By Christopher Barnett
Scott & Scott LLP

Microsoft is in the process of transitioning many of its volume-licensing customers from the Select Plus Agreement to the new Microsoft Products and Services Agreement (MPSA). (More information on the transition framework is available here.)

A notable difference between the Select Plus Agreement and the MPSA is that the MPSA is self-contained and is not signed subject to a master agreement, such as a Microsoft Business and Services Agreement (or its predecessor, the Microsoft Business Agreement). Under Select Plus (and still under the Microsoft Enterprise Agreement), most of the important, substantive legal terms associated with the licensing relationship were contained in the MBA/MBSA. Those terms included Microsoft’s duty to defend against certain third-party claims, limitations of liability, and governing law, among others. They also included Microsoft’s audit rights.

Unfortunately for Select Plus customers, though consistent with Microsoft’s notorious habit of steadily making its agreements less and less advantageous for its customers, the audit terms contained in the MPSA are significantly more onerous and markedly less reasonable than were the corresponding terms in past master agreements. A comparison of the MPSA terms to the terms in an MBA (which still remain in effect for many Microsoft customers) reveals the following:

1. Under the MBA, Microsoft could initiate an audit only during the term of a license agreement and for one year thereafter. There is no such limitation in the MPSA. The practical effect of that difference may be somewhat less significant for MPSA customers than it would be, for example, for Enterprise Enrollment customers, since the MPSA has no defined term. Nevertheless, if an MPSA customer were to decide in the future that it wanted to cancel the MPSA, the audit rights in the MPSA would remain in effect in perpetuity. (It is worth mentioning that Microsoft’s current MBSA also contains no time limitation on audits, so Enterprise Agreement customers face the same problem under the default terms.)

2. Under the MBA, Microsoft’s auditors were required to be subject to “a confidentiality obligation.” We often have relied on that language in advising our clients to obtain non-disclosure agreements with auditors before the commencement of audit activity. There is no corresponding language in the body of the MPSA.

3. Under the MBA, Microsoft was required to provide advance notice of audits, which had to be conducted during normal business hours and “in a manner that does not interfere unreasonably with [the customer’s] operations.” There are no such requirements in the body of the MPSA.

4. The MPSA requires the customer to “promptly provide any information reasonably requested by the independent auditors retained by Microsoft in furtherance of the verification, including access to systems running the Products.” There was no such specificity in the MBA, and there certainly was no requirement for the customer to provide “access” to its computer systems. Especially for licensees in heavily regulated industries, that term may conflict directly with applicable obligations related to IT security.

5. The MPSA indicates: “Additional details about the [audit] process are included in the Licensing Manual.” The Licensing Manual is defined as “the statement published by Microsoft (updated from time to time) at the Licensing Site. The Licensing Manual includes details about the processes supporting this Agreement.” The Licensing Manual (currently available here) includes the notice, confidentiality and “unreasonable interference” audit terms that, as noted above, otherwise are missing from the body of the MPSA. However, the MPSA states: “…Microsoft may change the…Licensing Manual from time to time, subject to the terms of this Agreement.” The MPSA does not contain any stated limitations on Microsoft’s right to change the Licensing Manual. Therefore, the durability of the procedural audit protections noted in the MPSA is wholly subject to Microsoft’s discretion.

6. Finally, under the MBA, in the event that “material unlicensed use” was found, the licensee was required to purchase any necessary licenses at retail rates. Under the MPSA, that purchase must be made at 125% of prices then available to the licensee. That upcharge could lead to significantly higher compliance costs following an audit. (Bear in mind that Microsoft typically does not accept uninstalling software as an acceptable remedy for unlicensed usage – license purchases almost always are required.)

In my opinion, the MPSA’s audit language is wholly unacceptable. Before accepting the agreement, my recommendation would be to insist on amendments addressing the above concerns. However, many current Select Plus customers with agreements that now are set to be terminated may find that they have little leverage to demand any changes to the default terms. Since the MPSA does not require a three-year purchasing commitment (like an Enterprise Agreement), Microsoft may have little up-front incentive to negotiate reasonable and appropriate revisions to the agreement terms.

Finally, the above concerns related to audit terms are in addition to indemnification and limitation-of-liability language in the MPSA that also may be inadequate, especially if the customer has plans to invest heavily in Microsoft’s Online Services offerings (e.g., Office 365 and Azure).

Current Select Plus customers need to carefully weigh their licensing needs and alternatives before moving forward with any significant expenditures under an MPSA.

Employers generally embrace a policy of utilizing at-will employment as often as possible, where employers and employees can end their relationship with each other at any time and for any (legal) reason, writes F. Kytle Frye III of Fisher & Phillips LLP in an article posted on JDSupra.com. Written employment contracts are usually reserved for select executives and a few professionals.

“Numerous states, often through judicial pronouncements, have recognized varying exceptions to the at-will employment concept, such as allowing employees to challenge their termination as a violation of public policy,” he writes.

“The 8th Circuit Court of Appeals recently published a decision which sharply limits the application of the public policy exception. Interestingly, this limitation does not apply to at-will employees, but to employees with employment contracts. Somewhat ominously, the decision does not extend to all such contracts, creating an air of uncertainty for any healthcare business with employment contractual situations.”

Read the article.

Lawyers with Dallas-based Gruber Hurst Elrod Johansen Hail Shank won a $33 million verdict in a gas transportation contract dispute and a $28 million verdict in a fraud/fiduciary breach claim in the oil patch in recent weeks.

A Minnesota federal court has entered a $32.9 million judgment on behalf of Great Lakes Gas Transmission Limited Partnership, a Houston-based interstate natural gas pipeline company, finding that an Indian conglomerate violated the company’s contract to provide natural gas transmission services. The judgment was entered on September 16 by U.S. District Judge Susan Richard Nelson, following a jury trial in Duluth.

“This case has been resolved after more than six years of attempts by the defendants to avoid the simple principle of honoring a written contract,” says attorney David W. Elrod of Gruber Hurst Elrod Johansen Hail Shank, who represented Great Lakes throughout the litigation. “Given the issues involved and the size of this judgment, the case offers important precedents for determining an appropriate discount rate in future litigation involving long-term contracts, as well as federal court jurisdiction.”

In the other case, a Texas jury has awarded more than $60 million to two groups of oil and gas investors who were defrauded of significant profits from oil and gas production leases covering thousands of acres in West Texas. The Aug. 19 verdict includes more than $28 million awarded to Lowry Hunt of Mansfield’s L.W. Hunt Resources and Richard Raughton of Fort Worth, and is believed to be the largest ever in Fisher County and the surrounding counties.

The 3½-week trial heard in Judge Glen Harrison’s 32nd District Court included evidence that attorney Kerwin Stephens of Stephens & Myers in Graham and Abilene oilman Chester Carroll of Alpine Petroleum concocted a fraudulent scheme to cut existing partners out of an oil and gas partnership and take the profits for themselves.

Maintaining a complete chain of custody record involves multiple types of documentation, reports Indiana lawyer Helen Geib for QDiscovery. What types are used in a particular case depends on what the evidence is and how it’s handled. These are the five major categories of ESI chain of custody documentation.

a) Collection forms – Collection forms should record:

– Client, case or project name, and client-matter number;
– Date and time, location, and the name of the collection technician;
– The copying programs and/or other collection tools used;
– Description of collection target (e.g., network share, cell phone);
– Custodian name or similar identifying information for the data source;
– Details about the collection such as the number of files copied and errors;
– Description of destination media (e.g., external hard drive with inventory number);
– Unique project and collection tracking numbers; and,
– Any pertinent notes about the collection.
– You can download a sample PDF copy of the QDiscovery collection form at http://qdiscovery.com/images/QDiscovery_Data_Collection_Form_Sample.pdf.

b) Photos – Photos should be taken of physical evidence, electronic devices, and media like hard drives and DVDs. In the ESI context, this typically means photos of labels and any noticeable damage such as a bent cell phone casing.

c) Delivery and shipping logs –A combination of logs and forms is used to document basic information like date, sender and recipient, courier/shipper, and tracking number. Shipping labels and packaging are typically documented with photos, although these may also be scanned or even stored as-is, space allowing.

d) Transfer and handling logs – Evidence intake, check-in/check-out, and hand-off is documented with logs recording the what, who, when, where, and why of the transfer. The “what” of electronic devices and physical media includes a description of the item (e.g., make and model, serial number), any labels, and a list of peripherals like power cords. The “what” of ESI is data volume/file size and other information sufficient to identify the data, such as custodian name, folder name, how it was transmitted, and hash value.

e) Software logs –Copying and other ESI-related software programs automatically generate various verification, tally, and error logs. These are programs used for:

-Making forensic images of computer hard drives and other electronic devices and media;
-Copying electronic folders and files;
-Forensic examination of physical evidence or in the ESI context, electronic devices, media, and files;
-ESI processing in connection with using a document review database; and,
-Generating document production sets.

f) Other supporting documentation – The final type is supporting documentation about chain of custody procedures, software tools, and evidence repositories. For example, validation documentation is available for forensics software and hardware. This category also includes forensic lab best practices and security protocols for evidence lockers and media storage rooms.

Texas-based family law boutique Orsinger, Nelson, Downing & Anderson, LLP announces the addition of former state district judge Marilea Lewis and Lon Loveless. Both attorneys are well-known for their work in family law, the firm said in a release.

“Marilea and Lon are among the very best family law attorneys in Texas and their experience will only enhance the expertise that our clients expect from our firm,” says partner Keith Nelson. “It is rare that you have the opportunity to simultaneously add two such accomplished attorneys, and we are excited to be working together.”

“Having tried a number of cases before Marilea when she was sitting as a district judge, I know firsthand the legal acumen she brings to our firm,” says partner Scott Downing.

Both attorneys join the firm from the civil litigation powerhouse Godwin Lewis PC, where Lewis was a name shareholder and head of the family law practice and Loveless was a shareholder.

“I have known and admired the Orsinger, Nelson, Downing & Anderson leadership team for many years. The opportunity to join such an established, respected boutique that focuses solely in my practice area was simply too good to pass up,” says Lewis.

Lewis served two terms as judge of the 330th Family District Court in Dallas from 2002 to 2010 after serving as the court’s associate judge from 1992 to 2002. She also served as the Associate Judge of Dallas’ 305th District Court from 1986 to 1992. In addition to her family law practice, she is a certified general and family practice mediator.

Loveless’ practice is devoted to all areas of family law litigation, including divorce, complex property division, and issues of child custody, visitation and support.

“The attorneys at Orsinger Nelson represent the very best in the practice of family law,” says Loveless. “I am very excited to start the next chapter of my career here.”

“I am excited and proud to welcome two lawyers who are at the top of their game with such distinguished reputations. They will be great additions to our firm,” says partner Jeff Anderson.

Gardere Wynne Sewell LLP has been ranked in the 2016 edition of U.S. News & World Report and Best Lawyers “Best Law Firms.” The firm is recognized nationally in 15 categories, with National Tier 1 rankings in Bankruptcy and Creditor Debtor Rights/Insolvency and Reorganization Law, as well as Trusts and Estates Law. Additionally, 34 of the firm’s practice areas received Metropolitan rankings.

“U.S. News recognizes the country’s most prestigious law firms with its annual ‘Best Law Firms’ rankings, and we are honored to be included alongside other industry leaders and innovators,” says Gardere Chair Holland N. O’Neil. “The number of practices included on the list speaks volumes to the Firm’s results-driven culture and ongoing commitment to client service.”

Gardere earned National rankings for the following practice areas:

Bankruptcy and Creditor Debtor Rights/Insolvency and Reorganization Law
Commercial Litigation
Corporate Law
Employee Benefits (ERISA) Law
Environmental Law
Litigation – Bankruptcy
Litigation – Securities
Litigation – Tax
Mergers & Acquisitions Law
Oil & Gas Law
Real Estate Law
Securities/Capital Markets Law
Tax Law
Technology Law
Trusts & Estates Law

Gardere also earned Metropolitan rankings for the following practice areas:

Administrative/Regulatory Law
Banking and Finance Law
Bankruptcy and Creditor Debtor Rights/Insolvency and Reorganization Law
Commercial Litigation
Corporate Compliance Law
Corporate Governance Law
Corporate Law
Criminal Defense: White-Collar
Employee Benefits (ERISA) Law
Employment Law – Management
Energy Law
Environmental Law
Family Law
Government Relations Practice
Information Technology Law
Insurance Law
Labor Law – Management
Leveraged Buyouts and Private Equity Law
Litigation – Antitrust
Litigation – Bankruptcy
Litigation – Environmental
Litigation – Intellectual Property
Litigation – Labor & Employment
Litigation – Securities
Litigation – Tax
Mergers & Acquisitions Law
Oil & Gas Law
Patent Law
Product Liability Litigation – Defendants
Real Estate Law
Securities/Capital Markets Law
Tax Law
Technology Law
Trusts & Estates Law

U.S. News – Best Lawyers “Best Law Firms” rankings are based on a rigorous evaluation process that includes client and lawyer evaluations, peer reviews from leading attorneys in their fields and additional information provided by law firm submissions. To be eligible for a ranking in a particular practice area and metro region, a law firm must have at least one lawyer included on the 2016 edition of The Best Lawyers in America for that practice area and location.

Akerman LLP has announced the launch of a national Fraud & Recovery Practice Group, resulting in what it calls one of the most comprehensive, multidisciplinary legal teams devoted exclusively to fraud and recovery to be established by a national law firm.

In a release, the firm said the new team leverages the combined strengths of lawyers from the firm’s litigation, healthcare, bankruptcy, and data law practices, including a formidable group of trial and appellate lawyers with substantial experience litigating fraud cases in state and federal courts throughout the United States.

“Together the group provides comprehensive fraud management services for large insurance companies and self-insured retailers, including detection, investigation, and litigation of complex schemes and unfair and deceptive practices.” the release says. “The team also handles corporate theft, and recovery after data breach, with a focus on financial losses, and has particular experience in all aspects of liquidating Ponzi schemes.”

The group is led by co-chairs David I. Spector, who has reshaped case law in affirmative fraud investigation and litigation, and Michael I. Goldberg, who is qualified as an expert witness on Ponzi schemes and has liquidated some of the largest recoveries in U.S. history.

Read the complete announcement.

, the firm said in a release. Among the group is Kent Adams, the new regional managing partner of both offices.

Accompanying Adams are Allison Edwards, Tracy Freeman, Michael Jacobellis and Kristie Johnson, who will be named partners on January 1, 2016; Of Counsel State Representative Sarah Davis and Ronald White; and Associates John Busch and Cedar Manganiello. Attorneys Russell Heald and Ross Jones, also to be named partners on January 1, 2016, are located in the Beaumont office.

“We couldn’t ask for a more respected, capable team to join our firm,” said Daniel J. McMahon, Wilson Elser’s chairman. “Our aligned practices, combined with their national reach and the synergies among our attorneys in Texas and throughout the country, significantly increase our client-service capabilities in a number of key service areas.”

Practices represented among the new Wilson Elser attorneys include Admiralty & Marine, Commercial Litigation, Construction, Energy, General Liability & Casualty, Insurance & Reinsurance Coverage, Insurance & Reinsurance Defense, Product Liability, Professional Liability, Toxic Tort, Transportation and a London Market group.

“This is an exciting time for us,” said Adams. “We have joined a firm with attorneys we deeply respect and a culture that enables us to leverage litigation acumen and trial skills across practices and around the country to provide our clients with unmatched full-service legal solutions. We have known Wilson Elser attorneys for years and are happy to now call them our colleagues.”

“The acquisition of this group is part of Wilson Elser’s firmwide strategic growth initiative,” said Stratton Horres, regional managing partner of the Dallas office and the partner in charge of lateral hiring. “Throughout 2015, we have bolstered our traditional insurance-related practices as well as our nontraditional business lines, such as domestic and cross-border commercial services and intellectual property, among others.”

“With offices in Dallas, Houston, Beaumont and a newly opened Austin office, and with a deep bench of skilled attorneys, Wilson Elser has a formidable presence throughout Texas to service clients across all practice areas,” added Horres.  “I look forward to working with Kent on implementing our shared vision for the firm of continued growth throughout the state of Texas and the southwest region.”

Clearwater Compliance will present a complimentary webinar featuring industry experts discussing how to assess specific security risks and build a strong business case for enhanced security.

The webinar, titled “How to Calculate the Cost of a Data Breach and How to Get the Budget for Your HIPAA-HITECH Compliance Program,” will be Dec. 3, 2015, from 11 a.m. to 12:15 Central time.

“Even with the increased enforcement of HIPAA and HITECH requirements and the increase in penalties being levied for non-compliance, the security efforts of health care organizations responsible for safeguarding protected health information (PHI) are simply not keeping pace with the growing risks of unauthorized or impermissible disclosures of PHI,” the company says on its website. “Those risks are increasing as a result of the expansion in the number of organizations handling PHI and thus statutorily-obligated to comply with HIPAA, the increase in electronic health record (EHR) adoption and the growing rewards of PHI theft.”

Register for the webinar.

As the market shifts from on-premises to cloud deployment, the risk of getting locked into a disadvantageous cloud contract increases for three main reasons, according to a report by  R. “Ray” Wang with Constellation Research.

“Cloud apps have dominated new license sales in the enterprise applications market in recent years.” he writes. “Constellation estimates that 93 percent of all new enterprise software license sales offer a cloud deployment option.  In the cloud model, buyers do not own the software license. Instead, the software is leased and accessed, while the purchaser owns the data.”

He discusses the three main reasons behind the risk of getting locked into a vendor.

Read the article.

Most contracts in the construction industry supply chain require the “downstream” project participant to indemnify those “upstream” against a spectrum of losses or claims relating to the project, write Shawn M. Doorhy and Patrick J. O’Connor, Jr. on the website of Faegre Baker Daniels LLP.

“Upstream participants, such as owners and general contractors, naturally seek the broadest indemnity available under the circumstances. It is not uncommon for owners and general contractors to draft broad indemnity agreements seeking protection from loss due to the indemnitee’s own direct fault,” they write. “Whether this can be successfully accomplished depends on a number of factors, including the specific language used and the law of the applicable jurisdiction.”

They add that — because indemnity agreements often are strictly construed against the party seeking indemnification — careful drafting is especially important.

Read the article.

Read a sponsored post from Gardner Haas.

By Rob Scott
Scott & Scott

I am a lawyer in a boutique law firm that specializes in technology law matters. I support some of the world’s largest legal departments on IT procurement projects. The one inescapable trend I have seen in technology transactions is the prominence of risk balancing provisions in contracts. One of the most notable risk-balancing provisions is the limitations of liability. Historically, IT services and software were offered “as-is” or on a “best-efforts” basis with sweeping limitations of liability in favor of the vendor. For software purchased for on-premises deployment, such limitations of liability were generally accepted by customers. Today, the risk profile of most technology transactions has changed due to increased legal regulation of customer data. In response to this increased risk profile, the market adapted by tying limitations of liability to the revenue paid by the customer under the contract for either a trailing six or twelve months prior to an incident. Sophisticated customers objected to revenue-based limitations of liability because the potential claims scenarios involving data privacy and business continuity substantially outweighed the revenue paid.

As customers demanded greater risk balancing, sophisticated service providers secured professional liability insurance also known as cyber-liability coverage that protected each of the provider’s customers for a single annual premium tied to revenue. For SMB and mid-market deals most of my clients require vendors to carry adequate professional liability insurance to cover likely claims scenarios including data breach incident response, class action response, and regulatory response. Contractual risk balancing is achieved by limiting liability to the proceeds of insurance or a combination of the proceeds of insurance and some multiple of revenue for uncovered claims. For these reasons, limitations of liability provisions need to be reviewed in tandem with the indemnity provisions and the insurance provisions.

The cleanest way to accomplish risk balancing using professional liability insurance is to clearly define the insurance coverage, draft the indemnity provisions to be as broad as the coverage grant, i.e. all claims arising from the services, and craft the limitation of liability so it does not limit the client’s access to the insurance. Insurance provisions should clearly require the provider during the term and for period of one year after expiration, to carry professional liability including cyber liability coverage for data loss remediation, data breach incident response, crisis management, and regulatory response with an aggregate limit no less than the probable claim scenario amount. Even with good insurance language, narrowly crafted indemnity or limitations of liability provisions can be invoked by carriers to limit the availability of insurance proceeds in the event of a claim. I like to mirror the coverage grant language from the cyber liability policy directly into the indemnity provision so it is clear that the provider’s indemnity obligation is identical to the risk that has been transferred. Finally, the limitation of liability has to be crafted so that is tied to the proceeds of insurance or contains a carve-out from broader limitations for covered claims.

Limitations of liability tied to professional liability solves a portion of the risk balancing problem, but it does not solve the risk balancing problem for uncovered claims or for large vendors that do not carry professional liability coverage. When dealing with large vendors, third-party insurance is less common. Providers like Microsoft for example, do not agree to carry third-party insurance. In many instances, I have advised my clients to secure first party cyber-liability coverage to cover the increased risk associated with a transaction. Negotiating limitations of liability with these vendors is even more critical and therefore potentially contentious.

As hosting and cloud based services have emerged, risk balancing has become a central negotiating point in almost all technology transactions. The market is moving toward riskier delivery models. Taking advantage of emerging technology without bearing undue risk will be one of the factors that determines who wins and who loses.

There are many ways to measure the success of a contracting cycle, according to an article published by ContractRoom. “For example, the time the contract took to negotiate, the timeliness of the delivery of services and the accuracy and quality of the services delivered are all things that could be measured and considered. But how many of these factors can be used to measure the performance of your internal contract managers? Is it the case that some factors lie outside of their control and should not be considered in managing their overall performance?”

The article says that many of these factors can and should still be considered. It discusses nine factors that should be reviewed.

Read the article.

Zapproved is offering a complimentary recap called “State of Preservation Today” from The Proceedings from the 2015 Conference on Preservation Excellence. Michael Arkfeld moderated the discussion, which included panelists Hon. Xavier Rodriguez, Ariana Tadler and Robert Owen.

Three trends shaping the e-discovery world today, the panel discussed, are big data, the cloud, and mobile.

These trends mean organizations are at greater risk than ever from an e-discovery crisis created by a preservation lapse. Teams need to be in rapid-response, even first responder mode to effectively serve the enterprise. By describing the state of the industry, panelists and audience members set the tone for the rest of the conference, approved said.

Download the recap.

A recent case from the 7th Circuit Court of Appeals discussed an interesting issue of contract interpretation of termination provisions, denying summary judgment and requiring further proceedings, writes Stephen M. Proctor, Vice Chair of the Business Group at Masuda Funai. But the decision also provoked a vigorous dissent that was probably more consistent with the freedom of contract principles (including freedom to make a bad contract) frequently espoused by circuit judges, he added.

The case is Life Plans, Incorporated v. Security Life of Denver Insurance Company, 7^th Circuit Court of Appeals, No. 14-1437, August 31, 2015.

Read the article.

A recent decision by the Patent Trial and Appeal Board (PTAB) has reduced a “covenant not to challenge” clause to mere words on paper, and fails to deter licensees from seeking a review of the licensed patent under the America Invents Act (AIA), write   Lillian Safran Shaked & Asaf Naymark in IPWatchdog.

“Covenant Not to Challenge” clauses are common in patent licenses, they write. “The clause provides that a licensee may not challenge the license in court or an administrative proceeding, and can also provide that the licensee cannot assist others in doing so.”

After discussing the case at length, the authors conclude that there is significant risk of damage to a patent licensor from a post-license IPR challenge, whether or not a “covenant no to challenge” is enforceable. “Given the costs involved and the possibility that unrelated license agreements may also be invalidated or terminated as a result of an IPR, there is need for clarification,” they write.

Read the article.

Information governance solutions provider Zasio Enterprises  announced its inaugural 2015 Information Governance Conference (2015IGC), which will comprise two half-day events in two cities: Portland on Nov. 11, and Seattle on Nov. 12.

Hosted by Zasio, together with Stoel Rives and SecurityMetrics, and with sponsorship from the Association of Information and Image Management (AIIM), this complimentary conference is designed to give individuals who manage information a better understanding of:
*The costs and risks of unmitigated data growth
*Data compromises, prevention techniques and what to do in the event of a hack
(Note: there will be a live hack demonstration)
*Using contracts to protect cloud-based information assets to protect the respective interests of both buyers and vendors
*Best practices for creating proactive, comprehensive, efficient and defensible IG plans
*How to use IG in the real world — what the concepts look like in action when applied to real organizations with real challenges
*How to mitigate risk and ensure legal compliance
*Employing data mapping to identify and track data and mitigate risk

Conference Details: 2015IGC is designed for professionals whose role is to manage or assist in the management and safeguarding of information, such as C-level and executive leadership, general counsels, corporate records managers, records analysts, IT professionals, information security and compliance managers, business analysts, and general business users. The conference dates for Portland and Seattle are as follows:

Wednesday, November 11, 2015 – Portland
Hilton Portland and Executive Tower
921 SW 6th Ave
7:15 a.m. to 12:00 p.m.

Thursday, November 12, 2015 – Seattle
Westin Seattle
1900 5th Ave.
7:15 a.m. to 12:00 p.m.

Sessions and Speakers

Experts will present on the following topics:
“Making the Case for Information Governance: A Three-Part Exploration” by Soo Kang, General Counsel and Director, Consulting Division, Zasio Enterprises
“Hacking Isn’t Hard, Basic Prevention Isn’t Either — A Live Hack Demo,” by Brandon L. Bastian, Esq., Corporate Counsel, SecurityMetrics and Ben Holt, Attorney, Stoel Rives LLP
“We’ve Been Hacked! What Should We Have Done? What Should We Do?” by Hunter O. Ferguson and Elijah M. Watkins, Attorneys, Stoel Rives LLP
“Managing Information Security Risks in Cloud Agreements,” by Andrea H. Jasinek, Attorney, Stoel Rives LLP
“You Can’t Govern What You Can’t See — A Guide to Real-World Data Mapping,” by Warren Bean, Senior Sales Engineer, Zasio Enterprises

“Applying IG principles to mitigate risk and proactively manage information does not have to be complex or confusing,” said Kevin S. Zasio, CEO and president of Zasio Enterprises. “Our goal in hosting this multi-city conference is to help dispel confusion about what IG is from both a policy and implementation standpoint. Attendees will learn about real-world solutions and have an opportunity to get answers to their most pressing IG questions.”

Registration: For more information on either event date and to register for this complimentary conference, visit http://zasio.com/2015IGC/.

By Stephen Ball and Robert Keeler
Whitmyer IP Group

Clients often ask how they can protect themselves from the sale of counterfeit goods. Counterfeiting is pervasive and has grown “over 10,000 percent in the past two decades.”[1] It is estimated that trade in counterfeit goods is likely to rise to 1.77 trillion dollars in 2015.[2] Increasing use of the Internet, combined with new technologies enabling simple and low-cost duplication, have made counterfeiting easier than ever.

While lost sales are the quintessential harm of counterfeiting, the negative impact can be more widespread. A brand can be tarnished when used on counterfeit goods, and goodwill lost if a customer has a negative experience with a counterfeit product they perceive to be genuine. Counterfeiting can also lead to price deflation for many consumer goods. Innovation can also be stymied, as companies have little incentive to invest in research and development if they will be unable to recoup their investment. Counterfeit products also present dangers to unwary consumers and could incur warranty costs and legal liability due to their defective nature. Additionally, a trademark registration can even be canceled if it is not properly policed.[3]

Counterfeiting can no longer be considered a general cost of doing business. Trademark owners must combat the problem to help restore lost revenue and reputation, as well as preserve and enhance the value of intellectual property and customer good-will. The value of a company’s intellectual property can be a significant asset that appreciates each year with continued investment. Even if only a small percentage of it can be restored or preserved the company benefits significantly.

Counterfeiters commonly use Internet websites as a sales channel because they are easy to set up and provide for wide reach. However, the use of the Internet also provides trademark owners with the opportunity to centrally coordinate monitoring of counterfeiting activities. Monitoring online auctions and webpages are crucial to both the assessment of counterfeit activity as well as identifying and stopping the same. While it is not possible to stop all counterfeiting, focused monitoring and enforcement can maximize value through deterrence.

Prompt action should be taken to stop any counterfeiting activities. Actions can be as simple as filing a DMCA takedown request for online copyright infringement, or can even include the filing of civil lawsuits. In fact, the U.S. Chamber of Commerce Coalition Against Counterfeiting and Piracy suggests taking legal action “[e]ven on small counterfeiting cases, [as] taking action through litigation will demonstrate to counterfeiters that they are at risk no matter what the level of sales activity.”[4] At the same time, it is important to defend trademark registrations through monitoring services, which provide the capability to quickly identify and address any use or potential use of a mark before serious harm occurs.

Today, the largest online marketplaces have policies in place protecting consumers from purchasing counterfeit goods, and encourage shoppers to report suspect listings. Amazon and eBay, two of the world’s largest online retailers, even offer restitution to inadvertent purchasers of counterfeit goods.[5] Alibaba Group, China’s largest Internet commerce company, recently released an English-language version of its TaoProtect software. The TaoProtect software makes it easier for companies to monitor Alibaba’s marketplaces not only for counterfeit goods, but for instances of copyright, patent, and trademark infringement as well.[6] Rightsholders need only submit proof of their intellectual property and identify infringing listings. Alibaba Group then either removes the infringing listings or handles any disputes between the rightsholder and seller. Alibaba Group has thousands of employees and volunteers who help to monitor for counterfeits, including an “anti-counterfeit special operations battalion.”[7]

Marketing and educational advertising campaigns can be used to help educate consumers to identify and refuse to purchase counterfeit goods. It can also be beneficial to takes advantage of partnerships with national and international law enforcement agencies in order to train customs officers and coordinate intelligence. In addition, information can be shared with trade associations, which provide a great way for industry leaders to cooperate discuss anti-counterfeiting strategies for stamping out their illicit competitors.

The overall return on investment on monitoring and enforcement activities is directly proportional to success. In some industries, where losses due to counterfeiting are estimated in the billions, the cost is comparatively trivial, and can be recouped quickly through recaptured sales. A strategy can be tailored to specific needs and a specific budget. And since the costs associated with enforcement remain relatively fixed, return continues to increase with market-share and industry growth. In other words, as sales and goodwill are recaptured, the continued return on investment increases as well.

A successful enforcement program can restore lost revenue and market-share, defend and enhance intellectual property value, protect and enhance customer goodwill and brand reputation, and deter counterfeiters. While each of these factors contributes to improve overall company value, they do so in different ways. For instance, recapturing sales previously lost to counterfeiters directly affects a company’s bottom line, while policing a trademark allows the goodwill and branding built up over years of advertising to remain relevant in consumers’ minds. Compared to the alternative, in which sales dry up while branding becomes irrelevant and worthless, strategic enforcement provides a great tool for those seeking to grow their business.

[1] Real or Fake: A Final Word, INTERNATIONAL ANTICOUNTERFEITING COALITION, http://www.iacc.org/real-or-fake-final-word.html.
[2] International Chamber of Commerce, Business Action to Stop Counterfeiting and Piracy (BASCAP), ESTIMATING THE GLOBAL ECONOMIC AND SOCIAL IMPACTS OF COUNTERFEITING AND PIRACY 50 (2011), available at http://www.iccwbo.org/Data/Documents/Bascap/Global-Impacts-Study—Full-Report/.
[3] See, e.g., 15 U.S.C. 1064; Fact Sheets Protecting a Trademark, INTERNATIONAL TRADEMARK ASSOCIATION, http://www.inta.org/TrademarkBasics/FactSheets/Pages/LossofTrademarkRightsFactSheet.aspx.
[4] U.S. Chamber of Commerce Global Intellectual Property Center Coalition Against Counterfeiting and Piracy, INTELLECTUAL PROPERTY PROTECTION AND ENFORCEMENT MANUAL: A PRACTICAL AND LEGAL GUIDE FOR PROTECTING YOUR INTELLECTUAL PROPERTY RIGHTS 21, available at http://www.theglobalipcenter.com/wp-content/uploads/2013/01/Brand_Enforcement_Manual_FINAL.pdf.
[5] eBay Against Counterfeits, EBAY, http://pages.ebay.com/againstcounterfeits/; eBay Money Back Guarantee, EBAY, http://pages.ebay.com/ebay-money-back-guarantee/; Amazon Anti-Counterfeiting Policy, AMAZON, http://www.amazon.com/gp/help/customer/display.html/ref=hp_left_sib?ie=UTF8&nodeId=201166010; About A-Z Guarantee, AMAZON, http://www.amazon.com/gp/help/customer/display.html/?nodeId=200783670.
[6] Jim Erickson, Alibaba’s Counterfeit Reporting System Gets an Upgrade, ALIZILA (Aug. 6, 2015, 4:35 PM), http://www.alizila.com/alibabas-counterfeit-reporting-system-gets-upgrade-video.
[7] Jim Erickson, The Latest in Alibaba’s War on Counterfeiters, ALIZILA (Jan. 30, 2015, 1:21 PM), http://www.alizila.com/latest-alibabas-war-counterfeits.

For most people the phrase “chain of custody” conjures images of smoking guns and drug busts, writes Indiana lawyer Helen Geib on QDiscovery‘s website. The importance of chain of custody in criminal cases is well known, and police and prosecutors have clear and detailed guidelines for handling physical evidence. By contrast there is relatively little understanding of the unique problems and considerations underlying chain of custody for electronic evidence. However, given ESI’s ubiquity and high risk of (usually inadvertent) spoliation, ESI chain of custody is an issue that civil litigators cannot afford to ignore.

Her article continues:

Defining “Chain of Custody”

The Electronic Discovery Reference Model’s online glossary defines chain of custody as:

“All information on a file’s travels from its original creation version to its final production version. A detailed account of the location of each document/file from the beginning of a project until the end. A sound chain of custody verifies that you have not altered information either in the copying process or during analysis.”

In other words, chain of custody shows a) where the evidence has been; b) who has touched it; and c) its condition at all times. It tracks an object or file through the evidence lifecycle of:

– Collection at the source;
– All transfers between source and courtroom;
– Storage; and,
– Handling for inspection, review, and forensic examination.

The norm is to demonstrate that there has been no change in the condition of the evidence. Where evidence is altered- for example, taking a sample of the white powder to send to the drug lab for analysis- the chain of custody must document the circumstances and details. This is of acute importance in forensic examination of computers, mobile phones, and other electronic devices, as forensics frequently necessitates making some changes to the source media or files. Documenting what happened does not prove that the alteration was necessary and appropriate; that must be independently demonstrated.

How ESI Chain of Custody Is Different

A principal distinction between ESI and physical evidence in the context of chain of custody is that ESI involves copies: an object is picked up and moved; an electronic file is copied. The differences start at the point of collection. In contrast to seizing an evidence item, chain of custody for an electronic file establishes that an identical copy has been created. In fact, ESI may potentially be copied many times over in the course of collection, transfer, and handling.

Another important distinction is that eDiscovery routinely involves altering evidence by changing the file format. Lawyers’ continuing preference for TIFF or PDF production format (ideally with linked metadata, extracted text, and for certain data types, native files) makes file format changes both necessary and desirable. The key point here is to show that the information contained in the file has not been altered in the course of ESI processing, review, and production.

Why Chain of Custody Is Important (and its Limits)

Chain of custody is an essential part of authentication. It shows:

– Provenance- This picture was found on the cell phone seized from the suspect on such and such date, or this Excel spreadsheet was copied from the company’s server at this folder location; and,
– Integrity- The knife had this person’s fingerprints on it when it was picked up at the scene, or this PDF is a true and accurate copy of the text content of the Word document copied from the witness’ computer.

What chain of custody does not show is what happened before collection. For instance, it is not in itself evidence that the owner of the computer created the files found on it, and it is similarly silent as to who had access to the computer pre-collection or what programs were installed. And of course, it is not relevant to understanding meaning or significance.

Who is Responsible for Chain of Custody

Primary responsibility for maintaining ESI chain of custody rests with whoever is in possession of it at any given time. Most of the time in civil discovery this is the eDiscovery services provider. Having defensible chain of custody procedures should always be considered in vendor selection.

Responsibility will shift to, or be shared with, the client when IT staff or individual document custodians are involved in data collection. Failure to keep good documentation is one of the most significant risks of unsupervised client self-collection. Finally, post-production, law firms and lawyers must take care not to alter ESI, particularly files produced in native format.