Your company has many advantages over its competition because of your unique ideas, first-of-its-kind-technology or software and highly sought after talent. But you still may not be prepared for the typical challenges that you may face when you first open your doors or web browser for business.
Attorneys at Greenberg Glusker who advise start-ups at every stage of their lifecycle answered the most common questions they get from founders of companies in Silicon Beach and beyond.
Jesse Saivar, an IP protection and enforcement attorney who also handles licensing deals provided these responses to the following questions:
What are some of the most common mistakes start-ups make when it comes to protecting IP?
SAIVAR: Young businesses often operate under the assumption that if they pay a third party for services, they own the resulting work product. They don’t realize that a transfer of copyright ownership requires a written instrument. This is common with technology companies and I have seen this lead to sticky situations during a closing. The second mistake I often see businesses make is assuming that if they have a properly worded privacy policy, they’ve satisfied their data security obligations. They need to understand that it’s not the language of the privacy policy that matters, it’s the accuracy. Having a picture perfect privacy policy that the company is not following is almost worse than having a deficient policy.
What advice would you give to an early stage technology company with respect to protecting its intellectual property assets?
SAIVAR: It goes without saying that if an early stage company has developed unique patentable technology they should speak with a patent attorney about the possibility of a registration. Unfortunately, however, most early stage companies don’t yet have the money to invest in a full-blown patent application. In addition, many tech companies in LA are dealing in entertainment-based platforms or apps that likely don’t include anything patentable. For companies in either situation, their best legal protection is twofold. First, they must make sure they have the proper agreements in place to own the tech they do have. Second is requiring NDAs to be signed before sharing anything of significance with a third party. Ultimately the best protection is often being first to market, as long as the product and rollout is well executed (being first to market with an inferior product, on the other hand, only invites others to improve upon the idea).
Should California companies that hire software programmers always use a “Work for Hire” agreement, or is there a preferred way of securing the rights to the software?
SAIVAR: The ubiquity of work-for-hire agreements has created an expectation that they should be utilized in any relationship that involves the creation of rights that may be protectable under copyright. What many businesses don’t understand is that, under the Copyright Act, there are actually only nine distinct categories of works that can qualify as works-madefor-hire outside of an employment relationship. There is usually a legitimate question as to whether the rights under a software development agreement would fall under one of those categories. Worse yet, a little-known quirk in California employment law causes a contractor under a work-for-hire agreement to be classified as a “special employee” which can impose certain unemployment insurance and workers’ compensation obligations on the hiring party. For these reasons, I recommend that most software development agreements should simply include assignment language instead of traditional work- for-hire language.
There have been a number of reports of massive corporate data breaches the past few years. Timothy J. Toohey, head of the firm’s Cyber Security Practice who works to assure that his clients’ propriety, person and customer and employee information and other sensitive data are fully protected responded to the following question:
Should cyber security be as much of a concern for start-ups as they are to large corporations?
TOOHEY: In today’s highly interconnected world, all businesses, including new businesses, must protect themselves against cyber-attacks. Hackers are constantly on the lookout for vulnerable companies—either to exploit their assets or as an entry point to their customers or users. Any business may be the victim of a ransomware attack through a “phishing” expedition or intellectual property theft. Indeed, many smaller or medium size businesses do not survive such attacks. The best time to protect yourself is before an attack has occurred. Basic security measures are not expensive, particularly when compared to the consequences of loss of key assets and the compromise of privacy that inevitably comes with a cyber security incident.
