Category: Social Media

Privacy Tip #335 – Health Care Sector Continues to Be Hit with Ransomware

According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care sector shared that 66 percent of them had experienced a ransomware attack in 2021, which was an increase of 69 percent over 2020. This was the largest increase of all sectors surveyed.

If you look at the Office for Civil Rights data breach portal, you will see that a vast majority of breaches reported by health care providers and business associates are related to “Hacking/IT incident.” This confirms that the health care sector continues to be attacked by threat actors seeking to steal protected health information of patients.

If you are a patient who receives a breach notification letter from a health care provider or business associate, the letter will provide guidance on how to protect yourself following a data breach and may offer some protection guidance, including credit monitoring or fraud resolution. Such a letter has been sent to patients to comply with the breach notification requirements of HIPAA and state law. Part of those requirements includes that the patients be provided mitigation steps following the breach to protect themselves from fraud. Avail yourself of these protections in the event your information is compromised. Take the time to sign up for the mitigation offered. It is clear that these attacks will not subside any time soon.

Article By Linn F. Freedman of Robinson & Cole LLP

For more cybersecurity and media legal news, click here to visit the National Law Review.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

Six Tips for Selecting the Right CRM System

Before deciding on a new CRM, follow these steps to select the right CRM system that meets your requirements, enhances adoption, offers value to your users – and can provide a return on your investment.

Research estimates that up to 70% of CRM systems fail to meet expectations – and a failed CRM implementation can be extremely costly, not just in terms of the financial expense, but also because of the costs in lost time – and credibility. Even more impactful: you don’t often get a second chance at CRM success. This means that it’s critical to select the right CRM system the first time.

The good news is CRM success is more than possible. If you simply follow a few critical steps before and during the CRM selection process, you can ensure that the system you select will help you achieve your organization’s goals, enhance adoption and provide value to your users – and deliver a return on your technology investment.

Tip 1: Problems First, Then Products

When attempting to successfully select and implement CRM software, it’s essential to focus on people and processes first, products second. Too many people immediately rush out to find potential vendors, so they can set up demonstrations of the most popular CRM software.

While it’s easy to get caught up in the shiny bells and whistles of a good CRM demo, it’s important to resist the temptation to dive into features and functions too soon without first taking the time to gain a real understanding of your organizational and user needs.

Tip 2: Assess Your Needs

Organizations buy CRM software for a number of reasons – but each organization is unique. To provide real value and ROI, before making the purchase, you have to understand what you are trying to accomplish.

Start by putting together a list of the key reasons you think you need a CRM.

  • Are you trying to communicate more effectively with clients and prospects?
  • Manage and evaluate the ROI of events or sponsorships?
  • Track and enhance business development efforts?
  • Help the organization be more efficient?
  • Increase business and revenue?

After assessing your organization’s needs, you may discover that you have more goals than you first thought.

If this is the case, it will be important to prioritize the goals. Don’t try to boil the ocean. If you try to tackle too many things at once, especially during the initial rollout, you will be less likely to succeed. Instead, assign your goals to a timeline based on importance and value to users. For the initial implementation, set a few relevant goals, achieve those initial successes, communicate the successes – and repeat.

Making your users part of the process up front will also make them more likely to adopt the software later.

Once you understand your organization’s unique needs and requirements, it’s time to talk to your users. One of the biggest frustrations we hear from clients is a lack of CRM adoption. This isn’t surprising since, in many of these organizations, system users were not involved during the selection process. To get people to buy in and use software, it has to provide value not only to the organization, but to the users individually. The challenge is that different people define value differently, which means different groups or types of users will have their own unique needs and requirements. That’s why it’s so important to get them involved early. Making your users part of the process up front will also make them more likely to adopt the software later.

To gather user input, consider creating focus groups to provide feedback on product features and functions. You may even want to meet with some of the naysayers individually to start encouraging their participation and head off future roadblocks. Finally, be sure to involve key stakeholders in system demonstrations to help evaluate the software and solicit their feedback before proceeding with system selection. In fact, it’s beneficial to have users involved throughout the rollout to offer ideas on how to improve the CRM implementation for everyone.

Tip 3: Evaluate the Systems and Providers

After gathering all the relevant information, it’s important to fully document your requirements and make sure you are well-prepared before reaching out to providers. The best way to do this is with what I call a ‘demo roadmap.’ This is a comprehensive two- to three-page document that sets out all of the details for the demonstrations along with all the needs and requirements gathered during the needs assessment and the features and functionality that you want to see.

Your ‘roadmap’ will guide the CRM providers so that they show you the key system attributes that are critical to the success of your organization and users and also helps to prevent the demonstrations from becoming a ‘dog and pony show.’ Your roadmap should be shared with the CRM providers well in advance of the demonstrations to give them time to adequately prepare.

Some larger organizations may also find it beneficial to take an additional step and create a much more detailed, formal RFP document. This request for proposals would be sent to potential CRM providers to solicit answers to a number of questions before scheduling any demos. The formal responses allow you to evaluate and compare the vendors and their system features and pricing in advance of the demonstrations. Many organizations use the RFP to limit the demonstrations to only the potential providers who are able to meet the organization’s budget and other requirements.

Once you have identified a few CRM systems that meet your requirements, you can begin the vetting process to select the right CRM system for your organization.

Tip 4: Direct the Demonstrations

It’s essential that the CRM demonstrations allow you to make an informed decision and adequately and accurately compare systems, features and pricing. It’s also important at this phase to again involve your users. CRM systems have a reputation for being notoriously difficult to implement, and the last thing you want is to be responsible for unilaterally selecting a system that then doesn’t meet user expectations. This can also help to make them more invested in system success.

It’s also important to structure the participation and demonstrations so you maximize the benefits.

First, it can be helpful to thin the field of participating CRM providers to a manageable number.

Next, select a group of users to participate. It can be good to choose users from different groups such as professionals and administrative, so you get some different perspectives.

Participants selected must have the time and inclination to participate and must be willing to sit through all of the demonstrations so they can accurately compare all the systems.

Finally, you may want to prepare the users by sharing the requirements and/or roadmap with them and asking them to be prepared to ask any questions they may have.

You should also prepare the providers. First, let them know how much time they have. A typical CRM demonstration can take between one and two hours.

Also let them know who will be participating and what their needs and interests are. If you have professional or executive users who have limited time for demonstrations, it can be helpful to direct the providers to spend the first 30 minutes to an hour of the demo on the features that are most relevant to those users.

Then they can step out and the rest of the time can be spent showing you the more detailed back-end functionality. Finally, be sure to leave at least 15 minutes at the end of the demonstrations for questions.

Tip 5: Check References

CLIENTSFirst CRM References Checklist

Before making the final commitment to a CRM system, it’s important to make sure you go through a thorough vetting process. It’s important to make sure you get all the information you need before finalizing your purchase.

First, ask the CRM vendor for references you can speak with. But don’t stop there. Talk to other companies or organizations in your industry who have used the software. Be sure to ask open-ended questions that will help you learn not only about the software, but also about other important areas. A few good questions to ask include:

  • Would you recommend the software?
  • Has the system performed as expected?
  • What were the biggest challenges with the implementation?
  • Were there any unexpected costs or delays?
  • What do you wish you had done differently during the selection and implementation?
  • How was the service after the sale?

For a comprehensive list of good questions to ask before finalizing the sale, check out our CLIENTSFirst CRM Reference Checking Questions Document.

Tip 6: Final Selection Steps

Once you have selected the right CRM system for your organization, there are still a few additional important details that require attention. You will want to have a formal scoping call with the provider to be able to accurately gauge the actual cost. The final price can vary depending on a number of variables including:

  • The number and types of licenses
  • Additional modules or software needed
  • Professional services to implement
  • Ongoing annual subscription or maintenance costs
  • Any proposed integrations
  • The types of training and materials
  • Data conversion and/or quality

If the price is an issue with your system of choice, there are also options. First, there may be room for negotiation. Alternatively, you can do a phased rollout to spread the costs over time. Some organizations prefer to start the rollout with Marketing and power users and then roll out to a small pilot group. Then additional groups can be added in later phases over time.

Finally, remember that in any sale, you are not finished until the paperwork is done. After the price is agreed upon, you will need to review the contract or agreement. While these documents may look official and final, in fact they are often open to negotiation, so it can be beneficial to modify some of the contract terms.

For instance, if the software is new to the market, you may be able to get a discount or arrange a beta test at a reduced rate.

Additionally, instead of paying the entire invoice up front, you can often negotiate payment terms that are stepped over time based on the satisfactory completion of key deployment steps. This can enhance your chances of CRM success by aligning your CRM vendor’s success with yours.

One Last Tip: Don’t Do It Alone

Selecting the right CRM system can be a daunting process. Most firms have never been through the process before – and few want to repeat it.

Article By Christina R. Fritsch JD of CLIENTSFirst Consulting

For more business of law legal news, click here to visit the National Law Review.

© Copyright 2022 CLIENTSFirst Consulting

Not So Fast—NCAA Issues NIL Guidance Targeting Booster Activity

Recently, the NCAA Division I Board of Directors issued guidance to schools concerning the intersection between recruiting activities and the rapidly evolving name, image, and likeness legal environment (see Bracewell’s earlier reporting here). The immediately effective guidance was in response to “NIL collectives” created by boosters to solicit potential student-athletes with lucrative name, image, and likeness deals.

In the short time since the NCAA adopted its interim NIL policy, collectives have purportedly attempted to walk the murky line between permissible NIL activity and violating the NCAA’s longstanding policy forbidding boosters from recruiting and/or providing benefits to prospective student-athletes. Already, numerous deals have been reported that implicate a number of wealthy boosters that support heavyweight Division I programs.

One booster, through two of his affiliated companies, reportedly spent $550,000 this year on deals with Miami football players.1 Another report claims that a charity started in Texas—Horns with Heart—provided at least $50,000 to every scholarship offensive lineman on the roster.2 As the competition for talent grows, the scrutiny on these blockbuster deals is intensifying.

Under the previous interim rules, the NCAA allowed athletes to pursue NIL opportunities while explicitly disallowing boosters from providing direct inducements to recruits and transfer candidates. Recently, coaches of powerhouse programs have publicly expressed their concern that the interim NIL rules have allowed boosters to offer direct inducements to athletes under the pretense of NIL collectives.3

The new NCAA guidance defines a booster as “any third-party entity that promotes an athletics program, assists with recruiting or assists with providing benefits to recruits, enrolled student-athletes or their family members.”4 This definition could now include NIL collectives created by boosters to funnel name, image and likeness deals to prospective student-athletes or enrolled student-athletes who are eligible to transfer. However, it may be difficult for the NCAA to enforce its new policy given the rapid proliferation of NIL collectives and the sometimes contradictory policies intended to govern quid pro quo NIL deals between athletes and businesses.

Carefully interpreting current NCAA guidance will be central to navigating the new legal landscape. Businesses and students alike should seek legal advice in negotiating and drafting agreements that protect the interests of both parties while carefully considering the frequently conflicting state laws and NCAA policies that govern the student’s right to publicity.

ENDNOTES

1. Jeyarajah, Shehan, NCAA Board of Directors Issues NIL Guidance to Schools Aimed at Removing Boosters from Recruiting Process, CBS Sports (May 9, 2022, 6:00 PM).

2. Dodd, Denis, Boosters, Collectives in NCAA’s Crosshairs, But Will New NIL Policy Be Able To Navigate Choppy Waters?, CBS Sports (May 10, 2022, 12:00 PM).

3. Wilson, Dave, Texas A&M Football Coach Jimbo Fisher Rips Alabama Coach Nick Saban’s NIL Accusations: ‘Some People Think They’re God,’ ESPN (May 19, 2022).

4. DI Board of Directors Issues Name, Image and Likeness Guidance to Schools, NCAA (May 9, 2022, 5:21 PM).

Article By Jonathon K. Hance, Joshua H. Gold-Quirós, and Drew Taggart of Bracewell LLP

For more entertainment, art, and sports news, click here to visit the National Law Review.

© 2022 Bracewell LLP

Hackers Go Phishing in Beeple’s Deep Pool of Twitter Followers

“Stay safe out there, anything too good to be true is a … scam.” Beeple, a popular digital artist, tweeted to his followers, addressing the phishing scam that took place on May 23, 2022, targeting his Twitter account. The attack reportedly resulted in a loss of more than US$400,000 in cryptocurrency and NFTs, stolen from the artist’s followers on the social media website.

After hacking into Beeple’s Twitter account, perpetrators tweeted links from the artist’s page, promoting a fake raffle for unique art pieces. The links would reportedly take the user to a website that would drain the user’s cryptocurrency wallet of their digital assets.

Phishing scams for digital assets, including NFTs or non-fungible tokens, have steadily increased, with funds as large as $6 million being stolen. Various jurisdictions have adopted privacy and security laws that require companies to adopt reasonable security measures and follow required cyber incident response protocols. A significant part of these measures and protocols is training for employees in how to detect phishing scams and other hacking attempts by bad actors. This incident is a reminder to consumers to exercise vigilance, watch for red flags and not click on links without verifying the source.

The remaining summaries of news headlines are separated by region for your browsing convenience. 

UNITED STATES

Relaxed Deaccessioning COVID-19 Exemptions Expire

The global COVID-19 pandemic brought many changes, including dire financial consequences of the shutdowns for museums. In April 2020, the Association of Art Museum Directors (AAMD) made a decision to ease the rules that dictate how museums may use proceeds from art sales. Until April 2022, museums were permitted to use the funds for “direct care of collections” rather than to procure new artworks for their collections.

This relaxed policy and some of the museums that followed it met with backlash on more than one occasion; others, however, advocate for its continuation, citing considerations of diversity and inclusion. Some further argue that a policy born out of financial desperation should be continued to provide museums with the means to overcome any future financial issues that may arise.

Given that “direct care” is vague and open to interpretation, opponents of the relaxed rules counter giving museums such latitude to decide on the use of the proceeds, as it can lead to abuses and bad decisions. While AAMD has returned to its pre-pandemic regulations, and museums have followed suit, it appears that the public debate around deaccessioning is far from over.

Inigo Philbrick Sentenced to a Prison Term

Former contemporary art dealer Inigo Philbrick was sentenced by a federal court in New York to serve seven years in prison for a “Ponzi-like” art fraud, said to be one of the most significant in the history of the art market, with more than an estimated US$86 million in damages. Philbrick stood accused of a number of bad acts, including forging signatures, selling shares in artworks he did not own and inventing fictitious clients.

New York Abolishes Auction House Regulations

As the U.S. government is studying whether the art market requires further regulations to increase transparency and to combat money laundering, New York City repealed its local law that required auctioneers to be licensed and required disclosures to bidders, including whether an auction house had a financial stake in the item being auctioned. While the abolition of the regulation was ostensibly to improve the business climate after the pandemic, some commentators note that the regulations were outdated and not serving their purpose in any event. As an illustration, a newcomer to an auction will likely struggle to understand the garbled pre-action announcements or their significance. Whether the old regulations are to be replaced with new, clearer rules remains to be seen.

EUROPE

Greece and UK to Discuss Rehoming of Displaced Parthenon Marbles

The Parthenon marbles, also known as the Elgin marbles, have been on display in London’s British Museum for more than 200 years. These objects comprise 15 metopes, 17 pedimental figures and an approximately 250-foot section of a frieze depicting the birthday festivities of the Greek goddess Athena. What museum goers might not know is that these ancient sculptures were taken from the Acropolis in Greece in 1801 by Lord Elgin.

Previously, the British government, seeking to retain the sculptures, relied on the argument that the objects were legally acquired during the Ottoman Empire rule of Greece. However, for the first time, the UK has initiated formal talks with Greece to discuss repatriation of the Parthenon sculptures. These discussions are expected to influence future intergovernmental repatriation negotiations.

ASIA

Singapore High Court Asserts Jurisdiction over NFTs after Ruling Them a Digital Asset

The highest court in Singapore has granted an injunction to a non-fungible token (NFT) investor, Janesh Rajkumar, who sought to stop the sale of an NFT that once belonged to him and was used as collateral for a loan. The subject NFT from the Bored Ape Yacht Club Series is a rarity, as it depicts the only avatar that wears a beanie. Rajkumar now is seeking to repay the loan and have the NFT restored to his cryptocurrency wallet. The loan agreement specified that Rajkumar would not relinquish ownership of the NFT, and should he be unable to repay the loan in a timely manner, an extension would be granted. Instead of granting Rajkumar an extension, the lender, who goes by an alias “chefpierre,” moved to sell the NFT. The significance of the Singapore court’s decision is two-fold: the court has (1) recognized jurisdiction over assets cited in the decentralized blockchain, and (2) allowed for the freezing order to be issued via social media platforms.

THE MIDDLE EAST

Illegal Trading Leads to Raiding of Antique Dealer by the Israeli Authorities

A recent raid on an unauthorized antiquities dealer in the city of Modi’in by the Israel Antiquities Authority recovered hundreds of artifacts of significant historical value, including jewelry, a bronze statue and approximately 1,800 coins. One the coins is a nearly 2,000-year-old silver shekel of great historical significance. The coin is engraved with the name Shimon, leader of the 132–136 C.E. Bar Kokhba revolt.

Investigations are ongoing to determine where the antiquities were obtained. The Antiquities Robbery Prevention Unit intends to charge the dealer and their suppliers upon obtaining this information.

Article By Jana S. Farmer and Meenka Maharaj of Wilson Elser Moskowitz Edelman & Dicker LLP

For more entertainment, art, and sports news, click here to visit the National Law Review.

© 2022 Wilson Elser

Alcohol Suppliers Hit with ADA Website Accessibility Lawsuits

The increasing popularity of online shopping is placing e-commerce businesses—specifically those in the alcohol beverage industry—in legal crosshairs. In lockstep with a recent uptick in website accessibility cases, plaintiff firms are sending pre-suit demand letters to alcohol suppliers and, in some cases, even filing a state or federal court lawsuit. These lawsuits—which are typically filed in California or New York—involve claims that a supplier’s website is not accessible to individuals who are blind in violation of Title III of the Americans with Disabilities Act (ADA) and related state laws. In these cases, plaintiffs seek attorneys’ fees, damages (only under state law) and injunctive relief that would require the website to conform with the Web Content Accessibility Guidelines (WCAG) standards, which have been broadly adopted by courts and regulators.

To prevail on a website accessibility claim, plaintiffs must first show that a defendant is a private entity that owns, leases or operates a “place of public accommodation.” Courts, however, are split on what it means for a website to be considered a place of public accommodation under Title III of the ADA. While some jurisdictions require that there be a “physical nexus” between the website and a brick-and-mortar store, other jurisdictions have permitted these cases to go forward against a website-only company that does not own or operate any physical retail location.

In addition to establishing that the supplier’s website is a place of public accommodation, the plaintiff must satisfy certain jurisdictional requirements which will depend upon whether products can be purchased directly from the website as well as whether the supplier ships to the state in which the suit was filed. Leveraging these defenses (among others) will be critical when it comes to either convincing the plaintiff to withdraw the claim, filing a motion to dismiss or achieving an early resolution on favorable terms.

Due to the rise in these website accessibility lawsuits, we encourage industry members to take a proactive approach:

  1. Train personnel on accessibility requirements and WCAG standards.
  2. Test the website against WCAG standards (through independent consultants or user testing).
  3. Retain testing documentation to demonstrate that users with disabilities can fully use the website.
  4. Assess potential areas of non-conformance with WCAG standards.
  5. Work with internal/external technical teams to implement accessibility features into the website.
  6. Develop an accessibility policy that informs users about the company’s accessibility practices.
  7. Consider including a link to the website accessibility policy on every webpage, including a reporting option that is appropriately routed to address accessibility issues.
  8. Regularly audit the website to assess its level of accessibility (particularly after website updates).
  9. Engage legal counsel to minimize litigation risk associated with website accessibility issues, including whether the ADA is applicable to the company’s website in light of the current state of the law.

Article By Jeremy White and Alva C. Mather of McDermott Will & Emery

For more biotech, food, and drug news, click here to visit the National Law Review.

© 2022 McDermott Will & Emery

Protection for Voice Actors is Artificial in Today’s Artificial Intelligence World

As we all know, social media has taken the world by storm. Unsurprisingly, it’s had an impact on trademark and copyright law, as the related right of publicity. A recent case involving an actor’s voice being used on the popular app TikTok is emblematic of the time. The actor, Bev Standing, sued TikTok for using her voice, simulated via artificial intelligence (AI) without her permission, to serve as “the female computer-generated voice of TikTok.” The case, which was settled last year, illustrates how the law is being adapted to protect artists’ rights in the face of exploitation through AI, as well as the limits of current law in protecting AI-created works.

Standing explained that she thinks of her voice “as a business,” and she is looking to protect her “product.” Apps like TikTok are taking these “products” and feeding them into an algorithm without the original speaker’s permission, thus impairing creative professionals’ ability to profit in an age of widespread use of the Internet and social media platforms.

Someone’s voice (and aspects of their persona such as their photo, image, or other likeness) can be protected by what’s called the “right of publicity.” That right prevents others from appropriation of one’s persona – but only when appropriation is for commercial purposes. In the TikTok case, there was commercial use, as TikTok was benefiting from use of Standing’s voice to “narrate” its users’ videos (with some user videos apparently involving “foul and offensive language”). In her Complaint, Standing alleged TikTok had violated her right of publicity in using her voice to create the AI voice used by TikTok, and relied upon two other claims:  false designation of origin under the Lanham Act and copyright infringement, as well as related state law claims. The false designation of origin claim turned on whether Standing’s voice was so recognizable that another party’s misappropriation of it could confuse consumers as to whether Standing authorized the Tik Tok use. The copyright infringement claim was possible because Standing created the original voice files for a company that hired her to record Chinese language translations. TikTok subsequently acquired the files but failed to get a license from Standing to use them, as TikTok was legally obligated to do because Standing was the original creator (and therefore copyright owner) of the voice files.

As with other historical technological innovations (one of the earliest being the printing press), the law often plays catch-up, but has proven surprisingly adaptable to new technology. Here, Standing was able to plead three legal theories (six if you count the state statutory and common law unfair competition claims), so it seems artists are well-protected by existing law, at least if they are alleging AI was used to copy their work or persona.

On the other hand, the case for protecting creative expression produced in whole or in part by AI is much more difficult. Some believe AI deserves its own form of copyright, since innovative technology has increasingly made its own music and sounds. Currently, protection for these sounds is limited, since only humans can be identified as authors for the purposes of copyright. Ryan Abott, a professor of law and health science at the University of Surrey in Britain, is attempting to bring a legal case against the U.S. Copyright Office to register a digital artwork made by a computer with AI as its author. The fear, says Abott, is that without rights over these sounds, innovation will be stifled — individuals will not have incentive to create AI works if they cannot protect them from unauthorized exploitation.

Article By Jeanne Hamburg of Norris McLaughlin P.A.

For more communications, media, and internet news,  click here to visit the National Law Review.

©2022 Norris McLaughlin P.A., All Rights Reserved

Shijiazhuang Market Supervision Bureau Fines Trademark Agency 50,000 RMB for Attempting to Trademark Olympic Gold Medalist’s Social Media Account

On May 18, 2022, the Shijiazhuang Yuhua District Market Supervision Administration issued an Administrative Penalty Decision against a Shijiazhuang trademark agency for attempting to trademark the name of Eileen Gu’s Douyin account (TikTok’s sister app in China). Eileen Gu won three gold medals in the Beijing Winter Olympics earlier this year and has become extremely popular in China.

On February 11, 2022, Wang XX, the legal representative of the trademark applicant Hebei Yi Biotechnology Co., Ltd., contacted Wang YY, a staff member of a trademark agency in Shijiazhuang, China, to apply for trademarks for Frog Princess Eileen in English and Chinese.  Frog Princess Eileen is the name of the 2022 Winter Olympics champion and model Eileen Gu’s (Gu Ailing) Douyin registered account. This account has released videos since August 29, 2018.  Ms. Gu won gold medals in big air and halfpipe and a silver medal in slopestyle at the 2022 Winter Olympics in Beijing. She then received a lot of media coverage and became famous, with a great reputation and influence. Therefore, Ms. Gu has the prior rights to the names of her Douyin registered account “Frog Princess Eileen” and due to their high popularity and influence, the scope of protection for “Frog Princess Eileen” is more powerful than the general right of trade names.

 

A promotional image from Gu’s recent campaign with Louis Vuitton. Credit: Louis Vuitton

 

At the same time, Ms. Gu made outstanding contributions to my China’s gold medal list in this Winter Olympics. Applicants other than Ms. Gu herself that register and apply for the trademarks “Frog Princess Eileen”  not only damages the prior rights of the Winter Olympic champion Gu but also damages the public interests of the society, which is easy to cause social damage and adverse effects. In this case, the trademark agency in Shijiazhuang, as a trademark agency agency for many years, nonetheless applied for a trademark even though it should have known or knew that the trademark would damage the existing prior rights of others.

Accordingly, the trademark agency was fined 50,000 RMB and Wang YY and Li (business personnel) were each fined 5,000 RMB.

The full text of the punishment is available here (Chinese only) courtesy of 知识产权界: 行政处罚决定书.

Article By Aaron Wininger of Schwegman, Lundberg & Woessner, P.A.

For more intellectual property news, click here to visit the National Law Review.

© 2022 Schwegman, Lundberg & Woessner, P.A. All Rights Reserved.

How to Create an Impactful and Authentic Pride Month Social Media Campaign for Your Company

June is Pride Month, which offers companies of all kinds a unique opportunity to celebrate, show support and raise awareness for LGBTQIA+ rights on their social media channels.

Businesses of all kinds and sizes can get involved, raise awareness and give back for Pride Month regardless of their budget or reach.

While Pride is most definitely a celebration, an impactful Pride campaign should include education, awareness, and center around people.

Celebrating Pride and showing your support for the LGBTQIA+ community is not a trend— and it shouldn’t be treated as such.

Here’s how to create and implement an impactful and genuine Pride Month social media campaign at your company.

The Do’s and Don’ts of Pride Month social media planning

Before you dive head-first into planning your corporate Pride initiatives, it’s important to get a wide range of employees involved in the planning process.

If your company has an LGBTQIA+ affinity group or diversity committee, collaborate with them or if you don’t have a group, consider convening a committee of employee volunteers of diverse backgrounds to serve as a sounding board and provide their input as your plans begin to take shape.

Please note: these volunteers should be compensated for their time and efforts in some meaningful way (vacation time, bonuses, gift cards, etc.). While it may be too late to do this for this year’s campaign, activate or assemble the group now for your 2023 initiative.

Don’t: Exploit social initiatives and conversations as a means to reach business goals.

Celebrating Pride and showing your support for the LGBTQIA+ community is not a trend— and it shouldn’t be treated as such.

If you’re simply posting rainbow-branded imagery (rainbow washing) during the month or posting about your commitment to the cause without having any real initiatives or actions to back it up, you’re just paying lip service to and perhaps exploiting yet another social initiative. Make sure your company can really walk the walk before you talk the talk. Performative allyship can backfire, alienating your employees, your clients, recruits, and others.

Remember that everyone (employees, clients, and the general public) is watching what you post online, even if they don’t actually like or comment on it.

Do: Ask yourself why you’re supporting this initiative and have a clear purpose.

Before publishing Pride-related content, ask yourself, are we actually adding value to this conversation? What are we hoping to gain from inserting ourselves into this conversation? What are our motivations? Is our company an actual safe space or inclusive environment that includes active and engaged allies?

Remember, Pride Month should not be about your business goals. You also don’t have to have accomplished all of your LGBTQIA+ related inclusion goals to commemorate Pride, but your efforts should be more than surface level.

Do: Support LGBTQIA+ initiatives year-round.

If you don’t already take steps to support the LGBTQIA+ community year-round, take the opportunity to discuss doing so with management and staff before Pride. June is only one month out of the year, a month where it’s arguably the “most acceptable” to show support for the LGBTQIA+ community. To be a true ally, it’s important to show this level of support year-round. Work to ensure that your company’s policies and practices are inclusive and address the needs of your LGBTQIA+ employees.

In addition to internally focused actions, consider how your true commitment can be reflected externally. There are many organizations to which you can donate and volunteer. Solicit voluntary feedback from your LGBTQIA+ employees and clients to ensure that they feel involved and included in the process.

Do: Educate yourself and those around you on the origins and history of Pride Month.

Pride Month has a rich, political history that companies often fail to understand and recognize as they participate in Pride Month. Pride Month is celebrated in June to honor the 1969 Stonewall Uprising in Manhattan — a tipping point for the Gay Liberation Movement in the United States.

Not only is Pride a time to recognize the progress that’s been made since the Stonewall Riots, but it’s just as important to acknowledge how far we still must go as a society, particularly considering recent efforts to overturn or narrow the progress that has been made. A successful Pride campaign should have education and awareness at its core.

Do: Make education and awareness the core of your campaign.

Ideas for content for your Pride Campaign can include educating your followers on the meaning behind the Pride flag, using posts to tell the history of the Pride flag, and what Pride means to your employees, and run their answers in Q&A posts.

Another idea is to create posts to help followers better understand Pride Month and provide resources to help people better educate themselves on the cause and support those of the LGBTQIA+ community.

In addition, spotlighting members of the LGBTQIA+ community is a helpful way to educate your followers and amplify the contributions of individuals.

No matter what you choose, create a campaign that is rooted in improving awareness and education amongst your community.

Do: Let inclusivity be at the core of your all campaigns.

Inclusivity should be an active mission as part of your Pride campaign, and for your future marketing efforts too. Aim to have better representation on social media for your community — that means including people of all marginalized or otherwise underrepresented voices.

If you really want to reach, represent, and support your diverse community, it’s time to make active shifts towards better inclusive marketing year-round. It’s less about what you need to do for Pride today and instead, how are you supporting LGBTQIA+ folks year-round?

Do: Put your money (and time) where your mouth is.

Instead of treating Pride like a marketing campaign, put your efforts toward an activity that will positively impact the LGBTQIA+ community.

While monetary donations can be helpful, volunteering at community events or spending time with LGBTQIA+ advocacy organizations can be more impactful for your employees.

Consider hosting or taking part in LGBTQIA+ programming and donating to local charities doing work in your community to support LGBTQIA+ initiatives.

Do: Use the right hashtags to be discovered

  • #lgbtqia
  • #lgbtqpride
  • #lgbtqhumanrights
  • #equality
  • #pridemonth
  • #loveislove
  • #pride

Every organization that wants to support Pride on social media can find a way to do so, we challenge you to do it in a way that is authentic, genuine, and impactful to your brand and most importantly, to your employees and your clients. The world is watching you, so challenge yourself by doing the right thing.

This article was authored by Stefanie Marrone of Stefanie Marrone Consulting, and Paula T. Edgar, Esq, the CEO of PGE Consulting Group LLC, a firm that provides training and education solutions at the intersection of professional development and diversity, equity and inclusion. 

For more legal marketing and law office management news, click here to visit the National Law Review.

Copyright © 2022, Stefanie M. Marrone. All Rights Reserved.

Small Businesses Don’t Recognize Risk of Cyberattack Despite Repeated Warnings

CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite repeated warnings by the Cybersecurity and Infrastructure Security Agency and the FBI that U.S.- based businesses are at an increased risk of a cyber-attack following Russia’s invasion of Ukraine, small business owners do not believe that it is an actual risk that will affect them, and they are not prepared for an attack. The latest survey shows that only five percent of small business owners reported cybersecurity to be the biggest risk to their company.

What is unfortunate, but not surprising, is the fact that this is the same percentage of small business owners who recognized a cyber attack as the biggest risk a year ago. There has been no change in the perception among business owners, even though there are repeated, dire warnings from the government. Also unfortunate is the statistic that only 33 percent of business owners with one to four employees are concerned about a cyber attack this year. In contrast, 61 percent of business owners with more than 50 employees have the same concern.

According to CNBC, “this general lack of concern among small business owners diverges from the sentiment among the general public….In SurveyMonkey’s polling, 55% of people in the U.S. say they would be less likely to continue to do business with brands who are victims of a cyber attack.” CNBC’s conclusion is that there is a disconnect between business owners’ appreciation of how much customers care about data security and that “[s]mall businesses that fail to take the cyber threat seriously risk losing customers, or much more, if a real threat emerges.” Statistics show that threat actors are targeting small to medium-sized businesses to stay under the law enforcement radar. With such a large target on their backs, business owners may wish to make cybersecurity a priority. It’s important to keep customers.

Article By Linn F. Freedman of Robinson & Cole LLP

For more cybersecurity legal news, click here to visit the National Law Review.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

DOJ Limits Application of Computer Fraud and Abuse Act, Providing Clarity for Ethical Hackers and Employees Paying Bills at Work Alike

On May 19, 2022, the Department of Justice announced it would not charge good-faith hackers who expose weaknesses in computer systems with violating the Computer Fraud and Abuse Act (CFAA or Act), 18 U.S.C. § 1030. Congress enacted the CFAA in 1986 to promote computer privacy and cybersecurity and amended the Act several times, most recently in 2008. However, the evolving cybersecurity landscape has left courts and commentators troubled by potential applications of the CFAA to circumstances unrelated to the CFAA’s original purpose, including prosecution of so-called “white hat” hackers. The new charging policy, which became effective immediately, seeks to advance the CFAA’s original purpose by clarifying when and how federal prosecutors are authorized to bring charges under the Act.

DOJ to Decline Prosecution of Good-Faith Security Research

The new policy exempts activity of white-hat hackers and states that “the government should decline prosecution if available evidence shows the defendant’s conduct consisted of, and the defendant intended, good-faith security research.” The policy defines “good-faith security research” as “accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services.”

In practice, this policy appears to provide, for example, protection from federal charges for the type of ethical hacking a St. Louis Post-Dispatch reporter performed in 2021. The reporter uncovered security flaws in a Missouri state website that exposed the Social Security numbers of over 100,000 teachers and other school employees. The Missouri governor’s office initiated an investigation into the reporter’s conduct for unauthorized computer access. While the DOJ’s policy would not affect prosecutions under state law, it would preclude federal prosecution for the conduct if determined to be good-faith security research.

The new policy also promises protection from prosecution for certain arguably common but contractually prohibited online conduct, including “[e]mbellishing an online dating profile contrary to the terms of service of the dating website; creating fictional accounts on hiring, housing, or rental websites; using a pseudonym on a social networking site that prohibits them; checking sports scores at work; paying bills at work; or violating an access restriction contained in a term of service.” Such activities resemble the facts of Van Buren v. United States, No. 19-783, which the Supreme Court decided in June 2021. In Van Buren, the 6-3 majority rejected the government’s broad interpretation of the CFAA’s prohibition on “unauthorized access” and held that a police officer who looked up license plate information on a law-enforcement database for personal use—in violation of his employer’s policy but without circumventing any access controls—did not violate the CFAA. The DOJ did not cite Van Buren as the basis for the new policy. Nor did the DOJ identify any another impetus for the change.

To Achieve More Consistent Application of Policy, All Federal Prosecutors Must Consult with Main Justice Before Bringing CFAA Charges

In addition to exempting good-faith security research from prosecution, the new policy specifies the steps for charging violations of the CFAA. To help distinguish between actual good-faith security research and pretextual claims of such research that mask a hacker’s malintent, federal prosecutors must consult with the Computer Crime and Intellectual Property Section (CCIPS) before bringing any charges. If CCIPS recommends declining charges, prosecutors must inform the Office of the Deputy Attorney General (DAG) and may need to obtain approval from the DAG before initiating charges.

Article By Kyle R. Freeny, Linda Ricci, Jena M. Valdetero, and Brittany M. Fisher of Greenberg Traurig, LLP

For more data privacy and cybersecurity legal news, click here to visit the National Law Review.

©2022 Greenberg Traurig, LLP. All rights reserved.