By

Convertible Equity – A New Hope?

YCombinator's SAFE documents are a popular mechanism for implementing a convertible equity financing arrangement.

YCombinator’s SAFE documents are a popular mechanism for implementing a convertible equity financing arrangement.

Over the past few years, financing for early stage companies has increasingly taken the form of convertible debt. Some estimates suggest that these notes are used in more than 2/3rds of startup seed rounds. Moreover, these notes may be collectively responsible for saddling thousands of startups with billions of dollars of debt. Ironically, very few players in the startup world anticipate these notes being repaid, but a number of founders and investors have expressed concern that these securities can potentially trigger significant consequences for a startup. Yet despite these shortcomings, convertible debt continues to enjoy prominence as a financing instrument primarily due to its expedient and affordable nature. Frustrated with the failure of the startup community to address this ailment, Adeo Ressi of the Founder Institute contacted Yokum Taku at Wilson Sonsini Goodrich & Rosati to try to create an alternative to convertible debt. In 2012, they proposed convertible equity as an alternative to debt financing. This alternative offers startups a new way to finance their company with the benefits of a convertible note while simultaneously eschewing some of its key drawbacks.

What is Convertible Debt?

Before exploring the benefits of convertible equity, it’s critical to understand why convertible debt is an attractive financing option for startups. Convertible debt is structured as a loan to the company by an investor that converts to equity in the company upon some future triggering event. Usually, this conversion occurs upon a “qualified financing,” in which the company raises a minimum, predetermined amount of cash in a Series financing. Sometimes convertible noteholders will negotiate valuation caps or discount rates to reward the investor for their risk in investing at such early stages. In this sense, convertible debt is meant to mirror traditional equity financing in many ways.

The allure of convertible debt primarily rests in how quickly these notes can be consummated without significant attendant legal fees. The entirety of a convertible note and its accompanying terms may be encompassed in a mere few pages. Moreover, convertible notes do not set a valuation on a company and can be negotiated independently with individual investors (i.e. a “rolling round”). As such, the legal costs are a fraction of the costs associated with a full equity financing.

What’s Wrong with Debt?

There are at least four issues with convertible debt that should give both founders and investors pause:

  • Maturation: First, convertible notes have a maturity date. Notes generally mature within one or two years of the loan’s issuance. In the best cases, when a startup fails to meet the note terms and cannot raise adequate funds in a qualified financing, the entrepreneurs must return to investors in order to renegotiate the loan terms. In a worst-case scenario however, investors can demand repayment of the loan. If even one investor demands repayment, it can trigger catastrophic effects for the startup that has to use much-needed funds to repay an investor. Finally, certain state laws require individuals to register as lenders if they extend loans for more than a year, imposing potential greater costs on the investors as well.
  • Interest: As a debt instrument, convertible notes also have an interest rate. While the interest is generally converted to equity upon a qualified financing, some have questioned whether levying interest rates on startups are appropriate from an optics perspective if the investors are genuinely acting as investors and not lenders. Additionally, managing various interest rates across different investors can be challenging and take away valuable product development time.
  • Insolvency: Former lawyer turned investor, Jason Mendelson, also highlights a potential consequence of convertible debt that has not received much attention in the media. Since convertible notes are debt, companies should recognize them as liabilities. Yet, because convertible debt usually converts to equity, few people actually recognize it as a liability on their balance sheets and financials. When properly recognized as a liability however, convertible debt may incidentally put many startups into insolvency immediately upon receipt, since few seed stage companies have any assets of significant value to offset these liabilities. In some states, courts impose additional duties and personal liability on directors towards creditors when a company is insolvent.
  • Creditworthiness: Finally, closely related to the insolvency issue is how convertible debt may impact startups creditworthiness. Again, because convertible debt is a liability, startups may have problems receiving credit lines or borrowing from traditional institutions if their balance sheets appear to be saddled with significant liabilities.

Convertible Equity

 Convertible equity is a type of security that seeks to remedy the aforementioned issues attendant with convertible notes. Generally speaking, convertible equity is a contractual arrangement wherein the investor agrees to contribute money to the startup in exchange for some future equity upon a qualified financing. Convertible equity functions similarly to convertible notes but eliminates two critical features of convertible debt: maturity dates and interest rates. The effect of eliminating these two aspects of convertible debt are best seen by considering the same factors that hamstring convertible debt:

  • Maturation: By eliminating the repayment feature, the threat of an investor demanding repayment and derailing the startup disappears. Investors no longer risk becoming lenders under most state law regimes, and founders can focus on developing products and services.
  • Interest: Without interest, startups don’t have to spend time managing complex financials and cap tables to keep track of various interest rates across noteholders. Philosophically, eliminating interest aligns these securities more closely with traditional equity financing as well, an initial inspiration for the creation of convertible debt.
  • Insolvency: Convertible equity can likely be recognized as equity on a company’s balance sheet, eliminating the risk of insolvency and unintentionally heightened duties owed to creditors. According to its creators, there may even be tax benefits if the securities can be qualified as qualified small business stock.
  • Creditworthiness: Finally, while it is unlikely that convertible equity can be used to significantly enhance a startups credit profile, it does not pose the same threat of harming a startup’s creditworthiness by saddling its balance sheets with liabilities.

Convertible equity can also be outfitted with most, if not all of the additional characteristics and rights of convertible debt such as valuation caps and discount rates. It can also include many of the rights offered in equity financing rounds, although negotiating these extensively would run up legal costs and mitigate any potential benefits for using convertible equity. Most importantly, because convertible equity is modeled after convertible debt, the deals can be completed just as quickly and cost effectively.

Is it right for you?

Despite emerging only three years ago, convertible equity shows signs of promise for many early stage ventures. There is at least one estimate that nearly 25% of recent early stage deals have used convertible equity, and in 2013 Y Combinator promulgated a set of convertible equity documents they dubbed the SAFE agreement (simple agreement for future equity). Yet, despite the increasing prominence of convertible equity, founders should still question whether pursuing this type of financing will be beneficial.

In making this choice, the considerations should be similar to those that arise when choosing between conventional equity financings and convertible debt. Is limiting the time expended raising funds important? Are you trying to minimize your legal fees? How sophisticated are your investors, and will they insist on negotiating for extensive rights as part of the financing? If expedience and cost are significant factors, convertible equity poses an attractive alternative to convertible debt for all of the above reasons.

The last hurdle startups may face is in convincing investors that are inexperienced with this form of financing that it’s a safe, viable alternative. As accelerators like Y Combinator move towards this model, more startups will find it easier to have this conversation with their investors, but convertible equity is still nascent. For this reason, startups in communities with more developed legal and VC practices such as those in Silicon Valley may find it easier to make the shift to convertible equity. With time however, I believe this form of financing will be more appropriate than convertible debt in many, if not most instances for early stage financings.

By

Avoiding Misclassification – Employee or Independent Contractor?

KeAndraBBlogPic

In a previous post called “Hiring Tips for First Time Entrepreneurs,” we briefly discussed some of the factors considered by the IRS in classifying a worker as an independent contractor versus an employee (e.g. whether the worker operates under a separate business name, whether the worker uses his or her own tools for the job and sets his or her own working hours, and whether the worker serves more than one client). As the previous post noted, the IRS worker classification test centers around the degree of control or supervision the employer exercises over the worker. This post will break down some of the key additional factors that can help your startup determine whether to classify a worker as an employee or an independent contractor.

It is important for any business to avoid misclassification; however, it is even more important for a startup, because startups need to be especially careful with keeping costs and liabilities down, and the consequences of misclassification are expensive.  Misclassification can leave your startup subject to class actions and individual lawsuits, and liable for thousands of dollars in back wages, penalties, fines, workers compensation premiums, insurance contributions, and tax liabilities. So, the consequences of misclassification are serious, and your startup needs to be careful to avoid them. The IRS uses a test that focuses on three basic categories to weigh against each other and assist in making its determination on the question of whether a worker has been properly classified: (1) behavioral control, (2) financial control, and (3) type of relationship.

Behavioral: Does the startup control (or have the right to control) what the worker does for the startup and the method in which the worker does it? Ask yourself if your startup is doing any of the following:

  • providing training to the worker
  • giving detailed instructions on how to perform the task

If this is the case, your startup is exercising behavioral control over the worker, and this may favor classification as an employee. Independent contractors are usually just that—independent. This means they should have control over the methods they use in carrying out the task.

Financial: Does the startup control (or have the right to control) the financial/economic aspects of the work? Ask yourself if your startup is doing any of the following:

  • providing tools and supplies for the worker
  • reimbursing the worker for expenses
  • paying the worker a salary or guaranteed wage on a regular basis (e.g. a wage that is paid hourly, weekly, etc.)

If this is the case, your startup is exercising financial control, and this may favor classification as an employee. Independent contractors should be making their own investment into their business by covering their own expenses, and are typically paid a flat fee for their services.

Relationship: How do your startup and the worker perceive the relationship? Ask yourself if the worker is doing any of the following:

  • working for an indefinite period of time for your startup
  • receiving employee benefits from your startup (e.g. sick leave, insurance, etc.)
  • providing services that are integral to an essential part of your startup

If this is the case, the relationship favors classification as an employee. Independent contractors are usually hired for a specific period of time, do not receive benefits, and are not providing a service that is essential to the core of the startup’s business. Additionally, while the IRS does not have to confirm independent contractor status simply because an employer has a contract stating that the worker is such, it is helpful for your startup to have a contract in writing that (1) states that the worker is an independent contractor, and (2) explains the nature of the relationship in the context of the factors listed above.

Since the IRS weighs these factors, and working relationships evolve over time, it is likely not possible for an employer to know for certain that a worker has been properly classified. This is why it is important for your startup to do the following prior to classifying a worker: (1) review all of the factors provided by the IRS (located at http://www.irs.gov/Businesses/Small-Businesses-&-Self-Employed/Independent-Contractor-Self-Employed-or-Employee), (2) put the agreement in writing, and (3) audit to ensure that your startup’s relationship with the worker is not evolving into one that would be considered an employer-employee relationship in view of these factors.

 

By

A Primer on Privacy

The Public Trial of Samsung’s SmartTV

In early February 2015, Shane Harris at the Daily Beast reported on a provision in the Samsung’s Privacy Policy:

“Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.”

This clause sparked outrage, and comparisons to Big Brother in George Orwell’s 1984, online:

“Samsung’s Smart TV privacy policy sounds like an Orwellian nightmare” – The Verge

“Careful what you say around your TV. It may be listening. And blabbing.” – The Daily Beast

“Left: Samsung SmartTV privacy policy, warning users not to discuss personal info in front of their TV Right: 1984” – Parker HigginsEFF Activist (as shown in the above image)

Samsung was forced to act quickly. By amending its policy for clarity and revealing more about how the system works in a blog post titled “Samsung Smart TVs Do Not Monitor Living Room Conversations,“ the company attempted to stem the tide of complaints from privacy and consumer advocates. The voice recognition system would only be triggered by the user pressing a button on their television remote or the user stating one of the several predetermined commands. In the latter event, voice data is apparently not transmitted. Samsung also identified who the third party would be, Nuance Communications, Inc. Additionally, they guaranteed that it would be possible opt out of the voice recognition system entirely.

While the system Samsung described isn’t particularly novel, and likely doesn’t reveal anything secret, it did initially provoke some visceral reactions. The internet storm surrounding the policy started conversations, yet again, about the privacy practices of services and companies we engage with every day. For the entrepreneur, it should serve as a reminder and incentive to develop your policies early, review them often, and ensure compliance with your own polices. This post will serve as a primer on the essentials of privacy policies.

Privacy Policy Basics

 What is a privacy policy?

A privacy policy is a document that describes to users of your service, usually a website or mobile app, the data you will be collecting, how it will be collected, and how you will be using it. Depending on the nature of your website this data could range from usernames, email addresses, and very limited browsing information stored in a cookie to highly sensitive personal information such as credit card numbers, health records, personal names, and addresses. A privacy policy will typically discuss your intentions for the data and how it is stored and transferred securely. If you intend to process some information about your users for directed advertising, or sell user information directly, you should disclose information relating to what data is shared, what kinds of third parties (meaning companies the interaction with which the user will have no control over or possibly knowledge of) will be handling the data and how the data is secured.

Why do you need one?

In the US, there is no general federal requirement that a service provides a privacy policy. Instead it is a patchwork of statutes that cover services targeted to children (COPPA), financial services and banks (FCRA), and health-care providers (HIPAA), among others. However, some states have taken it upon themselves to mandate this kind of disclosure. Specifically, California requires “any commercial web sites or online services that collect personal information on California residents through a web site to conspicuously post a privacy policy on the site.” This may include posting the policy directly on your web site homepage, or linking to it using the word Privacy. Here is a more in-depth explanation.

Many countries and regions have created their own standards and regulations. The European Union has highly developed privacy law and has a set of principles endorsed through a directive: transparency, legitimate purpose, and proportionality. While the US government has created a program for US companies to comply with these principles, any company specifically planning to do business in Europe or collect data from individuals from the European Union should exercise great care. (For the curious, the summary article on Wikipedia is a quick introduction).

In the US, the Federal Trade Commission is responsible for regulating business practices and has the potential to issue fines for unfair practices. Failure to adhere to your own policies can be such a practice. The company facing liability may have acted deliberately, or may simply have inadvertently given access to an untrustworthy outside party.

Consumers are beginning to pay attention to privacy and security. As demonstrated by the Samsung debacle, a company that is clear, concise, and open with their privacy policies may have a leg up in organically growing goodwill while a company that is deceitful, deliberately confusing, or formalistic in their policies risks at best embarrassment and possibly outrage or loss of customers.

Lastly, if you plan to publish a mobile app, Apple, Google, and Microsoft may require a privacy policy accessible from your app or the respective store.

How do you write one and what should you be thinking about?

It is likely not wise to rely solely on a free privacy policy generator (easily found through an internet search). At the bare minimum, you should be highly critical of anything generated without an in-depth analysis of your business needs and practices. While writing your company’s privacy, you will want to consider:

1) What information are you collecting? What do you need?

Are you collecting everything just in case it becomes useful? Are you processing payment information or health information? Is your service covered by COPPA, or another special federal regulation? Are user interactions with the website tracked and logged?

Specifically identify the types of information collected.

2) How are you going to use and protect the data?

Are you recording information to improve usability and meeting consumer demand? Do you plan on generating revenue through targeted advertising? Is the information securely stored on servers you maintain or through another provider? Will the data be sent to outside companies and if so, what do their policies look like?

You don’t need to reveal secrets about your company’ strategy, and obviously you shouldn’t give away anything sensitive about your data security policies, but make sure your customers know their information is safe.

3) Are there chances that your uses will evolve?

This is where knowledge of your business plans becomes important. Are you engaging in a high growth model, with revenue to come later? Is it foreseeable that you may need to open up your data collection to another party for auditing purposes? How much control will you be giving to your users regarding storage of their information?  Even if you later revise your policy, you might need users to affirmatively opt-in to the revised policy in order for it to cover data collected under the prior policy.

4) How do you plan to notify your users of changes?

By being open (or even collaborative) with your users, you can quickly foster a sense of community and trust. In the alternative, by alerting them to updates to your policy or describing what was changed and why you can keep control over your terms without being seen as having an ulterior motive. It is important to designate the date your policy becomes effective for the initial version and each update.

5) How advanced will your user base be?

In some cases it may be preferable to provide an additional slimmed down version of your policy that explains your behavior in simpler terms. This could also be accomplished through creative uses of formatting and headings. There are a variety of approaches to this ranging from a basic approach to a sophisticated summary of terms.

 

 

By

Why Should You Consider Filing A Provisional Patent Application

 

Provisional patent applications can help entrepreneurs beat the clock by establishing important filing dates

Provisional patent applications can help entrepreneurs beat the clock by establishing important filing dates.                                             Image by opensourceway.

Since March 16, 2013, the United States switched from a first-to-inventor to a first-to-file patent system, which means the first inventor to file an application (but not necessarily the first to invent), gets the patent. As a result, it is important to file a patent application to claim priority over the invention soon after the invention is conceived (i.e. once the inventor has created a definite and permanent idea of the complete and operable invention) and capable of being described. Moreover, having an invention that is patent-pending adds value and credibility to a business, which helps the business seek additional financing.

However, filing a regular patent application (i.e. non-provisional) can be very expensive, ranging from several thousand dollars to over twenty thousand dollars, which is often outside a business’ budget, especially in its early stages. Additionally, a non-provisional patent application is examined by the Patent & Trademark Office and an applicant’s responses to the examiner’s rejections also incur significant legal fees. This is where a provisional patent application can come in handy. A provisional patent application allows you (the inventor) to claim priority to the invention (and claim that you have a “patent pending”) and push off some of the costs associated with a non-provisional application.

What is a provisional patent application?

A provisional patent application is a temporary patent application that includes the specification of the invention, including sufficiently detailed description and drawings to allow another to make and use the invention. The drawings can be hand-drawn or computer-created (though the latter may be better for business reasons). Moreover, the applicant does not need to draft any patent claims. Because there is no examination of the patentability of the provisional application at the USPTO, the filing fee is relatively low – $65 for micro entities, $130 for small businesses, and $260 for all others. Although ultimately you will need to file a non-provisional patent application in order to obtain a patent in the United States, the provisional application allows you to (1) have an effective filing date that a later non-provisional patent application, filed within 12 months, can claim priority to and (2) say that you have a “patent pending”, which can add more value to your business.

What are the benefits of applying for a provisional patent?

One of the key benefits of a provisional application is that it has few formal requirements, which can translate to a lower cost of obtaining early protection for your invention. As mentioned above, a provisional patent application does not require disclosing any patent claims. Because there is no examination process, an applicant will not have to incur legal fees in responding to “office actions” until after a non-provisional application is filed.

A related benefit of the provisional application is that it allows you to delay filing a non-provisional application for 12-months. A successful and valuable invention is often a work-in-progress, and this grace period can be very valuable for evaluating the merits of the invention and making improvements. While aspects of your invention may be sufficiently concrete and detailed for you to seek protection for, there are still parts that you may want to research and develop. One flexibility to a provisional application is that when you file a non-provisional application, you can claim the priority to multiple provisional applications so long as they are within the 12 months prior to your filing date. In other words, you can combine multiple iterations of your invention into a single document, which is beneficial if you’re still in the processing of developing and perfecting your invention.

In addition, this 12-month grace period can be especially helpful for small entrepreneurs or businesses that do not have the funds upfront to afford filing a non-provisional application. As mentioned earlier, the cost of filing a provisional application is relatively low, especially if you qualify as a micro-entity. Provisional applications allow you to immediately establish a filing date for your invention and to begin promoting and seeking additional funding for your invention without the worry that by disclosing your invention to others, you may lose your claim to your invention. Because the “novelty” of your invention is generally judged as of your filing date, this early filing date can have enormous benefits. By filing a provisional application (and within 12-months, the non-provisional application), if a patent is issued, you can claim priority to the date you filed the provisional application and exclude others from making, using or selling products that embody your invention.

What are the risks of filing a provisional patent application?

While a provisional patent application does not require many of the formalities (such as patent claims or formal drawings) of a non-provisional application, it still must be drafted with care. The provisional application must sufficiently enable and describe the invention that you will later claim in your non-provisional application. If the provisional application does not provide adequate description to enable the claims in non-provisional application, the claim will not be able to benefit from the provisional filing date. As a result, a public disclosure after the filing of the provisional application but before the filing of the non-provisional application could invalidate the claims. For more information about the risks of filing a provisional patent application, see our prior post on the risks of filing a “cover sheet provisional” application.

What are the next steps after filing a provisional patent application?

One important point to keep in mind is that filing a provisional patent application is just the first step towards obtaining protection for your invention. Ultimately, you still need to file a non-provisional patent application to obtain a patent, and to take advantage of the earlier filing date of the provisional application, you must file a non-provisional application within 12-months. Thus, if you’re planning on referencing multiple provisional applications, the critical date you want to file your non-provisional application by is 12-months from the filing date of the earliest provisional application to which you want to reference.

Lastly, so long as you do not run afoul of any of the statutory bars (e.g. offering to sell the invention or publicly disclosing the invention), even if you cannot file a non-provisional application within 12-months and claim priority to it, it will not cause you to lose what you have disclosed in your application because the provisional application is not published.

By

What’s in a Name? (According to the App Store)

Startups should confirm that their product name does not have any conflicts with other app names.

Startups should confirm that their product name does not have any conflicts with other app names.

Picking a product name may be one of the hardest tasks faced by a mobile app startup. The ideal name is one that seizes people’s attention and stays in their memory, conveys some desirable quality of the app, and—despite an increasingly crowded marketplace—steers clear of infringing other companies’ trademarks. That’s a lot of boxes to check. Startup founders may have to rely on their own creativity to come up with a memorable and evocative name, but they can mitigate the risk of committing trademark infringement by following a few concrete guidelines. This article briefly discusses these guidelines for a startup seeking to release an app in Apple’s App Store.

Trademark Basics and Searching Registered Marks

Trademark law prevents one from using a mark (such as an app name) that is likely to cause customer confusion with an existing mark. Additionally, Section 8.5 of Apple’s App Store guidelines for developers says simply: “Apps may not use protected third party material such as trademarks, copyrights, patents or violate 3rd party terms of use.” This means that Apple, through its own guidelines, has the ability to enforce what it perceives to be the trademark rights of others. That raises the question of whether your app uses another’s trademark.

As covered in previous posts, trademark protection can be acquired through registration with the USPTO or through use in commerce. Founders should check both avenues before committing to a name. The first step simply involves searching USPTO’s Trademark Electronic Search System to see what else is already registered under the proposed name.

Testing the Waters

Sometimes people don’t register with USPTO, but they might still enjoy trademark protection. To determine whether protection has been acquired through use in commerce, an app developer seeking to release an app should search the App Store. This is actually less intuitive than it sounds because Apple separates content in the App Store by device. The easiest way to run a comprehensive search is to go to the iTunes Content Dispute page, and provide your contact information to log in (it doesn’t have to be real if you don’t actually intend to submit a complaint). This takes you to a page (as shown below) with a drop down menu from which you can select iPhone apps, iPad apps, and Macbook apps to search the App Store for each device.

Running a comprehensive search of the App Store can be less intuitive than it sounds because Apple separates App Store content by device.

Running a comprehensive search of the App Store can be less intuitive than it sounds because Apple separates App Store content by device.

You found a similar name. Now what?

Even if a prospective name has been registered or is in use on the App Store, a founder might still be able to go forward with it. Courts apply a standard based on the “likelihood of confusion,” considering factors such as similarity of product/service, strength of the prior user’s mark, etc. So for example, if a founder wanted to use the name “Wizard” for a mobile gaming app, a company which has registered the trademark “Wizard” but is in the construction industry will probably not have a good claim since their product/service is not similar. Similarly, a developer will likely have less risk if it uses a highly descriptive name (for example “storefinder” because anyone else using a similar mark for a similar purpose would likely not have strong trademark rights, if any.

There are several risks associated with using a similar name to an existing app, including:

  • Apple may decline to place your app on the App Store citing Section 8.5 of its Guidelines if it believes your app is using another’s trademark;
  • the owner of the similar mark may complain to Apple and cause Apple to remove your app from the App Store;
  • the owner of the similar mark may seek to enforce its trademark rights directly against you (for example, by sending a cease and desist letter, opposing your trademark registration, or pursuing litigation); and
  • consumers mistakenly downloading your app (seeking the other app with the similar name) may cause havoc with your conversion metrics.

Apple delaying or denying an app’s placement on the Apple Store, or removing your app from the App Store in response to a third party complaint is of particular concern. Apple might be incentivized to err on the side of caution. For example, in response to a complaint, it is easiest for Apple to verify that two apps are similarly named and remove the latter app. It would be costly for them to analyze the “likelihood of confusion” factors for each case that gets brought to their attention. So developers run the risk that Apple can remove their app even if they are legally in the clear with regards to a trademark.

So what’s a founder to do? If the founder has identified sources of risk through TESS or the App Store, s/he should assess the size of the risk. How active and successful are the other companies? Are multiple people operating under the same or similar names? How similar are the other products/services? More often than not, it is best for founders to avoid the numerous problems posed by similarly named existing apps. If a founder continues to see significant value in a chosen app name, despite the existence of an app with a similar name already on the App Store, an experienced trademark attorney can help to quantify and suggest steps to mitigate the risk.

By

Application of HITECH and HIPAA to Healthcare Startups

JakeGatofBlogPic

When working with a startup with a technology in the healthcare space, attorneys should be aware that there are new rules and regulations that can have a major impact on how the product should be built and sold to customers.

The HITECH Act revises the definition of a “business associate” so as to require a company to follow HIPAA regulations if it “creates, receives, maintains, or transmits Protected Health Information (PHI), or “maintains” PHI on behalf of a covered entity (hospital/other providers), or if it is any subcontractor of that entity who will have access to PHI.

Steps to Mitigate Risk:

One way to help your client avoid HIPAA liability is to simply de-identify all health information.  This is of course one method to make PHI unusable, unreadable, or indecipherable to unauthorized individuals, and once PHI has been de-identified in accordance with the HIPAA Privacy Rule, it is no longer PHI and, therefore, no longer subject to the HIPAA Privacy and Security Rules.  The Standard for De-Identification is § 164.514(a).  Health information that does not identify an individual, and with respect to which there is no reasonable basis to believe that the information can be used to identify an individual, is not individually identifiable health information.  There are two ways to ensure that health information has been de-identified, one using an expert determination under 164.514(b)(1) and one through satisfying the requirements of the Safe Harbor enumerated under §164.514(b)(2).  In the startup world, cost of an expert determination makes the Safe Harbor the better option if de-identification is a possibility at all.  Of course with many profile-based software, de-identification may become a serious hurdle to overcome in software design.  Consulting your clients about the benefits of building the technology without such identifying information would of course ease the requirements of complying with HIPAA requirements.

Another way to mitigate potential HIPAA liability is to follow the HIPAA encryption guidelines.  As rulemaking following the HITECH act iterates, “While covered entities and business associates are not required to follow the guidance, the specified technologies and methodologies, if used, create the functional equivalent of a safe harbor, and thus, result in covered entities and business associates not being required to provide the notification otherwise required by §13402 in the event of a breach.”

Encryption works to make PHI unusable, unreadable, or indecipherable to unauthorized individuals only if one or more of the following applies:

If the Electronic PHI has been encrypted as specified in the HIPAA Security Rule by ‘‘the use of an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key’’ and such confidential process or key that might enable decryption has not been breached. Certain encryption processes have been tested by the National Institute of Standards and Technology (NIST) and judged to meet this standard.

Conclusion:

Understanding how HIPAA privacy regulations may now apply to startup clients entering the healthcare IT software space is essential to limit your client’s potential liability.  One option to deal with this risk is to suggest complete de-identification of information through the satisfaction of the Safe Harbor requirements or through an expert determination. The other option is to point your client to the functional encryption safe harbors as tested by the National Institute of Standards and Technology.  Furthermore, the earlier along in the process clients become aware of these requirements, and how they can mitigate risk, the more easily clients may be able to adjust the design of their technology to ease the burden of compliance.

By

Trademarks in National Parks

A looming trademark dispute involving our national parks illustrates the importance of clarifying trademark ownership.

A looming trademark dispute involving our national parks illustrates the importance of clarifying trademark ownership. Photo by David Liff.  License CC-BY-SA.

Like the giant sequoias, there is a trademark dispute rising out of Yosemite National Park. Delaware North, a concessions powerhouse, has operated the hotels, restaurants, and other concessions in Yosemite since 1993. Their contract is set to expire in 2016, and as other firms line up to bid on the new contract, Delaware North has made clear to the Park Service that it claims to own the intellectual property in the names of famous sites like the Ahwahnee Hotel and Curry Village. The National Park Service disputes this claim, and says that the names, which historians suspect have been in use for over 100 years, belong to the American people. Delaware North claims the IP is worth $51 million, and says it will seek that amount if the Park Service wants to use the names without Delaware North’s permission.

Background on Trademark Law

The situation implicates some core issues of trademark law and serves as a good trademark primer for entrepreneurs unfamiliar with the field. Words, phrases, logos, and other designators of a product’s source are granted protection under federal law via the Lanham Act. While registering a trademark with the federal government grants certain protections and other benefits, one does not need to register a trademark for protection to exist. For both registered and unregistered marks, trademark protection is gained through use of the mark in commerce in a way that serves as a source designator. While registering a mark gives the registrant nationwide priority to the mark over subsequent users, the first user of any mark has rights to it, registration or not, given certain geographical and industry limitations.

Delaware North’s Potential Trademark Rights

Delaware North acquired the trademark registrations from the company from which it bought the Yosemite properties. Delaware North subsequently sold the properties to the National Park Service, but retained assets like furniture, vehicles, and as Delaware North argues, the IP) and began running the concession for the Park Service. Delaware North’s ownership of the registrations in the park properties, however, is not conclusive as to the marks’ rightful owners. As the National Park Service points out, if another party used the mark as a source designator before the registration, they could have rights in the mark. While a party that has not used a mark for more than three years is generally considered to have abandoned the mark, Delaware North should not expect the Park Service and other interested groups to give up easily.

Lessons for Entrepreneurs

The takeaway for entrepreneurs is that trademark rights can become extremely valuable and it is of the utmost importance to establish whether or not you have rights in a mark you are using early on. This can be especially important when partnering with third parties. Entrepreneurs should understand that ownership of tangible property does not necessarily mean that rights in related intellectual property are secured. As a product or service is marketed to the public under a consistent brand, the trademark rights in that brand will likely increase in value. Entrepreneurs should ensure that they have the necessary rights in any brand related to their products or services.

By

Are Trademark Disputes Brewing in the Craft Beer Industry?

The craft beer industry may be ripe for trademark disputes due to the increasing number of breweries, limited number of beer-related puns, and large number of small-scale operations.

Trademark is an important but often overlooked area of the law for new startups and small businesses. Many entrepreneurs believe that merely registering a company with a state as an LLC or Corporation secures trademark rights in the name or brand, while others assume they can secure protection by maintaining a website or social media presence. It is true that each of these steps might help expand protection, but neither will definitively establish the right to prevent others from using a particular mark or independently bestow rights on a company. The lack of understanding has become especially problematic in the expanding market for craft beer, where the exploding number of breweries, limited number of beer-related puns, and large number of small-scale operations have created a veritable minefield of potential trademark issues.

Limited Number of “Punforgettable” Trademarks

One issue stems from the desire to utilize existing pop culture and media to create attention grabbing, punforgettable (see what I did there?) trademarks. “Hoptimus Prime,” “The Empire Strikes Bock,” and “Harry Porter” are certainly memorable, but trading on protected intellectual property and brands can engender lawsuits from big companies with vast resources. These companies are even more likely to bring suits against breweries now that there is some precedent for licensing out popular intellectual property to beer labels (see Game of Thrones branded beer here. 

Local Nature of Early-stage Breweries

A second issue is more problematic because it is difficult to foresee and thus less preventable. The foundation of a trademark infringement claim is customer confusion, and the likelihood of confusion predictably increases when more participants join the market. But when starting out, the primary concern of a small brewery is brewing good beer, and trademark registration is probably doesn’t even enter the mindset of young entrepreneurs trying to keep costs as low as possible. So while a brewery in Oregon may create its own mark independently and believe it to be original, there is no guarantee that a brewery in Massachusetts hasn’t been using the same mark for its own beer. The problem is compounded by the fact that with so many players in the craft beer space, it can be difficult to determine whether someone else is using a mark even if you take the time to search beforehand.

How to Help Protect Yourself

A trademark can be a word, symbol, phrase, design, logo, product packaging, or some combination. The essential requirement is that the mark be used as source designator, so that customers associate the mark with a particular brand or company. For example, Budweiser’s trademarks include its crowned logo and “king of beers” slogan.  Both of these trademarks have been associated with the Budweiser brand, so that when a customer sees them they assume some relationship to Budweiser. For small breweries without the budget for a trademark attorney, the best option to test the availability of a desired mark is to scour the web. First, search the free trademark database and perform a general Google search including your trademark and related terms like “beer,” “brew,” “IPA,” etc. Beer rating sites like beeradvocate.com, which features over 93,000 beer brands, can also be a useful resource for assessing what marks are already being used in the market.

Unfortunately, it may be impossible to know exactly which marks are being used in a fairly regional industry. Since beer can’t generally be sold and shipped to customers across the web, common law trademark protection without registration is far more common, and small breweries may have local clout that doesn’t transcend regions. Still, by performing a few simple searches and conducting due diligence early on, craft beer makers could avoid a lot of potentially ugly legal disputes down the road if business expands and conflicts arise. When thinking long term in any industry, having a memorable mark is great, but avoiding legal disputes is probably better.

By

Updates to Michigan’s Legislative Battle to Permit Ride-sharing Statewide

The Michigan House of Representatives failed to pass on Wednesday HB 5951 which would have permitted ride-sharing companies like Uber and Lyft to operate in Michigan and preempted any more-restrictive local regulations.  The House may take up the bill again today.

The Michigan House of Representatives failed to pass on Wednesday HB 5951 which would have permitted ride-sharing companies like Uber and Lyft to operate in Michigan and preempted any more-restrictive local regulations. The House may take up the bill again today.

We recently overviewed Michigan’s proposed legislation, HB 5951 that would effectively allow ride-sharing services like Uber and Lyft to operate statewide by preempting local regulations. Here is a quick update to the status of this proposed legislation.

Michigan’s House of Representatives Fails to Pass HB 5951 on Wednesday

As reported by MLive, Michigan’s House of Representatives did not pass HB 5951 yesterday.  A House committee approved the bill last week and sent it to the House floor for a vote.  The bill would permit ride-sharing services to operate in Michigan provided they met certain requirements (outlined here) that are largely consistent with Uber’s current practices.

Yesterday, the House failed to pass the bill.  The bill is still alive, however.  Here is what happened, as outlined in the Journal of the House of Representatives for yesterday’s session.

  • The House made certain changes to the bill, including exempting from Michigan’s Freedom of Information Act any list of ride-sharing drivers provided to the state as required by the bill.
  • An amendment was proposed, but failed to pass, that would allow local municipalities to still pass their own ride-sharing regulations, even those more restrictive than state law.  This would effectively strip HB 5951 from having its primary impact (of having uniform state-wide requirements for ride-sharing services).  In particular, the amendment stated:

    Sec. 11. (1) This act does not prohibit a municipality or a group of municipalities that form an authority to regulate transportation network companies under the municipal partnership act, 2011 PA 258, MCL 124.111 to 124.123, or the public transportation authority act, 1986 PA 196, MCL 124.451 to 124.479, from adopting a rule, ordinance, or resolution that is more restrictive than this act.

  • When at least 50 representatives voted against the bill’s passage, the House passed on the agenda item.
  • The House will reconvene at 10am today, December 11, and may take up the bill again.  You can watch a live webcast of today’s House session here.

Opposition from Insurance Industry

Michigan's insurance industry continues to oppose HB 5951.

Michigan’s insurance industry continues to oppose HB 5951.

The insurance industry continues to vigorously oppose the bill in its current form, as laid out in its December 9 letter to the House.  One of their primary complaints is the gap in coverage for a ride-sharing driver who is on duty, but not currently carrying a passenger.

According to the executive director of the Insurance Institute of Michigan, HB 5951 leaves a gap in coverage that “may leave drivers and passengers of ride sharing companies at financial risk.”

In the meantime, all eyes will be on the House floor today to see if an agreement can be reached to allow HB 5951 to pass a House vote.

By

Uber’s Regulatory Drama Continues: Portland Sues Uber

The City of Portland sued Uber on December 8 seeking to enjoin Uber from operating in the city limits.

The City of Portland sued Uber on December 8 seeking to enjoin Uber from operating in the city limits.

Yesterday’s post discussed Michigan’s proposed bill HB 5951 which would implement state regulations permitting ride-sharing services such as Uber and Lyft to operate in the state of Michigan provided they met certain regulations that are largely consistent with Uber’s existing practices.  That bill would preempt various city regulations (such as Ann Arbor’s), some of which conflicted with Uber and Lyft’s existing practices.  Just a few days after Michigan’s house committee approved HB 5951 and recommended the house pass the bill, a strikingly different approach has been taken in Portland, Oregon.

City of Portland v. Uber

On Monday, December 8, the City of Portland sued Uber seeking to enjoin Uber from operating in the city of Portland.  This lawsuit comes just days after Uber began operating in Portland on Friday, December 5.  The conflict involves Portland City Code Chapter 16.40, which requires as follows:

  • “for-hire transportation” drivers must obtain a “for-hire transportation” permit
  • for-hire vehicles must have certain decals and plates
  • taxicabs must adhere to certain fare and meter rates
  • taxicabs must adhere to certain regulations related to wheelchair accessibility
  • for-hire vehicles must maintain certain levels of insurance
  • taxicabs must maintain a dispatch system in operation 24 hours/day
  • taxicabs must service city-wide 24 hours/day, 7 days a week and accept any request received within the city
  • taxicab companies must have at least 15 cabs in their fleet and have at least 2/3 of their fleet in service at all times
  • for-hire vehicles must pass regular inspections
  • for-hire vehicles must be equipped with digital security cameras

According to the City of Portland’s complaint, which can be read here, Uber violates Portland City Code because it:

  • does not hold a valid company permit
  • all prospective Über customers must first download the Uber app and enter into an online agreement under terms dictated by Uber, including a waiver of any and all liability to Uber
  • the customer must provide credit card information to Uber, which is charged, rather than having drivers collect a fare from the customer
  • customers hail an Uber vehicle through the Uber app instead of a human dispatcher
  • the Uber app calculates fares based on time and distance rather than through a certified taxi meter
  • Uber’s drivers and vehicles are personally insured, and Uber does not require its drivers to purchase commercial at insurance
  • Uber does not require its drivers to be certified by the City of Portland
  • Uber’s drivers are not required to be dispatched to all ride requests in the city, but rather only to passengers who can pay via credit card and have access to the Uber app or website to request a vehicle

Portland’s Cease and Desist Letter to Uber

On December 8, the City of Portland sent a cease and desist letter to Uber demanding that Uber cease operations in the city limits.  The cease and desist letter is attached to the complaint as Exhibit A. While there have been varying reports of the city’s enforcement against individual Uber drivers, it does appear the

Support for Uber and Success in Other Markets

As of publication, close to 10,000 individuals have signed a petition to support Uber’s operations in Portland.   Uber remains wildly popular and it generally overcomes the legal obstacles it has faced in other markets.  As previously reported, Uber faced initial obstacles in Ann Arbor and Detroit.  While Ann Arbor sent Uber cease and desist letters, it generally did not crack down on Uber’s operations, and now a Michigan bill is likely to preempt any local regulations.  In Detroit, Uber worked with the city to enter into an operating agreement stipulating how the company could operate in Detroit.

Ride-sharing In and Around Portland

While regulatory issues are nothing new to Uber, the situation in Portland is slightly unique.  Uber is already operating in several cities in close proximity to Portland, for instance, Vancouver Washington.  Additionally, various tweets, such as the one below, were bring broadly disseminated citing the limited availability of traditional taxi services in and around Portland:


 Going Forward

Going forward, the legal questions related to whether Uber is complying with Portland’s City Code appear to be relatively clear:  Uber is not.  As in other cities, this is likely not a legal battle, but rather one of politics and policy.  If Portland desires to have Uber available in its city, it will ultimately amend its city code to provide for transportation network companies such as Uber, to obtain permits to operate in the city.  Alternatively, as happened in Michigan, the state of Oregon could pass statewide regulations that preempt the regulations of any particular municipality, thus permitting Uber to operate statewide as long as it abides by the state-level regulations.

So far, Uber’s tactics of commencing operations and then working out any regulatory hurdles have worked out with staggering success.  Indeed, Uber recently raised another $1.2B at an amazing $40B valuation.  So far, Uber has proven that massive customer acquisition can cure all evils – even legal and regulatory ones.