Statute

Editor's Note: Our initial report on the much anticipated demise of this Maine law was a bit premature. The bill is expected to pass but is a few weeks from its final demise. Our deepest apologies for this error. We are redoubling our strive for excellence. Corrected posting is below.

A controversial Maine law passed last year that banned the use of personal information about minors for marketing purposes is close to being repealed.  The new Maine law that would take its place is much more narrowly tailored to prohibit use of information collected online from minors for the purpose of marketing pharmaceuticals.

If you are a retailer with brick-and-mortar stores in California and accept credit cards for payment, take note.  You may want to take a few simple steps to avoid liability for an increasing number of claims under an old law that has received a lot of recent attention.  Plaintiffs have filed several recent class action lawsuits in California against major retailers for alleged violations of California's Song-Beverly Credit Card Act (the "Act").  The Act places certain restrictions on merchants that accept credit cards.  In general, the law prohibits or limits a merchant's ability to request and record personal identification information concerning the cardholder.  Examples of personal identification information include the cardholder's address and telephone number.

On May 22, 2009, President Obama signed into law the Credit Card Act of 2009 (formerly, the Credit Cardholders' Bill of Rights Act), which establishes new federal requirements on fees, expiration dates, and conspicuous disclosure of key terms for gift cards, gift certificates and open-loop prepaid cards.

In Party City Corp. v. Superior Court of San Diego County, the California Court of Appeals held that zip codes are not "personally identifying information" under California's Song-Beverly Credit Card Act.

The California Senate recently passed S.B. 364, which seeks to expand California's data breach notification requirements. The bill requires notice to consumers in plain language including information about the types of information breached, the number of people affected by the breach, the date of the breach, and contact information for the entity that experienced the breach. In addition, the notice must include the toll-free telephone numbers of the major credit reporting agencies and notice of the breach must be provided to the state Office of Information Security and Privacy Protection.

The Bill is currently before the California House of Representatives. Current status can be found here.

Apparently thinking that a strong offense was the best defense to copyright infringement claims for making copyrighted music available for sharing over the Internet, the defendant counterclaimed that the plaintiffs' (music and recording companies) investigation constituted trespass, computer fraud and invasion of privacy. The court granted Plaintiffs' motion to dismiss each of the above mentioned counterclaims.

In Christoff v. Nestle USA, Inc., 152 Cal. App. 4th 1439, 62 Cal. Rptr. 3d 122 (2007), the California Court of Appeals reversed a $16 million jury verdict in a right of publicity case brought under California's publicity statute and remanded to the lower court for consideration based on its opinion.

On August 5, 2007, President Bush signed the "Protect America Act of 2007." The Act amends the Foreign Intelligence Surveillance Act of 1978 such that surveillance directed at a person reasonably believed to be located outside the United States no longer requires a government application to, and order issuing from, the FISA Court. Under the Act, communications can be monitored (i.e., intercepted) in real time or reviewed after receipt and storage, for example, in the case of email. The Act provides procedures for the government to issue directives to providers to provide data or assistance, for the government to seek an order to compel provider compliance from the FISA Court, and for the recipient of a directive to seek relief from the FISA Court from an unlawful or overly burdensome directive. Under the Act, providers receive cost reimbursement and full immunity from civil suits for compliance with any directive.

Priceline, Travelocity and Cingular Wireless each contracted with DirectRevenue LLC to deliver ads to consumers. To service its clients (including Priceline, Travelocity and Cingular Wireless), DR installed adware on millions of computers. The adware, which was undisclosed to users and difficult to remove, monitored the websites visited by the users and collected the information they typed into web forms. The NY AG filed a law suit alleging that DirectRevenue had violated New York consumer protection law, then pursued DirectRevenue's three major advertiser clients.