Technology Policies Protect The Company and its IP

A computer and technology policy is an important part of protecting and managing intellectual property.  A business should consider establishing a policy addressing the following points:

Use of Company Technology

The technology provided by the company, including computer systems, communications networks, company-related work records and other electronically stored information in general should be used for only for the business of the company. Whatever the purpose, employees should be prohibited from transmitting, retrieving, or storing any communications or other content of a defamatory, discriminatory, harassing or pornographic nature. No messages with derogatory or inflammatory remarks about an individual’s race, age, disability, religion, national origin, physical attributes or sexual preference may be transmitted. Harassment of any kind should be prohibited.

Restricted Access to Computer Systems and Data.

The  Federal Computer Fraud and Abuse Act (18 U.S.C. §1030) provides protection against the improper accessing of computer systems and data, but the key to its protection is that the access is unauthorized.  Because an employee is generally authorized to access the company’s computer system, the protections of the CFAA are frequently held not to apply to the actions of employees.  By carefully defining what employees are authorized to do with the company’s computer systems and data, and what an employee is not authorized to do, the company may be able to extend the protections of the CFAA to disloyal that activities of disloyal employees.  Many states have laws that parallel the CFAA, for example Missouri’s Computer Tampering Statute Mo.Rev.Stat. §537.525.

 

Unlicensed Software

Employees downloading, installing, and running software can jeopardize the company’s computer system, and their installing and running unlicensed software can create substantial copyright liability.  Civil damage awards of up to $150,000, plus attorneys’ fees and costs, are possible as well as criminal penalties including substantial fines and imprisonment.  Employees should be restricted from downloading software and plug-ins without permission from IT, and Employees should be prohibited from installing unlicensed software on company computers.  Employees should further be prohibited from using unlicensed software on their personal computer to perform work for the Company.

Copyrighted Material

Copyrighted materials belonging to third parties should not be transmitted or stored on the company’s network without permission of the copyright holder. Employees should be encouraged to share links rather than actual copies.  Employees should be educated about the limits of fair use an incorporating copyrighted materials into company work product.

Social Media

The company should consider whether it wants employees posting anything about the company (good or bad).  Even well-intentioned posts can interfere with the coherent message that the company is trying to project.  At a minimum the company should instruct employees about the message that the company is trying to project on social medial.

The company should also consider whether it wants employees to identify themselves as employees of the company when participating in social media. Views expressed by employees could be attributed to the company by the mere fact of their employment,

Using Company email and email Addresses

The company should consider whether it wants employees using company email and in particular a company email address in conducting personal business.  Having the company’s email address associated with on-line postings could result in the employee’s personal opinions being attributed to the Company.  Email is also a tool for stealing electronic files.  The company should monitor employee emails, and advise employees that they are doing so.

Employees should be regularly reminded that company emails are business records that may be discoverable, and their content should be prepared accordingly

No outside media

Not only are flash drives and similar devices a tool for stealing electronic files, but they are a vector for computer viruses and other malware.  However they are beneficial and convenient and a complete prohibition could interfere with the proper conduct of the business.

 

 

 

Non-parties to an Arbitration Agreement are Generally Not Bound to Arbitrate

In Waymo LLC v. Uber Technologies, Inc., [2017-2130] (September 13, 2017), the Federal Circuit affirmed the district court decision that Uber Technologies, Ottomotto LLC, and Otto Trucking LLC could not compel Way merely because they Waymo was arbitrating a related dispute with Levandowski, who did have an arbitration agreement with Waymo.

The Federal Circuit said that Contract law principles hold that non-parties to a contract
are generally not bound by the contract, and a contract to arbitrate is not an exception. A party cannot be required to submit to arbitration any dispute which it has not agreed so to submit.  The Federal Circuit noted that the California courts have, in a few situations, compelled arbitration against an entity that was not a party to an arbitration agreement. The Federal Circuit said that the issue was whether the circumstances are such that Waymo can be compelled to arbitrate on equitable grounds, in Waymo’s suit against Uber, Ottomotto, and Otto Trucking, where there is no agreement to arbitrate.  The district court concluded that it could not, noting that Waymo had disclaimed reliance on the contracts with the employee, and Waymo need not rely on the terms of its written agreements merely because it makes reference to such agreements.

The Federal Circuit said that while equitable doctrines permit departure from the principle that non-parties cannot be compelled to arbitrate, when necessary to avoid
inequity, California precedent guides that unless the issues of the complaint are intimately intertwined with the non-party agreement containing an arbitration clause,
compulsion to arbitrate is inappropriate.  The Federal Circuit concluded that the district court correctly concluded that arbitration should not be compelled.

Subject of Internal Investigation Could not Block Disclosure of Report to Third Party

In Waymo LLC v. Uber Technologies, Inc., [2017-2235, 2017-2253] (September 13, 2017), the Federal Circuit denied intervenor  Levandowski’s petition for a writ of mandamus.  Waymo alleges that its former employee, Levandowski, improperly  downloaded thousands of documents related to Waymo’s driverless vehicle technology and then left Waymo to found Ottomotto, which Uber subsequently acquired.  Before the acquisition closed, counsel for Ottomotto and Uber (but not counsel for Mr. Levandowski) jointly retained a law firm to investigate Ottomotto employees previously employed by Waymo, including Mr. Levandowski.  Waymo sought to obtain the report, which the court permitted, and Levandowski unsuccessfully attempted to block with a write of mandamus.  The Federal Circuit said that a petitioner has to show three things to be entitled to the writ:

First, the party seeking issuance of the writ must have no other adequate means to attain the relief he desires—a condition designed to ensure that the writ will not be used as a substitute for the regular appeals process. Second, the petitioner must satisfy the burden of showing that his right to issuance of the writ is clear and indisputable. Third, even if the first two prerequisites have been met, the issuing court, in the exercise of its discretion, must be satisfied that the writ is appropriate
under the circumstances.

The Federal Circuit found that Levandowski failed the first test — establishing he had no other adequate remedy.  While Levandowski argued that an appeal after the disclosure was in effect no remedy, the Federal Circuit concluded that a post-judgment appeal by either Uber or Levandowski would suffice to protect the rights of Levandowski and ensure the vitality of attorney-client privilege.  The Federal Circuit went on to find that Levandowski failed to show that his right to issuance of the writ was clear and indisputable.  Finally, the Federal Circuit said that  Levandowski had not persuaded it to exercise its discretion here and overrule the District Court.

Dance Like No One is Watching; Email Like it’s Being Read Aloud at your Deposition

Dance like no one is watching; email like it’s being read aloud at your deposition — this sentiment was passed along this morning by a colleague.  It is good to be periodically reminded to be careful with your business and professional emails:

When [writing emails] creating exhibits for the inevitable law suit consider

  • Keep business email professional.
  • Write as if your mother were reading over your shoulder.
  • Consider the purpose of the communication.
  • Consider the audience/recipients of the information (including a judge and jury).
  • Be factual; where opinion is called for, identify it as opinion, and make sure that it is germane to the issues; do not give an opinion (e.g., legal) that you are not qualified to give.
  • Do not make mean or demeaning references to others.
  • Make your point, but avoid extreme emphasis!!!!
  • Keep business and personal messages separate.
  • Consider how your characterization of the Company and its activities would be perceived by an outsider.

 

Out-of-CTRL C

CTRL C, CTRL V (copy,paste) are widely used keyboard commands to add interesting content to emails, newsletters, and slide decks.  Everyone does it, so it must be o.k., right?  Not quite.  Copying existing text or images can constitute copyright infringement, if the copied material is copyrighted.  The problem is that almost everything is copyrighted.  There is an exception for certain fair uses — uses for criticism, comment, news reporting, teaching, scholarship, or research. But many uses in a commercial enterprise do not qualify as fair uses.

The following guidelines can help minimize the risks when putting together publications for internal or external distribution:

The Lit-Year

Anyone working in technology is familiar with the light year.  It is not a measure time, but of distance — the distance that light travels in one year — about 5.9 trillion miles.  In the world of intellectual property we should define another unit of measure: the lit year.  A lit year, like a light year, is not a measure of time.  Rather, the lit year is the typical spend in IP litigation in a year.  The most recently published AIPLA Economic Survey reports the median cost of a medium ($2-$10 million) patent infringement case at $2 million. The 2017 PWC Litigation Study puts the medium time to trial in a patent case at 2.4 years.  This makes a conservative estimate of the lit year at a little over $833,000.

So what’s the use for the lit year?  Like its scientific cousin the light year, the lit year is a bench mark that provides perspective.  For example, a $350,000 IPR might initially sound budget busting, but if you consider that it is only 0.42 lit years — the amount you would spend in about 5 months of litigation — its starts to make sense.  Similarly, a $20,000 new product clearance may seem like a needless expense but when you consider that this is just 0.024 lit years —  the amount you spend in about six days of litigation, it sounds like a better idea.

The lit year is a helpful tool in measuring risk, or more precisely the cost of reducing risk.

 

Gnireenigne

Reverse engineering (now does the title make sense?) is a common and legitimate business practice.  The recent federal Defend Trade Secrets Act specifically excludes reverse engineering from the definition of misappropriation.  18 USC §1839(6) (“the term ‘improper means’ . . . (B) does not include reverse  engineering.”).   While the Uniform Trade Secrets Act (some form of which is in force in 48 states and the District of Colombia) does not expressly mention reverse engineering, the Comments to Section 1 adopt the Restatement of Torts position that “Discovery by ‘reverse engineering’, that is, by starting with the known product and working backward to find the method by which it was developed” is not an improper means of acquiring a trade secret (provided the acquisition of the product was by a fair and honest means).

Thus if an unpatented product is acquired legally, and there is no enforceable promise not to reverse engineer, the owner of the product is free to analyze and copy the product.   Some courts have enforced  “no reverse engineering” clauses[1].  However after Impression Products, Inc. v. v. Lexmark International, Inc,  such restrictions may not be enforceable beyond the first purchaser, and in any event, at least some courts have found such “no reverse engineering” clauses unenforceable, for example where they interfere with the fair use of computer software.[2]

A business including reverse engineering as part of its product development process should be careful not to cast its own activities in a false light.  Emails and other internal documents referring to the business’ reverse engineering efforts as “knocking off” or similarly disparaging terms, may unfairly portray the company and its products should there be litigation in which the these documents come to light.  A business should instead accurately characterize its efforts as developing non-infringing competitive products, of which reverse engineering is just one part.

 

[1] See K&G Oil & Tool Service Co. v. G&G Fishing Tool Service, 158 Tex. 94, 314 S.W.2d 782, 785-86 (1958)(enforcing a negotiated agreement not to reverse engineer); Pioneer Hi-Bred Int’l, Inc. v. DeKalb Genetics Corp., 51 U.S.P.Q. 1987 (S.D. Iowa 1999)(enforcing “bag tag” restrictions on use of seed for research purposes).

[2] See Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir. 1988).

 

Give a Man Cupcake Sushi, and He’ll Have Dessert for a Day; Teach a Man to Make Cupcake Sushi, and He’ll Rip You Off

Lori Shubert and her company Cupcake Sushi, LLC filed an interesting lawsuit against Santiago and his associates doing business as Sushi Sweets, for patent infringement, trademark infringement, misappropriation of trade secrets, common law trademark infringement, federal and state unfair competition, and trade dress infringement. Shubert claims to have invented a unique confectionery dessert cake: cupcake sushi. Shubert has apparently built a thriving business in Key West Florida.  According to the complaint, Santiago, a former licensee and employee of Cupcake Sushi, absconded with product, equipment and Cupcake Sushi’s trade secrets.

Shubert clearly had an interesting and appealing idea, and while she took some steps to protect it, she probably should have formed a more comprehensive plan at the outset.  As she pleads in her lawsuit she applied for a utility patent (14/487364), she allowed the application to abandon.  She also applied for and obtained a design patent (D789,025) but filed the application several years after she claims to have developed her product.  Even if this patent validly protects a later design, she left her earlier designs exposed. While she did register her CUPCAKE SUSHI name and logo (Reg. Nos. 4471750 and 4770652), she might have also tried to protect her products names and appearances.

Resources are always tight in start-ups, and it is easy to second guess the allocation (or lack thereof) to lawyers, as entrepreneurs always seem to have other fish to fry. Shubert probably could have done more and done it sooner.  Shubert did take a number of appropriate steps to protect herself, and if those rights have been violated, then hopefully she will be able to enforce them and this won’t represent the fish that got away.  However, a more comprehensive approach might have made enforcement like shooting fish in a barrel:

Shubert may have learned another important lesson about protecting confidential information.  A confidentiality agreement does not make a dishonest person honest. The most important steps in protecting confidential information is limiting disclosures to people who can be trusted.

Shubert may have to also have to face the fact that no matter how comprehensive your intellectual property protection, there will always be some way for other to compete.  Good luck to Ms. Shubert, but if things don’t work out, there are always other fish in the sea.

An Implied Contract Can Turn You “Inside Out” — Remember the Non-Confidential Disclosure Agreement

Denise Daniels has sued the Walt Disney Company in the Central District of California for breach of an implied-in-fact contract to compensate her for using her ideas in the movie Inside Out.  Daniels alleges that she relied on the custom in the entertainment industry “to provide ideas and materials to produces and studios in exchange for compensation and credit if such ideas or materials are later used.” She further alleges that “Disney-Pixar accepted the disclosure of the ideas in The Moodsters with an expectation that it would have to compensate Daniels if Disney-Pixar used this idea in any television, motion picture, merchandise, or otherwise.”

This case is a reminder that receiving information from a third party is risky business.  Even where there is no violation of any traditional intellectual property right such as a patent, copyright, trademark or trade secret, one can still find oneself in a lawsuit alleging an implied-in-fact contract to pay for the “idea.”

While an implied-in-fact contract — a contract where none really existed —  is well recognized legal doctrine, this case appears to present a new doctrine — implied-in-fact consideration.  While most cases enforcing rights in ideas require that the idea be both concrete and confidential, many of the aspects of Daniels’ idea appear to have been publicly available.   Her company, Moodsters Company, obtained a copyright registration (PA0001394057) on a pilot The Moodsters: Amoodsment Park Mixup, claiming a date of first publication of June 1, 2007.  There have been Moodsters websites, and Daniels and her company have of and on been trying to register various Moodsters trademarks for more than a decade.

If the Moodsters are as publicly available as it appears, what did Daniels bring to Disney-Pixar that wasn’t already available to anyone?  Is it possible that Disney-Pixar is in a worse position for talking to Daniels, than someone who just referenced her public domain materials.  The answer is clearly yes.  Not because Daniels is certain to win, but rather because even if Disney-Pixar is in the right, they now have to defend themselves.

Daniels reminds us that even in the absence of a confidentiality agreement, there is a risk receiving information from a third party.  Rather than expose oneself to the vagaries of an after-the-fact contract, you may be better served with an explicit contract spelling out your obligations (or lack of obligations) to the disclosing party.

Imagining the Perfect Confidentiality Agreement

The perfect confidentiality agreements is, in most cases, overkill and in any event probably never would be signed. Hundreds, if not thousands of CDAs, NDAs, and other secrecy agreements are signed every day, and the vast majority perform adequately for their purpose.  Rather than chase perfection, the parties should focus on avoiding mistakes.

From the Perspective of the Disclosing Party

Prevent disclosure and use.  The disclosing party should make sure that the agreement not only prevents disclosure but also use of the confidential information.

Define protected information. The definition of protected information should include anything that the disclosure is likely to disclose.  The disclosing party should resist requirements that could result in accidental forfeiture, such as requirements that the information be marked confidential or that oral disclosures must be confirmed in writing.

Define the time.  The duration of the receiving party’s obligations should be clearly defined, as should the period of time during which the disclosing party can disclose information under the agreement.

Have an enforcement plan.  If the party to the agreement discloses or uses the information, there is a breach of contract action.  However, if a rogue employee or contractor, who is not a party to the agreement, discloses or uses the information, what is the plan?  The agreement can provide a right of enforcement, or require the receiving party to enforce the agreement on the disclosing party’s behalf.

Unnecessary obligations.  While it is easier to get a reasonable agreement when the provisions are mutual, a disclosing party should not accept confidentiality obligations to the receiving party if it does not need to.

Disclosing Party Options.  Ownership. The disclosing party may want to control ownership of inventions inspired by the disclosed invention.  Non-filing.  The disclosing party may want to restrict the receiving party from filing patent applications on subject matter inspired by the disclosure.  No Export.  The disclosing party may want to prevent export of the information.  Choice of law.  The disclosing party may want to select law that will protect the disclosed information.  Choice of forum.  The disclosing party may want to select a forum that is convenient and reliable, No warranties.  The disclosing party may want to disclaim any warranties about the disclosed information.  No obligation.  The disclosing party may want to disclaim an obligation to deal further with the disclosing party.

From the Perspective of the Receiving Party

Define protected information.  The receiving party needs to precisely define the information that is subject to the confidentiality obligations,

Exceptions.  The receiving party should define exceptions to its obligations for information that is already in the public domain; information that the receiving party already had in its possession, and information that subsequently comes into its possession other than from a breach of duty to the disclosing party.

Define the time. The receiving party needs to know how long to maintain confidentiality, and how long the disclosing party can make disclosures that the receiving party has to protect.

Receiving Party Options.  Confidentiality. The receiving party may want some protection for its own information that it might exchange with the disclosing party.  No obligation.  The receiving party  may want to disclaim an obligation to deal further with the disclosing party.  Choice of Law.  The receiving party may want to know the law that applies to the construction and enforcement of the agreement.   Choice of forum.  The receiving party may want to limit where it can be sued to enforce the agreement.

Checklist for a Confidentiality Agreement

  1. Parties properly identified
  2. Definition of protected information
  3. Obligation not to disclose protected information
  4. Obligation not to use protect information
  5. Duration of obligation to protect protected information
  6. Duration of agreement (period of disclosures by disclosing party)
  7. Indemnity by receiving party for breaches by those to whom it discloses the protected information
  8. Representations by receiving party
    1. Ability to enter into agreement
    2. Agreements with third parties to ensure performance
  9.  Ownership of developments based upon disclosed information.
  10. Promise not to file filing patent applications on subject matter inspired by the disclosure.
  11. No Export of the disclosed information.
  12. Choice of law that applies to the agreement.
  13. Choice of forum where agreement can be enforced.
  14. Disclaimer of warranties regarding the disclosed information.
  15. Disclaimer of obligation to deal further with the other party.
  16. Boilerplate
    1. Assignability
    2. Severability
    3. Effectiveness of copies
    4. Integration
    5. Authority of Signatories