When Good Legal Advice Is Worth $10 Million An Hour

One of the highest profile liquidity events to date in 2012 is Facebook’s announced deal to acquire Instagram for $1 billion. The popular mobile photo-sharing service should fit well into Facebook’s growth strategy as a soon-to-be-public company, but its eye-popping valuation — more than that of the New York Times, for those keeping score at home — is made more extraordinary by the fact that Instagram is run by only 13 employees.

Setting aside questions of unique strategic value for the moment, what could possibly make Instagram worth ten figures? Brand recognition, goodwill, user loyalty, mushrooming usage metrics, sure — but perhaps most importantly, a mountain of intellectual property. My quick-and-dirty assessment, based on pure speculation with no inside knowledge, produced the following taxonomy:

Technology , consisting at a minimum of a consumer-facing iPhone app and the server-side innards that handle connections and communications with other users and social networks. Most social media sites and services, at their heart, are gigantic databases connected to Web servers that render the stored data as Web pages, images and other content.

, consisting at a minimum of a consumer-facing iPhone app and the server-side innards that handle connections and communications with other users and social networks. Most social media sites and services, at their heart, are gigantic databases connected to Web servers that render the stored data as Web pages, images and other content. Branding Elements including the Instagram name, logo, domain names, trademarks and other identifiers, which nowadays can include everything from Twitter handles to Facebook pages and even vanity domains.

including the Instagram name, logo, domain names, trademarks and other identifiers, which nowadays can include everything from Twitter handles to Facebook pages and even vanity domains. User database containing personal information from more than 30 million registered users

containing personal information from more than 30 million registered users User-generated content: In Instagram’s case, a vast repository of more than one billion photos contributed by those users, not to mention the 81 comments per second posted on those photos

In Instagram’s case, a vast repository of more than one billion photos contributed by those users, not to mention the 81 comments per second posted on those photos Proprietary content and design: Admittedly modest by comparison, but it would do the designers a disservice not to give a nod to the app’s user interface, as well as the Instagram website.

I won’t even attempt to quantify these different categories of IP, but it’s directionally clear in the case of popular social media businesses like Instagram that the lion’s share of value is in those gargantuan databases of user-contributed information and content. Those things, together with each user’s unique social graph, are what make Instagram 100 or 1,000 times as valuable as an obscure competitor. The network effects erect a formidable barrier to entry, as Facebook itself has shown.

Turning back the clock a few years (or a mere 18 months in Instagram’s case), even the mighty Facebooks and Twitters of the world began life as little startups built by scrappy entrepreneurs. Somebody had to be the first to register as a user, providing an email address, a name, or similar personal information, and the first to upload a photo. If a service proves wildly successful, and a buyer like Facebook comes knocking with a billion-dollar offer, two areas of sensitivity that can impact the core value of the entire deal are the Privacy Policy under which those 30 million users’ information was collected and the Terms of Use under which the service obtained the right to display those billion-plus photos.

At the risk of stating the obvious, social media businesses are media businesses that revolve around content and distribution. You and I are generous or foolish enough to provide the content for free and to provide the distribution by watching and sharing others’ contributions with friends and colleagues. This kind of media business would implode if not for the fact that every credible social site has grant-of-license language in its Terms of Use. (To make up an absurd example, if Instagram didn’t properly secure rights to the billion photos it displays, with statutory damages in copyright law starting at around $20,000 per occurrence, we’d be talking (gulp) $20 trillion in potential liability.)

Believe it or not, disputes have erupted over this language in Terms of Use, most recently involving Pinterest. A single policy decision embodied in a sentence or two, such as whether to allow or require a user’s photos and comments to remain on the site after the user deletes his or her account, can have a major impact. More broadly, related questions regarding who should be responsible for policing copyright infringement on social media sites — and financially liable when they fail — ignited a virtual World War III between the content and technology industries over legislation such as SOPA and PIPA.

Any experienced Internet lawyer or privacy officer can cite some notorious war stories when things were mishandled with dire consequences. Perhaps the best poster child is GeoCities: Acquired by Yahoo! for $3.6 billion in 1999, the site soon hemorrhaged users over, of all things, overreaching grant-of-license language in its Terms of Use (not kidding), and was smacked by the FTC for deceptive practices related to its Privacy Policy. Yahoo! ultimately shuttered the site altogether.

The moral of this story, getting back to the title, is that seemingly minor issues at inception can come back to haunt a wildly successful Web or mobile business if and when it reaches the point of entertaining a lucrative acquisition or investment offer. The likelihood of catastrophic doomsday scenarios is remote; far more likely are minor issues that still must be dealt with, often as a condition to closing, incurring legal or technical expenses. More severe problems can require remedies such as a new round of “opt-ins” by users, ominous-sounding disclaimers or warnings posted on the site, and so forth. In the case of a whopper of a deal like Instagram, even if such issues were to hypothetically impair just 5% of the deal value, we’d be talking $50 million in shareholder value that evaporated because of entirely avoidable missteps. A few hours of competent lawyer time spent up front to develop and implement well-thought-out Terms of Use and a flexible yet reasonable Privacy Policy could literally preserve $10 million in shareholder value per hour. How’s that for an ROI?

A comprehensive list of common mistakes is beyond the scope of this post, but to give just a few examples:

Every website should contain standard language in its privacy policy consenting in advance to the transfer of personal information to the buyer when the company is acquired. (Incredibly, Instagram itself appears to be missing this language!) I’m amazed at how often this simple concept is overlooked.

At the opposite extreme, the worst mistake most likely to incur the FTC’s wrath is to make lofty, iron-clad promises in a privacy policy that the company later doesn’t keep. “Never say never.”

Web and mobile businesses are global in reach. No reason to make it easier to be sued. Why not require that all claims be brought on your home turf applying local law? Better yet, in the wake of the business-friendly AT&T Mobility decision by the Supreme Court, consider requiring 1-on-1 arbitration and a waiver of the right to class action litigation. (See discussion at the end of my previous post.)



This article is for general informational purposes only, not a substitute for professional legal advice. It does not result in the creation of an attorney-client relationship.