In This Issue:

• Affiliate Links on Social Media
• Class Action Says Baby Bump Isn’t Showing (Disclosures)
• DOJ to Fraudsters: Get Off Our Lawn!
• Pokémon Go Producers Attacked by Strange Plaintiff-Beasts
• It’s Not Too Late to RSVP for our Webinar
• Connecting the Dots Between Security Practices and Legal Obligations: California’s Connected Devices Bill

Affiliate Links on Social Media

Researchers reveal disclosure failures in YouTube, Pinterest posts

Let’s Put On a Show!

Affiliate marketing on social media is becoming more and more prevalent.

Here’s how it works. An ordinary consumer or social influencer creates content regarding a product or service that she posts to YouTube or Pinterest. With that content, the individual or social influencer (now wearing an affiliate marketer hat as well) furnishes a link that takes a person directly to an e-commerce website where he can purchase the product or service − Amazon.com, let’s say. When a YouTube or Pinterest user clicks that link and purchases the product, the affiliate marketer gets a percentage of the sale.

The range of products that can be pushed this way is staggering, and the money isn’t bad either, if the affiliate marketer’s social media posts get enough attention.

Shhhhh! Don’t Ruin a Good Thing!

Despite the homespun quality of much of their advertising − and the genuine brilliance of some of the content − affiliate marketers have rules to play by, established by the Federal Trade Commission (FTC). However, according to a recent Princeton University research paper, few of the affiliate marketers are paying much attention to those rules.

According to the paper, titled “An Empirical Study of Affiliate Marketing Disclosures on YouTube and Pinterest,” 90 percent of affiliate marketers’ posts on two of social media’s most important outlets − YouTube and Pinterest − do not disclose the nature of their content to viewers at all.

As we’ve covered before, the FTC requires disclosure of material connections between marketers and the brands they’re pushing. And starting back in April 2017, the FTC began serving notices to the most visible affiliate marketers − celebrities and other social influencers − that their lapses have been noticed.

The Takeaway

The authors of the research paper combed through half a million videos on YouTube and two million Pinterest “pins” to reach their conclusions: Only 10 percent of affiliate marketers disclosed the nature of their relationships, but user engagement is generally higher on posts that contain affiliate links.

Furthermore, the study notes that the majority of affiliate marketers who did bother to disclose used an “affiliate link” disclosure − for example, the phrase “Disclosure: These are affiliate links” − which is not enough, according to FTC guidelines. The FTC prefers “explanation disclosures,” wherein the affiliate marketer explicitly announces that the relationship exists, for instance: “This video contains affiliate links, which means that if you click on one of the product links, I’ll receive a small commission.”

According to the researchers, “explanation disclosures” were the least common form of disclosure used by affiliate marketers, when they used a disclosure at all.

Class Action Says Baby Bump Isn’t Showing (Disclosures)

Automatic renewal terms and cancellation policy nowhere to be seen, says plaintiff

What to Expect?

Gift boxes for expecting moms are quite popular, and a number of services are available online that send one-off packages or even regularly scheduled mailings to moms-to-be. Mommy Mailbox, The Ecocentric Mom and the slightly sinister-sounding Box Me Mommy are just a few such services revealed by a cursory internet search.

For a somewhat modest fee − often between $20 and $40 per gift − the newly expectant mother will receive a grab bag of gifts, including pregnancy-related beauty supplies, relaxation aids and inspirational keepsakes. Subscriptions are available − some services offer packages through the first, second or third trimester; others continue delivering packages into the first months of the baby’s life.

One of these services, Bump Boxes, Inc., drew the ire of customer Kathy Lira, who filed a class action complaint in California’s Central District against the company in March 2018. According to receipts included in her complaint, Lira purchased a “monthly pregnancy subscription” from the company. And those same receipts furnished the material for her lawsuit.

The Takeaway

The complaint levels several charges against Bump Boxes under the California Business and Professional Code. Lira claims that the company failed to provide clear and conspicuous disclosure of its automatic renewal policy and charged her for a continuing subscription without obtaining her affirmative consent. Moreover, she accused Bump Boxes of failing to provide an acknowledgment including the automatic renewal terms and the cancellation policy. According to Lira, these activities violated California’s automatic renewal statute and unfair competition law.

DOJ to Fraudsters: Get Off Our Lawn!

FTC joins in DOJ’s anti-elder-fraud efforts

Kids Today

The Department of Justice (DOJ) launched a wide-ranging campaign against elder fraud in February 2018. “Each year, an estimated $3 billion are stolen or defrauded from millions of American seniors,” said Attorney General Sessions at a press conference on February 22. He added that the elder fraud threat “is only growing,” noting that reports to the Senate Aging Committee’s Fraud Hotline doubled between 2015 and 2016.

“We will not let this crime continue to rise,” he promised.

In addition to ordering every U.S. attorney’s office to appoint an “elder justice coordinator” to execute the campaign in individual districts, Sessions announced a policy of increased cooperation and coordination with federal regulatory, enforcement and service agencies. Accordingly, Sessions praised the Federal Trade Commission (FTC) for assisting in the effort: The FTC has been focused on elder-fraud cases, and announced two new complaints against alleged fraudsters on the same day that the campaign rolled out.

Game of Stones

The first case, Federal Trade Commission and State of Missouri v. Next-Gen, Inc., involves the FTC taking on a pair of men who allegedly ran more than 30 companies that sent phony award mailers nationwide. One type of mailer produced by the pair claimed that the recipient had won some serious cash (sometimes amounting to millions of dollars) and only had to play a short and very easy “game of skill” and send in a comparatively small fee (up to about $140) to claim the winnings.

The mailer failed to disclose, however, that there were multiple rounds of the so-called game, each requiring additional fees to “advance,” and ending with a puzzle that was so difficult that few people would ever solve it.

The FTC claims that the pair’s scams defrauded consumers, many of whom were elderly, to the tune of $100-plus million over the past five years.

Technical Foul

The other case, Federal Trade Commission v. Genius Technologies, involves the owner of two companies that allegedly teamed up with overseas telemarketing groups to rip off older Americans.

According to the FTC, the scam involved a scare tactic whereby the telemarketers, located in India, would call unsuspecting American consumers and convince them that a hacking attack against their computers was imminent. Because they posed as representatives of well-known and respected technology companies, they often persuaded their targets to buy old or useless security software at vastly inflated prices.

The defendant is accused of creating business accounts and running payment accounts to collect the ill-gotten funds.

The Takeaway

The second case is particularly interesting because, according to the FTC, it began as a relatively straightforward scam, but opened the door to identity theft and other more serious legal violations: The telemarketers, once given access to install the security software, would make off with the victim’s personal information.

This sort of hybrid scam represents the novel threat posed by the marketing of computer support technologies to the elderly, many of whom are unfamiliar with these technologies and the policies that most tech support groups at legitimate companies adhere to. Without a doubt, law enforcement agencies like the DOJ and FTC will take action against individuals and companies that engage in these types of practices, particularly in light of the recently announced focus on protecting elderly consumers.

Pokémon Go Producers Attacked by Strange Plaintiff-Beasts

Class action targets Niantic, Nintendo for encouraging gameplay trespass

Nostalgia

Remember Pokémon Go? We ask because it’s been nearly two years since it was released.

Back in 2016, the game was a huge fad, and many people still play it. If you weren’t part of the craze, or have since forgotten because a hundred years of events have occurred in the intervening months since its release, here’s a refresher.

In the original Pokémon video gaming franchise, players (also called trainers) attempt to catch and collect Pokémon, the sometimes-mostly-cute fantasy creatures from which the franchise name is derived. They then use Pokémon from their collections to have creature-to-creature battles with other players.

The added twist Pokémon Go put on the franchise is that the hunt for the creatures takes place in real life. Pokémon Go is a smartphone application; when a player comes close to a real-world location determined by Niantic, the games’ developer, he or she receives an alert that a Pokémon is nearby. The phone’s camera display then depicts the Pokémon as part of the real-life environment. Players use the app to try to pursue and catch the Pokémon.

What could go wrong?

Who Will Train the Trainers?

Sure, the game was a smash success, boasting 750 million downloads by the first anniversary of its release. But its popularity unleashed hordes of Pokémon-obsessed players on the real world, where before they had been safely tied to a gaming console or a passive, purely virtual gaming app.

Because Pokémon and Pokémon training centers − “Pokéstops” − were placed in environments with high concentrations of gamers, players were tracking down their quarry in inappropriate locations − not just in innocuous streets, parks and fields. There were complaints about Pokémon players congregating in the National Holocaust Museum, the National September 11 Memorial and other culturally sensitive locations. Players gathered in dangerous spots too − railway tracks, for instance.

And, of course, on people’s lawns.

Pokélaw

Shortly after the release of the application, Jeffrey Marder, a resident of West Orange, New Jersey, filed a class action in the Northern District of California. Pokémon players, he claimed, had appeared at his front door, asking for access to his backyard so that they could catch Pokémon that had been placed there. Because he had not given the game developers permission to use his physical address in connection with the game, he sued Niantic, Nintendo (the franchise owner) and The Pokémon Co. (the franchise’s marketer and licenser).

Marder, citing similar cases across the country, argued that the companies’ conduct gave rise to claims for nuisance and unjust enrichment; his case was merged with several other plaintiffs’ cases alleging similar circumstances, some arguing that the defendants’ actions gave rise to trespass claims.

The Takeaway

Niantic and its co-defendants fired back with a motion to dismiss, maintaining that the plaintiffs’ trespass claims failed because virtual Pokémon game assets do not actually intrude onto real property. Moreover, the defendants specifically “required players to promise they would not trespass before they could play” through their terms of service. The defendants also argued that a nuisance claim was not stated because the plaintiffs failed to establish that Niantic was the “legal or proximate” cause of the players’ behavior. This approach to liability, the motion argued, would leave innumerable online services open to legal attack.

Despite the motion, the case will continue. The court denied the defendants’ motion to dismiss, noting that the idea of “virtual trespassing” was novel enough that it should not be decided at the motion to dismiss stage. The court also indicated that defendants’ arguments were really about issues of fact, and were therefore more appropriate for determination following summary judgment. 

It’s Not Too Late to RSVP for Our Webinar

Building Cyber Resilience: Compromise Response Intelligence in Action

Join members of BakerHostetler’s Privacy and Data Protection team for a webinar discussion on the 2018 BakerHostetler Data Security Incident Response Report. Partners Theodore Kobus, Craig Hoffman and Lynn Sessions will share lessons from their experiences helping executives identify risks, appraise response metrics and apply company-specific risk mitigation strategies. For more information and to register, click here.

Connecting the Dots Between Security Practices and Legal Obligations: California’s Connected Devices Bill

California, in its usual trend to be a first mover in regulating new technology, has had an information privacy connected devices bill in the works since Feb. 13, 2017. In March 2017, we identified the bill and privacy concerns the state and regulators may be considering when it comes to connected devices. Less than a year later, in January 2018, the bill moved from the state’s Senate to being considered in the state’s Assembly. It has been read once and is currently being “held at desk” in the Assembly, waiting to be referred to a committee. After being introduced, the bill was substantially transformed. We discuss the details here.