Ping® May 2022 – Improving Affiliate Engagement

Affiliate Marketers: Want to learn best practices, strategies, and tactics from a seasoned legal professional who works with businesses and regulators at the federal and state levels? 

David Adler takes clients through the ins-and-outs of providing advertisers, merchants, agencies and affiliates the tools they need for running a trustworthy and successful business.

On May 25, 2022 David Adler is presenting Trafficking in Trust: How to Enhance Affiliate Engagement an AMDays Workshop at Affiliate Summit East 22. In case you can’t make the presentation, here’s an excerpt of one of the topics covered:

The 3 C’s of Affiliate Marketing Disclosures: Clear Conspicuous Content. 

Clients often seek my counsel on issues related to Affiliate Marketing legal disclaimers and disclosures. For example, this might require guidance on the substance and placement of legal disclaimers for a consumer-oriented, product review and ratings website. This type of website needs to include at least two different, but related, disclosures. First, it must disclose that it is compensated when a user clicks on a link. Second, it must disclose certain material connections. 

Affiliate Disclosure Content

There are several factors to the affiliate commission disclosure. Appropriate disclosures have both the necessary content and the correct placement within a specified context.

What needs to be in your affiliate commission disclosure? 

The disclosure must make clear that you earn a commission if a user buys something after clicking on a link on your site.

Affiliate Disclosure Context

Where is the optimal location for the disclosure?

Although there is a general practice of putting disclosures on the bottom of the website pages, it can be somewhat obscured and less effective. A location at the bottom of the page, in the same font style, font color, size, and placement as the rest of the text on the bottom of the page, does not help it “stand out.”   

The key to proper affiliate link disclosures is making sure the disclosure is “clear and conspicuous.” This depends on both context (placement and proximity to the relevant content) as well as the content of the disclosure itself.  The general rule is that the closer the disclosure is placed next to the relevant message, the better.

Although not required, it is recommended to add the affiliate link disclosure on the home page, above the fold. While there is no explicit requirement, FTC disclosure cases and guidelines suggest that, in their view, this is required for adequate disclosures. 

What should I do now? Always seek experienced counsel. A seasoned lawyer will help you address other considerations including prominence, distractions, industry vertical (i.e. healthcare, financial services) requirements, and language. 

Ping® January 2022 – Reminder To Review Your Contracts

Review Your Contracts Every Year.

One of the most important tools to protect your business – your ideas (copyrights, trademarks, trade secrets, confidential and proprietary information), customer relationships and talent pool – is your written contract. Your contract is the foundation for a reliable relationship for you, your customers and your employees. More importantly, it helps to prevent misunderstandings and false expectations that can lead to a breakdown in your customer relationship, jeopardize projects, or even worse, result in litigation.    

Starting with a form is just OK.

Many companies start with a model or “form” contract adapted from forms available online or drafted when the business first started.  Oftentimes, I am presented with form contracts “downloaded from the Internet” or provided by a form-filling service that will do cheap and quick corporations or LLCs, without actually providing any legal services. Although these forms may be a good starting point, your business needs, it deserves, contracts tailored to the specific needs of the enterprise or relationships.

Franken-contracts can ruin your business.

As businesses develop over time, you may have revised your contracts, adding a little here, removing a little there. Maybe you read an article about an important case in your industry and decided to add some text from the contract discussed in the court’s legal opinion. In many cases, over time, the agreements become “Franken-contracts” an odd amalgamation of trade lingo, inconsistent terms and even contradictory conditions. At best these are ambiguous and confusing to read. At worst, they become unenforceable.

Review contract annually to avoid weak spots.

At some point, you should review, revise and generally “tighten” existing contracts. You should have your lawyer review them to make sure that there are no mistakes, ambiguities or omissions that could cost you or your customers. I urge clients to have their contract forms reviewed on an annual basis. Depending on changes in the law, changes in the industry or changes in your own business, this process should only take a few hours.

Contact us for a free, no-obligation consultation.

To learn more about how we can help your with your business and contracts, contact the Lawyers at the Adler Law Group at David @ adler – law . com (without spaces) or (866) 734-2568. Learn more abut us here:

http://www.adler-law.com

Ping® October 2021 Changes Coming to Non-Compete Agreements in Illinois

EMPLOYMENT (820 ILCS 90/) Illinois Freedom to Work Act.

Illinois passed a law that amends the Illinois Freedom to Work Act. Expands the scope of the Act to apply to all employees (rather than only low-wage employees). Prohibits all covenants not to compete.

Scope

The law goes into effect January 1, 2022 and amends the Freedom to Work Act (the Act), which restricts the use of non-compete agreements for low wage workers. For the first time, Illinois will have statutory requirements for mandatory review periods, definitions of adequate consideration and legitimate business interests, as well as specific salary minimums for employees subject to restrictive covenants. 

Application

The law will apply to non-compete and non-solicit covenants. The law does not apply to contracts covering confidential and proprietary information, protection of trade secrets, or inventions assignment agreements. The law also does not address covenants for independent contractors, and expressly carves out restrictions on a person purchasing or selling the goodwill  or an ownership interest in a business.

Mandatory Review

The law requires that an employer advise the employee in writing to consult with an attorney prior to entering into the covenant and provide the employee with at least 14 calendar days to review the agreement. 

Consideration

Contract lawyers know that to be enforceable a promise must be supported by consideration. Due to the unique nature of restrictive covenants, there is heightened scrutiny of what will constitute sufficient consideration for a restrictive covenant under the Illinois law. The leading Illinois case, 

Fifield v. Premier Dealer Services, Inc., 993 NE 2d 938 (Ill.App.1st 2013), an Illinois court decided that mere employment or continued employment for at-will employees, is not adequate consideration to support a restrictive covenant unless the employee remains employed with the employer for at least two years after signing the agreement. 

Illinois law will now expressly defines “adequate consideration” as either (1) the employee working for the employer for at least two years after signing the non-compete or non-solicitation covenant or (2) other sufficient consideration, such as “a period of employment plus additional professional or financial benefits or merely professional or financial benefits adequate by themselves.”

The law leaves open the definition of “additional professional or financial benefits.” Courts have found signing bonuses, equity grants, and other types of consideration sufficient under current case law. 

Going Forward

While there is time to plan for the effect of the new law, it’s not too soon to begin reviewing current existing “form” contracts and consider changes. One-size-fits-all contracts always need fine-tuning. Change sin the business operating environment require a closer look at non-compete and non-solicitation covenants. 

Ping® – Arts, Entertainment, Media and Advertising Law News – Protecting Furniture Design Keeps Getting Harder

Herman Miller, Inc. – a leading furniture brand and purveyor of the iconic Eames Chair Design – suffered a loss at US Trademark Trial and Appeal Board (TTAB) in its bid to protect as “trade dress” the design of the chair. The case involves a well-known chair design dating from the 1940’s, by designers Ray and Charles Eames. The chair ultimately was recognized by Time Magazine as the Best Design of the 20th Century, and now is in the design collections of numerous museums. Herman Miller sought registration of most of the chair’s configuration as a mark, depicted in more than one view, for “furniture, namely, chairs.”

The court weighed each of the Morton-Norwich factors, concluding that the proposed three-dimensional product configuration as a whole indicates that it is functional. The court found that patent evidence, the advertisements touting utilitarian advantages of the design, and the limited availability of alternative designs that would work equally well, proved functionality.

Key Take Aways:

  1. Beware of patent evidence in trade dress protection due to risk that distinctive design elements be treated as de jure functional. In general, examining attorneys no longer make this distinction in Office actions that refuse registration based on functionality. De facto functionality is not a ground for refusal. In re Ennco Display Sys. Inc., 56 USPQ2d 1279, 1282 (TTAB 2000); In re Parkway Mach. Corp., 52 USPQ2d 1628, 1631 n.4 (TTAB 1999).
  2. Ensure that advertising promotes the nonfunctional design elements, such “look for” advertising. Examples include evidence, including SEO data, that connected the applicant’s efforts to promote the applied-for mark as a trademark and consumers’ ability to conceive of the applied-for mark as such, and examples of unsolicited media coverage

Ping® – Arts, Entertainment, Media & Advertising Law News – “Five Rs” To Remember

“Five Rs” To Remember When Letting Employees Go

It is inevitable in almost every business. You will need to let an employee go. Whether it’s a seasoned designer coming with plug-and-play experience or a fresh face just out of design school, sometimes it just doesn’t work out. Recently, several of my designer clients have had to fire an employee due to the employee’s misconduct. This could be anything from soliciting and directing company clients and prospects, to doing personal consulting work on the company’s dime, to taking property and information. Regardless of the reason, here are five “R”s to keep in mind.

1. Review the contract.

2. Reconcile and pay.

3. Request return of property.

4. Reiterate respectfulness. 

5. Reserve rights.

With those ideas in mind, let’s consider each one. A little more.

1. Review the contract/offer letter. This is always the first step and will provide guidance on termination rights, procedures and remedies, if any.

2. Reconcile and pay what’s owed. See number 1. Ensure that except for payment of contractual and statutory amounts, no other salary, commissions, overtime, bonuses, vacation pay, sick pay, severance pay, additional severance pay or other payments or benefits whatsoever will be paid.

3. Request return of property and information, in whatever form. Request all property any and all property or documents the employee created or received in the course of employment, including, but not limited to e-mails, passwords, documents and other electronic information, hardware such as laptop computers and cellular telephones, calculators, smartphones and other electronic equipment (mobile phone, tablet, etc.), software, keys, company credit cards, calling cards, parking transponder, information technology equipment, client lists, files and other confidential and proprietary documents, in any media or format, including electronic files.

4. Reiterate a professional’s obligation to remain respectful. Specific admonition of non-disparagement such as “refrain from saying, making, writing or causing to be made or written, disparaging or harmful comments about us, our employees and/or our clients.”

5. Reserve rights. Close your termination notice by expressly reserving legal and equitable rights and remedies.

Please note that this is not legal advice and you should consult your own lawyer regarding your rights and obligations in the context of terminating your employee’s employment.

Social Media Advertising Tools And User Consent: What Are The Requirements?

Perhaps you’ve seen them, those television and radio ads that talk about the “creepy” nature of some adverting on the Internet that follows consumers across their social media. According to Pew Research, most Americans believe their online activities are being tracked and monitored. 

The fact is, most companies can and do share data with social media platforms to ensure targeted advertising reaches receptive audiences. As more tools become available and the variety of data sources grows globally, platforms and advertisers are re-examining their rights and obligations when it comes to something as simple as matching customers’ email addresses with their Facebook accounts. 

Facebook’s Customer List Custom Audiences (“Custom Audiences”) tool is one such tool that has the potential to expand an advertiser’s liability for unauthorized use of customer data. For EU customers, a German Data Protection Authority ruling requires a individual’s explicit consent to such sharing.

The Facebook Custom Audiences tool enables advertisers to create targeted advertisements to Facebook users by combining Facebook data with the advertiser’s data such as email addresses and phone numbers. To use marketing tool the advertiser must comply with the consent and privacy expectations of individuals who have provided email addresses.

Consent to Use Email Addresses

While the use and disclosure of email addresses is regulated in some countries, the U.S. does not have a uniform data privacy protection scheme. U.S. privacy rights are protected through a patchwork of laws addressed to specific types of harm, such as unauthorized access and disclosure of financial (Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681) or healthcare-related (Health Insurance Portability and Accountability Act of 1996 (HIPAA) 42 U.S.C. § 1320d–2) data. While the CAN SPAM Act (15. U.S.C. § 7701 et seq.) specifically regulates email, the Act excludes communications based on a previously existing relationship. 

Importantly, for most purposes, permission of the e-mail recipient is not required. However, messages MUST contain a mechanism to request to opt-out of future email messages. If email addresses are acquired from third-party sources, such as marketing databases or social media, ensure users are given reasonable notice and choice about the use of such data.

The Federal Trade Commission endorses a market-style model of ensuring the fair use of information that allows individuals to participate in decisions on the disclosure and use of their personal information. As articulated by the FTC, the elements of this approach are notice, choice, access, security and enforcement.

Contractual Requirements of Facebook Custom Audiences 

In order to use the Custom Audiences tool, the advertiser must agree to additional terms and conditions. Facebook’s Custom Audiences terms require that the advertiser have both “all necessary rights and permissions” as well as a lawful basis to disclose and use the email addresses “in compliance with all applicable laws, regulations, and industry guidelines.” 

Recommendations

Review your Privacy Policy, Website Terms & Conditions, and membership/subscription applications to confirm the existence of a clear mechanism to opt-out of future email messages. If email addresses are acquired from third-party sources, such as marketing databases or social media, review data gathering practices, review scope of permissions granted to the sources of data and ensure users are given reasonable notice and choice about the use of such data.

What Is Cyberlaw?

On November 13, I had the honor of providing a lecture on Cyberlaw to students at the Boston College Law School. Virtually, of course. I had been asked to talk about trends in Cyberlaw with a specific focus on issues related to intellectual property.

So what is Cyberlaw? Simply put, it is the “Rules of the Road” for the “information superhighway.” Cyber law is the law that governs rights, obligations and remedies of people and transactions conducted over global computer networks.

In a year that has seen hyperbolic growth in technology, commerce, and communications, this topic couldn’t be more timely. In order to frame the discussion, the scope featured a discussion of the Three Cs of Cyberlaw: Connections, Content and Commerce.

The first part of the discussion centered around Content, or issues related to Copyright, such as Free Speech/First Amendment CDA Sec. 230, Creative Works, Media and Entertainment, UGC and the DMCA.

The Second part of the discussion centered around Commerce or issues related to Trademarks, marketing and branding, such as: Marketing/Advertising, Domain NamesCyberpiracy prevention, Keyword Advertising and Social Advertising.

The third and final part of the discussion focused on Connections and Communications and issues related to Personal Data, Stalking, Harassment, Surveillance and Sovereignty, issues around Social Media Freedom of Speech v. Freedom of Reach, and the latest developments around Political speech online.

The lecture closed with a Q&A focused primarily on Navigating Law School and Professional Practice.

Is It Necessary To Register A Design Copyright?

A client was asking “is it necessary to fill out all the paperwork to register a design even though the law says you already own it?”

It’s a good question. Technically, under the Copyright Act as amended in 1976, the author (creator) of a work owns the copyright. The 1976 Act states that copyright protection extends to original works that are fixed in a tangible medium of expression. This wording broadens the scope of federal statutory copyright protection from the previous “publication” standard to a “fixation” standard. No further action is necessary. Under previous versions of the law, there were publication requirements to perfect ownership.

Under section 102 of the Act, copyright protection extends to “original works of authorship fixed in any tangible medium of expression, now known or later developed, from which they can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or device.”

Until the ’76 statutory revision to U.S. copyright law the Copyright Act of 1909 governed, under which federal copyright protection attached only when those works were 1) published and 2) had a notice of copyright affixed. In addition, state copyright law governed protection for unpublished works creating inconsistencies.

Despite the successful streamlining and efficiency of rights creation and enforcement, some challenges and inconsistencies remained. Most noticeably, there had been spit in the federal courts. Some courts required the certificate to litigate, some courts only required proof that an application had been filed.

Last year, the US Supreme Court ruled that in order for a copyright owner to enforce its rights against infringers, the copyright owner must have a registration certificate for the works that are being infringed.

In Fourth Estate Public Benefit Corp. v. Wall-Street.com, LLC, 586 U.S. ___ (2019) (PDF here) decided March 4, 2019, the US Supreme Court resolved this split among courts around the country by holding that the mere filing of a copyright application is not sufficient to allow a copyright owner to file suit – actual approval of a copyright application by the United States Copyright Office is required before suit can be filed. Approval comes only in the form of a Registration Certificate.

Returning to the client’s question, while it is true that the Copyright Act says  one owns the copyright in a work when it is fixed, it is no longer true that one can ignore the registration requirements. Yes, one does not have to do anything formal to own a copyright in a work one creates. However, one cannot enforce those rights without the registration certificate in hand. For all practical purposes, there is no reason not to register the copyright in any design, pattern or other distinctive element you create. The fees are relatively low ($65.00) and completing/filing the form can be done electronically.

A word to the wise, like all areas of Intellectual Property, there are nuances that are easily overlooked by the uninitiated. You should always consult with an experienced copyright lawyer when evaluating any individual situation.

Does My Business Need A “Button” To Comply With The CCPA’s Do Not Sell Rule?

The California Consumer Privacy Act (“CCPA”) was enacted in early 2018 and went into effect in 2020. Among many concerns about the ability of small businesses to comply with obligations imposed by the CCPA is the requirement that a company allow Californians to access the information held about them, or, in some situations, request that the information that they provided to a company be deleted.  Your clients may be asking you about the CCPA.  While each business should evaluate the law in terms of its own specific situation, here are some general guidelines to start the process.

Does the CCPA Apply to My Business?

If your business satisfies one or more of the following, then the CCPA applies:

(i) annual gross revenue in excess of $25 million?

(ii) buys, receives, sells, or shares the personal information of 50,000 or more consumers, households, or devices, (a) for commercial purposes (assume always true), (b) alone or in combination (assume always true), (c) annually, and

(iii) derives fifty percent (50%) or more of its annual revenues from selling consumers’ personal information.

Even if the business does not collect personal information, as long as is collected on behalf of a business (such as through a third party), the business could be covered by the CCPA, assuming the other requirements are satisfied.

What is the Do Not Sell Rule?

The Do Not Sell rule is a key part of the regulation. It states that businesses must give consumers the option to opt-out of the sale of their personal data.

Specifically, the regulation says that businesses must:

  • Have a page on their website titled “Do Not Sell My Personal Information.” On this page, consumers based in California can opt-out of the sale of their personal data.
  • The business must clearly link to the “Do Not Sell My Personal Information” webpage from the homepage.
  • The website must describe the consumer’s rights to opt-out of the sale of personal data and provide a link to the “Do Not Sell My Personal Information” page in its privacy policy.
  • Once a user requests that a business not sell their personal information, the business must respect this decision for a minimum of 12 months.
  • Finally, websites should have a way to prove that they are respecting these customer requests.

Businesses and website owners need to put processes in place that will help them adhere to the above guidelines.

For more information about the impact of the CCPA on your business, please contact the lawyers at Adler Law Group to schedule a consultation.

Privacy Law – How Do You Verify the Identity of a Data Requestor?

The California Consumer Privacy Act (“CCPA”) was enacted in early 2018 and will go into effect in 2020. Among many concerns about the ability of small businesses to comply with obligations imposed by the CCPA is the requirement that a company allow Californians to access the information held about them, or, in some situations, request that the information that they provided to a company be deleted.  Whether or not your practice involves regular questions of Privacy Law, your clients may be asking you about the CCPA.  By keeping data minimization objectives in mind and not over-thinking compliance obligations, verifying the identity of a data requestor may be straight-forward.

 

The ability to control how one’s data is used is a cornerstone of the CCPA. However, this puts a burden on a business to ensure that only a “verified” consumer accesses the requested data and avoid fraudulent requests. To access or delete information, a consumer must submit a “verifiable consumer request.” While the term implies that a business must take steps to “verify” the individual making the request, the CCPA does not specify what steps it considers to be sufficient (or that it considers to be inadequate) to accomplish the verification.

 

With little to go on, a business might be tempted to act over-cautiously and require more information than is actually necessary to verify identity.   With data minimization principles in mind, it is important to recognize privacy risks to avoid.  Don’t over-reach; avoid obtaining more sensitive or potentially harmful information than is necessary to complete the request.  Also, avoid asking for sensitive documents such as a passport.

 

A good rule of thumb is try to use the same method that was used to gather the data in first place. For example, your client operates a consumer website featuring information and users are required to provide a username and password to register with the site. Ask the requestor to provide a username and password to verify. If two-factor authentication was used, then challenge that requestor using the same method. Don’t ask for a driver’s license.

 

If a client is asking for additional resources on how to implement policies and procedures, it is useful to look to industry-standard references, such as  NIST. A good (but technical) explanation Guidelines on verifying identity.  If this is too technical, a client should work with a consultant who can explain the framework. One valuable upside is that if a business is required to respond to a regulator or litigant, the business can point to use of the industry standard as reasonable basis for compliance efforts.

 

Are you tasked with advising a client how to craft a CCPA policy or procedure? There is no requirement that companies create a written policy for processing requests. If a company chooses to create an internal policy or procedure for handling data access and deletion requests, the following four topics are relevant:

 

  1. Data subject verification. Before taking any action, a company should verify that the individual that submitted the request is the individual to whom the data belongs. Verifying identity depends upon the type of data maintained. Remember, if the requestor signed up with a username and password, use this to verify.

 

  1. Communications. A business must respond to a requestor, even if the request is a denial. To streamline a timely response, a company may choose to create template communications and procedures.

 

  1. Evaluating the request. The right to be forgotten is not an absolute right. Some companies choose to include a discussion of when the right does, and does not, have to be granted within their internal policy or procedure. If refused: Reply with a reason and provide options: regulator, court?

 

  1. Completing a Request. Upon verification of the identity of a requestor and a determination that a deletion request should be granted, a business can include instructions for technical steps that should be taken in order to erase an requestor’s information.

 

For clients implementing processes and procedures to respond to individuals who invoke their rights under the CCPA, meeting the requirement to verify the requestor’s identity (and reduce the risk of complying with a fraudulent request) can present a risk. However, with data minimization objectives in mind, using verification methods that make sense in the context of the requestor’s data, may reduce some of the burden of verifying the identity of a data requestor.

 

FOR EDUCATIONAL PURPOSES ONLY. NOT LEGAL ADVICE.