.<span style="mso-spacerun: yes;"> </span>This drawing is used by the PTO to file the mark in the PTO’s search records and to print the mark in the Official Gazette and on the registration certificate.<span style="mso-spacerun: yes;"> </span>The representation of the mark must, therefore, appear in the proper format for either a word mark or a design mark (there are several variations).<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">If a particular design or style of lettering is embodied in the mark, the drawing must be a substantially exact representation of the mark as it appears on the specimen.<span style="mso-spacerun: yes;"> </span>Color may also be a key feature of the mark – if so, it should be claimed in the application.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;"><span style="mso-spacerun: yes;"> </span>3.<span style="mso-spacerun: yes;"> </span><b style="mso-bidi-font-weight: normal;">Specimen of Use<o:p></o:p></b></span></i><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">If you have already started using the mark in commerce in connection with the subject goods or services, the application is said to be based on “use.”<span style="mso-spacerun: yes;"> </span>If no such use has yet been made, but you have a <i style="mso-bidi-font-style: normal;">bona fide</i> intent to use the mark in connection with particular goods or services, the application is an “intent to use” one.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">For a use-based application, you must submit a specimen at the time of the application that shows how the mark is actually used in commerce.<span style="mso-spacerun: yes;"> </span>This is not the same as the drawing of the mark included on the drawing page. Picking the right specimen is an art.<span style="mso-spacerun: yes;"> </span>You can find more information in the PTO’s guidance materials (TMEP </span><a href="http://tmep.uspto.gov/RDMS/mashup/html/page/manual/TMEP/current/TMEP-900d1e489.xml"><span style="color: #0563c1; font-family: Calibri;">§ 904 (Specimens)</span></a><span style="font-family: Calibri;">, </span><a href="http://tmep.uspto.gov/RDMS/mashup/html/page/manual/TMEP/current/TMEP-1300d1e266.xml"><span style="color: #0563c1; font-family: Calibri;">§ 1301.04 (Specimens of Use for Service Marks)</span></a><span style="font-family: Calibri;">; </span><a href="http://www.uspto.gov/trademarks-getting-started/trademark-basics"><span style="color: #0563c1; font-family: Calibri;">Trademark Basics</span></a><span style="font-family: Calibri;">), but <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;">you should also consult with your trademark attorney about the best specimen to use.</i></b><o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">If the application is based on a <i style="mso-bidi-font-style: normal;">bona fide</i> intent to use the mark, you will have to submit an Amendment to Allege Use or a Statement of Use (the choice depends on the timing of filing – and depends on whether the PTO has already issued a “Notice of Allowance” after the opposition period has ended) after you start to use the mark – to demonstrate actual use and to identify the “date of first use.”<span style="mso-spacerun: yes;"> </span>The PTO charges an additional filing fee (</span><a href="http://www.uspto.gov/learning-and-resources/fees-and-payment/uspto-fee-schedule#TMProcess"><span style="color: #0563c1; font-family: Calibri;">Current Filing Fees</span></a><span style="font-family: Calibri;">) for either of these two filings.<o:p></o:p></span></div>
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;">PTO Examining Attorney’s Review and “Office Actions”<o:p></o:p></span></i></b><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">After the PTO receives your application, an Examining Attorney will review it on a substantive basis – to determine if it can be approved for registration.<span style="mso-spacerun: yes;"> </span>This may take several months, and may require several interactions with the PTO before this phase can be completed.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">If the Examining Attorney finds fault with the application for any reason, the Examining Attorney will issue a letter (“<b style="mso-bidi-font-weight: normal;">Office Action</b>”) explaining any substantive reasons for refusal and any technical or procedural deficiencies in the application.<span style="mso-spacerun: yes;"> </span>If only minor corrections are required, the Examining Attorney may contact you or your attorney by telephone or e-mail.<span style="mso-spacerun: yes;"> </span>If the Examining Attorney sends a formal Office Action, your response must be received by the PTO within six months or the application will be deemed abandoned.<o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">Among other things the Examining Attorney does upon receiving your application is conducting his or her own search of the PTO database to determine if a conflict exists, <i style="mso-bidi-font-style: normal;">i.e.</i>, a likelihood of confusion, between the mark in the application and another mark that is registered or already pending before the PTO, which conflict can form the basis of a substantive refusal to register.<span style="mso-spacerun: yes;"> </span>An Examining Attorney may also refuse registration if the mark is:</span></div>
<ul style="margin-top: 0in;" type="disc">
<li class="MsoNormal" style="margin: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in;"><span style="font-family: Calibri;">primarily merely descriptive of the goods or services;<o:p></o:p></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in;"><span style="font-family: Calibri;">deceptively misdescriptive of the goods or services;<o:p></o:p></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in;"><span style="font-family: Calibri;">primarily geographically descriptive;<o:p></o:p></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in;"><span style="font-family: Calibri;">primarily merely a surname; or<o:p></o:p></span></li>
<li class="MsoNormal" style="margin: 0in 0in 0pt; mso-list: l0 level1 lfo1; tab-stops: list .5in;"><span style="font-family: Calibri;">ornamental, or for other similar reasons.<o:p></o:p></span></li>
</ul>
<div style="text-align: left;">
<span style="font-family: Calibri;">It is impossible to accurately predict how an Examining Attorney will view each application, but completing some version of a commercial search in advance can give you a “heads up” about potential conflicts before you file.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;">Publication for Opposition<o:p></o:p></span></i></b></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">If the Examining Attorney raises no objections to registration, or if you are able to overcome all objections, the Examining Attorney will approve the mark for publication in the </span><a href="http://tmep.uspto.gov/RDMS/mashup/html/page/manual/TMEP/current/TMEP-1d1e108.xml"><span style="color: #0563c1; font-family: Calibri;">Official Gazette</span></a><span style="font-family: Calibri;">, a weekly publication of the PTO.<span style="mso-spacerun: yes;"> </span>The PTO will send a “Notice of Publication” to you (or your attorney) identifying the “publication date”.<span style="mso-spacerun: yes;"> </span>Any party who believes it may be damaged by registration of the mark has thirty days from the publication date to file either an Opposition to registration or a request an extension of time to oppose. <o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">If the mark is published based upon the actual use of the mark in commerce and no party files an opposition or request to extend the time to oppose, the PTO will normally register the mark and issue a registration certificate within several months after the mark was published.<span style="mso-spacerun: yes;"> </span>It is not unusual for this entire process to take between 1-2 years to complete before the Certificate of Registration is issued.<o:p></o:p></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">If the mark is published based on an “intent to use” the mark, then the PTO will issue a “<b style="mso-bidi-font-weight: normal;">Notice of Allowance</b>”, upon which you must file evidence of your use of the mark (“<b style="mso-bidi-font-weight: normal;">Statement of Use</b>”) within the initial six months (or during permitted extensions of time to file), demonstrating that use has occurred.<span style="mso-spacerun: yes;"> </span>Registration will issue in due course after the PTO accepts your filing as meeting its requirements.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><u><span style="text-transform: uppercase;"><span style="font-family: Calibri;">Identifying the Mark as a Trademark <o:p></o:p></span></span></u></b></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">Anyone who claims rights in a service mark or trademark may use the <sup><span style="font-size: x-small;">SM</span></sup> (in the case of a service mark) or <sup><span style="font-size: x-small;">TM</span></sup> (in the case of a trademark) designation with the mark to alert the public that the mark owner claims exclusive rights.<span style="mso-spacerun: yes;"> </span>It is not necessary to have a registration, or even a pending application, to use this designation.<span style="mso-spacerun: yes;"> </span>Although the claim to the mark may be disputed later or you may find someone else has a more senior use and requires you to stop using this designation, the use of the <sup><span style="font-size: x-small;">SM</span></sup> or <sup><span style="font-size: x-small;">TM</span></sup> may, nonetheless, be used with the mark in advance of any such determination.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: left;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">The registration symbol, </b><b style="mso-bidi-font-weight: normal;"><span style="font-size: 14pt; mso-bidi-font-size: 10.0pt;">® </span>, (also called a “Circle-R”) may not be used until the PTO has issued a Certificate of Registration for the mark.</b><span style="mso-spacerun: yes;"> </span>Certainly, a <span style="font-size: 14pt; mso-bidi-font-size: 10.0pt;">®</span> should not appear next to the mark in the specimen that you submit to the PTO with your initial application or Statement of Use, or the PTO will reject it.<o:p></o:p></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">In all cases, the mark should be used consistently in all classes covered by the application so that it can continue to develop significance as a “source indicator” in the classes in which you use it in commerce.<o:p></o:p></span></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;"><u><span style="text-transform: uppercase;">So HOW MUCH WILL THIS COST?</span></u></b><span style="text-transform: uppercase;"><o:p></o:p></span></span></div>
<div style="text-align: left;">
<span style="font-family: Calibri;">Attorney fees will differ from firm to firm, and (actually) from application to application because there are so many moving parts.<span style="mso-spacerun: yes;"> </span>It is therefore impossible to predict with any certainty how much an application will cost from start to finish.<span style="mso-spacerun: yes;"> </span><o:p></o:p></span></div>
<div style="text-align: justify;">
</div>
<div class="MsoNormal" style="margin: 0in 0in 10pt; text-align: left;">
<span style="font-family: Calibri;">One component, the PTO’s filing fees, is published and can be budgeted ahead of time.<span style="mso-spacerun: yes;"> </span>(See </span><a href="http://www.uspto.gov/learning-and-resources/fees-and-payment/uspto-fee-schedule#TMProcess"><span style="color: #0563c1; font-family: Calibri;">Current Filing Fees</span></a><span style="font-family: Calibri;">).<span style="mso-spacerun: yes;"> </span>Among the most common fees:</span></div>
<ul>
<li><div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l1 level1 lfo2; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Calibri;">Initial Filing Fee to the PTO - between $275 and $325 (depending on the filing options selected) <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>per class</u></i></b> of goods/services;<o:p></o:p></span></div>
</li>
<li><span style="font-family: Calibri;">Statement of Use/Amendment to Allege Use - $100 <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>per class</u></i></b> of goods/services; and<o:p></o:p></span></li>
<li><span style="font-family: Calibri;">Request for Extension of Time to Allege Use - $150 <b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><u>per class</u></i></b> of goods/services.</span></li>
</ul>
<span style="font-family: Calibri;"></span><br />
<div style="text-align: justify;">
<span style="font-family: Calibri;"><strong><u>OTHER SOURCES OF INFORMATION</u></strong></span></div>
<div style="text-align: justify;">
</div>
<div style="text-align: justify;">
<span style="font-family: Calibri;">The PTO has fantastic resources to explain the basic trademark process and to answer basic questions.<span style="mso-spacerun: yes;"> </span>Some examples:</span></div>
<ul>
<li><div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0pt 0.5in; mso-list: l2 level1 lfo3; text-indent: -0.25in;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;"><span style="mso-list: Ignore;"><span style="font-size-adjust: none; font-stretch: normal; font: 7pt/normal "Times New Roman";"> </span></span></span><!--[endif]--><a href="http://www.uspto.gov/trademarks-getting-started/trademark-basics"><span style="color: #0563c1; font-family: Calibri;">Trademark Basics</span></a><span style="font-family: Calibri;">:<span style="mso-spacerun: yes;"> </span>“Basic Facts About Trademarks: What Every Small Business Should Know Now, Not Later” – includes videos, Basic Facts booklets, timelines showing the process for applications, etc.<o:p></o:p></span></div>
</li>
<li><a href="http://www.uspto.gov/trademarks-getting-started/trademark-process"><span style="color: #0563c1; font-family: Calibri;">Trademark Process</span></a><span style="font-family: Calibri;">: Step-by-Step evaluation of whether filing a trademark application is right for you.<o:p></o:p></span></li>
<li><a href="http://www.uspto.gov/trademarks-getting-started/trademark-basics/teas-nuts-and-bolts-videos"><span style="color: #0563c1; font-family: Calibri;">TEAS Nuts and Bolts Videos</span></a><span style="font-family: Calibri;">: Explains various stages of the application process.<o:p></o:p></span></li>
</ul>
<div style="text-align: justify;">
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;">Of course, if you have any specific questions, consult with your trademark attorney to see what options are best for you.</span></i></b></div>
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
Copyright (c) 2015 by Christina D. Frangiosa All Rights Reserved.</div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-14547228577657249282015-10-16T21:03:00.000-04:002015-10-16T21:03:38.891-04:00California Enacts Electronic Communications Privacy Act (CalECPA)On October 8, 2015, California Governor Jerry Brown signed the <a data-mce-href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178" href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178">California Electronic Communications Privacy Act</a> (CalECPA) into law. This law basically prevents the government from accessing private electronic communications or electronic data without a warrant, subpoena or wiretap order, or without consent of the appropriate individual. State Senator Mark Leno explained the impetus for seeking to pass this legislation: “For what logical reason should a handwritten letter stored in a desk drawer enjoy more protection from warrantless government surveillance than an email sent to a colleague or a text message to a loved one?” Kim Zetter, “<a data-mce-href="http://www.wired.com/2015/10/california-now-nations-best-digital-privacy-law/?mbid=social_twitter" href="http://www.wired.com/2015/10/california-now-nations-best-digital-privacy-law/?mbid=social_twitter">California Now Has the Nation’s Best Digital Privacy Law</a>,” <em>WIRED</em> Magazine, Oct. 8, 2015.<br />
<br />
As the Electronic Frontier Foundation summarized, “CalECPA protects Californians by requiring a warrant for digital records including emails and texts, as well as a user’s geographical location.” Dave Maass, “<a data-mce-href="https://www.eff.org/deeplinks/2015/10/victory-california-gov-brown-signs-calecpa-requiring-police-get-warrant-accessing" href="https://www.eff.org/deeplinks/2015/10/victory-california-gov-brown-signs-calecpa-requiring-police-get-warrant-accessing">Victory in California! Gov. Brown signs CalECPA, Requiring Police to Get a Warrant Before Accessing Your Data</a>,” Electronic Frontier Foundation, Oct. 8, 2015.<br />
<br />
The law focuses on two kinds of data sets: “electronic communication information” and “electronic device information.” <a data-mce-href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178" href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178">2015 Cal. Stat. Ch.651</a>.<br />
<br />
“Electronic Communication Information” is<br />
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
any information about an electronic communication or the use of an electronic communication service, including, but not limited to, the <strong>contents, sender, recipients, format, or location of the sender or recipients at any point during the communication, the time or date the communication was created, sent, or received, or any information pertaining to any individual or device participating in the communication</strong>, including, but not limited to, an IP address. Electronic communication information does not include subscriber information as defined in this chapter.</div>
<br />
“Electronic Device Information” is<br />
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
any information stored on or generated through the operation of an electronic device, <strong>including the current and prior locations of the device</strong>.</div>
<br />
(Emphasis added.)<br />
<br />
Under this new statute, law enforcement agencies cannot compel the “production of or access to electronic communication information or electronic device information . . . without a search warrant, wiretap order, order for electronic reader records or a subpoena issued pursuant under specified conditions, except for [defined] emergency situations.” <a data-mce-href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178" href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178">Id</a>. (Legislative Counsel’s Digest at (1)).<br />
<br />
Any warrant for electronic information of either kind must do the following:<br />
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
(1) Provide a specific description (“describe with particularity”) the information to be seized, including applicable time periods, the target individuals or accounts, the apps or services covered, and the types of information sought.</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
(2) Require that any information obtained due to the search warrant that is unrelated to the objective of the search warrant “shall be sealed and not subject to further review, use or disclosure without a court order.”</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
(3) Comply with other California and federal laws.</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
</div>
<div data-mce-style="padding-left: 60px;" style="padding-left: 60px;">
(4) Require that service providers that produce such information “verify the authenticity of the electronic information that it products” through an affidavit that complies with Section 1561 of the California Evidence Code.</div>
<br />
The law also requires that the government agency MUST destroy the electronic information it receives pursuant to this process within a specified period of time, in general, “as soon as feasible after the termination of the current investigation and any related investigations or proceedings.” <a data-mce-href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178" href="https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201520160SB178">Id</a>. (§ 1546.1(e)(2)). In most cases, this period is within ninety (90) days after the agency receives the information.<br />
<br />
This law only applies in California, although Maine (<a data-mce-href="http://legislature.maine.gov/legis/statutes/16/title16ch3sec0.html" href="http://legislature.maine.gov/legis/statutes/16/title16ch3sec0.html">Subchapter 10: Portable Electronic Device Content Information</a> in 2013) and Utah (<a data-mce-href="http://le.utah.gov/xcode/Title77/Chapter23C/77-23c.html" href="http://le.utah.gov/xcode/Title77/Chapter23C/77-23c.html">Location Privacy for Electronic Devices</a> in 2014) passed similar legislation. Proponents of the California law have suggested that it be used to form the basis for similar legislation in other states.<br />
<br />
Copyright (c) 2015 by Christina D. Frangiosa All Rights Reserved.Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-36688946949200459612015-08-18T00:48:00.000-04:002015-10-03T10:19:38.204-04:00Copyrighting Software? Don’t Rely on Screenshots Alone!(This was cross-posted on <a href="http://wp.me/p5eRFC-60">August 18, 2015</a>)<br />
<br />
In a recent decision, the Second Circuit Court of Appeals recently held that a copyright application solely directed to screen shots generated from a software program was insufficient to establish copyright rights in the software as a whole, for purpose of giving the plaintiff a right to sue for infringement of the software. In <em>A Star Group, Inc. v. Manitoba Hydro</em>, the Second Circuit considered whether a plaintiff had jurisdictional standing to file suit for copyright infringement relating to its software – specifically because the plaintiff applied for copyright protection only over screen shots showing various displays that appear when its software was used and not in the software as a whole. (<em>A Star Group, Inc. v. Manitoba Hydro</em>, No. 14-2738-cv (2d Cir. July 27, 2015) <em>affirming</em> No. 13 Civ. 4501, 2014 WL 2933155 (S.D.N.Y. June 30, 2104) – BNA’s cite: <a data-mce-href="http://pub.bna.com/ptcj/astar.pdf" href="http://pub.bna.com/ptcj/astar.pdf">2015 BL 238362</a>.)<br />
<br />
The Copyright Office’s guidance for seeking registration of software (<a data-mce-href="http://www.copyright.gov/circs/circ61.pdf" href="http://www.copyright.gov/circs/circ61.pdf">http://www.copyright.gov/circs/circ61.pdf</a>) advises that at least some portion of the source code (subject to modifications due to trade secret claims) must be deposited with the Application in order to qualify for copyright registration in the software. In addition, the Copyright Office has confirmed that, “The registration [in computer software] will extend to any copyrightable screens generated by the program, regardless of whether identifying material for the screens is deposited.” (Circular 61, at 3). If instead, the applicant only wanted to protect certain design elements, then the applicant could apply for protection of only those elements as “works of visual arts.”<br />
<br />
In the case at hand, A Star filed its application for registration the day before it filed a complaint in federal court for copyright infringement of its software. The copyright application only covered the screen shots; the deposit contained “operations risk reports, in the form of charts and graphs, apparently generated by the Timetrics software.” A Star did not apply for copyright registration in the software as a whole, nor did it submit a copy of the source code (either complete or excerpted due to trade secret claims) to the Copyright Office.<br />
<br />
In its complaint, however, A Star described itself as “the owner of copyright rights to Timetrics software and related documentation, including without limitation, Timetrics screenshots, graphic representations, data compilations, source code, object code, programming tools and documentation related to Timetrics technology and derivative works thereof.” Essentially, asserting copyright ownership in a much broader collection of works than what was covered in its application for copyright registration.<br />
<br />
The district court concluded that A Star’s infringement case was “deficient” because it had not completed its copyright application before filing suit. The district court also declined to allow A Star the opportunity to amend its complaint to refer to a subsequent registration of the screen shots alone, concluding plaintiff’s failure to tie the alleged infringement (of the software) to the registered copyright rights (in the screen shots) and thus had failed to allege how or when the defendant allegedly copied <u>the copyrighted works</u>.<br />
<br />
The Second Circuit agreed with the conclusion – but for different reasons. The Second Circuit decided not to reach the ultimate question of whether a pending copyright application could meet the jurisdictional requirement for registering a copyright before filing an infringement lawsuit (<em>see <a data-mce-href="http://cases.justia.com/federal/appellate-courts/ca2/12-4874/12-4874-2014-04-04.pdf?ts=1410919344" href="http://cases.justia.com/federal/appellate-courts/ca2/12-4874/12-4874-2014-04-04.pdf?ts=1410919344">Psihoyos v. John Wiley & Sons, Inc., 748 F. 3d 120, 125 (2d Cir. 2014)</a></em> (collecting cases regarding the different standards for registration before filing copyright infringement suits across various districts), and instead affirmed the dismissal on more basic grounds – that the plaintiff failed to identify how the defendant allegedly infringed the copyright in the screen shots.<br />
<br />
As a result – <strong>software developers who seek to protect their code through copyright should apply for registration of every critical aspect of their software in order to obtain maximum protection against potential infringement</strong>. If the purpose is to protect the code, then the rights in the code should be claimed and a copy of the full source code (redacted if needed to account for trade secrets) should be submitted to the Copyright Office. If there is a user manual to be protected, that should be claimed and a copy submitted as well. While copyright protection exists the moment the “work is fixed in a tangible medium of expression,” a litigant cannot seek judicial redress for potential infringement unless the registration of the work sought to be protected has been accomplished <u>BEFORE</u> filing suit.<br />
<br />
<em><span style="font-size: x-small;">Copyright (c) 2015 by Christina D. Frangiosa All Rights Reserved.</span></em>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-63231409171023589382015-04-13T00:43:00.000-04:002015-10-03T10:19:59.033-04:00Common Questions – Benefits of Trademark Searching(<em>This was cross posted on </em><a href="http://wp.me/p5eRFC-5H"><em>April 13, 2015</em></a>)<br />
<br />
Searching for potentially competing trademarks <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">before</span> you go through the time and expense of developing a strong brand is a very worthwhile exercise, but it costs money – and sometimes clients can be reluctant to spend the money if it's not technically "required" to do so.<br />
<br />
Trademark searching is not required before you file an application for federal trademark registration with the U.S. Patent & Trademark Office (USPTO), but it is <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">highly</span> recommended. Here are a few reasons why:<br />
<br />
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
1) The USPTO's filing fees are non-refundable if an Examining Attorney refuses registration of your mark based on a pre-existing application or a registration owned by another;</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
2) The owner of the pre-existing mark could send you a cease and desist letter demanding that you stop using their mark, change your mark, perhaps destroy products or advertising material that uses the mark, seek disgorgement of profits for earnings using their mark or seek other remedies; and</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
3) The whole point of developing a valuable trademark (or service mark) is to create "source identification" – basically, to allow the consuming public to associate your unique mark with you. And only you. This value is undermined if there are lots of marks that are very similar to the one you ultimately adopt and use.</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
There are different levels of searching that can be beneficial – depending on your circumstances. They include:<br />
<br />
<strong>Brief Internet Search</strong> – While this level of searching would not give you a comprehensive picture of all potential risks in adopting and using a mark, it's a good first step. You might find an exact match that would cause you to change your brand strategy. But, again, it's not complete and other risks may still exist.<br />
<br />
<strong>Knockouts/Screenings</strong> – This search only targets the USPTO's database of federal trademark registrations and pending applications, focusing on close matches to see whether there might be an absolute bar to your application. Again, not a complete picture of potential conflicting marks, but it might find exact matches you want to avoid.<br />
<br />
<strong>Full Searches</strong> – Using various tools and databases, this search looks for competing trademark uses in the USPTO's database, state registration databases, at common law, in corporate registrations, domain names, the Internet and other relevant resources. These searches may be performed by commercial vendors, whose charges to undertake these searches will vary based on particular circumstances.<br />
<br />
<strong>Design searches</strong> (looking for logos or other designs) and/or <strong>international searches</strong> (scope and cost can vary based on jurisdictions) may also be relevant to confirm that a mark you propose to use in a particular market is clear.<br />
<br />
Each set of search results should be reviewed and discussed with your trademark attorney to determine whether a particular mark can be considered "clear" and available for use – or perhaps poses a risk because of certain search results. Sometimes search results from either a quick or knockout search will cause you to want to dig deeper to be sure that a mark is clear for use or simply change your mark and start over.<br />
<br />
Once you have received the results of a search – and have consulted with your attorney to figure out how much weight to give the results – you can decide whether to pursue an application for federal registration or to modify a litigation defense strategy, if you've already received a cease and desist letter.<br />
<br />
In either event, search results can go stale because a new application can be filed or use of a mark can begin almost immediately after the results have been obtained. As a result, you should not sit on search results too long before taking your next step. If substantial time has passed, you may want to revisit the search and perform an update to be sure nothing new has been filed.<br />
<br />
<em><span style="font-size: x-small;">Copyright (c) 2015 by Christina D. Frangiosa All Rights Reserved.</span></em>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-17830668027361292342015-02-10T01:07:00.000-05:002015-02-10T01:15:20.918-05:00Why Privacy Policies Must be Personalized<div data-mce-style="text-align: justify;" style="text-align: justify;">
(<em>This was <a href="http://privacyandiplawblog.com/2015/02/privacy-policies-must-personalized/">cross-posted</a>.</em>)</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
The best argument for why companies should <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">never</span> simply copy and paste the text of another entities' privacy policy onto their own website can be found in the recent announcement by the FTC of a settlement reached with Snapchat – relating to misrepresentations contained in the Privacy Policy, among other things. (Snapchat is not alleged to have used someone else's Privacy Policy as its own; however, its mistakes in its public statements about its products illustrate fully that <strong>companies should say what they mean, and mean what they say in their privacy policies</strong>!)<img alt="" class="wp-more-tag mce-wp-more" data-mce-placeholder="1" data-mce-resize="false" data-mce-src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" data-wp-more-text="" data-wp-more="more" src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" title="Read more..." /></div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>The FTC's Complaint Against Snapchat</strong></span><br />
<div data-mce-style="text-align: justify;" style="text-align: justify;">
On December 31, 2014, the Federal Trade Commission (FTC) announced its <a data-mce-href="http://www.ftc.gov/news-events/press-releases/2014/12/ftc-approves-final-order-settling-charges-against-snapchat" href="http://www.ftc.gov/news-events/press-releases/2014/12/ftc-approves-final-order-settling-charges-against-snapchat">approval of a final order settling charges against Snapchat</a> for deceptive trade practices in the form of:</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify; margin-left: 36pt;" style="margin-left: 36pt; text-align: justify;">
1) Snapchat's misrepresentations to consumers that images or videos shared through Snapchat would actually disappear within the timing set by the consumer (and in no event more than 10 seconds after shared);</div>
<div data-mce-style="text-align: justify; margin-left: 36pt;" style="margin-left: 36pt; text-align: justify;">
2) False promises that if a recipient were to take a screenshot of the image, the sender would be notified; and</div>
<div data-mce-style="text-align: justify; margin-left: 36pt;" style="margin-left: 36pt; text-align: justify;">
3) Misrepresentations about the nature and scope of the data actually collected from a user's phone the Snapchat's Find Friends tool.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
<em></em> </div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
<em>See also </em>"FTC Approves Final Order Settling Charges that Snapchat Deceived Users," Bloomberg BNA, Social Media Law & Policy Report (Jan. 5, 2015); <em>see also </em><a data-mce-href="http://www.ftc.gov/enforcement/cases-proceedings/132-3078/snapchat-inc-matter" href="http://www.ftc.gov/enforcement/cases-proceedings/132-3078/snapchat-inc-matter"><em>In re Snapchat, Inc</em>., FTC No. 132-3078</a>, Final Order (Dec. 23, 2014).</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
In addition to these claims about Snapchat's misrepresentations about its data collection and use, the FTC also <a data-mce-href="http://www.ftc.gov/system/files/documents/cases/140508snapchatcmpt.pdf" href="http://www.ftc.gov/system/files/documents/cases/140508snapchatcmpt.pdf">alleged</a> that Snapchat failed to secure its Find Friends feature, which failure resulted in a security breach in December 2013 relating to a database of 4.6 million Snapchat usernames and phone numbers. FTC Press Release, "<a data-mce-href="http://www.ftc.gov/news-events/press-releases/2014/05/snapchat-settles-ftc-charges-promises-disappearing-messages-were" href="http://www.ftc.gov/news-events/press-releases/2014/05/snapchat-settles-ftc-charges-promises-disappearing-messages-were">Snapchat Settles FTC Charges That Promises of Disappearing Messages Were False; Snapchat Also Transmitted Users' Location and Collected Their Address Books Without Notice or Consent</a>" (May 8, 2014).</div>
<br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Settlement with the FTC</strong></span><br />
<div data-mce-style="text-align: justify;" style="text-align: justify;">
On December 23, 2014, following the public comment period, the FTC formalized its complaint and gave <a data-mce-href="http://www.ftc.gov/system/files/documents/cases/141231snapchatdo.pdf" href="http://www.ftc.gov/system/files/documents/cases/141231snapchatdo.pdf">final approval to the settlement</a>, which requires Snapchat to:</div>
<ol data-mce-style="text-align: justify;" style="text-align: justify;">
<li>Implement a comprehensive privacy program that will be monitored by an independent privacy professional (a third-party whom Snapchat has to pay) <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">for the next 20 years</span>;</li>
<li>Hire this independent privacy professional to conduct a follow up review every two years and provide a compliance report to the FTC;</li>
<li>Conduct this two-year review until <strong>December 23, <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">2034</span></strong>;</li>
<li><div>
Revise Snapchat's privacy policy, product descriptions, advertising and any other public statements to disclose accurately the following:</div>
<ul>
<li>The extent to which a message is deleted after being viewed by the recipient;</li>
<li>The extent to which Snapchat or its products/services are capable of detecting or notifying the sender when a recipient has captured a screen shot or saved a message;</li>
<li>The categories of personal information that Snapchat actually collects; and</li>
<li>The steps taken to protect against misuse or unauthorized disclosure of covered information.</li>
</ul>
</li>
<li><div>
Maintain records for at least five (5) years of the following types of documents:</div>
<ul>
<li>Every communication to consumers about the extent to which Snapchat "maintains and protects the privacy, security and confidentiality of any covered information";</li>
<li>All consumer complaints directed at Snapchat, or forwarded to Snapchat by a third party, that relate to the conduct prohibited by this order and any responses to such complaints;</li>
<li>Any documents that contradict, qualify, or call into question Snapchat's compliance with this order; and</li>
<li>All materials relied upon to prepare the required Assessment, "including but not limited to all plans, reports, studies, reviews, audits, audit trails, policies, training materials, and assessments, for the compliance period covered by such Assessment."</li>
</ul>
</li>
</ol>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
<em>Id.</em> Lest anyone mistakenly believe that these consequences are not serious because there is no monetary penalty assessed, <strong>note that Snapchat risks civil penalties of $16,000 per violation per day if it fails to abide these terms</strong>. <em>See </em> <a data-mce-href="http://www.ftc.gov/system/files/documents/cases/141231snapchatletters.pdf" href="http://www.ftc.gov/system/files/documents/cases/141231snapchatletters.pdf">Letters to Commentators</a>, at 1 (Dec. 23, 2014) (as provided by Section 5(1) of the FTC Act, 45 U.S.C. § 45(1), as adjusted by 16 C.F.R. § 1.98(c)).</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
Also note that the preparation of each of the items identified above will "cost" Snapchat money in terms of employee, consultant and/or contractor time, and in taking these resources away from working on money-making endeavors, whether they receive salaries or some other compensation.</div>
<br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Similar Settlement with Maryland Attorney General</strong></span><br />
<div data-mce-style="text-align: justify;" style="text-align: justify;">
In the midst of this dispute with the FTC, in June 2014, Snapchat settled a similar complaint with the Maryland Attorney General.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
In its Complaint, the Maryland AG accused Snapchat of collecting data from its users' electronic address books without their knowledge or consent and "knowingly collect[ing] e-mail addresses and photographs from users younger than 13." "Snapchat to Pay $100,000 in Settlement with Maryland Over Privacy of User Snaps," Bloomberg BNA Social Media Law & Policy Report (June 12, 2014); Jeff Clabaugh, "<a data-mce-href="http://www.bizjournals.com/washington/news/2014/06/12/snapchat-pays-maryland-100k-in-settlement.html" href="http://www.bizjournals.com/washington/news/2014/06/12/snapchat-pays-maryland-100k-in-settlement.html">Snapchat pays Maryland $100K in settlement</a>," <em>Washington Business Journal</em> (June 12, 2014).</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
The settlement agreement with the Maryland Attorney General requires Snapchat to:</div>
<ol data-mce-style="text-align: justify;" style="text-align: justify;">
<li>Create and publicize mechanisms for users to report accounts that may be used by children;</li>
<li>Provide notice and affirmative consent before Snapchat could collect any address book data – and this notice must appear separately from the user's agreement to the general terms of service; and</li>
<li>Provide Maryland with annual reports for the next 10 years, documenting its compliance with the settlement.</li>
</ol>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
<em>Id</em>.; <em>see also</em> Maryland Attorney General's Office Press Release, "<a data-mce-href="http://www.oag.state.md.us/press/2014/061214.html" href="http://www.oag.state.md.us/press/2014/061214.html">Attorney General Gansler Secures Settlement from Snapchat, Inc.; Mobile app developer can no longer deceive consumers by claiming its photo and video messages "disappear forever"; Snapchat also alleged to have collected personal information from children under age 13 without parental consent, in violation of federal law</a>" (June 12, 2014); <em>cf.</em> Snapchat, <a data-mce-href="http://blog.snapchat.com/post/88578064510/our-agreement-with-the-maryland-attorney-general" href="http://blog.snapchat.com/post/88578064510/our-agreement-with-the-maryland-attorney-general">Our Agreement with the Maryland Attorney General</a> (June 12, 2014). This settlement also requires a mandatory payment to Maryland of $100,000. Maryland Attorney General's Office Press Release.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>CONCLUSION: Privacy Policies Must be Customized</strong></span></div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
There is no single, standard form privacy policy. Instead, privacy policies have evolved as a place where web sites disclose to users what data are collected, from which users, and how the data are then used. Privacy policies must disclose correctly how that particular site collects and uses data. <em>See </em><a data-mce-href="http://en.wikipedia.org/wiki/Privacy_policy" href="http://en.wikipedia.org/wiki/Privacy_policy">Privacy Policy</a>, Wikipedia (last modified Jan. 10, 2015) (provides a good summary of the history of privacy policy development).</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
As a result, <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>never</strong></span> simply block and copy an entity's Privacy Policy and adopt it as your own. You have no idea why the other entity included the technical and/or detail oriented promises in its Privacy Policy, and simply copying because it "looks good" is a bad idea and can subject you to enforcement liability.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
In fact, the only promises that should appear in your Privacy Policy about what you do with data, cookies, personal information, or other data you collect from a user's device are <strong><em>those things you actually do</em></strong>.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
Christopher Olsen, assistant director of the Division of Privacy and Identity Theft Protection in the FTC's Bureau of Consumer Protection, actually stated it best:</div>
<div data-mce-style="text-align: justify; margin-left: 36pt;" style="margin-left: 36pt; text-align: justify;">
</div>
<div data-mce-style="text-align: justify; margin-left: 36pt;" style="margin-left: 36pt; text-align: justify;">
The agency [the FTC] certainly supports and encourages the development of privacy protective products, but if there is one message we want to make sure is clear today, it is that<strong>, if you make promises about privacy, you must honor those promises; otherwise you risk FTC enforcement action</strong>.</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
"Snapchat Settles FTC Accusations of Failure to Purge 'Snaps' by Senders," Bloomberg BNA Social Media Law & Policy Report (May 8, 2014).</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
</div>
<div data-mce-style="text-align: justify;" style="text-align: justify;">
Copyright (c) 2015, Christina D. Frangiosa, All Rights Reserved.</div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-52262856322841484112015-01-28T19:59:00.001-05:002015-01-28T19:59:40.525-05:00New Blog Post in Honor of Data Privacy DayAs you may recall, this blog has now moved to <a href="http://www.privacyandiplawblog.com/">http://www.privacyandiplawblog.com</a>. Earlier today, I posted on <a href="http://privacyandiplawblog.com/2015/01/data-breach-planning-small-businesses/">Data Breach Planning for Small Businesses</a> in honor of Data Privacy Day. I look forward to your feedback!Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-9382916742379787782015-01-28T10:22:00.000-05:002015-10-03T10:31:05.813-04:00Data Breach Planning for Small BusinessesMany of the top stories last year related to data breach – from the Target breach during the Christmas Shopping Season (Dec. 2013: <a href="http://privacyandip.blogspot.com/2014/09/is-your-company-subject-to-laws.html">Prior Post</a>, <a data-mce-href="http://www.sbnonline.com/article/how-to-protect-data-security-and-customers-trust/" href="http://www.sbnonline.com/article/how-to-protect-data-security-and-customers-trust/">Small Business Magazine article</a>; <a data-mce-href="http://blogs.wsj.com/corporate-intelligence/2013/12/19/targets-data-breach-what-customers-need-to-know" href="http://blogs.wsj.com/corporate-intelligence/2013/12/19/targets-data-breach-what-customers-need-to-know">additional news coverage</a>) to the <a data-mce-href="http://money.cnn.com/2014/08/21/technology/security/ups-store-data-hack/" href="http://money.cnn.com/2014/08/21/technology/security/ups-store-data-hack/">UPS Store data breach</a> during the summer (Aug. 21, 2014) to, more recently, the <a data-mce-href="http://www.cnet.com/news/sony-hack-said-to-leak-47000-social-security-numbers-celebrity-data/" href="http://www.cnet.com/news/sony-hack-said-to-leak-47000-social-security-numbers-celebrity-data/">intentional hacking of Sony Pictures</a>' servers (Nov. 24, 2014) and <a data-mce-href="http://www.wsj.com/articles/staples-data-breach-affected-1-16-million-cards-1419024209" href="http://www.wsj.com/articles/staples-data-breach-affected-1-16-million-cards-1419024209">Staples' data breach</a> (Dec. 19, 2014).<br />
It would be easy to believe that data security breaches happen only to large organizations, but such a belief would be mistaken. In the last year, a number of smaller companies have experienced breaches of the records they maintain. These can occur in at least two ways – 1) they may be the third-party vendor through whom hackers invade a larger company like Target or Home Depot; or 2) they use a third-party vendor who experiences a breach that impacts the smaller company's customers.<br />
<span data-mce-style="color: #ff0000;" style="color: red;"></span><br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Using Small Businesses as Door Opener</strong></span><br />
<br />
In the case of Target, for instance, the initial open door to Target's point-of-sale system came through a third-party vendor – an HVAC company that had legitimate access to Target's systems for purposes of billing, contract submission and project management. Michael Riley, Ben Elgin, Dune Lawrence and Carol Matlack, "<a data-mce-href="http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data" href="http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data">Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It,</a>" <em>Bloomberg Business Week</em>, Mar. 13, 2014.<br />
<br />
The hackers used stolen login credentials from this HVAC company to gain access to Target's systems. The end result? More than 40 million credit card numbers were breached, and over 70 million records containing personally identifiable information ("PII") were stolen. Sara Germano, Robin Sidel and Danny Yadron, "<a data-mce-href="http://www.wsj.com/news/articles/SB10001424052702304367204579267992268980478" href="http://www.wsj.com/news/articles/SB10001424052702304367204579267992268980478">Target Faces Backlash After 20-Day Security Breach</a>," <em>Wall Street Journal</em>, Dec. 19, 2015 (subscription may be required).<br />
<br />
This breach occurred <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong><em>despite</em></strong></span> Target's investment in a $1.6 million security system. <em>See</em><br />
<a data-mce-href="http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data" href="http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data">Riley Article</a>.<br />
<br />
A similar breach – using stolen passwords from a third-party vendor who provided services to Home Depot – happened in November 2014 that resulted in information about more than 50 million of Home Depot's customer accounts being breached. Ben DiPietro, "<a data-mce-href="http://blogs.wsj.com/riskandcompliance/2014/11/12/retailer-breaches-put-spotlight-on-vendor-contracts/" href="http://blogs.wsj.com/riskandcompliance/2014/11/12/retailer-breaches-put-spotlight-on-vendor-contracts/">Retailer Breaches Put Spotlight on Vendor Contracts</a>," <em>Wall Street Journal Risk & Compliance Blog</em>, Nov. 12, 2014.<br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong></strong></span><br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Breaches Affecting Small Business's Customers Because of a Vendor's Breach</strong></span><br />
<br />
More locally, in September of 2014, <a data-mce-href="http://philadelphia.cbslocal.com/2014/09/26/update-bucks-co-company-admits-more-than-2-dozen-local-restaurants-hacked/" href="http://philadelphia.cbslocal.com/2014/09/26/update-bucks-co-company-admits-more-than-2-dozen-local-restaurants-hacked/">local news reported</a> that more than two dozen restaurants in the Bucks County area were hacked through their use of a common payment card system. Many of these restaurants were of the hoagie/sandwich shop size.<br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong></strong></span><br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Most Common Sources of Data Breach</strong></span><br />
<br />
According to a recent study by the Ponemon Institute, the most common "root causes" of data breach are (some of these may overlap):<br />
<ul data-mce-style="margin-left: 54pt;" style="margin-left: 54pt;">
<li>Malware – 44%</li>
<li>Trusted insider (inadvertent) – 30%</li>
<li>Hacker – 27%</li>
<li>SQL Injection – 26%</li>
<li>Password compromise – 24%</li>
<li>Targeted attack – 19%</li>
<li>Trusted insider (malicious) – 15%</li>
<li>Lost, stolen or hijacked device – 12%</li>
</ul>
Ponemon Institute Research Report, "<a data-mce-href="http://www.bloomberg.com/research/markets/news/article.asp?docKey=600-201501210822PR_NEWS_USPRX____PH12604-1" href="http://www.bloomberg.com/research/markets/news/article.asp?docKey=600-201501210822PR_NEWS_USPRX____PH12604-1">2014: A Year of Mega Breaches</a>," at 11, Jan. 21, 2015.<br />
<strong><u></u></strong><br />
<span data-mce-style="text-decoration: underline;" style="text-decoration: underline;"><strong>Lessons Learned Moving into 2015</strong></span><br />
The lesson here is NOT to ignore the potential for data breach based on an assumption that your company is too small for it to happen to you. Indeed, sometimes small companies have the "keys to the kingdom" to allow a malicious actor to gain access to a larger pool of data – and the smaller company may not have a large budget for data security.<br />
<br />
However, it is critical to start planning for the possibility:<br />
<br />
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
1) <strong>Develop an incident response plan</strong> that is appropriate for your business. Cover both paper and electronic data in your plan – loss of either can constitute a "breach" depending upon the specific law that applies. Involve key stakeholders in your planning.</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
2) <strong>Examine how you use data and where they are stored</strong>. Ask a key question: Do you need to keep those data? If not, destroy them securely (some states have data destruction laws with which you need to comply – see <a href="http://privacyandip.blogspot.com/2014/09/is-your-company-subject-to-laws.html">prior post</a>). Do not hold onto sensitive data "just in case" you may need it later – these data can actually cause more problems if you do not actually need them.</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
3) <strong>Work with your IT department</strong> (or outside consultant) to ensure that your internal systems do not permit outsiders to gain unauthorized access, and lock them down if they do.</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
4) <strong>Work with your attorney</strong> to put any protective policies into place (such as incident response plans, BYOD or document retention policies) to make sure your procedures match your expectations.</div>
<div data-mce-style="margin-left: 36pt;" style="margin-left: 36pt;">
</div>
Most importantly, it's not "if" a breach will occur – it's when, and how bad it will be. Prepare now, and perhaps you can reduce the impact.Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-38111074273108530462014-10-20T23:22:00.000-04:002014-10-20T23:22:58.729-04:00Moving to WordPress
<span style="font-family: Calibri;">I am very pleased to announce that <b style="mso-bidi-font-weight: normal;">The Privacy and IP Law Blog</b> is in the process of moving to
WordPress, and to a dedicated domain – </span><a href="http://privacyandiplawblog.com/"><span style="color: blue; font-family: Calibri;">PrivacyandIPLawBlog.com</span></a><span style="font-family: Calibri;">!<span style="mso-spacerun: yes;"> </span>The blog will operate on both the </span><a href="http://privacyandip.blogspot.com/"><span style="color: blue; font-family: Calibri;">Blogspot.com</span></a><span style="font-family: Calibri;"> location and on the </span><a href="http://privacyandiplawblog.com/"><span style="color: blue; font-family: Calibri;">new location</span></a><span style="font-family: Calibri;"> for a few months while
all the kinks are worked out.<span style="mso-spacerun: yes;">
</span>Ultimately, the RSS Feed and subscriber links will also move to WordPress.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><span style="font-family: Calibri;">Why the switch?<o:p></o:p></span></b></div>
<span style="font-family: Calibri;">Well, for the past year or so, my traditional way of
blogging (writing the material offline, double-checking all of the hyperlinks
before publication, then posting in draft form, etc.) has been disrupted by
some updates within MS Word that appear to now make it impossible to publish
offline to a Blogger.com blog. </span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Specifically, I can no longer write the posts in Word and
update them to the blog for further editing and customization, which has required online access more consistently in order to publish (not always easy when traveling!).<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;">
</span>I’ve attempted to find fixes or patches to this issue – but it appears even
though this concern is somewhat common, there is no fix.<span style="mso-spacerun: yes;"> </span>The discussion boards are rich with
complaints about this recent modification to the interactivity between Blogger
(owned by Google) and MS Word (owned by Microsoft) – with no remedies.</span></div>
<span style="font-family: Calibri;">As a result, my ability to post in a streamlined,
time-efficient way has been disrupted.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Hence, fewer posts.</span></div>
<span style="font-family: Calibri;">So, after researching for the past few months to find an
alternative, I’ve decided to register my own domain and host it through
WordPress.<span style="mso-spacerun: yes;"> </span>We’ll give this a try for a
while and see how it goes.<span style="mso-spacerun: yes;"> </span>With any
luck, I’ll be able to write more frequently, without as many administrative
headaches, and keep this a robust site.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Thanks for coming along for the ride!</span></div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-64510729751106745222014-10-20T22:49:00.002-04:002014-10-20T22:49:43.139-04:00LinkedIn Sued for Providing “Trusted References” to Paying Subscribers
<span style="font-family: Calibri;">On October 9, 2014, a class action complaint was filed in
the U.S. District Court for the Northern District of California alleging that
LinkedIn violated the Fair Credit Reporting Act, 15 U.S.C. <span style="mso-ascii-font-family: Calibri; mso-hansi-font-family: Calibri;">§</span>
1681 <i style="mso-bidi-font-style: normal;">et seq.</i>, (“<b style="mso-bidi-font-weight: normal;">FRCA</b>”) by offering to subscribers reports containing “Trusted
References” without complying with the FCRA’s requirements to keep the data
safe from disclosure. <i style="mso-bidi-font-style: normal;">Sweet v. LinkedIn Corp.</i>,
Civ. A. No. 5:14-cv-04531 (N.D. Cal. filed Oct. 9, 2014) (available at </span><a href="http://www.law360.com/articles/586281/attachments/0"><span style="color: blue; font-family: Calibri;">Law360</span></a><span style="font-family: Calibri;"> - <i style="mso-bidi-font-style: normal;">subscription required</i>).</span><br />
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">Specifically, the complaint alleges that LinkedIn: 1) failed
to comply with the certification and disclosure requirements of the FRCA for
credit reporting agencies who furnish consumer reports for employment purposes;
2) failed to maintain reasonable procedures to limit the furnishing of consumer
reports for the purposes enumerated in the FRCA and to assure the maximum
possible accuracy of these reports; and 3) failed to provide the notices
required by the FRCA to users of the consumer reports.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i>
at 2.<span style="mso-spacerun: yes;"> </span>Plaintiffs seek both damages for
past violations and injunctive relief to prevent the continued misuse of these
reports in violation of the FRCA.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i><span style="mso-spacerun: yes;">
</span></span><br />
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">These “reference reports” compile information about “people
in your network who can provide reliable feedback about a job candidate or
business prospect” – including a list of others in your network who worked at
the same company as the job candidate during the same time period.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i>
at 7 (citing LinkedIn’s Premium Help Center); <i style="mso-bidi-font-style: normal;">see also</i> </span><a href="https://help.linkedin.com/app/answers/detail/a_id/180/kw/references"><span style="color: blue; font-family: Calibri;">Trusted
References for Job Candidates</span></a><span style="font-family: Calibri;"> (last updated 4/21/14); </span><a href="https://help.linkedin.com/app/answers/detail/a_id/135/kw/references"><span style="color: blue; font-family: Calibri;">Reference
Search</span></a><span style="font-family: Calibri;"> (last updated 11/27/13).<span style="mso-spacerun: yes;"> </span>In
addition, these reference reports encourage the potential employer to contact
these references either through a formal Introduction or through inMail – both of
which are communication methods available to LinkedIn members.<span style="mso-spacerun: yes;"> </span>Compl.<i style="mso-bidi-font-style: normal;"> </i>at
7.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Notably, LinkedIn users are not notified when a potential
employer requests one of these reference reports about them.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i>
at 8.<span style="mso-spacerun: yes;"> </span>As a result, the complaint
concludes:<span style="mso-spacerun: yes;"> </span>“any potential employer can
anonymously dig into the employment history of any LinkedIn member, and make
hiring and firing decisions based upon the information they gather, without the
knowledge of the member, and without any safeguards in place as to the accuracy
of the information that the potential employer has obtained.”<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i></span></div>
<span style="font-family: Calibri;">In essence, the complaint alleges that LinkedIn has “created
a marketplace in consumer employment information, where it sells employment
information, that may or may not be accurate, and that it has obtained in part
from unwitting members, and without complying with the FRCA.”<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id. at
9.</i><span style="mso-spacerun: yes;"> </span>In all, the complaint alleges
five counts of FRCA violations, seeks damages and injunctive relief, and seeks
a jury trial.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<b style="mso-bidi-font-weight: normal;"><i style="mso-bidi-font-style: normal;"><span style="font-family: Calibri;">Next Steps</span></i></b></div>
<span style="font-family: "Calibri","sans-serif"; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-font-size: 10.0pt; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-fareast; mso-hansi-theme-font: minor-latin;">LinkedIn
has the option of answering the complaint or making any one of a number of
12(b) motions to challenge the sufficiency of the complaint.<span style="mso-spacerun: yes;"> </span>It may take some time before this issue is
ripe for decision (any decision) by the court.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-34039514734045260762014-09-02T21:49:00.000-04:002014-09-02T21:49:53.528-04:00Is Your Company Subject to Laws Regulating Safe Destruction of Documents?
<span style="font-family: Calibri;">Many companies have document retention policies – in other
words, policies determining how long they will keep certain kinds of
documentation.<span style="mso-spacerun: yes;"> </span>These policies also
frequently cover when documents may be destroyed in the normal course of
business.<span style="mso-spacerun: yes;"> </span>(Assuming, of course, that no
litigation is pending and that there is no other reason why the company would
be legally obligated to keep these documents.)<span style="mso-spacerun: yes;">
</span>It’s almost a business necessity these days given the cost of document
storage.</span><br />
<span style="font-family: Calibri;"></span><br />
<span style="font-family: Calibri;">It is also a fairly safe bet that by now, most people have
heard about the potential risks associated with data breaches, or at the very
least, have heard about the </span><a href="http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data"><span style="color: blue; font-family: Calibri;">Target
data breach during the holiday season in 2013</span></a><span style="font-family: Calibri;">.</span><br />
<span style="font-family: Calibri;"></span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">However, did you know that many states regulate <u>how</u>
personal information can be destroyed?<span style="mso-spacerun: yes;">
</span>Or, more specifically, how documents and records that <u>contain</u>
such personal information may be discarded?<span style="mso-spacerun: yes;">
</span>To date, at least </span><a href="http://www.ncsl.org/research/telecommunications-and-information-technology/data-disposal-laws.aspx"><span style="color: blue; font-family: Calibri;">thirty-one
states</span></a><span style="font-family: Calibri;"> have enacted laws like this (the link attached omits the </span><a href="http://legis.delaware.gov/LIS/lis147.nsf/vwlegislation/E7AF55FF393A832E85257C590067118D"><span style="color: blue; font-family: Calibri;">Delaware
law that was just enacted</span></a><span style="font-family: Calibri;">).</span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Leaving aside the specific rules and regulations relating to
the protection from disclosure of personal <u>health</u> information (e.g.,
HIPAA, HITECH, etc.), many states mandate that business records containing
personal information of a consumer (including, perhaps, the business’s employees, too)
may only be discarded by “shredding, erasing or otherwise destroying or
modifying the personal identifying information in those records to make it
entirely unreadable or indecipherable through any means . . . . ”<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">E.g</i>.,
</span><a href="http://legis.delaware.gov/LIS/lis147.nsf/vwlegislation/E7AF55FF393A832E85257C590067118D"><span style="color: blue; font-family: Calibri;">6
Del. Code §§ 50c-101 through 50c-104</span></a><span style="font-family: Calibri;"> (enacted July 1, 2014 – effective as
of Jan. 1, 2015); N.J. Stat. Ann. </span><a href="http://lis.njleg.state.nj.us/cgi-bin/om_isapi.dll?clientID=162098&Depth=2&depth=2&expandheadings=on&headingswithhits=on&hitsperheading=on&infobase=statutes.nfo&record=%7b18777%7d&softpage=Doc_Frame_PG42"><span style="color: blue; font-family: Calibri;">56:8-162</span></a><span style="font-family: Calibri;">
(same methods, adding “or nonreconstructable through generally available means”
at the end); see also N.J. Stat. Ann. </span><a href="http://lis.njleg.state.nj.us/cgi-bin/om_isapi.dll?clientID=162098&Depth=2&depth=2&expandheadings=on&headingswithhits=on&hitsperheading=on&infobase=statutes.nfo&record=%7b18775%7d&softpage=Doc_Frame_PG42"><span style="color: blue; font-family: Calibri;">56:8-161</span></a><span style="font-family: Calibri;">
(for applicable definitions).</span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">In Illinois, the law is even more specific.<span style="mso-spacerun: yes;"> </span>It requires documents containing personal
information to be “redacted, burned, pulverized or shredded” if the documents
exist in paper form, or “destroyed or erased” if they are electronic
files.<span style="mso-spacerun: yes;"> </span></span><a href="http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=2702&ChapterID=67"><span style="color: blue; font-family: Calibri;">815
ILCS 530/40</span></a><span style="font-family: Calibri;">.<span style="mso-spacerun: yes;"> </span>In both cases, these
methods are recommended to ensure that the “personal information [contained in
the document] cannot practicably be read or reconstructed.”<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i>
</span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">In general, this means that you cannot simply throw out old
records that contain personal information of a customer (or, perhaps, even an
employee) by throwing it in the trash, or setting it aside for recycling.<span style="mso-spacerun: yes;"> </span>They have to be handled appropriately.<span style="mso-spacerun: yes;"> </span>(Note that some commercial vendors offering
shredding services can ensure that the shredded material is handled in an
environmental-friendly manner.)</span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Many of these statutes also carry penalties – whether in
the form of government fines or in civil remedies to the consumers whose personal data have
been compromised.<span style="mso-spacerun: yes;"> </span>For instance,
Illinois’ statute provides that any violation of the document destruction law automatically constitutes a
violation of the state’s unfair business practices act (which has its own
penalties) and is subject to civil penalties, payable to the state Attorney
General, of at least $100 per individual whose information has been improperly
destroyed, but not more than $50,000 total.<span style="mso-spacerun: yes;">
</span></span><a href="http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=2702&ChapterID=67"><i style="mso-bidi-font-style: normal;"><span style="color: blue; font-family: Calibri;">Id</span></i></a><span style="font-family: Calibri;"><i style="mso-bidi-font-style: normal;">.</i><span style="mso-spacerun: yes;"> </span></span></div>
<span style="font-family: Calibri;">In Delaware, not only can the Attorney General seek penalties
from any “commercial entity that does not take all reasonable steps in
disposing of a customer’s personal identifying information,” but any consumer
who has suffered actual damages as a result of this violation of this statute
can sue the responsible commercial entity.<span style="mso-spacerun: yes;">
</span></span><a href="http://legis.delaware.gov/LIS/lis147.nsf/vwlegislation/E7AF55FF393A832E85257C590067118D"><span style="color: blue; font-family: Calibri;">6
Del. Code § 50c-103(b)</span></a><span style="font-family: Calibri;">.<span style="mso-spacerun: yes;"> </span>In these
cases, courts are permitted to treble (triple) the damages awarded.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;"><a href="http://legis.delaware.gov/LIS/lis147.nsf/vwlegislation/E7AF55FF393A832E85257C590067118D"><span style="color: blue;">Id</span></a>.</i>
</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">So, here’s the lesson – if your company (whether a for-profit or not-for-profit entity) creates, maintains
or discards personal information owned by a customer, check to see whether one
of these state records destruction laws applies to your operations.<span style="mso-spacerun: yes;"> </span>If your company operates in more than one
state, dig deeper and check all relevant states.<span style="mso-spacerun: yes;"> </span>Find out if there are “records destruction
laws” that apply to your company and read them carefully.<span style="mso-spacerun: yes;"> Some have different requirements, and some are more stringent than others. </span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Complying with these laws may also have the added
benefit of helping your company avoid, or at least minimize, the significant losses associated
with an unfettered data breach.</span></div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-26501607280213949012014-07-14T15:13:00.002-04:002014-07-14T15:13:53.598-04:00ABA IPL Publishes White Paper on Online Piracy and Counterfeiting
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">On July 7, 2014, the ABA Intellectual Property Law (IPL) Section
released its comprehensive </span><a href="http://www.americanbar.org/content/dam/aba/administrative/intellectual_property_law/advocacy/ABASectionWhitePaperACallForActionCompositetosize.authcheckdam.pdf"><span style="color: blue; font-family: Calibri;">white
paper</span></a><span style="font-family: Calibri;">, outlining the results of its research and analysis of continuing
concerns about online pirates and counterfeiters based overseas.<span style="mso-spacerun: yes;"> </span>The white paper coins a term to describe the
malfeasors:<span style="mso-spacerun: yes;"> </span>Predatory Foreign Websites. </span></div>
<span style="font-family: Calibri;">More information about the white paper, including a summary
of the conclusions and recommendations it makes, can be found in its </span><a href="http://www.americanbar.org/news/abanews/aba-news-archives/2014/07/american_bar_associa.html"><span style="color: blue; font-family: Calibri;">Press
Release</span></a><span style="font-family: Calibri;"> and in the copy of the </span><a href="http://www.americanbar.org/content/dam/aba/administrative/intellectual_property_law/advocacy/ABASectionWhitePaperACallForActionCompositetosize.authcheckdam.pdf"><span style="color: blue; font-family: Calibri;">White
Paper</span></a><span style="font-family: Calibri;"> available on the ABA IPL Section’s site.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-80227204296628564442014-04-16T00:54:00.002-04:002014-06-27T14:25:09.305-04:00Recent Presentations and Articles<span style="font-family: Calibri;">More articles on IP and privacy issues will be posted here soon,
but in the meantime, here are several recent articles that have published in
other media:</span><br />
<ul>
<li><span style="font-family: Calibri;">Participated in a panel discussion on <i style="mso-bidi-font-style: normal;"><span style="color: #548dd4; mso-themecolor: text2; mso-themetint: 153;"><a href="http://www.americanbar.org/groups/intellectual_property_law/events_cle/aba_spring_ipl_2014/events.html"><span style="color: blue;">Shutting Down Rogue Websites:</span><span style="mso-spacerun: yes;"><span style="color: blue;"> </span></span><span style="color: blue;">International and Domestic Solutions</span></a></span></i>, before the ABA Section of Intellectual Property Law’s 29th Annual IP Conference, on April 3, 2014.<span style="mso-spacerun: yes;"> </span>An </span><a href="http://lsag-aba-ipl.tumblr.com/post/80771324585/cle-preview-trademark-shutting-down-rogue-websites"><span style="color: blue; font-family: Calibri;">article previewing the session</span></a><span style="font-family: Calibri;"> was published by our law student reporter, Anna Oakes, who live-tweeted during the presentation (in accordance with the law student reporter program).<span style="mso-spacerun: yes;"> </span>I re-tweeted relevant posts about our session that she and other law student reporters tweeted (see </span><a href="https://twitter.com/PaTMLawyer"><span style="color: blue; font-family: Calibri;">@PaTmLawyer</span></a><span style="font-family: Calibri;">).<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span>An article and presentation slides were published in connection with this session, but they are only available to meeting attendees.</span></li>
<li><span style="font-family: Calibri;">Interviewed by Smart Business Magazine, <i style="mso-bidi-font-style: normal;"><span style="color: #548dd4; mso-themecolor: text2; mso-themetint: 153;"><a href="http://bit.ly/1l1Oqxc"><span style="color: blue;">How to protect data security and customers’ trust</span></a></span></i>, published on March 31, 2014.<span style="mso-spacerun: yes;"> </span>This article briefly describes ways that
companies can begin to plan ahead for potential breaches so that their response(s)
to breaches can be carefully considered and (hopefully) well-executed.</span></li>
</ul>
<span style="font-family: Calibri;">In addition, on May 9, I will be presenting during the </span><a href="http://www.dri.org/Event/20140030"><span style="color: blue; font-family: Calibri;">DRI’s Intellectual Property Litigation
Seminar</span></a><span style="font-family: Calibri;"> on the ability to recover attorney fees in copyright and trademark
cases.<span style="mso-spacerun: yes;"> </span>The article and presentation slides
developed on this topic will be available to meeting attendees.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Following these presentations, more blog posts will begin to
appear again.<span style="mso-spacerun: yes;"> </span>What can I say?<span style="mso-spacerun: yes;"> </span>It’s been a busy spring.</span></div>
<span style="font-family: Calibri;">Stay tuned – more soon.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-48011536437054213172014-01-28T12:03:00.000-05:002014-01-28T12:03:09.817-05:00Today is Data Privacy Day!
<span style="font-family: Calibri;">January 28 is “Data Privacy Day.”<span style="mso-spacerun: yes;"> </span>In honor of the day, below are several links
relating to efforts to protect the privacy of personal data and some tools for
small businesses:</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Council of Europe</b>’s
explanation of the purpose Data Privacy Day (now in its eighth year): </span><a href="http://www.coe.int/t/dghl/standardsetting/dataprotection/data_protection_day_en.asp"><span style="color: blue; font-family: Calibri;">http://www.coe.int/t/dghl/standardsetting/dataprotection/data_protection_day_en.asp</span></a></div>
<div class="MsoNormal" style="margin: 0in 0in 10pt 0.5in;">
<span style="font-family: Calibri;">* Note that the Council of Europe published
its “Handbook on European data protection law” (prepared in cooperation with
the European Union Agency for Fundamental Rights (FRA) and the European Court
of Human Rights) on January 28, which is available here: </span><a href="http://www.coe.int/t/dghl/standardsetting/DataProtection/TPD_documents/Handbook.pdf"><span style="color: blue; font-family: Calibri;">http://www.coe.int/t/dghl/standardsetting/DataProtection/TPD_documents/Handbook.pdf</span></a><span style="font-family: Calibri;">.
<span style="mso-spacerun: yes;"> </span><span style="mso-spacerun: yes;"> </span></span></div>
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">European Union</b>’s
Data Protection Day initiatives, including promoting the reform of EU Data
Protection laws:<span style="mso-spacerun: yes;"> </span></span><a href="http://europa.eu/rapid/press-release_MEMO-14-60_en.htm"><span style="color: blue; font-family: Calibri;">http://europa.eu/rapid/press-release_MEMO-14-60_en.htm</span></a><span style="font-family: Calibri;">
(see embedded video).</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Federal
Communications Commission</b>’s Cyber Security Planner:<span style="mso-spacerun: yes;"> </span></span><a href="http://transition.fcc.gov/cyber/cyberplanner.pdf"><span style="color: blue; font-family: Calibri;">http://transition.fcc.gov/cyber/cyberplanner.pdf</span></a><span style="font-family: Calibri;">,
which the FCC describes as a “a tool for small businesses to create customized
cyber security planning guides.”<span style="mso-spacerun: yes;"> </span>(More
information about this tool can be found here:<span style="mso-spacerun: yes;">
</span></span><a href="http://www.fcc.gov/cyberforsmallbiz"><span style="color: blue; font-family: Calibri;">http://www.fcc.gov/cyberforsmallbiz</span></a><span style="font-family: Calibri;">).
</span></div>
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Federal Trade
Commission</b>’s Data Security (for Businesses):<span style="mso-spacerun: yes;"> </span></span><a href="http://business.ftc.gov/privacy-and-security/data-security"><span style="color: blue; font-family: Calibri;">http://business.ftc.gov/privacy-and-security/data-security</span></a><span style="font-family: Calibri;">.
<span style="mso-spacerun: yes;"> </span></span><br />
<span style="font-family: Calibri;"><span style="mso-spacerun: yes;"></span></span><br />
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Microsoft</b>’s Data
Privacy Day resources:<span style="mso-spacerun: yes;"> </span></span><a href="http://www.microsoft.com/en-us/twc/privacy/data-privacy-day.aspx"><span style="color: blue; font-family: Calibri;">http://www.microsoft.com/en-us/twc/privacy/data-privacy-day.aspx</span></a><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;"><b style="mso-bidi-font-weight: normal;">Stay Safe Online</b>’s
Data Privacy Day Site:<span style="mso-spacerun: yes;"> </span></span><a href="http://www.staysafeonline.org/data-privacy-day/landing/"><span style="color: blue; font-family: Calibri;">http://www.staysafeonline.org/data-privacy-day/landing/</span></a><span style="font-family: Calibri;">
-- and specifically their library: </span><a href="http://www.staysafeonline.org/data-privacy-day/privacy-library"><span style="color: blue; font-family: Calibri;">http://www.staysafeonline.org/data-privacy-day/privacy-library</span></a><span style="font-family: Calibri;">.</span></div>
<b style="mso-bidi-font-weight: normal;"><span style="font-family: "Calibri","sans-serif"; font-size: 11pt; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-font-size: 10.0pt; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-fareast; mso-hansi-theme-font: minor-latin;">Online Trust Alliance</span></b><span style="font-family: "Calibri","sans-serif"; font-size: 11pt; mso-ansi-language: EN-US; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-font-size: 10.0pt; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: "Times New Roman"; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-fareast; mso-hansi-theme-font: minor-latin;">’s
Data Privacy Day Site:<span style="mso-spacerun: yes;"> </span><a href="http://otalliance.org/news/DataPrivacyDay.html"><span style="color: blue;">http://otalliance.org/news/DataPrivacyDay.html</span></a>
-- includes for example, its 2014 Data Protection & Breach Readiness Guide.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-67760079732088551422014-01-27T15:02:00.001-05:002014-01-27T15:02:34.943-05:00New “Personal Information Privacy” Legislation Introduced
<span style="font-family: Calibri;">On January 8, 2014, Sen. Patrick Leahy (D-Vt) re-introduced
a personal privacy protection bill intended “to prevent and mitigate identity
theft, to ensure privacy, to provide notice of security breaches, and to
enhance criminal penalties, law enforcement assistance, and other protections
against security breaches, fraudulent access, and misuse of personally
identifiable information.”<span style="mso-spacerun: yes;"> </span></span><a href="http://beta.congress.gov/bill/113th-congress/senate-bill/1897?q=%7B%22search%22%3A%5B%22privacy%22%5D%7D"><span style="color: blue; font-family: Calibri;">Personal
Data Privacy and Security Act of 2014, S. 1897</span></a><span style="font-family: Calibri;"> at preamble (introduced Jan.
8, 2014).<span style="mso-spacerun: yes;"> </span>Sen. Leahy introduced prior
versions of this bill in 2005, and in each of the four Congresses since.<span style="mso-spacerun: yes;"> </span>Press Release, “</span><a href="http://www.leahy.senate.gov/press/leahy-reintroduces-data-privacy-legislation"><span style="color: blue; font-family: Calibri;">Leahy
Reintroduces Data Privacy Legislation</span></a><span style="font-family: Calibri;">,” Jan. 8, 2014.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Sen. Leahy’s </span><a href="http://www.leahy.senate.gov/imo/media/doc/Section%20by%20Section%20of%202014%20Data%20Privacy%20dpt.pdf"><span style="color: blue; font-family: Calibri;">published
summary</span></a><span style="font-family: Calibri;"> of the bill provides a detailed list of the key components.<span style="mso-spacerun: yes;"> </span>There are two principal titles in this
bill:<span style="mso-spacerun: yes;"> </span>1) Enhancing Punishment for
Identity Theft and Other Violations of Data Privacy and Security; and 2)
Privacy and Security of Personally Identifiable Information (“<b style="mso-bidi-font-weight: normal;">PII</b>”).<span style="mso-spacerun: yes;">
</span>(There is a third title, relating to compliance with a statutory Pay-As-You-Go
Act, but the text is a short paragraph and just relates to budget compliance.)<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">See</i>
Leahy’s </span><a href="http://www.leahy.senate.gov/imo/media/doc/Section%20by%20Section%20of%202014%20Data%20Privacy%20dpt.pdf"><span style="color: blue; font-family: Calibri;">Section-By-Section</span></a><span style="font-family: Calibri;">
Analysis of the Bill.</span></div>
<span style="font-family: Calibri;"><u>Punishment Enhancement:</u><span style="mso-spacerun: yes;"> </span>The Bill adds expands the definition of
racketeering activity (</span><a href="http://www.gpo.gov/fdsys/pkg/USCODE-2012-title18/pdf/USCODE-2012-title18-partI-chap96-sec1961.pdf"><span style="color: blue; font-family: Calibri;">18
U.S.C. § 1961(1)</span></a><span style="font-family: Calibri;">) to include violations of the Computer Fraud and Abuse Act
(“<b style="mso-bidi-font-weight: normal;">CFAA</b>,” </span><a href="http://www.gpo.gov/fdsys/pkg/USCODE-2012-title18/pdf/USCODE-2012-title18-partI-chap47-sec1030.pdf"><span style="color: blue; font-family: Calibri;">18
U.S.C. <span style="mso-ascii-font-family: Calibri; mso-hansi-font-family: Calibri;">§</span>
1030</span></a><span style="font-family: Calibri;">); criminalizes the knowing concealment of a security breach that
requires notice (and provides for either a fine or imprisonment up to 5 years);
enhances the penalties for fraud and related activities under the CFAA;
provides the same penalties for <i style="mso-bidi-font-style: normal;">conspiracy</i>
to commit computer hacking as for <i style="mso-bidi-font-style: normal;">completed,
substantive</i> offenses; clarifies the criminal forfeiture requirements;
creates a civil forfeiture provision (providing that gross, not net, proceeds
may be forfeited under this section); precludes civil actions based on
violations of acceptable use policies or terms of service agreements; and adds
a new criminal provision making it a felony to damage a computer that manages
critical infrastructure systems, such as national security, transportation or
public health and safety (imprisonment would be between 3 and 20 years if
convicted). </span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;"><u>Privacy and Security of PII</u>.<span style="mso-spacerun: yes;"> </span>It covers detailed requirements for data
privacy and security programs; enforcement for data breach events (although
this specifically denies a private right of action); security breach
notifications (to whom made, method, contents, timing, notice to law
enforcement, permitting delays by Secret Service or FBI where notice could
impede active criminal investigations or national security); and preemption of
state law on breach notification; and enforcement (it appears to provide only
agency enforcement (by federal or state agencies) or criminal enforcement, and
not a private right of action).<span style="mso-spacerun: yes;"> </span></span></div>
<b style="mso-bidi-font-weight: normal;"><u><span style="font-family: Calibri;">Bill Status<o:p></o:p></span></u></b><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">This version of the legislation comes close on the heels of
the data breach at Target retail stores, involving the “debit and credit card
data of as many as 40 million customers during the Christmas holidays.”<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id</i>.
(quoting Sen. Leahy).<span style="mso-spacerun: yes;"> </span>Once introduced,
the bill was read twice, and referred to the Senate Judiciary Committee.<span style="mso-spacerun: yes;"> </span></span><a href="http://beta.congress.gov/bill/113th-congress/senate-bill/1897?q=%7B%22search%22%3A%5B%22privacy%22%5D%7D"><span style="color: blue; font-family: Calibri;">Bill
Status</span></a><span style="font-family: Calibri;"> (last visited on Jan. 26, 2014); <i style="mso-bidi-font-style: normal;">see
also</i> </span><a href="http://thomas.loc.gov/cgi-bin/bdquery/z?d113:S.1897:@@@L"><span style="color: blue; font-family: Calibri;">Detailed
Summary</span></a><span style="font-family: Calibri;">.<span style="mso-spacerun: yes;"> </span>Sen. Leahy also announced
that the bill “will be” the focus of a hearing before the Senate Judiciary
Committee this year.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.</i><span style="mso-spacerun: yes;">
</span>(Sen. Leahy is chair of the Senate Judiciary Committee.)</span></div>
<b style="mso-bidi-font-weight: normal;"><u><span style="font-family: Calibri;">Senate
Hearing:<span style="mso-spacerun: yes;"> </span>February 4, 2014 (To be Webcast
in Real Time)<o:p></o:p></span></u></b><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">A related hearing has already been announced, to be held before
the full Judiciary Committee.<span style="mso-spacerun: yes;"> </span>The
hearing notice does not specifically mention this bill, but is undoubtedly
related:<span style="mso-spacerun: yes;"> </span>"</span><a href="http://www.judiciary.senate.gov/hearings/hearing.cfm?id=138603a26950ad873303535a6300170f"><span style="color: blue; font-family: Calibri;">Privacy
in the Digital Age: Preventing Data Breaches and Combating Cybercrime</span></a><span style="font-family: Calibri;">,"
scheduled for February 4, 2014, at 10:15 am in the Dirksen Senate Office
Building, Room 226.<span style="mso-spacerun: yes;"> </span></span></div>
<span style="font-family: Calibri;">Two panels of testifying witnesses are currently scheduled.<span style="mso-spacerun: yes;"> </span>Panel 1 includes John J. Mulligan, EVP and
CFO of Target Corporation and Delara Derakhshani, Policy Counsel of </span><a href="http://consumersunion.org/"><span style="color: blue; font-family: Calibri;">Consumers Union</span></a><span style="font-family: Calibri;"> (publishers of <i style="mso-bidi-font-style: normal;">Consumer Reports</i>).<span style="mso-spacerun: yes;"> </span>Panel 2 includes The Honorable Edith Ramirez,
Chairwoman of the Federal Trade Commission, William Noonan, Deputy Special
Agent in Charge at the Criminal Investigative Division of the U.S. Secret
Service and Mythili Raman, Acting Assistant Attorney General in the Criminal
Division at the U.S. Department of Justice.</span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">If prior hearings are any indication, then it is likely this
hearing, which has been announced as a webcast, will also broadcast live.<span style="mso-spacerun: yes;"> </span>Visit the Judiciary Committee’s </span><a href="http://www.judiciary.senate.gov/hearings/hearing.cfm?id=138603a26950ad873303535a6300170f"><span style="color: blue; font-family: Calibri;">Hearing
Notice</span></a><span style="font-family: Calibri;"> to access the video feed.</span></div>
<b style="mso-bidi-font-weight: normal;"><u><span style="font-family: Calibri;">Other Data Privacy
Legislation</span></u></b><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: Calibri;">Sen. Leahy’s Bill is not the only one proposed in the
current Congress relating to data security breaches and notifications to
customers.<span style="mso-spacerun: yes;"> </span>Indeed, there are 303 other
bills pending with the words “privacy” in their title.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">See</i>
</span><a href="http://beta.congress.gov/search?q=%7B%22congress%22%3A%22113%22%2C%22source%22%3A%22legislation%22%2C%22search%22%3A%22privacy%22%7D"><span style="color: blue; font-family: Calibri;">Search
Results</span></a><span style="font-family: Calibri;">. One particularly noteworthy is the </span><a href="http://beta.congress.gov/bill/113th-congress/senate-bill/1927?q=%7B%22search%22%3A%5B%22data+security+act+of+2014%22%5D%7D"><span style="color: blue; font-family: Calibri;">Data
Security Act of 2014</span></a><span style="font-family: Calibri;"> (S. 1927), introduced by Sen. Thomas Carper (D-DE) and
Sen. Blunt (R-MO) on January 15, 2014.<span style="mso-spacerun: yes;">
</span>It seems to also be responsive to the Target data breach notification
problem in December 2013.<span style="mso-spacerun: yes;"> </span>It was read
twice and referred to the Senate Committee on Banking, Housing, and Urban
Affairs.</span></div>
Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-42524420335497175902013-12-31T11:00:00.001-05:002013-12-31T16:09:53.634-05:00Index of Articles in 2013<span xmlns="">Well, 2013 turned out to be a very busy year (on a personal level, so there aren't as many articles posted here during the year!), and 2014 promises to be very interesting. Given the public debates about copyright reform, we will probably be covering copyright law more than previously. However, the 1976 version of the Copyright Act took over two decades to finalize ("In fact, former Register of Copyrights Barbara Ringer, who had worked closely with Congress for much of the 1976 revision process, later called it a 'good 1950 copyright law.'" <a href="http://www.copyright.gov/regstat/2013/regstat03202013.html">from March 20, 2013 Speech By Maria Pallante</a>), so I do not expect that all of the issues raised about digital publication and distribution (among others) will be resolved overnight.</span><span xmlns=""></span><br />
<br />
<span xmlns="">We expect to see more proposals on the trademark side as well, although it's likely that members of Congress may avoid controversial issues this year. As a result, it is hard to predict whether we expect to see any revisions to the COICA/PIPA/SOPA drafts (relating to counterfeiting by predatory foreign websites), given that these proposals each had their own challenges in public debate.</span><br />
<br />
<span xmlns="">I look forward to your comments in the coming year, and wish you all the best in your own practices!</span><br />
<br />
<br />
<span xmlns=""><span style="text-decoration: underline;">Chronological Index of Articles Posted in 2013:</span></span><br />
<span xmlns="">January</span><br />
<ul>
<li><span xmlns="">January 1, 2013, <a href="http://privacyandip.blogspot.com/2013/01/new-years-resolution-always-read-terms.html">New Year's Resolution: Always Read Terms of Service for Social Media Networks!</a></span></li>
</ul>
<span xmlns="">February</span><br />
<ul>
<li><span xmlns="">February 3, 2013, <a href="http://privacyandip.blogspot.com/2013/02/webinar-scheduled-for-february-12-2013.html">Webinar Scheduled for February 12, 2013</a><br /> </span></li>
</ul>
<span xmlns="">March</span><br />
<ul>
<li><span xmlns="">March 12, 2013, <a href="http://privacyandip.blogspot.com/2013/03/common-questions-can-i-copyright-my.html">Common Questions: Can I Copyright My 'Knight in Shining Armor' Story?</a><br /> </span></li>
<li><span xmlns="">March 27, 2013, <a href="http://privacyandip.blogspot.com/2013/03/ftc-issues-new-guidance-on-online.html">FTC Issues New Guidance on Online Advertising Disclosures</a><br /> </span></li>
</ul>
<span xmlns="">April</span><br />
<ul>
<li><span xmlns="">April 12, 2013, <a href="http://privacyandip.blogspot.com/2013/04/yankees-successfully-oppose.html">Yankees Successfully Oppose Registration of "BASEBALLS EVIL EMPIRE" Trademark</a><br /> </span></li>
</ul>
<span xmlns="">June</span><br />
<ul>
<li><span xmlns="">June 20, 2013, <a href="http://privacyandip.blogspot.com/2013/06/white-house-releases-second-joint.html">White House Releases Second Joint Strategic Plan for IP Enforcement</a><br /> </span></li>
</ul>
<span xmlns="">July </span><br />
<ul>
<li><span xmlns="">July 21, 2013, <a href="http://privacyandip.blogspot.com/2013/07/online-piracy-and-counterfeiting-ad.html">Online Piracy and Counterfeiting: Ad Networks Adopt New "Best Practices Guidelines"</a><br /> </span></li>
<li><span xmlns="">July 22, 2013, <a href="http://privacyandip.blogspot.com/2013/07/uspto-extends-deadline-for-voluntary.html">USPTO Extends Deadline for Voluntary Best Practices Study</a><br /> </span></li>
</ul>
<span xmlns="">August</span><br />
<ul>
<li><span xmlns="">August 15, 2013, <a href="http://privacyandip.blogspot.com/2013/08/ipec-victoria-espinel-steps-down.html">IPEC Victoria Espinel Steps Down</a><br /> </span></li>
</ul>
<span xmlns="">October</span><br />
<ul>
<li><span xmlns="">October 2, 2013, <a href="http://privacyandip.blogspot.com/2013/10/new-copyright-proposal-addresses.html">New Copyright Proposal Addresses Performance Rights</a></span></li>
</ul>
<br />Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-59772087115455573872013-10-02T11:10:00.000-04:002013-10-02T13:03:11.737-04:00New Copyright Proposal Addresses Performance Rights<span style="font-family: inherit;">
</span><span style="font-family: inherit;">According to the BNA, </span><a href="http://watt.house.gov/"><span style="color: blue; font-family: inherit;">Rep.
Melvin L. Watt (D-NC)</span></a><span style="font-family: inherit;"> introduced the Free Market Royalty Act (H.R. 3219) on
September 30, 2013. <span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">See</i> “Rep. Melvin Watt Introduces Bill to Create Performance Right
for Recording Artists,” <i style="mso-bidi-font-style: normal;"><a href="http://iplaw.bna.com/iprc"><span style="color: blue;">BNA’s Patent, Trademark & Copyright
Journal</span></a> – Daily Update</i>, No. 191 (Oct. 2, 2013).<span style="mso-spacerun: yes;"> </span>Rep. Watt stated that this bill provides “<span style="color: black;">a ‘performance right’ that will obligate AM/FM radio
stations to compensate performers for the use of their music just as cable,
satellite and internet radio are obligated to do.”<span style="mso-spacerun: yes;"> </span>Press Release, “</span></span><a href="http://watt.house.gov/index.php?option=com_content&view=article&id=2910:congressman-watts-statement-on-the-introduction-of-hr-3219-the-free-market-royalty-act&catid=41:press-releases&Itemid=2"><span style="mso-bidi-font-weight: bold;"><span style="color: blue; font-family: inherit;">Congressman Watt's Statement on the
Introduction of H.R. 3219, the Free Market Royalty Act</span></span></a><span style="color: black; mso-bidi-font-weight: bold;"><span style="font-family: inherit;">,” October 1, 2013.<span style="mso-spacerun: yes;"> </span>(Note that the index of Rep. Watt’s press
releases indicates that this was issued on October 1.<span style="mso-spacerun: yes;"> </span>The release itself shows no date.<span style="mso-spacerun: yes;"> </span></span></span><a href="http://beta.congress.gov/bill/113th/house-bill/3219/actions?q=%7b%22search%22:%5b%22hr%203219%22%5d%7d"><span style="mso-bidi-font-weight: bold;"><span style="color: blue; font-family: inherit;">Congress.gov</span></span></a><span style="color: black; mso-bidi-font-weight: bold;"><span style="font-family: inherit;"> indicates it was introduced on
September 30, and has already been referred to the House Committee on the
Judiciary.)<o:p></o:p></span></span><br />
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="color: black; mso-bidi-font-weight: bold;"><span style="font-family: inherit;">Rep.
Watt explains that under current law, when an AM or FM station plays a song,
the composer and the publisher both receive royalties and the performer does
not.<span style="mso-spacerun: yes;"> </span></span></span><a href="http://watt.house.gov/index.php?option=com_content&view=article&id=2910:congressman-watts-statement-on-the-introduction-of-hr-3219-the-free-market-royalty-act&catid=41:press-releases&Itemid=2"><span style="mso-bidi-font-weight: bold;"><span style="color: blue; font-family: inherit;">Press Release</span></span></a><span style="color: black; mso-bidi-font-weight: bold;"><span style="font-family: inherit;">.<span style="mso-spacerun: yes;">
</span>This bill proposes to level that playing field, and put compensation for
music broadcasting on par with international counterparts.<span style="mso-spacerun: yes;"> </span><i style="mso-bidi-font-style: normal;">Id.<o:p></o:p></i></span></span></div>
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: inherit;">As of this writing, there are no co-sponsors to the
bill.<span style="mso-spacerun: yes;"> </span>The text of the bill has not been
received by the Library of Congress to post on its website, which states
instead:</span></div>
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt 0.5in;">
<span style="font-family: inherit;">“As of 10/02/2013 text has not been
received for H.R.3219 - To amend title 17, United States Code, to provide
copyright owners in sounds recordings with the exclusive right to negotiate in
the marketplace the performance of their works to the public by means of an
audio transmission, and for other purposes. <br />
<br />
“Bills are generally sent to the Library of Congress from GPO, the Government
Printing Office, a day or two after they are introduced on the floor of the
House or Senate. Delays can occur when there are a large number of bills to
prepare or when a very large bill has to be printed.” </span></div>
<span style="font-family: inherit;">
</span><br />
<div class="MsoNormal" style="margin: 0in 0in 10pt;">
<span style="font-family: inherit;">Undoubtedly, this lack of information is the result of the
government shutdown, which took effect on October 1, 2013 at 12:01am.<span style="mso-spacerun: yes;"> </span>(The Copyright Office has a </span><a href="http://www.copyright.gov/"><span style="color: blue; font-family: inherit;">notice on its site</span></a><span style="font-family: inherit;"> explaining that the
site is down because of the government’s shutdown, and will not be available
again until the office reopens.)<span style="mso-spacerun: yes;"> </span>Current
status, list of co-sponsors and any applicable text of the bill can be found </span><a href="http://beta.congress.gov/bill/113th-congress/house-bill/3219?q=%7B%22search%22%3A%5B%22hr+3219%22%5D%7D"><span style="color: blue; font-family: inherit;">here</span></a><span style="font-family: inherit;">
once it is made available by the Library of Congress.</span></div>
<span style="font-family: inherit;">
</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-44231488027838092942013-08-15T10:10:00.000-04:002013-08-15T10:15:09.804-04:00IPEC Victoria Espinel Steps Down<span xmlns="">Intellectual Property Enforcement Coordinator, Victoria Espinel, has stepped down from her position, effective Friday, August 9, 2013. Andrew Ramonas, "<a href="http://www.law.com/corporatecounsel/PubArticleCC.jsp?id=1202615318766&kw=White%20House%20IP%20Chief%20Victoria%20Espinel%20Steps%20Down&et=editorial&bu=Corporate%20Counsel&cn=20130813&src=EMC-Email&pt=Afternoon%20Update&slreturn=20130715003123">White House IP Chief Victoria Espinel Steps Down</a>," Corporate Counsel, Aug. 13, 2013. Until a new IPEC is officially named, <a href="http://thehill.com/opinion/op-ed/310005-howard-shelanskis-to-do-list">Howard Shelanski</a>, administrator of the U.S. Office of Information and Regulatory Affairs, will act as Interim IPEC. <a href="http://www.law.com/corporatecounsel/PubArticleCC.jsp?id=1202615318766&kw=White%20House%20IP%20Chief%20Victoria%20Espinel%20Steps%20Down&et=editorial&bu=Corporate%20Counsel&cn=20130813&src=EMC-Email&pt=Afternoon%20Update&slreturn=20130715003123"><em>Id.</em></a><em><br /> </em>According to Corporate Counsel, "Congress created the intellectual property enforcement coordinator post in the <a href="http://www.copyright.gov/newsnet/2008/354.html">Prioritizing Resources and Organization for Intellectual Property Act of 2008</a> (<a href="http://www.gpo.gov/fdsys/pkg/PLAW-110publ403/pdf/PLAW-110publ403.pdf">text</a>), and the Senate confirmed Espinel as the <a href="http://www.judiciary.senate.gov/nominations/111thCongressExecutiveNominations/IPEC-VictoriaEspinel.cfm">coordinator in December 2009</a>. She previously was an IP law professor at George Mason University School of Law and the first assistant U.S. trade representative for intellectual property and innovation." <a href="http://www.law.com/corporatecounsel/PubArticleCC.jsp?id=1202615318766&kw=White%20House%20IP%20Chief%20Victoria%20Espinel%20Steps%20Down&et=editorial&bu=Corporate%20Counsel&cn=20130813&src=EMC-Email&pt=Afternoon%20Update&slreturn=20130715003123"><em>Id.</em></a></span><span xmlns=""><em><br /> </em></span><br />
<span xmlns="">It has been<em> </em>suggested that Ms. Espinel will be moving over to the <a href="http://www.bsa.org/">Business Software Alliance</a>, although no formal announcement has yet been made. <em>See, e.g., </em>Alex Byers, "<a href="http://www.politico.com/morningtech/0813/morningtech11411.html">Where will Victoria Espinel land? - NYT: NSA leaks hurt cyber plan's chances - Senators step up Bitcoin scrutiny</a>," Politico Morning Tech, Aug. 13, 2013; The Deadline Team, "<a href="http://www.deadline.com/2013/08/nations-first-ip-czar-steps-down/">Nation's First IP Czar Steps Down</a>," Deadline, Aug. 12, 2013; Jennifer Martinez, "<a href="http://thehill.com/blogs/hillicon-valley/technology/316705-obamas-intellectual-property-chief-steps-down">Obama's intellectual property chief steps down</a>," Hillicon Valley (The Hill's Technology Blog), Aug. 12, 2013. </span><br />
<span xmlns=""> </span><br />
<span xmlns="">Updates from the IPEC's Office can be found here: <a href="http://www.whitehouse.gov/omb/intellectualproperty">http://www.whitehouse.gov/omb/intellectualproperty</a>. Interestingly, this site still lists Ms. Espinel as serving as the IPEC. </span><br />
<br />
<span xmlns=""><em>Prior Posts on the Privacy and IP Law Blog about the IPEC and its reports can be found here: <a href="http://privacyandip.blogspot.com/search/label/IPEC">http://privacyandip.blogspot.com/search/label/IPEC</a>. </em></span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-75055719897230011302013-07-22T00:34:00.000-04:002013-07-22T00:37:15.510-04:00USPTO Extends Deadline for Voluntary Best Practices Study<span xmlns=""><span style="font-family: inherit;">The USPTO recently requested comment from the public on the topic of "processes, data metrics, and methodologies that could be used to assess the effectiveness of cooperative agreements and other voluntary initiatives to reduce intellectual property infringement that occurs on-line—such as copyright piracy and trademark counterfeiting." <em>See</em> Prior Blog Post, </span><a href="http://privacyandip.blogspot.com/2013/06/white-house-releases-second-joint.html"><span style="font-family: inherit;">White House Releases Second Joint Strategic Plan for IP Enforcement</span></a><span style="font-family: inherit;"> (June 20, 2013). The original deadline for comment was July 22, 2013.</span></span><span style="font-family: inherit;"></span><br />
<br />
<span xmlns=""><span style="font-family: inherit;">On July 17, 2013, the USPTO extended the deadline until August 21, 2013.</span><em><br /><span style="font-family: inherit;"> </span></em></span><br />
<span xmlns=""><span style="font-family: inherit;">Interested parties should respond to the current regulation (</span><a href="http://www.regulations.gov/contentStreamer?objectId=090000648136a757&disposition=attachment&contentType=pdf"><span style="font-family: inherit;">Fed. Reg. No. 2013-17166</span></a><span style="font-family: inherit;">, see explanation in "</span><a href="http://www.regulations.gov/"><span style="font-family: inherit;">Voluntary Best Practices Study; Extension of Comment Period</span></a><span style="font-family: inherit;">") and include the information itemized in the original request (</span><a href="http://www.regulations.gov/contentStreamer?objectId=09000064813341ca&disposition=attachment&contentType=pdf"><span style="font-family: inherit;">Fed. Reg. No. 2013-37210</span></a><span style="font-family: inherit;">).</span></span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-36707657473021497172013-07-21T23:59:00.000-04:002013-07-21T23:59:07.916-04:00Online Piracy and Counterfeiting: Ad Networks Adopt New “Best Practices Guidelines” <span xmlns="">On July 15, 2013, the US Intellectual Property Enforcement Coordinator (IPEC), Victoria Espinel, announced the adoption of best practices for online advertising, with an aim to reduce the influx of counterfeiting or pirating conduct. The IPEC explained that these practices are aimed at "reducing the flow of ad revenue to operators of sites engaged in significant piracy and counterfeiting." Victoria Espinel, "<a href="http://www.whitehouse.gov/blog/2013/07/15/coming-together-combat-online-piracy-and-counterfeiting">Coming Together to Combat Online Piracy and Counterfeiting,</a>" Office of Management and Budget (July 15, 2013). The participants in this program – at least at the outset, are 24/7 Media, AOL, Conde Nast, Google, Microsoft, SpotXchange and Yahoo! <a href="http://www.whitehouse.gov/blog/2013/07/15/coming-together-combat-online-piracy-and-counterfeiting"><em>Id.</em></a></span><span xmlns=""> </span><span xmlns="">While supporting and encouraging initiatives like this, the IPEC also cautioned that these activities be undertaken in the context of other interests in the Internet marketplace:</span><br />
<br />
<div style="margin-left: 36pt;">
<span xmlns="">"It is critical that such efforts be undertaken in a manner that is consistent with all applicable laws and with the Administration's broader Internet policy principles emphasizing privacy, free speech, fair process, and competition. We encourage the companies participating to continue to work with all interested stakeholders, including creators, rightholders, and public interest groups, to ensure that their practices are transparent and fully consistent with the democratic values that have helped the Internet to flourish. We also encourage other participants in the online advertising space to consider adopting voluntary initiatives that protect ad networks, publishers, advertisers, creators, rightholders, and above all, consumers."</span></div>
<span xmlns=""></span><br />
<span xmlns=""><a href="http://www.whitehouse.gov/blog/2013/07/15/coming-together-combat-online-piracy-and-counterfeiting"><em>Id</em></a><em>.</em> The IPEC's blog post includes links to the public statements made by AOL, Google, Microsoft and Yahoo! about these best practices. A copy of the best practices themselves can be found <a href="http://2013ippractices.com/">here</a>.</span><br />
<br />
<span xmlns=""><span style="text-decoration: underline;"><strong>Earlier Online Advertising Initiatives</strong></span></span><br />
<br />
<span xmlns="">In March 2012, the IPEC announced another best practices initiative: IPEC, "<a href="http://www.whitehouse.gov/sites/default/files/omb/IPEC/spotlight/ipec_spotlight_may_jun_spotlight_2012.pdf">Advertisers and Advertising Agencies Address Online Infringement Through Best Practices</a>," Spotlight at 3 (Mar. 2012). Specifically, the American Association of Advertisers ("4As") and the Association of National Advertisers ("ANA") strongly encouraged their members to take affirmative steps to prevent U.S. advertisers from placing their ads on predatory foreign websites ("PFWs") – those websites based outside U.S. borders that target U.S. consumers and offer predominantly counterfeit products or pirated content. Press Release, "<a href="http://www.ana.net/content/show/id/23408">ANA, 4As Release Statement of Best Practices Addressing Online Piracy and Counterfeiting</a>" (undated)<span style="color: #223322;">; </span>Member Bulletin, "<a href="http://www.aaaa.org/news/bulletins/Pages/mmpirate_053112.aspx">Media Matters: Statement of Best Practices to Address Online Piracy and Counterfeiting</a>," (June 1, 2012). </span><br />
<span xmlns=""></span><br />
<span xmlns="">These affirmative steps include, for example, insertion of language in ad placement contracts that requires ad networks and other intermediaries involved in U.S.-originated advertising campaigns to take commercially reasonable measures to prevent ads from appearing on PFWs. Member Bulletin (June 1, 2012). Other steps include requiring intermediaries involved in the serving of an advertisement to respond expeditiously to complaints by rights holders or advertisers and to provide remediation to advertisers whose ads have been misplaced on PFWs. <em>Id.</em><br /> </span><br />
<span xmlns=""><span style="text-decoration: underline;"><strong>Conclusions</strong><em><br /> </em></span></span><br />
<span xmlns="">The problem of online counterfeiting and piracy undertaken by PFWs causes serious damage to the U.S. economy and U.S. businesses. <em>See, e.g.</em>, StopFakes.com, "<a href="http://www.stopfakes.gov/sites/default/files/Consumer_Tips.pdf">Top 10 Ways to Protect Yourself From Counterfeiting and Piracy</a>" (undated). Every initiative aimed at reducing the impact of these activities is welcome, assuming that other rights (such as First Amendment, privacy, competition and fundamental due process) are not sacrificed. Hopefully, we will see more initiatives from other key players in the Internet ecosystem that are not only aimed at reducing online piracy and counterfeiting, but also at effectively eliminating the incentive for PFWs to capitalize on U.S. intellectual property rights. By eliminating the incentive, perhaps the "cost" to offer pirated content and counterfeited goods will simply be too high, and these entities will choose to no longer offer them.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0tag:blogger.com,1999:blog-8071212044528874056.post-49799927295279313032013-06-20T11:33:00.000-04:002013-06-20T11:33:10.253-04:00White House Releases Second Joint Strategic Plan for IP Enforcement<span xmlns="">Today, the IPEC (Intellectual Property Enforcement Coordinator) announced that the White House has released its second <a href="http://www.whitehouse.gov/sites/default/files/omb/IPEC/2013-us-ipec-joint-strategic-plan.pdf">Strategic Plan for IP Enforcement</a>. The IPEC's blog provides more information about what is included in the update: <a href="http://www.whitehouse.gov/blog/2013/06/20/intellectual-property-key-driver-our-economy">http://www.whitehouse.gov/blog/2013/06/20/intellectual-property-key-driver-our-economy</a>.</span> <span xmlns="">Among the myriad updates in this report are the following:</span><br />
<ul>
<li><div>
<span xmlns="">Report on private sector "voluntary" agreements to combat counterfeiting and piracy: </span></div>
<div style="margin-left: 18pt;">
<span xmlns="">1) <a href="http://www.safemedsonline.org/">Center for Safe Internet Pharmacies</a> (jointly established by American Express, Discover, eNom, Facebook, GoDaddy, Google, MasterCard, Microsoft, Neustar, PayPal, Visa and Yahoo!); </span></div>
<div style="margin-left: 18pt;">
<span xmlns="">2) Joint initiative by AT&T, Cablevision, Comcast, Time Warner Cable, and Verizon along with music labels and movie studios to voluntarily reduce online piracy; </span></div>
<div style="margin-left: 18pt;">
<span xmlns="">3) Creation of best practices by payment processors such as American Express, Discovery, MasterCard, PayPal and Visa to withdraw payment services for online sales of counterfeit and pirated goods; and</span></div>
<div style="margin-left: 18pt;">
<span xmlns="">4) The Association of National Advertisers' and American Association of Advertising Agencies' joint <a href="http://www.ana.net/getfile/17509">leadership pledge</a> not to support online piracy and counterfeiting with advertising revenue (<em>see <a href="http://blog.mpaa.org/BlogOS/post/2012/05/08/Advertisers-Pledge-Not-to-Support-%E2%80%98Rogue-Websites.aspx"></a></em>MPAA's report about the issuance of this pledge);</span></div>
</li>
<li><span xmlns="">Of the 20 legislative recommendations made in the Administration's March 2011 White Paper on Intellectual Property Enforcement Legislative Recommendations, seven of them have become law.</span></li>
</ul>
<span xmlns="">The Administration re-articulated its continuing concerns about the following areas: 1) abusive patent litigation tactics that pose "a significant and growing challenge to innovation" and is seeking introduction and passage of various patent reform recommendations; 2) efforts by foreign governments to require the transfer of trade secrets or other proprietary business information as a condition of market access or the ability to do business in that country; and 3) changes in technology, social norms, business models and global distribution models that further complicate IP enforcement concerns (such as cloud computing, mobile computing, data storage, information security and 3D printing). It reports having made strides already to address these concerns, but recognizes that more work remains to be done.</span><br />
<br />
<span xmlns="">The USPTO simultaneously issued a request for public comment about Voluntary Best Practices to curb online counterfeiting and piracy. A summary of the Notice and its components can be found here: <a href="http://www.regulations.gov/#!documentDetail;D=PTO-C-2013-0036-0001">http://www.regulations.gov/#!documentDetail;D=PTO-C-2013-0036-0001</a>; the actual Federal Register Notice is here: <a href="http://www.regulations.gov/contentStreamer?objectId=09000064813341ca&disposition=attachment&contentType=pdf">http://www.regulations.gov/contentStreamer?objectId=09000064813341ca&disposition=attachment&contentType=pdf</a>. According to the Notice, comments must be submitted by July 22, 2013.</span><br />
<span xmlns=""></span><br />
<span xmlns="">The first <a href="http://www.whitehouse.gov/sites/default/files/omb/assets/intellectualproperty/intellectualproperty_strategic_plan.pdf">Strategic Plan was announced in 2010</a>. Prior <em>Privacy and IP Law Blog</em> posts about the IPEC and other IP enforcement initiatives/updates can be found here: <a href="http://privacyandip.blogspot.com/search/label/IPEC">IPEC</a>.</span>Christina D. Frangiosahttp://www.blogger.com/profile/06433147172417773197noreply@blogger.com0