Companies that offer services, whether online or offline, to consumers on a subscription or other automatic renewal basis should be aware that such offers are heavily regulated at both the federal and state levels. A recent amendment to Section 17602 of California’s Business and Professions Code provides a good opportunity for businesses that make subscription offers to review their practices. As of July 1, 2018, the obligations under California law will expand in two ways that may require businesses to update those practices.

The first change relates to the information that businesses must provide to consumers regarding the terms of a subscription offer. The current law already requires a business to provide certain information about the renewal process—such as the amount of the recurring charges, the length of the renewal period, and the cancellation policy—both before the consumer accepts the agreement, and afterwards in an acknowledgement. The amendment provides that, as of July 1, 2018, if the offer includes any free trial or gift component, the information provided to consumers must also include a “clear and conspicuous explanation of the price that will be charged after the trial ends or the manner in which the subscription or purchasing agreement pricing will change upon conclusion of the trial.” Continue Reading Amended California Law Expands Requirements for Consumer Subscriptions

As Socially Aware readers know, social media is transforming the way companies interact with consumers. Learn how to make the most of these online opportunities while minimizing your company’s legal risks at Practising Law Institute’s (PLI) 2018 Social Media conference, to be held in San Francisco on Thursday, February 1st, and in New York City on Wednesday, February 14th; both events will be webcasted. The conference will be chaired by Socially Aware co-editor John Delaney, and our other co-editor, Aaron Rubin, will also be presenting at the event.

Topics to be addressed will include:

  • The new business opportunities—and legal risks—that social media is providing for businesses
  • What every company should know about online contractual eco-systems
  • How to avoid running afoul of the law when employing social media influencers and using marketing tools like user-generated content, hashtags and native advertising online
  • The privacy-related developments that have arisen in connection with geo-location tracking and interest-based advertising
  • How to minimize the risks that accompany social media use in the workplace

In addition, an in-house panel will provide creative solutions to real-world social-media-related issues and address emerging social media trends.

Don’t miss this opportunity to get up-to-date information on the fast-breaking developments in the critical area of social media so that you can most effectively meet the needs of your clients.

For more information or to register, please visit PLI’s website here. We hope to see you there!

“My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw,” wrote a tech blogger who purchased Google Inc.’s latest internet of things (IoT) device. Following the incident, a pact of consumer advocacy groups insisted the U.S. Consumer Product Safety Commission (CPSC) recall the Google smart speaker due to privacy concerns arising when the device recorded all audio without voice command prompts.

The CPSC is charged with protecting consumers from products that pose potential hazards. Traditionally, this has meant hazards that may cause physical injury or property damage. But as internet-connected household products continue to proliferate, issues like the “always-on” Google Home Mini raise an important question: Where does cybersecurity of consumer IoT devices fit within the current legal framework governing consumer products?

The Explosion of IoT

Forecasts predict that by 2020 IoT devices will account for 24 billion of the 34 billion devices connected to the internet. According to a recent Gemalto survey, “[a] hacker controlling IoT devices is the most common concern for consumers (65%), while six in ten (60%) worry about their data being stolen.”

The rapid growth of the IoT market and continued integration into daily life raises the question of which regulatory body or bodies, if any, should be responsible for consumer safety when it comes to cybersecurity for consumer IoT devices.

The Intersection of Consumer Product Safety, Privacy and Cybersecurity

The CPSC’s jurisdiction has traditionally been limited to physical injury and property damage. It is “charged with protecting the public from unreasonable risks of injury or death associated with the use of the thousands of types of consumer products under the agency’s jurisdiction.” Continue Reading Connected Devices Bring New Product Liability Challenges

Happy 2018 to our readers! It has become a Socially Aware tradition to start the New Year with some predictions from our editors and contributors. With smart contracts on the horizon, the Internet of Things and cryptocurrencies in the spotlight, and a number of closely watched lawsuits moving toward resolution, 2018 promises to be an exciting year in the world of emerging technology and Internet law.

Here are some of our predictions regarding tech-related legal developments over the next twelve months. As always, the views expressed are not to be attributed to Morrison & Foerster or its clients.

From John Delaney, Co-Founder and Co-Editor, Socially Aware, and Partner at Morrison & Foerster:
Regarding Web Scraping

Web scraping is an increasingly common activity among businesses (by one estimate, web-scraping bots account for as much as 46% of Internet traffic), and is helping to fuel the “Big Data” revolution. Despite the growing popularity of web scraping, courts have been generally unsympathetic to web scrapers. Last August, however, web scrapers finally received a huge victory, as the U.S. District Court for the Northern District of California enjoined LinkedIn from blocking hiQ Labs’ scraping of publicly available user profiles from the LinkedIn website in the hiQ Labs, Inc. v. LinkedIn Corp. litigation. The case is now on appeal to the Ninth Circuit; although my sense is that the Ninth Circuit will reject the broad scope and rationale of the lower court’s ruling, if the Ninth Circuit nevertheless ultimately sides with hiQ Labs, the web scraper, the decision could be a game changer, bringing online scraping out of the shadows and perhaps spurring more aggressive uses of scraping tools and scraped data. On the other hand, if the Ninth Circuit reverses, we may see companies reexamining and perhaps curtailing their scraping initiatives. Either way, 2018 promises to bring greater clarity to this murky area of the law.

Regarding the Growing Challenges for Social Media Platforms

2017 was a tough year for social media platforms. After years of positive press, immense consumer goodwill and a generally “hands off” attitude from regulators, last year saw a growing backlash against social media due to a number of reasons: the continued rise of trolling creating an ever-more toxic online environment; criticism of social media’s role in the dissemination of fake news; the growing concern over social media “filter bubbles” and “echo chambers”; and worries about the potential societal impact of social media’s algorithm-driven effectiveness in attracting and keeping a grip on our attention. Expect to see in 2018 further efforts by social media companies to get out ahead of most if not all of these issues, in the hopes of winning over critics and discouraging greater governmental regulation.

Regarding the DMCA Safe Harbor for Hosting of User-Generated Content

The backlash against social media noted in my prior item may also be reflected to some extent in several 2017 court decisions regarding the DMCA safe harbor shielding website operators and other online service providers from copyright damages in connection with user-generated content (and perhaps in the CDA Section 230 case law discussed by Aaron Rubin below). After nearly two decades of court decisions generally taking an ever more expansive approach to this particular DMCA safe harbor, the pendulum begun to swing in the other direction in 2016, and this trend picked up steam in 2017, culminating in the Ninth Circuit’s Mavrix decision, which found an social media platform provider’s use of volunteer curators to review user posts to deprive the provider of DMCA safe harbor protection. Expect to see the pendulum continue to swing in favor of copyright owners in DMCA safe harbor decisions over the coming year.

Regarding Smart Contracts

Expect to see broader, mainstream adoption of “smart contracts,” especially in the B2B context—and perhaps litigation over smart contracts in 2019 . . . .

From Aaron Rubin, Co-Editor, Socially Aware, and Partner at Morrison & Foerster:
Regarding the CDA Section 230 Safe Harbor

We noted previously that 2016 was a particularly rough year for Section 230 of the Communications Decency Act and the immunity that the statute provides website operators against liability arising from third-party or user-generated content. Now that 2017 is in the rear view mirror, Section 230 is still standing but its future remains imperiled. We have seen evidence of Section 230’s resiliency in recent cases where courts rejected plaintiffs’ creative attempts to find chinks in the immunity’s armor by arguing, for example, that websites lose immunity when they use data analytics to direct users to content, or when they fail to warn users of potential dangers, or when they share ad revenue with content developers. Nonetheless, it is clear that the knives are still out for Section 230, including in Congress, where a number of bills are under consideration that would significantly limit the safe harbor in the name of combatting sex trafficking. I predict that 2018 will only see these efforts to rein in Section 230 increase. Continue Reading 2018: Predictions From Socially Aware’s Editors and Contributors

The government in Indonesia has warned the world’s biggest social media providers that they risk being banned in that country if they don’t block pornography and other content deemed obscene.

A member of the House of Lords has proposed an amendment to the U.K.’s data protection bill that would subject technology companies to “minimum standards of age-appropriate design” such as not revealing the GPS locations of users younger than 16.

A bill in Wisconsin would make impersonating someone on social media a misdemeanor.

Google’s general counsel wrote a blog post arguing that two new cases over right-to-be-forgotten requests and pending before the European Union’s top court put the search-engine company at risk of “restricting access to lawful and valuable information.”

Trucking is a $700 billion industry that stands to save billions from automation,  and will likely get self-driving vehicles on the road sooner than most people expected.

Social media platforms are often used to prey on potential sex trafficking victims, according to one FBI special agent.

A recent study shows that searching for information from unofficial sources on social media during a crisis is likely to result in the spread of misinformation and anxiety. Researchers recommend that, to quash rumors, emergency management officials should stay in regular contact with people even if they don’t have any new information.

This piece in Slate invites readers to imagine what the Internet would look like today if not for the passage of Section 230 of the Communications Decency Act, a statute that “says that in general, websites are not responsible for the things their users do or post.”

An op-ed in USA Today compares to swift spread of infectious diseases that resulted from the concentration of populations in urban areas to the swift spread of ideas that accompanied the invention of the Internet, and concludes that traditional training in critical thinking is as necessary to survive the latter as nutrition was to survive the former.

By allowing companies to provide consumers with verifiable information about things like their diversity-driven hiring practices and their products’ supply chains, blockchain is going to change the marketing industry significantly, the American Marketing Association reports.

A high school senior who was bullied in middle school created Sit With Us, the phone-based anti-bullying app that helps kids find a welcoming place to eat in their school cafeteria.

The U.S. Supreme Court on Oct. 16, 2017, announced it had granted the government’s petition for certiorari in United States v. Microsoft and will hear a case this Term that could have lasting implications for how technology companies interact with the U.S government and governments overseas. At issue is a consequential Second Circuit decision from last year that held that warrants issued under the Stored Communications Act (SCA) do not reach emails and other user data stored overseas by a U.S. provider.

While no federal appellate court besides the Second Circuit has squarely addressed the issue, multiple district courts outside the Second Circuit have declined to follow the Second Circuit’s reasoning in similar fact patterns involving other technology giants. The result is that U.S. law enforcement has different authority to access foreign-stored user data depending on where in the United States a warrant application is made. Google, for example, has expended significant resources to develop new tools to determine the geographic location of its users’ data so as to be in accord with the Second Circuit’s approach. Yet the company currently faces a hearing on sanctions for its alleged willful noncompliance with law enforcement requests in the Ninth Circuit based on a district court ruling that parted ways with the Second Circuit.

Continue Reading SCOTUS to Resolve Lower-Court Dispute Over U.S. Warrants Seeking Foreign-Stored User Data

With much fanfare, the Federal Trade Commission (FTC) continues to take actions relating to so-called “social media influencers” who allegedly fail to disclose material connections to the products or brands they endorse. Recurring enforcement actions and guidance—and the FTC’s ongoing promotion of its own efforts, such as through Twitter chats—make it clear that the FTC believes that its message has still not been heard by all of the players in this advertising ecosystem, including influencers themselves.

In short, any endorsements in any medium where the endorser has a material connection of any kind to the endorsed advertiser must be disclosed.

The most recent developments include an enforcement action against a company—and two of its officers—in connection with endorsements of the company made by the officers in YouTube videos and in social media.  Before turning to this case, however, we provide a brief overview of how the FTC has gotten here. Continue Reading Brands Beware: FTC Continues Campaign on Social Media Influencer Disclosures

As part of a new tracking system, the Department of Homeland Security will be keeping records of immigrants’ social media handles and search results.

Russia to Facebook: Turn over user-information or risk being blocked.

Google is ending a policy that required news sites to allow users at least one free article-click.

A new social media platform called Steemit will pay users in cryptocurrency for posting, commenting, or liking content—and its market capitalization is around $294 million.

Not everyone is a fan of Twitter’s new 280-character limit.

A type of biometric payment system that identifies a checking or credit account owner based on the unique vein-pattern in his or her fingertip would allow consumers to shop without cash, cards or devices.

Initial coin offerings (ICOs) are allowing startups that develop applications for blockchain technology to raise money without giving up the equity or decision-making power they would have to surrender to venture capitalists.

In this Wired op-ed, a former prisoner argues that allowing inmates controlled social media use might reduce recidivism and help the cell phone contraband problem.

Young kids are the new social media celebrities—and the law isn’t clear on whether they’re owed any of the money that their parents collect as a result of the viral videos.

When a social media celebrity famous for posting photos of herself posing in fitness gear changed the direction of her Instagram account to one that promotes body acceptance, she initially lost 70,000 followers, but she ultimately wound up with more fans than ever.

Kudos to Netflix’s in-house counsel for crafting a cease-and-desist letter for brand marketing in the modern age.

In 2016, brands spent $570 million on social influencer endorsements on Instagram alone. This recode article takes a looks at how much influencers with certain followings can command, and whether they’re worth the investment.

And don’t overlook the legal issues associated with the use of social media influencers; the FTC just settled its first complaint against social media influencers individually. The case involved two online gamers who posted videos of themselves promoting a gaming site that they failed to disclose they jointly owned.

In a precedent setting opinion, the European Court of Human Rights held that the right to privacy of a Romanian man, Bogdan Bărbulescu, was violated when Bărbulescu’s employer, without explicitly notifying Bărbulescu, read personal messages that Bărbulescu sent from an online account that Bărbulescu had been asked to set up for work purposes.

In other European news, the attorney general for England and Wales, Jeremy Wright, MP, has begun an inquiry into whether that jurisdiction needs to impose restrictions on social media in order to help ensure criminal defendants there get a fair trial.

More than half of Americans 50 or older now get their news from social media sites, Pew Research Center’s 2017 social media survey shows.

Celebrities who promote initial coin offerings (ICOs) on social media risk violating laws that apply to the public promotion of securities.

Facebook developed an artificial intelligence robot that can express emotion by making realistic facial expressions at appropriate times.

A college student has sued Snapchat and the Daily Mail for alleged defamation and invasion of privacy arising from the use of the student’s name and image on Discover, Snapchat’s social news feature, under the headline, “Sex, Drugs and Spring Break—College Students Descent on Miami to Party in Oceans of Booze and Haze of Pot Smoke.”

Is the threat of artificial intelligence disrupting a slew of industries less imminent than we thought?

Google created a website that uses fun illustrations to show which “how to” queries its users entered into the search engine most.

The popularity of online videos that viewers can appreciate with the sound turned off has led to striking similarities between early silent film and modern social video.

The number of consumers using multiple devices—from smartphones to tablets to laptop computers—has exploded in recent years and continues to grow globally. Companies are increasingly turning to new technologies in an attempt to ascertain that multiple devices are connected to the same person for a variety of purposes, such as preventing fraud, providing a more seamless user experience, and more effectively reaching their target audience. While such cross-device tracking provides a number of benefits, it also raises privacy concerns that have drawn increased regulatory scrutiny in the last few years.

Join Socially Aware contributors Julie O’Neill and Alja Poler De Zwart on Wednesday, Oct. 11, from 11:00 am until 12:00 pm ET for a practical, multijurisdictional look at cross-device tracking and best practices that companies can employ to achieve maximum commercial advantage while mitigating privacy risks. Topics that will be addressed include:

  • An overview of various cross-device tracking technologies and how they are used;
  • The privacy issues that cross-device tracking implicates and how to avoid common pitfalls;
  • Essential features of a compliant digital advertising program; and Recent U.S. and EU regulatory activity and trends, including self-regulatory guidance.

Register now.  There is no charge to attend the webinar.