Marc Roth and Esra Hudson Invited to Speak at PLI’s TechLaw Institute 2015
The Practising Law Institute (PLI) TechLaw Institute 2015 will explore the legal and practical minefields of cutting-edge technology issues, equipping attendees with the essential information to keep their fingers on the pulse of the evolving digital landscape.
As the co-chair of the TechLaw Institute 2015, Manatt partner Marc Roth will kick off the two-day program with introductory remarks. He will also participate in a panel discussion focused on “Emerging Issues in Big Data and Analytics” which will cover the “big” issues involving big data, including developments in Web scraping and Web crawling technology, data retention, privacy implications and prohibited uses. In addition, Roth will speak in a session titled “How Technology is Changing the Face of Marketing, Advertising, and Social Media.” This presentation will review how technology is changing the advertising game, highlight the top concerns of consumer protection regulators and explore “native advertising” and related issues.
Esra Hudson, a partner in the firm’s Employment and Labor practice, will speak on a panel titled “The Virtual Workplace.” She and her co-panelists will explore home networks and BYOD, compliance and employee monitoring, cloud computing issues, and labor and employment considerations.
TechLaw Institute 2015 will be held on April 8-9 in New York, NY and on May 14-15 in San Francisco, CA. Registration is also available via Web cast for the May 14-15 program. For more information or to register, click here.
back to top
NAD: A Product Can’t be The “#1 Prescribed Brand” Without Other Prescribed Brands
A “#1 brand prescribed” claim implies that professionals have a choice in prescribing brands, the National Advertising Division explained in a new decision, recommending that an advertiser discontinue such a claim as it was the only brand available for prescription.
Splintek touted its SleepRight dental guards as the “#1 Brand Prescribed by Dental Professionals.” Competitor Prestige Brands, the maker of The Doctor’s NightGuard line of dental guards, challenged the claim. Prestige argued that the advertiser lacked substantiation for its claim.
In addition to being the only brand of dental guard available by prescription, the challenger said that a survey relied upon by Splintek to support the claim lacked an adequate sample size, was outdated and not blinded, and failed to confirm that the respondents were qualified to prescribe dental guards.
The NAD agreed, stating:
“NAD considered but was not persuaded by the advertiser’s argument that because it is the only brand of dental guard available by prescription, that its claim that it is the ‘#1 Brand Prescribed by Dental Professionals’ is supported,” according to the decision. “A claim that a product is the #1 brand prescribed by a professional reasonably conveys the implied message that professionals have a choice in prescribing brands, and choose the one brand instead of another.”
The advertiser’s dental professional survey also failed to sway the NAD. Of the 1,000 dental professionals contacted, just 111 individuals responded. Most respondents reported that they did not prescribe over-the-counter dental guards at all, the NAD said. Of those that did, just 14 said they prescribed SleepRight dental guards.
“Notably, the survey did not screen individuals responding to the survey to ensure they were dental professionals, and some were not ‘dental professionals’ but were employees working for dental professionals,” the NAD wrote. The decision also frowned upon the fact that Splintek conducted the survey itself and did not inform the respondents, and that it was conducted in 2009, rendering it outdated.
“For all of the foregoing reasons, NAD determined that the advertiser’s survey was insufficiently reliable and recommended that the advertiser’s ‘#1 Brand Prescribed by Dental Professionals’ claim is unsupported and should be discontinued,” the NAD concluded.
Prestige also challenged Splintek claims that the material of certain dental guards is “4x stronger than any other guard” and “2x stronger than any other guard.” Splintek agreed to modify its claims to “Bitepad material [is] 4x stronger than leading competitor” and “Bitepad material [is] 2x stronger than leading competitor,” but the NAD still recommended that the modified claims be discontinued.
For quantified, objectively provable, comparative claims, the best supporting evidence would be head-to-head testing, or controlled, repeatable testing under consumer-relevant conditions, using accepted methodology and protocols, the NAD explained.
Instead, Splintek only offered an affidavit from its internal chemist reviewing the reported tensile strength of the challenger’s bitepad material and comparing it to the strength of the bitepad material used in Splintek’s products.
This evidence “was insufficient to support its claims as it failed to compare the strength of the bitepad materials as used in the competing products, nor did the advertiser demonstrate that the tensile strength of the bitepad material correlates in a linear fashion with the pressure applied by consumers using the products, or address the impact manufacturing or consumer use has on the bitepad material strength,” the NAD wrote.
To read the NAD’s press release about the decision, click here.
Why it matters: Claims concerning the preferences of medical professionals—such as “#1 brand” claims—“carry a great deal of weight with consumers,” the NAD noted, “and thus must be supported by highly reliable evidence, namely well-conducted surveys of … professionals.” When considering a survey, the self-regulatory body said it considers factors such as the purpose of the study or survey, the soundness of the methodology and survey design, the reliability and appropriateness of the survey questionnaire, and the significance (including the statistical significance) of the results.
back to top
Yelp Sues Over Fake Review Services
Yelp is taking action against Web sites that offer to help businesses improve their reviews and ratings, filing suit against three individuals for unfair competition, false advertising, cybersquatting, and trademark infringement, as well as violating Yelp’s own terms of service.
Not only are the businesses a sham, they “undermine the integrity of Yelp’s platform,” according to the California federal court complaint. “The Yelp site has become one of the most popular business review websites on the internet because consumers trust that the reviews are genuine and unbiased. This established trust and goodwill is no accident—Yelp vigilantly protects the legitimacy and authenticity of the reviews on the Yelp site.”
The defendants operate “unlawful” and “predatory” sites such as “Yelpdirector” and “Revleap,” which claim to sell business owners 4- and 5-star Yelp reviews and to “filter” or remove businesses’ existing 1-, 2- and 3-star Yelp reviews, Yelp alleged. Using spam—and infringing on Yelp’s trademark in the process—the defendants marketed and promoted their services to Yelp customers, prospective customers, and listed businesses.
For example, one e-mail message read, in part, “Hi there, We invented a software that allows you to proactively generate a large number of 4 and 5 star reviews from your customers in a way that makes them stick to the front page of Yelp. All reviews 3 star and below are filtered by the system and never posted online.” Another claimed that “Yelpdirector.com is giving control back to businesses.”
Yelp learned of the defendants when customers began to complain to the review site about the e-mails. Although the company sent cease and desist letters to the defendants, they continued their illegal activities, Yelp alleged.
The defendants willfully and knowingly violated federal and state unfair competition and false advertising statutes, according to the complaint, in addition to infringing Yelp’s trademark and cybersquatting. Not only are consumers likely to be confused by the defendants’ use of Yelp’s marks, but actual consumer confusion had already occurred, the company said, with consumers complaining about the spam messages and believing an affiliation or connection existed between Yelp and the defendants.
Further, the defendants violated Yelp’s terms of service, which explicitly prohibit compensating someone or being compensated to write or remove a review, posting fake reviews, and other conduct that could lead to biased reviews.
The suit seeks an order enjoining the defendants from infringing and diluting Yelp’s marks, transferring the “yelpdirector” site to Yelp, awarding actual, statutory, punitive, and treble damages, as well as attorney’s fees and costs, and halting any activity that violates Yelp’s terms of service.
To read the complaint in Yelp v. Herzstock, click here.
Why it matters: Yelp has cracked down on similar scams before. Last year, the company won a default judgment in California federal court for $45,000 against a man who allegedly operated a fake review company that claimed it could help improve the ratings for reviewed businesses. In addition to the monetary award (for trademark infringement), the court also enjoined the defendant from using Yelp’s name in ads or Web sites. Ironically, Yelp itself has been accused of the exact same behavior in multiple lawsuits, with businesses claiming that the site offered to hide bad reviews with the purchase of advertising on the site. While the Ninth U.S. Circuit Court of Appeals recently affirmed dismissal of one suit, a separate case remains pending in California state court.
back to top
“Heightened Risk of Future Identity Theft” Not Enough for Data Breach Plaintiff to Sue
A claimed “heightened risk of future identity theft” in the wake of a data breach does not provide standing for a plaintiff to sue the company that suffered the breach, a federal court judge has determined.
Texas hospital St. Joseph Health System was the victim of a cyberattack in December 2013, and one of the 405,000 patients and employees whose information was compromised filed suit in Texas federal court. Beverly Peters claimed that her personal information—including her name, address, Social Security number, birthdate, medical records, and bank account information—was placed online by the hackers, where it was misused by unknown third parties.
As a result, there was a fraudulent charge to her Discover card, an attempt to access her Amazon account, her e-mail account was compromised, and she received unwanted telephone solicitations, she alleged.
St. Joseph moved to dismiss the suit, arguing that Peters lacked standing to sue because she had not suffered a cognizable injury. Discover paid for the fraudulent charge and closed her account to prevent future fraud, Peters changed her e-mail account password, and the hospital provided one free year of credit monitoring and identity theft protection for all victims, the defendant told the court.
U.S. District Court Judge Kenneth M. Hoyt agreed, ruling that Peters could not plausibly establish a “certainly impending” or “substantial risk” that she would be victimized, the standard set by Clapper v. Amnesty International USA, 133 S. Ct. 1138 (2013).
“The Court cannot agree that she faces a ‘certainly impending’ or ‘substantial’ risk of identity theft/fraud as Article III requires,” Judge Hoyt wrote, particularly as Peters’ complaint “raises the possibility that fraudulent use of her personal information could go undetected for long periods of time—even ‘years into the future.’ ”
“ ‘Unless and until these conjectures come true,’ Peters’ alleged future injuries are speculative—even hypothetical—but certainly not imminent,” the court said. “Critically, Peters ‘cannot describe how [she] will be injured without beginning the explanation with the word ‘if.’ For example, Peters might be able to demonstrate harm if third parties become aware of her exposed information and reveal their interest in it; if they form an intent to misuse her information; and if they take steps to acquire and actually use her information to her detriment. The misuse of her information could take any number of forms, at any point in time.”
The plaintiff’s theory of standing “relies on a highly attenuated chain of possibilities,” the court concluded. “As such, it fails to satisfy the requirement that ‘threatened injury be certainly impending to constitute injury in fact.’ ”
A mere allegation that risk has been increased does not transform that assertion into a cognizable injury, Judge Hoyt added, and even if Peters had spent money prophylactically on credit monitoring services to ease her fears of future third-party criminality, she would still fall short of the constitutional standard for standing.
While the Supreme Court’s decision in Clapper should have resolved a circuit split among the federal appellate courts, some district courts have recognized Article III standing for claims of future harm suffered by data breach victims, even after Clapper. Despite Peters’ reliance on such decisions, the court emphasized that Clapper “compels the conclusion that Peters lacks standing to bring her federal claims to the extent they are premised on the heightened risk of future identity theft/fraud.”
Peters also failed to establish an actual injury, the court said. Discover never charged her for the fraudulent purchase and closed her account, Peters changed her password after her e-mail account was compromised, and a ruling from the court would not prevent unwanted contact from third parties, the judge said.
“Certainly, the Court can neither ‘control [n]or … predict’ the ‘unfettered choices’ made by these companies, who are not before the Court and are independent of St. Joseph in any event,” the court wrote. “Peters has not made the requisite demonstration of injury, traceability and redressability for her alleged injuries. Lacking viability, her federal claims are dismissed with prejudice.”
To read the opinion in Peters v. St. Joseph Services Corp., click here.
Why it matters: While the court declined to address the viability of Peters’ state or common-law claims, Judge Hoyt was clear that she lacked standing for federal claims on either an actual injury basis or heightened risk of future identity theft or fraud. Companies facing a data breach—or at least those in Texas—can breathe a little easier.
back to top
Urban Outfitters Zip Code Class Action Settles for $700,000
Urban Outfitters and Free People reached a deal worth roughly $700,000—excluding attorney’s fees and costs—with a class of plaintiffs that claimed the national retailers illegally collected their zip codes.
The class action suit was one of the many filed after Massachusetts’ highest court held that zip codes are personal information under the state’s consumer protection laws and retailers can be liable for collecting and recording them.
Lauren Miller claimed that she provided her zip code during a credit card purchase at Urban Outfitters because she believed it was necessary to complete the transaction; instead, the company used the information to identify her address using a commercially available database in order to send unwanted marketing materials.
To settle the suit, the retailers agreed to provide two subclasses of plaintiffs with gift cards. The “first time” collection class—composed of members that Urban Outfitters and Free People sent marketing materials to after collecting their zip codes for the first time following a credit card purchase in a Massachusetts retail store since August 15, 2009, and March 26, 2010, respectively—will receive a $20 card. The parties estimated that about 32,593 customers of Urban Outfitters and 2,387 customers of Free People will make up this subclass.
In the second group, the “previous collection” subclass includes customers who provided their zip codes when they ordered merchandise over the telephone, Internet, or by mail prior to providing their zip codes in a retail location. The estimated 2,916 (Urban Outfitters) and 242 (Free People) members of this subclass will receive $10 gift cards.
The proposed settlement “substantially achieves” the goal of redressing the retailers’ “unlawful invasion of its customers’ privacy” and alleged violation of Massachusetts consumer protection laws, the plaintiff told the court in her motion for preliminary approval.
“Class Members, as customers of Urban Outfitters and/or Free People, will value the $20 or $10 Certificates they will receive, and there are items at Urban Outfitters and Free People that can be purchased for the Certificate amounts ($20 or $10), so Class Members will be able to use the Certificates without having to spend additional funds,” according to the motion.
In addition to the gift cards, the deal provides that the defendants will comply with all provisions of Massachusetts law going forward.
The total value of the gift cards is estimated to be $731,180. The retailers also agreed to pay two $2,500 incentive awards as well as up to $200,000 for class counsel attorney’s fees and costs.
To read the plaintiff’s motion in support of preliminary approval of the settlement in Miller v. Urban Outfitters, click here.
Why it matters: The deal—totaling almost $1 million, including the settlement fund, payment to class counsel, and incentive awards—is within the range of other agreements in similar suits challenging the collection and use of zip codes. Retailer Michaels agreed to pay $875,000 in a Massachusetts federal court suit that settled last year while $600,000 ended a California suit against OfficeMax.
back to top
Most Read Stories
In case you missed any, here are our top 10 most widely read stories in January:
1. “NAD Sweeps Away Swiffer’s Comparative Performance Claims”
2. “FTC Settles Deceptive Marketing Claim With Supplement Maker”
3. “SPECIAL FOCUS: Fifth Circuit Clarifies the Law on False Advertising Involving ‘Scientific Debates’”
4. “Former NFL Players Score Again”
5. “Safeway Must Pay Customers for Higher Online Prices”
6. “False Ad Suit Tossed For Lack of Evidence of Deception”
7. “In Legal Battle, Kale Triumphs Over Chicken”
8. “Fourth Circuit: Fluoride Labeling Suit Preempted, Properly Tossed”
9. “FTC’s Ramirez: Internet of Things Raises Privacy, Security Concerns”
10. “President Obama Focuses on Cybersecurity, Privacy, Data Breach Notification”
back to top