There are several business blogs that I follow. Most of these are written by SaaS law / Internet law clients of mine or other Indiana businesses in technology industries. Lately I have been falling behind on them. This morning I am trying to catch up.
I came across a very good, brief video on Kristian Andersen + Associates' blog.
The video is from the Bigger Ideas/Smaller Indiana conference this past summer. In the video Kristian Andersen shares his feelings on central Indiana's business environment and our tendency to minimize our solid business culture by holding ourselves out as having two strengths to attract businesses and entrepreneurial ventures to Indiana:
#1 - Indiana has low housing costs.
#2 - Indiana is a great place to raise a family.
Don't get me wrong, these are great attributes of our region, but I agree with KA that they do not create cultural excitement or substantive value for businesses. If you look at top tier business environments, they certainly do not market themselves in this way. They sell value. They sell cultural significance. They sell networks and incentives.
Kristian, very nicely done!
~~~~~~
Alerding Castor Hewitt, LLP is an Indianapolis law firm focusing on business law, information technology law (including SaaS law and legal technology consulting), private equity consulting, and business and Internet litigation.
Posted Friday, November 13, 2009 by
David Castor
According to a recent Gartner research report, worldwide SaaS revenues are expected to grow 18 percent in 2009 to reach $7.5 billion. The report further stated an expectation for SaaS industries through 2013 when worldwide revenues are expected to top $14 billion for enterprise application markets.Gartner listed the top SaaS market segments for 2009 as follows:
1. Content, Communications and Collaboration (CCC) - $2.6 billion
2. Customer Relationship Management (CRM) - $2.3 billion
3. Enterprise Resource Planning (ERP) - $1.2 billion
4. Supply Chain Management (SCM) - $826 million
5. Office Suites - $68 million
6. Digital Content Creation (DCC) - $62 million
7. Other SaaS offerings - $472 million
2. Customer Relationship Management (CRM) - $2.3 billion
3. Enterprise Resource Planning (ERP) - $1.2 billion
4. Supply Chain Management (SCM) - $826 million
5. Office Suites - $68 million
6. Digital Content Creation (DCC) - $62 million
7. Other SaaS offerings - $472 million
My business law / Internet law practice focuses on representing technology businesses as general counsel through their business lifecycle. A number of my clients that are seeing rapid growth are in SaaS markets, primarily in CCC, CRM, and SCM markets. This report is encouraging news for SaaS businesses in Indianapolis.
~~~~~~
Alerding Castor Hewitt, LLP is an Indianapolis law firm focusing on business law, information technology law (including SaaS law and legal technology consulting), private equity consulting, and business and Internet litigation.
Posted Saturday, October 24, 2009 by
David Castor
I had the honor of speaking at the Masters of Business Online conference this last week. The conference was organized by Jim Brown of EverEffect. Jim and his team did a great job with the event. Last count I heard was approximately 250 in attendance.Here are a few blog posts that described the event:
Marketing Technology Blog by Doug Karr
Social Media Blog by Kyle Lacy
Silver Square Blog by Raquel Richardson
~~~~~~
Alerding Castor Hewitt, LLP is an Indianapolis law firm focusing on business law, information technology law (including SaaS law and legal technology consulting), private equity consulting, and business and Internet litigation.
Posted Wednesday, October 21, 2009 by
David Castor
I am speaking this afternoon at the MBO Conference on the Legal Landscape of Corporate Blogging. It was an honor to be invited to participate in this year's conference, and I am truly looking forward to the time.As an Indiana technology lawyer I monitor areas of law that impact my clients' business worlds. My colleagues and I monitor Internet laws, privacy laws, ASP law, SaaS law, cloud computing law, and various other areas of business law to best advise our clients on how to navigate the legal landscape of emerging technology fields. Blogging law is the topic for today's talk.
We will be covering areas such as copyright infringement, defamation claims, privacy laws and Section 230 protections. We will also address the recent FTC Guidelines on endorsements by bloggers.
This should be an interesting discussion.
Posted Wednesday, September 30, 2009 by
David Castor
Yesterday I had the honor of moderating the plenary panel on Funding Innovation in Indiana at the TechPoint Innovation Summit. This was just a great event. The panel members included Michael Brown of Battery Ventures - Boston, Michael Arpey of Credit Suisse - New York, Steve Hourigan of the 21st Century Fund, Mathias Schilling of BV Capital - San Francisco, and Bob Compton, a serial entrepreneur most recently founding Vontoo, LLC. I want to thank the members once again for their participation.
The panel members represent private equity investors, angel investor groups, and grant funding organizations which look for funding and investment opportunities in Indiana technology companies. Each came with unique perspectives and advice for businesses and business owners seeking funding. Each has been a part of funding innovation in Indiana in the past, and each are looking for opportunities in the future.
My firm focuses on SaaS law, Internet law and funding law for technology companies. We serve as general counsel to companies in these industries and have walked with several businesses through the funding process. I am very proud to have shared in the event this week with such a prestigious group.
My colleague, Janet Croswell, mentioned to me afterwords that our panel set-up looked much like Kramer's talk show on Seinfeld. See the picture above. She may be right!
Posted Wednesday, August 12, 2009 by
David Castor
For anyone involved in blogging or interested in information technology law or Internet privacy law, there is a strange case with some important lessons which was handed down by the District Court Western District of Kentucky last week. The case is Yoder v. University of Louisville, 2009 WL 2406235 (W.D. Ky. Aug. 3, 2009).The opinion is summarized well by Eric Goldman on the Technology & Marketing Blog.
Nina Yoder was a University of Louisville nursing student. She posted a blog post to MySpace entitled "How I Witnessed the Miracle of Life” that describes her first-hand observations from a school assignment to go watch a patient-mother giving birth.
Further…
Even if Yoder’s blog post was intended to be tongue-in-cheek, I can see why the blog post was so controversial. As just one example, the blog post repeatedly refers to newborn babies as "creeps." The court does not have kind words to describe the blog post, calling it "vulgar," "distasteful," "offensive," "crass and uncouth," and an "abject failure" as an attempt at humor. My personal take is that the blog post was, at best, ill-advised. I really can't imagine when I would want to work with a nurse who calls my baby a "creep," even if in jest, and (as discussed below) the amount of detail Yoder disclosed about her patient shows a reckless disregard for the confidentiality we expect from medical professionals.
When University of Louisville nursing school administrators discovered the post, they expelled Yoder from the nursing program on the grounds that she violated two contracts: the student honor code and a confidentiality agreement.
The linked opinion above quotes the entire blog post.
When University of Louisville nursing school administrators discovered the post, they expelled Yoder from the nursing program on the grounds that she violated two contracts: the student honor code and a confidentiality agreement.
The linked opinion above quotes the entire blog post.
The district court found that University of Louisville incorrectly interpreted the two contracts and reversed the school’s expulsion, ordering Yoder be reinstated into it’s School of Nursing.
Precision in Contract Drafting
Regarding the honor code, the court based its opinion heavily on the school’s lack of precision in the contract. The court noted that the school failed to provide a definition for the standard of “professionalism” in the contract (also, apparently the dean of the school could not provide a definition during a deposition). The court ultimately determined that the blog post was not unprofessional, but rather purely non-professional and, therefore, not governed by the contract.
I think the court’s decision here is poor. I suspect the School of Nursing intended for it’s professionalism standard in the honor code to extend beyond the borders of university grounds. The fact is that a full time nursing student is writing about experiences from her profession. When she wrote it should have no bearing. What she is writing about should be determinative.
This is a good note for anyone drafting or negotiating contracts. Lack of precision in use of contract terms can come back to haunt you. The school should blame themselves for the poor drafting.
Personally Identifiable Information
Regarding the confidentiality agreement, the more interesting determination by the court (in my opinion) is related to the personally identifiable information of the patient. The court found that Yoder did not disclose any personally identifiable information of the patient in her blog post. As stated by Goldman:
The defendants allege that the blog post disclosed "the following identifying information about the birth mother: the number of her children; the date that she was in labor; her behaviors; the treatment that she underwent (an epidural); her reaction to labor (vomiting); and the reactions of her family." The court says that none of this information was personally identifiable to the patient or her family because the post "does not disclose the birth mother's name, address, social security number, or the like. It does not disclose her age, race, or ethnicity. The Blog Post does not contain ‘financial’ or ‘employment related information’ about the birth mother. It does not disclose where she was in labor."
Disclosure of personally identifiable information is a HUGE issue in Internet law, information technology law and intellectual property technology law. While certain foreign governmental entities, like all members of the European Union, treat all personally identifiable information as belonging to the individual, and thereby protected, the U.S. treats such information as commercial and only protects certain sensitive types of information under regulation (e.g., online information about Children; medical information; certain financial information).
Here the court was presented with medical information – meaning the patient’s personally identifiable information is protected. Yoder signed a confidentiality agreement agreeing with the school to not disclose such information to others. The court’s determination that her disclosure was not a breach of this agreement draws an extremely narrow view of what constitutes personally identifiable information. A lot of questions are left open. If the information is enough to infer identity, is that enough (this Court seemed to take a view that it had to expressly disclose identity)? If the information is enough to package with other investigated information, is that enough (e.g., could a reporter find out identity by tying together the broad information that was disclosed in the post with other information that was found in a reasonable search of other hospital records)?
In the business law and technology law world, companies often agree to security standards to protect personally identifiable data. This has been pushed over the last decade by the stringent EU regulations. Clarifying the line of what constitutes personally identifiable information is an area of business that is becoming more important and an area of law that will see more and more attention in U.S. courts. Again, the Court here took a very narrow view – but it probably is not wise to base your security models on this decision.
~~~~~
Note: For Indiana entities, this case law is neither binding in Indiana state courts or it's federal district courts. However, it is considered persuasive precedent should a court in Indiana be presented with similar issues.
Posted Saturday, June 27, 2009 by
David Castor
Section 230 of the Communications Decency Act (47 USC 230), entitled “Protection for private blocking and screening of offensive material”, is an important federal statute for any interactive computer service provider. As a technology lawyer, my law practice largely focuses on SaaS law, software licensing law and Internet based businesses, this statute impacts several of my clients.The statute essentially provides protection for providers of interactive computer services against information published by third parties on their site, provided that “a provider of interactive computer service shall, at the time of entering an agreement with a customer for the provision of interactive computer service and in a manner deemed appropriate by the provider, notify such customer that parental control protections… are commercially available that may assist the customer in limiting access to material that is harmful to minors. Such notice shall identify, or provide the customer with access to information identifying, current providers of such protections.”
Where the notification requirement is met, Section 230 provides certain protections from liability when users encounter objectionable material through the Internet service. 230 essentially divides online content into first party content and third party content and says that online parties cannot be liable for third party content unless (1) it is covered by the Electronic Communications and Privacy Act (protection of individual’s communications via technology by government officers without court order), (2) federal criminal enforcement, or (3) intellectual property claims.
I often read the Technology & Marketing Law Blog by Eric Goldman. In a recent post, Professor Goldman summarizes liabilities under Section 230. Here is an excerpt:
Despite 230, websites always remain liable for first party content.
* Ex 1: if they post their own content, they are liable
* Ex 2: if they make marketing representations, they are liable under standard doctrines like contract and false advertising law. Even so, some courts have been giving websites a pass for marketing representations which are rendered untrue by third party actions.
* Ex 3: Barnes v. Yahoo: website can by liable under promissory estoppel theory if it promises to remove third party content
Plaintiffs often try to argue that third party content becomes first party content.
* Ex 1: website contract may take ownership of user-supplied content
* Ex 2: SEC says that issuers endorse/adopt content that they link to
However, these arguments generally fail under 230. If content starts out as third party content, there is almost nothing the website can do that will convert the content into first party content. As a result, agency civil enforcement actions can unexpectedly run afoul of 230 when they collapse the distinctions between first party and third party content.
However, there is a possible workaround. In the Roommates.com case, the Ninth Circuit said that websites can lose their 230 protection in civil cases if they “encourage illegal content” or “require users to input illegal content.” The FTC is relying on this language in its recent Pricewert/3FN enforcement action against an Internet access provider who facilitated customers allegedly engaged in illegal activities.
As a final point, with the global nature of many ISPs, it is worth noting that many other countries do not afford the protections that the US provides under Section 230 (e.g., certain first world countries have found ISPs liable for negligence where they have failed to investigate material or user published content). For Internet based companies doing business globally, it is worth considering the application of Internet laws of those countries.* Ex 1: if they post their own content, they are liable
* Ex 2: if they make marketing representations, they are liable under standard doctrines like contract and false advertising law. Even so, some courts have been giving websites a pass for marketing representations which are rendered untrue by third party actions.
* Ex 3: Barnes v. Yahoo: website can by liable under promissory estoppel theory if it promises to remove third party content
Plaintiffs often try to argue that third party content becomes first party content.
* Ex 1: website contract may take ownership of user-supplied content
* Ex 2: SEC says that issuers endorse/adopt content that they link to
However, these arguments generally fail under 230. If content starts out as third party content, there is almost nothing the website can do that will convert the content into first party content. As a result, agency civil enforcement actions can unexpectedly run afoul of 230 when they collapse the distinctions between first party and third party content.
However, there is a possible workaround. In the Roommates.com case, the Ninth Circuit said that websites can lose their 230 protection in civil cases if they “encourage illegal content” or “require users to input illegal content.” The FTC is relying on this language in its recent Pricewert/3FN enforcement action against an Internet access provider who facilitated customers allegedly engaged in illegal activities.
~~~~~~
Alerding Castor is an Indianapolis law firm focusing on business law, information technology law (including SaaS law and legal technology consulting), private equity consulting, probate and business litigation.
