The following articles have been authored by Joe Valof Esq [the first 2 were published in top-tier legal journals]. Joe is an in-house corp tech counsel specializing in contracts and licensing projects. NEED HELP WITH A CONTRACT PROJECT/ISSUE, contact Joe at: igcatty@earthlink.net for a complimentary consultation.
Operating In An Uncertain Global Marketplace: How To Survive
Industry leaders operating in today’s global marketplace will face some serious business and legal issues related to: intellectual property [IP] ownership, FCPA [Foreign Corrupt Practices Act] bribery, data privacy, sexual misconduct, patent trolls, and remote working. The world-wide pandemic has also added to the uncertainty of the marketplace. Following is a brief snapshot of these issues, working them will certainly be challenging:
IP ownership: the lower courts have heard two important legal issues: can software code be copyrighted and when does ‘Fair Use’ apply. The U.S. Supreme Court has agreed to take up Google’s decade long battle with Oracle, the case now referred to as Google vs Oracle. Court hearings are scheduled for October 7, 2020. Hopefully, the industry will get some guidance and/or closure on these issues. This battle started when Oracle sued Google for copyright and patent infringement of their software program that was licensed to Google. Should there be an unfavorable ruling by the Supreme Court, marketing executives will need to reassess their marketing strategies as to how best to market their software. One possible model could be as an open source product, either a ‘Community’ open source or an ‘Enterprise’ open source, which would be vendor supported with no source code to the user. There are various open source license agreements available that a company can use.
With regard to ‘Fair’ Use, U.S. copyright law allows limited use of copyrighted materials for purposes of news reporting, research, criticism, to name just a few, without permission or payments to the copyright holder. Fair Use determinations are generally made by state courts, the problem however is, that state Judges have had difficulty determining what constitutes fair use so there have been many varying decisions. Hopefully, the Supreme Court with set some new guidelines for the courts.
Another critical AI ownership issue is that many developers are using the same underlining AI technology to develop their products, so the question becomes ‘who owns what’. Again, the marketing solution mentioned above could avoid patent and copyright litigation, which is very time consuming and costly. A recent USPTO [U.S. Patent and Trademark Office] inventorship decision that an AI intelligent machine can not be named as an inventor on a patent. USPTO is currently reviewing the patent laws, with the objective of updating them to recognize today's technology. Also, under a recently implemented ‘interim’ export regulation, developers may need a license to export certain AI software and/or related services referred to as ‘emerging technology’, to a foreign country or to a foreign national employee. Additionally, a Presidential Executive Order was implemented in February 2019 setting forth rules and regulations governing the development and use of AI.
FCPA bribery: the FCPA is a federal criminal statute related to making unlawful payments or giving things of value to a foreign official in return for getting business from that government. A violation could result in very sever financial penalties, as well as possible prison time. There are two settlement options offered by DOJ/SEC that companies can take advantage of, a DPA [Deferred Prosecution Agreement] or an NPA [Non-Prosecution Agreement]. Management needs to fully understand the consequences of accepting either of these two agreements. Also, many other countries have implemented similar bribery laws so a company can be hit from both ends. Needless to say, it is extremely important that companies complied strictly with FCPA.
Data Privacy: in 2018 the EU [European Union] implemented a very complex General Data Protection Regulation [GDPR] which protects EU consumers’ data. US companies who export EU consumers personal data must comply strictly with GDPR via the EU-US Privacy Shield. However, in July 2020, the European Court of Justice (ECJ) invalided the Privacy Shield claiming it was not strong enough to provide the protection required. The EU and US Commerce Department are currently in talks to come up with stronger protection rules. In the meantime, US companies will need sign the [old] ‘standard contractual clauses’ or have Binding Corporate Rules [BCR] in place.
Companies doing business in CA, must comply with the California Consumer Privacy Act [CCPA], which went into effect on Jan 1, 2020. This Act also contains a very complex set of rules for protecting personal data. Many other states are also in the process of implementing privacy legislation, so, until the federal government implements a federal privacy law, companies will need to understand and comply with a host of differing state privacy requirements. Including an arbitration clause in all applicable contracts could help mitigate the company’s financial and legal exposure. A privacy policy should be implemented naming a Privacy Officer.
Sexual Misconduct: bullying and sexual harassment in the workplace is rampart and out of control in corporate America. Can it be stopped, probably not. Having a very strong company policy as well as including ‘Weinstein’ and morals clauses in applicable agreements may help to mitigate a company’s financial and legal exposure. The #MeToo and other similar movements have not as yet made a meaningful impact in corporate America.
Patent Trolls: unfortunately, patent trolling is not illegal, Trolls buy patents from distressed and bankrupt companies with the intent of suing companies claiming they are infringing on their patents, most being baseless claims. Since these companies do not have the financial resources to defend, they find it cheaper to pay off the Troll. Various industry groups have formed a non-profit consortium which has helped ward off Trolls. Each company signs an agreement which includes an immunity clause. Joining one that fits your business model is very easy.
Remote working: the COVID-19 crises has caused many businesses to resort to remote work-at-home for their employees and contractors. If employees and contractors will be using their own devices [computers, cell phones, storage devices, etc]. to conduct company business, it is very important to make sure that all parties understand and acknowledge that the company is the sole and exclusive owner of all confidential and proprietary business information residing on those devices. Therefore, a strong BYOD (Bring Your Own Devices) policy should be implemented. Remote working may be the waive of the future so this becomes a critical to do.
Key takeaway: Engaging in best practices and being innovative will certainly help to mitigate a company’s financial and legal exposure.
PROTECTING ARTIFICIAL INTELLIGENCE
Using Artificial Intelligence (AI) technology to develop products such as platforms, software, tools, and apps is currently the most dominating technology in the global marketplace. Businesses across all industries will be facing some critical business and marketing challenges regarding software copyright and fair use. The AI community will be facing additional issues such as technology ownership and patent infringement litigation. The U.S. Supreme Court has agreed to take up and address the legal issues raised from the long eight -year Google/Oracle battle as to whether software or parts of it are copyrightable and when fair use is applicable. How the court rules on these two issues could have a severe impact on how software
is licensed/sold. If the Supreme court rules unfavorably on either issue, users will be able to copy and use the materials without the need to make any payments to the owner, and leaving the door open to competitors. Currently, under U.S. copyright law, Fair Use allows limited use of
copyrighted materials without permission or payment to the copyright holder for purposes of news reporting, research, criticism, to name just a few. In addition to the software and fair use issues, the AI community will also face issues such as ownership and patent infringement lawsuits. Many companies are using the same underlining AI technology so the question is,
“Who owns what?” Back in the early 80s, Richard Stallman launched what he called the free software movement to market software as Open Source Software. Free in this context means that users are free to distribute, copy, use, edit, and improve the software so long as the edits and improvements were provided back to the community. The developer certainly can charge a
fee for its products.
VIA Technologies, a global AI developer has taken the initiative by designating its recently released VIA-AI APP, a Smartphone Driver Assistance APP, which is available to users on GitHub, as an open source product under an MIT License agreement. If the AI community decides to market their software products, platforms, and APPs as an enterprise open
source product, an APP contract could be embedded into each product along with two new provisions: an agreement that neither party will bring an IP lawsuit.
It’s time for the AI community to start thinking about how to best license/sell their products in anticipation of the Supreme Court’s rulings. Being prepared is the best way to stay ahead of the competition. [Published in Law Technology Today, LTT]
Marketing In The 21st Century: Adjusting To The Digital Age
INTRODUCTION: Is your business ready for the ‘Digital Age’! Are you staying ahead of your competitors. This essay provides a brief overview of the new state-of-the-art technological innovations and Time Series Analysis [‘TSA’] tools that could help achieve these goals. The biggest challenges facing business leaders today is developing the applicable platforms and applying these innovations.
TSA IMPROVEMENTS: TSA is a very, very old statistical tool used primarily by economists to identify trends, cycles, and seasonal variances in a variety of situations. It has not been embraced by businesses simply because the right technology was not available. That has now all changed.
In 2003, Professors Clive W. J. Grange [University of California] and Robert Engle [New York University] were awarded the Noble Prize in economics for their pioneering TSA research which provided for such enhancements as the capability to obtain detailed information about: daily sales and forecasting, budgetary analysis, revenue projections, yearly income streams, and overhead expenses, to name a few.
CURRENT TECHNOLOGIES: Today, business leaders have several innovative tool options, such as: Artificial Intelligence [AI], Blockchain [also referred to as Blockchain of Things or ‘BoT’], Internet of Things [IoT], Machine Learning [ML], and Virtual and Augmented Reality [VR/AR], the two hottest being AI and BoT. Briefly, what do these tools do:
- AI: is a technology tool that provides the capability for a machine [computer] to imitate human behavior and helps to automate tasks. Because businesses are being inundated with vast amounts of data that needs to be quickly and accurately processed, this is a perfect tool. As TSA deals with vast amounts of data, AI can certainly help to manage the process.
- BoT: is a technology that was originally developed as an accounting method for bitcoin [BTC]. Since then a host of start ups have emerged doing innovative research in this area and expanded the technology, most notably, to enable the secure processing of internal data and records; law firms and company law departments are also using this technology to develop contract templates [also referred to as ‘smart legal contracts’] and for compliance obligations.
- IoT: is about taking data and creating the ability for rapid, actionable decision making by integrating technologies to provide real-time information.
- ML: is a tool that helps developers make technologies more accessible for constructing computer programs to use the various technologies described
in this essay. - VR/AR: both are digital tools dealing with three-dimensional technology.
To summarize, The fact that colleges and universities are offering courses and degrees in ‘Applied Business Analytics’ [also referred to as ‘Big Data’], is an indication of how important all this technology is, especially when developing marketing programs.
KEY TAKEAWAY: The key take away is prepare your business and don’t let the competition get ahead of you.
ETHICS IN CORPORATE AMERICA: A GUIDE TO AVOIDING LIABILITY
Overview: Executives and Corporate Boards must understand that unethical behavior in the workplace must, at all times, be avoided. This guide provides a snapshot of what ethics and morality is all about, and what executives and directors can and must do to avoid or mitigate both personal and company liability. Whether your company is large, small, public, private, non-profit, or an LLC, the standards are basically the same.
Ethics: The origins and history of ethics is unknown and impossible to trace, but as best as can be determined by historians, goes back at least to the age of Socrates. ‘Ethics’ and ‘morality’ are generally defined as: “A body of moral principals or values of a particular culture or group’; “Pertaining to or dealing with morals or principals of morality”; Conformity to the rules of right conduct; moral or virtuous conduct”. The term ‘business ethics’ was first coined around the 1970s. Its origin was first used in academic writings, teaching, society meetings, and conferences.
Background: In the late 1990’s, ethics in corporate America was practically non-existing. Executives and directors in major global companies [Enron, Tyco, WorldCom, to name a few], who were handsomely rewarded with huge salaries, stock options, and corporate perks, decided they needed more. Personal greed took over and they set up separate company books and records, one set for Wall street and the public, and a true set. Eventually, this caused their downfall and their employees lost their jobs, retirement benefits, pensions, etc. Many executives served prison time and paid heavy fines. As a result of these acts, Senator Paul Sarbanes [D] and Congressman Michael Oxley [R] prepared a bill that Congress passed in 2002. The Sarbanes-Oxley Act [commonly referred to as ‘SOX’ or the ‘Act’], primary purpose was to crack down on corporate fraud by imposing very strict oversight of a company’s accounting practices.
Liability: Executives and Corporate Boards duties, fiduciary responsibilities, and powers are generally contained in a state’s business corporation statute [In MA its M.G.L. 156D], as well as in the company’s by-laws. The primary one is: a duty of care and loyalty to the company and its shareholders. If executives and directors perform their duties in good faith and in a manner he/she reasonably believes to be in the best interests of the corporation and with such care as an ordinarily prudent person in a like position would use under similar circumstances will not [normally] incur liability. Areas to avoid include: commingling business and personal assets; committing fraud by misappropriating corporate assets for personal gain; not disclosing a known conflict of interests or an ethics breach.
Most state statutes also have a rule called the ‘Business Judgment Rule’ [‘BJR’], which basically protects directors from personal liability. The rule presumes that a business decision made by a disinterested director is on an informed basis, in good faith and in the honest belief that the action(s) taken was in the best interests of the company, even if it turns out to be a bad business decision. Depending upon the particular circumstances of an incident, officers may [or may not] be protected under BJR. It is extremely important that all board meeting minutes be well documented and maintained by the company. It is not clear, but most likely, BJR would also apply to limited liability companies [LLC’s].
Massachusetts also has a very old Supreme Judicial Court ruling called the ‘Donahue’ doctrine, where officers and directors of a private corporation are held to a higher standard and owe a fiduciary duty to the other shareholders. This ruling states that all shareholders must be treated equally, and any shareholder may sue an officer or director for a breach of their fiduciary duties. The more shareholders a closely held corporation has the more likely a lawsuit would be instituted. Also, company’s must be very careful when using crowd funding investors as they may be a less sophisticated investor and more likely to sue if their investment goes bad. Many other jurisdictions look towards this doctrine in similar cases.
Other areas of potential liability include:
- mis- classification of an independent contractor vs employee [Ma has the most stringent rules of all the 50 states];
- sexual harassment: MA’s new Transgender Rights law which went into effect in July 2016 [EEOC/Equal Employment Opportunity Commission has issued a new Transgender Workplace Guide];
- violation of consumer protection rules [false advertising/product/marketing representations] and violation of TFTEA [Trade Facilitation and Trade Enforcement Act of 2015, which went into effect on February 24, 2016];
- anti-trust violations [discussing pricing with competitors, etc];
- failure to pay minimum wage and overtime;
- Violation of a state’s corporation laws.
An ethics takeaway: Transparency and employee training are keys to compliance and avoiding both company and personal liability. Companies should implement and enforce their ‘ethics/compliance and business conduct’ policies in order to help mitigate and/or avoid fines and other financial damages.
Going Global: Doing business overseas can be a challenging and taxing experience. If your company is [or will] be doing business globally, there are many
[too many to list in this guide] US and foreign laws and regulations that must be complied with, otherwise, the company and its officers and directors could face substantial fines and penalties, and may also include prison time. Two key areas of concern for global companies are: foreign bribery under FCPA and data privacy under the new EU-US Privacy regulations. A brief review of each:
FCPA: The US Foreign Corrupt Practices Act has been in effect for a very long time. DOJ [Department of Justice] in collaboration with the SEC [Securities and Exchange Commission] have primary oversight for FCPA enforcement. Global companies are [very] vulnerable to a FCPA violation, especially if they use a third party channel to market/sell its products and services. All global companies, public and private, large and small, are now under DOJ's radar screen. Additionally, many other countries [UK, Canada, Chile, Colombia, Mexico, Brazil, to name a few], have also introduced anti-corruption/bribery legislation and are also actively going after violators. So a company can be hit from both the US and the foreign country.
An FCPA violation can be [very] costly. However, under DOJ’s recently implemented pilot enforcement program, companies who are proactive and self report and fully cooperate with the government’s investigation may be able to mitigate their damages by up to 50 percent. Depending on each particular situation, companies who take prompt remedial measures to eliminate any further violations, may also get a DPA [Deferred Prosecution Agreement], or an NPA [Non-Prosecution Agreement]. Under certain circumstance, D & O [Directors and Officers] insurance may include protection for a FCPA violation. Based on several recent enforcement actions, FCPA’s policy of voluntary self-disclosure now almost assures that companies can definitely mitigate their exposure and avoid criminal prosecution.
Other helpful tools are the ‘Trace Matrix’ prepared [jointly] by Trace International and the Rand Corporation. Trace Matrix is a bribery index [available free on the internet] that measures and quantifies business bribery risk in 197 countries. The SEC/DOJ has also published: ‘A Resource Guide to the U.S. Foreign Corrupt Practice Act’ which contains helpful guidance to avoid violations. DOJ’s Fraud Section published a new guide [February 2017] titled: “Evaluation of Corporate Compliance Programs”. DOJ looks more favorably toward companies with written policies and internal audit controls in place to identify any misconduct. The best course of action seems to be lay all your cards on the table.
EU-US PRIVACY: The second global concern is the transfer of personal data from a European Union [EU] country to the US. International privacy laws are generally more stringent and complex than US privacy laws. Therefore, transferring personal data from the EU to the US is prohibited unless certain EU regulations are complied with.
US companies either became certified with the US Department of Commerce under its ‘Safe Harbor Program’, or used the EU ‘Standard Contractual Clauses [also referred to as ‘SCC’s’ or the ‘Model Contract] to transfer privacy data to the US. However, in October, 2015, the European Court of Justice (EU’s Highest Court) declared the US-EU Safe Harbor Framework to be invalid as it did not have sufficient privacy protection for European citizens. In February 2016 the EU and US reached final agreement on a new, more stringent set of privacy Principles referred to as the ‘Privacy Shield’, which was approved in July 2016. EU’s General Data Protection Regulation (GDPR)] goes into effect on May 25, 2018, and US global companies must upgrade their privacy policies and internal procedures to become compliant with GDPR.
LICENSING SOFTWARE TO THE GOVERNMENT UNDER THE NEW [1995] FAR/DFAR* REGULATIONS
FAR’S [FEDERAL ACQUISTION REGULATIONS] apply to Civilian (Non Military) Agencies; DFAR’s [DEPARTMENT OF DEFENSE FAR SUPPLEMENT] apply to Defense [Military] Agencies.
INTRODUCTION: LICENSING SOFTWARE TO THE GOVERNMENT IS VERY COMPLEX. HOPEFULLY, THIS OVERVIEW WILL HELP CONTRACTORS/DEVELOPERS NAVAIGATE SAFELY AND PROFITABLE THROUGH THE FEDERAL REGULATION MAZE.
FIRST AND FOREMOST TO BE AWARE OF IS THAT WHENEVER THE GOVERNMENT PURCHASES TECHNICAL DATA OR COMPUTER SOFTWARE, IT RECEIVES A ‘LICENSE TO USE AND DISTRIBUTE ’ ONLY, IN ACCORDANCE WITH THE APPLICABLE FAR/DFAR PROVISION; TITLE AT ALL TIMES REMAINS WITH THE DEVELOPER/CONTRACTOR EVEN IF GOVERNMENT FUNDS WERE USED FOR THE DEVELOPMENT. BOTH THE FAR AND DFAR HAVE VARYING LICENSING CLAUSES, DEPENDING UPON THE CLASSIFICATION OF THE DATA/ SOFTWARE.
LICENSING UNDER THE FAR’S IS COVERED BY 52.227-14 THRU 23 (52.227-19 SPECIFICALLY GOVERNS COMMERCIAL COMPUTER SOFTWARE).
- LICENSING UNDER THE DFAR’S IS DETERMINED BY THE FOLLOWING CATEGORIES OF RIGHTS:
- UNLIMITED RIGHTS: APPLIES TO TECHNICAL DATA, COMPUTER SOFTWARE, INCLUDING SOFTWARE DOCUMENTATION, DEVELOPED BY A CONTRACTOR WITH GOVERNMENT FUNDS (See DFARS 252.227-7013 (b) (1) AND DFARS 252.227-7014 (b) (1) FOR LISTING OF CRITERIA FOR ESTABLISHING UNLIMITED RIGHTS).
- LIMITED RIGHTS: APPLIES ONLY TO TECHNICAL DATA, (NOT TO COMPUTER SOFTWARE OR SOFTWARE DOCUMENTATION), DEVELOPED EXCLUSIVELY AT PRIVATE EXPENSE AND SUCH INFORMATION EMBODIES TRADE SECRETS OR CONFIDENTIAL INFORMATION (See DFAR’S 252.227-7013 (b) (3)).
- RESTRICTED RIGHTS: APPLIES TO NONCOMMERCIAL COMPUTER SOFTWARE AND SOFTWARE DOCUMENTATION DEVELOPED AT PRIVATE EXPENSE (See DFAR’S 252.227-7014 (b) (3).
- GOVERNMENT PURPOSE RIGHTS [GPR]: APPLIES WHEN MIXED-FUNDING HAS BEEN USED TO DEVELOP TECHNICAL DATA AND/OR COMPUTER SOFTWARE WHICH MAY ONLY BE USED FOR GOVERNMENT PURPOSES, INCLUDING COMPETITIVE PURPOSES, BUT EXCLUDING COMMERCIAL PURPOSES, FOR A FIVE-YEAR PERIOD, OR SUCH OTHER PERIOD AS MAY BE NEGOTIATED. AFTER EXPIRATION OF THE NEGOTIATED PERIOD, THE GOVERNMENT AUTOMATICALLY OBTAINS UNLIMITED RIGHTS. [See DFAR’S 252.227-7013 (b) (2)].
- SPECIFICALLY NEGOTIATED LICENSE RIGHTS: APPLIES WHEN UNLIMITED, LIMITED, RESTRICTED, OR GPR RIGHTS MAY NOT FIT/MEET THE GOVERNMENTS NEEDS (See DFAR’S 252.227-7013 (b) (4)).
- COMMERCIAL COMPUTER SOFTWARE: APPLIES TO COMPUTER SOFTWARE AND SOFTWARE DOCUMENTATION DEVELOPED EXCLUSIVELY AT PRIVATE EXPENSE; NO DFAR CLAUSE APPLIES, GOVERNMENT WILL USE AND NEGOTIATE DEVELOPER’S/CONTRACTOR’S STANDARD LICENSE AGREEMENT (See DFAR’S SUBPART 227.7202).
- COMMERCIAL TECHNICAL DATA: APPLIES TO ANY ITEM, OTHER THAN COMPUTER SOFTWARE OR REAL PROPERTY THAT IS CUSTOMARILY USED BY THE PUBLIC FOR NONGOVERNMENTAL PURPOSES AND THAT HAS BEEN SOLD OR OFFERED FOR SALE, LEASE, OR LICENSE TO THE GENERAL PUBLIC (See NEW DFAR CLAUSE 252.227-7015).
DISTRIBUTION TO THE U.S. GOVERNMENT: The Licensed Products provided under this Agreement are commercial computer software programs developed exclusively at private expense. Use, duplication, and disclosure by civilian agencies of the U.S. Government shall be in accordance with FAR 52.227-19 (c) or other agency data rights provisions, as may be applicable. Use, duplication and disclosure by DOD agencies is subject solely to the terms of <Co Name> standard software License Agreement as stated in DFARS 227.7202.
FOR COMMERCIAL COMPUTER SOFTWARE, THE FOLLOWING LEGEND SHOULD APPEAR IN THE SOFWARE (IDEALLY THE 1ST SCREEN), AND ALSO INCLUDED ON THE MEDIA AND SOFTWARE DOCUMENTATION:
This software is commercial computer software developed exclusively at private expense. Use, duplication, and disclosure by civilian agencies of the U.S. Government shall be in accordance with FAR 52.227-19 (c) or other agency data rights provisions, as may be applicable. Use, duplication and disclosure by DOD agencies is subject solely to the terms of <Co Name> standard software License Agreement as stated in DFARS 227.7202.
“Unpublished-All rights reserved under the Copyright Laws of the United States”. Contractor/Licensor:_____________________________________.
Name/Address
OTHER SPECIAL LEGENDS AND MARKINGS ARE REQUIRED FOR NONCOMMERCIAL COMPUTER SOFTWARE AND TECHNICAL DATA [SEE SPECIFIC FAR/DFAR CLAUSE].
GENERAL CAVEATS:
- SEGREGATE AND IDENTIFY ALL IN-HOUSE DEVELOPMENT FUNDING TO THE PARTICULAR PRODUCT;
- MAINTAIN DETAILED FILES RELATED TO ALL IN-HOUSE DEVELOPMENT;
- FLOW DOWN ALL REQUIRED CLAUSES TO SUB-CONTRACTORS, MAKE SURE THE RIGHTS YOU GET FROM SUBS ARE AT LEAST THE SAME OR GREATER THAN THOSE REQUIRED TO BE PROVIDED TO THE GOVERNEMNT;
- LICENSING REGULATIONS ARE VERY COMPLICATED; THE RULES KEEP CHANGING AND NEED TO BE MONITORED REGULARLY, WHEN IN DOUBT SEEK COMPETENT LEGAL HELP.
OnLine Counsel is a registered Massachusetts Service Mark of Joseph Valof, Esq.]
