At the annual California State Bar Meeting on September 17, 2011, I had the honor of presenting a CLE panel on “Online Privacy 101: Who’s Watching You?” with Ian Ballon (who wrote the treatise on Internet Law), and the co-chairs of the state bar Business Section’s Cyberlaw Committee, Robert Hawn and Tony Vittal.
My section of the presentation covered “Social Networks.” To illustrate the good and bad of the overshared generation, I led off with “G-Male,” a parody of what a virtual boyfriend constructed from all the information Google has collected about you might be like:
My part of the presentation covered some basic legal concepts that will only grow in significance as social networks continue to infuse every aspect of our lives, from our most private messages to the daily news headlines. These topics are:
1. Misappropriation of Name and Likeness Rights to control the use of one’s name and likeness become increasingly important as countless online community startups try to construct business models based on building social networks and monetizing against them. I discussed the 2007 case of Susan Chang v. Virgin Mobile USA, from the Northern District Texas (documents available at Justia.com). The Chang case is a good illustration of the difference between intellectual property rights (here, copyright that was waived through opting in to Creative Commons) and rights of publicity (here, the identifiable image of a little girl that was the subject of the picture used for Virgin Mobile advertisements without permission).
2. Impersonation Two fundamental schools of thought about Internet culture inevitably clash regarding impersonation. One school of thought holds that anonymity is sacred on the Internet, and that users should be able to construct a coherent (or even ephemeral) online identity. There are valid use cases for this, such as for victims of abuse or members of alternative communities that might otherwise be harassed. The other school of thought holds that online life is an extension of real life, and that it is important to verify each user’s identity to hold users accountable for their online actions.
I discussed Tony LaRussa’s case against Twitter (Good luck to you in the World Series, Tony) and the California Legislature’s new addition to the California Penal Code for malicious impersonation online, Penal Code Section 528.5.
3. Social Gaming and the Children’s Online Privacy Protection Act (COPPA)
It’s really, really important to know the laws about collecting user’s private information, especially in the case of children. As demonstrated by Playdom and Howard Mark’s May 2011 $3 million dollar settlement with the FTC. That’s a lot of Pony Stars.
Unfortunately, you can tell a lot about what people in a society are doing by looking at what they have outlawed. In July 2011, California amended Education Code 32261(a) to specify that acts of bullying through social networks qualify as bullying and can be disciplined in the schools. Which is a good opportunity to remind you that October is Bullying Prevention Month.
5. Computer Fraud and Abuse Act (CFAA)
This is such a broad law that it has recently been used in a variety of unexpected ways. I discussed the case of Pulte Homes v. Laborers’ International Union, in which the 6th Circuit upheld the employer’s claim that a union’s campaign to bombard and disable the employer’s email and telephone servers was an actionable violation of the Computer Fraud and Abuse Act.
6. Data Scraping and the Future of Online Reputation
There is an explosion of new data scraping sites vying to collect all your online information and push it to the top of search results for your name. I tested a few of them before the presentation to see how accommodating they were with requests to remove data. This promises to be a cutting-edge area for legal development, as the first two audience questions were about online reputation repair companies such as Reputation Defender and what, if anything, can be done about negative reviews on ratings sites.
Slides of the presentation below: