Online Behavioral Advertising – Congress Poised to Act

Late last week, Rep. Rick Boucher (D-Va.), who chairs the Subcommittee on Communications, Technology and the Internet, released a statement indicating that despite industry collaboration and efforts at self-regulation, his belief is that government regulation remains necessary. Rep. Boucher intends to introduce legislation, regulating online behavioral advertising. His statement notes that the intention would be “to assure Internet users a high degree of privacy protection, including transparency about the collection, use and sharing of information about them and to give them control over that collection, use and sharing,” and that the advertising industry’s self-regulatory principles, “while proactive . . . . do not go far enough.”

In deference to the industry, however, Rep. Boucher’s statement also acknowledges that “online advertising supports much of the commercial content, applications and services that are available to Internet users today without charge,” and mentions that the intention of any legislation is not to disrupt well-established business models. The announcement asserts the legislation will have bipartisan support, and although it notes that actual draft legislation is not yet ready for prime time, it will be targeted primarily at privacy concerns, seeking to establish baseline standards relating to the disclosure, collection and use of consumer information, and safe harbors for advertisers that adhere to certain online practices in connection with these issues. In addition, the Federal Trade Commission will be given the authority to enforce the principles in the legislation and define the specific policies and practices that would allow advertisers to take advantage of the proposed safe harbor protections.

You can read all of Rep. Boucher’s statement right here. Fittingly, there is still time to register for tomorrow’s teleseminar “Are You Behaving Badly”, sponsored by the Advertising Technology & Media law practice at Rimon.

Self-Regulatory Online Behavioral Advertising Principles: What’s Déjà New?

In a speech in November 1942, Sir Winston Churchill remarked, “Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning.”

So, if you have been following along with the original announcement and each of the following “principle summaries” posted on Legal Bytes:

. . . and, if you have read the actual report, then you will appreciate that “Self-Regulatory Principles for Online Behavioral Advertising”, consistent with the Federal Trade Commission’s support of industry self-regulation, are patterned after the highly successful record of the Council of Better Business Bureaus in regulating the traditional advertising industry for more than 30 years. A record that includes industry collaboration, self-regulatory principles and monitoring, and close collaboration with the Federal Trade Commission over the years, as the industry and advertising models evolved.

While one is always careful to ensure that at some point governmental intervention may be necessary to protect consumers from those who abuse the system or violate the law, the question to ask is whether and to what extent new or different regulation is required. That is certainly a question being asked (and being answered) by a coalition of 10 consumer advocacy and privacy groups in its recently released report, “Online Behavioral Tracking and Targeting Concerns and Solutions”, in response to the industry principles. More importantly, one may ask whether a concretized and codified piece of legislation is likely to remain relevant or even defensible in the face of innovation and technology that could not have been predicted five years ago and, I believe, will remain relatively unpredictable in the future.

That said, some aspects of advertising are predictable. Development, display and distribution mechanism will evolve dynamically as technology and innovation continue. Notions of consumer privacy and data protection will continue to evolve and be difficult to harmonize across nations, across cultural and local boundaries, and—because privacy is and has always been context specific—in time and space. What might have been considered private in 16th century France is very different from the concept of privacy that permeates the hearts and minds of citizens of Japan or Brazil today. Indeed, even the role of government in protecting one’s right to privacy and the use of information about oneself, is an ever-changing one. Advertising models and economics will continue to change, with metrics and quantification methodologies being sparred and argued over, recognizing that even the roles of advertisers, agencies, media buyers, and broadcast and publishing networks, as well as ISPs, search engine, browser and web hosting companies—the technology players—are and will continue to change. Wireless and mobile devices will continue to expand the domain of advertising and challenge our ability to capture consumers’ interest on tiny mobile screens, while the opposite is taking place in our living rooms—with the separation of desktop or laptop computing and home television and entertainment centers being increasingly irrelevant (and screens becoming larger). Oh, and did we forget to mention how online gaming and the interplay between gaming console, entertainment and product placement, virtual worlds and display advertising, are all blurring (pardon the pun) right before our eyes?

So if you have ever attempted to change a tire on a moving automobile, you have a vision of what the “industry” is and will look like in the future. Under these circumstances, traditional regulation as we knew it, may not make sense. What might make sense is a more dynamic system of regulation. One that is more flexible, more adaptable and more capable of interacting and reacting to changing circumstances, mechanisms, technology and the environment. Perhaps allowing the industry and the Federal Trade Commission, in conjunction with other agencies already tasked with the mission of protecting consumers within their particular areas of authority (e.g., FDA, FCC, FAA, and the list goes on) to develop self-regulatory enforcement mechanisms, referral mechanisms, and a track record, may be the best way to determine what, where and when regulation may be needed.

In the meantime, you may want to ask yourself if you are misbehaving as an advertiser or marketing professional, and register and listen in to our “Are You Behaving Badly” Teleseminar Sept. 30, which will tackle current issues in global regulation of behavioral advertising.

As always, I and my colleagues in the Advertising Technology & Media law practice at Rimon are ready to assist in guiding, advising and providing legal support where and when you need it. We’ve been changing tires for more than a century!

Rimon DC Office Hosting Next FCBA Privacy/Data Security & Legislative Committees Meeting

Rimon will host the next brown bag lunch meeting of the Federal Communications Bar Association’s joint Privacy/Data Security and Legislative Committees. The meeting will be held on October 13, 2009 between 12:00 noon – 2:00 p.m. at Rimon’s Washington, D.C. offices (1301 K Street, NW, Suite 1100 East Tower). The Committees will discuss the legislative priorities for the 111th Congress with special emphasis on behavioral marketing and data security legislation. The following speakers are confirmed to-date: Amy Levine, Legislative Counsel to Congressman Rich Boucher; and Paul Cancienne, Legislative Aide to Congresswoman Mary Bono Mack. We also have invited staff from the U.S. Senate. Please RSVP to Desiree Logan at to attend.

University Licensing Gets a Jolt – Exclusivity Is Not Patently Obvious

This post was written by Craig P. Opperman.

The United States Court of Appeals for the Federal Circuit has just overturned a lower court’s decision to throw out a patent infringement action brought by AsymmetRx against Biocare Medical. Why, you ask? The Appeals Court concluded in AsymmetRx, Inc. v. Biocare Medical LLC that the patent owner, Harvard, should have been included in the lawsuit. Why should you care? Bear with me, especially if you are involved in any way in licensing, exploiting or otherwise commercializing technology, inventions or other intellectual property related to colleges and universities – or in litigating related licensing disputes.

Harvard gave AsymmetRx an exclusive license (including the right to enforce its rights) under a fairly standard and typical “university” licensing agreement. AsymmetRx sued Biocare and won. So far, all is right and ‘normal’ with the world. BUT, not so fast. Biocare appealed the decision and – are you ready?- The Appeals Court for the Federal Circuit sent the case right back to the District Court saying, exclusive? Not really. Harvard should have been joined in the infringement action. What, you say? How can this be? Read on.

The appellate court ruled that reading all the terms and conditions of the standard university license altogether, AsymmetRx didn’t really have the equivalent of full ownership of the patent or the subject matter – exclusive license notwithstanding. So Harvard, the owner, must be a party to the action for any determination on the merits. Specifically, the Court stated: “When viewing the retention of the right to sue in conjunction with all of the other rights retained by Harvard, it is clear that Harvard conveyed less than all substantial rights under the patents. While any of these restrictions alone might not have been destructive of the transfer of all substantial rights, their totality is sufficient to do so.”

In other words, since Harvard, under the terms of its license, still kept a significant amount of control over the patent rights, AsymmetRx as a licensee did not have enough of an interest in the patents to sue without joining Harvard – even though the license terms purported to give AsymmetRx the right to do so. Hmmmm.

Who cares? First of all, universities may now end up having to be joined in every intellectual property infringement action or disputes over intellectual property rights – even though it/they may have given an exclusive license, including the right to bring an action in its own name, to someone else. Are the litigators seeing dollar signs, and are university officials seeing legal costs and additional expenses, in the licensing process?

Just as significantly, if you are a transactional or intellectual property lawyer (or if you are involved in the licensing process from a transactional, contractual or licensing point of view), it gets more complicated. Universities have crafted standard licensing terms which, with rare exceptions, are used in virtually all of their licensing arrangements. So do you change the terms and conditions of these license agreements, relinquishing a greater degree of control – in which case the contract might look more like an ‘assignment’ than a ‘license’ – OR do colleges and universities start gearing up for being involved in more and more intellectual property infringement and rights disputes and lawsuits? If so, does the license agreement specifically need to state that the university is willing or amenable to being joined in the action? What if it’s not? What if it wants to decide on a case-by-case basis? What if the Court decides the university must be joined anyway? What if . . .?

So, are you a licensee? An investor? A university? A rights holder? Doing due diligence? Negotiating licensing agreements? Representing any of these folks? You can do nothing and hope for the best, or you can contact Rimon’s Craig P. Opperman. In uncertain times, no one may have all the answers, but at least you will have an informed basis to make some decisions from lawyers who know.

Will Net Neutrality Compromise Net Profits?

Earlier today, Julius Genachowski, Chairman of the Federal Communications Commission (FCC), telegraphed the Commission’s plans to open a formal rule-making process on the issue of “net neutrality.” It’s likely the specifics regarding hearings and a timetable for any proposed rulemaking procedures will be on the agenda for the FCC’s October meeting.

While many of the major carriers – including wireless carriers who have typically been out of the fray when it comes to the Web – have argued against both the need and the wisdom of competitive regulation amongst carriers, open Internet advocates, many of whom were ardent campaign contributors and supporters of President Obama, have been aggressively pushing for regulation. Companies such as and Google, have long argued for rules that would prohibit carriers from denying their right to give consumers complete freedom of choice when it comes to both the content they receive and the devices they use to receive it. While not necessarily quibbling with what appears, on its face, to be a reasonable and market driven approach, opponents point out that the government stay away from intervening in yet another major marketplace – this time one, they argue, that isn’t broken. Further, and perhaps more significantly, companies such as ATT and Verizon, now joined by ATT Wireless, Verizon Wireless, Sprint (Sprint Nextel) and T-Mobile (Deutsche Telekom) argue that forcing carriers to open up their networks without corresponding economic counterbalances in place will force them to either raise consumer prices to keep up with virtually unrestricted broadband demand, but may require them to limit availability and accessibility for capacity and technological reasons. Wireless carriers may have special reasons to be concerned given current pricing models and the technological limits of current bandwidth capacity. That said, the major cable television, fiber optic and DSL-based Internet providers have long had to cope with government regulation and requirements.

Back in the days following the breakup of AT&T’s telephone monopoly (anyone remember Judge Green and his landmark 1983 rulings?), the regional and local companies spawned by carving up the nations’ previously regulated monopoly – the so-called ‘Baby Bells’ – worried about long-distance carriers (including the remaining long distance carrier, AT&T) making deals for preferential treatment over interconnections. Thus the principle of equal (“neutral”) treatment for interconnectivity arose. When cable companies started offering Internet service – previously the domain of phone-line intensive telephone companies (remember dial-up?) – they tried to convince everyone that neutrality didn’t apply to them. They carried information, and weren’t, after all, common carriers.

OK. Fast forward to the market response. Phone companies decided to get into the content business! Cable companies are offering Internet and VOIP services, telephone companies are offering entertainment, programming and information services, wireless phone services stream video content and provide messaging of news, sports scores and applications galore (oh, they do still carry voice traffic when you need to make a call).

So back to 2009 and the future. According to Commissioner Genachowski: “This is not about government regulation of the Internet,” adding that “We will do as much as we need to do, and no more, to ensure that the Internet remains an unfettered platform for competition, creativity, and entrepreneurial activity.” That said, his proposal would add a fifth principle to the FCC’s existing four that relate to the Internet. To wit, that carriers will not be permitted to be selective about the content they carry (subject, of course, to their continued ability to block illegal content) and will be required to be transparent about how they are managing the carriage of content across their networks. Violations and allegations of discriminatory practices would still be reviewed by the FCC as and when the facts of each specific case arise. You can read or download the complete statement of Commissioner Genachowski’s prepared statement today, entitled “Preserving a Free and Open Internet: A Platform for Innovation, Opportunity, and Prosperity,” right here.

Clearly if you are a small Internet application provider or software developer that has traditionally had to pay for access through a carrier, open, non-discriminatory access would prove a major boon. Then again, Internet carriers – wired and wireless – have invested huge amounts of capital in building their own proprietary networks. Since there is no evidence that there is a lack of competition, why should the government tell any of them what they should or should not carry on their networks? Indeed, since the early 1990s, when the Web evolved from a glimmer in the eye of Tim Berners-Lee, to a reality, there have been so few real complaints (and so few complaints from consumers, even as competitors bash each other about), why fix something that doesn’t appear to be or have been broken for almost two decades?

Confused as to how the FCC proceedings might or might not affect your business? Thinking about participating in the dialog or submitting comments to the FCC? Let Rimon help you. To stay informed, keep your mouse tuned to Legal Bytes, and if you need to know more, please feel free to call me or the Rimon attorney with whom you regularly work.

Veoh Vindicated; Vivendi Vanquished. DMCA Rules.

Veoh Networks, which makes both professionally created programming content and entertainment, as well as user-generated content, available through its website, has often lived in the shadow of Google, YouTube, and Apple’s iTunes. Earlier this week, Veoh got a bit of sunshine.

Two years ago, Universal Music Group (a company owned by Vivendi SA), sued Veoh for copyright infringement. The suit alleged that Veoh’s business was essentially based on the infringing use of copyrighted works of others, notably from Universal’s viewpoint, musical groups and artists.

Veoh countered with the fact that it used filtering technology to detect and remove protected content and, in the words of Judge Matz, writing for the U.S. District Court for the Central District of California, when Veoh “did acquire knowledge of allegedly infringing material . . . . it expeditiously removed such material . . .,” vindicating Veoh supporters who have consistently maintained Veoh is protected by the provisions of the Digital Millennium Copyright Act (DMCA). This is the second time the legal sun has shone on Veoh. A similar lawsuit brought by Io Group, an adult entertainment company, was also decided in favor of Veoh last year.

Legal Bytes has previously reported the criteria necessary to comply with the DMCA (you did read that, right?), thus you know that a key requirement for insulation from liability for copyright infringement under the DMCA is the question of whether, when a company becomes aware of infringing content, it promptly removes it from use and display. The California Court rules that Veoh had done just that, and consequently the safe harbor provisions of the DMCA served to protect Veoh from liability in this case. Judge Matz’ order notes: "The DMCA does not place the burden of ferreting out infringement on the service provider". You can read the full text of the Summary Judgment Order of the California Court.

Universal is expected to appeal, claiming the Judge’s order fails to adequately take into account Universal’s claim that everyone connected with Veoh must have known about rampant infringement and that alone should sustain the ‘knowledge’ which would remove the shield from their entire business model – a shield otherwise available to web hosting companies. However, it may well be an uphill battle since the Court specifically addressed this issue, noting “If such general awareness were enough to raise a ‘red flag,’ the DMCA safe harbor would not serve its purpose".

If you are concerned you don’t know enough about digital rights management; compliance with the provisions of the DMCA; about liability applicable to website owners and operators or the rights available to content owners, the Advertising Technology & Media group at Rimon is for you. Try us. You might like us. Feel free to call me or, if you are already a client, call the Rimon attorney with whom you regularly work. 

A Pirate’s Life (Not) For Me: France Strikes Out Internet Piracy

This post was also written by Andrew Boortz.

Over the last several months, France’s Parliament has been focusing on the issue of Internet piracy. In May, both houses of the French parliament passed the so-called “three strikes” law which would have given an independent body the ability to disconnect file-sharers from their ISPs. In June, the law was declared unconstitutional by the Constitutional Council because, under French law, the power to force such disconnection could only come through issuance of a court order. In response, French President Nicolas Sarkozy gave the first Presidential speech to the French Parliament in 150 years and passionately defended regulation of Internet piracy.

After President Sarkozy’s speech, the French Senate drafted and passed a modified version of the “three strikes” law which would allow alleged infringers to present their case to a French court, prior to losing their Internet connection. Judges in these hearings would have the power to: (1) order disconnection of the alleged infringer’s Internet access; (2) fine the alleged infringer up to €300,000; and/or (3) sentence the alleged infringer to a two-year prison term. Just yesterday (September 15th), the French National Assembly gave preliminary approval to the measure by a vote of 285-225 and now, a joint committee will unify the Senate and Assembly versions and present a final bill to both houses for a vote on September 22nd.

In looking back over the piracy-related events of this year, it may well turn out that 2009 will be remembered as a watershed year in the struggle between Internet pirates and rights holders.  With the Jammie Thomas and Joel Tenenbaum verdicts in the States, the pseudo-shuttering of the Pirate Bay in Sweden, the implementation of a self-imposed, self-regulatory “three strikes” policy by Ireland’s largest ISP (created under threat of massive litigation) and now France’s revised and revitalized new “three strikes” law, the global community is indeed tilting towards greater sanctions and regulation of Internet piracy.

This raises questions for technology innovators. For example, Facebook, which according to a CNN report out today has a social network population nearly as large as the population of the United States, will soon launch a voice chat feature.  Most likely, the feature could be used to stream media across the globe as well as the nation? Would Facebook be liable for creation and distribution of such a feature, which is similar to that which created liability for the Pirate Bay creators for their torrent-tracking website?

Need help? Confused by the torrent of information, technology and legal rights?  Need to know more? Contact Andrew (“Drew”) Boortz, in our Washington, D.C. office, call me or contact the Rimon attorney with whom you regularly work.

Privacy: FTC Announces the First in a Series of Public Roundtables

Earlier today the Federal Trade Commission announced details of the first of a series of Public Roundtables being held to deal with continuing efforts to examine, evaluate and determine if, and to what extent, regulation may be needed in connection with consumer privacy. In its announcement, the FTC specifically cites its intention to review privacy practices related to social networking, cloud computing, online behavioral advertising, mobile marketing, and the collection and use of information by retailers, data brokers and third-party applications.

The FTC’s announcement acknowledges the beneficial uses of information and technological innovation, while seeking to balance those against the need to protect consumer privacy. The first full-day session will be held Monday, December 7, 2009, at the FTC Conference Center at 601 New Jersey Avenue, N.W., Washington, D.C., and no registration is required. Those who cannot attend in person are welcome to go to and will be able to view the proceedings as a webcast.

The FTC has invited individuals and organizations to participate and/or to suggest topics. To participate, your request can be submitted directly to the FTC by email sent to on or before October 30th, and comments surrounding the issues to be discussed can be submitted on or before November 6th. The FTC has prepared a list of specific questions it intends to use in opening the dialog at this first in its series of public roundtable discussions and has invited written comments, as well as research submissions. Details can be found at the Privacy Roundtable Workshop page of the FTC’s website. Comments can be mailed to the FTC, or you can check the FTC website for instructions as to submitting comments electronically. Of course, Rimon stands ready to assist clients in preparing comments or providing representation, and if we can be of assistance, don’t hesitate to contact us. If you need to know more, please feel free to call me or the Rimon attorney with whom you regularly work.

Self-Regulatory Online Behavioral Advertising Principle No. 7: Accountability

This post was also written by Adam Snukal.

Well, here it is. A summary of the last of the seven principles contained in the Self-Regulatory Online Behavioral Advertising Principles released by the Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Interactive Advertising Bureau, in concert with the Council of Better Business Bureaus. The seven principles are:

The Accountability principle is the one concerned with the “effect,” rather than the “cause” and calls upon the industry to establish and implement programs to monitor its online behavioral advertising activities and take steps to ensure compliance with the principles within a self-regulatory framework. In the context of the self-regulatory principles, Accountability means – monitoring, transparency, reporting and compliance.

  • Monitoring: Both random and systematic, depending on the circumstances;
  • Transparency: Widely available, easy to use communication tools and channels so that the public, competitors and government agencies can file complaints when the Principles are violated;
  • Reporting: Violators will be publicly reported, including the reason for a finding of violation, a description of the violation, and the actions taken in response to, and to correct, the non-compliance; and
  • Compliance: The establishment of mechanisms and procedures to bring any publicly-reported entity into compliance with the principles, or, if necessary, to refer the violation to the appropriate government agency.

The Accountability principle also notes the importance of coordination and consistency among programs to promote efficiencies in implementation, so as to avoid multiple enforcement actions against the same entity for the same violation.

While the blueprint for the specifics surrounding the proposed monitoring, transparency, reporting and compliance initiatives under this principle are yet to be drawn, the Direct Marketing Association (“DMA”) and National Advertising Review Council of the Council of Better Business Bureaus (“CBBB”), have agreed to cooperate and collaborate, with the stated goal of having something in place by early 2010. Both the DMA and the CBBB were called upon to provide leadership in this area because of their widely respected existing self-regulatory accountability programs. The DMA also has agreed to integrate the principles into its longstanding DMA Self-Regulatory and Compliance Tools.

If you would like to read the entire “Self-Regulatory Principles for Online Behavioral Advertising” report now, in its entirety, just follow the link, but stay tuned for next week, when we will post a short consolidated summary of all seven principles and you can always read the entire “Self-Regulatory Principles for Online Behavioral Advertising” report here. So now, as always, if you have any questions or need help, please feel free to contact Adam Snukal or me, or any of the Rimon attorneys with whom you regularly work.

Broadband Network for the Birds? Not So Fast.

Under normal circumstances, this post would appear in the Useless But Compelling Facts section of Legal Bytes. But although this is compelling, it is not quite useless. 

It appears that a South African IT company (Unlimited IT) was so frustrated by the level of broadband Internet service it was receiving from Telkom, that it challenged Telkom to a race with a carrier pigeon. As you might have guessed, the absence of significant competition limited Unlimited IT’s choices of providers, hence the frustration.

The challenge was a simple one. The company would send a homing carrier pigeon from Howick (on the coast) to Unlimited’s head office in Durban, and at the same time upload the data using the ISP lines with the file addressed to the same location.

So they tied a 4 gigabyte memory stick data card to Winston’s (the pigeon’s) leg and released him to hone it on "home." Well, it took good old Winston, depending on which agency you listen to, somewhere between one to two hours to make the journey of less than 60 miles. Are you ready? By the time two hours had elapsed . . . . here it comes . . . . less than 4 percent (yes, less than 4 PERCENT) of the data had made the trip to its destination. We really can’t make this up.

As reported in The Christian Science Monitor, Kevin Rolfe, head of information technology at the Unlimited Group, reported that "Winston arrived after two hours, six minutes, and 57 seconds," but "when we finally stopped the computer, about 100 megs had transferred, which is about 4 percent of the total."

So next time you think your network or the Internet servers are for the birds, let’s be a little less insulting to our fine feathered friends.

If you need to know more, please don’t call me. I can’t explain it either.