If intellectual property plays any kind of role in your company’s products or services, you need to focus on establishing ownership of or rights to use that IP. Many companies do not focus on IP ownership and do not have founder, employee, or contractor IP assignments in place. Without having documented IP ownership or rights, a company can ruin its ability to be acquired.
When considering the extent to which a company needs to protect and document its IP, the company should consider what types of IP representations a purchaser would expect. If a company cannot satisfy these representations, the company needs to reevaluate its IP documentation and protection strategies. The following is a list of IP representations that commonly are found in acquisition agreements:
(a) The company owns or has the right or license to use all material IP rights used in or incorporated into the startup’s products or business;
(b) The company must list all its registered IP rights;
(c) The merger will not result in a breach or termination of any contract regarding IP;
(d) The company is not aware of any unauthorized use, infringement, or misappropriation of its IP;
(e) The company is not aware that its products or business infringes, misappropriates, or violates anyone’s IP;
(f) The company has taken commercially reasonable steps to protect and preserve the confidentiality of the company’s confidential or trade secret information;
(g) The company complies with all licenses for all software or other material that is distributed as “free” or “open source” software and that is incorporated into the company’s products;
(h) The company has not incorporated open source materials into its IP or products in a way that creates obligations for the company to grant to any third person any rights under the company’s IP;
(i) The company has complied with the privacy policies relating to (1) the privacy of the company’s customers and end users and all of the company’s websites and (2) the use of any personally identifiable information and other personal information collected by the company; and
(j) The company has implemented and maintains a commercially reasonable security plan that (1) identifies risks to the security of confidential information, (2) implements adequate and effective safeguards to control those risks, and (3) maintains notification procedures in compliance with applicable law in the case of any breach of security of personally identifiable information and other personal information.
These representations can be viewed as a roadmap to protecting your company’s IP. They are pretty basic and really only require that you protect company IP in a commercially reasonable manner.
Bob Muraski is a business attorney based in Bellingham, Washington.