Business and Technology Law

On October 29, 2010, health insurance giant BlueCross BlueShield’s Michigan unit was sued for illegal price-fixing under the Sherman Act by Michigan plaintiffs seeking class-action certification. A copy of the complaint is available here. In their complaint, the plaintiffs allege that BCBS forced hospitals to include “most favored nation” or “MFN” clauses in their provider contracts, under which the hospitals allegedly agreed to charge other commercial insurers either at least as much as – or more than – they charged BCBS for the same services, thereby giving BCBS a competitive advantage in the marketplace. BCBS Michigan also is facing an antitrust lawsuit filed by the U.S. Department of Justice based on essentially the same set of facts.

Antitrust litigation almost always is a complicated affair, but this lawsuit has the potential to turn into a legal quagmire, especially in light of the incendiary nature of the nation’s pending health-care debate. The outcome likely will hinge on the ability of BCBS’ lawyers to show that the ultimate effect of the MFN language is not anticompetitive, which is a defense that will require significant discovery efforts and expert testimony.

Requests for MFN clauses can be fairly common in a variety of contexts when one of the parties at the table is able to wield sufficient leverage during the negotiations process. However, businesses with sufficient market share need to be careful when drafting agreements that include MFN language, because third parties who are left out of the MFN relationship – or who believe that they have been damaged by it – may scour any operative contracts for provisions that can be used to cast doubt on the agreement. U.S. antitrust law can be a very powerful weapon for aggrieved consumers and jilted vendors.

Developments in this lawsuit should be very interesting to watch.

Entering into a Microsoft Enterprise or Select agreement can be an effective way for companies with large and predictable software needs to reduce IT costs. However, Enterprise and Select agreements may include restrictions on an affiliate’s ability to use software licensed under those agreements. Additionally, the flow of documents over the course of a Microsoft agreement relationship may create confusion regarding the current terms of the agreements and may end up steering a company in the wrong direction relative to its software asset management objectives.

Most Enterprise and Select agreements contain specific provisions determining whether the signing company’s affiliates also may use the software licensed to that signing company. If the affiliates are not specifically included in the agreement , then a significant amount of software intended for use by the affiliate may be out of the affiliate’s legal reach. Additionally, even if some affiliates are included at the outset, it is common for a Microsoft licensing agreement to exclude affiliates that are acquired after the agreement is signed. If such a provision is in place, only the affiliates owned by the signing company at the time the agreement is signed may use the software.

If you renew a Microsoft agreement relationship that is based on a history of prior agreements, you should review the current agreement to confirm that it is consistent with prior terms. Getting lost in the document soup of many years’ worth of agreements potentially can be damaging for a company that does not track its license agreements with precision.

Before you sign a Microsoft Enterprise or Select agreement, you should work with an independent, knowledgeable licensing consultant or attorney experienced in evaluating Microsoft agreements and advising companies on whether those agreements fit with the business’ objectives.

A business owner’s perception of vigorous trademark enforcement in many cases depends entirely on whether he or she was last on the passing end or the receiving end of a cease & desist letter. For businesses that have been accused of trademark infringement, those allegations often seem to be nothing but overreaching by trademark owners trying to make a quick buck based on an unintentional and harmless oversight. However, for many of those trademark owners, failure to police unauthorized, third-party use of identical or arguably confusingly similar marks may mean loss of brand value or even the “genericization” of their once-valuable marks.

It appears that the federal government may be in the process of weighing in on the question of where to draw the line between valid trademark policing and invalid trademark “bullying.” Pursuant to a mandate in the Trademark Technical and Conforming Amendment Act of 2010, the U.S. Patent & Trademark Office recently posted a request for public input regarding deleterious effects of so-called trademark “bullies” on small business. The Act requires the Secretary of Commerce and Intellectual Property Enforcement Coordinator to conduct a study and prepare a report to Congress regarding “the extent to which small businesses may be harmed by litigation tactics by corporations attempting to enforce trademark rights beyond a reasonable interpretation of the scope of the rights granted to the trademark owner” and whether the federal government should play a role in curbing abusive tactics by trademark owners. The USPTO’s request for comment is available here. The deadline to submit comments is January 7, 2011.

While the concerns reflected in the ACT are understandable, it would be unfortunate if Congress were to place any arbitrary restraints on the ability of businesses to police their brands. Unlike patents and copyrights, trademarks generally are not good subject matter for “trolling” – or seeking to reap a windfall based on claims that a third party has infringed acquired intellectual property rights. The validity of a trademark depends in large measure on actual use in commerce, which is a distinction generally absent in other federal IP regimes. That distinction often is effective incentive for a business to be selective in its trademark policing efforts, and while there may be businesses that are arguably abusive in their policing efforts, an effort by Congress to draw the necessarily fine line between what is and is not acceptable enforcement could result in brand owners having to wait until it is too late to protect their rights.

It will be very interesting to see what actions are taken, if any, in response to any comments submitted to the USPTO.

New media technologies always will create unforeseen challenges for copyright law. For example, in the 1950s and 60s cable television providers battled broadcasters over the cable operators’ right to re-transmit broadcast television signals to cable subscribers. After numerous courtroom scrapes, Congress stepped in with Section 111 of the Copyright Act, which established a statutory fee to be paid by cable broadcasters in return for the right to re-broadcast television signals.

Recently, a new technology has emerged, uncovering the old broadcast-rights wounds that were long since considered fully-healed. ivi, Inc., an online television service has begun re-transmitting broadcast television to its own subscriber base. And ivi’s argument is no different than the cable operators of the mid-century.

ivi’s service essentially takes a broadcast feed, called a “primary transmission,” and rebroadcasts it as a “secondary transmission” over the Internet to users who have installed the ivi software. This allows users to watch essentially real-time broadcast television from across the country. Broadcasters are not pleased and anyone familiar with sporting event blackout rules instantly will recognize why content owners consider this to be a significant problem. In fact, after only a week or so into the launch, ivi was served with cease and desist letters from the likes of NBC, CBS, MLB, and others. ivi's lawyers, certainly expecting this uproar from content owners and broadcasters, filed a request for declaratory judgment on September 20th, claiming that the Copyright Act, and specifically Section 111, expressly authorizes just this kind of retransmission.

According to the congressional notes accompanying the adoption of Section 111 of the Copyright Act, the section was a concession to the cable companies from the broadcasters, allowing cable television providers to transmit broadcast signals to their subscriber base so long as they paid a statutory licensing fee to the Copyright Office. That fee is then in turn redistributed to the broadcasters. ivi argues that their service is functionally no different than a cable provider’s and therefore should be allowed to utilize the same statutory compulsory license tool to continue to re-broadcast the primary transmission from broadcast stations.

Whether the federal court legitimizes ivi’s business model remains to be seen, but ivi’s argument certainly is clever and likely will make for interesting discourse on this new intersection of copyright law and technology.

Early this month, the National Labor Relations Board (NLRB) issued a press release regarding a complaint issued by the Board’s Hartford regional office against a company that terminated an employee who “posted negative remarks about her supervisor on her Facebook page.” The NLRB contends that, among other things, the company’s Internet use policy contained provisions prohibiting employees from engaging in protected concerted activity—a violation of Sections 7 and 8(a)(1) of the National Labor Relations Act (NLRA).

In the complaint, the NLRB states that blanket prohibitions on employees voicing dissatisfaction or posting disparaging remarks about their employers are overly broad and a violation of the NLRA. However, this complaint is even more interesting due to the fact that it appears to be in direct opposition to an Advice Memo filed by the NLRB in 2009, where the Board found that a Social Media Policy issued by an employer was specifically not in violation of Sections 7 and 8(a)(1). The policies in question are strikingly similar, so the apparent 180-degree turn by the NLRB may be a sign of a significant ideological shift in the Board.

If upheld, this complaint has implications for companies attempting to protect themselves from employees’ use of blogging and social media sites through Internet use policies. How companies should react to the NLRB complaint likely will not be clear until the complaint is heard in January of 2011, but for companies falling under the NLRA, a full internal review of Internet use and related policies should be planned.

Lamebook.com, the Facebook.com parody website, has filed a declaratory judgment action in the U.S. District Court for the Western District of Texas in Austin. Lamebook, founded in April 2009, defines itself as a, “fun humor blog that allows us to all share and marvel at the funny, ridiculous, and outright crazy posts that can be found on your favorite social networking site.” The Lamebook logo appears to borrow heavily from Facebook’s blue and white logo with a lower case and sans-serif font.

Facebook sent letters to Lamebook claiming the parody website was diluting Facebook’s trademark and that Lamebook must stop using the word “Lamebook” because it contains the word “book.” Counsel for the websites attempted on two occasions to resolve the issues over the phone but were unable to reach a resolution. Facebook’s letters continued to demand that Lamebook cease and desist using the Lamebook mark and indicated that the parody site must comply or face legal action.

Lamebook’s declaratory judgment action claims that Lamebook does not offer social networking services and does not compete with Facebook. Lamebook requests that the court make a declaration of non-infringement of the Facebook mark, a declaration of non-dilution of the Facebook mark, and a declaration that the Lamebook mark is protected by the first amendment of the United States Constitution.

Trademark disputes such as these often involve difficult questions regarding the scope of a trademark owner’s rights and the applicability of certain defenses that may be available to alleged infringers. If you have received one or more cease and desist letters, or, conversely, if you believe your trademark or other intellectual property rights are being infringed, you should contact counsel experienced in enforcing and protecting those rights.

Cloud computing contracts vary widely depending on the type of service being provided and the market to which that service is targeted. Cloud services that are inexpensive or free generally present the contract in the familiar “click-wrap” format that we all, at one point or another, have “agreed to” (but that we almost never actually read). Those agreements often are wholly in favor of the cloud service provider. On the other hand, larger cloud implementations representing considerable, strategic business decisions on the part of the customer (and considerable sales on the part of the cloud service providers) usually are accompanied by agreements that should be read, understood and negotiated to meet the right balance of risk and incentive for both parties. However, many of these large-scale implementation cloud contracts nevertheless are missing a critical term: the cyber risk insurance requirement.

Cyber risk insurance, or cyber liability insurance, provides coverage extending beyond the typical commercial general liability (“CGL”) coverage. For example, in the event of a data breach event, a cloud provider would find it difficult to convince their insurance provider to cover losses if the cloud provider was relying solely on CGL coverage. Cyber liability, on the other hand, is an insurance product specifically designed to address losses arising from incidents involving the delivery of information technology solutions. Cyber liability comes in a variety of flavors that should be customized for each cloud provider based on the nature of the cloud service being provided and the types of data stored in its servers. Ideally, cyber liability should include Errors and Omissions (covers claims related to the delivery of technical services), Media Liability (covers claims related to handling of media, invasion of privacy, and some intellectual property claims), and Fidelity Liability (employee crimes, such as intentionally leaking data or using personal information) coverage.

Without an appropriate insurance policy incorporating sufficient coverage limits for privacy or security breaches, those ubiquitous indemnity provisions may be ineffectual at best. Prospective cloud customers should require cyber liability coverage whenever possible and should work closely with the cloud service provider during negotiations to ensure that the appropriate mix of coverage and dollar limits are obtained based on the type of cloud service being offered.

Many businesses that partner with Oracle to resell its server hardware or to host software solutions built on Oracle platforms are familiar with that company’s sometimes complex licensing rules. Many companies also are familiar with the fact that “complexity,” as applied to those rules, often could be replaced by “unreasonable” or even “draconian.” One industry group recently fired what could be the opening salvo against Oracle in an effort to attack some of those rules as being anticompetitive and in violation of U.S. antitrust law.

In a written appeal filed with the U.S. Department of Justice, the Service Industry Association (SIA), an industry organization representing computer, medical and business products service providers, has requested action against Oracle’s policies pertaining to Sun server hardware maintenance. In its letter, the SIA cites to new policies instituted by Oracle that effectively restrict access to necessary operating systems software updates only to customers with active Oracle hardware maintenance contracts. The effect of the policy is to keep third-party hardware maintainers from servicing Sun hardware, which is widely used across many different industries. According to the SIA, because of Oracle’s market power, this represents an attempt to monopolize a significant segment of the server hardware maintenance market in violation of U.S. antitrust law.

This may be a new policy for Oracle, but it is consistent with past practice by Sun prior to its acquisition by Oracle in January 2010. In the past, Sun attempted to justify that policy as an effort to protect its trade secrets from disclosure to third parties who may try to misappropriate the information, thereby damaging Sun’s business. Oracle likely will try to justify the new policy in the same way. However, that justification seems dubious, since third-party maintainers generally do not compete with Oracle as software publishers or hardware manufacturers, and even if there were a security concern, it is one that could be addressed more efficiently with an appropriate confidentiality and non-disclosure agreement.

Oracle customers and business partners may want to keep an eye on the DOJ’s response to the SIA’s appeal and on any other legal developments related to this issue.

No one questions the prevalence and increasing reliance on social media from a corporate perspective. Earlier this year, PR firm Burson-Marsteller released a study of 100 of the top Fortune 500 companies and found that upwards of 75% of the companies use blogs, YouTube, Facebook or Twitter to communicate with their clients or stakeholders. Personal use of social media sites continues to rise as well, with the Pew Internet & American Life Project finding social networking use by users 18-24 at 86%, while use by users 50-64 at a surprising 42%. Along with this increased use come rising concerns of privacy issues on social media sites. One has to look no further than two of the Internet’s behemoths, Facebook and Google, to understand the privacy risks associated with social media.

Now, U.S. Courts are beginning to weigh in on social media, potentially highlighting a new privacy concern. In September, a New York court considered a discovery request by the defendant for the current and historical content of the plaintiff’s Facebook and MySpace profile. The court found that despite the plaintiff’s privacy concerns, the defendant’s need for access to the information contained in the profile outweighed that privacy right. In doing so, the court found an analogy for posting material to a social media site, even one restricting access, to a Second Circuit case where the appeals court found that individuals have no expectation of privacy for e-mails.

For corporations, there is the potential for this kind of finding to extend to social media accounts accessed by employees while at work. A 2010 Trend Micro study found that social media use in the workplace has risen from 19% to 24% in the past two years, and it is not hard to predict that number will continue trending up. For companies seeking to protect themselves from this discovery risk, a corporate Acceptable Use Policy (AUP) should be implemented either prohibiting social media use in the workplace or outlining very specific and acceptable uses of these sites while at work. Factors such as company size, technological capability, and corporate culture should be considered when developing an effective AUP. Experienced counsel should be able to help in the design and implementation of an effective AUP, which would mitigate some social media risks.