Author: Gavin Law Offices

IP Strategies for Your Online Business

Posted on by Gavin Law Offices

Transitioning into an online business may feel daunting. From operations to technology, there are so many potentially new processes. Business owners currently operating online can also benefit from a review of their operations and how they can best protect their work. Don’t let your intellectual property strategy hinder your success! Here are five perspectives of what you need to consider when engaging online:

Advertising and Marketing 

  1. Marketing your product or service is an integral part of any business, especially when operating online. Creating an advertising strategy that abides by legal guidelines may sound confusing but there are a few easy tips.
  2. Firstly, make sure that all claims are truthful and substantiated. If you’re selling socks, don’t say that they can fix a broken bone.
  3. Don’t forget that this also applies to social media. Not only you and/or your business, but anyone you may work with such as content influencers, with must adhere to these rules.

Trademarks

  1. Select a strong name and/or logo for your business. What is a strong name? A good rule of thumb is, if it describes what you’re selling, it’s probably not distinct enough.
  2. Make sure you take steps to decrease the likelihood of infringement. Before committing to a name to use commercially, consult with a legal team to search existing marks and assess potential risks.
  3. Will you conduct business in multiple countries? Keep up to date with individual country’s trademark requirements so you understand how to file.
  4. Lastly, make sure to review your contracts to be aware of which rights you have and which rights you are granting. You cannot grant any rights that you don’t have! If you need help deciphering a contract, reach out.

Copyright

  1. Is there content that you use on your website, social media, or mobile apps? Make sure you know whether you can use media like music, text, photos, art, video, or other content in various ways- personally, commercially, within whatever geographic restrictions. Additionally, follow “proper credit and/or attribution” requirements for the content.
  2. Are third-parties able to post content on your website? You may want to limit your liability against their potential copyright infringement by taking advantage of the Digital Millennium Copyright Act (DMCA)’s Safe Harbor. Let us know if you need help navigating these requirements.
  3. Is there a person whose name, likeness, or image you are using in connection with your business? There are right of publicity laws that you must follow as well as applicable state laws.
  4. An online entrepreneurs’ website is like their online storefront. Do you have a clear agreement with your website or software developer? Make sure any other tools created for the operation of your business, like mobile apps, are included in your strategy. A well-written contract is a good way to take preventative measures before the work is done to avoid later infringement or theft.

Privacy and Other Legal Considerations

  1. Be in the know when it comes to changing data privacy and internet laws. Specific state laws may apply to your business even if you are not physically located there.
  2. The California Consumer Privacy Act (CCPA) and Californica Public Records Act (CPRA) grants California residents greater control over their personal data and how businesses use that information. If you want to prepare your businesses for CPRA compliance, start by reviewing how your company collects data, and then contact a professional about how to make sure everything is above board and complies with the new laws.
  3. Virginia recently passed similar legislation known as the Consumer Data Privacy Act (CDPA). There are some differences compared to California’s legislation such as which businesses apply to the regulations.
  4. Finally, set up your online presence to comply with other regulations such as the Americans with Disability Act (ADA). For example, make online offerings available to those with disabilities. Other important legislation includes the Children’s Online Privacy Protection Act (COPPA) and the Communications Decency Act (CDA).

Protection Strategies

  1. Last but certainly not least, educate yourself and pursue all routes to protect your content.
  2. Seeking registration with the Copyright Office and/or the USPTO is a great first step in protecting your business and intellectual property.
  3. Another strategy which helps to prevent improper use is to include notices on your website, social media, and /or mobile applications.
  4. If you are concerned about improper use, explore all monitoring tools and consult with your legal team.

Whether you already conduct business online or not, the internet is here to stay. It’s become an invaluable economic resource, especially with the need for remote options in the past year. As such a fast and accessible way to work, make sure you take into account all your legal and commercial options as an intellectual property owner.

(This is not intended as legal advice. Contact a lawyer for assistance in your particular situation.)

Protect Your Brew: National Beer Day and IP

Posted on by Gavin Law Offices

It’s no secret that Virginia loves a good brew. Virginia boasts an impressive selection of craft breweries and cideries, with more than 30 breweries in Richmond alone! But, did you know that several other states have an even higher proportion of breweries per capita? Vermont, Maine, and much of the Pacific Northwest carry an even denser selection of craft beer.  With so many small and mid-size independent brewers emerging in Virginia and across the country, it’s important for those in this increasingly competitive industry to understand their intellectual property rights. This National Beer Day, we wanted to share important legal considerations for those in the industry.

Our legal team tailors our established expertise in the field of intellectual property to assist in the protection and success of brewery-specific concerns.  From business formation to naming your brews, to protecting specialty artwork and maintaining local partnerships we offer assistance so you can focus on your craft.

Trademark Law:

How much have you attached to your brand’s name and logo? A trademark represents all the hard work you have put into your business and sets you apart in the field.  We can assist you with protecting your business/brewery name, beverage names, and taglines or slogans and enforce your rights in the same.  It is important to take steps to solidify your brand and ensure that your product is not confused with others.  Additionally, working with counsel prior to using a new trademark can help protect you from infringing upon others’ rights, and could avoid a costly infringement scenario.

Trade Secret Law:

How important are your recipes to your business? The recipes for your unique ciders and brews are only as valuable as they are kept in confidence. Trade secrets can be vital to a company’s survival, and are often among a business’s most valuable corporate assets.  Failing to properly protect trade secrets (for example, by filing a patent for a recipe that then discloses the details to the public) can prove disastrous for businesses.  Trade secret law provides an avenue to protect your valuable intellectual property while allowing it to be kept secret and potentially protected forever (while a patent only lasts for 20 years, a trade secret will last for as long as it is kept secret). Fortunately, there are measures you can take as well as policies and contractual provisions we can help you put in place to help protect your trade secrets.

Copyright Law:

Do you have artwork on your label? Did an artist create your logo or website? Alcohol brands dabble in copyright law more than you may expect. Brands should recognize the importance of filing and registering copyrightable subject matter to protect their hard work. Copyright registration and strong contracts and/or copyright assignments when necessary can help avoid preventable issues such as ownership disputes and infringement actions.  For example, under copyright law the author of the artwork, logo, website, etc., could own that material instead of the business unless the business has agreements in place that state otherwise. Our team can help ensure rights to commissioned works are transferred appropriately and provide the best copyright enforcement approach.

Licensing Law:

Do you want to partner with a local bakery for a wheat beer? How about a local coffee place for a stout? These kinds of deals can involve the sharing of proprietary information, and the parties may need to obtain permission to use the other’s trademarks and/or copyrights to market the product. Ensuring that proprietary information is kept confidential, and that certain guidelines are followed by the other business using your trademark, are smart measures to take.

Contract Law:

One of the best ways to safeguard against the various intellectual property issues mentioned above, as well as other legal issues impacting breweries, is a well drafted contract. Do your existing contracts cover all the bases with your vendors, business partners, or other third parties? How about your employment agreements?  Are they protective enough of your company in the event of a disgruntled employee? Thinking through these issues and contacting an attorney for assistance is not cynical – it’s a smart step towards safeguarding your business and ensuring its success.  Companies in the alcohol industry have significant need of contracts due to the many moving components needed to operate, and there is no one-size-fits-all contract.  Notably, brewers conducting business in certain states including California and Virginia should consider whether data privacy laws apply to their businesses that may impact their contractual requirements (The forthcoming  Virginia Consumer Data Protection Act may affect your business, which you can learn more about here.)

Celebration of National Beer Day on a brewery patio in Richmond, VA

This National Beer Day, we would like to raise a glass to the love and dedication that Virginia brewers pour into their craft.  Craft breweries, cideries, and wineries in any state should explore how considering these legal issues and putting protections in place can benefit their business. No matter what your specialty is, we want to help you protect it.

(This blog post is not intended as legal advice.  Please contact us for more information and assistance regarding your particular situation.)

 

 

Are Your Domain Names Protected?

Posted on by Gavin Law Offices

As use of generic top level domain names (gTLDs) grows, so does the risk of trademark infringement. When the original gTLDs were released, one strategy for fighting infringement was the use of domain blocking services. Sunrise B (SRB) refers to the domain name blocking service associated with the .xxx domain name.  SRB service blocks the registration of domain names in the .xxx gTLD that match the participants’ trademark and certain limited variations of those marks.

SRB participants enjoyed a 10-year block on .xxx domain names that matched their trademark. However, this protective service expires in December of 2021 and will be replaced by AdultBlock and AdultBlock+ services, collectively referred to as the “AdultBlock Services.” These services block domain name registration for protected trademarks in the .xxx, .adult, .porn, and .sex gTLDs. SRB registrants have the opportunity to rollover to the new AdultBlock Services with no additional verification.

As the deadline approaches, rights holders will have to decide what strategy is right for their goals. Like SRB, registering for AdultBlock Services provides considerable benefits for maintaining the strength of your trademarks. In doing so, registrants take control of their brand’s reputation and protect against potential damage.

There are some prerequisites to registration with AdultBlock services. Specifically, the participant must have registered their trademark with the Trademark Clearinghouse or be a SRB participant. With so many factors to consider, it’s important for potential participants to create a plan that is right for them. To learn more about how to decide if this is the right choice for your situation, contact Gavin Law Offices, PLC.

 

(This is not intended as legal advice. Contact a lawyer for assistance in your particular situation.)

 

–  Elizabeth Sewell and Lily Taggart

Celebrating St. Patrick’s Day the Trademark Way

Posted on by Gavin Law Offices

Although St. Patrick himself is steeped in hundreds of years of legend, there are a few remaining things that we know today. Many scholars credit him with bringing Christianity to the Irish people. We celebrate him on the 17th of March, the date that supposedly marks his death. One of the most common legends that most people may know revolves around the shamrock, a symbol of Ireland frequently used with the holiday and with Irish products and services. The tale holds that St. Patrick used the three leaves on commonly found Irish clover, the shamrock, to explain the Holy Trinity of Father, Son, and Holy Spirit. Since his death, the tales of St. Patrick’s life have grown and become strongly tied with Irish culture.

The modern holiday began on the small island years ago but it has now grown into a major celebration with economic opportunity. No shortage of green items are available to enhance the festivities. This St. Patrick’s Day, our team took some time during our regular Thursday afternoon meeting to host a Skribll.io tournament. The Irish theme meant drawing prompts such as shamrock, rainbow, pot of gold, and the classic green beer.

Speaking of Irish symbols, there are several Irish and St. Patrick’s-related examples of protected intellectual property. The U.S. Trademark Office has thousands of registrations and pending applications that feature a shamrock as part of the design. One product somewhat synonymous with the holiday is the classic pint of Guinness. Guinness first trademarked its iconic harp in 1876. The same type of Irish harp is actually the Republic of Ireland’s official national emblem. In order to differentiate between the two, the Irish government turned the harp the opposite direction! Trademark complexity is as old as the protections themselves, but that’s where we can help. Gavin Law Offices is here for all your trademark needs.

 

(This is not intended as legal advice. Contact a lawyer for assistance in your particular situation.)

 

 

Virginia Becomes 2nd State to Pass Comprehensive Data Privacy Law

Posted on by Gavin Law Offices

On March 2nd, Governor Ralph Northam signed into law the Consumer Data Protection Act (“CDPA”), making Virginia the second state to enact comprehensive data privacy legislation.  The new law, which will go into effect on January 1, 2023, combines concepts from the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”), as well as Europe’s General Data Protection Regulation (“GDPR”).  The CDPA grants numerous rights to residents of the Commonwealth to provide them with greater control over their personal data, and places new obligations upon covered businesses.  Specifically, the law gives Virginia residents (“consumers”) the right to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of the sale or processing of their personal data by covered businesses for purposes of “targeted advertising.”[1]  The CDPA broadly defines “personal data” as “any information that is linked or reasonably linkable to an identified or identifiable natural person,” and excludes de-identified data or publicly available information.  Virginia’s new law also creates a special sub-category for “sensitive data” that includes: “(1) personal data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status; (2) the processing of genetic or biometric data for the purpose of uniquely identifying a natural person; (3) the personal data collected from a known child; or (4) precise geolocation data.”

Who is Covered?

The CDPA applies to businesses, whether physically located in Virginia or not, that conduct business in or target residents of the Commonwealth, and that either: (1) control or process the personal data of at least 100,000 consumers, or (2) derive over 50 percent of their gross revenue from the sale of personal data and control or process the personal data of at least 25,000 consumers.  In addition to excluding small business from its scope, Virginia’s law includes several other exemptions and provisions making it generally more business-friendly than Europe’s and California’s laws.   For example, the CDPA excludes non-profit organizations and institutions of higher education, as well as businesses that meet the above thresholds but are already subject to federal privacy laws such as the Gramm-Leach-Bliley Act and HIPPA.[2]  The law also defines “consumer” as “a natural person who is a resident of the Commonwealth acting only in an individual or household context. It does not include a natural person acting in a commercial or employment context.”  While California passed temporary business-to-business (“B2B”) and employment-related exemptions to lessen the burden of businesses’ compliance with the CCPA, the Virginia law considers and includes built-in exceptions for these types of personal data.

Requirements for Covered Businesses

Businesses subject to the provisions of the CDPA will need to develop processes to allow consumers to exercise the above-mentioned rights.  Covered businesses should also prepare to comply with the following obligations under the new law:

  1. The requirement that covered businesses provide a reasonably accessible, clear, and meaningful privacy notice (often referred to as a “privacy policy”) that includes specific information as outlined by the law.
  2. The requirement that covered businesses considered “controllers” put contracts in place with third party “processors” of personal data containing specific provisions related to the handling of consumers’ personal data.[3] Thus, businesses subject to the CDPA should adopt standard contractual language to include in any agreements with vendors that will touch personal data.
  3. The requirement that covered businesses limit the collection of personal data to what is “adequate, relevant, and reasonably necessary in relation to the purposes for which such data is processed, as disclosed to the consumer,” and that such businesses “establish, implement, and maintain reasonable administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of personal data.”[4]
  4. The requirement that covered businesses conduct and document a formal “data protection assessment.” The assessment must include specific information related to businesses’ processing of personal data.  The Office of Attorney General may request a copy of a business’s data protection assessment under its investigative authority (which, for example, is likely to occur during its investigation into a covered business’s data breach).
  5. The requirement that covered businesses obtain affirmative consent from consumers before collecting and using “sensitive data.” Because affirmative consent is not currently required under California’s data privacy laws, many covered businesses will likely need to consider how they will obtain such consent and if/why they are processing sensitive data, specifically.

Enforcement

The CDPA will be enforced by Virginia’s Office of the Attorney General, which will have investigative authority and may seek injunctions and/or impose civil penalties of up to $7,500 per infraction for covered businesses that violate the law.  Any penalties and fees collected will go into a “Consumer Privacy Fund” used to support the work of the Office of the Attorney General to enforce the provisions of the CDPA.  Like the CCPA, Virginia’s new law also provides for a 30-day cure period for violations.  However, quite notably and unlike the CCPA, the CDPA does not include any private right of action.  Further, while the Virginia law does not contain language regarding rulemaking authority or procedures, it creates a “work group” to review the CDPA and issues related to its implementation.[5]  The work group’s findings, best practices, and recommendations regarding the implementation of the CDPA shall be submitted to the Chairmen of the Senate Committee on General Laws and Technology and the House Committee on Communications, Technology and Innovation no later than November 1, 2021.

Generally, the CDPA avoids several areas of uncertainty that lawmakers and California’s Attorney General, as well as covered businesses seeking to comply, encountered during the rollout of the CCPA.  Thus, Virginia’s law may provide a clearer model for consumers and businesses to follow, as well as for other states and possibly the federal government when developing their own data privacy legislation.  Gavin Law Offices, PLC will continue to monitor updates regarding the CDPA and other U.S. data privacy laws.

(This blog post is not intended as legal advice.  Please contact us for more information and assistance regarding your particular situation.)

[1] “Targeted advertising” means displaying advertisements to a consumer where the advertisement is selected based on personal data obtained from that consumer’s activities over time and across nonaffiliated websites or online applications to predict such consumer’s preferences or interests.  “Targeted advertising” does not include: (1) Advertisements based on activities within a controller’s own websites or online applications; (2) Advertisements based on the context of a consumer’s current search query, visit to a website, or online application; (3) Advertisements directed to a consumer in response to the consumer’s request for information or feedback; or (4) Processing personal data processed solely for measuring or reporting advertising performance, reach, or frequency.

[2] This language is considerably more favorable for businesses than a similar exception under the CCPA, which applies to only “personal information” collected, processed, sold, or disclosed pursuant to a specified federal law such as GLBA or HIPPA, and does not exclude the entity as a whole like the new Virginia law.

[3] Under the CDPA, “controller” means the natural or legal person that, alone or jointly with others, determines the purpose and means of processing personal data.  Meanwhile, “processor” means a natural or legal entity that processes personal data on behalf of a controller.  Both terms will be familiar to those acquainted with data privacy legislation, as they are borrowed from the GDPR.

[4] This “reasonable” safeguard standard is also included in the CCPA/CPRA and the GDPR.  The CDPA also includes language that “such data security practices shall be appropriate to the volume and nature of the personal data at issue.”  Thus, like existing data privacy law, Virginia’s will allow businesses to determine their own “reasonable” security practices and does not obligate covered businesses to put in place any specific data security measures.

[5] Specifically, the “Chairman of the Joint Commission on Technology and Science shall create a work group composed of the Secretary of Commerce and Trade, the Secretary of Administration, the Attorney General, the Chairman of the Senate Committee on Transportation, representatives of businesses who control or process personal data of at least 100,000 persons, and consumer rights advocates.”  Interestingly, this does not include representatives of businesses who derive over 50 percent of their gross revenue from the sale of personal data and control or process the personal data of at least 25,000 consumers.

 

–  Courtney Reigel, Esq.