The Trademark Application Process and Costs

The trademark application process moves through three stages:

Stage 1 – The Application

As a preliminary matter, trademark applicants have four options for trademark application depending on their particular circumstances:

1) Section 1(a) of the Lanham Act (the United States Trademark Act) allows application for applicants who have already made use of their mark in United States commerce (e.g., already doing business in the US).

2) Section 1(b) of the Lanham Act allows application for applicants who verify that they intent to use the mark in United States commerce within 1 year of publication on the National Register. Such application must be perfected within 1 year by submitting specimens to prove use of the mark in commerce. The purpose of a 1(b) application is for applicants who have not yet used the mark in the US to “lock” in their date of priority to the date of their 1(b) application — in other words, if another entity uses a similar mark after the applicant’s 1(b) application but before the date of perfection, the original applicant will be accorded priority as of the date of its 1(b) application.

3) Section 44(e) of the Lanham Act allows foreign applicants who already own a trademark registration in their foreign country of origin to register their mark in the US based on such foreign registration.

4) Section 44(d) of the Lanham Act allows foreign applicants to “lock” the day of priority for their mark to the day of their foreign trademark application. The practical results of this are the same as in the 1(b) application described above.

Applicants may apply under a combination of the above options. For example, they may apply under Section 1(a) if they have already used the mark in the US and they may also use Section 44(d) to lock their date of priority to the date of their potentially earlier foreign application.

Costs for Stage 1:

USPTO Fees: The United States Patent and Trademark Office (USPTO) charges a $325 filing fee for each class under which the applicant wishes to register their trademark. A “class” is a description of the type of goods or services with which the mark is associated. For example, Craigslist.com is registered for Class 35 (advertising information) and Class 38 (interactive bulletin boards).

Attorney Fees: Most attorneys charge hourly for trademark work or otherwise charge a flat fee based on the estimate time it would take to complete the initial filing. The initial paperwork for a Stage 1 filing should take no longer than one hour. As explained below, it is not possible to estimate the time it would take to move an application through Stages 2-3.

Search Fees: The USPTO does not refund filing fees, thus prior to filing the application it is highly advisable to have your attorney conduct a search of the USPTO database to confirm that a registration or application for a similar mark does not already exist. The most advisable search method is to have the attorney engage a specialist service, like Thompson CompuMark, to perform a thorough search. Such services generally charge $600-800 for the search.

Web Application Security – Don’t Bolt it On – Build it In

Companies make significant investments to develop high-performance Web applications so customers can do business whenever and wherever they choose. While convenient, this 24-7 access also invites criminal hackers who seek a potential windfall by exploiting those very same highly available corporate applications.

The only way to succeed against Web application attacks is to build secure and sustainable applications from the start. Yet, many businesses find they have more Web applications and vulnerabilities than security professionals to test and remedy them – especially when application vulnerability testing doesn’t occur until after an application has been sent to production. This leads to applications being very susceptible to attack and increases the unacceptable risk of applications failing regulatory audits. In fact, many forget that compliance mandates like Sarbanes-Oxley, the Health Insurance Portability and Accountability Act, Gramm-Leach-Bliley, and European Union privacy regulations, all require demonstrable, verifiable security, especially where most of today’s risk exists – at the Web application level.

In an attempt to mitigate these risks, companies use firewalls and intrusion detection/prevention technologies to try to protect both their networks and applications. But these web application security measures are not enough. Web applications introduce vulnerabilities, which can’t be blocked by firewalls, by allowing access to an organization’s systems and information. Perhaps that’s why experts estimate that a majority of security breaches today are targeted at Web applications.

One way to achieve sustainable web application security is to incorporate application vulnerability testing into each phase of an application’s lifecycle – from development to quality assurance to deployment – and continually during operation. Since all Web applications need to meet functional and performance standards to be of business value, it makes good sense to incorporate web application security and application vulnerability testing as part of existing function and performance testing. And unless you do this – test for security at every phase of each application’s lifecycle – your data probably is more vulnerable than you realize.

Neglecting Application Vulnerability Testing: Risks and Costs of Poor Security

Consider supermarket chain Hannaford Bros., which reportedly now is spending billions to bolster its IT and web application security – after attackers managed to steal up to 4.2 million credit and debit card numbers from its network. Or, the three hackers recently indicted for stealing thousands of credit card numbers by inserting packet sniffers on the corporate network of a major restaurant chain.

The potential costs of these and related Web application attacks add up quickly. When you consider the expense of the forensic analysis of compromised systems, increased call center activity from upset customers, legal fees and regulatory fines, data breach disclosure notices sent to affected customers, as well as other business and customer losses, it’s no surprise that news reports often detail incidents costing anywhere from $20 million to $4.5 billion. The research firm Forrester estimates that the cost of a security breach ranges from about $90 to $305 per compromised record.