Archive – 2020
April 2020
Judge Approves the FTC’s Facebook Settlement on Cambridge Analytica Failings
Report from The Hill
In Brief – A federal judge in Washington, D.C., has signed off on the $5 billion fine and settlement imposed by the U.S. Federal Trade Commission (FTC) on Facebook for privacy infractions exposed by the Cambridge Analytica scandal. Federal District Court Judge Timothy Kelly’s opinion was highly critical of Facebook’s alleged conduct, deferred to the FTC’s authority to craft an appropriate settlement, and noted that changes in law to address broader privacy concerns raised by those challenging the settlement would be appropriately addressed by Congress. The FTC’s investigation focused on whether the company violated a 2011 consent agreement it had reached with the FTC, and besides the record $5 billion fine (for privacy violations), the settlement also requires Facebook to create an independent privacy committee and implement other privacy protections.
Context – The Cambridge Analytica affair was a seminal event in what has become known as the “Techlash”, contributing to regulatory inquiries of Facebook data practices in markets around the world. The partisan 3-2 division among the FTC Commissioners over the appropriate penalty and remedies (majority statement here, Slaughter dissent here and Chopra dissent here) is reminiscent of the FTC’s YouTube settlement regarding COPPA violations last year, and points to possible changes on technology and privacy policy if Democrats regain the White House. In addition, while cobbling together bipartisan agreement on a comprehensive federal privacy bill was unlikely heading into 2020, even before the pandemic sidetracked nearly everything, some see the prospect of dramatically increased state-supported health surveillance as boosting chances for a federal bill.
Federal 9th Circuit Hears Arguments Over Right to Know Court’s Reasoning on Encryption Law
Report from the Washington Post
In Brief – A three-judge panel of the 9th Circuit Federal Court of Appeals has heard arguments in a case pitting the ACLU and the Washington Post against the U.S. Justice Department over the question of whether the public has the right to read a court’s decision regarding limitations of the government’s power to force a tech company to break its encryption to help law enforcement. (Video of the virtual court proceeding is here.) The case originated in 2018 with the federal government attempting to compel Facebook to break encryption on its Messenger service in the context of a law enforcement investigation of MS-13 gang members. Facebook objected and prevailed in a closed federal court proceeding, and the decision was sealed at the request of the federal government which claimed that ongoing prosecutions would be harmed if it was made public. The ACLU filed suit arguing that legal opinions in criminal cases are public under the law and that the public and other courts have a right to know the limitations of government powers under the Wiretap Act.
Context – Law enforcement concerns with the implications of strong encryption are increasingly coming to the forefront in Department of Justice (DoJ), with a particular focus on Facebook and Apple. Top DoJ officials have repeatedly signaled that public safety will be part of their investigation of digital platforms. Many see the EARN IT Act, bipartisan Senate legislation threatening Sec. 230 digital platform liability protection for platforms who do not adopt the “best practices” that would be drafted by a DoJ panel empowered to combat online sex abuse, as a tool to block digital platforms from implementing strong, end-to-end encryption. Attorney General Barr is personally engaged, has regularly charging strong encryption as aiding all types of evildoers, in particular calling out Facebook and Apple for criticism.
Senator Calls for Criminal Probe of Amazon Over Use of 3rd-Party Seller Data
Report from The Hill
In Brief – Sen. Josh Hawley (R-MO), a noted congressional critics of the largest digital platforms, is calling on the Department of Justice (DoJ) to launch a criminal antitrust investigation of Amazon over reports that it used data from third-party sellers to develop competing Amazon-owned products. As reported initially by the Wall Street Journal, former Amazon employees who worked in the company’s “private label” business (comparable products manufactured by Amazon and sold under house brand names in competition with other manufacturers and retailers who sell on the Amazon marketplace) would use information from the operations of those businesses to design and implement the Amazon private label strategy. If Amazon did engage in these practices, it would appear to contradict testimony on the topic in the House Judiciary Committee last year. Sen. Hawley has been a critic of lax Federal Trade Commission (FTC) oversight of Amazon and other tech giants and used the recent report to call for consolidating antitrust authority at the DoJ.
Context – Amazon, like Facebook and Google, is facing a growing range of competition investigations. While the FTC was reportedly assigned Amazon when it and the DoJ divvied up investigations of the four digital giants, they have faced calls to push harder. The European Commission is investigating whether Amazon unfairly preferences its own retail sales over merchants who sell on their marketplace, including the issues raised by Hawley. In Italy and Spain, competition officials are focused on Amazon’s dominance in ecommerce logistics, which some believe are central to their hold over third-party sellers. Finally, in India, competition authorities have filed a complaint challenging a range of Amazon practices preferencing some third-party sellers as a potential way to work around retail foreign investment rules.
Crypto Firm Sues YouTube for Failing to Effectively Police Fraud Videos
Report from Fortune
In Brief – Ripple Labs, a finance and cryptocurrency firm, and its CEO, have filed a federal lawsuit in the Northern District of California accusing YouTube of damaging their brand and reputations, and enabling consumers to be defrauded, by failing to block scam videos related to Ripple’s cryptocurrency business. The suit alleges that YouTube is profiting from the scams through the selling of advertising and asks the court to block YouTube from continuing the practice and provide compensation to the plaintiffs. The scams involving Ripple and its CEO resemble those using the images and names of prominent executives and often offer “giveaways” for a small sum of money without delivering anything of value. The complaint cites numerous instances where hackers took over the channels of legitimate creators and replaced their videos with ones advertising Ripple-related scams.
Context – The video notice-and-takedown regime employed by YouTube and other video platforms were initially optimized to address copyright infringements per the DMCA and many content creators continue to experience them in that context, including claims of over-aggressive take downs. Calls to better address online hate speech and terrorism content has led YouTube to expand those identification and takedown efforts as well. The complaint from Ripple is not based on copyright and may be seen more in line with the landmark trademark infringement case won by eBay in 2008 over Tiffany, where eBay’s efforts to respond to notices of fraudulent listings was key. More recently, Amazon has faced a wide range of charges that its efforts to combat fraud are too lax, both regarding counterfeits and a wide range of seller scams. Finally, Facebook recently settled a UK-based fraudulent crypto advertising defamation suit by committing to support a charity dedicated to protecting consumers from scams.
Washington State AG Sues Facebook Over Political Ad Disclosure Compliance Failures
Report from The Hill
In Brief – The Attorney General of Washington State has sued Facebook for its alleged failure to comply with the state’s political advertising disclosure laws. This lawsuit follows on the heels of a similar lawsuit in 2018 targeting both Facebook and Google which resulted in Facebook paying $238,000 in penalties and legal costs and Google $217,000. While Facebook announced a policy change following the 2018 settlement to stop selling political ads in Washington for state and local races, national issues were not covered. The current WA State AG suit, which charges Facebook with intentionally violating state law, cites at least 171 ads of political committees in the state for at least $525,000 since November 2018.
Context – The debate over political advertising on social networks heated up last fall when Republicans ran ads related to Vice President Biden and Ukraine that Democrats claimed should be banned. A wave of political ad policies from the major platforms followed. Facebook has stuck to allowing political ads and not applying fact-checking to avoid ideological censorship, a position roundly criticized by progressives but generally supported by conservatives wary of unbalanced reviewers. Twitter is banning certain kinds of political ads but permitting some issue ads. Google, like Facebook, is allowing most political ads but will restrict certain types of micro-targeting. Reddit recently announced new political ad disclosure policies, while Snap claims to fact check, and TikTok and Spotify are each banning political ads. While political ad review policies has taken a back seat during the weeks of the COVID pandemic, and the major platforms have taken a relatively aggressive role in virus-related content moderation, being praised in many quarters, as policy debates shift more to related economic issues and responses the prospect of charges of political censorship will likely increase if platforms take aggressive stances.
House Antitrust Committee Chairman Calls for Merger Freeze During Pandemic Response
Report from the New York Times
In Brief – The Chairman of the House of Representative’s antitrust panel has called for a moratorium on mergers being included as legislative language in the next coronavirus-related stimulus legislation. He said this was needed to forestall the kind of mergers and acquisitions that were permitted in the aftermath of the 2008 financial crisis and led to what he claims were negative impacts on workers, competition and innovation. Chairman Cicilline, who is leading investigations into the largest digital platforms, would allow for exceptions in the case of firms that were otherwise truly failing or in bankruptcy.
Context – The pandemic and economic fallout is impacting competition reviews in various ways. While the Federal and State AG big tech investigations in the U.S. are technically plodding ahead despite workflow disruptions, the FTC and DoJ have each announced changes in merger review timetables. And while some see the prominence of the largest platforms in responding to the pandemic as an opportunity to reduce regulatory heat, others believe it will not meaningfully change scrutiny. In Europe, the European Commission is discussing allowing national governments to assist strapped EU firms from being acquired on the cheap by non-European giants. Finally, while the UK Competition and Markets Authority appears committed to increasing scrutiny of the acquisition and investment plans by large digital platforms, scrutinizing deals such as Google-Looker, PayPal-iZettle, and Viagogo-StubHub, the recent provisional decision on Amazon’s Deliveroo deal based on the theory that the pandemic-related economic contraction would cause Deliveroo to fail absent Amazon’s funding illustrates how the crisis can play different ways.
OECD Model Gig Economy Platform Tax Reporting Rules Elicit Comments
Report from MNETax.com
In Brief – The Organization for Economic Cooperation and Development (OECD) is developing model tax reporting rules for Gig economy platform operators to provide national tax authorities with information on sellers and their income. After releasing an initial draft in February, comments from 21 companies and organizations have been posted, including from Uber, AirBNB, Booking.com and Etsy. The project intends to provide governments with a standardized framework for information collection requirements in order to increase tax collection and compliance by digital platform operators in a manner that is less burdensome than if governments proceeded in a haphazard manner. The draft envisions a broad scope of digital platforms being subject to tax reporting schemes, including payment service providers.
Context – While digital platforms that facilitate services by independent contractors have brought significant activity out of the unreported cash economy, many tax authorities have complained that digital platforms and their users operate outside the traditional employer-based tax systems and therefore facilitate tax avoidance, in particular when the platforms are not resident in a country. Mexico, for example, is requiring Gig labor, driving and delivery platforms to withhold and remit income taxes for platform-enabled work done by Mexican residents as of July 1st, something voluntarily done by Uber and a handful of other platforms since mid-2019.
Twitter Settles Children’s Ad Suit Targeting Phone Games Collecting Data
Report from MediaPost
In Brief – Twitter, content creators Disney and Viacom, and a collection of smaller ad-tech developers, have agreed to settle a series of class-action complaints alleging that the companies facilitated behavioral targeting of children who played smart phone games targeted to young people. The proposed settlement deals stem from lawsuits filed in 2017 by parents who alleged that gaming apps created by companies such as Disney, Viacom came embedded with tracking software from mobile ad-tech companies and harvested data on their children for ad-targeting purposes.
Context – New Mexico Attorney General Hector Balderas filed a similar lawsuit in 2018, targeting Europe-based mobile game app maker Tiny Labs, Google, Twitter and other digital communications companies, accusing them of marketing and distributing mobile gaming apps that are used by children and collect personal data in violation of the Federal Child Online Privacy Protection Act (COPPA). Federal District Court Judge Martha Vazquez recently rejected efforts to dismiss the suit, ruling that the case could proceed in federal court in New Mexico. Expanding limits on the ability to collect and use data in the context of digital applications for users under 18 are being widely considered in the U.S. Congress and the UK.
British Tech Trade Group Urges One Year Delay in UK Digital Services Tax
Report from ComputerWeekly.com
In Brief – TechUK, a UK-based trade group representing hundreds of digital businesses, including the largest firms such as Facebook, Google, Apple and Amazon, has called on the UK Government to delay for a year the enforcement of the newly enacted UK Digital Services Tax (DST) due to the many challenges UK-based businesses, even the largest, are facing in dealing with the economic impacts of the COVID pandemic. The UK DST was launched at the beginning of April with the government introducing a 2% tax on the revenue of search engines, social media services and online marketplaces, which derive value from UK users. Businesses will be liable for the digital services tax when the company’s worldwide revenues from digital activities are more than £500 million and more than £25 million of that comes from UK users.
Context – Pre-pandemic, global efforts to tax large digital companies in a new way were kick-started by France’s enactment of a 3% national DST in mid-2019, and a growing number of countries, especially in Europe, followed a similar path — enacting a national DST, the U.S. responding with tariff threats, and the confrontation being deferred in hopes of a multilateral deal. Here is a helpful chart updating European developments as of mid-March. Multilateral negotiations had centered on an OECD plan with on again, off again, progress, and reports from mid-February indicating continued difficulties. The UK DST, which has earned praise from European Digital Policy Commissioner Vestager, may be the next DST tax-tariff tripwire, but most governmental action in the UK, U.S. and the OECD has likely been delayed by the pandemic, and the economic landscape even a few months from now is very uncertain.
Facebook Expands Presence in India Buying Stake in Mobile Provider
Report from the New York Times
In Brief – Facebook has invested $5.7 billion to acquire nearly 10% of the Internet services and mobile provider Jio Platforms, an arm of Reliance Industries which is controlled by India’s richest man. Jio Platforms is noted for dramatically transforming the domestic Indian telecommunications market by offering very low price plans and helping increase the number of Internet users by hundreds of millions. India has been an important market for Facebook for many years, in particular being the country with the most WhatsApp users globally, and the company has faced a number of legal and regulatory challenges, including with its subsidized Free Basics Internet access plan banned, the encryption policies of WhatsApp, and a WhatsApp digital payments offering. Both Jio Platforms and Facebook focused their announcement on the value to Indian micro and small businesses of combining Jio and Facebook platforms to expand ecommerce opportunities.
Context – India has a wide range of public policy issues impacting digital giants. The government released a draft privacy and data protection law in December, and may soon finalize new digital intermediary guidelines in the context of the WhatsApp court case that would open encrypted messaging to law enforcement scrutiny. In addition, the country’s competition authority is pressing the two largest ecommerce marketplace businesses, Amazon and Walmart-owned Flipkart, regarding search ranking policies, discounting, and the treatment of user data, on behalf of trade groups representing smaller traditional and Internet retailers who believe the ecommerce giants are operating in violation of retail industry foreign direct investment limitations.
Federal District Court Rules That Violating a Web Site Terms of Service Is Not a Federal Crime
Report from SecurityBoulevard.com
In Brief – In a decision challenging the expansive federal law enforcement interpretation of the Computer Fraud and Abuse Act (CFAA), the U.S. District Court for the District of Columbia has ruled that violating a website’s Terms of Service (ToS) cannot alone be the basis for a criminal finding that conduct is “unauthorized” under the CFAA. In the case, Sandvig v. Barr, a preemptive lawsuit was brought by a group of university professors planning to engage in research into how algorithms could unlawfully discriminate based on characteristics like race or gender, and in doing so planned to create “tester” accounts which would often technically violate the ToS of various web sites through the provision of phony names and other information. In its opinion, the Court contends that website ToS can’t provide sufficient notice required of criminal laws, that Congress cannot delegate to web site operators the authority to effectively write federal criminal law, and that interpreting the CFAA to criminalize constitutionally protected speech that violates a website’s terms would threaten the 1st Amendment.
Context – While the CFAA was enacted to combat malicious break-ins of private computer systems, making it a crime to “access a computer without authorization” or in a manner that “exceeds authorization,” the law does not clearly define what the phrases mean, and for decades the government has argued for very expansive interpretations. Another key CFAA case underway in federal courts is hiQ Labs v. LinkedIn, where the Ninth Circuit Court of Appeals ruled last year against LinkedIn and held that scraping a public website is likely not a CFAA violation, a decision LinkedIn is appealing to the Supreme Court. Finally, in October, the Supreme Court will hear a CFAA case for the first time, with the case of Nathan Van Buren v. the United States providing the high court the opportunity to address a wide range of circuit court opinions regarding criminality under the CFAA.
Facebook Releases New Libra Digital Payments Plan Aimed at Mollifying Critics
Report from the New York Times
In Brief – In a major revision of the global cryptocurrency plan they outlined just 10 months ago, Facebook and the Libra Association, a membership organization of companies and nonprofits, have released an updated White Paper outlining significant changes to their initial digital currency vision and plans. The biggest change to the Facebook-Libra plan is to shift from building a system based on a single, multi‐currency, “stablecoin” to be used globally, to a digital payment system based on each jurisdiction’s national currency unit, effectively creating Libra‐dollars, Libra‐euros, and so on for each jurisdiction in which Libra operates. While Libra will also have a coin backed by multiple national currencies, which was the focus of the initial design documents, that will be less prominent. The new Libra plan appears to structure the system largely in the manner of existing digital payments businesses, including acceding to existing regulatory and money laundering frameworks, and therefore appears more likely to address the wide range of negative reactions from governments and public officials in the United States, Europe and other key markets globally.
Context – Last June, Facebook announced its plan to create what was described as an alternative financial system of global scale that would rely on a cryptocurrency of an unspecific nature. The reaction from governments and regulators did not go well. In the ensuing months, the company has faced a range of challenges regarding user and data privacy, including the appropriate role for encryption, content moderation, especially political advertising and communications, appropriate policies for the policing of bad user behaviors, and in recent months an entire range of pandemic-related issues. Here is a thoughtful and clear high-level walk through of the new Libra plan, how it could operate, and the kind of changes that appear to have been made to address regulatory headaches and make it more like existing digital payments systems which conform to existing financial regulatory regimes.
Australia to Impose Mandatory Media Content Payments on Large Social Media Platforms
Report from The Guardian
In Brief – As threatened by the Australian Government last December, after a few months of unproductive talks between the country’s leading media businesses and the largest social media platforms, the government has abandoned plans for a “voluntary code of conduct” to govern relationships between the two industries and instead has directed the Australian Competition and Consumer Commission (ACCC) to create a mandatory regulatory regime to address financial imbalances between the industries, which was a top priority of Australia’s Digital Platform Inquiry. The new regime is expected to require covered platforms to pay news media for the use of content, to advise news media of algorithm changes that would affect rankings, to favor original source news content in search results, and to create enforcement penalties and a binding dispute resolution system. The ACCC is being directed to finalize the draft code by the end of July, which will encompass services beyond Google search and Facebook’s main platform, such as Instagram and Twitter, and implement a final version soon thereafter.
Context – Frustration over the massive financial imbalances between the traditional media industry and the digital platform giants has been a driving force behind digital platform competition reviews in many countries, a fact cited by Australia’s Treasurer in announcing their new plan. Just last week, France’s competition authority ordered Google to implement a system to pay for the use of news story snippets and rejected the past remedy employed by Google in France, Germany and Spain of simply abandoning snippets, arguing that behavior was likely an unfair abuse of a dominant market position in search. The Canadian Broadcasting and Telecommunications Legislative Review Panel recommends that digital platforms pay into a fund the government would use to support domestic news organizations.
UK Competition Regulator Approves Amazon – Deliveroo Citing Pandemic Impact
Report from the New York Times
In Brief – After engaging in nine months of review of Amazon’s $575 million investment in UK-based food delivery platform Deliveroo, the UK Competition and Markets Authority (CMA) has announced its decision to provisionally clear the transaction based on the determination that Deliveroo would likely cease to operate in the absence of the investment due to the impacts of the pandemic and related economic disruptions on the company’s restaurant and food delivery business. In earlier stages of their review the CMA had concluded that the deal could leave UK customers, restaurants and grocers facing higher prices and lower-quality services in the restaurant and grocery delivery markets. At the time of deal’s announcement last May, Deliveroo was one of Europe’s fastest growing platform companies and used 60,000 riders to deliver meals from more than 80,000 restaurants and “dark kitchens” in 13 countries.
Context – While the UK CMA is one of a series of national competition authorities that appear committed to increasing scrutiny of the acquisition and investment plans by large digital platforms, scrutinizing deals such as Google-Looker, PayPal-iZettle, and Viagogo-StubHub, the provisional decision on Amazon’s Deliveroo deal shows that the pandemic and economic fallout is impacting competition reviews in various ways. While the Federal and State AG big tech investigations in the U.S. are technically plodding ahead despite workflow disruptions, the FTC and DoJ have each announced changes in merger review timetables. And while some see the prominence of the largest platforms in responding to the pandemic as an opportunity to reduce regulatory heat, others believe it will not meaningfully change scrutiny. In Europe, the European Commission is discussing allowing national governments to assist strapped EU firms from being acquired on the cheap by non-European giants.
Google Ordered to Pay French Media for Snippets and Content Links
Report from TechCrunch
In Brief – France’s competition authority has ordered Google to negotiate with French publishers to pay for the use of news story snippets and rejected the Google remedy of simply abandoning snippets. Other EU Member States, including Germany and Spain, have passed laws calling for payment for the use of news snippets in search results but have not managed to extract funds from Google, with the search giant choosing to strike the use of snippets or even ending their Google News service in a national market entirely. In this case, France’s competition authority criticized that tactic as unfair behavior, taking the view that Google’s unilateral withdrawal of snippets in France last year rather than providing payments to media firms likely constitutes an abuse of a dominant market position in search.
Context – Frustration over the financial imbalances between the traditional media industry and the digital platform giants has been a driving force behind digital platform competition reviews in many countries. In Australia, the government plan to implement the Digital Platforms Inquiry includes a demand for Google and Facebook to negotiate a plan to increase payment for news content, and the Canadian Broadcasting and Telecommunications Legislative Review Panel is recommending that digital platforms pay into a fund the government would use to support domestic news organizations.
UK Competition and Markets Authority to Review Viagogo’s StubHub Deal
Report from Reuters
In Brief – The UK Competition and Markets Authority (CMA) has announced its decision to move forward with a Phase 1 review of the Viagogo acquisition of StubHub from eBay, Inc. which was completed in February. The CMA cited concerns in December that the tie-up of the two large digital platforms for secondary market sales of event tickets could substantially lessen competition in the UK, and has set a case schedule with a June 11 deadline to announce whether the CMA would proceed to a more substantive Phase 2 review.
Context – The UK CMA is one of many national competition authorities that appear committed to increasing scrutiny of merger, acquisition and investment plans by large digital platforms. The Amazon – Deliveroo deal review, like PayPal – iZettle and Google-Looker, sees the CMA trying to project how competition could proceed in the absence of a deal. The proposed merger of Yahoo! Japan and the Naver-owned Line app business will provide insight into the trend in Japan and Korea. The Google plan to acquire FitBit, seen by many as designed to better compete with Apple, is likewise under review from the U.S. Department of Justice and is expected to face scrutiny in the EU and Australia. Of course, much of this appears slowed down by the COVID pandemic and response.
Class Action Antitrust Suit Targets Price Parity Policies of Restaurant Delivery Services
Report from Reuters
In Brief – The largest restaurant food delivery platforms have been targeted by a class action lawsuit filed in U.S. District Court for the Southern District of New York for allegedly exploiting their dominance in restaurant meal delivery services to impose contract terms on restaurants that require menu prices for dine-in eating to be the same as prices offered via the delivery platform, while imposing fees ranging from 10% to 40%. The plaintiffs claim that consumers have been harmed by increased prices on meals served in the restaurants and that the contract terms were harming in-restaurant sales for a number of years. While the suit has been filed during the COVID crisis in New York City, it does not allege specific conduct related to this time when most restaurants nationally have been required to close their dining rooms.
Context – The use of contractual price parity, or “MFN” clauses, by digital platforms, has been a legal and regulatory concern for a number of years. Such clauses prohibit the platform-enabled seller of a good or service from offering a lower price to customers off the platform than they offer to customers on the platform even when the platform’s fees are higher than alternatives. The Online Travel Agency (OTA) industry, with platforms attempting to require hotels to offer the same room rates on the platform as they do on their own websites (or on other platforms), has been a particular target of governmental concern globally, for example in Europe, Japan and India. Facing regulatory criticism, Amazon abandoned an MFN price party mandate on third-party sellers in Europe in 2013 and with U.S. sellers in 2019, although many third party sellers have charged that Amazon now uses it’s Buy Box algorithm to impose a similar price parity requirement on sellers.
Google Education Suite is Latest Target Under Illinois Biometric Privacy Law
Report from CNet
In Brief – With many millions of students across America engaged in Internet-enabled remote education for the first time, a federal lawsuit filed in the Northern District of California, on behalf of two students from the State of Illinois, alleges that Google’s G Suite for Education service collects biometric data in violation of Illinois’ Biometric Information Privacy Act (BIPA) and the federal Children’s Online Privacy Protection Act (COPPA). The plaintiffs allege that Google’s education services collect and store face templates and “voiceprints” from students without the knowledge and consent of parents. G Suite for Education is marketed to school districts, teachers and parents as a way to provide low-cost technology tools, including a host of free Google software, and is governed by an agreement with the school districts that participate in the program that allows schools to control account access, and requires schools to obtain parental consent when necessary.
Context – Illinois’ BIPA is increasingly the center of biometric privacy litigation in the U.S. since the Illinois Supreme Court decided in January 2019 that a statutory violation was sufficient to trigger standing under the law. BIPA imposes a range of obligations on companies that collect or obtain biometric information (such as facial scans, fingerprints, iris scans and voice prints), including obtaining written consent before collecting or sharing such information. Facebook recently settled a BIPA suit regarding its photo tagging services, and Google is facing a similar BIPA suit regarding its treatment of user photos. IBM, Amazon, Vimeo and Clearview AI are other high-profile targets. On the COPPA front, Google is facing two suits brought by the Attorney General of New Mexico, including one focused on G Suite for Education, and a second dealing with the use of data collected by games directed to children.
European Commission and Council Working to Finalize Terror Content Take-down Law
Report from Euractiv
In Brief – The European Commission and Council are working to address concerns of the European Parliament in order to wrap up legislation enacted by the Parliament last spring to require digital platforms to identify and take down pro-terrorism content uploaded by users. The goal is for platforms to take down content within an hour. The effort, kicked off in September of 2018, has been spurred on by a number of individual European country initiatives as well as the live-streamed massacre in Christchurch, New Zealand, last year. One of the key points of contention between the parliamentarians and the other two bodies has been whether platforms would be required to implement the use of upload filters, which are generally of more concern to civil libertarians as a threat to free speech and are not supported by the Parliament. Many believe that working through the last disagreements over the terrorism content bill will set important precedents for the EU Digital Services Act expected later this year.
Context – France and the UK are each working to finalize legislation requiring digital platforms to identify and take down a much broader range of objectionable content, following on major initiatives enacted in Germany and Australia. In France, legislation dubbed the Avia Law targeting a wide range of “hate speech” was passed by the French National Assembly last summer, and while still the subject of disagreement with the French Senate, due to French legislative procedures is expected to go into effect later this year. In the UK, the British Government has expressed its commitment to implementing the recommendations of the Online Harms White Paper which proposes new requirements for platforms on a wide range of objectionable user content.
Indian Retailers Ask for Restart of CCI’s Amazon-Flipkart Unfair Competition Probe
Report from Reuters
In Brief – The Indian retailer trade group Delhi Vyapar Mahasangh has filed an appeal with the Karnataka High Court urging the court to allow the Competition Commission of India (CCI) to restart its investigation of Amazon and Flipkart (owned by Walmart). The CCI has accused the two dominant ecommerce platforms in India with engaging in unfair business practices related to alleged preferences provided to supposed independent third-party sellers which, the CCI alleges, were related to the ecommerce platforms themselves. The CCI investigation, initiated in January after much retailer pressure, was put on hold in mid-February when the Karnataka High Court imposed a two-month stay at the request of Amazon.
Context – In India, financial links between foreign-owned ecommerce marketplaces and platform sellers raise unique legal and regulatory issues due to the country’s strict foreign direct investment (FDI) limits in the multi-brand retail sector compared to the open FDI rules for ecommerce marketplace platforms. In short, while foreign-owned enterprises can operate digital marketplaces, they cannot own retail businesses that could undercut small shopkeepers. The hybrid nature of Amazon’s usual ecommerce business, and Indian ecommerce marketplace Flipkart’s purchase by Walmart, has raised concerns that the two platform giants are engaged in potentially illegal tactics to circumvent the retail FDI rules. When the Court instituted the stay in February it noted that the Indian Enforcement Directorate, the regulator for FDI policies, was already engaged in an investigation of the two companies initiated in March 2019 regarding the same set of potentially illegal activities.
Despite COVID Pandemic DoJ Review of Google-FitBit Moving Forward
Report from the New York Post
In Brief – Although the broad collection of anti-trust and related investigations of the biggest digital platforms at the FTC, Department of Justice, the US Congress and among State Attorneys General might be plodding ahead despite the workflow disruptions of the pandemic, or might be meaningfully delayed, it is reported that the Department of Justice (DoJ) scrutiny of the proposed Google acquisition of fitness wearables and app company FitBit is moving apace under the helm of US Attorney General William Barr. The acquisition of fitness and health data from FitBit’s 28 million users, which Google has said they would not use for advertising purposes, is a key issue and raises high level concerns with the broad trend of the largest digital companies expanding into health and wellness services.
Context – While AG Barr has taken leadership of the overall DoJ review of tech giants, and indicated that he wants action by mid-summer, the DoJ antitrust division has released a statement indicating that it is changing its merger and acquisition review processes to account for its changed work policies, including asking for an additional 30 days for merger reviews that are in their final stages. In Europe, the Google-FitBit acquisition will also be reviewed, and the European Data Protection Board (EDPB), made up of national data protection authorities and the European Data Protection Supervisor, has warned Google and FitBit of their concern that the further accumulation of personal data by a data holder as large as Google, and its potential combination with other types of personal data, could pose a high level of risk to privacy and data protection. However, Competition Commissioner Margrethe Vestager has stated clearly that the EU review of the FitBit acquisition would fall squarely in the hands of the competition authorities.
Presumptive Presidential Nominee Joe Biden on Tech Issues – A First Take
Report from CNet
In Brief – Absent a black swan event (those never happen, right?), the withdrawal of Sen. Bernie Sanders from the Democratic presidential nomination race means that former Vice President Joe Biden is the party’s presumptive pick to run against President Donald Trump. Although digital and technology issues are not likely to be at the top of the issues most voters will consider, and the media will cover, they will remain part of the discussion, now likely colored by how digital technologies and the largest platform companies are impacting the societal response to the COVID pandemic. This article gets the ball rolling with a pretty balanced high-level overview of Biden’s positioning on Net Neutrality & Rural Broadband, Big Tech (Anti-trust & Section 230), Privacy and China policy.
Context – On digital policy issues, former VP Biden has been most outspoken over the past year on the topic of Section 230 and the appropriate role of digital platforms to monitor and police user-generated content, in particular what some see as fakes and falsehoods in political communications and advertising. Biden, like House Speaker Nancy Pelosi, has been the subject of a range of online communications that many progressives have considered ripe for aggressive platform moderation, and the general unwillingness of the largest platforms to block political communications has led him to call for essentially ending Section 230. Net Neutrality, a seemingly eternal Internet policy issues, also makes the rundown. With the country’s digital networks handling the dramatic growth of use by many millions working, schooling and socializing remotely, both sides of the disagreement over broadband rules have claimed that their policy positions, hardened over the two decades of ardent debate, have been proven justified.
Zoom Video Conference Service Faces NY Attorney General Security Questions
Report from the New York Times
In Brief – Zoom, a multi-person video conferencing platform known for ease of use that has seen one of the largest spikes as tens of millions of Americans have been pushed into working, schooling and socializing from home during the pandemic, has been asked by the Attorney General of New York about its privacy and security policies and technology, including its efforts to address concerns that hackers can exploit security weaknesses and access the camera of a Zoom user.
Context – While much of the world might consider Zoom an overnight success, the nine-year old platform (which went public in 2019 and has nearly doubled in value since mid-January) was growing before the pandemic super-charged video conferencing. Like many user-generated video platforms, the site has been implicated in sexual abuse and child pornography scandals. More recently, the privacy policies of the service has been questioned, including charges that user data was unknowingly shared with Facebook, which was the subject of a Zoom apology to users and a very recent change in its privacy policy. As home-bound Internet video-event organizers learn more about Zoom, they are also learning about “Zoombombing,” the malicious practice of a person joining an open Zoom meeting and sharing unwanted content, such as pornography. As opposed to a tech flaw, apparently the defense against this bad behavior is to limit screen-sharing to certain participants or make events invitation-only.
Indian State Requiring Hourly Selfies to Prove Quarantined Persons are Staying Home
Report from India Today
In Brief – The Government of the State of Karnataka, India, is using an innovative mobile app tool to curb violations by people in home quarantine, requiring every person under quarantine to upload hourly selfies between 7 am and 10 pm with their picture geotagging turned on. Health authorities will compare the photo geotags with the GPS location of their homes. The health authorities state that those not abiding by the new app-based selfie protocol will be moved to centralized quarantine centers.
Context – Location data and tracking technology, both by digital services and mobile phone companies, have been aggressively incorporated into governmental public health efforts in a growing number of countries, including China, South Korea, Taiwan and Israel. In China, the digital platform giants have supported the creation of tracking maps, close contact detectors and a COVID 19 risk tracking score app. Taiwan logs all quarantined persons into a phone tracking system that alerts police if the phone leaves the home or is turned off, and the police call the phone at least twice a day to make sure it is not simply left at home. Many South Koreans have volunteered to use a public safety app that tracks patients and helps enforce quarantines but has raised privacy concerns. In Israel, the government has tapped a mobile phone location database developed to fight terrorism, but the program has been challenged in court. Western governments have reportedly been using anonymized phone and location data in their COVID response efforts.
U.S. Antitrust Agencies Outline Position on Corporate Cooperation to Address COVID-19
Report from Bloomberg Law
In Brief – Antitrust enforcers at the U.S. Justice Department and Federal Trade Commission have issued a joint statement indicating that they are open to some forms of procompetitive collaboration between companies intended to help fight the pandemic, including the establishment of an expedited review process for such plans, while also reiterating that efforts to restrict supplies or elevate prices remain a violation of federal law. While joint pharmaceutical research, medical device development, or the manufacture and distribution of personal protective gear to hospitals has been the focus of discussions of private sector coordination, the general guidance and processes laid out by the two agencies apply broadly regarding goods or services intended to help address the medical emergency and the resulting economic and social impacts of the widespread social distancing orders. The agencies reiterated that companies considering collaborative efforts can still run afoul of the law by sharing too much sensitive data, fixing prices, rigging bids, dividing up specific markets or customers, or otherwise restricting output for a product or service.
Context – Similar guidance from the European Commission Competition Authority and the UK Competitive Markets Authority recognizes the potential benefits of cooperation between private sector actors to meet the many challenges of the pandemic while at the same time reiterating in clear terms that anticompetitive conduct to reduce supply or elevate prices in the emergency will the dealt with harshly.
Remote Education Challenges for Disabled Students Concern Educators and Advocates
Report from EdSource
In Brief – While state and federal education leaders have attempted to assure school districts that they would be given flexibility in regards to their ability to serve special education students in the context of the rapid shift to remote learning caused by mass COVID-19 school closings, many districts are reportedly wary of legal liability if they are unable to appropriately educate those students using remote tools and technologies. The federal Department of Education has announced that school districts should continue providing special education services while also stating that they would have greater flexibility in meeting timelines spelled out in federal special education laws, and some states have also indicated a willingness to grant leeway in meeting the challenge. While the federal announcement was welcomed by special education advocates due to its commitment to striving to meet the needs of special education students, some school administrators are reportedly concerned that the challenges of meeting the wide range of special education challenges with technology and services will leave them open to legal action.
Context – Accessibility for people with disabilities is a long-standing challenge for digital platforms and services and the federal courts have not been clear on what is necessary in all cases. In the educational context, the wide range of potential disabilities and special education challenges has proven to be a problem for technology-based remote learning, not so much because digital services don’t help, but because digital services often better serve some than others. With millions of students thrust into remote learning by the pandemic, the eventual response of regulators and the courts will remain to be seen.