Regulatory Rumblings

ANA Joins in Support of Federal Data Breach Legislation

Posted: May 22, 2014 12:00am ET

ANA has joined with fifteen other industry groups to call for Congress to pass federal data breach legislation this year.  The industry letter is available here.

High-profile data breaches recently have increased the focus of policymakers and consumers on data security and privacy issues.  Several data security bills have been introduced in the Congress and at least five congressional committees have held hearings this year on the most recent breaches.  The White House report on “big data” which was released on May 1st called for federal data security legislation.  The time has come for Congress to approve a clear federal standard.  Data security bills have been introduced for several years and jurisdiction is spread across several congressional committees, however no decisive action has taken place.  ANA firmly believes the time for Congressional action is now on this increasingly critical issue.  A unified, federal law that preempts the patchwork of 47 inconsistent state laws would help businesses better comply with data breach standards and ensure the safety of customer data.

European Court of Justice Establishes “Right to Be Forgotten” Online

Posted: May 15, 2014 10:30am ET

A surprising and potentially landmark decision dealing with the future of online privacy was handed down by the European Court of Justice in Luxembourg earlier this week. The case involved a Spanish national who filed a complaint alleging that when his name was entered into Google, the search results displayed links to two articles from 1998 that discussed the auction of his home, which had been repossessed. He contended that Google should be required to remove or hide the links from appearing in a search request, as the cases were resolved and therefore “irrelevant.”

A 1995 EU directive established privacy protections regarding how personal information is processed. It allowed for consumers to request that this data be erased in certain situations.  Based on this directive, the European Court of Justice found that Google is a processor and controller of personal information based on its search function and is therefore required, if asked, to remove links to web pages relating to a person from search results, even if the material contained in those links is true.

In determining when such request should be honored, the court found that a “fair balance” should be sought between the interests of free access to information and the privacy rights of individuals. This balance, the court determined, should be tilted towards the individual’s right to privacy, except in specific cases based on the nature of the information and the interest of the public having the information (such as if it concerns a public figure). If it is found that the inclusion of such links in a search result is incompatible with the rights of the individual, then a right to be “forgotten” exists and the links should be removed.

The case could have major implications on freedom of expression. It lets individuals determine what is presented in a search request online without regard for truth or falsity. It also interferes with the free expression rights of search engines and online publishers to allow legitimate information to pass to end users. Instead, it would require companies like Google or Twitter to serve basically as censors and remove data whenever the subject of the information asks, even if the information about them is true and lawfully published. The information would still exist, but search providers would be prevented from delivering it. It requires the search engines to determine whether to block access to third-party information to which they are merely providing links, asking them to use their judgment rather than any legal process.  

This case also starkly demonstrates the different paths the European Union and the United States are taking on privacy issues. In the United States, such a ruling would most likely never happen due to the strong constitutional protections provided by the First Amendment in favor of free expression. Signals such as these from Europe indicate that the EU may be in the process of taking more strident positions on privacy issues across the board. Advertisers are likely to be drawn in to the debate as the EU moves forward in regard to data privacy and security.

This decision puts many online companies, not just Google, in a precarious position. Will they have to honor European requests to delete information that was lawfully published in the United States? Will Facebook need to “untag” persons in photos that show them engaged in activity they would now prefer to be hidden? How long a period will there need to have passed to make information “irrelevant?” These Solomonic decisions are far from simple. What this decision means for companies that do business in Europe remain to be seen, but is likely to be time consuming, expensive, highly burdensome, and undermine free speech values.

ICANN Delegates First New English Language Top Level Domains

Posted: Nov 11, 2013 12:00am ET

ICANN has released the first nine English-language new Top Level Domains (TLDs). These are not the first new TLDs to be delegated, as four non-Latin script TLDs have been delegated previously. ICANN has said the list of new names will be updated, “as the measured rollout of the new gTLDs progresses over the coming years.” Now is the time for brand holders to take action to protect themselves within the limited trademark protections that have been approved by ICANN. Information about the Trademark Clearinghouse, which will allow brand holders to protect their names, is available here.

We encourage all brand holders to be proactive in protecting themselves in the beginning of this unprecedented expansion of Top Level Domains.

Internet Users Strongly Favor Interest-Based Advertising, Value Tools to Make Choices over their Internet Experience

Posted: Nov 5, 2013 10:15am ET

A new survey released today revealed what we’ve long suspected—people strongly support interest-based advertising on the Internet. They especially support this type of advertising if it means that they won’t have to pay to visit what are now their favorite free ad-supported websites.

According to a new Zogby survey commissioned by the Digital Advertising Alliance, more than 57 percent of respondents said they wouldn’t pay to visit any free, ad-supported site they currently use if those sites converted to a pay model. Fewer than 5 percent of the respondents said they would be willing to pay in order to continue to access the free, ad-funded websites they currently visit. Internet users clearly appreciate that advertising powers the Internet. Advertising levels the market place and information playing fields by providing all consumers with continued access to free content that they currently enjoy.

The poll also shows that Internet users are overwhelmingly supportive of interest-based advertising when they learn about the protections and choices available to them. The more users learn about their choices, the more comfortable they become with interest-based advertising.

The Association of National Advertisers has long believed that consumers should have the ability to make their own choices in controlling their Internet experience. The only way web users can truly control the ads they see is to be empowered to take action to make these determinations themselves. Fortunately, consumers have that ability. The Digital Advertising Alliance, an alliance of advertising interests, maintains a robust program that allows consumers to dictate whether or not they receive interest-based advertisements. Users have the freedom to choose quickly and easily whether or not they would like to receive interest-based ads.

Users can click on the Advertising Option Icon on the corner of a banner ad for more information on the ads they see and choose to opt-out. Not only are users given a choice, but they have the opportunity to learn why they are receiving these ads.  Since its inception in 2010, more than 25 million consumers have visited the DAA coalition’s websites – AboutAds.info and YourAdChoices.com – and only two million of them have taken action to choose to opt out of receiving interest-based advertising.

In fact, today’s survey found that if an ad has the “advertising option” icon, users will feel more comfortable about these ads.  The survey revealed that 73 percent of polled consumers said they’d feel more comfortable with interest-based ads if they knew they had access to the protection that the DAA currently provides with the opt-out and more information links, limitations on data collection, and third party enforcement. By providing users with information on interest-based advertising, companies and brands are only enhancing their advertising power. These findings demonstrate that businesses that participate in the self-regulatory effort engender greater trust from their consumers.

The Internet has brought an unprecedented wealth of free and valuable content, directly supported by revenue generated by serving relevant ads. For the consumer, it’s a service. It is another way for consumers to receive information that is relevant to their specific needs. Consumers are guaranteed ads that are more likely to interest them rather than being inundated with ads in which they have no interest. As the survey found, users are committed to advertising-supported content. By a ratio of five-to-one, users said their favorite Internet sites were supported by advertising (50 percent) rather than subscription fees (10 percent).

Movement Continues Against Patent Trolls

Posted: Oct 28, 2013 4:00pm ET

On Wednesday, House Judiciary Committee Chairman Bob Goodlatte (R-VA) introduced a long-awaited bipartisan bill, the Innovation Act, to combat the growing threat from patent assertion entities (PAEs), often called patent trolls. This bill requires heightened pleading standards for patent suits, including descriptions of which patents are actually infringed, as well as how they are infringed. Transparency is another key element, with the requirement that plaintiffs disclose any party which has a financial interest in the patent at issue, as well as an allowance for defendants to join these other parties in the litigation. There is a cost-shifting mechanism in the Innovation Act that can allow a court to require that the loser pays for the winning side’s litigation fees. In cases where there is litigation between a troll and a manufacturer, cases against end users are stayed until the resolution of the case against the manufacturer. The Innovation Act also expands the Patent and Trademark Office’s post-grant review authority of business method patents, which are frequently the subject of patent suits involving trolls.

Despite the divisions in Congress over a wide range of issues, efforts to limit patent trolling are an area with real momentum on both sides of the aisle. Republican and Democratic co-sponsors of the Innovation Act include, among others, Anna Eshoo (D-CA), Zoe Lofgren (D-CA), Jason Chaffetz (R-UT), and Spencer Bachus (R-AL). Additionally, Senate Judiciary Committee Chairman Patrick Leahy (D-VT) expressed his support for Chairman Goodlatte’s bill and stated that he is continuing to work on patent reform legislation with Senator Mike Lee (R-UT) and others.

Bad news for trolls might also come soon from the country’s highest court. Last month, the Supreme Court granted certiorari in two cases regarding the award of attorney’s fees in so-called “exceptional” patent infringement claims where it is determined that the claims were 1) brought in bad faith and 2) objectively baseless. In Highmark, Inc. v. Allcare Management Systems, Inc., the Court will evaluate whether or not a trial court’s finding that a case was exceptional (resulting in a subsequent grant of attorney’s fees) is entitled to deference at the appellate level. And in Octane Fitness v. Icon Health and Fitness, the Court will examine whether the test for “exceptional” cases used by the U.S. Court of Appeals for the Federal Circuit (which hears appeals of patent cases and creates patent case law) is too strict and, therefore, actually incentivizes trolling lawsuits. Reversals in either of these cases could potentially raise the stakes significantly for trolls in filing claims.

These newer developments all come in the wake of an investigation into patent trolling activities by the FTC, as well as actions against accused trolls by several state attorneys general. While the ultimate fate of the legislation and outcome of the Supreme Court cases remains unclear, patent trolling may soon become a much more risky game to play. We are hopeful that our members will keep us informed of any developments in this area that affect them.

ICANN Should Look Before It Leaps: Part II

Posted: Sep 24, 2013 12:15pm ET

Yesterday, I wrote about the proposal by the Internet Corporation for Assigned Names and Numbers (ICANN) (which manages domain names (DNS) on the Internet) to expand dramatically the number of those names. Rather than the 22 names we all know (e.g., “.com” “.gov”), ICANN now intends to add more than a thousand new names – but so far, without sufficient care about the potential harms to consumers, businesses and Internet users. These concerns about an overly rapid Top Level Domain rollout are very widespread. Governmental entities – and even ICANN’s own subgroups – have identified serious potential harms.  

Here is what some of our leading companies and industries are saying:

So, let’s see: electricity providers; national security experts; telecommunications providers; insurers; Internet users; large manufacturers; national advertisers; and groups representing business generally—these are just some of the entities that stress that we’re not ready for a major deployment of new gTLDs, and that the rush to roll them out will expose consumers, businesses and users of the Internet to major risk of harm.  The concern about ICANN’s plans is growing and very serious. ANA believes ICANN needs to step back, collect more information, and assess the potential implications before delegating new strings into the root. If not, the very stability and security of the Internet will be jeopardized.

ICANN Should Look Before It Leaps: Part I

Posted: Sep 23, 2013 3:45pm ET

The Internet Corporation for Assigned Names and Numbers (ICANN) manages domain names (DNS) on the Internet, and it is planning a dramatic expansion of those names. Rather than the 22 names we all know (e.g., “.com” “.gov”), ICANN now intends to add potentially more than a thousand new names. Unfortunately, as the Association of National Advertisers has been warning for some time, ICANN appears to be rushing to deploy those names without taking the necessary steps to ensure the stability and security of the Internet. The potential harms to consumers, businesses and Internet users could be very serious, increasing the dangers of fraud, deception, phishing, cybersquatting and other cyber harms. Yet ICANN plows ahead on its determined – and potentially very dangerous – schedule.

Various governmental entities have stated real concerns about the DNS expansion. Officials at the Federal Trade Commission (FTC) have said that, “the potential for consumer fraud is great, and that the planned deployment was a “potential disaster.” Commissioner Julie Brill stated at ANA’s Advertising Law & Public Policy Conference, “I remain concerned, as I have been since ICANN first announced its plans, that the expansion could create opportunities for scammers to defraud consumers online, shrink law enforcement’s ability to catch scam artists, and divert the resources of legitimate businesses into litigating and protecting their own good names.” The Chairman of the US Senate Committee that oversees Internet issues, Jay Rockefeller, wrote to ICANN urging that a limited round of domain name deployment be done at first, so as to permit a one-year review period as to its effectiveness. In July, the US Senate Appropriations Subcommittee with jurisdiction over Internet issues called on the Department of Commerce to assess whether ICANN will have in place the necessary security elements to protect stakeholders during the DNS deployment.

Patent Trolls Are Beginning to Meet Sunlight

Posted: Sep 5, 2013 9:15am ET

In July, I wrote about the growing number of legislative proposals that have been put forward in Congress to battle patent assertion entities, more commonly referred to as “patent trolls.” So-called patent trolls get their names by operating much like a troll from folklore. They produce nothing, buy up broad patents, and then hide and wait until the time is right to strike unsuspecting businesses with threats of highly damaging and expensive litigation. Trolls from folklore often meet their end in sunlight. For patent trolls, legislative and regulatory sunlight appears to be the only appropriate remedy. As we await expected major anti-patent troll legislation from Chairman Goodlatte and Chairman Leahy of the House and Senate Judiciary Committees respectively, momentum has begun to build against patent trolling in other areas.

On August 30th, the Government Accountability Office (GAO) released a report on patent infringement litigation. This report found that between 2010 and 2011, the number of patent infringement lawsuits increased by roughly 33 percent. GAO further found that between 2007 and 2011, the number of defendants in patent litigation increased by 129 percent. The GAO determined that up to twenty percent of those suits were brought by patent trolls. This percentage, however, likely did not capture the true magnitude of the problem, as it is important to note that companies often settle with trolls well before a trial or even the filing of a complaint. Most importantly, this report notes that much of the problem in this arena is sparked by the grant of overly broad patents, especially for business method patents relating to software. A number of the pending legislative proposals would help to remedy this problem. This report will certainly provide momentum to efforts already underway.

State Attorneys General also have begun to indicate a willingness to step in to stop patent trolls. On August 20th, Minnesota Attorney General Lori Swanson announced a settlement with a patent troll known to some as the “scanner troll.” This entity claimed to own a patent on scanning office documents to e-mail and targeted a number of businesses with demand letters threatening litigation if it was not paid $1,000 or more for each employee using the technology. Some of these letters even contained a draft complaint in an effort to increase the threat. Under the terms of the settlement, the company may not send further demand letters without the prior permission of the Attorney General’s office and may not grant its patent rights to any other entity unwilling to comply with these terms. Vermont Attorney General Bill Sorrell also filed a lawsuit against this same patent troll in May alleging unfair business practices under Vermont’s Consumer Protect Act.

The FTC has also indicated its willingness to step into the game. Chairwoman Edith Ramirez has stated that she believes the FTC should use its Section 6(b) investigative subpoena authority to determine whether or not patent trolls may be committing unfair business practices.

The abuse of the patent system by so-called trolls is harmful to innovation and economic growth. The American Intellectual Property Law Association found that patent litigation can cost as much as $650,000 for smaller claims, and as much as $5 million for larger claims. When costs of settlement to avoid litigation were factored in, the White House Report stated that as much as $29 billion was paid by companies to patent trolls in 2011. While recent actions by Attorneys General indicate a growing willingness to fight back against abusive practices, the GAO Report demonstrates that broader reform is needed to help provide the sunlight necessary to put a stop to the “trolling industry.” ANA is continuing to work hard as a part of several coalitions to ensure that such reform happens as soon as possible.

ICANN is Falling Short of its Mission to Protect Internet Security and Stability

Posted: Aug 28, 2013 2:30pm ET

Name Collision is a major concern for global brands and consumers as ICANN prepares to roll out more than 1,000 new web site suffixes or top level domains (such as .hotel, .buy, .bank, .sucks, and .gripe). Name collision occurs when new top level domains (TLDs) are identical to internal company domains, which can lead to major conflicts that could raise significant security and stability issues for the Internet.

ICANN’s preparations for this deployment have been woefully inadequate. ANA, which represents the interests of major global advertisers, has long expressed concerns about ICANN’s persistent rush to deploy these domains before it has adopted sufficient protections for consumers and brandholders. To date, those protections have been anything but sufficient.

ICANN itself has recently raised red flags that it may not fully know the true ramifications of a roll-out of new TLDs by stating that as many as 20% of all of the proposed TLDs present a large potential risk for name collision.  A recent 3rd party report commissioned by ICANN admits that the chance of clashes is significantly larger than ICANN initially suggested. 

What is more concerning is that the third-party report readily admits that the data only counted the number (and not the types) of potential name clashes, which means ICANN has virtually no data to determine whether delegating new TLDs could interrupt important public safety communications, government web traffic, e-commerce applications, internal corporate communications or just casual web traffic.

Yesterday, ANA sent a letter to ICANN strongly expressing its concerns, stating that “ICANN must know what underlying services could potentially ‘break’ on the Internet to begin to gauge risk” before rolling out any new TLDs. ANA’s member companies are working to determine if clash issues are present within their networks. However, ANA has hundreds of members that must generate new data to determine the potential service failures on their respective network. These issues are highly technical, complex, and they will take more time than ICANN has allowed for a thorough assessment.

It is extremely disappointing that ICANN is forcing companies to rush to conduct this analysis when ICANN has been aware of clash issues since 2009.

ICANN’s failure to determine adequately the extent of the problem means that many companies are only now learning about these clash issues on the eve of the planned new TLD deployment. 

ANA calls on ICANN to fulfill its mission to maintain Internet security and stability in the public interest and postpone the rollout until the full extent of name collisions can be determined.

ANA Requests Extension of ICANN Comment Period on Name Collision Mitigation Proposals

Posted: Aug 9, 2013 1:30pm ET

Today, we sent a letter to ICANN President & CEO Fadi Chehadé asking for an extension of the public comment period for proposals to mitigate name collision risks. In our letter, we argue that the current due date for comments, August 27th, is wholly insufficient given the amount of time needed by stakeholders to run a full technical analysis of possible risks, as well as the fact that many companies are currently short-staffed due to summer vacations. We call for the comment period to be extended to November 1, 2013 and for the reply comments to be due on November 22, 2013.

Companies who are in agreement with these views should strongly consider sending requests for an extension of the comment period as well.

On a related note, Verisign has responded to the letter it received from NTIA on August 2, 2013. This exchange of letters provides interesting background on the security issues which prompted ICANN’s recent release of a third-party report on name collision risks in new Top Level Domains earlier this week.

<< 123456 >>

About This Blog

Focuses on all federal and state government and legal initiatives that threaten national advertisers' freedom of commercial speech. The blog is penned by Dan Jaffe, the ANA's Group Executive Vice President, Government Relations, who also heads the trade association's Washington office.