Monthly Archives: January 2014

Can you keep a secret? Trade Secrets in Global Business Transactions

A trade secret is any business information that is not publically available and provides a valuable competitive advantage to the business.  The different classes of business information protected by various trade secret laws is expansive.  For example, trade secrets include, a manufacturing process, chemical formula, customer lists, sales techniques, any business process and even names and locations of suppliers of raw materials.  No registration or other administrative formality is required for the protection of trade secrets.  There are no limits on the number of years a trade secret can benefit from protection.  Thus, can offer a significant benefit with only minimal effort and cost.

The key to ensuring protection of a trade secret, is secrecy.  The trade secret must not be generally known or available to the general public; it must be valuable to the business and the trade secret owner must establish that reasonable efforts have been made to prevent disclosure.

U.S. law governing trade secrets is well established.  This body of law includes the federal Economic Espionage Act, which imposes criminal penalties, including imprisonment and heavy fines for misappropriation and use.  The U.S. International Trade Commission has enforcement power and can block products manufactured using stolen trade secrets from importation into the U.S.  The Uniform Trade Secrets Act, adopted by 40 states and the District of Columbia creates civil liability for misappropriation and use of a trade secret.

EU law governing trade secrets is fragmented.  Not all member states protect trade secrets, those that do protect only certain classes of trade secrets.  Protection of trade secrets, among member states, becomes a concerning matter for cross border business ventures where disclosure of trade secrets is necessary, yet misappropriation of the trade secrets is not actionable.   TO address this growing concern, the European Commission, in late 2013, proposed a directive on “the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure”.

The proposed Directive sets out the civil remedies available for unlawful acts, including misappropriation, and misuse, and authorizes the compensation, the use of injunctions, seizure and destruction of goods.  The proposed definition of ‘trade secret’ contains three elements: (i) the information must be confidential; (ii) it should have commercial value because of its confidentiality; and (iii) the trade secret holder should have made reasonable efforts to keep it confidential.  Which closely tracks the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS).  The adoption of this Directive will be a significant improvement, but it may still undergo a number of revisions.

How do you protect your trade secrets?  When is becomes necessary to share a trade secret, whether to employees, potential business partners or others, each person to whom the trade secret will be shared should sign a non-disclosure or confidentiality agreement (NDA).  This confidentiality agreement creates a contractual undertaking not to misappropriate, misuse or otherwise disclose this valuable business information without written consent and allows you to file a civil suit for damages and to prevent further breaches of the NDA.  An additional step should be taken with regard to employees who have access to, or often create or develop the trade secret, by requiring the employee to enter into a non-compete agreement.  The non-compete agreement should prevent your employees from misappropriating a trade secret by immediately taking a position with a direct competitor.   A non-compete agreement must be reasonable in scope and duration otherwise, will not be upheld.

If you would like assistance in drafting a non-disclosure, confidentiality or non-compete agreement please contact us.

The Silver Screen in the Rainbow Nation: South African Incentives for the Film Industry.

Hollywood has always been the worldwide film mecca however filming in the United States is not always the cheapest and best option for filmmakers. There are now many international growing film industries that offer real benefits to shooting at their studios or diverse locations. Canada, India, the United Kingdom and Australia are some international film industries that have been receiving praise. A recent and exciting up-and-coming film industry is South Africa. South Africa’s film industry has been in full swing since the end of Apartheid and has some real accolades to show for it. Aside from producing exciting film stars, such as Charlize Theron and Arnold Vosloo, the films themselves have received both nods and recognition by the Academy Awards.

Aside from the stars and the awards, taking a film to South Africa has real, tangible benefits to filmmakers. South Africa is an extremely diverse country. Not only are there so many cultures represented, but also the landscape itself is wildly varied. The film Lord of War was able to take Cape Town and have it appear as 57 different settings in the film. South Africa’s good and rather predicable weather also can save time and money. A fantastic incentive for those with American Dollars is the exchange rate; currently, the Rand-Dollar exchange is at a five-year low with a U.S. Dollar buying over 11-Rands. Beside the exchange rate, the prices and costs in South Africa are also much cheaper. The industry itself is established and hosts a state-of-the-art film studio outside of Cape Town.

The South African Government is excited about this sector and has done many things to enhance its potential gains. South Africa has signed co-production treaties with eight other countries enabling incentives and assistance to be made available to certain international filmmakers. Moreover, there are tax rebates between 20 and 35-percent of the production expenditure offered depending on whether filming or working post-production and on the amount of the production budget. Tax incentives also extend to film owners who are allowed a deduction of the cost of the film.  The South African National Film and Video Foundation can assist with procurement of funds with loans and grants.

If you have interest in selecting South Africa as the location for your next film or television production, please contact us for help in introductions and setting up requisite visas and permits and funding.

A New Way Forward for Data Privacy in the US

Following in the footsteps of the EU, US Senators Tom Carper (D-Del) and Roy Blount (R-Mo.) have introduced a bill, the Data Security Act of 2014, intended to align fragmented data protection laws both at the federal and state levels. The bill is intended to “prevent and mitigate identity theft, to ensure privacy, to provide notice of security breaches, and to enhance criminal penalties, law enforcement assistance, and other protections against security breaches, fraudulent access, and misuse of personally identifiable information.”

The proposed bill would require entities, both public and private, to take better preventative measures safeguarding sensitive information, investigate security breaches, and place strict notification requirements for breaches.  The proposed Data Security Act would supersede the confusing and inconsistent federal and state laws governing data protection now in place.

One problem identified by consumer advocates is that the bill only allows consumers to sue under federal law only, while eliminating consumer recourse for violations of state law.  Another group of lawmakers, lead by Senator Patrick Leahy (D-VT) have been working throughout the past decade to garner support for their Personal Privacy and Security Act, which they reintroduced this month following the massive data security breach experienced by Target, Inc. and Neiman Marcus.

Both proposals include stronger notification provisions, more severe criminal penalties and uniform national standards.  It may be possible to decrease the current fragmentation in data protection laws throughout the U.S., and would certainly go a long way to simplifying compliance, however, setting a national standard will require some states to address these issues more quickly.  Businesses would welcome standardization of data protection laws, it would lower the cost of compliance and provide greater predictability and stability.  Currently, the myriad of divergent laws, not just across the U.S. but across the world make compliance costly and inefficient.

If you need assistance with your data privacy policy or don’t know whether your company is in compliance, please contact us for more information.



The Trouble with Side Letters for Fund Managers

In the process of negotiating capital and private equity funds, the use of side letters is becoming more and more routine. A side letter is an ancillary document to a contract. Many prospective limited partners will ask that they have a side letter with which to memorialise their provisions to agreement. Whilst the usage of side letters can be important in setting up funds, if it is done carelessly or without proper procedure, then side letters will fail. Just last year, a UK Court of Appeal hearing the case of Georgi Velichkov Bardudev v EuroCom Cable Management Bulgaria Food & Ors found a side letter unenforceable despite the letter having been drafted by lawyers, referencing the Contracts (Rights of Third Parties) Act 1999 and a clear intention by the parties that the side letter be contractually enforceable. But the complications that side letters could bring does not stop with litigation, regulation and enforceability.

Whilst many funds would not have made it through the fundraising process without side letters to the partnership agreement, assuring that the provisions contained within each limited partner’s side letter do not conflict with others is an administrative battle that will last the duration of the fund. Moreover, if one or more of the limited partners had been extended most favoured nation (hereinafter “MFN”) protection, then the administrative complication is even more with regards to election rights, appropriateness of any elections made and recording provisions elected by those partners.

If a fund manager decides that the use of side letters is the best way to accomplish the needs of limited partners and meet the goals during fundraising, then there are a few guidelines to follow to help assure that the side letters are enforced and enforceable in law. To begin with, set out a road map to follow through the process and map any MFN rights are noted along with their scope. Work with legal counsel and take advantage of their expert consultation. Avoid creating side letters that aren’t required to accomplish the goals. Use specific language and details when creating the side letters.  As always, if you would like more information, require assistance with side letter formation or the fundraising process; do not hesitate to contact us.

Data Privacy and Social Media in the UK

For most businesses, modern marketing, advertising and promoting involve having a presence in social media. Though a business may not be engaged in social media at present, social media participation, whether official or unofficial, seems to be an inevitability for all. Whilst the number of social media networks may be incalculable as previously non-social sites develop a social aspect, one thing is certain: the number of people, and thus potential customers and critics, who use social media is staggering. Facebook alone garnered 1.15-billion users by 2013. Twitter and Google+ enjoyed 500-million users each last year. Whilst Facebook, Google+ and Twitter are social media giants, business gains can be derived from countless social media outlets.

The benefits to social media participation include the ability to engage more personally with individual customers and critics, being able to “listen” or monitor what is being said about the business or other topics of interest, scanning for potential employees and getting to give a business a unique voice. Some businesses use big data analytics on social media activities to derive valuable consumer data to use in advertising. The biggest concern with social media participation is privacy.

At first blush, one might think that social media and privacy are on almost opposite sides of the spectrum, but privacy is a fundamental right protected by the EU under article 8 of the European Convention on Human Rights and article 7 of the Charter of Fundamental Rights and therefore must be guarded. More specifically, in the UK, the Data Protection Act of 1998 protects the processing of data of identifiable, living individuals. These pieces of legislation were developed before social media really took off. The future of legislation in the EU in regards to social media is being debated for the proposed General Data Protection Regulation, which contains protective provisions such as the “right to be forgotten” and restrictions on profiling.

In addition to wider privacy concerns, businesses must also consider privacy concerns of their employees that use social media, whether during the course of their employment or from their homes. Employment contracts naturally contain disciplinary policies that businesses now seem to have to turn to routinely in reference to social media activities. At the same time, however, businesses must balance their employees’ right to freedom of expression.

If your business or your business’ employees participate in social media, be sure to make your expectations clear. For those who have a social media voice with an official presence: make sure that the employee management team is well-trained and kept abreast of all company policies, activities and stances so that their interaction with customers and critics is intelligent, informative and appropriate. Please contact us if you are ready to speak to your employees about social media behaviour or ready to train a social media team to give your business a new electronic voice.


Facebook Lawsuit the Latest in a Disturbing Trend?

A class action lawsuit filed just a few weeks ago has brought another Internet giant into the light having allegedly breached the privacy of its users. This is not the first time that the social media site has been sued for breaches of privacy and it almost certainly will not be the last. Just last year Facebook settled a different privacy class action lawsuit alleging that Facebook’s Sponsored Story advertisements used the user’s name and “Liked” information without the ability to opt out or without their permission as well as “liking” pages that the user did not “Like” themselves. Facebook settled with the five plaintiffs, two of which were minors, agreeing to pay them $US20-million. The year before, Facebook settled a very similar class action by agreeing to pay out $US10-million to charity.

Facebook is not the only provider of a free messaging service that has faced scrutiny over its privacy practices or been brought to answer in court. Google, the creators of Gmail, has been forced into court to defend against lawsuits also alleging breaches of privacy involving screening of user’s email messages.  Filed in the same Federal Court as the most recent Facebook class action, the Court ruled that Google’s actions were breaches of the user’s privacy and beyond that, the Court found that Google’s Street View cars inadvertently sweeping up personal data from homes as it drove was in violation of the federal wiretapping laws and ruled that Google could also be held liable in damages for that transgression.

In the newest class action, filed in Federal Court in California on 30 December 2013, the two American plaintiffs allege that Facebook has been scanning users’ private messages that contain links to other webpages and using those messages to capture data about the user to share with data collectors and advertisers. Because the Facebook users are led to believe that those messages are “private” the plaintiffs argue that Facebook has violated the Federal Electronic Communications Privacy Act and other California state privacy laws. In response to the allegations made in the complaint, Facebook has denied their merit and has said that they look forward to defending against them. As the lawsuit is still young in the judicial process, we will have the watch how things progress, but chances are very good that if there is merit to the claims, Facebook will be paying large fines and will likely choose to settle as it has done in many other cases preceding this.

If you are concerned that your internet company or business could be in breach of its privacy policy or the privacy of your customers, or just aren’t sure, please contact us to share your concerns and we’ll be happy to help make certain that a costly lawsuit is not in your future.

Coming to Canada This Year: The National Anti-Spam Law

As mentioned in a previous article, Canada is no-nonsense when it comes to protecting the privacy of its citizens.  To join the new host of data protection laws this year is Canada’s Anti-Spam Legislation (hereinafter “CASL”), a national law aimed at ending the most invasive types of spam for Canadians include identity theft, phishing and spyware. The hope is to drive spamming out of Canada in an effort to protect e-commerce within the country. The legislation has been in the works for years and will certainly have big impact on businesses that are based in or operate in Canada, including those that e-advertise within the country.

Whilst a final date has yet to be set for the legislation to come into effect, it is thought that it will be effective in June 2014. CASL will impact companies and individuals alike who employ digital and electronic marketing, be it SMSing, e-mailing and installing computer programmes without consent but does exclude telemarketing. Sending marketing information without prior consent will be a thing of the past, except for some slim situations where consent is implied from previous dealings or personal relationships, for example. Whilst PIPEDA (please see article titled: “Canadian Courts to Businesses: We Do Not Take Privacy Violations Lightly” posted on 13 January 2014) consent may have been received by some, CASL consent is completely different and inferred consent will not be derived from PIPEDA consent. Different from the US’s CAN-SPAM legislation, Canada’s CASL is an “opt-in” system, though consent can be revoked at anytime thus the requirement for the “unsubscribe” feature.

Upon the regulations coming into effect, businesses may have a grace period to reach compliance, but there are massive benefits to being compliant beforehand. The penalties for non-compliance are not cheap: up to $10-million for companies and up to $1-million for individuals. This law does apply to marketers outside of Canada, so being current with this legislation could save businesses trouble even where they are not based or established.

Please contact us to get a list of services we can offer your entire business in becoming CASL compliant in order to best avoid any penalisation for non-compliance. Moreover, we can help in the obtaining of consent from potential Canadian clients.

The New EU Financial Transactions Tax Directive: What You Need to Know

The European Union (hereinafter “EU”) has spent years debating and detailing a plan to introduce a financial transaction tax (hereinafter “FTT”). In early 2013, the tax was set to debut 1 January 2014, however, delays and disagreements have held it back. Because of these delays, the target date for implementation has been moved to June 2014. The proposal for the FTT was meant for all member states but quickly many did not agree and only eleven member states representing two-thirds of the EU’s GDP agreed to move on towards implementation (Austria, Belgium, Estonia, France, Germany, Greece, Italy, Portugal, Slovakia, Slovenia, and Spain).

 Purpose of Tax.  The proposed FTT is meant to discourage financial transactions in bulk, punish speculation and deterring excessive, commission-generating transactions. Despite being finalised, the application of the final FTT can be intuited from the proposed Directive that states that the FTT will apply to establish “financial institutions,” which are fully expanded upon, though the scope has not been defined to finality.

Legality of Tax. In late 2013, the legality of the proposed FTT was challenged by EU lawyers challenging compatibility with the EU Treaty; suggesting that the proposal “infringes upon the taxing competences of non-participating member states.” These challenges have certainly caused the setbacks resulting in delayed implementation. Though the eleven participating member states have chosen to keep moving forward with the proposal, they could face losing their efforts in a court proceeding.

If your financial institution is established in one of the participating member states please contact us now or after the FTT is established so we can help with the understanding of the proposed Directive, aid in structuring so that your business has the lowest impact from the tax and determine which systems require amendment in the face of the FTT.

U.S. FTC Cracks Down on Customer Data Privacy Violations

The United States Federal Trade Commission (hereinafter “FTC”) is not only charged with promoting competition but also protecting American consumers. One way, by protecting their privacy. In order to enforce the seventy-one federal statutes within its jurisdiction, the FTC investigates businesses and their practices to ensure that laws are followed to the letter. Though most investigations by the FTC are not public, an investigation will undoubtedly cost a business time and focus. Beyond investigation, there can be a lawsuit, either of which may lead to a settlement in the form of a consent order. In the case of settlement, the FTC will propose a consent order that will detail the terms of settlement reached. This will be published and open for public comment for thirty days, afterwhich if the consent order is violated, the FTC can seek judicial enforcement. These public events will not only  impact businesses’ reputation but are also costly in other ways, such as legal fees.

Last year, the FTC released a report titled, “Protecting Customer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers.” In this report the FTC suggested the best methods for businesses to assure that not only its data is protected but also the data collected from customers. It is certain that the FTC does not take privacy violations lightly, as Google learned from the strong message sent by the Commission in the form of the largest FTC penalty for violation of a settlement order to the tune of $22.5-million. This after Google deceived Apple Safari users by stating that it would not be collecting their user and browsing information or tracking them for the purposes of advertising. The penalty was not the only term in the consent order; Google is now barred from future privacy misrepresentations, must implement a comprehensive privacy program and will be forced to have independent privacy audits for the 20-years.

Google is not the only company that has been hit with FTC privacy violations. LabMD compromised and inadvertently released personal information of 10,000 of its customers, some including medical information. Whilst the case is on-going, the FTC is seeking a similar outcome to the one reached with Google: a comprehensive security and privacy program and independent privacy audits for 20-years. Interestingly, LabMD has challenged the FTC’s authority to bring such a complaint against it.

This year, an FTC investigation into data broker companies’ uncovered ten companies that were in violation of the Fair Credit Reporting Act, a federal statute under its jurisdiction to enforce. In this case, the FTC simply sent letters to the incompliant companies informing them of their wrong practices and reminding them of how to act lawfully in the future.

If your business or company has concerns over FTC compliance or has come under investigation by the FTC, please contact us for help.

Canadian Courts to Business: We Don’t Take Privacy Violations Lightly.

Canadians value their privacy and the Canadian Government has placed high value on the protection of privacy for its citizens. With the massive influx of personal information being put onto the Internet via social media and public records, privacy concerns might not be something that many businesses would take as seriously as they need to. Nowadays, businesses must have privacy policies, safeguards and notification procedures in place should breach take place lest they end up in court.

Businesses that collect and use information from Canadians for commercial purposes have been put on alert by the Canadian Court System: privacy violations will be taken more seriously. New developments in the determination of the amount of damages for privacy violations have created a higher possibility for a business to be fined for violating one’s personal information.  Violations under the Personal Information Protection Electronic Documents Act (hereinafter “PIPEDA”) previously had to meet a high standard for there to be an award of damages; namely, the Federal Court had to presented with evidence that the violation was “egregious” before the Court would award damages. As of May 2013, this is no longer the case.

The Court found that there had indeed been a violation of Chitraker’s privacy by Bell TV. In determining if an award of damages was appropriate, the Court considered past cases and precedents. Previous to the Chitraker case, the complainant had to demonstrate a level of humiliation that was caused by the violation; whether the violation had been egregious. But the Court considering Chitraker opined that PIPEDA had no strict requirement and thus, it would be easier to evidence a privacy violation. In the end, Bell TV paid $20,000 in damages to Chitraker for violating his privacy.

Bell TV’s misfortune is a lesson for business in Canada. Businesses’ reputation can suffer from these cases resulting in a loss of customers, connections and bad publicity, to name a few. To assure that your business is safe from such actions, there are steps that can be taken: effective and efficient complaint handling, transparency in respect to personal information, conspicuous privacy policies, staff training for privacy issues and taking privacy complaints from customers seriously.

For assistance in creating privacy-sensitive business practices or dealing with privacy violation complaints, please contact us.