Historically, the U.S. Patent and Trademark Office (PTO) has refused to register trademarks considered to be offensive in that they disparaged a particular person, group or institution.  Now the PTO cannot deny the registration of offensive marks on the ground that they conclude the marks to be disparaging.

On June 19, the Supreme Court unanimously held (8-0) that so called the disparagement clause of the federal trademark law (Section 2(a) of the Lanham Act), is an unconstitutional violation of the First Amendment’s Free Speech Clause.

The case arose out of the name of a Portland, Oregon, rock band “The Slants.”  All the members of the band, including the plaintiff and trademark applicant, Simon Tam, are of Asian decent.  Mr. Tam filed a trademark application to federally register the band’s name, “The Slants.”  The band chose the name to “take back” or reclaim a term historically derogatory of people of Asian descent.  The PTO refused to register the mark as “derogatory or offensive” based on the dictionary meaning of ‘slants’ or ‘slant-eyes’ and also because one of the band’s performances was purportedly canceled “because of the band’s moniker.”  Tam appealed the decision to the PTO’s Trademark Trial and Appeal Board (TTAB), but with no success.  The next appeal, to the Court of Appeals for the Federal Circuit, was successful.  The Federal Circuit, in an en banc opinion, overturned the TTAB’s decision and found that the disparagement clause is unconstitutional under the Free Speech Clause.  Then, the Supreme Court granted a request for review of the case filed by the PTO.

The disparagement clause reads as “No trademark … shall be refused for registration on the principal register … unless it (a) consists of or comprises … matter which may disparage … persons, living or dead, institutions, [or] beliefs … into contempt, or disrepute.”  The Court first clarified the meaning of the statute as being clear in its prohibition of registration of trademarks, which “disparage persons who share a common race or ethnicity.”

The Court then turned to the PTO’s arguments that federally registered trademarks are government speech as a form of government subsidy, and, the disparagement clause should be reviewed under the “government program” doctrine, which is outside of the protection of the First Amendment.  First, the Court confirmed that the PTO’s registration of a trademark does not make a trademark government speech describing the argument as “far-fetched.”  The Court further exemplified the PTO’s mischaracterization of government speech using several examples, such as “make.believe” by Sony or “JUST DO IT” by Nike.   The Court noted that trademarks are “dream[ed] up” and “edit[ed]” by applicants, and therefore, “have not traditionally been used to covey a Government message.”  The Court was particularly concerned that the PTO’s elimination of First Amendment protection to registered trademarks would similarly apply to copyright registration, which is inconsistent with copyright protection for free expression, and therefore, rejected the government speech argument.  The Court also rejected the PTO’s position that trademark registration is a government subsidy because applicants pay filing fees and maintenance fees to the PTO for registering a trademark and “every government service requires the expenditure of government funds.”  Finally, the Court denied the application of the “government program” doctrine, which provides a limited public forum for private speech based on the content or the speaker.  The Court noted that in this case, the PTO exercised “viewpoint discrimination” under the disparagement clause because, although the clause prohibited disparagement of “any person, group, or institution,” it only prohibited offensive wording – a “happy-talk clause” and went “much further than is necessary to serve the interest asserted.”  The Court found that the disparagement clause as “not ‘narrowly drawn’ to drive out trademarks that support invidious discrimination.”  Thus, the Court concluded the disparagement clause violates the Free Speech Clause.

In this decision, Justice Alito emphasized the importance of trademarks, which express viewpoints and ideas, no matter how short the mark.  The government cannot censor such expressions based on viewpoint discrimination.

Notably, the decision is likely also a “win” for the Redskins football team, in its long-running Redskin trademark case, Pro Football Inc. v. Blackhorse, 112 F.Supp. 3d 439 (E.D. Va 2015).  In addition, the PTO will need to follow the decision in its review of forthcoming trademark applications.  Importantly, this decision surely broadens the protection available for trademarks, although it may result in a somewhat less-wholesome and more shocking trademark registrations going forward.

Effective May 25, 2017, privacy statements that are “materially inconsistent” with how you handle consumer information violate a new amendment of the Oregon Unlawful Trade Practices Act (“UTPA”).[1]  A consumer may file a complaint against you based on the belief that you handle consumer information inconsistent with the terms of your privacy statements.  The Oregon Attorney General (“AG”) or a local district attorney (“DA”) has discretion to initiate an “investigative demand,” enforce a voluntary settlement, an “assurance,” that requires you to pay restitution, punitive damages to the injured consumers or enjoin your behavior.  Granted, you have the right to defend your interests and recoup damages that you incur due to a frivolous or malicious complaint.  However, in responding to an investigative demand, you still have to review your statements and processes to demonstrate consistency between your processes and statements to the FTC, AG or DA.  The first step in the journey is to conduct an audit proactively.

The amendment reinforces that performing an annual review of privacy statements and information handling processes is a good practice.  A responsible, comprehensive review should include your online privacy policy and the privacy statements in consumer contracts, cloud-hosting agreements, registration requirements and any other documents that describe your information processes and the information you require consumers to provide to you.  You should know how you and your organization process data before an AG or DA compels a public review by way of an investigative demand.

A “material inconsistency” between what you practice and what you preach violates the amendment to the UTPA.  Privacy statements about consumer information explain how, and for what purpose, the information is:

  • Collected,
  • Used,
  • Stored,
  • Disclosed,
  • Discarded, or
  • Deleted.

If you state that you only disclose consumer information to your vendors, you should only disclose the information to vendors.  If you disclose information with third party marketers without updating your privacy statements to identify the change in your process, you are taking action that is materially inconsistent with your privacy statement.

Your privacy statement should notify consumers of their right to control the information you collect and how you use it. Good privacy statements also explain why you need certain consumer information to meet your contractual obligations to the consumer.  Ideally, consumers will understand precisely what you will and will not do with their information after reading your privacy statements.  If consumers cannot understand your privacy statements, the probability of confusion and a resulting complaint increases.  Clarity is important in privacy statements to minimize the chance that consumers believe compliant companies use consumer information inconsistently with public privacy statements.

Now is the time to review the privacy statements in your consumer contracts, websites and publications.  Conducting a voluntary audit serves several purposes, including:  (1) avoiding a violation, (2) demonstrating your commitment to protect consumer information and (3) signaling your desire to meet the spirit of the amendment.  Additionally, if you are the subject of an investigative demand, you will benefit from already having information from your audit to formulate a defense.  Having current information immediately available to the investigating office may substantiate your commitment to comply voluntarily with the amendment.

Investigative demands may encourage voluntary compliance with the amendment. The stated purpose of an investigative demand is “to receive an assurance of voluntary compliance.” The investigative demand may require the subject, under oath or otherwise, to:

  • appear and testify,
  • answer written interrogatories,Money_Plants
  • produce relevant documentary material or physical evidence for examination,
  • agree or respond to an order restraining/halting the alleged unlawful practice, or
  • deliver an assurance of voluntary compliance.

O.R.S. § 646.618.

An assurance of voluntary compliance sets forth what actions, if any, the subject of the investigation intends to take with respect to the alleged unlawful trade practice.  The prosecuting attorney has discretion to reject a voluntary assurance, obtain a temporary restraining order or institute a collection or enforcement action for unpaid monies or violation of the assurance. O.R.S. § 646.632(3) and (7). The voluntary assurance may include the payment of restitution to consumers who have . O.R.S. §§ 646.632.  The court may also impose penalties up to $25,000 per violation in some circumstances and an award of reasonable attorney fees and costs at trial and on appeal.  O.R.S. § 646.642.  A “violation” includes each separate occasion on which you mishandle consumer information for each consumer, so there may be multiple violations associated with one consumer.

Investing in the review of privacy statements alongside your consumer information processes may be cheaper than responding to an investigation.  There are many “hidden” expenses associated with responding to an investigative demand:

  • Potentially harming your reputation with consumers and your business associates.
  • Responding to the investigation may distract employees and owners from doing their jobs.
  • Incurring unbudgeted legal fees to defend yourself and/or to prosecute your claim for a frivolous complaint.

Best practices:  Avoid the stress, strain and worry of an investigation by taking a few hours to audit your policies, contracts and processes at least once a year.

  • If you regularly conduct business in a state that enacts amendments and new legislation on a specific date, schedule your audit before the effective date to avoid a last minute scramble to comply.
  • Monitor the FTC’s decisions, rules and enforcement actions.  You can register through the FTC and most state attorney general websites to receive information about consumer privacy enforcement, legal updates and tips to help businesses comply with consumer protection rules: https://www.ftc.gov/stay-connected.
  • If you conduct business primarily online, see where your customers are located and familiarize yourself with the laws in those jurisdictions.[2]
  • You may want to test whether someone with a demographic profile similar to your typical customer understand your privacy statements.
  • Review the Consumer Complaint Form in the jurisdictions where you conduct business.  They generally identify specific classes of people the enforcement agency has a particular interest in protecting.  For example, the Oregon Department of Justice considers whether the complainants are veterans, over the age of 65 or speak English as a second language:  http://www.doj.state.or.us/consumer/pdf/consumer_complaint.pdf.
  • Ask someone unfamiliar with your business to read your privacy statements to test them for clarity.

Conducting a voluntary audit may be money well spent. If you do not have access to a money tree, run the numbers and make the business decision that works for you.

[1] The amendment is similar in application and remedy to the “deceptive” and “unfair practices” consumer protection regulations the Federal Trade Commission (“FTC”) enforces.  https://www.ftc.gov/news-events/media-resources/protecting-consumer-privacy/enforcing-privacy-promises.

[2] California, for example, requires entities that collect personal information from California residents to include statements regarding online privacy in privacy policies.  https://oag.ca.gov/privacy.

An earlier version of this blog indicated that consumers have a private right of action under the amendment.  At this time, enforcement actions are expressly available only to government actors.  Presumably, the legislature will  determine whether there is an implied right of action.

Michelle Lee resigned yesterday as the Director of the USPTO, effective immediately.  Ms. Lee’s resignation follows months of uncertainty regarding USPTO leadership during which time high-tech giants and politicians alike expressed much support for Ms. Lee to remain as the Under Secretary of Commerce for Intellectual Property and USPTO Director under the Trump administration.  Today, Secretary of Commerce Wilbur Ross named USPTO Associate Solicitor Joseph Matal as interim Director until Ms. Lee’s successor is named.  Former Federal Circuit Chief Judge Randall Rader; Philip Johnson, a SVP for IP Policy & Strategy at Johnson & Johnson; and Michael McKeon, a partner at Fish & Richardson have all expressed recent interest in leading the USPTO and have been rumored to have interviewed with Secretary Ross to replace Ms. Lee.

Data does not exist in a vacuum.  There are some very lucrative careers based on the extraction of multiple, divergent uses of a single data set.  It follows that the fitness tracker that collects and analyzes data to encourage healthy habits may serve you well after your death.  Attorneys and litigants must be cognizant of the new horizon data presents. Criminal, personal injury and maybe, inheritance law may soon rely on data in some surprising new ways.

Dead people do tell tales. Thanks in part to data on the victim’s fitness tracker, Connecticut State police recently arrested Richard Debate for the 2015 murder of his wife, Connie.  The investigators used data to contradict Richard’s various versions of the crime.

The story the accused tells:  Richard claims he was home alone when an armed intruder entered the house demanding cash.  When Connie walked into the house after her spin class, the intruder immediately shot her to death. The intruder tied Richard to a chair.  After the intruder left the house, Richard freed one of his hands and immediately triggered the home security panic alarm to summon the police.

The story the decedent tells:  Connie’s fitness tracker data indicates that Connie, or someone wearing her tracker, took 1,200 steps in the house, over the period of one hour after Richard said Connie was dead.  Six minutes after the tracker collected the final steps, Richard triggered the panic alarm of the home security system.

The story the dogs tell: K9 dogs found no evidence of an intruder or anyone other than Richard and Connie in the house during the murder. The dogs, well, doggedly, followed Richard when tasked with finding the scent of the alleged intruder.

The story the accused accidentally tells:  Richard’s computer, cell phone and social media data revealed an affair and a pregnant girlfriend.

Police obtained an arrest warrant and charged Richard with Connie’s murder, filing false reports and tampering with evidence.  Fitness trackers can inform on the wearer’s health, mood, location and ability to focus.  Trackers surveille more accurately than a combination of video, audio and a retired junior high teacher.

Fitness trackers are the equivalent of a plane’s black box.  Fitness trackers are essentially lie detectors rigged with a time and location stamp.  Depending on the sophistication of your tracker, it measures blood pressure, pulse, respiration, and skin conductivity—the same things measured during a polygraph test.  As premised above, the data that can assist the wearer to track physical activity has multiple uses, some life-saving, some life-affirming.

  • Analysis of the wearer’s vital signs saved a wearer’s life—doctors treated undiagnosed blood clots in the wearer’s lungs after the wearer noticed her excessively high resting heart rate.[1]
  • Red lines show the GPS movements of Seattle gladiator, Kelly Herron, as she battled for her life during an attack in park restroom.[2] Kelly’s intensity and relentless self-defense is obvious in the movements her tracker collected. Her account of the savage attack and fight corresponds with her fitness tracker data.

IP Blog 052517

Fitness trackers are emerging as a source of evidence in civil disputes.  The plaintiff, a former personal trainer, seeks to prove her diminished physical capacity after her injury through fitness tracker data showing she is not as active as the average woman of her age.  What next?  Might inheritance laws and wrongful death suits soon hinge on fitness tracker data?  Roll back time to the summer of 1991.

On July 16, 1999, the nation gasped and mourned the death of the son of Camelot.

John F. Kennedy, Jr., his wife, Carolyn Bessette-Kennedy, and his sister-in-law, Lauren Bessette, died when the plane Kennedy piloted crashed.  The National Transportation Safety Board determined pilot error was the cause of the crash.  When someone, especially someone wealthy, may be liable for an accidental death, a wrongful death lawsuit can be expected.  However, when spouses die simultaneously (actually, within 120 hours of each other in Washington) without children or a document such as a trust that explicitly directs the allocation of their estates after their simultaneous deaths, the inheritance would pass according to state law.  Many state simultaneous death statutes require that each spouse is considered to have predeceased the other.  This means that the next closest living relatives of the decedents divide the estates equally, according to the degree of kinship.  While laws have remained largely dormant, technology may force the legal field to evolve at a faster pace.

Fitness tracker data may have altered the division of the estates of the John, Jr. and Carolyn Bessette-Kennedy. 

Fast forward to 2017.  John, Jr. and Carolyn are wearing a fitness trackers when the plane crashes and data indicates one spouse died before the other.  Might the estates be disbursed differently now?  Would the heirs of the later expiring spouse have basis to allege a wrongful death claim?  Apply this hypothetical to other areas of law:

  • If you rear end a car will your fitness tracker data be used to show you are chronically sleep deprived?
  • If your tracker shows your heart rates increases when you are near your suspected lover, can that evidence be introduced in a divorce?

At first this may seem far-fetched, but consider that police are asking Amazon to release recordings from an Alexa in a murder investigation. This is truly an exercise in innovativeness.   Data in itself is neither good nor evil, helpful or harmful.  Make sure you know what data is [i]being collected, and how it is being used.  Ponder this as you achieve your daily step goal.

[1] CNN ROBERT JIMISON. “Fitness tracker clues woman in to life-threatening condition.” LOCALSYR. N.p., 04 Apr. 2017. Web. 25 May 2017. <http://www.localsyr.com/news/health-news/fitness-tracker-clues-woman-in-to-lifethreatening-condition/686839857>.

[2] “Instagram post by Kelly Herron ‍♀️ • Mar 6, 2017 at 6:48pm UTC.” Instagram. N.p., n.d. Web. 25 May 2017. <https://www.instagram.com/p/BRTqqdHD1No/?taken-by=run_kiwi_run>.

[i] Thanks to my Lane Powell colleague, Mary Lee Moseley for her advice on the Uniform Simultaneous Death Act.  http://www.lanepowell.com/20679/mary-lee-moseley/

Five months after rejecting a less detailed executive order on cybersecurity, Trump signed one on May 11, 2017 (Order). The Order notifies federal agencies that the “President will hold heads of executive departments and agencies (Agency Heads) accountable for managing cybersecurity risk to their enterprises.” Other key goals of the Order are to: (1) assess the scope and sufficiency of the U.S. cybersecurity workforce; (2) increase education opportunities to ensure the U.S. has the work force to protect itself and be competitive internationally; and (3) increase transparency in the software market.[1]  Proponents of the Order hope to strengthen the security of federal networks and protect the nation’s critical infrastructure. Coincidentally, the executive branch released the Order on the eve of one of the largest and very avoidable ransomware attacks in history, the viscious #WannaCry.

The President premises the Order on the belief that federal agencies are complicit in their vulnerability to cyber threats.

IP_PuppyThe Order identifies known, immediate threats to the security of the U.S. infrastructure including:

> Being lax about cybersecurity risk management;

> Using operating systems after the expiration of vendor support; and

> Disregarding patches and updates to remedy vulnerabilities.

Essentially, many federal agencies are complacent about cybersecurity.

The Order comes with a simple but proven tool box.

The National Institute of Standards and Technology (NIST) is a non-regulatory division of the Department of Commerce.  NIST’s original mission in the cybersecurityIP_Toolbox industry was to develop a voluntary framework to manage the cybersecurity risks that threaten the U.S. electric power grid and other critical infrastructure (Framework). The Framework’s simplicity and usability led private and public entities throughout the world and across countless industries to adopt it.

The Order requires that Agency Heads must use the Framework to develop realistic risk management plans. Agency Heads must modernize equipment and software, while increasing the sharing of IT services across agencies and being more receptive to monitor and address vulnerabilities. The timing of the Order, coming one day before the worldwide #WannaCry ransomware meltdown, illustrates the important, but too-long neglected cybersecurity and privacy concerns within the U.S. government.

WannaCry? Here is something to cry about.

Almost 250,000 computers in 99 countries (and counting) would not have been vulnerable to the WannaCry or WannaCrypt ransomware if their users had just restarted the network. Here is a quick primer on the WannaCry destruction.

Ransomware 101. Ransomware locks a computer’s files and the computer operator will get a message requiring the payment of somewhere between $300 and $1 million, give or take a few bitcoin, to get the files released.
IP_Shed_2Malware, called worms, spread ransomware attacks. How does malware get on a computer?  It, the worm, enters through a “hole” in the cybersecurity fence. How does a hole develop?  Inattention. How do you fix holes?  First, you have to monitor your fence line and know there is a hole. When you find a hole, you patch it. Then, you — the vendor or IT specialist — send updates to users, if the patch cannot be updated automatically, reminding them to restart their computers or networks to download the patch. Just like that…fixed.[2]

The perfect storm of using outdated software, not looking for holes and ignoring updates permits the nightmare of WannaCry ransomware to spread. One of the most exploited targets of WannaCry is a version of software that its vendor has not sold since 2008 or supported since 2014. Users who updated the exploitable software were safe. Those who did not update to acquire the patch may have been infected.

No solution is fail-safe. Nevertheless, at a minimum, use the tools provided to you by the software vendors, IT technicians and NIST. The continued safety of the U.S. relies in part on keeping the infrastructure free of malware and fully patched. The Order has a wide-range of obligations, analysis and goals that ultimately may not be achieved within the stated timeframe. There’s a patch for that.

[1] Software is treated as a one-time capital expense, depreciating over time. This pricing model ignores the reality that software is never truly finished — it always needs a new version or update to increase efficiency and reduce vulnerabilities. This aspect of the Order merits discussion, but not here, not now.

[2] The author clearly has a problem with holes in buckets also:  http://www.beyondiplaw.com/2016/06/23/reputation-matters-dont-lose-opportunities-due-to-inaccurate-personal-data/

Having read the recent Supreme Court decision of Star Athletica v. Varsity Brands and the new unified test for copyright protectability in useful articles, we can now turn to the challenge of what actual changes will result from this opinion. http://www.lanepowell.com/wp-content/uploads/20170329Intellectual-Property-Legal-Update-Spelman.pdf.

While nothing changes with regard to how trademarks are handled in the useful article world, there are some practice tips that will strengthen the opportunity to protect what designs are eligible for copyright. Each of the practice tips below revolves around working proactively. Copyright is a game played proactively for best and most predictable results. These tips are calculated to make that proactivity a system that works in your favor:

1. Document: as you design, keep documentation of the iterative drafts and the dead ends that you consider as well as the final design. If there is a challenge that your design in an infringement, it is useful evidence to demonstrate that you were truly designing new work and that you evolved the final design out a whole field of discarded drafts;

2. Focus: if you do review the current field of existing designs as you search for the new design option, clear the work area of all the prior designs. It is too easy to “borrow” or be “inspired” by existing designs when that prior design is right there in front of you;

3. Register: file copyright applications early and often at the U.S. Copyright Office using the “Electronic Copyright Office” (“ECO”) filing system. Optimally, you will keep a file of the works that you are designing. Filing a batch of new copyright applications every calendar quarter (90 days) is a sure way to be certain that you are going to get the benefits of claiming statutory damages and attorney’s fees in every dispute… And the consequential benefit of having a remarkable archival demonstration of what you are creating and have created;

4. Drive: check to be sure that any license or distribution agreement includes provisions that you are in control of dispute resolution, including litigation. Sometimes found in the “indemnity” clause; sometimes in a separate clause, but do provide for what happens when things go wrong:

5. Notice: while no longer mandatory, there are substantial legal and practical benefits to affixing notice on the article being distributed. For instance, if you are publishing code for 3-D printing, be sure to include a copyright notice in the object code, or as part of the surface of what is “printed”;

6. Clarify Ownership: be sure to clarify who is the claimant/author of the work each time. Who owns the design becomes very important. Remember that independent contractors (those whom you pay using an IRS 1099 reporting form) are the authors of their design unless there is a written assignment to you.

Copyright is stronger and a more reliable as an asset when the ownership and the registration process is faithfully worked through as a standard operating procedure. Proactive habits are pivotal to a viable copyright program.

Beyond_IP_Law_Black-and-WhiteAmerican and Canadian data scientists, librarians, hackers and activists have united in a “rogue” movement to locate and archive climate data maintained by U.S. agencies.  Environmental scholars and librarians at the University of Pennsylvania founded DataRefuge in late 2016.  The purpose of DataRefuge is to prevent the new U.S. administration from adapting former Canadian Prime Minister Stephen Harper’s treatment of a centuries’ worth of scientific data.

What happened in Canada?  How, pray tell, did P.M. Harper’s administration treat environmental data when he controlled the administration between 2006 and 2015?  The administration: Burned it; Stripped it from websites; Closed research libraries; Expanded budgets to include salaries for assigned administrative “minders” to accompany scientists to media and scholarly events; Threw hard copies of generations of data into dumpsters; and Created an effective public media blackout on climate change, because the bureaucracy so frustrated journalists that media coverage of government environment research dropped by 80%.[1]

Ok.  So this sounds bad, but nothing really bad happens when a government scientific data is not available to the public, right?  Not much.  Just overfishing, lag time in addressing viruses affecting plant and animal based food sources and the underestimation of the levels of radiation released from a nuclear plant in Japan.[2]  By the time Canadian scientists held a mock funeral for the “death of scientific evidence” on Parliament Hill in 2013, the public had lost access to scientific data needed to set appropriate fishing quotas that are needed to provide stewardship of the fishing industry for decades.

What is happening in the U.S.?  Newly formed oversight organizations such as the Environmental Data & Governance Initiative[3] are documenting ‘changes’ in the U.S. government’s transparency on scientific issues.  “Changes,” means the public can no longer access data that the government has compiled for over a century at great cost, mostly funded by public monies.  The United Kingdom announced the funding of £14 million (approximately, $17 million U.S.) “to ensure that the published outcomes of publicly funded research are made widely accessible as quickly as possible.”[4]  Most would say that despite their different approaches to personal privacy, the U.S. and the U.K. share the same core ideology about government; yet the U.S. is actively hiding data that was previously available to the public as the U.K. is broadening access to data that has not yet been collected.  Oh the irony!

M.I.A. Data.  What is missing from U.S. federal government websites this Beyond_IP_Law_Puppiesmonth?  Data from the: (1) Department of Energy showing the correlation between burning coal and greenhouse gas emissions, (2) Interior Department related to the negative effects of hydraulic fracturing on federal land,[5] and the (3) U.S. Department of Agriculture’s Animal and Plant Health Inspection Service identifying circuses, zoos, research labs and puppy mills that violated the Animal Welfare Act and the Horse Protection Act.[6]

None of the agencies provided prior notice of the changes to their websites as required by the 1995 Paperwork Reduction Act.  The USDA reposted some records about violators after the American Humane Society threatened to sue, but data about puppy mills and zoos is still missing.[7]  Puppies! Cue, Sarah McLachlan’s “In the Arms of an Angel” commercial for the ASPCA.  Seriously, puppies. I would like to know which businesses mistreat them so I can do something about it.  Open access groups anticipate additional limits on the types of data will be disclosed.[8]  So, what can be done to keep data accessible? Are there private actors that can fill the holes in the government’s reporting?

What are the risks to the citizens and political oponents?  Activists are concerned that the public will not have access to the data necessary to hold the government accountable.  Accountability requires knowledge.  Remember when the hardest working, most experienced beat cops solved crimes on TV by wearing down the suspects and not stopping until every witness had been interviewed?  Now cops solve crimes with algorithms, autoclaves and TrueAllele.  Villains no longer steal gold ingots; they steal thumb drives.  The power shift from power to knowledge is evident in cinema and life.  “The Firm,” a movie that is about photocopying records to help the FBI, is converse to the strategy employed by Enron, which was to shred data before the government could seize it.

Dr. Bethany Wiggin voiced her concern that the politicization of science may keep “knowledge out of the hands of your political opponents,” which is “an effective win.”[9] Without data to correlate the presence of certain chemicals to illnesses lawsuits, implementation of product safety measures and conservation of animals will be much more difficult.  Knowing that child mortality increases when the new power plant opened in town is a fine thing to know.  But, only when you can prove the connection between the two is when you have the power to effect change.

“Rogue” U.S. data scientists, librarians and hackers are mobilized and making a difference.  Absent government websites with comprehensive scientific data, the public will be forced to rely on Freedom of Information Act requests or through nonprofit journalism websites like Mother Jones or the Sunlight Foundation.  Non-profits may be the best option to preserve existing data. Since November, DataRefuge, alone has hosted almost 20 events in several cities, including New York, Ann Arbor, Chicago, Los Angeles and Toronto.  Data scientists are not waiting to see how far the deletions go.  Instead, they assume that what happened in Canada will happen in the U.S.

Sometimes, apparently, you have to play dirty to preserve data.   Data scientists identify where the data is, or was, downloadable. Determine whether you can scrape the data off pages with web crawlers, if you need to write data-harvesting scripts or use other means.  Save the data somewhere safe.  The DataRefuge reportedly saves climate data to the Internet Archive or a research library.  The librarians (I LOVE librarians!) organize the data consistent with its original descriptors and try to keep the data free of evidence of handling.  Simple, right?  No.  Below are links to organizations that seem to have it all sorted out for you.  I do NOT support hacking; but I understand.

I don’t know about you, but if data scientists and librarians are consorting with hackers, I am terrified what will happen if they lose.  Let’s hope no fires in the U.S. are fueled by 60 years of climate data.

Beyond_IP_Law_Volcano Harvard Business Review and The Guardian have described data scientists like this:  Data Scientist: The Sexiest Job of the 21st Century and Data scientists: ‘As rare as unicorns.’  Now data scientists have an origin story.

Below are links to nonprofit organizations that are able and willing to assist others in joining the effort to preserve data before it is out of the public’s reach.  You can support and contact data preservationists at the links below:














[1] Palen, Wendy, When Canadian Scientists Were Muzzled by Their Government, NY Times, Feb. 14, 2017, https://www.nytimes.com/2017/02/14/opinion/when-canadian-scientists-were-muzzled-by-their-government.html?rref=collection%2Ftimestopic%2FHarper%2C%20Stephen%20J.&action=click&contentCollection=timestopics&region=stream&module=stream_unit&version=latest&contentPlacement=1&pgtype=collection; and Sowunmi, Jordan, The Harper Government has Trashed and Destroyed Environmental Books and Documents, Vice, Jan. 15, 2014, https://www.vice.com/en_ca/article/the-harper-government-has-trashed-and-burned-environmental-books-and-documents.

[2] Manasan, Althea, FAQ: The issues around muzzling government scientists, CBC News, May 20, 2015, http://www.cbc.ca/news/technology/faq-the-issues-around-muzzling-government-scientists-1.3079537.

[3] https://envirodatagov.org/.

[4] Research Councils UK, RCUK announces 2016/17 Block Grant for Open Access, Oct. 19, 2016, http://www.rcuk.ac.uk/media/news/161019/.

[5] Harmon, Amy, Activists Rush to Save Government Science Data – If They Can Find It, Save the US EPA, Mar. 7, 2017, https://savetheusepa.org/2017/03/07/activists-rush-to-save-government-science-data-if-they-can-find-it/.

[6] Chan, Melissa, The Government Purged Animal Welfare Data.  Now the Humane Society is Threatening to Sue, Time, Feb. 6, 2017, http://time.com/4661446/usda-animal-website-humane-society-lawsuit/.  

[7]Lewis, Lauren, Puppy Mill Inspection Reports Still Missing From Partially Restored USDA Database, World Animal News, Feb. 21, 2017, http://worldanimalnews.com/puppy-mill-inspection-reports-still-missing-partially-restored-usda-database/.

[8] In January, a bill was introduced to limit “the collection and disclosure of data about racial disparities in fair housing.”  Larson, Selena, Why Trump’s election scares data scientists: Trump administration removing info from websites, CNNMoney, Feb. 25, 2017, http://money.cnn.com/2017/02/25/technology/data-refuge-saving-data/index.html.

[9] Id.

The World Intellectual Property Office (WIPO)  has released its 2016 Uniform Dispute Resolution Proceedings (UDRP) statistics.  http://www.wipo.int/pressroom/en/articles/2017/article_0003.html. The overall number of new cases increased by 10 percent over the previous year. WIPO indicates that this surge of new cases relates to the new generic Top-Level Domains (gTLDs) that have come online during the year.

Trademark owners filed 3,036 disputes involving a total of 5,374 domain names. It appears that .XYZ (321 domain names disputed), .TOP (153 domain names disputed) were the most common of the new GTLDs to be involved. That number still pales in comparison to the number of domain names disputed in the .COM (3135 domain names disputed), .NET (272 domain names disputed) and .ORG (129 domain names disputed).

The United States accounted for 895 cases being instituted with a corresponding 680 cases where a US entity was the Respondent. France came in second, with 466 cases being brought by a French entity. China took the honors of being the second most likely source of Respondents to actions, with 473 cases.

So, what does this mean? It appears that the original gTLD’s, in particular .COM is still the most contested (and sought after) domain address. That doesn’t appear to be going away anytime soon. It also means that with the increase of the new gTLD’s, trademark owners should consider monitoring their trademarks in the .XYZ and .TOP gTLDs in addition to the .COM gTLD. While it would be great to watch trademarks in all of the new domains, it can be financially prohibitive. Choose your battles, win the big wars.

Does your business run and maintain a website? Does it create or license website or other content? Does it run and implement software? If you’ve answered yes to these questions, but haven’t yet considered the importance of copyright to your business, here are 10 tips to ring in a safe and proactive 2017.

  1. The Digital Millennium Copyright Act (DMCA) imposes strict piracy “anti-circumvention” measures meant to protect copyright holders from copyright infringement on the internet. But because the DMCA captures an otherwise large swath of internet service providers who do not have control over what content is posted to or distributed from their websites, the DMCA has a “safe harbor” provision that protects service providers from incurring legal liability in copyright infringement actions. If you qualify for the DMCA Safe Harbor, you must register your company as a Designated Agent for Service of Process at the Copyright Office to benefit from the Safe Harbor protections. To learn more about the DMCA, read this recent white paper.
  1. Unsure how copyright applies to your business? Continue your own copyright education and task someone within your company to keep abreast of the latest developments in copyright protection and compliance.
  1. Develop a written copyright policy or copyright guidelines. Have the same copyright questions arisen again and again in your organization? Year end is an ideal time to compile nagging questions and prepare short practical answers. Circulate copyright Q&As to your colleagues or post them to your intranet site. Having a copyright knowledge database may help your organization better comply with copyright laws, and help you identify how you can improve or update your policies or guidelines.
  1. Do you create content that you distribute to the public? Your content may be a “work” that qualifies for copyright protection. Although copyright registration is voluntary in most countries, consider registering your works with your country’s copyright office. Rather than registering individual works, register a group or collection of works produced during the year to save time and registration fees. While the grant of copyright arises automatically, copyright registration is necessary if you plan to enforce your rights through legal action.
  1. Have you licensed content outside of your organization? Prepare a database of all content your organization has licensed. Whether it’s an image to use on a promotional brochure, or content from a large electronic database, include all content in a single searchable database that allows you to quickly and easily locate that content and determine what rights you have in it.
  1. Review your license agreements and create an “ultimate” list of protections and guarantees that your organization needs from its license agreements. Do you need remote access or the right to share a PDF file? Do you need to make print-outs, or post articles to your intranet? What about using portions of the database for internal education or external seminars? Use the list to set the parameters for your future license negotiations.
  1. Consider your 2017 budget for permissions, licenses and copyright training. Consult with subject matter experts in your organization to understand their needs and preferences. Prepare a budget and ensure you have the funds you need to meet your copyright management goals. Brainstorm how to get the copyright message to your colleagues and employees. Often, recurring lunches or coffee chats with a diverse group of internal stakeholders and speakers from photography, library services, web design or other professional disciplines with copyright expertise can help sensitize your office to important copyright issues without overburdening your team with cold policy documents or rote lectures.
  1. Review your agreements with consultants. Does your company expect to retain copyright ownership in consulting reports? Make sure that this is clearly stated in your agreement and, if necessary, provide for an assignment of rights to your organization. If consultants own their works, review the rights your organization retains in any consultant work. If you are a consultant, review and understand the rights you have in your work.
  1. Undergo an intellectual property (IP) audit. It’s important to know that the content and computer software you are using is legal and properly licensed. Also, an IP audit will identify the IP that you own. Armed with that knowledge, you can then learn how to market, license and/or profit from leveraging your IP.
  1. Set up a mechanism for monitoring the legal use of your own online content on an international basis. This can be as simple as regularly undertaking search engine searches. But you can also hire a professional who specializes in finding unauthorized uses of content. Piracy is not only the domain of the software and entertainment industries. You may be surprised to find that your individual or organization’s rights are being exploited, and that your works are being used and perhaps even sold without your permission.

Copyright is a value-add opportunity for every business, and the best benefits are obtained by acting proactively to ascertain ownership and keep the copyright assets in ready order for offensive or defensive play.

In Brief: The recent Second Circuit decision in EMI Christian Music, Inc. v. MP3tunes, LLC builds on BMG Rights Management et al v. Cox Communications, further emphasizing that courts expect online service providers and website platforms to develop and enforce robust infringement response policies — or else risk losing their safe harbor under the Digital Millennium Copyright Act (DMCA). EMI stands as an important notice to all online service providers, especially those with peer-to-peer sharing or user-generated content features, to be vigilant and thoughtful about addressing infringement.

Online service providers should not turn a blind eye to copyright infringement happening on their watch. Since the rise of peer-to-peer file sharing, Internet service providers (ISPs) and website platforms have become the front line for preventing copyright infringement.

Content sharing on the Internet sparked a new line of case law in the early 1990s, including the seminal Religious Technology Center v. Netcom On-Line Communication Services, Inc., 907 F. Supp. 1361 (N.D. Cal. 1995), wherein the court found that a large Internet access provider could be liable for the copyright infringement of its subscribers. A few years after the case, in 1998, Congress passed the DMCA as a means of regulating online service providers and giving them some safeguards.

As peer-to-peer sharing platforms began to gain popularity in the early 2000s, copyright holders could no longer easily pursue individual infringers and began looking for alternative ways to protect their interests. The DMCA proved to initially be a barrier because it has a safe harbor to shield online service providers from monetary liability when someone brings a copyright infringement claim, making recovery against online service providers difficult for copyright holders. But the safe harbor is not a free lunch — online service providers must meet a variety of criteria in order to remain eligible for its protections.

Copyright holders have taken hold of the safe harbor eligibility requirements as a litigation tool for recovering from ISPs and website platforms. In BMG Rights Management et al. v. Cox Communications, 2016 WL 4224964 (E.D. Va. Aug. 8, 2016), which has been appealed to the Fourth Circuit, the court began its opinion by setting the historical stage: “This lawsuit is the latest in a years-long initiative by copyright holders to enlist the courts in the effort to curb the rampant infringement made possible by peer-to-peer file sharing on the Internet.”

One major statutory requirement for safe harbor protection is that the service provider must have adopted and reasonably implemented an internal policy for terminating subscribers and users of its system or network who are repeat infringers. Courts have increasingly emphasized the importance of this statutory requirement. It has become a key battleground, forming the center of the disputes in two pivotal cases: BMG Rights Management et al. v. Cox Communications, 2016 WL 4224964 (E.D. Va. Aug. 8, 2016) and EMI Christian Music, Inc. v. MP3tunes, LLC, 2016 WL 6211836 (2d Cir. Oct. 25, 2016).

In BMG, the copyright holder went directly to the source — the ISP — as the party responsible for preventing copyright management and ensuring users do not abuse website platforms. The BMG court allowed this approach, putting the onus on ISPs to develop real programs to combat infringement. The work begun in BMG was amplified in EMI, wherein the court held that online service providers that passively allow website or service users to engage in copyright infringement and fail to develop real policies to prevent abuse run the risk of losing their DMCA safe harbor protections. The resounding message from this line of cases: If ISPs and website platforms want to maintain their DMCA safe harbor, they need to develop and enforce robust response mechanisms.

Repeated Infringement Policies and Safe Harbor: A Closer Look

The BMG case involved BMG, a music company, suing Cox Communications, an ISP, for users of Cox’s ISP engaging in illegal music sharing on their network. Cox claimed that it could rely on the DMCA safe harbor because it had a response system for addressing repeat infringers. The court described Cox’s system as “essentially a thirteen-strike policy” wherein a user would have to commit several violations in order to be terminated — and even then could be reactivated quickly. The jury sided with BMG, finding Cox liable for willful contributory infringement and awarding BMG $25 million in damages. Cox sought to have the court overturn the verdict, but the Court declined. Instead, the court found, among other things, that “there was sufficient evidence for a reasonable jury to hold Cox responsible for the infringement of BMG’s copyrights on its network. . . . Cox could not [ ] turn a blind eye to specific infringement occurring on its network.” The court acknowledged that exposing ISPs and other intermediary online service providers to exposure for their users’ behavior “raises the specter of undesirable consequences that may follow,” but the court hoped the BMG case “may provide the vehicle for consideration of those questions.” The BMG case certainly held open the door for other courts to consider what policies and practices ISPs and other online service providers must have in place against repeat infringers to keep their DMCA safe harbor intact.

In EMI, the Second Circuit took up this question with MP3tunes, a music storage site that allows users to upload and store songs obtained from elsewhere on the Internet. EMI brought an action against MP3tunes in the Southern District of New York, claiming that MP3tunes was lax in responding to repeat infringers. The District Court disagreed, but the Circuit Court overturned the District Court and held MP3tunes in violation. The Circuit Court issued two main holdings:

  1. The meaning of “repeat infringers” in the DMCA does not require that the infringers be willful. Someone can qualify as a repeat infringer even if they have no knowledge that their behavior is infringing another’s work. “[T]he legislative history of the DMCA indicates that a ‘repeat infringer’ does not need to know of the infringing nature of its online activities, or to upload rather than download content.” This puts more pressure on online service providers to take serious efforts to connect infringing activity to users, checking for patterns and notifying all users who infringe. MP3tunes failed to do this because it did not investigate those who downloaded content and did not attempt to monitor use patterns in a consistent way.
  1. The EMI Circuit Court turned to what triggers need to be present before the online service provider needs to act to keep its DMCA safe harbor. The DMCA does not obligate a service provider to actively monitor or act on only a “generalized awareness” of infringement. If a copyright owner wants to overcome a service provider’s DMCA safe harbor, the copyright owner needs to prove that the service provider had 1) actual knowledge or 2) an awareness of facts or circumstances making specific acts of infringement obvious. The Circuit Court, based on this rule, upheld the jury’s verdict due to MP3tunes’ apparent knowledge.

Following the EMI ruling, MP3tunes requested reconsideration under the argument that the EMI court had effectively eliminated the DMCA safe harbor. The Second Circuit recently declined to reconsider its decision.

The Bottom Line: Take Steps to Stop Repeat Infringers

The case law is still in flux, but what the BMG and EMI opinions demonstrate is an increasing judicial focus on ensuring that ISPs and online service providers take tangible measures to prevent repeat infringers — or risk jeopardizing their DMCA safe harbor.