Internet Law Archives

There are several major websites offering “outsourcing” opportunities, or hiring someone to do some work for you.  Elance is a popular site.  Outsource is a new and up and coming site.

The typical job posting is for work to be done with payment being made on a flat fee basis or per hour.

Many of the jobs posted qualify as employment related work, such as a recent posting I saw for basically secretarial and assistant work in the United States for $4 to $7 an hour.

The problem …

This violates US minimum wage laws, and probably a slew of state wage laws.

If you are going to hire freelance workers make sure it is a real independent contractor position.  Outsourcing websites are not a place to hire cheap employees in circumvention of wage laws.

You could end up on the wrong end of an expensive lawsuit by the employee, and owing significant fines and penalties from government authorities, if you hire someone to perform employee functions online.

 

 

 

A mugshot website is one which collects booking photos from jails and prisons and then shows them on the website.  Since the photos are taken by a public agency they are often considered a public record.

To make money the mug shot website then charges a fee to have the photo removed.  The fees can sometimes run in the hundreds of dollars or more, and once a person pays one website they may find their photo popping up on other websites – each demanding a fee to remove the embarrassing photograph.

Effective January 1, 2015, Senate Bill 1027 removes the ability to profit from booking photos in California.

Civil Code Section 1798.91.1 is adopted, which reads:

 

(a) For the purposes of this section, the following
definitions shall apply:
(1) "Booking photograph" means a photograph of a subject individual taken pursuant to an arrest or other involvement in the criminal justice system.
(2) "Subject individual" means an individual who was arrested.
(3) "Person" means a natural person, partnership, joint venture, corporation, limited liability company, or other entity.
(4) "Public entity" means the state, county, city, special district, or other political subdivision therein.
(b) It shall be unlawful practice for any person engaged in publishing or otherwise disseminating a booking photograph through a print or electronic medium to solicit, require, or accept the payment of a fee or other consideration from a subject individual to remove, correct, modify, or to refrain from publishing or otherwise disseminating that booking photograph.
(c) Notwithstanding subdivision (b), a public entity may require and accept a reasonable administrative fee to correct a booking photograph.
(d) Each payment solicited or accepted in violation of these provisions constitutes a separate violation.
(e) In addition to any other sanctions, penalties, or remedies provided by law, a subject individual may bring a civil action in any court of competent jurisdiction against any person in violation of this section for damages in an amount equal to the greater of one thousand dollars ($1,000) per violation or the actual damages suffered by him or her as a result, along with costs, reasonable attorney's fees, and any other legal or equitable relief.
(f) The jurisdiction of a civil action brought pursuant to subdivision (e) shall also include the county in which the subject individual resides at the time of the violation of this section.

 

Questions and Answers:

 

Does the California mugshot law prevent websites from posting mugshot photos?

No.

 

Does the California mugshot law prevent websites from demanding payment to remove the photos?

Yes.

 

Does the California mugshot law require that websites remove the mugshot photos?

No.

 

Does the California mugshot law prevent websites from accepting payment for removal of the mugshot photos?

Yes.

 

What if I want to pay to have my mug shot photo removed from a website?

Too bad.  The ironic aspect of the law if even if you unilaterally send money for removal, without any request, a website can have liability for accepting your payment.  The result is the law may forever harm you because there is no incentive for websites to remove mug shot photos.

Note that the mugshot websites have other possible means of monetizing their site other than removal fees.  Such as general banner advertising.

The result of the law is even if you feel you are being defamed by a photo and you want to pay to have the picture removed, it will not be removed.  The harm to your career, reputation and person and will outweigh the cost of removing the mug shot a million times over.  The legislative analysis reflects this issue was considered but the legislature decided it was more important to withhold money from websites than to protect your privacy and reputation.

There are, fortunately, creative ways to get around the law and legally pay to have your mugshot removed.  With this short, but very concise $10 report, you will get 3 ways to circumvent the California mugshot law.  Attorney prepared and this is the only place on the Internet where you will find these methods.  Go Here to Order.

 

Does the California mugshot law apply to booking pictures taken in California of a person who lived in another state at the time the mug shot was taken?

No, if the mug shot website is not based in California.  If the website is in California then there may be jurisdiction a California court can assume for the website’s activities.

 

Does the California mugshot law apply to booking pictures taken in California of a person who lived in California at the time of the mug shot but has since moved out of state?

No, if the mug shot website is not based in California.  If the website is in California then there may be jurisdiction a California court can assume for the website’s activities.

 

Does the California mugshot law apply to booking pictures taken in another state of a person who was a California resident at the mug shot was taken, if the mugshot was posted after the person moves to another state?

No, if the mug shot website is not based in California.  If the website is in California then there may be jurisdiction a California court can assume for the website’s activities.

 

Does the California mugshot law apply to booking pictures taken in another state of a person who has moved to California after their mug shot was taken?

Yes.  The legislative analysis suggests there is an intent to protect California residents regardless of where the mugshot website is located.  However, there is likely a very good defense that activity legal in one state cannot be made illegal simply because a person moves to California in order to invoke this law and file a lawsuit.

 

Does the California mugshot law apply to websites based out of California?

Yes.  The legislative analysis suggests there is an intent to protect California residents regardless of where the mugshot website is located.  However, many other California laws purport to have such broad reach and constitutional issues prevent the courts from acting.  In other words, California cannot legislate that its laws apply to the worldwide Internet.

 

Does the California mugshot law violate the First Amendment?

Answer: This one will need to be decided by the courts, although the legislative analysis notes similar laws have been enacted in about five states (with laws introduced in another fourteen) and presumably that has been litigation to decide this issue.  Commercial speech is typically afforded less First Amendment protection, but the issue here is not a direct restriction on speech.  Mugshots can be posted.  The question is whether a fee can be charged to remove the mugshot, which is an obvious indirect attempt to prevent websites from exercising their right to post and profit from public information.

 

Does the California mugshot law apply to my arrest record, or the fact of my arrest?  What if I was not convicted of a crime?

No.  The new law only applies to booking photographs.  It does not apply to the fact of an arrest, it does not apply to an arrest record, it does not apply to any criminal charges being considered filed – even if charges were never filed – even if you were found innocent of any crime.

 

What will be the practical result of the law?

More websites base their operations offshore so they are untouchable, and they increase the fees charged to remove mug shots.

 

I Need an Attorney:

Please contact attorney Brian Kindsvater via his website contact form available at www.kindsvater.com.

 

If you would prefer to get the 3 ways to circumvent this new law so that you can legally pay to get a website to remove your mugshot, thus saving your reputation, go here for the quick report that tells you exactly what to to.   Only ten bucks, our attorney prepared this report, and you will not find this information and strategies anywhere else.

 

privacy policy update

 

 

 A privacy policy template is available in the private members area for Internet Marketing Law Center members.

As with any privacy policy, this is only a template which should be adapted for your own specific needs.  The template, however, includes needed provisions to comply with legal requirements in 2015.  For example, the privacy template has provisions required by California if your website markets to California residents.

In addition to legal requirements, the template includes:

– A common privacy policy applicable to most websites

– References to common issues webmasters will want to disclose to their visitors

– Section for specific issues relative to your can be inserted or deleted

Members can also make use of the IMLC relevancy pledge where if they need a form, but do not find it in the members area, they can request it and it will be uploaded for all members to use.

 

 

 

A new law in California makes it illegal, with up to a $12,500 fine for a first violation, to include in a contract for the purchase of consumer goods or services a term prohibiting or penalizing the consumer from making a statement about their purchase:

AB*2365 * Assembly Bill*– CHAPTERED

What has happened and why the new law?

Some businesses have not been happy with online reviews on places like Yelp. To deter bad reviews their online purchase contracts include a “non-disparagement” clause which says the consumer cannot make any disparaging comments about the company, employees, or products, and if they do have to pay penalties of thousands of dollars. Some businesses have sued customers who wrote negative reviews about them.

California has now banned the practice and the ban cannot be waived. The law should go into effect January 1, 2015.

What is disparagement?

If you state something negative or that puts someone in a negative light, even if truthful, that is disparagement.

If you state something factually false, which is defamatory, you could still be sued for defamation.

My office has for years not allowed clients to sign contracts with non-disparagement clauses because they are litigation traps. Almost anything can be considered disparaging. I have seen someone claim a statement that a product was “good” be considered disparaging because they did not say it was “great”.

If you are using “generic forms” not coming from an attorney, be sure to check your terms. Non-disparagement terms can be common boilerplate you may not even realize are in your terms.

Does this apply if I am not in California?

Possibly, if you are selling goods to California consumers. You will want to be sure your website / purchase terms state the law of your state applies and the contract is being entered into in your state.

What do do

Check your legal terms if you are selling consumer goods or services (not business to business products) to see if there is a clause prohibiting the buyer from making disparaging comments. If so, delete it. Even if you are not in California, the bad publicity caused by a term trying to avoid bad publicity can be brutal. 

Internet Marketing Law Center Customers

If you are using IMLC forms you are fine.  Your contracts do not include non-disparagement terms.

 

I once issued  a report explaining how bad legal terms could not only invite lawsuits, they could put you in jail.

Right now you are getting a brief overview of what not to do.

The reason for this post is I woke to an email about a product supposedly creating instant legal pages – which promises to protect you from “any danger” and which, ironically, notes attorneys go around reviewing legal terms and filing lawsuits if you biffed your contract.

The product is by a marketer – no legal experience I am aware of – and reviewing his legal terms, which are apparently based on the product, saw not only an incredible hodge podge of gunk, but the issue I had warned about. This, my friends, is why you get legal advice from a lawyer.

Here’s the issue: arbitration.

If you don’t the know the pros and cons of arbitration you have no business putting an arbitration clause in your legal terms. It could destroy you. Or, it could save you.

One issue is arbitration can be exceedingly expensive. In one case I have now in arbitration the arbitrator’s fee is almost $30,000.

Depending on the issues and time involved, the cost could be less or more. In the last several arbitrations I have had, if there was one thing the attorneys agreed on it was the cost of arbitration is out of control and everyone was re-reviewing client clauses. The cost of arbitration is not being outweighed by a faster proceeding which reduces attorney fees.

Worse, for some issues as a matter of law there is no cost splitting. If you have an arbitration clause in your contract you may be paying the full amount. If you need to make a claim against someone you pay the $30k. IF SOMEONE INITIATES A CLAIM AGAINST YOU – YOU PAY THE $30K.

Do you see where this could quickly go south?

What this means is if you put in an arbitration clause requiring each party to pay one-half the arbitrator’s fees it could avoid litigation if the other side cannot afford it. If there is a consumer, employment or other legally protected issue you may get to pay it all with no cost splitting and no cost shifting no matter who wins. 

Here is how this can play out. 

Example 1: Company includes an arbitration clause in a contract. Years later a dispute arises and they go arbitrate, only to discover how much it costs. To avoid the cost they file a lawsuit in court where the filing fee is only a couple hundred dollars. An objection is raised to the court action due to the arbitration clause. The judge agrees, snuffs out the court action and issues an order requiring the company to pay for arbitration. Now the company is in a tough spot – either paying a lot of money for arbitration or being in contempt of a court order and potentially facing daily fines and/or jail time. The company paid money to settle.

(I once saw someone forced into bankruptcy because they couldn’t afford to pay the attorney fees to fight off the daily fines issued by a judge.)

Example 2: Company includes an arbitration clause in a contract. The party they are dealing with breaches the agreement and the amount of the loss is roughly $20,000. The company is looking at paying more than that just to arbitrate the issue. The other side knows it and offers a small fraction to settle knowing the company will otherwise go further in the hole it if tries to get its money back.

In one ironic twist, a major company with an arbitration clause was facing so many expensive arbitration demands that it sued in court to try and stop customers from making arbitration demands.

There are additional legal complications I saw in the non-attorney TOS, some of which have not been resolved in the courts. That’s the last thing you want – disputed issues that can create years of expensive appeals in the courts – before you even get to arbitration.

One could say if you blindly get and use legal terms from a marketer and wreck your life and your business, you get what you deserve. I say it’s one thing to lose $37 buying a bad IM product. It’s another to lose life altering tens of thousands of dollars. 

The Virginia court of appeals has ruled in the case of Yelp v. Hadeed Carpet Cleaning, that Yelp must divulge identifying information it has about seven people who posted negative reviews about Hadeed Carpet Cleaning.

Does this mean every time a company does not like a negative review it can file a lawsuit and issue a subpoena to find out who made the review?  No.  That would certainly squelch many negative reviews, and thus put a chill on those wanting to exercise their First Amendment Rights anonymously without fear of retaliation from the business.  This ruling may end up having that effect, but this is what the court said.

Anonymous speech is protected by the First Amendment.  This rule applies on the Internet.  The First Amendment thus protects a person’s right to speak anonymously, and to remain anonymous even though someone disagrees with what they said.

The right of free speech, including the ability to remain anonymous, is not absolute.  Defamatory statements, which by definition are false, are not protected by the First Amendment.   There are also lesser free speech rights when the subject is a commercial matter, as contrasted with political or religious speech.

In Virginia, for a business to issue a subpoena unmasking an anonymous person, it must file a lawsuit, show a good faith basis that a tort has likely been committed, and provide notice to the anonymous person that a subpoena about them has been issued (the website is required to notify the user) so that they can respond and defend themselves anonymously.

Hadeed Carpet Cleaning claimed the reviewers were not actual customers.   It was not able to identify the reviewers from its records.  If they are not actual customers then the reviews would be defamatory.  One of the requirements for posting a review on Yelp is that the person be an actual customer of the business.

Since Hadeed needs the names to proceed with its defamation lawsuit, a subpoena was necessary.  The court agreed and ordered Yelp to turn over the information.

Bottom line: a business needs more than just disagreement about a review to be able to find out who posted the review.

Ironically, Yelp itself has sued those making false reviews.  Yelp helps itself to the private information about its users – the same type of information Hadeed Carpet Cleaning wanted to use to pursue its defamation claim.

 

 

2014 legal issues

 

 

 

If you own a website that collects information, such as an email address or purchasing information, your biggest liability concern may not be what is on your site (privacy policy, terms of service, product claims, and so on).  It may be the private information not publicly available about your users.

A couple examples in the news highlight this issue.

First, there is the Target data breach.  Target clearly mishandled this by not notifying users their data had been compromised and only including a notice on a corporate site no one visits.  After the class action lawsuits started rolling in, and after banks such as Chase begin limiting and canceling cards, did Target decide it might be a good idea to act like a trusted business and notify customers personally and on its consumer site.

Websites get hacked all the time.  Your site is probably a lot less secure than Target’s site.   However, the data you hold may be just as important to consumers.  It is only a degree of scale.

If your website is hacked and email addresses are stolen for spam purposes – you have a liability exposure.  This may be the biggest exposure your company has.

Second, there are the claims against Facebook, Google, and others about behind the scenes tracking of users without obtaining their permission and invading their privacy.  It will be interesting to see how these cases resolve.  Settlement, without any definitive rulings is certainly a high likely scenario.

What you privately do with user data may not at all be what users expect.  Especially if you are using it in combination with other data received, or tracking users, for the purpose of “targeting” them to sell ads.  Some people get a tad upset when companies secretly use information about them to make a buck.  These types of lawsuit should not be surprising, but major companies seemingly cannot help themselves when it comes to gathering as much private information as possible without wanting anyone to know what they are really doing.

Perhaps they are auditioning to prove their worth to the National Security Agency.

The second issue, how you use user private data, is within your control.  The first, preventing hacks, less so.

Key questions if there is a breach, include whether you even know about it (!) , when you knew of the issue, what was the scope of the breach, and what if anything you then did to protect your users.

I suspect this is a much more common problem than many companies realize or publicly admit to.  How do you think the spammers got your email?

I would not be surprised to see a significant increase in lawsuits filed against companies whose websites are hacked and email addresses are stolen.

 

 

 

California has signed into law AB 370 which is commonly known as the website Do Not Track Law. There are a number of misconceptions about the law, partly due to this moniker. So let us review a few issues and what the law does and does not do.

Change to the law. AB 370 modifies California Business and Professions Code Section 22575.

Who the law applies to. There are four requirements for the law to apply.

  • First, you have a commercial website or online service.
  • Second, you collect personally identifiable information through the Internet.
  • Third, the information you collect is from individual consumers.
  • Fourth, the consumers reside in California.

As we break down these requirements it comes apparent who the law does not apply to.  A noncommercial website does not need to follow the law.  If you do not collect personally identifiable information the law does not apply.  At this point an IP address, which almost all web hosts collect, should not be considered personally identifiable information.  But this may change in the future due to advances in technological tracking or because devices and IP numbers become static and associated with a person.  If you collect information but it is not about personal consumers the law does not apply.  A business to business service may be excluded.

What the law requires.  California law has long required that you have a privacy policy.  The new law adds additional disclosures that must be made in your privacy policy.

First, how do you respond to “do not track” requests in a person’s web browser.  Note: the law does not require that you adhere to any do not track request.  You can track all you want.  You just need to disclose your policy.

This is probably the biggest misperception about the “Do Not Track” law since it does not prohibit any tracking at all.  What it does do is require a disclosure informing consumers you are going to ignore any do not track requests in a web browser and track them anyway.

You also need to disclose if you allow third parties to collect personally identifiable information over time and across different websites.  Essentially, tracking cookies where if a person visited your site about sports cards and then later visits a sports blog, your ad may appear since it is known the person had an interest in your site.

This may be the most difficult aspect of the law to follow since you are expected to know the policies of third party companies.  Those third party advertisers and marketers may not fully, or not accurately (!) disclose their policies to you.  As a result, if there is an ambiguity and place where responsible website owners could still find themselves the subject of government action this is it.

 

Fifteen years ago when the Internet exploded with mass consumer adoption, what is “Internet Law” was more obvious, and less known, because there were so few websites and little legal analysis of the impact on the Internet on existing law.

Today, there is more clarity, although rapidly evolving technologies keep jumping far ahead of the slow moving law.

My definition of “Internet Law” is a legal issue that in some manner has unique aspects because the Internet is involved. Sometimes, the entire issue is unique to the Internet.

For example: consider a simple contract dispute where it is claimed P paid money for services but D did not performs.

Now add in an online click agreement, P is in California, D is in Australia, and services involved a website targeting users in Texas.

Before the Internet this type of scenario was much less likely to happen.

There are also digital issues not seen before, such as trespass, privacy rights, and the ease with which information can be copied with a click, or privacy invaded such as soon by NSA spying disclosures.

When you visit a store are you handed a privacy policy about what happens if you sign up to a mailing list?

Compare that to what happens when you are on a website signing up for an emailed newsletter.

When you are in a store shopping are you handed a contract at the checkout line where you agree to give up many rights and have to send any returns or file any disputes 3000 miles away?

Compare that to what happens when you shop at the same store online?

On the other hand, simply because the “Internet” is involved does not mean hundreds of years of law simply disappeared. The Internet is a tool and method of communication. The vast majority of laws have adapted over the years to various circumstances in which disputes arise, and continue to adapt with the digital age.

A privacy policy is a disclosure on your website that informs people what you do with information about them.

Many webmasters get hung up on what should be in their privacy policy. They are looking for magic words or wondering what legal requirements they need to check off.

There are none. All you have to do disclose the information collected and what is done with it, so someone can decide if they want to provide you with that information.

One of the biggest misconceptions is that having a privacy policy means you must protect someone’s policy. Not so. This is merely a disclosure. If your policy is to collect email addresses and sell them on black market websites, then that is your policy and it should be disclosed. You may not get too many people to give you their email address – although that assumes they even read your policy. Hardly anyone does.

If you are doing something unexpected and evil with customer information, such as selling email addresses from our example, keep in mind it may not be sufficient to have that key detail buried in a privacy policy. The FTC may say you need to make a more prominent disclosure directly where people are are providing their email addresses. This is because most do not read privacy policies and such a policy is so out of the ordinary and would significantly effect decisions about providing an email address.

But for most purposes there are no magic statements in the privacy policy. Just disclose what you do, or not do, with private information that is collected.