Header graphic for print

Socially Aware Blog

The Law and Business of Social Media

Could the Use of Online Volunteers and Moderators Increase Your Company’s Copyright Liability Exposure?

Posted in Copyright, DMCA, IP, Litigation, User-Generated Content

GettyImages-183313080With over one billion websites on the Internet, and 211 million items of online content created every minute, it should come as no surprise that content curation is one of the hottest trends in the Internet industry. We are overwhelmed with online content, and we increasingly rely on others to separate good content from bad content so we can make more efficient use of our time spent surfing the web.

Consistent with this trend, many websites that host user-generated content are now focused on filtering out content that is awful, duplicative, off-topic or otherwise of little interest to site visitors. And these sites are often finding that humans—typically passionate volunteers from these sites’ user communities—do a better job than algorithms in sorting the wheat from the chaff.

Of course, any website that deals with user-generated content needs to worry about potential copyright liability arising from such content. We’ve discussed in past Socially Aware blog posts the critical importance of Section 512(c) of the Digital Millennium Copyright Act (DMCA) to the success of YouTube, Facebook and other online sites that host user-generated content. By providing online service providers with immunity from monetary damages in connection with the hosting of content at the direction of users, Section 512(c) has fueled the growth of the U.S. Internet industry. Continue Reading

IoT Deals Continue to Bolster Tech M&A Market

Posted in Internet of Things, M&A

Dealmakers who responded to a recent Morrison & Foerster survey predicted that the market for M&A transactions in the technology sector will be even more robust in 2017 than it was in 2015 and 2016—years in which acquirers announced deals collectively valued at more than $1 trillion.

Now a report by MoFo’s M&A team leaders and 451 Research shows that Internet of Things-related transactions contributed significantly to the tech M&A market’s impressive numbers over the last few years. For one thing, IoT-related deals announced since 2013 have been valued at $147.3 billion.

For discussions of other IoT-related issues, check out Morrison & Foerster’s IoT Resource Center.

04_12_TechMASnapshot_IoT_SociallyAware_150dpi

New York’s Highest Court Rebuffs Facebook’s Efforts to Protect the Rights of Its Users in Search Warrant Fight

Posted in Litigation, Privacy, Stored Communications Act

2015 11 30 DJV NAT 218Facebook’s four-year battle on behalf of its users, seeking to quash 381 warrants obtained by the New York County District Attorney’s Office, has come to a close. The decision of the New York Court of Appeals—which is New York’s highest court—leaves Facebook users exposed to wide-ranging and largely unchecked inquiries by New York criminal prosecutors into their Facebook accounts.

The story begins in July 2013, when the New York Supreme Court—which is the trial court in New York—issued 381 warrants arising out of the district attorney’s (DA) application for warrants under the Stored Communications Act (SCA). The DA was investigating an alleged Social Security Disability fraud scheme.

The DA’s request was extraordinarily broad. The warrants functionally amounted to a request for 381 users’ entire Facebook histories. The warrants compelled Facebook to produce not only any and all text, photos or videos a user had shared with his or her limited universe of friends, but also any private messages exchanged between the user and another individual (who could have been a spouse, doctor, religious figure or attorney) as well as information the user had chosen to no longer share with anyone, such as a previous email address, a deleted friend or a hidden post, and information the user had never intended to share with anyone, such as his or her searches and location.

The warrants also compelled Facebook to produce content shared by users who were not named in the 381 warrants, and may not even have known anyone named in the 381 warrants, but who had the misfortune of posting on the timelines of those users uploading photos of those users, or simply belonging to any one of the groups with which a named user was affiliated. At least several of the affected users were high school students who were highly unlikely to have been involved in a Social Security Disability fraud scheme. The issuing court also expressly prohibited Facebook from disclosing the existence or execution of the warrants.

While Facebook receives many such requests from law enforcement each year and often provides information in response, Facebook strongly objected to the wide-ranging requests in this case.

Facebook moved to quash the warrants on the ground that they were overly broad, but the New York Supreme Court denied the motion, finding that Facebook did not have standing to assert any privacy or Fourth Amendment rights on behalf of its users. Facebook also challenged the nondisclosure provisions of the warrants, but again the court sided with the DA, reasoning that disclosure of the warrants could jeopardize the DA’s ongoing investigation.

The intermediate appellate court dismissed Facebook’s appeal. The court explained that the orders from the lower court denying Facebook’s motion to quash were unappealable because, under New York law, there is no authority permitting review of interlocutory orders issued in criminal proceedings.

Facebook took the fight all the way to the New York Court of Appeals. Facebook argued that an order denying a motion to quash an SCA warrant should be treated like an appealable order denying a motion to quash a subpoena, rather than like an unappealable order denying a motion to quash a traditional warrant. While a traditional search warrant authorizes law enforcement officials to enter, search and seize property, an SCA warrant, like a subpoena, requires the target of the warrant to compile and turn over its own digital data.

On April 4, 2017, Facebook lost that fight when New York’s highest court ruled that it does not have authority to hear appeals from motions to quash search warrants issued under the SCA.

In a 5-1 decision, the Court of Appeals concluded that, despite the similarities between the manner of responding to SCA warrants and the manner of responding to subpoenas, an SCA warrant is a warrant, not a subpoena. As with traditional warrants, SCA warrants are only issued in criminal proceedings to a government entity that has supported its request for a warrant with probable cause. The court explained that the difference between execution of traditional warrants and SCA warrants is due to “the nature of the material sought”—it “ensures efficiency and minimizes intrusion” for a service provider to search and compile its own digital information rather than for law enforcement to conduct the search. Accordingly, the Court of Appeals found that the order denying Facebook’s motion to quash was not appealable.

Further, the Court of Appeals suggested that Facebook may not have had a right to bring a motion to quash in the first place. For purposes of this case, the Court of Appeals assumed, without deciding, that a motion to quash an SCA warrant was proper. However, the court noted that the SCA discusses warrants, subpoenas and court orders requiring disclosure of information separately, and only expressly provides for a motion to quash court orders.

The Court of Appeals did express some sympathy for Facebook’s concerns regarding the privacy of its users. At the outset, the court stated that “[t]his case undoubtedly implicates novel and important substantive issues regarding the constitutional rights of privacy and freedom from unreasonable search and seizures,” and that it was “tempting for the court to address those issues.” The court also noted that “Facebook’s concerns, as a third party, about overbroad SCA warrants may not be baseless.”

Notwithstanding its expressed concerns, and over a strenuous dissent from Judge Wilson, the New York Court of Appeals has provided criminal prosecutors wide-ranging investigative powers without providing Internet service providers an ability to obtain appellate review. With New York’s high court having spoken, the online industry’s focus is likely to shift toward a legislative fix that will promote users’ privacy interests and limit overreaching SCA warrants.

*        *       *

For other Socially Aware posts addressing user data and the Stored Communications Act, please see the following: Google Ordered to Comply with Warrant for Foreign-Stored User Data; Second Circuit: Email Stored Outside the U.S. Might Be Beyond Government’s Reach; and We’ve Come for Your Tweets: Twitter to Appeal Denial of Its Motion To Quash District Attorney’s Subpoena.

 

8 Steps to Avoid Being the Victim of the Next Ransomware Attack

Posted in Data Security, Privacy

Computer laptop with ransomware malware virus key icon on red display background. Vector illustration technology data privacy and security concept.

The global WannaCry ransomware attack should be a wake up call for all companies about the threat ransomware poses.  While

WannaCry was one of the first highly publicized attacks in which ransomware was weaponized and used against numerous companies at once, there will undoubtedly be future attacks.  Companies can take proactive steps to reduce their chances of being hit by the next ransomware attack, and our team is working with companies around the world to help them be more resilient in light of these evolving threats.  Here are some key steps you can take to help your company protect itself from the next attack:

 

  1. Make sure software patches are routinely applied.
  2. If possible, only use supported operating systems and other software.
  3. Utilize antimalware and antivirus software tools and services.
  4. Back up your critical data.
  5. Train your employees on how to spot phishing emails.
  6. Create a cross-functional incident response plan.
  7. Practice responding to a ransomware attack in a table top exercise to be able to hit the ground running when this type of event occurs.
  8. Establish or enhance relationships with law enforcement and other critical partners.

In addition, we’ve compiled several resources to help you prepare for and respond to a ransomware incident:

Data Protection Masterclass: GDPR Is Less Than a Year Away: Are You on Track?

Posted in Data Security, Event, Privacy, Right To Be Forgotten

Live Webinar: June 6, 2017 at 12:00 PM (ET) / 9:00 AM (PT)

The May 2018 compliance deadline for the EU’s new General Data Protection Regulation (GDPR) is fast approaching and—with non-compliance penalties of up to €20 million or 4% of annual global turnover at stake—you cannot afford to miss the deadline.

Please join Socially Aware contributors and Morrison Foerster privacy & data security attorneys Lokke Moerel and Marian A. Waldmann Agarwal for a complimentary, practical webinar explaining where you should be in your efforts to meet the May 2018 compliance deadline, where you need to be in a year, and how to get there.

Lokke and Marian will pay particularly close attention to the aspects of the GDPR that will have the greatest impact on your company’s operations:

  • How to best implement the GDPR’s extensive documentation requirements;
  • How the right to data portability and the individual’s right to be forgotten (RTBF) will impact your business; and
  • How vendors are implementing their new obligations under the GDPR and how vendor contracts will need to evolve to comply with GDPR requirements.

Register for the Data Protection Masterclass here.

Social Links: Rules for researching jurors via social media; law enforcement and new technologies; Facebook tool allows copyright owners to claim ad earnings from unauthorized video uploads

Posted in Advertising, Artifical Intelligence, Copyright, Litigation, Livestreaming, Marketing, Wearable Computers

A nice overview of the rules on researching jurors’ social media accounts in various jurisdictions from Law.com.

The importance of appearing at the top of Google search results, especially on mobile devices, is driving retailers to spend more and more on the search engine’s product listing ads, which include not just text but also the photos of products.

Researchers at the Massachusetts Institute of Technology designed a mobile robot that 3D-printed a building that is 50-feet-wide in 14 hours.

In the second half of 2016, Facebook received 9% more global government requests for users’ account data and—largely because users had stopped posting images of the 2015 Paris terrorist attack victims’ remains, which was against French law—28% fewer global government requests to remove content that violates local law.

After Kashmiris posted photos and videos depicting alleged military abuse in the days following a violence-plagued local election, authorities in the Indian-controlled region banned 22 social media sites, claiming it was necessary to restore order.

At the UEFA Champions League final in Cardiff, Wales, this summer, British police will pilot a new automated facial recognition (AFR) system to scan the faces of attendees and compare them to a police “persons of interest” database.

To show concerned citizens—and criminals—that they mean business, police in an Alabama city are live-broadcasting arrests on Twitter.

The data collected by the physical-activity-tracking device worn by a Connecticut murder victim contradicts the timeline of events given by her husband, a suspect.

One of the Kardashians is being sued by a photo agency for allegedly copying a copyrighted photo of her and posting it to her Instagram account.

And on the subject of user-generated content, owners of video content that is posted by users to Facebook without authorization can now claim ad earnings for the infringing content and set automated rules that will determine when infringing content should be blocked.

The editor of the MIT Technology Review provided interesting insights to Chatbots Magazine regarding the future and current state of artificial intelligence.

Police in Silicon Valley arrested a man for allegedly knocking down a 300-pound security robot while he was intoxicated.

5th Circuit: ISP Not Liable for Infringement Due to Lack of Volitional Conduct, Despite Ineligibility for DMCA Safe Harbor

Posted in Copyright, DMCA, Litigation

GettyImages-525955707-600pxThe Fifth Circuit Court of Appeals recently considered in BWP Media USA, Inc. v. T&S Software Associates, Inc. whether volitional conduct is required to establish a claim for direct copyright infringement against an Internet service provider (“ISP”). The defendant ISP, T&S Software Associates (“T&S”), hosted a website that included a public forum called “HairTalk” where users could post content about hair, beauty, and celebrities.

HairTalk users posted photographs of Ke$ha, Julianne Hough, and Ashlee Simpson that were owned by the plaintiffs, BWP Media USA and National Photo Group (“BWP”), without BWP’s authorization. The plaintiffs sued T&S for direct and secondary copyright infringement based on the users’ posts. The district court granted summary judgment in favor of T&S as to both direct and secondary infringement and BWP appealed the judgment as to the direct infringement claim. Continue Reading

FINRA Publishes New Guidance on Social Networking Websites and the Application of Rule 2210

Posted in FINRA

MobilWebApps-GettyImages-484543671-600pxBroker-dealers have been reluctant to fully embrace social media due to regulatory concerns. Although the industry regulator, the Financial Industry Regulatory Authority, Inc. (“FINRA”), has issued regulatory notices relating to the use of social media and the application of FINRA Rule 2210 (Communications with the Public), many gray areas have remained, dampening the use of Facebook, LinkedIn and other social media platforms by industry participants.

FINRA’s recent release of Regulatory Notice 17-18 may help to remedy that problem, however. Presented in the form of 12 FAQs commenting on the earlier regulatory notices, this latest notice provides the broker-dealer industry with greater guidance on its use of social media to communicate with customers and potential customers. Specifically, the FAQs expand on the areas of recordkeeping, third-party posts and the use of hyperlinks to third-party sites. FINRA acknowledged that the use of social media and digital communications has expanded in the time since its last regulatory notice on the use of social media by member firms, which was Regulatory Notice 11-29, issued in 2011.

Recordkeeping

The requirement that member firms retain records of communications that relate to their “business as such” under Rule 17a-4(b) of the Securities Exchange Act of 1934 applies to digital communications, including those that are made through text messaging and chat services, if the content of the communication relates to the firm’s business. Before using such services, the firm must first ensure that it can retain those business communications. Continue Reading

Court Orders Google to Turn Over Foreign-Stored Data

Posted in Litigation, Privacy, Stored Communications Act

GettyImages-520390753-600pxThe U.S. Department of Justice (DOJ) recently secured a notable victory against Google in a dispute over the enforceability of a U.S. search warrant seeking access to foreign-stored account data.

The April 19 ruling—from Magistrate Judge Beeler in the U.S. District Court for the Northern District of California—is the latest sign that DOJ is continuing to rely on the Stored Communication Act (SCA) to seek overseas account data even after the Department’s high profile defeat in the Second Circuit’s ruling in the Microsoft case.

And the opinion suggests that DOJ’s litigation strategy may be working.

The dispute arose after DOJ obtained a search warrant last year under the SCA directing Google to provide information related to specified Google user accounts. Google withheld some of the requested information and challenged the request. Google explained that it relies on algorithms to move user data around the world automatically to aid in network efficiency. Invoking the Second Circuit’s Microsoft ruling, which rejected DOJ’s efforts to obtain content stored on Microsoft servers in Ireland, Google argued that some of the requested data was stored exclusively overseas and therefore beyond the purview of an SCA warrant. Continue Reading

Social Links: Social ad spend soars; the FTC’s special message to “influencers”; LinkedIn changes terms of use

Posted in Advertising, Endorsement Guides, FTC, Terms of Use

A New York State senator has introduced a bill that would make posting footage of a crime to social media with the intention of glorifying violence or becoming famous punishable by up to four years in prison and fines.

Instagram hit the 700-million-user mark.

Brands spent 60% more on social media advertising in the first quarter of 2017 than they did in the same quarter last year, a new report shows.

But savvy brands will do more to leverage social media than just buy advertising, according to a columnist in Entrepreneur. Chatbots that can interact with customers on private messaging networks and in connection with in-app purchasing are the next big things.

And while we’re on the subject of private messaging networks, Tumblr is launching its own version, called Cabana. It encourages six friends to “hang out” and watch YouTube videos together.

Pointing out the inadequacy of many celebrities’ methods of disclosing their status as paid endorsers of the products they promote on Instagram, the FTC sent a letter to 90 high-profile social media users that provides some guidance on how to fulfill the endorsement guides’ requirement that sponsored posts be identified in a “clear and conspicuous” way.

LinkedIn has updated its terms of service and privacy policy, reportedly to make way for new platform features such as identifying when other LinkedIn members are in physical proximity to you, making available “productivity bots” to assist you in interacting with members of your LinkedIn network and allowing third-party services to display your LinkedIn profile to their users.

Facial recognition systems will soon be used to identify visa holders as they leave the United States, raising civil rights questions.

The U.S. population’s political polarization isn’t a result of the rise of social media, a new working paper issued by the National Bureau of Economic Research suggests, because hyper-partisanship is most prevalent among older Americans who are less likely than other Americans to consume media online.