Charles Ford has sued Verisign, Jamster!, Jamba! (the European version of Jamster!), T-Mobile USA, AT&T Wireless, and Cingular, hoping to turn his lawsuit into a worldwide class action. The problem: his daughter responded to a TV ad promising her a free ring tone. Although she claims never to have downloaded any songs the company sent her, Ford was billed $1.99, plus another 5 cents for each text message she received and read over her monthly limit—to the tune of $80. Ford is alleging fraud, negligent misrepresentation, false advertising, and unfair competition, and is claiming that by targeting children who often don’t understand, they are using this as a means to keep sending text messages which are read—costing consumers money. Stay tuned.
This June, the Ninth Circuit, overturning a lower court ruling, held that the Fair Credit Reporting Act (FCRA) does preempt some part of the California Financial Information Privacy Act (aka SB1). The court held that the FCRA does, in fact, preempt state affiliate sharing laws insofar as a “consumer report” is concerned. Where affiliate sharing does not involved a “consumer report” as defined in the FCRA, state laws are not preempted. What this means if you do business in California: (a) SB1 opt-out will not apply when affiliates share consumer report information; (b) SB1 opt-out will apply when affiliates share information that isn’t a consumer report; and (c) SB1 “opt-in” relevant to disclosures of information to non-affiliates will continue to be applicable and enforceable.
Just last month (June was a busy month), Utah and Michigan laws came into force which prohibit sending commercial e-mail to children for products a minor can’t legally own there—but the children must be signed up in the newly created Child Protection registries to be covered by the protection. That means not just gambling or alcohol, but tobacco, prescription drugs and a host of other items which children are not permitted to own in those states. Michigan and Utah will both impose fines for violations , and in Utah, sending a message or a web link could also land you in jail for up to three years. And you thought CAN-SPAM was tough—in both states, the penalties apply even if a parent requested the e-mail. Although likely to be challenged, at this point, if you are using e-mail or web-based links to market in these states, the time to worry about doing a merge-purge against the registries before you e-mail is now.
We were so busy last month telling you about Grokster, we didn’t even get a chance to mention the Supreme Court also ruled providers of cable modem services are not subject to the common carrier regulations that apply to telecommunications services—most significantly the requirement they allow competitors to connect or interconnect with their networks and provide competitive choice and equal access to consumers. Technically, the decision held that the FCC didn’t exceed its authority and has the discretion to interpret the scope of its regulation and rulemaking authority when it declined to force cable broadband providers to provide competitive access similar to that accorded the telecommunications’ common carriers. The FCC had characterized cable modem services as “information services” and thus not telecommunications services, which are subject to the common carrier (and consequently, competitive) regulations.
Click Defense, a company that sells tools for online marketing, including tools to prevent click fraud, sued Google. Why? Because it just doesn’t do enough to prevent “click fraud”—the process of deliberately clicking Web ads to run up rival advertising costs (the advertiser has to pay Google for each click). Whether it does or doesn’t do enough is a question of fact and whether it has an obligation to do something, anything, or more than it is doing is also debatable. On one end of the spectrum, liability could attach if a search engine company actually knew (or should have known) someone was doing that and did nothing to stop or prevent it. At the other end is the fact that in today’s environment, it is often difficult for these providers to monitor or determine what constitutes improper or proper clicking. After all, isn’t the goal of advertising to induce you to click? This is a sticky problem that is likely not to go away and will find different paths through the courts—there is too much money at stake. How can we help you?
Last month we teased you about legal issues that apply to interactive, web-based digital video games. How could we have known those sexually explicit scenes hidden in the game Grand Theft Auto: San Andreas would have been exposed just in time for our July Legal Bytes issue. Wow. Although the Advertising Review Council has an Entertainment Software Rating Board (“ESRB”)—a self-regulatory group that in May 2001 promulgated widely followed and accepted Principles and Guidelines for Responsible Advertising—the inability of the industry to effectively police itself, whether in connection with sexually explicit images, profanity, violence or otherwise, is coming under increasing fire as these incidents are uncovered. You all know what that means, right? Legislation, regulation and full employment for advertising attorneys who know their way around interactive, web-based digital gaming…and we have lots of those folks. You thought we were only concerned with product placement. Questions?
At least that’s what the FTC thinks. They charged BJ’s Wholesale Club with failing to maintain adequate computer security—it is the first time the FTC has used Section 5(a) (the section that says if you engage in an unfair or deceptive act, or practice in or affecting commerce, it’s unlawful). The FTC cited failures to encrypt consumer information, storing sensitive computer information for a needlessly long time in files with common or default passwords, and lax measures regarding prevention of unauthorized access, detection and security investigations: The complaint alleged that when taken together, BJ’s failed to provide legally adequate security for sensitive consumer information. The Chairman of the FTC has called for Congress to enact legislation requiring notification to consumers if there is significant identity theft risk, and has asked Congress to consider extending the Gramm-Leach-Bliley Safeguards Rule currently applicable to financial institutions, to non-financial institutions.