Friday, July 29, 2016

Swiss National Day

     August 1st is Switzerland's National Day. 

     It is a national holiday to celebrate the event in 1291, when three cantons (Schwyz, Uri and Unterwalden) swore an oath to become a confederation, that is considered to be the birth of Switzerland.  See link.

- Henry Park

Thursday, July 21, 2016

Trademark - Who wants a Dark 'n Stormy

     A friend recently posted a link to an article about DARK 'N STORMY(R) alcoholic drinks.  The article is a wonderful mashup of various intellectual property rights concepts.  However, most intellectual property rights do not apply to this cocktail.

     Copyright.  As discussed in an earlier blog post, there is no copyright protection over the ingredients list for a DARK 'N STORMY(R) drink.  Thus, you can distribute and make your own version of this drink using the ingredients from the official recipe -- rum, ginger beer, and lime.

     Trade Secret.  As the recipe is well known and publicly distributed by Gosling Brothers, there is no trade secret protection.

     Patent.  Assuming there was some kind of invention that was protectable in this cocktail, any patent protection would have long since expired.

      However, here is why use of the DARK 'N STORMY(R) mark is risky.

     Trademark.  Gosling Brothers Ltd. Corp., has five registered trademarks with the USPTO that include the DARK 'N STORMY mark with the USPTO.  Additionally, Gosling is on record saying that they defend their trademark rights vigorously (see article; see post).

      However, that isn't the end of the story.  The real question is what do those trademark actually cover?

Reg. No. 1657574 - Pre-mixed alcoholic cocktail, namely rum and ginger beer
Reg. No. 2011630 - Clothing, namely, shirts, hats and jackets
Reg. No. 3461485 - A kit containing Gosling's BLACK SEAL rum and ginger beer for preparing an alcoholic cocktail
Reg. No. 3747805 - Bar Services

Reg. No. 4297417 - Pre-mixed alcoholic cocktail, namely rum and ginger beer

     Thus, to any alcohol serving establishment, the relevant registration is the earliest one for a "pre-mixed alcoholic cocktail, namely rum and ginger beer".  Importantly, this registration does not specify what type of rum should be used.

    In order to understand what "pre-mixed" means, I looked at the specimen that was submitted during the latest trademark renewal (see graphic to the left).  Yes, those are cans of DARK 'N STORMY(R) cocktail.  Thus, the mark protects pre-mixed drinks, such as cans of DARK 'N STORMY(R) cocktail.

     The mark arguably could protect mixed drinks, that is drinks that are mixed on request in a bar, because there could be a likelihood of confusion between pre-mixed and mixed drinks. Therefore, if you are a bar and are using the DARK 'N STORMY(R) mark to sell a beverage, you are at risk of trademark infringement and should seek either a trademark license, or use a different name for your mixed drink of rum and ginger beer.  If you use a different name, you can let your customers know that it is the same as a DARK 'N STORMY(R) cocktail.

      Finally, Gosling has been aggressive in stating that a DARK 'N STORMY(R) cocktail must use its own GOSLING'S BLACK SEAL(R) rum.  However, only one trademark registration requires the use of that particular rum, and that is for a kit to prepare a cocktail.  Thus, Gosling is attempting to narrow its earliest registration -- rum and ginger beer -- by asserting its later registration -- Gosling's BLACK SEAL(R) rum and ginger beer (see C&D letter). Whether this attempt ultimately would succeed in a legal proceeding has not yet been tested, and I have my doubts about its viability.

- Henry Park

USPTO and Java v8 update 101 build 13

    On my Macintosh, I received a notice that there is an updated version of Java v8 update 101 build 13 (released on July 19).


      I called the US Patent Electronic Business Center (EBC), and talked to Agent 39. She said that the update appears to be safe to install.

- Henry Park

Monday, July 18, 2016

Privacy - Kanye/Kim recorded a telephone call

     Who will win this fight?  In the red corner, Kim and Kanye and in the blue corner, Taylor.

     This public fight between Kanye and Taylor over some lyrics about Taylor in Kanye's song Famous just went to the next round. Yesterday, Kim posted a recorded video of a conversation between Kanye and Taylor about that song. For everyone eager to know what was said, a transcript of that call is available here.

    Recording a telephone call sounds like a smart decision especially, if you believe there might be issues later.

     However, you might want to be careful about where you are when you record that call.  California is a two-party consent state, which means that it is illegal to record a "confidential communication" without the other parties' consent.  Cal. Penal Code § 632(a).  A call maybe a confidential communication where the circumstances reasonably indicate that the communication was intended only for the parties, but cannot be a confidential communication where "the parties to the communication may reasonably expect that the communication may be overheard or recorded."  Cal. Penal Code § 632(c). In addition to criminal penalties of up to a $2,500 fine and/or a year in jail, the party recording the call could be subject to a civil lawsuit where the penalties could be $5,000.00 or three times the amount of actual damages.  Cal. Penal Code § 637.2.  Moreover, the party that releases a recording of a confidential communication could be subject to a fine up to $5,000 and/or a year in jail. Cal. Penal Code § 637.

     Although this public fight is interesting, I'm curious to know whether Kanye received consent to record the call (I suspect he did not after all who in a telephone call says that they are recording the call) or whether Taylor knew the call was being recorded.

    The next great question is whether Kim and Kanye have actually gained credibility and popularity from releasing these videos.

- Henry Park

updated on 7/19 and 7/20

Thursday, July 14, 2016

Privacy - Pokémon GO!!

     Be honest now.  Who hasn't downloaded the augmented reality mobile application Pokémon GO?  But, did you read the privacy notice?

     A recent study, The Biggest Lie on the Internet: Ignoring the Privacy Policies and Terms of Service Policies of Social Networking Services, revealed that almost no one reads a website's terms of use or privacy notice, or if they are "reading" such agreements that they don't examine all of the terms.  I would presume that the study's findings would be just as applicable to mobile application's terms of use or privacy notice.  In the study, two egregious terms were added to see if the participants would notice -- (1) that the participant give up its first born child, and (2) that the user data could be shared with the National Security Administration (NSA) or with any data collection agency.  Only nine (or 1.7%) participants appeared to have noticed the child assignment clause, and only one participant was concerned with the NSA data sharing clause.

     Coming back to Pokémon GO, Senator Al Franken or his staff apparently read the privacy policy, which led them to write a letter to Niantic, the game's publisher, about what information is being collected and whether too much information is being collected. In a nod to the Children's Online Privacy Protection Act (COPPA), the application requires a parent or guardian to create an account if the user is under 13 years old (Section 1.a.iii.).  Also, among the terms is Section 3.d., which states that all user data collected from users is a business asset that can be sold in certain cases.  This clause appears designed to avoid the negative publicity associated with the 2015 Radio Shack 2015 bankruptcy.  Radio Shack had promised not to sell its customer's information to anyone at any time but, after declaring bankruptcy, Radio Shack attempted to sell its customer data. In the end, a mediated deal was reached where the acquirer received only a limited amount of the customer data.

- Henry Park

Tuesday, July 12, 2016

Privacy - Privacy Shield Agreement is formally adopted

     Earlier today, July 12, 2016, the European Commission formally adopted the U.S. - E.U. Privacy Shield Agreement concerning the transfer of personal data (see link).  The Privacy Shield Agreement consists of two parts, which can be found here and here.

     On the E.U. side, the Privacy Shield Agreement enters into force immediately.

     On the U.S. side, the Privacy Shield Agreement will be published in the Federal Register.  After businesses have reviewed the Agreement and updated their policies, they can certify starting on August 1st with the U.S Department of Commerce their compliance with the Privacy Shield Agreement.

     What does this mean for a business that previously claimed compliance with the Safe Harbor Agreement?  Such businesses are not automatically grandfathered into Privacy Shield.  Instead, as discussed above they will have to review and update their policies to certify to Privacy Shield's new standards.

     Are international data transfers now settled?  As discussed in a previous blog post, no.  There is an expected legal challenge to the Privacy Shield Agreement.  Moreover, compliance with Privacy Shield does not mean compliance with the forthcoming General Data Protection Regulation (GDPR), which will be in force in 2018.

- Henry Park

updated on 7/14

Monday, July 11, 2016

Privacy - Privacy Shield Approved But Not Yet Adopted

    On Friday, July 8th, commercial data transfers from between the U.S. and the E.U. received a much needed boost (see article).  The 28 Member States of the European Union voted to approve the revised Privacy Shield agreement by a vote of 24-0, with 4 abstentions allegedly from Austria, Bulgaria, Croatia and Slovenia (see article). 

     The Privacy Shield agreement replaces the invalidated Safe Harbor agreement.  Privacy Shield provides a much needed basis for businesses to transfer personal data between the U.S. and the E.U., beyond the still valid Standard Contractual Clauses or Binding Corporate Rules.  This is important because Standard Contractual Clauses, which have been a popular backup method to continue data transfers, are being challenged in a case referred to the European Court of Justice by Irish Data Protection Authority (see article).

     Although the revised agreement has not been released, an alleged copy is available.  Among the notable changes include tightened rules for holding information on European citizens, such as, deleting personal data and requiring third-party data processors to guarantee the same level of protection as Privacy Shield enrolled businesses.

     The next steps in this saga will be the formal adoption of the Privacy Shield agreement by the European Commission (see article) followed by a presumed legal challenge to the agreement by privacy advocates (see article).
- Henry Park

Wednesday, July 6, 2016

Copyright - Copyright Trolling in Germany and the U.S.

     When I started the law firm, a German business contacted me looking for a US law firm to represent it in its copyright lawsuits against individuals who had downloaded its client's copyrighted works through the internet. Their proposed strategy was the standard -- we have an IP address that we traced through BitTorrent using our proprietary software, now go file a copyright infringement lawsuit against the John Does' who are responsible for those IP addresses, and get a settlement.  After a little deliberation, I turned down their offer.

     I'm sure they thought I was a bit crazy for turning them down.  But, the laws in Germany are different from the laws in the US.

     In Germany, a wifi provider is responsible in the first instance for what occurs over their connection.  If someone downloads (or uploads) a copyrighted work, the person responsible for that IP address would be held liable.  This liability is based on the responsible person's breach of his/her duty of care (Störerhaftung).  It is possible to escape liability, if the responsible person can prove that someone else committed the act.  See article, article, article.

     In the US, however, knowing an IP address that participated in infringing conduct is not sufficient by itself to make the responsible person liable for any such conduct.  US copyright trolls know this fact.  Thus, they have been using the legal system to identify the person responsible for the IP address, and then counting on that person settling to avoid any negative publicity.

     A recent case highlights the chasm between German and US law.  Cobbler Nevada, LLC v. Gonzales, Case No. 3:15-cv-00866 (D.D.Or. June 8, 2016).  In Cobbler, the District Court Judge adopted the Magistrate Judge's finding that the person responsible for an IP address could not be held liable for direct or indirect copyright infringement and sua sponte dismissed the case.  See Magistrate Judge's Findings and Recommendation; District Court Order (copies hosted on  The District Court Judge found that the complaint failed to show that the Defendant was the likely infringer and concluded that hte Plaintiff failed to meet its burden to exclude alternative potential infringers.  It shall be interesting to see whether other Courts are persuaded by this Court's reasoning, or whether this represents a high water mark.

- Henry Park