Social Media

Earlier this month, the FTC settled with two social media influencers for failing to provide adequate disclosures in their promotions of their company, and issued 21 warning letters to other influencers it felt continued to violate the FTC Endorsement Guidelines in spite of the educational letters the FTC had sent earlier this year. In addition to the new “FAQ” examples the FTC provided in its guidance materials and this blog post (which contains an instructional video), the FTC hosted a live Twitter chat to directly answer questions regarding its influencer disclosure policies. 
Continue Reading FTC Twitter Chat: Influencers 101

On September 5, 2017, the Grand Chamber of the European Court of Human Rights (“ECtHR”) issued its ruling on appeal in the case of Bărbulescu v. Romania, concerning alleged unlawful workplace monitoring of Mr. Barbulescu’s private communications.

Overturning the ECtHR’s prior ruling in the case (covered by Inside Privacy here), the Grand Chamber held that Romanian courts had not adequately and fairly weighed up the competing interests of Mr Barbulescu and his employer.  That defect of justice meant that Romania had failed to proactively protect Mr Barbulescu’s right to privacy, as required by its membership of the European Convention on Human Rights.

The Grand Chamber held that Mr Barbulescu’s right to privacy extended to his workplace, despite his private use of a work computer constituting a breach of his rules of employment.  The Grand Chamber held that while privacy in the workplace can be restricted “as necessary,” “an employer’s instructions cannot reduce private social life in the workplace to zero,” since the right to privacy does not necessarily depend on an individual’s reasonable expectations, and can be enjoyed in public and in the workplace, notwithstanding prohibitions and warnings given to the individual.  A fulsome balancing exercise was therefore required in cases such as these.

The Grand Chamber underlined that provided national courts undertake an adequate balancing exercise, they have some discretion as to the actual result (i.e. whether the employer’s or employee’s rights prevail in a given case).  Similar discretion is also enjoyed by national legislators and constitutions when setting underlying rules on workplace privacy, provided such rules – and a means to enforce them – are actually in place.

Nevertheless, the ruling states that workplace monitoring must always be limited to what is necessary for a legitimate purpose, and should be accompanied by a range of safeguards, normally including prior notice to employees – particularly when the content of communications is concerned.
Continue Reading New Ruling in European Employee Monitoring Case

The FTC recently announced that it reached a settlement with two social media influencers, Trevor Martin and Thomas Cassell, for deceptively endorsing their owned and operated online gambling service “CSGO Lotto” without disclosing that they were the owners of the site, as well as paying other well-known social media influencers to promote the site without requiring them to disclose the payments in their posts. In addition, the FTC issued warning letters to 21 out of the 90 social media influencers it had sent educational letters to earlier this year, citing specific social media posts that they felt still failed to “clearly and unambiguously” disclose a material connection between the influencers and the brands or products they were promoting. The letters asked them to respond in writing, by September 30th, advising staff of whether they do, in fact, have a material connection with the brands/products cited in the letters and, if so, describing how they will ensure such relationship is clearly disclosed going forward. Finally, the FTC updated its guidance on its official Endorsement Guidelines with additional examples featuring common social media advertising mechanisms such as Instagram, Snapchat, and Facebook.
Continue Reading FTC Reaches Settlement with Influencers; Issues Updated Guidance

Twenty years ago, the Supreme Court was faced with the question of whether a federal statute that imposed a content-based restriction on online speech violated the First Amendment. That case, Reno v. American Civil Liberties Union, marked the first instance in which the Supreme Court weighed in on the role of the Internet in the marketplace of ideas, and decided affirmatively that speech on the Internet is afforded protection under the First Amendment.

Over the course of the twenty years following Reno, the Internet has changed in size, shape, and substance. In 1997, about 40 million people used the Internet and “most colleges and universities,” “many corporations,” “many communities and local libraries,” and “an increasing number of storefront ‘computer coffee shops’” provided the public access to the Internet. Today, at least 280 million Americans use the Internet, 102 million U.S. households have in-home broadband Internet access, and 225 million Americans access the Internet through their mobile device. In 1997, popular uses of the Internet included e-mail, listservs, newsgroups, chatrooms, and the “World Wide Web” (which then consisted of around 100,000 websites), but today, social media dominates, with an estimated 81% percent of Americans participating.

Despite the seismic changes to the Internet since the Reno case was decided, the Court’s views on online speech have remained largely consistent, albeit more tailored to the times. Recently, in Packingham v. North Carolina, the Court struck down a content-neutral state law that restricted sex offenders’ access to “social networking” websites, finding that it violated the First Amendment. The significance of the Packingham opinion, particularly in its partial extension of Reno, goes beyond the four corners of the Court’s holding.Continue Reading Reno at 20: The Packingham Decision and the Supreme Court on Online Speech

On Monday, a panel of the Ninth Circuit unanimously ruled that Section 230 of the Communications Decency Act (“CDA”) protected Yelp from liability relating to an allegedly defamatory user-generated review.  In doing so, the Court rejected several attempts by the Plaintiff to plead around the CDA’s broad immunity provisions by accusing Yelp of playing a

Today we published a post on the Covington eHealth blog regarding a recent report by the U.S. Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC).  The ONC report highlights “large gaps” in policies and oversight surrounding access to and security and privacy of health information held

On January 12, 2016, the European Court of Human Rights (ECtHR) ruled that an employer who had monitored an employee’s private communications during working hours had not breached the employee’s right to privacy (under Article 8 of the European Convention on Human Rights).

This judgment will influence how other European national courts and regulators view similar cases involving employer monitoring of employee private communications. However, the full scope of the judgement remains somewhat unclear; in particular, it remains unclear whether the ECtHR would apply similar logic if the monitored communications had been carried out through a personal account, rather than a professional one.  Employers should also take note that the judgment emphasizes the need for employer monitoring policies to be reasonable and proportionate.  The judgment is available in full here.
Continue Reading European Court of Human Rights Rules That Employers Can Monitor Employee Private Communications

Making good on its warnings that mobile apps will be an enforcement priority under the revised Children’s Online Privacy Protection Act (“COPPA”) Rule, the FTC has announced two settlements with mobile app developers:

  1. TinyCo., the developer of several child-directed mobile apps, will pay $300,000 to settle charges that it violated COPPA by collecting children’s email

Last Thursday, the United States Court of Appeals for the Ninth Circuit affirmed dismissal of claims for violations of the Electronic Communications Privacy Act (“ECPA”), holding that the plaintiffs had failed to allege Facebook and Zynga disclosed the “contents” of a communication, a necessary element under the Act.

The court’s ruling applies to the consolidated cases In re Zynga Privacy Litig. and In re Facebook Privacy Litig., in which plaintiffs alleged that the social network and popular gaming company disclosed personally identifiable information to third parties.  Continue Reading Ninth Circuit Holds Facebook IDs and URLS Not “Content” under ECPA