ILC Cyber Report

Story of Joe and His S Corp

November 20, 2009 · Leave a Comment

→ Leave a CommentCategories: Uncategorized

Top Story: FTC at a Cross Road

November 2, 2009 · Leave a Comment

FTC CROSSThe Federal Trade Commission (FTC) seems to be at the center of most major internet issues with its recently released and heavily criticized guide for endorsements by bloggers; the Red Flags Rule, the upcoming privacy town hall which will revive the debate over further privacy regulation (especially with respect to behavioral targeting) and the pending legislation to create a Consumer Financial Protection Agency that also expands the FTC’s authority.

If you are unfamiliar with the role of the FTC it is really two agencies in one.  (See A Guide to the FTC)  Its principal role is in regulating mergers, but the Bureau of Consumer Protection is the arm that has regulated the internet under its mandate to prevent unfair or deceptive conduct.

Endorsing “Internet Exceptionalism”

The updated Guides Concerning the Use of Endorsements and Testimonials in Advertising, have stoked debate and criticism like no other recent regulatory action.  The principal source of controversy is over when reviewers need to disclose a relationship with the party offering the service or product.  The FTC’s response in this area has been described as being “decided  without due care and reasoned judgment” by IAB President Randall Rothenberg while Slate simply calls it a “Mad Power Grab.”

The updated Guides Concerning the Use of Endorsements and Testimonials in Advertising, have stoked debate and criticism like no other recent regulatory action. The principal source of controversy is over when reviewers need to disclose a relationship with the party offering the service or product. The FTC’s response in this area has been described as being “decided without due care and reasoned judgment” by IAB President Randall Rothenberg while Slate simply calls it a “Mad Power Grab.”

What is triggering the criticism is their embrace of internet exceptionalism (i.e., treating the same conduct differently when it occurs online because the internet is “different”), as they declare without any meaningful justification that readers of traditional media would not be concerned whether a reviewer received any consideration from the subject of the review but somehow this becomes relevant to a consumer once he switches to reading a review on a blog. This appears to be based on an alarmingly simplistic view of current media as consisting of large traditional media companies versus laptop bloggers at a time when Huffington Post is valued near $100 million and major newspapers continue to close across the country.

In addition, some legal experts such as Santa Clara University Law School professor Eric Goldman believe that holding companies liable for third party reviews posted on their site would be prohibited by the Communications Decency Act.

The updated guidelines also dealt with consumer testimonials, which absent objective information demonstrating that such a result is typical must either disclose the typical result or avoid typicality claims and instead rely on testimonials that a product is better than others.

The updated guidelines also dealt with consumer testimonials, which absent objective information demonstrating that such a result is typical must either disclose the typical result or avoid typicality claims and instead rely on testimonials that a product is better than others.

More info:  Online Media Daily article on reaction by legal scholars . 

Expanded FTC Authority and the “Internet Czar”

The amendments provide two significant changes to FTC authority. First it removes the current restrictions that limit its rulemaking authority to only addressing a prevalent practice. While this would give the FTC greater rule making authority, it also might reduce their current reliance on enforcement actions as a substitute for rule making.

The other significant change is that it extends liability to those who knowingly provide substantial assistance to a violation, making advertisers concerned about their downstream liability.

Some industry groups have raised concerns the bill would make the FTC Chairman a de facto “Internet Czar”. That factor and residual unhappiness with the FTC over the blogger guidelines has led groups such as the Interactive Advertising Bureau to step up lobbying efforts against the bill.

The bill is expected to go to the House floor shortly, but no projection yet on Senate action.  More info:  Online Media Daily article on the pending legislation and a CRS Summary of the Bill.

→ Leave a CommentCategories: Behavioral Advertising · FTC · FTC Disclosure Guidelines · Privacy · Uncategorized
Tagged: , , , , , , , , , ,

Understanding the Red Flags Rule in 4 Questions

November 2, 2009 · Leave a Comment

Q1:  What is the Red Flags Rule?
Rules implementing the identity theft provisions of the Fair and Accurate Credit Transactions Act of2003 by requiring financial institutions and creditors to evaluate potential identity theft red flags and establish a program to address them.

Q2:  Why should I care if my business is not a financial institution?
You are covered by the rules if your business extends credit in providing services to consumers or “any other account . . .where there is a reasonably foreseeable risk to customers . . . from identity theft.”  The FTC has indicated that this second category is broadly construed and includes “businesses or organizations that regularly provide goods or services first and allow customers to pay later.  Examples of groups that may fall within this definition are utilities, health care providers, lawyers, accountants, and other professionals,and telecommunications companies.”

This has been a source of controversy and even litigation as accountants and lawyers resist applicationof the rule.  In October, the House of Representatives passed H.R.3763 to exclude medical, accounting and legal firms with 20 or fewer employees and allow other small businesses to seek an exemption if certainconditions are met.

Q3:  When do the rules go into effect?
The rules were to be effective November 1, 2008 butthe FTC has pushed this date out on multiple occasions.  Due to the confusion asto who is covered by the rule, its enforcement has now been postponed until June1, 2010.

red flag 4

Q4:  Assuming they apply to my business, what do I need to do?

The obligations are summarized in the diagram above.  The FTC provides a template for businesses to identify potential red flags and a video explaining the rules and process involved.

→ Leave a CommentCategories: Data Security · Identity Theft · Red Flags Rule
Tagged: , , ,

9th Circuit: Private Domain Registration May Constitute Material Misrepresentation Under CAN-SPAM

November 2, 2009 · Leave a Comment

In upholding the conviction of two porn spammers under CAN-SPAM, the 9th Circuit briefly addressed the question of private domain registrations which conceal registration information absent a subpoena.  In U.S. v. Kilbride, the court stated clearly that “private registration for the purpose of concealing the actual registrant’s identity would constitute “material falsification’” under the CAN-SPAM Act.

While this is the first ruling of its kind, it is consistent with the FTC view that a recipient should be able to look up the domain a from address. Marketers in the 9th Circuit states (AK, AZ, CA, HI, NV, MT, OR, WA) should reevaluate the benefits from such a registration service in light of this ruling.

On a related note, a court rejected an attempt by  infamous spamigator Dan Balsam to hold TuCows liable for a default judgment he obtained against one of its private registrants.  More info:  Eric Goldman’s Technology & Marketing Law Blog; BNA’s E-Commerce & Tech Law Blog.

→ Leave a CommentCategories: CAN-SPAM Act · Private Domains
Tagged: , , ,

Few Neutral in Net Neutrality Battle GOP Seeks to Kill FCC Rulemaking Process

November 2, 2009 · Leave a Comment

Federal Communications Commission (FCC) Chair Julius Genachowski was successful in getting the FCC to unanimously agree to begin the process of formalizing the  existing Net Neutrality Guidelines (adopted by the FCC in 2005).  Republican Commissioners, however, stressed they were approving the process only and not necessarily the end result.

Republicans on Capitol Hill were less generous, immediately introducing legislation to stop the process altogether.  While the fight is led by Senator McCain who is one of the largest recipients of telecomm and cable industry contributions, there are a number of Democrats who also have received substantial contributions who might be reluctant to back Genachowski.

At the same time, Comcast is moving forward with its appeal of the FCC’s 2008 decision that it violated the neutrality guidelines in throttling users visiting peer-to-peer sites.

Net Neutrality OverviewMore info:  Ars Technica article on pending legislation; Real Time Investigations’ overview of major recipients of telecomm contributions, Online Media Daily’s discussion of Comcast appeal and ILC’s Net Neutrality Timeline and Overview presentation (21 slides).

→ Leave a CommentCategories: Net Neutrality
Tagged: , , ,

In the Courts

November 2, 2009 · Leave a Comment

Email Cases in Brief
The Free Speech Coalition ended its four year legal battle against Utah’s child email registry law by declaring victory – as the law has proven a financial disaster for both Michigan and Utah and no state has joined their ranks in the intreim - and dismissing its complaint.  See Direct Magazine article.

A California appeals court held that the Song-Beverly Credit Card Act was not preempted by the CAN-SPAM Act.  In Powers v. Pottery Barn, the court reversed a dismissal finding that Song-Beverly had nothing to do with the regulation of email and was outside the scope of CAN-SPAM’s preemption.

FDA Goes After Deceptive Labeling
A revived Food and Drug Administration (FDA) has announced it is invelard2stigating the use of deceptive food labels that create an impression a food product is healthier than it really is.  The FDA is using increased funding to reverse what Commissioner Hamburg described as “a steep decline in enforcement” that resulted in “serious violations have gone unaddressed for far too long. These include violations involving product quality, adulteration, and misbranding; false, misleading, or otherwise unlawful labeling; and misleading advertising.”  More info:  Reuters article on enforcement effort.

Toyota Terror Campaign Triggers Lawsuit

A Saatchi and Saatchi campaign for Toyota’s Matrix using “Punk’d” marketing methods that involved repeated email messages that led the recipient to believe they were being stalked by a violent British man has yielded a $10 million lawsuit against the agency and its client.  Not exactly the viral effect they were hoping for. See AdAge and Canadian Business articles.

→ Leave a CommentCategories: CAN-SPAM Act · FDA Enforcement
Tagged: , , , ,

Ted’s Tubes: Hall of Shame; Dubious Achievements and Project Eagle Claw

November 2, 2009 · Leave a Comment

EFF and Net Choice Honor Dubious Achievements

In an effort to out what it perceives as bogus DMCA takedown notices, the Electronic Frontier Foundation has launched a TakeDown Hall of Shame. Initial inductees include NPR, the National Organization for Marraige, Michael Savage, Ralph Lauren, Warner Music, DeBeers, Diebold and NBC.   More info:  Ars Technica article.

Net Choice has launched the Internet Advocates Watchlist for Ugly Laws.  The state of North Carolina managed to get 3 proposals in the latest list including its “Amazon sales tax” law enacted in August.

 

Nigeria Cracks Down on Web Scammers

Working with Microsoft, the Nigerian government has announced a campaign to fight web scams that have made the country so infamous.  The campaign will include both shutting down offending sites (over 800 so far) but also beginning mitigation efforts by sending emails to those targeted under the scams.  The government hopes to see Nigeria fall from the list of top 10 countries for email fraud.  See Ars Technica article.

→ Leave a CommentCategories: "Amazon Tax" · Bad State Laws · DMCA · Nigerian · Spam · Ted Tubes
Tagged: , , , , , , ,

Top Story: Stage Set for Privacy Showdown in 2010

October 31, 2009 · Leave a Comment

From 9/21 Cyber Report

Last week the Federal Trade Commission announced that beginning on Dec. 7th, it will hold the first in a series of three public round tables to discuss the growth of social networking, cloud computing, online and advertising marketing with a goal towards determining “how best to protect consumer privacy while supporting beneficial uses of their information and technological innovation.”

The FTC wants participants to address three questions: (1) What risks, concerns, and benefits arise from the collection, sharing, and use of consumer information? (2) Are there commonly understood or recognized consumer expectations about how information concerning consumers is collected and used? (3) Do the existing legal requirements and self-regulatory regimes in the United States today adequately protect consumer privacy interests?

The round table begins on the second anniversary of the FTC’s issuance of proposed self regulatory guidelines for behavioral targeting and FTC Chairman Liebowitz’s April warning that the industry was facing their last chance at self-regulation before the regulators took over.

By the time of the first round table, House Internet Subcommittee Chairman Boucher will have introduced his much anticipated privacy bill, giving the issue momentum when Congress returns in January. Not much activity is expected before next year on tech issues in general giving Congress’ full plate of health care, climate change, Afghanistan and the budget.

As discussed in the Sears matter below, the FTC is also stepping up on enforcements efforts regarding online privacy. More Info: FTC Press Release; 2009 Staff Report on Behavioral Targeting and a Wired Article on the Boucher proposal.

→ Leave a CommentCategories: Privacy
Tagged: , , ,

In the Courts: Sears and Overstock Pay Price for Inadequate Notice, FTC Operation Short Changed, ME Privacy Law

October 31, 2009 · Leave a Comment

Sears, Overstock Pay Price for Inadequate Consumer Notice

Sears initiated a program where consumers visiting Sears.com and Kmart.com could become members of the “My SHC Community.” Members were paid $10 to participate in return for downloading a toolbar that would track their “online browsing.” The toolbar did more than that, however, collecting information such as the contents of shopping carts, online bank statements, drug prescription records etc. while also tracking offline behavior. According to the FTC it was “[o]nly in a lengthy user license agreement, available to consumers at the end of a multi-step registration process, did Sears disclose the full extent of the information the software tracked.” As part of the consent decree, Sears agreed to destroy all data collected.

The decision in Hines v. Overstock.com focused on the enforceability of so-called “browsewrap” agreements where a consumer does not have to manifest consent in any form, but rather is bound to the terms by using the site. The Overstock site had a link to the site terms and conditions at the bottom of the first page and on the purchasing some language that all purchases were subject to these terms. Overstock sought to enforce an arbitration clause in the agreement, but the court held it to be unenforceable since the consumer had no knowledge of it.

Overstock’s mistake, aside from letting a $30 issue turn into a federal case, was to ignore the FTC’s 4 P’s for disclosures: Prominence, Presentation, Placement and Proximity. The provision likely would have been enforced had Overstock simply made the provision larger and/or even closer to the purchase button or used a clickwrap agreement where the consumer clicks to confirm acceptance (often as part of a purchase).

Facebook made the same mistake in its infamous Beacon program which it has agreed to shut down and pay $9.5 million as part of a settlement announced Friday. More Info: Online Media Daily Article on Sears Settlement, Ars Technica Article on Facebook Settlement; Overstock Opinion and the FTC’s Fairness Determination (4P’s).
CAN-SPAM Update
The 9 th Circuit?s ruling in Gordon on CAN-SPAM discussed in our last issue is binding on all federal courts within the 9 th Circuit but is merely instructive for the state court’s in those states (AK, AZ, CA, OR, HI, MT, NV and WA). Within twelve days, however, it was adopted by Los Angeles County Superior Court in Silverstein v. Liquid Minds in a sweeping opinion that held that for state law claims to survive preemption they must be based on traditional concepts of fraud (i.e., which would requires a plaintiff to show some form of detrimental reliance on the content of the email). More Info: Opinion.

FTC Targets Free Grants and Mortgage Foreclosure Schemes

In Congressional Testimony last week, FTC Chairman Leibowitz detailed the results of “Operation Short Change” in which the FTC and state law enforcement have brought 389 legal actions in four sweeps over the last six months against those engaging in deceptive schemes exploiting consumer vulnerability due to the economic downturn. The FTC has focused on mortgage relief and modification programs in which a party promises “to rescue homeowners in troubled financial waters, but after they take their money they throw them an anchor instead of a lifeline.;” and programs falsely offering free government grants that included multiple negative option plans of nearly $100 per month that were never disclosed to the consumer. More Info: Operation Short Change Press Release.

Maine Privacy Law Unconstitutional
A federal court put the final nail in the coffin of Maine’s Predatory Marketing law. The court found that the law, which required verifiable parental consent before collecting or receiving information from minors online, violated the First Amendment. The State Attorney General had earlier conceded as much in saying that the law would not be enforced. More Info: E-Week article .

→ Leave a CommentCategories: CAN-SPAM Act · FTC · FTC Disclosure Guidelines · Negative Option Plans · Privacy
Tagged: , , , , , , ,

FCC Moves to Formalize Net Neutrality Rules

October 31, 2009 · Leave a Comment

From 9/21 Cyber Report

The FCC has announced that it will issues rules formalizing its 2005 Policy Statement on Internet Neutrality. The Commission used these principles to find that Comsat improperly blocked traffic from peer-to-peer sites, but Comsat is appealing this ruling claiming the principles were not binding. The proposed rules will also include a non-discrimination provision to prevent future instances such as with Comsat and other ISPs who have blocked disfavored traffic. More Info: USA Today Article Monday Memo Special Net Neutrality Edition.

→ Leave a CommentCategories: Net Neutrality
Tagged: , ,