Austin Technology Law Blog

HTML5 Video - Oh the possibilities!

Stuart Hiserodt — Thu, 02 Sep 2010 10:06:09 -0600

Normally, we here at ATLB try and bring you legal issues relevant to the Austin tech world, but I recently stumbled across and my first interactive, multi-window HTML5 video, and despite the lack of legal issues, I had an overwhelming desire to share it. Showcased as a "Chrome Experience," Google and Chris Milk teamed up with the band Arcade Fire to produce an extremely creative music video to the song, "We used to wait" (a great track). The site, The Wilderness Downtown, provides a look into the future of not just music videos, but a videos across the board. An interactive multi-window experience allows the user to connect with the music, the story of the video, and provides some serious nostalgia for someone who hasn't been home in awhile (my then teary-eyed girlfriend can attest to that).

I look forward to the next generation of videos and the creative music and film directors that will no doubt utilize this new format. I can already hear myself 6 months from now, "I can't believe I was so amazed by that Arcade Fire video."

Facebook Opens Fire on Teachbook

Paul Stanfield — Fri, 27 Aug 2010 09:22:34 -0600

Once upon a time, most schools distributed annuals or pictures, names and some personal information about students so that other students could make connections. Then Mark Zuckerberg hacked into the Harvard computers and obtained private information of students and put that into a Hot or Not knockoff called “Facemash”.
Harvard threatened Zuckerberg with expulsion, charges for breach of security and copyright infringement. Harvard later backed off and the rest is history.
Fast forward to today and the behemoth that has now evolved from Facemash to Facebook is rigorously trying to keep anyone from using either “Face” or “Book” in their name if the entity is remotely associated with social media.
Facebook recently induced a site called Placebook to change its name to TripTrace and has now filed suit against a site called Teachbook, which is not even operable yet but purports to be an online information sharing vehicle for teachers (a large number of whom are prohibited from being on Facebook by school administrators).
Facebook is alleging in the suit against Teachbook that the term “Book” is highly distinctive and that most people associate it with social networking. Facebook throws in a claim of cybersquatting and wants the court to give it the domain name Teachbook. For good measure, they included counts of trademark infringement, unfair competition, and trademark dilution. Teachbook has only a couple of employees. Hello fly, meet cannon.
This indicates that Facebook will be aggressive against any online vehicle containing any variety of “Face” plus something or something plus “Book”.
No word yet on their stance on BookFace (actual trademark application made and abandoned several years before Facebook came around).

Malware Might Have Played A Part In Deadly Plane Crash

Paul Stanfield — Mon, 23 Aug 2010 10:45:06 -0600

OK, now it's serious. It's one thing to lose credit card information or for your Facebook account to be high jacked, but malware is said to have been instrumental in the cause of death and destruction in the crash of a Spainair flight two years ago. Investigators have determined that ground computers were infected with malicious code that may have prevented the pilots from being warned that the flaps were in the wrong configuration for takeoff.

This blog has previously discussed the malicious code problem here, here and here. Experts in virus protection are becoming increasingly pessimistic about the ability of reactive virus protection to be effective.

A video of the crash can be seen here. Warning, this is unsettling in that it is video of an event where a large number of people lost their lives.

I told you this was serious.

Apple Patent Could Remotely Disable Jailbroken iPhones

Luke Stanfield — Mon, 23 Aug 2010 10:41:02 -0600

After a ruling last month by the Library of Congress that jailbreaking cellphones, such as Apple's iPhone, was an exception to the DMCA, many users who didn't want to be tied to Apple's network and app restrictions rejoiced. However, that freedom could be short lived. A recently published patent application by Apple describes a system that seeks to identify "hacking, jailbreaking, unlocking, or removal of a SIM card." According to the application, Apple could combat this by remotely examining for unauthorized use. Some the measures Apple could take include:

keylogs
screenshots
deleting "sensitive data" (yikes!)
surreptitiously activating the cell phone's camera (double yikes!)

The purpose of this system is to protect consumers from "unauthorized users." It's possible that Apple will consider users of jailbroken phones "unauthorized" based on this statement from the application describing the system:

An activity that can detect an unauthorized user can be any action that may indicate the electronic device is being tampered with by being, for example, hacked, jailbroken, or unlocked.

It's unclear whether Apple will ever actually implement these measures, but the Orwellian methods of detecting unauthorized use is a little disconcerting to say the least.

Oracle vs. Google, Godzilla vs. Mothra, Perseus vs. The Kraken and other Titanic struggles

Paul Stanfield — Tue, 17 Aug 2010 12:55:50 -0600

Consider this abbreviated time line:

November 5, 2007 - Google, T-Mobile, HTC, Qualcomm and Motorola announce the release of Android and announce the creation of The Open Handset Alliance comprised of 34 companies that will free the mobile world of all restrictions (the last part is made up). Nowhere in the announcement does Java get mentioned.

Same day (almost like they knew it was coming) - The Chairman and CEO of Sun (possessor of Java) heartily congratulates Google et al on the release of Android and hails the salutary effect it will have on the Java community. The blog entry goes out of its way to call Android a "Java/Linux phone platform" and "a Java based platform".

April 20, 2009 - Oracle buys Sun. In the press release announcing the sale, Oracle calls Java "the most important software Oracle has every acquired."

August 12, 2010 - Oracle files suit against Google alleging "In developing Android, Google knowingly, directly and repeatedly infringed Oracle's Java-related intellectual property. This lawsuit seeks appropriate remedies for their infringement."

Now what happens? Google will claim that they aren't using Java but built their own version of this platform called Dalvik using approved clean room methods and therefore haven't infringed on anything. Google hasn't filed an answer yet and probably won't for some time. Then the fun will start. This has the potential to be a very visible and influential suit with ramifications for years to come. Google is not likely to be the last company with Defendant after their name in this matter. There are millions and millions of devices with Android running on them. Plus it involves some heavyweights.

Of course, Oracle's Larry Ellison is involved. He has some repute in the high tech world.
Oracle's legal team in the case includes the mega firm Morrison and Foerster (whose domain name proudly is "mofo") and David Boies, a well-known attorney who represented the U.S. Justice Department in its antitrust action against Microsoft. He also represented former Vice President Al Gore in the 2000 Florida recount battle and SCO in their 2003 suit against IBM over Linux. He also was recently involved in the Prop 8 battle in California, so he wins some and loses some.

If your Ambien prescription has run out, the complaint can be read here. This case will be tried in the post-Bilski world, so who knows what that means. Stay tuned. This could get good.

SXSWi Panel Picks: ATLB Selections (so far)

Stuart Hiserodt — Fri, 13 Aug 2010 10:20:25 -0600

South by Southwest Interactive is just around the corner, coming March 11-15, 2011, and now it's time for the selection process to begin. For those of you who aren't familiar with the process check this out to get up to speed. There are three groups that vote on what panels will participate in the 2011 SXSWi: public (30%), SXSWi staff (30%), and advisory board (40%). There is a feeling here at ATLB that it's our duty to assist in crafting this year's event. I mean it's for the public, so why shouldn't we have a loud voice. This bog goes out to several different groups that have interest in a variety of things, so in order to provide a broad range of issues here are a couple that seem relevant to our readers: Bootstrapping, Entrepreneurism and Monetization, Funding, Web Apps, and our personal favorite Licensing, Fair Use and Copyright. Please check out these categories and see if a subject of interest pops up.

Additionally, there are a few individual panels this year that we'd like to suggest:

Apps vs. Mobile Web: Which to reach consumers?

Download Illegally, It's the Right Thing to Do

Social Network Users' Bill of Rights: You Decide

Legal Frontiers In Social Networks, Blogs and Beyond

I.P. Fearlessly: Copyright, Contracts, and Clients

I'm sure there are many more that would do a great job of bring value to next year's event, but these were the ones that caught our eye on first go around. It would be a good idea to get on twitter and find some other good Austin Tech Sources to get a feel for some other good panels.

Enjoy the weekend!

L3C: The New Entity on the Block

Luke Stanfield — Thu, 05 Aug 2010 16:20:44 -0600

The Low-Profit Limited Liability Company (L3C) is the newest entity to be recognized by at least eight states and will probably be available in several others in the near future. The L3C is a hybrid entity combining the flexibility of LLCs with the social consciousness of charity organizations. Often non-profit charitable entities are subject to strict organization and tax regulations that many feel can actually hamper charitable and social purposes. Generally L3Cs must meet the following requirements:

The company must “significantly further the accomplishment of one or more charitable or educational purposes,” and would not have been formed but for its relationship to the accomplishment of such purpose(s);
No significant purpose of the company is the production of income or the appreciation of property (though the company is permitted to earn a profit); and
The company must not be organized “o accomplish any political or legislative purposes.

Groups like Americans for Community Development have high hopes that L3Cs will open the floodgates for potentially billions of dollars in new charitable funding because of the flexible funding structures and potentially prudent investment opportunities. L3Cs haven't made their way to Texas yet, but if and when they do, they could be a great option for those interested in charitable pursuits.

"Wait! I deleted that. You can't see that! "- Computer Privacy and Data Recovery in the Age of Computer Forensics

Paul Stanfield — Wed, 04 Aug 2010 14:38:45 -0600

In talking to our clients, our friends and the public at large, there seems to be a lot of confusion, misinformation, urban myths and lore surrounding the amount and kinds of data and material that is deposited on computer drives and that can be retrieved even though the user thinks that he has deleted it or covered it up. And by computer drives, we mean any electronic storage device including computers, flash drives, cell phones, DVRs, etc.

To attempt to get real live reliable answers to some of these questions, we turned to some local subject matter experts, Flashback Data. Flashback Data’s website is here. They were kind enough to lend us the expertise of Will Ambruzs, an attorney who is charge of the Forensics Division of Flashback Data.

ATLB: Will, please describe the services that Flashback Data can provide, particularly to an attorney involved in litigation.

FBD: Probably the best known aspect of forensics is the storytelling. A man dies mysteriously and the forensic examiners conduct two autopsies – one on the corpse, and one on the home computer. Toxicology confirms the man died of ethylene glycol poisoning (antifreeze). Forensic testing of the computer recovers 76 previously deleted Google searches made by his wife over the course of seven weeks for things like “symptoms of ethylene glycol poisoning,” “ethylene glycol toxicity” and “C2H6O2 ingestion and death.” That’s a compelling story.

Other times our involvement is less about developing evidence and more about logistics. For example, we’re commonly retained by attorneys to help identify all the places relevant information is likely to exist in a complex technical landscape, or to develop evidence collection strategies that minimize the impact on their client’s business.

Candidly, there’s quite an air gap between law and technology. At the end of the day, when it comes to electronic evidence, we’re the guys who fill it. Our case managers are attorneys and our forensic examiners are technologists with deep court room experience. We’re not vendors. We take pride in giving our clients access to the highest caliber forensics testing in the industry, and we’re presently the only private sector laboratory in the world accredited for digital forensics by the American Society of Crime Laboratory Directors under their International standard – same as FBI and DEA.

ATLB: That sounds like a lot more stuff than we can cover in one setting. Let’s discuss some general topics about what kind of data can be recovered and from which devices, and then, hopefully follow up with another session where we delve into some of the more complicated problems of forensic discovery and data retrieval.

FBD: OK

ATLB: I will give you some topics and you tell me how hard it is to recover this data:
• Internet history from a computer
Internet history is one of the most persistent types of data on the computer. It’s not uncommon for us to recover every URL visited on a computer from the time you first took it out of the box.
• Deleted videos from a DVR
It depends. If the DVR entries were manually deleted, the chance of recovery is high if the device can be forensically imaged before the data is overwritten. Many DVRs are set to overwrite data after a period of time, or when the device is near the limit of its full hard drive capacity. Overwritten data is unrecoverable. By anyone.
• Text messages from a cell phone
Candidly, it depends on the make and model of the phone and how the phone is used. That said, we are still seeing a strong trend of users adopting smartphones like the Blackberry or iPhone. One common thing folks do with smartphones is sync them with a computer. This creates backup files on the computer which, depending on when the backup was created, may contain data that is long gone from the phone. Alternatively, smartphones are essentially small computers, and often their data can be recovered in the same way we recover hard drives.
• Instant messages like gmail chat or AIM
These may be recovered from log files saved to the computer. Difficulty is a function of time. Bottom line is if the data you want gets overwritten with new data, it’s gone.
• Facebook messages or postings
One avenue of recovery is to extract these from internet history. Often this gives us multiple clues as to the content and recipients, and we can use the information to go looking for “shadows” of similar activity. Another thing we can do is attempt to recover the confirmation emails Facebook sends when new entries are made on a user’s wall or new messages are received.
• Twitter tweets on a cell phone or computer
This type of data generally fall into the same category as internet history and internet cache. The content itself will be recoverable for some time (until it is overwritten) and we can extract a fair amount of data simply by looking through the internet history.

• Standard files on a computer hard drive
In answering this, assume that the user has used the commonly available delete function available to the standard user.

FBD: Understanding the recovery of deleted files on a hard drive requires some understanding of how files are stored and referenced. A good analogy once provided to me is that of a school library. If we think of the hard drive as the library, then the files are analogous to the books on the library’s shelves. In a library, a book’s location is referenced in the card catalog. In a Windows environment, a file’s location on the hard drive is referenced in the Master File Table. When we delete a file, we’re not destroying the file’s data. Instead, what happens is the file’s location is marked in the Master File Table as being available to use for new data storage. That’s like pulling a card out of the card catalog and throwing it away – the reference to the book is gone, but the book is still sitting on the shelf (at least until someone takes it down and replaces it with a new book).

Having said all that, “recovering” the deleted file is like walking around the library from shelf to shelf and taking inventory of every book. At some point, we’d learn that there is a book sitting on a shelf in a space that’s supposed to be empty. And we’d find and recover the book.

In addition to above, there are multiple other ways to attempt to recover deleted files, such as through backup copies, temporary copies and/or copies embedded in another data file (e.g., a file attached to an email in an Outlook data file). These are all potential recovery routes.

ATLB: Now, I have heard stories that a strong magnet can remove or corrupt all data on a computer hard drive. Is that true?

FDB: It was truer ten years ago than it is in 2010. Hard drive construction has become much more robust in the last decade. The sorts of magnets that a consumer or corporation will have on hand (including video degaussers) will not reliably destroy data. That’s not to say I’d let you run one over my hard drive….

ATLB: How about drilling a hole in a computer hard drive? Does that prevent anybody from retrieving data from it?

FDB: Physically damaging a drive certainly makes it more difficult. For the amateur, it will likely be impossible to recover any data. However, given enough knowledge and the right equipment, even a hard drive with a hole drilled through it might still give up a lot of secrets. The clean room engineers in our Data Recovery division make a living doing just this. In fact, we’ve recovered data successfully from hard drives that folks have intentionally set on fire, submerged in saltwater for several weeks, and repeatedly stabbed at the platters with a screwdriver.

At the end of the day, where there’s a will, there’s a way. Rolfing your hard drive with a hammer still works pretty well. But you can’t just bust up the outer case; you need to damage the internal platters. All of them. We’ve actually worked cases where folks tried to destroy their hard drives, except they only damaged some of the internal platters, and we were able to pull data off the undamaged platters just fine.

Understandably, the judges in those cases didn’t have a sense of humor about it.

ATLB: Is there a sure fire method of keeping someone from retrieving material from a hard drive short of actually physically destroying or melting the drive?

FDB: Overwriting all the data on the drive renders it unrecoverable. There are a host of applications designed to overwrite entire hard drives, many of them free. There is the possibility that some small measure of data resides in areas of the drive that are no longer accessible without specialized hardware. In that case, there is a command built into the drive’s hardware and firmware as part of the communications specification. Interested folks can Google “ATA Secure Erase” for more information.

ATLB: Are there some devices that are harder to retrieve data from than others? For example, is an iPhone more secure than a Blackberry? What about Macs vs. PCs?

FDB: A meaningful answer is probably a bit beyond the scope of this interview, although I will say it also depends on the type of data you want to retrieve. For example, the way Blackberry handles data makes deleting SMS messages from a Blackberry more secure than deleting them from, say, an iPhone. Perhaps we should punt the question and discuss in a separate post solely dedicated to this issue? I think we can provide some good insight.

ATLB: What’s the best way to secure data? Does encryption work and if so, what kind?

FDB: Same response as previous question. That’s a big question, and a meaningful answer is probably beyond the scope of this interview. If you’re interested let’s revisit this question in a dedicated article.

ATLB: Can you prove who was using a computer at a particular time and what they used it for at that time?

FDB: Generally, you can’t irrefutably prove who was or wasn’t behind the keyboard based on computer evidence alone (unless they were helpful enough to capture themselves on webcam). However, you can certainly make strong inferences based on the activity you see. Checking password protected email, looking up things that pertain to your interests to the exclusion of others, logging into secured accounts for which only you have the login information, etc. It’s all there.

A person’s computer activity also tends to fall into patterns over time, especially his or her web browsing. So, while you may not be able to state with 100% certainty that “Bob” was using the computer on a specific day at a specific time, it may be that usage of the computer at that time matches substantially with usage of the computer at previous times when Bob was known to have used it.

ATLB: What are your main suggestions for people who are concerned about their computer security and privacy?

FDB: As with physical security and privacy, determine what your objectives are and how far you’re willing to go to protect them. Most of us don’t live in an underground bunker with roving patrols of armed guards on the deck because we’ve made the decision that the threats which affect us don’t merit that amount of protection. In the same way, determine how much expense and vigilance you’re willing to accommodate to protect your data, and take the time to consult with someone who can tailor a security posture appropriate for you and your organization.

Unfortunately, out in the wild, people tend to be binary. I can’t tell you how many cases we see where folks go to great lengths to strongly encrypt their data, but then the same simple password unlocks 90% of their life. Alternatively, on the other side we see folks using multiple complex passwords for everything, but writing them all down in an unprotected Microsoft Word document and saving it someplace on their C: drive so they remember them. Both strategies are bad.

ATLB: Thanks, Will. Let’s do this again and discuss other issues, including the services that Flashback Data can provide to attorneys in litigation and in general practice and maybe discuss what you would do if you were going to try to hide any information of your own and how would you do it and how successful you would be.

FBD: Those discussions definitely merit a separate post or two.

App Developers Need to Pay Attention to the DMCA Ruling on Jailbreaking the iPhone

Stuart Hiserodt — Tue, 03 Aug 2010 14:51:28 -0600

A recent ruling by the Library of Congress on the Digital Millennium Copyright Act (DMCA) resulted in large changes for cell phone users. The Copyright ruling spoke to several issues on circumvention, but for our discussion today, we shall discuss jailbreaking. Jailbreaking is the process of bypassing cell phone software allowing the user to purchase cell phone applications other than ones required by the cell phone manufacturer (here’s some info on the subject). This ruling has large implications in the app development community and could change the face of apps and cell phones … or according to others - do nothing.

First, when I was discussing this with some friends of mine the first question most had was, “Say what?! Why is the Library of Congress speaking on jailbreaking and who gave them authority? How is jailbreaking a Copyright issue?” So before I go into an analysis of the ruling, a quick rundown of the logistics of this might be in order.

The Library of Congress governs the United States Copyright office (it’s actually a division of the Library of Congress), and as such the Librarian of Congress discusses certain rules from time to time. Okay?! But this still doesn’t answer why this is a Copyright issue. In 1996 there were treaties passed by the World Intellectual Property Organization (WIPO), and the DMCA is the implementation of those treaties. These treaties covered several aspects of IP law, but for this post the relevant area of the treaties implemented into the DMCA dealt with the prohibition of circumvention of technology measures that control access to copyrighted works. In other words, this gave the Copyright office the ability to govern technologies on cell phones that protected copyrighted works, such as applications. As a result, the Librarian of Congress can determine if things such as jailbreaking of phones should be legal or not.

The Librarian of Congress, stated jailbreaking a cell phone was an exception to the general rule of prohibiting people from circumventing certain Copyright protection technologies. Namely, you can jailbreak the iPhone and buy “non-App Store” apps for it. The ruling states:

“Persons who circumvent access controls in order to engage in noninfringing uses of works in these six classes will not be subject to the statutory prohibition against circumvention.

…

(2) Computer programs that enable wireless telephone handsets to execute software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications, when they have been lawfully obtained, with computer programs on the telephone handset.”

Therefore, you can bypass certain iPhone access controls if you are going to legally purchase a non-Apple application for your iPhone.

As you can imagine, Apple doesn’t want this to happen for multiple reasons, and they are doing much to ensure the ruling has no effect on the app market. First, Apple states that if a user jailbreaks the iPhone they will breach their end-user license agreement (EULA). This breach would relieve Apple from its obligation to provide a warranty, repairs, and anything stated in the agreement. Additionally, Apple will continue to develop updates of its software attempting to outsmart the jailbreak engineers. There will be a continuous back and forth of Apple updates and the soon to follow jailbreaking updates. As a result, it might make the process too difficult for the end user keeping them from jailbreaking the phone. But currently that doesn’t seem to be the case. A developer going by the name Comex has been flooded with so much interest in the new Jailbreakme 2.0 software, his site is crashing from too much traffic. I have spoken with some app developers that believe ultimately the consumer will not want to risk losing the warranty, so most things won’t change. However, what occurs when the warranty runs out?

It’s no secret that Apple has a significant market share in the cell phone and application market. The Android markets have been gaining ground, but Apple still maintains a solid position in the market. Prior to this ruling, the iPhone, iTouch, and iPad were all limited to apps from the iTunes App Store. The popularity of these products fuels application development to be more Apple based. Currently, if you are developer, you are going to develop for Apple first and then the Android or other platforms second (if at all). Now that the powers that be say no violation occurs when jailbreaking your iPhone, other application sites will undoubtedly begin to arise. Getjar, an application site already in existence, is about to hit 1 billion downloads. However, iTunes has almost three times as many applications and Apple has stated that they have already surpassed the 5 billion downloaded apps milestone producing over a billion dollars for app developers (leaving Apple with $300 million). Creating a market others will want to cut into. This ruling will no doubt assist in the loss of significant application market share.

Apple makes its money off the iPhone, but how much will the new app markets affect the purchasing of the iPhone? I recently wrote about Apple’s firm position in governing its operating systems and the type of code and applications that would be submitted. Apple believes that flash is a poor system and that it frustrates the Apple OS, so flash products cannot be utilized in app development for Apple. However, flash is not the only restriction with Apple (percentage of sales, procedure of approval, etc.). If other markets begin to lure other developers away from the Apple market higher quality applications will be developed and be sold at other app stores

So what will be the repercussions of new application sites? I assume with the creation of several application sites new license agreements will arise. The freedom to negotiate price, term, programming platforms, etc. will affect how licensing is accomplished in this arena. Although many other outcomes will arise from this ruling, one issue developers will face is how they go about licensing their applications. There won’t be the standard app development agreement as the only option anymore. Competition should likely create flexibility in these otherwise strict agreements. Therefore in developing apps, the creators should begin to realize the popularity of the application could be beneficial for the new app store itself and provide options to the now standard boilerplate agreements.

More Sophisticated Spyware Hits Utility Systems - "Stuxnet" Gone Wild

Paul Stanfield — Tue, 27 Jul 2010 14:29:37 -0600

Cyber security experts are scrambling to assess the past effects and the potential of a recently detected malware that has targeted utility systems primarily in the Middle East (beginning in Iran) and the United States. Microsoft has named the Trojan intruder “Stuxnet”.

On a very basic level, here is what Stuxnet does:
1. So far, it has targeted a Siemens system (SCADA) used primarily in the operation and control of electric power plants;
2. It has been carried on USB sticks that, when attached to a computer, automatically executes without any further action by a user, even if the AutoRun function is disabled;
3. The Trojan then seeks out and copies certain database information, including power plant designs;
4. Stuxnet exploits a flaw in the shortcut links files in Windows.

Microsoft has issued a work around that essentially turns off the shortcut function and changes the shortcut icons appearance on the screen.

So, if this only targets utility companies, unless you are a utility company or have one as a client, why should you care? Experts surmise that this was created to carry out industrial espionage but the same technique can be used for other targets. It could be used to target other trade secrets, personal financial information, medical records, etc.

We talked to a local security expert and there are reports that Stuxnet or variants are “in the wild” and could be delivered by a manner other than USB sticks via networks and remote web servers.

McAfee alleges that it has a defense against Stuxnet as does Symantec. As we noted in earlier posts (see here and here), these are examples of blacklisting. CoreTrace has demonstrated effectiveness against the intruder by using the whitelisting capabilities of its product Bouncer. See the YouTube video here: http://bit.ly/bFCEdc.

This attack seems to be much more targeted and much more sophisticated that most of the prior threats and may herald a new age of malware menace.

So, it’s a dangerous cyber world out there. Use protection.

Startup Week - Part 4: The Texas Employment Agreement

Stuart Hiserodt — Fri, 23 Jul 2010 11:34:59 -0600

Startup Week here at AustinTechLawBlog continues with part 4 of our 5 part series on common startup issues – Employment agreements. Every company that has employees will need to make sure they properly set out an agreement between the company and the employee. There are many different types of provisions that can play a major part in your employment agreement, but we’re only going to cover a few today that seem to cause quite a bit of confusion. Non-competes, non-solicitation, and confidentiality are three areas of employment contracts that most employers and employees need to pay close attention to.

Confidentiality

A confidentiality (aka, non-disclosure) provision in an employment contract should protect the company’s sensitive information from being revealed to a third party. Many reasons exist why a company would want to accomplish this goal of confidentiality. For instance, the enforceability of some intellectual property relies solely on the confidentiality of certain information. Trade secrets are almost completely reliant on a company’s non-disclosure protection. If a company does not take the appropriate actions in maintaining secrecy, they cannot rely on the protection afforded in Texas (based on common law). The depth of confidentiality in trade secrets is beyond the scope of this post, but this Citizen’s Media Law Project article, does a great job outlining the basics of trade secret law in Texas. Patents also rely heavily on non-disclosure to ensure their protection, and if not appropriately handled the invention can actually lose its patentability if an application is not filed after a year of certain disclosures.

You know that confidential information is important, but what is it? Confidential information has no specific definition, and should be outlined in the employment agreement. In general terms, one should think about confidential information as any information not generally known in the industry, or similar industry in which the business is performed. Therefore, this information is not something common or utilized in the industry, but something that your company does that separates itself from others. For instance, budgets, specialized training, marketing plans, customer lists, recipes, source codes, test results, personal information, are all likely confidential in nature. However, these areas change from industry to industry. An employer should be careful to define the areas known to be confidential to the company and ensure a general protection to other activities that might.

This information does not always come from just the company; often the clients or customers of the company have confidential information in need of protection. While other times an employee is responsible for the creation of such sensitive materials. Thus the non-disclosure provision should be broad enough to encompass both the information of the company and its clients as well as the sensitive material created by an employee. However, often these provisions are drafted so broadly that the company attempts to protect the method in which a pancake is flipped. Although often these provisions are not always enforceable, a properly drafted provision can save both the employer and the employee time in negotiation, as well as go a long way to creating a clear understanding of the provision for both parties.

Non-Compete

A non-compete is a provision restricting a former employee from competing with a company. Texas is “right to work” state, so often employees and employers are not sure of the status of a non-compete provision in Texas. Non-competes are enforceable in Texas, but have some limitations. This provision is the most asked about provision in an employment agreement, so going to the statute is the best first step. The law in Texas states:

“[A] covenant not to compete is enforceable if it is ancillary to or part of an otherwise enforceable agreement at the time the agreement is made to the extent that it contains limitations as to time, geographical area, and scope of activity to be restrained that are reasonable and do not impose a greater restraint than is necessary to protect the goodwill or other business interest of the promisee.”

Ancillary and Otherwise Enforceable Agreement Requirement

So what does that mean? This statute, in conjunction with courts, created a two-part non-compete enforceability test. The first part determines whether the non-compete provision “is ancillary to or part of an otherwise enforceable agreement at the time the agreement is made.” This might be clear to some, but it wasn’t to me, so I’ll walk through it best I can. This ancillary and otherwise enforceable requirement has been interpreted to mean that in order for a non-compete to be enforceable:

1) the consideration given by the company must give rise to the employer’s interest in restraining the employee from competing, AND

2) the non-compete must be designed to enforce the employee’s return promise.

Confused yet? In an attempt to simplify a complex issue, I’ll try to rephrase. If a company wants to have an enforceable non-compete, the company needs to supply an enforceable agreement which would include something that would validate a restraint of trade (confidential information, trade secrets, certain training) AND require the employee to promise not to compete. In a sale of business, these requirements are met more easily. A purchaser of say, an accounting firm, would not want the seller of the firm to stay in Austin and compete. Normally, the seller has established a reputation and a relationship with his clients. A non-compete provision of this kind is generally enforceable by the court. To apply this business purchasing situation to the definition can sometimes help in applying it to an employment agreement. In the example, the purchaser agrees to an enforceable contract to buy an accounting firm (the otherwise enforceable agreement) from the seller in conjunction with a non-compete provision. Going back to the rule for a second, the non-compete would not be enforceable unless it provides the necessary support to the primary activities (ancillary) of the purchase agreement. In this case, the consideration supplied by purchaser (the purchasing of the firm) supplies appropriate reason to restrain the seller of accounting firm from competing. The non-compete supports the purchase agreement, as the sale of the business would likely be a sham if the seller could compete in the same area as the purchaser. In an employment situation, meeting the ancillary element is tougher. If confidential information or trade secrets are revealed to the employee, the employer can argue that the non-compete is necessary because the employee could use this information in the competing business. Even though it is common to have a non-disclosure provision in these agreements as well, the argument of the employer is that the employer would be unable to verify whether the employee leaked this sensitive information. Therefore, the company would argue they must have a non-compete as well. Depending on whether confidential information or a trade secret actually exists, the courts will often uphold the first prong of this test to protect those interests. The second prong requires the non-compete be designed to enforce the employee’s return promise. This is often satisfied by requiring the employee promise not to compete subject to certain reasonable limitations.

Reasonable Limitations

The second prong of non-competes requires a reasonableness of geographic area, time, and the activities to be restrained. Therefore, an employer must be careful in drafting where, how long, and what the former employee would be restricted from performing.

Geographic Limitation

To determine if a geographical restriction is reasonable one would have to look at the facts. If one owns a cleaning company and services Austin homes, it might be unreasonable to restrict the employee from working in the state. If an employee works for a national publishing firm but calls mainly on central Texas, a nationwide restriction might be struck down. The courts view these reasonable factors on a case by case basis, and it would be difficult to nail down what is reasonable without knowing the facts of the case. However, this line becomes blurred when working online. The facts of these online situations would also determine what was reasonable.

Time Limitation

The next factor in the reasonableness prong is time limitation. Texas courts have found 5 years can be acceptable for highly specialized work, but in most cases that number would be found unreasonable. From my research, I have found that one to two years can be acceptable, but it is impossible to really state without the facts of case.

Scope of the Activity

The scope of activity to be restricted should also be reasonable. Therefore, if an employee work as a software engineer, it would likely be too broad to restrict all activities with software and computers. The courts have shown reluctance in enforcing non-compete provisions, therefore one should attempt to limit these factors. As an employee, one should determine that the restrictions on activity should be limited to the actions actually performed by the employee. It is important to cater this provision to each employee. Many times a company applies a broad definition to all employees and forgets to modify making the provision useless.

Non-Solicitation

A non-solicitation provision protects a company from direct competition with former employees for current and past clients. The scenario is simple enough, a company hires an employee, compensates or enables the employee to perform his job, and through the position the employee establishes a relationship with clients of the company. Upon leaving or after termination the employee tries to “steal” the clients. A non solicitation provision, if drafted properly can restrict an employee from soliciting or actively pursuing the company’s clients. However, what constitutes a client? What is solicitation? What restrictions are enforceable in keeping the former employee from soliciting these clients?

How a client is defined and the length of time one can solicit should be reasonable and clearly stated in your employment agreement. A client can be defined in several different ways. Is a client a contracted client? Does an actively pursued lead count as a client? What if your industry deals with large products where you sell one unit a year? Defining this term is important and one should take great care to draft this according to the specific industry and in accordance with Texas law.

A reasonable time limitation, as discussed in the non-compete section above, will based on specific facts, but one to two years has been found to be acceptable in certain cases. To ensure reasonableness companies often will establish a limit the number of clients through a time period. For example, let’s say the employer wanted to restrict clients existing one year prior to termination. If termination occurs on August 15, 2010, the employee could go after clients that had ceased doing business with the company prior to August 15, 2009. However, when a company ceases to do business can be tricky business.

The next element to determine should be defining solicitation. Solicitation itself is more than just social contact. Solicitation is more of an active pursuit or attempt to obtain the business of another. According to a Minnesota case, connecting on linked-in would not be enough to reach solicitation, but a message included on the linked-in invite could and does sometimes reach the level of solicitation.

Hopefully, this post explained some of the parameters of a Texas employment agreement, but each case is unique and these parameters are applied by the courts on a case by case basis. An employment agreement is vital for startups, careful drafting and attention to relevant statutes and case law should be given.

START UP WEEK: Withdrawal, Financing, and Acquisition

Luke Stanfield — Fri, 23 Jul 2010 10:57:01 -0600

Unfortunately not all businesses work out and must come to an end, or there is some even that requires the business to terminate. How this occurs and how the business owner should handle it depend on whether it is a partnership (including limited partnerships and LLCs) or whether it is a corporation. On the other end of the spectrum, a business may become so successful that it is in a position to receive substantial financing (venture capital or private equity) or even outright acquisition. This post will discuss some issues presented in each of these circumstances.

Partnerships and LLCs: Withdrawal and Winding Up

Certain events can bring about the withdrawal from a partnership under the Texas Business Organization Code (TBOC). The most common are voluntary withdrawal, expulsion, the partner dies or ceases to exist, the partner enters into bankruptcy. The partner's withdrawal must abide by the operating agreement to avoid breach. If the partnership will continue after withdrawal, the exiting partner has a right to have his interest redeemed for the fair value on the date of withdrawal plus interest. The partnership and withdrawing partner must come to an agreement on the redemption price. If no agreement can be reached within 120 days after written demand for redemption. The partnership must pay the withdrawn partner within 30 days its estimate of the redemption price.

One issue to be aware of is the withdrawing partner's ability to bind the partnership. For one year after withdrawal, a partner can bind the partnership to any agreement that would have bound the partnership before withdrawal if there was apparent authority to enter into the agreement, and the third party did not have notice of the withdrawal and reasonably believed that withdrawn partner was still a partner. Additionally, the withdrawn partner remains liable for any partnership obligations that were in existence before withdrawal.

When the partnership decides or is forced to "wind up" its operations, certain requirements under the TBOC must be followed. A solvent business that is dissolved with liquidated assets must pay cash first to creditors and then to the partners' capital accounts. Where a partner pays more than his share of the debt, he is entitled to a contribution from the others for that amount.

Financing and Acquisition

Hopefully your company will be in a position for funding or even acquisition. The following are some of the agreements you will encounter and some issues relating to each.

Letter of Intent/Term Sheet -- LOI's and Term Sheets set out the ground rules for the negotiation and try to get the major issues of the agreement in writing. Neither of these are legally binding (unless there are confidentiality provisions), but merely provide a roadmap and framework for the deal.
Stock Purchase Agreement -- you will need an SPA to allow for the investor or acquiring entity to purchase equity in your company.
Certificate of Incorporation/Investor Rights Agreement/Voting Agreement-- an amended certificate of incorporation is generally needed to set out the new voting rights and requirements/obligations for the new investors.The other agreements will further set out the rights of investors and how voting will work following the agreement.
Right of First Refusal -- the company will often want to have a right to repurchase the stock should the new investors choose to sell it at a later date.
Indemnification Agreement -- Indemnification agreements are often major sticking points in M&A's. At what point should the new investor/acquiring entity pay liabilities before the company becomes responsible? This is often related to the earnout provision and the projected revenue of the company.

START UP WEEK: What Is This Operating Agreement Of Which You Speak?

Paul Stanfield — Wed, 21 Jul 2010 09:20:51 -0600

In this, the third installment of “Start Up Week”, we will discuss some aspects of the fundamental document governing the internal operation and rules of a limited liability company (“LLC”). This is referred to in various state statutes as a “Company Agreement” (Texas) or an “Operating Agreement”. Regardless of what you call it, it contains the rules to live by in a LLC. Because of the blurring of the lines between various kinds of legal entities in the past few decades, the Operating Agreement is similar in many ways to the by-laws of a corporation and the partnership agreements in general partnerships, limited partnerships and limited liability partnerships, but the discussion in this post relates only to Operating Agreements.
“Why do I need one?” you might ask. You might tell me that you went on the Secretary of State’s web site and for $300 and 15 minutes of your time, you formed your own LLC and have not done anything else, so what’s the big deal?
Technically, you don’t even need a written Operating Agreement. An Operating Agreement can be written or oral, although I’m sure you recognize the problem of proof if you try to rely on an oral Operating Agreement. Therefore, you should have a written Operating Agreement even if you are the only member (owner) of a LLC. The Texas statutes recognize and provide for that situation, even if you are essentially agreeing with yourself. One of the best reasons for forming a LLC is the limited liability feature of such an entity and availing yourself of such limited liability requires that you treat the LLC as an entity separate from yourself in regard to contracting, bank accounts, leases, etc. The failure to make such separation can be that a court (in a situation you don’t want to be in) might say that since you disregarded the separate nature of your LLC, the court will do the same and therefore, you don’t have the limited liability protection. The existence of a written Operating Agreement, while not dispositive of the issue in and of itself, is evidence of your recognition of the separate entity and aids in the defense of any attempt to “pierce the veil” of the LLC.
Even if you don’t have a written Operating Agreement, the state has provided one for you. For example, in Texas the statute says, “To the extent that the company agreement of a limited liability company does not otherwise provide, (these statutes) govern the internal affairs of the company.”
So, if the state is going to write one for you, why not do one that might better suit your needs?
While not exhaustive, the following is a discussion of issues that should be considered in your Operating Agreement. These should be carefully considered and discussed with an attorney and an accountant to determine if they actually achieve the goals that the members have for the LLC and their investment in it. Also, since we have treated the posts during this “Start Up Week” as alpha and omega and “Cradle to Grave”, you can consider the Operating Agreement as a giant pre-nuptial agreement relating to the very real relationship you will be entering into in a multi-member LLC. Therefore, you should provide for how you get into the relationship, how you act during the relationship and how you are going to end the relationship. Good advice in life, good advice in LLCs.
Issues:

1. What happens when you or another member want to sell your interests?

Interests in small LLCs tend to be closely held and not particularly marketable, so this tends to be self-limiting. However, absent some contractual restriction, LLC interests are freely assignable, and you don’t want to wake up one morning and find that you are in business with someone that you didn’t anticipate, so you should consider restricting the sale in some way. Some methods of doing this are: (i) right of first refusal in favor of the LLC and the other members on the same price and terms as offered by a third party; (ii) exercise of a “stare-down” agreement (also called “push-pull”) where a party desiring to sell names a price and the other member(s) can either purchase the interest at that price or sell their interest at that price but one or the other has to occur; and (iii) declaration of intent to sell where a party who desires to sell declares that intent and the terms upon which the party would sell (this is similar to the right of first refusal but there is not a ready buyer at the time).
Other situations that you would possibly want to consider are purchase of a member’s interest in the event of divorce, death, disability, bankruptcy, retirement, breach of the Operating Agreement or termination of employment for good cause. The situations in this paragraph would require the establishment of a value for the interest that can either be done in the Operating Agreement (generally forgotten and rarely updated) or by a method established in the Operating Agreement (e.g. third party appraisal).

2. How capital is to be contributed and gains and losses are to be allocated?

In the event that not every member contributes the same amount to the enterprise (e.g. some contribute money, some contribute intellectual property or labor, etc.) the dynamics and results of that non-symmetry needs to be considered. The maintenance of each member’s capital account and how that will be affected if different capital contributions are made but gains and losses are passed through in equal amounts should be discussed in depth with a financial adviser. Also, if future capital contributions are to be made, what happens if there is default? Is the defaulting party’s interest subject to being bought out at some pre-determined price or is the defaulting party’s interest terminated? Other consequences can be set out. One of the values of a LLC is its flexibility. As long as it is not illegal, you can agree to do it in an Operating Agreement.

3. What are other considerations?

Aside from how to capitalize and distribute gains and losses and how to manage a termination of the relationship, other issues to be considered are how to form and manage the enterprise, whether to have the LLC indemnify the members for certain actions and whether to distribute money to pay for tax liabilities in certain situations.

Obviously, any lawyer worth his salt can work one of these agreements into a multi-volume set. However, the time, effort, expense and thought put into this on the front end when people are much more agreeable can avert a number of issues down the road when they might not be so congenial.
Avoiding future problems, that’s a good thing.

STARTUP WEEK: Intellectual Property and Your Company

Luke Stanfield — Tue, 20 Jul 2010 12:33:39 -0600

So now you've chosen your entity, it's been incorporated, you have startup capital and are up and running, you've spent thousands of dollars in creating a logo, branding, and marketing. Things are going great, and then one day you are hit with a cease and desist letter stating that you are infringing on another company's trademark because the name you are using is confusingly similar to the other company's name. Now you are not only in danger of being sued, but you've just wasted thousands of dollars and many months of hard work on a name and brand you can't even use. This is just one illustration of how important it is to assess as early as possible the intellectual property (IP) landscape of your company. Three questions every new business owner should ask: "What IP does my company have?", "How do I protect that IP?" "Am I in danger of infringing the IP rights of another?" This post will give a summary of the main types of intellectual property, how to protect IP, and how to avoid infringement. This is just a summary and is no means comprehensive. Every new business owner should consult with an attorney about their IP issues.

The four main types of IP: 1)Trademarks 2)Copyrights 3) Patents and 4)Trade Secrets.

TRADEMARK LAW

Trademarks allow a company to easily distinguish itself in the marketplace in the minds of consumers. A well known trademark is often one of a company's biggest assets. Trademark law gives a company the exclusive right to use a distinctive mark used to identify its goods or services. It allows for a company to develop a brand in the marketplace without fear that another company will cause a "likelihood of confusion" by using a similar mark. Trademarks do have "common law" protection under federal law and the law of most states; meaning that you do not have to register to have protection. But registering your distinctive mark at the federal and state level provides a number of benefits. Registering serves as constructive notice that your mark is in use, it makes it easier to prove your case in court, and it gives you protection in a far greater area. Prior to registration, the mark should be followed by "TM" for trademarks and "SM" for service marks.

Not all names are available for trademark protection. The mark must be sufficiently distinctive. The level of distinctiveness depends on the context it is used. Generic or common terms are not protectable if they are used in the area they describe. For example, "Apple" is protectable when used with computers, but would not be protected if the company sold fruit. Marks can't be overly descriptive either. For example, "Eye-Care Center" would not be protectable for an optometrist's office. Suggestive marks have a better chance of obtaining protection, but are not perfect because they could be seen as too generic/descriptive. For example, "America Online" is suggestive of the services it provides. The best choice for a protectable mark would be an arbitrary or fanciful term. (Think "Yahoo!" and "Google") It should be noted generic or descriptive marks can become protectable through their use. A mark can obtain "secondary meaning" through its extensive and continuous use in commerce to such an extent that it has achieved the required level of distinctiveness.

Picking a distinctive mark is just half the battle. You must also ensure that you are not using a mark that infringes another company's rights. The basic test the courts use when determining if a mark is infringing is "likelihood of confusion" in the minds of consumers. There are thirteen factors courts consider when determining likelihood of confusion. (Known as the "DuPont Factors") You should search extensively for similar marks on the USPTO website and consult with an attorney before deciding on your mark.

COPYRIGHT LAW

Copyright law protects original works of authorship fixed in a tangible medium of expression. Obviously, this includes many areas: literary works, musical works, dramatic works, photos, paintings, sculptures, architectural works to name a few. Business that don't produce these types of works should still consider whether they have copyrightable material. Marketing materials, training materials, or other works that the business creates during its operations could potentially be copyrightable.

Anytime a business contracts to create something new it should consider the copyright involved. Just because someone creates something for a business doesn't necessarily mean the business own it. This is a common issue in "works for hire" cases, and every company should address ownership of the copyright when contracting for works made for hire.

Similar to trademarks, copyrights can be registered, but they do not have to be. Copyright protection exists from the moment of creation. But like trademarks, there are a number of benefits from registration. It is much easier to prove infringement if the copyright is registered, there are substantial statutory damages as well attorney fees available to the registered copyright holder. Copyrights are relatively easy to register compared to patents and trademarks, but registration can be deceptive in its simplicity. Consulting with an attorney is recommended.

PATENT LAW

Patent law was historically centered around companies engaged in research in development. That is no longer the case since what is patentable has greatly expanded over the last few decades due to court decisions. For example, business methods and computer software were once considered unpatentable before the changes in the law. Unlike other IP, patents are only protectable once they have been approved by the USPTO. However, when resolving patent disputes, the United States is different from almost every other country in the world in that it follows a "first to file" system instead of a "first to file" to determine the proper patent holder.

There are three types of patents in the US: utility, design, and plant patents.

Utility -- new or useful machines, articles of manufacture, compositions of matter, and processes;
Design -- new original and ornamental design for an article of manufacture;
Plant -- new varieties of plants

Patents are also different from other forms of IP in that it doesn't automatically give the owner the right to use the patent. It merely prevents unauthorized use of that patent. If the owner of a patent can prove infringement, the owner is entitled to injunction to prevent further infringement and damages.

Obtaining patent protection is an expensive and time consuming process. Many patents take years to prosecute, and can be very complex. A patent agent or patent attorney should be consulted. The USPTO will only approve a patent if it is novel, useful, and not obvious. Because of the time and cost involved, business owners should carefully consider whether or not to pursue a patent.

Finally, it must be noted that a business can infringe a patent (as well as copyright and trademark) unknowingly and still be subject to damages. Every business owner should carefully examine the existing IP landscape before proceeding into new ventures.

TRADE SECRET LAW

Trade secret law is extremely important because every business, especially new businesses, have information that it feels gives it an advantage over its competitors in the marketplace, and it doesn't want them to have knowledge of the information. Under the Uniform Trade Secret Act, trade secrets are defined as:

information, without regard to form, including, but not limited to, technical, nontechnical, or financial data, a formula, pattern, compilation, program, device, method, technique, process, or plan that (1) derives independent economic value, actual or potential value, from not being generally known to, and not being readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use; and (2) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy.

To protect trade secrets, owners must keep them "relatively secret" and exercise reasonable efforts under the circumstances to maintain their secrecy. What is reasonable obviously depends on the context, but some common measures include: restricting access to confidential information, having those that see the information sign confidentiality agreements, using passwords and encryption to protect digital information.

A Business should also take measures to ensure that it is not misappropriating trade secrets. When a new business begins to bring officers, managers, and employees on board, it should make clear that they can't bring the trade secrets of others with them. Furthermore, the business should ensure that the employees are not subject to confidentiality agreements or noncompete agreements to prevent a breach of those agreements.

These are just a few of the IP issues that businesses confront. IP law is a vast, complex area of law that can be a minefield for the unwary. Make sure you do your research and consult with an attorney so that your business can thrive and avoid unnecessary pitfalls.

STARTUP WEEK - Business Entities

Stuart Hiserodt — Mon, 19 Jul 2010 13:57:21 -0600

This is the first installment of Startup Week here at AustinTechnologyLawBlog.com. We’ve talked with some small companies here in Austin and there was a request to focus our attention on some of the legal issues facing a local start-up. So we were happy to oblige.

This first blog post focuses on business entity selection and will try and give a quick summary of the more popular Texas entities and give some advantages and disadvantages of each. It is important to notice that this information is meant to be educational and informative for the public, anyone attempting to form a business entity should consult an accountant and an attorney before forming an entity. This does not constitute legal advice in anyway. Personal wealth, investments, future investors, as well as a number of other issues can significantly change the outcome of the entity selection.

Sole Proprietor

A sole proprietorship is one of the most common and simplest forms of a business entity. When an individual begins work without formal registration with the state the individual/company is seen as a sole proprietor. The default entity for an individual, a sole proprietorship is the easiest to form and least expensive business entity out there (grand total of $0, unless you operate under a name other than your own surname then you would need to reserve an assumed name). The money from the business flows directly to the owner, and the owner can distribute the money as he/she sees fit. However, with such freedom comes much responsibility. The biggest trade off here is likely that a sole proprietor must assume all liability of the company. If the company defaults on a contract, an employee wrecks a car, someone slips and falls, etc. and damages are due from the company, not only would the company assets be subject to the judgment, but so would the owner’s personal assets.

Partnership

“[A]n association of two or more persons to carry on a business for profit as owners creates a partnership, regardless of whether: (i) the persons intend to create a partnership, or (ii) the association is called a ‘partnership,’ ‘joint venture,’ or other name.” (TBOC §152.051). This means that if two or more people agree to start a business together and share profits (no matter if the entity is called a partnership or not), and do nothing else, the business is a partnership. The law does not call for any formal requirements to form a partnership. Therefore, the rules of contract law apply making the creation of a partnership often quite simple and inexpensive. If one chooses a partnership, a partnership agreement should be created, but the partners will enjoy a large amount of flexibility in drafting this agreement. This contractual freedom is one of the main benefits of selecting a partnership. As long as the provisions are legal, partners may draft their agreement with very little restrictions. The partnership agreement is vital to the partnership and should govern all actions of the partnership, from distribution of funds to how to wind down the partnership. However, as with a sole proprietorship, the freedom from regulation comes at a cost. Partners are jointly and individually liable for the actions of the partnership. Therefore, if the company is liable for any action (even if it was your partner who was the cause of that liability) the assets of the business, your partner’s personal assets, and even your personal assets are subject to satisfy that liability. Personal liability is something most everyone wants to separate from their business, so it is important to make sure a partnership is not accidentally created. On occasion, two parties can come to agreement to partner together, even though the individuals (or companies) don’t intend for a formal partnership union to occur. Be cautious about ventures with others as an accidental partnership could cause you to be personally liable for the actions of others.

Limited Liability Partnership (“LLP”)

The Texas legislature has authorized the formation of registered limited liability partnerships (LLP). The major difference of an LLP and a partnership, as you can imagine by the title, is that the LLP has a limited liability. The partners are not personally liable for the negligent acts of other partners or partnership employees (except in certain limited situations) AND the partners are not personally liable for the contractual obligations of the LLP. The protection of the partners from these liabilities makes this business entity a substantially better choice than a partnership in most cases. The LLP, as with any business entity, cannot afford a partner a personal liability protection from his own actions. A partner is liable for his own tortious actions and no business entity will shield him from that personal liability. As with the partnership, the LLP should maintain a partnership agreement, which is similarly very flexible. However, an LLP must file with the state. To receive this protection with the LLP, one must register with the Texas Secretary of State and follow the appropriate guidelines (TBOC §152.802), follow the naming requirements (TBOC § 5.063) and carry insurance (TBOC §152.804).

Corporation

A corporation is a separate legal entity which comes into existence by charter from the state. Being a separate entity, a corporation can be thought of as an entirely other person with certain benefits (a perpetual life) and obligations (must pay taxes, can be sued, and can contract). A corporation can be for profit or nonprofit, but this review will only cover for-profit corporations. A for-profit corporation can be a (i) publicly traded general corporation, (ii) general corporation not publicly traded, and (iii) a close corporation. Generally, shareholders, through their bylaws, may establish their own decision making process and freely transfer their ownership rights, subject to the laws of Texas. The structure of the corporation generally provides for shareholders to purchase stock, then elect board members who then appoint directors. Issues such as elections, voting requirements, make up of a quorum, duties and rights of shareholders, board members, and directors are all determined by the bylaws. These bylaws can be somewhat flexible, but are governed by Texas law.

A corporation provides limited personal liability for shareholders ensuring they will only be held accountable for their investments in the stock of the company. However, the limited liability protection afforded shareholders of a corporation can be bypassed if the corporation does not act as a separate entity. The legal terminology for losing this corporate protection is called “piercing the corporate veil.” If a liability occurs (debt, lawsuit, etc), a claimant will try and “pierce the corporate veil” by proving the shareholder(s) did not treat the corporation as separate entity. Texas courts look at several factors to determine whether the shareholders treated the corporation as separate entity, such as: whether a corporation does not maintain corporate documentation/records, pays employment taxes, and whether it holds a separate bank account.

Additionally, a major factor in determining whether or not to choose a corporate structure is often tax rates. A corporation is taxed on the income received and then the shareholders and directors are taxed again when the corporation disperses dividends or salaries. However, one can make an S-Election to try and alleviate this double taxation. By making an S-Election the corporation is not taxed on the income received, and the income flows directly through to the shareholders, board members, and directors. However, the S-Election comes with some catches. There is a limit on the type of investors, the number of shareholders, and the type of stock an S-Corp can have. These restrictions affect some, but not others. For instance, if you intend to deal with foreign investors, venture capital groups, or angel investors most will require a C- Corp (or a corporation without an S-Election). These investors would rather deal with double taxation rather than being subject to these corporate limitations. Alternatively, with a small company attempting to achieve a lifestyle business (not intended to be sold later down the road) these corporate limitations might not apply and thus make an S-Election a good decision. This tax election is very detailed and important and it should be noted that if one chooses an S-Election incorrectly there can be penalties. Again, please contact an attorney or an accountant before going forward with this decision.

To form a corporation, one must apply through the Texas Secretary of State for the appropriate corporate structure and follow the naming requirements (TBOC § 5.054). Make sure your articles of incorporation, bylaws, stock purchase agreements, etc are drafted as well (more to come on these issues later in the week).

Limited Liability Company (“LLC”)

A limited liability company is a hybrid entity that is neither a partnership nor a corporation, but rather a combination of both (at least to some degree). The LLC provides a limited liability for its members, provides quite a bit of flexibility in its structure, and requires significantly lower filing fees than an LLP. The members, or owners of the LLC, carry no personal liability or obligations of the LLC. This limited liability protection is the corporate half on an LLC. As in a corporation, the members are generally limited to a loss equal to the amount invested. However, it is important to note that the LLC cannot afford an individual member protection from a member’s own action. For instance, if a company provides a cleaning service and one of the members is performing the actual cleaning and negligently burns down the house, the LLC and the member performing the service will be subject to this liability. However, the other members will be afforded the protection from a personal attack (a claimant may still sue each member of the LLC, but the other members have no personal liability in this case).

The structure of the LLC can be flexible as well. An operating agreement, the governing document of the LLC, has the flexibility of a partnership agreement, with some exceptions. The flexibility of the operating agreement can cause different forms of governance. However, if no operating agreement is formed or does not address certain aspects, Texas laws provide certain defaults for an LLC. For instance, if there is no provision in the operating agreement, a member can only assign his/her ownership interest in the LLC, but the recipient of the ownership interest is not entitled to the rights and duties of a member. Therefore, an LLC allows for interest transfer like a corporation, but the rights associated with the ownership interest do not transfer, unless otherwise stated. Additionally, absent a provision in the operating agreement, the allocation of profits and losses are subject to the amount contributed (stated in the articles of formation). An LLC may have a single member or multiple members, while the management of the LLC can be by a single member, multiple members, member managers, or nonmember managers. The articles of formation or operating agreement should provide whether the member(s) can run the LLC, whether the members can appoint one or more of themselves as managers and run the operations of an LLC, or members can appoint a nonmember as a manager and the nonmember manager can run the LLC.

To form a LLC, one must apply through the Texas Secretary of State and follow the naming requirements (TBOC § 5.056). Again most every element of the LLC can be altered by an operating agreement; so much care should be given when drafting this agreement.

This summary is a brief overview of the make up of the business entities in Texas. See here for a spread sheet of the differences in these entities.

Startup Week: The Alpha and the Omega

Luke Stanfield — Mon, 19 Jul 2010 13:08:28 -0600

After asking some of our clients and others in the Austin business community what issues they would like to see Austin Tech Law Blog cover, the most frequent response was startups and the legal issues they face. Be careful what you wish for.

This week, ATLB will be blogging a "Startup Week" where we'll cover issues from the inception (great movie!) of a company to dissolution, or more optimistically, acquisition/funding.

Monday: Entities: Which entity should you form under? The pros and cons of each.
Tuesday: Intellectual Property: If you have it, how do you protect it?
Wednesday: The Operating Agreement: What issues should you consider when creating it?
Thursday: Employee Agreements: Issues in employment agreements including noncompetes, nonsolitication, and confidentiality agreements.
Friday: Dissolution, Acquisition, or Final Funding: What issues should you consider for each?

So check in each day as we discuss the various legal issues you should consider when forming and operating a startup.

Trademark and Domain Name Scams from China

Stuart Hiserodt — Fri, 16 Jul 2010 11:01:15 -0600

Recently, one of our clients received an email from Chinese domain registration company stating a

foreign company was attempting to obtain their domain name. Our client, for purposes of privacy we’ll call them “CustomerName,” is a start-up in the process of obtaining a trademark of their company name. This email, although suspiciously spam-like, created some concern and

confusion for CustomerName. Was this spam? What rights would they have if a foreign company was to use this domain name? What is my recourse?

First things first, it’s important to determine whether something like this is just a “Nigerian Prince” scam. A quick search turned up an article on the domain registration email our client received. The article, by Happy Living with Hosea, provides a great analysis of the drafting of the email. Hosea pointed out things a Chinese company would have likely done differently if this was a legitimate operation. First, it was evident something peculiar was up based on the grammar and punctuation of the email. I’ll be the first to admit I send out letters with grammatical and punctuation errors on a daily basis. However, this one bereel bad! So I feel “it is our duty to notice you” (a little example) of how this poor drafting is a good indicator of a scam. Additionally, had this been one carelessly drafted email that would be one thing, but after some research, it becomes clear this is not an isolated case (just read the comments to the Hosea article).

However, with any scam these crafty “artists” will adapt and mutate this approach and at some point you can be sure they will succeed in passing this first grammar test. The next item to consider, when dealing with a questionable domain registration request, is the procedures and literature of the company regarding the registration. This pre-registration option is common. A similar letter was sent out for the .co internet launch. As I wrote in a previous article, Cointernet, provided a period of time where specific trademark holders were provided a time period to secure their .co domain names. However, in this case, Cointernet provided rules and regulations on the process. This email and website listed nothing of the sort. This would be a red flag as well.

So what if this email was real? What options would you have to protect your name? If you have a United States Trademark, the protection afforded to you applies to within the jurisdiction of the United States. So if a company advertises and provides goods or services in connection with your trademark, but only in China, you won’t have much recourse. The company would have to advertise and put their mark into the stream of commerce in the United States. If the foreign company does establish a presence in the United States, in order show infringement you would need to show you had a prior use of the trademark, there was a commercial use of your mark, and likelihood of confusion of the foreign use (similar goods or services, etc). If infringement is difficult to prove, cybersquating claims exist one could raise depending on the use of the foreign entity. However, the success of the cybersquating claim would depend on the foreign entity’s use of the mark.

Although one should work hard to protect their intellectual property, be aware of scams similar to this one. For reference, here is the letter sent to our client:
Dear Manager,

We are a Network Service Company which is the domain name registration center in Shanghai, China. On July,7th,2010, We received HUATAI Company's application that they are registering the name "Customer Name" as their Internet Trademark and "CustomerName.cn","CustomerName.com.cn" ,"CustomerName.asia"domain names etc.,It is China and ASIA domain names.But after auditing we found the brand name been used by your company. As the domain name registrar in China, it is our duty to notice you, so I am sending you this Email to check.According to the principle in China,your company is the owner of the trademark,In our auditing time we can keep the domain names safe for you firstly, but our audit period is limited, if you object the third party application these domain names and need to protect the brand in china and Asia by yourself, please let the responsible officer contact us as soon as possible. Thank you!

Kind regards

Angela Zhang

Angela Zhang

Registration Department Manager
3002, Nanhai Building 854.Nandan Road
Xuhui District, Shanghai
Office: +86 216296 2950
Fax: +86 216296 1557
Email: info@ygnetwork.cn
web: http://ygnetwork.cn
web: http://www.ygnetwork.cn

Bilski: The Landmark Case That Wasn't ... Helpful?

Stuart Hiserodt — Fri, 02 Jul 2010 09:00:49 -0600

We recently wrote about the recent Bilski holding, and how the narrow decision seemed to do little, except for increase the confusion about business method and software patents. The issue is understandably complicated (likely why the Supreme court punted this decision), and the holding is evidence of that. As I was reading Techdirt, I saw The IEEE recently released a press release that illustrated how confusing the recent decision actually was. The IEEE reported, "The U.S. Supreme Court ruled 5-4 Monday that a new method of doing business can be patented, and that the ability to patent software should not be limited." As Techdirt points out, this is not exactly the case. It was not a 5-4 decision, but a 9-0 with a split majority, and the holding did not succinctly state “that a new method of doing business can be patented.”

In an attempt to help clear up some of the confusion, we spoke with Bob Villhard, a local Austinite patent attorney (who we also work with quite a bit), about the Bilski holding. Our discussion turned into a brief summary by Villhard on the subject. In a much more eloquent manner than myself, here is Villhard’s insightful interpretation of Bilski:

Back to Business: The Supreme Court Decides That Some Business Methods Can Receive Patent Protection

In a landmark decision on June 28, 2010, the Supreme Court ruled that some business method patents can be eligible for patent protection. This ruling comes as a great relief to many entrepreneurs who (during the lengthy pendency of the Bilski case) found the U.S. Patent Office unwilling to protect their new business methods with patent protection. The Bilski ruling changes that for many entrepreneurs.

In a nutshell, the claims of the Bilski patent application claimed a method of hedging market positions. Notably, the Bilski claims failed to include a description of a computer for performing the hedging method. Thus, Bilski was claiming a “raw” business method. In considering the validity of these claims, the Court held that while some business methods can receive patent protection, those methods which merely express an abstract idea cannot.

However, the Court left many questions un-answered.

For instance, prior to this ruling, method claims had to pass an exclusive “machine or transformation” test in which the method had to 1) be tied to a particular machine or 2) transform an article into a different state or thing. In the Bilski opinion, the Supreme Court stated that, “In disapproving an exclusive (emphasis added) machine-or-transformation test, we by no means foreclose … development of other limiting criteria.” The Court also stated that therefore we “need not define further what constitutes a patentable ‘process.’”

Thus, the machine or transformation test is no longer the exclusive test for determining patent eligibility. Rather, the Patent Office is free to develop new tests for patent eligibility. This result is unfortunate for entrepreneurs because the Court offered no guidance as to what these new tests might be. As a result we can expect more litigation before this question is settled. However, this result is also good news for entrepreneurs because if their method claims pass muster under the machine or transformation test, they are eligible for patent protection. Plus, the possibility now exists that claims passing other tests (albeit tests that have yet to be developed) can also receive patent protection.

It is worth noting, though, that business method patent applications still pose special problems for entrepreneurs. For instance, the Court explicitly stated that, “In order to receive patent protection, any claimed invention must be novel, non-obvious, and fully and particularly described” in accordance with the relevant patent laws. Furthermore, the Court stated that, “Business method patents raise special problems in terms of vagueness and suspect validity.” In other words, entrepreneurs should beware that the Patent Office remains likely to treat business method patent applications with a great deal of skepticism and scrutiny.

As a result, while some business methods can now receive patent protection, entrepreneurs should take care to obtain the services of a skilled Patent Attorney to navigate the complex legal requirements imposed on patent applications.

The lead author, Robert Villhard, has over eight years of legal experience, is the Founder and CEO of The Villhard Patent Group, and has over fifteen years of experience as a rocket scientist. Those interested in obtaining more information can contact Bob at (512) 897-0399 or visit www.villhardpatents.com.

Bilski: The Landmark Decision That Wasn't

Luke Stanfield — Tue, 29 Jun 2010 11:50:36 -0600

In the highly anticipated decision, Bilski v. Kappos, the Supreme Court affirmed the rejection of a specific business method patent, but left the door wide open on the validity of thousands of similar patents. In what has become typical for decisions under the Roberts Court, the majority opinion was narrowly defined. The court ruled only on the specifics of the case while failing to provide much guidance for similar patents.

Watching the case intently were both sides of the patent divide. Of course, large sectors of the economy depend on patent rights for growth and innovation, and many feel that more patent rights further innovation. However, there exists a large segment of the business community, including many in the tech industry, who were hoping the court would take this opportunity to put an end to controversial business method patents (and software patents) by applying the "machine or transformation" test adopted by the Federal Circuit. The test requires any patent to either: 1) be tied to a particular machine devised to carry out a process in a non-conventional, non-trivial way, or 2) transform an article from one thing or state to another. Abstract ideas like business methods would not satisfy the test.

At issue in Bilski was a rejected business method patent for a system to hedge on energy prices using weather projections. And while the court rejected this particular patent, it went out of its way to state that it was a narrowly defined decision, and the machine or transformation test is only "useful and important clue," but should not be the sole test. Many justices on the court expressed doubt about the validity of business method patents, but a majority of them were not ready to categorically exclude them from patentability. The result is that thousands of business method patents and software patents remain valid, but future litigation will be needed to determine which ones. So the lesson as always: nobody really wins except the lawyers.

.XXX Top Level Domain: Will Porn Revolutionize Domains?

Stuart Hiserodt — Fri, 25 Jun 2010 14:04:05 -0600

Yesterday I wrote about the new domain .CO and the likelihood of success. The .Co Internet S.A.S. (cointernet.co), through its new Top Level Domain (TLD) .CO, is attempting to provide a potential answer for the shrinking number of available domain names. With today’s announcement that ICANN has given its initial approval of the .XXX TLD, it is interesting to ponder what effects this might have on the structure of how we view the internet.

It is no surprise there is no doubt an unbelievable amount of porn related traffic on the internet. In fact, according to Bevan Sabo‘s post “Top 4 Ways Porn Has Advanced the Internet,” Porn has played a large role in the advancement of internet technology. With new domain name availability on .XXX, there is a chance the porn industry might begin to gain some traction in creating an extremely visited popular new TLD. As with the .CO marketing and launch plans could play a major factor in how the domain is perceived and visited.

However, if this new .XXX TLD does gain traction, then other TLDs such as .CO could have their place in a newly divided internet. It’s not an easy feat to garner public attention to these TDLs. How many times have you used the .museum for anything? Porn would have to do something the air-transport industry (.aero), the communications companies (.mobi, .tel), and the travel industry (.travel) could not do – get anyone to type something other than .COM.

If the .XXX TLD is successful, the .COM might take on a catchall TLD role, while other domains might help organize … well, everything. If these divisions occur, instead of just blindly typing in .COM after everything, we might start to think twice. Additionally, if the new domains gain popularity there might be a need for a domain specific search engine or other domain limiting technology.

In the alternative, will the .XXX be a vehicle for limiting free speech? This is not the first time the issue of the .XXX TLD has been visited by ICANN. In May of 2006, the Guardian reported that the ICANN board voted down the creation of the proposed .XXX TLD. Arguments from both sides have valid points and bring up great issues. Will “porn” be forced to the .XXX? Will it then be restricted to persons over 18? Who will enforce that? Would it be constitutional? Only time will tell, but it might be something to keep your eye on.