Home > Publications > Blog > Archive


EPA Publishes Two Engine-related Items to Federal Register

by Phillip R. Bower , posted Friday, October 31, 2014

The U.S. Environmental and Protection Agency (EPA) recently published two items in the Federal Register related to engine regulations. The first notice addresses mobile engines and provides some new minimum standards on maintenance, as well as more flexibility for the use of auxiliary emission control devices in emergency vehicles and in nonroad equipment. The second notice addresses a reconsideration of rules related to the use of emergency stationary reciprocal internal combustion engines (RICE) in non-emergency situations. Read more...

More Flexibility for Nonroad Diesel Engine Replacement and Technical Hardship

by Phillip R. Bower , posted Tuesday, June 10, 2014

Under the U.S. Environmental Protection Agency’s (EPA) Tier 4 emission standards rule, nonroad diesel equipment manufacturers are required to install engines that meet current emission standards in their equipment unless an exemption applies. The EPA recently amended the Tier 4 rule to provide for additional flexibility under two of the exemptions – the replacement engine exemption and the technical hardship provisions under the Transition Program for Equipment Manufacturers (TPEM). See 79 Fed. Reg. 7077 (Feb. 6, 2014). Read more...

Outsourcing Review: PCI Data Security Standards for Mobile Payments

by Andrew J. Schlidt , posted Monday, June 18, 2012

The mobile payment industry is exploding and the framework of regulations governing mobile payments is evolving at a similar speed. Gartner, Inc. projects that worldwide mobile payment transaction values will surpass $617 billion and 448 million users by 2016. In recognition of the revolution in mobile payment solutions, on May 16, 2012, the PCI Data Security Standards Council published guidance on best practices for securely accepting payments via mobile devices – “At a Glance: Mobile Payment Acceptance Security.”  
Merchants that accept credit card payments through participating brands such as American Express, Discover, MasterCard, and Visa are required to implement security programs in compliance with the PCI Data Security Standards. All merchants engaged in mobile payment acceptance are well-advised to review this newly released guidance for compliance with PCI Data Security Standards in the context of mobile payments. 
Outsourcing Review provides commentary on legal developments affecting companies engaged in technology outsourcing (ITO) or business process outsourcing (BPO).

Outsourcing Review: 2012 Working Paper on Outsourcing IT to the Cloud

by Andrew J. Schlidt , posted Tuesday, June 12, 2012

Companies continue to move IT operations to the cloud given the efficiencies and convenience offered by cloud environments. While the cloud is often seen as a practical technological and financial solution by CIOs and CFOs, it conversely raises liability concerns for company risk managers, compliance officers, and in-house lawyers. An International Working Group on Data Protection in Telecommunications recently published a Working Paper in April 2012 to help this latter group wrap its arms around the privacy and data protection issues arising from cloud computing. The Working Paper contains guidance on 44 “best practices” that should be of interest to all cloud customers, especially those with operations, customers, or employees located in the European Union.
Outsourcing Review provides commentary on legal developments affecting companies engaged in technology outsourcing (ITO) or business process outsourcing (BPO).

Outsourcing Review: A Case of “Text Spam” and Vicarious Liability for Vendor Acts

by Andrew J. Schlidt , posted Tuesday, March 13, 2012

Many companies outsource portions of their marketing program to third party marketing firms. With the continued popularity of text messaging, marketing firms often encourage clients to enhance brand awareness through multiple channels of electronic communication, including text messaging.

Keep in mind that the sending of unauthorized, automated commercial text messages likely violates the Telephone Consumer Protection Act. In a recent “text spam” class action case before the U.S. District Court for the Southern District of California (In re Jiffy Lube International Inc., S.D. Cal., No 11-2261, 3/8/12), six named plaintiffs claimed that the defendants violated the Act for sending unauthorized, automated text messages to cell phones. One of the defendants sought dismissal from the case on grounds that its third party marketing firm sent the messages. The court rejected this particular defendant’s argument and ruled that the defendant should not be relieved of liability under the Act “merely because it hired a different firm to send advertisements to its customers.”

This ruling is a reminder that companies may be held vicariously liable for the acts of their outsource providers. Companies are well-advised to address compliance with laws and allocation of liability for non-compliance in their underlying outsourcing agreements.

Outsourcing Review provides commentary on legal developments affecting companies engaged in technology outsourcing (ITO) or business process outsourcing (BPO).

Beware of Unofficial Solicitations Regarding Your Trademarks & Domain Names

by Melinda S. Giftos , posted Wednesday, March 07, 2012

Have you recently received one or more official-looking notices or invoices relating to your trademarks, but were unsure who the notice was actually coming from? Does the notice indicate for a small fee, you can obtain registration or monitoring services? Were you surprised the notices were sent to you directly from the trademark office rather than through your attorney? If you answered yes to these questions, you have probably been the recipient of one or more trademark registry scams. Read more...

U.S. Patent and Trademark Office Launches America Invents Act Online Guide

by Michael J. Cronin , posted Wednesday, September 28, 2011

On September 16, 2011, President Obama signed the America Invents Act (AIA) into law. The AIA makes numerous changes to U.S. Patent Laws. To help with the transition, the U.S. Patent and Trademark Office (USPTO) has created an on-line guide that contains information about the changes the Act will bring. Some of those changes, such as patent fees, went into effect on Monday, September 26, 2011.  Other changes will fall into place over the next twelve to eighteen months. The site also includes a timeline that shows some major highlights in the coming year.  Finally, the USPTO website provides the opportunity to submit comments on the AIA and the agency’s implementation of the law.

President Obama Signs Leahy-Smith America Invents Act

by Michael J. Cronin , posted Friday, September 16, 2011

Earlier today President Obama signed the Leahy-Smith America Invents Act (AIA) into law, just several days after the USPTO issued the eight millionth patent. The AIA represents the most comprehensive change to U.S. Patent Law in more than 50 years. While many provisions do not take immediate effect, the provision mandating a 15% increase in many USPTO fees takes effect on September 26, 2011. If you have an application nearly ready to be filed, a patent maintenance fee due, or an issue fee that can be paid, taking action by September 26, 2011 will avoid the 15% fee increase.

President Obama to Sign AIA

by Michael Cronin , posted Wednesday, September 14, 2011

As reported by Fox news, President Obama will sign the "America Invents Act" Friday with an event in the Washington, DC area. Speaking to reporters on Air Force One, White House Press Secretary Jay Carney said, "The America Invents Act passed with the president's strong leadership after a decade of effort to reform our outdated patent laws. Patent reform is an issue both the White House and Congress have pushed for some time. The America Invents Act, previously known as the Patent Reform Act of 2011, was passed by the House in June with large bipartisan support. The U.S. Senate approved the House version of the bill last week voting 89-9.

It is Almost Time to Block Your Trademark From the .XXX Domain Registry

by Melinda S. Giftos , posted Wednesday, August 24, 2011

This year, the Internet Corporation for Assigned Names and Numbers (ICANN) approved a new .XXX top level domain (TLD) for the online adult entertainment industry. This is great news for the porn industry. However, companies in other industries aren't so excited about the prospect of having to register their trademarks with .XXX domain names, or alternatively, potentially allowing third parties to register their trademarks with the .XXX TLDs and then link the domain to porn sites. But all is not lost, and ICANN has set up a procedure for trademark owners to protect their marks.
The .XXX domains will become available in stages. From September 7, 2011 through October 28, 2011, concurrent "sunset" periods will run whereby owners of registered trademarks both inside and outside the adult entertainment industry may take action to reserve .XXX TLDs corresponding to their registered trademarks. One of the sunset periods, "Sunset B," is specifically geared toward non-adult industry owners of registered trademarks. During this time, trademark owners can reserve their trademark.xxx to prevent others from registering and using the domain name. However, to be eligible, the owner must hold a valid US or foreign trademark registration for the exact mark that it is seeking to block as of September 1, 2011. The owner must also pay a one-time fee, which has not yet been finally determined but is expected to be $200-$300. Once filed,, the blocked .XXX domain name will link to a standard page stating that the domain has been reserved, and the trademark owner will not be listed in WHOIS in connection with the domain and will not actually own the registration.
After the sunset periods end, general availability for all .XXX TLDs will begin on December 6, 2011.
If you have registered trademarks you would like to block from the .XXX TLD, or if you have further questions, please contact Mindi Giftos at (608) 234-6076 or mgiftos@whdlaw.com for more information.

Western District of Wisconsin holds that the patent marking statute, 35 USC § 292 is constitutional

by Melinda S. Giftos , posted Tuesday, March 15, 2011

In the wake of two recent district court rulings that the patent marking statute, 35 U.S.C. § 292 is unconstitutional, the United States District Court for the Western District of Wisconsin has stepped into the fray to disagree. On March 15, 2011 in an Opinion and Order on defendants' motion to dismiss in Hy Cite Corporation v. Regal Ware, Inc.Case No. 10-cv-168, Hon. William Conley held that the patent marking statute does not violate the "take care" clause of Article II of the United States Constitution. The finding was based in large part on the history of qui tam actions and the fact that the government can in fact intervene if it so chooses. The decision can be read here. The court also applied the Rule 8 pleading standard in determining the sufficiency of plaintiff's allegations in the complaint. This is contrary to many other district courts, who have required plaintiffs to adhere to the heightened standard of Rule 9 in pleading false marking claims.

The Risk of Using Adwords Continues to be Unclear ...

by Christian D. Lavers , posted Tuesday, December 14, 2010

The pending 4th Circuit case Rosetta Stone Ltd. v. Google Inc. continues to create interest and argument about the use of Adwords. Amici briefs filed in the case are highlighting both the variety of trademark law matters raised in the case, as well as several splits in jurisdictions on these issues.  
Last year, the district court granted summary judgment to Google, finding that Google’s sale of trademarks owned by Rosetta Stone as Adwords was not trademark infringement because: (i) Google’s use of these trademarked terms was not likely to confuse internet users, and (ii) under the functionality doctrine, Adwords were an essential function of Google’s product and therefore were protected use. This application of the functionality doctrine was in opposition to the 9th Circuit case Playboy Enter., Inc. v. Netscape Communications Corp., where the 9th Circuit rejected the functionality doctrine when finding that the marks at issue performed a source-identifying function for Playboy, and therefore functional use by Netscape was irrelevant. The Rosetta Stone case also involves nominative fair use issues, similar to the 2nd Circuit case Tiffany (NJ) Inc. v. eBay Inc., 600 F.3d 93, (2d Cir. 2010), where the 2nd Circuit held that a defendant “may lawfully use a plaintiff's trademark where doing so is necessary to describe the plaintiff’s product and does not imply a false affiliation or endorsement by the plaintiff of the defendant.” Finally, the lower court opinion in Rosetta Stone also touched on contributory infringement liability – specifically whether Google’s sale of trademarks owned by one party as Adwords to another party is intentionally inducing trademark infringement.
Over 30 parties have filed amici briefs with the 4th Circuit in Rosetta Stone, and with so many issues that will potentially be addressed, the case may be a seminal case on the intersection of the internet and trademark law. Stay tuned...

The CPSC Launches Into Social Media

by Melinda Giftos , posted Monday, November 22, 2010

Today, the Consumer Product Safety Commission announced its launch into social media:
In keeping with its commitment to protect the lives of children and families, the U.S. Consumer Product Safety Commission is launching “CPSC 2.0,” a comprehensive social networking initiative that will make lifesaving and other safety information more accessible to consumers. Utilizing a variety of technologies and social media sites, CPSC will rapidly expand its reach to millions of consumers.
Through social media, CPSC can directly reach millions of the moms, dads and others who need our safety information the most,” said CPSC Chairman Inez Tenenbaum.
To read the full text of the announcement, click here.

New Incoterms® Effective January 1, 2011

by Andrew J. Schlidt , posted Wednesday, October 27, 2010

If your company buys or sells goods internationally, whether online or otherwise, you will want to familiarize yourself with the newly released Incoterms® 2010. The Incoterms® are an internationally recognized standard in commerce published by the International Chamber of Commerce and are used worldwide in both international and domestic contracts for the sale of goods (such as equipment, parts and computers). The Incoterms® were first published in 1936 and offer internationally accepted rules of interpretation for many common commercial terms.
The Incoterms® help contracting parties avoid expensive misunderstandings by clarifying the responsibilities and risks involved in the delivery of goods overseas. The rules are developed and maintained by experts identified by the International Chamber of Commerce with expertise in international business transactions. The Incoterms® are updated generally every 10 years. A copy of the Incoterms® 2010 can be purchased through the ICC website.
Now is a perfect time to review your standard purchase and sale agreements to determine whether updates are appropriate. Consider both your paper contracts as well as your online agreements (such as terms and conditions of sale, purchase orders, acknowledgments and the like). For companies that outsource manufacturing and fulfillment operations to foreign parties, now is the time to update those agreements. Likewise, if your company sells and markets products through foreign distribution channels, now is a good time to confirm that those distribution agreements are in conformance with changes to international commercial law.

Be Careful Letting Your Friends Use Your Software!

by Christian D. Lavers , posted Wednesday, October 27, 2010

On October 18, the Fifth Circuit ruled that a software licensee violated a license agreement by allowing its lawyers to access and use the software. The court found that this use was a violation of the license because the license expressly prohibited any use of the software other than that explicitly granted by the license—and no right to allow use "on behalf" of the licensee was granted. (See Compliance Source Inc. v. GreenPoint Mortgage Funding Inc.). The Fifth Circuit reversed the summary judgment motion that had been granted in favor of the licensee at the district level.
In the case, GreenPoint installed software that develops and prepares loan documents, and then allowed its attorneys to access and use the software to prepare loan packages for GreenPoint loans. The court found this to be a violation of the license, and stated that it would not "look past the actual language of a licensing agreement and absolve a licensee who grants third-party access merely because that access is on behalf of, or inures to the benefit of, the licensee." In distinguishing prior cases, the court held that the license itself must allow use "on behalf of" the licensee in order for third-party contractors or agents to have the right to access or use the software. While the concept that those rights not granted are reserved is certainly not new, this case highlights the importance of carefully drafting or negotiating license agreements to insure that all of those people you need to use the software actually have the right to do so.

Latta Introduces New Patent Marking Legislation

by Mindi Giftos , posted Tuesday, October 12, 2010

Recently, Congressman Bob Latta (R-Bowling Green) introduced new legislation in response to the wave of patent marking lawsuits that have been filed since the Federal Circuit issued its decision in Forest Group v. Bon Tool, which increased possible damages for violations to potentially $500 per article (as opposed to $500 per violation). The legislation, H.R. 6352, the Patent Lawsuit Reform Act of 2010, would revert back to the standard that courts were applying prior to Bon Tool and violators of Section 292 of the Patent Act would be fined a single $500 fine if found guilty of false patent marking. The legislation will also require the individual bringing the false marking lawsuit to have suffered actual harm to have standing. Currently, any individual may bring a claim on behalf of the United States for false patent marking.
“Because of the Forest Group decision, this legislation is now needed to help companies fend off frivolous lawsuits and strengthen current law. During this time of economic uncertainty, companies should not have to worry about expending additional resources on lawsuits based on one court’s interpretation of current law,” Latta stated after introducing the legislation.
The full text of the legislation is not yet available, but you may track the bill's progress and read the press release here.

Federal Circuit Raises the Stakes in Patent Marking Cases

by Mindi Giftos , posted Thursday, September 02, 2010

On August 31, 2010, the United States Court of Appeals for the Federal Circuit issued its decision in Stauffer v. Brooks Brothers. In its opinion, the Federal Circuit held that the plaintiff patent attorney did have standing to sue Brooks Brothers as a qui tam plaintiff. The court also held that the United States had a right to intervene in the patent marking case. This much anticipated decision is likely to embolden would-be patent marking plaintiffs and the number of patent marking lawsuits will undoubtedly continue to grow. If your company has not yet completed product review to ensure markings are correct and up-to-date, now is a very good time to do so.

Imitation is the Strongest Form of Flattery: Just How Strong is the FACEBOOK Trademark?

by Christian Lavers , posted Wednesday, September 01, 2010

In what will be a test of just how broad the scope of protection of the FACEBOOK trademark is, Facebook, Inc. has filed suit against Teachbook.com LLC for trademark infringement and related causes of action in the Northern District of California.  Teachbook.com LLC operates a social networking site for educators and teachers (http://www.teachbook.com/), which according to Facebook is deliberately and willfully misappropriating the FACEBOOK brand.  Facebook is arguing that if third parties can use any "generic plus BOOK" mark for online networking services, the word "book" will become generic for online community services, thereby diluting the FACEBOOK trademark.  Key to this argument is Facebook's position that the word "book" is highly distinctive as used in the context of online communities and networking sites.  Further supporting Facebook's complaint, Teachbook touts its service as a substitute for Facebook on its website.  However, the USPTO saw no likelihood of confusion when they approved Teachbook's federal trademark application in September of 2009.  (Facebook has opposed this registration as well.)
This should be an interesting case in evaluating the scope of protection of famous marks.

Federal Data Security Law... Take Three!

by Christian D. Lavers , posted Tuesday, July 20, 2010

On July 14, members of Congress introduced a proposed federal data security law for the third consecutive Congressional session, even though the previous two versions of the bill were not acted on. The bill would require businesses to implement, maintain, and enforce reasonable data security policies and procedures, and would apply to all businesses regulated by Gramm-Leach-Bliley, businesses covered by the Fair Credit Reporting Act, and the big catch-all—businesses that maintain or communicate sensitive account or personal information in providing services to covered financial entities. Importantly, the bill would pre-empt the 46 different state laws on data security that already exist—eliminating the conflicting standards that exist today, and closing the gaps where no such law exists.  The bill would only require notification to consumers of breaches of security when harm was reasonably likely—not automatically after any breach. A good idea whose time has come?  We will see...

False Patent Marking: There Must Be an Intent to Deceive

by Melinda S. Giftos , posted Thursday, June 17, 2010

In December 2009, the U.S. Federal Circuit Court of Appeals issued a landmark decision, Forest Group v. Bon Tool Inc., holding that the statutory penalty of up to $500 for false patent marking should be imposed for each article falsely marked, as opposed to each patented product at issue.  As a result of this decision which sanctions potentially huge damage awards, false patent marking lawsuits have begun pouring into the courts.
However, last week in Pequignot v. Solo Cup Company, the Federal Circuit held even though marking products with expired patent numbers does constitute false patent marking, a plaintiff cannot prevail in a false marking case unless the false marking was done with intent to deceive the public. The required intent must be more than mere knowledge that the patent marking is false. A defendant can rebut a presumption of intent to deceive by providing "credible evidence that [the] purpose was not to deceive the public." Such evidence could include relying on the advice of counsel, or reducing business costs when remarking products constantly would be heavily burdensome. This case does provide some good news for patent holders as it will be more difficult for patent mismarking plaintiffs to recover the large amounts of potential damages if there is no evidence of an intent to deceive the public.

Shortcomings of the UDRP and Domain Name Disputes

by Christian D. Lavers , posted Monday, May 03, 2010

The Uniform Domain Name Dispute Resolution Policy (UDRP) was designed to provide a quick, low-cost arbitration-like process for resolving domain name disputes.  Governed by the World Intellectual Property Organization, a UDRP complainant must establish that (i) the domain name at issue is confusingly similar to their trademark, and (ii) that the domain name is used in bad faith. While the UDRP is effective in many situations, the case Volvo Trademark Holding AB v. Volvospares.com illustrates one of its big problems—proving bad faith in "grey areas."
In this case, the domain name www.volvospares.com was used to sell low-priced parts for Volvo cars; the problem was that the registrant had no connection with Volvo. When Volvo filed a complaint under the UDRP, the arbitrator did not find the domain to have been registered in bad faith because the website had a disclaimer that it was not related to Volvo, and there was no other proof of misrepresentation. However, when Volvo filed a federal cyber-squatting complaint, where the discretion of the judge is far broader, Volvo won transfer of the domain name. The court found what should have been clear in the UDRP—there was intent to divert sales using the Volvo mark.
The case illustrates one of the problems with the UDRP. While the UDRP is very efficient and effective in open-shut cases, it is often better to file a cyber squatting complaint where more complex issues of fact will arise.

Rescuecom Drops Google Adwords Lawsuit After Six Years of Litigation

by Melinda Giftos , posted Tuesday, March 09, 2010

After six years of battling with Google in the courtroom over Google's sale of Rescuecom's trademarked adwords, Rescuecom has dropped its trademark infringement lawsuit.
As we previously wrote, in April 2009, the Second Circuit Court of Appeals held that Google's sale of trademarked adwords constituted "use in commerce."  This holding was a major victory for Rescuecom as some courts had previously been readily dismissing adwords cases on this issue at the very early stages of litigation.  The case was remanded to district court where Rescuecom next had to prove that the sale of trademarked adwords also constituted "likelihood of confusion," the second prong of a trademark infringement action.  The case has been closely followed by both the business and legal communities since the issue of whether use of trademarked adwords can constitute trademark infringement is largely unsettled.
So why would Rescuecom simply drop its important case after years of litigation?
Apparently Rescuecom found itself on both sides of the adwords action.  Rescuecom purchased the Google adwords "geek squad" to optimize its own search engine ranking.  In October 2009, Best Buy demanded that Rescuecom stop using "geek squad" as an adword.  Rescuecom then quietly brought a declaratory judgment action in the Northern District of New York claiming that its use of the "geek squad" adwords was legitimate.  Best Buy counterclaimed, alleging trademark infringement and substantially the same allegations Rescuecom had asserted in its Google case.  That case is still pending.  It appears, however, that Rescuecom found it difficult to argue both sides of the issue.  Unfortunately, this means the Rescuecom case will not result in the precedent many were waiting for.
Interestingly, however, this issue is still percolating internationally.  In September 2009, the European Court of Justice's Advocate General issued an advisory opinion which held that use of trademarked keywords by Google or third-party users through Google's AdWords program did not constitute trademark infringement.  Instead, the Advocate General found that Google was providing information society services.  The advisory opinion, however, is not binding and several cases are still pending in European courts, including the heated adwords lawsuit between Louis Vuitton and Google.

Does Your Company Have a Social Media Policy? You Should ...

by Christian D. Lavers , posted Thursday, February 11, 2010

The use of social media in the workplace (Facebook, Twitter, Myspace, LinkedIn, etc.) is fraught with legal issues. Questions regarding ownership of information and data, potential copyright infringement risks, and personal privacy issues all intermingle when employees use employer-owned equipment to access and use social media. Concerns about confidentiality and trade secret information are raised when employees discuss company actions, plans, or decisions on social media. Additionally, the decision about how a company should interact with its customers in the social media marketplace is a difficult one. At the end of the day, there may be no one "right" answer—but there certainly are some wrong ones.
It is important that every company have a social media policy to address the risks and rewards of this new communication medium. Even the Florida State Bar is weighing in on the issue, issuing an opinion on November 17, Op. 2009-20 whereby a majority of the Florida Supreme Court judicial ethics committee found "friending" between judges and lawyers to be inappropriate! While there is significant disagreement on whether this position is correct even among legal scholars, it illustrates the increasing importance of social media in all industries. Use of social media is a cutting edge issue that requires some significant thought by businesses of all size.

Another Step Towards Requiring More Security In Online Transactions?

by Christian D. Lavers , posted Friday, February 05, 2010

The case Patco Construction Co. Inc. v. People's United Bank d/b/a Ocean Bank, D. Maine, No. 2:09-CV-00503-DBH, 1/19/10) is one of several recent cases alleging breaches of online security in financial transactions that may provide some guidelines as to what constitutes "reasonable care" in online financial transactions. The case alleges that use of several "challenge questions" added no practical safety beyond a password, and that additional mechanisms such as authentication tokens are required to meet the commercially reasonable standard. (Commercial banks are required to take "commercially reasonable" steps to protect customers against fraud.)
This case could be one more step towards a requirement of multi-factor authentication in financial transactions.

Contribute Now for Haitian Relief and Claim the Deduction Last Year

by Tax Exempt Organizations Practice Group , posted Sunday, January 31, 2010

Charitable contributions of money made on or after January 12, 2010 and before March 1, 2010, for the relief of victims in areas affected by the earthquake in Haiti, are deductible on taxpayers’ 2009 federal income tax return, thanks to a change in federal law. Contributions of money include contributions made by cash, check, money order, credit card, charge card, debit card or by a cell phone text message (as long as the taxpayer retains a copy of the telephone bill showing the name of the donee organization, and date and amount of the contribution). The contribution must be made to a qualified organization and meet all other requirements for charitable contribution deductions.
For more information, visit the Internal Revenue Service website, at which you may also search for qualified charitable organizations. The state income tax treatment of charitable contributions may differ from the federal income tax treatment. In fact, the Wisconsin Department of Revenue announced that taxpayers are not entitled to claim on their 2009 state income tax returns a deduction for charitable contribution made in 2010, regardless of the change in federal law.

Court Confirms that No Trademark Registration is Required to Pursue an Anticybersquatting Case

by Christian D. Lavers , posted Monday, December 21, 2009

The US District Court for the Central District of California confirmed that the trademark ownership that is necessary to pursue a claim under the Anticybersquatting Consumer Protection Act (ACPA) does not require ownership of a federal trademark registration. (See Monex Deposit Co. v. Gilliam, C.D. Cal., No. CV 09-287, 12/3/09.) In making this decision the court recognized that common law trademark rights and ownership will support an ACPA claim even if the trademark owner has not obtained a federal trademark registration. While this decision is not surprising based on the language of the ACPA statute, (which requires trademark ownership, not specifically registration), it provides case law for common law owners to rely on in asserting these claims.
The court also held that the fact that a third party may own a registration for the same mark at issue but on different and distinctive goods and services, (thus preventing confusion between the marks), will not prevent assertion of an ACPA claim by a common law trademark owner. This decision is also consistent with federal trademark law, but provides further ammunition for common law trademark owners in ACPA suits, and presumably in UDRP actions and other domain name dispute resolution procedures.

Beware of Trademark Registry Scams

by Melinda Giftos , posted Wednesday, November 18, 2009

Have you recently received an invoice for an international trademark registration fee and wondered in which country the mark was registered? Was the invoice legitimate looking, yet somewhat confusing? Were you wondering why you received the invoice directly rather than through your trademark attorney? Hopefully you thought about all of the above and inquired into the situation a bit more. The sad reality is that there are several overseas organizations, such as www.patentonline.org, which use these types of letters and their hoax websites to extort money from unwitting businesses. You are more likely to become duped if you have a large, international trademark portfolio, so registration and maintenance costs are nothing out of the ordinary; or if you typically handle all such fees directly in house.
A client recently received an invoice for the registration fee of one of its marks for almost $2,500 from the "Register of International Patents and Trademarks." It contained a drawing of the client's trademark with a registration number (which coincidentally corresponded with the client's U.S. Reg. No. for the mark) and a "Published" date (which corresponded to the U.S. Registration Date). The fine print: 
"Dear madam, and sir, the publishing of the public registration of your patent is the basis of our offer. We offer the registration of your Patent dates in our private Database. ... Our offer will be accepted, with the payment of the amount, and becomes a binding contract between you and ODM srl, is irrevocably binding for one year. Please notice that this private registration hasn't any connection with the publication of official registrations, but is a solicitation without obligation to pay, unless our offer is accepted...." 
Had they paid the fee, they would have received registry in nothing more than an unofficial, private registry. It was a scam. The clear lesson is to always carefully review invoices and correspondence such as this. If you receive any invoices for trademark or patent fees, carefully review the invoice to ensure it matches up with your company's trademark portfolio. Be vary of invoices that do not clearly indicate a known patent and trademark registry, such as the U.S. Patent and Trademark Office. If your attorney has assisted you with the trademark application/registration, you should not be receiving invoices directly. Last but not least, always read the fine print. Of course, if you have any doubt, be sure to consult with your trademark attorney to verify whether it is legitimate. While you would never want to miss an important fee deadline, you certainly do not want to fall prey to this type of scam.

Court Rejects Settlement Proposal for Data Breach Case Stating There is No Benefit to the Victims

by Christian D. Lavers , posted Wednesday, November 04, 2009

The District Court for the Northern District of California rejected a proposed settlement in a class action data breach case against TD Ameritrade Inc., stating that the settlement provided no value to the class. In re TD Ameritrade Accountholder Litig., N.D. Cal., No. 3:07-cv-02852-VRW, 10/23/09.) TD Ameritrade suffered a data breach in 2007 where the personal date of approximately 6 million customers was hacked into. The rejected settlement provided approximately $1.9 million in attorneys' fees but no financial award to the class. The judge stated that requirements in the settlement for TD Ameritrade to conduct data security tests and hire independent experts to analyze the breach were measures any responsible company would take independent of litigation, and that the data security software that would be provided to the victims was available at no charge online already. TD Ameritrade suffered a data breach in 2007 where the personal date of approximately 6 million customers was hacked into. The rejected settlement provided approximately $1.9 million in attorneys' fees but no financial award to the class. The judge stated that requirements in the settlement for TD Ameritrade to conduct data security tests and hire independent experts to analyze the breach were measures any responsible company would take independent of litigation, and that the data security software that would be provided to the victims was available at no charge online already.
In a rapidly evolving area of law, this case indicates that it may be harder than you think to "get out of" a data breach case once it is initiated, providing yet another reason to get the right security in place at the outset.

Red Flag Rules Take Multiple "Hits"

by Christian D. Lavers , posted Wednesday, November 04, 2009

On October 30, 2009, the FTC decided for the second time to extend the enforcement date of the "Red Flag Rules"—this time to June 1, 2010. This decision comes as the ranks of the critics of the rules continues to grow. On the litigation front, on October 29, 2009, the District Court of the District of Columbia granted a permanent injunction preventing the FTC from enforcing the Red Flag Rules against attorneys. On the legislative front, on October 20, the House of Representatives passed a bill that would exclude health care practices, accounting practices, and legal practices with 20 or fewer employees from the Rule, and would also exempt any business: (i) where all the clients or customers were known individually; (ii) that only perform services in or around residences of their customers; or (iii) have not experienced identity theft and are in an industry where identity theft is rare.
The continuing extension of enforcement dates, the pending legislative modifications, and the success of legal challenges mean that the Red Flag Rules, when they are eventually enforced, will likely apply to a smaller number of businesses, and will likely have additional provisions that "water-down" the requirements.

FTC Active in Enforcing Online Security Requirements Regarding Personal Information

by Christian D. Lavers , posted Thursday, October 22, 2009

Choicepoint has agreed to pay $275,000 to the FTC, and to conduct bi-annual assessments of their information security program and provide these assessments to the FTC for 20 years, in a modified settlement order issued by the Northern District of Georgia stemming from charges brought by the FTC related to Choicepoint's violations of a previous court order requiring implementation of a comprehensive information security program. The modified settlement order also imposes additional reporting obligations on Choicepoint regarding changes in corporate structure that may impact compliance, bi-monthly reporting on security incidents and the responses to them for the next two years, and other detailed reporting and record-keeping requirements.
In 2005, Choicepoint suffered a data breach that resulted in at least 800 cases of identity theft, imposition of more than $15 million in fines and damages, and a court order to maintain a comprehensive data security program. In 2008, this security program was significantly weakened when a key electronic security tool was turned off for four months resulting in additional data breaches. Choicepoint self-reported the breach, which resulted in the modified settlement order.
This order illustrates the point that the FTC is becoming more active in enforcing information security requirements—and once they start looking into your business, it may be hard to get them out.

Mattel and Fisher Price Agree to Landmark Settlement of Consumer Product Lawsuits

by Melinda Giftos , posted Tuesday, October 20, 2009

In 2007, Mattel and Fisher-Price introduced over 2 million defective toys into the consumer marketplace which were manufactured in China and contained illegal levels of lead. Because lead can cause irreversible brain damage, the toy companies ended up recalling  more than 21 million toys. This week, Mattel and Fisher-Price have agreed to settle the 22 resulting class action lawsuits filed against them, which would compensate millions of families who purchased the defective toys. If approved by the court, this landmark settlement could exceed $50 million. This comes on the heels of Mattel paying $12 million to 39 states to end investigations into lead content in toys and a $2.3 million civil penalty imposed by the federal government for exceeding legal lead paint limits.
It was the influx and subsequent recall of these defective toys that prompted significant governmental and consumer demands for higher safety standards. In fact, this recall prompted the U.S.'s implementation of the Consumer Product Safety Improvement Act of 2008, a dramatic piece of legislation which has awakened the Consumer Product Safety Commission and has required many businesses to implement dramatic new safety standards, which include lower limits of lead and phthalates, third party testing, warning labels and packaging standards which improve the efficiency of recalls. Ironically, the government has recently exempted Mattel from the third party testing requirement and allowed Mattel to conduct its own internal testing.
The Consumer Product Safety Act is still under development and affects a significant number of consumer products, particularly children's products.

Simply Complying with PCI May Not Be Enough To Prevent Data Breach Claims

by Christian D. Lavers , posted Wednesday, October 14, 2009

Heartland Payment Systems, the fifth largest payment processor in the United States, is the defendant in a class action lawsuit brought by nine banks and credit unions claiming that Heartland did not do enough to safeguard against security breaches. (See In re: Heartland Payment Systems Inc. Data Security Breach Litigation, S.D. Texas, No. 4-09-md-02046, 9/23/09.) Heartland's system was breached by hackers beginning in late 2007, resulting in the theft of personal financial information associated with millions of credit and debit cards, resulting in large expenses by the associated banks and credit unions that issued the cards—costs associated with destroying comprised cards, issuing new accounts, reimbursing consumers for fraudulent transactions, etc. Heartland's system was breached by hackers beginning in late 2007, resulting in the theft of personal financial information associated with millions of credit and debit cards, resulting in large expenses by the associated banks and credit unions that issued the cards—costs associated with destroying comprised cards, issuing new accounts, reimbursing consumers for fraudulent transactions, etc.
Interestingly, Heartland was compliant with the Payment Card Industry Data Security Standards (PCI-DSS) at the time of the hack. The PCI-DSS are standards issued by the major credit card companies requiring certain security standards and data management protocols by vendors using or accessing credit card information. (The standards are available at www.pcisecuritystandards.org. The complaint alleges that Heartland knew before the hack that the "bare minimum PSI-DSS standards were insufficient to protect it from attack by sophisticated hackers." In fact, according to the complaint, a statement made by Heartland in a 2008 Earnings Call acknowledged the need for greater data security beyond the PSI-DSS.
The case goes to show the continued need for online vigilance in the financial industry. It also raises a warning: don't simply rely on standards developed by others for your own security; be pro-active and go beyond what the baseline requirements may be.

Novel Applications of Trademark Law: "Reflashing" Cell Phones Could Constitute Trademark Infringement

by Christian D. Lavers , posted Tuesday, October 06, 2009

The Northern District of Texas has held that the question of whether modifying a cell phone so that it could work on a third party's mobile phone network (or "reflashing" the phone) constitutes trademark infringement must be determined at trial—and not by summary judgment. The key question: does reflashing constitute "use in commerce" as required under the Lanham Act?
In the case, MetroPCS Inc. v. Virgin Mobile USA LP, MetroPCS took branded Virgin Mobile phones and "reflashed" them so that they could work on the MetroPCS cell network. The Virgin Mobile phones were originally locked so that they could only function on a Virgin Mobile cell network—and obviously the phones bear the Virgin Mobile trademark. Virgin Mobile is arguing that reflashing the phones to operate on a different network in effect creates new phones—thus satisfying the "use in commerce" requirement—and therefore the fact that the phones still bear the Virgin Mobile trademarks constitutes trademark infringement.
The case illustrates a novel application of trademark law, and while its ultimate success is still undetermined, it may open the door to new application of trademark law in the information technology arena.

Inadequate Security for Online Banking Customers Could Lead to Liability for Negligence

by Christian D. Lavers , posted Thursday, October 01, 2009

In Shames-Yeakel v. Citizens Financial Bank the Northern District of Illinois refused to grant summary judgment for a negligence claim brought by a banking customer using online banking services provided by Citizens who had $26,500 stolen when an unauthorized person logged into the account using the customer's username and password and transferred funds out of it. The plaintiffs alleged that Citizens breached its duty to sufficiently secure its online banking system by using only "single-factor authentication" for security. As opposed to "multi-factor authentication," single-factor authentication uses only one means of verifying identity—a username and password. The plaintiffs allege that Citizens should have also provided them with a "token" as another means of verifying identity—thereby using multi-factor authentication. (A "token" is a digital object either carried by the user or saved to the user's computer that verifies identity, for example by generating ever-changing pass-codes or by verifying that the computer being used is the computer linked to the user.)
To establish the "reasonable care" that should be provided in these transactions, the plaintiffs relied on a 2005 document created by the Federal Financial Institutions Examination Council entitled "Authentication in an Internet Banking Environment," which found "single-factor authentication, as the only control mechanism, to be inadequate for high risk transactions involving access to customer information or the movement of funds to other parties." (See the document at www.ffiec.gov/pdf/authentication_guidance.pdf.) The document went on to state that "[a]ccount fraud and identity theft are frequently the result of single-factor (e.g., ID / password) authentication exploitation." This was enough for the plaintiff's claim to survive summary judgment.
Interestingly, the bank was in the process of issuing tokens to its users at the time of the theft—but had not issued one to the plaintiffs yet. This case should raise alarm bells for any financial institution that offers online banking but relies on basic (e.g. outdated) security protocols. The court explicitly held that "[i]n light of Citizens' apparent delay in complying with FFIEC security standards, a reasonable finder of facts could conclude that the bank breached its duty to protect Plaintiffs' account against fraudulent access."
This could be another case of "an ounce of prevention is worth a pound of cure." At the same time, keeping up with the latest in security threats can be a never ending job.

McDonalds Loses Trademark Infringement Suit Against McCurry's

by Christian D. Lavers , posted Tuesday, September 08, 2009

An 8-year legal battle ended last week between McDonald's Corp. and the restaurant McCurry over use of the prefix "Mc." McCurry is a restaurant in Kuala Lumpur that serves traditional Indian and Malaysian food, but with a "fast-food ambiance" (see mccurryrecipe.com/). McCurry describes itself as the "first Indian Fast Food Outlet" in Kuala Lumpur.
McDonald's sued McCurry in 2001 for trademark infringement for use of the prefix "Mc"—but the Malaysian Federal Court affirmed a lower court ruling last Tuesday that there was a distinguishable difference between hamburgers and curry ("McCurry" is short for Malaysian Chicken Curry according to the owners of McCurry).
Interestingly, the McCurry restaurant also uses a red and white color scheme, and also uses a smaller tagline under the name—which looks very similar to the "millions and millions served" tagline under the well-known McDonald's signs. Taken together—a stated intent to create "Western style fast-food ambiance", a similar color scheme, similar signage, and a similar name with the same dominant prefix—it seems a good argument that there was a clear intent to evoke the image associated with McDonald's. Perhaps a trade dress lawsuit would have been more appropriate than a straight trademark infringement suit based only on the word mark itself. In fact, if you look at the McCurry home page there is a video showing the interior of the restaurant—which looks almost identical to any McDonald's restaurant.

ABA Fights Implementation of the FTC's "Red Flag" Rules

by Christian D. Lavers , posted Monday, August 31, 2009

On Thursday, August 27, the American Bar Association filed suit against the Federal Trade Commission to prevent application of the FTC's new proposed "Red Flag" rules to lawyers and law firms (See the complaint at www.abanet.org/media/nosearch/1). The "Red Flag" Rules require that any business or entity that acts as a "creditor" create a policy and procedure to help prevent identity theft—even if the business is only acting as a creditor by billing for goods and services after the services are rendered or the goods are provided.
The FTC has had numerous problems in its attempted implementation of the rule, and recently postponed enforcement of the rule to November 1—its third such postponement. The problems have related to the incredible breadth of the rule, and its application to virtually every business and industry in existence.  The American Medical Association has also been a vocal critic of the rule as applied to doctors, (see www.ama-assn.org/ama/no-index/physician-resources/red-flags-rule.shtml), though they have not gone so far as to file a lawsuit.
While identity theft is a growing problem and needs to be addressed, the current version of the "Red Flag" Rules creates almost as many problems as it attempts to fix. Stay tuned for updates...

The Federal Circuit Overturns the TTAB's Standard for Fraud

by Melinda Giftos , posted Monday, August 31, 2009

Today, the Federal Circuit reversed the Trademark Trial and Appeal Board's ("TTAB") finding of fraud in Bose Corp. v. Hexawave, Inc., 88 USPQ2d 1332 (TTAB 2007).  In Bose Corp. v. Hexawave, Inc., the Bose Corporation was no longer manufacturing and selling audio tape recorders and players when it renewed its WAVE trademark for use with several goods, including the tape recorders and players.  However, Bose was still repairing its tape players and believed that such services constituted use in commerce of the mark.  The TTAB held it was not, and that by signing its renewal declaration of use, Bose had committed fraud on the Patent and Trademark Office ("PTO").  The TTAB then cancelled Bose's WAVE trademark registration.  Bose appealed the decision to the Federal Circuit, claiming that it had not engaged in fraud on the PTO.
The Federal Circuit held that even though Bose was incorrect in its belief that repairing tape players and recorders was appropriate use in commerce of the mark, it had not committed fraud.  The Federal Circuit reiterated the standard for fraud and held that subjective intent to deceive is required for fraud claims to invalidate a trademark registration.  Mere negligence is not sufficient.  By equating a "should have known" standard with subjective intent to deceive, the TTAB erroneously lowered the fraud standard to a simple negligence standard.  However, a trademark is obtained fraudulently under the Lanham Act only if the applicant or registrant knowingly makes a false, material representation with the intent to deceive the PTO.
This has been a long awaited decision and will certainly have an impact on the TTAB's increasing willingness to cancel trademark registrations for errors - whether intentional or not.  You may review the full opinion at: http://www.cafc.uscourts.gov/opinions/08-1448.pdf .

The Adword Wars Continue

by Melinda S. Giftos , posted Tuesday, August 18, 2009

In April 2009, the Second Circuit Court of Appeals issued a favorable ruling to Rescuecom, finding that Google's sale of adwords - which often include third party trademarks - constituted "use in commerce" of trademarks under the Lanham Act. The Rescuecom ruling has since prompted a flurry of lawsuits against Google, with claims that its sale of adwords to third parties and competitors constitutes trademark infringement.
These cases face a variety of challenges, however. One of the most difficult hurdles for plaintiffs will be proving a likelihood of consumer confusion - something none of them have yet done.  Another substantial obstacle is Google's aggressive defense of its Trademark Adwords Policy. Indeed, Google has taken a very proactive approach in the adword litigation arena.  In May 2009, a class action lawsuit was filed against Google in the Eastern District of Texas. After failing to serve Google for two months, Google turned the tables on its would-be opponent and filed a complaint in late July 2009 against the individual named in the class action seeking a declaratory judgment and a breach of contract claim.
That has not stopped the action, however. The newest trademark owner to join the adwords wars against Google is Flowbee International, Inc., who filed a complaint in the Southern District of Texas on August 13, 2009.
Stay tuned for more developments.

More Libel Claims Arising From Tweeting

by Christian D. Lavers , posted Thursday, August 13, 2009

A libel complaint was filed on July 29, 2009 in New York by administrators of a New York condominium building against residents and former employees that had "tweeted" that the administrators were involved in the death of the building's property manager, among other crimes. (See Neiditch v. Acar, N.Y. Sup. Ct., No. 09110783.) The plaintiffs have asserted 15 libel claims, and demanded $12,000,000 per claim. Interestingly, the plaintiffs have also named Twitter, Inc., as well as the registrar (GoDaddy), and a company that hosted blogs posting the communications (WordPress) as defendants.
This case, along with the recently filed Horizon Group Management LLC v. Bonnen will significantly impact the use and risks of social networking by companies and individuals. As communications technology develops, the intersection of new communication mediums and "old" legal concepts will inevitably create interesting case law... stay tuned for updates. In the meantime, keep your tweeting, blogging, and LinkedIn commentary positive...

Kappos confirmed as New USPTO Director

by Ted J. Barthel , posted Tuesday, August 11, 2009

With no notice to the public, and after the Senate was reported to have adjourned for their August recess, on Friday, August 7, 2009, David Kappos was confirmed as Undersecretary of Commerce for Intellectual Property and Director of the United States Patent and Trademark Office.  Prior to his confirmation, Mr. Kappos spent his entire career with IBM – both as an electrical engineer and later as a patent attorney. His most recent position at IBM was Vice President and Assistant General Counsel, Intellectual Property Law.
The intellectual property community is generally pleased with the Kappos nomination.  Mr. Kappos is seen as a patent office director who has a global perspective on intellectual property in view of 20 years of private sector experience at IBM.  Mr. Kappos appears ready to balance (i) innovative approaches to catch the  intellectual property system up to the twenty first century while (ii) maintaining the value of intellectual property.
Mr. Kappos received his Bachelor of Science Degree in Electrical and Computer engineering from the Universityof California Davisin 1983, and his law degree from the University of California Berkeley in 1990.  He joined IBM in 1983 as a Development Engineer and has served as an Intellectual Property Law attorney in IBM’s Storage Division and Litigation group, as IP Law Counsel in IBM Software Group, as Assistant General Counsel in IBM Asia/Pacific, and IBM Corporate Counsel and as Assistant General Counsel.

More Data Breach Laws Enacted

by Christian D. Lavers , posted Wednesday, July 29, 2009

Legal requirements surrounding data breaches continue to increase, with multiple states recently proposing new laws.
The North Carolina legislature has approved a revision to its breach notice statute that would require notification to the State Attorney General of any data breach compromising personal information, no matter how small (North Carolina State Bill 1017). (The previous version required notification to the State Attorney General only if the breach affected more than 1000 North Carolina residents.) The bill is expected to be approved by the Governor, and is available at www.ncga.state.nc.us/.
Missouri recently passed a data breach notification law for the first time which will become effective on August 28, 2009. The new law requires businesses and government agencies in Missouri to notify state residents if their unencrypted or unredacted computerized personal information is breached, provided there is a "risk of harm." If more than 1000 residents are impacted, the notification must also be provided to the State Attorney General. (Missouri House Bill 62 is available at www.house.mo.gov/).
Only five states remain without data breach notification laws: Alabama, Kentucky, Mississippi, New Mexico, and South Dakota. That may soon be a moot point, however, as Congress continues to consider enacting a variety of data security or breach notification laws that could pre-empt state law. Stay tuned for updates...

The Emerging Role of Technology Counsel

by Andy Schlidt , posted Wednesday, July 22, 2009

If you enjoy the intersection of technology, law, and commerce, this job is for you. Increasingly, companies are engaging Technology Counsel to manage legal issues arising out of the use or commercialization of new technologies. Daniel L. Pelc, Assistant General Counsel at Fios, Inc., called this one: my.advisor.com/doc/18750. Here’s what the job entails:
Job Description: Commercial lawyer with expertise in negotiating and drafting complex technology transactions; forming joint development arrangements; establishing joint ventures, distribution networks, and supply channels; managing IP portfolio; assisting in M&A due diligence; overseeing technology risk management and dispute resolution; managing regulatory compliance.
Increasingly, companies will bring this expertise in-house or they will look to outside firms to fill the gap. WHD developed a practice area to meet this need. See our service description at www.nationaltechnologycounsel.com/.

Texas Court Invalidates Arbitration Provision in Website Terms of Use Based on Unilateral Right to Modify

by Christian D. Lavers , posted Friday, April 24, 2009

The Northern District of Texas has held that arbitration provisions in website terms of use that also provide the owner of the site with the right to unilaterally change the terms are illusory and not enforceable. (See Harris v. Blockbuster, Inc., No. 3:09-cv-217-M, N. Tx. 4/15/2009). A key factor in the decision was the lack of any language to suggest that an amendment would be inapplicable to disputes arising before the amendment, or to disputes arising out of events occurring before the amendment. However, the court also noted that this reasoning does not only apply to attempts to apply modification to earlier actions, but instead is more generally applicable to the "ability to unilaterally change the rules of the game." This ability to change the rules at any time makes the contract illusory.
This case raises significant questions with respect to the enforceability of most website terms of use—which almost all provide the website owner with the ability to unilaterally modify terms effective upon posting the change.

TTAB Clarifies Open Issue Regarding Fraud

by Melinda S. Giftos , posted Thursday, February 05, 2009

The Trademark Trial and Appeal Board recently issued a precidential opinion clarifying the role of fraud in multi-class trademark applications. In G&W Laboratories, Inc. v. G W Pharma Limited, the Board held that multi-class trademark registrations can be viewed as a series of separate registrations with regard to each class of goods and services. In using that view, if one class is invalid due to fraud, only that class is affected, not the entire application.
G&W Laboratories represents a positive step by the Board in clarifying how the evolving "fraud" standard should be applied. While trademark registration owners need to continue exercising proper diligence in ensuring all information in trademark registrations are correct, they no longer have to fear the harsh penalty of losing trademark rights in an entire multi-class registration based on errors in single class.
To view the full G&W Laboratories decision, please click here.