February 17, 2018 is fast approaching. Anyone who is anyone in the toy industry will be at Javits Convention Center showcasing the latest and greatest in toy innovation. All businesses in the toy industry are putting the final touches on their displays and their presentations. Is a meeting with the company’s lawyer on the pre-show checklist? If not, why not?
Consulting with the Company’s lawyer may save a company tens, even hundreds of thousands of dollars. The following is a short discussion of some of the items that should be on every toy company’s “To-Do” list prior to attending Day One of the New York Toy Fair.
- Intellectual Property.
At the very least, the company should consider applying for a trademark registration for the name of the company and its products. Unfortunately, the number one thing most companies forget or ignore until there is a legal battle ensuing is to properly protect the Company’s intellectual property, such as its name and the names of its products. Trademarks for product names are fairly inexpensive to search and protect, and yet, may cost a company dearly if those names were to become the subject of a cease and desist letter and resulting federal court infringement litigation. We defended a toy manufacturer in a trademark infringement lawsuit that allegedly infringed a competitor’s trademark. After two years and in excess of $50,000 in legal fees (pretty inexpensive in trademark dispute litigation) the matter was resolved. Consulting with counsel and filing the appropriate trademark applications could have avoided the huge waste of time and expense.
Another form of legal protection often overlooked is copyright for the toy’s design. If the design meets the requirements of a sculptural work, such as a plush toy design, then copyright can be a powerful tool in locking out your competition from the use of designs that are “substantially similar”. Prior to any trade show, toy companies must identify and protect its intellectual property, or risk the very goodwill of the company. Intellectual property can give a company significant value.
- Privacy and Security.
Toy companies, like all companies, must take steps to protect the data of the company, minimize the risk of a breach, and put in place technological and legal measures designed to decrease liability in the event a breach does occur. A comprehensive privacy program including but not limited to updated privacy notices, terms and conditions, internal policies, incident response plans and insurance coverage all geared toward reducing risk of legal liability is imperative if the company is to survive. If the toys being showcased are “smart” or “connected” toys, privacy and security issues involving the Internet of Things will be at the forefront of manufacturers’, retailers’, and consumers’ minds. Retailers seeking to avoid liability undoubtedly will have questions as to how the software works, what, if any, personally identifiable data is collected, how is it being stored, retained and destroyed. Additionally, if a third party vendor will be used to provide software for a smart or connected toy, the company must seek counsel knowledgeable in privacy and security in order to reduce legal risk to the company that may result from the use of such software.
- Labeling / Advertising.
Federal law requires product packaging and certain advertisements for toys and games intended for use by children 12 years of age and under to display cautionary statements regarding choking and other hazards. Safety related labeling and advertising for toys generally depends upon the category of toy and the age of the child for which the toy is intended. It is imperative that toy companies be familiar with these laws and engage counsel who is familiar.
For more information, please contact:
(312) 368-0100 or email@example.com.
The threat of the theft or accidental disclosure of electronic personal information is on the rise. On January 1, 2017, new legislation went in effect amending the Illinois Personal Information Protection Act (the “Act”) to expand the definition of protected personal information and increase certain security and notification requirements for data breaches. Important amendments to the Act include:
- Expanded definition of “Personal Information” for which notice of a breach is required to include certain medical and online account information. The definition of “Personal Information” includes an individual’s first name or first initial and last name and any of the following:
- social security number;
- driver’s license or State identification card number;
- account number or credit or debit card number, or an account number or credit card number in combination with any required security code, access code, or password that would permit access to an individual’s financial account;
- medical information (including any information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional, including such information provided to a website or mobile application);
- health insurance information (including an individual’s health insurance policy number or subscriber identification number or any other unique identifier); and
- unique biometric data generated from measurements or technical analysis of human body characteristics used by the owner or licensee to authenticate an individual, such as a fingerprint, retina or iris image, or other unique physical representation or digital representation of biometric data.
The definition of “Personal Information” also includes an individual’s user name or email address in combination with a password or security question and answer that would permit access to an online account.
- Expanded Notification Requirements. If a security breach involves an individual’s user name or email address, in addition to a password or security question answer that can allow access to an online account, notice is required to inform the individual that his account information has been breached and that he should promptly change his user name or password and security question or answer, as applicable, or to take other steps appropriate to protect all online accounts for which the individual uses the same user name or email address and password or security question and answer.
- Expanded Data Security Requirements for Data Collectors. Any data collector that owns, maintains, stores, or licenses records that contain Personal Information must implement and maintain reasonable security measures to protect those records from unauthorized access, acquisition, destruction, use, modification, or disclosure.
- Compliance with HIPPA. The Act also provides that any covered entity or business associate that is subject to and in compliance with the privacy and security standards for the protection of electronic health information established pursuant to the federal Health Insurance Portability and Accountability Act of 1996 (“HIPPA”) and the Health Information Technology for Economic and Clinical Health Act shall be deemed to be in compliance with the provisions of the Act, provided that notification of a breach is provided to the Illinois Attorney General within five business days of notifying the Secretary of Health and Human Services.
If you have any questions regarding the Personal Information Protection Act’s application to your business or your obligations under the Act, please contact:
firstname.lastname@example.org or 312-368-0100.