Correct check box digital concept

As we have previously discussed, if you want your electronic contracts to be enforceable, it is a best practice to require the counterparty to affirmatively accept the contract by checking a box or clicking a button. A recent New Jersey district court decision, ADP, LLC v. Lynch, reinforces this point. Such issues most often arise in the context of website terms of use, but ADP v. Lynch involved a non-competition provision and forum selection clause contained in documentation presented to employees electronically in connection with stock option grants.

The employer, ADP, sued two former employees for taking jobs at a competitor in violation of certain restrictive covenants contained in the stock option grant documentation. The employees sought to dismiss the action on the basis of lack of jurisdiction, and ADP responded by pointing to a forum selection clause in the grant documentation. The employees argued, however, that they had not received adequate notice of the restrictive covenants and that the forum selection clause was unenforceable.

The grant documentation containing the restrictive covenants and the forum selection clause had been presented to the employees in electronic form and, based on the allegations in ADP’s complaint, the employees were required to acknowledge the documentation in order to receive the stock option grants. Specifically, ADP had presented the documentation in such a way that each employee was physically unable to click the required “Accept Grant” button unless he or she had affirmatively checked a prior box indicating that he or she had read the associated documents containing the restrictive covenants and forum selection clause.

The court also noted that ADP’s manager of its stock plan services “provided a step-by-step rundown” of the process that employees were required to follow to accept stock option grants, and that, “in order to accept those awards, an employee would have to affirmatively acknowledge that he or she reviewed the Restrictive Covenants before proceeding.” This illustrates another point we have noted previously: If you want your electronic contracts to be enforceable, you should not only make sure to implement them in a way that requires affirmative acceptance, you should also be prepared to produce evidence that the user at issue actually accepted.

In light of the above, the court analyzed the grant documentation containing the restrictive covenants and forum selection clause as an enforceable “clickwrap” contract similar to the website terms of use at issue in another case we have written about previously, Fteja v. Facebook, Inc.:

 “At this stage in the litigation, the Court finds that the forum selection clauses are encompassed by enforceable clickwrap agreements. The complaints unequivocally allege that an employee could not accept any stock grants until acknowledging that he or she reviewed all grant documents, including the Restrictive Covenants that contained the forum selection clauses. […] In order to accept those awards, an employee would have to affirmatively acknowledge that he or she reviewed the Restrictive Covenants before proceeding. […] Therefore, this case involves the type of clickwrap agreement that other courts have found to be enforceable.”

The court also found unpersuasive the employees’ argument that mutual assent was lacking because the acknowledgment box did not expressly state “I agree to the terms of the grant documents,” but instead merely required the employees to acknowledge that they had read those documents. According to the court, this was a “distinction without difference” because, in accepting the option grant, the defendants were required to represent as part of the grant agreements that they had read the restrictive covenant agreements.

Accordingly, as ADP sufficiently alleged that it had required the employees to affirmatively accept the restrictive covenants and forum selection clause as part of the electronic contracting process, the court denied the employees’ motion to dismiss.

While this case does not necessarily break new ground in terms of the enforceability of electronic contracts, it does illustrate that the same principle applies whether you are seeking to impose terms and conditions on users of your website or enforce restrictive covenants and a forum selection clause in an employment agreement: make sure the counterparty is required to take some clear and affirmative action to expressly accept the contract.

*          *          *

For more on what it takes for an online agreement to be enforceable, see Implementing and Enforcing Online Terms of Use; Three Steps to Help Ensure the Enforceability of Your Website’s Terms of Use; Clickwrap, Browsewrap and Mixed Media Contracts: A Few Words Can Go a Long Way; and Terms and Conditions Buried in Easily Ignored Scroll Box Don’t Cut It, the Seventh Circuit Holds.

ContentGraphic_SmallWe’re in the midst of a seismic shift in how companies interact with user-generated content (UGC).

For years, companies were happy simply to host UGC on their websites, blogs and social media pages and reap the resulting boost to their traffic numbers. And U.S. law—in the form of Section 512(c) of the Digital Millennium Copyright Act (DMCA)—accommodated this passive use of UGC by creating a safe harbor from copyright damages for websites, blogs and social media platform operators that hosted UGC posted without the authorization of the owners of the copyrights in such UGC, so long as such operators complied with the requirements of the safe harbor.

Increasingly, companies are no longer satisfied with passively hosting UGC. Rather, they now want to find creative ways to commercialize such content—by incorporating it into ads (including print, TV and other offline ads), creating new works based on such content and even selling such content. Yet, in moving beyond mere hosting to proactive exploitation of UGC, companies risk losing the benefit of the DMCA Section 512(c) safe harbor, which could result in potentially significant copyright liability exposure.

For example, if a company finds that users are posting potentially valuable UGC to the company’s Facebook page, or on Twitter in connection with one of the company’s hashtags, that company may want to make such UGC available on its own website. The DMCA Section 512(c) safe harbor, however, is unlikely to protect the company in copying such UGC from the Facebook or Twitter platform to its own website.

The reality is that any company seeking to monetize or otherwise exploit UGC needs to proceed with extreme caution. This is true for several reasons:

  • UGC can implicate a wide range of rights . . . As with any content, UGC is almost certainly subject to copyright protection, although certain Tweets and other short, text-only posts could potentially be exempt from copyright protection if they qualify as “short phrases” under the Copyright Act. If any individuals are identifiable in UGC, then rights of publicity and rights of privacy may also be relevant. In addition, UGC may contain visible third-party trademarks or comments that defame or invade the privacy of third parties.
  • . . . and a wide range of rightsholders. Notably, many of the rights necessary to exploit UGC are likely to be held by individuals and corporations other than the posting user. For example, unless a photo is a “selfie,” the photographer and the subject of the photo will be different individuals, with each holding different rights—copyright, for the photographer, and the rights of publicity and privacy, for the subject—that could be relevant to the exploitation of the photo. Moreover, any trademarks, logos and other images contained in a photo could potentially implicate third-party rightsholders, including third-party corporations. Videos also raise the possibility of unauthorized clips or embedded music.
  • If the UGC is hosted by a third-party social network, it may have Terms of Service that help—or hurt—efforts to exploit the UGC. Most social media networks collect broad rights to UGC from their users, although they differ substantially when it comes to passing those rights along to third parties interested in exploiting the content. For example, if a company uses Twitter’s Application Programming Interface (API) to identify and access Tweets that it would like to republish, then Twitter grants to that company a license to “copy a reasonable amount of and display” the Tweets on the company’s own services, subject to certain limitations. (For example, Twitter currently prohibits any display of Tweets that could imply an endorsement of a product or service, absent separate permission from the user.) Instagram also has an API that provides access to UGC, but, in contrast to Twitter, Instagram’s API terms do not appear to grant any license to the UGC and affirmatively require companies to “comply with any requirements or restrictions” imposed by Instagram users on their UGC.

With these risks in mind, we note several emerging best practices for a company to consider if it has decided to exploit UGC in ways that may fall outside the scope of DMCA Section 512(c) and other online safe harbors. Although legal risk can never be eliminated in dealing with UGC, these strategies may help to reduce such risk:

  • Carefully review the Social Media Platform Terms. If the item of UGC at issue has been posted to a social media platform, determine whether the Terms of Service for such platform grants any rights to use such posted UGC off of the platform or imposes any restrictions on such content. Note, however, that any license to UGC granted by a social media platform almost certainly will not include any representations, warranties or indemnities, and so it may not offer any protection against third-party claims arising from the UGC at issue.
  • Seek Permission. If the social media platform’s governing terms don’t provide you with all of the rights needed to exploit the UGC item at issue (or even if they do), seek permission directly from the user who posted the item. Sophisticated brands will often approach a user via the commenting or private messaging features of the applicable social media platform, and will present him or her with a link to a short, user-friendly license agreement. Often, the user will be delighted by the brand’s interest in using his or her content. Of course, be aware that the party posting the content may not be the party that can authorize use of that content, as Agence France Presse learned the hard way in using photos taken from Twitter.
  • Make Available Terms and Conditions for “Promotional” Hashtags. If a company promotes a particular hashtag to its customers, and would like to use content that is posted in conjunction with the hashtag, the company could consider making available a short set of terms alongside its promotion of that hashtag. For example, in any communications promoting the existence of the hashtag and associated marketing campaign, the company could inform customers that their use of the hashtag will constitute permission for the company to use any content posted together with the hashtag. Such an approach could face significant enforceability issues—after all, it is essentially a form of “browsewrap” agreement—but it could provide the company with a potential defense in the event of a subsequent dispute.
  • Adopt a Curation Process. Adopt an internal curation process to identify items of UGC that are especially high risk, which could include videos, photos of celebrities, photos of children, professional-quality content, any content containing copyright notices, watermarks and so forth, and any content containing potentially defamatory, fraudulent or otherwise illegal content. Ensure that the curators are trained and equipped with checklists and other materials approved by the company’s legal department or outside counsel. Ideally, any high-risk content should be subject to the company’s most stringent approach to obtaining permission and clearing rights—or perhaps avoided altogether.
  • Adjust the Approach for High-Risk Uses. Consider the way in which the UGC at issue is expected to be used, and whether the company’s risk tolerance should be adjusted accordingly. For example, if an item of UGC will be used in a high-profile advertisement, the company may want to undertake independent diligence on any questionable aspects of the UGC, even after obtaining the posting user’s permission—or perhaps avoid any questionable UGC altogether.

In a social media age that values authenticity, more and more companies—even big, risk-adverse Fortune 100 companies—are interested in finding ways to leverage UGC relevant to their business, products or services. Yet the shift from merely hosting UGC to actively exploiting it raises very real legal hurdles for companies. The tips above are not a substitute for working closely with experienced social media counsel, but they collectively provide a framework for addressing legal risks in connection with a company’s efforts to commercialize UGC.

*          *        *

For more on the issues related to user-generated content, see New Court Decision Highlights Potential Headache for Companies Hosting User-Generated Content; Court Holds That DMCA Safe Harbor Does Not Extend to Infringement Prior to Designation of Agent; and Thinking About Using Pictures Pulled From Twitter? Think Again, New York Court Warns.

As a social media lawyer, I work closely with website operators and other clients to help reduce the risk of liability that can arise from doing business online. One of the key ways to minimize online legal risks is to use a carefully drafted online Terms of Use agreement. In my new video below, I discuss how website operators use terms of use to mitigate risk and liability, and explain the difference between “clickwrap” and “browsewrap” terms of use.

To stay abreast of social media-related legal developments, please subscribe to our free newsletter.

10-14-2015 3-48-13 PMThe latest issue of our Socially Aware newsletter is now available here.

In this issue of Socially Aware, our Burton Award-winning guide to the law and business of social media, we highlight five key social media law issues to address with your corporate clients; we discuss when social media posts are discoverable in litigation; we identify six important considerations in drafting legal terms for mobile apps; we take a look at the clash between bankruptcy law and privacy law in RadioShack’s Chapter 11 proceedings; we examine a recent federal district court decision finding “browsewrap” terms of use to be of benefit to a website operator even if not a binding contract; we outline best practices for employers’ use of social media to screen and interact with employees and conduct workplace investigations; we explore a Washington state court’s refusal to unmask an anonymous online reviewer; and we discuss Facebook’s recent update of its “Notes” feature.

All this—plus an infographic illustrating the growing popularity of video on social media.

Read our newsletter.

 

Operators of social media platforms and other websites typically manage their risks by imposing terms of use or terms of service for the sites. As we previously wrote, websites must implement such terms properly to ensure that they are enforceable. Specifically, users must be required to manifest acceptance of the terms in a manner that results in an enforceable contract. But what specifically constitutes such acceptance, and what steps should website operators take to memorialize and maintain the resulting contract? This article attempts to answer these practical questions.

Use Boxes or Buttons to Require Affirmative Acceptance

Website operators should avoid the cardinal sin in online contract formation: burying terms of use in a link at the bottom of a website and attempting to bind users to those terms based merely on their use of the website. Outside of some specific (and, for our purposes, not particularly relevant) circumstances, such approaches, often confusingly referred to as “browsewrap” agreements, will not result in a valid contract because there is no objective manifestation of assent. (Note, though, that even so-called browsewrap terms may be helpful in some circumstances, as we described in this post.)

Moreover, even website terms presented through a “conspicuous” link may not be enforceable if users are not required to affirmatively accept them. For example, in Nguyen v. Barnes & Noble, Inc., Barnes & Noble did include a relatively clear link to its website terms on its checkout page, but nothing required users to affirmatively indicate that they accepted the terms. The Ninth Circuit held, therefore, that Barnes & Noble could not enforce the arbitration provision contained in the terms. While the specific outcome in Barnes & Noble arguably is part of a Ninth Circuit trend of declining to enforce arbitration clauses on the grounds that no contract had been formed, nothing in the opinion limits the Ninth Circuit’s holding to arbitration provisions. The case is an important cautionary tale for all website operators.

To avoid the Barnes & Noble outcome, website operators should implement two key features when users first attempt to complete an interaction with the site, such as making a purchase, registering an account, or posting content: (1) present website terms conspicuously, and (2) require users to click a checkbox or an “I accept” button accompanying the terms. The gold-standard implementation is to display the full text of the website terms above or below that checkbox or button. If they fit on a single page, that is helpful, but an easy-to-use scroll box can work as well. Website operators taking the scroll box approach may consider requiring users to actually scroll through the terms before accepting them.

Many website operators, however, choose not to present the terms themselves on the page where a user is required to indicate acceptance. Instead, they present a link to the terms alongside a checkbox or button. Courts have ratified this type of implementation as long as it is abundantly clear that the link contains the website terms and that checking a box or clicking a button indicates acceptance of those terms. This was essentially the implementation at issue in a 2012 case from the Southern District of New York, Fteja v. Facebook, Inc. Specifically, signing up for Facebook required users to click a button labeled “Sign Up,” and immediately below that button was the text, “By clicking Sign Up, you are indicating that you have read and agree to the Terms of Service.” The phrase “Terms of Service” was underlined and operated as a link to the terms. The court reasoned that whether the plaintiff read the terms of service was irrelevant because, for the plaintiff and others “to whom the internet is an indispensable part of daily life,” clicking on such a link “is the twenty-first century equivalent” of turning over a cruise ticket to read the terms printed on the back. As sure as vacationers know they can read the small print on their cruise tickets to find the terms they accept by embarking on the cruise, the plaintiff knew where he could read the terms of use he accepted by using Facebook. The parties formed an enforceable contract once the plaintiff clicked the “Sign Up” button.

This reasoning, however, does not necessarily mean that an implementation like the one at issue in Fteja will always will result in an enforceable contract. Because it relied on the plaintiff’s admitted proficiency in using computers and the Internet, the court likened the “Terms of Service” link to the backside of a cruise ticket. This leaves room to argue for a different outcome when a website operator should expect that novice computer users will be among its visitors. The simple way to avoid that (perhaps far-fetched) argument is to expressly identify the hyperlink as a means to read the contract terms. That approach succeeded in Snap-On Business Solutions v. O’Neil & Assocs., where the website expressly instructed users, “[i]mmediately following this text is a green box with an arrow that users may click to view the entire EULA.”

These cases illustrate how important it is to expressly connect users’ affirmative actions to the terms of use. In particular, the checkbox or button and accompanying text should clearly indicate that the user’s click signifies acceptance of the website terms. The terms should be presented in a clear, readable typeface and be printable, and the “call to action” text should be unambiguous—not susceptible to interpretation as anything other than acceptance of the website terms.

Here are some examples:

  • “By checking this box ¨, I agree to the ‘Terms of Use’ presented above on this page.”
  • “By clicking ‘I Accept’ immediately below, I agree to the ‘Terms of Service’ presented in the scroll box above.”
  • “Check this box ¨ to indicate that you accept the Terms of Use (click this link to read the Terms of Use).” (In this example, the website terms would be presented through a link, as in the Fteja case. The added instruction, “click this link to read the Terms of Use,” avoids any potential argument that a Fteja-type implementation only works where users can be assumed not to be novice computer users.)

Ensure You Can Prove Affirmative Acceptance

Even website operators that properly implement website terms often neglect another important task: making sure they can prove that a particular user accepted the terms. One common approach—to present declarations from employees—is illustrated in Moretti v. Hertz Corp., a 2014 case from the Northern District of California. The employees in that case affirmed via declarations that (1) a user could not have used the website without accepting the website terms, and (2) the terms included the relevant provision when the use took place.

The approach in Moretti, however, has a potential weakness: it depends on declarants’ credibility and their personal memory of when the terms of service included certain provisions. Website operators can address that vulnerability by emailing a confirmation to users after they accept the website terms and then archiving copies of those messages. To limit the volume of email users receive, this confirmation could be included with other communications, such as messages confirming an order or registration. This approach has two benefits. First, the confirmation email provides further notice to the user of the website terms. Second, instead of (or in addition to) invoking employees’ memory of historical facts to establish which terms were in effect at the relevant time, employees can simply authenticate copies of the messages based on their knowledge of the messaging system.

Provide Notice of Any Changes

Some of the most difficult implementation issues arise when a website operator wishes to modify its terms. Website terms often purport to allow the operator to change the terms whenever it wishes, but unilateral modifications may not be enforceable if they’re not implemented properly because—like any other contract amendment—modification of website terms requires the agreement of both parties. Ideally, website operators should require users to expressly accept any changes or updates through a mechanism like the one used to obtain their acceptance of the website terms in the first place.

Many website operators, however, are understandably reluctant to add friction to the user experience by repeating such legal formalities every time they modify their terms. In those cases, operators should consider providing users with clear advance notice of modifications. Such notice could specify when the changes will go into effect and state that continued use after that date will constitute acceptance of the changes. For example, in Rodriguez v. Instagram, Instagram announced a month in advance that it planned to modify its terms, and the plaintiff continued to use the site after the effective date of the change. On those facts, the trial court found that the plaintiff agreed to the modified terms by continuing to use the service. While Instagram and other cases have indicated that unilateral changes require, at the very least, advance notice, other courts may be less willing to enforce unilateral modifications without express acceptance by the user, especially where the factual issue of notice is contested. Obtaining express acceptance remains the safest approach.

Following the above guidelines will increase the likelihood that courts will view website terms—and the important risk mitigation provisions they contain, such as disclaimers, limitations of liability and dispute resolution provisions—as enforceable contracts.

 

MobilePhone_56311774_thumbnailFor corporations, the mobile app is today’s website.

Back in the late 1990s, no self-respecting company, no matter how stodgy and old-fashioned, wanted to be without a website.

Today, the same is true with mobile apps. It doesn’t matter what industry a company is in—it needs to have an app that customers and potential customers can download to their smartphones. Even big, tradition-bound law firms are developing and distributing mobile apps, for crying out loud.

Here at Socially Aware, we have been known to spend our free time downloading and examining mobile apps owned by companies that are new to the software distribution business (after all, a mobile app is just that — distributed software). In doing so, we’ve noticed a number of common missteps by app distributors in connection with the legal terms—or End User License Agreements (EULAs)—governing such apps. Accordingly, here is our list of key issues to address in adopting a EULA for a mobile app.

1.  Adopt Your Own EULA. A EULA is an important part of any company’s strategy to mitigate risks and protect its intellectual property in connection with its mobile apps. Hardly any company would release desktop software without a EULA, and mobile apps—which, as noted above, are software products—warrant the same protection. While a number of other app providers such as Google provide a “default” EULA to govern mobile apps downloaded from their respective app stores, they also permit developers to adopt their own custom EULAs instead—subject to a few caveats, as mentioned in our fifth item below. Because the default EULAs can be quite limited, and can’t possibly address the unique issues that any particular app is likely to raise, a company should ideally adopt its own EULA to best protect its interests in its apps.

2.  Is Your EULA Binding? The best EULA is a binding EULA. U.S. courts have consistently made clear that a “clickwrap”-style agreement has the best chance of being enforceable; although whether an agreement is enforceable in any particular case may depend on how the agreement is actually presented to users, and how users indicate their assent. Having adopted customized EULAs, companies have several opportunities to present their EULAs to users. In most app stores, for example, a dedicated link called “License Agreement” lets companies link to their EULAs. In addition, companies should ideally include language in their apps’ “Description” field making clear to users that, by downloading and using the app, they are accepting the EULA. But it’s still possible in most app stores for users to purchase and download an app without seeing the EULA; accordingly, for apps that may present significant risk issues—such as banking or e-commerce apps—the most conservative approach is to require an affirmative “click-accept” of the EULA when the app is first opened by a user on his or her device.

3.  Which Parties Will Your EULA Bind? If an app is targeted toward businesses, or toward individuals who will use the app in their business capacities, then the EULA should ideally bind both the individual who uses the app and the individual’s employer. Similarly, if minors will be permitted to use the app, then the EULA should require that a parent or guardian consent on the minor’s behalf. (Of course, if minors under 13 will be allowed to use the app, or if the app will be directed toward such minors, you will need to address Children’s Online Privacy Protection Act issues in connection with the app.)

4.  Where Will Your EULA Reside? As a technical matter, a EULA can reside in one of two places: it can be “hard-coded” into the app itself, so that the EULA is downloaded together with the app, or it can reside on a separate web server maintained by the developer. The former approach ensures that the EULA is always accessible to the user, even if the user’s device is offline. Some users may decide not to download the latest updates, however, and, as a result, those users may not be bound by the updated terms. In contrast, under the latter approach, companies can update their EULAs at any time by simply updating the document on their own web servers, although the EULAs won’t available to the user offline. Companies should think about which approach works best for their specific apps and their associated risk issues.

5.  Does Your EULA Incorporate Terms Required by Third Parties? Some app stores, such as the Apple App Store, understandably require that, if a company adopts a custom EULA for its app, such customized EULA must include terms protecting the applicable app store owner. (Other app stores may place such protective terms in their own user-facing agreements, and require developers to acknowledge that such protective terms will govern.) Other third-party terms may also apply, depending on any third-party functionalities or open-source code incorporated into the app. For example, if a company integrates Google Maps into its app, Google requires the integrating company to pass certain terms on to its end users. The licensors of any open-source code used by an app may also require the company to include certain disclaimers, attributions, usage restrictions or other terms in the EULA.

6. Is your EULA clearly written and reasonable? Traditionally, EULAs have been overlong, filled with impenetrable legal jargon and, frankly, hard to read, sometimes even for lawyers. An emerging best practice, especially for B2C apps, is to draft app EULAs that are understandable to consumers, and to minimize unnecessary legalisms such as “null and void,” “including without limitation” and the reflexive prefacing of sentences with “we hereby reserve the right” or “you hereby acknowledge and agree.” Moreover, because space on a mobile device screen can be limited, thought should be given to eliminating repetition in app EULAs wherever possible. Of course, even if a EULA is written in plain English, extremely one-sided provisions—such as a disclaimer of direct damages (rather than a cap on such damages)—may raise concerns with a court in any subsequent litigation involving the EULA. At the same time, the EULA is ultimately a legal document, and an app developer will want to make sure that any slimmed-down or simplified EULA still provides adequate protection for the developer.

Social_Community85The explosive growth of social media has clients facing legal questions that didn’t even exist a few short years ago. Helping your clients navigate this muddled legal landscape will have them clicking “like” in no time.

What’s in a Like?

Not long ago, the word “like” was primarily a verb (and an interjection used by “valley girls”). You could have likes and dislikes in the sense of preferences, but you couldn’t give someone a like, claim to own a like or assert legal rights in likes. Today, however, a company’s social media pages and profiles, and the associated likes, followers and connections, are often considered valuable business assets. Courts have come to various conclusions regarding whether likes and similar social media constructs constitute property, but one thing is clear: Every company that uses social media should have in place clear policies regarding employee social media use and ownership of business-related social media accounts.

Employees who manage a company’s social media accounts often insert themselves as the “voice” of the brand and establish a rapport with the company’s fans and followers. Without clear policies that address ownership of social media accounts, and clearly distinguish between the company’s accounts and employees’ personal accounts, your client may find itself in a dispute when these employees leave the company and try to take the company’s fans and followers with them.

Read a more detailed description of “likes” as assets here.

Dirty Laundry

It comes as no surprise that employees frequently use social media to complain about managers and coworkers, pay, work conditions and other aspects of their employment. Companies often would prefer not to air these issues publicly, so they establish policies and impose discipline when employees’ social media activity becomes problematic. Companies need to be careful, however, that their policies and disciplinary actions comply with applicable law.

A number of National Labor Relations Board decisions have examined whether employees’ statements on social media constitute “concerted activity”—activity by two or more employees that provides mutual aid or protection regarding terms or conditions of employment—for purposes of the National Labor Relations Act (which, notably, applies regardless of whether the employees are unionized or not). Companies also need to be careful to comply with state statutes limiting employer access to employees’ personal social media accounts, such as California Labor Code Section 980, which prohibits an employer from asking an employee or applicant to disclose personal social media usernames or passwords, access personal social media in the presence of the employer, or divulge personal social media.

Read more about the intersection of social media policies and labor law here and here.

Terms of (Ab)use

Companies often consider their social media pages and profiles to be even more important than are the companies’ own websites for marketing and maintaining customer engagement. But a company’s own website has one advantage over a third party social media platform: The company sets its own terms for use of its website, while the third party social media platform is subject to terms of use imposed by the platform operator. And, in many cases, the terms imposed on users of social media platforms are onerous and make little distinction between individual users using the platform just for recreation and corporate users who depend on the platform for their businesses.

Social media terms of use often grant platform operators broad licenses to content posted on the platform, impose one-sided indemnification obligations on users, and permit platform operators to terminate users’ access with or without cause. You may have little luck negotiating modifications to such online contracts for your clients, but you can at least inform your clients of the terms that govern their use of social media, so that they can weigh the costs and benefits.

Read more about social media platforms’ terms of use here, here, and here.

Same as It Ever Was

When it comes to using social media for advertising, the media may be new but the rules are the same as ever. Companies that advertise through social media—especially by leveraging user endorsements—need to comply with Section 5 of the FTC Act, which bars “unfair or deceptive acts or practices.” Bloggers and others who endorse products must actually use the product and must disclose any “material connections” they have with the product providers (for example, a tech blogger reviewing a mobile phone that she received for free from the manufacturer should disclose that fact). Because this information is likely to affect consumers’ assessment of an endorsement, failure to disclose may be deemed deceptive. So if you have a client that uses endorsements to promote its products, make sure to brush up on the FTC “Dot Com Disclosures” and other relevant FTC guidance.

Read more about endorsement disclosure obligations here.

Good Rep

As noted, a company’s social media pages, followers, etc., may constitute valuable business assets. But buyers in M&A transactions often neglect such assets when formulating the seller’s reps and warranties. Buyers should consider asking the seller to disclose all social media accounts that the target company uses and to represent and warrant that none of the target’s social media account names infringe any third party trademark or other IP rights, that all use of the accounts complies with applicable terms of service, and that the target has implemented policies providing that the company (and not any employee) owns all business-related social media accounts and imposing appropriate guidelines regarding employee use of social media.

Finally, if you have clients that use social media, it’s important to be familiar with the popular social media platforms and their (ever-changing) rules and features. Learning to spot these issues isn’t going to turn you into the next Shakira—as of this writing, the most liked person on Facebook with well over 100 million likes—but your clients will surely appreciate your help as they traverse the social media maze.

Read more about social media assets in M&A transactions here.

This piece originally appeared in The Recorder.

The latest issue of our Socially Aware newsletter is now available here.

In this issue of Socially Aware, our Burton Award-winning guide to the law and business of social media, we look at several topics surrounding the proverbial online thumbs up, including the emerging legal status of Facebook likes and similar social media constructs; Facebook’s recent prohibition of the popular business practice of offering discounts, exclusive content and other incentives in exchange for liking a company’s Facebook page; and Facebook’s crackdown on the practice of buying phony likes. We realize though that likes aren’t everything, so we also explore the legal framework for moving personal data to the cloud; we examine clickwraps vs. browsewraps in relation to the implementation and enforcement of online terms of use; we discuss the new California privacy law revisions impacting website and mobile app operators directing their services to minors; we take a look at the new infringement exceptions in the United Kingdom; and we highlight a recent decision in the UK granting a website-blocking order against certain ISPs in a case involving counterfeit goods.

All this—plus an infographic about—what else?—Facebook likes.

Read our newsletter.

Operators of social media platforms and other websites must manage a large number of risks arising from their interactions with users. In an effort to maintain a degree of predictability and mitigate some of those risks, website operators routinely present users with terms of use or terms of service (“Website Terms”) that purport to govern access to and use of the relevant website and include provisions designed to protect the website operators, such as disclaimers, limitations of liability and favorable dispute resolution provisions. But are such Website Terms enforceable against users and do they actually provide the protection that website operators seek? The answer may well depend on how the Website Terms are implemented.

Clickwrap vs. Browsewrap

Website Terms typically come in two flavors: “clickwrap” terms, where users are required to accept by taking some affirmative action such as checking a box or clicking an “I accept” button before using the website, and “browsewrap” terms that are provided to users through a link (often, but not always, at the bottom of the page) and purport to bind users even without any affirmative manifestation of acceptance. In determining whether Website Terms are enforceable against users, courts focus on whether users had notice of the terms and actually agreed to be bound by them. Not surprisingly, therefore, courts tend to look more favorably on clickwrap implementations as compared to browsewrap terms.

For example, in Fteja v. Facebook, Inc. (S.D.N.Y. 2012), the plaintiff claimed that Facebook disabled his Facebook account without justification and for discriminatory reasons, causing emotional distress and harming his reputation. Facebook moved to transfer the case to federal court in Northern California based on the forum selection clause in the Facebook terms of use, but the plaintiff claimed that he had never agreed to the terms of use. The court concluded that the plaintiff was bound by the Facebook terms, however, because he had checked a box indicating his acceptance when he registered for Facebook.

In contrast, Barnes & Noble had less luck enforcing its terms of use in Nguyen v. Barnes & Noble, Inc. (9th Cir. August 18, 2014). In Nguyen, the plaintiff ordered a tablet from Barnes & Noble at a discounted price but Barnes & Noble canceled his order. The plaintiff sued and Barnes & Noble moved to compel arbitration based on an arbitration clause included in its website’s browsewrap terms of use. The court held that Barnes & Noble’s terms could not bind the plaintiff, despite being presented through a “conspicuous” link during the checkout process, because Barnes & Noble did not prompt users to affirmatively assent to the terms.

Continue Reading Implementing and Enforcing Online Terms of Use

Website operators often take for granted the enforceability of their websites’ terms of service. In a recent order issued in a case from the Central District of California, Nguyen v. Barnes & Noble, Inc., Judge Josephine Tucker reminds us that such presumptions are not necessarily correct: terms of service that do not require an affirmative manifestation of assent from a website user may not always be upheld in court.

Many website operators, particularly Internet retailers and operators of ecommerce sites, use “clickwrap” (or “clickthrough”) agreements to govern use of their sites. With clickwrap agreements, the website operator typically presents its standard terms of use and then requires the user to click an “Accept” or “I Agree” button. By clicking the button, users affirmatively manifest their intent to be bound by the terms. Other website operators use “browsewrap” agreements—terms of agreement that are usually accessible through a hyperlink at the bottom of a web page. Although, as a practical matter, few people actually read them, browsewraps are also widely used.

Both clickwraps and browsewraps are contracts of adhesion in legal parlance. That is, they are contracts that are offered on a “take it or leave it” basis with no opportunity for negotiation. A user who does not wish to be bound by the proffered terms can click “Do Not Accept” or, for a browsewrap, simply leave the website. On the other hand, a user who is willing to be bound can indicate such assent by clicking “I Accept” or by continuing to browse the website. Reasonable people may disagree regarding whether these actions truly manifest a user’s assent to be bound by the relevant contract terms, but courts have frequently upheld the enforceability of both clickwrap and browsewrap terms of use (subject, of course, to the unconscionability concerns raised by any contract of adhesion). As discussed in the remainder of this article, however, browsewrap terms of use often encounter a greater degree of scrutiny from courts due to the lack of any affirmative acceptance by users.

The enforceability of browsewrap terms of use has been held to depend on whether a website user has knowledge—either actual or constructive—of the applicable terms, because users cannot agree to be bound by terms unless they know what those terms are. Courts considering browsewrap enforceability issues often grapple with the question of whether the defendant was given notice of the applicable terms sufficient to impute such knowledge. For example, in Register.com, Inc. v. Verio, Inc., the court determined that numerous and repeated queries by an automated software program were sufficient to show that Verio knew of, and was bound by, Register.com’s terms (although Verio had also admitted that it had actual knowledge of the terms). On the other hand, in Ticketmaster Corp. v. Tickets.com, Inc., on the other hand, the court held that a small link to terms of use that was visible only if the user scrolled down to the bottom of the web page was insufficient to establish notice. But, three years later, the same court (in the same case, no less) ruled that more prominent notice on the site’s home page was adequate notice. While a court’s determination of sufficient notice may vary in each case, it is clear that the more readily available and conspicuous browsewrap terms of use are, the more likely it is that a court will find that the user knew of, and was bound by, the terms.

That brings us to Nguyen v. Barnes & Noble, Inc. In Nguyen, the plaintiff’s claims arose from a Barnes & Noble promotion that offered computer tablets at a discounted price. Although Nguyen submitted an order to purchase a tablet at the promotional price, Barnes & Noble canceled his order the next day, citing an oversale of its tablet inventory. As a result, Nguyen alleged that he was “forced to rely on substitute tablet technology, which he subsequently purchased . . . [at] considerable expense.” In April 2012, Nguyen filed suit, alleging various consumer protection violations, including false advertising, unfair competition, and breach of contract, under California and New York law. Barnes & Noble then moved to compel arbitration based on an arbitration clause included in its website’s browsewrap terms of use. The question before the court was whether, given the existing facts, the arbitration clause was enforceable against Nguyen.

The court ultimately held that the arbitration clause was not enforceable because the terms of use agreement itself was not enforceable. According to Judge Tucker, Barnes & Noble’s website terms of use could not bind Nguyen because Barnes & Noble “did not position any notice even of the existence of its ‘Terms of Use’ in a location where website users would necessarily see it, and certainly did not give notice that those Terms of Use applied, except within the Terms of Use” (emphasis in original). Due to this lack of adequate notice, Nguyen did not know and, in Tucker’s view, should not necessarily have known of Barnes & Noble’s terms of use. Because Nguyen did not have knowledge of the terms, he could not be bound by them. Therefore, Barnes & Noble could not compel arbitration in its dispute with Nguyen.

In light of Nguyen and the other cases discussed above, website operators should consider using clickwraps that require affirmative acceptance where possible, rather than relying on browsewraps to enforce their terms of use. A simple click can be the difference between an agreement’s being found enforceable or not. For ecommerce sites or any site that requires registration prior to use, clickwraps are relatively easy to implement—for example, at the point of purchase or when the user registers—without negatively affecting the user experience. Best practices for clickwraps include presenting terms of service before payment, allowing for easy reading of all terms, allowing users to print or save a copy of the terms, offering a prominent option to decline the terms, providing an easy way for users to find the terms on the site at any time after payment or registration, and giving users notice of (and requiring users to accept) any updates and changes to the terms of use.

For other sites, including some social media sites, the story may differ. Many social media sites—for example, Pinterest, Twitter, and YouTube—allow users to access at least some content and functionality without registering. With sites such as these, there may be no real opportunity to obtain affirmative acceptance of terms of use without degrading the user experience, so a clickwrap is simply not a practical option. For operators of such websites, the most important lesson of Nguyen and the other cases discussed above is that the question of enforceability often turns on whether the user has sufficient notice of the terms of use. Thus, website operators can increase the likelihood that their terms of use will be enforced if links to such terms are prominently displayed, preferably “above the fold” so that a user will be able to see the link without scrolling down the page. As Nguyen and the other cases illustrate, an operator who places links to terms of use in a tiny font buried at the bottom of a page may be in for an unpleasant surprise if those terms ever need to be enforced.