“My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw,” wrote a tech blogger who purchased Google Inc.’s latest internet of things (IoT) device. Following the incident, a pact of consumer advocacy groups insisted the U.S. Consumer Product Safety Commission (CPSC) recall the Google smart speaker due to privacy concerns arising when the device recorded all audio without voice command prompts.

The CPSC is charged with protecting consumers from products that pose potential hazards. Traditionally, this has meant hazards that may cause physical injury or property damage. But as internet-connected household products continue to proliferate, issues like the “always-on” Google Home Mini raise an important question: Where does cybersecurity of consumer IoT devices fit within the current legal framework governing consumer products?

The Explosion of IoT

Forecasts predict that by 2020 IoT devices will account for 24 billion of the 34 billion devices connected to the internet. According to a recent Gemalto survey, “[a] hacker controlling IoT devices is the most common concern for consumers (65%), while six in ten (60%) worry about their data being stolen.”

The rapid growth of the IoT market and continued integration into daily life raises the question of which regulatory body or bodies, if any, should be responsible for consumer safety when it comes to cybersecurity for consumer IoT devices.

The Intersection of Consumer Product Safety, Privacy and Cybersecurity

The CPSC’s jurisdiction has traditionally been limited to physical injury and property damage. It is “charged with protecting the public from unreasonable risks of injury or death associated with the use of the thousands of types of consumer products under the agency’s jurisdiction.” Continue Reading Connected Devices Bring New Product Liability Challenges

Happy 2018 to our readers! It has become a Socially Aware tradition to start the New Year with some predictions from our editors and contributors. With smart contracts on the horizon, the Internet of Things and cryptocurrencies in the spotlight, and a number of closely watched lawsuits moving toward resolution, 2018 promises to be an exciting year in the world of emerging technology and Internet law.

Here are some of our predictions regarding tech-related legal developments over the next twelve months. As always, the views expressed are not to be attributed to Morrison & Foerster or its clients.

From John Delaney, Co-Founder and Co-Editor, Socially Aware, and Partner at Morrison & Foerster:
Regarding Web Scraping

Web scraping is an increasingly common activity among businesses (by one estimate, web-scraping bots account for as much as 46% of Internet traffic), and is helping to fuel the “Big Data” revolution. Despite the growing popularity of web scraping, courts have been generally unsympathetic to web scrapers. Last August, however, web scrapers finally received a huge victory, as the U.S. District Court for the Northern District of California enjoined LinkedIn from blocking hiQ Labs’ scraping of publicly available user profiles from the LinkedIn website in the hiQ Labs, Inc. v. LinkedIn Corp. litigation. The case is now on appeal to the Ninth Circuit; although my sense is that the Ninth Circuit will reject the broad scope and rationale of the lower court’s ruling, if the Ninth Circuit nevertheless ultimately sides with hiQ Labs, the web scraper, the decision could be a game changer, bringing online scraping out of the shadows and perhaps spurring more aggressive uses of scraping tools and scraped data. On the other hand, if the Ninth Circuit reverses, we may see companies reexamining and perhaps curtailing their scraping initiatives. Either way, 2018 promises to bring greater clarity to this murky area of the law.

Regarding the Growing Challenges for Social Media Platforms

2017 was a tough year for social media platforms. After years of positive press, immense consumer goodwill and a generally “hands off” attitude from regulators, last year saw a growing backlash against social media due to a number of reasons: the continued rise of trolling creating an ever-more toxic online environment; criticism of social media’s role in the dissemination of fake news; the growing concern over social media “filter bubbles” and “echo chambers”; and worries about the potential societal impact of social media’s algorithm-driven effectiveness in attracting and keeping a grip on our attention. Expect to see in 2018 further efforts by social media companies to get out ahead of most if not all of these issues, in the hopes of winning over critics and discouraging greater governmental regulation.

Regarding the DMCA Safe Harbor for Hosting of User-Generated Content

The backlash against social media noted in my prior item may also be reflected to some extent in several 2017 court decisions regarding the DMCA safe harbor shielding website operators and other online service providers from copyright damages in connection with user-generated content (and perhaps in the CDA Section 230 case law discussed by Aaron Rubin below). After nearly two decades of court decisions generally taking an ever more expansive approach to this particular DMCA safe harbor, the pendulum begun to swing in the other direction in 2016, and this trend picked up steam in 2017, culminating in the Ninth Circuit’s Mavrix decision, which found an social media platform provider’s use of volunteer curators to review user posts to deprive the provider of DMCA safe harbor protection. Expect to see the pendulum continue to swing in favor of copyright owners in DMCA safe harbor decisions over the coming year.

Regarding Smart Contracts

Expect to see broader, mainstream adoption of “smart contracts,” especially in the B2B context—and perhaps litigation over smart contracts in 2019 . . . .

From Aaron Rubin, Co-Editor, Socially Aware, and Partner at Morrison & Foerster:
Regarding the CDA Section 230 Safe Harbor

We noted previously that 2016 was a particularly rough year for Section 230 of the Communications Decency Act and the immunity that the statute provides website operators against liability arising from third-party or user-generated content. Now that 2017 is in the rear view mirror, Section 230 is still standing but its future remains imperiled. We have seen evidence of Section 230’s resiliency in recent cases where courts rejected plaintiffs’ creative attempts to find chinks in the immunity’s armor by arguing, for example, that websites lose immunity when they use data analytics to direct users to content, or when they fail to warn users of potential dangers, or when they share ad revenue with content developers. Nonetheless, it is clear that the knives are still out for Section 230, including in Congress, where a number of bills are under consideration that would significantly limit the safe harbor in the name of combatting sex trafficking. I predict that 2018 will only see these efforts to rein in Section 230 increase. Continue Reading 2018: Predictions From Socially Aware’s Editors and Contributors

A federal district court in Wisconsin struck down the first law in the country requiring augmented-reality-game makers to go through a complicated permit-application process before their apps could be used in county parks.

The U.S. Supreme Court on Nov. 13 will implement an electronic filing system, making all new documents available to the public for free. In another attempt to advance its use of technology, SCOTUS updated its website.

Approximately 40% of the world’s population is now active on social media.

Researchers who tried to identify people suffering from depression by examining their Instagram photos had a 70% success rate.

DoNotPay, a chatbot that has helped drivers to overturn 375,000 parking tickets so far, is expanding to help consumers tackle nearly one thousand other legal issues without the help of an attorney.

The number of Internet-of-Things-related companies is fast multiplying. This Forbes piece lists the IoT categories that are attracting the most interest from entrepreneurs and investors.

Companies that allow hiring managers to check out job candidates’ social media accounts could be exposing themselves to legal trouble.

Beware requests to connect on social media from people you don’t actually know. A known hacker group used a fake LinkedIn profile to connect with people working at certain companies and trick them into installing malware on their company computers.

Using blockchain, companies organized as Decentralized Autonomous Organizations do away with the need for senior executives and managers by allowing stakeholders to vote on every decision the company faces—including the fate of employees who underperform.

A survey of 2,000 Britons about their pet social-media-peeves showed that bragging about your kids might hurt your popularity online. Read the full list of cyber activities that most people consider Facebook faux pas.

Dealmakers who responded to a recent Morrison & Foerster survey predicted that the market for M&A transactions in the technology sector will be even more robust in 2017 than it was in 2015 and 2016—years in which acquirers announced deals collectively valued at more than $1 trillion.

Now a report by MoFo’s M&A team leaders and 451 Research shows that Internet of Things-related transactions contributed significantly to the tech M&A market’s impressive numbers over the last few years. For one thing, IoT-related deals announced since 2013 have been valued at $147.3 billion.

For discussions of other IoT-related issues, check out Morrison & Foerster’s IoT Resource Center.

04_12_TechMASnapshot_IoT_SociallyAware_150dpi

BigBrotherEye-GettyImages-149355675-600pxIf your company collects information regarding consumers though Internet-connected devices, you will want to take note of the Federal Trade Commission’s (FTC) recent privacy-related settlement (brought in conjunction with the New Jersey Attorney General) with smart TV manufacturer Vizio, Inc. The settlement is significant for four reasons:

  • The FTC reinforces the position it has taken in other actions that the collection and use of information in a way that would surprise the consumer requires just-in-time notice and choice in order to avoid a charge of deception and/or unfairness under Section 5 of the FTC Act.
  • The FTC takes the position that television viewing activity constitutes sensitive data. This marks a departure from its approach of limiting sensitive data to information that, for example, can facilitate identity theft, precisely locate an individual, is collected online from young children or relates to matters generally considered delicate (such as health information).
  • The settlement includes a payment of $1.5 million to the FTC (as well as payment of civil penalties to New Jersey), but the legal basis for the FTC payment is not stated. This could suggest that the FTC will more aggressively seek to obtain injunctive monetary relief in Section 5 cases.
  • Acting Chairwoman Maureen Ohlhausen explicitly noted in a concurring statement her skepticism regarding both the allegation that TV viewing data is “sensitive” and that the FTC’s complaint adequately established that the practices at issue constitute “substantial injury” under the unfairness prong of Section 5.

Leaving aside what the chairwoman’s concurrence may portend for future enforcement efforts, the FTC again seems to be using allegedly bad facts about privacy practices to push the envelope of its authority. Accordingly, with the Internet of Things boom fueling a dramatic increase in the number of Internet-connected devices, companies that either collect information via such devices or make use of such collected information should consider the implications of this enforcement action.

Continue Reading Watch Out: The Federal Trade Commission Continues to Watch the (Alleged) Watchers

3D illustration of conveyor belt

Donald Trump’s successful road to the White House was fueled by heated rhetoric against free trade deals and U.S. companies engaged in offshore outsourcing. Underpinning his slogan “Make America Great Again” was a premise that millions of jobs lost to other countries should and could return to the United States.

The president’s ambitious goals include the creation of 25 million new jobs over 10 years. Central to the plan is adjusting trade policies—either scrapping them altogether or negotiating new ones more beneficial to American workers. So, too, it would seem, are policies aimed at discouraging companies from outsourcing operations abroad where labor is cheaper.

During the campaign, President Trump called out some of America’s best-known companies for their reliance on foreign labor. He has kept up the rhetoric since being elected. In December, when he touted his success in persuading air conditioner maker Carrier Corp. to keep 800 jobs in Indiana, Trump signaled a policy of retribution to prevent further outsourcing: “Companies are not going to leave the United States any more without consequences,” he said. Continue Reading Tech, Not Trade, Poses Biggest Threat to American Jobs

The Internet of Things is apparently to blame for the Web outage that paralyzed the online world earlier this month.

Justin Timberlake took down his “ballot selfie” from Instagram after Tennessee authorities made clear that it was illegal.

Presumably in order to help facilitate compliance with guidance from regulators in the United States, United Kingdom and elsewhere, YouTube is making available to video creators an easy-to-use “sponsored content” notification that they can opt to have appear during the first few seconds of their videos.

Will blockchain technology be the next big wave of disruption for the music industry?

With Tinder’s new feature, online daters can be sure their profiles feature the photos most likely to get right-swipes.

When the chief digital officer at New York’s Metropolitan Museum of Art lost his job, he turned to social media for advice.

The NFL’s new social media policy promises to impose hefty fines on member teams that post videos or animated GIFs of games, or use Facebook Live or Periscope to stream anything in the stadium.

When a Russian tech entrepreneur’s friend died, she used artificial intelligence and his old text messages to create a futuristic memorial.

Employed but curious about new job opportunities? Now you can change your LinkedIn profile to secretly signal to recruiters that you’re in the market for a new gig.

Guess what percentage of Americans one researcher predicts will own a virtual reality headset in 2016?

Could Google Flights be the ticket to finding the best possible fare to your 2016 winter holiday destination?

The California Supreme Court agreed to hear Yelp’s case arguing that requiring the company to remove a one-star review of a law firm “creates a gaping hole” in the immunity that shields internet service providers from suits related to user-generated content.

Images, videos and quoted tweets no longer count toward Twitter’s 140-charter limit.

Google is undertaking cutting-edge efforts to battle online trolls.

Only 28 websites are registered under North Korea’s top level .kp domain.

Chinese law enforcement agencies investigating criminal cases can now secretly request access to personal information posted on social media services.

Back here in the United States, Twitter’s bi-annual transparency report shows that between January and June the platform received 2,520 information requests from U.S. law enforcement agencies.

The Department of Transportation issued a 15-point list of safety expectations for driverless cars.

Relationship Science, a repository of information about influential people and their connections, is opening its database to everyone, a change that could put the company in competition with LinkedIn.

Content marketers need to publish how many articles a week to make a difference?! Sigh.

Building an audience on Snapchat seems pretty arduous, too.

Concerned that your identity may have been stolen in some of the major hacking attacks in the last three years? Take this quiz to learn your minimum level of exposure and what you can do about it.

The five most popular bots on Botlist last week.

The Newspaper Association of America has filed a first-of-its-kind complaint with the FTC over certain ad blocking technologies.

Is it “Internet” or “internet”? The Associated Press is about to change the capitalization rule.

Lots of people criticized Instagram’s new logo, but, according to a design-analysis app, it’s much better than the old logo at doing this.

Twitter has finally realized that people don’t use it to buy things.

Facebook wants to help sell every ad on the web.

A Russian law enforcement agency is investigating controversial groups alleged to have encouraged more than 100 teenage suicides on social media.

A self-proclaimed “badass lawyer” lost a defamation suit against a Twitter account that parodied him.

The Internet of every single thing must be stopped.

*        *       *

To stay abreast of social media-related legal and business developments, please subscribe to our free newsletter.

 

04_21_Apr_SociallyAware_v6_Page_01The latest issue of our Socially Aware newsletter is now available here.

In this issue of Socially Aware, our Burton Award winning guide to the law and business of social media. In this edition, we discuss what a company can do to help protect the likes, followers, views, tweets and shares that constitute its social media “currency”; we review a federal district court opinion refusing to enforce an arbitration clause included in online terms and conditions referenced in a “wet signature” contract; we highlight the potential legal risks associated with terminating an employee for complaining about her salary on social media; we explore the need for standardization and interoperability in the Internet of Things world; we examine the proposed EU-U.S. Privacy Shield’s attempt to satisfy consumers’ privacy concerns, the European Court of Justice’s legal requirements, and companies’ practical considerations; and we take a look at the European Commission’s efforts to harmonize the digital sale of goods and content throughout Europe.

All this—plus an infographic illustrating the growing popularity and implications of ad blocking software.

Read our newsletter.