Cheryl Dancey Balough
On the heels of an action-packed Winter Working Meeting and Cyberspace Law Institute in San Francisco, we are gearing up for a full slate of activities
at the Business Law Spring meeting March 21-24 in Las Vegas. Read on for details of the terrific programming we will be presenting. And don't forget to book your ticket for our joint
dinner with the corporate counsel committee.
For those of you perusing this newsletter for the first time or who have only recently joined us at a meeting, get involved with one of our
subcommittees or task forces. There are several ongoing projects looking for additional contributors, and we are always interested in proposals for new
projects and collaboration with other committees or groups.
Here in San Francisco, the conferences just keep coming. I expect to bump into a few cyberlawyers on the streets during the upcoming RSA and AdTech
conferences, both of which should offer fertile grounds to hear about the latest in cybersecurity and digital media issues.
Jonathan T. Rubens
Chair, Cyberspace Law Committee, Business Law Section
back to top ↑
Upcoming CLC Programs and Events
CLC Offers Four Programs at BLS Spring Meeting
Kristine Dorrain, CLC Program Director
If you haven't yet registered for
the Business Law Section Spring Meeting, there's still time. You will find an exciting slate of programs, including four offerings from our own
Cyberspace Law Committee:
Maps to the Social Media Minefield Part III: Getting Social and Going Mobile
Kathleen Porter, Chair; John A. Rothchild; Ahmed Datoo
This program will explore the benefits and risks of employee use of mobile devices and social media in and out of the workplace, including:
- How to strike a balance between using mobile devices for enhanced productivity and accessibility and managing security and privacy risks
- Understanding NLRA claims for unfair labor practices resulting from an employer's promulgation and enforcement of social media policies
- Avoiding hostile workplace claims based on one employee's harassment of another via social media postings
- Knowing the risks an employer faces from using social media postings to evaluate job applicants
- Challenges in accessing social media postings and personal emails or documents stored on an employee-owned device
- Determining which employees/contractors are eligible for a device and for network access
- Rules and technology tools for monitoring and accessing swiping mobile devices and social network postings
- Privacy/data security compliance for data in motion and stored data
- How training and education on use, discovery, monitoring, security, and privacy issues can improve compliance, enhance value, and minimize loss
Avoiding the Privacy Cross-Hairs: Keeping Companies that Advertise on the Internet and App Providers Away from Privacy Regulators and the New Class
Lisa Lifshitz, Chair; Ian Ballon; Andrew Serwin
In the past 18 months, more than 150 putative class action suits have been filed against social networks, mobile application providers, and advertisers
who merely advertise online. This program will teach attendees what they need to know about the latest trends and legal issues relating to privacy
litigation and regulation, including (i) key privacy class action and other litigation and (ii) federal and FTC enforcement of privacy laws in the
social media, mobile, and web 2.0 spaces. Listen to our experts discuss corporate best privacy practices and provide insights on how companies can
minimize and avoid privacy lawsuits as well share tips and strategies should privacy litigation arise.
We will cover enforcement trends with the FTC, including its new focus on the Fair Credit Reporting Act in the mobile and social media space, emerging
issues in class actions involving misuse or loss of data, how social media is used by today's consumers, and issues regarding damages in private
litigation. We will also cover some best practice tips on avoiding litigation, including the use of disclaimers and class action waivers, as well as
emerging issues regarding mobile technology and litigation.
Deploying Tools to Build or Self-Sabotage the Enterprise: How Do We Square Legal Obligations for Cybersecurity with the Increasing Use of Technologies
that Undermine It?
Roland Trope, Chair; Jamie Clark; Tanya L. Forsheit
Our panel will consider how boards of directors may need to address the growing tension between obligations to fulfill cybersecurity legal requirements
and companies' efforts to take advantage of technologies such as mobile computing devices, flash drives, smartphones, social networks, and cloud
computing, each of which increases cyber vulnerabilities.
Tidying Up the Internet: Take Down of Unauthorized Content under Copyright, Trademark and Defamation Law
Susan Stephan, Chair; Jon Garon
As business clients make available an ever-increasing array of online content and services, the specter of liability for inappropriate online content
looms large. Still, federal law protects businesses that adopt appropriate take-down regimes for copyright infringement, defamatory content, and even
improper use of competitors' trademarks. Our presenters will discuss the potential rewards, as well as the risks under federal law, of hosting
user-generated content and using third party sites to promote business content online.
back to top ↑
Other Programs of Interest
March 5: Generic Top Level Domain Names: What the Recent Expansions Mean for Your Brand
March 15: Social Media, Data Privacy, Online Gambling, and Other Hot Topics in Advertising & Promotions
March 28-30: ABA-IPL 27th Annual Intellectual Property Law Conference
The annual ABA-IPL conference will be held in Washington, DC this year. The
includes several sessions on Internet-related issues. Early
registration ends March 14.
May 3-4: ITechLaw 2012 World Technology Law Conference & Annual Meeting
ITechLaw invites you to the
ITechLaw 2012 World Technology Law Conference & Annual Meeting, to be held in
Washington, D.C. at the Ritz Carlton, May 3-4, for an unrivaled program featuring unique sessions led by prominent speakers from around the world.
Members of the ABA Business Law and Science & Technology Sections are eligible to register at the ITechLaw Member & Affiliate level; enter ABA12 as the affiliate code at the prompt during the registration process.
Early Bird Registration savings end March 26.
You can expect a high-level, professional exchange of knowledge and skills related to technology law at this conference, which includes:
- More than 225 industry professionals from over 40 countries;
- 35+ renowned speakers providing in-depth presentations and contributed
- One-on-one discussions with your colleagues from around the globe during the many
networking opportunities throughout the conference.
Grow your global network through the conference's many social events, including a Welcome Reception at the exclusive Cosmos Club on Wednesday, May 2, a
formal, black-tie Gala Dinner on Thursday, May 3, and our Closing Reception following the conference on Friday, May 4. Contact ITechLaw
Member Services or call 1-781-876-6299 for additional information.
Business Law Section Social Media Campaign
The ABA Business Law Section has embarked upon a social media campaign. If you have not yet "liked" the BLS Facebook page, please check it out. You might also want to follow the BLS on Twitter. See https://twitter.com/#!/ABABusLaw.
back to top ↑
Project Updates from the International Trade Subcommittee
John Gregory and Hal Burman, Co-Chairs of the International Trade Subcommittee
The International Trade Subcommittee held a conference call on February 21 to follow up on its discussion at the Winter Working Meeting about the
creation of a survey of activities of international organizations that may affect the law of electronic commerce. The 90-minute call reviewed work
being done at the United Nations Conference on Trade and Development (UNCTAD), the United Nations Commission on International Trade Law (UNCITRAL), the
Association of South-East Asian Nations (ASEAN), Asia-Pacific Economic Council (APEC), Mercosur (South American trade bloc), CARICOM (a Caribbean
states trade bloc), the Organization of American States (OAS), and several African bodies, such as the Trans-Kalahari Corridor.
Annual Survey of Cyberspace Law - Authors Wanted
In the conference call, the subcommittee also considered the results of February's plenary meeting of the United Nations Council for Europe's
Electronic Commerce Trade Facilitation body, UNE/CEFACT, in respect of its Recommendation 37 on interoperability of digital signature systems. This
document had been the subject of some controversy. Thanks to US, Canadian and Russian submissions, as well as remarks from UNCITRAL and the
International Standards Organization (ISO), Recommendation 37 will be subjected to further review by a group comprising all three bodies. This will get
under way in the autumn of 2012, since the UNCITRAL Working Group on E-Commerce does not meet until October. ABA participation and especially that of
Cyberspace Committee members was key to turning this around at the Geneva-based CEFACT organization.
This subcommittee will hold another call, notably on including the work of various standards bodies that may have legal implications, very likely
involving collaboration with the Section of Science and Technology. That call will probably be held on March 15. A previously scheduled call will also
be held that day at 2 p.m.Eastern time to discuss UNCITRAL's work on electronic transferable records, and possibly its work on online dispute
resolution (ODR). Timing of the calls will be confirmed on the subcommittee's
web page; call-in details can be obtained from either co-chair. The
subcommittee's session at the Spring Meeting in Las Vegas will focus on UNCITRAL's work on cross border e-commerce ODR in particular.
The subcommittee is pleased that it gets its acronyms at a bulk rate.
Sarah Jane Hughes, CLC Publications Director
Committee members interested in writing for the 2012 Survey of Cyberspace Law should email BOTH Kristine Dorrain and Sarah Jane Hughes with the proposed subject
and the number of book pages (1.6 double-spaced typed pages with footnotes also double-spaced = 1 book page) that they would like to use for their
pieces. On average, we are looking for pieces that are about 5-10 typed pages, though we will consider pieces of greater length if needed. Kristine and
Sarah Jane will get back to those interested before Spring Meeting and review page assignments and the due dates for initial drafts and follow-up work.
Survey articles should cover the period from May 1 of the prior year (here 2011) to the point at which the first draft is submitted. They need to cover
developments in the law - the more concrete the development is the better. They must be footnoted in compliance with scholarly journal standards, and
citations should conform to the Bluebook. Please review the
taxonomy of topics
if you need help with a topic idea.
Other Publication Ideas Sought
If your subcommittee has an idea for an article in Business Law Today, a non-Survey piece for The Business Lawyer, an article for another
journal, or a book or model contract/form project that the Business Section might publish, please let
Sarah Jane Hughes know as soon as possible.
mCommerce Subcommittee Work Session at BLS Spring Meeting
Ted Claypoole and Richard Balough, mCommerce Subcommittee Co-Chairs
The mCommerce subcommittee will meet on Thursday, March 22, 2012, at the Business Law Section Spring Meeting. The subcommittee will continue with its
planning for development of a paper/presentation on privacy issues concerning mobile devices, that is, cell phones, iPads, and car devices. The
paper/presentation will be designed to assist business attorneys in advising clients regarding:
- How does the collection of data affect my client?
What information may a business collect?
- How may a business use the information collected?
- What must a business disclose if it collects user data?
- How are individuals protected from the inappropriate collection/use of data?
To answer these questions, the subcommittee will need several people to assist in conducting research and completing the paper/presentation. If you are
interested in contributing to this project but cannot attend the subcommittee meeting, contact either
Ted Claypoole or Richard Balough, the subcommittee co-chairs.
back to top ↑
Organization for Security and Co-operation in Europe (OSCE) Releases Report on Freedom of Expression and the Internet
Hank Judy and David Satola, Co-Chairs of Internet Governance Task Force
The OSCE is the world's largest regional security organization with 56 participating States from Europe, Central Asia and North America. The OSCE
Representative on Freedom of the Media commissioned a report to assess whether and how access to and content on the Internet are regulated across the
OSCE region by examining existing laws and practices related to freedom of expression, the free flow of information, and media pluralism. The
comprehensive 238-page report assesses whether and how these provisions are incorporated into national legislation by the OSCE participating States, as
well as the compliance of applicable national Internet legislation and practices with existing commitments under Article 19 of the Universal
Declaration of Human Rights, Article 19 of the International Covenant on Civil and Political Rights, Article 10 of the European Convention on Human
Rights (where applicable), as well as the case law of the European Court of Human Rights. The report is available here.
Preparations Begin for 7th Annual Internet Governance Forum
Hank Judy and David Satola, Co-Chairs of Internet Governance Task Force
The Multistakeholder Advisory Group (MAG) met at the UN Office in Geneva on February 14-16 to
commence planning for the UN's 7th annual Internet Governance Forum (IGF) to be held in Baku, Azerbaijan. The MAG is the body that plans and
organizes the IGF. It consists of 56 members, each participating in his/her individual capacity representing a cross-section of constituencies from
governments, the private sector and civil society, as well as the academic and technical communities. Each year approximately one-third of the MAG
members are replaced, and the current MAG will be reconstituted with its new members at its next meeting in Geneva in May 2012. The theme for the Baku
IGF is "Internet Governance for Sustainable Human, Economic and Social Development." The meeting will include sessions on intellectual property rights,
human rights, freedom of information, "net neutrality," cybersecurity and cybercrime, to name a few. You can find more information about the IGF here.
Updates on Social Media Cases of Note
Erik Pelton, Co-Chair of Marketing & Advertising Subcommittee
The US District Court for the Northern District of California ruled on January 30 that claims by PhoneDog against a former employee regarding use of
the Twitter account set up by the employee were sufficiently pleaded. You can read the court's opinion here.
White House Proposes Online Consumer Privacy Bill of Rights
On January 25, the National Labor Relations Board issued a second report describing social media cases reviewed by its General Counsel. Several of the
employer social media policies reviewed in the report were found to be unlawfully overbroad. Several dismissals based on Facebook posts were found to
be unlawful. For more details, see the NLRB website.
Ted Claypoole and Richard Balough, Co-Chairs of mCommerce Subcommittee
Individual privacy rights would receive some protection online under a proposed "Consumer Privacy Bill of Rights" the White House recently unveiled.
The Bill of Rights would be enforced by the Federal Trade Commission and individual state attorneys general. It would establish "safe harbors" for
businesses that comply with guidelines established as part of an industry initiative.
The 62-page "
Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy
", which incorporates the Consumer Privacy Bill of Rights, noted that privacy protections are critical to maintaining consumer trust in networked
technologies. "When consumers provide information about themselves-whether in the context of an online social network that is open to public view or a
transaction involving sensitive personal information-they reasonably expect companies to use this information in ways that are consistent with the
surrounding contest. Many companies live up to these expectations, but some do not. Neither consumers nor companies have a clear set of ground rules to
apply in the commercial arena. As a result, it is difficult today for consumers to assess whether a company's privacy policies warrant their trust,"
the framework stated. The framework recognizes that consumers have choices on privacy settings and whether to share personal data with others. When
companies provide notice regarding privacy, the notice must be designed for mobile devices. Companies must "strive to present mobile consumers with the
most relevant information in a manner that takes into account mobile device characteristics, such as small display sizes and privacy risks that are
specific to mobile devices."
The Consumer Privacy Bill of Rights provides for the following:
- Individual control. Consumers have a right to exercise control over what personal data companies collect from them and how they use it.
- Transparency. Consumers have a right to easily understandable and accessible information about privacy and security practices.
- Respect for context. Consumers have a right to expect that companies will collect, use, and disclose personal data in ways that are
consistent with the context in which consumers provide the data.
- Security. Consumers have a right to secure and responsible handling of personal data.
- Access and accuracy. Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the
sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate.
- Focused collection. Consumers have a right to reasonable limits on the personal data that companies collect and retain.
- Accountability. Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to
the Consumer Privacy Bill of Rights.
The White House said it will propose legislation to implement the Consumer Privacy Bill of Rights. As well, the Department of Commerce will convene
stakeholder meetings to seek consensus on an appropriate, legally enforceable code of conduct.
The New gTLDs and Legal Resources
David Satola, Co-Chair of Internet Governance Task Force
Here are links to three resources the WIPO Center has compiled for parties interested in learning about ICANN's Legal Rights Objection procedure (which
we hope brand owners and IGOs will not need to invoke!) and the WIPO Center's role:
- An FAQ on "Legal Rights Objections under ICANN's New gTLD Program - Filing a Legal Rights Objection at WIPO: What You Need To Know" ;
- A WIPO Center-produced summary of "Trademark Rights Protection Mechanisms for New gTLDs" ; and
- An updated page (a policy snapshot) on "WIPO Observations on New gTLD Dispute Resolution Mechanisms".
back to top ↑
Presentions and Papers of Interest
Lisa R. Lifshitz, partner at Gowlings Lafleur Henderson LLP, will be speaking on March 26, 2012, at the Federated Press' 4th Cloud Computing
Conference on "Understanding Cloud Computing: The Legal Risks and Components."
Are "Clickwrap" and "Browsewrap" Legally Significant Classifications? A Note on Fteja v. Facebook, Inc. (2012 U.S. Dist. LEXIS 12991, S.D.N.Y. Jan. 24, 2012)
Juliet M. Moringiello, Professor, Widener University School of Law
For over a decade, web site operators have been including forum selection clauses in their terms of service, and for over a decade, the users of those
sites have challenged the enforceability of those clauses, claiming lack of notice. Fteja v. Facebook Inc. is merely the latest installment in
the terms of service enforceability series. Although the court ultimately reaches the right decision on the law, holding that the user was bound
because he performed the acts requested for assent after receiving reasonable notice of the terms, the court seemed to get sidetracked by a possibly
insignificant distinction between clickwrap and browsewrap terms.
Your Name Here
The plaintiff, Fteja, was a member of Facebook who claimed that Facebook disabled his account for discriminatory reasons, causing him hurt feelings,
emotional distress, and damage to his reputation. Some might argue that Mr. Fteja needed to get out more. In any event, he sued Facebook in New York,
and Facebook moved to transfer the action to the U.S. District Court for the Northern District of California. Facebook's terms of service state that
all disputes shall be resolved "exclusively in a state or federal court located in Santa Clara County [California]." Mr. Fteja claimed that he did not
remember agreeing to this clause or any part of the Facebook agreement. Facebook claimed that such a claim was impossible because no one can "become an
actual Facebook user unless and until they have clicked through the registration page where they acknowledge they have read and agreed to" the terms of
Of course, it's possible that both Facebook and Fteja were right, but whether Fteja remembers agreeing to the terms is irrelevant if they were
reasonably communicated to him. Facebook's sign up process requires prospective members to click a sign up button immediately above the sentence "By
clicking Sign Up, you are indicating that you have read and agree to the Terms of Service." That sentence is underlined, indicating that it is a
hyperlink. A person clicking on the hyperlink is brought to the terms of service.
In analyzing the problem, the court quickly jumped to a discussion of clickwrap and browsewrap terms. Terms of service are said to be presented in a
clickwrap format when the user is asked to check a box indicating his agreement to terms that are presented on the same screen as the check box;
browsewrap terms are presented by hyperlink and tend to state that use of the website constitutes assent to the terms. The court then made broad
statements to the effect that clickwrap agreements are enforceable while browsewrap terms often are not unless the parties are both businesses. The
statement about browsewrap may at one time have been true, but it is no longer the case.
court recognized this, yet compared the terms to both the clickwrap and browsewrap formats in order to apply the case law analyzing both. Ultimately,
the court discarded the clickwrap and browsewrap analogies and applied common sense, comparing the hyperlink to paper standard form terms that state at
the beginning, "SUBJECT TO CONDITIONS ON LAST PAGES IMPORTANT! PLEASE READ CONTRACT." That's the right result. As the court recognized, anyone whose
loss of Facebook privileges causes him mental anguish knows enough about web sites to know what a hyperlink means. If he did not read the terms, it's
his tough luck.
So where does that leave the terms clickwrap and browsewrap? About a decade ago, members of this committee published two articles in the Business Lawyer (Christina L. Kunz, et al., Click-Through Agreements: Strategies for Avoiding Disputes on Validity of Assent, 57 Bus.
Law. 401 (2001); Christina L. Kunz, et al., Browse-Wrap Agreements: Validity of Implied Assent in Electronic Form Agreements, 59 Bus.
second group.) The first article provided suggestions for ensuring the validity of terms requiring a click to agree, and the second discussed and
analyzed the then-new case law opining on the validity of terms that did not require a click to agree. The terms clickwrap and browsewrap were
convenient ways to classify the two methods of presentation, but the point of those articles was to give guidance on presenting terms in a way that
would reasonably communicate their existence to offerees. Courts applied a reasonable communicativeness test to standard form paper terms long before
electronic contracts came into being. Some courts faced with electronic contracts, however, embraced the terms clickwrap and browsewrap as ways to
organize the exotic and intimidating world of electronic contracting.
Ultimately, the judge in Fteja recognized the enforceability of Facebook's terms depended on whether they were reasonably communicated, not
whether they could be classified as clickwrap or browsewrap. Many terms today cannot be so easily classified, and individuals today are far more
familiar with how web sites work than they were ten years ago. The judge in Fteja used old-fashioned contract law to rule in Facebook's favor,
showing us once again that the common law of contracts is malleable enough to solve many of today's problems. Courts have long enforced choice of forum
clauses in paper standard form terms, and whether one agrees or disagrees with this result, the issues presented by electronic choice of forum clauses
are no different from the issues presented by those clauses in paper standard forms.
We are always looking for fresh and relevant content for the CLC newsletter. Have you written or presented on something your fellow committee members
would be interested in? Let them know! Email your contribution to committee Communications Directors Cheryl Balough (firstname.lastname@example.org) and Lois Mermelstein (email@example.com).
back to top ↑