Socially Aware Blog | Social Media Lawyers

German Court Holds Google Responsible for Its Search Suggestions

By Karin Retzer and Alja Poler De Zwart on June 17th, 2013 Posted in Litigation

On May 15, 2013, in a case filed against Google by an entrepreneur selling dietary supplements and cosmetics (the “Plaintiff”), the German Federal Court of Justice in Karlsruhe (Bundesgerichtshof, the “Federal Court”) ruled that Google must remove any defamatory suggestions generated by its autocomplete search function. The Federal Court overturned an earlier ruling by the Cologne Higher Regional Court (Zivilkammer des Landgerichts Köln) favoring Google.

The Plaintiff claimed that, when his name is entered into Google’s German-language search field, Google’s autocomplete search function offers defamatory suggestions linking him to “Scientology” and “fraud”. The Plaintiff claimed that he is not involved with Scientology and that he has never been accused of, or investigated for, fraud. He also observed that the search results generated by the autocomplete suggestions did not present or support any such connections. The Plaintiff sought an injunction against Google to block the autocomplete suggestions, as well as monetary damages for defamation of his personality rights and business reputation.

While the Cologne Higher Regional Court held that no intelligible meaning can be attached to such autocomplete suggestions, the Federal Court disagreed. The Federal Court found that the search suggestions offered by the autocomplete function implied a factual connection between the Plaintiff and the suggested terms, and stated that search engine operators are responsible for defamatory autocomplete suggestions once they become aware of or have been alerted to such violations of personality rights and reputation. Once they become aware or are alerted, search engine operators have the responsibility under German law to remove such autocomplete suggestions and prevent any further violations.

The case is currently being re-examined in the Cologne Higher Regional Court on remand to determine whether the autocomplete suggestions are in fact defamatory and infringe the personality rights and the honor of the Plaintiff. This means that the Cologne court will have to determine whether the suggestions at issue are factually correct, that is, whether there are facts justifying the association of the Plaintiff with the terms suggested by Google’s autocomplete function.

When a user enables Google’s autocomplete function, lists of search queries appear automatically as such user begins typing a search term. This function expedites the search process, helps to avoid spelling mistakes and allows the user to view popular searches featuring the same search term. If a user is signed into his or her Google Account and has Google’s “Web History” feature enabled, Google’s autocomplete suggestions will also incorporate the user’s own past searches. According to the information provided on Google’s Inside Search Help, these “useful” suggestions are “a reflection of the search activity of all web users and the content of web pages indexed by Google.” Autocomplete suggestions are generated by Google’s algorithms “based on a number of factors (including popularity of search terms) without any human intervention.” The queries presented may therefore include “silly or strange or surprising terms and phrases.” Google explains that, while it strives to “reflect the diversity of content on the web (some good, some objectionable),” it also applies “a narrow set of removal policies for pornography, violence, hate speech, and terms that are frequently used to find content that infringes copyrights.”

In its decision, the Federal Court ruled that the search suggestions offered by the autocomplete function suggest a factual connection between the Plaintiff and the terms “Scientology” and “fraud.” These terms have “negative connotations.” The Federal Court characterized Scientology as a “sect” that has a negative public perception due to unflattering media coverage. As for the term “fraud,” the Federal Court observed that, while the average Internet user may not be familiar with the precise meaning of this legal term, he or she is likely to associate the term with morally reprehensible conduct.

The Federal Court also noted that Google presents its autocomplete function to its users as a service that contains suggestions based on searches most often made by other users of Google’s search service. This creates the expectation that search results based on such autocomplete suggestions will be helpful to users because they reflect actual searches. Hence, the autocomplete suggestions at issue here may imply a factual connection or link between the Plaintiff and the two negatively perceived terms.

The Federal Court concluded that, if the associations with the search terms were wrong, the autocomplete function would constitute an infringement of the Plaintiff’s personality rights and reputation protected under Articles 823(1) and 1004 of the German Civil Code, in conjunction with Article 7(1) of the German Telemedia Act.

The Federal Court also held Google responsible for the function because the search word combinations at issue were generated by Google’s own technology. The Federal Court emphasized that search engine operators are not required to regularly police content or check whether the content generated by algorithms is free of violations. Such an obligation would render the operation of a search engine impracticable, if not impossible. While automated filters should be applied for specific areas (such as child pornography), search engines cannot prevent all possible violations of individuals’ rights via the autocomplete function. However, once an operator becomes aware of unlawful violations of such rights, then it becomes responsible for removing the objectionable terms from its automated search suggestions and for preventing such violations from occurring in the future. The Federal Court’s approach indicates that individuals now have a legal right under German law to notify Google of any defamatory autocomplete search suggestions that infringe their personality rights and demand the immediate removal of such suggestions.

Although the Federal Court’s ruling may be surprising to U.S. readers, we note that this ruling is consistent with earlier decisions in Italy (Tribunale Ordinario di Milano, March 24, 2011, 10847/2011, see link to the order (unofficial source)) and France (Cour de cassation – Première chambre civile, Arrêt n° 832 du 12 juillet 2012 (11-20.358)) holding search engine operators responsible for claims arising from search-related functionality.

The Diet Has Spoken: Japanese Lawmakers Approve Internet-Enabled Campaigning

By Gabriel Meister, Alexander Coley and Tomoki Kodama on June 12th, 2013 Posted in Asia

In February 2013, we reported on legislative momentum in the Japanese Diet to bring Japan’s sixty-year-old election laws into the brave new world of Web 2.0. On April 19, 2013, that reform effort came to fruition, when a bill permitting the use of the Internet during election campaign periods passed both Houses of the legislature—just in time for the upcoming Upper House poll in July.

The debate revolved around Article 142 of the Public Offices Election Law (POEL), which imposes strict regulations on campaign activities during the two- to three-week “official campaign period” leading up to each national, prefectural and municipal election (also known informally as the “blackout” period). Specifically, Article 142 prohibits the dissemination of “documents and drawings” for electioneering purposes during the blackout period (with limited exceptions), a restriction that until now has been consistently interpreted to prohibit Internet-based electioneering activities altogether. Indeed, Article 142 has been understood to prohibit even the general public from participating in online election-related activities, activities synonymous with many popular grassroots campaign efforts in the United States and elsewhere.

These somewhat antiquated restrictions are now largely part of the past. The amended Article 142 permits candidates for political office, political parties and members of the general public (both Japanese and non-Japanese) to utilize a range of online tools for electioneering activities during the official campaign period, ushering in a new era of net senkyo (the buzzword for Internet-enabled campaigning). The potential benefits for candidates and political parties include inexpensive, twenty-four hour access to constituents, and the freedom to depart from the narrow range of permissible activities that define the current mode of electioneering in Japan: train station stump speeches, pamphlet distribution and showering passersby with megaphoned sound bites from officially sanctioned campaign vans. Another purpose of the legislation was, reportedly, to energize Japan’s infamously “apathetic” youth vote.

Essentially, the amended law divides the universe of online tools into websites and similar services (including blogs and social networking services (SNS)), on the one hand, and electronic mail, on the other. At least with respect to websites and similar services, the old restrictions have largely been dissolved: candidates, political parties and members of the general public are now permitted to update their websites, blogs and social network profiles with election-related activities during the official campaign period, and to engage in direct advocacy and solicitation of votes over the Web.

The specific inclusion of SNS among the types of services for which restrictions have been largely relaxed is crucial, given that SNS carry the greatest potential for political innovation under the net senkyo regime. SNS, of course, have been a major force in American politics for a number of years, and Japanese politicians have themselves flocked to services such as Facebook, YouTube and Twitter for conducting non-campaign-related activities outside the blackout period. However, the prospect of engaging in real-time and (theoretically) two-way communications with candidates for political office during the crucial period when voters are most attuned to the issues could represent a breakthrough for Japanese democracy, as Professor Matthew Wilson forcefully argued in 2011.

The relaxation of the POEL’s restrictions on online electioneering has already impacted Internet technologies based in Japan. Naver, developers of the Japanese homegrown messaging app “Line”—which has surpassed 150 million users worldwide and 45 million users in Japan alone—announced in May 2013 that ten political parties opened official Line accounts in the wake of the POEL amendment. The political parties reportedly hope to use Line to facilitate direct communications with supporters and solicit comments and feedback in real time, in addition to broadcasting news and information to followers using a more traditional one-to-many model.

On the other hand, the Diet has maintained much tighter regulation of the general public’s use of electronic mail (as opposed to websites, SNS and similar services). Although the POEL now permits parties and candidates to use electronic mail for electioneering purposes, lawmakers decided to preserve existing restrictions on voters’ use of campaign-related electronic mail, or to at least postpone resolution of the issue to a later date, in an apparent response to fears of “negative campaigning,” defamation, spoofing, identity theft and spam. As a result, the general public is still prohibited from sending electronic mails for election-related purposes during the blackout period—including from mobile phone-associated electronic mail accounts, which are widely used in Japan.

This creates an interesting tension: although a member of the general public may be free to use Facebook to express support for his or her favorite candidate, sending an electronic mail message containing the same content would continue to be off limits under the POEL. As many have observed, this leads to counterintuitive results, whereby someone who forwards to his or her friends a candidate’s official campaign electronic mail blast may potentially be liable for a fine (up to JPY500,000) or imprisonment (up to two years) and face disenfranchisement, while someone who simply copies and pastes the same information into a Facebook message would probably not run afoul of the POEL.

There is some skepticism amidst the excitement around net senkyo. According to a survey conducted jointly by the Sankei Shimbun and Fuji News Network, 56.8% of respondents said that they would not use online campaign information to inform their voting choices, while only 39.3% said that they would. (On the other hand, among voters in their twenties, the number of respondents expressing affirmative interest jumped to 62.7%. This bodes well for the effort to remobilize Japan’s youth vote, which reportedly was one of the original drivers of POEL reform.)

Further, anxiety over the twin threats of narisumashi, or identity theft, and defamation has not abated, and both Internet service providers and law enforcement authorities are already preparing for potential hiccups in the upcoming election cycle. Given the prevalence of Internet-enabled negative campaigning in other countries (for example, in Korea during 2012), it may be reasonable to worry about the downsides of the net senkyo revolution. However, as Professor Wilson has pointed out, the threat of fraud and other bad acts is omnipresent even outside any “official campaign period,” and both traditional law, such as the law of defamation, and technology itself—e.g., direct verification of accounts on Facebook and Twitter—can help mitigate these risks. SNS and similar technologies may even empower politicians to respond to false assertions more quickly and effectively.

Even though the amended Article 142 has become law in Japan, there is no way to predict the extent of its impact on Japanese political culture. But the surging popularity of SNS platforms and other mobile and online communications platforms makes it clear that net senkyo will impact the way Japanese citizens interact with political actors and political information in a lasting way.

Stop Insider Tweeting!—Feds Eye Social Media for Securities Shenanigans

By Gary Stern on June 11th, 2013 Posted in Financial Institutions, SEC, Securities Law

Article courtesy of Morrison & Foerster’s MoFo Tech

As financial institutions and investors turn to social media to instantly share snippets of news and potential clues about market trends, the FBI and SEC are monitoring such postings for evidence of insider trading and improper investment information. Companies must comply with pre-Internet federal securities laws covering antifraud, advertising, record keeping, and more, even though the use of Facebook and Twitter is far outpacing the development of federal regulations aimed at social media.

Late last year, two FBI agents told Reuters that they see social media as a breeding ground for insider trading and securities fraud. “If there is any way to exploit it, these individuals will,” one agent said. The FBI also began a public search for an application that would scan social media for national security threats. “In trying to establish whether a trader who made significant gains in advance of market-moving news got nonpublic information from a company insider, the FBI might be interested in a list of the trader’s friends and contacts on social media sites,” says J. Alexander Lawrence, a Morrison & Foerster partner who works in securities law. “Evidence on Facebook, LinkedIn, or other sites could help the FBI connect the dots.”

Government investigators have been pursuing insider traders with growing intensity, according to Morrison & Foerster’s 2012 Insider Trading Annual Review. One reason could be the relative lack of success in bringing cases related to the financial crisis. “While the SEC and DOJ have been criticized, fairly or not, for not bringing more cases arising from the financial crisis—especially against individuals—both agencies have received abundant praise for their crackdown on insider trading,” the report concluded.

When communicating information through social media channels, companies have had to carefully consider whether material nonpublic information is being selectively disclosed in violation of Regulation FD. The SEC recently clarified its views regarding the applicability of Regulation FD to social media in a Report of Investigation which concluded that disclosure of material nonpublic information on the personal social media site of an individual corporate officer, without advance notice to investors that the social media site may be used for this purpose, is unlikely to qualify as an acceptable method of disclosure under the securities laws.

However, the SEC indicated that companies using social media to communicate information could apply existing guidance on the use of corporate websites in determining if that information is adequately being disseminated through social media channels so that a company won’t run afoul of Regulation FD, which would include taking steps to notify the market that material information about the company can be gleaned from those social media channels.

There are legal uncertainties about how far investigators can go in seeking information that is not publicly available on social media. Courts have ruled that certain messages sent on social media are protected under the Stored Communications Act, which limits the government’s power to force Internet service providers to disclose customer information. In addition, “friending” someone for the sole purpose of uncovering evidence may go against Facebook’s terms of service. States differ as to whether investigations led by attorneys can use deception, such as “friending” someone to uncover evidence, says Carl H. Loewenson Jr., a Morrison & Foerster partner and co-chair of the firm’s Securities Litigation, Enforcement, and White-Collar Defense Group. “If a prosecutor directs agents to do that, there is the risk of ethical violations resulting from engaging in misrepresentation under some state bar rules,” he says.

Playing Fair? UK’s OFT Investigates Online and App-Based Games

By Sarah Wells and Susan McLean on June 11th, 2013 Posted in E-Commerce, Ethics

On April 12, 2013, the UK’s Office of Fair Trading (OFT), the UK regulator for consumer affairs and competition, announced that it was launching an investigation into children’s web- and app-based games. In particular, the OFT is looking into whether such games comply with the Consumer Protection from Unfair Trading Regulations 2008 (“Regulations”), and are not misleading or aggressive (for example, directly encouraging children to buy something or to pester their parents or other adults to buy something on their behalf). The investigation is expected to take six months to complete, and will take into account views from mobile app platform operators and other businesses operating in this market, together with the views of parents and consumer groups.

The investigation was launched in response to reports of children racking up substantial bills on so-called “free” online and app-based games. For example, in March 2013, it was reported that a 5-year-old boy amassed a bill of £1,700 in just 15 minutes via add-ons while playing the “free” game “Zombies vs Ninja.” There are thousands of games like this that are marketed as being free to download but, once the user starts playing, present advertising encouraging the user to pay to get access to extra levels or to receive in-game extras such as virtual coins, gems or other tokens.

The OFT estimates that, as of April 9, 2013, 80 of the 100 top-grossing Android apps were free to download, yet raised revenue through these kinds of in-app purchases. Although platforms will often enable password protection to restrict in-app purchases, such measures will not prevent purchases by children who know their parents’ password or by parents who, at the request of their children, insert their password without appreciation of the risks.

The Regulations, which implement the Unfair Commercial Practices Directive 2005/29/EC, state that unfair commercial practices are prohibited. A commercial practice is deemed to be unfair if it contravenes the requirements of professional diligence and materially distorts, or is likely to materially distort, the economic behavior of the consumer with regard to the product. Aggressive commercial practices are those that impair the average consumer’s freedom of choice or conduct through the use of harassment, coercion or undue influence, and that thereby cause, or are likely to cause, the consumer “to take a transactional decision he would not have taken otherwise.” Undue influence includes exploiting a position of power in relation to the consumer.

The Regulations clearly provide that it is unfair to include in an advertisement a direct exhortation to children to buy advertised products, or persuade their parents or other adults to buy advertised products for them. Breach of the Regulations can lead to criminal penalties such as a fine or imprisonment for up to two years.

The OFT has made it clear that no company that is included in its investigation should be assumed to have broken the Regulations. In addition, the OFT has stated that it does not wish to ban in-app purchases, but rather to determine whether they are compliant with the Regulations in order to ensure that children are protected. Nevertheless, the OFT has indicated that it will take enforcement action against offending companies if necessary. The outcome of the OFT’s investigation is expected to be published in October 2013.

In the meantime, a number of guides have appeared providing advice to parents on how to block in-app purchases (including guidance published by the UK communications regulator, Ofcom), and at least one major app distributor has added in-app purchase warnings to its app store listings. This could be the key to future settings: allowing users to filter out in-app purchase applications when downloading them.

It will be interesting to see what approach the OFT decides to take as a result of its investigation, and where it believes responsibility should lie. Should parents be expected to take more control over their children’s gaming activities or should providers be required to do more, e.g., by providing more information warning users on the nature of these “freemium” apps contained within their stores?

Lastly, note that this investigation may have consequences for game providers operating elsewhere in Europe. Because the Regulations are based on EU law, other EU regulators will be watching the progress of the OFT investigation closely to consider whether they, too, need to scrutinize games providers’ compliance with the equivalent laws in their territories.

Mobile Apps Bill Introduced in the House of Representatives

By Rick Fischer, Obrea O. Poindexter and Ryan H. Rogers on June 10th, 2013 Posted in FTC, Privacy

Article courtesy of Morrison & Foerster’s Mobile Payments Practice

Lawmakers in Washington, D.C., continue to show interest in understanding and developing regulatory proposals relating to mobile apps. The interest appears to be driven, at least in part, by policymakers’ concerns about consumer privacy when using mobile phones and other smart hand-held devices. The issue of consumer privacy, as well as the security of financial information, and the use of mobile also apps has been raised in the context of Congressional hearings held to understand the new ways in which consumers are paying, and taking payments, via smartphone.

The recent introduction of a bill focusing on mobile apps and privacy issues is another indicator of ongoing legislative interest in mobile phone technology and ways in which smartphones are used. On May 9, 2013, Representative Hank Johnson (D-GA) introduced H.R. 1913, the “Application Privacy, Protection, and Security Act of 2013” (“APPS Act”). H.R. 1913 was referred to the House Committee on Energy and Commerce for consideration. As of June 4, 2013, the bill had five co-sponsors.

Representative Johnson’s introduction of the APPS Act follows the release, in January 2013, of a discussion draft of the bill that was developed through an Internet-based legislative project launched by the congressman’s office in July 2012. The following provides a brief overview of the APPS Act, as introduced.

User Notices

Under the APPS Act, app developers would be required to provide users with a notice, before collecting their personal data, describing the terms and conditions governing the collection, use, storage and sharing of personal data. Developers would also be required to obtain the consent of the users to these terms and conditions.

The bill would require this notice to users to include the following:

The categories of personal data that the app will collect;
The purposes for which the personal data will be used;
The categories of third parties with which the personal data will be shared; and
A “data retention policy” that governs the length of time for which the personal data will be stored and a description of the user’s rights under the bill to notify the app developer and request that the developer refrain from collecting additional personal data through the app.

The APPS Act would direct the Federal Trade Commission (FTC) to issue regulations specifying the format, manner and timing of the notice. In promulgating the regulations, the FTC would consider how to ensure the “most effective and efficient” communication to the user regarding the treatment of personal data.

Data Security

The APPS Act would also require app developers to take reasonable and appropriate measures to prevent unauthorized access to personal data collected by apps. This provision demonstrates that concerns about consumer privacy continue to be a driving force for policymakers in crafting legislative proposals.

FTC Enforcement and Safe Harbor

The APPS Act would provide for FTC enforcement, pursuant to the FTC’s unfair or deceptive acts or practices authority under the FTC Act, but would not foreclose private rights of action, or actions by state attorneys general or other state officials. Pursuant to a safe harbor provision, app developers would satisfy the APPS Act’s requirements, and requirements of implementing regulations, by adopting and following a code of conduct for consumer data privacy developed in the multi-stakeholder process convened by the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA). The NTIA process is an outgrowth of the White House white paper, “Consumer Data Privacy in a Networked World,” which advocated the coupling of voluntary privacy codes of conduct with federal legislation establishing consumer “Bill of Rights” principles.

The full text of H.R. 1913 is accessible on the Web site of the Government Printing Office at: http://www.gpo.gov/fdsys/pkg/BILLS-113hr1913ih/pdf/BILLS-113hr1913ih.pdf.

New UK Press Self-Regulation – With a Small Blog Exemption

By Susan McLean and Emma Muncey on June 5th, 2013 Posted in Ethics, Infographic

Following concerns raised by bloggers, the UK government has clarified that small blogs will be exempt from the scope of the new UK press watchdog which is to be introduced as a result of the findings of the Leveson Inquiry.

In 2007, Clive Goodman, then-editor of UK newspaper News of the World, and private investigator Glenn Mulcaire were convicted of the illegal interception of phone messages, and in early 2011, it was revealed that other News of the World reporters had also hacked phones. Later in 2011, the UK government Department for Culture, Media and Sport (DCMS) commenced a public inquiry into the culture, practices and ethics of the British press, chaired by Lord Justice Leveson. In November 2012, following a series of public hearings, Lord Justice Leveson’s inquiry published the Leveson Report, which made recommendations for a new independent regulator for the UK press. As a result of the Leveson Report, the UK government has proposed that a new press watchdog be established by royal charter and backed by legislation; this new self-regulatory system will apply to all “relevant publishers.”

The Crime and Courts Act 2013

The relevant legislation, the Crime and Courts Act 2013 (the “Act”), became law on April 25, 2013. (In terms of the royal charter itself, a draft royal charter put forward by the UK government and a rival draft put forward by some of the leading UK newspapers are due to be considered by the Privy Council in June 2013.) Section 41 of the Act sets out the four criteria that a publication must meet to be a “relevant publisher.” A relevant publisher must:

Publish “news-related” material (i.e., news, information or opinion about current affairs or gossip about celebrities, public figures or other persons in the news);
Publish in the course of a business;
Publish material written by different authors; and
Publish material subject to editorial controls.

For purposes of the Act, “publication” means on a website, in hard copy or by any other means.

The draft royal charter proposed by the UK government goes on to make clear that the proposed self-regulatory scheme will cover those who publish in the UK, where a person is deemed to publish in the UK if “the publication takes place in the United Kingdom or is targeted primarily at an audience in the United Kingdom”; the rival royal charter drafted by the press does not suggest any changes to these provisions. Although there is no guidance in the draft royal charter as to the interpretation of “takes place in the United Kingdom,” it appears that the royal charter could cover foreign operators that publish in the UK, in addition to the UK press itself. We note that the risk to such publishers that are based in the United States, at least with respect to defamation claims, may be limited by the SPEECH Act,” which was signed into law in the U.S. in August 2010 as a response to so-called “libel tourism.”

(As a general matter, the SPEECH Act prohibits a U.S. federal or state court from recognizing or enforcing a foreign defamation judgment unless the foreign jurisdiction’s defamation law provided at least as much protection of freedom of speech and press as the U.S. Constitution, as well as the constitution and laws of the state in which the court is located. The SPEECH Act further prohibits U.S. courts from recognizing or enforcing a foreign defamation judgment against the provider of an “interactive computer service,” as defined in Section 230 of the Communications Decency Act (CDA), unless such court determines that the judgment would be consistent with Section 230 if the relevant information had been provided in the U.S.)

A website operator is not considered to have editorial control over material published on its site if the operator did not post the material, even if the operator moderates statements published by others. This is consistent with the approach taken in Section 5 of the UK’s new Defamation Act 2013, which provides that a website operator’s defence of not having posted defamatory material will not be defeated merely because the operator has moderated a statement posted by others.

“Micro-Businesses” and the Small Blog Exemption

Schedule 15 of the Crime and Courts Act 2013 states that a person who, in carrying out a “micro-business,” publishes news-related material which is either (i) contained in a multi-author blog (a blog that contains contributions from different authors) or (ii) published on an incidental basis that is relevant to the main activities of the business, will not be classified as a relevant publisher for purposes of the Act. “Micro-businesses” are defined as those with fewer than 10 employees and an annual turnover of less than £2 million.

Note, however, that a publication that is exempt from the Act as a micro-business could still choose to join the regulatory system and receive the legal benefits otherwise only available to relevant publishers—benefits that include cost protection if a claimant chooses to sue in court instead of using the regulator’s arbitration scheme.

DCMS has created the following infographic for use in determining whether or not a publication is a relevant publisher:

Image by DCMS via Creative Commons Attribution-NoDerivs 2.0 Generic (CC BY-ND 2.0) license.

Other Exemptions

Schedule 15 also specifies other categories of publications which are exempt from the new system, even when the test for relevant publishers is met. These exemptions cover special-interest titles, scientific or academic journals, broadcasters and book publishers, as well as any public body, charity or company that publishes news about their activities.

FDA Letter to Mobile App Developer Signals Regulatory Scheme

By Erin M. Bosman, Aramide O. Fields and Julie Y. Park on June 4th, 2013 Posted in FDA Regulations

In late May 2013, the U.S. Food and Drug Administration (FDA) sent an enforcement letter to a mobile medical app developer for failing to obtain a 510(k) clearance before marketing the app, which the FDA said appears to be a “device” under section 201(h) of the Federal Food, Drug, and Cosmetic Act (FDCA). The mobile app—the uChek Urine Analyzer developed by Biosense Technologies Private Limited and available through the iTunes App store—allows a user to read urine dipsticks using a camera phone to screen for diabetes and urinary tract infections. The FDA’s letter signals the type of oversight the FDA intends to exercise over mobile medical app developers, although the agency has not released final guidance in this murky area.

FDA Previously Indicated Light Regulation of Medical Mobile Apps

In March, Congress urged the FDA to clarify the regulation of mobile medical apps in three days of hearings before the House Energy and Commerce Committee. The FDA generally relieved concerns raised by the mobile communications industry, which had feared heavy regulation of mobile phones and tablets as medical devices. Christy Foreman, the Director of the Office of Device Evaluation in the Center for Devices and Radiological Health (CDRH) at the FDA, testified before the committee that the FDA intends to limit regulation to a small subset of apps, in accordance with the FDA’s July 2011 draft guidance on mobile medical apps.

The FDA proposed a narrowly tailored approach focusing on apps that could threaten patient safety if they do not work as intended. These include apps that either: (1) affect the performance or functionality of a currently regulated medical device or (2) have traditionally been considered medical devices. Consistent with this philosophy, the agency does not intend to regulate mundane apps that help people achieve a healthier lifestyle, such as pedometers or calorie counters. Nor does the agency plan to regulate apps that track medical data but otherwise do not meet the definition of “device” in section 201(h) of the FDCA because they are not intended to diagnose, treat, or cure conditions or diseases.

Specifically, the 2011 draft guidance indicated that the FDA will regulate mobile apps that qualify as medical devices under section 201(h) and that are intended to perform one of two functions: (1) serve as an accessory to a regulated medical device—for example, an app that allows doctors to diagnose patients by viewing medical images on a tablet; or (2) transform a mobile platform into a regulated medical device—for example, an app that allows a patient to measure blood glucose with a smartphone. The FDA’s recent enforcement letter to Biosense falls squarely in line with this proposed regulatory scheme. As the FDA noted in its letter, the uChek app is intended for use with urinalysis dipsticks that have received 510(k) clearance for “direct visual reading.” However, the app allows a mobile phone to analyze the dipsticks and that means “the phone and device as a whole functions as an automated strip reader” that requires new clearance.

FDA Does Not Intend to Regulate Other Mobile Technology

In a prepared statement released on the day of her testimony, Foreman laid out the boundaries of the FDA’s proposed mobile medical app policy. The statement made clear that the FDA does not intend to regulate mobile technology apart from the medical apps themselves. Thus, the FDA will not regulate the sale or general consumer use of smartphones or tablets. Entities that solely distribute mobile medical apps (such as owners and operators of the “iTunes App store” or the “Android market”) will not be considered medical device manufacturers. And mobile platform manufacturers will not be deemed medical device manufacturers simply because their platforms support mobile medical apps regulated by the FDA. Based on these statements, smartphone manufacturers and app distributors can put to rest for now any concerns they might have had about FDA oversight regarding health-related mobile apps.

FDA’s Statements on Mobile App Regulation Ease Uncertainty in Industry

Congress held the recent hearings in response to uncertainty among mobile app developers, which the House Energy and Commerce Committee voiced in a letter to the FDA Commissioner in early March. The letter relayed industry fears of widespread regulation by the FDA and concerns over the lack of final guidance on the regulation of mobile medical apps. At the hearing, the committee also inquired whether the FDA intends for smartphones, tablets, and other devices that display mobile medical apps to be taxed as medical devices under the Patient and Protection and Affordable Care Act (PPACA). Foreman deflected these questions, noting that the IRS, not the FDA, has the authority to impose taxes on medical devices.

Though the mobile medical app market has been growing, Foreman’s testimony showed that the industry is still in its infancy. Foreman stated that the FDA receives fewer than 20 submissions per year for mobile medical apps, which amounts to approximately 0.5% of all medical device applications the agency reviews each year. All mobile medical apps cleared thus far have gone through the 510(k) process, which in 2011 and 2012 took an average of 67 days to complete. The agency has not yet deemed any mobile medical apps to be Class III medical devices.

Further Guidance Expected Later This Year

Mobile medical app developers should look for a final guidance from the FDA on regulation of mobile medical apps later this year. Though Foreman initially projected that the guidance would be published in “the coming months,” when pushed to be more specific she narrowed her projection to the end of the FDA’s fiscal year in September. Technological developments in mobile medical apps have far outpaced the FDA’s sluggish timing in releasing its final guidance. Congress and mobile app developers will be watching closely to see if the FDA’s final guidance brings the clarity and light regulation of mobile medical apps that the agency has proposed. In the meantime, developers whose apps work in tandem with regulated medical devices should pay attention to the FDA’s enforcement letter to Biosense and consider whether FDA clearance is appropriate. We will continue to monitor this topic and provide relevant updates.

UK: The Latest Social Media Legal Updates

By Susan McLean and Sarah Wells on May 29th, 2013 Posted in E-Commerce, Litigation

In our May 30, 2012 post on the Socially Aware blog—“Should We All Be Getting the Twitter “Jitters”? Be Careful What You Say Online (Particularly in the United Kingdom)”—we considered a variety of UK laws being used to regulate the content of tweets and other online messages. Since that post, there has been a series of legal developments affecting the regulation of social media in the UK, in particular:

the Court of Appeal ruling in the Tamiz v. Google case;
the UK’s new Defamation Act 2013; and
the Crown Prosecution Service’s publication of interim guidelines for social media prosecutions.

The following is an overview of each of these important developments.

1. Tamiz v. Google

In February 2013, the Court of Appeal considered the potential liability of website operators in relation to defamatory comments posted by third parties.

Google Inc. (“Google”) operates the Blogger.com blogging platform (“Blogger”). In April 2011, the “London Muslim” blog used Blogger to publish an article about the claimant, Mr Tamiz. After a number of users anonymously posted comments below the article, Tamiz wrote to Google complaining that the comments were defamatory. Google did not remove the comments, however, Google passed on the complaint to the blogger, who then removed the article and the related comments.

Meanwhile, Tamiz applied to the court for permission to serve libel proceedings on Google. Google contested the application, arguing that it was not a “publisher” of the allegedly defamatory statements, and in any event Google sought to rely on the available defences for a website operator under Section 1 of the Defamation Act 1996 and Regulation 19 of the E-Commerce Regulations 2002.

IN FOCUS: What is the Section 1 Defence?

Section 1 of the Defamation Act 1996 provides that a person has a defence to an action for defamation if such person: (i) is not the author, editor or publisher of the statement complained of; (ii) takes reasonable care in relation to its publication; and (iii) does not know, and has no reason to believe, that such person’s actions caused, or contributed to, the publication of a defamatory statement. For these purposes, “author” means the originator of the statement, “editor” means a person having editorial or equivalent responsibility for the content of the statement or the decision to publish it, and “publisher” means a person whose business is issuing material to the public, or a section of the public, and who issues material containing the statement in the course of that business.

Under Section 1, a person will not be considered an author, editor or publisher if such person is involved only, amongst other things:

in processing, making copies of, distributing or selling any electronic medium in or on which the statement is recorded;
as an operator or provider of a system or service by means of which a statement is made available in electronic form; or
as the operator of or provider of access to a communications system by means of which the statement is transmitted, or made available, by a person over whom he or she has no effective control.

Regulation 19 of the E-Commerce Regulations 2002 provides another defence for website operators—one that can be easier to establish than the Section 1 defence. Regulation 19 protects online service providers by providing that an entity which hosts information provided by a recipient of the online service will not have any liability arising from its storage of the information as long as it has no actual knowledge of any unlawful activity or information, and if, on obtaining actual knowledge of the unlawful information or activity, such entity acts expeditiously to remove or disable access to the material.

At first instance, the court found in favour of Google on the basis that Tamiz’s notification of Google concerning the offending material did not turn Google into a publisher of that material. Google’s role was purely passive and analogous to the owner of a wall which had been covered overnight with defamatory graffiti; although the owner could acquire scaffolding and whitewash the graffiti, that did not mean that the owner should be considered a publisher in the meantime. The court also stated that in any event, if Google had been a publisher of the comments, it could have relied on the Section 1 defence because it was not a commercial publisher and it had no effective control over people using Blogger. (Although there had been a delay between Tamiz’s letter to Google and Google’s notification to the blogger, the judge found that Google had still responded within a reasonable period of time.) The judge also stated that Google would have had a defence under Regulation 19, for purposes of which Google was the information society service provider and the blogger was the recipient. The judge emphasized the importance of the term “unlawful” in Regulation 19; in order for the material to be unlawful, the operator would need to have known something of the strengths and weaknesses of the available defences. Tamiz appealed.

The Court of Appeal agreed that Google was not a publisher before it was notified by Tamiz of the offending materials because it could not be said that Google either knew or ought reasonably to have known of the defamatory comments. However, the Court of Appeal departed from the earlier decision on the question of post-notification liability. Rather than a wall, the Court of Appeal likened Blogger to a large notice board, where Google had the ability to remove or block any material posted on the board that breached its rules. The court held that by failing to have the material removed until five weeks after notification, Google was arguably a publisher post-notification because, by continuing to host the blog in question, Google’s actions may have been held to contribute to the publication of the defamatory statement. Despite its ruling, ultimately the Court of Appeal rejected Tamiz’s appeal on the basis that any harm to Tamiz’s reputation was trivial—and as the appeal failed, the court did not consider the availability of the Regulation 19 defence.

The Tamiz v. Google decision potentially widens the circumstances in which website operators can be liable for defamatory content posted by others. The key lesson for social media platform operators under UK law is this: remove allegedly defamatory material as swiftly as possible following notification, in order to avoid any argument that you are a publisher of that material.

2. Defamation Act 2013

After a difficult passage through parliament, the long-awaited Defamation Act 2013 (the “Act”) was introduced on April 25, 2013. The majority of its provisions will come into effect via statutory instrument later in 2013. The Act is intended to “overhaul the libel laws in England and Wales and bring them into the 21st century, creating a more balanced and fair law.” (The Act does not apply to Northern Ireland, as it was blocked by the Northern Ireland Assembly; further, only those sections which relate to scientific and academic privilege apply to Scotland, which has its own libel laws).

Serious Harm

Section 1 of the Act makes clear that, in order to be defamatory, a statement must cause or be likely to cause “serious harm” to a claimant’s reputation. Where a business is the claimant, it must show that the statement has caused or is likely to cause “serious financial loss” to the business in order for the “serious harm” requirement to be met. (This clarification was brought in as a last-minute amendment as a result of concerns that companies could use the fear of defamation claims to silence their critics.)

General Defences

Sections 2, 3 and 4 of the Act replace the previous common law defences of justification, fair comment and the Reynolds defence with new statutory defences of truth, honest opinion and publication on a matter of public interest. The new provisions broadly reflect the previous common law position, with the exception that the defence of honest opinion is now not required to be on a matter of public interest.

Section 5 Defence

For website operators, one of the key provisions of the Act is the new Section 5 defence. Although the Section 1 and Regulation 19 defences referred to above remain and are not abolished by the Act, Section 5 of the Act introduces a new additional defence specifically for website operators. Under Section 5, a website operator will have a defence to a defamation claim if it can show that it was not the entity that “posted the statement.” The defence will be defeated if the claimant can show the following:

it was not possible to identify the person who posted the statement (for these purposes, “identify” means that a claimant must have sufficient information to bring proceedings against the suspected defendant);
the claimant provided a notice of complaint in relation to the statement; and
the operator failed to respond to the notice of complaint in accordance with the applicable regulations.

Any malice by the website operator’s actions in connection with the statement concerned will defeat the defence.

Importantly, given previous case law which had indicated that moderation of third-party content could result in an operator attracting liability as an editor or publisher, the Act makes clear that the Section 5 defence is not defeated solely by reason of the fact that the operator of the website moderates the statements posted on it by others.

Section 10 Defence

Section 10 of the Act states that a court will not have jurisdiction to hear any action for defamation brought against a person who was not the author, editor or publisher of the applicable material, unless the court is satisfied that it is not reasonably practicable for an action to be brought against the author, editor or publisher.

Privilege

In response to lobbying from the scientific and academic communities, Section 6 of the Act provides protection for scientists and academics publishing in peer-reviewed journals. Section 7 clarifies when the defences of absolute and qualified privilege will be available.

Single Publication

Previously, each new publication of the same defamatory material would give rise to a separate cause of action. This has been of particular concern where defamatory statements have been published online. Section 8 of the Act provides a “single publication” rule that makes clear that the limitation period for bringing a claim will run for one year from the date of first publication.

Overseas Publishers

Section 9 of the Act has been introduced to address the contentious issue of “libel tourism.” It applies to any defendant who is not domiciled in the UK, an EU member state, or a state which is a party to the Lugano Convention (i.e., Iceland, Norway, Denmark and Switzerland). In such circumstances, the courts will not have jurisdiction to hear such claim unless the court is satisfied that England and Wales is the most appropriate place in which to bring an action.

Removal of Statements

Section 13 of the Act provides that, where a court has given judgment in favour of a claimant in an action for defamation, the court may require (i) the operator of a website on which the statement is posted to remove the statement or (ii) any person who was not the author, editor or publisher of the defamatory statement to stop distributing, selling or exhibiting material containing the statement.

Although we will need to await publication of the proposed “notice and takedown” regulations envisaged by the Act and monitor how the Act is implemented in practice by the courts, the Act appears to introduce more certainty and protection for website operators in terms of liability for third-party content—particularly in light of Tamiz v. Google—and as such has been broadly welcomed.

3. Interim Guidelines on Prosecution of Social Media Communications

As we reported in May 2012, various UK laws are currently being used to regulate the content of tweets and other online messages, although there is no consistency as to which laws will be used to regulate which messages. The relevant laws include section 127 of the Communications Act 2003, section 1 of the Malicious Communications Act 1988, the Contempt of Court Act 1981 and the Serious Crime Act 2007.

In December 2012, in response to a spate of high profile cases prosecuted under these laws, the Crown Prosecution Service (CPS) published interim guidelines in relation to the prosecution of cases in England and Wales that involve communications sent via social media. A public consultation was launched alongside such guidelines; at the end of the consultation, the interim guidelines will be reviewed in light of the responses received, and final guidelines will be published.

The guidelines identify four categories of communications that may constitute criminal offences:

credible threats of violence or damage to property;
communications targeting specific individuals;
breach of court orders; and
communications which are grossly offensive, indecent, obscene or false.

In terms of category 4, the CPS acknowledged the huge number of communications made daily using social media and identified the desire to avoid unnecessary prosecutions which would have a chilling effect on free speech. A balance had to be struck between an individual’s right to freedom of expression under Article 10 of the European Convention on Human Rights and the protection of individuals. For these reasons, the CPS identified that a high threshold must be met before criminal proceedings are brought, and in many cases, a prosecution is unlikely to be in the public interest.

Category 4 communications fall under section 1 of the Malicious Communications Act 1988 and section 127 of the Communications Act 2003. These provisions refer to communications which are grossly offensive, indecent, obscene, menacing or false. The interim guidelines clarify that for a prosecution to be brought under such laws, a communication must be more than:

offensive, shocking or disturbing;
satirical, iconoclastic or rude; or
the expression of unpopular or unfashionable opinion, or banter or humour (even if distasteful to some or painful to those subjected to it).

Furthermore, a prosecution must be in the public interest and, where a suspect has taken swift action to remove the communication or has expressed genuine remorse, or other relevant parties (such as service providers) have taken similar swift action to remove the communication in question or otherwise block access to it, the guidance emphasizes that it may not be in the public interest to prosecute. The guidelines also stress the need to take into account the instantaneous nature of social media and the fact that the audience of such social media cannot be predicted, e.g., an individual may post something privately which is then repeated and re-published to a much wider audience than originally intended.

The interim guidelines have been broadly welcomed as reflecting a common sense approach, although some organizations concerned with freedom of expression, such as Justice and the Open Rights Group, have suggested in their consultation responses that the interim guidelines do not go far enough and have called for clarification of the underlying laws themselves. In terms of next steps, March 13, 2013 marked the deadline for consultation responses, and the CPS is expected to publish the results of the consultation later this year. Any updated guidelines will then follow.

Conclusion

The UK’s laws are slowly being updated to reflect the digital age, and these latest developments should help social media platform operators and other organizations to better understand how they can stay on the right side of the law. However, as always, organizations will need to keep a close watch on how the courts interpret the new laws to ensure that they continue to operate safely online. And taking a step back, it may be the case that these new developments will motivate the public to more carefully consider their social media etiquette and how they balance their right of freedom of expression with their social obligations of courtesy and respect for others. As one commentator has noted, “It’s not just the law that needs to catch up with social media, but manners too and manners can’t be legislated for.”

The Second Circuit’s Aereo Math: One Copy + One Subscriber ≠ Public Performance

By Jessica J. Lehrman on May 21st, 2013 Posted in Copyright, Litigation

Last week—the week of May 12, 2013—proved to be an eventful week for Aereo.

On May 14, 2013, the controversial broadcast television streaming service filed a motion for summary judgment in the Southern District of New York on copyright claims brought by broadcast television networks (including ABC, NBC, CBS and Fox) that Aereo’s service directly infringes the networks’ public performance rights and directly and secondarily infringes their reproduction rights.

The very next day, Aereo kicked off its plans to expand the New York City-based service to 22 additional U.S. cities by launching in Boston.

This flurry of activity shortly follows the April 1, 2013 opinion of the Second Circuit Court of Appeals, which affirmed the District Court’s opinion in WNET v. Aereo, Inc. denying a motion for preliminary injunction against Aereo based on infringement of the networks’ public performance rights.

In case you are not yet familiar with Aereo’s inner workings, the service transmits broadcast television programs to subscribers via the Internet by using miniature antennas. Specifically, Aereo provides each subscriber with a dedicated antenna for the period of time during which the subscriber is using the service. When a subscriber chooses to “Watch” or “Record” a particular television program through the Aereo interface, the Aereo system makes a unique copy of the television program from the broadcast signals received by the antenna and transmits such copy to the subscriber’s Internet-connected device.

To the disappointment of the broadcast television networks, the Second Circuit found that the operation of Aereo’s service does not infringe the networks’ public performance rights under the Copyright Act. Citing the doctrine of stare decisis (which obligates judges to follow precedential court opinions), the majority of the three-judge panel found that the Second Circuit’s 2008 opinion in Cartoon Network, LP v. CSC Holdings, Inc. (commonly referred to as “Cablevision”) precluded a finding that Aereo’s transmissions are “public performances” within the meaning of the Copyright Act’s “transmit clause.”

The Cablevision court held that whether a performance is made “to the public” should be determined by the potential audience of the copy of the work being performed (as opposed to the potential audience of the work being performed). Accordingly, the Aereo court found it inconsequential to its copyright analysis that the Aereo service makes broadcast television programs available to members of the public; instead, the court looked at how each subscriber received access to a particular television program to determine whether the performance of such program was a “public performance.” Because Aereo transmits the broadcast television programs to its subscribers using a copy unique to each individual subscriber, the court determined that Aereo’s transmissions constitute private performances for the purposes of copyright law.

Circuit Judge Denny Chin dissented in the Aereo case, referring to Aereo’s system as “a sham” that has been technologically manipulated to fall within an apparent loophole created by copyright case law in the Second Circuit. According to Judge Chin, both the plain meaning of the Copyright Act’s “transmit clause” and legislative history support a finding of copyright infringement by Aereo, as Aereo is transmitting the networks’ copyrighted works to “paying strangers” through the use of Aereo’s system. Judge Chin also made much of the fact that Aereo does not hold a license to retransmit the broadcast television programs, unlike Cablevision had in the Cablevision case (a fact that the majority of the Aereo court found irrelevant).

Judge Chin’s arguments echo those of Judge George Wu of the Central District of California, who ruled in favor of the networks in Fox Television Stations, Inc. v. BarryDriller Content Systems, PLC (commonly referred to as “Aereokiller”) in December 2012. Noting tension between the Second Circuit’s Cablevision decision and Ninth Circuit copyright case law, Judge Wu issued an injunction against service provider Aereokiller, a competitor of Aereo based in California that offers a streaming service technologically similar to that of Aereo. The Aereokiller decision offers an alternative interpretation of the Copyright Act’s “transmit clause” that directs courts to look at whether a performance made via a transmission is made “to the public” (rather than whether the specific transmission is made “to the public”). Based on this interpretation, Judge Wu found that Aereokiller’s transmissions of broadcast television programs to its subscribers using unique copies of such programs were nonetheless “public performances” under copyright law. The Aereokiller case is currently on appeal to the Ninth Circuit.

If the Ninth Circuit affirms Judge Wu’s opinion, a significant split is likely to arise between the Second and Ninth Circuits on the critical question of when an online transmission constitutes a “public performance” for purposes of the Copyright Act. The broadcast networks have not given up in the Second Circuit, however, and have petitioned for an en banc rehearing (i.e., a rehearing before all Second Circuit judges) of the Aereo case, hoping to achieve a reversal of the three-judge panel opinion.

The ultimate outcomes of the Aereo and Aereokiller cases are likely to have a big impact on how consumers access broadcast television over the coming years. Both copyright owners and online distributors are undoubtedly staying tuned for future developments.