Online marketing continues to evolve and affiliate marketing can be a great method of building brand awareness. Online marketers need to stay ahead of legal and regulatory compliance trends. This article looks at recent Federal Trade Commission (“FTC,” “Commission,” or “agency”) activity that impacts online marketing.

Given the lack of a comprehensive federal regulatory scheme, and the increasing awareness of deceptive marketing practices, it is not surprising that the FTC has ramped up enforcement efforts against entities not covered by existing, industry-specific federal regulations over the last decade. Notably, one company has defended itself against the FTC by challenging the FTC’s authority to pursue such broad enforcement.

Jurisdiction

The widely-watched case of FTC v. Wyndham Worldwide Corp is not just about Cybersecurity.

The Federal Trade Commission (FTC) has just won the first major round of its fight with Wyndham Hotels over data security. However, the importance of the case has more to do with the FTC’s jurisdiction, challenged when Wyndham moved to dismiss the FTC’s case. Affirming the FTC’s broad jurisdiction, the federal judge overseeing the controversy noted that the case highlights “a variety of thorny legal issues that Congress and the courts will continue to grapple with for the foreseeable future.”

Affiliate Marketing: A Roadmap for Compliance: Text Message Marketing

The Commission is cracking down on affiliate marketers that allegedly bombard consumers with unwanted text messages in an effort to steer these consumers towards deceptive websites falsely promising “free” gift cards.

For example, in eight different complaints filed in courts around the United States, the FTC charged 29 defendants with collectively sending more than 180 million unwanted text messages to consumers, many of whom had to pay for receiving the texts. The messages promised consumers free gifts or prizes, including gift cards worth $1,000 to major retailers such as Best Buy, Walmart and Target.

By now, many in the Affiliate Marketing industry are familiar with the Legacy Learning Systems case. In March, 2011 the FTC settled charges against Legacy — which sells instructional DVDs — that Legacy represented, directly or indirectly, expressly or by implication, reviews of their products were endorsements reflecting the opinions of ordinary consumers or independent reviewers, when many of the favorable endorsements were posted by affiliate marketers who received a commission from Legacy for sales they generated.

Regardless of the form of affiliate marketing – email campaigns or text message campaigns – there are a couple key take-aways here.

First, identify and disclose a material connection between a product user or endorser and any other party involved in promoting the product. A “material connection” is a relationship that affects the credibility of an endorsement and wouldn’t be reasonably expected by consumers. See our article about complying with the endorsement guides here.

Second, set up and maintain a system to monitor and review affiliates’ representations and disclosures to ensure compliance. For example, Legacy looked at its top 50 revenue-generating affiliates at least once a month, visiting their sites to review their representations and disclosures. It has to be done in a way designed not to disclose to the affiliates that they’re being monitored.

Third, understand he requirements for conducting legally-compliant text message marketing. The Telephone Consumer Protection Act (TCPA) makes it unlawful to make any call (other than a call made for emergency purposes or made with the prior express consent of the called party) using any automatic telephone dialing system or an artificial or prerecorded voice … to any telephone number assigned to a . . . cellular telephone service … or any service for which the called party is charged for the call. The prohibition on calls to cell phones applies to text messaging.

On March 24, 2104, the U.S. Copyright Office published its final rule establishing new copyright registration fees. The new fees will reflect  increased and decreased fees. Under the new fee structure, the fee for online registration of a standard claim will increase from $35 to $55. However, a new online registration option for single works by single authors that are not works made for hire has been introduced at a lower fee of $35. In addition to fees for registration, related services, and special services, this final rule establishes updated fees for FOIA-related services.

 

Privacy Law Update: California “Do Not Track” 

Two California laws went into effect at the beginning of the year that  require additional notifications to consumers.  The California Online Privacy Protection Act (“CalOPPA”) requires that web sites, mobile apps and other online services available to California residents (in reality anyone with a web site that may be accessed by a CA resident) post a privacy policy that gives notice to consumers regarding behavioral or interest-based advertising practices (“OBA”).

Disclosures must explain:
1. If a web site operator allows other parties to use tracking technologies in connection with the site or service to collect certain user data over time and across sites and services; and
2. How it responds to browser “do not track” signals or other mechanisms designed to give consumers choice as to the collection of certain of their data over time and across sites and services

In addition, the “California Shine the Light Act” requires that companies (except non-profits and businesses with less than 20 employees) collecting broadly defined personal information from California consumers on or offline either: (a) give consumers a choice as to the sharing of that information with third parties (including affiliates) for direct marketing purposes; or (b) provide notice of, and maintain, a method by which consumers can annually obtain information on the categories of information disclosed the names and addresses of the recipients of that data, and a description of the recipients’ business.

If an e-commerce service offers tangible goods or services, or vouchers for them, to California consumers, it must give certain notices to consumers, including how they can file a complaint with the CA Department of Consumer Affairs.

Are you  concerned about how to disclose how your service responds to “Do Not Track” signals or similar tools and settings, and whether third parties are permitted to collect personally identifiable information about consumer online activities over time and across different websites when a consumer uses that online service? We may be able to help. We can review your policies, your information gathering and sharing practices, and advise on whether there is room for improvement.

Please contact us for a no-fee consultation.

I am pleased to announce a collaboration with the San Francisco Design Center:

The Protecting Original Design Package

Designers and manufacturers need to know what steps they can take to protect their designs, businesses and their profits.

Let David Adler of Adler Law Group, an intellectual property attorney, advise you about trademark and copyright laws and how they can be implemented to protect original designs in an age of knock-offs.

David is offering a special offer to SFDC Premier Members: a professional rate reduced by 25% from the standard rate.

Please contact David Adler via telephone at (866) 734-2568, via email at adlerlaw1@mac.com or using the contact from below.

In January of this year, the California Attorney General obtained $150,000 settlement, plus ongoing notification obligations, from a CA company that learned that one its computers had been sold at a thrift shop.

The ongoing obligations include a duty to: 1) notify employees as information becomes available, 2) train employees on additional methods to protect sensitive information, and 3) review and improve its policies regarding protecting sensitive information.

The CA AG’s enforcement action alleged that the company learned of the lost hard drive on September 24, 2011 and regained the drive on December 21, 2011. Within a week, forensic analysis determined employee personal information was contained on the drive. However, the company did not notify some 20,000 current and former affected by the disclosure until mid-March 2012, almost four(4) months later.

So, what is a reasonable time period to respond to a security breach and how fast does a company have to notify consumers or employees that a data breach has occurred?

Unfortunately, there is no “bright line” rule. Most state breach notification laws and, for that matter many Data/IT/Cloud contracts, require notification within a reasonable time frame, or “without delay”, subject to some qualifications. A couple of states require notification to occur no later than 45 days after discovery, there is not a bright-line, objective answer.

California’s law requires that: “The disclosure shall be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement . . . or any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.”

The key take away is that waiting several months after a forensic investigation to disclose the occurrence of a data breach to those affected is probably too long. Companies facing a data breach can and should take into account the legitimate needs of law enforcement and the requirements of forensic investigation. Within those parameters, a company is well-advised to begin the notification process even if it must reserve for itself the ability to conduct additional investigation and provide sole tang notification.

NOTE: This is not legal advice. Every situation is unique and if you or your company is dealing with a data breach or its consequences you should engage a qualified attorney.

Please feel free to tweet, like, and share this article. You can contact me at (866) 734-2568 for a no-fee consultation.

One of the key issues that must be examined when negotiating or drafting any contract is how the parties may get out of, or “terminate,” that contract. While many attorneys will rest on standard “termination for breach with notice and cure” language, the recent case of Powertech Tech. v. Tessera, Inc. demonstrates how artful drafting can put limitations on a party’s right to terminate. The Opinion in U.S. District Court for the Northern District of California case No. C 11-6121 can be found here.

Powertech and Tessera were parties to a patent license agreement, although the court’s reasoning does not seem limited to only those types of agreements. The license agreement allowed Powertech to use Tessera’s patents in exchange for payment of license fees.

The contract contained the following clause regarding termination for breach:

“Termination for Breach. Either party may terminate this Agreement due to the other party’s breach of this Agreement, such as failure to perform its duties, obligations, or responsibilities herein (including, without limitation, failure to pay royalties and provide reports as set forth herein). The parties agree that such breach will cause substantial damages to the party not in breach. Therefore, the parties agree to work together to mitigate the effect of any such breach; however, the non-breaching party may terminate this Agreement if such breach is not cured or sufficiently mitigated (to the non-breaching party’s satisfaction) within sixty (60) days of notice thereof.”

The court held that Powertech was not permitted to terminate a license agreement with Tessera for Tessera’s breach because Powertech itself was in breach of the agreement by its failure to pay royalties to Tessera.

Acknowledging Powertech’s argument that Tessera was itself in breach, that in and of itself did not give Powertech the right to terminate the contract. Only a “non-breaching” party may terminate the agreement. Said the court “[a]lthough the first sentence of the termination clause is broad – ‘Either party may terminate this Agreement due to the other party’s breach’ — the language of the clause as a whole makes clear that only a non-breaching party may terminate. Reading the clause as a whole, the court concluded “[t]he termination clause refers to a “breaching party” and a “non-breaching party” in every sentence after the first… [therefore]…the clause requires the party seeking to terminate for the other party’s purported breach to be substantially in compliance with its own obligations first.

The Powertech agreement’s termination clause is useful because it put conditions on a party’s ability to terminate the agreement even when the other party was in breach.

David:

Digital media continues to befuddle courts and push traditional legal boundaries.

Originally posted on Gigaom:

When Montana blogger Crystal Cox lost her defamation case in 2011, the decision was greeted by a chorus of cheers from journalists, who were quick to argue that Cox wasn’t a journalist in any real sense of the word, and therefore didn’t deserve any protection from the First Amendment. An appeals court for the Ninth Circuit has disagreed, however: on Friday, a panel of judges overturned the original decision and said that Cox was in fact entitled to protection.

The implications of this ruling go beyond just a single defamation case. It’s another link in a chain of decisions that are gradually helping to extend the principle of free-speech protection beyond professional journalism to anyone who is publishing information with public value — and as such, it helps shift the focus away from trying to define who is a journalist and puts it where it should be: on protecting…

View original 715 more words

Follow

Get every new post delivered to your Inbox.

Join 2,949 other followers

%d bloggers like this: