There are over 330 million domain names supporting over 1.8 billion websites having a unique hostname on the internet right now. But who owns each of these? There are many reasons one may want to identify the owner or operator of a particular domain or website. In addition to law enforcement and cyber security, owners of IP need to be able to enforce their rights against illegal use of their IP or bad faith domain name registration and use. For example, if your trademark is being infringed by its use on a particular website, you would want to be able to identify the owner, send a cease and desist, and/or sue. Somewhat similar to registering a home or motor vehicle, domains or websites are typically registered and information useful to identifying the individual responsible for the domain or website has, historically, been publically available.

WHOIS is a system established in the 1980s, as the modern internet was emerging. It is used to look up domain registrations in databases that store the registered users or assignees of, e.g., a domain name or IP address. Currently, the name, mailing address, phone number, and administrative and technical contacts of those owning or administering a domain name must be made publicly available through WHOIS, pursuant to the Internet Corporation for Assigned Names and Numbers, or ICANN. WHOIS is not an independent database, but rather relies on third-party accredited entities to manage data and registration. According to ICANN, it is “committed to implementing measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, subject to applicable laws.” Id.

Enter the General Data Protection Regulation, or GDPR, which is a European Union data protection regulation that will apply to any company that transacts with EU citizens, regardless of the location of the business. The GDPR requires any business that collects any personal data to request explicit permission from the subject before using that data. Personal data is defined as any information that can be used to directly or indirectly identify that person, e.g., a name, photo, email, computer IP address, etc. Under the GDPR, enterprises must limit access to personal data to only authorized individuals that specifically require access to that data. The penalties for violations are significant – up to 20 million Euros or more – and there are no exceptions for enterprise size or scope. Id. The GDPR goes into effect May 25, 2018.

ICANN has been struggling to identify a proposal that bridges the gap between the requirements of the GDPR and the access to WHOIS information. The proposals, thus far, do not do enough to assuage the fears of the third party entities that manage WHOIS data that their actions of publishing information to WHOIS are sufficient and justifiable. On the other hand, brand owners and other WHOIS users are concerned that the proposal takes an unjustifiably conservative approach. Thus, ICANN expects a WHOIS blackout period starting May 25, 2018. Going forward, there may be significantly less publicly available information to conduct enforcement investigations, send cease and desist letters, or prepare and file suit.

Online brand enforcement is about to become much more difficult if not, in some cases, nearly impossible.

March Madness always brings about trademark enforcement-related news.  What we generally don’t see is news about a participating school submitting trademark applications while the basketball tournament takes place.  But according to numerous articles last week, including this one in the Baltimore Sun, the University of Maryland Baltimore County hadn’t sought trademark registrations prior to securing the first upset of a #16 seed over a #1 seed two weeks ago.  After that historic victory, however, the University asked attorneys to file trademark applications for the phrases “16 over 1,” “UMBC Retrievers,” and “Retriever Nation”—which the Baltimore Sun poignantly characterized as capitalizing on the University’s “skyrocketing commercial cachet.”  Given the immediate increase in university bookstore apparel sales, the University’s quick response to that newfound cachet is more than timely.

Contrast UMBC’s recent trademark enforcement efforts with those of Iowa State University, which we’ve previously covered on this blog.  As a reminder, Iowa State University had refused to continue to license university trademarks to two of its students and their chapter of the National Organization for the Reform of Marijuana Laws because the organization was using the university’s mark on pro-marijuana t-shirts.  That dispute raised issues of the interplay between trademark licensing principles for public universities and students’ First Amendment rights, the latter of which the federal court found was trump.  Last week, in addition to the $150,000 emotional distress damages and $193,000 in legal bills already awarded, the judge approved another $598,208 in attorneys’ fees and costs, bringing the total cost to state taxpayers to almost $1 million.

These quite varying anecdotes serve as a reminder that it isn’t just public and private companies that think and care about trademark enforcement—universities do too, even if they’re late to the party.

The Copyright Act grants the owner of a copyright certain rights, including the right to reproduce, to distribute, and to perform and display the copyrighted work. 17 U.S.C. § 106. However, these rights are limited by other sections of the statute. One such limitation to the distribution right is known as the “first sale doctrine,” which states, “the owner of a particular copy or phonorecord lawfully made [] is entitled, without the authority of the copyright owner, to sell or otherwise dispose of the possession of that copy or phonorecord. Id. at § 109(a). For example, if you purchase a DVD at the store, you own a particular copy of a copyrighted work. You can resale the DVD, give it away, or destroy it without infringing the copyright owner’s right of distribution. The same is true for any number of copyrighted works fixed in a variety of mediums, e.g., a CD, cassette, vinyl record, book, photograph, art print, etc. But what about digital content? That is, can you resell a song or movie you lawfully purchase and download?

The United States Copyright Office (“USCO”) has acknowledged digital content differs from traditional physical copies of works. In 2001, the USCO stated that with traditional physical copies, the natural degradation of works (e.g., scratches, fading, etc.) and “the need to transport physical copies of the works” “act as a natural brake on the effect of resales on the copyright owner’s market.” The USCO further stated that these limitations no longer exist with digital transmissions. “Digital information does not degrade…. [and] time, space, effort and cost no longer act as barriers to the movement of copies, since digital copies can be transmitted nearly instantaneously anywhere in the world with minimal effort and negligible cost.” In addition, the USCO recognized the product of a digital transmission “is a new copy in the possession of a new person” and thus the recipient “obtains a new copy, not the same one with which the sender began.” For example, when we email or text a photo, we retain our “particular” copy while the recipient receives a new copy.

In Capitol Records, LLC v. ReDigi Inc., the court, relying in part on the USCO’s report, found that it was impossible to digitally transfer the “particular” copy purchased; any digital transfer creates a new copy of the work, even if the original file is deleted during the transfer. First, the court found the new copy violates the copyright owner’s reproduction rights, to which the first sale doctrine is not a defense. Second, because the thing being sold is an unlawful reproduction and not the “particular” copy originally purchased, the first sale doctrine does not protect such a distribution. In another recent case, the court held that the first sale doctrine was inapplicable until a particular physical copy of copyrighted work was downloaded. Disney Enterprises, Inc. v. Redbox, Automated Retail, LLC (declining to extend the first sale doctrine to the reselling of a digital code that would allow a user to download a copy of the copyrighted work). That is, in order for the first sale doctrine to likely apply the copyrighted work must physically exist as a digital copy but once downloaded, it probably cannot be digitally transferred without creating an unlawful reproduction.

The court in Capital Records also held the owner of a copyrighted work may sell, gift, or otherwise dispose of the hard drive, iPod, or other memory device onto which the digital file was originally downloaded. This solution may alleviate the numerous concerns expressed by the USCO in 2001. However, by forcing the user to dispose of their digital content in this manner it forces the user to dispose of at least part of their electronic device, which in all likelihood includes digital copies of multiple copyrighted works. In other words, in order to be protected by the first sale doctrine the owner of the copyrighted work must dispose of significantly more than he or she initially bargained for.

As digital downloads increase in popularity, the importance of this issue will continue to grow. The Second Circuit, where the Capital Records case is currently on appeal, is poised to give us further guidance by creating the first circuit level case law on digital first sale. However, when the Digital Millennium Copyright act was introduced nearly 20 years ago, it was acknowledged that this was “only the beginning of Congress’ evaluation of the impact of the digital age on copyrighted works.” Ultimately, it may again be time for Congress to evaluate this impact.

McDonald’s Twitter account on March 8, 2018

Today is International Women’s Day. As a way to celebrate, McDonald’s has flipped their iconic golden arches upside-down. The arches, one of the most recognizable logos, have been physically flipped in one California location but can be seen on McDonald’s social media channels. Putting aside the effort to flip the California sign, by simply rotating its logo on social media McDonald’s was able, whether intended or not, to accomplish several marketing and advertising objectives. First, the move helped bring further awareness to an inspiring campaign; a great way to enhance brand identity and perception. Second, it created plenty of buzz and free publicity with news outlets in the U.S. and around the world picking up the story. Third, while the change was significant enough for people to take notice, it was not significant enough to cause any brand confusion. That is, consumers could still quickly identify the source.

This move serves as a great reminder that companies can use their brand identity, including their logos and other trademarks, in creative new ways to accomplish a variety of goals. Today, McDonald’s has helped to make sure that International Women’s Day and its objectives are a part of our global conversation. I’m loving it and I’m sure McDonald’s is too.

Failing to have adequate substantiation for advertising claims can land companies in hot water.  Case in point: The Federal Trade Commission (“FTC”) recently announced that it had settled charges against a company and its CEO related to their advertising of anti-aging products using what the FTC believed were false or unsubstantiated claims.  According to the FTC’s Complaint, Telomerase Activation Sciences, Inc. and Noel Patton (“TA Sciences”) lacked scientific evidence to support claims that their topical cream product and capsule/power product provided certain anti-aging and other health benefits.  Specifically, the FTC alleged that it was false, misleading, or unsubstantiated for TA Sciences to make the following representations about one or both products:

  • reverses aging;
  • prevents and repairs DNA damage;
  • restores aging immune systems;
  • increases bone density;
  • reverses the effects of aging, including improving skin elasticity, increasing energy and endurance, and improving vision;
  • prevents or reduces the risk of cancer;
  • decreases recovery time of the skin after medical procedures.

Additionally, the FTC alleged that TA Sciences made misrepresentations related to a paid program being independent and educational, related to consumers in its ads being independent users, and in promotional materials provided to other marketers.

The FTC alleged that TA Sciences’ conduct violated section 5(a) of the Federal Trade Commission Act, which prohibits unfair or deceptive acts, thus allowing the FTC to bring suit to enjoin such conduct.  The FTC’s suit alleged counts of (1) false or unsubstantiated efficacy claims, (2) false establishment claims, (3) deceptive format, (4) deceptive failure to disclose material connections with consumer endorsers, (5) false independent users claims, and (6) means and instrumentalities to trade customers.  The FTC’s proposed settlement order prohibits TA Sciences from making a number of representations related to these counts.  It also requires TA Sciences to notify purchasers of the products at issue about the FTC settlement order.  After a period of public comment, the FTC will decide whether to make the order final.

Of course, companies should ensure that they have adequate substantiation for advertising claims, whether health-related or otherwise.  As a reminder, the FTC requires that advertisers have a reasonable basis for advertising claims before disseminating them.  For more information regarding claim substantiation, review the FTC Policy Statement Regarding Advertising Substantiation.

Earlier this week, the Federal Trade Commission (“FTC”) announced a settlement with PayPal, Inc. over allegations that Venmo, a PayPal-owned mobile payment and social networking application, misled customers on issues relating to account transfers and privacy settings and enabled fraud through inadequate security practices.

Founded in 2009, Venmo lets users easily transfer money to one another and share information regarding such payments through a social network feed.  From a user perspective, Venmo operates a lot like any other major social media network, letting users “pay” each other in the same way you “tag” a friend in an Instagram post.  Thanks to its familiar social media-style interface and the ease with which it lets users split everyday expenses like bar tabs and rent payments, Venmo quickly became a favorite among millennials and college students.

According to the FTC, however, Venmo’s perceived simplicity was deceptive.  In a complaint originally filed against Venmo-parent PayPal in 2016, the FTC alleged that Venmo’s notification policy misled consumers and constituted a “deceptive or unfair practice” under Section 5(a) of the Federal Trade Commission Act.  Under the policy, Venmo notified users that funds were credited to their account before Venmo had reviewed and verified the underlying transaction.  According to the complaint, this practice resulting in unexpected delays and reversals.  It also created an ideal environment for fraud.  By falsely conveying to sellers that transactions had cleared, scammers were able to buy goods and services with fake or fraudulent information, leaving sellers with nothing when the transactions were ultimately reversed.

The FTC further charged that Venmo misled consumers about the privacy of information about their transactions.  Under the application’s default settings, whenever a user pays or is paid through the application, a description of the transaction and its participants is shared with all of the user’s “friends” in a social networking feed.  While Venmo offers privacy settings that let users limit who can view their transactions, it failed to accurately explain to users how those privacy settings actually work.

Additional charges alleged that Venmo misrepresented the extent to which consumers’ accounts were protected by “bank grade security systems” and violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules.

“This case sends a strong message that financial institutions like Venmo need to focus on privacy and security from day one,” acting FTC chairman Maureen Ohlhausen said in a statement.  “Consumers suffered real harm when Venmo did not live up to the promises it made to users about the availability of their money.”

For businesses dealing directly with consumers, this case underscores the importance of taking your duty to educate consumers about your product seriously, especially when it comes to how customer information will be used.  Such businesses should regularly review disclosures and other consumer-facing messages to ensure they are not only accurate but also consistent with reasonable consumer expectations.  And whenever costumers are given options as to how their information will be used, make sure those options are clearly conveyed and, perhaps most importantly, honor their choices.

If anyone was still unsure, Kylie Jenner recently proved that a tweet or post from a social media influencer can have a profound impact. Accordingly, companies are increasingly collaborating with social media influencers to promote their brand. This partnership has become quite lucrative for both parties. For example, a recent Forbes article found that influencers could charge $3,000 to $5,000 per post, while some more sought-after influencers were commanding upwards of $25,000. Influencers could also charge anywhere from $20,000 to $300,000 for a campaign or partnership, depending on the number of followers and the social media platform used. Likewise, a 2015 survey by Tomoson found that, on average, “[b]usinesses are making $6.50 for every $1 spent on influencer marketing.” Influencer campaigns have even resulted in products immediately selling-out.

But what happens when an influencer’s post infringers on the intellectual property rights of another?

The relationship between influencers and a business can vary widely. In some instances, businesses oversee and orchestrate the social media posting, almost akin to directing a commercial. In other scenarios, businesses request final approval before the posting is made public. In still other scenarios, the influencer is not given concrete direction or required to get approval for the posting, i.e., the influencer is free to promote the brand as they wish. Business and influencers should be aware of different liability concerns in each scenario.

One of the first cases in this arena was a suit brought by Ultra Records against influencer Michelle Phan for allegedly using background music in her postings without prior permission. While the case eventually settled, it raised the real concern of copyright infringement concerns in influencer advertising and marketing campaigns. As this emerging avenue of advertising and marketing grows in scope and profitability so will the lawsuits. When contracting in any scenario, parties should make sure to address liability concerns for any potential IP infringement. Businesses and influencers should think twice before making their next post and make sure the works and rights of others are not being used without permission. Perhaps more importantly, the parties should take proactive steps to address who will be liable in the event infringement does occur.

Social media bots may seem like a futuristic phenomenon or something belonging only in the TV series “Homeland,” but they’re already here affecting businesses and individuals online.

Last month, the New York Times reported on its investigation into the selling of fake Twitter followers and retweets by an American company named Devumi, which it estimates has at least 3.5 million automated Twitter accounts and at least 55,000 of which that impersonate real people.  These individuals probably have no idea that Devumi purportedly uses their names, profile pictures, etc. to create automated accounts to sell to celebrities, politicians, businesses, and others looking to boost their following online.

According to a related New York Times article, there have been a number of both federal and state inquiries into fake social media account practices such as these, including an investigation that the New York Attorney General’s office opened last month into Devumi’s practice of using stolen identities to sell fake accounts, which it believes would constitute illegal impersonation and deception.  Social media companies, on the other hand, appear to be grappling with how to best enforce their policies and handle fake user accounts, which can have a significant influence on businesses, politics, and consumer behavior.  And influencers themselves, who may believe they are buying legitimate followers, are likely left with questions of their own.

Today’s presence of social media bots requires companies to be even more cognizant of certain practices online.  Although social media can be a powerful tool in any company’s advertising or marketing plan, companies need to be careful for example when considering whether and how to purchase social media followers.  And, as always, companies should avoid any online practices that appear illegal or fraudulent.

It was that time of year again—when everyone looks forward to watching commercials and debating which companies hit and which companies missed.  Yes, Super Bowl LII happened yesterday and there was no shortage of funny, sad, strange, and intriguing ads during the commercial breaks.  What those of us in Minnesota also learned was that advertising surrounding the Super Bowl is not limited to those made-for-tv commercials.  Indeed, the Minnesota Super Bowl Host Committee planned a 10-day extravaganza in downtown Minneapolis that featured not only NFL and Super Bowl-related advertising, but a number of company-sponsored ads, tents/booths, and activities.  The Host Committee also created the “Bold North” tagline, which was featured all over downtown and on various types of merchandise.  According to a recent article in the Twin Cities Pioneer Press, a small group of Host Committee members came up with the tag line three years ago and it stuck.  To see how the Host Committee utilized this tag line as a brand, take a look at the Minnesota Super Bowl website.

In what may be the final installment of a series of blog posts related to the Lanham Act’s disparaging trademark ban and its effect on the Washington Redskins’ trademarks, the Fourth Circuit finally issued a decision in the Redskins’ case.  When the United States Supreme Court ruled last June in a case involving the Slants rock band that section 2(a) of the Lanham Act was unconstitutional, the fate of the Washington Redskins’ trademarks became clear.  But it took until yesterday for the Fourth Circuit to officially weigh in.

68951198 – washington redskins nfl team on white

In yesterday’s simple one-page decision, the Fourth Circuit vacated the lower court’s ruling (which affirmed the U.S. Patent and Trademark Office’s earlier order) that six of the team’s trademarks violated section 2(a) of the Lanham Act.  In other words, as expected, the Fourth Circuit issued an order in line with the Supreme Court’s decision that the disparaging trademark ban is unconstitutional and cannot bar the registration of an allegedly disparaging trademark.  As part of its ruling, the Fourth Circuit dispensed with oral argument and remanded the case to the lower court for further proceedings consistent with the Supreme Court’s decision.  Given that the remand is merely a formality at this point, the Washington Redskins may now finally feel closure on the issue (though in true procedural fashion, the Fourth Circuit’s Notice of Judgment does confirm that there is 90 days to file a petition for certiorari to the Supreme Court).

To trace this blog’s history of this interesting trademark issue, check out blog posts here, here, here, here, here, here, here, here.