Photo of Julie O'Neill

Expressing concern about the spread of disinformation related to COVID-19, Federal Trade Commissioner Rohit Chopra said Congress may need “to reassess the special privileges afforded to tech platforms, especially given their vast power to curate and present content in ways that may manipulate users.” His words implicate one of our favorite topics here at Socially

In the wake of the COVID-19 pandemic, children are spending more of their lives in the digital realm, both for education and entertainment purposes—but that doesn’t mean the Federal Trade Commission (FTC) is cutting online operators slack for not complying with the Children’s Online Privacy Protection Act (COPPA). Last week, the FTC levied a $4 million penalty against HyperBeard, Inc., a popular mobile app developer, to settle allegations that HyperBeard integrated third-party ad networks into its child-directed apps in violation of COPPA.(Due to HyperBeard’s inability to pay the full amount, the $4 million penalty will be suspended upon payment of $150,000 by HyperBeard).

The complaint is notable in that the FTC did not allege that HyperBeard itself collected any personal information from children—rather, the alleged violations centered around the company enabling third parties to collect personal information from children through its service. The fine serves as a warning to online operators that they are strictly responsible for their third-party integrations, even if they themselves do not collect personal information from children. Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, emphasized, “If your app or website is directed to kids, you’ve got to make sure parents are in the loop before you collect children’s personal information. This includes allowing someone else, such as an ad network, to collect persistent identifiers, like advertising IDs or cookies, in order to serve behavioral advertising.”
Continue Reading It’s 10 p.m. Do You Know What Your Third-Party Integrations Are Doing?

A new report from the U.S. Copyright Office suggests that Congress should fine-tune the Digital Millennium Copyright Act (DMCA) to, among other things, alter the takedown system that platforms must adhere to in order to be eligible for the safe harbor the DMCA affords to online platforms when third parties post infringing content. Read about

The Federal Trade Commission (FTC) appears to be using its ongoing review of current rules and guides to revisit its approach to driving home the message that the relationship between a social media “influencer” and the brand he or she is endorsing must be disclosed. As we have described previously, the FTC has interpreted its Guides Concerning the Use of Endorsements and Testimonials in Advertising (the “Endorsement Guides”) to require that online advertisements — like all other advertising — clearly and conspicuously disclose material connections between endorsers (i.e., influencers) and the brands they promote because such connections may affect the credibility of the endorsement. And, in recent years, the FTC has — through enforcement actions, press releases, guidance, closing letters, and letters sent directly to endorsers (including prominent public figures) — made clear its belief that: (1) appropriate disclosures by influencers are essential to protecting consumers; and (2) in too many instances, such disclosures are absent from celebrity or other influencer endorsements.

Now, in connection with a request for comments on the Endorsement Guides, FTC Commissioner Rohit Chopra has issued a scathing statement calling on the FTC to “take bold steps to safeguard our digital economy from lies, distortions, and disinformation.” In this regard, Commissioner Chopra suggests that the FTC’s efforts to date have not been effective in “deterring misconduct in the marketplace” relating to inauthentic and fake reviews, and that, in particular, elements of the Endorsement Guides should be codified as formal rules so that violators can be liable for civil penalties and damages under the FTC Act.

Also of note is that Commissioner Chopra has asserted that the FTC should refocus its efforts on advertisers themselves, and not the influencers that promote their brands.  According to the Commissioner, “when companies launder advertising by paying someone for a seemingly authentic endorsement or review, this is illegal payola,” and “companies paying for undisclosed influencer endorsements and reviews are not [being] held fully accountable for this illegal activity.” Seeking to aggressively penalize advertisers themselves would be a shift in emphasis for the FTC, as its recent efforts to combat inadequate disclosures in influencer advertising have focused on influencers. For example, the FTC recently produced a brochure detailing the responsibility of influencers “to make [required] disclosures, to be familiar with the Endorsement Guides, and to comply with laws against deceptive ads.” The FTC also brought an enforcement action against influencers, and foreshadowed that more enforcement will happen in the future.


Continue Reading Fake News & Paid Reviews: FTC Seeks Comments on its Endorsement Guides

The Federal Trade Commission is trying yet another approach to convey the message that the relationship between a social media “influencer” and the brand he or she is endorsing must be disclosed. This new guidance from FTC staff takes the form of a brochure (with accompanying video) aimed directly at influencers. It bluntly states that influencers “must comply with the law” when working with brands to recommend or endorse products and provides “tips on when and how to make good disclosures.”

The brochure is a distillation of the FTC’s Guides Concerning the Use of Endorsements and Testimonials in Advertising (the “Endorsement Guides”), as well as subsequent FAQs, guidance, and related materials. Arising out of the prohibition under Section 5 of the FTC Act on unfair and deceptive acts or practices, the Endorsement Guides require advertisers and endorsers (i.e., influencers) to, among other things, clearly and conspicuously disclose when the advertiser has provided an endorser with any type of compensation in exchange for an endorsement. This type of arrangement is what the Endorsement Guides describe as a “material connection,” meaning “a connection between the endorser and the seller of the advertised product that might materially affect the weight or credibility of the endorsement (i.e., the connection is not reasonably expected by the audience).” The new brochure delivers this message as follows: “Telling your followers about these kinds of relationships [i.e., material connections] is important because it helps keep your recommendations honest and truthful, and it allows people to weigh the value of your endorsements.”
Continue Reading Influencing the Influencers: FTC Staff Release “Disclosures 101” Guidance for Online Endorsers

In a move likely welcomed by publishers seeking a solution to honoring “sale” opt-outs in the interest-based advertising space, the Interactive Advertising Bureau last week released the IAB California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies. The IAB is the trade association for the digital media and marketing industries, and it developed the Framework to help publishers (i.e., websites) and the online advertising supply chain comply with the CCPA—and particularly with the CCPA’s right to consumer opt-outs of “sales” of personal information.

The Framework sets up a system in which a consumer opt-out has the result that the parties in the digital advertising supply chain become limited service providers to the publisher, such that there is no longer a “sale” with respect to those consumers’ personal information. A limited service provider may still serve ads on behalf of the publisher, but those ads cannot involve any “sale” of personal information under the CCPA.

IAB is accepting public comments to the Framework until Tuesday, November 5, 2019. Comments should be emailed to privacy@iab.com. The draft Framework and draft technical specifications for the Framework can be accessed here.
Continue Reading We’re Sorry, Your Service (Provider) Is Limited: The IAB CCPA Compliance Framework

In just over a week, on October 1, 2019, key amendments to Nevada’s online privacy law will take effect. We previously detailed the amendments here. In brief:

  • Consumers have the right to opt out of the sale of their personal information. The law gives Nevada consumers the right to request that website operators refrain

Last week, the Federal Trade Commission made clear that child-directed parts of an otherwise general audience service will subject the operator of the service to the Children’s Online Privacy Protection Act (COPPA).

Just six months after the FTC’s record-setting settlement against TikTok, the FTC announced a $170 million fine against Google and its subsidiary YouTube to settle allegations that YouTube had collected personal information from children without first obtaining parental consent, in violation of the FTC’s rule implementing COPPA. This $170 million fine—$136 million to the FTC and $34 million to the New York Attorney General, with whom the FTC brought the enforcement action—dwarfs the $5.7 million levied against TikTok earlier this year. It is by far the largest amount that the FTC has obtained in a COPPA case since Congress enacted the law in 1998. The settlement puts operators of general-audience websites on notice that they are not automatically excluded from COPPA’s coverage: they are required to comply with COPPA if particular parts of their websites or content (including content uploaded by others) are directed to children under age 13.


Continue Reading The Company Who Cried “General Audience”: Google and YouTube to Pay $170 Million for Alleged COPPA Violations

Advancements in technology appear to have spurred the Federal Trade Commission to initiate a review of its rule promulgated pursuant to the Children’s Online Privacy Protection Act (the “COPPA Rule” or “Rule”) four years ahead of schedule. Last week, the FTC published a Federal Register notice seeking comments on the Rule. Although the FTC typically reviews a rule only once every 10 years and the last COPPA Rule review ended in 2013, the Commission unanimously voted 5-0 to seek comments ahead of its next scheduled review. The Commission cited the education technology sector, voice-enabled connected devices, and general audience platforms hosting third-party, child-directed content as developments warranting reexamination of the Rule at this time.

Background

The COPPA Rule, which first went into effect in 2000, generally requires operators of online services to obtain verifiable parental consent before collecting personal information from children under the age of 13.  In 2013, the FTC amended the COPPA Rule to address changes in the way children use and access the internet, including through the increased use of mobile devices and social networking.  Its amendments included the expansion of the definition of “personal information” to include persistent identifiers that track online activity, geolocation information, photos, videos, and audio recordings. The new review could result in similarly significant amendments.

Questions for Public Comment

In addition to standard questions about the effectiveness of the COPPA Rule and whether it should be retained, eliminated, or modified, the FTC is seeking comment on all major provisions of the Rule, including its definitions, notice and parental consent requirements, exceptions, and security requirements.
Continue Reading Back to School Early: FTC Seeks Comments to COPPA Rule Ahead of Schedule

In March, Socially Aware reported on a lawsuit involving several prominent news outlets’ publication of a photo of NFL quarterback Tom Brady on Twitter. The case had the potential to upend a copyright and Internet-law rule that, in the words of a Forbes columnist, “media companies had viewed as settled law for over a