Lauren McClanahan, J.D., CIPP/US, CIPP/E, CIPM, FIP, PLS

Technology Contracts — often called Terms & Conditions — are the set of documents that no one ever wants to read . . . unless you happen to be a contract law attorney or a company executive sitting on a decision to spend a significant amount of money on new hardware, upgrading software, or implementing a management system solution.

Unless you are a technology vendor, it is unlikely that you will be in charge of drafting such contracts. However, whether you are the seller or the buyer… Show more

Technology Contracts — often called Terms & Conditions — are the set of documents that no one ever wants to read . . . unless you happen to be a contract law attorney or a company executive sitting on a decision to spend a significant amount of money on new hardware, upgrading software, or implementing a management system solution.

Unless you are a technology vendor, it is unlikely that you will be in charge of drafting such contracts. However, whether you are the seller or the buyer, you can guarantee that you’ll find yourself at the negotiation table over a tech contract deal at some point. Here are 5 keys for quickly paving the way to a good deal: Show less

“My business is a U.S. company — I don’t have to figure out this GDPR stuff, right?” Right. No worries if you’re a U.S. company, and you only interact with U.S. businesses and consumers. Simply implement an intake form to detect where your customers are located and restrict access to your website, so that it can’t collect personal data from people located in the EU. But be wary of customers that might move to the EU after connecting with your business — you don’t want to accidently send them… Show more

“My business is a U.S. company — I don’t have to figure out this GDPR stuff, right?” Right. No worries if you’re a U.S. company, and you only interact with U.S. businesses and consumers. Simply implement an intake form to detect where your customers are located and restrict access to your website, so that it can’t collect personal data from people located in the EU. But be wary of customers that might move to the EU after connecting with your business — you don’t want to accidently send them your newsletter or marketing emails if you didn’t acquire GDPR-approved consent.

Better yet, comply with the GDPR anyway.

The purpose of the GDPR (read: the General Data Protection Regulation) is to promote the privacy and data protection of individuals within the EU. You can read more about it here.

If you want to do business in the EU — or with individuals in the EU — you’ll have to comply with the GDPR. Noncompliance means significant fines or even jail-time for company executives, depending on the severity of the breach. Show less

Have you been thinking about transitioning or expanding the online presence of your business? Many businesses are successfully selling online, but lack sufficient understanding of various branding laws that would further strengthen their product and service portfolios. Many design and media houses creating brand platforms for businesses don’t have sufficient understanding of intellectual property rights to deliver to their clients optimal ROI. This quick guide will enable you to learn the… Show more

Have you been thinking about transitioning or expanding the online presence of your business? Many businesses are successfully selling online, but lack sufficient understanding of various branding laws that would further strengthen their product and service portfolios. Many design and media houses creating brand platforms for businesses don’t have sufficient understanding of intellectual property rights to deliver to their clients optimal ROI. This quick guide will enable you to learn the language and seek the additional help that you need to protect your business and its intellectual property online. Show less

As your e-commerce company grows, it’s likely that you’ll experience copycats. Despite the money and efforts you spent on marketing, customer relations, and manufacturing a high quality product, that work can be swept away when infringers disguise themselves under your company name and logo, stealing all your customers away. Even a seemingly innocent copycat can hurt your bottom line.

If you sell on Amazon, your company may be eligible to enlist in Amazon’s Brand Registry… Show more

As your e-commerce company grows, it’s likely that you’ll experience copycats. Despite the money and efforts you spent on marketing, customer relations, and manufacturing a high quality product, that work can be swept away when infringers disguise themselves under your company name and logo, stealing all your customers away. Even a seemingly innocent copycat can hurt your bottom line.

If you sell on Amazon, your company may be eligible to enlist in Amazon’s Brand Registry Program.

The Amazon Brand Registry is a program that enables vetted brand owners to register their brands with the platform and access Amazon’s infringement-finding artificial intelligence and enhanced reporting tools. Amazon maintains that enrolled brands report an average 99% reduction infringement activities since its launch in 2017.[1] Amazon also claims to have prevented 2.5 million bad actors from publishing false listings on its platform.[2] Now that’s a tool you could use!

Signing up for the Brand Registry Program is quick, easy, and useful — all it takes is an entry form and a registered trademark. Need to register your brand’s trademarks? Our team of Brand Registry Revelers at Rockridge® can help! Show less

Trade secrets are a unique form of intellectual property — they require no filing or examination, no acquisition cost, nor is their value limited by any expiration date. A business can operate under the value of a trade secret for as long as the secret is kept.

Kentucky Fried Chicken and Coca-Cola are notorious examples of entities that go to great lengths to protect their secret formulas to maintain their trade secret status.

Under law, a trade secret is usually defined as any… Show more

Trade secrets are a unique form of intellectual property — they require no filing or examination, no acquisition cost, nor is their value limited by any expiration date. A business can operate under the value of a trade secret for as long as the secret is kept.

Kentucky Fried Chicken and Coca-Cola are notorious examples of entities that go to great lengths to protect their secret formulas to maintain their trade secret status.

Under law, a trade secret is usually defined as any information used by a company that 1) is not known or available to the public; 2) provides an economic advantage over competitors; and 3) is actively protected from disclosure through reasonable efforts.

When trade secrets must be disclosed, contractual agreements often serve as the mechanism for protection — properly crafted agreements can even strengthen and expand the reach of a trade secret claim.

These agreements often come in the form of employment agreements; inventor agreements; collaboration agreements; confidentiality agreements; and non-disclosure agreements.

Do not attempt to protect trade secrets with cookie-cutter documents. Each organization — and its trade secrets — are unique, and therefore, require an evaluation and drafting specific to its operations. A careful drafting ensures that an organization’s trade secrets stay secret as long as they need — or give them the power to seek damages for the loss should the secret be let out. Once a trade secret is lost, an organization can lose that form of intellectual property forever, because trade secrets only serve as an intellectual property asset if they remain secret. Even minor adjustments to contracts can yield significantly better protection for trade secret owners. Show less

A single data security incident can have a massive impact on an organization’s reputation and finances — which is why companies should ensure that the data they collect remains private. New regulations such as the GDPR and CCPA, as well as the cunning and gall of cyber hackers, requires every company engaging in data collection to implement rules within its own organization to protect private data. This does not mean merely passing out a manual with a Data Incident Response Plan, but truly… Show more

A single data security incident can have a massive impact on an organization’s reputation and finances — which is why companies should ensure that the data they collect remains private. New regulations such as the GDPR and CCPA, as well as the cunning and gall of cyber hackers, requires every company engaging in data collection to implement rules within its own organization to protect private data. This does not mean merely passing out a manual with a Data Incident Response Plan, but truly changing the corporate culture through an effective data privacy compliance program.

Rockridge® takes a step-by-step approach when helping companies curate their individual data privacy compliance programs. Here are the key elements to get started: Show less

How much time and money does it take to create a brand? Countless hours and thousands in marketing, website and social media creation, and product development.

How easy is it to lose a brand? One cease-and-desist letter, followed by the threat of a trademark infringement lawsuit.

Before you ever get started with creating a business under a name-you-love-and-just-have-to-have, if you want to avoid wasted time, lost money, and the threat of a lawsuit, you should conduct a clearance… Show more

How much time and money does it take to create a brand? Countless hours and thousands in marketing, website and social media creation, and product development.

How easy is it to lose a brand? One cease-and-desist letter, followed by the threat of a trademark infringement lawsuit.

Before you ever get started with creating a business under a name-you-love-and-just-have-to-have, if you want to avoid wasted time, lost money, and the threat of a lawsuit, you should conduct a clearance search of possibly similar trademarks owned by others. Why is this important? If you “take” the trademark of someone else for yourself, the risks are significant. You could be forced to abandon it and have to pay hefty damages for infringement, rebranding and attorney fees (despite the energy, time and money it took to get it).

The purpose of a trademark clearance search is to assess the risk of the likelihood that your intended brand elements (business name, product names, logos) will be associated with another active company. A Rockridge® clearance report also identifies hurdles to registration, and mitigates risks that you might face after trademark application filing. Show less

The game of data collection has changed for the better — for consumers. New regulations with effects around the globe require better transparency, higher security, and strengthen consent. Whether you’re in the business of marketing, technology, or e-retail, these new data protection laws could apply to your business.

The California Consumer Privacy Act (CCPA), and its counterpart the California Privacy Rights Act (CPRA), creates rights and requires transparency for Californians. (FYI: It… Show more

The game of data collection has changed for the better — for consumers. New regulations with effects around the globe require better transparency, higher security, and strengthen consent. Whether you’re in the business of marketing, technology, or e-retail, these new data protection laws could apply to your business.

The California Consumer Privacy Act (CCPA), and its counterpart the California Privacy Rights Act (CPRA), creates rights and requires transparency for Californians. (FYI: It applies to businesses outside of California). The CCPA is currently the strictest data security law in the U.S. in effect, soon to be followed by the CPRA, which enhances many of the elements within the CCPA.

The General Data Protection Regulation (GDPR) is an EU law that protects the processing of data of individuals within the EU. (Again: It applies to businesses outside of the EU).

Many features of the CCPA and GDPR go hand-in-hand — both are meant to protect the privacy, power, and data security of certain individuals, and both have global effects . . . but there are areas where the two laws diverge in scope and enforcement.

If you’re concerned about whether your business is required to comply with the laws of either, the attorneys at Rockridge® can work with you to see if (or when) the GDPR or CCPA will apply to your business and draft a plan to ensure you’re in compliance (and avoid significant fines). Show less

Blockchain-based technology is fraught with legal issues. It’s new to many, innovative, and has scared regulators into making an abundance of regulatory decisions quickly and fiercely.

Despite the novelty of blockchain technology to the average lay person (if you want a definition, you won’t find it here), many of the legal aspects applicable to the technology are nothing new. If your organization is considering implementing blockchains in some form or fashion (cryptocurrency… Show more

Blockchain-based technology is fraught with legal issues. It’s new to many, innovative, and has scared regulators into making an abundance of regulatory decisions quickly and fiercely.

Despite the novelty of blockchain technology to the average lay person (if you want a definition, you won’t find it here), many of the legal aspects applicable to the technology are nothing new. If your organization is considering implementing blockchains in some form or fashion (cryptocurrency, recordkeeping, funds transfer, product safety, etc.), here are some aspects to consider. Show less

Marketers need to be able to answer two essential questions . . . 1) What is the GDPR? and 2) Does it apply to my business or client? Let’s add third and fourth questions, since there’s a 90% chance the GDPR does apply: 3) What happens if my business / client doesn’t comply, but ought to? and 4) How does my business /client get started?

This five-minute read is not meant to answer all your questions, which likely requires a chat with an attorney to discuss your specific business… Show more

Marketers need to be able to answer two essential questions . . . 1) What is the GDPR? and 2) Does it apply to my business or client? Let’s add third and fourth questions, since there’s a 90% chance the GDPR does apply: 3) What happens if my business / client doesn’t comply, but ought to? and 4) How does my business /client get started?

This five-minute read is not meant to answer all your questions, which likely requires a chat with an attorney to discuss your specific business operations and data collection/sharing practices. Rockridge® would love to work with you, and in the meantime we’ll introduce you to the language of GDPR (British accent appreciated, but not required). Without further ado . . . Show less

Have you noticed some new privacy laws in town? I certainly have! (But I’m a privacy lawyer so maybe that’s cheating.) If you have noticed and are worried about how the General Data Protection Act (GDPR) or California Consumer Privacy Act (CCPA) affects your business and data collection practices, you’re on the right track to 2020 e-commerce regulatory compliance (and investor-friendly business savvy). Hooray! Not every business is required to comply with privacy laws like the GDPR and CCPA. If… Show more

Have you noticed some new privacy laws in town? I certainly have! (But I’m a privacy lawyer so maybe that’s cheating.) If you have noticed and are worried about how the General Data Protection Act (GDPR) or California Consumer Privacy Act (CCPA) affects your business and data collection practices, you’re on the right track to 2020 e-commerce regulatory compliance (and investor-friendly business savvy). Hooray! Not every business is required to comply with privacy laws like the GDPR and CCPA. If you’re unsure of whether the CCPA applies to you, check out this article and neat chart I created especially for you –> Does CCPA Apply to Me?.

While you might not be legally required to alter your data collection practices under the CCPA or GDPR to protect your customers’ personal information, it is still important that you start moving your business in that direction.

Your business—no matter its size or earnings—may be liable for security breaches and the loss of consumer personal information irrespective of these particular laws, especially as highly publicized hacks – Hey, Equifax! Hey, Twitter! – increasingly put businesses on notice for heightened standards of data protection. So if you’re doing nothing special to protect third-party data, you’re actually leaving your business open to some pretty steep legal liability.

I’ve created a list of five easy-peasy steps that you can take to get your toes wet in the ocean of privacy protection and data rights management. Every business is unique and should consult with counsel to determine best practices, but these steps are pretty universally JUST PLAIN GOOD THINGS YOU SHOULD BE DOING. Show less

Can you trademark BLM? Can you trademark Black Lives Matter? What are the ethical and legal hurdles to trademarking social justice causes?
Here we are, America, on the cusp of change. Tens of thousands of people have taken to the streets—in the middle of a pandemic—to demand justice and fair treatment for Black Americans. The banners and signs and trucks and spray-painted bodies all shout BLACK LIVES MATTER. It is a rallying cry, a chant, a movement. It’s a phrase that will enter our history… Show more

Can you trademark BLM? Can you trademark Black Lives Matter? What are the ethical and legal hurdles to trademarking social justice causes?
Here we are, America, on the cusp of change. Tens of thousands of people have taken to the streets—in the middle of a pandemic—to demand justice and fair treatment for Black Americans. The banners and signs and trucks and spray-painted bodies all shout BLACK LIVES MATTER. It is a rallying cry, a chant, a movement. It’s a phrase that will enter our history books and a term at the top of a 48 page-long Wikipedia article. But does that phrase belong to Black America? Or is it merely a licensable trademark that everyone will soon pay-to-say? Show less

Rockridge Venture Law® (RVL®) uses several certification marks, including Certified B Corp and 1% for the Planet, to distinguish our firm from others in the marketplace. We also help businesses establish and grow certification mark programs and manage licensee relationships. This article presents a short overview of considerations for an effective certification mark program. We use the term “certification mark” throughout this article, but these types of trademarks are also commonly referred to… Show more

Rockridge Venture Law® (RVL®) uses several certification marks, including Certified B Corp and 1% for the Planet, to distinguish our firm from others in the marketplace. We also help businesses establish and grow certification mark programs and manage licensee relationships. This article presents a short overview of considerations for an effective certification mark program. We use the term “certification mark” throughout this article, but these types of trademarks are also commonly referred to as trustmarks. Show less

When it comes to setting up your business as an official entity, there are a variety of options. Below, we’ll take a look at the Series LLC (as defined in Tennessee) option – what it is, when it’s the right choice, and what the steps are to form this entity. We’ll also review how a Series LLC is taxed, and some risks that may be involved. Let’s get started:

Things are shaking up in the gig economy. With the New Year comes a few legal updates that could very well affect how your workers’ employment status is defined, how they are paid, and how you calculate your federal withholding taxes. We’ve summed things up for you in a sweet, short article so that you can quickly go back to making the world a better, cooler place.

Maybe you’re noticing a sudden influx of privacy policy updates in your inbox (I’ve gotten over ten in the last two days, alone). And have you seen the popups to accept cookie collection on nearly every website you visit?

This is your grand “Welcome” from the California Consumer Privacy Act as it comes to change your way of life and business.

These are BIG changes, folks. Yes, the California Consumer Privacy Act (CCPA) is technically a state law and only protects Californians. But… Show more

Maybe you’re noticing a sudden influx of privacy policy updates in your inbox (I’ve gotten over ten in the last two days, alone). And have you seen the popups to accept cookie collection on nearly every website you visit?

This is your grand “Welcome” from the California Consumer Privacy Act as it comes to change your way of life and business.

These are BIG changes, folks. Yes, the California Consumer Privacy Act (CCPA) is technically a state law and only protects Californians. But it also applies to any business . . . in any state . . . that is offering its goods and services to Californians. If your business even has a website or marketing strategy that reaches out to Californians, this “state” law could apply to you.

Moreover, other states are following Cali’s lead and using the CCPA to draft their own individual state privacy legislation. This isn’t the first time California has been considered a change leader—the state was also the first to implement higher vehicle emission standards, which thirteen other states and D.C. have since adopted.

So, the CCPA is essentially operating as a federal law. Our (free, but not legal) advice: Go ahead and follow it. But this law is pages and pages and pages of legal jargon with a compliance date beginning January 1, 2020. *Happy* New Year. And before then, there’s about 2,020 things you need to do.

Well, not that many, but you definitely need to get busy so you can be in compliance by the deadline (or soon after)! Show less

So you’ve launched your new brand/product/platform, and you’re interested in obtaining a registered federal trademark. That little ® is just so cute, it’s like a fedora for your logo and you just have to have it. Unfortunately, after digging around a bit you’ve discovered that you can’t just shopify a trademark. Registration is an investment in your business that requires time, money, and often times *gasp* working with an attorney. Is the cute little digital fedora worth it?

Simple… Show more

So you’ve launched your new brand/product/platform, and you’re interested in obtaining a registered federal trademark. That little ® is just so cute, it’s like a fedora for your logo and you just have to have it. Unfortunately, after digging around a bit you’ve discovered that you can’t just shopify a trademark. Registration is an investment in your business that requires time, money, and often times *gasp* working with an attorney. Is the cute little digital fedora worth it?

Simple answer for you gut-instincters: YES! If you like logic, keep reading. Show less

What’s the difference between a service mark (SM) and a trademark (TM)?
So, you’re new to the whole intellectual property protection thing, but you want to make sure that the cool name/logo/design/phrase that you came up with for your business is protected—and being a frugal+savvy entrepreneur, you want to do it RIGHT.

How you tell if you’re dealing with a service mark or a trademark? Essentially, a trademark is an identifier of products, while a service mark (or servicemark) is an… Show more

What’s the difference between a service mark (SM) and a trademark (TM)?
So, you’re new to the whole intellectual property protection thing, but you want to make sure that the cool name/logo/design/phrase that you came up with for your business is protected—and being a frugal+savvy entrepreneur, you want to do it RIGHT.

How you tell if you’re dealing with a service mark or a trademark? Essentially, a trademark is an identifier of products, while a service mark (or servicemark) is an identifier for services. Super simple, right? Let’s throw in some examples, just for good measure.

Raise your hand if you like craft beer! Say you own one such brewery, and the name you chose for the place is SuperAwesomeBeerCo. Do you have an unregistered trademark, a service mark, both, or nothing? Well, (and here’s a GREAT legal answer for you): IT DEPENDS. Here are some generalities: Show less

And why does the PTO use such a creepy word?
Why would the United States Patent and Trademark Office (“PTO”) ask for a “specimen”? *Shiver*

Despite the PTO using such a skin-crawling word (kinda like “phlegm” or “moist,” am I right?), a trademark specimen is simply your mark (the words/logo you want to register) + how you’re using it commercially in the real world.

So a specimen is definitely NOT a jpeg of your logo, as it exists in a vacuum. You need to show the examiners that… Show more

And why does the PTO use such a creepy word?
Why would the United States Patent and Trademark Office (“PTO”) ask for a “specimen”? *Shiver*

Despite the PTO using such a skin-crawling word (kinda like “phlegm” or “moist,” am I right?), a trademark specimen is simply your mark (the words/logo you want to register) + how you’re using it commercially in the real world.

So a specimen is definitely NOT a jpeg of your logo, as it exists in a vacuum. You need to show the examiners that you’re actually using the mark (or intend to) for $$.

How do you show you’re using your mark? Show less

Whether your workforce has gone remote or your team has access to confidential client information through their personal devices, it’s important that everyone is on the same page when it comes to data security. Why? Because people are susceptible to cyber threats. Like, really susceptible. 90% susceptible.[1] Your company can purchase the most sophisticated security software in the world, and a hacker may still infiltrate your system when an employee clicks a link in an email from his “bank.”… Show more

Whether your workforce has gone remote or your team has access to confidential client information through their personal devices, it’s important that everyone is on the same page when it comes to data security. Why? Because people are susceptible to cyber threats. Like, really susceptible. 90% susceptible.[1] Your company can purchase the most sophisticated security software in the world, and a hacker may still infiltrate your system when an employee clicks a link in an email from his “bank.” It happens to the best of us, which is why 25% of organizations report being impacted by cryptojacking.[2]

This article is a guide to training your team to be security savvy by creating a culture of privacy protection. Following these 3 simple steps can significantly lower your organization’s risk of security breach. Show less