Last year we covered a wide range of online legal and business subjects intended for readers ranging from Internet entrepreneurs to social media marketers, from online shoppers to e-tailers, from networkers to influencers (and the brands that pay them).

The topics of our blog posts covered a myriad of cutting-edge subjects, including a new federal law limiting a business’s ability to stop patrons from posting negative online reviews and a court opinion that gave online retailers some cause for celebration.

As interesting as those topics are, they weren’t the subjects of Socially Aware’s most widely read articles from last year. Here are the most popular posts that appeared on Socially Aware in 2017.

  1. Second Circuit Clarifies “Repeat Infringer” Policy Requirement for DMCA Copyright Safe Harbors
  2. N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know
  3. The Hague District Court’s WhatsApp Decision Creates Concerns for Mobile App Developers
  4. Google Ordered to Comply with Warrant for Foreign-Stored User Data
  5. Limiting Statutory Damages in Internet Copyright Cases
  6. Court Orders Google to Turn Over Foreign-Stored Data
  7. Zazzle Fizzles: Website Operator Denied Copyright Safe Harbor Protection for Its Sale of Physical Products Featuring User-Generated Images
  8. Delaware Paves the Way for Blockchain Technology
  9. Brands Beware: FTC Continues Campaign on Social Media Influencer Disclosures
  10. FTC Report Reinforces the Rules for Cross-Device Tracking

“My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw,” wrote a tech blogger who purchased Google Inc.’s latest internet of things (IoT) device. Following the incident, a pact of consumer advocacy groups insisted the U.S. Consumer Product Safety Commission (CPSC) recall the Google smart speaker due to privacy concerns arising when the device recorded all audio without voice command prompts.

The CPSC is charged with protecting consumers from products that pose potential hazards. Traditionally, this has meant hazards that may cause physical injury or property damage. But as internet-connected household products continue to proliferate, issues like the “always-on” Google Home Mini raise an important question: Where does cybersecurity of consumer IoT devices fit within the current legal framework governing consumer products?

The Explosion of IoT

Forecasts predict that by 2020 IoT devices will account for 24 billion of the 34 billion devices connected to the internet. According to a recent Gemalto survey, “[a] hacker controlling IoT devices is the most common concern for consumers (65%), while six in ten (60%) worry about their data being stolen.”

The rapid growth of the IoT market and continued integration into daily life raises the question of which regulatory body or bodies, if any, should be responsible for consumer safety when it comes to cybersecurity for consumer IoT devices.

The Intersection of Consumer Product Safety, Privacy and Cybersecurity

The CPSC’s jurisdiction has traditionally been limited to physical injury and property damage. It is “charged with protecting the public from unreasonable risks of injury or death associated with the use of the thousands of types of consumer products under the agency’s jurisdiction.” Continue Reading Connected Devices Bring New Product Liability Challenges

Often derided as clickbait, listicles get a bum rap. They can be light on substantive content, sure, but sometimes that’s a good thing, especially for the busy readers of legal blogs, who would do well to treat themselves to some easily browsable reading material once in a while.

And so, at Socially Aware, we’ve made an annual tradition of curating a “List of Lists”—an inventory of the predictions, retrospectives and roundups that we think will be of most interest to our readership.

We’ll update this page throughout the month as additional pertinent content is published.

Happy 2018!

Technology & Social Media Law

The Top 10 Legal Tech Stories of 2017

UK Internet Law Developments to Look Out for in 2018

Social Media (General)

Most Popular Social Media Apps

7 Social Media Trends That Dominated 2017

8 Things We Learned About Social Media in 2017

7 Social Media Trends That Will Dominate 2018

10 Social-Media Trends to Prepare for in 2018

8 Top Social Media Trends to Look Out for in 2018

Social Media Trends to Watch For in 2018

Top 5 Social Media Trends to Put Into Practice in 2018

The Web 100

Continue Reading A List of Lists

In this era of big data, a company’s value may increasingly depend on the value of the information it has collected and stored. As companies amass ever-growing amounts of often sensitive personal data, the privacy and cybersecurity risks involved in mergers and acquisitions have become greater. As a result, today’s M&A transactions necessarily require deep due diligence on the privacy and cybersecurity risks posed by these deals, including a review of the M&A target’s communications on internal- and external-facing social media platforms.

In a practical webinar on September 26, 2017, Socially Aware contributor Christine Lyon and Mike Krigbaum discussed privacy and data security due diligence in M&A transactions. The topics they covered included:

  • Common challenges and pitfalls in performing privacy and cybersecurity due diligence;
  • The questions an acquirer’s team should ask to better identify, evaluate, and manage an acquisition target’s privacy and cybersecurity vulnerabilities; and
  • Steps the seller’s team can take to mitigate risk and help ensure that the deal is not jeopardized.

To view a recording of the webcast, click here.

Recent challenges to the Federal Trade Commission’s (FTC) authority to police data security practices have criticized the agency’s failure to provide adequate guidance to companies.

In other words, the criticism goes, businesses do not know what they need to do to avoid a charge that their data security programs fall short of the law’s requirements.

A series of blog posts that the FTC began on July 21, 2017, titled “Stick with Security,” follows promises from acting Chair Maureen Ohlhausen to provide more transparency about practices that contribute to reasonable data security. Some of the posts provide insight into specific data security practices that businesses should take, while others merely suggest what, in general, the FTC sees as essential to a comprehensive data security program. Continue Reading More Insight From the FTC on Data Security—or More of the Same?

As Socially Aware readers know, privacy and data security issues are among the most critical legal issues confronting companies that do business online. With ransomware attacks and hacking incidents on the rise, and with privacy and data security laws becoming increasingly burdensome, companies are spending more time and resources than ever before addressing privacy and data security issues. Indeed, Morrison & Foerster recently collaborated with ALM Intelligence to take an in-depth look at the types of privacy and data security issues with which in-house legal departments are wrestling, and how such departments are dealing with these issues. The resulting report is interesting and informative, and can be found here.

Instagram is now allowing a limited number of users to identify branded content with a “paid partnership” subhead instead of using hashtags like #ad and #sponsored to identify sponsored posts. The platform says it plans to police paid sponsors’ disclosure obligations eventually, but—for now—educating and gathering feedback from Instagram’s community and launch partners is all Instagram hopes to achieve with the branded content tool.

Authorities in Helsinki plan to debut in the autumn what will be the world’s first regular driverless transportation system to reach the masses: public, autonomous-bus services. Will the job of “bus driver” one day join the list (along with “silent movie piano accompanist,” “elevator operator” and “switchboard operator”) of occupations rendered obsolete by new technologies?

On free speech grounds, a German parliamentary body struck down a draft German law that would have imposed up to 50 million euros in fines on social media companies that failed to remove or block racist and fake news posts within 24 hours or seven days, depending on whether the content’s racist or false nature is unambiguous.

To ensure President Trump’s tweets from the official @POTUS account and his personal account are preserved for future reference, Rep. Mike Quigley has introduced the COVFEFE Act, which would amend the President Records Act to include social media posts—a change that would ensure the President’s deleted tweets are documented for archival purposes and would make deleting tweets a violation of the Presidential Records Act subject to disciplinary action.

In a post on its “newsroom” page, Facebook published a list of seven “Hard Questions”—inquiries that address many of the most pressing issues today’s social media companies face, from the definition of “fake news,” to the fate of deceased users’ accounts. The post instructs readers to weigh in by emailing Facebook at hardquestions@fb.com.

Hoping to expand its user base, Twitter made design changes to its app again.

Examining one of the many ways Internet of Things devices pose security risks, Ars Technica describes a security consultant’s demonstration of how, using terrestrial radio signals, hackers can control a slew of Smart TVs, spying on the TVs’ owners using the TVs’ cameras and microphones and attacking other devices in the TVs’ owners’ home networks.

Despite the impact social media marketing can have on brand reputation, 60% of Fortune 500 CEOs reportedly have no social media presence at all.

Marketing Land and Business Insider published pieces describing how to use Snapchat’s new self-serve ad-buying tool, Ad Manager, the messaging app’s attempt to make advertising on Snapchat simpler and more accessible to small businesses.

Inc. Magazine provides a clear explanation of how the blockchain works, which industries it’s likely to change and what’s standing in the way of the blockchain’s widespread adoption.

There’s a new dating app for singles with little patience for protracted email exchanges.

Twitter updated its online Privacy Policy to disclose that Twitter will be personalizing content and facilitating interest-based advertising by sharing information about its users’ online activity both on and off the microblogging site.

Since YouTube resolved to give brands greater control over the kind of content that their ads appear alongside, many of the platform’s content creators and personalities have seen their ad revenue plummet, and they’re not sure whether it’s a result of major companies continuing to avoid the platform, new ad-buying methods, or YouTube algorithms flagging their content as inappropriate.

A recently-released ABA ethics opinion states that, for communications with clients involving highly sensitive confidential client information, lawyers may need to take extra steps beyond using unencrypted email to guard against cyberthreats.

An IBM application built on its Watson artificial intelligence platform and designed to help financial services companies monitor their outside counsel spend reportedly saved one corporate customer close to $400 million a year in legal fees.

By advertising on quality news sites (and not just the big social media platforms where brands are currently spending the bulk of their online advertising dollars), corporate America can save not only critical watchdog journalism but also democracy itself, writes The New York Times’s Jim Rutenberg,

Has the influencer marketing model been jeopardized by the fiasco that was the Fyre Festival, which celebrity influencers including Kendall Jenner and Bella Hadid allegedly endorsed “without any proof of concept” and, contrary to FTC guidance, allegedly promoted on social media without clarifying that their posts were paid endorsements?

A new mental health app offers users support between professional therapy sessions by allowing them to anonymously message fellow members for support and by employing an artificial intelligence-based natural language processing system that can recognize and delete abusive messages and refer emergencies to a human moderator.

Wendy’s awarded a year’s worth of its chicken nuggets to a 16-year-old whose tweet asking the restaurant chain for a 365-day supply of the fast food went viral and broke Ellen DeGeneres’s record for the most re-tweeted post on Twitter (3.42 million retweets and counting).

In the most recent edition of his CyberSide Chat series, Socially Aware contributor Andy Serwin discusses ransomware attacks, including:

  • the reasons why ransomware attacks are becoming more common;
  • the types of ransomware attacks companies should prepare to address; and
  • the strategies that companies can employ to help guard against, and to help mitigate the damage arising from, these types of cybersecurity breaches.

Andy explains not only the defenses that companies can implement to protect themselves against a ransomware attack, but also the issues a ransomware-attack-response plan must address—a topic that another Socially Aware contributor, Nate Taylor, tackled in his Sept. 26, 2016 blog post 5 Questions to Help Prepare For a Ransomware Attack.

Check out Andy’s insightful presentation: