This Monday, the Supreme Court unanimously ruled in Fourth Estate Public Benefit Corp. v. Wall-Street.com, LLC, 586 U.S. ____ (Mar. 4, 2019), that a copyright owner may commence an infringement suit only when the Copyright Office determines whether or not to register a copyright, as opposed to when the owner submits an application and fee for registration. The widely-followed case resolves a simple question, but has far-reaching practical implications for U.S. copyright litigation. Continue Reading
In a recent blog post, we wrote about how the Second Circuit found the arbitration clause in a web service’s terms and conditions unenforceable because the user did not have reasonable notice of the terms that were communicated via a hyperlink in a post-sale email. In contrast, a New York district court recently upheld an arbitration clause in Coinbase’s account registration process and granted its motion to compel arbitration concerning claims brought by a user (Sultan v. Coinbase, Inc., No. 18-934 (E.D.N.Y. Jan. 24, 2019)).
This case sheds further light on the do’s and don’ts of online electronic contracting and the enforceability of app-based terms and conditions. The decision reinforces the point that for purposes of establishing a binding agreement with a user – particularly in the context of a mobile app – simplicity and clarity of the user interface is desired. And, in particular, this case reinforces the point that has been illustrated in many cases before that the design of user registration pages should be done with the input of legal analysis as to likely enforceability. Continue Reading
UPDATE: Subsequent to the introduction of the New York City Council biometric privacy bill, on March 5, 2019 members of the Florida legislature introduced the “Florida Biometric Information Privacy Act” (SB 1270). The statute generally follows the Illinois Biometric Information Privacy Act (BIPA) regarding notice and consent requirements and notably provides for a private right of action and the availability of statutory damages. As with the New York City bill, we will follow the progress of the Florida bill, as well as other pending biometric privacy legislation (e.g., Montana’s HB 645, which was introduced on March 1, 2019 and is another BIPA-like bill, but only allows enforcement by the state attorney general).
In light of the recent decision by the Illinois Supreme Court in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (Ill. Jan. 25, 2019), it is worth remembering that late last year, New York City Council members Ritchie Torres (and additional co-sponsors) introduced a bill for the city council to consider that would regulate the use of biometric technology in New York City. Bill Int. No. 1170 (the “Bill”) would amend Section 1, Chapter 5 of Title 20 of the Administrative Code of the City of New York and require businesses (but not governmental actors) to give notice to customers if they are collecting “biometric identifier information.” The Bill, which contains some similar provisions to the Illinois Biometric Information Privacy Act (“BIPA”), includes a private right of enforcement but avoids the statutory standing issue litigated in Rosenbach by providing that “any person who[se] biometric identifier information was collected, retained, converted, stored or shared in violation of [the law] may commence an action.” If enacted, this bill could lead to a deluge of individual and class action suits in New York based on biometric activity. Continue Reading
Last Friday, the Illinois Supreme Court ruled in the long-awaited Rosenbach case that an individual does not have to plead an actual injury or harm, apart from the statutory violation itself, in order to have statutory standing to sue under the Illinois Biometric Information Privacy Act (BIPA). The Illinois Supreme Court ruling will allow procedural BIPA violations to proceed (and multiply) in state court – and has reportedly already prompted parties to settle such actions. However, recent rulings in federal court have offered a divergent interpretation of the related, but different Article III standing issue. Continue Reading
In Starke v. SquareTrade, Inc., No. 17-2474, 2019 WL 149628 (2d Cir. Jan. 10, 2019), the Second Circuit affirmed a ruling that denied a web service’s motion to compel arbitration, finding that the user did not have reasonable notice of the arbitration provision contained in the terms and conditions that were communicated via a hyperlink in a post-sale email.
File this latest opinion declining to enforce a service’s terms under Crowded Interface, Unclear Prompts and Muddled Process.
While the court recognized that a party has a duty to read a contract, it stressed that this does not morph into a duty to “ferret out contract provisions when they are contained in inconspicuous hyperlinks,” particularly where, as in this case, the user was presented with multiple documents, each containing different sets of terms. This dispute was reminiscent of a Second Circuit case we wrote about in 2012, where the court held that a buy now-agree later process did not provide sufficient notice to consumers of an arbitration provision contained in the post-sale terms. Continue Reading
Fair use can be one of the most difficult issues that copyright lawyers have to address due to decades of varying court rulings applying the multi-factor balancing test, particularly in the face of new technologies that use, modify, and aggregate data in ways not envisioned under the Copyright Act. The Second Circuit’s February 2018 fair use decision in the dispute between Fox News Network, LLC (“Fox”) and TVEyes, Inc. (“TVEyes”) added yet another wrinkle to fair use jurisprudence when the court emphasized market effect over transformative use, seemingly a departure from recent trends in the application of the balancing test. (See Fox News Network, LLC v. TVEyes, Inc., 883 F.3d 169 (2d Cir. 2018)). In recent weeks, the Supreme Court denied TVEyes’ petition for certiorari, leaving in place the appeals court’s decision; and Fox and TVEyes settled the case, stipulating that TVEyes may no longer make available, distribute, or publicly perform or display Fox’s copyrighted video content.
TVEyes is likely to be an important decision for future fair use cases within the Second Circuit. Continue Reading
In a long-awaited decision, the Illinois Supreme Court issued its ruling in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (Ill. Jan. 25, 2019), on whether a person “aggrieved” by a violation of the Illinois Biometric Information Privacy Act (“BIPA”) must allege some actual injury or harm beyond a procedural violation to have standing to bring an action under the statute. Since the Court took the appeal in May 2018, businesses have been waiting for the answer to this important question, as the robust wave of Illinois biometric privacy suits against Illinois-based employers and other businesses continued apace and several Illinois courts issued disparate interpretations about what it means to be “aggrieved” under the statute.
In a disappointment to many of the defendants in pending cases, a unanimous Court in Rosenbach reversed the appellate court and ruled that an individual does not have to plead an actual injury or harm, apart from the statutory violation itself, in order to have standing to sue under BIPA. The outcome was not a complete surprise, as previous courts (such as a California federal court and an Illinois appellate court) had ruled or expressed in dicta that mere technical violations of BIPA were sufficient under the statute. Continue Reading
Yesterday, Los Angeles City Attorney Mike Feuer filed an unfair competition lawsuit on behalf of the People of the State of California against the operator of the popular Weather Channel app (“TWC app”) for allegedly failing to conspicuously disclose to users that the TWC app collects and shares users’ mobile geolocation data. (People v. TWC Product and Technology, LLC (Cal. Super., L.A. County)). In essence, the suit alleges that the TWC app mines users’ precise geolocation data after receiving permission to gather location information to provide “personalized local weather data” without also adequately disclosing that the app also packages this data trove for advertising and analytics services unrelated to weather reporting. The City is seeking injunctive relief and civil penalties under state law for this alleged unfair business practice. Feuer held a press conference today further detailing the State’s position in this lawsuit and expressed his hope that this case would spur litigation in other jurisdictions and legislation on the issue. Continue Reading
Yes, it’s time for the end-of-year blog post – a look back at interesting issues of 2018 and a look forward to what we see coming down the pike in the new year.
The Look Back
- In the past year, blockchain buzz was everywhere. Although still early, blockchain has in fact began to show promise as a technology bringing efficiency and cost reduction to many business operations. In 2018, many industries tested the technology and started pilot programs with an eye to replacing or supplementing traditional client-server systems with a distributed ledger-based system. 2019 promises much more in the adoption of blockchain. For continuing coverage of some of the more novel issues that blockchain presents, subscribe to our Blockchain and the Law blog.
- “Web scraping” (also known as spidering and crawling) remained at the forefront in 2018 as companies used scraping for purposes such as consumer-facing data aggregation, real-time e-commerce analytics (e.g., dynamic pricing strategies), competitive intelligence, user sentiment analysis, etc. 2018 produced many important scraping decisions in the courts, including those about CFAA liability and the intersection of scraping and software licensing, and we await the Ninth Circuit’s decision in the closely-watched hiQ appeal, which will hopefully address a number of important open issues presented by the practice.
- Privacy and data security continued to be a hot-button boardroom issue this year. The GDPR became effective, and California passed major privacy legislation which will take effect in 2020. The almost daily announcement of data security breaches continues to spawn class action litigation, testing the principles of standing after Spokeo. The federal government has pushed multiple initiatives to improve the nation’s cyber defenses. The wave of litigation under the Illinois biometric privacy law (BIPA) against Illinois employers and businesses persisted in 2018, and the continued viability of such suits may hinge on an upcoming ruling by the Illinois Supreme Court, as well as the outcome in California courts regarding the BIPA actions against social media entities. See our Privacy Law Blog for more discussion on 2018 privacy and data security developments.
This post discusses some of the contractual requirements imposed by Apple and Google regarding the collection and sharing of locational information. What consents, if any, do Apple and Google require that app publishers obtain before collecting and using locational information? This is a question that is being asked with increasing frequency. In fact, a regular beat of media coverage on the issue (see, e.g., here or here), has reached crescendo levels with a much-discussed article this past week in the New York Times. Coincidentally (or maybe not?), the NYT article was published the day before Google CEO Sundar Pichai testified before the House Judiciary Committee on Google’s privacy and data collection practices, among other things. Continue Reading