Posted on

Court Orders Google to Turn Over Blogger Identity Information

Earlier this week, New York State Supreme Court Judge Joan Madden ordered Google to turn over account information about an anonymous blogger to model Liskula Cohen in order to enable her to pursue a claim of defamation. The blogger had used Google’s blogging service to create a blog entitled “Skanks in NYC,” and had posted pictures and references to the model that were anything but flattering, and which, she claimed, lost potential opportunities for her. When Ms. Cohen originally sought to find out who had posted the content, predictably Google resisted, maintaining that its privacy policy does not permit the disclosure of the blogger’s account information.

To put this in perspective, the protection of free speech—especially anonymous speech—is a concept in American jurisprudence and history that traces its roots to Thomas Payne’s pamphlet, Common Sense. First published in 1776, it anonymously challenged the authority of Great Britain in the New World and is widely regarded as the first work to openly ask for independence for the Colonies from Britain.

Since then, state courts have varied on just how wide those rights go and for what purposes protection is appropriate. Although I am hardly a First Amendment lawyer or a Constitutional scholar, the legal issue still seems simple. If the speaker—anonymous or not—is expressing ideas or an opinion or belief, he or she is more likely to enjoy protection. While there are limitations on freedom of expression (e.g., yelling “fire” in a crowded theater), political expression has typically enjoyed greater protection than “commercial” speech—one being fundamental to a society’s encouragement of the free flow of ideas, the other designed to promote a product, service or brand in a free market economy. On the other side of the spectrum and generally not protected, would be public expressions that are clearly and solely intended to hurt someone, where actual harm can be shown from intentional or malicious public expression or, as was determined by the New York court here, where an illegal act was or was likely to have been committed—in this case, defamation.

While it is difficult to pinpoint a single factor that will always favor protection, anonymity is a strong legal shield U.S. jurisprudence holds dear to protect individuals from the potential swords of those in power, or from anyone who might seek to stifle dissent or ideas that might be unpopular. For example, in 2005, a blogger who ranted against a politician, accusing him of “obvious mental deterioration,” was ultimately protected by the Delaware Supreme Court expressing concern over the potential “chilling effect” on anonymous speech. The blogger in this case was referring to a politician, and the court ruled that in order to justify revealing the identity of an anonymous blogger, the plaintiff must provide evidence sufficient to all the elements of the claim if the case were to go to trial. Because the court concluded no reasonable person would believe the blogger’s statements to be factual, no action for defamation could be sustained, and the court dismissed the case. You can read the Delaware Supreme Court’s decision in full right here, but clearly for bloggers, this represented a significant landmark and affirmation of the substantial protection afforded anonymous posting.

In a subsequent 2008 case, a Maryland Court of Appeals decision (Independent Newspapers, Inc. v. Zebulon J. Brodie) similarly concluded that anonymous posts should be protected, and set out an approach first detailed in a New Jersey case (Dendrite Int’l, Inc. v. John Doe No. 3) describing the steps judges should take in deciding whether to compel disclosure of anonymous online speakers in cases that come along in the future.

Unlike the previous cases, and potentially distinguishing this case, is the fact that the blogger here targeted Ms. Cohen intentionally, exclusively, and individually; and while the defendant argued the postings were just “trash talk” and only opinion, Judge Madden noted that if Ms. Cohen could prove the blogger’s statements were factually inaccurate, it would refute the argument that the posts were merely opinion and would support a legal claim of defamation.

As we have previously noted in Legal Bytes in articles describing the FTC’s efforts to regulate the blogosphere, and in presentations we have made, it is clear that online speech is coming under increased scrutiny, and that regulators and courts appear to nibbling away at the virtually complete immunity anonymous bloggers once seemed to enjoy, seeking to define the contours of what is or is not permissible conduct on the web. Does anyone remember the term “netiquette”?

For more information, or for assistance with issues like these or any social media, online, digital content, gaming or matters that meet at the crossroads of advertising, technology & media, look up Joseph I. Rosenbaum, send me an email, or contact the Rimon attorney with whom you regularly work. We are happy to help.

Posted on

Advertising Industry Collaboration Releases Self-Regulatory Online Behavioral Advertising Principles

A group of the nation’s largest media and marketing trade associations today released self-regulatory principles to protect consumer privacy in ad-supported interactive media that will require advertisers and websites to clearly inform consumers about data collection practices, and enable them to exercise control over that information.

In an extraordinary show of industry cooperation and collaboration, the American Association of Advertising Agencies, the Association of National Advertisers, the Direct Marketing Association, and the Interactive Advertising Bureau last week released a series of self-regulatory principles, intended to be implemented by 2010 and designed to protect consumer privacy in advertising-supported interactive media. As part of the announcement, the Council of Better Business Bureaus along with the DMA, has agreed to implement accountability programs relative to these principles.

These self-regulatory guidelines come on the heels of a recently released study commissioned by the IAB entitled “Economic Value of the Advertising-Supported Internet Ecosystem,” which reported that the advertising-supported Internet represents 2.1 percent of the total U.S. gross domestic product (GDP), contributing $300 billion to the economy, and has created 3.1 million U.S. jobs.

“Guided by the seven Principles we have announced today, the advertising community is developing one of the most comprehensive self-regulatory programs ever undertaken by the business community. The fast-changing online marketing environment is best addressed by a self-regulatory framework that is transparent, flexible and accountable to consumers’ needs and concerns. On behalf of our 360 members, who collectively invest more than $200 billion annually in marketing communications, we look forward to jointly developing a comprehensive business system that respects and honors these Principles,” said Bob Liodice, President and CEO, (ANA).

“This historic collaboration represents businesses and trade associations working together to advance the public interest,” said Randall Rothenberg, President and CEO, IAB. “Although consumers have registered few if any complaints about Internet privacy, surveys show they are concerned about their privacy. We are acting early and aggressively on their concerns, to reinforce their trust in this vital medium that contributes so significantly to the U.S. economy.”

The seven Principles designed to address consumer concerns about use of personal information without wreaking havoc to advertising that subsidizes and supports the vast array of free online content relate to:

  • Education
  • Transparency
  • Consumer Control
  • Data Security
  • Material Changes
  • Sensitive Data
  • Accountability

We will be highlighting each of these principles separately in Legal Bytes over the weeks ahead, but if you would like to read the “Self-Regulatory Principles for Online Behavioral Advertising” report now, in its entirety, just follow the link.

Posted on

Give Credit (Card), No Give a Gift (Card)! Why Not Give Both?

Although consumer credit regulation is hardly new – Regulation E, the Fair Credit Reporting Act, Regulation Z and laws regulating disclosures, debt collection practices, billing statements and the like have been around for decades – for the first time in U.S. history, Federal legislation is tackling pricing, rate modifications, advertising disclosures and fees, and adding a gift card angle as well. 

While the House has not yet passed this or any other version of the legislation, those in the know believe a similar, if not identical, bill will be approved by the House of Representatives and that the President is likely to sign it. 

Are you a bank, payment card association, credit union or financial institution that issues credit cards or gift cards? Here are highlights of the bill that passed the Senate:

  • When marketing, a card issuer would not be permitted to increase any advertised ‘teaser’ rates for at least a year after a new account was opened for the consumer, and promotional rates advertised to consumers must remain in effect for at least six month;
  • Unless the credit-issuing institution can get proof that anyone under 21 can actually repay their credit card debt, credit cards can only be issued to individuals under the age of 21 if a parent, legal guardian or guarantor agrees in writing to be responsible for the debts;
  • If a consumer pays more than the minimum balance due, the excess must be applied to the balance with the highest interest rate;
  • Card issuers will not be allowed to change rates retroactively on existing balances (there is an exception where the consumer is past due by 60 days – which, I guess, presumes that when a consumer can’t afford to pay their balance within 60 days, it’s ok to raise their rates since they probably won’t be able to afford to pay a higher rate either);
  • Bills for balances due must be sent at least three weeks (21 days) before their due date;
  • Card issuers will no longer be able to charge additional fees to consumers for alternate payment mechanisms (e.g., by mail, telephone, online, electronic, wire transfers), unless the consumer requests and the issuer offers some type of ‘expedited’ service;
  • Consumers must be asked if they want to allow ‘over-limit’ credit transactions and if they do not affirmatively consent, the card issuer will not be permitted to charge a fee if the issuer still authorizes the transaction (e.g., your credit limit is $1,000 and you charge something for $1,001 and the authorization system approves the transaction anyway);
  • Changes in the terms and conditions that apply to consumer cardholders will require at least 45 days’ notice; and
  • The minimum amount of time a gift card must remain valid for use will be 5 years. First, it is likely this will apply to gift cards that are consumer-oriented and where full value is paid, and not to discounted, bulk sales, non-consumer, incentive, employer or promotional gift cards – but then the legislation isn’t final yet, is it? Furthermore, the Federal legislation is not likely to preempt more consumer-friendly State law (e.g., California prohibits any expiration date on such gift cards), but it will place a minimum level of consumer protection against earlier expiration, even in States that have no applicable regulation.

There is also consideration being given to removing any current legal and contractual restrictions on merchants that would allow them to differentially price their products and services based on the incremental costs (or savings) of accepting different forms of payment. When credit and debit cards were scarce and cash was king (cash, as in ‘currency’), regulation and industry groups frowned upon differential pricing, arguing that allowing a merchant to charge more for the use of a credit card was discriminatory to the consumer – even though the cost of accepting such payment instruments was higher (the merchant pays a fee (discount rate) to the card-issuing enterprise for the privilege of accepting the particular brand of card). Furthermore, the growth of corporate and purchasing cards and the use of payment instruments in B2B transactions has resulted in situations where a manufacturer accepts a purchasing card (procurement-based credit card) in payment of sales to distributors, wholesalers and retailers – a fee is charged to the manufacturer for the card transaction. This chain continues until a consumer makes a retail purchase, and if any or all of these transactions involve branded payment instruments and not cash, travelers’ checks, bearer bonds or two goats and a chicken, today, a fee would most likely accrue on each payment-card transaction at each step of the way . . . significantly raising the cost to everyone and ultimately the consumer. Stay tuned.

So: Consumer Credit? Co-branded promotions? Loyalty Rewards Programs? Gift Cards? Premiums and Incentives? Retail Promotions? Payment Card Industry (PCI) Data Security Standards? Privacy & Data Protection? Identity Theft? Data Breach? Pre-Screening? Online Digital Payment Systems? Corporate Cards? Purchasing Cards? E-Commerce? Regulation E? Regulation Z? Statement Insert Advertising; Credit/Demographic Market Segmentation? Free? APR? Limited Time Offer?

Any of these sound familiar? It’s what we do? Our Advertising Technology & Media Law Group; our Financial Institutions Group; our Data Security and Identity Theft Group . . . need we say more . . . If you need help (or you are just over stimulated by the flurry of legislation, regulation and excitement), call us or email me at joseph.rosenbaum@rimonlaw.com. We can help.

Posted on

Transborder Transfers of Data Outside Europe Need New Rules

The European Commission established a Data Protection Working Party on data protection and privacy—an independent advisory body set up under the Data Protection Directive. This Working Party recently published an opinion relating to the EC’s draft standard contract terms that apply to the movement of data across national borders, notably between Member States within and outside of the EU. 

Specifically, the Working Party recommended that the Commission develop brand new model contract provisions to deal with international and multi-national data processing involving transfers of data outside the EC—a long-standing sore point among companies in countries that have historically been viewed as having "inadequate" privacy and data protections. These model or standard contract terms would establish acceptable contractual protections between entities that control data within the European Union/European Economic Area (EU/EEA) and data processors they use outside the European Community, to ensure protections are comparable.

Continue reading “Transborder Transfers of Data Outside Europe Need New Rules”

Posted on

Digital Dilemma – How To Respond When Law Enforcement Knocks

The SEC shows up at your door asking for documents relating to options and securities granted for the past 10 years. Homeland Security Officers arrive at your plant asking to speak to several employees and asking for copies of employment records. State police, having confiscated laptop computers and CD-ROM files during a drug bust, show up at your door asking to compare database records since they suspect that identity theft or credit card fraud may be afoot. The Department of Justice wants to interview several of your employees, claiming some may have entered the United States on non-immigrant visas. Sound far-fetched? Probably not these days.

With the economy in turmoil, corporate officers on the defensive, immigration under attack, and money laundering, piracy, drugs, terrorism and Ponzi schemes making headlines almost every day, law enforcement and regulatory officials are under increasing scrutiny and increasing pressure to protect the public and get results. It doesn’t take much imagination to appreciate that during the course of a criminal investigation, the most compelling evidence often arises from third parties who aren’t even knowingly involved; airline, credit card, hotel, telephone, email and other records can often document the where, when and sometimes how of criminal activity.

From a civil law point of view, competitive pressures can lead to claims of economic espionage and theft of trade secrets, and antitrust issues can arise that will spawn litigation and the compelled disclosure of evidence. Indeed, any corporate executive or corporate lawyer who has ever been on the receiving end of a third party subpoena issued to them—innocent third parties—knows how burdensome and costly such requests for evidence can be, even if you aren’t a party to the lawsuit.

In a digital world, it is also far too easy to collect, maintain and copy vast amounts of information—information accessible with several keystrokes, available on easily transportable magnetic media. For corporations and their executives and managers, growing and often regular dilemmas must be confronted when law enforcement or regulators show up at the door and start asking questions or requesting information. Corporations have legal obligations involving compliance and cooperation with law enforcement and regulatory officials. But they also have responsibilities and legal obligations to their employees and their workplaces—and to their shareholders. If not done properly, cooperating with law enforcement and regulators can lead to lawsuits by employees, customers and, sometimes—if large amounts of time and money are expended because of improper or inadequate procedures—even shareholders. 

Continue reading “Digital Dilemma – How To Respond When Law Enforcement Knocks”

Posted on

France: Online Ads Could Lead to User Data ‘Merchandising’

In a report entitled “Targeted Online Advertising” (La Publicité Ciblée en Ligne), presented in February and recently released publicly, the French data protection regulatory authority (CNIL) has expressed concern that targeted online advertising could be a conduit for the merchandising of personally identifiable information about online users. 

The CNIL has been examining context-sensitive, behavioral marketing and targeted advertising mechanisms online, and is concerned about privacy implications. The report notes that analyzing online user data for the purpose of serving more relevant advertising involves the collection of Internet protocol addresses, what websites a user arrived from or subsequently visited, and even key words entered by the user. In case you haven’t thought about it, definitions are hardly uniform in laws and regulations around the world, i.e., an IP address is considered personal data in the EU, but is not personally identifiable information in the United States. 

The report raises an alarm over what could be a means of “systematic profiling” and examines what it believes are growing risks to privacy in this context. In France, and many jurisdictions, targeted advertising must comply with the same data protection rules that apply to the use of personal data online. The French authorities have consistently maintained that users should be specifically informed about how their data will be used, and should be given the opportunity to opt out of these uses—even if it means they can no longer use the services available on the site.

The report also specifically notes that many free services on the Internet are actually subsidized by advertising. While “free” is an accurate financial description in a literal sense, consumers often don’t appreciate they are actually paying a “price”—the value of personal information provided in exchange for “free” services they receive online. 

While the report does not attempt to cover mobile or wireless advertising broadly, it does note that adding information about a user’s location through GPS and other technology, adds tracking capability that the CNIL fears will allow for even greater intrusion and profiling of individual behavior. You can read the entire CNIL report in French on their website at “La publicité ciblée en ligne” (Targeted Online Advertising).

Posted on

FTC Testimonial and Endorsement Guides Stimulate Industry Comment

Rimon acts as counsel to many of the advertising industry’s leading trade and membership associations – The Association of National Advertisers, The Word of Mouth Marketing Association, the Interactive Advertising Bureau, to name only a few. As you may have notices, a recent Legal Bytes blog post noted that just last month the FTC supplemented its December 2007 “Self-Regulatory Principles for Online Behavioral Advertising” report.

Well the FTC has been busy in re-examining it’s policies regarding testimonials and endorsements in this digital age. As previously reported in Legal Bytes, the FTC indicated it was revising it’s Testimonial and Endorsement Guides (the first time since the 1980s). Well comments have now been submitted and we strongly recommend that anyone in the advertising and marketing business take a look at some of them. In fact, to help you, Legal Bytes has a couple you can look at right now – Comments for The Association of National Advertisers and Comments for The Word of Mouth Marketing Association – and when you finish reading them ask yourself:

  • Now that public comments are in, what do we think will happen?
  • What is in front of the FTC that might affect its decision making?
  • How would self-regulation differ from the way the FTC has been operating?
  • What does the new FTC Chairman think about self-regulation?
  • Do we expect the new administration to shift direction? If so, which way?
  • How is all this likely to affect advertising and marketing using product placements, branded entertainment, blogs, consumer generated content, buzz, viral and word of mouth marketing?

If you need to know, you need to contact John Feldman, Douglas Wood or Joseph Rosenbaum – or your favorite Rimon attorney – who will be more than happy to help you.

Posted on

Behave Yourself – FTC Behavioral Ad Guidelines Promote Self Regulation, BUT . . .

FTC Releases Revised Ad Guidelines: Are New Marketing Practices in Your Wallet?

On February 12, 2009, the FTC supplemented its December 2007 “Self-Regulatory Principles for Online Behavioral Advertising” report, highlighting the FTC’s voluntary best practices for the behavioral advertising industry. While continuing to support self-regulation, that should not be taken as a vote of confidence for continuing the status quo. Change is in the air and you may well need to:

  • develop more consumer education concerning behavioral advertising;
  • develop internal privacy protections for anonymous data profiles;
  • create opt-in notice mechanisms for collection of sensitive information; and
  • create opt-in notice mechanisms for retroactive changes to privacy practices.

. . . and if you think your privacy policies are ok, as is, think again. The FTC has taken a broad brush to paint a picture of what it considers personally identifiable information (PII) and what ‘sharing’ of that information may require. Our experts Amy S. Mushahwar and John P. Feldman have written an alert that describes what you need to know in more detail. To read the full alert, with links to the FTC releases, click here.

Posted on

Objects in the Mirror Are Closer Than They Appear

Who would have thought that would refer to our financial system, real estate markets, building developers, technology providers and, lest we forget, automobile manufacturers. This was a year of challenge and change. America elected its first Afro-American President, who inherits a country involved in wars, economic turmoil of unprecedented proportions and a government tab increased by $1 trillion in the past 90 days. The NY Giants won the Super Bowl (and may do it again). The price of gasoline went from $2 a gallon to more than $4 a gallon to less than $1.50 a gallon this year, and the stock market experienced unprecedented swings, some days approaching 1,000 points; and fluctuations of anywhere from 200 to 600 points stopped being unusual—sometimes in the same day! No laughing matter, the Federal Reserve was doling out discount coupons for the purchase of investment banks, banks were buying brokerage houses, and non-banks were lining up to become regulated banks, just so they could share in the bail out fund. Indeed, the term “bail out,” once the domain of skydivers and sinking rowboats, became the most over-used word in the news (and in Congress). Speaking of domains, ICANN turned the world of domain names on its ear with its proposed Draft Applicant Guidebook (Legal Bytes; November 2008). Cyberwarfare no longer remained the domain of motion pictures like “War Games,” “Terminator” and “Matrix” when Georgian websites were under attack while Russians soldiers invaded the real Georgian sites. And speaking of Georgia, a court in the other state of Georgia upheld the validity of promotions held via SMS text messaging. Virtual worlds were in the news: divorces, theft of intellectual property, defamation, performance rights, even the murder of an avatar resulted in an arrest. “Green,” behavioral and children’s marketing, blogs, word of mouth and viral marketing occupied much of the discussion at the FTC; identity theft and data breaches continue to create privacy concerns; ad-blocking technology mounted an assault on interactive advertising; testimonials and endorsements created buzz, as did publicity rights, led by the estate of Marilyn Monroe (Legal Bytes; May 2008); a New York court decided that emails could amend a contract because they are “writings”; and the online, interactive video gaming industry, wireless advertising and content distribution, and the rise of processing platforms that serve as home computers, entertainment centers, Internet access and gaming portals—oh, and some are handheld and wireless. The fact that 2008 marked the 40th anniversary of the conception of the x86 device and the beginning of what we now know as personal computing—spawned by the obsession of a San Antonio engineer named Austin O. “Gus” Roche—and the 10th anniversary of the publication of my law journal article “Privacy on the Internet: Whose Information Is It Anyway?” went pretty much unnoticed.

Posted on

Dazed & Confused, Not Shock and Awe

For 2009, here are my predictions:

The economy and strife, regulation and surveillance will dominate the agenda, with the burden of paying for everything from wars to bailouts right in the crosshairs: watch those advertising budgets boys and girls, the taxman cometh.

Privacy and advertising, long separated by passive print, television and radio, will continue to collide—Congress will either pass ineffective and inappropriate legislation because it’s too busy to pay attention, or will defer legislation another year because it’s too busy to pay attention.

Wireless and mobile technology will continue to make us say “wow” and will continue to miniaturize our lives, putting not just communication, but also our wallets, calendars, purchasing, entertainment and working tool kits in our hands, not our laps.

The use of wireless and additional licenses, spectrum and bandwidth will bring the FCC and the FTC colliding in their zeal to regulate, and they will either cooperate because they are too busy to fight or fight because they are too busy to cooperate. In either case, regulation, re-regulation and self-regulation will continue to increase, unregulated.

Marketing, promotions, new media, digital content and distribution platforms will transform gaming and interactive play into entertainment, education and information—giving us more choices, but continuing to blur the lines between advertising, entertainment and information.

Continue reading “Dazed & Confused, Not Shock and Awe”