Facebook’s terms of service give Facebook the unlimited right to use any photos, videos, and other intellectual property content posted on the site. Facebook acknowledges that ownership of the content is retained by the user, but the ownership rights are subject to the license granted by the user to Facebook. Twitter similarly acknowledges that ownership of content remains with the user, but also claims an unlimited license to use the content.
It’s quite tempting to use content posted by friends and others on social media sites. Whether the use is personal or commercial, or for public or private use, some content is simply very good, and users may want to use the content for a variety of purposes. The rights granted to Facebook, Twitter, and other social media sites are very broad, and sharing takes place freely, but the sharing rights are not unlimited.
In a case decided earlier this year in the United States District Court of the Southern District of New York, the court decided what rights third parties had to photos posted on Twitter. Daniel Morel, a photojournalist, was in Haiti at the time of the devastating earthquake in January 2010. He took several photographs of the scene after the earthquake, and posted them on Twitter through his TwitPic account. Shortly after Morel posted his photos on Twitter, they were reposted to the account of Lisandro Suero. Through a series of events, some of the photos were downloaded by Agence France Presse (“AFP”), a French news agency that maintains and online photo database, and some of the photos were licensed by AFP to Getty Images through a reciprocal license agreement to display images.
AFP brought the action against Morel seeking a declaration that its acts did not constitute copyright infringement. Morel filed a counterclaim against AFP, Getty Images, and the Washington Post seeking a determination that they each willfully infringed his copyright in the photos.
One of the arguments made by AFP was that it was not liable for copyright infringement, because Morel granted it a license to use the photos by posting the photos on Twitter. AFP acknowledged that the act of posting photos online did not eliminate Morel’s copyright in the photos, but argued that it had a license to use the photos through the Twitter terms of service. Alternatively, AFP argued it was a third party beneficiary of the Twitter terms of service. The court was not persuaded by either of these arguments.
The court acknowledged that Twitter encouraged and permitted broad reuse of content, but also found that Twitter did not grant an express license to AFP to use the photos for purposes other than reposting. The Twitter terms of service provide that the user, by posting content, grants to Twitter a worldwide, non-exclusive, royalty-free license to use content in any and all media or distribution methods. The terms of service further provide that Twitter may make content available to other companies, organizations, or individuals who partner with Twitter. But the court found that the terms of service did not give AFP the rights of use it claimed in the litigation.
Photos and other content on social media sites generally may be reposted. The current Twitter terms of service provide that “this license is you authorizing us to make your Tweets available to the rest of the world and to let others do the same.” Facebook’s terms of service are similar. However, the rights granted are not unlimited, and specifically do not include the right to download and license photos posted on Twitter or Facebook to third parties.
There are two potential ways to have permission to repost or otherwise use a photo or other content posted on a social media site. One is to contact the owner of the copyright and obtain permission directly from the owner. The second way is to fall within the terms of the terms of service of the social media site. Before relying on the site’s terms of service, however, it should be clear that the use falls within the scope of the license granted in the terms of service, and that the person using the content is an intended licensee or beneficiary under the terms of service.
As Agence France Presse learned the hard way, using without permission another’s content posted on a social media site is still copyright infringement.
Startups usually operate on a shoestring budget with a minimum number of employees and resources. Many, if not most, of the formalities of a Fortune 500 company simply don’t exist. Many times even basic formalities don’t exist. So, how does a startup determine who owns software developed by a developer engaged by the fledgling company?
The rules of ownership for software are fairly straightforward. Software created by a developer who is employed by a company is owned by that company. But software created by a developer who is an independent contractor is owned by the independent contractor developer. Under federal copyright law, creative works, which include software, created by an employee within the scope of his or her employment are owned by the employer. This is referred to a as a work made for hire. The relevant issue, then, is whether the developer is an employee.
When it is clear whether the developer is an employee or independent contractor, it is also generally clear whether the software is owned by the company or the developer. But in a startup where formalities surrounding employees are often fuzzy at best, the answer to the question is now always clear.
In a case heard in the Ninth Circuit Court of Appeals, the court considered whether a startup software company owned software being developed by a developer associated with the company, or whether the developer individually owned the software. To the disappointment and frustration of the developer, the court found in this case that, although the startup company did not follow many of the formalities it should have followed to treat the developer as an employee, the developer was still found to be an employee, and therefore, the startup owned the software, not the developer.
To reach its conclusion that the developer was an employee of the startup software company, the court looked at several factors. Perhaps most prominent was that the company was a startup, and the failure to follow certain legal formalities did not weigh as heavily in favor of finding that the developer was an independent contractor as it may have in the case of a more established business enterprise. The court cut some slack to the entrepreneurs struggling to work through the startup phase. The court in essence recognized the reality of entrepreneurship.
Specifically, in finding that the developer was an employee and not an independent contractor, the court looked at several factors and found that (a) the developer did more for the entrepreneurial enterprise than just work on the software, (b) the developer was paid a regular salary, although some of the compensation was in the form of stock, and (c) the developer’s work at the company was integral to the success of the business in general. The court considered the arguments made by the developer that the developer should have been treated as an independent contractor because (x) his hours were flexible,(y) the company did not exercise much control over the developer, and (z) the company failed to treat the developer as an employee when it came to forms and the payment of taxes. But again, the court gave the startup great latitude, and said that the company conducted its business more informally than an established business might have done, and the expectation for formalizing the employment relationship was not high.
In this case, the company was lucky, and the developer was left to negotiate for additional rights or additional compensation based on the software. But there is no need to leave the determination of ownership. Any software developer and company should reach a decision whether the developer is an independent contractor or an employee, and then appropriately document the relationship and the ownership. It should be clear what the intent of the parties is regarding ownership of software, and any other copyrighted works. In this case, the court stretched to find that the company owned the software, but another startup, or a more mature business might not be as fortunate.
Domain names are alpha-numeric addresses that direct users to websites. Unlike other rights regarding other property, domain name registration rights are limited and revocable. As a result, protecting domain name rights is critical to any business with a web presence. In today’s environment, that includes most businesses.
Real property has a title associated with it, and the owner of the real property has the exclusive right to use the property, sell the property and further develop the property. The property rights never terminate. Although the property may be subject to the rights of a lender, an easement holder or the government for taxes and assessments, the fundamental property rights vest in the owner.
Domain name rights are very different. Domain names are registered to a registrant by a registrar, such as GoDaddy or Network Solutions. The domain name registrant does not have property rights, but instead has contract rights. When a domain name is registered, the registrant agrees to comply with the contractual terms and conditions established by the registrar for the use of the domain name. The terms and conditions will include a specific time that the domain name will be registered, and it will include terms under which disputes over domain names may be resolved.
With these basics in mind, protecting domain names is different from protecting rights in real property. Domain name rights are only as valuable as the rights of the registrant under the contract whereby a domain name is issued or registered. Here are some practical tips on protecting your domain names:
1. When a domain name is registered, the registrant is required to provide the name of the registrant, and the administrative and technical contacts. These are the people who may exercise the rights of the domain name registrant. If the name of the registrant and the administrative and technical contacts are not accurate, the domain name registrant may lose value rights in the domain name. Make sure the name of the registrant, administrative contact, and technical contacts are persons controlled by the domain name registrant. Failure to take this step could lead to the inability to change where the domain name is directed or to otherwise maintain the domain name. Websites are moved from time to time to different hosts or servers. If the registration information is not correct, the owner of the website may not be able to move the website, and may in fact, never have rights to the domain name.
2. Domain names usually become trademarks and trademarks are used as or in domain names. It is critical to make sure the registrant has cleared the domain name for trademark use and registration, and for potential infringement. If a domain name infringes on the trademark of another, the registrant could be forced to shut down the website associated with the domain name, or adopt a new domain name. Like trademarks, substantial goodwill can become associated with domain names.
3. Obtain federal trademark registration for the domain name, or at least the domain part of the domain name. The Anti-Cybersquatting Consumer Protection Act and the Uniform Dispute Resolution Policy both provide remedies for trademark owners where domain names are registered in bad faith in connection with such trademarks.
4. Typosquatting is the practice of registering domain names by third parties which are off by a letter or two from the original domain name. The typosquatter then derives traffic from the original domain name. If the typosquatted name is infringing, the registrant may be able to force a transfer of the domain name, but another way to avoid having to take action is to register a variety of iterations of the domain name to help avoid typosquatting. It would be impossible to avoid any potential typosquatting, but the more similar domain names that are registered, the lower the risk of typosquatting.
5. Purchase long-term contract rights. Not only are longer-term contracts less expensive on an annual basis, but they reduce the risk of the domain name expiring without being renewed.
Unfortunately there is no easy way to protect domain names from the many possible challenges that can arise. Generally speaking, each domain name owner should adopt a practice for protecting domain names and avoid the potentially catastrophic results of failing to take appropriate action.
When I enter into a license agreement for the use of software, I plan on using the software for as long as the license grants me the right and I comply with the terms of the license. When I sell a used car to a neighbor, I don’t expect to have the right to take it back after a few years. When I purchase a new electronic device through amazon.com, I don’t anticipate Amazon asking for it back at some time in the future. Usually when we purchase a product or service we can plan on keeping the product or using the service for as long as we want, or for as long as we continue to pay for the service.
However, in the world of copyright, beginning effective January 1, 2013, the owner of a copyrighted work may terminate rights granted to a third party thirty five years earlier, whether the rights granted were a full assignment of the work, or limited rights under a license. Copyrighted works are virtually any original works created by someone. For example, songs, music, computer software programs, photographs, electronic images, books and publications, and websites may all be copyrighted works. The author or creator of the works generally owns them, and has the right to control the use, reproduction, and distribution of the works, among other rights.
Copyright owners may give rights in the copyrighted work to others by assigning the copyright, or the owner may grant a license that allows for use of the copyrighted work under the conditions of the license. When the copyright in a work is sold or assigned, the original owner of the copyright has no residual or remaining rights in the work. When a work is licensed, the rights of the owner are subject to the rights of the licensee under the license.
The Copyright Act provision, which was adopted thirty five years ago, allows the owner of a copyrighted work that has either been assigned or licensed, to terminate the assignment or license. If the owner is dead, the estate of the owner may exercise the right. When the right is exercised, all rights granted by the copyright owner revert back to the original owner. This right may be exercised thirty five years after the date of the original assignment or license, which means that this year is the first year these rights may be exercised. If there are multiple owners of a jointly created work, then a majority of the owners may exercise the right to terminate an assignment or license.
Frequently when a similar right exists in another setting, the parties might seek to have the copyright owner waive the right of termination to avoid the potentially significant impact of the termination right. Unfortunately, in this case, an agreement to renew the assignment or license after the right to terminate is effective only if it is made after the effective date of the termination.
There is at least one significant exception to right to terminate. The statute does not apply to works made for hire. Generally speaking, works made for hire are works created by an employee within the scope of his or her employment. The employer owns the works in this case, and such works are not subject to the obligation to return the works. If the work is a work made for hire, the employer, as the owner of the work, may not exercise the right to terminate an assignment or license of the copyrighted work.
Not much has been said about this provision of the Copyright Act, and that’s probably because it has only now been thirty five years since the statute was adopted. More will be said, and rights will certainly be challenged. But assignees and licensees of copyright rights need to be aware of this potentially significant development.
Most of us know that the words we read and photographs we see online, in books, and in other media are probably protected by copyright law. But who owns the text, images, graphics and other copyright protected works? Who may enforce the copyrights?
As mentioned in a previous post, the person who creates a work is the owner of the copyright in that work. The author of a book is the owner of the copyright in the book. The photographer of an image is the owner of that image. But there is one significant exception: when a work is created as a work made for hire.
Under the work made for hire doctrine, an employer owns the works of an employee created within the scope of his or her employment. So long as the creator is an employee and not working on a project outside of his or her normal duties and responsibilities, most likely the work created will belong to the employer. If the employee wants to retain ownership of the copyright of the work, prior to the creation of the work, the employee and employer should discuss an assignment of the copyright to the employee, and consideration should be given for the assignment. Another option is for the employee to receive a license to use the work. In this way, the employee is not prohibited from using the work he or she created.
Transfer of ownership in a work itself does not transfer the copyright. For example, purchase of a piece of original art gives the purchaser the right to own and display the artwork, but it does not convey ownership in the underlying copyright. As a result, the purchaser may not make copies of the artwork, post images of the artwork online, create derivative works or distribute copies of the artwork. Similarly, if a copyright in artwork is transferred by assignment, the assignment does not necessarily include ownership of any material objects created under the copyright. The material objects and the copyright rights are distinct and treated separately.
Sometimes authors or other creators of original works collaborate on a project, such as computer software. If the contributions of two or more creators are integrated into the overall work and are inseparable, the authors become joint authors and co-owners of the entire work, regardless of the amount of their individual contributions. One software developer may code 10 percent of the program and another may code 90 percent, but both are equal owners of the entire software program. Joint authors may use the work as if there were no other owners, even if the other owner objects to the use. One of the joint owners may, without the consent of the other owners, grant licenses to third parties to use the work. One co-owner may sue for infringement without bringing the other co-owners into the litigation. However, co-owners must account to each other for any profits earned from use of the copyrighted work.
Joint ownership is distinguished from authors making a contribution to a collective work where each individual work remains distinctive and stands alone. Collective works have two different levels of ownership. Authors may own the individual articles or elements of the collective work, and another author may own the copyright in the collection of works.
Ownership in copyrights and the material objects created under copyrights are complex and need to be carefully analyzed before proceeding to exercise rights under the copyright in a work or in the material object created under the copyright. As with most intellectual property rights, caution is the word!
This article is also published on the Bank of American Fork blog.
Easy is not always better.
Before online marketing, using content in marketing was a deliberate process of finding content, making sure that rights of use were granted, working through multiple steps of proofs and review and ultimately, generating expensive glossy printed material.
That has changed: The world of online marketing has given Internet users the ability to copy and paste content through very simple, no-cost procedures. It’s essentially as easy as right-clicking a source page, opening a destination page, and another right-click to copy content to a destination page. However, easy can lead to some unfortunate results.
Debates continue over the rights that content owners should have online. Some argue that because the content has been posted online, it should be available for use by others, with very few, if any, restrictions. Despite the rapid rate of change in technology, there are fundamental principles that have not changed.
Copyright law protects original works of authorship and original content, regardless of where it is posted or displayed. Original works may include stories, blog posts, articles, graphics, photographs and other images, marketing materials, drawings and plans. Usually, originality is not difficult to find in a work. As a result, as soon as a work, such as an article or photo, is created, copyright rights exist. Copyright registration is not necessary to claim fundamental copyright rights, but registration is necessary to pursue an infringement claim in litigation, but there is a procedure for expedited registration, so the lack of registration does not need to bar a copyright owner from pursuing his/her rights in a copyrighted work.
The person who creates a work is the copyright owner. The concept of work made for hire is confusing to many. If a third-party service provider is engaged to take a photo or create content, the work is not a work made for hire. With a few exceptions, a work is only a work made for hire if it is created by an employee within the scope of his/her employment. If an outside firm or service provider is used to create a work, the user needs to get an assignment or license from the firm that created the work.
The owner of a copyrighted work has several exclusive rights: the rights to copy, reproduce, distribute, publicly display the work or create derivative works from the original.
What about fair use? Fair use is very limited and does not apply for most commercial uses. If the work is being used in an educational or nonprofit environment for purposes of commenting on the work, it may be fair use. If fair use is a possibility and it is critical to use the work, contact legal counsel to help work through the maze of fair use.
Failure of a copyright owner to include a copyright symbol, whether inadvertently or intentionally, does not change the need for permission to copy, use and display copyrighted works of others.
Infringement occurs when one of the exclusive rights has been violated. Not all copying is intentional. If there is inadvertent copying, courts will consider whether the new work is substantially similar to the original work. Through a series of tests, courts will make this determination. If the two works are substantially similar, and the copyright owner can produce a certificate of copyright registration, it is likely there is infringement and liability and then the courts will determine damages.
It is tempting to say, “I will never get caught,” or “If I am caught, what damages could the copyright owner assert?” It may be true that the risk of getting caught or a copyright owner establishing substantial damages is low. But it only takes one time. Getty Images and other image providers are aggressively pursuing websites that post images that have not been licensed. Further, copyright law provides for statutory damages. In litigation, a copyright owner may elect to recover statutory damages, which are damages unrelated to the amount of actual damages. Statutory damages of up to $30,000 per work may be awarded. For willful infringement cases, the amount of statutory damages is up to $150,000 per work.
One final issue: if an article is posted online, may a user make copies of the article and distribute them? Technically, it is distribution of the work, and a violation of one of the exclusive rights of the owner of the work, but the work is already available publicly. The safe course is to distribute the link to the content and have the recipient of the link directly access the materials.
Copying and using online content is deceptively easy. To avoid potential liability, the best strategy is to create original works. If that is not an option, always seek permission or a license to use the creative works of others.
This article is also published on the Bank of American Fork blog.
As of March 2012, there were 901 million monthly active users on Facebook. Although the stock of Facebook has experienced a roller-coaster ride, which has mostly been on the first steep downhill part of the track, the slide probably says little about the future of Facebook and social media. Technology and innovation behind social media are experiencing a rapid rate of change, and the law usually lags, but an understanding of legal issues is important to avoid liability. Here’s what business owners need to know to avoid legal traps in social media.
User vs. provider
On a simplistic level, there are two ways to approach social media from a legal perspective. One is from the perspective of the user and the other is from the perspective of the provider of social media. Bloggers and users of social media need to be concerned about liability for what they are posting, and providers of social media portals—including businesses—need to be concerned about potential liability for simply making the social media vehicle available.
Original content or else
When posting content on social media, or in any other environment, there are some basic rules to follow. All content should be original to the person (or company) posting, or there should be a license to post the content. Original works, including text, graphics and photos, are protectable under copyright law. Except in limited circumstances, the owner must grant permission to use or post the content; failure to obtain permission constitutes infringement. Granting attribution, or identifying the owner of the content, is not sufficient for compliance with copyright law. Although it is easy to rationalize that no damages could possibly flow from a blog or other post, statutory damages of up to $150,000 in the case of willful infringement are available.
Angry post: Sleep on it
Social media has a tendency to encourage informality. Informality can lead to negative consequences. Posting without thinking or posting when angry or frustrated can be problematic. Although anger is not a concern legally, the words that fly in angry posts can be. Posting untrue statements that damage the reputation of another may be actionable and lead to liability. The solution is less legal and more practical. Never post when angry, and when frustrated, create the post and let it sit overnight. Hopefully a little time will soften some of the words and reduce the risk of potential liability. Another result of speaking before thinking is the disclosure of trade secrets or other confidential information. Again, thoughtful time before posting can prevent big problems later.
Screening employees online
Employers as users of social media have a great resource for conducting background checks. Unfortunately potential employees sometimes are not very wise in what they post, and frivolous posts can lead to employers making employment decisions based in part on those posts. However, there are limits on what information employers may use. Just as an employer is limited in what questions may be asked in an interview, the scope of information found through social media that an employer may use is also limited. Any information that is prohibited in an interview, but is available online, may not be used in hiring decisions. To be safe, employers should have at least two people involved in the process: one person to retrieve and screen information available through social media and a second person to use the information in making the employment decision.
Social media use policy a must
Employers also face issues of employee use of social media, both on employer time and employee time. Although an employee may be posting on Facebook or tweeting on his/her own time, the employee may be clearly associated with the employer. Employee posts can reflect on the employer. In addition, employee time spent posting on the job may be desired by employers to increase exposure of the company, or the employer may determine that social media on the job is prohibited. For these and several other reasons, employers should have social media use policies.
Businesses and other providers of social media can find themselves facing many of the same issues as users of social media. There are safe harbors to avoid liability for copyright infringement, defamation and other claims, but steps need to be taken to take advantage of such protections.
Social media is alive and well and proper use can provide significant business and personal benefits.
This article was published on the Bank of American Fork blog.
Apple introduced iCloud to the world of consumer computing. The service promises to provide access to files, such as music and photos, from multiple devices. A recent radio advertisement touts the benefits of an online payroll system that can be accessed from anywhere in the world, and is so easy to use a boy operating a lemonade stands can use it. The concept behind iCloud and software that is accessible anywhere is not new, but is part of a rapidly growing technology platform called the cloud or cloud computing. Cloud computing gives both consumers and businesses the ability to use software applications and input and access data on any number of devices anywhere in the world.
Cloud computing is generally the ability to remotely access software and data from off-site servers and other hardware through the Internet. It is divided between public and private clouds. A public cloud services multiple clients and customers, and a private cloud, similar to traditional outsourcing that is controlled by the user, services only one or a limited number of clients and customers. Application software offered in the cloud, or software as a service (Saas), runs on servers located off-site or in a remote location. The software does not reside on the desktop or local computer or server. Netbook computers are designed to operate Saas, because they do not need a hard drive, but merely need access to a browser and the Internet to operate the SaaS application.
Many of us are already in the cloud with Google’s Gmail, Yahoo mail, Facebook, Flickr, and Google docs. The number of business applications is rising rapidly. The economic and other benefits cannot be ignored, particularly in stressed economic times. However, there are several potential drawbacks, especially for business applications, that need to be addressed before fully embracing and launching the concept.
Some of the advantages of a public cloud are the sharing of costs, infrastructure, and resources, but the advantages of a private cloud are control and security. Because cloud services are operated on servers not owned or operated by the user, there are significant cost savings available. Users do not need to support upfront capital investment to purchase the same level of hardware and software required for internal networks. With access through the Internet, information may be input and accessed from any location in the world where there is Internet access, and because the cloud is not tied to a specific location or device, the information may be accessed by multiple and diverse devices. Cloud services are scalable, again without significant cost increases.
Unfortunately, there are also several potential landmines that cannot be ignored, and many cloud providers have developed boiler plate terms of service that are non- or minimally negotiable. In many cases, the terms of service may be modified by the service provider simply by providing notice online. As a result, it may not be possible to negotiate several of the critical terms that impact on the use on the cloud.
Some unavoidable concerns are security and privacy, because both are out of the control of the user. The level of care exercised by the cloud service provider may not rise to the same level the user might maintain. These concerns are particularly relevant for financial institutions under GLBA and health care providers and business associates under HIPAA. Backing up data, business continuity, continuous access to data, backwards compatibility, and location of servers for purposes of US and international law regarding privacy are a few other examples of issues that need to be addressed.
On June 20, 2011, ICANN (Internet Corporation for Assigned Names and Numbers), the international body that regulates domain names, approved the implementation of a procedure for the adoption of new generic top level domain names (gTLD). Generic top level domain names are the letters to the right of the dot in a domain name, such as .com, .net, and .org. Prior to this action, there were 22 generic top level domain names, but now there could be potentially thousands of new gTLDs. According to ICANN, “Internet address names will be able to end with almost any word in any language, offering organizations around the world the opportunity to market their brand, products, community or cause in new and innovative ways.”
New gTLDs will be assigned based on a complex and expensive application procedure. The initial filing fee is $185,000, and there is an annual fee of $25,000. These are in addition to other application fees in some cases, and other expenses as well. The application procedure guidebook is approximately 350 pages. Applications may be filed between January 12, 2012 and April 12, 2012. There may be additional rounds of applications, but the first will be the most critical, and it is not certain there will be additional rounds. According to http://dot-nxt.com/applicants, there are currently already over 120 applications that will be filed during the application period, and some of the anticipated names are .mls, .music, .hotel, .canon, .hitachi, and .vegas.
One of the important objectives of ICANN in adopting the new gTLD was to avoid cybersquatting, and other trademark and intellectual property infringement. In the early days of the Internet and the use of domain names, cybersquatting became a significant problem, and finding remedies was a challenge. In response, Congress passed the Anticybersquatting Consumer Protection Act, and ICANN adopted the Uniform Dispute Resolution Procedure. Under the new procedure, the application fee alone will be a significant deterrent, but there are other procedures and protections built in as well. Not only will the application process attempt, through an evaluation procedure, to identify any potential infringement and misuse, but there will be procedures for third parties to protect their own intellectual property and other rights. The policy includes a trademark clearinghouse and sunrise procedure, as well as dispute resolution procedures. However, there is no crystal ball to identify what problems will arise, and how successful these procedures will be in protecting rights and avoiding problems.
The adoption of this new policy and the implementation of new gTLD could be revolutionary. Consumers will no longer be left to finding products and services using potentially confusing second level domain names and domain names. For example, a search for a Nissan automobile at nissan.com will be disappointing. Computer products and messages about Nissan Motor’s litigation against Nissan Computer are available at Nissan.com, but Nissan automobiles will only be found at nissanusa.com. Nissan Motors may be highly motivated to apply for the new gTLD .nissan to avoid the problem going forward. Brand owners will have a unique opportunity to secure a strong position on the Internet, and will no longer need to compete with others for domain names within the .com gTLD. Communities of people and organizations may have a unique and strong presence online, such as organizations supporting a .eco gTLD.
There are at least two significant implications for brand owners and others doing business in an online world. Businesses need to seriously consider either banding together with others to develop a community or generic domain name, such as financial institutions adopting the gTLD .bank, or consider adopting a brand gTLD, such as .canon or .deloite. However, applying for and adopting a new gTLD will not be for everyone. In addition, brand owners will need to be vigilant in making sure that others do not trample on their rights when adopting new gTLD, and take appropriate action. Some appropriate actions are to monitor applications filed, submit comments to ICANN on applicable applications, including as part of a community, file objections and lawsuits, if necessary, and participate in other procedures, including trademark clearinghouse and sunrise procedures. This significant development is also a good opportunity to review current online brand strategies to see if any changes or modifications are appropriate.
Significant changes in the world of the Internet, in addition to bringing positive changes, also usually yield unintended consequences. Unintended consequences are likely with the venture as well. But, the potential for brand and community awareness is huge. Brand owners and community participants will need to be vigilant and aware of developments and the implications for them as this policy and application process unfold, and new gTLDs launch in cyberspace.
As Congress considers cutting trillions of dollars from the federal budget, waste and fraud detection will certainly be part of the plan for finding precision dollars. Regulatory agencies are likely to increase their focus on compliance, and a new culture of compliance is likely to emerge in business in general. Managing legal risk, in particular, is part of strategic planning and corporate compliance. Unmanaged legal risk can lead to potentially significant adverse consequences. Legal risk management is designed to help business managers improve future earnings of the company by identifying and appropriately managing legal risk to minimize potential losses.
What is legal risk management?
It is a systematic way of identifying legal risk in business, establishing programs for eliminating, avoiding, transferring, or mitigating the effects of such risk, developing a plan for conflict resolution, and educating business leaders and employees on how to manage such risks in the future. There are five stages or steps:
- identify key issues and documents relevant to risk management through the use of a questionnaire
- assess legal risk through an interview with key management personnel and a review of the documents
- analyze legal risk by prioritizing and determining what risk can be eliminated, mitigated, or otherwise managed, and specifically how it will be done
- manage legal risk and conflicts by developing a plan based on the risk analysis, including the use of available resources, establishing a conflict resolution plan, and providing appropriate training
- implement, review, and follow up on the plan
What will I have at the completion of this process?
You should have a much better idea of what legal risks you face in your business, and a plan and process for managing that legal risk. You should have comfort knowing that you have taken steps to manage your legal risk. You will have sent a message to other members of your management team, and your employees, that you value corporate integrity and compliance.
How is legal risk management implemented?
The concept is a menu approach, and each step is unique. Although all steps should be implemented, after the first two, you can choose to retain legal counsel to continue to assist and guide the process, or use internal personnel only for the remaining steps. There is no outside legal cost for the first step. The cost for legal counsel for the second step will be determined after review of the questionnaire and will fixed. The cost for legal counsel for each additional step will likewise be fixed and determined from the information provided in the questionnaire and interview.
Who should be on the team for implementation?
Most businesses react to legal risks, and many attorneys are probably very good at addressing legal risks as they arise. Legal risk management, however, seeks to avoid unanticipated risk, and potentially “bet the company” risks, and requires the involvement of team members, both business executives and lawyers who both understand and have implemented these concepts.
Is it possible to eliminate or even effectively manage all legal risk?
No, the objective of legal risk management is not to eliminate all legal risk. That would be impossible. In fact, there is much legal risk that cannot be eliminated, and there are legal risks that business managers will consciously accept because the cost of eliminating them is too high. However, legal risk management can help reduce the possibility of facing unexpected expenses in the future by dealing with legal issues now. It is not about trying to find skeletons in the closet, but it is about looking forward and creating a plan to manage manageable risk. It is about finding solutions, not just identifying problems.
How is legal risk management different from other compliance functions?
There is an overlap between corporate compliance functions and legal risk management. Corporate compliance focuses on business and legal risks in a regulatory environment, while legal risk management focuses on how well the business is managing legal risk in general. Legal risk management seeks to provide business managers and compliance officers with the tools and concepts necessary to help them manage and reduce legal risk and costs, and thereby improve the bottom line, and corporate integrity and compliance within the organization.
Principles-based business management
The businesses that will be most likely to implement legal risk management will be principles-based businesses, meaning they are motivated by core principles that positively impact stakeholders over longer periods of time. Although they recognize the need for task-orientation, and acknowledge the new world of compliance in which they operate, they also seek to operate on time-tested core principles. For example, a principles-based business will implement employment policies and procedures consistently applied not only to comply with law or a regulatory requirement, but because they want to be fair to their employees and create a positive working environment. They will develop polices to avoid infringing on the intellectual property rights of others, because they value their own intellectual property rights and expect others to respect their rights. Corporate integrity is important to principles-bases business, meaning that if policies are implemented based on principles, the executive management team not only talks about compliance with those policies and principles, but seeks to embrace and manage based on those principles. Employees do not hear one thing, and see something else from their leaders. The executive management team understands and buys into the need for consistency and compliance.