Communication Media & Internet Archives - Page 46 of 65

EU Policy Update – February 2016 re: Dutch Presidency and Brexit, Digital Single Market Policy, Energy and Environment

Dutch Presidency and Brexit

In January, the Netherlands took over the Presidency of the Council of the European Union from Luxembourg. In line with the political intentions of the Juncker Commission to be ‘big on the big issues but small on the small issues’, the Netherlands promises to focus on the essentials during its Presidency. In particular, the Dutch Presidency would like to focus on migration and international security. Another priority is to strengthen the free movement of services and the free movement of workers, where the Presidency would like to strengthen the protection of workers posted abroad.

Additionally, on February 2, the President of the European Council, Donald Tusk, presented his proposals for a ‘new settlement of the United Kingdom within the European Union’. If accepted, they would allow David Cameron to campaign in the ‘Brexit’ referendum on the continuing membership of the UK in the bloc. The Heads of State and Government will discuss and adopt the text in a meeting on February 18. For Covington’s analysis of the proposals presented and the referendum, please see here.

Digital Single Market Policy

The formal adoption of the EU Network and Information Security (NIS) Directive is a step closer following a vote on January 14 by the European Parliament’s internal market and consumer protection (IMCO) committee. The committee confirmed that the minimum harmonisation requirements under the Directive do not apply to digital service providers. This means that Member States will not be able to impose any further security or notification requirements on digital service providers beyond those contained in the Directive, when transposing it into national law. The NIS Directive will now be put forward for a plenary vote in the European Parliament. Once it is published in the Official Journal of the European Union and enters into force later this year, Member States will have 21 months to transpose it into national law. Member States will then have a further 6 months to apply criteria laid down in the Directive to identify specific operators of essential services covered by national rules. These processes are likely to be complicated, and companies that may fall within scope should participate in consultations and monitor developments across the EU over the coming months.

On January 19, the European Parliament adopted a resolution on the Digital Single Market Strategy of the European Commission. The parliamentarians called for ambitious and targeted actions to complete Europe’s digital single market. Among other things, the MEPs support the end of geo-blocking practices across Europe, the setting of a single set of contract rules and consumer rights for online sales and for digital content, and the modernization of the copyright framework.

On February 2, the European Commission and U.S. Government reached a political agreement on the new framework for transatlantic data flows. The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework. The EU’s College of Commissioners has also mandated Vice-President Ansip, in charge of the Digital Single Market, and Commissioner Jourová, Commissioner for Justice, Consumers and Gender Equality, to prepare the necessary steps to put in place the new arrangement. For Covington’s full analysis of the announcement of the EU-U.S. Privacy Shield, please see here.

Energy and Environment Policy

The European Commission published a proposal to update the approval requirements and market surveillance of new passenger cars and their respective systems and components. The Commission’s proposal aims at strengthening the credibility and enforcement of the applicable safety and environmental requirements for cars, following the controversy regarding Volkswagen last year.

In a significant departure from past EU legislation, the proposal would empower the Commission to impose administrative fines on economic operators who are found not to have complied with the approval requirements, of up to €30,000 per non-compliant vehicle.

The Commission’s proposal focuses on three elements. First, the European Commission proposes to reinforce the credibility of the type-approval assessment of new vehicles by ensuring that the technical services testing the new vehicles are fully independent from car manufacturers. For this purpose, the proposal would enhance the financial independence of such technical services and require Member States to create a national fee structure to cover the costs of type-approval testing and market surveillance activities for vehicles. Moreover, in order to prevent the use of ‘defeat devices’, as in the Volkswagen controversy, the proposal would grant approval authorities and technical services access to the software and algorithms of the vehicles tested.

Second, the proposal includes measures to strengthen the market surveillance of vehicles after they are type-approved and in circulation. Member State authorities and the Commission would be able to conduct tests and inspections on cars available on the market and would be empowered to adopt restrictive measures in case of non-compliance of vehicles. Among other proposed measures, the Commission would establish and chair a forum to coordinate the network of national authorities responsible for type-approval and market surveillance. Member States would also be able to inspect and take measures against vehicles type-approved in a different EU Member State.

Third, the Commission proposes measures to ensure that non-compliant manufacturers are penalized in case of non-compliance. Member States would be required to adopt penalties for non-compliant economic operators, including car manufacturers, importers and distributors, as well as technical services. This may be complemented by administrative fines, imposed by the Commission, of up to €30,000 per non-compliant vehicle, as referred to above.

Finally, the European Commission hopes to ensure a more uniform application of the legislation in the EU by proposing a Regulation as opposed to the current Framework Directive 2007/46/EC. If adopted, the Regulation would be directly applicable in national law with no requirement of transposition.

The Commission proposal is available here; it has been sent to the Council and European Parliament for consideration.

The European Commission is expected to propose a revision of the Fertilizers Regulation (EC) 2003/2003 in March 2016. This revision comes in parallel to the Circular Economy Package announced in December 2015, which aims to create a single market for the reuse of materials and resources.

Under the current EU Regulation 2003/2003, manufacturers and importers of fertilizers may choose to comply with the laws of the Member States where they market their products, or to get their products approved and CE-labeled under the Regulation. However, Regulation 2003/2003 only regulates a limited number of categories of fertilizer products.

According to Commission officials, the proposal aims to create a level playing field between existing, mostly inorganic categories of fertilizers, and innovative fertilizers, which often contain nutrients or organic matter recovered and recycled from biowaste or other secondary raw materials. Therefore, the proposal will make the approval process more flexible for new categories of CE-labeled fertilizers.

The draft legislative text is structured in four parts: (i) a list of materials that could be used for the production of CE-marketed fertilizing products under the conditions included in the annexes of the proposal; (ii) a list of product function categories for fertilizers, rules for blends of different product categories, and respective safety and quality requirements for each category included in the annexes; (iii) an annex with the labelling requirements by product function; and (iv) a section with the different conformity assessment procedures. Fertilizers that follow the harmonized EN standards will be presumed to conform with the requirements of the regulation.

Moreover, the proposal would continue to allow Member States to regulate national fertilizing products. Products that are not in compliance with the EU Fertilizers Regulation and do not carry the CE label would be able to marketed in a particular Member State if they comply with its national legislation.

Importantly, the revised Fertilizers Regulation is also likely to include an EU-wide limit on the presence of cadmium in fertilizers. In November 2015, the Scientific Committee on Health and Environmental Risks published an opinion concluding that new scientific information available justifies an update of the 2002 opinion on Member State Assessments of Risk to health and the Environment from Cadmium – see here.

The draft proposal is currently in inter-service consultation among the different Directorates General of the European Commission. Fertilizer manufacturers wishing to voice their opinion regarding the future Regulation on fertilizers should reach out now to the different services of the Commission.

Internal Market and Financial Services Policies

On January 15, the European Commission launched a public consultation on non-binding guidance for reporting non-financial information by certain large companies, following Article 2 of Directive 2014/95/EU – see here. Directive 2014/95/EU aims at improving the transparency of certain large companies related to Environmental matters, social and employee matters, human rights, and anticorruption and bribery matters. The feedback gathered during the consultation will be used to prepare the guidelines and facilitate the disclosure of non-financial information by undertakings. The public consultation will run until April 15, 2016.

On January 28, the European Commission presented its so-called Anti-tax Avoidance Package – see here. The initiative includes: (i) a new communication on tax avoidance in the EU; (ii) a proposal for an Anti-Tax Avoidance Directive; (iii) a proposal for a Directive implementing the G20/OECD Country by Country Reporting (CbC Reporting); (iv) a Recommendation to the Member States on Tax Treaties, and (v) a Communication on an External Strategy regarding tax avoidance.

The Anti-Tax Avoidance Directive includes six measures, which aim at limiting the abuse of six well-established practices used to avoid taxes in various jurisdictions in Europe. These include the mismatch in legal characterisation of financial instruments or legal entities between Member States, excessive inter-group interest charges, and a general anti-abuse rule against arrangements the essential purpose of which is to obtain a tax advantage.

The legislative proposal on CbC Reporting aims to strengthen the existing mandatory and automatic exchange of information between the Member States in the field of taxation. The proposal also requires the parent entity of a multinational group to report to the competent authorities the aggregated information on the revenue, profit (or loss) before income tax, income tax paid, income tax accrued, stated capital, accumulated earnings, number of employees, and tangible assets other than cash equivalents, in respect of each jurisdiction in which the group operates.

Finally, because tax avoidance has a strong global dimension, the EU will also cooperate better with third countries on tax issues. The Commission therefore proposes to adopt a common EU system to screen, list and put pressure on third countries that refuse to adopt policies to limit tax avoidance. In addition, before the end of 2016, the Commission and Member States will consider whether to put in place sanctions to incentivize third countries to improve their tax systems.

Life Sciences and Healthcare Policies

At the beginning of February 2016, the Dutch presidency will resume trilogues on the legislative proposals regarding the medical devices Regulation (“MD proposal”) and the in vitro diagnostic medical devices Regulation (“IVD proposal”). The European Commission presented this pair of proposals in September 2012, and recently called upon the Council of Ministers and the European Parliament to reach an agreement in the first half of 2016. The Dutch delegation therefore intends to ramp up the number of trilogues between the institutions to five political meetings and 10 to 15 technical meetings during its presidency. Nonetheless, important differences remain between the negotiators on the reprocessing of single use devices, liability insurance for manufactures, and the classification of devices in the framework of the IVD proposal. It is understood that the Dutch presidency hopes to achieve an agreement by the Employment, Social Policy, Health and Consumer Affairs Council of June 17, 2016.

Trade Policy and Sanctions

On January 1, the Deep and Comprehensive Free Trade Area (“DCFTA”) between the EU and Ukraine became operational. According to the Commission, the implementation of the DCFTA will improve the Gross Domestic Product of Ukraine by circa 6% and increase economic welfare for Ukrainians by 12% over the medium term.

On January 13, the European Commission held an initial orientation debate on Market Economy Status for China in anti-dumping proceedings. Under the current WTO rules, the EU can calculate potential anti-dumping duties on the basis of data from another market economy country rather than the domestic prices used in China, because there is a presumption that market economy conditions do not prevail in China. However, this provision, included under Article 15(a)(ii) of China’s Protocol of Accession to the WTO, will expire on December 12, 2016. The Commission is therefore considering its options for changing the methods used to calculate dumping margins in respect of China. It is important for the Commission to start the process on time, because any change in the anti-dumping rules are likely to require legislation to be adopted by the Council and the European Parliament. Given the delicate nature of such negotiations, the process is expected to take a year.

January 16, 2016, saw the Implementation Day of the Joint Comprehensive Plan of Action (“JCPOA”) – the historic deal reached among China, France, Germany, Russia, the UK, the U.S., the EU and Iran to ensure the exclusively peaceful nature of Iran’s nuclear program. As part of that agreement, the Council of the EU lifted all nuclear-related economic and financial EU sanctions on Iran. It did so by bringing into force the EU legislative package adopted on October 18, 2015, following the verification by the International Atomic Energy Agency (“IAEA”) that Iran had complied with the requirements laid down in the JCPOA. As of January 16, many sectors and activities have been reactivated, including, among others: financial, banking and insurance measures; oil, gas and petrochemical; shipping and transport; gold and other metals; software; and the un-freezing of the assets of certain persons and entities. Note that proliferation-related sanctions, including arms and missile technology sanctions, will remain in place until 2023 (subject to various conditions). For the Council press release, see here. For more details, see the Council Information Note here.

Article By Sebastian F.A. Vos of Covington & Burling LLP

Criminal or Civil Liability for Sharing Streaming Accounts?

We are at the beginning of a new era of media consumption. Traditional content delivery systems such as satellite and cable television are hemorrhaging customers to a wave of “cord cutting” that has been facilitated by the availability of streaming services such as Hulu Plus, Netflix and HBO Go.^[1] Now that smart televisions are becoming more common place, cord cutting is no longer limited to the technologically hip youth, as accessing a Netflix account is as easy as changing the channel.

1-26-2016 3-38-45 PM But with the proliferation of streaming services, users have elected to share the benefits of the accounts―i.e. their passwords―with others. A staggering 46% of accountholders admit to sharing their streaming account password with people outside of their household.^[2] This raises some interesting questions of federal and state criminal, tort and contract laws. What sort of liability might someone have for sharing their account with friends or family? For using a shared account of a friend?

But in order to figure out if sharing of passwords violates the law, we first have to see if it violates the streaming service’s terms of service.

Netflix

Netflix is arguably the pioneer in password sharing. For years Netflix has allowed multiple user profiles to better enable its suggestion algorithm to tailor its offerings to a targeted user. By tactical use of user profiles, parents can limit the likelihood that Netflix will suggest the latest episode of Barney and Friends based on their child’s viewing of Teletubbies the week before.^[3] Netflix has also long offered the ability to stream its services on a limited number of devices simultaneously. ^[4] Netflix’s commitment to account sharing was recently echoed by its CEO Reed Hastings who stated: “As kids move on in their life, they like to have control of their life, and as they have an income, we see them separately subscribe. It really hasn’t been a problem.”^[5] But Netflix’s position on non-family members sharing the passwords has been a little more vague.

Hulu Plus

Hulu has not taken the vocal stance on account sharing that Netflix has. Though it is apparent that Hulu has at least contemplated password sharing to some degree. In section 5 of its terms of use, Hulu acknowledges that people within the same household are likely to use the account, and holds the primary account holder accountable for their activities: “You are responsible for all use of your account, including use of your account by other members of your household. By allowing others to access your account, you agree to be responsible for ensuring that they comply with these Terms and you agree to be responsible for their activity using the Services.”^[6] However unlike Netflix, Hulu Plus accounts are limited to streaming on one device at a time, which minimizes the advantage of sharing.

HBO Go

Like Netflix, HBO Go specifically contemplates the idea of multiple users within the same household. HBO has two tiers of accounts. The first is a “Registered Account” which consists of account holders who meet certain eligibility criteria, namely, they subscribe to HBO and HBO On Demand or Cinemax and Cinemax on Demand.^[7] These Registered Account holders can create “Household Member Accounts” for members of their household. The Register Account serves as the master account for the Household Member Accounts and can control what content the junior accounts have access to. However, despite the ability to create Household Member Accounts, HBO Go appears to take an antagonistic view of sharing the master account password itself. HBO Go’s terms of service specifically state that “You are responsible for all activity occurring under your Registered Account and any Subaccount authorized by you, including maintaining the confidentiality of each Username and Password, and you agree that any household member account users authorized by you will not permit the disclosure of any Username and Password to any person.” Contrast the above statements to Hulu’s request to “Please keep your password confidential,” and it is apparent that one is an order, and the other a request.

But statements by HBO’s CEO bely the strict terms of their agreement. In an interview with Buzzfeed, HBO’s CEO stated: “It’s not that we’re ignoring it, and we’re looking at different ways to affect password sharing. I’m simply telling you: it’s not a fundamental problem, and the externality of it is that it presents the brand to more and more people, and gives them an opportunity hopefully to become addicted to it. What we’re in the business of doing is building addicts, of building video addicts. The way we do that is by exposing our product, our brand, our shows, to more and more people.”^[8]

So HBO intends on building a legion of addicts, and with shows like Game of Thrones, they are well on their way to being the Pablo Escobar of digital content. But like any drug dealer, the first sample is free, but the second is going to cost you. No one knows for sure when HBO will start demanding money for that next “hit.”

It is apparent that these three streaming services all authorize sharing of an account among members of a household. A reasonable argument could be made that this extends to college age children who are away from the home during the school year, but whose primary residence is still their family home.

But what about sharing the account with third parties? What liability might an individual incur if they use a friend’s account with the friend’s permission? Arguably such activity goes beyond the terms of service of a user’s account, and presents some interesting questions of both state and federal law.

Trouble in Tennessee

In 2011, Tennessee, the home of Nashville and the birthplace of country music, became one of the first states to formally criminalize user account sharing. HB1783, effective July 1, 2011, modifies Tennessee Code Annotated Section 39-11-106 subdivision 35 by adding “entertainment subscription service” to the list of services protected by its theft of services offence.^[9] Section 39-14-104 defines theft of services as any person who: “(1) intentionally obtains services by deception, fraud, coercion, false pretense or any other means to avoid payment for the service; (2) having control over the disposition of services to others, knowingly diverts those services to the person’s own benefit or to the benefit of another not entitled thereto.” The punishment for violation of this provision ranges from a misdemeanor to a felony depending on the value of the services rendered.

The first provision of 39-14-104 targets the friend who is using the primary account holder’s password without permission from the streaming service. The person has “obtain[ed] services by . . . any other means to avoid payment for the service.” The second provision targets the account holder who has shared his password with a friend. That person has control of a subscription service and diverts it to his friend, who is not entitled to the service.

California is Not the Golden State For Sharing

It is unsurprising that California would not take kindly to people sharing the fruits of its most visible industry. California Penal Code Section 502 is an “anti-hacking” statute that covers a broad variety of activities. To the extent that sharing a primary accountholder’s password with people outside of the household is beyond the scope of the terms of use of the streaming service, there are several provisions of Section 502 that would criminalize such activity (along with giving a private cause of action), including subsections: (1) “knowingly accesses and without permission . . . otherwise uses any data in order to . . . wrongfully control or obtain . . . data;” (3) “knowingly and without permission uses or causes to be used computer services;” (6) “knowingly and without permission provides or assists in providing a means of accessing a computer, computer system, or computer network in violation of this section;” and (7) “knowingly and without permission accesses or causes to be accessed any computer, computer system or computer network.” Violation of these sections can range from a misdemeanor to a felony.

Like the Tennessee law, sections 1, 3 and 7 apply to the friend who is using the account without permission of the streaming service. Section 6 applies to the account holder who is sharing the account with a friend without the permission of the streaming service.

It Might Be A Federal Offense

The Computer Fraud and Abuse Act offers broad protection against unauthorized access to computers. It has been amended a half dozen times in its nearly 20 year history, and likely covers password sharing that is beyond the scope of the terms of service of a streaming account.

18 U.S.C. § 1030(a)(2) makes it a crime to “intentionally access a computer without authorization or exceeds authorized access, and thereby obtains . . . (c) information from any protected computer.” A “protected computer” is defined by 18 U.S.C. § 1030(e)(2) as any computer “which is used in or affecting interstate or foreign commerce or communication.” A streaming service’s streaming servers undoubtedly qualify as a protected computer under the Act as they stream their stored media all across the country.

Using a third party’s password to access a streaming service clearly “exceeds authorized access” as it is beyond the scope of the access defined in Netflix, Hulu Plus, or HBO Go’s terms of use. The user of the password is “obtaining information”―the streamed media―from the protected computer.

An interesting wrinkle is that the Act arguably has a jurisdictional requirement of $5,000 in damages over the course of one year. 18 U.S.C. § 1030(c)(4). This would probably be hard for a streaming site to demonstrate, especially against an individual who is making use of a friend’s password. However, it would be easier to meet the limit for the primary account holder who decided to share the account with a group of friends. All it takes is sharing a $20 dollar a month account with 21 people to meet the $5,000 threshold.

So what does all of this mean? Sharing an account with members of a household is just fine under Netflix, Hulu Plus, and HBO Go’s terms of use. Arguably this extends to children of the account holder who are away at school but whose primary residence is still the family home.

But sharing the password with people outside of the household or using someone else’s account opens up the potential for liability. Not only does sharing a password expose the primary account holder to the possibility of a claim of breach of contract, it also gives rise to various causes of action under both state and federal law for everyone involved.

At the moment none of the sharing services seem to care all that much, and it would be easy for them to mitigate their exposure to shared accounts by simply limiting the number of devices that the account can be used on simultaneously. Some seem to view account sharing as a marketing tool. But all that may change without notice. Sharer beware.

Article By Drew Wilson of Proskauer Rose LLP

_{[1] Todd Spangler, Cord-Cutting Gets Ugly: U.S. Pay-TV Sector Drops 566,000 Customers in Q2, Variety (August 8, 2015).}

_{[2] Is it Okay to Share Log-Ins for Amazon Prime, HBO Go, Hulu Plus, or Netflix?, Consumerreports.org (Jan. 28, 2015).}

_{[3] Netflix User Profiles, Netflix (Jan 14, 2016) https://help.netflix.com/en/node/10421.}

_{[4] Terms of Use, Netflix (Jan 14, 2016) https://help.netflix.com/legal/termsofuse.}

_{[5] Sarah Perez, Netflix CEO Says Account Sharing is OK, TechCrunch (Jan 11, 2016),}

_{[6] Terms of Use, Hulu (Jan 14, 2016), http://www.hulu.com/terms}

_{[7] Terms of Use, HBO Go (Jan. 14, 2016), http://www.hbogo.com/#terms/}

_{[8] Greg Kumparak, HBO Doesnt Care if You Share Your HBO Go Acccount . . . For Now, TechCrunch (Jan 20, 2014),}

_{[9] http://www.capitol.tn.gov/Bills/107/Bill/HB1783.pdf}

Smartphone Wars – Supreme Court Awakens: Samsung Files Petition for Certiorari in New Hope to Harmonize Design Patent Law

On Monday, in the latest episode of the smartphone wars, Samsung filed a petition for certiorari with the Supreme Court.

Smartphone Wars

Samsung is appealing a Federal Circuit decision that upheld a $399 million judgment against Samsung for infringing three of Apple’s design patents. Samsung argues that the decision, if left unchecked by the Supreme Court, could dramatically increase the value of design patents. While the Supreme Court is the ultimate power in patent jurisprudence, it was a long time ago that it last considered a design patent case; more than 120 years ago according to Samsung. Samsung’s petition presents two fundamental questions concerning design patents:

1. Where a design patent includes unprotected non-ornamental features, should a district court be required to limit that patent to its protected ornamental scope?

2. Where a design patent is applied to only a component of a product, should an award of infringer’s profits be limited to those profits attributable to the component?

With respect to the first question – whether a district court should be required to limit the protection of a design patent to only ornamental features – Samsung argues that the Federal Circuit’s decision conflicts with both Section 171 of the Patent Act and with the Supreme Court’s precedent requiring judicial construction of patent claims.

According to Samsung, the Federal Circuit refusal “to cabin design patents to their protected ornamental scope” conflicts with Section 171 and allows infringement to be “found based on the use of nonornamental attributes.” Thus, argues Samsung, the Federal Circuit broadened the protectable scope of design patents, which are limited to “any new, original and ornamental design for an article of manufacture,” under section 171. Samsung argues the Federal Circuit’s ruling also creates tension with other areas of intellectual property law that routinely enforce limitations to protectable scope, such as copyright doctrine of “filtration” and trademark law’s doctrine of functionality.

Samsung also maintains that the ruling is contrary to Supreme Court precedents in the analogous context of utility patents, which recognize that district courts have a duty to construe patent claims and eliminate unprotected features. In Samsung’s view, similar to a Markman hearing, a district court should instruct a jury to identify non-ornamental features of a design patent and exclude them from the infringement analysis.

Turning to the second question – whether damages should be limited to the profits attributable to the infringing component – Samsung argues that the Federal Circuit’s decision conflicts with Section 289 of the Patent Act and the basic principles of causation and equity.

Samsung urges that “the Federal Circuit’s holding as a matter of law that an infringer of a design patent is liable for all of the profits it made from its entire product, no matter how little the design contributed to the product’s value or sales” be corrected. Samsung argues that the Federal Circuit’s conclusion that the article of manufacture is the entire smartphone, and not specific subcomponents, is wrong based on a natural reading and purpose of Section 289 of the Patent Act, contemporary extrinsic evidence regarding the definition of “articles of manufacture,” and non-controlling case law (see note below).

According to Samsung, the Federal Circuit’s “interpretation of Section 289 also flies in the face of well-settled tort principles of causation” and “ignores that disgorgement of the defendant’s profits is a classic equitable remedy for which the accepted measure of recovery generally is ‘the net profit attributable to the underlying wrong.’” “The cardinal principle of damages in Anglo-American law is that of compensation for the injury caused to plaintiff by defendant’s breach of duty,” This is the backdrop in which Section 289 was adopted. “Where disgorgement is available in patent cases, it has [] been ‘given in accordance with the principles governing equity jurisdiction, not to inflict punishment but to prevent an unjust enrichment by allowing injured complainants to claim ‘that which … is theirs, and nothing beyond this.’”

Samsung claims that certiorari should be granted because the Federal Circuit’s decision dramatically increases the value of design patents relative to other forms of intellectual property. Without correction, design patents will have whatever scope juries choose to give them, and a design-patent holder will be entitled to the infringer’s profits on the entire product even if the patented design applies only to a part of the product, and contributes to only a minor faction of the overall value. The Federal Circuit’s decision allows design patent owners to obtain the infringer’s total profits – a remedy not available under utility-patent law. Samsung contends that such leverage “poses a real danger for companies everywhere,” that it will lead to an “explosion of design patent assertions and lawsuits.”

Will the Supreme Court agree with Samsung that the Federal Circuit has caused a great disturbance in design patent jurisprudence? Difficult to see. Always in motion is the future.

Bush & Lane Piano Co. v. Becker Bros., 222 F. 902, 904 (2d Cir. 1915), (allowed an award of infringer’s profits from the patented design of a piano case but not from the sale of the entire piano, holding that “recovery should be confined to the subject of the patent.”); Young v. Grand Rapids Refrigerator Co., 268 F. 966 (6th Cir. 1920), (Affirmed the denial of all profits from the sale of refrigerators where the infringed patent related only to the design of the refrigerator’s door latch, explaining that it was not even “seriously contended” that the patentee could recover all profits from sales of refrigerators containing that latch.)

Article By, Patrick T. Driscoll, James Wodarski, Michael T. Renaud & Michael C. Newman of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

FAST Act Calls for Examination of Internet of Things

The Internet of Things (IoT), as defined by Wikipedia, is the network of physical objects or “things” embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data. The IoT allows objects to be sensed and controlled remotely across existing network infrastructure, creating opportunities for more direct integration between the physical world and computer-based systems, and resulting in improved efficiency, accuracy and economic benefit. Each thing is uniquely identifiable through its embedded computing system but is able to interoperate within the existing Internet infrastructure.

In short, if we look at the objects we use in everyday life – from our phones, to our laptops, to even our copy machines or printers at work – each is able to collect and potentially exchange vast amounts of data. While the capabilities of these devices and objects to collect data and exchange data will likely improve our daily lives, it is also important to examine how to protect the privacy and security of the information and data which is collected and shared.

The Fixing America’s Surface Transportation Act (FAST Act) includes a number of provisions related to privacy, including an amendment to the Gramm-Leach-Bliley Act (GLBA) as well as the enactment of the Driver Privacy Act of 2015. Interestingly, the FAST Act also requires a report on the potential of the IoT to improve transportation services in rural, suburban, and urban areas.

Specifically, Section 3024 of Title III, requires the Secretary of Transportation to submit a report to Congress not later than 180 days after December 4, 2015 (the enactment date of the FAST Act). The report, presumably to address the issues discussed above, is to include (1) a survey of the communities, cities, and States that are using innovative transportation systems to meet the needs of ageing populations; (2) best practices to protect privacy and security, as determined as a result of such survey; and (3) recommendations with respect to the potential of the IoT to assist local, State, and Federal planners to develop more efficient and accurate projections of the transportation.

While it is unclear exactly what information will be captured in the report, it’s clear the drafters of Section 3024 have recognized the importance of data privacy and security while utilizing the IoT to improve transportation. On a more personal note, I have to believe I am not alone in hoping that the report will finally address (and correct!) the traffic patters related to my daily commute!

Article By Jason C. Gavejian of Jackson Lewis P.C.

Reasonable Expectation of Privacy: Are You Free To Eavesdrop on Pocket Dials?

Most people have experienced a “pocket dial” – be it as the sender or receiver – and some have found themselves in embarrassing situations as a consequence. But should people reasonably expect that conversations overhead during a “pocket dial” call are private and protected? Should the recipient feel obligated to end the call? The Sixth Circuit says no.

Yesterday, the Sixth Circuit decided whether a reasonable expectation of privacy exists with respect to “pocket dialed” communications. Carol Spaw, assistant to the CEO of Cincinnati/Northern Kentucky International Airport, received a call from James Huff, chairman of the airport board. It didn’t take long for Spaw to figure out that she had received a pocket dial, and that the conversation in the background was not intended for her ears. Spaw stayed on the line for an hour and a half – taking notes and recording the audio as Huff discussed private business matters with another board member, and later with his wife. Spaw sent the recording to a third party company to enhance the quality, and shared the recording with other board members. Huff and his wife sued Spaw for intentionally intercepting their private conversation in violation of Title III of the Omnibus Crime Control and Safe Street Act of 1968. The district court granted summary judgement in favor of Spaw, finding no “reasonable expectation” that the conversation would not be heard. On appeal, the Sixth Circuit affirmed in part, reversed in part, and remanded.

Title III only protects communication when the expectation of privacy is subjectively and objectively reasonable. The Sixth Circuit agreed with the district court that James Huff did not have a reasonable expectation that his conversation was private. Although Mr. Huff did not deliberatelydial the call, he knew that “pocket dials” were possible, and did not take any precautions to prevent them. The court analogized Huff’s situation to a homeowner who neglects to cover his windows with drapes; under the plain view doctrine, the homeowner has no expectation of privacy in his home when the windows are uncovered. Huff could have easily utilized protective settings on his phone to prevent pocket dials.

The Sixth Circuit reversed with respect to Bertha Huff’s claim. Bertha Huff was communicating with her husband in the privacy of a hotel room. She had a reasonable expectation of privacy in that context, and she was not responsible for her husband’s pocket dial. The Sixth Circuit feared that affirming the district court’s decision with respect to Bertha’s claim would undermine what we currently consider a reasonable expectation of privacy in face-to-face conversations. The court remanded the case back to the district court to decide whether Spaw’s actions made her liable for “intentionally” intercepting oral communications.

The Sixth Circuit’s decision leaves us with this: if you receive a pocket-dialed call, feel free to listen, record, and share (but be wary of the privacy interest of the other participants in the conversation); if you are a pocket dialer, lock your phone.

ARTICLE BY Pierre H. Bergeron of Squire Patton Boggs (US) LLP

Lauren Maynard contributed to this article.

What You Need to Know About the FCC’s July 10th Declaratory Ruling on the Telephone Consumer Protection Act (TCPA)

A sharply divided FCC late Friday issued its anticipated TCPA Declaratory Ruling and Order (the “Declaratory Ruling”). This document sets forth a range of new statutory and policy pronouncements that have broad implications for businesses of all types that call or text consumers for informational or telemarketing purposes. While some of its statements raise interesting and in some cases imponderable questions and practical challenges, this summary analysis captures the FCC’s actions in key areas where many petitioners sought clarification or relief. Certainly there will be more to say about these key areas and other matters as analysis of the Declaratory Ruling and consideration of options begins in earnest. There will undoubtedly be appeals and petitions for reconsideration filed in the coming weeks. Notably, except for some limited relief to some callers to come into compliance on the form or content of prior written consents, the FCC’s Order states that the new interpretations of the TCPA are effective upon the release date of the Declaratory Ruling. Requests may be lodged, however, to stay its enforcement pending review.

Scope and Definition of an Autodialer

An important threshold question that various petitioners had asked the FCC to clarify was what equipment falls within the definition of an “automatic telephone dialing system” or “ATDS.” The TCPA defines an ATDS as:

equipment which has the capacity—

(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and

(B) to dial such numbers. 47 U.S.C. § 227(a)(1) (emphasis added).

Two recurring points of disagreement have been: (1) whether “capacity” refers to present or potential capacity, i.e., whether it refers to what equipment can do today, or what some modified version of that equipment could conceivably do tomorrow; and (2) whether “using a random or sequential number generator” should be read to limit the definition in any meaningful way.

Stating that a broad definition would be consistent with Congressional intent and would help “ensure that the restriction on autodialed calls not be circumvented,” the FCC concluded that “the TCPA’s use of ‘capacity’ does not exempt equipment that lacks the ‘present ability’ to dial randomly or sequentially.” Rather, “the capacity of an autodialer is not limited to its current configuration but also includes its potential functionalities.”

The Declaratory Ruling stated that “little or no modern dialing equipment would fit the statutory definition of an autodialer” if it adopted a less expansive reading of the word “capacity.” But as for whether any “modern dialing equipment” does not have the requisite “capacity,” the agency declined to say:

[W]e do not at this time address the exact contours of the “autodialer” definition or seek to determine comprehensively each type of equipment that falls within that definition that would be administrable industry-wide…. How the human intervention element applies to a particular piece of equipment is specific to each individual piece of equipment, based on how the equipment functions and depends on human intervention, and is therefore a case-by-case determination.

Indeed, although the Declaratory Ruling insisted that this interpretation has “outer limits” and does not “extend to every piece of malleable and modifiable dialing equipment,” the only example that that Declaratory Ruling offered was anything but “modern”:

[F]or example, it might be theoretically possible to modify a rotary-dial phone to such an extreme that it would satisfy the definition of “autodialer,” but such a possibility is too attenuated for us to find that a rotary-dial phone has the requisite “capacity” and therefore is an autodialer.

Finally, the FCC majority brushed off petitioners’ concerns that such a broad definition would apply to smartphones—not because it would be impossible to read that way, but because “there is no evidence in the record that individual consumers have been sued….”

Commissioner Pai’s dissent expressed concern that the FCC’s interpretation of the ATDS definition “transforms the TCPA from a statutory rifle-shot targeting specific companies that market their services through automated random or sequential dialing into an unpredictable shotgun blast covering virtually all communications devices.” He also noted that even if smartphone owners have yet to be sued, such suits “are sure to follow…. Having opened the door wide, the agency cannot then stipulate restraint among those who would have a financial incentive to walk through it.”

Commissioner O’Rielly took issue with the FCC’s “refusal to acknowledge” the other half of the statutory definition, specifically that equipment “store or produce telephone numbers to be called, using a random or sequential number generator.” 47 U.S.C. § 227(a)(1). “Calling off a list or from a database of customers … does not fit the definition,” he explained. And as for the reading of the word “capacity,” the Commissioner stated that the FCC majority’s “real concern seems to be that … companies would game the system” by “claim[ing] that they aren’t using the equipment as an autodialer” but “secretly flipping a switch to convert it into one for purposes of making the calls.” He explained that even if there had been examples of this in the regulatory record, “this could be handled as an evidentiary matter. If a company can provide evidence that the equipment was not functioning as an autodialer at the time a call was made, then that should end the matter.”

Given the breadth of the FCC’s purported interpretation of ATDS, which clashes with the views of a number of courts in recent litigation and is replete with ambiguity, this portion of the Declaratory Ruling will most certainly be challenged.

Consent and Revocation of Consent

The Declaratory Ruling addressed the question of whether a person who has previously given consent to be called may revoke that consent and indicated that consumers have the ability to revoke consent in any “reasonable manner.” As dissenting Commissioner Pai noted, this can lead to absurd results if consumers are entirely free to individually and idiosyncratically select their mode and manner of revocation, particularly for any such oral, in-store communication. The Commissioner’s dissent asked ruefully whether the new regime would cause businesses to “have to record and review every single conversation between customers and employees….Would a harried cashier at McDonald’s have to be trained in the nuances of customer consent for TCPA purposes?……the prospects make one grimace.”

FCC Petitioner Santander had sought clarification of the ability of a consumer to revoke consent and alternatively, to allow the calling party to designate the methods to be used by a consumer to revoke previously provided consent. In considering the TCPA’s overall purpose as a consumer protection statute, the FCC determined that the silence in the statute on the issue of revocation is most reasonably interpreted in favor of allowing consumers to revoke their consent to receive covered calls or texts. The Declaratory Ruling found comfort both in other FCC decisions and in the common law right to revoke consent, which is not overridden by the TCPA. The Declaratory Ruling stated that this interpretation imposes no new restriction on speech and established no new law.

The FCC noted that its prior precedent on the question of revocation was in favor of allowing consumer revocation “in any manner that clearly expresses a desire not to receive further messages, and that callers may not infringe on that ability by designating an exclusive means to revoke.” Stating that consumers can revoke consent by “using any reasonable method,” the FCC determined that a caller seeking to provide exclusive means to register revocation requests would “place a significant burden on the called party.” The Declaratory Ruling contains no serious discussion of the burdens placed on businesses by one-off individual revocations. The FCC majority also rejected the argument that oral revocation would unnecessarily create many avoidable factual disputes, instead stating that “the well-established evidentiary value of business records means that callers have reasonable ways to carry their burden of proving consent.”

Reassigned Number “Safe Harbor”

There is perhaps no issue that garners more frustration among parties engaged in calling activities than potential TCPA liability for calls to reassigned numbers. No matter how vigilant a caller is with respect to compliance, under the FCC’s preexisting and now expanded statements, it is impossible to eliminate the risk of exposure short of not calling anyone. As explained in Commissioner O’Rielly’s Separate Statement: “numerous companies, acting in good faith to contact consumers that have consented to receive calls or texts, are exposed to liability when it turns out that numbers have been reassigned without their knowledge.” This portion of the Declaratory Ruling will also most certainly be subject to challenges.

While relying on a number of flawed assumptions, the FCC: (1) rejected the sensible “intended recipient” interpretation of “called party”; (2) disregarded the fact that comprehensive solutions to addressing reassigned numbers do not exist; (3) adopted an unworkable and ambiguous “one-call exemption” for determining if a wireless number has been reassigned (a rule that constitutes “fake relief instead of a solution,” as explained by Commissioner O’Rielly); and (4) encouraged companies to include certain language in their agreements with consumers so that they can take legal action against consumers if they do not notify the companies when they relinquish their wireless phone numbers.

First, the FCC purported to clarify that the TCPA requires the consent of the “current subscriber” or “the non-subscriber customary user of the phone.” It found that consent provided by the customary user of a cell phone may bind the subscriber. The FCC declined to interpret “called party” as the “intended recipient,” as urged by a number of petitioners and commenters and held by some courts.

Second, the FCC quickly acknowledged and then set aside the significant fact that there exists no comprehensive public directory of reassigned number data provided by the carriers. Instead, it seemed flummoxed by the purported scope of information accessible to companies to address the reassigned number issue. The FCC suggested that companies could improvise ways to screen for reassigned numbers (e.g., by manually dialing numbers and listening to voicemail messages to confirm identities or by emailing consumers first to confirm their current wireless phone numbers) and explained that “caller best practices can facilitate detection of reassignment before calls.” Ignoring the reality of TCPA liability, the FCC explained that “[c]allers have a number of options available to them that, over time, may permit them to learn of reassigned numbers.” (emphasis added).

Third, the FCC purported to create an untenable “one-call exemption.” The Declaratory Ruling explained “that callers who make calls without knowledge of reassignment and with a reasonable basis to believe they have valid consent to make the call should be able to initiate one call after reassignment as an additional opportunity to gain actual or constructive knowledge of the reassignment and cease future calls to the new subscriber. If this one additional call does not yield actual knowledge of reassignment, we deem the caller to have constructive knowledge of such.”

One potentially helpful clarification made was the determination that porting a number from wireline to a wireless service is not to be treated as an action that revokes prior express consent, and thus the FCC stated that that prior consent may continue to be relied upon so long it is the same type of call for which consent was initially given. The FCC agreed with commenters who had observed that if a consumer no longer wishes to get calls, then it is her right and responsibility to revoke that consent. Unless and until that happens, however, the FCC stated that a caller may rely on previously provided consent to continue to make that same type of call. Valid consent to be called as to a specified type of call continues, “absent indication from the consumer that he wishes to revoke consent.” As wireline callers need not provide express consent to be autodialed, any party calling consumers would have to still be aware of the nature of the called number to determine whether appropriate consent to be called was present.

Finally, the FCC – which claims to be driven by consumer interests throughout its Declaratory Ruling – makes the suggestion that companies should require customers, through agreement, to notify them when they relinquish their wireless phone numbers and then initiate legal action against the prior holders of reassigned numbers if they fail to do so. “Nothing in the TCPA or our rules prevents parties from creating, through a contract or other private agreement, an obligation for the person giving consent to notify the caller when the number has been relinquished. The failure of the original consenting party to satisfy a contractual obligation to notify a caller about such a change [of a cell phone number] does not preserve the previously existing consent to call that number, but instead creates a situation in which the caller may wish to seek legal remedies for violation of that agreement.”

Treatment of Text Messaging and Internet-to-Phone Messaging

The Declaratory Ruling also addressed a number of issues that specifically affect text messaging under the TCPA. First, the FCC addressed the status of SMS text messages in response to a petition that asked the FCC to make a distinction between text messages and voice calls. The FCC reiterated that SMS text messages are subject to the same consumer protections under the TCPA as voice calls and rejected the argument that they are more akin to instant messages or emails.

Second, the FCC addressed the treatment of Internet-to-phone text messages under the TCPA. These messages differ from phone-to-phone SMS messages in that they originate as e-mails and are sent to an e-mail address composed of the recipient’s wireless number and the carrier’s domain name. The FCC explained that Internet-to-phone text messaging is the functional equivalent of phone-to-phone SMS text messaging and is therefore covered by the TCPA. The FCC also found that the equipment used to send Internet-to-phone text messages is an automatic telephone dialing system for purposes of the TCPA. In so doing, the FCC expressly rejected the notion that only the CAN-SPAM Act applies to these messages to the exclusion of the TCPA.

Finally, the FCC did provide some clarity as to one issue that had created significant confusion since the adoption of the current TCPA rules in 2012: whether a one-time text message sent in response to a consumer’s specific request for information constitutes a telemarketing message under the TCPA. The specific scenario that was presented to the FCC is one confronted by many businesses: they display or publish a call-to-action, they receive a specific request from a consumer in response to that call-to-action, and they wish to send a text message to the consumer with the information requested without violating the TCPA and the FCC’s rules.

The FCC brought clarity to this question by finding that a one-time text message does not violate the TCPA or the FCC’s rules as long as it is sent immediately to a consumer in response to a specific request and contains only the information requested by the consumer without any other marketing or advertising information. The FCC explained that such messages were not telemarketing, but “instead fulfillment of the consumer’s request to receive the text.” Businesses may voluntarily provide the TCPA disclosures in their calls-to-action, as the FCC noted in the Declaratory Ruling, but a single text message to consumers who responded to the call-to-action or otherwise requested that specific information be sent to them would not be considered a telemarketing message and, as such, would not require the advance procurement of express written consent.

Limited Exemptions for Bank Fraud and Exigent Healthcare Calls and Texts

The TCPA empowers the agency to “exempt . . . calls to a telephone number assigned to a cellular telephone service that are not charged to the called party, subject to such conditions as the Commission may prescribe as necessary in the interest of the privacy rights [the TCPA] is intended to protect.” 47 U.S.C. § 227(b)(2)(C). In March 2014, the FCC invoked this authority to grant an exemption from the TCPA’s prior express consent requirement for certain package-delivery related communications to cellular phones, requiring that for such communications to be exempt, they must (among other things) be free to the end user.

The Declaratory Ruling invoked that same provision and followed that same framework in granting exemptions for “messages about time-sensitive financial and healthcare issues” so long as the messages (whether voice calls or texts) are, among other things discussed below, free to the end user. Oddly, the Declaratory Ruling referred to these two types of messages as “pro-consumer messages,” showcasing an apparent view that automated/autodialed calls are “anti-consumer” by default.

The FCC first addressed a petition from the American Bankers Association (ABA), seeking an exemption for four types of financial-related calls: messages about (1) potential fraud or identity theft, (2) data security breaches, (3) steps to take to prevent identity theft following a data breach, and (4) money transfers. After analyzing the record before it regarding the exigency and consumer interest in receiving these types of communications, and finding that “the requirement to obtain prior express consent could make it impossible for effective communications of this sort to take place,” the FCC imposed the following very specific requirements in addition to the requirement that the messages be free to the end user: (1) the messages must be sent only to the number provided by the consumer to the financial institution; (2) the messages must state the name and contact information for the financial institution (for calls, at the outset); (3) the messages must be strictly limited in purpose to the four exempted types of messages and not contain any “telemarketing, cross-marketing, solicitation, debt collection, or advertising content;” (4) the messages must be concise (for calls generally one minute or less, “unless more time is needed to obtain customer responses or answer customer questions,” and for texts, 160 characters or less); (5) the messages must be limited to three per event over a three-day period for an affected account; (6) the messages must include “an easy means to opt out” (an interactive voice and/or key-press activated option for answered calls, a toll-free number for voicemail, and instructions to use “STOP” for texts); and (7) the opt-out requests must be honored “immediately.”

The FCC then addressed a petition from the American Association of Healthcare Administrative Management (AAHAM) seeking similar relief for healthcare messages. Relying on its prior rulings regarding the scope of consent and the ability to provide consent via an intermediary, the FCC stated that (1) the “provision of a phone number to a healthcare provider constitutes prior express consent for healthcare calls subject to HIPAA by a HIPAA-covered entity and business associates acting on its behalf, as defined by HIPAA, if the covered entities and business associates are making calls within the scope of the consent given, and absent instructions to the contrary”; and, (2) such consent may be obtained through a third-party when the patient is medically incapacitated, but that “ just as a third party’s ability to consent to medical treatment on behalf of another ends at the time the patient is capable of consenting on his own behalf, the prior express consent provided by the third party is no longer valid once the period of incapacity ends.”

The FCC also granted a free-to-end-user exemption for certain calls “for which there is exigency and that have a healthcare treatment purpose”: (1) appointment and exam confirmations and reminders; (2) wellness checkups; (3) hospital pre-registration instructions; (4) pre-operative instructions; (5) lab results;(6) post-discharge follow-up intended to prevent readmission; (7) prescription notifications; and (8) home healthcare instructions. The FCC specifically excluded from the exemption messages regarding “account communications and payment notifications, or Social Security disability eligibility.”

The Declaratory Ruling imposed mostly the same additional restrictions on free-to-end-user health-care related calls as it did with free-to-end-user financial calls: (1) the messages must be sent only to the number provided by the patient; (2) the messages must state the name and contact information for the healthcare provider (for calls, at the outset); (3) the messages must be strictly limited in purpose to the eight exempted types of messages, be HIPAA-compliant, and may not include “telemarketing, solicitation, or advertising content, or . . . billing, debt-collection, or other financial content”; (4) the messages must be concise (for calls generally one minute or less, and for texts, 160 characters or less); (5) the messages must be limited to one per day and three per week from a specific healthcare provider; (6) the messages must include “an easy means to opt out” (an interactive voice and/or key-press activated option for answered calls, a toll-free number for voicemail, and instructions to use “STOP” for texts); and (7) the opt-out requests must be honored “immediately.”

Service Provider Offering of Call Blocking Technology

A number of state Attorneys General had sought clarification on the legal or regulatory prohibitions on carriers and VoIP providers to implement call blocking technologies. While declining to specifically analyze in detail the capabilities and functions of particular call blocking technologies, the FCC nevertheless granted the request for clarification and stated that there is no legal barrier to service providers offering consumers the ability to block calls – using an “informed opt-in process” at the individual consumer’s direction. Blocking categories of calls or individual calls was seen as providing consumers with enhanced tools to stop unwanted robocalls.

Service provider groups, which expressed concern that any blocking technology could be either over or under-inclusive from an individual consumer’s perspective, were provided the assurance that while both the FCC and the FTC recognize that no technology is “perfect,” accurate disclosures to consumers at the time they opt-in for these services should suffice to allay these concerns. The Declaratory Ruling also noted that consumers are free to drop these services if they wish, and encouraged providers to offer technologies that have features that allow solicited mass calling, such as a municipal or school alerts, to not be blocked, as well as to develop protocols to ensure public safety calls or other emergency calls are not blocked.

ARTICLE BY Laura H. Phillips & Eduardo R. Guzman of Drinker Biddle & Reath LLP

Twitter Terrorism: Criminals Choose the Hack Attack

In what appears to be yet another brazen demonstration of capability following an earlier hijack of government social media sites, a group calling itself the Syrian Electronic Army (SEA) recently hacked into the U.S. Army’s main news and public information website, positing its own message for website visitors: “Your commanders admit they are training the people they have sent you to die fighting.” In response, the Army was forced to shut down the site to implement additional security measures to protect its systems.

Earlier this year, two of the U.S. military’s Central Command social media websites on YouTube and Twitter were similarly attacked and compromised. There, organization profile images were replaced by those of ISIS supporters on the official Twitter page, and two ISIS propaganda videos were uploaded to the Central Command YouTube account. Over the past several years, SEA has initiated similar attacks on the Twitter accounts of the BBC, The New York Times, 60 Minutes and the Associated Press.

Business Concerns

While the U.S. government reported that none of the internal systems were compromised and that there was no loss of classified information, the attacks have certified the anxiety of many business leaders over the potential vulnerability of their own companies, and highlight the concerns regarding the lack of knowledge or ability to prevent such attacks. Recent surveys have confirmed that risks associated with social media, whether through external portal access or internal sabotage, are among the top concerns facing businesses in 2015.

Without question, social media has become a crucial advertising vehicle for thousands of businesses around the world. The number of Facebook, Twitter, LinkedIn and other social media users continues to grow at an exponential rate, allowing businesses access to many new customers and clients every day. The ability to maintain control over these new electronic profiles, however, has become increasingly difficult as the perpetrators become more skilled and the targets more prized. In one particularly publicized account in 2013, social media hackers changed the Twitter account name of a premiere fast-food company to that of its chief competitor and posted multiple offensive tweets. Thereafter, damage control was all that could be done.

Businesses in 2015 have become enthralled by virtually unlimited access to customers and business partners via online platforms. Unfortunately, many have focused on the potential profits arising from such undertakings without sufficient consideration for the problems that too frequently arise from the use of such platforms. Social media has become the soft underbelly of many growing businesses eager for success but unaware of its vulnerabilities. In addition to direct attacks, courthouses nationwide have been flooded by lawsuits tied to the use and regulation of social media sites. The governance of employee use of social media, ownership of content and retention of information gathered through social media are generating more litigation every day. While increased exposure may be the incentive, preventative medicine will likely prove integral to long-term success.

Such “preventative medicine” includes not only the appropriate policies and procedures on access to and use of social media, but also an understanding of the vulnerabilities created by using these online platforms. Most importantly, organizations must train their employees on these issues. Defending itself from perils arising out of social media starts at the first line of defense – the user.

ARTICLE BY Scott Sweeney & Ian A. Stewart of Wilson Elser Moskowitz Edelman & Dicker LLP

FCC’s Enforcement Bureau Commends PayPal for Modifying its User Agreement

We previously advised that the FCC’s Enforcement Bureau, in an unusual move, on June 11 published a letter it sent to PayPal warning that PayPal’s proposed changes to its User Agreement that contained robocall contact provisions might violate the TCPA.

These proposed revisions conveyed user consent for PayPal to contact its users via “autodialed or prerecorded calls and text messages … at any telephone number provided … or otherwise obtained” to notify consumers about their accounts, to troubleshoot problems, resolve disputes, collect debts, and poll for opinions, among other things. The Bureau’s letter highlighted concerns with the broad consent specified for the receipt of autodialed or prerecorded telemarketing messages and the apparent lack of notice as to a consumer’s right to refuse to provide consent to receive these types of calls.

On June 29, prior to the revisions coming into effect, PayPal posted a notice on its blog stating: “In sending our customers a notice about upcoming changes to our User Agreement we used language that did not clearly communicate how we intend to contact them.” PayPal clarified that it would modify its User Agreement to specify the circumstances under which it would make robocalls to its users, including for important non-marketing reasons relating to misuse of an account, as well as to specify that continued use of PayPal products and services would not require users to consent to receive robocalls.

The FCC’s Enforcement Bureau immediately put out a statement commending PayPal for its decision to modify its proposed contact language, noting that these changes to the User Agreement represented “significant and welcome improvements.” The Bureau’s very public actions on this matter signal to businesses everywhere of the need to review existing “consent to contact” policies. Certainly the FCC’s yet to be released Declaratory Ruling on TCPA matters that was voted on during a contentious FCC Open Meeting on June 18 may also invite that opportunity.

ARTICLE BY Laura H. Phillips of Drinker Biddle & Reath LLP

Meeting of the Minds at the Inbox: Some Pitfalls of Contracting via Email

This issue comes up regularly when informality creeps into negotiations conducted electronically, bringing up the age-old problem that has likely been argued before judges for centuries: one party thinks “we have a deal,” the other thinks “we’re still negotiating.” While email can be useful in many contract negotiations, care should be taken to avoid having to run to court to ask a judge to interpret an agreement or enforce a so-called “done deal.”

With limited exceptions, under the federal electronic signature law, 15 U.S.C. § 7001, and, as adopted by the vast majority of states, the Uniform Electronic Transactions Act (UETA), most signatures, contracts and other record relating to any transaction may not be denied legal effect solely because they arein electronic form. Still, a signed email message does not necessarily evidence intent to electronically sign the document attached to the email. Whether a party has electronically signed an attached document depends on the circumstances, including whether the attached document was intended to be a draft or final version.

There have been a number of recent cases on this issue, but the bottom-line, practical takeaways are as follows:

Consider an express statement in the agreement that performance is not a means of acceptance and that the agreement must be signed by both parties to be effective.
If you do not believe the agreement is final and accepted, do not begin to perform under the agreement unless there is an express written (email is ok) agreement by the parties that performance has begun but the contract is still being negotiated.
When exchanging emails relating to an agreement, be prudent when using certain loaded terms such as “offer,” “accept,” “amendment,” “promise,” or “signed” or phrases of assent (e.g., “I’m ok with that”, “Agreed”) without limitations or a clear explanation of intent.
Terms of proposed agreements communicated via email should explicitly state that they are subject to any relevant conditions, as well as to the further review and comment of the sender’s clients and/or colleagues. To avoid ambiguity, to the extent finalizing an agreement is subject to a contingency (e.g., upper management or outside approval, or a separate side document signed by both parties), be clear about that in any email exchange that contains near-final versions of the agreement.
Parties wishing to close the deal with an attachment should mutually confirm their intent and verify assent when the terms of a final agreement come together.
While it is good practice to include standard email disclaimers that say that the terms of an email are not an offer capable of acceptance and do not evidence an intention to enter into any contract, do not rely on this disclaimer to prevent an email exchange – which otherwise has all the indicia of a final agreement – from being considered binding.
Exercise extreme caution when using text messaging for contract negotiations – the increased informality, as well as the inability to attach a final document to a text, is likely to lead to disputes down the road.

While courts have clearly become more comfortable with today’s more informal, electronic methods of contracting, judges still examine the parties’ communications closely to see if an enforceable agreement has been reached.

Now, for those who are really interested in this subject and want more, here comes the case discussion….

Last month, a Washington D.C. district court jury found in favor of MSNBC host Ed Schultz in a lawsuit filed by a former business partner who had claimed that the parties had formed a partnership to develop a television show and share in the profits based, in part, upon a series of emails that purported to form a binding agreement. See Queen v. Schultz, 2014 WL 1328338 (D.C. Cir. Apr. 4, 2014), on remand, No. 11-00871 (D. D.C. Jury Verdict May 18, 2015). And, earlier last month, a New York appellate court ruled that emails between a decedent and a co-owner of real property did not evince an intent of the co-owner to transfer the parcel to the decedent’s sole ownership because, even though the parties discussed the future intention to do so, the material term of consideration for such a transfer was fatally absent. See Matter of Wyman, 2015 NY Slip Op 03908 (N.Y. App. Div., 3^rd Dept. May 7, 2015). Another recent example includes Tindall Corp. v. Mondelēz Int’l, Inc., No. 14-05196 (N.D. Ill. Mar. 3, 2015), where a court, on a motion to dismiss, had to decide whether a series of ambiguous emails that contained detailed proposals and were a follow-up to multiple communications and meetings over the course of a year created a binding contract or rather, whether this was an example of fizzled negotiations, indefinite promises and unreasonable reliance. The court rejected the defendant’s argument that the parties anticipated execution of a memorialized contract in the future and that it “strains belief that these two companies would contract in such a cavalier manner,” particularly since the speed of the project may have required that formalities be overlooked.

Enforceability of Electronic Signatures

A Minnesota appellate court decision from last year highlights that, unless circumstances indicate otherwise, parties cannot assume that an agreement attached to an email memorializing discussions is final, absent a signature by both parties. See SN4, LLC v. Anchor Bank, fsb, 848 N.W.2d 559 (Minn. App. 2014) (unpublished). The court found although the bank representatives intended to electronically sign their e-mail messages, the evidence was insufficient to establish that they intended to electronically sign the attached agreement or that the attached document was intended to be a final version (“Can you confirm that the agreements with [the bank] are satisfactory[?] If so, can you have your client sign and I will have my client sign.”).

A California decision brings up similar contracting issues. In JBB Investment Partners, Ltd. v. Fair, 182 Cal. Rptr. 974 (Cal. App. 2014), the appellate court reversed a trial court’s finding that a party that entered his name at the end of an email agreeing to settlement terms electronic “signed” off on the deal under California law. The facts in JBB Investmentoffered a close case – with the defendant sending multiple emails and text messages with replies such as “We clearly have an agreement” and that he “agree[d] with [plaintiff’s counsel’s] terms” – yet, the court found it wasn’t clear as to whether that agreement was merely a rough proposal or an enforceable final settlement. It was clear that the emailed offer was conditioned on a formal writing (“[t]he Settlement paperwork would be drafted . . .”).

Performance as Acceptance

Another pitfall of contracting via email occurs when parties begin performance prior to executing the governing agreement – under the assumption that a formal deal “will get done.” If the draft agreement contains terms that are unfavorable to a party and that party performs, but the agreement is never executed, that party may have to live with those unfavorable terms. In DC Media Capital, LLC v. Imagine Fulfillment Services, LLC, 2013 WL 46652 (Cal. App. Aug. 30, 2013) (unpublished), a California appellate court held that a contract electronically sent by a customer to a vendor and not signed by either party was nevertheless enforceable where there was performance by the offeree. The court held that the defendant’s performance was acceptance of the contract, particularly because the agreement did not specifically preclude acceptance by performance and expressly require a signature to be effective.

ARTICLE BY Jeffrey D Neuburger of Proskauer Rose LLP

Court Dismisses Text-Message TCPA Suit Against AOL, Finding Instant Messaging Service Does Not Constitute an ATDS

On June 1, the Northern District of California dismissed a putative TCPA class action against AOL, finding that the plaintiff had failed to allege that AOL utilized an automated telephone dialing system (ATDS), as required to state a cause of action under the TCPA. In dismissing the plaintiff’s complaint in Derby v. AOL, the court rejected the plaintiff’s arguments that AOL Instant Messenger (AIM), which allows individuals to send instant messages as text messages to cell phones, constitutes an ATDS. Instead, the court agreed with AOL’s argument that AIM relied on “human intervention” to send the messages at issue, which foreclosed the possibility of potential TCPA liability. (Covington represented AOL in this case.) The decision should be beneficial to a variety of services that enable their users to send text messages to cell phones.

The TCPA’s prohibitions include a ban on using an ATDS to call cellular telephones for informational purposes without the prior express consent of the recipient. The FCC and courts have extended the reach of the statute to include text messages. However, the FCC has stated that only equipment that has the capacity to operate “without human intervention” may qualify as an ATDS. The plaintiff in Derby alleged that he received three text messages from an AIM user that were intended for another individual, which the court recognized were “presumably . . . the result of the sender inputting an incorrect phone number.” After the receiving the third message, the plaintiff alleged that he sent a text message to AIM to block future texts from the AIM user, and that he received back a text confirmation of his request.

In analyzing TCPA liability for the first three text messages, the court noted that the plaintiff’s complaint “affirmatively alleges that AIM relies on human intervention to transmit text messages to recipients’ cell phones.” The court followed precedent from other Ninth Circuit district courts rejecting ATDS arguments where the equipment at issue relied on humans to press buttons on phones or manually enter telephone numbers into the system. Since the complaint demonstrated that “extensive human intervention is required to send text messages through defendant’s AIM service,” the court held that the complaint failed to state a claim under the TCPA with respect to the three text messages sent by an AIM user.

The court also analyzed potential TCPA liability for the separate confirmation text message that Derby alleged he had received from AIM. Again citing relevant authority, the court held that “a single message sent in response to plaintiff’s text . . . is not the kind of intrusive, nuisance call that the TCPA prohibits.” The court concluded that Derby, having sent the “block” request from his cell phone, had “knowingly released” his number to AIM and consented to receive a confirmation text from AIM at that number. The court’s opinion advocated for a “common sense” approach to TCPA liability, finding that the statute should not be utilized to “punish the consumer-friendly practice of confirming requests to block future unwanted texts.” Accordingly, the court also dismissed the TCPA claim based on the confirmation text message for failure to state a claim.

ARTICLE BY Caleb Skeath of Covington & Burling LLP

Category: Communication Media & Internet

EU Policy Update – February 2016 re: Dutch Presidency and Brexit, Digital Single Market Policy, Energy and Environment

Dutch Presidency and Brexit

Digital Single Market Policy

Energy and Environment Policy

Internal Market and Financial Services Policies

Life Sciences and Healthcare Policies

Trade Policy and Sanctions

Like this:

Criminal or Civil Liability for Sharing Streaming Accounts?

Netflix

Hulu Plus

HBO Go

Trouble in Tennessee

California is Not the Golden State For Sharing

It Might Be A Federal Offense

Like this:

Smartphone Wars – Supreme Court Awakens: Samsung Files Petition for Certiorari in New Hope to Harmonize Design Patent Law

Like this:

FAST Act Calls for Examination of Internet of Things

Like this:

Reasonable Expectation of Privacy: Are You Free To Eavesdrop on Pocket Dials?

Like this:

What You Need to Know About the FCC’s July 10th Declaratory Ruling on the Telephone Consumer Protection Act (TCPA)

Scope and Definition of an Autodialer

Consent and Revocation of Consent

Reassigned Number “Safe Harbor”

Treatment of Text Messaging and Internet-to-Phone Messaging

Limited Exemptions for Bank Fraud and Exigent Healthcare Calls and Texts

Service Provider Offering of Call Blocking Technology

Like this:

FCC’s Enforcement Bureau Commends PayPal for Modifying its User Agreement

Like this:

Meeting of the Minds at the Inbox: Some Pitfalls of Contracting via Email

Enforceability of Electronic Signatures

Performance as Acceptance

Like this:

Court Dismisses Text-Message TCPA Suit Against AOL, Finding Instant Messaging Service Does Not Constitute an ATDS

Like this:

Dutch Presidency and Brexit

Digital Single Market Policy

Energy and Environment Policy

Internal Market and Financial Services Policies

Life Sciences and Healthcare Policies

Trade Policy and Sanctions

Share this:

Like this:

Netflix

Hulu Plus

HBO Go

Trouble in Tennessee

California is Not the Golden State For Sharing

It Might Be A Federal Offense

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Like this:

Scope and Definition of an Autodialer

Consent and Revocation of Consent

Reassigned Number “Safe Harbor”

Treatment of Text Messaging and Internet-to-Phone Messaging

Limited Exemptions for Bank Fraud and Exigent Healthcare Calls and Texts

Service Provider Offering of Call Blocking Technology

Share this:

Like this:

Business Concerns

Like this:

Like this:

Enforceability of Electronic Signatures

Performance as Acceptance

Like this:

Share this:

Like this: