Challenging a Competitor’s Patent in the Patent Office: Great When it Works, but Failure Increases the Risk of a Court-Issued Injunction

 

 

 

 

 

By Thomas Tuytschaevers. A member of our Patent Practice Group

Recent developments in an infringement dispute in San Francisco yield valuable lessons regarding the hazards that may befall a company that challenges the validity of a rival’s patent in the United States Patent and Trademark Office. If the company loses its challenge, it may be that much more vulnerable to a preliminary injunction in subsequent infringement litigation.

Illumina, Inc. sells gene-sequencing equipment in the clinical laboratory market, where it competes with Qiagen, N.V and its subsidiaries.  In April 2016, Qiagen introduced its new GeneReader NGS system with a vigorous marketing campaign that seemed to be asking for trouble:  It claimed that the new system works in the “same way as Illumina’s machines.”  Illumina sued Qiagen and its subsidiaries for infringing US patent 7,566,537, and took the unusual step of asking the trial court for a preliminary injunction to halt the sale of Qiagen’s new product during the litigation.

As its name implies, a preliminary injunction in a patent case is a pre-trial order prohibiting an accused infringer from selling its product during the infringement trail.  It is a “drastic and extraordinary” remedy because it takes effect before infringement is proven, and before trial has even begun. (Patent suits often take two years or longer to get to trial.)   If granted rashly, a preliminary injunction causes potentially grievous harm to the accused infringer’s business, but if denied, risks irreparable injury to the patent owner.

Consequently, a court will grant a preliminary injunction only if the patent owner can show that (1) it is likely to prove the alleged infringement at trial; (2) it is likely to suffer irreparable harm if the injunction is not granted; (3) in measuring the hardship of an injunction on the accused infringer against the hardship of continuing infringement on the patent owner, the balance of hardships weighs in the patent owner’s favor; and (4) an injunction is in the public interest.  Despite the attractiveness of the preliminary injunction, patent owners rarely seek them, and courts rarely grant them, because the burden of proof is so high.

In Illumina v. Qiagen, however, Illumina was successful thanks in large part to assistance from Qiagen itself.  First, Qiagen chose to mount a difficult defense: It did not deny that Illumina was likely to succeed in showing infringement, so argued instead that Illumina’s patent was invalid in view of certain prior art.  An invalidity defense is difficult because U.S. law presumes a patent to be valid, so while the patent owner needs only to prove infringement by a preponderance of the evidence (i.e., that infringement is more likely than not), the accused infringer must prove invalidity by the higher “clear and convincing evidence” standard. More...

Litigators’ Perspective on the Patent Eligibility of Software: Courts Continue to Refine the Analysis in the Wake of Key Supreme Court Decision

 

 

 

 

 

By Lisa Tittemore and Brandon Scruggs. Ms. Tittemore is Co-Chair of the Litigation Practice Group and Mr. Scruggs is a member of the Litigation Practice Group

Recent precedential opinions from the Federal Circuit Court of Appeals – one of which represented a victory for our client Iatric Systems^[1] – allow some insight regarding the boundary between what is and what is not patent-eligible subject matter in the field of computers and computer software.  In the two cases, FairWarning IP, LLC v. Iatric Systems, Inc. and McRO, Inc. v. Bandai Namco Games America Inc., the Federal Circuit interpreted the Supreme Court’s controversial 2014 decision in Alice Corp. Pty. Ltd. v. CLS Bank Int’l, which we have previously discussed.

In Alice, the Supreme Court announced the applicability of a two-step framework for determining patent eligibility under Section 101 of the Patent Act in the context of computer-related patents:

• First, courts must determine whether the patent claims at issue are “directed to” a patent-ineligible concept, such as an abstract idea.
• Second, if the claims are directed to patent-ineligible subject matter, courts must ask whether any of the additional limitations in the patent claims transform the claim into a patent-eligible application of a patent-ineligible concept.

Using that framework, which the Supreme Court had earlier articulated in the biotechnology context, the court in Alice invalidated patents that covered mitigating settlement risk in financial transactions using a computer system.  The court cautioned that patent eligibility requires more of a patent claim than simply stating an abstract idea and saying “apply it.”  However, the court also warned against reading its decision broadly, “lest it swallow all of patent law,” acknowledging that at some level all inventions rest upon laws of nature, natural phenomena, or abstract ideas.  Although simply implementing a process on a computer does not impart patent eligibility, patents that “improve an existing technological process” may be patent-eligible.

The analysis in Alice dramatically altered the approach that courts had applied in evaluating patent-eligibility for computer-related inventions.  Trial judges and the Federal Circuit alike have struggled to apply the Alice framework without slipping into an impenetrably vague “I know it when I see it” standard.  The Federal Circuit’s September and October 2016 decisions in McRO and Fairwarning IP provide useful guideposts.

McRO involved patent claims that describe a method for automatically producing lip synchronization and facial expressions in animated characters, a process which was previously done by human animators, using a computer, to manipulate the character model using an intuitive process.  The invention automated the 3D animator’s task, using rules with specific characteristics that require several variables to interact in a certain way.  The federal court in Los Angeles granted the defendant’s motion to throw out the case, finding the asserted claims “too broad” and unpatentable. More...

Massachusetts Creates Tax Credit Program for Angel Investors

By Thomas Carey. Chair of our Business Practice Group

On August 10, 2016, Governor Baker signed HB4569 into law, creating a tax credit program intended to spur angel investments into local high-tech start-ups, particularly those in the fields of digital e-health, information technology and healthcare. The program will permit investors in qualifying businesses to take a tax credit of 20% of the amount invested – or 30% if the business is in a Gateway Municipality.  This tax credit program is limited to $25 million annually, with the credits being doled out by theMassachusetts Life Sciences Center.

Companies wishing to be qualified for the program must have (i) a principal place of business in Massachusetts, (ii) a fully-developed business plan with short- and long-term forecasts including R&D, profit and loss, cash flow and details of angel investor funding, (iii) 20 or fewer full-time employees (at least half of whom work out of the company’s principal place of business), and (iv) less than $500,000 in gross revenue in the prior fiscal year.

The program does not cover investments in hedge funds, venture capital funds, retail operations, real estate, professional services, gaming or financial services.

Investors must be accredited investors, as defined by the SEC. Their qualifying investments are limited to $125,000 in any one business per year and $250,000 total for any one business.  No single taxpayer can claim more than $50,000 in tax credits in a year but investors may defer claiming tax credits for up to three years. Qualifying investors may not be the principal owner of the business and be involved in it on a full-time basis. More...

Recent Decisions Shed Light On How to Avoid Enhanced Damages for Patent Infringement

By Dorothy Wu Chiang. A member of our Patent Practice Group

In its June 2016 decision in Halo Electronics Inc. v. Pulse Electronics, Inc., whichwe covered in our June issue, the Supreme Court loosened the conditions under which a trial court may award enhanced damages to a patent owner. Haloemphasized that trial courts must retain discretion to punish “egregious” behavior by an infringer, based on the infringer’s knowledge at the time of the conduct in question. A defendant’s ability to muster a plausible defense after the fact should be of no consequence if its infringement at the time was willful and egregious.

This standard suggests that a company may take proactive measures that can prevent its behavior from being perceived as egregious. Specifically, before engaging in conduct that might infringe a competitor’s patent, a company might do well to obtain an opinion of counsel on the validity of that patent and the likelihood of infringing it. Already, some post-Halo decisions demonstrate that the presence or absence of such contemporaneous legal advice may affect a judge’s decision whether to assess enhanced damages against an infringer.

WBIP, LLC. v. Kohler, Co. involved competitors in the marine generator business. An internal Kohler memo requesting funding for developing products to compete with Westerbeke Corporation indicated that Kohler was aware of Westerbeke’s patents. Kohler took no action to evaluate the scope of the patents or avoid their claim limitations. Moreover, Kohler’s other activities demonstrated that it had deliberately tried to “plunder” Westerbeke’s business; Kohler employees had visited Westerbeke representatives at a trade show, questioned them about their technology, and released a competing product within a year.

Westerbeke assigned its patents to WPIB, which sued Kohler for infringement before Halo was decided.  The trial judge ruled that Kohler had willfully infringed WBIP’s patents and granted WPIB enhanced damages of 50%. Kohler appealed, and the Federal Circuit affirmed the district court in view of the Halo decision that had issued just weeks earlier. Halo required the Federal Circuit to review the enhanced damages based on whether the trial court had abused its discretion in awarding them. This deferential standard means that a trial judge’s award of enhanced damages is unlikely to be overturned.  More...

On-Sale Bar Clarified for Drugmaker

By Samuel Petuchowski, Ph.D.. A member of our Patent Practice Group

A patent application should be filed as soon as possible. Not only do patent rights go to the first inventor to file a patent application, but no invention may be patented if it has been publicly disclosed more than a year before an application is filed.

US law applicable to patent applications filed prior to March 15, 2013, that is, before the America Invents Act (AIA) took effect, specifically barred patenting anything more than one year after the first instance of its being sold or offered for sale.

In the case of The Medicines Company (“MedCo”) v. Hospira, Inc., MedCo ordered three batches of the anti-coagulant drug bivalirudin to be made by a manufacturing contractor, Ben Venue Laboratories, using a process that Medco later patented. While the market value of a commercial batch would have been about $10 million, no one could have sold the drug to consumers because FDA approval was still pending at the time.

When MedCo later sued Hospira for patent infringement, one of Hospira’s defenses was that MedCo’s patent application came too late, since it was filed more than a year after MedCo paid Ben Venue to make the preliminary batches for validation purposes.

The policy underlying the “on-sale” bar as it existed in Section 102(b) of the pre-AIA Patent Act was to preclude an inventor from profiting from the commercial use of an invention for a prolonged period before sharing it with the public by filing a patent application.  However, the statute sought to give the inventor a “reasonable” time to discern the potential value of an invention before undertaking the patenting process.  In 1998, the Supreme Court, in its decision in Pfaff v. Wells Electronics Inc., established a two-part test to determine whether an offer for sale occurred that would bar patenting more than a year later: The invention had to be the subject of a “commercial offer for sale” and had to be “ready for patenting.” More...

Insurance Coverage for Data Breaches: A Pig in a Poke for Retail Establishments?

By Thomas Carey. Chair of our Business Practice Group

P.F. Chang’s China Bistro Inc., which operates over 200 restaurants in the United States, purchased a cyber insurance policy from Federal Insurance Company. Federal marketed the policy as “a flexible insurance solution designed by cyber risk experts to address the full breadth of risks associated with doing business in today’s technology-dependent world” that covers “direct loss, legal liability, and consequential loss resulting from cyber security breaches.”  (Emphasis supplied).

During the underwriting process, Federal classified PF Chang’s as a high-risk client because it conducts more than six million transactions per year with customer credit cards, begetting extensive exposure to customer identity theft.  PF Chang’s paid an annual premium of $134,000 for the policy.

In 2014, while the policy was in effect, PF Chang’s received notification from the United States Secret Service of a potential data breach involving credit and debit card numbers stolen from its restaurants.  The company immediately conducted an investigation and determined that 33 of its restaurants were potentially affected.

PF Chang’s notified its insurer, which ultimately reimbursed more than $1.7 million of costs resulting from the data breach. This reimbursement covered the cost of conducting a forensic investigation and, defending litigation filed by (a) customers who alleged their credit card information was compromised, and (b) a bank that issued credit cards that were allegedly compromised. More...

Fast-Forwarding Privacy: A Video Tape Rental Statute in the Digital Era

By Thomas Carey. Chair of our Business Practice Group

Contentious Supreme Court nominations began with that of Robert Bork, whose originalist views led him to proclaim that there is no constitutional right to privacy. Americans, he believed, have only such privacy rights as may be conferred by statute.  Little did he imagine that his own personal experience would lead to just such a statute.

While Judge Bork’s nomination to the Supreme Court was in the balance and with his views on privacy very much in the news, a reporter obtained a list of the videos that Judge Bork and his family had rented from a local video store and published the list. The backlash from this incident led to the 1988 Video Privacy Protection Act (VPPA).

The VPPA provides a civil remedy against a “video tape service provider” that knowingly discloses personally identifiable information (PII) concerning its “consumers.”  “Consumer” is defined to include “any renter, purchaser, or subscriber of goods or services” from the video tape service provider. The VPPA authorizes courts to award punitive damages and attorneys’ fees to successful plaintiffs.

Given the demise of Blockbuster, this piece of legislation might be no more than an historic curiosity.  But judges with a penchant for more imaginative interpretations of statutes than Judge Bork would have countenanced have breathed new life into this statute, making it relevant to today’s cellphone app developers.

Two ongoing class action lawsuits have resulted in opinions that represent a lively conversation among those trial judges and appellate courts that have considered the VPPA’s vitality in the mobile phone era.  The most recent opinion was a breakthrough success for privacy advocates.

Cartoon Network and USA Today each developed free cellphone apps that allowed users to access video content. The apps would also transmit data to aggregators that would identify the videos that were watched. The data included the Android ID1 and, in the case of USA Today, the GPS coordinates, of the user’s device.

Users of these apps filed class action lawsuits alleging violations of the VPPA. In both cases, the defendants argued that the plaintiffs were not “subscribers” within the meaning of the VPPA because the services were free, and that sharing the Android ID was not the disclosure of PII for purposes of that statute.  Earlier cases had held that a device identifier was not PII, so precedent seemed to be on their side.

The first of these cases to go to trial involved The Cartoon Network.  In 2014, a federal trial court in Georgia granted a motion to dismiss the complaint.  The court said the user qualified as a “subscriber” to the Cartoon Network service even though it was free, but that the Android ID was not PII.

Next up was Gannett, the publisher of USA Today. Gannett contended that the Android ID cannot be PII because it identifies an object, rather than a human being. A federal judge in Massachusetts rejected that argument, pointing out by analogy that, while a home address describes an object, not a person, there can be little doubt that it is PII. More...

Functional Software’s Limited Copyright Coverage: Jury Finds Google’s Limited Use of Oracle’s Java™ Code Was Fair

By David Blau. A member of our Patent Practice Group

In 2010, Oracle sued Google over its implementation of the Java platform in smartphones running its Android™ operating system (OS). The Java platform is used to write and run programs written in the Java programming language and includes, among other things, the Java Virtual Machine and the Java application programming interface packages (“APIs”) that permit software developers to perform common functions without having to write equivalent code from scratch.

The APIs contained declaring code that reflects the structure, sequence, and organization (“SSO”) of the APIs. Although Google developed its own version of the Java Virtual Machine, for compatibility purposes Google literally copied the declaring code of 37 APIs and with it the SSO of those APIs.

In 2012, the trial court ruled that the APIs were not protectable under copyright law because they were essentially functional, not expressive. (Functional items are protectable, if at all, only under patent laws.)  The Federal Circuit reversed the trial court in 2014, ruling the SSO of the APIs to be protectable under copyright.  The appeals court instructed the trial court to consider whether the doctrine of fair use absolved Google of any liability in this case.  On May 26, 2016, a jury found that Google’s use of the declaring code was fair use, thus absolving Google of copyright liability in connection with its use of the APIs.

Fair use is a defense to copyright infringement, and helps balance the copyright owner’s property interest with the public’s interest in making some limited use of copyrighted works.  Uses of copyrighted works are often fair when portions of the work are copied for commentary, parody, scholarship, news reporting, or educational purposes.  Judges and juries will consider whether the use is commercial or educational, whether it transforms the underlying work, whether the work is more expressive or factual, how much and how important the portions copied were to the work as a whole, and whether the copying has (or could have) a negative financial impact on the copyright owner.  After weighing all of these factors, the jury determined that Google’s use of the Java API was fair, and thus not an infringement of copyright.

The origins of the legal dispute date to 1991, when the Java language was created at Sun Microsystems. Java slowly developed into a fully-featured platform, and in 1995 it was announced that Java would be included in one of the first web browsers, Netscape Navigator.  Java shortly became a valuable asset to Sun, which nevertheless released the bulk of its implementation as free and open source software (FOSS) in 2006. More...

Patent Owners Beware: Preliminary Response in Inter Partes Review Takes On New Significance

 

 

 

 

 

By Robert Asher and Emmanuel Filandrianos. Members of our Patent Practice Group

Inter partes review (“IPR”) has become the forum of choice for challenging the validity of a patent. Introduced in 2012 as part of the America Invents Act, it is a relatively new proceeding in the U.S. Patent and Trademark Office conducted by a panel of judges from the Patent Trial and Appeal Board (the “Board”). IPRs begin with a petitioner requesting that the IPR be instituted. Within three months of the request, the patent owner may choose to file a preliminary response arguing that the IPR should not be instituted.

If the Board is persuaded that the petitioner has not demonstrated a reasonable likelihood that it will prevail in its challenge of at least one claim, the IPR will be denied. Conversely, the Board may institute the IPR if it determines that the petitioner has a reasonable likelihood of invalidating at least one claim. If the IPR is instituted, the patent owner must respond with a “patent owner response” within three months of the institution date. The petitioner then gets a chance to file a “reply to the patent owner response.” The parties may also have an opportunity for oral argument thereafter. The entire procedure will be concluded with a final written decision from the Board within one year of the institution of the IPR.

Before May 2, 2016, the Board’s regulations provided an unfair advantage to petitioners at the pre-institution stage. Specifically, petitioners could have an expert in the field provide expert testimony in support of the petition, whereas patent owners were not allowed to use their own expert to support arguments made in the preliminary response. This oddity in the law allowed petitioners to rely on an expert to advance their claim-construction theory, while patent owners could only rely on attorney argument. The rules have since changed to allow patent owners as well to submit expert testimony in the preliminary response.

Even with this change, patent owners remain at a disadvantage in the pre-institution phase because of time constraints. Petitioners usually have months, even up to a year, after being sued for infringement to file their petition. Patent owners, by contrast, have only three months to provide their preliminary response. While petitioners have ample time to find an expert and put together the petition, patent owners have to find a suitable expert and prepare the preliminary response in a matter of months. More...

U.S. Supreme Court Eases Standards for Obtaining Enhanced Patent Damages for Willful Infringement

By Alexandra Cavazos, Ph. D.. A member of our Litigation Practice Group

The Patent Act permits a court to award damages to a successful plaintiff in an amount up to three times the actual damages suffered plus the plaintiff’s attorneys’ fees.  These “enhanced damages” under Section 284 of the Act have been part of U.S. patent law since its inception, but the standard for awarding them has shifted over time.  Enhanced damages were originally mandatory, but Congress later ordained a discretionary award in the belief that a defendant who acted out of ignorance of the law or with a good faith belief that no infringement was occurring should not punished in the same manner as a “wanton and malicious pirate.”

In re Seagate Technology, LLC  (2007) announced the Federal Circuit’s strict two-prong test for patentees seeking enhanced damages.  The first prong required the patentee to “show by clear and convincing evidence that the infringer acted despite an objectively high likelihood that its actions constituted infringement of a valid patent.”  If the infringer made a reasonable invalidity or non-infringement argument during the litigation, the patentee could not meet this “objective” prong.  If the objective prong was met, the second Seagate prong required the patentee to show (also by clear and convincing evidence) that the risk of infringement “was either known or so obvious that it should have been known to the accused infringer.”

In 2015, the Supreme Court agreed to hear two cases—Halo Electronics, Inc. v. Pulse Electronics, Inc. and Stryker Corp. v. Zimmer Inc.—in order to decide if the Seagate test was consistent with the language of § 284. Earlier this month, the court disapproved the Seagate approach, giving renewed leverage to patentees who sue for infringement. (More...)

Assignor Estoppel May Apply to A Competitor That Never Owned (Or Assigned) the Patent

By Dorothy Wu Chiang. A member of our Patent Practice Group

 

 

 

When companies hire top talent away from competitors, they may very well also acquire patent exposure along with their new personnel through the doctrine of assignor estoppel. A recent decision in the Federal Circuit, MAG Aerospace Industries, Inc. v. B/E Aerospace, Inc., demonstrates how broadly assignor estoppel may be applied. In general, assignor estoppel prevents a company that sells a patent from challenging its validity in later litigation. However, under MAG, a company that never owned the patent may also be barred if it has hired an inventor named in the patent.

MAG Aerospace sued B/E Aerospace for infringement of three patents that named one of B/E’s leaders as an inventor. In this case, the inventor conceived of the patents well before joining B/E and had never worked for MAG; he invented the technology during his time at Evac International Oy, which later transferred the patents to MAG.

B/E defended the infringement claim in part by asserting that the patents were invalid.  The district court granted MAG summary judgment on that question, ruling that the doctrine of assignor estoppel prevented B/E from challenging the validity of the patents.

Assignor estoppel applies if a named inventor on a patent is “in privity” with the company being sued. In Shamrock Technologies, Inc. v. Medical Sterilization, Inc. (1990), the Federal Circuit held that the doctrine requires a court to consider a number of factors when determining whether this relationship exists, including:

• The inventor’s leadership role at the new employer;
• The inventor’s ownership stake in the defendant company/new employer;
• Whether the accused company changed course from manufacturing non-infringing goods to allegedly infringing activity after the inventor was hired;
• The inventor’s role in the allegedly infringing activities;
• Whether the inventor was hired to start the allegedly infringing operations;
• Whether the decision to manufacture the allegedly infringing product was made partly by the inventor;
• Whether the accused company began manufacturing the allegedly infringing product shortly after hiring the inventor; and
• Whether the inventor was in charge of the allegedly infringing operation.

MORE

The Federal Circuit Helps Software Developers Overcome Patent-Eligibility Rejections under Alice

By Bruce Sunstein. A member of our Patent Practice Group

 

The Federal Circuit’s recent decision in Microsoft v. Enfish has given software developers a new tool—valuable at least sometimes—to resist Alice rejections of patent applications for computer-related inventions.

Under Alice Corp. v. CLS Bank (2014),  the Supreme Court expanded on its finding of “implicit exceptions” to the patent laws, holding that patent claims too closely related to a law of nature, natural phenomenon, or abstract idea are ineligible for patenting, despite the broad scope of section 101, the provision that defines eligible subject matter. The stated justification is that such patent claims would preempt the law of nature, natural phenomenon or abstract idea—the patent-ineligible concept—to which they relate and hinder scientific and technical advancement.

Alice prescribes a two-step test for determining whether patent claims are invalid. Under the first step, one determines whether the patent claims are directed to the patent-ineligible concept, namely a law of nature, natural phenomenon or abstract idea. If the claims are deemed directed to the patent-ineligible concept, then, under the second step, one considers the elements of each claim, both individually and as an ordered combination, to determine whether the claim has elements beyond the ineligible concept that would transform the nature of the claim into a patent-eligible application.  Although, as we discussed here and here, the reasoning behind the Alice decision is flawed, it remains the law of the land.

The two-step test of Alice has led to an epidemic of instances in which courts have invalidated patents for computer-related inventions and the Patent and Trademark Office has similarly rejected applications for such inventions.

In Enfish, the Federal Circuit considered a novel database structure that enables the user to organize data that, in conventional formats, would occupy numbers of tables.  The new database structure permits the user to organize the data in a single self-referential table. The Federal Circuit held this structure to be patent-eligible. Remarkably, Enfish is only the second instance in which the Federal Circuit has found software patent claims to be patent-eligible since the Supreme Court’s 2014 decision in Alice. (The first time was in DDR Holdings, discussed here.)

Enfish held the patent claims eligible on the ground that they were not “directed to” an abstract idea. In other words, the claims survived the first step of the two-step Alice test, and therefore the second step did not have to be applied. (MORE)

A User’s Guide to the EU-US Privacy Shield

By Thomas Carey. Chair of our Business Practice Group

US companies that rely on seamless receipt of personal data from EU businesses watched in horror as the EU-US Safe Harbor Program was blown up by the EU Court of Justice.

Officials on both sides of the Atlantic have rushed to fill the void.  What emerged, the EU-US Privacy Shield, is a stronger, more demanding set of rules that US companies may follow to avoid enforcement actions from the EU’s data protection authorities (DPAs).

Before it becomes operative, the Privacy Shield must clear a gantlet of regulatory processes that includes review by the EU DPA (which wrapped up on April 13, 2016), the consent of the EU Parliament, and adoption by the European Commission.  This process may be completed as early as June 2016.

The Privacy Shield has vociferous critics in both the US and Europe who remain mistrustful of US intelligence services and their propensity for snooping. On April 13, 2016, this criticism was echoed by the DPAs, who opined that the Privacy Shield is “not acceptable” because it permits mass surveillance of Europeans.   But because several governments have invested substantial resources in the development of the Privacy Shield, it is advisable for US businesses that receive personal data from the EU to seriously consider participating in the program and to plan now for that participation.

The Privacy Shield, like the Safe Harbor program, involves self-certification by companies seeking its protection.   It also is based upon the principles agreed by the EU countries in 1995 (the Privacy Principles):

• Notice to the individuals whose data is being transmitted
• Choice affording the individual the opportunity to opt out
• Security based upon reasonable and appropriate measures to protect the data
• Data integrity – the data must be accurate, complete and current
• Limited purpose – the company must state the purposes of the data collection and abide by its stated purposes (or get fresh consent for an expanded purpose)
• Access– individuals must have the right to obtain the data kept about them within a reasonable period of time
• Accountability for further transfers of data to subcontractors, etc.
• Recourse for individuals whose data has been misused.

Companies seeking the benefit of the Privacy Shield will have to publicly declare their commitment to the Privacy Principles, publicly disclose a privacy policy consistent with those principles and fully implement it.  Adherence to the Privacy Principles may be limited (a) to the extent necessary to meet national security, public interest, or law enforcement requirements; (b) to the extent that statute, regulation, or case law creates conflicting obligations or (c) to the extent expressly permitted by the EU members state affected by the data transfer.

Participants in the Privacy Shield program will be required to verify their compliance with their privacy commitments. This may be done through self-assessment or outside compliance reviews.  Under the self-assessment approach, the verification must indicate that:

• The published privacy policy is accurate, comprehensive, prominently displayed, completely implemented and accessible;
• The privacy policy conforms to the Privacy Shield Principles;
• Individuals are informed of any in-house arrangements for handling complaints and of the independent mechanisms through which they may pursue complaints;
• The company has in place procedures for training employees in the implementation of its privacy policy, and disciplining them for failure to follow it; and
• It has in place internal procedures for periodically conducting objective reviews of compliance with the above. (MORE)