AUSTIN, Texas — A divided House vote provides momentum for Texas employees who wish to shield personal text messages, email passwords under a bill backed by Democratic State Rep. Hellen Giddings and given preliminary approval Thursday.
Proponents say Texas workers need the same social media protections provided in several other states. The bill prohibits employers from asking job applicants or employees for passwords to access their Facebook, Twitter or other personal accounts. Opponents argue it will provide “safe harbor” for employees to steal proprietary information at the workplace through their personal accounts.
No specific penalties are spelled out for employers who would violate the law.
The Texas law is another reminder of the ongoing evolution of Social Media law and regulation as legislators and private businesses struggle to understand how these technologies affect everyone’s rights, obligations and remedies.
If you or your business is concerned about social media legal and regulatory compliance, contact David Adler at Leavens, Strand, Glover & Adler. 866-734-2568 firstname.lastname@example.org.
Tagged: email, employe, employer, Facebook, Privacy, security, Social media, Texas, Twitter, Workplace
October 15, 2012
I’m surprised at how often I receive commercial bulk email messages that are not compliant with the Federal CAN SPAM act.The two biggest mistakes I see are 1) no physical address and 2) no opt-out/unsubscribe mechanism.
Another common mistake is a “blind” bulk email address list like “Undisclosed-Recipients@email.com.” Not only do I NOT know which address this received the offensive message, there usually isn’t even a proper return address for me to send an “Unsubscribe” message.
With the popularity of social media, you’ve probably received a Twitter promotion for iPhones, special deals, free downloads, etc. While it’s easy to dismiss poorly-written tweets from obvious spammers, when someone replies to you on Twitter, says “must read, check it out” and the topic is clearly the kind of thing you read and share it’s more difficult to tell. Often, these are from legitimate accounts where a human has taken the time to compose and send the message.
In light of the growing use of electronic mail (“email”) messages for advertising, marketing, corporate communications and customer service, is essential to have some familiarity with the Federal “Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003” also known as the CAN SPAM Act (the “Act”) The Act provides the parameters of its application, explicit prohibitions, requirements for transmission of legally compliant email messages including the “Opt-Out” mechanism and vicarious liability. Generally speaking, the Act was written to prohibit the fraudulent, deceptive, predatory and abusive practices that threaten to undermine the success and effectiveness of commercial email and email marketing.
Congress drafted the Act to impose limitations and penalties on the transmission of unsolicited commercial email messages. Unlike some state initiatives, the Act is an “opt-out” law. Put another way, for most purposes permission of the e-mail recipient is not required. However, once an email recipient has indicated a desire to opt-out or no longer receive such messages, failure to comply with the recipient’s request may subject both the sender and the person or entity on whose behalf the message was sent to severe penalties.
Frequently asked question about the Act include:
1) To Whom Does The Act Apply? The Act applies to any person or entity that sends email.
2) What Activities Are Prohibited By The Act? The Act is primarily concerned with explicitly prohibiting certain predatory and abusive commercial email practices.
3) What Are The Requirements For Sending Email Messages? Section 5(a) of the Act sets requires the inclusion non-misleading information regarding: (a) transmission, (b) subject, (c) email address, (d) Opt-out and physical address, and (e) clear and conspicuous language identifying sexually-oriented messages.
4) Who Can Be Liable for Violations? The Act applies to both the party actually sending the commercial email messages and those who procure their services.
The primary substantive provisions of the Act can be divided into three parts found in Section 4, Section 5 and Section 6. Section 4 of the Act addresses “predatory and abusive” practices prohibited by the Act. Section 5 details the requirements for transmission of messages that comply with the Act. Section 6 details the requirements for transmission and identification of sexually-oriented messages. Section 6 is not discussed in this article.
Section 4 of the Act lists specific “predatory and abusive” practices prohibited by the Act. In short, the Act specifically prohibits: (i) accessing a computer without authorization for the purpose of initiating transmission of multiple commercial email messages, (ii) transmission of multiple commercial email messages with the intent to deceive or mislead recipients, (iii) transmission of multiple commercial email messages with materially false header information, (iv) registration of email accounts or domain names using information that materially falsifies the identity of the actual registrant, and (v) false representations regarding the registration of Internet Protocol addresses used to initiate multiple commercial email messages.
The second relevant part, set forth in Section 5 of the Act, details the requirements for transmission of messages that comply with the Act. Subject to certain limitations discussed below, the Act requires that email messages contain: (i) transmission information that is not materially false or misleading, (ii) subject information that is not materially false or misleading, (iii) a return address or comparable mechanism for opt-out purposes, (iv) identifier, Opt-out and physical address, and (v) clear and conspicuous language identifying sexually-oriented messages as such. (Note, this last requirement is not discussed. See above.) Lastly, the Act implicates both commercial email transmission service providers as well as those who procure their services.
To Whom Does The Act Apply?
The Act applies to any person or entity that sends email. The Act specifically regulates “commercial electronic mail messages,” defined as any email message “the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose).” However, the Act specifically excludes from this definition “transactional or relationship messages.” A “transactional or relationship message” falls within one of five categories of messages:
- communications that facilitate, complete or confirm a commercial transaction previously agreed to by the recipient;
- communications that provide warranty or other product information with respect to a product or service previously used or purchased by the recipient;
- notifications with respect to a subscription, membership, account, loan, or comparable ongoing commercial relationship;
- information directly related to an employment relationship or related benefit plan in which the recipient is currently involved; and
- communications to deliver goods or services, including product updates or upgrades, under the terms of a transaction previously agreed to by the recipient.(Emphasis added.)
The purpose for the distinction between “commercial electronic mail messages” and “transactional or relationship messages” is to exempt certain types of communications from compliance with all the message transmission requirements of the Act. As should be clear from the list above, the Act distinguishes the types of communications based on the relationship between the sender and recipient rather than on the character of the message. Put another way, so long as the communication is related to some type of existing business relationship, it is not a “commercial electronic mail message.”
What Activities Are Prohibited By The Act?
Section 4 of the Act is primarily concerned with prohibiting certain predatory and abusive commercial email practices. Section 4(a) amends Chapter 47 of Title 18 of the United States Code by adding Section 1037 which specifies the offenses that constitute “fraud and related activity in connection with email.” An offense is committed by anyone who directly or indirectly, knowingly:
- accesses a protected computer without authorization, and intentionally initiates the transmission of multiple commercial electronic mail messages from or through such computer,
- uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages,
- materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages,
- registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, or
- falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses.
Clearly, Section 4 is primarily concerned with preventing practices whereby the sender intentionally, either through outright fraud or other deception, conceals its true identity or the true commercial character of the message.
What Are The Requirements For Sending Email Messages?
Section 5(a) of the Act sets forth certain other protections for the users of commercial email.
Accurate Transmission Information. Among the affirmative requirements of Section 5(a), Section 5(a)(1) prohibits sending either a commercial electronic mail message, or a transactional or relationship message, that contains, or is accompanied by, header information that is materially false or materially misleading. Unlike the general prohibition against sending messages with materially false header information under Section 4, in addition to having technically accurate transmission information, the sender is prohibited from having used false pretense or other deceptive means to acquire such information (e.g. email accounts, domain names and IP addresses). Furthermore, the “from” line must “accurately identify the person transmitting the message.” Lastly, the sender must accurately identify the computers used to originate, relay or retransmit the message.
Note, the following only apply to commercial electronic mail messages:
Accurate Subject Information. Messages must have accurate subject information. Subject information would not be accurate if a “person has actual knowledge, or knowledge fairly implied on the basis of objective circumstances, that a subject heading of the message would be likely to mislead a recipient, acting reasonably under the circumstances, about a material fact regarding the contents or subject matter of the message.”
Inclusion of Opt-out Mechanism. Messages MUST contain a functioning return email address or other Internet-based mechanism (e.g. hyperlink), that is clearly and conspicuously displayed that enables a recipient to submit a request to opt-out of future email messages from the sender whose email address was contained in the message. The opt-out mechanism (whether email address or hyperlink, etc.) must remain functional for at least thirty (30) days after the transmission of the original message.
Removal After Objection. If a recipient makes a request using the opt-out mechanism, the sender shall not transmit any further messages to the recipient, more than ten (10) business days after the receipt of such request, if such message would fall within the scope of the request. A third-party acting on behalf of the sender shall not transmit or assist others to transmit, any further messages to the recipient, more than ten (10) business days after the receipt of such request, if such third party knows or should know of the recipient’s objection. Lastly, the sender and any third party who knows that the recipient has made such a request, shall not sell, lease, exchange, or otherwise transfer or release the electronic mail address of the recipient for any purpose other than compliance with the Act or other provision of law.
Inclusion of Identifier, Opt-out & Physical Address. Every message must clearly and conspicuously: (i) identify the message as an advertisement or solicitation; (ii) provide notice of the opportunity to opt-out of future communications; and (iii) provide a valid physical postal address of the sender. However, the notice that a message is an advertisement or solicitation does not apply where the recipient has given prior affirmative consent to receive the message.
Related Activities Proscribed.
Other prohibitions in the Act concern unethical or unscrupulous practices that tend to coincide with deceptive or abusive email. Several common methods for generating email distribution lists have also been proscribed. The Act prohibits certain unethical practices such as:
- hijacking another email server to send or relay messages;
- “harvesting” email addresses that appear on others’ Web sites;
- randomly generating email addresses;
- knowingly linking an email ad to a fraudulently registered domain; and
- participating in other offenses such as fraud, identity theft, etc.
Who Can Be Liable for Violations?
The Act applies to both the party actually sending the commercial email messages and those who procure their services. One cannot “outsource” its “spam” and thereby avoid liability under the Act. One may be held accountable if the email service employed isn’t actually using a legally-compiled or permission-based list. Under some parts of the Act one may be held liable for employing a third party to distribute the messages “with actual knowledge, or by consciously avoiding knowing, whether such [third party] is engaging or will engage, in a pattern or practice that violates this Act.”
The Act was written to prohibit the fraudulent, deceptive, predatory and abusive practices that threaten to undermine the success and effectiveness of commercial email and email marketing. Since Bacon’s uses email to communicate with employees, vendors, existing and prospective customers, Bacon’s is clearly subject to the Act. The Act focuses on enumerating proscribed activities rather than affirmative obligations to make it easier for legitimate, honest businesses to comply with the Act. The Act distinguishes communications based on a previously existing relationship between the sender and the recipient from those communications that are prospective in nature. Generally, email messages not based on a pre-existing relationship are subject to greater affirmative requirements.
- Be Aware of the Requirements for Transmitting Messages.
- Require Compliance by Clients.
- Monitor Distribution by Affiliates.
Tagged: Advertising, CAN SPAM Act, CAN-SPAM Act of 2003, E-mail spam, IP address, IPhone, Opt-out, Twitter
July 17, 2012
Into the data jungle – in association with Huron Legal
Technological developments such as cloud computing, social networking and mobile apps mean EU law is no longer fit for purpose. The EU claims current laws often conflict and cost businesses a total of nearly £2bn a year.
Saudi Arabia considers law against insulting Islam
Bangladesh News 24 hours
JEDDAH, Saudi Arabia, July 16 (bdnews24.com/Reuters) – Saudi Arabia is studying new regulations to criminalise insulting Islam, including in social media, and the law could carry heavy penalties, a Saudi paper said on Sunday.
Mind the missteps in online job dance
With some background check firms specializing in social media searches (U.S.-based Social Intelligence Corp. for one), how do third-party recruiters use social media when screening or finding clients for law firms in Canada?
Saudi Arabia looking to criminalize Islam insults on social media
DUBAI: The Saudi Arabia government is looking to ensure users on social media networking sites do not insult Islam or the Prophet Mohamed, al-Watan newspaper reported on Sunday, citing officials who said a new law could bring “heavy” penalties.
Watching the detectives: the case for restricting access to your social media data
That debate tells us something about how Australians and the media conceptualise privacy and business-government relationships in a world where mobile phones and social network services such as Facebook are ubiquitous.
10 Tactics for Integrating Photographs into Content Marketing
Business 2 Community
Acquire digital rights for images. Remember when using images, especially photographs, your legal team is your best friend. Ensure that you’ve got the right to use the photos by incorporating outtakes and additional shots for social media.
Syracuse Neighborhood Watch plans to increase social media outreach
New program coordinator plans more email, social media contact. … CNY Biz Central – Legal. Helpful advice about finding the right attorney for your legal needs. CNY Biz Central. Get information from our team.
Reasonable Expectations of Privacy in the Digital Age
Mondaq News Alerts (registration)
In this digital age of smart phones, global positioning systems, cloud computing, and social networking, determining what constitutes private information and what lengths our legal system will go to protect it is increasingly challenging.
Sale Of Digg Reminder Of Potential Risks To Facebook And Other Social Media …
In 2011, social media watchers may recall reading in Bloomberg that Myspace, which had been purchased by News Corporation (NWS) for $580 million in 2005 had reportedly been sold for just $35 million to private investors, including Justin Timberlake. In …
Your Social Media Tweeting & Posting Legal Rights. TV … – YouTube
Find out how legally liable you are for your Twitter Tweets and Facebook postings.
Tagged: Bloomberg, Cloud, content, Criminal law, Digg, Facebook, Global Positioning, GPS, Images, Islam, Legal, Marketing, Meida, MySpace, Photographs, Photos, Privacy, Saudi Arabia, Smart phones, social, Syracuse, tech, technology, Twitter, Video, YouTube
social media platforms. It is axiomatic that fashion marketing requires a deep understanding of the target audience, regardless of whether that knowledge comes from online or offline interaction. Social media provides a forum for a more authentic, transparent and personal engagement with the customer, but also highlights whether a brand has judged (or misjudged) its customer base.
To be successful in social media, brands need to harness the personality, wit, charm and, in all likelihood, free time of their staff. In order to ensure positive, informative and engaging social interaction, a fashion brand’s social media rules must be smart, positive and inclusive. Here are some guidelines for drafting a social media policy that will bring out the best in your brand, your employees (brand ambassadors) and your customers.
Rather than writing out a lengthy, legal boilerplate script, keep these considerations in mind when drafting your policy:
- Philosophy. Begin with a discussion of how social media fits into an employee’s job expectations and performance. For example, guidelines are important, because if not followed “bad things” can happen, such as losing customers or vendors, the company could get into legal trouble, or worse, you could lose your job.
- Behavioral Expectations. This is a good place to remind employees that even though it’s a big world, you are often in a small community and, on the Internet, it’s forever. What a person says can be seen by customers and employees all over the world. Remind employees to stick to their areas of expertise and use respectful conduct. Other watch words include “timeliness” (posts should be fresh, current and relevant), “perspective” (something that may sound clever and racy to one person may be inaccurate or offensive to another), “transparency” (be the first to point out that you are an employee and make it clear that you are not a company spokesperson) and “judiciousness” (use caution when discussing things where emotional topics like politics and religion and show respect for others’ opinions).
- Channel expectations. If your company has a social media strategy, make sure employees know which sites (communication channels) are appropriate for which types of communications and marketing messages.
- Contextual Expectations. Help employees understand the context within which they are engaging customers. Suggest using a conversational style. Remember that in customer’s eyes, “perception is reality.” Add value: Make sure your posts really add to the conversation. If they promote the company’s goals and values, supports the customers, improves or helps to sell products, or helps to do jobs better, then you are adding value.
- Content Expectations. The policy must have clear and conspicuous language about what is considered company proprietary information, including current projects, trademarks, names, logos and how they may be used. Never: (i) discuss or post about financial information, sales trends, strategies, forecasts, legal issues and future promotional activities; (ii) post confidential or non-public information about the company; (iii) give out personal information about customers or employees; or (iv) respond to an offensive or negative post by a customer.
- Consequences. Lastly, be upfront about the very real consequences if mistakes are made. If a mistake occurs, correct it immediately and be clear about what’s been done to fix it. Contact the social media team if there’s a lesson to be learned.
Tagged: Brand, Company, Customer, Employment, Facebook, Fashion, Social media, Twitter
May 3, 2012
This person will be responsible for closing your email addresses, social media profiles, and blogs after you are deceased. Sounds good, but legally it’s tricky territory.
Rights Groups: Asian Media Freedoms Under Fire
Voice of America
SEAPA says the key trend is that governments are shifting focus from traditional broadcast and print media to social media and online news. SEAPA Executive Director Gayathry Venkiteswaran said online news sites have become the most frequent target.
Liberia: Will Social Media Increase Civic Engagement?
Global Voices Online
CT: The growing usage of the internet and social media in Liberia is certainly a progressive trend. Having worked in Liberia, can you briefly tell us how the internet and social media are viewed by the cross sections of the Liberia population?
By MyCorporation CALABASAS, Calif., May 3, 2012 — /PRNewswire/ — Calabasas-based company MyCorporation is releasing a new social media product to benefit small businesses, MyCorpSocial.
Hordes of angry hockey fans – presumably Boston Bruins fans — unleashed a barrage of racist rants on Twitter and other social-networking sites after the Washington Capitals beat the defending champion Bruins a week ago Wednesday on an overtime goal.
Keep it private – your Facebook password should not be shared: Commissioner …
Canada NewsWire (press release)
Some of the issues covered in depth in the paper include: Build up a positive online social media profile. “It is absolutely crucial to remember that anything you post online may stay there forever, in one form or another, so think carefully.
Canadians encouraged to plan for online estates
Canadian consumers are being encouraged to consider their online property, including social media accounts, when planning a will. A new report released earlier this week by the BMO Retirement Institute raises concerns.
Continued concern about employers asking applicants and employees for their passwords to social media sites has led to the introduction of a federal bill.
Tagged: Facebook, Law, Legal, legislation, News, Passwords, regulation, security, SNOPA, Social media, Twitter