ZeniMax Media, Inc. (“ZeniMax”) is a company that develops and publishes video games. These games include Fallout and Elder Scrolls. ZeniMax publishes the video games through its subsidiaries and has found widespread success in the gaming market. With that widespread success, ZeniMax was able to allocate funds for the development of virtual reality gaming.

In April 2012, a ZeniMax employee started communicating with Palmer Luckey. At the time, Luckey was a college student working on a virtual reality headset prototype named Rift. The ZeniMax employee took interest in Luckey’s creation and offered some help in its development. Luckey then sent the ZeniMax employee a copy of his prototype where the employee and other ZeniMax personnel added their own improvements. After their improvements, ZeniMax entered into a Non-Disclosure Agreement with Luckey to share the enhancements made on the prototype, including its use in a game ZeniMax developed.

After the prototype became a working model, ZeniMax performed demonstrations at the Electronic Entertainment Exposition. The demonstrations were only done by appointment. After adding his own modifications and merely days after the exposition, Luckey started to commercialize the headset under a newly-formed company called Oculus VR.

On October 30, 2015, the Securities and Exchange Commission (“SEC”) adopted rules allowing the use of crowdfunding by companies to offer and sell securities. Crowdfunding is the raising of money in cyberspace through portals, i.e., specialized websites like Gofundme, Indiegogo, Kickstarter. By using these portals, individuals or businesses can engage in fundraising in order to promote ideas to a large group of potential investors.  Crowdfunding has become a handy tool in new projects since it is another method for a small business to raise capital.  The SEC is seeking to regulate these practices and to protect investors since startups and entrepreneurs can raise capital through this revolutionary method.

For example, Title III of the Jumpstart Our Business Startups (“JOBS”) Act created an exemption in the securities laws to allow crowdfunding to be used for offering and selling securities. The exemption called for the final rules, Regulation Crowdfunding, to administer such offerings and sales. The rules allow for crowdfunding securities transactions within certain limits. The limits include the amount that could be raised through crowdfunding, requirement of disclosure of certain information to investors, and creation of a regulatory framework for the funding portals, which facilitate the transactions.

In essence, some of the rules are:

Trade secrets are important assets for a business and derive their value due to their secrecy.  Trade secrets constitute confidential business information that give a competitive edge to their owner.  They include industrial, manufacturing, or commercial secrets.  Any unauthorized usage of a trade secret is a violation.  With secrecy, a business can develop an advantage over its competition. By placing the value in its secrecy, the information is subject to outside forces attempting to steal the valuable information. By placing the information on a network server accessible through the Internet, a business organization’s vulnerability increases. Rather than simply risking disclosure by a disgruntled employee or being a victim of corporate espionage, businesses can now find themselves at risk of unauthorized access, i.e., hacking. The Internet allows information to be quickly and easily disseminated all around the world. Information can be accessed by anyone who has access to a computer and the Internet. With the borderless nature of the web, it would be difficult to subject users to the laws and regulations protecting trade secrets. As a result, the United Nations created the World Intellectual Property Organization (“WIPO”) in order to address issues regarding intellectual property, which includes, but is not limited to, trade secrets.

The purpose of WIPO is to create a worldwide intellectual property system that fosters creativity and innovation. Currently, there are 188 members, including, the United States and United Kingdom. WIPO’s services include dispute resolution to intellectual property-related cases such as arbitration and mediation. It provides an annual forum for governments, intergovernmental organizations, and industry groups to meet and discuss issues.

International standards for trade secret protection are similar to the formula adopted by over 100 members of the World Trade Organization. The standard is published as a part of the TRIPS Agreement.  For example, Article 39 states that members must protect undisclosed information (e.g., trade secrets) from unauthorized use that is contrary to honest commercial practices. Also, the information must be secret in nature and there must be reasonable steps to protect the secrecy. Also, Articles 42-49 call for civil proceedings to enforce the standards.

Trade secrets are vital to a business’s growth and development.  From a practical standpoint, the advantage a business may have vanishes once the trade secret is publicly known. As a result, businesses have employed various methods to prevent the leaking of trade secrets. From confidentiality agreements to encryption, a smart business should attempt to prevent the risks. However, these efforts may not be enough, calling for the need of regulation. In general, the applicable regulations primarily clarify the definitions, parameters, and remedies for trade secret theft.

Uniform Trade Secrets Act

The Uniform Trade Secrets Act (UTSA) has been adopted in forty-seven states and the District of Columbia. It defines a trade secret as information that derives economic value from its secrecy and is subject to reasonable effort to maintain its secrecy.

What are trade secrets?

In general, the definition of a trade secret varies from state to state. Essentially, it means any confidential information you would not want your competitors to know about. This could be anything from customer lists, marketing plans, to business models. Although, this definition is broad, it is important to look at the exact definition of what is a trade secret according to the applicable jurisdiction. In California, a trade secret is defined as information that takes independent economic value from its confidential nature subject to reasonable efforts to maintain its secrecy. Here, California’s definition of a trade secret places a focus on economic impact. This differs from states such as New York where the law simply defines a trade secret as information that would give an advantage over a competitor. See Ashland Mgt. v. Janien, 82 N.Y.2d 395, 407 (1993). In comparison, New York has a broader definition than California and covers any non-economic related trade secrets.

Why is protection necessary?

On August 24, 2015, the United States Court of Appeals for the Third Circuit handed down its decision in favor of the Federal Trade Commission (FTC) against Wyndham Worldwide Corporation.  This lawsuit was against the defendant and its subsidiaries for their failure to implement proper cybersecurity measures and protect consumers’ personal information against hackers.  The FTC alleged that defendants did not use encryption, firewalls, and other commercially reasonable methods for protecting personal information.

What was the basis of the lawsuit?

In general, the FTC has the responsibility to protect consumers against unfair and deceptive business practices. These illegal practices could range from false advertising to antitrust issues. The FTC has started to prosecute companies with inadequate cybersecurity to protect consumer data. The companies that made false statements about their level of security in their terms of service also had lawsuits filed against them.  In this case, between 2008 and 2009, hackers breached Wyndham Worldwide Corporation’s network and computer systems three separate times. One incident occurred in 2008 and two occurred in 2009.   The hackers were allegedly able to breach the network due to the use of weak and obvious passwords, lack of response to the first incident, and inadequate monitoring systems.  In one of the instances, it took approximately two months for Wyndham Worldwide Corporation to discover its systems had been accessed without authorization. The hackers successfully accessed personal information of approximately 619,000 consumers and managed to cause $10.6 million in fraudulent charges. Therefore, on June 26, 2012, the FTC brought the lawsuit against defendants.  Their motion to dismiss was denied by the district court and their appeal was heard on two issues in order to determine whether there was a valid claim.  The issues that were raised included: (1) whether the FTC had authority to regulate cybersecurity under 15 U.S.C. § 45; and (2) if so, whether defendants received fair notice that their cybersecurity practices were inadequate under the guidelines.

In general, intellectual property, includes, copyright, trademarks, and patents (collectively “IP”).  According to the World Intellectual Property Organization, IP refers to creations of the mind, such as inventions, literary and artistic works, designs, and symbols, names and images used in commerce. Now, when it comes to the use of intellectual property, what is considered fair use?

What is fair use and how does it affect intellectual property right?

There are multiple ways to protect or claim your intellectual property. When an individual believes that its intellectual property has been misappropriated (i.e., taken without consent), it has the right to demand that it be removed or notify the hosting organization about the infringement, so that they can remove it. The services of a lawyer should be obtained if any of these steps fail. However, before any of these steps are taken, the Digital Millennium Copyright Act (“DMCA”), which is codified under 17 U.S.C. section 512, recommends that the individual making the claim considers whether the use of their intellectual property is fair use. Fair use is defined under 17 U.S.C. § 107, where it states that copyrighted material may be used so long as it is for “criticism, comment, news reporting, teaching, . . . scholarship, or research” and it will not be considered an infringement of the copyright. The following factors are evaluated to determine fair use: (1) purpose and character of use; (2) nature or type of work used; (3) amount of the work used; and (4) effect using the copyrighted work will have on its use for the author or creator. When deciding whether to demand removal, redaction, or whether to pursue a legal case alleging misappropriation, individuals should be aware of their legal rights and relevant factors.

The term RFID is everywhere these days. Consumers are seeing RFID blocking wallets, credit card holders, and passport covers as the holidays approach. However, many still do not know what it is and how it is used in their every day life.

What is RFID?

RFID stands for “Radio Frequency Identification” and is a term used to describe technology that makes identifications via radio waves. It is usually discussed in conversations and articles about the Internet of Things because it is a form of automatic identification. The term automatic identification covers a broad range of identification technologies, from bar codes to retinal scans, used by machines to make identifications. The identification of people or objects occurs through the use of microchips that store electronic information. The microchip has an antenna and the information is picked up through a reader using radio waves. The microchip can be as small as a grain of sand and made out of silicone. Although, this technology has been in use since World War II, it has only become widely used in the past two decades as costs have decreased. RFID technology is now used in certain products and businesses. Walmart and other stores use RFID technology to keep track of products and consumer activities. They use RFID to do anything from detecting an item about to be stolen as it exits the door, or trigger cameras when an item is removed from the shelf. Anyone who has ever used the EZ-Pass toll roads has experienced the use of RFID technology as it is used to identify cars with EZ-Pass. Nonetheless, this is just a limited representation of the use of RFID technology to track consumers and products.

It is common knowledge that travelers have to take their laptop out of their suitcase upon arrival at airports.  However, not all people know the extent to which electronic devices can be confiscated and searched at the borders whether the traveler is a United States citizen or not.

Why and when can customs officials search your electronic device?

Once electronic devices enter the United States, the Fourth Amendment protects against unreasonable searches and seizures.  However, there is an exception to the Fourth Amendment protection at the borders.  In United States v. Ickles, the court confirmed that customs officials are allowed to search any cargo at the borders. In this case, a search of a vehicle’s cargo revealed a videotape focusing excessively on a young ball boy at a tennis match. A more thorough search uncovered drug paraphernalia, pornographic photographs, computer, and computer discs. The computer was confiscated after the defendant was arrested and searched, revealing child pornography. The defendant requested that the electronic evidence be suppressed claiming that the warrantless search of his electronic devices was protected by his First and Fourth Amendment rights. The court ruled that the search was justified because the border search doctrine indicates that reasonable suspicion and probable cause can be justification for searches without a warrant in order to protect against criminal activity. The First Amendment claim was ruled to be invalid as well because the content of a computer may be searched regardless of how expressive the discovered material may be in order to protect national interests.  The most recent case on this topic was United States v. Kim, which was heard and decided this year. This case was about a foreign national leaving the United States whose electronic devices were searched at the border. The search of his computer was found unlawful because although he may have committed a crime in the past, however, the crime had already occurred, and there was no reasonable suspicion or probable cause to search for imminent criminal activity.

This year saw the data breaches of Sony Pictures, Ashley Madison, and Experian Credit Bureau. The increasing commonality of data breaches has prompted the federal and state legislatures to review their data breach notification laws.

What is a data breach?

A data breach occurs when an unauthorized user (i.e., hacker) accesses sensitive personal identifiable information. The hacker then copies the confidential information and uses it as he or she sees fit.  Often times, the personally identifiable information is used to commit identity theft and fraud.  This information can include, names, telephone numbers, email addresses, credit card numbers, or social security numbers. The target of these breaches can be businesses, financial institutions, and health care institutions.