Eric J. Anderson Joins InfoLawGroup LLP As Partner

InfoLawGroup is pleased to announce that Eric J. Anderson has joined the firm as a Partner. Prior to joining InfoLawGroup, Mr. Anderson served for several years as head marketing and advertising counsel for Sears Holdings Corporation.

Eric has extensive experience advising on marketing, advertising, digital, mobile and e-commerce initiatives. Eric also regularly negotiates a wide variety of contracts affecting those initiatives, including agency and vendor agreements, sponsorship and celebrity spokesperson agreements, master services agreements, influencer agreements and the underlying tech agreements. From claim substantiation to privacy to navigating the compliance maze for multi-platform digital campaigns, Eric’s practice is expansive and fits right into what InfoLawGroup is called upon to address for its clients on a daily basis.

Eric is located in the firm’s Chicago office. He looks forward to continuing to speak and conduct training sessions on various topics affecting advertising and promotions, including loyalty programs, coupons, rebates, sports and entertainment sponsorships, branded entertainment and pricing and sale frequency issues.


InfoLawGroup Launches CPO on Demand™ Service

InfoLawGroup announces the launch of CPO on Demand™, a service through which we serve as outside Chief Privacy Officers, Privacy Counsel, and DPOs as required under EU regulation. CPO on Demand™ brings the depth and breadth of our privacy and security focused attorneys to support your business’s legal, compliance, and privacy teams. Please click here for more information or contact Justine Young Gottshall or anyone on the InfoLawGroup team to discuss how we can help bring privacy and security compliance to your organization.



FTC and NJ AG Reach $2.2 Million Settlement to Resolve Vizio Video Privacy Matter

On Monday, February 6, 2017, the Federal Trade Commission (“FTC”) and New Jersey Attorney General (“NJAG”) announced a settlement agreement to resolve their joint enforcement action against Vizio. The regulators claimed that Vizio collected detailed information about the content consumers watched (including identifying the content and advertisements viewed through broadcast and cable networks, DVDs, and over-the-top streaming devices), enhanced the viewing information with device identifiers (e.g., IP addresses and MAC addresses) and demographic data (including gender, age, income, household size, and marital status), and disclosed this information to third parties for their own uses, including targeted advertising.

Continue Reading

NJ TCCWNA Claim Thwarted by CA Choice-of-Law Provision

As we have previously written about, 2016 saw a wave of litigation brought under New Jersey’s Truth-in-Consumer Contracting, Warranty, and Notice Act (“TCCWNA”) regarding website Terms of Use.  While service providers await the outcome of many of these cases and direction from New Jersey courts on how the TCCWNA generally applies to online contracts, one California court recently offered some helpful guidance.

In January, a California federal court dismissed a TCCWNA claim against Facebook upon finding that the California choice-of-law provision in Facebook’s Terms of Service was enforceable.  Palomino v. Facebook, Inc., No. 16-cv-04230, 2017 WL 76901 (N.D. Cal. Jan. 9, 2017). The plaintiffs – Facebook users representing a purported class – claimed that Facebook’s Terms violated the TCCWNA by, among other things, disclaiming liability for negligence and misconduct, barring recovery of certain types of damages, and indicating that some limitations on liability may not apply in all jurisdictions without specifying whether they apply to New Jersey residents.  (Because the Palomino court found Facebook’s choice-of-law provision enforceable, it did not have to reach the issue of whether provisions like this actually violate the TCCWNA – a question that remains open in other pending cases.)

California uses a two-factor test for evaluating the enforceability of a choice-of-law provision.  “The Court must first determine (1) whether the chosen state has a substantial relationship to the parties or their transaction, or (2) whether there is any other reasonable basis for the parties’ choice of law.”  If either factor is satisfied, the court will enforce the choice-of-law provision unless the party asserting that another state’s law should apply “can establish both that the chosen law is contrary to a fundamental policy of the alternate state and that the alternate state has a materially greater interest in the determination of the particular issue.”

Facebook being headquartered in California, it easily satisfied the first criterion.  The burden then shifted to the plaintiffs to “show that application of California law would violate fundamental New Jersey policy.” The Court, relying on California’s own expansive consumer protection laws, held that the plaintiffs failed to make such a showing. The Court found that California law was not contrary to fundamental New Jersey policy because “the TCCWNA and California consumer protection law aim to accomplish the same end,” notwithstanding that application of the TCCWNA may have “afford[ed] different rights and remedies.”

While this is undoubtedly good news for website operators that are based outside of New Jersey and that include a non-NJ choice-of-law provision in their terms, we caution against too broad a reading at this stage.  The Palomino court clearly relied on California’s status as the gold standard in consumer protection laws, specifically referencing its false advertising and deceptive practices laws, as well as its Consumer Legal Remedies Act.   It is not clear whether a court asked to apply a choice-of-law provision from another state would necessarily reach the same conclusion as in Palomino.

FTC Lawsuit Against D-Link Highlights the Importance of Routine Review of Public Statements and Security Protocols

The Federal Trade Commission (“FTC“) announced today that it has filed a lawsuit against D-Link alleging that it made deceptive claims about its products’ security and engaged in unfair practices that placed consumers’ privacy at risk.  The Complaint For Permanent Injunction and Other Equitable Relief was filed in the United States District Court Northern District of California San Francisco Division, naming the Taiwanese D-Link Corporation and its California subsidiary D-Link Systems, Inc. as defendants.  The FTC claims that D-Link failed “to take reasonable steps to secure the routers and Internet-protocol cameras they designed for, marketed, and sold to United States consumers.”  In response to the charges, D-Link posted on its website a “FTC Complaint Q&As” in which it summarizes “D-Link Systems, Inc. is aware of the complaint filed by the Federal Trade Commission on January 5, 2017. D-Link Systems denies the unwarranted allegations outlined in the FTC complaint and will vigorously defend the action.” Continue Reading

Re-file Your DMCA Agent Designation Starting Dec. 1st

The Copyright Office recently introduced changes to the process by which online service providers can designate an agent under the Digital Millennium Copyright Act (“DMCA”).  To qualify for DMCA safe-harbor protections, service providers are required to maintain with the Copyright Office contact information for an agent designated to receive takedown notices. The changes, which go into effect on December 1, 2016, are part of the long-awaited transition to an electronic system for submitting these “Designation of Agent” filings.

Below is a quick look at some of the more significant changes.  (A complete discussion of all changes is set out in the Copyright Office’s “Designation of Agent To Receive Notification of Claimed Infringement” Final Rule, available here.)

(a) Existing Designation of Agent Filings Must be Re-filed by 12/31/17. For online service providers (e.g., website and app operators) who currently have a Designation of Agent on file, the most notable change is the need to refile.  Under the existing system, a Designation of Agent would remain valid in perpetuity, until replaced or affirmatively withdrawn. As part of the transition to an electronic system, all online service providers that previously filed a Designation of Agent with the Copyright Office will need to refile electronically between December 1, 2016, and December 31, 2017. (Existing paper filings will remain valid until either replaced electronically or January 1, 2018, whichever comes first.)

(b) Filings Must Be Renewed Every Three Years. The Copyright Office will now require that a service provider refile its Designation at least once every three years.  Service providers will need to heed these renewal deadlines or risk losing their safe-harbor protection. (The Copyright Office has indicated that the new electronic system will be set up to send reminder emails as the renewal deadline approaches.)

Continue Reading

Partner Jamie Rubin To Speak At The 2016 ANA/BAA Marketing Law Conference in Chicago (Nov. 9-11, 2016)

InfoLawGroup Partner Jamie Rubin to Speak at the 2016 ANA/BAA Marketing Law Conference titled Face Off: Dynamic Technologies vs. Regulatory Controls.  The conference is in Chicago from November 9-11, 2016.  Jamie will speak on Friday, November 11th on the legal issues associated with consumer reviews, including incentivized reviews, how consumer reviews can and cannot be used as substantiation for advertising claims and how platforms can allow consumer reviews on their sites while limiting liability.




Enforcing Canadian Anti-Spam Law

The Canadian Anti-Spam Legislation (CASL) has aroused concern among marketers on both sides of the border since it started coming into force in July 2014 (some provisions, such as a private right of action, do not take effect until next year). It has stricter consent requirements than the US CAN-SPAM Act, as well as rules about installing software onto users’ devices. This week, the Canadian Radio-television and Telecommunications Commission (CRTC) issued its first published Compliance and Enforcement Decision under CASL, Blackstone Learning Corp., CRTC 2016-428 (October 26, 2016), offering insights into the Commission’s reasoning and enforcement policies. Continue Reading

New FTC Data Breach Response: A Guide for Business

This week, the Federal Trade Commission (“FTC”) announced on its Business Blog the release of Data Breach Response: A Guide for Business (“Guide”).  The Guide’s release seems to be part of the FTC’s push to position itself as the main federal regulator of data security practices and is available for free on the FTC’s website.  The Guide outlines the steps to take and those that should be contacted when there is a data breach; and includes advise on securing systems, how to handle service providers, and network segmentation.  In addition, it has tips on notifying law enforcement, affected businesses and individuals.  The Guide even has a model data breach letter to notify people whose Social Security numbers have been stolen. The FTC smartly drafted the Guide so that those who are not security and data privacy professionals can understand. Continue Reading

Developing a Privacy Compliance Program: An Updated Roadmap

Developing a privacy compliance program is an essential, if often daunting, compliance step for organizations of all sizes, and across all industries.  InfoLawGroup partner Justine Young Gottshall and her co-author recently updated their an in-depth practice note on this topic.  The updated version is published by Practical Law and available here.