Monday, December 31, 2018

Small Business Planning

Small business planning should not overlook how data will integrate with its business process, especially as daily functions creates records.  Considerations must include data storage, access, transfer, backup, and retrieval. Data management contracts are crucial. See

Saturday, December 29, 2018


Startups struggle by trying DIY only to find issues down the road costing more than anticipated. Sound counsel is always needed for trademarks, copyright, contracts, negotiations, litigation of dispute issues, privacy infringement, etc.  See

Tuesday, December 18, 2018

Business Counsel

Copyright Issues, trademark business issues, startups, and contracts, Lorenzo Law  Firm, P.A.

Monday, August 20, 2018

Startup Business – Planning the Start

Startup business usually starts before they start.  May sound confusing but, the planning should be deemed as the start.  Also, people get to start spreading the word before they start.  That makes sense.  People want others to know what they are embarking on and how their venture will be a good service or a good product for the public at large.  Cheap and easy advertising is by word -of-mouth. This piece will touch on planning.  This is not the writing of the business plan that you usually see on blogs. It is the planning that involves the dreaded person that everyone enjoys making fun of, but most surely seek when they are in trouble.

Beyond the desire of getting free counseling to make a profit, there is the focus of seeking what is needed at the most minimal cost to start a business.  Seeking free legal advice to make a profit sounds ideal.  You may buy a ready-made will and once the dreadful day comes, your family learns that there was a glitch with the enforceability of your loved one’s will.  Yes, that means you need to call a lawyer. Darn!

Are you sure what you are about to do is right or legal?  Licensing issues do creep up with startups as securing rights to intellectual property. In the previous piece, Startup Business – More Than an Idea,  I mentioned the matter involving intellectual property.  For instance, a client may want to present a jingle with their advertising and fail to secure permission for its use, even if it is just 2 to 4 four bars of music. Or, maybe there is a snazzy pic that would make their website pop to the Internet searcher’s eye or make the site look more professional.   Securing permission is usually overlooked, not done, and yes, not doing so, will  cause callers to seek, not legal advice, but seek legal representation instead.  The former is cheaper than the latter.

Regulatory compliance for the service and or product usually falls in the category of consumer protection.  This may involve safety concerns, fraud concerns, and financial security concerns.  Each of these three present a wonder pandoras box for startups.  Calls are always made by entrepreneurs seeking free advice, seeking to know if what the caller wants to do is legal.  The reason a responsible lawyers will not dispense the proverbial “free” okay over the phone, is because they may not have all the information the caller is truly willing, and should be conveying about the venture, to convey “outside” of the attorney client relationship. The responsible lawyer is respecting his or her own professional integrity while the caller, gets frustrated by not getting the information being sought. How can anyone expect to get valid advice from piecemeal information?  How should anyone rely on advice provided over the phone from piecemeal information?  Something is certainly not kosher here.

Every venture has requirements and many requirements may not only be governmental and regulatory.  Your state's attorney generals' office may have a say about you intended business.  Checking with the local Chamber of Commerce is not a bad idea, also.  The rising entrepreneur may learn that the requirements may be set by vendors used to carry out the service, such as using an Amazon platform for an ecommerce site.  There are policy guidelines that must be followed, or else risk be deemed deceptive, anti-competitive, intellectual property infringer, or a fraudster.  The need for disclosures always gets the entrepreneur in trouble. Not thinking that there must be some transparency is also troublesome.  If the intended business intends to handle credit payments, be ready to answer to compliance requirements and the disclosures required on handling private consumer information.  Again, transparency may be troublesome, but it protects consumers.  So, the entrepreneur should be prepared to meet that planned requirement.

As a secondary piece on startups, the planning usually incorporates notions of permissions and requirements for permission, including what type of disclosers are needed.  Licensing required and the process for acquiring the needed licensing should be on the planning list.  Making sure the process does not deviate from what is permitted, is the dance for success in the business world and of avoiding the court room.  Careful planning  goes a long way.  As stated before, getting to know what to do, how to do, when to do, and in what order these things need to get done, is valuable for success, and needs to be planned out.  Starting a successful business is not for the hasty of heart.

#Business #Startup #Planning #Internet #Intellectualproperty  copyright 2018

Wednesday, August 15, 2018

Contracts Online, with Who?

Contracts online are formed every day without any thought to their import.  They may be enforceable or not.  Many parents allow their minors to use their parents’ credits cards or the debt card given to them by their parents to shop online, for say, school clothes. That mad rush for tax free holiday prior to the start of school brought a tremendous amount of online sales for retailers.  Many retailers did not know that the buyers they sold to via their ecommerce site, was not of legal age. Wow!

Ecommerce is here to stay, and so will the online contract for the purchase of the sale of goods.  These transactions are all too common now.  This is evidence by the reduction of brick-n-mortar stores around the country.  While principles of contract require a meeting of the minds between the seller and the buyer, many buyers do not care to read the terms of what they are agreeing to buy.  Making the purchase is of utmost importance and the buyer will not allow anything to stand in the way of the purchase of those hot sneakers or a t-shirt.

Many sales are taking place between states across state lines. While on the paper contract the parties know each other, that is not the case online. One thing for sure that distinguishes the in-person contract from the online contract, there is no room for a bargain.  The dance of the bargain is gone when buying online. The only option the buyer has is to shop around for a comparable item at a lower price from another online vendor.

So, the electronic age has brought upon the electronic contract.  Where the buyer must agree to the terms of the sale and the agreement.  The buyer must affirm acceptance of the terms of the sale and the buyer must express that he or she understands the terms of the sale.  The Uniform Electronic Transactions Act (UETA) was specifically passed by Congress to recognize and validate the electronic transaction process.  The importance of this Act is that the electronic record of the transaction  can then be used to affirm the existence of a contract.

While the UETA does not provide for authenticating the signature of the buyer  as a form of electronic signatures, the E-Sign Act does (Electronic Signatures in Global and National Commerce Act).  State laws that differ are preempted.

While contracts online do not change the principles of contracts, the online contracts change the landscape of contracting. It is crucial for the seller to know who they are selling to and if they are of legal age to contract.  The Children’s Online Privacy Protection Act (COPPA) was intended to protect children while online. The online process for authentication would required collecting of private information.  If the buyer does not have contractual capacity, then there is a problem with the contract’s enforceability.  What information is the merchant actually getting when a minor is seeking to buy online? The merchant does not know who its and if it is a minor, if there is parental supervision over the transaction, for example for anti-depressant pills from another country.

There are ways that merchants are trying to solve this conundrum.  Email point of verifications are being used by merchants and asking the buyer to set up an email and identification criteria in hopes of future sales and to verify authenticity and identification of the buyer.  Text and instant messages are also used by merchants to provide and additional layer of identification.

While contracts have gone digital the basis of a contract remain the same with a few wrinkles to consider, from a merchant’s perspective. From a parent’s perspective, “what are you doing?” It is not a good idea to allow your minor to use your credit card and passing themselves on as if they are you in making a purchase online.

While this piece touched upon online contracts, it did not cover the online contracts for business, merchants, distributers, and manufacturers, i.e. the end-user license contracts.  This type of contract online does allow for the seller to get the identify the buyer/licensee of the product.  So, as digital contracts are formed daily in the hundreds of thousands, loading up cloud storage databases throughout the country, digital transactions are crossing state lines, and contracts may or may not be enforceable.  The world of ecommerce has also brought upon entrepreneurs who are also under age and are entering into online contracts.  Who is to tell? Wow!

#contracts #ecommerce #internet #sales #business  copyright 2018

Monday, August 13, 2018

Startup Business -More than an Idea

Startup Business criteria for the idea-person and the money-person, backing the venture, is always easily skewed toward “what’s the least that it will take to get going”.  Going into the wild of business with the startup entrepreneurial spirit is fascinating and laudable.  Many venture off with the chutzpa without seeking legal counsel  and resort to copying online content from other sites in the related service or product, this even includes copying someone else’s “terms-of use”, cookie policy, and disclaimers, among others. Big mistake.  Many do not think there is an entity called the Federal Trade Commission. Ever heard of the saying, “penny-pinching-pound-foolish”?  Copy cats always pay a price.  Unfortunately, all-too many fall into this criteria and struggle to get ahead and do not get to see the dream venture thrive.

It’s all in the name
A startup business usually starts with an idea before the name.  Getting an attractive name may sound good and many online pundits will tell you about the need for a snazzy name.  But, be on the lookout because someone else may already have it and are using it.  There may be a state level trademark filing, there may be a federal filing. There may even be a domain registry identical to your ideal name. Believe me, litigation is not fun for the plaintiff or the defendant, though as a lawyer engaged in this type of work, its enjoyable.  There are always concerns with cybersquatting, reverse domain name hijacking, and trademark infringement that loom the entrepreneur.  The everyday entrepreneur needs to get beyond the name and address its value and how it identifies the entity to be established.

The novel Idea
Every thought, of course is considered new and never to be thought of before.  However, there are too many ideas bouncing around in conversations in the market place, in incubators, and in co-labs that strike many fancies.  The idea most likely is not novel. Risks are at every turn if not checked accordingly to guard against committing an infringement or begging for one by not seeking to protect your “novel idea”.  Going solo without counsel begs for trouble in many unseen corners in the marketplace.  Being active in your local chamber will quickly make the entrepreneur aware of the novelty of the idea in the surrounding city or the “Internet”.

Process and Information
It is amazing how much information is gathered by businesses about their business process, customers, and services that are utilized.  This information is not even captured to begin to tell the entity if they are doing the right thing for their business and their clients.  Many resort to surveys, but the actual calls and orders will tell a different story about services and your business.
With all that information, there comes the responsibility to store it. Storing information for some future use comes with an obligation to respect customer privacy.   What the entity decides to store is also crucial. It is crucial for business success if handled and learned from to deliver better services.  It is also crucial for maintaining the information management integrity where customers trust your entity with their means of payment information and their personal identifying information (PII).  Carefully thought out platform for managing information is not usually on the top of your everyday entrepreneur’s list of priorities.

As an introductory piece on startup business, in general, this is just to point out some observations from years of advising entrepreneurs and witnessing their mistakes along the way, especially when they return to tell of their saga.  The eagerness at the beginning is productive but it can also get you in trouble fast.  Either money vanishes fast or their idea is already in use.  Careful planning and seeking advice go a long way.  Investing in planning and getting to know what to do, how to do, when to do, and in what order these things need to get done, comes from experience, and there is value with that experience.  Not all free information on the Internet is credible and business advice sought from blogs should be taken with a grain of salt.  In business, venturing off into the marketplace and serve customers and clientele involves more than just an idea. More startup business notions will follow that will shed some light on things all too often overlooked by entrepreneurs.

#business #startups #contracts #Florida copyright 2018

Friday, June 9, 2017

Internet Cybersecurity and Data Security

Internet news events are reported daily about computer abuse, hacking, data theft and malware, nationally and internationally.  The concept of cybersecurity, as a term, appears bounced around by writers, scholars, politicians, and news media, short of carefully determining what it encompasses and how cybersecurity relates to the Internet.  Around the world the term is used loosely as well and causing debates. The same can be said of ‘data security,’ it’s sibling.  From an operational aspect of advising clients, a clear understanding is needed of what we are talking about.  It is also important as notice letters are devised to send to the affected public in the event of a cyber incident regarding a data breach, cyber-attack, or cyber theft.  When an entity is developing policies, it is important to define these clearly for the benefit of personnel training, administrative audits, cyber audits, compliance reviews, cloud contracts, data storage agreement, and even securing insurance coverage.  Unfortunately, the terms have been used interchangeably and been misused.  The term ‘cyber’ began to be loosely used after President Obama referred to the subject by using the term ‘cyber’ in seeking to appoint a ‘Cyber Adviser.’  What would have been more appropriate term was ‘data security,’ because the issue was about data and information protection of physical information. Ever since, the terms have been loosely used by academics, in and around state legislatures and as well among members of the U.S. Congress in their usual parlance.  However, operationally, in practice dealing with clients and their issues, the terms should not be dealt loosely and should be termed appropriately.  Not ironing out these terms and their applications will draw countries to not see eye-to-eye on how to cooperate on cyber events, when cyber events have a global impact as did the WannaCry  malware.

This post seeks to clarify the terms to avoid further misuse and mischaracterization of the terms when they are referred to in business and in entity operations, policy implementations, and in legal discussions.  As they are loosely used, they are given the meaning for protecting information from unauthorized access, and that had made some sense.  The failure to distinguish allows for gaps in insurance coverage and misdiagnosed issues in audits and in personnel evaluations for their performance measures.  The same can be said that by the failure to make the valid distinction, appropriate information technology performance is as well misdiagnosed.  In governmental policy circles cybersecurity is the prevailing nomenclature, however, the federal legal provision that addresses cybersecurity is termed as the Federal Information Security Management Act (FISMA).  Among information technology professionals and in select industries, such as in accounting, financial, and in the medical areas, the term referred to as is information insecurity.  Yet that terminology requires clarification because an important consideration is the actual form of of the information. 

As we consider the form of information and its means, we also need to realize the differences.  The Internet and the digital age is here and the information that we derive from digital networks and process means can be termed data, digital documents, digital records, as opposed to physical information.  Once that physical information is digitized, it becomes digital data.  For purposes of addressing systems, networks, and platforms, cyber security is most appropriate.  For purposes of addressing the element of communication, or what is being transferred, sent, stored, or received, data security is most appropriate.  As files are maintained any entity’s concern is appropriately with its network integrity or network security.  Because of the interface of servers being accessed amid multiple users accessing, transmitting, and sharing the data, the practical reference is cybersecurity as it addresses the integrity of the system managing the activities and functions of the digital features of the data.  So, cybersecurity is the macro systemic interface activity of networks, Internet, Intranet, email trunks, remote access relays, and data channels involved in the transmission, storage, and maintenance.  Hence, cyber security is about the system.  The technical application of the term is cyber security involves the technologies, algorithms, software, networks, and devices to protect the amalgamation that comprises the computing system from intrusions and to conduct diagnostics of its security system.

Data security is the process of addressing unauthorized access.  As data-security is applied, the issues discussed cover unauthorized disclosure and access, breach of confidentiality, and misappropriation.  Such characterization gives rise to a focus on the management or administration of data that is transmitted through the system.  This gives rise to the concepts of data hygiene, analytics, and data governance.  The data lives in the system.  Data security is about what is transmitted through the system.   Another way to describe the distinction is that data security involves the interaction of humans, artificial intelligence (AI), encryptiontechnology management, and software processes for the digital realm, in securing and protecting data from breaches within the cyber system.  Essentially, data security is the intended benefit of cyber security or of protecting the system, network or platform.

The Internet function blurs the distinction for many businesses and entities.  This blurring has given rise to debates on how to address information securityprotection of data, data governance, Internet governance, network protection, Internet of Things security, and Industrial Internet of Things security.  The debates will continue even among governments, organizations, and private entities about responding to cybercrimes and addressing Internet governance, vis-à-vis billions of individuals resorting to the Internet for freedom, freedom of expression, pursuit of knowledge, conduct business, transferring and transmitting records, even executing financial transactions.  The terms appear related and they are; but the practical approach to resolving how best to address the critical events faced daily with every cyber incident, requires a clearer distinction.  Until we have a clear understanding, the lag between law being at step with cyber events will widen and the learning curve for employees, managers, corporate officers, and government officials and lawmakers will, as well, continue. 

Lorenzo Law Firm, P.A., copyright 2017