MobiU2012 Summit: Mobile Class Action Litigation & Privacy - by Sedgwick

MobiU2012 Summit: Mobile Class Action Litigation & Privacy - by Sedgwick

• 1.
  Mobile Marketing LegalRisks 2.0 David S. Almeida, Partner, Sedgwick LLP Twitter handle: @almeidage; Company handle: @sedgwickllp Event hashtag #MobiU2012 Presented by the Heartland Mobile Council
• 2.
  #MobiU2012, @almeidage @sedgwickllp Overarching Themes  Increasing focus on privacy by FTC, FCC, Congress & Plaintiffs’ lawyers  Prevailing sentiment is that companies slow to enact proactive measures  Patchwork quilt of potentially applicable laws = very confusing and treacherous state  Plaintiffs’ lawyers assert ill-fitting theories because law lags technology
• 3.
  #MobiU2012, @almeidage @sedgwickllp Privacy Overview - Basics Fair Information Practice Principles (FIPP)  Notice - What information will be collected and how used  Choice/Consent - Options for use/sharing, opt-in v opt-out  Access - Consumer options to review, update, delete information  Security - Measures taken to protect and secure data
• 4.
  #MobiU2012, @almeidage @sedgwickllp Many, Many, Many Laws & Regulations Potentially Apply A veritable alphabet soup of laws and agencies that either explicitly or implicitly regulate privacy, including: 1. The FTC Act (Section 5) 2. State Unfair and Deceptive Practices Acts 3. State Privacy Laws, incl. Breach Notification req 4. CAN-SPAM 5. TCPA, FCC regulations & Do-Not-Call Rules 6. Children’s Online Privacy Protection Act 7. Gramm-Leach-Bliley Act 8. Computer Fraud and Abuse Act 9. HIPPA / HITECH Act 10. Video Privacy Protection Act 11. Fair Credit Reporting Act (FCRA) & Fair and Accurate Credit Transactions Act (FACTA)
• 5.
  #MobiU2012, @almeidage @sedgwickllp Inaddition to numerous federal laws, also have to contend with state law  46 states, the District of Columbia, Puerto Rico, and the Virgin Islands each have their own security breach notification law  The only states without a security breach law in place are Alabama, Kentucky, New Mexico and South Dakota
• 6.
  #MobiU2012, @almeidage @sedgwickllp FTC Suggested Best Privacy Practices The Federal Trade Commission Act 5 – 45 U.S.C. 45(a)  Section 5 of the FTC Act prohibits “[u]nfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce . . . .”  Imposes a standard of reasonableness for conduct relating to breaches - Audit - Data Minimization - Take reasonable steps to protect PI - Train employees - Accurately disclose - Monitor web applications - Easy to understand privacy policy
• 7.
  #MobiU2012, @almeidage @sedgwickllp “Protectthe consumer, and you protect the opportunity” — Michael Becker, Managing Director for North America, Mobile Marketing Association 1. Protect consumers’ privacy 2. Give consumers choice in terms of timing and method of engagement 3. Provide CLEAR AND CONSPICUOUS NOTICE to consumers of what they can expect when they engage in marketing program, including information re: opt-out
• 8.
  #MobiU2012, @almeidage @sedgwickllp “Thescreen is small, but section 5 [of the FTC Act] still applies.” -- FTC Commissioner Brill  Geo-targeting • Location, Location, Location • Brown v. Google & Gupta v. Apple  App-based • In re iPhone Application Litigation  Online tracking • Behavioral advertising • Google, Microsoft and many others  Mobile, Social Commerce & other e-commerce claims • Gift buying, daily deal sites (expiration date cases) • FACTA & Song-Beverly
• 9.
  #MobiU2012, @almeidage @sedgwickllp Mobile: Different LEGALLY from Other Forms of Marketing 1. Requires affirmative consent (opt-in); most other forms of DM do not (CAN-SPAM, for ex, opt-out) 2. Lack of sufficient space for adequate disclosures (hashtags, links) 3. Absence of uniform national regulations or laws (courts apply TCPA (passed in ’91) to mobile) 4. Cost – consumers complain that unlike other forms of DM, SMS actually costs them $ (in addition to privacy concerns)
• 10.
  #MobiU2012, @almeidage @sedgwickllp TelephoneConsumer Protection Act (TCPA)  Originally passed in 1991  Broadly applicable to direct marketing via calls, faxes and texts  Recipients May File a Lawsuit on Behalf of a Class of Similarly Situated Persons (a Class Action Lawsuit) Seeking:  Actual monetary damages incurred or  $500/per violation or $1,500 for each ―willful‖ violation.  No cap on amount of ―damages‖ recoverable (unlike many other consumer protection statutes)  For certain judges, plaintiffs’ burden on proving willfulness is very easily met
• 11.
  #MobiU2012, @almeidage @sedgwickllp A Text is a Call Under The Law Satterfield Satterfield v. Simon & Schuster, Inc. 569 F.3d 946 (9th Cir. 2009) Nextones.com • Whether a text message is a “call” under the TCPA? • Whether text was sent with plaintiff’s Mobile Information “prior express consent”? Access Co. Ipish! Simon & Schuster
• 12.
  #MobiU2012, @almeidage @sedgwickllp Satterfieldv. Simon & Schuster, Inc. • 9th Circuit reversed MTD and held that a text is a “call” under TCPA • Plaintiff did not give ―prior express consent‖ to Simon & Schuster to text her • Case ultimately settled: creation of a $10M settlement fund with plaintiff’s attorneys receiving $2.7M
• 13.
  #MobiU2012, @almeidage @sedgwickllp Mobile Marketing Lawsuits 2.0 • SIGNIFICANT FRANCHISOR/EE ISSUES • Recent Jiffy Lube Settlement - b/t $35M and $47M in cash & services - $17.29 gift certificates or $13 cash • Question of control – Dominos, Taco Bell & PH
• 14.
  #MobiU2012, @almeidage @sedgwickllp Isa Friend Forwarded Text a Call Under the Law? • Depends – no court has ruled yet • Case in Florida involving largest Pizza Hut franchisee • We assert that a decision by a mobile subscriber to input a friend’s number and send them a text is not an automated telephone dialing system as required under the law
• 15.
  #MobiU2012, @almeidage @sedgwickllp Increased Regulatory Scrutiny of Robo-calling Mobile Phones FCC Regulations • Recent FCC Final Rule (effective July 11, 2012) requires prior express consent for “autodialed or pre-recorded non- telemarketing calls to wireless numbers” • If a telemarketing call (promotional) consent must be in writing • MANY, MANY class actions filed since
• 16.
  #MobiU2012, @almeidage @sedgwickllp RecentFTC Enforcement Actions
• 17.
  #MobiU2012, @almeidage @sedgwickllp Increasing Focus on Apps (particularly children-focused apps) Privacy and Apps  FTC Report on Children’s Apps – “DisAPPointing”  Lack of privacy policies for kids apps  California Online Privacy Protection Act applies to apps (requires the posting of a privacy policy)  FTC Business Guidance to app developers (9/5/12)  Emphasis on complying with FIPP  http://www.ftc.gov/opa/2012/09/mobilapps.shtm
• 18.
  #MobiU2012, @almeidage @sedgwickllp Privacy Concerns with Promotions • Post privacy policy on any page data is collected & in provided a link in contest rules • Only collect data necessary & only use data for contest entry and to notify winner • Do not auto enroll customers into loyalty programs • If entrant is a member of loyalty program, don’t connect data
• 19.
  #MobiU2012, @almeidage @sedgwickllp What’s next? • Continued focus on mobile privacy and geo-location issues • Mobile Device Privacy Act (introduced Sept. 2012) • Other federal privacy bills introduced • Plaintiffs’ class action bar too remain incredibly active • Very attractive cases ($500 to $1,500 per violation, without having to prove actual damages)
• 20.
  #MobiU2012, @almeidage @sedgwickllp Key Takeaways  Privacy policy and terms of use • Clear and prominent disclosure of data sharing, protection practices • Express consent based on disclosure  Class Action Waiver • Clear and conspicuous • Cannot substantively modify without notice to user  Easy to access, store and delete PI  Disclosure of marketing partners (Shine the Light law)  Strong indemnity agmts from vendors &affiliates
• 21.
  #MobiU2012, @almeidage @sedgwickllp
• 22.
  #MobiU2012, @almeidage @sedgwickllp Contact Information David Almeida, Sedgwick LLP • 312.849.1985 • [email protected] • LinkedIn: • www.linkedin.com/in/davidsalmeida • twitter.com/almeidage Digital Media Law Blog: http://digital-media-law.com
• 23.
  #MobiU2012, @almeidage @sedgwickllp About Sedgwick Sedgwick provides its clients with informed corporate and transactional advice, effective litigation strategies, and long-term litigation avoidance counsel. With more than 350 attorneys in offices throughout North America, Bermuda* and Europe, Sedgwick’s collective experience spans the globe and virtually every industry. For more information about Sedgwick, its attorneys, and its services, visit the firm’s website at www.sedgwicklaw.com.
• 24.
  #MobiU2012, @almeidage @sedgwickllp Disclaimer • This presentation is for general informational purposes only and is not legal advice. The evaluation of legal issues always depends on specific facts and circumstances. This presentation should not be used as a substitute for competent legal advice from a licensed attorney. • Your use of this presentation does not create an attorney-client relationship. Please do not send us any confidential information by email or otherwise as your communication will not be privileged and may be subject to compelled disclosed to other persons.