In 2011, the Federal Trade Commission slapped Google and Facebook for violating their own privacy policies, forcing both to submit to years of privacy audits. In February, 2012 , the Obama administration issued a blueprint for a “Consumer Privacy Bill of Rights.” The FTC, the main government agency responsible for protecting privacy, called Monday for legislation that would give consumers access to information collected about them by data brokers similar to the rights they now have to review information amassed by credit reporting agencies.
The FTC’s report comes a little over a month after the White House released its privacy bill of rights that called on companies to be more transparent about privacy and grant consumers greater access to their data but that stopped short of backing an explicit “do not track” rule. The Federal Trade Commission’s 57-page privacy report consisted of a set of “best practices” that the Internet industry is expected to follow — or face sanctions. The report mirrors many of the provisions of the “Consumer Privacy Bill of Rights” released by the White House and represents the first serious efforts at striking a balance in online consumer privacy protection related to web usage.
Critics contend the framework is not as extensive as the White House Consumer Privacy Bill of Rights announced back in February. That already made provision for “Do Not Track” technology, with Google, Yahoo!, Microsoft and AOL – together responsible for almost 90-percent of behavioral advertising – already opting in. Privacy advocates have slammed the new” guidelines, arguing that the proposed system for ensuring online data security fails to take advantage of existing authority and relies too much on self-regulation of the online industry. The new framework “mistakenly endorses self-regulation and ‘notice and choice,’” the Electronic Privacy Information Center claims, ”and fails to explain why it has not used its current Section 5 authority to better safeguard the interests of consumers.”
It seems that every few months my clients get a raft of notices from very “official” sounding business, like “United States Trademark Protection Agency” seeking payment for services that appear to be necessary to maintain a trademark application or registration. As technology improves speed and efficiency, more of these opportunists are appearing.
U.S. Trademark Applications & Registrations are Public Records.
Filing an application for U.S. trademark registration makes certain information publicly available in the U.S. Trademark Office records. Several companies have been scraping these records and generating “official looking” notices and even invoices to unsuspecting companies. These notices appear strikingly similar to governmental agency communications and direct you to pay fees for registration, monitoring (keeping an eye out for applications similar to yours) and for filing with domestic or international lists, directories, etc.
MANY OF THESE ARE SCAMS.
Despite claims otherwise, the United States Trademark Protection Agency (USTPA) is NOT a governmental agency and the U.S. Trademark Office (USPTO) web site even showed a warning that the USTPA is NOT affiliated with the USPTO.
Some companies charge fees to be listed in their worldwide trademark registration directories. These are not official filings, their usefulness is limited and they have no legal effect.
Other companies hire non-legal administrators to do trademark filings without proper supervision or training. These companies can prove very costly due to filing problems. I hope you are not confused by such mailings. Often, if you are represented by counsel, the U.S. Patent & Trademark Officewill not send mailings directly to you, they will be sent to your attorney of record. While some of these companies offer legitimate services, you should seek advice from legal counsel before utilizing them. Some examples of these companies include the following:
US consumers are waking up to privacy issues related to smartphone use. About two-thirds of search engine users disapprove of the collection of information on their searches for the purpose of personalizing their future search results and an equal proportion of all internet users disapprove of being tracked for the purpose of getting targeted ads.
Interestingly, the two most popular smartphone platforms treat application data gathering differently. While Apple reviews prospective applications before launching them into its iPhone app store, Google’s open-source Android platform has no such system in place. But while the Android system runs each application separately and explicitly lists the services or data each application accesses, Apple’siPhone system treats all applications as equal and allows them to access many resources by default.
Until application developers and hardware makers start taking Privacy-By Design” seriously, users must pro-actively protect their privacy. If you have a smartphone and use it to download apps, there’s little you can do to completely lock down your personal information. But there are a number of precautions you can take to ensure minimal risk exposure.
So, here are seven basic basic smartphone privacy tips you can take to cut down on risks:
Don’t download apps form unknown sources. If you have not heard of an app, read its user reviews. Even better, look it up online and see what has been said about it.
When possible, opt out of information sharing capabilities.
Get acquainted with your phone’s GPS features. Most smartphones allow one to adjust which applications have access to GPS. Turn this feature off for all but the most essential of apps.
On Android: Before you download an app, check its user permissions. This should give you a breakdown of what information the app will access. Ask yourself if a simple game apps really needs to access the contact list?
For Android: If you’ve opted to “root” (obtain privileged access) your device, be wary of granting apps root access. Doing so grants them complete control over your phone.
For iPhone: If you have “jailbroken” (circumvented the proprietary programming restrixtions) your phone, be sure to change its root password. You can find guides online, or else get a trusted technician to do so for you.
If you are no longer using an app, uninstall it.
While there is no easy way to figure out which apps are the riskiest, paid apps tend to pass less data on than free ones. Remember, “free” content is usually monetized in other ways, most often by selling user data.
As our lives have become more digitally enmeshed with content, immersive entertainment and devices, the economic bargain that makes it possible has gone largely unnoticed. Simply put, the collection, analysis and sharing of personal data is driving the digital economy. Mobile applications (Apps), digital content and entertainment – from TV shows to games – are available for “free” but subsidized by income from online ads that are customized using data about customers. Vendors, advertisers and platforms compete for “eyeballs” based, in part, on the quality of the information they possess about users to whom the ads are targeted.
Across this interconnected landscape of users, content providers and devices, the issue of online privacy has become a major talking point for app developers, marketers, consumers and legislators. Recently, a wide range of stakeholders, from large institutions to smaller developers, have been accused of mishandling personal data. As the volume of public debate has increased, legislators have introduced a raft privacy initiatives. The Obama administration has called for a Privacy Bill of Rights, an industry consortium of leading web sites and search engines has proposed its own privacy best practices and the Electronic Frontier Foundation has published a consumer-oriented Mobile User Privacy Bill of Rights.
Part 1 of this article looks at several recent and high-profile revelations about how personal information is collected and used, often without the user’s knowledge and consent. Part 2 discusses the legal risks faced by vendors that don’t take adequate precautions to protect consumer privacy and Part 3 concludes with strategies and tactics that help leverage the power of personalization while avoiding the pitfalls of privacy and data security.
1. The current state of information gathering
The scope of personal information gathered is unprecedented and largely unknown. For years, “free” web-based content has been available because of the implicit compromise between content providers and content consumers. Advances in technology have made it easier to track a user’s web browsing habits, mobile browsing habits, and even real-time geospatial location (check in apps and GPS). In the last few months, we have learned that some apps not only gather this mostly non-personally-identifiable data, but also upload a user’s address book contacts and even photos.
On Wednesday Feb. 2012, software Developer Arun Thampi “outed” Path, the purveyor of a self-titled journaling app, for sending users’ address book contents to the company. Path lets users share what they’re doing with a select group of friends and gives users the option to find friends on the app through contacts or other social networks. Thampi disclosed the clandestine data transfer in a blog post after discovering that his phone’s entire address book, including full names and e-mail addresses, was being sent to Path without his explicit consent. According to Path, this data was necessary to in order to quickly notify users when people they know join Path.
Not too long ago, Google earned itself a similar PR (and legal) black eye when it launched its social network, Google Buzz, in 2010 through its Gmail web-based email product. At launch, users were not informed that the identity of individuals they emailed most frequently would be made public by default. Google Buzz automatically disclosed the email addresses of a user’s contacts by default. Google settled with the FTC over allegations that Google used deceptive practices and violated its own privacy policies.
On Feb 17 2012, WSJ reported that Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked. The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.
A major topic for discussion just this week is the “Target Snafu.” As originally reported in the New York Times, Target used customer data and predictive analytics to determine that one of their customers was pregnant, and even her specific trimester. The girl’s father learned of the pregnancy when the retailer emailed her promotional material and coupons.
It used to take days or even weeks to gather, synthesize and extrapolate data about a customer’s buying habits and receptiveness to particular products or services. Now it takes milliseconds. A targeted ad can be sourced and served in the time it takes to hit “refresh” on a web browser. Companies are using massive amounts of data to predict what their customers are going to want next. More importantly, gathering that data is getting easier, cheaper and more ubiquitous as the source of that data moves from the desktop to mobile devices.
So where is the middle ground between privacy and targeted advertising? Is it spying simply because the user doesn’t know what data is being collected even though the user accepted a broad and ambiguous Terms of Use agreement? Is knowingly contributing data without boundaries sufficiently transparent?
Intellectual property is often the most significant driver of value among a company’s assets. Therefore, it is increasingly important for companies to actively manage their intellectual property assets to identify, categorize, register and enforce IP assets while minimizing the possibility of legal disputes.
Whether acquiring technology, developing new products or taking stock of the company’s intangible assets, companies must develop ways to protect their assets better, determine ways to realize more revenue from such assets, and reduce risks of costly litigation.
Below are ten intellectual property management tips that will help Companies and their counsel identify and protect IP assets and address infringement issues, among other key steps.
1. Identify: Simply put, think about what patents,trademarksand copyrights you might have and categorize them appropriately. This includes ideas in development.
2. Organize: Once categorized, review the relevant creation and publication/use dates. Determineregistrationstatus. File necessary maintenance documents as appropriate and create calendar/docket future due dates for supplemental filings.
3. Monitor: Review the USPTO and Copyright office databases periodically to ensure no junior users may weaken your rights.
4. Conduct a USPTO “Basic Search”: Start your search here. Individual results pages will include direct links to the mark’s records in TARR (best way to check current status of application/mark), ASSIGN (best way to see if the mark has been assigned), TDR (best way to retrieve relevant documents), TTAB (search and review board proceedings).
5. Conduct a USPTO Document Search: Use this database to determine existence of and locate documents related to specific applications.
6. Conduct a Copyright.gov Search: This is the best place to start with any copyrightrelated questions. Includes searched for copies of registered works.
7. Google- search: Great secondary, broad-stroke search. Tends to return higher percentage of irrelevant results, but good at finding that needle-in-a-haystack type rip-off/con artist.
8. Create Google alerts: Use these to stay abreast of relevant changes in the database. Narrow alert criteria to specific keywords/phrases.
9. Conduct a State Trademark Databases Search: Don’t forget your own back yard. Search state databases for d/b/as, etc. (IL=cyberdriveillinois.com).
10. Ask you lawyer about specific concerns. Every situation is different and the only way to properly asses the risks/costs of any course of action is to discuss your matter with a competent attorney who practices in this area.
Seemingly overnight, Social media has moved from a business curiosity to an invaluable tool for customer engagement, brand positioning and employee empowerment. For example, social media use for 18-29 year olds has grown from 16% in 2005 to 89% in 2010. A recent survey, now in its third year, found that Social Media is imperative and effective to stand out in a crowded market: 88% of all marketers found that it helped increase exposure and 76% found that it increased traffic and subscriptions.
Faced with the rapid adoption of social media services and platforms, companies find themselves in a dilemma: move quickly to adapt to new technologies, or put policies in place that support marketing goals. Finding the right balance between taking appropriate business risks and minimizing legal ones is a dilemma shared by all businesses, and it can be particularly tricky in the rapidly changing realm of social media. A social media snafu could pull a business into a range of legal imbroglios, involving employment law, intellectual property rights, advertising, defamation, libel, antitrust, and privacy protection. What follows is a list of five common social media legal mistakes that businesses are making.
1. Your Company does not have a social media policy.
Social media is going through an evolution from social media to social business. Yet In the rush to avoid being left behind, some 79% of companies do not have social media policies in place. Companies and employees are becoming deep users of Twitter, LinkedIn, Facebook, blogs, private-label platforms, and the like. Absence of a policy has led to lawsuits over basic issues such as ownership of LinkedIn profiles and Twitter followers. Lack of a policy could also lead to awkward situations that require a response, but may not rise to the level of a legal quandary such as public criticism by a volunteer or advisor.
Having a social media policy cannot prevent the occurrence of unintended consequences. However, it can address most risks that businesses will face and provide an informal framework for addressing issues that will inevitably arise before they become full-fledged emergencies that require a legal solution.
2. Your Company’s social media policy is unenforceable.
Not surprisingly, one of the most active legal areas of social media for business has been in the context of Employer-Employee relations. In 2011, the U.S. Chamber of Commerce released a report stating that the National Labor Relations Board (NLRB) had received 129 cases involving social media. The majority of claims concerned overly-restrictive employer social media policies or employee discipline and even termination based on use of social media.
More recently, the NLRB released updated guidance discussing 14 such cases in particular. Significantly, the NLRB criticized five employers’ social media policies, as “unlawfully overly broad” (e.g., too restrictive). In four cases, an employee’s use of Facebook to complain about their employer was held to be “protected concerted activity.” The benefit for employers is that the report frames the discussion for the appropriate scope of an enforceable social media policy.
3. Your employees don’t understand your social media policy.
For companies who have drafted a social media policy, another risk is that the employees who are engaged in social media on behalf of the company or brand do not understand the policies. Training employees about what it is, how it works and what’s expected is just the beginning.
For example, Australian telecomm company Telstra is an excellent example of social media transparency. This 40,000+ employee company mandates social media training built around a manageable policy focused on “3Rs” – responsibility, respect and representation. To promote awareness and understanding, the comic book-styled policy answers simple questions like “what is Facebook?” and more complex issues like employer criticism on personal blogs. Taking it a step further, the company published their entire social media training guide online for others to study and critique.
4. Your privacy policy is out of date.
Back in the early days of the Internet “Gold Rush,” companies raced to create an online presence complete with ecommerce storefronts. Partly due to the length of time it took to get a web site up and partly due to the fear of risks associated with ecommerce, companies made sure to implement comprehensive Terms of Use and Privacy Policies. Many have not revisited those policies since.
The risks of an outdated privacy policy are twofold. First, it may be unenforceable for any number of reasons. For example, the company has changed the way it gathers and stores information about site visitors, has changed the platforms from which it gathers such data and potentially with whom it shares such data, even unwittingly.
More importantly, the dynamics of online usage and marketing have changed. The availability of GPS data and commonly used technologies for targeted advertising and related services pose new privacy risks such as leaking personally identifiable information including usernames, email addresses, first names, last names, physical addresses, phone numbers, and birthdays. A recent series of articles by the Wall Street Journal analyzed the tracking files installed on people’s computers by the 50 most popular U.S. websites, plus WSJ.com and found that some sites like dictionary.com had over 200 such tracking cookies.
Second, an outdated privacy policy may subject a business to scrutiny and even penalties from the Federal Trade Commission (FTC). On October 12, 2011 the FTC announced a settlement with a file-sharing application developer over allegations that it used deceptive default privacy settings, which would lead consumers to unintentionally and unknowingly share personal files from their mobile device or computer with the public.
5. Your Company is Not Engaging In The Conversation.
Lastly, social media enables instantaneous, ubiquitous, electronic social interaction using highly accessible and scalable publishing techniques. The platforms and services that enable this interaction also provide an unfettered medium for defamatory statements about individuals, disparaging remarks about a companies’ products and services and inaccurate or misleading remarks by over-enthusiastic employees.
The legal risk is that a company often does not control such conversations which can quickly spiral out of control. Many web sites and blogs allow comments and invite participation by unrelated third parties. Having a strategy for when, how, and why to engage is critical to mitigate the legal risks since this area of law is notoriously fact and circumstances dependent and varies by jurisdiction.
Contact Us For a Consultation.
Is your business making one of the mistakes described above? Do you want to learn how to use social media to market and communicate with existing and prospective clients and do so in a way that minimizes potential risks and pitfalls? Hopefully, the guidance outlined above can serve as a good starting point for discussions about how best to use social media as well as suggestions regarding factors that firms may wish to consider in strengthening their compliance and risk management programs. We invite you to contact us with comments and requests about how we can help you educate your employees, prevent fraud, monitor risk, and promote compliance. We can be reached at lsglegal.com, 866-734-256, @adlerlaw and dadler@lsglegal.com.
The past few years have witnessed an explosion of legal and regulatory activity involving social and other new media. This session will examine several key areas, including copyright, trademark and related intellectual property concerns; defamation, obscenity and related liability; false advertising and marketing restrictions; gaming; data privacy issues presented by social media; and impacts of social media on employees and the workplace. Attendees will learn how to identify legal risks and issues before they become full-scale emergencies and how to develop appropriate policies and guidelines covering social media activity.
The RSA® Conference 2012 is coming up: February 27 – March 2, 2012 at the Moscone cEnter in San Francisco, CA.
Can’t make the Conference? Listen to the podcast here to get a sense of what you need to know.
For those of us who try to immerse ourselves in technology and more recently, Social Media, the new “kid on the block” seems to be Pinterest. According to their site, “Pinterest lets you organize and share all the beautiful things you find on the web. People use pinboards to plan their weddings, decorate their homes, and organize their favorite recipes. Best of all, you can browse pinboards created by other people. Browsing pinboards is a fun way to discover new things and get inspiration from people who share your interests.”
Not surprisingly, Pinterest is receiving a lot of coverage on B2B and B2C blogs that provide guidance on the how and why Pinterest can be used by business. The next logical question for me is should Lawyers use Pinterest? if so, how?
Should Lawyers Use Pinterest?
The answer to the first question is simple: Yes, if it is useful to you. Pinterest is a social bulletin board allowing users to “pin”, or save, useful information. It leverages social networks and enables users to track, organize and share products or other content discovered online. The site allows users to subdivide content by category such as travel, books or food. Finally, axiomatic of all social media is the interaction, allowing friends to follow and view your boards and comment on the items that you’ve posted, or re-pin them on their own boards.
How Can Lawyers Use Pinterest?
The answer to the second question is less simple:
Image by stevegarfield via Flickr
Simply put, Pinterest is an image content curation site where one can create “boards” to which they can add images and comments around a common theme. What’s really interesting is that once one begins using Pinterest, this pen up a whole new way to dialogue with people. Users will “re-pin” your items and it creates an opportunity to contact the user and ask what it about your content that prompted them to re-pin it.
While I am still new to Pinterest, I see it as another valuable social media tool to engage and interact with people. My Pinterest page can be found here.
The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The proposedsettlement requires Facebook to take several steps to make sure it lives up to its promises in the future, including giving consumers clear and prominent notice and obtaining consumers’ express consent before their information is shared beyond the privacy settings they have established.
Image by London College of Fashion short courses via Flickr
On July 13, 2011, Congress once again took up the the so-called “Fashion Bill” a/k/a the “Innovative Design Protection and Piracy Prevention Act,” H.R. 2511 (“IDPPPA”). This version of the Bill would amend the Copyright Act to extend certain protections to fashion designs.
The major effect of the law would be the extension of design protection to fashion designs, by amending § 1301(a) to provide that “A fashion design is subject to protection under this chapter” and by amending § 1302(b) to include “an article of apparel” in the definition of “useful articles” subject to protection. The bill would make clear that for purposes of Chapter 13 a fashion design is the appearance as a whole of an article of apparel, including its ornamentation. The bill elaborates on what would constitute “apparel” for purposes of Chapter 13:
an article of men’s, women’s, or children’s clothing, including undergarments, outerwear, gloves, footwear, and headgear;
The term of protection for fashion designs would be only 3 years. Proponents of the legislation have explained that the purpose of the legislation is to protect designs of haute couture during the period of time in which such high-end clothing is sold at premium prices of thousands of dollars and to prevent others from marketing clothing with those designs at substantially lower prices during that initial period, thereby undercutting the market for a hot new fashion design. Because the peak demand for such designs is relatively short-lived, a 3-year term is considered adequate to satisfy the designer’s reasonable expectation of exclusivity.
Ping® by AdlerLaw A Legal Blog 