US consumers are waking up to privacy issues related to smartphone use. About two-thirds of search engine users disapprove of the collection of information on their searches for the purpose of personalizing their future search results and an equal proportion of all internet users disapprove of being tracked for the purpose of getting targeted ads.
Interestingly, the two most popular smartphone platforms treat application data gathering differently. While Apple reviews prospective applications before launching them into its iPhone app store, Google’s open-source Android platform has no such system in place. But while the Android system runs each application separately and explicitly lists the services or data each application accesses, Apple’siPhone system treats all applications as equal and allows them to access many resources by default.
Until application developers and hardware makers start taking Privacy-By Design” seriously, users must pro-actively protect their privacy. If you have a smartphone and use it to download apps, there’s little you can do to completely lock down your personal information. But there are a number of precautions you can take to ensure minimal risk exposure.
So, here are seven basic basic smartphone privacy tips you can take to cut down on risks:
Don’t download apps form unknown sources. If you have not heard of an app, read its user reviews. Even better, look it up online and see what has been said about it.
When possible, opt out of information sharing capabilities.
Get acquainted with your phone’s GPS features. Most smartphones allow one to adjust which applications have access to GPS. Turn this feature off for all but the most essential of apps.
On Android: Before you download an app, check its user permissions. This should give you a breakdown of what information the app will access. Ask yourself if a simple game apps really needs to access the contact list?
For Android: If you’ve opted to “root” (obtain privileged access) your device, be wary of granting apps root access. Doing so grants them complete control over your phone.
For iPhone: If you have “jailbroken” (circumvented the proprietary programming restrixtions) your phone, be sure to change its root password. You can find guides online, or else get a trusted technician to do so for you.
If you are no longer using an app, uninstall it.
While there is no easy way to figure out which apps are the riskiest, paid apps tend to pass less data on than free ones. Remember, “free” content is usually monetized in other ways, most often by selling user data.
Intellectual property is often the most significant driver of value among a company’s assets. Therefore, it is increasingly important for companies to actively manage their intellectual property assets to identify, categorize, register and enforce IP assets while minimizing the possibility of legal disputes.
Whether acquiring technology, developing new products or taking stock of the company’s intangible assets, companies must develop ways to protect their assets better, determine ways to realize more revenue from such assets, and reduce risks of costly litigation.
Below are ten intellectual property management tips that will help Companies and their counsel identify and protect IP assets and address infringement issues, among other key steps.
1. Identify: Simply put, think about what patents,trademarksand copyrights you might have and categorize them appropriately. This includes ideas in development.
2. Organize: Once categorized, review the relevant creation and publication/use dates. Determineregistrationstatus. File necessary maintenance documents as appropriate and create calendar/docket future due dates for supplemental filings.
3. Monitor: Review the USPTO and Copyright office databases periodically to ensure no junior users may weaken your rights.
4. Conduct a USPTO “Basic Search”: Start your search here. Individual results pages will include direct links to the mark’s records in TARR (best way to check current status of application/mark), ASSIGN (best way to see if the mark has been assigned), TDR (best way to retrieve relevant documents), TTAB (search and review board proceedings).
5. Conduct a USPTO Document Search: Use this database to determine existence of and locate documents related to specific applications.
6. Conduct a Copyright.gov Search: This is the best place to start with any copyrightrelated questions. Includes searched for copies of registered works.
7. Google- search: Great secondary, broad-stroke search. Tends to return higher percentage of irrelevant results, but good at finding that needle-in-a-haystack type rip-off/con artist.
8. Create Google alerts: Use these to stay abreast of relevant changes in the database. Narrow alert criteria to specific keywords/phrases.
9. Conduct a State Trademark Databases Search: Don’t forget your own back yard. Search state databases for d/b/as, etc. (IL=cyberdriveillinois.com).
10. Ask you lawyer about specific concerns. Every situation is different and the only way to properly asses the risks/costs of any course of action is to discuss your matter with a competent attorney who practices in this area.
The Telephone Consumer Protection Act (“TCPA”) is a federal law that governs for automatically dialed or prerecorded calls (so-called “robocalls”) and automated text messages. places limits on unsolicited prerecorded telemarketing calls to landline home telephones, and all autodialed or prerecorded calls to wireless numbers, emergency numbers, and patient rooms at health care facilities. The Federal Communications Commission (FCC) recently approved new rules to clarify the requirements
Whats’s New?
The FCC’s proposed rules will impose clearer obligations on the consent requirement for telemarketing calls and text message. Specifically, the rules make three significant changes. First is clarification about “written consent” which must be obtained in the form of 1) paper or through electronic means, including website forms, 2) a telephone keypress, or 3) a recording of oral consent.
Second, it removes the “established business relationship” exemption.
Lastly, the new rules allow one to opt out of receiving additional telemarketing robocalls immediately during a robocall through an automated menu.
What’s Not Changing?
The national Do-Not-Call list created under the TCPA by the FCC, along with the Federal Trade Commission (FTC) remains. To register a number, go to http://www.donotcall.gov.
How To File A Complaint
One can file a complaint with the FCC at https://esupport.fcc.gov/ccmsforms/form1088.action?form_type=1088C. While the FCC cannot award monetary or other damages to consumers, filing complaints allows the Commission to investigate violators. However, in some states you are allowed to file suits against telemarketers and receive monetary damages for violations of these rules.
Seemingly overnight, Social media has moved from a business curiosity to an invaluable tool for customer engagement, brand positioning and employee empowerment. For example, social media use for 18-29 year olds has grown from 16% in 2005 to 89% in 2010. A recent survey, now in its third year, found that Social Media is imperative and effective to stand out in a crowded market: 88% of all marketers found that it helped increase exposure and 76% found that it increased traffic and subscriptions.
Faced with the rapid adoption of social media services and platforms, companies find themselves in a dilemma: move quickly to adapt to new technologies, or put policies in place that support marketing goals. Finding the right balance between taking appropriate business risks and minimizing legal ones is a dilemma shared by all businesses, and it can be particularly tricky in the rapidly changing realm of social media. A social media snafu could pull a business into a range of legal imbroglios, involving employment law, intellectual property rights, advertising, defamation, libel, antitrust, and privacy protection. What follows is a list of five common social media legal mistakes that businesses are making.
1. Your Company does not have a social media policy.
Social media is going through an evolution from social media to social business. Yet In the rush to avoid being left behind, some 79% of companies do not have social media policies in place. Companies and employees are becoming deep users of Twitter, LinkedIn, Facebook, blogs, private-label platforms, and the like. Absence of a policy has led to lawsuits over basic issues such as ownership of LinkedIn profiles and Twitter followers. Lack of a policy could also lead to awkward situations that require a response, but may not rise to the level of a legal quandary such as public criticism by a volunteer or advisor.
Having a social media policy cannot prevent the occurrence of unintended consequences. However, it can address most risks that businesses will face and provide an informal framework for addressing issues that will inevitably arise before they become full-fledged emergencies that require a legal solution.
2. Your Company’s social media policy is unenforceable.
Not surprisingly, one of the most active legal areas of social media for business has been in the context of Employer-Employee relations. In 2011, the U.S. Chamber of Commerce released a report stating that the National Labor Relations Board (NLRB) had received 129 cases involving social media. The majority of claims concerned overly-restrictive employer social media policies or employee discipline and even termination based on use of social media.
More recently, the NLRB released updated guidance discussing 14 such cases in particular. Significantly, the NLRB criticized five employers’ social media policies, as “unlawfully overly broad” (e.g., too restrictive). In four cases, an employee’s use of Facebook to complain about their employer was held to be “protected concerted activity.” The benefit for employers is that the report frames the discussion for the appropriate scope of an enforceable social media policy.
3. Your employees don’t understand your social media policy.
For companies who have drafted a social media policy, another risk is that the employees who are engaged in social media on behalf of the company or brand do not understand the policies. Training employees about what it is, how it works and what’s expected is just the beginning.
For example, Australian telecomm company Telstra is an excellent example of social media transparency. This 40,000+ employee company mandates social media training built around a manageable policy focused on “3Rs” – responsibility, respect and representation. To promote awareness and understanding, the comic book-styled policy answers simple questions like “what is Facebook?” and more complex issues like employer criticism on personal blogs. Taking it a step further, the company published their entire social media training guide online for others to study and critique.
4. Your privacy policy is out of date.
Back in the early days of the Internet “Gold Rush,” companies raced to create an online presence complete with ecommerce storefronts. Partly due to the length of time it took to get a web site up and partly due to the fear of risks associated with ecommerce, companies made sure to implement comprehensive Terms of Use and Privacy Policies. Many have not revisited those policies since.
The risks of an outdated privacy policy are twofold. First, it may be unenforceable for any number of reasons. For example, the company has changed the way it gathers and stores information about site visitors, has changed the platforms from which it gathers such data and potentially with whom it shares such data, even unwittingly.
More importantly, the dynamics of online usage and marketing have changed. The availability of GPS data and commonly used technologies for targeted advertising and related services pose new privacy risks such as leaking personally identifiable information including usernames, email addresses, first names, last names, physical addresses, phone numbers, and birthdays. A recent series of articles by the Wall Street Journal analyzed the tracking files installed on people’s computers by the 50 most popular U.S. websites, plus WSJ.com and found that some sites like dictionary.com had over 200 such tracking cookies.
Second, an outdated privacy policy may subject a business to scrutiny and even penalties from the Federal Trade Commission (FTC). On October 12, 2011 the FTC announced a settlement with a file-sharing application developer over allegations that it used deceptive default privacy settings, which would lead consumers to unintentionally and unknowingly share personal files from their mobile device or computer with the public.
5. Your Company is Not Engaging In The Conversation.
Lastly, social media enables instantaneous, ubiquitous, electronic social interaction using highly accessible and scalable publishing techniques. The platforms and services that enable this interaction also provide an unfettered medium for defamatory statements about individuals, disparaging remarks about a companies’ products and services and inaccurate or misleading remarks by over-enthusiastic employees.
The legal risk is that a company often does not control such conversations which can quickly spiral out of control. Many web sites and blogs allow comments and invite participation by unrelated third parties. Having a strategy for when, how, and why to engage is critical to mitigate the legal risks since this area of law is notoriously fact and circumstances dependent and varies by jurisdiction.
Contact Us For a Consultation.
Is your business making one of the mistakes described above? Do you want to learn how to use social media to market and communicate with existing and prospective clients and do so in a way that minimizes potential risks and pitfalls? Hopefully, the guidance outlined above can serve as a good starting point for discussions about how best to use social media as well as suggestions regarding factors that firms may wish to consider in strengthening their compliance and risk management programs. We invite you to contact us with comments and requests about how we can help you educate your employees, prevent fraud, monitor risk, and promote compliance. We can be reached at lsglegal.com, 866-734-256, @adlerlaw and dadler@lsglegal.com.
For the past year and a half, I have been traveling to various conferences around the country to speak on Legal and Regulatory compliance in social media. In the beginning, case law and regulatory guidance was scarce and little information was available to provide businesses engaged in social media with a roadmap for Social Media Legal and Regulatory compliance. However, a lot has changed over the last year and a clear trend is emerging. Industry regulators are aware of the use – and abuse – of social media by their members. This article examines recent guidance provided by the Federal Trade Commission (FTC), the Food & Drug Administration (FDA), the National Labor Relations Board (NLRB), the Financial Industry Regulatory Authority (FINRA) and the Securities Exchange Commission (SEC).
Social Media in Marketing, Advertising & Commerce.
The FTC has a prime directive to protect consumers. In the social media sphere, the FTC has pursued this mandate by enforcing companies’ Terms of Use and privacy policies. In addition, the FTC has recently issued updated guidance for companies and individuals that review, promote, advertise or otherwise write about various products and services. In 2009, the FTC tackled its first social media case, an investigation involving Twitter. The focus of the FTC action was Twitter’s privacy policy that asserted A concern about safeguarding confidentiality of personally identifiable information and privacy settings designed to designate tweets as private.
The settlement, first announced in June 2010, resolved charges that Twitter deceived consumers and put their privacy at risk by failing to safeguard their personal information. Lapses in the Twitter’s data security allowed hackers to obtain unauthorized administrative control of Twitter, including both access to non-public user information and tweets that consumers had designated as private, and the ability to send out phony tweets from any account. Under the terms of the settlement, Twitter has hit ended and ongoing obligations concerning consumers and the extent to which it protects the security, privacy, and confidentiality of nonpublic consumer information, including the measures it takes to prevent unauthorized access to nonpublic information and honor the privacy choices made by consumers.
In a similar action, the FTC settled and investigation into Facebook,the leading social media platform/service. The social networking service agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The settlement requires Facebook to take several steps to make sure it lives up to its promises in the future, including giving consumers clear and prominent notice and obtaining consumers’ express consent before their information is shared beyond the privacy settings they have established.
As recently as January 10, 2012, the FTC reached a settlement with UPromise, Inc., stemming from charges that the company – a membership reward service – allegedly used a web-browser toolbar to collect consumers’ personal information, without adequately disclosing the extent of personal information collected. The FTC found that the toolbar was collecting the names of all websites visited by its users as well as information entered into web pages by those users, including user names, passwords, credit card numbers, social security numbers and other financial and/or sensitive data. Furthermore, this data was transmitted in unencrypted, clear text that could be intercepted or viewed by third parties in a WiFi environment. The result? UPromise had to destroy all data it collected under the “Personalized Offers” feature of its “TurboSaver” toolbar in addition to other obligations related to data collection practices and consent to collection of personal information.
Other Industry Guidance.
In October 2009, the Federal Trade Commission released it’s updated “FTC’s Guides Concerning the Use of Endorsements and Testimonials in Advertising.” The updated Guides contain two notable areas of concern for marketers. First, the Guides removed the safe harbor for advertisements featuring a consumer’s experience with a product or service, the so-called “results not typical” disclosure. Second, the FTC Guides underscored the longstanding principle of disclosing “material connections” between advertisers and the consumers, experts, organizations, and celebrities providing reviews and endorsements of products and services.
For concise guidance on when, how and what to disclose, see my article here.
Social Media in the Healthcare & Pharmaceutical Industries.
Like other consumer-oriented industries, Pharmaceutical and Biotech firms are rapidly expanding their presence online. This growth over the past several years has not gone unnoticed as evidenced by FDA Warning Letters targeting marketing campaigns “broadcast” via websites and social media platforms. The FDA also provides more general guidance for the industry. Policy and guidance development for promotion of FDA-regulated medical products using the Internet and social media tools are available in the FDA’s Consumer-Directed Broadcast Advertisements Questions and Answers. While this document provides clear direction for traditional media broadcasting , it only skims the surface regarding web content.
Social Media in the Workplace.
Probably no other federal agency has been as active as the NLRB in recent months. The NLRB has a mandate to protect employees rights to organize and discuss working conditions without fear of reprisals from employers. On August 8, 2011, the Associate General Counsel for the NLRB released a memo entitled “Report of the Acting General Counsel Concerning Social Media Cases.The report began by analyzing a case of first impression: whether an Employer unlawfully discharged five employees who had posted comments on Facebook relating to allegations of poor job performance previously expressed by one of their coworkers.
On January 25, 2012, the NLRB released a second report describing social media cases handled by the NLRB. The “Operations Management Memo” available here, covers 14 cases, half of which involve questions about employer social media policies. Five of those policies were found to be unlawfully broad, one was lawful, and one was found to be lawful after it was revised.
The remaining cases involved discharges of employees after they posted comments to Facebook. Several discharges were found to be unlawful because they flowed from unlawful policies. But in one case, the discharge was upheld despite an unlawful policy because the employee’s posting was not work-related. The report underscores two main points made in an earlier compilation of cases: 1) policies should not sweep so broadly that they prohibit the kinds of activity protected by federal labor law, such as the discussion of wages or working conditions among employees; and 2) an employee’s comments on social media are generally not protected if they are mere gripes not made in relation to group activity among employees.
Social Media and the Financial Services Industry.
From the Madoff scandal, to the Occupy Wall Street Movement, to Mitt Romney’s tax returns, the financial services sector is accustomed to the scrutiny and ire of the public and government regulators. Therefore it is no surprise that on January 4, 2012, the SEC’s Office of Compliance Inspections and Examinations, in coordination with other SEC staff, including in the Division of Enforcement’s Asset Management Unit and the Division of Investment Management, issued its “Investment Adviser Use of Social Media” paper. The paper begins by observing that although “many firms have policies and procedures within their compliance programs” governing use of social media” there is wide “variation in the form and substance of the policies and procedures.” The staff noted that many firms have multiple overlapping procedures that apply to advertisements, client communications or electronic communications generally, which may or may not specifically include social media use. Such lack of specificity may cause confusion as to what procedures or standards apply to social media use.
The SEC paper suggests that the following factors are relevant to determining the effectiveness of a Social Media compliance program:
Usage Guidelines
Content Standards
Monitoring
Frequency of Monitoring
Approval of Content
Firm Resources
Criteria for Approving Participation
Training
Certification
Functionality of web sites and updates thereto
Personal/Professional sites
Information security
Enterprise-wide web site content cross collateralization
Similarly, the Financial Industry Regulatory Authority (FINRA) has issued guidance for secutires brokerage firms. According to its web site, FINRA “is the largest independent regulator for all securities firms doing business in the United States.” FINRA protects American investors by ensuring fairness and honesty in the securities industry. In January 2010, FINRA issued Regulatory Notice 10-06, providing guidance on the application of FINRA rules governing communications with the public to social media sites and reminding firms of the recordkeeping, suitability, supervision and content requirements for such communications. Since its publication, firms have raised additional questions regarding the application of the rules. Key take aways from FINRA’s guidance include the flowing:
Brokerages have supervisory and record keeping obligations based on the content of the communications – whether it is business related – and not the media
Broker-dealers must track and supervise messages that deal with business
Firms must have systems in place to supervise and retain interactions with customers, if they are made through personal mobile devices
A broker must get approval from the firm if she mentions her employer on a social media site
Pre-approval for instant messages, also known as “unscripted interactions’ in legalese, is not necessary as long as supervisors are informed after the fact
Conclusion.
Many professionals in regulated industries are eager to leverage social media to market and communicate with existing and prospective clients and to increase their visibility. However, participants must ensure compliance with all of the regulatory requirements and awareness of the risks associated with using various forms of social media. Hopefully, the guidance outlined above can serve as a good starting point for discussions about how best to use of social media as well as suggestions regarding factors that firms may wish to consider is helpful to firms in strengthening their compliance and risk management programs. We invite you to contact us with comments and requests about how we can help you educate your employees, prevent fraud, monitor risk, and promote compliance. We can be reached at lsglegal.com, 866-734-256, @adlerlaw and dadler@lsglegal.com.
For those of us who try to immerse ourselves in technology and more recently, Social Media, the new “kid on the block” seems to be Pinterest. According to their site, “Pinterest lets you organize and share all the beautiful things you find on the web. People use pinboards to plan their weddings, decorate their homes, and organize their favorite recipes. Best of all, you can browse pinboards created by other people. Browsing pinboards is a fun way to discover new things and get inspiration from people who share your interests.”
Not surprisingly, Pinterest is receiving a lot of coverage on B2B and B2C blogs that provide guidance on the how and why Pinterest can be used by business. The next logical question for me is should Lawyers use Pinterest? if so, how?
Should Lawyers Use Pinterest?
The answer to the first question is simple: Yes, if it is useful to you. Pinterest is a social bulletin board allowing users to “pin”, or save, useful information. It leverages social networks and enables users to track, organize and share products or other content discovered online. The site allows users to subdivide content by category such as travel, books or food. Finally, axiomatic of all social media is the interaction, allowing friends to follow and view your boards and comment on the items that you’ve posted, or re-pin them on their own boards.
How Can Lawyers Use Pinterest?
The answer to the second question is less simple:
Image by stevegarfield via Flickr
Simply put, Pinterest is an image content curation site where one can create “boards” to which they can add images and comments around a common theme. What’s really interesting is that once one begins using Pinterest, this pen up a whole new way to dialogue with people. Users will “re-pin” your items and it creates an opportunity to contact the user and ask what it about your content that prompted them to re-pin it.
While I am still new to Pinterest, I see it as another valuable social media tool to engage and interact with people. My Pinterest page can be found here.
The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The proposedsettlement requires Facebook to take several steps to make sure it lives up to its promises in the future, including giving consumers clear and prominent notice and obtaining consumers’ express consent before their information is shared beyond the privacy settings they have established.
Notice of Proposed Rule, 76 Fed. Reg. 40,839, issued by the United States Patent and Trademark Office (USPTO) on July 12, 2011 addresses “proof” that a mark is in use. Specifically, the proposed rules address issues related to the USPTO’s ability to verify the accuracy of the identification of goods and services by allowing the USPTO to require additional proof of use of a mark.
The proposed rules allow the USPTO to require (1) additional “information, exhibits, and affidavits or declarations deemed reasonably necessary to examine” renewal applications and declarations of use, and (2) “more than one specimen in connection with a use-based trademark application, an allegation of use, an amendment to a registered mark, or an affidavit or declaration of continued use.” According to the USPTO, the proposed rules “will facilitate an assessment of the reliability of the trademark register . . . so that the USPTO and stakeholders may determine whether and to what extent a general problem may exist and consider measures to address it, if necessary.”
Although the USPTO indicates that the requirements will not be widely implemented, members of the trademark bar have expressed concerns that the circumstances under which the USPTO may require additional specimens and/or evidence are unclear and that such requests may affect filing deadlines.
In Ardis Health, LLC et al v. Nankivell, Plaintiffs, a group of closely affiliated online marketing companies hired Defendant as their Video and Social MediaProducer to produce videos and maintain websites, blogs, and social media pages. Defendant’s responsibilities included maintaining passwords and other login information for websites, email accounts, and social media accounts, as well as for third-party servers where plaintiffs stored content.
Defendant signed an agreement governing the creation of work product, stating that all work created or developed by defendant “shall be the sole and exclusive property of [Plainitffs], in whatever stage of development or completion,” and that it “will be prepared as ‘work-for-hire’ within the meaning of the Copyright Act of 1976.” The agreement also provides that defendant must return all confidential information to CYC upon request, and that “actual or threatened breach of [the agreement] will cause CYC irreparable injury and damage.”
Although Plaintiffs provided some equipment, Defendant also used her own computer and video equipment on occasion, and Plaintiffs provided her with a used laptop as a replacement when Defendant’s crashed. At some point, the parties began to develop a social media website for cosmetic products. They later had a falling out, Defendant was terminated and Plaintiffs requested the return of the laptop as well as the social media account access information. Defendant declined to return the computer and information.
The court granted Plaintiffs’ motion for a preliminary injunction, requiring defendant to return plaintiffs’ login information for the various websites, although the court did not order return of the laptop or that Defendant refrain from using Plaintiffs’ proprietary content and trademarked or copyrighted works on the newly-created social media web site.
On August 8, 2011, Anne Purcell, the Associate General Counsel for the NLRB released a memo entitled “Report of the Acting General Counsel Concerning Social Media Cases.” The report details recent case developments arising in the context of social media. These recent cases grappled with emerging issues concerning the protected and/or concerted nature of employees Facebook and Twitter postings, the coercive impact of a union’s Facebook and YouTube postings, and the lawfulness of employers’ social media policies and rules.
The NLRB has a mandate to protect employees rights to organize and discuss working conditions without fear of reprisals from employers. The report began by analyzing a case of first impression: whether an Employer unlawfully discharged five employees who had posted comments on Facebook relating to allegations of poor job performance previously expressed by one of their coworkers.
The discussion was conducted through Facebook by coworkers about job performance and staffing level issues. The NLRB found the Facebook discussion was a “textbook” example of protected activity, even though it transpired on a social network platform.
The take away for Employers is that most, if not all, job related social media discussions are protected. Employers must think twice before: (1) dismissing employees for discussing workplace “responsibilities and performance” on the Internet; (2) disciplining employees for “liking” a Facebook comment that is critical of the workplace or employer; and (3) disciplining employees when offline workplace complaints and conversations migrate online via one or more social media posts.
Ping® by AdlerLaw A Legal Blog 