Skip to content

Game Theory Law

People, logic, data, law in the global technocracy.

Information Security: The Beer, Burrito, and Bytes of Brand

adastralaw · December 11, 2015

By Martin Medeiros

In college we used to go to the Black Rooster Pub on 1919 L Street in D.C. because they sold Bass Ale, one of a few European style beers around before the microbrewery revolution. Little did I know that in a few years I would learn that the Bass Ale red triangle occupied a unique place in intellectual property history.

Trademarks are the legal right that supports your brand and serve as a source identifier. The “brand” is the product category, but we typically refer to it as all the things that encompass the value of the mark, including the goodwill, quality, origin or corporate ethos in the good or services so named. The red triangle of Bass was the first registered mark in the modern era in 1876. The ale itself has since been featured in paintings by Picasso, in other art forms, and was served on the Titanic, but at its heart it is a source identifier for a pale ale. As a source identifier of a British ale, it may have less clout today, as Bass Ale, the “original English Pale Ale,” is now brewed in Baldwinsville, New York, much to the chagrin of discriminating palates that remember it as a true import. The brand can mean different things to different people. As a pub denizen, I may associate it with good taste, purity, or other positive attributes. For example, a pub crawler may think, “the last time I ordered a no-name ale I got dysentery, better stick with the red triangle.” But the intent of the mark may be totally different to the company. They may use the red triangle as a mark for their pale ale and a red diamond for a stronger brew, as Bass indeed did. But the association the consumer gives to a mark keeps the brand alive.

Unfortunately, there is no “intellectual property cop,” therefore the owner is the primary enforcer of the mark. It is an “enforce it or lose it” proposition. Bass was called upon as an enforcer in 1893 when it sued Cooke Brewing Co. of Chicago for trademark infringement. Federal registration of a trademark in the United States has many advantages, including allowing companies to leverage resources to stopping infringing product from crossing borders, among other things. While there are criminal sanctions available in many statutes, getting prosecutors to enforce intellectual property laws may not the highest priority in many jurisdictions. For a discussion of Bass’s suit against Cooke, see http://brookstonbeerbulletin.com/bass-vs-cooke-brewing-co/.

So what does brand security represent in practice? It may take many forms, including stopping piracy by enforcing the mark against infringers or data control preservation and analysis. It may represent attention to detail with respect to physical security, such as preventing the intrusion of pathogens if you are a restaurant that must source goods coming into your establishment.

Certainly, the Chipotle brand worked hard to represent itself as offering healthier food and eschewing evil corporations who use highly processed foods that the body does not recognize, causing obesity and diabetes. Indeed, they spent many resources that may go beyond the Food and Drug Administration’s “Hazard Analysis Critical Control Point (HACCP),” and their attention to this detail beyond the federal regulations may be a trade secret. But what if this fails? What do companies wrap themselves in to cover their mistakes?

They pour value into the brand. Chipotle’s brand involves the ethos of a higher calling, even producing a Netflix series, Farmed and Dangerous, a satire on the American Petro-Ag industry. All this image building paid off with a stock price that has tripled in four years. All through its history Chipotle has had outbreaks of pathogens, but the brand has weathered such shocks. Most recently, Norovirus and E. coli have caused the stock price to decrease by one third. Chipotle’s reliance on fresh ingredients and the healthy attributes therein ironically puts the organization in a higher risk category with others questioning if large chains can safely manage a far-flung “fresh” supply chain. Even this may not be the death of Chipotle, as recovery seems possible. All of this illustrates that security and brand value are lockstep.

While the problem with Chipotle is physical security, arguably, it may have been mitigated by data process security through locating pathogens and closing restaurants with potential exposure.

While image and product safety impact brand value, so does data security. Other data breach problems plague industries such as banking and retail. So the “byte” in the title is a nod to a significant data point on brand security. A study presented at this year’s International Association of Privacy Professionals (IAPP) annual meeting in Las Vegas sponsored by the IAPP and Bloomberg Law found that organizations ranked data breaches as one of their top risks.

The two largest concerns of the 347 respondents may inform organizations where resources should be allocated. Fifty nine percent of respondents ranked the highest overall concern as Brand Reputation Negatively Impacted. Data Breach came in second at fifty three percent. Lesser concerns in declining order were Bottom Line Negatively Impacted (35%), Negative Impact on Sales/Revenue (34%), Enforcement Actions by Regulators (30%), and Class Action Lawsuits (19%). The top two concerns, Brand Impact and Data Breach, were universal regardless of business size or nation. A free copy of the complete report can be found here.

More important are the top two methods for mitigating privacy risk. Predictably, Leadership Buy-In regarding the importance of information security risk and brand reputation is at the top. This was universal regardless of nation or business size. The second concern was Corporate Training, and the third was IT Resources for large (>25K employees) and medium business (5K-25K employees). Small businesses that have less than five thousand employees ranked IT Resources as second and IT Ability as fourth in importance for mitigating privacy risk. What this says is that small businesses should outsource data security, as they apparently do not have the internal resources.

If we separate brand and security as focuses of management, brand resilience may be elusive and indeed, we know brands that have struggled to recover. While no single problem may be fatal, managers would do well to have a strategic intellectual property plan that matches their privacy and security policies. This research shows that data security supports brand and stockholder value as a new first pillar.

Brought to you by:

Recent Posts

  • Do Not Negotiate in these Eight Situations
  • Game Theory Analysis of Trade War: Defecting from Political Tradition
  • Washington Supreme Court Strikes Down Trade Secret by Ride-sharing Companies
  • One Negotiation, Three Small Mistakes, and Resulting Litigation
  • Three Strategic Patent Considerations for New Software Innovators and Policy Leaders

Recent Comments

  • adastralaw on One Negotiation, Three Small Mistakes, and Resulting Litigation
  • M on Is a Do-Nothing Legislature Really that Bad? Game Theory, Law, Complexity, and Deadlock.
  • Players Only: Thinking About Who’s Who in Your Economic Sand Box - Game Theory Law on Overwhelmed with Options in a Deal: An Easy Way to Focus Your Efforts on What Really Matters

Archives

  • March 2019
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • December 2017
  • October 2017
  • February 2017
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • December 2015
  • October 2015
  • August 2015
  • June 2015
  • April 2015
  • February 2015
  • January 2015

Categories

  • Finance
  • Game Theory
  • Intellectual Property
  • Negotiation
  • Privacy
  • Technology
  • Technology Procurement
  • Trademark
  • Uncategorized

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Powered by WordPress.