The high-end skincare brand Sunday Riley has settled lawsuits filed by the Federal Trade Commission claiming that the brand’s founder encouraged employees of her eponymous company to set up accounts “under different identities” on the cosmetics retail site Sephora.com and leave positive reviews for Sunday Riley’s products. The FTC filed the complaints after the agency
A recent decision from the Ninth Circuit Court of Appeals in a dispute between LinkedIn and hiQ Labs has spotlighted the thorny legal issues involved in unauthorized web scraping of data from public websites. While some may interpret the LinkedIn decision as greenlighting such activity, this would be a mistake. On close review of the decision, and in light of other decisions that have held unauthorized web scrapers liable, the conduct remains vulnerable to legal challenge.
hiQ and LinkedIn
Founded in 2012, hiQ is a data analytics company that uses automated bots to scrape information from LinkedIn’s website. hiQ targets the information that users have made public for all to see in their LinkedIn profile. hiQ pays nothing to LinkedIn for the data, which it uses, along with its own predictive algorithm, to yield “people analytics,” which it then sells to clients.
In May 2017, LinkedIn sent a cease-and-desist letter to hiQ demanding that it stop accessing and copying data from LinkedIn’s servers. LinkedIn also implemented technical measures to prevent hiQ from accessing the site, which hiQ circumvented.
Shortly thereafter, with its entire business model under threat, hiQ filed suit in the United States District Court for the Northern District of California seeking injunctive relief and a declaration that LinkedIn had no right to prevent it from accessing public LinkedIn member profiles.…
Last year we covered a wide range of online legal and business subjects intended for readers ranging from Internet entrepreneurs to social media marketers, from online shoppers to e-tailers, from networkers to influencers (and the brands that pay them).
The topics of our blog posts covered a myriad of cutting-edge subjects, including a new federal…
“My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw,” wrote a tech blogger who purchased Google Inc.’s latest internet of things (IoT) device. Following the incident, a pact of consumer advocacy groups insisted the U.S. Consumer Product Safety Commission (CPSC) recall the Google smart speaker due to privacy concerns arising when the device recorded all audio without voice command prompts.
The CPSC is charged with protecting consumers from products that pose potential hazards. Traditionally, this has meant hazards that may cause physical injury or property damage. But as internet-connected household products continue to proliferate, issues like the “always-on” Google Home Mini raise an important question: Where does cybersecurity of consumer IoT devices fit within the current legal framework governing consumer products?
The Explosion of IoT
Forecasts predict that by 2020 IoT devices will account for 24 billion of the 34 billion devices connected to the internet. According to a recent Gemalto survey, “[a] hacker controlling IoT devices is the most common concern for consumers (65%), while six in ten (60%) worry about their data being stolen.”
The rapid growth of the IoT market and continued integration into daily life raises the question of which regulatory body or bodies, if any, should be responsible for consumer safety when it comes to cybersecurity for consumer IoT devices.
The Intersection of Consumer Product Safety, Privacy and Cybersecurity
The CPSC’s jurisdiction has traditionally been limited to physical injury and property damage. It is “charged with protecting the public from unreasonable risks of injury or death associated with the use of the thousands of types of consumer products under the agency’s jurisdiction.”…
Often derided as clickbait, listicles get a bum rap. They can be light on substantive content, sure, but sometimes that’s a good thing, especially for the busy readers of legal blogs, who would do well to treat themselves to some easily browsable reading material once in a while.
And so, at Socially Aware, we’ve made an annual tradition of curating a “List of Lists”—an inventory of the predictions, retrospectives and roundups that we think will be of most interest to our readership.
We’ll update this page throughout the month as additional pertinent content is published.
Technology & Social Media Law
Social Media (General)
In this era of big data, a company’s value may increasingly depend on the value of the information it has collected and stored. As companies amass ever-growing amounts of often sensitive personal data, the privacy and cybersecurity risks involved in mergers and acquisitions have become greater. As a result, today’s M&A transactions necessarily require deep…
Recent challenges to the Federal Trade Commission’s (FTC) authority to police data security practices have criticized the agency’s failure to provide adequate guidance to companies.
In other words, the criticism goes, businesses do not know what they need to do to avoid a charge that their data security programs fall short of the law’s requirements.
A series of blog posts that the FTC began on July 21, 2017, titled “Stick with Security,” follows promises from acting Chair Maureen Ohlhausen to provide more transparency about practices that contribute to reasonable data security. Some of the posts provide insight into specific data security practices that businesses should take, while others merely suggest what, in general, the FTC sees as essential to a comprehensive data security program.…
As Socially Aware readers know, privacy and data security issues are among the most critical legal issues confronting companies that do business online. With ransomware attacks and hacking incidents on the rise, and with privacy and data security laws becoming increasingly burdensome, companies are spending more time and resources than ever before addressing privacy and…
Instagram is now allowing a limited number of users to identify branded content with a “paid partnership” subhead instead of using hashtags like #ad and #sponsored to identify sponsored posts. The platform says it plans to police paid sponsors’ disclosure obligations eventually, but—for now—educating and gathering feedback from Instagram’s community and launch partners is all…
Since YouTube resolved to give brands greater control over the kind of content that their ads appear alongside, many of the…