Remember: It is Time to Update Your DMCA Filing.

As previously reported, last year the Copyright Office introduced a new electronic process through which online service providers must file their designation of agent pursuant to the Digital Millennium Copyright Act (“DMCA). Under the old, paper-based filing system, designations remained valid indefinitely unless replaced or affirmatively withdrawn.  However, as part of the transition into the new electronic system, service providers who previously filed a paper DMCA agent designation are required to re-file no later than December 31, 2017, in order to maintain their eligibility for safe-harbor protections.  After December 31st, all previously filed paper designations will be invalidated. (Note also that, under the new system, filings will need to be renewed every three years. Please see our previous post for more details on the changes made by the Copyright Office as part of last year’s update.)

If your company has not already filed a new DMCA designation through the electronic system, the time to do so is right now.  (If your company is an online service provider that hosts user-generated content and has not previously filed a DMCA agent designation, paper or otherwise, it is always a good time to come into compliance with the DMCA’s safe-harbor requirements.) You can find out more about the new filing system by visiting the Copyright Office’s website or contacting the attorneys of InfoLawGroup.


Willful or Knowing Violation of the TCPA: Treble Damages and What Businesses Should Know

A U.S. District Court signaled that deterrence was a significant factor in awarding treble damages in a Telephone Consumer Protection Act (“TCPA“) lawsuit. The United States District Court for the Middle District of North Carolina Judge Catherine C. Eagles (the “Court“) denied to reduce or set aside a $61 million judgment against Dish Network LLC (“Dish“) for violating the TCPA.[1] Businesses should pay attention to this case because TCPA lawsuits are attractive to class action plaintiffs’ counsel due to the statutory damages, $500 per violation (that is per call/text) or up to triple the amount for “willful or knowing” violations – which could mean a whopping $1,500 per violation. The TCPA statute leaves it up to the court to decide what is a knowing or willful, so any time a court finds a knowing or willful violation it could make it easier for other plaintiffs to get large awards. Continue Reading

Getting to the Root of the Problem

We all know that food and beverage companies cannot expressly lie to consumers about the ingredients in their products. But what about implying that a certain ingredient is included in the product; one that is known to have some health benefits? In a recent class action lawsuit alleging that Dr. Pepper Snapple Group Inc. falsely advertised that Canada Dry ginger ale contains actual ginger root, the United States District Court for the Northern District of California permitted the lawsuit to proceed by denying Dr. Pepper’s motion to dismiss.

In Jackie Fitzhenry-Russell et al,[1], plaintiffs claimed that they were the victims of fraud by relying upon the phrase “Made From Real Ginger” on cans of Canada Dry, in addition to its advertising making similar statements and visual implications. Whether Canada Dry actually contains ginger root is important because, according to plaintiffs, a reason they bought and drank Canada Dry was the well-known health benefits of consuming ginger root.

Continue Reading

FTC Sets Out How Kids’ Apps Can Use Voice-Based Features under COPPA

The Federal Trade Commission (FTC) has indicated that operators of child-directed online services may permissibly offer voice search and similar features without first obtaining parental consent under the Children’s Online Privacy Protection Act (COPPA), provided that certain requirements are satisfied. In an “Enforcement Policy Statement” on COPPA released today, the FTC clarified that – while there is no pertinent exception to the requirements of its COPPA Rule – it would not bring an enforcement against an operator based on collection of an audio recording that captures a child’s voice where:

  • the recording is collected “solely as a replacement for written words” (e.g., voice search or verbal instructions);
  • the recording is maintained only long enough to complete that purpose and then is immediately deleted;
  • in its COPPA-mandated children’s privacy policy, the operator provides clear notice of its collection and use of voice recordings and its deletion policy;
  • the operator does not use the voice recording for any other purpose prior to deletion (e.g., user identification through voice recognition); and
  • the operator does not use voice features to request information that would itself be considered “personal information” under COPPA (e.g., no names, email address, etc.).

This is obviously helpful news, particularly for those who operate child-directed services on platforms where voice search is becoming de rigueur. However, those considering relying on this policy statement should be careful to ensure that they not only comply with the FTC’s requirements at the outset, but that they have in place monitoring procedures to confirm continued compliance going forward.

The Long Reach of the GDPR

The Long Reach of the GDPR

This is a wake-up call for those who think the new EU General Data Protection Regulation (GDPR), which will be enforced starting in May 2018, is not a serious compliance issue outside Europe.  Here’s why you should care:

  • Your European partners, affiliates, or customers will have to ensure that you respect the stricter requirements of the GDPR in handling any personal data they share with you.
  • The GDPR expands the territorial scope of Europe’s privacy laws: it applies directly to processing in support of activities in Europe, as well as to the offering of goods or services to European residents and “monitoring” their behavior, even from outside the EU.
  • The GDPR imposes new obligations and potential liabilities for processors as well as controllers. You need to be aware of those responsibilities even if you feel confident that you will always be characterized as a “mere processor” following the instructions of a European controller.

Continue Reading

InfoLawGroup Partner Justine Young Gottshall to speak at the IAPP Privacy Security Risk Conference

 Join InfoLawGroup Partner Justine Young Gottshall at the IAPP Privacy Security Risk Conference 2017 in San Diego, CA.   Justine will be speaking on Tuesday, October 17, 2017 during the session titled Let’s Build It: Practical Advice For Building Your Privacy Program, which will provide insight into creating, maintaining and updating an internal privacy compliance program.



InfoLawGroup Partner Jamie Rubin to speak on “Ad Impression Measurement” at the 2017 BAA/ANA Marketing Law Conference in Chicago

Join Jamie Rubin for the 2017 ANA/BAA Marketing Law Conference, November 13-15, 2017 at the Marriott Chicago Downtown Mag Mile.  Mr. Rubin will moderate a panel titled Metrics & Monitoring Efficiencies and the Performance of Social/Digital Media Advertising.  Hear about how the Media Rating Council (MRC) measures and audits online ads, the 3MS initiative started by the IAB, ANA and 4A’s and other business and legal issues effecting the ad measurement space, including measuring outcomes (sales increase) vs. metrics (ad on screen for X seconds), filtering for bots, spiders and fraud, platform measurement tools vs. third party measurement services and associated privacy concerns.


5 Best Practices for IoT Privacy Compliance

InfoLawGroup partner Justine Young Gottshall on IoT Privacy Compliance Best Practices in the September issue of Risk Management Magazine: 5 Best Practices for IoT Privacy Compliance.

According to a January 2017 forecast from Gartner, 8.4 billion internet of things items will be in use worldwide this year—a 31% increase from 2016—to the tune of almost $2 trillion in annual spending on devices and services. As companies create these interactive items, most of which can track consumers, the Federal Trade Commission (FTC)—the government agency with primary responsibility for protecting the privacy and security of consumer data—is watching.

In a recent report, the FTC cited “enabling unauthorized access and misuse of personal information” as its top area of concern regarding the internet of things. Not long before the FTC issued its June 2017 IoT analysis, consumer electronics company Vizio found out first-hand about the commission’s regulatory priorities. In February, Vizio settled a complaint by the FTC and New Jersey attorney general’s office claiming it had installed software on about 11 million smart TVs and used it to secretly track customers’ detailed viewing habits from 2014 to 2016. The complaint alleges that Vizio then linked that data with specific household demographics and sold the information to third-party marketers—all without customers’ consent. Vizio ultimately had to destroy all the data collected during that time and pay $2.2 million to settle the suit.

Continue Reading

REMINDER: Join Us Tomorrow In Chicago For “Cocktails and Learn!”

REMINDER:  Our “Cocktails and Learn!” Event is on Wednesday, September 27, 2017 from 5:30-7:30 PM in Chicago. Tyler Hattery, Creative Strategist at Facebook, has an exciting presentation for us on social media feeds and the speed at which people digest them.   PLEASE JOIN US!

The event is on the 2nd Floor of the Hyatt Place Chicago/Downtown the Loop (28 N. Franklin Street, Chicago) in the Madison/Franklin conference room.  Beverages and light-fare food will be served.



InfoLawGroup Partner Justine Young Gottshall to speak at the 2017 Privacy + Security Forum in Washington, D.C.

Join Justine Young Gottshall for the 2017 Privacy + Security Forum, October 4-6, 2017 at the George Washington University Marvin Center.   Ms. Gottshall will speak on What’s New In Online Advertising? IoT, Addressable TVs and Beyond. The discussion will cover the recent developments in targeting, advertising and profiling.