IP Governance: Patents, Copyrights, Trade Secrets, Trademarks. This is an executive summary of Intellectual Property Governance issues for C-Level executives including Chief Risk Officers and Chief Marketing Officers, audit committees, corporate counsel, trademark counsel, regulators, accountants, compliance officers and privacy officers.
Standards for safeguarding IP(tm): The core objective of sound IP Governance is to encourage the implementation of current standards, regulations and best practices so each IP owner takes responsibility for protecting their own IP from wasteful and fraudulent uses that harm corporate reputations, asset values, shareholder values, profitability and consumers.
Boards have a fiduciary duty to devote sufficient oversight to the management of IP assets. This is a core theme in the articles referenced below.
Intellectual Property Governance risk profiles are often similar to the risk profiles cited by FINCEN in their Anti-Money Laundering cases, i.e., lack of adequate internal controls, independent audits, senior management involvement, centralized risk management, staff training and submission of Suspicious Activity Reports.
Value impairments, wasted corporate assets, lost revenue, dilution/loss of IP monopoly rights, information security risks, fraudulent access to sensitive consumer information, the sale of fraudulent/counterfeit products and services, reputation risks, compliance risks, litigation risks, and potential regulatory fines are risks of IP infringements. Failure to enforce IP rights creates a triple waste with (1) the dilution and/or loss of the original IP monopoly right, (2) the waste of capital spent in obtaining and maintaining the unenforced IP and (3) loss of revenue from damages awarded the IP owner in IP infringement lawsuits.
In the worst trademark infringement cases, fake web sites from cyber criminals offer counterfeit products and/or phishing and malware risks, which are federal crimes. Industries at risk include financial, pharmaceutical, tobacco, luxury consumer brands and other retail products.
| Intellectual Property & Board of Director Responsibilities | "Corporate Officers and Directors Can Be Liable for Mismanaging Intellectual Property" "Every officer and director of a corporation, as a fiduciary, has an affirmative "duty of care", which is, broadly stated, a responsibility to diligently manage the affairs and assets of the corporation, and to consider the possible ramifications of its actions (or non-action). Injuries arising from the mismanagement or non-management of intellectual property fall, most commonly, into two general categories: waste and mis-valuation. Accordingly, for purposes of this paper, "intellectual property management" shall be considered to encompass both the utilization and valuation of intellectual property." Originally published in two parts in Patent Strategy & Management: Volume 1, Number 1 (May 2000); and Volume 1, Number 2 (June 2000). | "Potential Director Liability For Mismanagement of Intellectual Property Assets" By A. Jose Cortina, Of Counsel, Kilpatrick Stockton LLP |
"Why directors must take responsibility for intellectual property" By Robert Sterne and Trevor Chaplick, Issue 10 of IAM magazine, February/March 2005. |
"United States: Directors' responsibility for intellectual property in US corporations" By Robert Sterne, Trevor Chaplick and David J Berger. This article first appeared in IP Value 2006, Building and enforcing intellectual property value - An international guide for the boardroom." | | Chief Risk Officer | Audit/Risk Committee: Duty of Care; Operational Risks; Compliance; COSO; Reputational Risks | | IP Governance Issues | Corporate Governance Issues | | References to white papers by industry-thought leaders | Corporate Governance Task Force of the Tort Trial and Insurance Practice Section of the American Bar Association | | | | "Managing IP Risks in accordance with SOX" | "Victims of ID Theft Start Looking for Damages from Companies" | | By Gary Bender, Ernst & Young, 2/06 | American Bar Association Journal, 3/06 and Sponsored by: Section of Business Law; Section of Science and Technology Law, General Practice, Solo, and Small Firm Division; Section of Intellectual Property Law; Section of Administrative Law and Regulatory Practice; ABA Journal; and ABA-CLE. | | Federal Financial Institutions Examination Council (FFIEC) | FFIEC EBanking Audit Handbook (Regulatory section on Guidances last updated: 2003) | | "Sarbanes Oxley Obligations and Intellectual Property" | Article: April 6, 2006, "Protection Of Intangibles Under Sarbanes-Oxley" By Thomas Franklin, Esq., Townsend and Townsend and Crew LLP | | Seminar: April 8, 2006, American Bar Association's Business Section's IP Committee (Membership required) | | Trade Secrets | Trademarks | | "Duty to identify, protect trade secrets has arisen; Sarbanes-Oxley requires internal controls over how they are valued." | "Sarbanes-Oxley and Trademark Portfolio Management: Establishing Internal Controls for Compliance & Preventing Infringement" | | By R. Mark Halligan, Esq., a member of the American Bar Association's Business Section's IP Committee | By Paul W. Kruse, Esq., a member of the American Bar Association's Business Section's IP Committee |
| Suspicious Activity Reports | Corporate Identity Fraud | | "When bankers look the other way; Suspicious activity requires vigilance, not avoidance" an article from: Volume 14, Number 5 May/June 2005, American Bar Association - Business Law Today. By Tucker Ronzetti, Esq. | Corporate identity fraud risks include fraudulent brands, trademarks, domain names and related fake web sites with phishing and malware risks. These enable federal crimes that create privacy and security risks for consumers, hurt the corporate reputation and present public disclosure issues. | | FINCEN: Interagency Guidance - Sharing Suspicious Activity Reports with Head Offices and Controlling Companies (1/20/06) | "Phishing and Federal Law Enforcement", by Jonathan Rusch, Esq. (8/04) ABA Administrative Law & Regulatory Practice Section. |
FINCEN Commentary - SAR Review Issue #9 (10/05): "According to the Federal Bureau of Investigation, spoofing or phishing frauds attempt to make Internet users believe that they are receiving email from a specific, trusted source, or that they are securely connected to a trusted web site, when that is not the case. Spoofing is generally used as a means to convince individuals to provide personal or financial information that enables the perpetrators to commit credit card/bank fraud or other forms of identity theft. Spoofing also often involves trademark and other intellectual property violations." (http://www.fbi.gov/pressrel/pressrel03/spoofing072103.htm)
"Spoofing and Phishing" There were several reports of denial of service attacks, both distributed and single-source, on non-critical bank servers by spoofing the Uniform Resource Locator (URL) of the target financial institution.(30) To "spoof" is a hacker term that means to forge an identity. Spoofing has been used to describe many different types of malicious activities that involve forging an identity. For instance, in the previously mentioned reports, hackers launched a denial of service attack by initiating a Transmission Control Protocol (TCP) ping to millions of devices using the spoofed Internet Protocol address of the targeted device as a reply address.
There is another type of spoofing, however, that should be a larger cause of concern because it occurs with far more frequency than instances of direct hack attacks on bank-hosted servers in the sample. This variety of spoofing involves the creation of emails that appear to be legitimate emails from banks and/or bank regulators. These emails, through social engineering, encourage recipients to compromise their account information through illegitimate forged Uniform Resource Locators (spoofs). This collective activity is known as phishing, and it was the most pervasive activity reported in the sample when a suspect was unknown to the victim. Published industry reports indicate that as many as 20 email recipients out of 1,000(31) will respond to phishing, while other industry experts have recently argued that the ratio may be closer to 1 in 8.(32)
(30) Uniform Resource Locator (URL) is the unique address, which identifies a resource on the Internet for routing purposes, such as http://www.fincen.gov.
Of greater concern was that some filers, through a routine review of available domain names discovered forged websites that could easily be mistaken for their website. In one case, the filing bank contacted the "whois"(34) to determine why he had designed his web site to look like its web site. The contact advised the bank that he had broken no laws, refused to disable the site, and threatened a civil suit if the bank contacted him again. In another case, an angry bank customer engaged in a campaign of targeted spam on a bank customer support mailbox. Apparently, the customer was angry over a failed transaction, which he claimed lost him considerable amounts of money. In addition to threats and libel in the emails, the filer reported the email attack rendered the bank's exchange server useless for 24 hours."
| | GAO 05-231 Emerging Cybersecurity Issues Threaten Federal Agencies; federal agencies failing to monitor for trademark infringements and fake web sites (p 47) | | Overcoming Corporate Silo Risks: Need for a Chief Brand Officer | | Risk Metrics - Corporate Identity Fraud - Online Brand Rating(tm) | | Rating Models | | Bond Ratings: | Moody's, Standard & Poors | | Audit Integrity: | Accounting and governance reports to assure the accuracy of financial disclosures. | | Governance Metrics: | Rates companies on 600 different metrics, from board accountability issues to shareholder rights issues. |
| Investor Responsibility Research Center: | Corporate governance scoring system that analyzes and benchmarks governance data objectively. | | "Corporate Governance Score" from Standard & Poors: | S&P assesses corporate governance practices and polices. | | Online Brand Rating(tm): | Measures and rates exposure to corporate identity fraud based on IP Governance standards and regulations. |
|
info@ipgovernance.com www.ipgovernance.com www.ipgovernancetaskforce.com
Copyright © 2006-2005 TrademarkBots.com, Inc.
|
0 Comments:
Post a Comment
<< Home