On May 18, 2009, the Interactive Advertising Bureau (IAB) released its best practices for social media advertising. These best practices are intended to aid advertising growth on social networks, while also helping to safeguard consumer privacy. The guidelines recommend opt-in and opt-out policies for the use of profile data in ads and additional user privacy oversight, including the ability of a consumer to preview an ad before his or her profile data is used. The guidelines also establish a common language around social media by defining key terms such as social ad, social graph, interaction data, and profile data. "Industry standards are essential to making social media easy, safe and scalable for advertisers," said Seth Goldstein, CEO of Socialmedia.com and co-chair of the IAB's UGC Social Media Committee in an IAB press release. According to Forrester Research, social media marketing is projected to increase approximately 60% in 2009 to $716 million.
|
The Federal Trade Commission staff has issued a report, “Beyond Voice: Mapping the Mobile Marketplace.” The report focuses on cost disclosures about mobile services; unwanted mobile text messages, malware, and spyware; and expedited review of the Children’s Online Privacy Protection Rule to in view of changes in the mobile marketplace.
http://www.ftc.gov/opa/2009/04/mobilerpt.shtm
|
The Federal Trade Commission announced the release of a new Final Rule regarding the "Definitions and Implementation Under the CAN-SPAM Act" on May 12, 2008, which revises the Code of Federal Regulations implementing rules regarding CAN-SPAM, 16 C.F.R. Part 316. While largely reinforcing its observations in its Notice of Proposed Rulemaking, the Commission adopted a few new interpretations of defined terms, and offered some insight regarding CAN-SPAM implementation. The Commission:
1. Clarified that the definition of "person" includes organizations, commercial and non-profits alike;
2. Addressed scenarios where a single commercial e-mail contains advertisements for the products or services of multiple entities, and clarified who would be the "sender" of such an e-mail;
3. Addressed affiliate marketing schemes, and in certain situations extended CAN-SPAM liability to marketing entities and sellers whose affiliates send unsolicited commercial messages that violate CAN-SPAM.
4. Permitted the use of Post Office boxes and private mail boxes to satisfy the "valid physical postal address" requirement of CAN-SPAM, provided that the boxes are accurately registered pursuant to postal regulations;
5. Reiterated that recipients of commercial e-mail messages may not be charged a fee or any form of consideration to opt-out of future mailings, and should be required to provide no more personal information than their e-mail addresses to exercise their opt-out options.
6. Discussed "forward-to-a-friend" programs, and potential CAN-SPAM liability of a seller that includes such functionality on its Web site.
The Final Rule becomes effective 45 days after its publication in the Federal Register.
|
The New York Times recently reported on a sophisticated phishing scheme that targets executives by sending them what appears to be an official subpoena. The email includes an embedded link that purports to offer a copy of the entire subpoena, but which, when clicked, actually downloads keylogger software as well as software that permits remote control of the compromised computer. The New York Times article can be found here. A related article from SC Magazine can be found here. While the scheme is a sophisticated example of social engineering, all employees and particularly executives should be informed that (1) subpoenas are not served by email and (2) all suspect emails should be forwarded to IT before clicking any links.
|
A recent decision by the United States District Court for the Central District of California in MySpace, Inc. v. Wallace, No. 07-1929 (C.D. Cal. 2007), has paved the way for entities offering interactive messaging on private networks to use the CAN-SPAM Act to combat spam. Messages sent through private networks may qualify as electronic mail messages under the Act even though they are sent over an intranet rather than the public internet. Therefore, social networking websites, chat and video game providers, and web portals who may not consider themselves to be internet service providers because they use private networks, nevertheless may fall within the purview of the CAN-SPAM Act.
|
Priceline, Travelocity and Cingular Wireless each contracted with DirectRevenue LLC to deliver ads to consumers. To service its clients (including Priceline, Travelocity and Cingular Wireless), DR installed adware on millions of computers. The adware, which was undisclosed to users and difficult to remove, monitored the websites visited by the users and collected the information they typed into web forms. The NY AG filed a law suit alleging that DirectRevenue had violated New York consumer protection law, then pursued DirectRevenue's three major advertiser clients.
|
The Federal Trade Commission ("FTC") has charged seven companies with violating the Controlling the Assault of Non-Solicited Pornography And Marketing ("CAN-SPAM") Act for actions of their marketing affiliates. Under affiliate marketing programs, companies do not e-mail consumers directly, but pay others to send messages on their behalf to drive Internet traffic to Web sites.
|