Archive for June, 2014

IT Contracts – Conference in Calgary

By Richard Stobbe

On October 14 and 15, 2014, I will be presenting on “Drafting IT Agreements” at the Essentials of Commercial Contracts (Calgary) Conference. This conference will discuss the legal and business framework of commercial contracts, negotiations and practical drafting tips.

The session on information technology (IT) contracting will review key considerations in IT licensing and service agreements, various models for licensing software, the overlap between licenses and service agreements, service level metrics and remedies for non-compliance, the use of  Statements of Work in IT agreements, as well as related issues: privacy, vendor lock-in, third party and open source software.

For more information, contact me or click on the link above.

Calgary – 05:00 MST

No comments

An American Attorney in Canada (Part 2: Anti-Spam)

By Richard Stobbe

Canada and the USA. We enjoy the world’s longest undefended border… a border that unfortunately does not screen spam.

If you are an American attorney with US clients doing business in Canada, then you should be aware of a few things, like our lack of imaginative legislative acronyms, such as the CAN-SPAM Act (from Controlling the Assault of Non-Solicited Pornography And Marketing) (…or while we’re at, who can forget the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property (PROTECT-IP) Act, or the Enforcing and Protecting American Rights Against Sites Intent on Theft and Exploitation (E-PARASITE) Act).

Secondly, you should be aware that Canada’s incoming anti-spam law, known unimaginatively as CASL (Canada’s Anti-Spam Law) is coming into force next week, on July 1, 2014. Here are some pointers for US counsel:

  • Remember, an organization’s compliance with CAN-SPAM does not necessarily mean compliance with CASL. This is because of a number of important points of departure between the two laws. Canada’s law has been described as among the strictest internationally.
  • CASL broadly covers all “commercial electronic messages” and is not restricted to email, as is the case with CAN-SPAM. Thus, CASL is broad enough to capture text messages, social media messaging and other forms of electronic messages.
  • CAN-SPAM permits a “negative option” approach to consent, in which toggle consent boxes can be pre-clicked and the user has the ability to opt out by “un-clicking”. CASL prohibits such an approach and requires express consent with an opt-in mechanism.
  • Statutory penalties under CASL are more severe (up to $10 million for organizations, and up to $1 million for individuals), and the law also establishes a broader private right of civil action (which will come into effect in the future).
  • Lastly, CASL does provide for personal liability for directors and officers.

For more information on the application of this law to American businesses, contact Field Law.

Calgary – 07:00 MST

No comments

Supreme Court of Canada on Internet Privacy

By Richard Stobbe

The Supreme Court puts it mildly in its opening line: “The Internet raises a host of new and challenging questions about privacy.”

One of those questions is whether an IP address can be considered personal information. An internet protocol (IP) address is the unique numeric identifier of a particular computer and, in a wider sense, can be any node or point in the internet generally. In the recent case of R. v. Spencer, 2014 SCC 43, the Supreme Court of Canada (SCC) considered whether there is a reasonable expectation of privacy in ISP subscriber information including IP address information.

In this case, police identified the IP address of a computer that someone had been using to access child pornography.  Police approached the ISP and obtained the subscriber information associated with that IP address. At this point, no warrant was issued. This led them to the accused  and a warrant was issued for a search of his residence. The accused was charged and convicted. The SCC indicated that in this case, there was a reasonable expectation of privacy in the subscriber information, including the IP address.

Since the search of the subscriber info was obtained without a warrant, the search violated the Charter. While a warrant was eventually issued for a search of the accused’s residence, that warrant could not have been obtained without the original (warrantless, unconstitutional) search of the ISP subscriber information. Since the original search was unconstitutional, it follows that the search of the residence was also unconstitutional. This all leads to the exclusion of the evidence found at the residence.

Nevertheless, the SCC said that, even in light of all of the above points, the “police conduct in this case would not tend to bring the administration of justice into disrepute.”  The court concluded, in essence, that excluding the evidence would be worse than allowing that unconstitutional search. The admission of the evidence was therefore upheld.

A few key points to note:

  • Terms of Use and Privacy Policies are carefully reviewed and taken into account by the court in these cases.
  • In this case Shaw was the ISP. Shaw’s Privacy Policy said that “Shaw may disclose Customer’s Personal Information to: . . . a third party or parties, where the Customer has given Shaw Consent to such disclosure or if disclosure is required by law…”  The initial warrantless search by the police was not “required by law” (in the sense that it was merely a request and police had no way to legally compel compliance). This contributed to the court’s conclusion that there was a reasonable expectation of privacy on the part of the accused.
  • This contrasts with the decision by the Ontario Court of Appeal in R. v. Ward 2012 ONCA 660, where the court held that the provisions of PIPEDA were a factor which weighed against finding a reasonable expectation of privacy in subscriber information. That was another child pornography case. In that case, the ISP was Bell, whose terms said “[Bell Sympatico will] offer full co-operation with law enforcement agencies in connection with any investigation arising from a breach of this [Acceptable Use Policy].” There was no reference to disclosures “required” by law.  In that case, the accused has a subjective expectation of privacy, but that expectation was not objectively reasonable in light of his criminal activities.
  • Consider reviewing your privacy policies and your organization’s ability to disclose subscriber information in light of these decisions.

Calgary – 07:00 MST

No comments

The Transitional Period & Implied Consent Under CASL

By Richard Stobbe

If the term “CASL compliance” is giving you a nervous twitch, you’re not alone. Many small and medium-sized businesses in Canada are scrambling to prepare for Canada’s Anti-Spam Law (CASL), whose official title says it all – especially the part about “efficiency and adaptability” (take a deep breath before you read “An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act“).

Two weeks from today, on July 1st, the first stage of the new law will come into force. The implied consent provisions in Section 66 create a transitional period.

For a period of three years after July 1, 2014, consent is implied for all “commercial electronic messages” (CEMs) if the sender and the recipient have a pre‐existing business or non-business relationship and that relationship previously included the exchange of CEMs.  Consent can be withdrawn by the recipient at any time during that three‐year period. Note that “commercial electronic messages”, “existing business relationship” and “existing non-business relationship” all have special definitions in the legislation.

While this transitional period only lasts for 36 months, it allows a sender of CEMs to rely on prior relationships that reach back in time. The regular implied consent provisions only permit a sender to rely on a two-year window – in other words, implied consent depends on an existing relationship during the two-year period before the CEM is sent (or only 6-months in some cases).

In recent information sessions, the CRTC has indicated that the Section 66 transition provisions do not impose those two-year or 6-month rules: “So what Section 66 does is during that transition period of three years, the definitions of existing business relationship and existing non-business relationship are not subject to the limitation period, which are six months and two years that would otherwise be applicable. So in theory, if you meet the definition of existing business relationship or existing non-business relationship and there’s the communication of CEMs between the individuals, you could go back 25 years in theory.” [Link to transcript.]

Don’t think the transitional period lets you off the hook. Every organization should be preparing for CASL for a July 1st start date. If you need assistance on reviewing the scope of your obligations, how the law applies, and how the transitional provisions might apply to your organization, contact us.

Calgary – 07:00 MST

No comments

An American Attorney in Canada (Part 1: Copyright)

By Richard Stobbe

Okay, so maybe it’s neither as romantic as Gershwin’s “An American in Paris“, nor as historical as Mark Twain’s “A Connecticut Yankee in King Arthur’s Court,” but many US lawyers do find themselves facing legal issues in Canada. US practitioners who deal with Canadian legal matters must take note of a few common pitfalls. In this series, we review some of the most common misconceptions and flag a number of important tips in the area of cross-border intellectual property law:

  • Copyright Law – both countries are party to the Berne Convention for the Protection of Literary and Artistic Works and both copyright regimes cover the same basic categories of protection. In Canada, the Copyright Act protects original literary works, dramatic works (including choreographic works), musical and artistic works, computer programs, performances, sound recordings and communication signals. The scope of protection the USA is roughly the same.

.       A few tips on copyright:

  • The term of protection in Canada the life of the author plus 50 years. In the US, the term of copyright is based on the author’s life plus 70 years. There are variations that will impact the duration of protection, but that important distinction is worth noting.
  • If a work is protected by copyright in Canada, it can benefit from protection in the US under the Berne Convention, and vice versa.
  • Under the American DMCA, a notice-and-takedown system was implemented for the treatment of copyright infringement claims online. In recent amendments to the Canadian Copyright Act, a so-called notice-and-notice regime has been created. While these provisions are not in force, they are expected to be in force in January 2015.  Once implemented, a notice of online infringement would trigger an obligation to pass along notice of infringement, but not necessarily an obligation to takedown the allegedly infringing material. Under this system, there are penalties for failure to forward the notice of infringement.
  • The concept of “works made for hire” does not appear in the Canadian Copyright Act. Employers in Canada, or US employers of Canadian employees, can rely on a provision (Section 13(3)) which stipulates ownership of works that are created in the course of employment are owned by the employer.
  • Joint ownership of copyright is handled differently in Canada and the US – let’s use software as an example. In Canada, generally speaking, a co-owner of copyright cannot license the rights to the software without the consent of the other co-owner, whereas in the US, a co-owner can license without consent.

For advice on cross-border intellectual property issues, contact Canadian counsel at Field Law.

Calgary – 07:00 MST

No comments

Intellectual Asset Management Best Practices – Part 1

By Richard Stobbe

Does your organization have “intellectual assets”? Regardless of what your organization does – whether it is a service-based business, or in the manufacturing sector, whether it is driven by cloud-based software or bricks-and-mortar locations, whether it is a multinational or a local start-up – chances are good that you can start to list the intellectual capital that has value in your organization. What do we mean by “intellectual assets”? There are many definitions, but one broad definition is simply “knowledge that has value in your organization”, and it can encompass:

  1. Human know-how and intellectual capital – the unwritten expertise, experience, concepts and technical knowledge that employees have in their heads; and
  2. Intellectual assets, including registered and unregistered intellectual property (IP) – this includes the codified or “captured” knowledge that adds to your organization’s value, such as trade secrets that might be captured in internal processes, manuals, design specifications, software source-code and other unpublished know-how, as well as the value represented by:
    • Patents (including Canadian and international applications and issued patents);
    • Copyright-protected works (including published and unpublished written works);
    • Trademarks (including logo designs, registered and common law marks);
    • Industrial designs, and other forms of registered intellectual property.

Some organizations are better at managing and obtaining value from their intellectual assets. What are the best practices for the management of these assets? In this series, we’ll review current best practices for management of intellectual assets as a competitive tool. Experts in the area of intellectual asset management have identified several layers or tiers of sophistication in the handling of such assets. Therefore, while a start-up inventor may certainly learn from the approach of Apple, Inc., each organization must look at best practices from the perspective of their organization, their resources and their stage of development. As a starting point, the following three steps lay the groundwork for future steps of IP management and value creation:

1: Conduct an Audit

The first step in any organization that is new to intellectual asset management is to conduct a review of existing assets. This is also a great exercise for organizations whose IP portfolio may be evolving – perhaps through recent growth, acquisitions, internal research and development (R&D) or divestiture. This step seeks answers to issues such as:

  • What does the organization own, and what is merely licensed? What are the gaps in intellectual assets?
  • Review unpatented inventions, patent applications, issued patents.
  • Review software developed by or for the organization.
  • Identify trade-secrets, focusing on non-public information that adds specific value to the organization, including intangibles such as customer lists, processes, early-stage prototypes, and strategic plans.
  • What non-disclosure agreements or confidentiality obligations has the organization agreed to?
  • Is the organization party to any IP licenses (in- or out-licenses)? Are there any co-development or joint venture agreements that involve IP creation?
  • Identify the organization’s trademarks, logos and brands. Note registered and unregistered marks in use by the organization in different jurisdictions.

This audit or portfolio review process may start as a simple list, and may evolve into a more detailed table or spreadsheet. It may involve more sophisticated tracking systems which are maintained with IP counsel, to track patent maintenance fees and deadlines.

2: IP Education

An organization must also educate its personnel on the strategic importance of intellectual property within the organization.

This is a process of raising awareness and providing education about the different types of intellectual property and the organization’s policies related to these assets. This must involve the leadership of the organization and it may even trickle down to “front line” personnel. It should involve the integration of intellectual property strategy into overall business strategy, or if that IP strategy is already in place, it may involve internal education sessions and policies, such as confidentiality and invention disclosure policies. In some cases, it involves a process of educating professional advisors about the strategic role of IP in the organization.

IP counsel can play an important role to provide education, and to be a resource for developing internal policies, reviewing agreements, and drafting contractual provisions.

3: Implementing “Make versus Buy” Decisions

The next step can certainly happen in tandem with the other steps of IP portfolio analysis, and IP education. Many organizations are continuously innovating in their industry as they seek to gain and maintain their competitive advantage. However, not all organizations have the capacity to innovate internally. A medium-sized company may not have the R&D strength of its competitor, but it may still use strategic decisions to leverage the value of intellectual assets and gain an edge over competitors. Ultimately, the decisions on how to innovate involve a “make versus buy” decision. Through a screening process, an organization can weigh the various factors that influence its decision to pursue an innovation opportunity. At this stage, the organization is looking at factors such as:

  • Are ideas and inventions emanating from within the organization? This is certainly enhanced when the IP education and awareness is part of the organization’s culture.
  • What is the value of these ideas and inventions, as against the cost of developing the idea to a commercial product?
  • Is this a core or non-core function for this organization?
  • Is it more cost-effective for the organization to internally develop this as a product or innovation, to pay someone else to develop it, or to license it in from another company?
  • If it is internally developed, is IP protection available, and what type of protection will it be? Is it eligible for patent protection?

Here is one example of how these different pieces may fit together:

Let’s say an organization has reviewed and listed its trade secrets during an intellectual asset audit. In the course of this process, it learned that trade secrets formed an important part of the organization’s competitive advantage, but there was a lack of any internal confidentiality policies, nor was there any invention or idea disclosure process. With the help of counsel, it developed an internal confidentiality policy, as well as a modest reward system for idea disclosures. The CEO directed IP counsel to provide a lunch-and-learn session for employees, including those in the sales team. Employees were educated about their role in the organization’s value-chain, and the importance of maintaining secrecy over confidential information and innovative ideas. After the education sessions, someone in sales came forward to describe an idea for product improvement based on recent feedback from customers. This idea was filtered through the company’s “make versus buy” decision process, leading to a product improvement which was determined to be patentable. This patentable improvement blocked competitors from adopting this product change. The company’s confidentiality policy emphasized the importance of maintaining secrecy over the improvement until the patent application was filed and the product improvement was released for sale.

To discuss the importance of intellectual assets within your organization, contact Richard Stobbe in our Intellectual Property and Technology Group.

Calgary – 07:00 MST

No comments

Risk Management – a roundtable discussion

Field Law sponsored the Canadian Lawyer magazine’s in-house general counsel roundtable, moderated by Jennifer Brown: see this link. The participants – from the University of Calgary and technology-driven companies Pason Systems Corp. and Trican Well Services – discuss how risk management is addressed in their organizations.

Calgary – 07:00 MST

No comments