Ping® by AdlerLaw A Legal Blog
Blog for technology / startup-focused news, articles and resources.
Law360, New York (September 11, 2015, 4:57 PM ET) — Some attorneys have figured out how to use their Twitter accounts to build their personal brand and network with peers and prospective clients, while also pumping out tweet after tweet of legal insight and hilarious anecdotes. The full article is available here.
My latest Article in the Illinois Bar Journal entitled – Getting Smart about Smart-Device #Privacy, discusses wide range of legal and regulatory issues around privacy and security affecting the “Internet of Things.” This overview identifies risks and suggests some best practices for addressing privacy and security issues raised by IoT devices.
Illinois Bar Journal April 2016 • Volume 104 • Number 4 • Page 48
Full article available here.
In case you missed it, Ken Dort at Drinker Biddle held a discussion covering high points of the EU/US Privacy Shield. Talking points covered:
1. Application Overview
2. Certification Issues
3. Privacy Shield Principles and Supplemental Principles
4. Implementation Timelines (Expected)
5. Best Practices Going Forward Pending Implementation
The draft EU-U.S. Privacy Shield “adequacy decision” includes the Privacy Shield Principles companies must follow. Suggested Best Practices for compliance with EU-U.S. Privacy Shield Principles include: evaluating disclosures about data collection and use to determine whether they are sufficiently clear and evident to consumers, and 2) giving strong consideration for implementation of a formal opt-in mechanism. European government trade regulators are concerned about whether consumers are being sufficiently informed about the nature and scale of data collection.
Ken graciously provided this great list of resources for the discussion:
* Full text of the Privacy Shield can be found here.
* European Commission draft adequacy decision can be found here.
* Department of Commerce Fact Sheet can be found here.
* European Commission Fact Sheet can be found here.
* European Commission FAQs can be found here.
* European Commission statement on the Privacy Shield text can be found here.
* Article 29 Working Party statement on the Privacy Shield can be found here.
As part of Adler Law Group’s Privacy & Information Security Practice, we continue to follow the developments in this area. We can help you review, enhance and adopt standardized contracts and implement methodologies for approaching these challenges by setting objectives, determining scope, allocating resources, and developing agreements that will efficiently and effective manage risks.
Very good discussion of the technical issues behind the privacy issues.
Earlier today, a federal judge ordered Apple to comply with the FBI’s request for technical assistance in the recovery of the San Bernadino gunmen’s iPhone 5C. Since then, many have argued whether these requests from the FBI are technically feasible given the support for strong encryption on iOS devices. Based on my initial reading of the request and my knowledge of the iOS platform, I believe all of the FBI’s requests are technically feasible.
In a search after the shooting, the FBI discovered an iPhone belonging to one of the attackers. The iPhone is the property of the San Bernardino County Department of Public Health where the attacker worked and the FBI has permission to search it. However, the FBI has been unable, so far, to guess the passcode to unlock it. In iOS devices, nearly all important files are encrypted with a combination of the
View original post 1,662 more words
A recent article by Alexis Kramer, Legal Editor for Bloomberg BNA’s Electronic Commerce & Law Report, examines the nature of social media platform messenger applications and the move into e-commerce. This shift raises the implications for policing counterfeit goods and enforcement of online purchases.
The article entitled “E-Commerce May Come to Messaging Apps; Watch for Counterfeits and Contract Issues” highlights that “[b]uying and selling goods through messenger apps” … “is definitely the future of mobile.”
David M. Adler was interviewed for the article for insight around ecommerce legal issues, which include intellectual property and contractual issues, that arise when consumers transact business through messenger apps. Many of these issues were identified in his article Pinterest “Buyable Pins” And Ecommerce Liability.
The legal risks and issues vary widely depending on industry and product/service mix and encompass many interrelated areas of the law. Specifically, Adler inditified five main areas of concern for ecommerce, especially on mobile devices and/or through messenger apps:
Facebook, WeChat, Instagram, Snapchat, Twitter and other social networks already allow users to send payments to one another through private messages. New tools such as the Pinterest “Buy Now” pin, and Twitter’s direct messages, facilitate commercial transactions with consumers.
As the article notes “enabling retail transactions via chat” opens the door for more counterfeit goods, difficulty monitoring the sales channel, increasing difficultly of enforcing online purchase terms, and lack of visual space to properly notify customers of the terms and conditions.
‘‘All the issues you would have when conducting transactions over the Internet are magnified when you’re using a messenger app,’’ David Adler, principal of Adler Law Group in Chicago, said.
From healthcare apps, to mobile devices, to utilities, services are collecting and aggregating customer data across many different types of connected devices. Many mobile apps and services rely on a consumer’s location information. As more mobile apps connect to the Internet to send and receive location data, the FTC, legislators, privacy advocates, and others have identified location information as a particularly sensitive category of data. A recent study conducted by Carnegie Mellon University contained shocking revelations about the frequency with which location information is gathered and transmitted to companies through their mobile apps. At the same time, the recent settlement with in-store retail customer tracking provider Nomi highlights the FTC’s increased scrutiny of data gathering practices and disclosures of mobile application developers.
It is no secret that retailers could derive significant business intelligence from the real-time moments through stores. This is one of the areas around which companies innovate around customers’ private information. For example, Nomi Technologies, a company whose technology allows retailers to track consumers’ movements through their stores, made headlines when it agreed to settle Federal Trade Commission charges that it misled consumers about opting out of their tracking services. This is not why you want to have your company’s innovations in the news.
Business counsel both inside and outside of companies developing applications that leverage mobile geolocation data of consumers and employees should be aware of the many issues that are developing around this area such as: How is geolocation information gathered and how does data flow from device, to app to, third party? How is it shared and used in mobile advertising? When is consent required and how should stakeholders obtain such consent?
Global and China mHealth App Market Size and Forecast up to 2014: Acute Market Reports
The report introduced MHealth App basic information about international market analysis, China domestic market analysis, Macroeconomic environment and economic situation analysis, MHealth App industry policy and plan, MHealth App product specification, manufacturing process, cost structure and statistics in China.
App, portal help spina bifida patients with self-care tasks
Digital healthcare services in 2016 (and beyond)
On Sept. 10, 2015, as part of the Mining Data and Privacy: A Primer Continuing Legal Education presentation moderated by the ISBA Intellectual Property committee, I presented the topic:
ISBA Privacy CLE – “Special Areas”: “Discover the security and privacy issues that have arisen in a number of special areas – HIPAA, COPPA, special state laws and regulations that govern online privacy, protection of personal data in court filings.”
The presentation is available here.
Changes in Global Privacy Affect Small Business Too
In case you missed it, on October 6, 2015 the Court of Justice of the European Union (CJEU) issued a long-awaited privacy ruling in the case involving Maximilian Schrems, the Ireland Data Protection Authority (DPA) and Facebook. Back in 2000, the EU Commission decided that personal data sent to US organizations that sign up to the Safe Harbor scheme is adequately protected. Safe Harbor organizations self-certify compliance with certain privacy principles, and the scheme is enforced by the US FTC.
Background
Simply put, Schrems sued to prohibit transfer of his personal data from Facebook Ireland to Facebook in the U.S. due to widely perceived flaws in U.S. data protection following the Edward Snowden NSA revelations.
Why it Matters
Over 5,000 U.S. companies “self-certify” under Safe Harbor, and their European partners and customers rely on Safe Harbor for data transfers into the U.S. The decision may impact many small to medium sized business who use social media for marketing and business development, as well as businesses that use cloud-based services for gathering, processing and sharing data. Transfers of Personally Identifiable Information (PII) from the EU to the U.S must either be authorized by national data protection authorities, or be able to rely on one of the legal exceptions.
Although the Safe Harbor companies publicly committed to apply the Safe Harbor Privacy Principles to the personal data they brought into the U.S. (and some companies passed these commitments on to other entities under Onward Transfer agreements), companies that disregard those commitments, with regard to either stored data or new data transfers, could expose itself to FTC enforcement against “unfair or deceptive practices” or judicial complaints based on U.S. contract, fraud, or tort law, as well as to enforcement in the EU – such as complaints before labor tribunals, courts, and data protection authorities.
Don’t Panic, Yet
While the decision is likely to have a significant impact on the transfer of personal data from the EU to U.S. recipients, EU leaders say it’s not time to panic yet. Experts have pointed out the alternative legal bases for transatlantic data transfers that exist, such as contracts, Binding Corporate Rules or actual, express consent. Many businesses may be able to use these methods and continue their transatlantic data transfers.
Domestic Developments
At the same time, California leads the U.S. in enacting new privacy legislation. Last week California passed legislation that may equate to what the EU wants to see on the federal level. According to §1546.1 b) of CalECPA any government entity must have a warrant, wiretap order, order of electronic reader or a subpoena if they want to compel any individual or a service provider to disclose information stored on their devices (mobile phones, computer, tablets, tv, servers you name it). §1546.1 c) states that government agencies cannot access, either physically or remotely, a device unless they have a warrant, wiretap order, consent of the authorized possessor of the device, if the government in good faith, believes there is an emergency that could jeopardize someone’s life or physical integrity (in which case they’ll have to get a warrant within 3 days later) or in case the devices are confiscated from inmates in state prisons.
Concerned about whether your business is at risk for violating EU data protection rules? Don’t be. We offer a FREE, no-obligation one (1) hour consultation to identify potential issues. The professionals at the Adler Law Group can help you review, enhance and adopt standardized contracts and implement methodologies for approaching these challenges by setting objectives, determining scope, allocating resources, and developing agreements that will efficiently and effective manage risks, while keeping pace with the business.
Please call: (866) 734-2568, click: http://www.adler-law.com, or write: David @ adler-law.com.
A recent case from the 6th Circuit Court of Appeals examined the question “Are the stripes, chevrons, zigzags, and color blocks that adorn most cheerleading uniforms sufficiently creative to be protected under US Copyright law?” The case, Varsity Brands et al. v. Star Athletica, No. 14-5237 (6th Cir. 2015), involves a lawsuit between competing suppliers of cheerleading uniforms and “warm-ups.” Plaintiff Varsity, claimed that defendant Star had copied protectable elements of it’s uniform designs. The District court agreed with Star, but the Court of Appeals reversed. The case holds important lessons for creative professionals seeking to protect their original work in an increasingly completive environment where “knock-offs” and copycat designers are all too common.
Back in 2013, I published “Fashion Law: Protecting Brands and Designs,” an article in Landslide, the legal publication of the Intellectual Property section of the American Bar Association. The article is available here. Although the article addressed protection under Trademark and Patent, in addition to Copyright, one of the primary issues was and is when, if ever, can the design features incorporated into the design of a useful article be identified separately from, and exist independently of, the utilitarian aspects of the article?” The Varsity case provides useful insight and analysis on that question.
Are Fashion Designs Protectable Under Copyright?
The Varsity case answers with a resounding “yes.” First, although copyright protects creative works of authorship fixed in a tangible medium of expression (17 U.S.C. 102(a)), protection requires a certain amount of “originality.” Because so much of fashion design is derivative of what has come before, the hurdle for protection of fashion designs is the tension with §102(a)(5) of the Copyright Act. (17 U.S.C. 102(a)(5)) That section protects pictorial, graphic, and sculptural aspects of apparel if, and only to the extent that, the design features that can be identified separately from, and are capable of existing independently of, the utilitarian aspects of the article.” (17 U.S.C. 101) §
Courts have viewed this requirement as requiring either “physical separability” or “conceptual separability,” a test that they have struggled to pin down. However, courts that have addressed the issue in the case of designs of clothing have routinely viewed clothing utilitarian because they “cover the wearer’s body and protect the wearer from the elements.” Celebration Int’l, Inc. v. Chosun Int’l, Inc., 234 F. Supp. 2d 905, 912 (S.D. Ind. 2002) “Unlike a patent, a copyright gives no exclusive right to the art disclosed; protection is given only to the expression of the idea—not the idea itself.” Mazer v. Stein, 347 U.S. 201, 217 (1954)
Guidance For Lawyers That Advise Fashion Designers.
In order to help fashion designers protect their ideas, it is important to understand how the court evaluates the protect ability of design elements. The Court engaged in a lengthy examination of the various tests applied by different courts before adopting the widely used “hybrid” approach. According to the Court the best approach to determining whether a design is a copyrightable pictorial, graphic, or sculptural work is to ask a series of five questions from the Copyright Act: 1) is the design a pictorial, graphic, or sculptural work? 2) Is it a design of “an article having an intrinsic utilitarian function?” 3) What are the utilitarian aspects? 4) Can the viewer of the design identify “pictorial, graphic, or sculptural” features separately from the utilitarian aspects? and 5) Can those features exist independently? The Court added that the design process may also help determine whether a design feature is necessary to the design are or to the functionality.
Key Take Always From The Varsity Case.
First, Varsity started from a position of strength. It has registered it’s designs with the US Copyright Office. The Court gave strong deference to the Copyright Office. The lesson for designers is that it’s never too early to seek registration of your work.
Second, be mindful of the aesthetic versus functional distinction during the design process. Design elements that are required to make the item function as a garment will not be protectable.
Ping® by AdlerLaw A Legal Blog 