Do You Understand Your Data Privacy Rights?

Data Privacy Day was started in 2007 in response to widespread lack of understanding about how personal data was being protected. Today, 91% of adults “agree” or “strongly agree” that consumers have lost control over how personal information is collected and used by companies, according to a recent Pew Research Center Survey.

Data is one of the natural resources of the 21st century. It should be treated like all other precious resources. Understanding, responsibility, and accountability are key. Ubiquitous Internet connections, unprecedented processing power and speed combined with staggeringly large databases have the ability to help both the private and public sectors. However, there is a growing split between the benefits of data-driven activities and perceptions of decreased privacy rights needs to be addressed. There is a balance that needs to be found between the responsibility of governments and that of businesses in ensuring an adequate level of protection to citizens and consumers, while supporting technological innovation.

The purpose of Data Privacy Day is raise awareness among digital citizens and empower them with understanding how their data is being collected, stored and consumed. Often, that starts with being educated about the privacy policies of online companies and web properties.

The National Cyber Security Alliance (NCSA) officially kicked off today’s Data Privacy Day events with a broadcast from George Washington University Law School featuring Federal Trade Commissioner Maureen Ohlhausen and privacy and security experts from industry and government.

Whether you are a consumer, an application developer, a technology platform provider, consultant, or enterprise that relies on the collection, analysis and commercialization of data (who doesn’t these days) Adler Law Group can help you navigate this emerging area by 1) assessing and prioritizing privacy risks, 2) creating a baseline understanding of data assets, data flows and contractual commitments, 3) developing internal Privacy Polciies and processes, and 4) creating and delivering training programs for executives and employees that increases awareness and mitigate risk.

Failure to Mind Corporate Details Leads to Loss of Copyright, Infringement Lawsuit

The case of Clarity Software, LLC v. Financial Independence Group, LLC is a great example the serious, negative consequences to intellectual property ownership when business owners and legal counsel fail to ensure that tasks are completed.

The short version is that the creator of computer software, Vincent Heck, sold the copyright in his software to settle a debt to a creditor, Eric Wallace, who intended to form Clarity Software, LLC to own and distribute the software. The lawsuit was for infringement of the copyright in the software.

As they say, “the devil is in the details.” In this case, the detail that became a devil, and ultimately prevented Wallace from enforcing a copyright in the software, was the fact that Clarity Software, LLC was never properly formed and therefore lacked standing to sue for infringement.

Forgive me for employing yet another trite phrase, but “truth is often stranger than fiction.” The Defendant proved that a veritable comedy of errors had occurred resulting in no record of the formation, including 1) the Department of State of Pennsylvania losing the certificate of organization, along with all records of the submission and filing of the certificate of organization, 2) the Plaintiff’s bank (PNC Bank) losing its copy certificate of organization provided when Wallace opened a bank account (even though PNC Bank still had the signature card completed when the account was opened), and 3) Wallace, himself a former President of the Pennsylvania Institute of Certified Public Accountants, losing his copy of the certificate of organization and all records of his communications with his attorney.

Defendant successfully moved for summary judgment based on its argument that Plaintiff did not own the copyright at issue in the litigation since it was not properly organized as a Pennsylvania limited liability company and never acquired valid ownership of the copyright.

Hat tip to Pamela Chestek and her blog, Property Intangible, where she first wrote about this case October 13, 2014. The opinion and order can be found here: Clarity Software, LLC v. Financial Independence Group, LLC, No. 2:12-cv-1609-MRH (W.D. Pa. Sept. 30, 2014).

To find out more about how the Adler Law Group can help your business identify risk and issues related to intellectual property ownership, corporation or LLC formation, or just assess risk associated with your business, contact us for a free, no-obligation consultation by emailing David @, visiting out web site, or calling toll free to (866) 734-2568..

Drone Filmmaking – It May Be The Next Big Thing, But Is It Legal?

Automated drone filmmaking may represent a huge, new creative opportunity for filmmakers. Filmmakers interested in pursuing this method of filming should research the legal requirements before jumping in with both feet.

From Amazon’s recently-announced plans to deliver everything from paperbacks to pizza via drones, to a NY Times headline about a wedding photographer using a drone to capture an event, the technology is raising more questions than answers. Like most other advances in technology, adoption seems to out-pace the law and the use of drones in filmmaking is no different. As a technophile and entertainment lawyer, I am starting to get questions from my filmmaking clients asking about the legalities of filming using drones. After doing some research, one thing is certain: there is no clear answer.

To get a better handle on the situation, I decided to get an expert opinion. I recently sat down with friend and colleague Alan Farkas, a partner at SmithAmundsen in Chicago who heads the firm’s aerospace law practice group and asked him to enlighten me. What follows is a interview-style version of our conversation, focused on providing clear answers to many of the questions that filmmakers are asking.

A group of Hollywood movie studios recently applied to get a waiver for drone filmmaking. Who has the authority to regulate this?

The FAA claims authority to regulate anything in the National Airspace. Until drones came along, the National Airspace was understood to start 500 feet above the ground, in addition to the space around airports. Now, FAA is claiming jurisdiction over airspace well below 500 feet too, and that’s highly controversial.

Is it just the FAA or are there state or local agencies involved?

State and local governments have some role here too. State and local governments certainly can adopt privacy and security laws to safeguard personal rights, but they can’t go so far as to intrude on FAA’s territory. Clearly, these boundaries are very hazy and need to be sorted out.

What is the current state of the law? Is the FAA looking at this issue?

The FAA is in the midst of formal rulemaking procedures. They have developed a committee of professionals to study the regulatory issues, and the FAA has set-up several test sites across the country to address integration of drones into our national airspace.

Why do filmmakers need to care?

The FAA has asserted jurisdiction over the rules for operating drones commercially and shooting a film using a drone would be considered a commercial activity. More importantly, as far as the FAA is concerned, any commercial use of drones is currently prohibited. Many in the commercial aviation industry are watching an important case awaiting a ruling where the FAA is seeking a $10,000 fine against a drone operator. In addition, several others have received cease and desist letters from the FAA.

How will the FAA’s actions affect filmmakers?

It’s not hard to imagine the FAA shutting down production or halting distribution on a film that includes illegal footage, and then there’s the potential horror that could arise if an illegal drone causes an injury or interferes with a traditional aircraft. In an unusual example of foresight, some Hollywood production companies are trying to get ahead of this issue by applying for formal exemptions from the current FAA rules. The FAA is seeking comments on these proposals.

We hear stories about lots of small drones flying around town, are these all illegal?

Unfortunately, anyone who is shooting video for events, or to showcase real estate, or similar uses is doing so illegally because these are commercial uses. Oddly, someone flying a small drone in the same exact pattern solely for fun, is allowed to do so, as long as they aren’t hurting anyone or threatening regular aircraft. A lot of these folks will get away with their illegal uses. However, if you have a legitimate business, you may be risking a lot. Also, anyone who is caught violating the FAA prohibition is going to have a hard time getting a permit when they do become available.

Where can a filmmaker get more information?

Because this area is developing so quickly, it’s hard to find reliable information. The FAA has some basic information on its website ( Anyone intending to start using drone s for filmmaking is strongly advised to consult competent attorney. Farkas is glad to answer any preliminary questions without running the meter.

The take-away for filmmakers is clear: while drones will likely play an increasing role in innovative filmmaking, there are still legal risks that need to be addressed. Like all creative endeavors, it is important to seek legal advice early in the project to ensure that risks are addressed and, if possible, permits or waivers obtained. The consequences could range from minor, such as a monetary fine, to devastating, such as having one’s production shut down or distribution blocked.

Contract Drafting: Limitations of Liability & Exceptions

One of the most important functions of a contract is to reduce uncertainties and mitigate risks. That is why almost all professional or personal services contracts contain “limitations of liability” provisions. Although they may seem like densely-worded, “boilerplate” provisions, and often overlooked, these provisions broadly affect a party’s ability to bring a claim, show liability, and prove damages that can be recovered.

A limitation of liability clause is a provision in a contract that limits the amount of exposure a company faces in the event a lawsuit is filed or another claim is made. As a preliminary observation, it is important to note that enforcement of limitation of liability provisions vary from state to state. The general rule in contract law is that in the commercial context, many states have found these clauses to be a mere shifting of the risk and enforce them as written.

Limitations of Liability generally address two areas of concern. First, the types of claims that may be barred. Second, the amount or scope of liability for claims that are not barred.

Limiting The Type Of Claim

A typical limitation of liability clause may look something like this:


This clause limits the types of damages that may be claimed, prohibiting claims for:

  • Consequential damages (damages resulting naturally, but not necessarily, from the defendant’s wrongful conduct, BUT they must be foreseeable and directly traceable to the breach)
  • Incidental damages (includes costs incurred in a reasonable effort, whether successful or not, to avoid loss, or in arranging or attempting to arrange a substitute transaction)
  • Special damages (often treated the same as “consequential” by courts, “special” damages have been defined as those that arise from special circumstances known by the parties at the time the contract was made)
  • Punitive damages (damages that may be awarded which compensate a party for the exceptional losses suffered due to egregious conduct; a way of punishing the wrongful conduct and/or preventing future, similar conduct)
  • Exemplary damages (See “Punitive damages”)
  • Indirect damages (See “Consequential damages”)
  • Lost Profits (Cases in New York (and elsewhere) have a held that a clause excluding “consequential damages” may no longer be enough to bar “lost profits” claims; therefore, consider including more specific provisions in contracts- if parties want to exclude lost profits for breach of contract, a clause specifically excluding “lost profits” should be included.)

Lost profits that do not directly flow from a breach are consequential damages, and thus typically excluded by a limitation of liability clause like that above. But lost profits can be considered general damages (and thus recoverable) where the non-breaching party bargained for those profits, and where the profits are a direct and probable result of the breach.

Limiting The Amount Of The Claim

If found to be enforceable, a limitation of liability clause can “cap” the amount of potential damages to which a party is exposed. The limit may apply to all claims arising during the course of the contract, or it may apply only to certain types of claims. Limitation of liability clauses typically limit the liability to one of the following amounts: (i) the compensation and fees paid under the contract; (ii) an sum of money agreed in advance; (iii) available insurance coverage; or (iv) a combination of the above.

Parties can and typically do agree in their contract that liability is capped at some dollar amount. If liability exists and if damages can be proved, then the aggrieved party recovers those damages, but only up to the agreed cap. Sometimes these are mutual; other times they are one-sided. Sometimes the cap is a fixed sum (e.g., “the amounts paid for the services” or “$100,000”). Other times, the parties may choose to tie the cap to the type of harm, (e.g. personal injury, property damage, violations of confidentiality obligations).

However, sometimes that parties may agree that certain types of harm should not be limited. These “exceptions” put the parties in the same position they would have occupied if there was no limitation of liability provision in effect. For example:

  • exposure for violations of intellectual property (copyright, trademark, trade secret, patent) or proprietary rights (right of publicity, right of privacy, contractually-defined proprietary information)
  • in the event of an obligation to indemnity and defend for 1) breach of intellectual property representations, and/or 2) third party intellectual property or proprietary rights
  • in the event of an obligation to indemnify because a party didn’t have the right to provide data or information
  • in the event of an obligation to indemnify and defend for non-compliance with data security standards
  • exposure for violations of confidentiality obligations
  • personal injury or property damage due to negligent acts or omissions

Best Practices

Businesses that rely upon limitation of liability clauses should periodically reexamine those clauses. Questions that you should be asking include: “what’s my maximum recovery if the other party breaches,” and “what’s my maximum liability if I breach?”

These are only effective if enforceable, that’s why drafting is key. According to many courts, following certain drafting guidelines will help reduce the likelihood that a limitation of liability clause will not be enforced. Such guidelines include:

  • Make the clause conspicuous: set the clause in bold face print or underline or otherwise place the clause apart from the rest of the text on the page on which it appears so that the other party is aware of its existence.
  • Make the language clear and concise: make sure that the clause is concise and unambiguous as it relates to the contract as a whole.
  • Identify specific risks: be specific in identifying the types of damages you think should be excluded.
  • Negotiate the clause: discuss the clause with the party that is signing the agreement and negotiate if there is a discrepancy.
  • Retain drafts of revisions: keep drafts of any revisions made to the limitation of liability clause so that you have proof that the clause was negotiated.
  • Add language stating that these damages are not recoverable even if they were, or should have been, foreseeable or known by the breaching party.
  • Recite that the limitation of liability clause is an agreed benefit of the bargain, and that it remains in effect even if any remedy under the contract fails of its essential purpose.
  • Consider including a liquidated damages clause for specific breaches, which would replace a damages claim.

DISCLAIMER: THIS IS NOT LEGAL ADVICE. Please consult  qualified attorney to discuss your specific situation.

If you are concerned about how to tighten your contracts, we may be able to help. We can review your contracts, your business practices, and advise on whether there is room for improvement.

Please contact us for a no-fee, no-obligation consultation. (866) 734-2568 David [at]

Zombie Cinderella ‘Survives’ Walt Disney’s Cinderella Trademark- No Likelihood of Confusion

United Trademark Holdings, Inc. (“Applicant”) appealed a decision by the U.S. Patent & Trademark Office refusing registration of its “ZOMBIE CINDERELLA” trademark for dolls when the USPTO held that it was confusingly similar to the registered “WALT DISNEY’S CINDERELLA” trademark.

In any likelihood of confusion analysis, two key considerations are the similarities between the marks and the similarities between the goods at issue. Applicant demonstrated that the story of “Cinderella,” is a “well-known narrative … involving a beautiful young lady, her antagonistic stepsisters, a fairy godmother, a ball, a prince, and a pair of glass slippers, existing since at least as early as 1697.”

The USPTO cited to nine other doll lines that use the name “Cinderella” holding that: 1) the mark is weak, and 2) CINDERELLA is not the dominant component of the cited, registered mark. The court found that while the dominant part of the mark -the term CINDERELLA – was similar, use of the terms “Walt Disney” and “Zombie” differentiated the two. The USPTO also found that “the design element of “WALT DISNEY’S CINDERELLA” may function, for juvenile customers, as a stronger source indicator than the term CINDERELLA, because it depicts a specific version of Cinderella that is associated with the Walt Disney animated film” of the same name.

Lastly, although the word “zombie” has little significance or distinctiveness as a source indicator in the marketplace for toys, the combination of ZOMBIE with CINDERELLA creates a unitary mark with an incongruous impression.

Twitter Sues The Government Over Data-Request Disclosures

Featured Image -- 1158

Originally posted on TechCrunch:

Twitter wants you to know that it is serious about data request transparency, and that is a darn fine good thing.

The social company is suing the government for the right to share, in more granular detail, the requests for user data that state makes. The United States government would like such data to be opaque. Twitter, the opposite.

Both sides’ views are unsurprising. The government wants to keep terrorists in the dark. And Twitter wants to keep its users informed, so that they know that their information, at least through these specific channels, isn’t being absorbed wholesale. This argument is component to the larger debate the nation is currently having about how government surveillance impacts the privacy of the individual, and the nation as a whole.

What does Twitter want? From its post:

It’s our belief that we are entitled under the First Amendment to respond to our users’ concerns…

View original 205 more words

Privacy & Data Security Under Delaware Law

Contractual Obligations to Destroy Consumer Information

Consumers and business are expressing increasing concerns over data privacy and security risks. Increasing frequency of data breach headlines show these concerns are not trivial. Recent breaches involving Target and Neiman-Marcus, for example, are just the latest high profile incidents that underscore the need to know that financial transactions are secure. When there is a Target- or Neiman-Marcus-sized breach involving personally identifiable information (PII) resulting in PII landing in the hands of unscrupulous third-parties, there are significant consequences: our own information can be used against us (identity theft) and also to harm retailers and credit card companies. Financial and transactional security and cyber-privacy concern everyone.

Many businesses find themselves covered by a patchwork of state and federal laws governing consumer protection, privacy and data security. A client recently asked us to research the new Delaware law on data destruction (DE Code §50C-101). Specifically at issue was the definition of “consumer” under the Act.

A company in the financial services industry may have several different subsidiaries incorporated in Delaware. Most of them are likely covered by the Graham Leach Bliley Act (“GLBA”) exception for regulated financial institutions with respect to the obligation to protect a consumer’s information. However, a subsidiary may function as a service provider to regulated and unregulated businesses providing administration, accounting and other services and may not regulated. This entity will probably have contractual agreements with these other businesses entities but probably not with the end “consumer.” As such, the service provider may still have an obligation to protect consumer information via these contracts.

When drafting such contracts, the question arises regarding the scope of the information to be protected since the GLBA defines consumer differently than the Delaware Act. GLBA mentions “financial products or services” where Delaware talks about “entering into a transaction.”

Delaware statute: “A commercial entity shall take all reasonable steps to destroy or arrange for the destruction of a consumer’s personal identifying information within its custody and control that is no longer to be retained by the commercial entity by shredding, erasing, or otherwise destroying or modifying the personal identifying information in those records to make it entirely unreadable or indecipherable through any means …”

Delaware Definition of Consumer: “an individual who enters into a transaction primarily for personal, family, or household purposes.”

GLBA Definition of Consumer: “an individual who obtains, from a financial institution, financial products or services which are to be used primarily for personal, family, or household purposes.”

The Delaware definition of consumer appears to require a service provider to destroy the “consumer” information irrespective of any contractual agreement. This would appear to place responsibility for data destruction with the service provider rather than the entities it serves, e.g. those that have the true relationship with the consumers according to GLBA.

The Delaware definition of consumer is fairly standard and is used by most states in their “Unfair Trade  Practices and Consumer Protection” type laws.  The definition can be reasonably understood as intended to exclude businesses from the protection of such laws.  It appears that a “Consumer” under Delaware law is a broader and more inclusive than under the GLBA.  Since state courts may have more expansive powers to protect a consumer under state law than the would be permitted under the GLBA (a law primarily intended to regulate financial institutions) and since the Delaware Act is consumer protection statute, it is wise to presume that Delaware courts would interpret and apply the alw as expansively as possible to protect consumers.

From a contractual relationship standpoint, it is incumbent on service providers to clearly address these issues in their contract and balance compliance risks and burdens among the parties best situated to ensure compliance.

NOTE: THIS IS NOT LEGAL ADVICE. If you have questions regarding application and interpretation of any laws, rules or regulations, you should consult a qualified attorney regarding your specific situation.

You may contact the Adler Law Group to schedule a free consultation by calling (866) 734-2568.