Have to give them an “A” for effort. “Patent troll” MPHJ Technology Investments, LLC sued the FTC hoping to shut down its investigation into the company because the investigation violated MPHJ’s First Amendment rights to petition. A West Texas federal judge recently ruled that MPHJ could not “derail” the FTC investigation with such a claim.
MPHJ, which had bought a number of patents related to computer scanning programs, mailed demand letters in an effort to license its patents to various companies that were already using similar technology. But MPHJ didn’t stop there. Many of the letters also threatened to sue those same companies if they didn’t sign license agreements and pay MPHJ’s demanded licensing fees. Those inquiry letters landed MPHJ in hot water with the attorneys general of various states, including Vermont and Nebraska—and with the FTC. Specifically, the FTC is investigating whether the inquiry letters violated Section 5 of the FTC Act. The FTC has already offered to settle the matter with MPHJ via a consent judgment, but MPHJ rejected the offer, leaving the investigation open and pending. Indeed, the Commissioners have yet to make a final decision about bringing any enforcement action at all, which would be accomplished by a majority vote.
The recent data breaches at Target, Home Depot, and Jimmy John’s have kept data privacy and security in the news lately. But from a legal perspective, there has never been much that the victims of these breaches could do to obtain a remedy in the absence of actual proof of identity or other theft. Indeed, ever since the U.S. Supreme Court decision in Clapper v. Amnesty International, it has been clear that the mere potential for future injury is insufficient to confer standing on a data breach victim to sue. Instead, the plaintiff must prove that injury is “certainly impending,” a standard that was thought to rule out class action lawsuits arising out of data breaches.
Except in California. Bucking the trend for dismissing class actions resulting from data breaches, a federal court in the Northern District of California in In re Adobe Systems, Inc. Privacy Litigation recently denied a motion seeking dismissal based on a lack of standing. The Adobe litigation arose out of a 2013 hacking that caused a data breach that compromised customer debit and credit card numbers and other personal information. In addition to claims brought under California statutory law, the plaintiff customers, like most of the plaintiffs in other data breach class actions, alleged damages as a result of an increased risk of future harm by identity theft and the cost of mitigating that harm. (The plaintiffs also alleged that they suffered economic injury in the form of lost value of the Adobe products that they paid for, but the court found it unnecessary to address that issue.) Contrary to every other post-Clapper court that has addressed this issue – with the exception of the Southern District of California Court in In re Sony Gaming Networks & Customer Data Security Breach Litigation – the Adobe Court found that the plaintiffs had stated a sufficient claim to establish standing to sue. Continue Reading
Twenty-three new gTLDs have been delegated since our last post. The following gTLDs have been cleared for takeoff:
- .企业 (Chinese for “enterprise”)
Delegation is the green light for new gTLDs to launch into their respective mandatory sunrise period before moving on to landrush, early access and their final destination: general availability. Continue Reading
We wanted to take a moment to announce our newest endeavor, Antitrust Law Source. Antitrust Law Source is a new site designed for visitors to quickly and easily learn about developments in this growing arena. The site will focus primarily on news and legal updates related to antitrust in a podcasting format. The podcasts will feature a variety of insights, educational offerings, discussions and interviews with thought leaders across a variety of industries.
The site is prepared by members of our firm’s Antitrust Practice Group and will feature news and information on a range of areas, including:
- Civil litigation
- Compliance programs/audits
- Consumer protection
- Criminal and civil government enforcement
- Distribution, pricing and promotional allowance programs
- Intellectual property/Technology
- International issues
- Legislative matters
- Mergers, acquisitions and joint ventures
- Privacy and data security
We encourage you to share your thoughts with us.
There’s exciting news in the world of cryptocurrency, the exchange medium that uses cryptography to secure the transactions and control the creation of new units. Bitcoin, created in 2009, was the first cryptocurrency and remains the most popular, though numerous other cryptocurrencies, such as Coinye, have emerged in the interim.
Where can you find cryptocurrency? Certainly not at your local bank.
Cryptocurrency is essentially digital money, a virtual medium of exchange that is not issued, backed, or tied to any particular nation or government. Cryptocurrency derives value through a variety of ways, such as buying either from exchanges, or directly from other people selling them, or try your hand at mining, which requires software you download to your computer.
After obtaining cryptocurrency, such as a bitcoin, the next hurdle is finding someone who will accept the currency in exchange for goods and services — which isn’t as difficult as you might think. Analysts estimate that over 65,000 bitcoin transactions occur every day through electronic transactions. What types of goods and services are exchanged, you may ask? Almost anything from the mundane products, such as electronics or dog apparel, to swanky cocktails or a Tesla, or to the illegal, including drugs and guns. Because purchases occur online through user’s virtual wallets, purchasers can remain anonymous and law enforcement can’t freeze their accounts.
Ready for the first day of sunrise
ICANN continues to make big strides in widening the Internet playing field. To date, ICANN has invited 1,159 new gTLDs to contract, and of those 1,159 invited, 495 registry agreements have been signed. From the 495 applicants who have signed a registry agreement, ICANN has delegated 357 new gTLDs to the root zone including the newest 20 that have been delegated since our last post. The newly delegated gTLDs are:
- .佛山 (Chinese city of Foshian)
- .广东 (Chinese province of “Guangdong)
On July 7-11, 2014, a group of 25 privacy lawyers met in a historic building overlooking the Keizersgracht, one of Amsterdam’s most beautiful canals, and spent five days learning about U.S. privacy law, European data protection law, and the complex interactions between them. The setting was the Summer Course on Privacy Law and Policy, presented by the University of Amsterdam’s Institute for Information Law (IViR), one of the largest information law research centers in the world. Course faculty included leading practitioners, regulators and academics from both sides of the Atlantic. Course participants came from an even wider geographic area that included Hungary, Greece, Poland, the Netherlands, Hong Kong, Kyrgyzstan, Switzerland, the UK, Belgium and Canada. I was lucky enough to serve as a co-organizer of, and faculty member in, the course. In this post, I describe presentation highlights and identify some cross-cutting themes that emerged during the week.
Dr. Kristina Irion, Marie Curie Fellow at IViR (and the other course organizer) started the course with “An Update on European Data Protection Law and Policy.” The Summer Course does not try to cover every aspect of privacy law. Instead, it focuses on law and policy related to the Internet, electronic communications, and online and social media. In her presentation, Irion analyzed the latest European legal and policy developments in these areas. The most important such development is the proposed General Data Protection Regulation (GDPR) — a major reform proposal that several of the faculty presenters believe will become law in 2015.
The GDPR would replace the current patchwork of national data protection laws with a single, harmonized, directly enforceable Regulation. It will establish new substantive rights and principles such as the Right to be Forgotten and the principle of Data Portability. It will also create new obligations for organizations including the implementation of privacy by design and privacy impact statements. Dr. Irion identified and discussed other significant developments in EU data protection law including the Court of Justice of the European Union’s (CJEU) holding in SABAM v. Scarlet that ISPs may not be asked to filter content to protect copyright, and its landmark decision in Google v. AEPD that individuals may, in certain circumstances, require companies to remove online links to embarrassing information (the so-called Google Right to be Forgotten case). Continue Reading
Last week, the White House’s Office of Management and Budget approved the FTC’s request to study how patent assertion entities (PAEs or, less charitably, patent trolls) operate and to what extent they affect competition and innovation. The study was originally proposed in September 2013 and modified this past May in response to public comment.
As we described previously in a two-part series of articles (read part 1 and part 2), the study will be conducted in two segments and is designed to answer the following questions:
- How do PAEs organize their corporate legal structure, including parents, subsidiaries, and affiliates?
- What types of patents do PAEs hold and how do they organize their holdings?
- How do PAEs acquire patents; who are the prior patent owners; and how do they compensate prior patent owners?
- How do PAEs engage in assertion activity (i.e., how do they behave with respect to demands, litigation, and licensing)?
- What does assertion activity cost PAEs?
- What do PAEs earn through assertion activity?
- How does PAE patent assertion behavior compare to that of other entities that assert patents? Continue Reading
ICANN ended the month of July with a bang, clearing and delegating the following new gTLDs:
Ohio may become the next state — after Virginia, Georgia, and thirteen other states — to take on the fight against patent trolls. A bill pending in Ohio’s General Assembly, H.B. 573, would provide additional tools to thwart abusive tactics by patent trolls. But how useful those tools may prove in the battle against the problems they are intended to remedy is yet to be seen.
“Patent troll” is a pejorative term without a well-defined meaning. It is widely used to describe an entity that does not make or sell any products or services, but acquires patents from others and then seeks to exact licensing fees through abusive tactics, including meritless assertions of patent infringement. Because defending against patent infringement claims can be an expensive endeavor, those targeted by meritless lawsuits often opt to pay patent trolls’ relatively low demands rather than aggressively defend against the claims in court. It is a decision that can leave business leaders steaming because, in their view, their companies are essentially being subjected to a shake-down by the threat of a meritless lawsuit.
In addition to frustrating business leaders, abusive practices in enforcing patents can stymie the economy. When companies are forced to settle meritless claims of infringement, they have less to spend on payroll, research and development, and other expenses that add value to the company and make it more likely to contribute to a thriving economy. Thus, patent trolls (as defined above) harm their targets, but they also negatively impact society more generally. Continue Reading