Category: Communication Media & Internet

Privacy Tip #219 – FBI Considers FaceApp a Counterintelligence Threat

For those of you who have downloaded the face editing app FaceApp, please note that the Federal Bureau of Investigation (FBI) has classified FaceApp as a counterintelligence threat because of its Russian origins.

According to the FBI, “[T]he FBI considers any mobile application or similar product developed in Russia, such as FaceApp, to be a potential counterintelligence threat, based on the data the product collects, its privacy and terms of use policies, and the legal mechanisms available to the Government of Russia that permit access to data within Russia’s borders.”

When the FBI considers an app a security threat to the U.S., we all should. Downloading apps, in general, is risky, but downloading apps based in foreign countries that are trying to obtain information about U.S. citizens – and in fact are obtaining information from unwitting U.S. citizens – is potentially putting us in danger.

Now is the time to perform app hygiene. Check the apps on your phone to determine whether you are using them or not. If you aren’t using them, delete them. There is no reason to continue to allow them to collect your information if you are not using them and getting a benefit from them. If you are using them and can’t live without them, do some due diligence to determine the background of the app, read the Privacy Policy and Terms of Use to know what they are collecting and using about you, and delete the app if your gut tells you something’s not right. If you have downloaded FaceApp, that would be the first one to delete.

Copyright © 2019 Robinson & Cole LLP. All rights reserved.

The Rise Of Digital Services Taxes

Governments are coming after online businesses. Multinational clients that provide online advertising services, sell consumer data, or run online intermediary platforms should prepare themselves for the imminent arrival of digital services taxes (DSTs) on revenues from digital activities.

IN DEPTH

Having failed to reach an EU-wide unanimous consensus on an earlier EU Commission proposal for a DST Directive, certain EU countries, including Austria, the Czech Republic, France, Italy, Spain and the United Kingdom, decided to go it alone and introduce DSTs unilaterally into their own national tax systems. These decisions were driven primarily by a perception that larger multinationals, many of which have highly digitalised operations, are not paying their “fair share” of taxes globally. In addition, a growing consensus has emerged in recent months that “market jurisdictions” should have the right to tax, because those markets—namely, the countries where the users and consumers are based—ultimately create value for online businesses.

The Organisation for Economic Co-operation and Development (OECD) takes a neutral view on the use of DSTs by its members, in that it neither recommends nor discourages them. Member countries that do decide to adopt a DST should

  • Comply with international obligations
  • Ensure the DST is temporary and narrowly targeted
  • Minimise over-taxation, cost, complexity, and compliance burdens
  • Ensure the DST has a minimal adverse impact on small businesses.

The French DST is already in force. The Italian DST is in draft form, with the government intending for it to enter into force in January 2020, while other DST regimes, including that of the United Kingdom, are expected to come into force some time during 2020. None of these national rules seem to have complied with the OECD guidelines, and there are several practical challenges for businesses that are common across all three regimes.

Identifying Taxable Revenues and Services 

In France, each company belonging to a group that derives gross revenues from digital services exceeding €750 million on a worldwide basis, and €25 million in France, is subject to French DST at a rate of 3 per cent. French DST is assessed at the company level only, based on gross revenues derived from digital services deemed to be provided in France during the previous calendar year. This is calculated as the gross revenues derived from taxable digital services, multiplied by the proportion of French users over the total number of users of the taxable digital services.

As it currently stands, the Italian DST would apply to Italian resident and non-resident companies that, at the individual or group level, earned during a calendar year a total amount of worldwide revenues of over €750 million, and an amount of revenues derived from digital services provided in Italy of over €5.5 million.

Only groups with annual worldwide revenues above £500 million and UK revenues above £25 million would be affected by the UK DST, with the first £25 million of UK revenues being exempt. The UK DST would be calculated on a group-wide basis and apportioned pro rata to each group member. Groups with low operating margins may opt for a “safe harbour” alternative DST calculation, based on the group’s operating margin.

Identifying Taxable Services

The taxable services that fall within the scope of the French, Italian, and UK DSTs are broadly similar and include

  • The provision of a social media platform
  • Search engines
  • Any online marketplace
  • Online advertising business, including those that use or sell individual users’ data

It is noteworthy that digital platforms for the provision of payment services, communication services, crowdfunding services, or digital content, as well as self-operated digital platforms for the direct sale of goods and services, are specifically beyond the scope of the French and UK DST.

The issues that arise are also broadly similar. There are likely to be conflicts regarding dual-purpose platforms, i.e., those that include both taxable and exempt digital services. The fact that the lists are not exhaustive and that the DSTs will apply to all revenues received in connection with a relevant DST activity means that affected businesses will need to analyse the nature of the revenue streams and the activities from which they are generated, and each case will turn on its own facts.  This will entail a substantial administrative burden for affected businesses, as well as a lack of certainty over potential DST filing obligations.

Identifying Users 

Both France and Italy consider the location of users to be based on the location of the electronic device when the user accesses the digital services. The United Kingdom intends to determine that someone is a UK user if, it is reasonable to assume, they are normally located or established in the United Kingdom.

France and Italy will use IP addresses, wi-fi connections, GPS data, etc., plus reference to that user’s personal data and place of residence; while the UK plans to extrapolate user location from data such as delivery addresses, payment details, IP addresses, contractual evidence, or the address of properties for rent or location of goods for sale.

There are many problems with these approaches. At the most basic level, different data sources can provide conflicting evidence of a user’s location, and IP addresses can be easily manipulated. Businesses will, therefore, need to come to a reasonable, evidence-based conclusion on the likelihood of that user’s location, further adding to their administrative burden and broadening the scope to make a mistake. The use of personal data and place of residence are also likely to trigger data protection issues under the EU General Data Protection Regulations.

Potential Double Taxation and Reimbursements

There is a risk of double taxation if another jurisdiction imposes a DST on the same revenues, for example as a result of inconsistencies between one set of national rules and those of another jurisdiction regarding user location or taxing rights. DST is however generally deductible for corporate income tax purposes.

France’s President Macron stated at the 2019 G7 that any excess of French DST over the new international DST being brokered by the OECD would be refunded. He did not, unfortunately, give much detail as to how and under what limitations this refund will take place.

The Italian draft DST provisions do not include any specific rule on this aspect and, although they seem to propose a sunset clause according to which the Italian DST is automatically repealed when the new OECD-agreed corporate income tax enters into force, there does not appear to be scope for a retroactive reimbursement of the difference (if any) between the Italian DST and such future corporate income tax.

The draft UK DST rules disregard 50 per cent of UK revenues from cross-border transactions between a buyer and a seller through an online marketplace where the non-UK party is in another DST jurisdiction. But this does not fully resolve the issue of potential double taxation if the other jurisdiction imposes a DST on the same revenues, for example due to inconsistencies between the UK national rules and those of the other DST jurisdiction regarding user location and/ or taxing rights.

The UK DST will also not be creditable against either corporation tax, income tax under the Offshore Receipts in respect of Intangible Property regime, or diverted profits tax; although it should generally be deductible for corporation tax purposes as a trading expense. Unlike France or Italy, neither the draft legislation nor HMRC guidance mentions the possibility of a retroactive reimbursement of the UK DST once the OECD’s long-term solution for a revised corporate income tax has been agreed and implemented by member countries.

The US Response

The US administration takes a hostile view of DST proposals generally, as evidenced by a recent investigation into whether the French DST discriminates against US businesses. This could lead to retaliatory US tariffs being imposed on imports from France and punitive US tax charges on French companies doing business in the United States.

Other DSTs, including those of the United Kingdom and Italy, can probably expect similar responses from the United States. UK Prime Minister Boris Johnson has indicated his support in principle for a UK DST or a similarly targeted tax. He has also indicated that the structure of this tax would be on the table in any trade negotiations with the United States, and the future of the current draft Finance Bill hinges on the result of the UK general election in December, so there is currently very little certainty as to whether UK DST will take effect at all.

For now, the best course of action for affected businesses is to assume that all DSTs will take effect as planned and prepare accordingly, notwithstanding any current legislative or political uncertainty.

© 2019 McDermott Will & Emery

More on digital taxation on the National Law Review Tax law page.

DOJ Seeking to End Movie Studio and Theater Antitrust Decrees amidst Streaming Competition – A New Opportunity in Theatrical Distribution?

For the film and media distribution industries, this year has been action-packed.  Production budgets are skyrocketing and new digital services have been announced or are launching with each passing month. The streaming wars are upon us. Moreover, the FCC recently voted to treat streaming services as “effective competition” to traditional cable providers (or MVPDs), thereby triggering basic cable rate de-regulation in parts of Hawaii and Massachusetts.

The distribution landscape took yet another unexpected legal twist this week. On November 18, Assistant Attorney General Makan Delrahim announced that the Antitrust Division of the Department of Justice would ask a federal court to terminate the “Paramount Consent Decrees” (the “Decrees”), which have prohibited movie studios from engaging in certain distribution practices with movie theaters since the 1940s. The DOJ filed a motion to terminate the Decrees in federal court in the Southern District of New York on November 22, 2019.  Notably, the DOJ cites streaming services and new technology as a few of the many reasons that the Decrees may no longer be necessary in what the DOJ official sees as today’s highly competitive, consumer-driven content market. Given the volatility of the content licensing space, film licensors and licensees will have to carefully consider how the DOJ’s actions will affect their content rights and options going forward.

By way of background, the Decrees emerged out of the landmark 1948 Supreme Court antitrust case, United States v. Paramount Pictures, Inc. Prior to the case, top Hollywood studios frequently owned movie theaters (thus, owning both the means of production and distribution). This vertical integration led to lower distribution costs for the studios and gave them pricing power and the ability to discriminate about which theaters distributed their films. Not surprisingly, smaller, independent theaters struggled to survive.  The problem was exacerbated by studios engaging in practices such as “block-booking” (requiring theaters to distribute all or none of the studio’s slate of films) and overbroad “clearances” (restrictions on the time which must elapse between particular runs of a film), as well as alleged horizontal conspiracies between the studios and theaters on matters like minimum ticket pricing. As part of the Decrees, the defendant studios were restricted or prohibited from engaging in these practices and were required to divest certain interests in their theaters.

The DOJ’s November 22nd motion may not come as a surprise, as the DOJ first announced that the Decrees were under review in August 2018, after which several industry players, including the National Association of Theatre Owners (NATO), submitted comments. In particular, NATO argued, despite how streaming and technology might increase competition, that block-billing would still adversely impact independent or local chains that exhibit fewer films and may not be able to afford larger blocks of films.

Delrahim summed up the DOJ’s position, stating, “the [D]ecrees, as they are, no longer serve the public interest, because the horizontal conspiracy – the original violation animating the decrees – has been stopped. […] Changes over the course of more than half a century also have made it unlikely that the remaining defendants can reinstate their cartel.” In particular, the DOJ argued that the competitive concerns of the 1940s no longer exist because the movie marketplace has changed so drastically, citing how film distributors have become less reliant on theatrical distribution with the advent of streaming. According to the DOJ, colluding to limit theatrical film distribution in today’s market “would make no economic sense.”  In addition to streaming services, Delrahim also cited new theatrical release business models (such as flat-fee multi-ticket pricing) as increasing competition and innovation in film distribution.

The DOJ acknowledged NATO’s concerns in part and asked the court to implement a two-year sunset on block-booking and circuit dealing (licensing to all theaters under common ownership, as opposed to on a theater-by-theater basis). Whether terminating the Decrees would decrease innovation, neither the motion papers nor Delrahim venture to guess. Delrahim noted that antitrust enforcers need not predict the future but need only recognize that changes are occurring. He added that practices covered by the Decrees would not become per se lawful, but would rather be subject to review under the rule of reason standard.

Commentators are split on whether termination of the Decrees that have shaped Hollywood for decades will lead to any significant change for the movie business. One thing that is important to note is that the Decrees did not outright prohibit vertical integration of studios and theaters – the defendant studios could (and did) acquire theaters after proving that such acquisitions would not unreasonably restrain trade. Further, only those studios party to the Decrees remain subject to their restrictions, meaning many of today’s top studios (that now typically own a vast portfolio of traditional and digital entertainment properties) were non-existent or much smaller in the 1940s and have not been subject to the Decrees.

While it remains to be seen how this development will play out, it is noteworthy for digital providers because it may breathe extra life back into the theatrical release window. With mammoth streaming deals inked every week, the value of the theatrical release window was seemingly diminishing for some films. But now that many studios are forgoing third-party licensing fees and instead retaining their content for their own streaming platforms, studios may begin to ask whether added revenues from ownership of a theater chain could be a potential new source of revenue and a way to gain additional control of the theatrical window. Meanwhile, the effect of lifting the Decrees may not necessarily lead to a flurry of acquisitions, as other studios involved in direct-to-consumer streaming campaigns may not have the capital or desire to exploit the termination of the Decrees. Major theater chains will likely seek to strengthen relationships with studios, while independent theaters will look for ways to succeed despite potentially rising costs.

With all of these developments, studios and media platforms will also need to carefully consider how to protect their interests when handling their licensing arrangements, given the volatility in this space and keeping in mind the two-year sunset (assuming the DOJ succeeds) on block-booking and circuit dealing. While some distributors may be looking for long-term, exclusive content deals as they roll-out their streaming services, studios and content providers may seek flexibility as their distribution options are changing day-to-day.

© 2019 Proskauer Rose LLP.

More on entertainment distribution on the National Law Review Entertainment, Art & Sports law page.

CISA Releases “Cyber Essentials” to Assist Small Businesses Updated

On November 6, 2019, the Department of Homeland Security (“DHS”), Cybersecurity & Infrastructure Security Agency (“CISA”) released its Cyber Essentials guide. Consistent with the NIST Cybersecurity Framework, these Cyber Essentials provide “a starting point to cyber readiness,” and are specifically aimed at small businesses and local government agencies that may have fewer resources to dedicate to cybersecurity.

The guide suggests a holistic approach for managing cyber risks, and is broken down into six “Essential Elements of a Culture of Cyber Readiness,” specifically:

  • Yourself – driving awareness, strategy, and investment to build and sustain a culture of cybersecurity.
  • Your Staff – developing awareness and vigilance because your staff is often the first line of defense.
  • Your Systems – protecting your information and critical assets and applications.
  • Your Surroundings – limiting access to your digital environment.
  • Your Data – having a contingency plan to recover systems, networks, and data from trusted backups.
  • Your Actions Under Stress – planning and conducting drills for cyberattacks to bolster readiness to respond, limit damage, and restore operations in the event of an attack.

The final section of the guide provides a list of steps that small businesses can take immediately to increase organizational preparedness against cyber risks. These include backing up data (automatically and continuously), implementing multi-factor authentication (particularly for privileged, administrative, and remote access users), enabling automatic updates, and deploying patches quickly.

CISA’s Cyber Essentials guide is just the most recent example of a user-friendly resource aimed at assisting small businesses seeking lower-cost cybersecurity solutions. Recognizing that investing in cybersecurity may be difficult for some small businesses, Government agencies are making an effort to help small businesses understand the importance of cybersecurity.

For example, the U.S. Small Business Administration (“SBA”) has a page dedicated to providing information and resources for small business cybersecurity. It outlines common threats, risk assessment, and cybersecurity best practices. It also provides a list of upcoming training and events related to small business cybersecurity. Other entities, including the National Institute of Standards and Technology, the Federal Trade Commission, and the Federal Communications Commission also provide similar resources specifically tailored to small businesses.

The main takeaway here is that all organizations – regardless of size or resources – should take basic steps to improve their cybersecurity resilience.

Copyright © 2019, Sheppard Mullin Richter & Hampton LLP.

ARTICLE BY Jonathan E. Meyer, Townsend L. Bourne and Nikole Snyder a Law Clerk in Sheppard, Mullin, Richter & Hampton LLP’s Washington, D.C. office.

AI and Evidence: Let’s Start to Worry

When researchers at University of Washington pulled together a clip of a faked speech by President Obama using video segments of the President’s earlier speeches run through artificial intelligence, we watched with a queasy feeling. The combination wasn’t perfect – we could still see some seams and stitches showing – but it was good enough to paint a vision of the future. Soon we would not be able to trust our own eyes and ears.

Now the researchers at University of Washington (who clearly seem intent on ruining our society) have developed the next level of AI visual wizardry – fake people good enough to fool real people. As reported recently in Wired Magazine, the professors embarked on a Turing beauty contest, generating thousands of virtual faces that look like they are alive today, but aren’t.

Using some of the same tech that makes deepfake videos, the Husky professors ran a game for their research subjects called Which Face is Real? In it, subjects were shown a real face and a faked face and asked to choose which was real. “On average, players could identify the reals nearly 60 percent of the time on their first try. The bad news: Even with practice, their performance peaked at around 75 percent accuracy.” Wired observes that the tech will only get better at fooling people “and so will chatbot software that can put false words into fake mouths.”

We should be concerned. As with all digital technologies (and maybe most tech of all types if you look at it a certain way) the first industrial applications we have seen occur in the sex industry. The sex industry has lax rules (if they exist at all) and the basest instincts of humanity find enough participants to make a new tech financially viable. Reported by the BBC, “96% of these videos are of female celebrities having their likenesses swapped into sexually explicit videos – without their knowledge or consent.”

Of course, given the level of mendacity that populism drags in its fetid wake, we should expect to see examples of deepfakes offered on television news soon as additional support of the “alternate facts” ginned up by politicians, or generated to smear an otherwise blameless accuser of (faked) horrible behavior.  It is hard to believe that certain corners of the press would be able to resist showing the AI created video.

But, as lawyers, we have an equally valid concern about how this phenomenon plays in court. Clearly, we have rules to authenticate evidence.  New Evidence Rule 902(13) allows authentication of records “generated by an electronic process or system that produces an accurate result” if “shown by the certification of a qualified person” in a particular way. But with the testimony of someone who was wrong, fooled or simply lying about the provenance of an AI generated video, the false digital file can be easily introduced as evidence.

Some Courts under the silent witness theory have allowed a video to speak for itself. Either way, courts will need to tighten up authentication rules in the coming days of cheap and easy deepfakes being present everywhere. As every litigator knows, no matter what a judge tells a jury, once a video is seen and heard, its effects can dominate a juror’s mind.

I imagine that a new field of video veracity expertise will arise, as one side tries to prove its opponent’s evidence was a deepfake, and the opponent works to establish its evidence as “straight video.” One of the problems in this space is not just that deepfakes will slip their way into court, damning the innocent and exonerating the guilty, but that the simple existence of deepfakes allows unscrupulous (or zealously protective) lawyers to cast doubt on real, honest, naturally created video. A significant part of that new field of video veracity experts will be employed to cast shade on real evidence – “We know that deepfakes are easy to make and this is clearly one of them.” While real direct video that goes to the heart of a matter is often conclusive in establishing a crime, it can be successfully challenged, even when its message is true.  Ask John DeLorean.

So I now place a call to the legal technology community.  As the software to make deepfakes continues to improve, please help us develop parallel technology to be able to identify them. Lawyers and litigants need to be able to clearly authenticate genuine video evidence to clearly strike deepfaked video as such.  I am certain that somewhere in Langley, Fort Meade, Tel Aviv, Moscow and/or Shanghai both of these technologies are already mastered and being used, but we in the non-intelligence world may not know about them for a decade. We need some civilian/commercial help in wrangling the truth out of this increasingly complex and frightening technology.

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

For more artificial intelligence, see the National Law Review Communications, Media & Internet law page.

Virtual Marking: Guidance on Doing It Right

Despite the fact that virtual patent marking was introduced nearly a decade ago, jurisprudence addressing virtual marking issues has been quite limited. Recent guidance from U.S. district courts, however, paints a clearer picture of the patent marking statute’s requirements to (a) associate the patented article with the number of the patent; (b) place either “patent” or “pat.” together with a website address on the product; and (c) ensure the marking is “substantially consistent and continuous.”

Since 1952, the patent marking statute (“Marking Statute”) has encouraged patentees to give public notice of a patented article through physical application of the patent number to the article, which assists the public and helps mitigate innocent infringement. 35 U.S.C. § 287; Nike, Inc. v. Wal-Mart Stores, Inc., 138 F.3d 1437, 1443 (Fed. Cir. 1998). Giving effect to this goal, the marking statute provides a financial disincentive for patent owners who do not mark their products (i.e., a patentee is precluded from recovering damages for infringement of unmarked articles prior to notice of infringement). Once marked, a patent owner’s marking must be “substantially consistent and continuous.” Id. at 1446.

Since the AIA’s passage in 2011, however, patentees have been able to inform the public that an article is patented through “virtual marking” (i.e., use of the word “patent” or the abbreviation “pat.” together with the URL of a website address where the actual patent number may be found). 35 U.S.C. § 287. As opposed to physically marking a patent number on a product, virtual marking allows a patent owner to quickly update its patent data website page without the costs of modifying product tooling or packaging (e.g., for newly issued, expired, or invalidated patents). In relevant part, the Marking Statute provides:

“Patentees . . . may give notice to the public that the same is patented . . . by fixing thereon the word ‘patent’ or the abbreviation ‘pat’ together with an address of a posting on the Internet, . . . that associates the patented article with the number of the patent.” 35 U.S.C. § 287(a) (emphasis added).

The Delaware District Court recently clarified what does, and does not, constitute adequate association, concluding that a “website itself must do more than simply list the patentee’s patents.” Mfg. Res. Int’l v. Civiq Smartscapes, LLC, Case No. 17-269, 2019 U.S. Dist. LEXIS 146060, at *3 (D. Del. Aug. 28, 2019)(emphasis added). Citing the statute’s “plain language,” the court reasoned that “[s]imply listing all patents that could possibly apply to a product or all patents owned by the patentee” “merely creates a research project for the public,” as opposed to giving public notice. Id. at *30-31. The court described why this would be the case by pointing to two examples lacking the association necessary “as a matter of law to meet the requirements of virtual marking”:


View larger image

Id.

The Court concluded that Plaintiff’s examples did “nothing to ‘associate’ any specific product it has marked with the patents which cover it.” Id. at 31. The Court was not persuaded by Plaintiff’s arguments that proper association was met in view of (1) Plaintiff’s statement that “[o]ne or more of the above listed MRI patents may be used by LG-MRI products under license from MRI, Inc.”, and (2) Plaintiff’s clarification of “the patent category (LCD Display Patents)”. Id. Accordingly, Plaintiff’s website failed to “provide ‘a ready means of discerning the status of the intellectual property embodied in an article of manufacture or design,” and no damages were awarded for infringement that occurred prior to the notice that was provided by the filing of the suit. Id., citing Bonito Boats, Inc. v. Thunder Craft Boats, Inc., 489 U.S. 141, 162 (1989).

Beyond the association requirement, courts also have found that a website address lacking the words “patent” or “pat.” does not provide constructive notice, A to Z Machining Serv., LLC v. Nat’l Storm Shelter, LLC, 2011 U.S. Dist. LEXIS 149387 (W.D. Okla. 2011), and that evidence supporting consistent marking of substantially all products may include (a) documentary evidence concerning the timeframe in which the website has operated; (b) engineering and assembly drawings or the actual product depicting virtual mark placement; and (c) testamentary evidence concerning the frequency of the virtual mark’s use on products. See Asia Vital Components Co. v. Asetek Danmark A/S, 377 F. Supp. 3d 990, 1024-25 (N.D. Cal. 2019), citing SEB S.A. v. Montgomery Ward & Co., 594 F.3d 1360, 1378 (Fed. Cir. 2010).

Notably, the burden remains on the patentee to demonstrate that its patent marking practices are effective and appropriate. In view of recent court guidance, consider the following points for creating an effective virtual marking strategy:

  • Include either “pat.” or “patent” together with the website address where the actual patent number may be found.
  • Place the patent owner’s website address on all patented products and clearly correlate each product that is covered by at least one claim of a specific patent on that website address for a patented product.
  • Periodically review the patent website page to ensure that it is current, accurate, and complete (e.g. reflecting new products; updating issued, expired, or invalidated patents).
  • Create and preserve records that demonstrate that the virtual marking was consistent and continuous. This may entail keeping a written log of updates to the patent website address, and preserving evidence that it was continually maintained

© 2019 Brinks Gilson Lione. All Rights Reserved.

No Copyright Case Too Small: Content Creators Rejoice or Casual Infringers Beware?

An office jokester emails a funny meme she copied off Google to a colleague. A tourist snaps a picture of a painting in an art gallery and posts it to his travel blog. A teacher prints copies of a recently published Internet article and distributes to his class. A teen reposts his friend’s Instagram picture on his own social media page. To these casual infringers, no harm has been done and there’s certainly no reason to “make a federal case out of it.” But to the copyright owners, these small acts of infringement mean something. Perhaps not enough to justify the expense and time required for a federal claim, but action may be worth pursuing on a smaller scale.

Enter the pending CASE Act, intended to protect the “creative middle class,” and a potential boon to small businesses and individual content creators, while simultaneously presenting a threat to the “micro-infringements” committed by the ordinary person throughout the day. Last week, the US House of Representatives approved the Copyright Alternative in Small-Claims Enforcement Act of 2019 (CASE Act) by a landslide 410-6 vote. The bill is intended to create a Copyright Claims Board within the US Copyright Office that would hear copyright claims of up to $15,000 per work infringed, with statutory damages capped at a total of $30,000.

If passed by the Senate, the CASE Act is likely to be a welcome avenue for graphic designers, bloggers, photographers, authors, vloggers, and other individual and small business copyright owners to protect their works. Currently, pursuing copyright infringement litigation is limited to filing suit in federal courts, the cost of which can be prohibitive for many small businesses. The proposed Copyright Claims Board provides a more affordable avenue—effectively, a copyright small claims court—to enforce copyright ownership.

Supporters say that small businesses have long needed a more efficient and affordable means to enforce their copyrights. To this point, much of the unauthorized exchange and use of Internet-based works or smaller-scale copyrighted works has been difficult to police. In fact, June Besek, the executive director of the Kernochan Center for Law, Media and the Arts at Columbia Law School, recently told the ABA Journal that many infringers knowingly exploit copyrighted material because they are confident they will never be challenged. (Anyone remember the flagrant use of Napster and LimeWire by teens in the late 1990s and early 2000s to illegally download music—excuse me, “file share”—with little fear of repercussions for their “small-scale” acts of infringement?). A number of organizations, including the American Bar Association, have expressed support for the CASE Act.

But that support, while widespread, is not universal. The American Civil Liberties Union opposes the proposed CASE Act on the grounds that it will stifle free speech and the open sharing of information. Other critics say that by lowering the threshold for infringement claims, lawmakers also are opening the door for “copyright trolls” to file nuisance infringement claims with the Copyright Claims Board. And many are less than keen on the idea that inadvertently unanswered copyright infringement complaints could cost ordinary Americans up to $30,000 in default judgments per proceeding—perhaps a small sum to a business, but potentially life-changing to many individuals—with very limited ability to appeal, under the currently proposed language of the Act.

Notably, as currently written, the small-claims tribunal established under CASE will be entirely voluntary, meaning the complaining party can elect to use the Copyright Claims Board, and the defending party may choose to opt out. But critics point out that the opt-out window is only 60 days long, and easily could be missed by an unwitting defendant.

Next, the Senate will consider the CASE Act, but observers believe it will pass with bipartisan support. The final language of the Act may be somewhat different from its current form, so stay tuned for more updates as the CASE Act makes its way through the legislature.

What the proposed CASE Act could mean for you:

Would-be plaintiffs (or defendants) appearing before the proposed Copyright Claims Board are encouraged to do so with licensed legal representation. Some have suggested that this small claims court format will allow parties to represent themselves without needing to incur the fees of legal representation. However, it is important to remember that, though the monetary stakes may be lower than in federal court, the complex legal nuances of copyright law, not to mention jurisdiction, service, discovery, evidence, joinder of parties, and expert testimony, remain the same and are best addressed by experienced legal counsel.

Owners of large copyright portfolios may find the CASE Act to allow greater leeway in defending their works against smaller-player infringers. Businesses with larger portfolios may wish to take stock of their protected works and develop an enforcement strategy, taking into account this more accessible avenue for enforcement.

Smaller companies or individual content creators, too, may find the proposed CASE Act to provide the freedom to assert their copyrights more aggressively than they have done previously. These companies and individuals also are encouraged to take stock of their copyright portfolios, and consider setting up infringement alerts through their legal representatives or third party vendors in order to take a more offensive stance.

On the opposite side of the court room, copyrighted work users are cautioned to think carefully about their use of protected works. Businesses and schools may want to consider updating policies on use and distribution of protected works, with a more conservative mindset. The relative ease of filing suit with the Copyright Claims Board may give rise to a more litigious “creative middle class.” And while the damages may be smaller-scale, the attendant legal costs may not be, and damages from multiple suits may add up quickly.

 

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

ARTICLE BY Kristin Lamb of  Womble Bond Dickinson (US) LLP.
For more copyright infringement regulation, see the National Law Review Intellectual Property law page.

Text Messages Inviting Independent Voters to Political Speeches by Former Presidential Hopeful Howard Schultz Were Not “Solicitations” For His Book Tour

The Western District of Washington recently held in Vallianos. v. Schultz, C19-0464-JCC, 2019 WL 4980649 (W.D. Wash. Oct. 8, 2019), that two text messages encouraging recipients to view a livestream of a political speech by the former chairman and CEO of Starbucks Howard Schultz did not amount to “solicitations” under the TCPA. While exploring a run for President, Schultz released a book, “From the Ground Up,” and went on a three-month long cross-country book tour. He also collected from voter records the phone numbers of individuals registered as having “No Party Affiliation” and sent them the text messages at issue. Named plaintiffs Cassandra Vallianos, Stacey Karney, and Mike Barker brought a putative TCPA class action against Schultz alleging that the text messages were sent to them without their consent after they had placed their cell phone numbers on the national Do Not Call Registry.

Specifically, plaintiffs made two claims: first, that Schultz sent the text messages using an auto-dialer and without the plaintiffs’ consent; second, that the calls were solicitations sent in violation of the TCPA’s Do Not Call restrictions. Plaintiffs’ claims were based on two separate text messages Schultz sent Plaintiffs. The first said “Howard Schultz will be speaking in Miami at 12:30! Watch live: https://hs.media.mi-a030[.]” The second said “Howard Schultz will be speaking about his vision for America in Miami at 12:30! Watch live: https://hs.media/mia030[.]” Plaintiffs argued that these text messages were “solicitations” under the TCPA because the text messages were sent with the goal of getting recipients to purchase Schultz’s book. Defendant Schultz moved to dismiss only the Do Not Call claim.

Acknowledging that messages that serve a “dual-purpose” by including both advertising and informational communications are solicitations for purposes of the TCPA, the court looked to the context of the messages to determine whether they constituted “solicitations” under the TCPA. The court reviewed the text messages, the webpage to which the text messages directed recipients, and the speech embedded in the website. The court found that the text messages did not facially discuss Schultz’s book. The court also found that the link in both text messages took Plaintiffs to the homepage of Schultz’s website, which included various video clips, including a livestream of Schultz’s speech and a link to a website where consumers could purchase his book. But the court held that the website was not transformed into a solicitation by the “mere inclusion of a link to a website on which a consumer can purchase a product.” The court found that the speech focused on Schultz’s political views and potential run for president, not his book. The court further found that the website was just a way to facilitate viewing of Schultz’s speech. Thus, the court ultimately determined that the messages did not constitute “telephone solicitations” under the TCPA.

With the seemingly never-ending national campaign season chugging along, we expect to see more such claims filter their way through the courts.

©2019 Drinker Biddle & Reath LLP. All Rights Reserved

For more on TCPA litigation, see the National Law Review Communications, Media & Internet Law page.

ADA Website Litigation Likely to Increase

There has been considerable confusion amongst business owners as to the requirements of the Americans with Disabilities Act (ADA) as it relates to websites. The ADA requires, among other things, that places of “public accommodation” remove barriers to access for people with disabilities. This law has long been understood to apply to brick-and-mortar establishments, such as restaurants, retail stores, and hotels, but recent court decisions have held that the ADA applies to the websites and mobile applications of businesses offering goods and services online.

The Department of Justice (DOJ), which is responsible for establishing regulations pursuant to the ADA, has thus far failed to issue any guidance, regulations, or technical standards for online platforms, resulting in uncertainty for many business owners. Many have looked to the case of Robles v. Domino’s Pizza, LLC   for potential guidance. Robles was filed by a blind man who claimed that he could not access the Domino’s website and mobile app with his screen-reading software. The District Court dismissed the case on the basis that, although the ADA applied to the website and app, the DOJ’s failure to provide guidance as to the ADA’s application to websites violated Domino’s due process rights. The Ninth Circuit reversed this ruling, and on October 7, 2019, the U.S. Supreme Court denied a petition by Domino’s Pizza asking the Court to review the Ninth Circuit’s decision.

The Supreme Court’s refusal to review the Ninth Circuit decision maintains the uncertainty in what will no doubt be an expanding field of litigation. Business owners should expect to see an increase in ADA website litigation, and should take steps to ensure that their websites and mobile apps are accessible to disabled users.

 

© 2010-2019 Allen Matkins Leck Gamble Mallory & Natsis LLP

ARTICLE BY Rachel M. Sanders of Allen Matkins Leck Gamble Mallory & Natsis LLP.
More website regulation on the National Law Review Internet, Communications & Media law page.

CPSC Staff Addresses IoT 2018 Hearing Feedback, IoT Project Plans in New Report

Connected products can make the world a safer place: electronic sensors in the home can detect problems and send smartphone notifications to the homeowner; smart alert devices can notify family members or home help companies that an elderly person has fallen and needs assistance. But with over 64 billion connected products in the marketplace, there is a concern that connected devices could introduce hazards that might lead to a risk of injury due to problems with software updates or customization, faulty connections, and even consumer modifications.

As the body charged with overseeing consumer product safety in the U.S., over the last few years, the Consumer Product Safety Commission (CPSC) has shown an increasing interest in defining its role with regard to connected products. In May 2018, the CPSC held a public hearing on IoT, obtaining feedback from a range of stakeholders on potential risks of connected consumer products and the agency’s role. In late September, CPSC staff submitted to the Commission a status report outlining the CPSC’s work on consumer product IoT issues since the public hearing. The report also outlines how CPSC staff understands the agency’s role, which is safeguarding consumers from potential physical product risks, as well as how its work intersects with the jurisdiction of other agencies as they oversee connected products.

The report notes that this is an ongoing process, stating that CPSC staff is working on “how to define consumer product safety in terms of the IoT, the intersection of, and interdependencies among, consumer product safety, data security and privacy, and how our traditional risk management approaches apply to connected products.” The report acknowledges that privacy and data security are not within CPSC’s jurisdiction, but noted that at least one participant in CPSC’s 2018 hearing warned that “CPSC should pay attention to certain cybersecurity threats that create opportunities for physical harm, a risk not previously considered, and resist creating any prescriptive rules for IoT devices.”

To increase institutional knowledge of IoT benefits and challenges, CPSC has dedicated resources to develop its staff’s expertise. CPSC has also participated in developing voluntary standards, has taken a leadership role in establishing an interagency IoT working group, and has been developing its capability to simulate home networks at its laboratory.

The staff report outlines three ongoing internal projects relating to IoT. The first involves developing a methodology for assessing safety-related implications arising out of software and firmware updates to connected products. This project is at what CPSC views as the intersection of product safety and data security and potential “hazardization” of connected products as a result of data vulnerabilities. CPSC is also looking at connected heating appliances and the risks associated with their remote activation. Finally, CPSC is studying smart toys “in an effort to identify physical safety hazards.” It is surprising that CPSC staff would dedicate resources to toys as opposed to other products, like in-home safety devices, since the physical safety of toys is strictly regulated by the mandatory toy safety standard, ASTM F-963. The likelihood of physical hazardization of toys is far lower than, for example, connected home security devices and sensors. In those categories, connectivity, and thus security breaches that affect the operation of those devices, may be directly related to both safety risks and advantages. Indeed, home safety devices is a category where we have actually seen CPSC recall activity.

The report notes that CSPC is engaging in product safety assessments of connected& shared e-scooters. This is likely in response to reports of e-scooters that were vulnerable to hacking. The emerging hazards of micro-mobility devices such as shared e-scooters are also a focus of CPSC’s Operating Plan for Fiscal Year 2020 and represent another product category that appears to be more vulnerable to hazardization than connected toys.

CPSC staff intended to develop a best practices guide for industry and consumers on connected products, which was an enumerated project in the proposed Operating Plan for Fiscal Year 2020. However, an amendment introduced by Commissioner Feldman focuses CPSC’s resources on IoT intergovernmental work instead. Given the report’s acknowledgment that the agency is still working to develop staff expertise in IoT, attempting to create such a guide appears premature at this juncture.

The sharp increase in the number of connected devices in the market means it is necessary and appropriate for CPSC to continue to build expertise on IoT issues, even though very few examples of actual product safety hazards attributable to some type of connectivity failures exist. It would be useful for CPSC to focus its efforts and resources on product categories that pose a higher potential risk to the physical safety of consumers through hazardization or failure as a result of connectivity, without overstating potential risks. It is encouraging that through the intergovernmental initiatives a variety of federal agencies are working collaboratively to better understand the various consumer protection issues potentially raised by connected products that fit within their respective jurisdictions.

© 2019 Keller and Heckman LLP

For more CSPC regulation, see the National Law Review Consumer Protection law page.