Digital Currency App’s Electronic User Agreement Held Enforceable

In a recent blog post, we wrote about how the Second Circuit found the arbitration clause in a web service’s terms and conditions unenforceable because the user did not have reasonable notice of the terms that were communicated via a hyperlink in a post-sale email. In contrast, a New York district court recently upheld an arbitration clause in Coinbase’s account registration process and granted its motion to compel arbitration concerning claims brought by a user (Sultan v. Coinbase, Inc., No. 18-934 (E.D.N.Y. Jan. 24, 2019)).

This case sheds further light on the do’s and don’ts of online electronic contracting and the enforceability of app-based terms and conditions. The decision reinforces the point that for purposes of establishing a binding agreement with a user – particularly in the context of a mobile app – simplicity and clarity of the user interface is desired. And, in particular, this case reinforces the point that has been illustrated in many cases before that the design of user registration pages should be done with the input of legal analysis as to likely enforceability. Continue Reading

Tags: assent, consumer interface, enforceability, mobile app terms, online contracting

New York City Considers Facial Recognition Bill — Will New York Be the Next Forum for Biometric Privacy Litigation?

By Stephanie Kapinos on January 31, 2019 Posted in Biometrics, Legislation, Privacy

In light of the recent decision by the Illinois Supreme Court in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (Ill. Jan. 25, 2019), it is worth remembering that late last year, New York City Council members Ritchie Torres (and additional co-sponsors) introduced a bill for the city council to consider that would regulate the use of biometric technology in New York City. Bill Int. No. 1170 (the “Bill”) would amend Section 1, Chapter 5 of Title 20 of the Administrative Code of the City of New York and require businesses (but not governmental actors) to give notice to customers if they are collecting “biometric identifier information.” The Bill, which contains some similar provisions to the Illinois Biometric Information Privacy Act (“BIPA”), includes a private right of enforcement but avoids the statutory standing issue litigated in Rosenbach by providing that “any person who[se] biometric identifier information was collected, retained, converted, stored or shared in violation of [the law] may commence an action.” If enacted, this bill could lead to a deluge of individual and class action suits in New York based on biometric activity. Continue Reading

Tags: biometric privacy, Facial recognition, local law, New York City Council bill, notice

Notice of Terms via Buried Link within a Post-Sale Email Unenforceable

By Jeffrey Neuburger on January 30, 2019 Posted in Contracts, Online Commerce

In Starke v. SquareTrade, Inc., No. 17-2474, 2019 WL 149628 (2d Cir. Jan. 10, 2019), the Second Circuit affirmed a ruling that denied a web service’s motion to compel arbitration, finding that the user did not have reasonable notice of the arbitration provision contained in the terms and conditions that were communicated via a hyperlink in a post-sale email.

File this latest opinion declining to enforce a service’s terms under Crowded Interface, Unclear Prompts and Muddled Process.

While the court recognized that a party has a duty to read a contract, it stressed that this does not morph into a duty to “ferret out contract provisions when they are contained in inconspicuous hyperlinks,” particularly where, as in this case, the user was presented with multiple documents, each containing different sets of terms. This dispute was reminiscent of a Second Circuit case we wrote about in 2012, where the court held that a buy now-agree later process did not provide sufficient notice to consumers of an arbitration provision contained in the post-sale terms. Continue Reading

Tags: agree now - terms later contract, Electronic Contracting

Fair Use in Flux: Second Circuit TVEyes Ruling May Have a Lasting Effect on Fair Use Analysis

By Kevin Milewski on January 28, 2019 Posted in Copyright, Technology, Television, Video

Fair use can be one of the most difficult issues that copyright lawyers have to address due to decades of varying court rulings applying the multi-factor balancing test, particularly in the face of new technologies that use, modify, and aggregate data in ways not envisioned under the Copyright Act. The Second Circuit’s February 2018 fair use decision in the dispute between Fox News Network, LLC (“Fox”) and TVEyes, Inc. (“TVEyes”) added yet another wrinkle to fair use jurisprudence when the court emphasized market effect over transformative use, seemingly a departure from recent trends in the application of the balancing test. (See Fox News Network, LLC v. TVEyes, Inc., 883 F.3d 169 (2d Cir. 2018)). In recent weeks, the Supreme Court denied TVEyes’ petition for certiorari, leaving in place the appeals court’s decision; and Fox and TVEyes settled the case, stipulating that TVEyes may no longer make available, distribute, or publicly perform or display Fox’s copyrighted video content.

TVEyes is likely to be an important decision for future fair use cases within the Second Circuit. Continue Reading

Tags: aggregation, fair use, transformative use, video

Illinois Supreme Court Rules Actual Injury Not Needed to Be an “Aggrieved” Party under Biometric Privacy Law

By Jeffrey Neuburger on January 25, 2019 Posted in Biometrics, Privacy

In a long-awaited decision, the Illinois Supreme Court issued its ruling in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (Ill. Jan. 25, 2019), on whether a person “aggrieved” by a violation of the Illinois Biometric Information Privacy Act (“BIPA”) must allege some actual injury or harm beyond a procedural violation to have standing to bring an action under the statute. Since the Court took the appeal in May 2018, businesses have been waiting for the answer to this important question, as the robust wave of Illinois biometric privacy suits against Illinois-based employers and other businesses continued apace and several Illinois courts issued disparate interpretations about what it means to be “aggrieved” under the statute.

In a disappointment to many of the defendants in pending cases, a unanimous Court in Rosenbach reversed the appellate court and ruled that an individual does not have to plead an actual injury or harm, apart from the statutory violation itself, in order to have standing to sue under BIPA. The outcome was not a complete surprise, as previous courts (such as a California federal court and an Illinois appellate court) had ruled or expressed in dicta that mere technical violations of BIPA were sufficient under the statute. Continue Reading

Tags: aggrieved party, biometric privacy, BIPA, standing

City Attorney of Los Angeles Sues Popular Weather App Claiming Deceptive Collection and Sharing of Geolocation Data

By Jeffrey Neuburger on January 4, 2019 Posted in Contracts, Mobile, Privacy

Yesterday, Los Angeles City Attorney Mike Feuer filed an unfair competition lawsuit on behalf of the People of the State of California against the operator of the popular Weather Channel app (“TWC app”) for allegedly failing to conspicuously disclose to users that the TWC app collects and shares users’ mobile geolocation data. (People v. TWC Product and Technology, LLC (Cal. Super., L.A. County)). In essence, the suit alleges that the TWC app mines users’ precise geolocation data after receiving permission to gather location information to provide “personalized local weather data” without also adequately disclosing that the app also packages this data trove for advertising and analytics services unrelated to weather reporting. The City is seeking injunctive relief and civil penalties under state law for this alleged unfair business practice. Feuer held a press conference today further detailing the State’s position in this lawsuit and expressed his hope that this case would spur litigation in other jurisdictions and legislation on the issue. Continue Reading

Tags: alternative data, anonymized data, mobile geolocation data, mobile permission prompts, mobile privacy

Reflections on the TechLaw Issues of 2018…and a Look Forward. Will 2019 Be a Year on the Edge, in the Fog, or Maybe Just in the Cloud?

By Jeffrey Neuburger on December 21, 2018 Posted in Blockchain, Privacy, Screen Scraping, Technology

Yes, it’s time for the end-of-year blog post – a look back at interesting issues of 2018 and a look forward to what we see coming down the pike in the new year.

The Look Back

In the past year, blockchain buzz was everywhere. Although still early, blockchain has in fact began to show promise as a technology bringing efficiency and cost reduction to many business operations. In 2018, many industries tested the technology and started pilot programs with an eye to replacing or supplementing traditional client-server systems with a distributed ledger-based system. 2019 promises much more in the adoption of blockchain. For continuing coverage of some of the more novel issues that blockchain presents, subscribe to our Blockchain and the Law blog.
“Web scraping” (also known as spidering and crawling) remained at the forefront in 2018 as companies used scraping for purposes such as consumer-facing data aggregation, real-time e-commerce analytics (e.g., dynamic pricing strategies), competitive intelligence, user sentiment analysis, etc. 2018 produced many important scraping decisions in the courts, including those about CFAA liability and the intersection of scraping and software licensing, and we await the Ninth Circuit’s decision in the closely-watched hiQ appeal, which will hopefully address a number of important open issues presented by the practice.
Privacy and data security continued to be a hot-button boardroom issue this year. The GDPR became effective, and California passed major privacy legislation which will take effect in 2020. The almost daily announcement of data security breaches continues to spawn class action litigation, testing the principles of standing after Spokeo. The federal government has pushed multiple initiatives to improve the nation’s cyber defenses. The wave of litigation under the Illinois biometric privacy law (BIPA) against Illinois employers and businesses persisted in 2018, and the continued viability of such suits may hinge on an upcoming ruling by the Illinois Supreme Court, as well as the outcome in California courts regarding the BIPA actions against social media entities. See our Privacy Law Blog for more discussion on 2018 privacy and data security developments.

Tags: 2018 REVIEW, biometric privacy, blockchain, edge computing, fog computing, IoT, new technologies, quantum computing, technology law trends

Locational Tracking on iOS and Android Devices: Check the Platform’s Rules!

By Jeffrey Neuburger on December 18, 2018 Posted in Contracts, Mobile, Privacy

This post discusses some of the contractual requirements imposed by Apple and Google regarding the collection and sharing of locational information. What consents, if any, do Apple and Google require that app publishers obtain before collecting and using locational information? This is a question that is being asked with increasing frequency. In fact, a regular beat of media coverage on the issue (see, e.g., here or here), has reached crescendo levels with a much-discussed article this past week in the New York Times. Coincidentally (or maybe not?), the NYT article was published the day before Google CEO Sundar Pichai testified before the House Judiciary Committee on Google’s privacy and data collection practices, among other things. Continue Reading

Tags: app developers, developer guidelines, geolocation data end-users, mobile geolocation data, mobile platform policies, mobile privacy

FCC Approves Rule That Would Permit Cable Providers to Send More Notices via Email

By Stephanie Kapinos on December 6, 2018 Posted in E-mail, Regulatory, Television

In an effort to modernize communications, the Federal Communications Commission (“FCC”) decided to allow cable operators to deliver general subscriber notices required under so-called Subpart T rules (47 CFR §§ 76.1601 et seq.) to verified customer email addresses. This decision was announced through a Report and Order on November 15, 2018. This update is part of the greater trend towards using electronic communications and electronic contracting to replace paper as supported by the federal Electronic Signatures in Global and National Commerce Act (“E-Sign Act”) and related state laws. The E-Sign Act allows electronic records to satisfy legal requirements that certain information to be provided in writing if the consumer has affirmatively consented to such use. However, the E-Sign Act allows federal agencies like the FCC to exempt a specified category or type of record from the normally required consent requirements if it makes the agency’s requirements less burdensome and does not harm consumers. In this case, based on an understanding that it would be impractical for cable operators to attempt to receive permission from each individual customer prior to initiating electronic delivery of these general notices, the FCC waived the consent requirement pursuant to their discretion under the E-Sign Act. Continue Reading

Tags: cable providers, e-sign act, email notices, FCC rule