Foreign websites that use geotargeted advertising may be subject to personal jurisdiction in the United States, even if they have no physical presence in the United States and do not specifically target their services to the United States, according to a new ruling from the Fourth Circuit Court of Appeals.

In UMG Recordings, Inc. v. Kurbanov, twelve record companies sued Tofig Kurbanov, who owns and operates the websites: and These websites enable visitors to rip audio tracks from videos on various platforms, like YouTube, and convert the audio tracks into downloadable files.

The record companies sued Kurbanov for copyright infringement and argued that a federal district court in Virginia had specific personal jurisdiction over Kurbanov because of his contacts with Virginia and with the United States more generally. Kurbanov moved to dismiss for lack of personal jurisdiction, and the district court granted his motion. Continue Reading Stretching the Bounds of Personal Jurisdiction, 4th Circuit Finds Geotargeted Advertising May Subject Foreign Website Owner to Personal Jurisdiction in the U.S.

In a purported attempt to safeguard free speech, President Trump has issued an order “Preventing Online Censorship,” that would eliminate the protections afforded by one of our favorite topics here at Socially Aware, Section 230 of the Communications Decency Act, which generally protects online platforms from liability for content posted by third parties. President Trump issued the order after Twitter tagged some of his tweets as misleading and linked the tweets to text contradicting their substance. Democratic presidential candidate Joseph Biden is also in favor of abolishing the law, but for very different reasons. Find out what they are.

There’s more than one way to strip a law of its teeth. In what Politico describes as “the latest GOP-led plan to target Section 230” of the Communications Decency Act, Senator Josh Hawley is proposing legislation that would make websites eligible for the Section 230 protections only if they stop the sale of ads that target users based on behavioral data.

And a Circuit Court in Virginia dismissed a suit that Representative Devin Nunes, a California Republican, brought against Twitter for defamation stemming from two parody accounts—@DevinNunesMom, and @DevinCow—that posted unflattering things about Rep. Nunes during President Trump’s impeachment hearings last year. The court held that Section 230 of the Communications Decency Act insulated Twitter from liability.

After the first Supreme Court oral argument held over the phone, Justice Ruth Bader Ginsburg wrote in a majority opinion that is entitled to a trademark, and that “adding ‘.com’ to a generic word can make the entire combination eligible for trademark protection.”Twitter’s new “request verification” option will allow run-of-the-mill users to acquire the blue checkmark next to their names that the platform formerly reserved for public figures. Read about how else Twitter plans to improve its verification system.

Tik My Day, a marketing agency that Tik Tok launched in Australia, says it can provide all the services necessary for a branded Tik Tok campaign within 24 hours.

Users of the dating app OkCupid can now add a #BlackLivesMatter badge to their profiles. The social media firm also donated $1 million in advertising to Black American civil rights organizations, and added several social-justice-related questions to their matching process. How did the app’s users answer? Read the statistics.

Eric Akira Tate spoke to TechRepublic about how businesses should think about establishing or updating corporate social media policies to account for the changing standards, especially as the U.S. is in the midst of a civil rights movement.

“Reviewing social media policies so that there are no misunderstandings about what use of social media is acceptable or not for an employer is all the more appropriate to do now,” Eric said, adding that employers should have policies in place to prevent employees from inadvertently or purposefully interfering with the employer’s desired image.

“A policy puts employees on notice of what conduct or use of social media is allowed and not allowed within the parameters of their employment and work for the employer,” he said. “It allows employers to have more consistent enforcement in the event of improper behavior.”

Eric also recommended reviewing existing social media policies to cover the increase in remote work, “Being careful about taking selfies with computer screens or work papers in the background, for example, could inadvertently reveal confidential business information.”

Read the full article.

Online service providers typically seek to mitigate risk by including arbitration clauses in their user agreements. In order for such agreements to be effective, however, they must be implemented properly. Babcock vs. Neutron Holdings, Inc., a recent Southern District of Florida case involving a plaintiff who was injured while riding one of the defendant’s Lime e-scooters, illustrates that courts will closely scrutinize the details of how an online contract is presented to users to determine whether or not it is enforceable. Continue Reading Sweating the Details: Court Analyzes User Interface to Uphold Online Arbitration Clause

Alex van der Wolk, Marijn Storm, and Ronan Tigner authored an article for the IAPP covering the Belgian Data Protection Authority’s challenge to the “tell-a-friend” function on social media websites that enables users to share content with their personal contacts.

The DPA’s decision to fine social media platform Twoo for privacy violations of its tell-a-friend feature is important “because it makes non-users’ consent necessary for a platform to send emails or other communications to non-users, which puts the platform in a near-impossible situation,” according to the authors.

“The challenge for the outcome of the DPA’s decision is that it renders most tell-a-friend systems impracticable,” the authors wrote. “One of the main purposes of a tell-a-friend system is to alert and invite people who are not on the platform. From the platform’s perspective, it will be nearly impossible to validly obtain their consent to receive communications.”

Read the full article.

In the wake of the COVID-19 pandemic, children are spending more of their lives in the digital realm, both for education and entertainment purposes—but that doesn’t mean the Federal Trade Commission (FTC) is cutting online operators slack for not complying with the Children’s Online Privacy Protection Act (COPPA). Last week, the FTC levied a $4 million penalty against HyperBeard, Inc., a popular mobile app developer, to settle allegations that HyperBeard integrated third-party ad networks into its child-directed apps in violation of COPPA.(Due to HyperBeard’s inability to pay the full amount, the $4 million penalty will be suspended upon payment of $150,000 by HyperBeard).

The complaint is notable in that the FTC did not allege that HyperBeard itself collected any personal information from children—rather, the alleged violations centered around the company enabling third parties to collect personal information from children through its service. The fine serves as a warning to online operators that they are strictly responsible for their third-party integrations, even if they themselves do not collect personal information from children. Andrew Smith, Director of the FTC’s Bureau of Consumer Protection, emphasized, “If your app or website is directed to kids, you’ve got to make sure parents are in the loop before you collect children’s personal information. This includes allowing someone else, such as an ad network, to collect persistent identifiers, like advertising IDs or cookies, in order to serve behavioral advertising.” Continue Reading It’s 10 p.m. Do You Know What Your Third-Party Integrations Are Doing?

Despite the coronavirus pandemic, the process of implementing Brexit continues. One of the key Brexit issues for the tech sector is the extent to which the UK will either align or diverge its digital regulations with the EU.

Both the UK and EU have set out their intentions for their post-Brexit relationship in matters relating to technology, digital, and telecoms issues. There are signs that both the UK and EU will seek early alignment in key tech/digital compliance areas: is this a sign of things to come?

The UK government recently published its draft working text for a comprehensive free trade agreement between the UK and the EU (the “draft text”). As we explain below, the draft text covers (1) digital trade, recognising the importance of adopting frameworks that promote consumer confidence in digital services, (2) telecoms, and (3) audiovisual services. Intriguingly, the draft text aims to maintain regulatory alignment between the UK and the EU, insofar as possible, which could be a sign of the extent to which the UK plans to align with the EU (rather than forge its own path), both in these three areas and elsewhere, once the Brexit transition period is over. Continue Reading Digital Compliance in Europe: Regulatory Alignment Post-Brexit

Is scraping data from a publicly available website trade secret misappropriation? Based on a new opinion from the Eleventh Circuit, It might be.

In Compulife Software, Inc. v. Newman, Compulife Software, a life insurance quote database service alleged that one of its competitors scraped millions of insurance quotes from its database and then sold the proprietary data themselves. Compulife brought a number of claims against its competitors, including misappropriation of trade secrets under Florida’s version of the Uniform Trade Secrets Act (FUTSA) and under the Federal Defend Trade Secrets Act (DTSA).

Following a bench trial, Magistrate Judge James Hopkins found that, while Compulife’s underlying database merits trade secret protection, the individual quotes generated through public Internet queries to the database do not. So using a bot to take those individual quotes one by one did not constitute a misappropriation of trade secrets. On appeal, however, the Eleventh Circuit disagreed, vacated, and remanded the case.

Facts of the Case

Compulife’s main product is its “Transformative Database,” which contains many different premium-rate tables that it receives from life insurance companies. While these rate tables are available to the public, Compulife often receives these tables before they are released for general use. In addition, Compulife applies a special formula to these rate tables to calculate its personalized life insurance quotes. Continue Reading Webscraping a Publicly Available Database May Constitute Trade Secret Misappropriation

As we have noted many times in prior articles, courts often refuse to enforce “browsewrap” agreements where terms are presented to users merely by including a link on a page or screen without requiring affirmative acceptance. Courts typically look more favorably on “clickwrap” agreements where users agree to be bound by, for example, checking a box or clicking an “I accept” button.

The problem is that many implementations of online contracts do not fit neatly into one category or the other. The result is that courts, seemingly unable to resist the siren song of the “-wrap” terminology, find themselves struggling to shoehorn real-life cases into the binary clickwrap/browsewrap rubric, and often resort to inventing new terminology such as the dreaded “hybridwrap.”

HealthplanCRM, LLC v. Avmed, Inc., a case out of the Western District of Pennsylvania, illustrates this phenomenon. Plaintiff Cavulus licensed certain CRM software to defendant AvMed. AvMed decided to replace Cavulus software with a different CRM product and engaged defendant NTT to assist AvMed in transitioning its data to the successor product. Cavulus alleged, among other things, that NTT misappropriated its trade secrets in the course of doing this work. Cavulus sought to compel NTT to arbitrate these claims based on an arbitration clause contained in an “End-User Agreement” that was referenced in a link on the log-in page of the Cavulus software. Continue Reading Court Discovers Rare and Elusive “Enforceable Browsewrap”

A new report from the U.S. Copyright Office suggests that Congress should fine-tune the Digital Millennium Copyright Act (DMCA) to, among other things, alter the takedown system that platforms must adhere to in order to be eligible for the safe harbor the DMCA affords to online platforms when third parties post infringing content. Read about the Copyright Office’s issues with the current takedown system.

Malwarebytes, an online filtering company, has asked the U.S. Supreme Court to grant certiorari in a case brought by one of Malwarebytes’ competitors, Enigma Software, alleging that—when Malwarebytes flagged one of Enigma’s most popular offerings as a potential threat—Malwarebytes, among other things, committed a deceptive business practice. The Ninth Circuit refused to dismiss the case, holding that Section 230(c)(2) of the Communications Decency Act did not insulate Malwarebytes from liability.

A new law in France would impose fines of up to $1.36 million on technology platforms that fail to take down terrorist and child pornography content within one hour of that content being flagged, or fail to remove hateful comments that concern topics including gender or disability within 24 hours of being flagged.

Members of the Florida Bar who deliver targeted ads through social media must comply with that state bar’s more restrictive direct solicitation rules rather than its general advertising rules.

A law firm fired one of its Dallas-based employees after learning he had posted to his personal social media account a rant about businesses requesting him to wear a mask to thwart the possibility of spreading or catching the COVID-19 virus. The rant included a threat to “show [his] Glock 21” handgun shooting range results to “the lame security guard outside of a ghetto store.”

The New Jersey Supreme Court’s Disciplinary Review Board (DRB) decided that John Robertelli, a Rivkin Radler lawyer, violated the state’s Rules of Professional Conduct when—in order to gather evidence while acting as counsel for defendants in a personal injury case—Robertelli surreptitiously accessed the private Facebook account of the plaintiff, whom Robertelli knew was represented by opposing counsel. The DRB also recommended that the New Jersey Supreme Court adopt a policy on using social media for discovery purposes. Read the guidelines the DRB suggested.

Big changes are afoot at Facebook, which has recently introduced Shops, allowing users to purchase products directly from businesses’ Facebook pages, and announced the addition of new features to Workplace, the company’s “enterprise-focused chat and video platform.”