MoFo Tech | Technology Attorneys | Morrison & Foerster

Worn on the Sleeve

Posted on July 29, 2014 from MoFo Tech Spring/Summer 2014

Watches that monitor sleep quality. Skullcaps that gauge head injury. An infant bodysuit that sends temperature and breathing updates to a mobile device. Ear buds that track your heart rate. These are just some of the innovations now emerging in the hot new field of wearable technology. Currently estimated at $1.6 billion, the wearable device market is expected to grow to $5 billion in revenue by 2016, according to Gartner. If upcoming releases like Google Glass (scheduled for mass distribution later this year) prove as popular as smartphones and tablets—whose combined revenue topped $66 billion in 2013, according to the Consumer Electronics Association—wearable devices stand to become a major new realm in technology.

But the technology is already garnering a lot of attention from lawyers and lawmakers with concerns about how the devices—and the information they collect—can be misused. Wearable devices are just one more example of how technology gets ahead of the law, says Gabriel Meister, a New York-based partner in Morrison & Foerster’s Technology Transactions Group. “Often, the legislative response to perceived risks is very blunt, until we figure out exactly what the risks are.”

Close to the Vest

One of the first attempts to address privacy-related legal issues—an 1890 Harvard Law Review article written by attorneys Louis Brandeis and Samuel Warren—sprung from concerns about the newly introduced handheld camera. People were afraid a newspaper could photograph them in a private space and publish it the next day, according to Andrew Serwin, a Morrison & Foerster Global Privacy and Data Security Practice Group partner.

“They felt the technology was extremely invasive,” Serwin says. “What happened was the volume of data and its velocity increased. Wearable technology is the same issue— just at a much faster velocity, with much more volume and permanency.”

Smartphones let users quickly shoot and share images. Google Glass wearers can snap a photo by speaking a phrase. With each new device, consumers are receiving and transmitting more information that can be stored indefinitely and potentially retrieved, shared, or even sold by people unknown to the original user, especially if they are stored or shared on a centralized server.

Fitness enthusiasts, for example, wouldn’t necessarily want their health insurance provider—which may base premiums on health status—to access their blood pressure readings. They presumably would want to know whether a fitness tech provider reserved the right to share information with a third party, Meister says.

“There are a lot of really attractive services a consumer can get through wearable technology,” says Peter McLaughlin, of counsel in Morrison & Foerster’s Global Privacy and Data Security Practice Group in New York. “But how are the folks offering the technology managing the [privacy] expectations of people who are actually using it? And who’s seeing the data?”

Medical devices, another transportable tech trend, can present even greater privacy risks. “Portable insulin pumps are smaller than an iPhone, regularly record insulin levels, and can transmit the information electronically to a website a patient and doctor use,” McLaughlin says. “That information is a bit more sensitive than workout stats.”

In some cases, the Health Insurance Portability and Accountability Act— which is meant to assure the privacy and security of medical data—may apply. In any case, consumers will want assurance that their personal data is protected from hackers. “Wearable technology developers ought to start thinking about the security of the data in the device and the security of data transmission sooner rather than later in the development process,” McLaughlin says.

Is This Thing On?

Wearable devices aren’t just compact— they’re discreet. They operate, present, and collect data with more subtlety than their predecessors. And that feature has raised fears that these devices could be presenting new and unforeseen risks to safety, privacy, or intellectual property. Just two examples:

In October 2013, Google Glass enthusiast Cecilia Abadie was pulled over for speeding on a San Diego highway. She was also cited for distracted driving due to the Google Glass she was wearing. The citation was later thrown out of traffic court because of a lack of evidence that Abadie was distracted by—or even using—the device.

In January, a man sporting Google Glass was removed from an Ohio movie theater and questioned by Homeland Security agents for two hours about potential copyright infringement. “Reportedly he was only wearing the glasses because he had his prescription lenses in them,” Meister says. “He was ultimately able to get them to connect his Glass to a PC via USB and have a look, to prove he wasn’t recording the movie.”

Because Google Glass is still new, many people do not understand how it works. Over time, society may become more accepting of wearable technology, as it has with smartphones.

A fitness club is a good example of a place where many people would not like strangers to take—or share—their pictures. Many gyms warn against photos and recordings. But now that many consumers keep their camera-equipped smartphones on them at all times— including when working out, to listen to music—preventing all camera use can be challenging.

“If we become aware that inappropriate photos have been taken and we can identify the photographer, we revoke the person’s membership,” says a legal professional for a fitness chain. “But banning phones is just not going to work practically.”

The widespread use of smartphones may have helped consumers accept their use in gyms as well, the professional says. “There was a lot of fear eight to 10 years ago when camera phones started coming out. They’re here to stay; people just have to be courteous.”

Promising Potential

In reality, it’s almost impossible to completely eliminate all privacy-related portable technology risks, although that hasn’t stopped some businesses from trying. “Some of the pre-emptive reactions to Google Glass, for example, involve certain states’ gaming commissions telling casinos in certain states to go ahead and ban similar devices,” Meister says. “There are also legislators, in Delaware, West Virginia, New Jersey, and Illinois at least, introducing legislation prohibiting Glass use while driving.”

Society—and the legal system—may need more time to determine all the potential concerns associated with new wearable devices. New laws will emerge, just as some states and municipalities forbid texting while driving. “We’re in the phase where we are trying to apply old laws to new technology,” Meister says. “But at some point, when devices like this become essential, you see new laws being tailored to the technology, and not vice versa.”

Although it caused a mild privacy panic in the late 19th century, society eventually made its peace with the handheld camera. Google Glass—and the wearable technology items yet to come—may very well experience the same trajectory. “What ends up happening is technologies either become ubiquitous and people get used to the invasion of privacy, or they go away,” Serwin says. “You have to look at the issue with the perspective of time.”

Rooting Out Conflict Minerals

Posted on July 22, 2014 from MoFo Tech Spring/Summer 2014

If your company manufactures consumer electronics, avionics, or any product incorporating even trace amounts of gold, coltan, cassiterite, or wolframite— including their derivatives, tantalum, tin, and tungsten—you may need to ask how well you know your conflict minerals story.

Under Dodd-Frank, public companies may soon be required to report on their use of any of these minerals originating from the Democratic Republic of the Congo and nine other African nations. “The SEC adopted the rule, but it has been subject to a legal challenge to the validity of its rulemaking,” says Morrison & Foerster securities partner David Lynn. “A decision was reached in April holding that the statute and the SEC rule violate the First Amendment of the Constitution. If the rule ultimately requires reporting, the practical implication is to be ready to tell your sourcing story.”

Compliance could be potentially costly and complicated. Lynn suggests that companies know the country of origin; ensure that downstream suppliers (including mines, smelters, and refiners) are conflict free; review and revise sourcing policies and contracts as necessary; and raise awareness of this issue with your entire supply chain.

SEC: The New Cyber-Cop

Posted on July 15, 2014 from MoFo Tech Spring/Summer 2014

It seems scarcely a week goes by without a headline blaring news of a major cybersecurity breach. And with ongoing revelations about the data-tracking activities of the National Security Agency, the public isn’t growing less concerned about privacy. So it’s no surprise Congress has pressed the Securities and Exchange Commission on cybersecurity.

What does that mean for corporate disclosures? “The SEC continues to hear from Congress on cybersecurity disclosures, so it will continue to focus on the issue,” says David Lynn, a partner in Morrison & Foerster’s Washington office and co-chair of its Corporate Finance Practice. “That means companies need to be vigilant about their disclosures.”

The SEC last issued guidance on cybersecurity disclosures in 2011. Since then it has issued several dozen comment letters to companies that experienced a cybersecurity issue and failed to disclose it entirely to the SEC’s liking. Even if the agency doesn’t revisit its current guidance on cybersecurity disclosures, “[SEC Chair] Mary Jo White has told Congress the issue is important to the SEC,” says Tony Rodriguez, a partner in Morrison & Foerster’s San Francisco office whose experience includes representations in SEC matters.

The continuing SEC scrutiny also raises concerns about potential litigation. “While we haven’t necessarily seen an increase in cybersecurity cases, if a company is called out by a regulator on their disclosures, it could encourage plaintiffs to take legal action,” Rodriguez observes.

What should companies do? Besides taking appropriate steps to protect data from cyberattacks and remediate breaches that do occur, make sure you have a robust process in place to communicate potential problems to corporate leaders. “Executives responsible for disclosures need to become aware of cybersecurity issues promptly so they can make appropriate disclosure decisions,” Lynn advises.

Finally, approach disclosures in a thoughtful way and let the facts speak for themselves. Describe cybersecurity issues in an accurate, complete manner so as to minimize the possibility for SEC comments and potential litigation.

“Just because the last SEC guidance was issued in 2011 doesn’t mean the issue has gone away,” Lynn concludes. “Cybersecurity breaches will continue to happen to organizations across the board. So be vigilant about your disclosures.”

German Federal Government Plans Tax Exemption of INVEST – Subsidy for Venture Capital

Posted on July 8, 2014 by

The German Federal Government has given an important insight to its plans and future measures regarding taxation of the start-up- and VC-ecosystem in Germany by officially answer to a parliamentary request by several members of parliament. These plans are not only important for young companies and their investors, but also for Germany’s attractiveness as a start-up destination itself. This is especially true considering that Berlin is becoming Europe’s top start-up destination and the call for governmental support for the German start-up scene increased recently.

One encouraging trend set out in the Government’s recent statements is the announced tax exemption of the so-called INVEST-Subsidy for Venture Capital (INVEST – Zuschuss für Wagniskapital). Under this program, business angels get 20 percent of their investment reimbursed from a special governmental fund if certain conditions are met. Whereas currently such subsidy triggers German income tax, in the future its incentive effect as a tax-exempt gain will be much higher. Another positive highlight is that the government announced to adhere to the concept of a lower taxation of “carried interest” received by VC-fund initiators (40% exemption from income tax).

Unfortunately, the government refuses to introduce a tax exemption for capital gains received by the disposition of shares in qualified startup businesses, which would be somehow comparable with certain tax incentives in the UK and USA (tax roll-over). The group of parliamentarians also asked the government about other important issues, such as the call for VAT exemption for VC fund management fees, the idea to privilege a start-up by extending the offsetting of profit against tax loss carry-forwards and suggestions for a definite fiscal transparency of VC funds. Unfortunately the answers to these queries remained evasive.

Overall, as far as the INVEST-Subsidy is concerned, an encouraging step into the right direction has been announced. In addition that gives rise to hope for the ongoing effort of the German government to support the start-up and VC scene in Germany and especially Berlin.

This is an update to Europe’s Incubator Central.

Turning The Tide on “Trolls”

Posted on July 8, 2014 from MoFo Tech Spring/Summer 2014

When a non-practicing entity (NPE) accused 16,000 small businesses of violating its patent by merely emailing scanned documents, the New York attorney general cracked down, forcing a settlement. Then the FTC threatened to sue for deceptive trade practices—prompting the NPE to file a preemptive suit against the FTC. ¶ As NPEs (sometimes known as patent trolls) have grown more audacious, the drumbeat for action against them has grown, notes Scott Llewellyn, deputy chair of Morrison & Foerster’s IP Litigation Group. There’s been an onslaught of media coverage and a flurry of federal legislation, with one House bill passing by a large margin in December. In January, President Obama urged passage of a bill to reduce “needless litigation,” and the White House announced further executive actions. ¶ The House bill awaits a Senate counterpart. Regardless of whether any bill reaches Obama’s desk, this “sea change of opinion” could have a big impact on patent infringement cases, Llewellyn says, by “potentially changing how judges and juries look at these issues.” Meanwhile, Llewellyn warns, “Be careful what you wish for, because the devil is in the details.” Companies should think about the potential for unintended consequences before supporting any measure.