Advertising / Marketing / Consumer Protection

On September 15, the Federal Trade Commission released the changes it is proposing to make to the Children’s Online Privacy Protection Rule (required by the Children’s Online Privacy Protection Act, or COPPA).  The Rule has been in effect since 2000.  To address technological developments in the last decade, the FTC is recommending a number of changes to the definitions and required procedures for compliance.

On August 26, 2010, the FTC announced a consent decree with Reverb Communications, a public relations firm whose clients included developers of video games, including mobile gaming apps. http://www.ftc.gov/opa/2010/08/reverb.shtm.  This represents the first enforcement action under the agency's revised Guidelines Concerning the Use of Endorsements and Testimonials in Advertising. http://ftc.gov/os/2009/10/091005revisedendorsementguides.pdf

Reverb, which was typically paid a percentage of its clients' sales on advertised games, in 2008 and 2009 posted on the iTunes store reviews of those games. Typical reviews consisted of "Amazing new game," "One of the best apps just got better," and [Reverb's client] does it again!" Although the reviews seemed to come from disinterested consumers, they were actually posted by Reverb's employees, a fact never disclosed.

The type of conduct challenged (endorsements by an advertiser's employees) represents a classic violation of the guidellines.  What's interesting about the case is that none of Reverb's clients were included as co-defendants. If they were unaware that Reverb was using its own employees to generate positive reviews, this represents the rare case where "ignorance was bliss."

The Federal Trade Commission’s Congressional testimony of July 22, 2010 provides an excellent overview of the Commission’s views on consumer privacy enforcement past, present, and future and should be of interest to consumers, industry stakeholders and privacy professionals alike.

Lost in the shuffle surrounding the Senate Banking Committee's deliberations about the financial reform legislation (H.R. 4173) was its decision on June 22, 2010 to reject U.S. House of Representatives-authored language that would have broadened the FTC's enforcement powers. The vote represents a rare legislative setback for the agency, whose jurisdiction Congress has broadened over time, sometime (as in case of the CAN-SPAM Act) in the face of the agency's initial opposition to expansion!

Website that neglected to properly verify bank account ownership held liable for fraud committed by users of site.

The Federal Trade Commission recently closed an investigation of Ann Taylor for suspected violations of the agency's new product endorsement advertising guidelines, which require advertisers who compensate endorsers to disclose this in the advertisement. This is the first reported investigation relating to endorsements through blog entries solicited by an advertiser.

Editor's Note: Our initial report on the much anticipated demise of this Maine law was a bit premature. The bill is expected to pass but is a few weeks from its final demise. Our deepest apologies for this error. We are redoubling our strive for excellence. Corrected posting is below.

A controversial Maine law passed last year that banned the use of personal information about minors for marketing purposes is close to being repealed.  The new Maine law that would take its place is much more narrowly tailored to prohibit use of information collected online from minors for the purpose of marketing pharmaceuticals.

A controversial Maine law passed last year that banned the use of personal information about minors for marketing purposes has been repealed.  The new Maine law that takes it place is much more narrowly tailored to prohibit use of information collected online from minors for the purpose of marketing pharmaceuticals.

We often counsel our clients not to make absolute promises about security or data protection. Just like there is no ocean-front property in Arizona, there is no such thing as perfect security or safety. 

LifeLock, Inc. just learned this lesson the hard way when they promised consumers protection from all forms of identity theft.  As a result, they are now agreeing to pay $12 million in fines state and federal regulators.

In November 2009, the association of German data protection authorities (“Düsseldorfer Kreis”) issued a resolution titled “Data Protection Compliance of Web Analytics Tools for Website Audience Measurement.” This resolution has a clear impact on business and contains many risks. The big question is whether the use of web analytics tools as it is today is still compliant with German data protection.

Perkins Coie Of Counsel Susan Lyon will be speaking at the Email Evolution Conference on the topic of "Stay Compliant and Protect Your Reputation," which will cover the basics through advanced email compliance concepts with a focus on CAN-SPAM.

Facebook updated its Promotions Guidelines ("Guidelines") on November 4, 2009, which govern the publicizing and administering of all promotions, including contests, sweepstakes, competitions or similar offerings on Facebook.

If you are a retailer with brick-and-mortar stores in California and accept credit cards for payment, take note.  You may want to take a few simple steps to avoid liability for an increasing number of claims under an old law that has received a lot of recent attention.  Plaintiffs have filed several recent class action lawsuits in California against major retailers for alleged violations of California's Song-Beverly Credit Card Act (the "Act").  The Act places certain restrictions on merchants that accept credit cards.  In general, the law prohibits or limits a merchant's ability to request and record personal identification information concerning the cardholder.  Examples of personal identification information include the cardholder's address and telephone number.

The Federal Trade Commission recently adopted important changes to the agency’s Guides Concerning the Use of Endorsements and Testimonials in Advertising. The Guides' core principles remain unchanged, but they are now being applied to nontraditional media, such as blogs. Also, advertisers ("on" or "offline") who use product endorsements will no longer be able to qualify that endorsement just by telling the viewer that "results may vary" or the endorser's experience "may not be typical."

The California Supreme Court, in Christoff v. Nestle USA, Inc., 47 Cal.4th 468, 213 P.3d 132 (2009) discussed the impact of the single publication rule on right of publicity claims in non-traditional media.  Its decision opens the door to extended liability for right of publicity claims beyond the two year statute of limitations that the Court of Appeals applied.

Attorney General Janet Mills of Maine announced that she will not prosecute companies that violate a recently-enacted, controversial law that bans the use of personal information about minors for marketing purposes.  The bill is expected to be reviewed for amendment during Maine's next legislative session convening in January.

The Federal Trade Commission issued a final breach notification rule for electronic health information that applies to certain web-based businesses.

Last week, in Zango v. Kaspersky Lab, Inc., No. 07-35800 (9th Cir. June 25, 2009), the Ninth Circuit upheld a trial court determination that Section 230 of the Communications Decency Action (CDA) immunizes providers of filtering and security software from claims brought by Internet services that the software blocks. This immunity comes under CDA Section 230(c)(2)(B), which protects from libility providers of interacitve computer services who perform "good samaritan" blocking of offensive material. Prior to Zango, the Ninth Circuit had held that Section 230 protected Internet service providers that removed objectionable user content. Now, after Zango, Section 230 also protects from liability companies that provide "tools that filter, screen, allow, or disallow" objectionable Internet services, such as spyware or adware. Now, under CDA Section 230, filtering and security software companies cannot be held liable for actions they take to make available the means to restrict access to objectionable material.

While you are in town for the Outdoor Retailer Summer Market, Perkins Coie, D.A. Davidson and the Generator Group invite you to take some time to unwind at Salt Lake City's Grand America Hotel. Connect with other industry leaders, learn how social media is affecting the industry and enjoy an evening of cocktails, dinner, or both.

The keynote speaker at the ABA Consumer Protection conference in DC on June 18, 2009 was Bureau of Consumer Protection Director Dave Vladeck. He identified as one of this goals "rethinking" the agency's approach to privacy issues. He asked for the audience's "help," meaning the agency will probably convene a town hall meeting this fall to address these issues. We and our clients are all invited to attend. A synopsis of his substantive views follows.

In an interview with GovInfoSecurity.com, Joel Winston, associate director of the FTC's Division of Privacy and Identity Protection, commented on current FTC priorities, risks to consumers, and the FTC's Red Flag Rules. Currently, Winston said that the FTC would focus on addressing privacy issues associated with online behavioral advertising and investigating data breaches and the adequacy of data security measures. Winston also identified two major risks to consumers: (1) consumers not protecting their own data and (2) private and government organizations failing to protect consumer data. Finally, Winston discussed the FTC Red Flag Rules, saying that many businesses are still unsure whether the rules apply to them and how to comply with the rules. He noted that the rules are broad and flexible: they apply to any business that extends credit but allow businesses flexibility in taking reasonable measures to protect against identity theft. The full interview is available here.

On May 18, 2009, the Interactive Advertising Bureau (IAB) released its best practices for social media advertising.  These best practices are intended to aid advertising growth on social networks, while also helping to safeguard consumer privacy.  The guidelines recommend opt-in and opt-out policies for the use of profile data in ads and additional user privacy oversight, including the ability of a consumer to preview an ad before his or her profile data is used.  The guidelines also establish a common language around social media by defining key terms such as social ad, social graph, interaction data, and profile data.  "Industry standards are essential to making social media easy, safe and scalable for advertisers," said Seth Goldstein, CEO of Socialmedia.com and co-chair of the IAB's UGC Social Media Committee in an IAB press release.  According to Forrester Research, social media marketing is projected to increase approximately 60% in 2009 to $716 million.

On May 22, 2009, President Obama signed into law the Credit Card Act of 2009 (formerly, the Credit Cardholders' Bill of Rights Act), which establishes new federal requirements on fees, expiration dates, and conspicuous disclosure of key terms for gift cards, gift certificates and open-loop prepaid cards.

A federal district court in Virginia recently issued a preliminary injunction to prevent a company from using a competitor's trademarks online.  Deltek Inc. v. Iuovo Systems, Inc., No. 09-330 (E.D. Va. Apr. 20, 2009).  In this case, Deltek sued Iuovo for visibly using the Deltek name to advertise services and for including the mark in meta tags to drive traffic to the Iuovo website.  The court held that this use may cause consumers to erroneously conclude that Iuovo is affiliated with Deltek and, therefore, amounts to trademark infringement.

The Department of Justice's May 12, 2009, Report to Congress covers all applications made by the Government during calendar year 2008 for authority to conduct electronic surveillance and physical search for foreign intelligence purposes under FISA, all applications made by the Government during calendar year 2008 for access to certain business records (including the production of tangible things) for foreign intelligence purposes, and certain requests made by the Federal Bureau of Investigation pursuant to national security letter authorities.  While the number of wiretaps and searches conducted in 2008 were lower than in 2007, the number of National Security Letters increased.

The Federal Trade Commission staff has issued a report, “Beyond Voice: Mapping the Mobile Marketplace.”  The report focuses on cost disclosures about mobile services; unwanted mobile text messages, malware, and spyware; and expedited review of the Children’s Online Privacy Protection Rule to in view of changes in the mobile marketplace. 

http://www.ftc.gov/opa/2009/04/mobilerpt.shtm

The 2008 Wiretap Report is out!  A total of 1,891 intercepts authorized by federal and state courts were completed in 2008, a decrease of 14 percent compared to the number terminated in 2007. Not surprising given past reports, the vast majority of wiretaps were conducted on cell phones or mobile devices, and the vast majority of wiretaps involved drug investigations.  There were two instances reported of encryption encountered during state wiretaps; neither prevented officials from obtaining the plain text of the communications.  For more interesting observations on the 2008 Wiretap Report, read the full post.

On February 12, 2009, the Federal Trade Commission (FTC) issued a staff report, titled "Self-Regulatory Principles for Online Behavioral Advertising." (the FTC Staff Report).  The following is the second of a three part series of blogs summarizing guidance contained in the report. The first part, describes new FTC guidance on material changes to privacy policies of interest to all Web site operators.  The second part, below (click "read more"), analyzes the FTC's expansion of protected information to include non-personally identifiable information, including IP addresses associated with particular computers or devices, at least in the context of certain forms of online behavioral advertising (the practice of tracking an individual's online activities over time to deliver personalized advertising).  The third part, to follow, will detail the FTC's general guidance for those engaged in third party online behavioral advertising.

On February 12, 2009, the Federal Trade Commission (FTC) issued a staff report, titled "Self-Regulatory Principles for Online Behavioral Advertising." (the FTC Staff Report) While the FTC Staff Report primarily focuses on the FTC's revised principles for online behavioral advertising (Principles), described as "guidelines for self-regulation," it also notes a few Principles are based on existing law potentially applicable to a broad range of Web sites not just those engaged in behavioral advertising. Most significantly, the report describes as "existing" law a requirement for Web site operators to obtain affirmative express consent to make retroactive material changes to privacy policies.  The following is the first of a three part series of blogs summarizing guidance contained in the report. The first part, in "read more" details below, describes new FTC guidance on material changes to privacy policies of interest to all Web site operators.  The second part, analyzes the FTC's expanding definition of personal information.  The third part will detail the FTC's general guidance for those engaged in online behavioral advertising.

http://www.ftc.gov/opa/2009/02/behavad.shtm

In Party City Corp. v. Superior Court of San Diego County, the California Court of Appeals held that zip codes are not "personally identifying information" under California's Song-Beverly Credit Card Act.

Last week Perkins Coie Partner Barry Reingold attended the American Conference Institute's 22nd National Advanced Forum of Advertising Law in New York City. The forum reflects the national advertiser and advertising agency perspective (American Express, Nike, BBD&O, etc). Much of the focus this year was on Internet and mobile advertising. Key takeaway points are provided in this post.

On December 17, 2008, the Federal Trade Commission (FTC) issued a report on the private sector’s use of consumers’ Social Security numbers (SSNs).  The purpose of the report is to develop a deeper understanding of the relationship between the SSN and identity theft and explore approaches that will preserve the SSN’s beneficial uses while curtailing its availability and value to identity thieves.  To that end, the FTC’s report contains recommendations to make SSNs less available to identity thieves, while at the same time making it more difficult for them to misuse those SSNs they are able to obtain.

On September 4, 2008, the Ninth Circuit reinstated part of the California Financial Information Privacy Act ("SB1"), Cal. Fin. Code §§ 4050-4060, allowing consumers to opt-out of certain information-sharing activities between financial institutions and their affiliates. American Bankers Ass'n. v. Lockyer, No. 05-17163, 2008 WL 4070308 (9th Cir. Sept. 4, 2008). This decision overturns the court's 2005 ruling, in which the Ninth Circuit held that the federal Fair Credit Reporting Act ("FCRA") preempts SB1 with respect to affiliate sharing of "consumer report information." American Bankers Ass'n v. Gould, 412 F.3d 1081 (9th Cir. 2005). The new decision preserves consumers' rights under California law to restrict affiliate data-sharing related to non-consumer report information.

The holiday season is marked by many colorful, highly competitive ad campaigns. Conducting a legal review of advertising materials can go a long way toward managing legal liability and associated costs. Advertising review should cover a number of issues, including copyright, trademark and right of publicity/privacy issues, comparative advertising, claim substantiation, offer terms, and regulator and industry self-regulation compliance issues, to name a few.

On August 19, 2008, the Federal Trade Commission announced two significant amendments to the telemarketing sales rule affecting prerecorded outbound telemarketing calls.  The first amendment prohibiting prerecorded telemarketing calls without express written agreement and other limitations goes into effect September 1, 2009.  The second amendment requiring that prerecorded telemarketing calls provide an automated interactive opt-out mechanism meeting certain requirements goes into effect December 1, 2008.

According to the U.S. District Court for the Western District of Texas, an employee who signed a confidentiality agreement and then later copied confidential data from his corporate computer may have breached the agreement but did not violate the Computer Fraud and Abuse Act ("CFAA") because he had authority to access the files. In Black & Decker (US) v. Smith (2008 WL 2757081 (W.D.Tenn. 7/11/08)), the Court held that an employee who had initial authority to access company computer files could not be found liable under the CFAA for subsequently copying them. Black & Decker alleged that its former employee, defendant Timothy Smith, had violated the CFAA by copying confidential information to an external hard drive and to a personal email account before joining a competitor company.

Perkins Coie Partner Al Gidari will be a panelist at a Washington Technology Industry Association event in Seattle.

The Federal Trade Commission announced the release of a new Final Rule regarding the "Definitions and Implementation Under the CAN-SPAM Act" on May 12, 2008, which revises the Code of Federal Regulations implementing rules regarding CAN-SPAM, 16 C.F.R. Part 316. While largely reinforcing its observations in its Notice of Proposed Rulemaking, the Commission adopted a few new interpretations of defined terms, and offered some insight regarding CAN-SPAM implementation. The Commission:

1. Clarified that the definition of "person" includes organizations, commercial and non-profits alike;

2. Addressed scenarios where a single commercial e-mail contains advertisements for the products or services of multiple entities, and clarified who would be the "sender" of such an e-mail;

3. Addressed affiliate marketing schemes, and in certain situations extended CAN-SPAM liability to marketing entities and sellers whose affiliates send unsolicited commercial messages that violate CAN-SPAM.

4. Permitted the use of Post Office boxes and private mail boxes to satisfy the "valid physical postal address" requirement of CAN-SPAM, provided that the boxes are accurately registered pursuant to postal regulations;

5. Reiterated that recipients of commercial e-mail messages may not be charged a fee or any form of consideration to opt-out of future mailings, and should be required to provide no more personal information than their e-mail addresses to exercise their opt-out options.

6. Discussed "forward-to-a-friend" programs, and potential CAN-SPAM liability of a seller that includes such functionality on its Web site.

The Final Rule becomes effective 45 days after its publication in the Federal Register.

A controversial bill seeking to restrict the ability of Internet advertisers to engage in so-called online preference marketing has hit the desks of New York State Legislators. Dubbed the Third Party Internet Advertising Consumers’ Bill of Rights Act of 2008, the bill is sponsored by Democratic Assemblyman Richard L. Brodsky and Republican State Senator Andrew J. Lanza, and aims to put the power to opt out of online advertising campaigns in the hands of consumers. If adopted, the bill would also require certain companies engaged in Internet advertising to not only disclose how they collect consumer information, but also to specify what kind of consumer information they use, and how long they intend to retain it.

The California Senate recently passed S.B. 364, which seeks to expand California's data breach notification requirements. The bill requires notice to consumers in plain language including information about the types of information breached, the number of people affected by the breach, the date of the breach, and contact information for the entity that experienced the breach. In addition, the notice must include the toll-free telephone numbers of the major credit reporting agencies and notice of the breach must be provided to the state Office of Information Security and Privacy Protection.

The Bill is currently before the California House of Representatives. Current status can be found here.

The Ponemon Institute published a study of 35 data breaches in 2007. The costs of responding to the breaches ranged from $225,000 to almost $35 million, with an average of $6.3 million or $197 per record compromised. In 2006, the average cost per incident was $4.8 million or $182 per record. While the costs related to investigations, notification and services offered to affected individuals decreased, the cost of lost business increased more than 30 percent and no accounts for 65 percent of data breach costs.

In Mobilisa, Inc. v. Doe, 217 Ariz. 103, 170 P.3d 712 (2007), the Arizona Court of Appeals adopted a three-part test for use in determining when an anonymous internet poster's identity may be obtained.  Arizona joins New York, New Jersey, and California in formulating similar but different tests to determine when the identity of anonymous posters can be obtained.

The Federal Judicial Center recently published a Pocket Guide for Judges on "Managing Discovery of Electronic Information." This 22 page booklet is written for federal judges and contains sections on: Describing Electronically Stored Information ("ESI"), Early Consideration of ESI – Rules 26(f) and 16, ESI and Initial Disclosures, Allocation of Costs, Discovery from Nonparties, Form of Production, Waiver of Privilege or Work-Product Protection, Preservation of ESI, and Spoliation and Sanctions.

Apparently thinking that a strong offense was the best defense to copyright infringement claims for making copyrighted music available for sharing over the Internet, the defendant counterclaimed that the plaintiffs' (music and recording companies) investigation constituted trespass, computer fraud and invasion of privacy. The court granted Plaintiffs' motion to dismiss each of the above mentioned counterclaims.

http://www.ftc.gov/opa/2007/12/spam.shtm

http://www.ftc.gov/opa/2007/12/principles.shtm

On November 1-2, 2007, the Federal Trade Commission hosted a two day conference about privacy and related issues in online behavioal and targeted advertising. The central (but unstated) issue underlying the conference was the continuing debate about the usefulness of online privacy policies as a tool to provide notice to consumers and to obtain their consent for information collection and use.

In Christoff v. Nestle USA, Inc., 152 Cal. App. 4th 1439, 62 Cal. Rptr. 3d 122 (2007), the California Court of Appeals reversed a $16 million jury verdict in a right of publicity case brought under California's publicity statute and remanded to the lower court for consideration based on its opinion.

Section 230 of the Communications Decency Act provides website operators immunity from civil liability based on information provided by another "information content provider." Most courts have interpreted this language broadly and held that as long as the website operator only published - but did not participate in the creation and development of - information, it was immune from liability. A federal court in Wyoming, however, recently read Section 230 narrowly, and entered judgment for the Federal Trade Commission in a false advertising case against Abika.com, a firm whose website offered information products, including records of telephone call details. (Federal Trade Commission v. Accusearch, Inc., d/b/a/ Abika.com (D. Wy., September 28, 2007). Customers would place orders with Abika for confidential information about specific telephone numbers. Abika would buy the information, if available, from third-party vendors, then resell it to the customers. The vendors got this information illegally from people employed by or otherwise associated with telephone carriers.

Sweepstakes can be effective vehicles for marketing products and services and engaging consumers with a brand during the holidays. However, sweepstakes are highly regulated at both state and federal levels and can trigger legal challenges if not carefully structured.

On behalf of client Vonage Holdings Corp., Perkins Coie obtained complete dismissal of a purported class action anti-spam case filed against Vonage in California. The plaintiff, a recent law school graduate represented by Hagens Berman Sobol Shapiro LLP, sought damages and injunctive relief from Vonage in California state court on the theory that email advertisements for Vonage services sent from more than one domain name violated California's anti-spam law, Cal. Bus. & Prof. Code Section 17529.5, and Consumer Legal Remedies Act.

On October 4 - 5, 2007, Conference Co-Chair Kirk Soderquist and speakers Don Karl and Shaalu Mehra will join other leading industry professionals and practitioners discussing content, access and intellectual property issues, recent court decisions, financing, cross-border issues, the growth of casual games, M&A transactions and outsourcing agreements.

A recent decision by the United States District Court for the Central District of California in MySpace, Inc. v. Wallace, No. 07-1929 (C.D. Cal. 2007), has paved the way for entities offering interactive messaging on private networks to use the CAN-SPAM Act to combat spam. Messages sent through private networks may qualify as electronic mail messages under the Act even though they are sent over an intranet rather than the public internet. Therefore, social networking websites, chat and video game providers, and web portals who may not consider themselves to be internet service providers because they use private networks, nevertheless may fall within the purview of the CAN-SPAM Act.

On August 5, 2007, President Bush signed the "Protect America Act of 2007." The Act amends the Foreign Intelligence Surveillance Act of 1978 such that surveillance directed at a person reasonably believed to be located outside the United States no longer requires a government application to, and order issuing from, the FISA Court. Under the Act, communications can be monitored (i.e., intercepted) in real time or reviewed after receipt and storage, for example, in the case of email. The Act provides procedures for the government to issue directives to providers to provide data or assistance, for the government to seek an order to compel provider compliance from the FISA Court, and for the recipient of a directive to seek relief from the FISA Court from an unlawful or overly burdensome directive. Under the Act, providers receive cost reimbursement and full immunity from civil suits for compliance with any directive.

The Ninth Circuit recently held in Douglas v. Talk America Inc., No. 06-75424, 2007 WL 2069542 (9th Cir. July 18, 2007) that the unilateral addition of a mandatory arbitration clause and other amendments to an online contract are invalid absent actual notice to the customer. The Douglas decision calls into question the common practice by ecommerce companies of amending their online terms and policies at will with little in the way of notice other than posting the revised terms or policies and perhaps including a revised effective date on the terms or policies themselves. The concerns are probably overstated, and we review some best practices for your consideration.

Kmart Corporation recently agreed to settle Federal Trade Commission charges that Kmart engaged in deceptive practices in advertising and selling its Kmart Gift Cards and Cash Cards. The FTC’s press release, settlement agreement, complaint and related materials are available at the FTC Web site. The FTC alleged that Kmart failed to adequately disclose the terms and conditions that applied to the gift cards – specifically those related to so-called "dormancy fees." Although the consent decree applies only to Kmart, it is significant because it is the first formal action the FTC has taken with respect to gift cards and because it provides a roadmap to the FTC's general thinking about gift card disclosures. It is a vivid reminder that issuers of gift cards must consider federal consumer protection laws, in addition to numerous state gift certificate, consumer protection and unclaimed property laws, as they structure their gift card programs. It also adds to the pressure many states have been placing on gift card issuers to avoid expiration dates, dormancy fees and other service fees.

Kavu Inc. v. Omnipak Corp., W.D. Wash., No. 2:06-cv-00109-RSL (class certification order 1/23/07).

A federal district court in Washington state has held that a suit arising from an unsolicited commercial fax is entitled to class certification under the Telephone Consumer Protection Act and the Washington Consumer Protection Act.  The defendant had sent unsolicited fax advertisements to 3,000 numbers that it had obtained from the Manufacturers News, a company that compiles and sells contact information for businesses.  The court distinguished the case before it from prior cases in which class certification was denied; in those cases, noted the court, the defendant had the opportunity to provide individual defenses with respect to whether a particular recipient had given permission to receive the fax.  In the case before it, however, whether the defendant had obtained consent would be an issue common to all recipients.   The commonality element was met, rendering class certification appropriate.

In November 2006, Zango (formerly known as 180solutions, Inc.) a major adware distributor, settled FTC charges arising from the distribution of its adware by its network of third party affiliates, who frequently offered consumers free content and software without disclosing that downloading them would result in installation of Zango's adware.

Priceline, Travelocity and Cingular Wireless each contracted with DirectRevenue LLC to deliver ads to consumers. To service its clients (including Priceline, Travelocity and Cingular Wireless), DR installed adware on millions of computers. The adware, which was undisclosed to users and difficult to remove, monitored the websites visited by the users and collected the information they typed into web forms. The NY AG filed a law suit alleging that DirectRevenue had violated New York consumer protection law, then pursued DirectRevenue's three major advertiser clients.

Private networks and equipment, facilities or services that interconnect public or private networks are exempt under the Communications Assistance for Law Enforcement Act or "CALEA."  But when private networks are connected to a public network like the Internet, do private network operators have any obligation to make the equipment or facilities that support the connection compliant with CALEA?  The question is an important one for businesses that provide Internet access to their employees, state and local networks, and internetworking and infrastructure providers as well as schools, libraries and advanced research networks.

Asis Internet Servs. v. Optin Global Inc., N.D. Cal., No. C-05-5124-CW, 9/27/06

A federal district court has held that mortgage brokers who used "lead generators" are liable for violations of CAN-SPAM resulting from thousands of unsolicited commercial emails sent by third-party "spammers" used by the lead generators.  The mortgage brokers, held the court, had "knowingly induced" the spammers to send the illegal spam through the lead generators.  By knowingly inducing the spammers to send the messages, stated the court, the mortgage brokers met the definition of "initiator" under CAN-SPAM.  Because the mortgage brokers' products or services were advertised in the messages, they were deemed "senders" of the unsolicited commercial emails in question.

On October 4, 2006, the Federal Trade Commission ("FTC") issued a notice in which it proposed two modifications to its Telemarketing Sales Rule ("TSR"). The first of these modifications would require express prior written agreement to send prerecorded telemarketing messages. The second would liberalize the TSR's calculation of "abandonment rate" in telemarketing campaigns using a predictive dialer.

N.D.N.Y. Case No. 5:04-CV-1055 (9/28/06)
The court granted Google's motion to dismiss Rescuecom's allegation that Google's use of the "Rescuecom" mark as a keyword in connection with the sale of sponsored links is a commercial use.  The court reasoned that the use of the mark was not a "use in commerce" because the mark was never displayed; thus, although such use of the mark was commercial in nature, it did not constitute a "use in commerce."

No. 401394/2005 (N.Y. Sup. Ct.) (settlement announced Oct. 20, 2005)
Intermix Media agreed to pay a $7.5 million to settle charges of false advertising and deceptive busines practices, raised by New York Attorney General Eliot Spitzer.

384 F.Supp.2d 1219 (N.D. Ill. 2005)
DirectRevenue installed spyware, allegedly without consent, onto computers by bundling it with other legitimate software that was available "free" on the Internet, such as games. Through the spyware, advertisers bombarded users' computers with ads that constantly "pop up" over whatever web page a user is viewing.

121 P.3d 831 (Ariz. Ct. App. 2005)
Arizona Court of Appeals affirmed trial court's holding that Acacia violated the Telephone Consumer Protection Act (TCPA) by delivering unsolicited text message advertisements to Joffe's mobile phone. The appellate court determined that the TCPA applies to text messages, and application as such did not violate Acacia's First Amendment rights.

In an update dated August 2, 2005, available here, we informed you about legislation in Michigan and Utah that prohibited sending certain types of advertisements to pager and fax numbers, cellular and land line telephone numbers, along with instant messaging identities, email addresses and other electronic "contact points" listed on registries maintained by each state.

The Federal Trade Commission ("FTC") has charged seven companies with violating the Controlling the Assault of Non-Solicited Pornography And Marketing ("CAN-SPAM") Act for actions of their marketing affiliates. Under affiliate marketing programs, companies do not e-mail consumers directly, but pay others to send messages on their behalf to drive Internet traffic to Web sites.

2005 WL 832398 (N.D. Cal. 2005)
N.D. Cal.
The Northern District of California declined to grant Google's motion to dismiss trademark infringement and unfair competition claims, finding that there was a genuine issue of material fact regarding whether Google's advertising scheme created confusion by presenting ads of American Blind's competitors when keywords related to American Blind were entered into Google's search engine. Google sold "American Blind," "Americanblinds."

N.D.N.Y. Case No. 04-CV-001055, (9/7/04)
U.S. District Court
Complaint filed by Rescuecom Corporation against Google, Inc. alleges that Google's use of the "Rescuecom" mark as a keyword in connection with the sale of sponsored links is a commercial use because the defendant is a commercial entity selling and offering for sale advertising on its internet Search Engine.

No. CGC-04-433518 (S.F. Sup. Ct. filed Aug. 3, 2004) (class action)
Class action lawsuit filed in California state court alleges ads appearing on Internet search engines violate California gambling laws by steering users to gambling websites based on certain keyword searches and using geo-tracking software to target advertising for certain regions, including California. Named defendants include search engines Google, Ask Jeeves, Altavista, and others.

No. 2:03-cv-04269-R-VBK, Doc. 125 (C.D. Cal. final judgment Jul. 7, 2004)
Federal district court entered $4 million judgment against spammer that misrepresented himself as being associated with Microsoft's Windows Update service. Khoshnood sent spam email directing recipients to www.

Utah state court, Third District (Salt Lake City)
Internet retailer Overstock.com sued competitor SmartBargains under Utah's Spyware Control Act for allegedly using spyware to display pop-up ads over the Overstock.

No. 2:04-cv-00100-GC (D. Me. filed May 17, 2004)
See L.L. Bean, Inc. v. Nordstrom, Inc.

No. 2:04-cv-00099-GC (D. Me. filed May 17, 2004)
See L.L. Bean, Inc. v. Nordstrom, Inc.

No. 2:04-cv-00098-GC (D. Me. filed May 17, 2004)
See L.L. Bean, Inc. v. Nordstrom, Inc.

No. 2:04-cv-00101-GC (D. Me. filed May 17, 2004)
Clothing retailer L.L. Bean sued Nordstrom in federal district court for trademark infringement, unfair competition, and related claims, alleging Nordstrom used spyware to cause Nordstrom ads to appear in pop-up windows when computer users visited L.

309 F. Supp. 2d 446 (E.D.N.Y. 2004)
Federal district court held that a forum selection clause in an Internet service provider's (ISP) terms of use agreement was not unconscionable, even though the computer window allowed the plaintiff to view only ten lines of the agreement at a time, and the clause appeared over 300 lines into the document. Novak alleged that Google failed to remove material from its online discussion groups that Novak deemed objectionable, thereby breaching Google's terms of service.

In Mainstream Marketing Services, Inc. et al. v. FTC et al., the 10th Circuit Court of Appeals has upheld the FTC's DNC list, holding that "the do-not-call registry is a valid commercial speech regulation because it directly advances the government's important interests in safeguarding personal privacy and reducing the danger of telemarketing abuse without burdening an excessive amount of speech.

Federal District Court in N.Y.--Filed
Federal
American Blind and Wallpaper Factory filed suit in New York District Court against Google, AOL and Netscape. American Blind's suit is based on Google's practice of selling advertisements linked to certain keywords.

309 F. Supp. 2d 467 (S.D.N.Y. 2003), aff'd 414 F.3d 400 (2d Cir. 2005)
1-800 Contacts sued WhenU.com to get an injuction stopping WhenU.com from sending pop-up ads to people visiting 1-800 Contacts website who had unknowingly downloaded WhenU's software onto their computer.

293 F. Supp. 2d 734 (E.D. Mich. 2003)
Federal
Wells Fargo sought a preliminary injunction to stop WhenU.com from sending pop-up ads to internet users visiting Wells Fargo's website.

279 F. Supp. 2d 723 (E.D.V.A 2003); No. 02-1469-A (E.D.Va. 2003)
Federal
A federal court has ruled on the legality of pop-up ads. WhenU.com develops an application that comes bundled with popular free software such as peer to peer applications.

filed (2003)
Federal
Lending Tree has filed suit against Gator Corp. for flashing pop-up ads of competitors when visitors access its site. Lending Tree claims that the pop-up ads have damaged Lending Tree's brand and infringed on its copyright and trademark.

(2d Cir. 2003)
Federal
The Second Circuit Court of Appeals upheld a New York law banning the sale of cigarettes over the Internet. The court found that the district court had erred in finding that the law violated the Commerce Clause of the Constitution.

No. 02-207199-1 (Wash. Sup. Ct. 2003)
WA
A lawsuit has been filed against Bonzi Software, Inc., alleging that it tricked users into visiting its website through the use of deceptive online banner advertisements.

Case No. CIV-02-1457-M (W.D. Okla. 2003)
Federal
A federal judge denied a preliminary injunction to restore a website's page rank on Google's search engine. SearchKing, an advertising seller, filed suit after Google intentionally reduced SearchKing's page rank.

Germany-District Court of Munich
Foreign
The court held that Google could not be held liable for trademark infringement where an advertiser uses the trademark in a keyword.

(E.D. Va. 2002)
Federal
A federal court issued a temporary injunction in a copyright infringement case involving targeted pop-up advertising. The Washington Post, Dow Jones, and eight other publishers sued Gator alleging that Gator's unauthorized ads violate their copyright and trademark rights by altering the intended display of their websites.

Copenhagen Baliff's Court (Denmark, 7/5/2002)
Foreign
The Copenhagen Lower Bailiff's Court ordered Newsbooster.com to stop linking to websites of Danish newspapers. The court held that Newsbooster.

2002 U.S. Dist. LEXIS 7770 (S.D.N.Y. 2002)
Federal
About.com sued advertiser Targetfirst in state court. Targetfirst removed the case to federal court and counterclaimed for fraud and breach of contract, alleging that About.

255 F.3d 728 (9th Cir. 2001)
Federal
The Ninth Circuit ruled on the application of the US Sentencing Commission Guidelies (USSG) to a defendant fraudulently selling computers online. The defendant Pirello placed four advertisements on Internet classified-ads websites, soliciting buyers for computers.

161 F. Supp. 2d 1183 (W.D. Wash. 2001)
Federal
The court granted a Michigan-based defendant's motion to dismiss for lack of personal jurisdiction in Washington State. The defendant established a website on which its products were for sale nationwide, placed advertisements in industry journals, and maintained a toll-free number for receiving orders.

No. 01-CV-4854 (E.D. Pa. 2001)
Federal
The FTC filed a complaint against John Zuccarini, seeking to force him to cease his "mousetrapping" activities and return all profits earned from this type of advertising. "Mousetrapping" occurs when a visitor to a site is trapped because the back button on the browser is rigged to trigger pop-up advertisements.

(FTC, 2001)
F.T.C.
The FTC has launched a non-public investigation of online advertisers and direct marketers concerning their use of "delete-resistant" pop up ads. These types of ads may constitute an unfair act or practice in violation of section 5 of the FTC Act.

254 F.3d 476 (3d Cir. 2001)
Federal
The 3d Circuit affirmed a lower court ruling that found John Zuccarini liable for violating the Anticybersquatting Consumer Protection Act (ACPA). Plaintiff Shields sued Zuccarini for registering 5 domain names that had minor spelling variations of Shields' website.

San Rafeal District Court (Cal. 2001)
CA
A California judge denied DoubleClick's motion to dismiss a class action lawsuit that accuses DoubleClick of privacy violations. Plaintiffs in the case are arguing that by using cookies, DoubleClick is able to collect personality identifying information and create personal profiles.

00 Civ. 0641 (S.D.N.Y. 2001)
Federal
A New York Federal District Court has dismissed a class action lawsuit against Internet advertising giant DoubleClick, Inc. The class alleged various privacy claims stemming from DoubleClick’s practice of placing “cookies” on computer hard drives of the people visiting sites with which they have advertisement deals.

00 Civ. 0641 (S.D.N.Y. 2001)
Federal
A New York Federal District Court has dismissed a class action lawsuit against Internet advertising giant DoubleClick, Inc. The class alleged various privacy claims stemming from DoubleClick’s practice of placing “cookies” on computer hard drives of the people visiting sites with which they have advertisement deals.

84 F. Supp. 2d 180 (D. Mass. 2000)
Federal
Federal judge ruled that Massachusetts cigarette regulations prohibiting advertising in places frequented by minors are valid exercises of state authority. However, the judge also ruled that attempts by the state to regulate advertising in nationally distributed print media, or the Internet, would impose an impermissible burden on interstate commerce.

2000 U.S. Dist. LEXIS 15719 (E.D. Pa. 2000)
PA
The Eastern District of Pennsylvania awarded the largest statutory award to date under the Anticybersquatting Consumer Protection Act of 1999. The defendant, who was ordered to pay $530,000 in damages and attorney's fees, earned up to $1 million dollars per year by registering domain names based on mispelled web sites that lured users into "mousetraps" with multiple advertising windows.

Greene Cty. Cir. Ct., Mo., filed Sept. 13, 2000
MO
Missouri's attorney general filed suit against health, beauty and wellness retailer More.com for violation of its customer privacy policy.

Greene Cty. Cir. Ct., Mo., filed Sept. 13, 2000
MO
Missouri's attorney general filed suit against health, beauty and wellness retailer More.com for violation of its customer privacy policy.

Greene Cty. Cir. Ct., Mo., filed Sept. 13, 2000
MO
Missouri's attorney general filed suit against health, beauty and wellness retailer More.com for violation of its customer privacy policy.

Multiple courts (filed Aug., 2000)
Federal
Motorola has filed five copyright infringement suits against individuals in federal courts in California, New Jersey, New York and Texas. The complaints allege that the defendants advertised and sold Motorola Radio Service Software on the eBay auction site after acquiring the software without consent.

No. 00-2288 (E.D. Pa., June 2000)
Federal
Trademark infringement action arising from the defendant's marketing and sales of "Tundra Pants" in a Seattle, WA retail store and via mail order catalogs and the Internet. Plaintiff manufactures and sells clothing under the registered trademarks "Tundra" and "Tundra Sports."

S.D.N.Y., filed May 25, 2000
Federal
Following a decision that MP3.com violated the copyrights of major record labels by allowing users to listen and download unauthorized copies of songs (see RIAA v. MP3.com).

94 F. Supp. 2d 457 (S.D.N.Y. 2000)
Federal
Jeri-Jo brought a contempt action for violating a July 1999 injunction barring Sixty from advertising or promoting apparel in the United States using Jeri-Jo's ENERGIE trademark. The court, in denying the action held that the defendant's hyperlink from its U.S. website.

208 F.3d 741 (9th Cir. 2000)
Federal
America Online subscribers sued in federal court for RICO, and the Communications Act of 1934 violations as well as state claims of unfair business practices, negligence, false advertising , and fraud and deceit. The 9th Circuit Court of Appeals affirmed the district court's dismissal, finding 1) failure to show a pattern of activity required by RICO, 2) the Communications Act did not apply because AOL was not a "common carrier", and 3) AOL was not a "state actor" subject to constitutional privacy claims.

105 F. Supp. 2d 816 (S.D. Ohio 2000)
Federal
Trademark infringement action brought by the owners of "Lexis," "Nexis," and "Lexis-Nexis." against Innovator, a competitor that also provides an information retrieval system.

2000 Va. Cir. LEXIS 191 (Va. Cir. Ct., Mar. 8, 2000)
VA
HotJobs brought a breach of contract action after receiving notice from DCI that it was exercising its option to cancel an Internet advertising agreement. HotJobs contends the agreement contained no unilateral cancellation provision under the circumstances in question.