RECENT AND PENDING FEDERAL REGULATION AND LEGISLATION: SPAM, ONLINE PRIVACY AND COPYRIGHTS Denis T.
Download ReportTranscript RECENT AND PENDING FEDERAL REGULATION AND LEGISLATION: SPAM, ONLINE PRIVACY AND COPYRIGHTS Denis T.
RECENT AND PENDING FEDERAL REGULATION AND LEGISLATION: SPAM, ONLINE PRIVACY AND COPYRIGHTS Denis T. Rice The Power of Emarketing San Francisco March 9, 2004 WHERE ARE WE WITH SPAM? • UN Estimate: Half of all email is spam • Cost: $20 Billion per Year • Costs to U.S. Business Estimated at over $10 Billion in 2003 • $4 Billion in Lost Production • $6 Billion from upgrading, lost data, personnel THE LANDSCAPE BEFORE CAN-SPAM • 36 States with different anti-spam laws • California’s S.B. 186, enacted 2003: The first “opt in” legislation • California broad definition of spam and sharp penalties WHAT DOES CAN-SPAM DO? • CAN-SPAM preempts state laws • CAN-SPAM does not outlaw unsolicited mail generally • Marketers/businesses can send unsolicited email to anyone if Identify themselves clearly No fraudulent headers Honor requests to unsubscribe KEY CAN-SPAM DEFINITIONS • A “commercial electronic mail message”: “Any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service (including content on an Internet website operated for a commercial purpose)” KEY CAN-SPAM DEFINITIONS • “Primary purpose” must be commercial advertisement or promotion • Compare California law, which would apply to incidental incursion of advertising in automated greetings or brief reference to new products in otherwise non-advertising message. WHAT CAN-SPAM PROHIBITS • Gaining unauthorized access to another computer to initiate or retransmit multiple messages • Falsifying header information • Registering for multiple email accounts using false identifying information • Fraudulent use of Internet Protocol addresses to send multiple commercial emails OPT-OUTS AFTER CAN-SPAM Senders must provide easily accessible, legitimate means for consumers to opt-out of receiving future messages. After an opt-out, cannot transmit spam or customer’s email address. OTHER KEY CAN-SPAM RULES • Honest Subject Lines: can’t use misleading or bogus subject lines to trick consumer into opening message • Labeling: unsolicited emails must be clearly identified as solicitations or ads for products/services • Emails with sexually explicit content must be labeled as to contents MORE KEY PROVISIONS • Opt-outs: must be easily done • Sender’s Address: must be on all unsolicited email; no false or misleading transmission information • Honest subject lines • “Do-Not-Mail Registry”: To be set up under FTC plan BULK SOLICITATION PROHIBITED • Cannot use automated means to establish multiple email accounts for spam • This bans “harvesting” email addresses by crawling websites and automated guessing of email addresses • Felony for too many transmissions CAN-SPAM MAJOR EXEMPTIONS • Pre-Existing Business Relationship • “Transactional or Relationship Message” • Even if does not meet these criteria, will not automatically be deemed “commercial electronic mail message” WHAT IS A “TRANSACTIONAL OR RELATIONSHIP MESSAGE”? • Electronic message whose “primary purpose” is to facilitate, complete or confirm a commercial transaction the recipient has already agreed to; or to provide warranty information, product recall information or safety/security information regarding product or service already purchased by recipient; or “TRANSACTIONAL OR RELATIONSHIP MESSAGE” to provide notice of change in various commercial relationships already existing (loan, subscription, etc.); or to provide notice of change in recipient’s standing or status in existing relationship; or to provide periodic account information; or to provide information on employment or benefit relationship; or to deliver goods or services (including upgrades/ updates) that recipient is already entitled to receive. WHAT LIES AHEAD? • FTC to adopt rules • Limitations imposed on civil actions and state laws except for fraudulent and deceptive practices • Only 10% of emails in compliance at start of 2004 “PHISHING” INTERNET PRIVACY • Federal level: FTC and various federal statutes • State level: Various different statutes FEDERAL LAWS USED FOR PRIVACY PROTECTION • FTC Act • Children’s Online Privacy Protection Act (“COPPA”) • Gram-Leach-Bliley Act (Financial Institutions) FTC AND FTC ACT • Not required to have a privacy policy • If you have a policy, you must adhere to it • Example of toysmart.com CHILDREN’S ONLINE PRIVACY PROTECTION ACT • Applies to operator of website “directed” to children under 13 that collects information from them • Requires notice to parents, parental consent, parental access to information, security and confidentiality GRAM-LEACH-BLILEY ACT (GLBA) • Applies to “financial institutions” providing “financial products or services” to consumers • Terms broadly defined, could apply to lawyers, accountants, headhunters WHO ENFORCES GLBA? • Relevant functional regulator (SEC, FDIC, etc.) • For accountants, lawyers, headhunters: FTC CONSUMER’S “NONPUBLIC PERSONAL INFORMATION” • Defined as “personally identifiable financial information” the financial institution obtains from a consumer or results from transactions or services with consumer WHAT’S NOT COVERED BY GLBA? • Non-segmented customer lists not sorted by personally identifiable financial information • Sharing nonpublic information with affiliates • Sharing nonpublic information with nonaffiliates if two conditions are satisfied SHARING INFORMATION WITH NONAFFILIATES • Financial institution must provide a clear and conspicuous notice to consumer and inception and annually thereafter of its disclosure practice • Consumer must have opportunity to opt-out before information is shared LEGAL REMEDIES FOR VIOLATING PRIVACY RULES • FTC Act, Section 5 • State Unfair and Deceptive Trade Practice Laws (can involve private and class actions) • Breach of contract (can involve class actions) STATE PRIVACY LAWS • Most states have constitutional and/or statutory protections (e.g., California Constitution Article I, Section 1) • California Financial Information Privacy Act (“S.B. 1”): Requires posting of privacy policies on website by July 1, 2004 • Another California “first”! COPYRIGHT ISSUES ONLINE • What is copyright infringement? • What are the defenses against infringement? INFRINGEMENT • Direct Infringement • Contributory Infringement • Vicarious Liability DEFENSES TO INFRINGEMENT • “Fair Use” • ISP immunities DIRECT INFRINGEMENT • Active, knowing involvement by an ISP INGREDIENTS OF CONTRIBUTORY INFRINGEMENT • Knowledge • Inducing, causing, or materially contributing to, or substantially assisting in, the infringing activity INGREDIENTS OF VICARIOUS LIABILITY • Party has the ability to control infringing conduct • Party fails to control the conduct • Party receives a “direct financial benefit” from the conduct WHAT IS “DIRECT FINANCIAL BENEFIT”? Napster case found direct financial benefit where Napster was not charging users at all but the infringing material “acts as a draw for customers” WHAT IS “FAIR USE”? A complete defense to infringement claim if copyrighted work used for purposes like: • research/scholarship • criticism • comment • news reporting • teaching • parody WHY IS FAIR USE IMPORTANT IN E-MARKETING? • May want to use snippets of copyrighted material in parody, criticism, comment • May have concern over whether ISP will be liable for infringing material on its website IMMUNITIES FOR ISP • Communications Decency Act of 1996 (“CDA”) • Digital Millennium Copyright Act of 1998 (“DMCA”) CDA • CDA immunizes ISP from liability for acting as the medium through which third parties transmit offensive or obscene material • ISPs are not “publishers” DMCA • The On-Line Copyright Liability Limitation provisions protect ISPs from all monetary relief for direct, vicarious and contributory infringement • Various conditions must be met to obtain the immunity IMMUNITY UNDER DMCA WHERE MATERIAL IS • Initiated by or at direction of third party • Automatic process without selection of ISP • ISP does not select recipients except as automatic response • Copies not retained on system longer than needed for transmission • ISP removes or disables if notified of infringement RECENT AND PENDING FEDERAL REGULATION AND LEGISLATION: SPAM, ONLINE PRIVACY AND COPYRIGHTS Denis T. Rice The Power of Emarketing San Francisco March 9, 2004