Copyright, Fair Use & Media

Digital Media

Digital Media

Media Creation & Consumption is Challenging Traditional Legal Notions.

At a time when #media creation & consumption has transformed, two recent cases, both involving Fox News Network on opposite sides of the “fair use” defense to copyright infringement, highlights the evolving and dynamic legal challenges facing business and content creators. In each case, Fox News loses on Summary Judgment.

Photographs, Fair Use & Social Media

The first case, North Jersey Media Group, Inc. v. Jeanine Pirro and Fox News Network, LLC, involves what many recognize as the “now iconic photograph of the firefighters raising the American flag on the ruins of the World Trade Center on September 11, 2001.” The photograph – which bears a striking resemblance to Joe Rosenthal’s World War II photograph of the Iwo Jima flag-raising – has become a similarly striking symbol of American patriotism.

That similarity was not lost on a production assistant for a Fox News program “Justice with Judge Jeanine” who posted the two images, unaltered, on the show’s Facebook Page, along with the phrase “#neverforget,” allegedly to commemorate the twelfth anniversary of the attack.

The case is noteworthy for its analysis of the “fair use” defense in a social media context. While the Copyright Act grants authors certain exclusive rights, including the rights to reproduce the copyrighted work and to distribute those copies to the public (17 U.S.C. § 106(1), (3)) one often quoted and widely misunderstood limit to those rights is the doctrine of “fair use,” which allows the public to draw upon copyrighted materials without the permission of the copyright holder in certain circumstances. The fair use doctrine is an after-the-fact defense to infringement, not a pre-emptive justification to use another’s work without permission.

Educated in journalism and media studies, the production assistant acknowledged that she understood a copyright to be something that is owned by someone else although she had no training in copyright law either in college or during her tenure at Fox News. She had been working at Fox News for approximately three years, had previously sought legal advice regarding use of photographs on the broadcast, but never in connection with posting images to the program’s Facebook page.

The key take-away for businesses and digital marketers alike is the need for vigilance when using third-party content on social media. Employee education and training on what copyright protects, what it doesn’t, and how it works may help prevent your business form facing a similar situation.

Media Monitoring, Digital Content & Copyright Fair Use

The second case, Fox News Network, LLC v. TVEyes, Inc., involves a company that monitors and records all broadcasts by more than 1,400 television and radio stations twenty-four hours per day, seven days per week. This content is indexed and organized in a searchable database that allows subscribers to search terms, determine when, where, and how those search terms have been used, and obtain transcripts and video clips of the portions of the television show that used the search term.

Fox News Network, LLC sued to enjoin TVEyes from copying and distributing clips of Fox News programs. TVEyes asserted that its system and services are permitted under the doctrine of “fair use.”

The court found that TVEyes service was a fair use. Unlike other services that simply “crawl” the Internet, culling existing content available to anyone willing to perform enough searches to gather it, the indexing and excerpting of news articles, where the printed word conveys the same meaning no matter the forum or medium in which it is viewed, the service provided by TVEyes is transformative. By indexing and excerpting all content appearing in television, every hour of the day and every day of the week, month, and year, TVEyes provides a service that no content provider provides. Subscribers to TVEyes gain access, not only to the news that is presented, but to the presentations themselves, as colored, processed, and criticized by commentators, and as abridged, modified, and enlarged by news broadcasts.

The key take away for technology companies that rely on content is what the court says about features of the Services (as opposed to the technology itself, e.g. the software/platform): the issue of fair use is for the full extent of the service, TVEyes provides features that allow subscribers to save, archive, download, email, and share clips of Fox News’ television programs. The parties have not presented sufficient evidence showing that these features either are integral to the transformative purpose of indexing and providing clips and snippets of transcript to subscribers, or threatening to Fox News’ derivative businesses.”

In other words, evidence that certain features are essential to the use of a service, may be sufficient to show how the features (service) exist above- and-beyond what stale or static content can show.

You Don’t Have to Muddle Through

When it comes to understating evolving technology legal risks, your business can’t simply muddle through. The professionals at the Adler Law Group can help you adopt conduct risk assessments, provide employee training and methodologies for approaching these challenges by setting objectives, determining scope, allocating resources, and developing practices that will efficiently and effective manage risks, while keeping pace with the business.

For a free consultation, call us at (866) 734-2568, send and email to info@ecommerceattorney.com or visit our web site www.adler-law.com

Oklahoma, Louisiana, join growing list of States with Social Media Laws

Oklahoma and Louisiana join Wisconsin and Tennessee in recent laws restricting access to applicants’ and employees’ personal online content by prospective and current employers. Adoption of Social Media platforms continues to grow as do new legal and business risks arise as well as state legislatures provide new rules, regulations and guidance. As state by state compliance requirements develop, businesses need to review frequently overlooked elements of key social media guidance, such as how to approach specific areas like Monitoring, Content Approval, Training and Information Security.

This latest round of bandwagon-jumping follows efforts by most other states that have addressed the issue. The key take-away is that business need to take a state-by-state approach to social media legal compliance.

Generally, most of these types of laws prohibit employers from requesting or requiring that applicants or employees disclose a username, password, or other means of authentication for their online accounts.

Employers should be on the lookout for laws that address whether an applicant or employee must accept a “friend” request, change privacy settings to permit access by the employer, or otherwise divulge personal online content.

Another area of concern is the definition of “personal,” “social media” and “account. ” these definitions vary and often cover far more than common notions of social media.

Some laws apply to any online account, including e-mail, instant messaging and media-sharing accounts. Some laws address the scope of use such as “exclusively for personal communications” as opposed to “business purposes of the employer” or “business-related communications.” This carve-out further narrows the scope of the Oklahoma and Louisiana laws.

While these laws generally prohibit adverse actions based based on a refusal to provide user name, password or other authentication information, each law should be scrutinized for broader prohibitions, such as those against penalizing or threatening to penalize an employee or applicant for refusing such requests.

Technology continues to evolve and so does the legal and regulatory environment. Businesses need to continually assess and address the risks created by new laws and new uses of tech in the workplace.

Contact us for a free consultation to learn what we can do to help your business navigate the ever-changing regulatory minefield. What you don’t know can hurt you. We are here to help you avoid getting hurt.

Is Your Company’s Web Site Privacy Policy Compliant With New California Law?

Privacy Law Update: California “Do Not Track” 

Two California laws went into effect at the beginning of the year that  require additional notifications to consumers.  The California Online Privacy Protection Act (“CalOPPA”) requires that web sites, mobile apps and other online services available to California residents (in reality anyone with a web site that may be accessed by a CA resident) post a privacy policy that gives notice to consumers regarding behavioral or interest-based advertising practices (“OBA”).

Disclosures must explain:
1. If a web site operator allows other parties to use tracking technologies in connection with the site or service to collect certain user data over time and across sites and services; and
2. How it responds to browser “do not track” signals or other mechanisms designed to give consumers choice as to the collection of certain of their data over time and across sites and services

In addition, the “California Shine the Light Act” requires that companies (except non-profits and businesses with less than 20 employees) collecting broadly defined personal information from California consumers on or offline either: (a) give consumers a choice as to the sharing of that information with third parties (including affiliates) for direct marketing purposes; or (b) provide notice of, and maintain, a method by which consumers can annually obtain information on the categories of information disclosed the names and addresses of the recipients of that data, and a description of the recipients’ business.

If an e-commerce service offers tangible goods or services, or vouchers for them, to California consumers, it must give certain notices to consumers, including how they can file a complaint with the CA Department of Consumer Affairs.

Are you  concerned about how to disclose how your service responds to “Do Not Track” signals or similar tools and settings, and whether third parties are permitted to collect personally identifiable information about consumer online activities over time and across different websites when a consumer uses that online service? We may be able to help. We can review your policies, your information gathering and sharing practices, and advise on whether there is room for improvement.

Please contact us for a no-fee consultation.

Texas House Votes To Extend #Privacy Over Personal Emails

AUSTIN, Texas — A divided House vote provides momentum for Texas employees who wish to shield personal text messages, email passwords under a bill backed by Democratic State Rep. Hellen Giddings and given preliminary approval Thursday.

Proponents say Texas workers need the same social media protections provided in several other states. The bill prohibits employers from asking job applicants or employees for passwords to access their Facebook, Twitter or other personal accounts. Opponents argue it will provide “safe harbor” for employees to steal proprietary information at the workplace through their personal accounts.

No specific penalties are spelled out for employers who would violate the law.

The Texas law is another reminder of the ongoing evolution of Social Media law and regulation as legislators and private businesses struggle to understand how these technologies affect everyone’s rights, obligations and remedies.

If you or your business is concerned about social media legal and regulatory compliance, contact David Adler at Leavens, Strand, Glover & Adler. 866-734-2568 dadler@lsglegal.com.

Three Things I Learned About Personal Cybersecurity At RSAConference That You Should Be Doing Right Now

Image representing CloudFlare as depicted in C...

Image via CrunchBase

I just returned from RSAConference 2013 where I had the privilege and honor of giving a presentation of the legal risks caused by social media in the workplace. As a speaker-attendee, I had the priceless benefit of access to all the other speakers and programs held during the conference.

One such program I attended was “We Were Hacked: Here’s What You Should Know”. The speakers, Matthew Prince (@eastdakota) CEO of CloudFlare, and Mat Honan (@mat) writer for Wired Magazine, shared their common experience as targets of high profile hacks. Hearing the details from them first hand, including information from interviews with the hackers themselves, I learned how easy it is to be the victim of hacking and how it’s the little things that create exploitable seams in our information security barriers.

Rather than rewrite their stories, I thought I would share three simple lessons I learned that I’ve already implemented and you should too. Besides, Matt does a better job telling his own story which can be found here.

Here are the three things I learned about how you can protect yourself and others in your organization.

First, security attacks go after the “low hanging fruit” and that often means figuring out a way to exploit your personal email address. With so many web-based services and so much login information to remember, many of us use our personal email as our username for everything from the web sites on which we comment, to our online photo gallery, to our online banking service. Unfortunately, this is probably the address we use for password recovery if we forget. Given that our digital lives are easily mapped, hackers already have one piece of the two-piece login puzzle: they know your user name.

TIP NO. 1: Use a private, obscure email address for your more sensitive information.

Second, once a hacker has accessed your accounts, your computer and your files, the fun has just begun for them. As Matt Honan described, these often adolescent script kiddies simply don’t understand the value of your stored memories and other information. In his case, all the photos of his children were permanently deleted. Regardless of a hacker attack, stuff happens and you don’t want to lose everything because you we’re too lazy to back up.

TIP NO. 2: Back Up your digital life, early and often.

Third, today’s’ Internet is an interdependent ecosystem. Just because you or your organization takes security seriously, doesn’t mean that other do as well. Your internal systems are not enough. Like it or not, the seams of your security perimeter are intertwined and permeated by the services and systems of customers and vendors. For most consumers, the there is a Hobbesian choice of Security v. Convenience. Multiple login usernames and super long passwords are difficult to remember and tedious to use. As a result, most people choose the least secure means of authentication on the assumption that using astringent password is enough. Unfortunately, some people don’t even bothers with that. A recent ZoneAlarm study found that “password” was the fourth most commonly used password by consumers.

Google, Facebook and others have started using two-factor authentication. Two-factor authentication requires that one enter a code after entering the username/password combo. The code is sent via, text message, voice call or email. This greatly reduces the chances of unauthorized access because hackers would need to have your phone, in addition to your username/password combo.

TIP NO. 3: Whenever possible enable two-factor authentication.

Please understand that there is no “magic bullet” when it comes to Cybersecurity. Taking these precautions does not guarantee that you won’t be attached or that your account information won’t be accessed. However, these are important and easy steps that you can take to improve your personal data security.

Please comment and follow!

 

Managing Risk: Legal Issues for Merchants & Affiliate Managers

I will be speaking at Affiliate Management Days SF 2013 (April 16-17, 2013) on the topic of “Managing Risk: Legal Issues for Merchants & Affiliate Managers.”

 

Affiliate marketing is one of the most cost-effective techniques for monetizing web site traffic and driving sales. Unfortunately, it has a reputation for high risk. While the industry is unlikely to ever be risk-free, it is possible to manage risk by: (1) understanding how techniques like behavioral and contextual targeting affect consumers, affiliates and merchants, (2) understanding the legal and regulatory environment, (3) understating risks involved with prospective marketing partners, (4) using and maintaining proper contracts that allocate risk and provide appropriate indemnifications, and (5) keeping informed about the changes in technology, marketing practices and the regulatory environment. Attendees will learn how to identify these issues and develop policies and procedures to keep informed about the current technology, marketing strategies and regulatory compliance.

 

Topics covered include:

 

  • Behavioral/Contextual Advertising
  • Regulatory/Industry Compliance : FTC Guides & Enforcement Actions
  • CAN-SPAM compliance
  • IP Law: Rules governing use of others™ Trademarks/Keywords, Right of Publicity/Endorsement Issues.
  • Identifying, protecting against, and disputing accusations of Click-Fraud

 

Geno Prussakov, the Founder & Chair of Affiliate Management Days and the CEO & founder of AM Navigator LLC did a pre-interview with me on Small Business Trends that can be found here.

 

 

 

Whose Social Media Account Is It Anyway?

As a result of the rapid shift in marketing from unilateral one-to-many communications, to the multilateral, many-to-many or many-to-one conversations enabled by Social Media, employees and employers are struggling to manage accounts that are used for both work and personal purposes.

This new phenomenon has benefits, but it also creates a number of legal challenges. For employees, it may result in greater efficiency, more opportunities for authentic customers engagement and the ability to stay on top of the most current grands and business issues. For employers, it presents opportunity to reap substantial benefits from lower communications and customer support costs. For in-house counsel, it raises a host of legal and practical issues with few easy solutions and significant liability and regulatory risks.

First, there are hardware issues. Smartphones, tablets and other personal electronics often have social networking capabilities built in. in addition, they contain contain both personal and business data. Because these devices are always on and always connected, they are more than just personal property. They have become essential business tools. For both sides of the workplace equation, employers and employees must understand where the privacy lines fall between personal versus work-related information.

Second, there are data issues. Employers must balance their needs to monitor employee usage, employees’ privacy concerns, and the risk of liability for theft or exposure of data if a device is lost or stolen, or from lack of proper safeguards on account usage. For in-house counsel tasked with drafting policies to address these risks, , Prior to implementation of any policy, the legal team needs to educate front line employees and management on reasonable expectations of privacy and security and the harms that the organization seeks to prevent.

Lastly, recent cases such as the Cristou v. Beatport litigation, highlight the struggle to define and control the beginning and end of employee social media accounts, ownership and protection of intellectual property and the post termination risks that arise from the absence of appropriate policies.

As we prepare to start a new year, the time is ripe to establish security and privacy policies governing creation, maintenance and use of employees’ social media accounts for work functions. In-house counsel must lead the charge to educate, inform and train employees about privacy, security and evidence-recovery implications associated with use of social media.