Intellectual Property

Privacy by Design

Starting a consumer-facing technology company or developing a new application to make a consumer’s life easier or more fun is an exciting journey.  At this stage, you are all about the development, getting the product or service to market, and making sure it can scale.  But neglecting the privacy implications of your product or service during the development stage is a big mistake that will come back to haunt you later.

Imagine, for example, that your dream of building a great company has come true and you are faced with an acquisition offer.  During the customary due diligence phase, you quickly discover that your privacy house is not in order. Why? You neglected to plan for a situation in which you might have to transfer user data to an acquirer. The entire shape of the deal is now altered because there are significant tax consequences for the new structure and reserves or holdbacks are required that postpone or lessen the value you worked so hard to build.  All this can be avoided with a little privacy by design.  Here are a few pointers:

1.  If you don’t need the information, don’t collect it.  Avoid the engineering gene that says collect as much information as possible because it might be useful in the future.

2.  If you collect it, protect it.  This is essentially strict liability with the regulators.  If you lose the data, you will end up with an FTC-approved third party running your IT for the next 20 years.

3.  If you exit via a sale of the company or a merger or have to file for bankruptcy, be up front in your privacy policy and tell your users that you may transfer the data in the event this type of strategic move or a restructuring takes place. If you don’t do this, you will need the express opt-in consent of each user to make the transfer later, which will significantly devalue your assets.

4.  If you deal with personal information at all, say what you do and do what you say.  Do not cut and paste a privacy policy from another company’s website and hope that you’re adequately covered.  Diligence in an acquisition includes a thorough privacy review.  Misrepresentations in a privacy policy will get you sued, delay a sale and will increase your costs in the future.

5.  If you do anything, think like a user when it comes to privacy just as you would when it comes to the usability of a product or service.  Your privacy policy is a direct reflection of your product or service.

How to Prepare for an Equity Financing

We have covered in past FTTWs how to value your startup and how much capital to raise. Once your startup decides to pursue equity financing, you should start to prepare for the investor due diligence process. On the business side, you will need to prepare a business plan and should take steps such as obtaining management references, interviews and background reviews, customer/user references, technical/product reviews, financial statements and business model reviews.

What Every Startup Needs to Know

On Wednesday, June 26th, Perkins Coie’s Palo Alto office hosted the startupPerColator event, “What Every Startup Needs to Know.” Lowell Ness, a Perkins Coie partner in the Emerging Companies & Venture Capital (ECVC) practice, moderated a panel which included Herb Stephens of NueHealth, Thomas Huot of VantagePoint Capital, Jennifer Jones of Jennifer Jones and Partners, Yuri Rabinovich of Start-up Monthly, and Olga Rodstein of Shutterfly.