Skip to content
Back to blog 6 min read

Top legal mistakes small business owners make (and how to avoid them)

Written by Phil Evangelou
blog feature image

As a small business owner, there are a million things to do and think about that it's easy to forget about things like intellectual property and data protection. However, not thinking about it could lead to some big legal issues down the track that could cause some big headaches. So, let's make some time for it today. These are the top legal mistakes many small business owners make, and how you can avoid them.

Mistakes around Intellectual Property

Your Intellectual Property (IP) refers to things that you have created such as your software, programs, designs, symbols, names, and images used in commerce. There are a few ways you can protect your IP in your business.

Copyright protection for businesses

First is ensuring that your business has copyright protection on things that are original pieces of creative work that you have created. Things such as ideas, styles, concepts, or techniques aren't protected by copyright.

There is no system of registration for copyright protection in Australia - it's free and automatic. However, you should place a label or symbol on your work to indicate your copyright in materials where possible.

When publishing content, you also need to be careful about who owns the intellectual property of things before you post things on your social media, even if you're a marketplace business.

A case study of a marketplace accidentally infringing on a copyright is the example of Pokemon Company International Inc V Redbubble. This was when an artist posted a mashup for sale on Redbubble including the imagery of Pikachu, a cartoon character that's copyrighted to the Pokemon Company. Pokemon took Redbubble to court for infringing on the copyright. And while Pokemon was only awarded minimal damages because it was a mashup and Pokemon wouldn't have received royalties of it anyway, Redbubble still had to pay Pokemon's legal costs.

Register trademarks

Another way to protect your small business' IP is by using trademarks. Trademarks are different from copyright protection based on what type of IP you are protecting. While copyright protects original work, trademarks help distinguish goods and services from different businesses. The type of IP could include a letter, number, word, phrase, sound, smell, shape, logo, picture, and/or aspect of packaging of a business.

The best way to really protect your brand is really to basically register a trademark because it's protecting what your 'signature' is in the marketplace and creates a strong, unique brand identity that no one else can use in your category. Think about it this way. Would you agree that brands like Google, Apple, Coca-Cola, Facebook, McDonald's, one of their most valuable assets is their brand name?

Their brand name (and logos) are the most recognisable thing in their business and are what helps shape their entire brand identity, and are what sets them apart from competitors. That's why it's critical that businesses register their brand name and logo as soon as you come up with it because someone else can come along and steal your brand name from underneath you, especially if you haven't been around for long.

The earlier you do that when you set up your business, the better, especially if you're going to be spending a lot of money on marketing and promoting your brand out there, the last thing you want to do is having to rebrand and basically, change your entire brand just because you have forgotten to register your trademark from the outset.

As soon as it's registered with IP Australia, it gives you statutory protection for your brand or logo, and no other business can register the same brand name or logo in your class of goods or services that you register in.

A note that you can't register a similar logo or name that's already registered in your category because it's likely to cause confusion in the marketplace, IP Australia could reject your application, so try to be as unique as possible.


The third way you can protect your IP is through patents. This protects the IP on anything that is inventive or innovative on things such as fashion designs, confectionery recipes, or even furniture designs. The key here is that it can protect all of this as long as it is unique and new, not just things that are used in a different type of industry or use.

Employee contracts

One of the other most important ways you can protect your information (especially confidential information) is through employee contracts. This type of information includes things such as the business's organisational structure, activities, operating procedures, or information on its products and services that are not available in the public domain.

The question you need to ask yourself: are you adequately protecting your business' confidential information through your employee contracts?

This is one of the big legal mistakes we see small businesses do because there is always a chance that an employee or a former employee could compromise the confidentiality of your company if they copy your data from a work computer or server onto a hard drive or USB before the end of their employment, disclose information from an employer to a new employer, or send emails from a work email to a personal email address.

That is why you should set clear terms in the contract of employment setting out obligations in relation to the treatment of confidential information during employment and post-employment. Make sure that there are key confidentially clauses in there to ensure that your confidential information of our business is adequately protected. Things that should be included in the contract include the following:

  • A general description of all items that should stay confidential
  • An outline of reasons for information to remain private
  • An obligation to maintain its secrecy
  • Obligations of parties to the agreement
  • A duty for employees to return any confidential information in their possession when employment ends
  • A time frame in which information should stay confidential
  • And an outline of the consequences for breaching confidentiality obligations

If you are currently experiencing a breach of confidential information from an employee or former employee and hadn't put a confidentiality clause in their contract, the only other option would be to go through the Corporations Act 2001 with the Australian Securities and Investments Commission. This act imposes a statutory duty on employees which prevents them from using their position or information to gain an advantage for themselves or to cause detriment to the company. However, this is much more difficult to impose than with a contract.

Common pitfalls in data and privacy and cybersecurity

Outside of failing to protect IP, a lot of small businesses don't protect their data or privacy with cybersecurity says Lumify Learn Courses. A breach of security leads to financial loss and business loss or even a legal matter which is why it's so important that you learn how to protect your business against the risks that could arise from operating online to avoid falling victim to cybercrime or cyber-attacks.

Cybercrime involves the manipulation, destruction or exposure of information of things such as customer records and information, email and financial records, or business plans or ideas. Adding things like two-factor authentication, something as simple as that could add an extra layer of protection to your data to ensure that hackers can't get into your emails or cloud service providers. You can also get cybersecurity insurance to cover your company for any losses suffered by customers or employees in the data breach.

Make sure you have a privacy policy (that's up to date) that sets out how you handle data breaches. And if you do experience a data breach, make sure to report it to the office of the information commissioner. If it's likely to cause serious harm, you have a legal obligation to report it and also notify the people who are affected by it as soon as practical.

If there is a data breach and it can be shown that you and your business haven't taken adequate steps to protect the data, the director of your company could potentially be in breach of their director's duty because they have to take adequate steps in order to protect the assets of the company which includes the data.

Key takeaways

In business, there will inevitably be challenges, but you want to be setting yourself up to experience as few unnecessary challenges as possible, especially legal mistakes. And the best way to do that in a legal sense is by protecting your information, intellectual property, and data and privacy too.

Ensuring that your small business has these things set in place and reviewed regularly will set you up for success in the long term.

You can connect with me on LinkedIn or through OpenLegal.

Need more help building your business in a way that will set you up for long-term success? Let us show you how to build a well-structured, strategically planned growth plan with our exclusive short course Strategic Planning. Led by  The Entourage's CEO and former General Manager of Uber, this course will help you create a plan for your business' ideal future. Access the course now.

strategic planning cta image

Join the movement.

Your Entourage journey starts here. Join Australia's largest community of over 500,000 business owners and entrepreneurs, and receive instant access to exclusive content and updates delivered straight to your inbox.