In this episode, we discuss online privacy, privacy policies, and we answer the question, “Where is the new Tool album?”
Music: Cullah, “Rhythm of the Funk;” Cloudkicker, “Digital Lightning.”
Eric: Hello and welcome to Asked and Answered, Episode 5, brought to you by Revision Legal and Intellectual Property Law and Internet Law Firm.
I’m Eric Misterovich and I’m here with my partner John DiGiacomo.
John: Hello and happy Friday.
Today I’m excited to talk about two of my favorite things; privacy and Tool.
Eric: Yeah, you … I love seeing the Facebook updates of drafting to Tool in the background. Must get you pumped up to write some briefs.
Why don’t we talk a little bit about just privacy in general. It’s a hot topic right now. The NSA … There was just a federal ruling about NSA’s tactics being invalid and outside the scope of their authority. This issue of privacy is just everywhere in our face right now.
John: It really is and it’s a really fundamental issue that goes back to the Bill of Rights. In the United States, we don’t have a statement about privacy that is explicit in the Bill of Rights.
We have these amendments to the U.S. Constitution that create, what are called, a conumbra of privacy rights. They typically arise out of Roe v. Wade and these other cases on contraceptives that created this little shadow of privacy rights that isn’t really that explicit.
So because there is no stated privacy amendment to the U.S. Constitution and because there isn’t really a federal statute addressing a lot of these things. We just go by common law. That is in complete contrast to the EU. EU has this data protection directive and now Canada has a similar piece of legislation that says that the EU and Canada now are opt in societies.
Eric: Yeah, that opt in/opt out choice … It may seem like a small difference but it can cause major, major changes in society. You know, everything from opting in to say like, organ donation, is an opt in thing.
I read a book about this in how much difference can happen in a society from the opt in/opt out. The way that we treat privacy … Maybe it’s going to change at some point. I think people are certainly getting tired of being spied on almost. It’s not really spying on because you’re consenting to it by using these websites or anything, but it feels wrong at some level.
John: Yeah it really does. It’s interesting that in light of the growing public concern about both surveillance in the private sector and in the public sector, courts are starting to treat privacy a little bit differently. I think, as of yesterday, a court … I believe it was at … No, excuse me, it was a second circuit. The second circuit said that the mass surveillance of U.S. citizen’s phone records is unconstitutional.
In the past we would have said “No, it’s okay because of terrorism”. [crosstalk 00:04:23] That’s really the default position. [crosstalk 00:04:24] Now courts are saying “I don’t know about that”.
I’ll put this in the show notes if I can find it. I remember watching a video one time … It was, I think, a Swedish video. It was about privacy and privacy policies and it had people coming into a bakery. They would buy, you know, whatever … a bagel, muffin, and the cashier would say “Where do you live? What’s your address”? and start asking them all these really personal questions and the consumer was just like, “I’m not answering that”. Then they would leave and the person would just follow them out the store and following people, following them down the street because that’s what happens online.
It’s shocking when you actually see it in real life, if you want to call it that. It feels completely wrong and it’s completely normal online.
John: It is and, unfortunately, no one has really taken on the task of getting a federal data policy law. I think that’s probably the next step and it’s probably going to take a very serious data breach, even more serious than the ones that we’re seeing now which are incredibly serious because it’s millions of people, to get there.
Eric: Right. Those are complex agreements that can be long, they can be confusing. We certainly try to make them as easy and adjustable as possible but that’s not always the case. That’s why I thought this idea from the University of Texas was really interesting.
I’ve played around with it a little bit and it seems to work. I haven’t really checked it for accuracy. I think these privacy policies can be pretty complex sometimes. I think it’s a really good start, I’m almost surprised this is one of the first times I’ve heard of something like this.
John: Yeah, it almost seems like you would have some kind of independent agency that helped consumers understand what information is being collected and that agency would then standardize that information across websites.
That would be kind of a cool tool. This seems more of a syntax based tool, so the accuracy is probably not going to be the greatest but it’s a really good start. Kudos to Texas for taking this on.
Eric: Yeah and your idea of standardizing it kind of reminds me of, I think, the recent changes and what happens with credit card bills. I think they made those … I think there was legislation passed that attempted to standardize those and make those more easily digestible. It seems like maybe that’s the kind of model to help websites explain how they are collecting or what they’re collecting and what they do with the information that they collect from you.
John: Yeah and I think that some states have tried to do that. California is the most notable example and we’ll talk about that later.
If it’s not at a federal level, all of a sudden, it becomes very burdensome to comply with. It really does have to be at the federal level so everybody is on the same page, every consumer knows exactly what they’re getting. Like I said, this is a great start.
Eric: Yeah, it’s cool. I’d check it out, it’s called “Privacy Check” on Google Chrome extension. It’s an interesting little tool.
Why don’t we talk about this world of website agreements that we’re often tasked with drafting? We know that these are important and we spend a considerable amount of time getting these right for our clients but I’m not sure the rest of the world understands why these things are important.
John: No, I don’t think they do and I think a lot of times they skimp on them or they decide to copy and paste them from somebody else’s site and that’s really not a great idea.
So, for example, if it’s a social media website, it will take a non exclusive license so that the website operator has accurate rights to display the content that the user is submitting to the website.
You know, this is one time where it’s really the website operator’s chance to set the rules. This is your website, this is your business. It’s time for you to set your rules of how people are going to use this website. People should take advantage of that and set rules that they want and that protect their interests.It’s one of the few times you really get to layout … This is the rules of the business. You don’t really get that option too many times in life and I think people should take care of that and take advantage of it.
John: They definitely should and one thing the consumer should know is that these things are enforceable. It’s not like the old days when they weren’t enforceable. They are enforceable under two theories; one is the Browser App theory, which is that once you browse the website and interact with it, you ascend to the terms. The other is the standard “I Agree” click grab theory, which is that once you click an “I Agree” button to accept those terms, you ascend to them.
It’s important to understand what, as a business owner and as a consumer, what you’re getting into when you’re interacting with one of these websites.
Eric: Yeah, yeah, they’re important, they’re enforceable, they’re the chance to protect your business and, like you said, they are not something that should be copied and pasted. It’s, you know … There’s no doubt that you can look at other sites and understand what they did, get an idea but you want to craft these to how you operate. You don’t want to have provisions in there that don’t apply to you. You want to have these provisions tailored to what you do and how you respond to it. Not just shove this off, copy and paste and get on with your life.
You’re really missing out and really opening yourself up to, like you said, that example. A real pain in the ass if you don’t take care of these.
John: Yeah, huge pain in the ass. One of the biggest pains in the asses that I’ve ever seen was that a large, large company that we represent has a tool on its website that provides some specific data. So, lo and behold, it finds that its competitor is taking …Excuse me, has written a script to scrape the data associated with that tool and replicate that tool on its own website.
Eric: Yep, yeah, and one area that often comes up in the online space is the issue of copyright infringement. You know, this doesn’t apply to every website and that’s the point here is if you are a social media site, you’re going to have specific concerns. If you’re an eCommerce store you’re going to have specific concerns. If you’re basically just an informational website about your business and there’s not a lot of interaction, you’re probably going to have less concerns. If you’re a crowd funding portal, you’re gonna have even more concerns. Anytime there are users interacting with your site and posting content, there becomes an issue with copyright and copyright infringement.
There’s a federal law, called the Digital Millennium Copyright Act, that applies in these settings. It’s a very useful tool for copyright owners. It provides a notice and take down procedure by which copyright owners can have infringing images, songs, movies, words, websites removed quickly. Because the internet is what it is and it’s so easy to copy and reproduce content, this has been a very valuable tool for copyright owners.
For website owners, there’s different levels of concern, different actions they should take to take advantage of what the DMCA offers. That’s typically by registering or designating an agent, right?
John: Right. A lot of people think “Well, I’ll just respond to DMCA notices and it’s cool, nothing is going to happen as long as I content down”. Well, that’s not actually the case. If you, for example, are a service provider and you receive a DMCA notice and you do not have a registered agent with the U.S. copyright office, you don’t qualify for the safe harbor. You can be sued directly for direct liability or secondary liability for the republication of that copyrighted content.
Eric: Yeah and we’re talking about designating a copyright agent … It’s a one page form, its a relatively small fee and what do you get for that? You get immunity from copyright infringement lawsuit. It’s a huge, huge benefit and it’s something that if you’re copying and pasting, you’re not going to understand the importance of this. If you’re not dealing with an attorney who understands what they are doing, you’re going to be left out of this protection.
John: Yeah and it’s really not smart to be left out of the protection.
So let’s talk a little bit about privacy policies now. Privacy policies … Well, you tell me, what do you think privacy policies are for?
I know an example of this came up, I think recently in the Radio Shack bankers …
John: Yeah, I was just going to say that, absolutely.
Eric: Yeah and I think companies, because of the role that privacy is playing in everyone’s lives right now and because everyone is really concerned with it or aware of the NSA or aware of what’s happening, I think a lot of these companies look at these privacy policies and they go “I don’t want take their data” or “I don’t want to sell it, I’m not going to share it. I don’t want to do any of this” and they think it will scare consumers off to even talk about it.
John: Absolutely. Like everything in life, while most things in life, the answer is somewhere in the middle. It’s not this “Well, we’re not going to collect any information” and it’s not “Well, we’re going to collect all information, we’re going to sell it to whoever wants it”. It’s more about transparency. If the company is transparent with it’s customers and it specifically identifies, in a transparent way, the information that it’s collecting and using, then customers are going to feel okay in interacting with that company. That’s all there is to it.
Consumers aren’t as stupid as we think they are.
John: Absolutely. I just got a notification in my email from my thermostat that sent me my April home report telling me my energy usage.
Eric: Mm-hmm (affirmative).
John: Why do I need them to collect this information? As I privacy lawyer I should probably be opting out of this one.
John: I just thought that was timely and relevant.
Eric: Yeah. It is. I … So, I cook a lot at home and half the time I’m cooking from a recipe and foodnetwork.com or something and I do it on my phone while I’m trying to cook and watch a baby and all this stuff and it’s a real pain because every time I go there, they ask me if they can track my location. I always wonder, “What the hell does food network need to know”? You can’t have my information of where I am. Just give me the recipe.
It is, you know … To give the consumers the ability to opt out like that is important but how a company manages all of these interesting questions of interacting with consumers and setting themselves up to be best protected. It’s a really interesting issue and one that you need to talk to an attorney that is experienced in this area.
John: Yeah and it’s really interesting now because we live in this federalist system. There is no federal law on point but yet there’s a bunch of state laws that need to be navigated. The most interesting of all of them right now is California.
California is just a ridiculously large state. It is the home of Silicon Valley. They have adopted this California, what’s called “Shine the Light” law, that is an online privacy protection act that covers the collection and disclosure of the collection of personal and personally identifiable information.
Eric: Yeah, California. It’s always California. They usually are on the cutting edge of these kinds of laws and yeah, they have these California privacy rights and California Online Privacy Protection Act and these are specific state law rules about privacy policies.
The privacy rights provision allows consumers to reach out to a website and have the summary of the information collected and dispersed by a website given to them. They can do that once a year. This is a provision that we include in our privacy policies and it takes people by surprise usually when they read those and they say “What is this? Why am I subject to this”? Most time people aren’t going to use it, but it is the law in California and it is … You should comply with it.
It’s usually not too difficult to comply with and a lot of companies won’t even be triggered by it depending on what you are doing with the data but it is the law in California. I think it’s useful … I’m not … I need to see some stats on who actually evokes this.
John: Yeah, that would be really interesting to know. I suspect that it is very few people.
John: Yeah, absolutely.
John: You and I both love to write, that’s what we do for a living so it’s always fun to be able to try to write something that is coherent and yet, at the same time, legally effective and a good attorney should be able to do that.
John: I like to talk like robot, so I don’t know what you’re talking about.
Well, let’s answer today’s … Usually during this time, we answer a question from a user and today we’re going to pretend Maynard James Keenan from Tool has sent us a question, so let’s discuss the new Tool album which is … It’s been 8 years since the last Tool album which was called “Ten Thousand Days”. I’m a huge Tool fan. I have probably seen them live about 8 or 9 times and, in fact, last year, Maynard James Keenan walked through the alley behind my office and I was the only one in town who recognized who he was and I got a really creepy picture of him from my window. Which, subsequently, I posted on Facebook and Twitter, so go out and check that out.
Eric: That’s hilarious.
John: So Tool has not had an album in 8 years and why have they not had an album? It’s because they’ve been involved in this copyright infringement related lawsuit.
Eric: Yeah, it was … John, you’re more familiar with this, but I know it was about some artwork, right? Is that how it started?
John: Yeah. So, in 2007, Adam Jones, who is this guitarist for Tool, incredibly talented guy, but also an artist and typically does the art for their music videos and a lot of their album cover art, had hired a friend to do some work, creative work, for the album.At this time in 2007, this friend said “Hey, you didn’t pay me for this. I own copyright rights to this content and therefore I’m going to sue you”.
Well, Tool, like a lot of other businesses, had a general commercial liability policy and once it got sued, its insurance carrier, Clarendon Insurance Company, paid about $450,000 to settle the case. Well, once the case was settled, Clarendon turned around and sued Tool for a breach of contract. The reason they did that was because they claimed that Tool was liable to indemnify the insurance company for the amount paid to settle the case because the exclusions that were contained within the intellectual property … Excuse me, not the intellectual property but a commercial general liability policy, excluded this type of claim. The payment for this type of claim, so, basically, Tool was on the hook.
Eric: Yeah and this comes down to … It seems like there was an easy fix in this situation if there was some planning done ahead of time.
John: Yeah, I mean, this is a huge deal. This is what we always tell clients and that’s why I said the question should’ve come from Maynard James Keenan. The question is, “What do I do when I work with a contractor”? What’s the answer to that question?
Eric: Have a work-for-hire provision in the contract.
John: Yeah, it’s so basic and clients never really understand this. You have to have work made for hire contract in the agreement with your contractor or if you didn’t have one at the outset, you need to have an assignment after the fact because a work made for hire provision is not enough if the work was created previously or, excuse me, prior to the execution of the contract.
Eric: Yep and just as background, this is a function of copyright law. When the author creates a work that is fixed in a tangible medium, they are the owner of that copyright right.
A common example of this is wedding photographers. You hire this photographer, they charge you triple the normal cost because it’s a wedding and they take all these pictures and then they edit them all, they make them available in an online gallery that’s marked with a watermark. If you want any of these pictures, you got to buy them from the photographer. Why do I have to do that? I already paid you an enormous amount of money to come take the photos. Well, it’s because they are the owner of the photo. You are not, unless you had a work-for-hire agreement between you and the photographer. That way, all of the copyright rights would vest in you as the owner instead of the photographer.
It’s an enormously important provision that, I would say, wildly overlooked by most people.
John: Yeah and I would agree. I think there’s one other aspect of this case that’s really instructive. That is that you need to read your insurance policy. If you are an online business and you’ve just adopted a general commercial liability policy, you probably should find out what is and is not included in that policy. Typically those policies will cover what is called “Advertising injury”, which is an injury related to defamation or a claim for the right of publicity, invasion of the right of publicity, but it doesn’t usually cover intellectual property infringement. Intellectual property infringement policies are very expensive but, in a lot of cases, they’re really important. So you should work with both your insurance agent and your attorney to kind of understand “How can I best ensure the risk that is associated with my business”?
It sounds like Clarendon didn’t have a very well drafted contract here.
Eric: Yeah, certainly. To be in 7, 8 years litigation … Yeah, someone failed at their job here because there’s no way that should be that difficult of an issue.
John: Yeah, so, thankfully … Well, at least from my perspective, thankfully, in January of this year, Tool prevailed at trial which means there’s a new Tool album coming and for you that clicked on this because we’re talking about Tool; I’m sorry I don’t have any information. Wish I did.
Eric: So you don’t know when it’s coming out?
John: No, I have no clue. In fact, when I … I’ve actually met Maynard James Keenan and when I did, I went out of my way not to ask him that question because I read up before interacting with him that he might slap the shit out of me.
Eric: Yeah, I’m sure he’s tired of answering that question.
John: So, that’s all we’ve got this week. You have anything else?
John: Yeah, I hope so too and again, this isn’t legal advice. You should always contact an attorney about this stuff and thanks for listening.
Eric: Yeah, go check us out on Facebook and Twitter. Drop us a line if you have any questions that you’d like us to discuss and we will see you next week.