Dave discusses the legal pitfalls that all brands should be aware of when running a mobile campaign. He will also cover the court precedents that are important to how mobile campaigns should be run to prevent legal action, particularly class action lawsuits. All brand owners should attend to ensure they are protecting their brands in the current wild wild west setting of mobile marketing and legal.
VIP Call Girls Pune Kirti 8617697112 Independent Escort Service Pune
Â
MobiU2011 Lecture: STRAT131 Mobile Legal Implications - Sedgwick LLP
1. Presented by the Heartland Mobile Council
Legal Landmines in “Mocial” Marketing
David S. Almeida, Partner, Sedgwick LLP, @almeidage @SedgwickLLP
Event hashtag #MobiU2011
2. #MobiU2011, @almeidage @SedgwickLLP
 Primarily, a litigator; defending companies faced with class action lawsuits
over their marketing and data security policies and practices
 Also, counsel clients on best practices for direct, mobile and other forms
of marketing, as well as on use of social media, mobile commerce, privacy
and data security
Focus & Representative Clients
3. #MobiU2011, @almeidage @SedgwickLLP
 Mobile (text, sites, apps, commerce)
o Laws, Lawsuits, Ways to Defend, Ways to Avoid
 Social
o FTC Guidelines, Investigations
o Social & Mobile Commerce
 Privacy, including Geolocation & Information Sharing
 Best Practices for Minimizing Risk
Overview/Agenda
4. #MobiU2011, @almeidage @SedgwickLLP
Lawyers Are Not All Bad
 Focus on lawyer as business partner
 Legal should not be seen as an obstacle
 Can add value to “Mocial” marketing
campaigns that go beyond risk avoidance
and mitigation to customer
satisfaction/retention
 Knowledge of applicable laws & regs will
help build campaigns that focus on
consumers’ desires & expectations, and
keep you out of trouble
5. #MobiU2011, @almeidage @SedgwickLLP
 Choice and Privacy exist in partnership
 Obtain opt-in and opt-out preference and desired frequency for your
customers and respect those choices
 The consumer has chosen you based on your representations (policies) and
told you how they want to interact with you
 Compliance entails meeting both the legal and responsibility requirements
6. #MobiU2011, @almeidage @SedgwickLLP
— Michael Becker, Managing Director for North America, Mobile
Marketing Association
1. Protect consumers’ privacy
2. Give consumers choice in terms of timing and method of
engagement
3. Provide CLEAR AND CONSPICUOUS NOTICE to consumers of
what they can expect when they engage in marketing
program, including information re: opt-out
“Protect the consumer, and you protect the opportunity”
7. #MobiU2011, @almeidage @SedgwickLLP
Many, many, many laws & regulations potentially apply
 Laws either explicitly or implicitly regulate particular channels of
marketing, including:
1. The FTC Act (Section 5)
2. State Unfair and Deceptive Practices Acts
3. CAN-SPAM
4. TCPA and FCC regulations
5. Do-Not-Call Rules
 Generally speaking, US’ laws are channel specific (TCPA, CAN-SPAM,
etc…), whereas many other countries’ laws are broader and cover many
channels (i.e., regulate privacy generally as opposed to channels
specifically)
 Increasing focus on marketing practices by FTC, FCC, Congress &
Plaintiffs’ lawyers
 If you don’t voluntarily and proactively comply, either government
(FTC) or plaintiffs’ lawyers will come calling
8. #MobiU2011, @almeidage @SedgwickLLP
Telephone Consumer Protection Act (TCPA)
 Originally passed in 1991
 Broadly applicable to direct marketing via calls, faxes and texts
 Recipients May File a Lawsuit on Behalf of a Class of Similarly Situated
Persons (a Class Action Lawsuit) Seeking:
o Actual monetary damages incurred or
o $500/per violation or $1,500 for each “willful” violation.
o No cap on amount of “damages” recoverable (unlike many other consumer
protection statutes)
o For certain judges, plaintiffs’ burden on proving willfulness is very easily met.
9. #MobiU2011, @almeidage @SedgwickLLP
Recent explosion in amount of
marketing dollars spent on mobile
marketing campaigns, including:
 Text messaging (SMS, MMS)
 Mobile Websites
 Applications
 Location Based
 QR Codes
Mobile Marketing: The TCPA’s Next Frontier
10. #MobiU2011, @almeidage @SedgwickLLP
Mobile: Different LEGALLY from other forms of marketing
1. Requires affirmative consent (opt-in); most
other forms of DM do not (CAN-SPAM, for
ex, opt-out)
2. Lack of sufficient space for adequate
disclosures (hashtags – good enough ?)
3. Absence of uniform national regulations or
laws (courts apply TCPA (passed in ’91) to
mobile)
4. Cost – consumers complain that unlike
other forms of DM, SMS actually costs
them $ (in addition to privacy
concerns)
11. #MobiU2011, @almeidage @SedgwickLLP
 Facts
o Plaintiff received a single text
message advertising publication of
Stephen King’s “The Cell”
o Plaintiff alleges that she granted
permission to Nextones.com and
affiliate brands, but not to Simon
& Schuster, the brand & the
defendant (and, most imptly, the
perceived deep pocket)
 Issue
o Whether a text message is a “call”
under the TCPA?
o Whether text was sent with
plaintiff’s “prior express consent”?
Satterfield
Mobile Information
Access Co.
Nextones.com
Ipish!
Simon & Schuster
Satterfield v. Simon & Schuster, Inc., 569 F.3d 946 (9th Cir. 2009)
12. #MobiU2011, @almeidage @SedgwickLLP
 9th Circuit reversed MTD and held that a text is a “call” under TCPA
o TCPA does not define "call" (passed in 1991)
o FCC considers both voice and text to fall under the “to make any call” language of TCPA
o Legislative History: TCPA enacted to curb transmission of unsolicited telemarketing calls
 Plaintiff did not give “prior express consent” to Simon & Schuster to text
her
o Calls exempt under 47 USC § 227(b)(1)(B) with consent
o Simon & Schuster was not an affiliate of Nextones.com; affiliates construed narrowly
o Consent too attenuated / need to be direct consent
 Case ultimately settled: creation of a $10M settlement fund with
plaintiff’s attorneys receiving $2.7M
Satterfield v. Simon & Schuster, Inc.,(cont’d)
13. #MobiU2011, @almeidage @SedgwickLLP
Abbas v. Selling Source, LLC, 2009 WL 4884471 (N.D. Ill. 2009) &
Lozano v. Twentieth Century Fox Film Corp., Case No. Civ. 09-cv-
6344 (N.D. Ill)
 Recipient of text need not be charged
o Language of 47 U.S.C. § 227 is ambiguous as to whether a charge is required
o TCPA amended to provide that FCC “may, by rule or order, exempt . . . [calls] a cellular
telephone service that are not charged”
o Implication from amendment is that charge is not required; there are also privacy
concerns
 Equipment sending text need not be an ATDS
o Text sent from an institutional sender without personalization
o Sufficient to allege sender had “capacity” for random or sequential generation; to
withstand dispositive motion and get to discovery
 First Amendment and void for vagueness are likely not viable
defenses
 20th Century Fox case settled for $16M
14. #MobiU2011, @almeidage @SedgwickLLP
 Plaintiff filed suit on behalf of a putative class of similarly situated
persons alleging that he received 10 unsolicited text messages in
violation of the TCPA
 Defendants argued the “prior express consent” requirement of the
TCPA did not apply to text message cases (because language was
passed in 1991 – well before text messages)
 Court said no; defendants disregarded “ample evidence” that the
TCPA applied with equal measure to “both voice calls and text calls to
wireless numbers.”
 Takeaway - “Defendants are obligated to examine FCC guidance and
court decisions that address express consent for automated
marketing under the TCPA.”
 Makes clear that mobile marketing requires express consent, not just
implied
Kramer v. Autobytel, Inc.
15. #MobiU2011, @almeidage @SedgwickLLP
 Question of consent is narrowly construed – thus, when contacting
customers via mobile, a marketer must independently determine that
the permission-basis for the contact encompasses the specific
communication that the marketer intends to transmit
 HUGE mistake to rely exclusively on a vendor’s opt-in list
o Must build consent list with single or double opt ins
o Timely honor opt-outs, “STOP”
 Very impt to build indemnification language into all contracts with
vendors and affiliate marketers; however, those provisions only as
valuable as the financial viability of those entities
 Keep records – if possible – to substantiate consent (tricky with
verbal consent)
Consent Issues
16. #MobiU2011, @almeidage @SedgwickLLP
 Typically filed in state court
 Standard for removal to federal court varies by jurisdiction
 All circuits permit removal to federal court based on Class Action
Fairness Act of 2005 (“CAFA”) & diversity jurisdiction:
o CAFA
o Class of plaintiffs 100 or greater
o Minimal diversity (1 plaintiff diverse from 1 defendant)
o Amount in controversy exceeds $5 million
o Diversity Jurisdiction – 28 U.S.C. §1332
o Amount in controversy exceeds $75,000 for single plaintiff
o Complete diversity between plaintiff and all defendants
 Cases are tough to defend, but winnable on existing business
relationship exemption under FCC regulations, offer of judgment or
defeating class certification (superiority, predominance etc…)
.
Defending TCPA claims
17. #MobiU2011, @almeidage @SedgwickLLP
 Number of texts x $ amount per transmission 10,000 x $500-$1,500
 Total settlement fund amount $5,000,000
 Incentive award for class representative $5,000-$10,000
 Attorney’s fee (generally 1/3 of settlement amount) $1,650,00
 Notice costs <$500
TOTAL COSTS INCURRED BY DEFENDANT $1,658,000 (avg)
BEFORE OPENING UP CLAIMS PERIOD
In theory, the remaining funds $3,342,000 should be paid to class members, but. . .
Economics of a TCPA Class Action.
18. #MobiU2011, @almeidage @SedgwickLLP
 Claims-Made Settlement
o Pay claimants only if submit valid claim form (typically, 5-7% opt-in rate)
o Defendant retains funds thus keeps any unclaimed monies
o So, in above scenario, $3.3M Fund, 5% opt-in rate (500 claimants), pay out $167,100
to class members, left with a $3.175M residual
o Significant carrot offered by Plaintiff’s lawyer to encourage early settlement and lots
of attorney’s fees
 Settlement Fund
o Administered by third party claims administrator (an extra $25-50k)
o Residual not returned to Defendant
o Cy Pres: "as near as possible,” courts basically give the remainder away
o In the above scenario, defendant basically forced to settle because of risk of losing
nearly $3.2 M
Structure of Class Settlement: BIG Difference
19. #MobiU2011, @almeidage @SedgwickLLP
 Huge aspect of TCPA cases; insurance companies and courts split on duty
to defend and to indemnify TCPA class actions
 Plaintiffs’ lawyers “creatively plead” around insurance exclusion by
alleging more than a TCPA violation
o Thereby, Plaintiff ensures insurance company involvement – a deep pocket to pay for
settlement or judgment
 Often, 2 for the price of 1: Declaratory judgment actions by insurers
 Impt takeaway – carefully review all potentially applicable insurance
policies, declarations and exclusions (and those of your marketing
partners)
Additional resource:
http://sedgwickmail.com/ve/ZZ2661j6782R71877292T/VT=0/page=1
Insurance Aspect of TCPA Cases
20. #MobiU2011, @almeidage @SedgwickLLP
Evolving Media Landscape
 Business is Moving to Social Marketing, Quickly (this is not news)
o 20% of marketing dollars to social media by 2015*
o 60% of Fortune 500 now have Twitter accounts, up from 35% in 2009 **
 Social Communications – New Dynamics
o Real-time engagement
o Two-way communications
o Multiple sources of information & influence
 Risks & Opportunities
o PR nightmares
o Protect brand equity
o Scaling social media efforts
o Transparency & accountability
o Increased regulatory requirements
o Social media policies & governance
*eMarketer 09/2009 **Center for Marketing Research University of Massachusetts Dartmouth 2010
21. #MobiU2011, @almeidage @SedgwickLLP
Regulatory Environment
"As a practical matter, social media is now a regulated industry; and all
stakeholders are responsible for compliance with the FTC Guides. As a
result, all marketers, agencies, and brands must develop a 'culture of
compliance' where the vocabulary of risk management is a central aspect
of an advertising strategy.”
– Tony DiResta
General Counsel of WOMMA
"If law enforcement becomes necessary, our focus will be advertisers, not
endorsers – just as it’s always been.”
– FTC Factsheet on Update to Endorsement Guides
22. #MobiU2011, @almeidage @SedgwickLLP
The FTC has been extremely active in policing companies’ data security and
collection practices to ensure compliance with their posted policies.
Chitika
Costs of settlements go far beyond fines and CMPs; rather, extensive corrective
action plans are typically part of any FTC or OCR settlement (not to mention
class action litigation costs)
Additional resource:
http://digital-media-law.com/2011/07/08/recent-ftc-settlements-provide-
guidance-on-data-security-failure-to-secure-pi-can-be-an-unfair-or-deceptive-
practice/
Extremely Activist Regulatory Environment
23. #MobiU2011, @almeidage @SedgwickLLP
FTC Requirements
 Disclose & Inform
o Disclosures must be clear & conspicuous
o Advertisers and agencies are liable
o Create a process that ensures a culture of compliance
between advertisers, employees, agencies and
influencers
 Document & Monitor
o Must know what your influencers are saying
o Process & procedures must be documented
 Follow Up & Takedown
o Expectation is not that you will catch everything but
you must be responsive and proactive in addressing
required compliance
All material connections must be disclosed with documented process
25. #MobiU2011, @almeidage @SedgwickLLP
Risks of Non-Compliance
 Regulatory Action
o Significant legal costs
o Penalties and settlement terms
o Potential for erosion of brand trust
 Court of Public Opinion
o Consumers, Bloggers,
o Social media backlash
o Blacklisting
 PR Nightmares
o Scandals
o Reports & investigations
o Bad press & negative opinions
26. #MobiU2011, @almeidage @SedgwickLLP
The Challenges of Compliance
 Short, Simple, Clear & Conspicuous
o Space limitations - 140 Characters or less
o Universal & recognizable
 Maintain control across multiple influencer channels
o Active monitoring for compliance
o Ability to follow-up and take down
o Ensure proper use of disclosures – enforce policies
 Scale Challenges
o Monitor for omitted disclosures / compliance at influencer level
o Understand the context of specific messages/posts/tweets
o Document follow up actions
o Archive audit trail data of all program activities
 Management Challenges
o Communicate policies and document participant acceptance
o Multiple programs, brands, agencies, stakeholders, platforms
27. #MobiU2011, @almeidage @SedgwickLLP
How Are People Addressing This?
 Ignorance is not bliss
 Your agency *might* handle it
 Listening vs. understanding
 Ad-hoc compliance solutions / Hashtags
 Site-wide disclosures
 Background & Profile Disclosures
 Contests & Promotions
 Affiliate marketing programs
29. #MobiU2011, @almeidage @SedgwickLLP
FTC Preliminary Privacy Report Issued in December, 2010
“All companies involved in
information collection and
sharing on mobile devices –
carriers, operating system
vendors, applications and
advertisers – should
provide meaningful
choice mechanisms for
consumers.”
30. #MobiU2011, @almeidage @SedgwickLLP
Mobile Data, Commerce Lawsuits
 Mocial – wealth of information – where you are, who your friends are,
what you like
 Concerns over what info is collected? From whom? When? How?
o Is it personal identifiable info?
o Is it personal info?
o Recent changes to privacy
o policy at Groupon – a good
o idea
31. #MobiU2011, @almeidage @SedgwickLLP
4 broad categories of legal claims
 Geo-targeting
o Location, Location, Location
o Coupling Location w/ Context, w/ Behavior
o Brown v. Google & Gupta v. Apple
 App-based
o In re iPhone Application Litigation
 Online tracking (through phone’s web browser and resultant behavorial
advertising)
o Google, Microsoft, and many others
 Mobile, Social Commerce
o Gift buying, daily deal sites (expiration date cases)
32. #MobiU2011, @almeidage @SedgwickLLP
Geo-location legislation
Many, many geo-location privacy bills introduced recently
Federal Lawmakers Introduce Geolocation Bills: Main Themes
are Consent & Transparency
http://digital-media-law.com/2011/07/08/federal-lawmakers-
introduce-geolocation-bills-main-themes-are-consent-
transparency/
33. #MobiU2011, @almeidage @SedgwickLLP
Seven Self-Regulatory Principles
1. Education
2. Transparency
3. Consumer Control
4. Data Security
5. Material Changes
6. Sensitive Data
7. Accountability
34. #MobiU2011, @almeidage @SedgwickLLP
Some say industry self-regulation futile …
 Frustration w/ slow pace of privacy self-regulation leads to lawsuits
 Thus, defenses to Mobile Data Collection Cases …
o Lack of a Legally Cognizable Injury (no standing to sue)
o Consent
o End User License Agreement
o Privacy Policies
o Statute-specific defenses
o Video Privacy Protection Act
o Stored Communications Act
o Electronic Communications Privacy Act
35. #MobiU2011, @almeidage @SedgwickLLP
Data Breach Litigation & Costs
*January 2011 Ponemon Institute Study
 The Heartland Payment Systems breach disclosed in January 2009 has
affected over 250,000 merchants and 500+ financial institutions.
Fourteen lawsuits have been filed against Heartland. $65 Million Visa
Settlement Rejected by attorneys.
 TJX reached a $40.9 Million settlement agreement with banks that
processed credit card transactions. This represented only a fraction of
the $256 million+ cost of the breach.
Of the 78% of Fortune 1,000 U.S. entities that have reported a data
breach*:
80% of breaches = total insurable amount < $1,000,000
15% of breaches = total insurable amount $1,000,000 - $20,000,000
5% of breaches = total insurable amount > $20,000,000
*January 2011 Ponemon Institute Study
36. #MobiU2011, @almeidage @SedgwickLLP
Cost Timeline of a Breach
 Recognize breach
 Determine extent of breach, number of records
lost, type of information lost
 Review federal and state statutes - actions
necessary in breach response
 Notification, forensics, credit monitoring, credit
restoration
 Potential regulatory fines and penalties incurred
 Vendor fines and penalties incurred
 Third party litigation, settlements (credit
monitoring, damages, etc…), legal fees, pr issues
37. #MobiU2011, @almeidage @SedgwickLLP
Source: Ponemon Institute, Five Countries: Cost of Data Breach , Apr 2010
0
50
100
150
200
250
US Germany France Australia UK Average
214
177
119
114
98
142.4
Cost of Data Breach
38. #MobiU2011, @almeidage @SedgwickLLP
KEY Takeaways
 Carefully review Terms of Use and Privacy Policies for accuracy
and compliance
 Inform consumers what data collected & how use
 Plain English – consumers must know what they are signing up
for
 Do what you say you will do – honor representations in stated
policies
 Indemnity Provisions – any time dealing with 3rd parties – if
buying a list, if managing opt-outs, if hosting an application
 Periodically audit websites for hidden tags, cookies – need to
know what you are doing, what data you are collected and why
42. #MobiU2011, @almeidage @SedgwickLLP
Sedgwick provides its clients with informed corporate and transactional
advice, effective litigation strategies, and long-term litigation avoidance
counsel. With more than 350 attorneys in offices throughout North
America, Bermuda* and Europe, Sedgwick’s collective experience spans
the globe and virtually every industry. For more information about
Sedgwick, its attorneys, and its services, visit the firm’s website at
www.sdma.com.
About Sedgwick
*Associated office.
43. #MobiU2011, @almeidage @SedgwickLLP
This presentation is for general informational purposes only and is not
legal advice. The evaluation of legal issues always depends on specific
facts and circumstances. This presentation should not be used as a
substitute for competent legal advice from a licensed attorney.
Your use of this presentation does not create an attorney-client
relationship. Please do not send us any confidential information by
email or otherwise as your communication will not be privileged and
may be subject to compelled disclosed to other persons.
Disclaimer
Editor's Notes
Ponemon Institute conducts independent research on privacy, data protection and information security policy.
Ponemon Institute conducts independent research on consumer trust, privacy, data protection and emerging data security technologies