Trademark

A trademark is a word, phrase, logo, shape

or sound that identifies a source of goods or
services. For example, the Nike “Swoosh,” the
Facebook “f”, and Apple’s apple (with a bite
taken out of it) are all trademarked. The
concept behind trademarks is to protect the
consumer. Imagine going to the local shopping
center to purchase a specific item from a
specific store and finding that there are several
stores all with the same name!
 Two types of trademarks exist – a common law
trademark and a registered trademark. As with
copyright, an organization will automatically receive a
trademark if a word, phrase, or logo is being used in the
normal course of business (subject to some restrictions,
discussed below). A common law trademark is
designated by placing “TM” next to the trademark. A
registered trademark is one that has been examined,
approved, and registered with the trademark office,
such as the Patent and Trademark Office in the US. A
registered trademark has the circle-R (®) placed next to
the trademark.
 As long as an organization uses its trademark and defends it
against infringement, the protection afforded by it does not expire.
Because of this, many organizations defend their trademark against
other companies whose branding even only slightly copies their
trademark. For example, Chick-fil-A has trademarked the phrase
“Eat Mor Chikin” and has vigorously defended it against a small
business using the slogan “Eat More Kale.” Coca-Cola has
trademarked the contour shape of its bottle and will bring legal
action against any company using a bottle design similar to theirs.
Examples of trademarks that have been diluted and have now lost
their protection in the US include: “aspirin” (originally
trademarked by Bayer), “escalator” (originally trademarked by
Otis), and “yo-yo” (originally trademarked by Duncan).
Information Systems and Intellectual
Property
The rise of information systems has resulted
in rethinking how to deal with intellectual property.
From the increase in patent applications swamping
the government’s patent office to the new laws
that must be put in place to enforce copyright
protection, digital technologies have impacted our
behavior.
Privacy
The term privacy has many definitions, but for
purposes here, privacy will mean the ability to
control information about oneself. The ability to
maintain our privacy has eroded substantially in
the past decades, due to information systems.
Personally Identifiable Information
Information about a person that can be used to uniquely establish that
person’s identify is called personally identifiable information, or PII. This is a broad
category that includes information such as:
• Name;
• Social Security Number;
• Date of birth;
• Place of birth;
• Mother‘s maiden name;
• Biometric records (fingerprint, face, etc.);
• Medical records;
• Educational records;
• Financial information; and
• Employment information.
 Organizations that collect PII are responsible to protect it.
The Department of Commerce recommends that “organizations
minimize the use, collection, and retention of PII to what is
strictly necessary to accomplish their business purpose and
mission.” They go on to state that “the likelihood of harm caused
by a breach involving PII is greatly reduced if an organization
minimizes the amount of PII it uses, collects, and stores.”[10]
Organizations that do not protect PII can face penalties,
lawsuits, and loss of business. In the US, most states now have
laws in place requiring organizations that have had security
breaches related to PII to notify potential victims, as does the
European Union.
Non-Obvious Relationship Awareness
Digital technologies have given people many new capabilities
that simplify and expedite the collection of personal information. Every
time a person comes into contact with digital technologies, information
about that person is being made available. From location to web-
surfing habits, your criminal record to your credit report, you are
constantly being monitored. This information can then be aggregated
to create profiles of each person. While much of the information
collected was available in the past, collecting it and combining it took
time and effort. Today, detailed information about a person is available
for purchase from different companies. Even information not
categorized as PII can be aggregated in such a way that an individual
can be identified.
 This process of collecting large quantities of a
variety of information and then combining it to
create profiles of individuals is known as Non-
Obvious Relationship Awareness, or NORA. First
commercialized by big casinos looking to find
cheaters, NORA is used by both government
agencies and private organizations, and it is big
business.
 In some settings NORA can bring many benefits
such as in law enforcement. By being able to identify
potential criminals more quickly, crimes can be solved
sooner or even prevented before they happen. But these
advantages come at a price, namely, our privacy.
Restrictions on Data Collecting
In the United State the government has strict guidelines on
how much information can be collected about its citizens. Certain
classes of information have been restricted by laws over time and
the advent of digital tools has made these restrictions more
important than ever.
Children’s Online Privacy Protection Act

Websites that collect information from children

under the age of thirteen are required to comply with
the Children’s Online Privacy Protection Act (COPPA),
which is enforced by the Federal Trade Commission
(FTC). To comply with COPPA, organizations must
make a good-faith effort to determine the age of
those accessing their websites and, if users are
under thirteen years old, must obtain parental
consent before collecting any information.
Family Educational Rights and Privacy Act

The Family Educational Rights and Privacy Act (FERPA) is a

US law that protects the privacy of student education records. In
brief, this law specifies that parents have a right to their child’s
educational information until the child reaches either the age of
eighteen or begins attending school beyond the high school level.
At that point control of the information is given to the child.
While this law is not specifically about the digital collection of
information on the Internet, the educational institutions that are
collecting student information are at a higher risk for disclosing it
improperly because of digital technologies.
Health Insurance Portability and
Accountability Act

The Health Insurance Portability and Accountability Act of

1996 (HIPAA) singles out records related to health care as a
special class of personally identifiable information. This law gives
patients specific rights to control their medical records, requires
health care providers and others who maintain this information to
get specific permission in order to share it, and imposes penalties
on the institutions that breach this trust. Since much of this
information is now shared via electronic medical records, the
protection of those systems becomes paramount.
General Data Protection Regulation
The European Union, in an effort to help people take
control over their personal data, passed the General Data
Protection Regulation (GDPR) in May 2016. While this protection
applies to the countries in the EU, it is having an impact of U.S.
companies using the Internet as well. The regulation went into
effect May 25, 2018.
EU and non-EU countries have different approaches to
protecting the data of individuals. The focus in the U.S. has been
on protecting data privacy so that it does not impact commercial
interests.