Header graphic for print


Updates on Developments in Global Privacy & Data Security

D.C. Circuit Grants Stay in Battle Over Access to Content Companies’ Confidential Information

Posted in Broadcasting & Cable

The FCC was set to release today hundreds of thousands of pages of highly confidential documents — including unredacted programming distribution agreement materials and negotiating strategy documents — for inspection by third parties as part of the Commission’s review of the Comcast-Time Warner Cable and AT&T-DIRECTV mergers.  On Friday, November 14, however, a coalition of the largest broadcast and cable networks (“Content Companies”) won a temporary stay from the U.S. Court of Appeals for the D.C. Circuit, which halted the FCC’s disclosure of such documents and ordered briefing to help it decide whether the companies’ confidential pricing and negotiation information should be released by the FCC.

Continue Reading

FCC Issues “Enforcement Advisory” Warning Political Campaigns and Promoters Against Robocall Abuse

Posted in Telecommunications

Yesterday, the Federal Communications Commission’s Enforcement Bureau issued an advisory reminding political campaigns about the restrictions placed on the use of autodialed calls, prerecorded calls, and text messages by the Telephone Consumer Protection Act (“TCPA”) and the FCC’s corresponding rules.  The Enforcement Bureau warns that it is “closely monitoring this space” and will “rigorously enforce the important consumer protections in the TCPA and [the FCC’s] corresponding rules.”

The advisory summarizes four key restrictions on political calls:

1.  Political prerecorded calls or autodialed calls to cell phones and other mobile services are prohibited unless made with the “prior express consent” of the recipient. 

  • This restriction applies to autodialed live voice calls, prerecorded calls, and text messages.
  • Callers contending that they have the “prior express consent” to make such calls have the burden of proof to show that they obtained the requisite form of consent.

2.  Political prerecorded calls or autodialed calls to certain types of landline phones are prohibited unless made with the “prior express consent” of the recipient.  

These restrictions apply to the following types of landline phones:

  • emergency telephone lines, including any 911 line and any emergency line of a hospital, medical physician or service office, health care facility, poison control center, or fire protection or law enforcement agency;
  • telephone lines in guest or patient rooms at a hospital, nursing home, or similar establishment; or
  • any service for which the recipient is charged for the call, such as a toll-free line.

3.  Political prerecorded calls must include certain identification information about the caller.

 All prerecorded calls must include the following:

  • At the beginning of the message:  the identity of the business, individual, or other entity that is responsible for initiating the call.  If a business or other corporate entity is responsible for the call, the recording must contain that entity’s official business name (meaning the name registered with a state corporate commission or other regulatory authority).  
  • During or after the message:  the telephone number of such business, individual, or other entity.  The telephone number may not be for (1) the autodialer or prerecorded message player that placed the call, (2) a 900 number, or (3) any other number for which charges exceed local or long distance transmission charges.

4.  Automatic telephone dialing systems that deliver prerecorded calls must release the recipient’s telephone line within five seconds after the recipient has hung up.  

  • In addition, an automatic telephone dialing system may not be used in a way that simultaneously engages two or more telephone lines of a multi-line business. 

The Enforcement Bureau issued a similar advisory in September 2012, which we described here.

Upcoming Webinar: “Advertising Drugs and Health Care Products via Social Media: FDA Regulation”

Posted in Social Media

On Wednesday, May 7, Covington attorneys Stefanie Doebler and Saurabh Anand will be participating in a webinar that might be of interest to many of the readers of this blog.  The presentation, entitled “Advertising Drugs and Health Care Products via Social Media,” will provide attendees with an overview of a recent FDA draft guidance addressing social media, and will also address the following areas:

  • The regulatory scheme and FDA’s policy surrounding advertising and promotion via social media;
  • Implications of FDA’s enforcement actions relating to social media on advertising and marketing operations; and
  • Open questions relating to FDA’s regulation of advertising and promotion on social media.

The webinar will take place from 11 a.m. to 12 p.m. Eastern time on May 7.  For more information and to register, please click here.  For an overview of the draft guidance, see our client alert here.


ECJ Confirms Application of Consumer Protection Measure to Cross-Border Services

Posted in Uncategorized

By Miranda Cole and Katharina Grosse-Ophoff

In its UPC judgment this week the European Court of Justice (“ECJ”) has clarified the application of consumer protection laws to, and the jurisdiction of national regulatory authorities over, providers of electronic communications services (“ECS”) that are established in one member state who provide services in another.  The court also confirmed that ECS providers need not establish a branch in member states in which they provide service, as long as they are established in at least one member state.

Continue Reading

FDA Issues Untitled Letter Focused On Promotional Claims On Facebook

Posted in Social Media

On March 12, FDA’s Office of Prescription Drug Promotion (“OPDP”) posted an untitled letter on its webpage alleging that Institut Biochimique SA’s (“IBSA”) Facebook page for the drug Tirosint® misbranded the drug.  The untitled letter is particularly noteworthy for its focus on one statement on a firm’s Facebook page.

Continue Reading

FCC Establishes Quality Standards for Closed Captioning

Posted in Broadcasting & Cable

By Daniel Kahn and Paul Swain

The FCC has adopted new rules regarding closed captioning quality for television programming.  At its meeting yesterday, the Commission unanimously approved a Report & Order that will establish four “non-quantitative” quality standards for closed captioning, requiring captions to be (1) accurate, (2) synchronous, (3) complete, and (4) properly placed.  The Report & Order will also address a number of related issues, including captioning of live and near-live programming, responsibility for ensuring caption quality, and new requirements for broadcast stations using Electronic Newsroom Technique.

Live, Near-Live, and Pre-Recorded Programming.  The new rules will distinguish between live, near-live, and pre-recorded programming in the application of the four quality standards—pre-recorded programming, for example, will be held to a higher standard than near-live and live programming, because of the increased opportunity to correct quality issues—but contrary to reports in the trade press that had been circulating, no hard, numerical distinctions will be established.  (FCC staff noted after yesterday’s meeting, however, that there is “an understanding” that there should be “very few errors” in pre-recorded programming.)  The Commission also approved a Further Notice of Proposed Rulemaking (“FNPRM”) seeking comment on how to improve captioning of live and near-live programming, among other issues.

Responsibility for Ensuring Caption Quality.  Under the new rules, video programming distributors (“VPDs”) will be held responsible for ensuring caption quality.  VPDs will be required to “make best efforts” to receive certification that captioning complies with the quality standards, that it meets certain industry best practices, or that it is exempt from captioning requirements.  However, the FNPRM will seek comment on whether responsibility for caption quality should remain with VPDs, or whether and how it should be reapportioned among the entities involved with providing closed captioning.  Commissioner Pai stated that the rules adopted “recognize the limited ability of [VPDs] to control captioning quality” and identified consideration of responsibility as a “near-term” issue.  FCC staff also noted that in some cases, programmers “may be in a better position” to address quality issues.

New ENT Requirements.  The Report & Order will contain additional requirements for broadcast stations permitted to use Electronic Newsroom Technique (“ENT”).  Specifically, broadcasters using ENT will be required to pre-script more of their news programming, including sports, weather, and most late-breaking stories.  Additionally, the new rules will require that crawls and other visual information be used to provide visual access to certain news segments that cannot be pre-scripted.

Procedural Improvements.  The FNPRM will seek comment on measures to enhance access to and improve FCC procedures (including creation of an online dashboard that would allow consumers to monitor the status of closed captioning complaints), as well as methods of reporting captioning outages.

Declaratory Ruling.  The Commission also approved a Declaratory Ruling that will clarify and reaffirm existing rules with respect to captioning of on-demand programming and bilingual English and Spanish programming, obligations of low power television stations, and VPD contact information.

Further details about the new rules, including compliance deadlines, will be available once the decision is released.  The FCC’s news release about the decision is available here.

The CJEU’s Nintendo v. PC Box: ‘Proportionate’ DRMs?

Posted in Intellectual Property

By Alain Strowel, Michael Clancy and Hee-Eun Kim

On January 23, 2014, the Court of Justice of the European Union (CJEU) ruled on the legality of anti-circumvention measures or DRMs for video games (Case C-355/12 Nintendo v. PC Box).[1]  Here are the links to the full text of the judgment and the non-binding Advocate General’s opinion.

In the EU, DRMs are protected against circumvention under Article 6 of the Copyright Directive.  The plaintiff Nintendo’s DRM was capable of blocking not just illegal copies but also independent games, programs and other multimedia content.  A mod chip maker PC Box opposed it as being not “proportionate” under EU law.

The CJEU ruled that, although Article 6 of the Copyright Directive defines DRMs broadly, the legal protection applies to DRMs that are “proportionate” under EU law.[2]  To assess the proportionality of a DRM, according to the CJEU, it is necessary to ask whether a less restrictive technological measure, if any, could have achieved the same goal of protecting copyright without preventing legitimate activities.  For this assessment, the CJEU discussed the following factors.

Relevant factors for assessing the proportionality of a DRM:

  • Whether the DRM prohibit devices or activities which have a “commercially significant purpose or use other than to circumvent the technical protection (emphasis added)”;[3]
  • A comparison of the cost and effectiveness of the DRM versus available alternatives;
  • A survey of evidence on the purpose and actual use of a circumventing device:  namely how often the device was used for copyright-infringing purposes and other purposes;
  • The current state of technology;[4]
  • (The copyright holder’s particular intention of use is not relevant to the analysis.)[5]

What might be the consequences of a ‘disproportionate’ DRM?  A copyright holder with a ‘disproportionate’ DRM will not be able to rely on the legal protection of a DRM as a basis to challenge providers of mod chips or other circumvention devices.  According to the CJEU, legal protection is “granted only with regard to [DRMs] preventing or eliminating, as regards works, acts not unauthorized by the rightholder of copyright […]” and “[t]hose measures must be suitable for achieving that objective and must not go beyond what is necessary for this purpose.”[6]  Thus, “if such measures prevent also acts which do not require authorization then, if they could have been designed so as to prevent only acts which require authorization, they are disproportionate and do not qualify for protection (emphasis added).”[7]  In those circumstances, the right holder cannot rely on the DRM protection, but (s)he can of course still invoke a copyright violation.  Some questions, for example whether a ‘disproportionate’ DRM may lead to an antitrust or unfair competition claim, were not addressed by the CJEU.

The ruling contains an additional language which can support companies’ control over resale of game copies acquired through digital distribution e.g., by downloading.  In UsedSoft, the CJEU previously held that under the Software Directive the distribution right of lawfully downloaded software is exhausted after its first sale and that a user license for an unlimited period with a one-time payment is a sale which triggers exhaustion.  In addition, the CJEU in UsedSoft noted that the Software Directive constitute a lex specialis in relation to the Copyright Directive, which means that the applicability of the Software Directive is limited to software.

By reiterating the relationship between the two Directives, the CJEU appears to imply that the scope of the UsedSoft ruling is not extended to resale of a video game which is not ‘pure’ software.  The CJEU noted that original graphic and sound elements of a complex video game can be protected by copyright in the context of the Copyright Directive.


[1] Case C-355/12 Nintendo v. PC Box (January 23, 2014).

[2] This is not the first time that the proportionality principle is introduced to balance IP rights and other interests.  See e.g., Case C-128/11 UsedSoft v. Oracle (3 July 2012);  Case C-70/10 Scarlet v. SABAM (24 November 2011);  and Case C-403/08 Premier League (October 4, 2011).

[3] Recital 48 of the Copyright Directive.

[4] AG Opinion, Case C-355/12 Nintendo v. PC Box (September 19, 2013), para. 52.

[5] AG Opinion, Case C-355/12 Nintendo v. PC Box (September 19, 2013), para. 67.

[6] Case C-355/12 Nintendo v. PC Box (January 23, 2014), para. 31.

[7] AG Opinion, Case C-355/12 Nintendo v. PC Box (September 19, 2013), para. 52.


Annual FCC CPNI Certification Due by March 1

Posted in Privacy & Data Security, Telecommunications

Yesterday, the Federal Communications Commission’s (FCC’s) Enforcement Bureau issued a reminder that annual CPNI certifications for calendar year 2013 must be filed with the FCC by March 1, 2014.

The FCC requires telecommunications service providers (including paging providers, commercial mobile radio services providers, and calling card providers) and interconnected VoIP service providers to file an annual report certifying compliance with the FCC’s rules protecting Customer Proprietary Network Information (CPNI). CPNI includes the sensitive information that a customer makes available to the carrier solely by virtue of the carrier-customer relationship, such as the phone numbers of calls made and received by the customer, the frequency, duration, and timing of such calls, and the services purchased by the customer.

The FCC’s CPNI rules impose limitations on the use and disclosure of a customer’s CPNI. Among other things, carriers must take reasonable measures to safeguard CPNI, are restricted in their use or disclosure of such information to third parties, and must notify customers of security breaches involving CPNI.  Failure to comply with the CPI rules, including the annual certification requirement, may subject a company to an enforcement action, including monetary forfeitures of up to $160,000 for each violation or each day of a continuing violation, up to a maximum of $1,575,000.

The following is an overview of the elements that must be included in the FCC’s CPNI annual certification. Note that all of this information must pertain to the entire previous calendar year (2013):

  • an officer of the company must sign the compliance certificate;
  • the officer must affirmatively state in the certification that he or she has personal knowledge that the company has established operating procedures that are adequate to ensure compliance with the CPNI rules;
  • the company must provide a written statement accompanying the certification explaining how its operating procedures ensure that it is or is not in compliance with the CPNI rules (simply stating that the company has adopted operating procedures without explaining how compliance is being achieved does not satisfy this requirement);
  • the company must include an explanation of any actions taken against data brokers, or an affirmative statement that there were no such actions; and
  • the company must include a summary of all consumer complaints received in the prior year concerning unauthorized release of CPNI, or an affirmative statement that there were no such complaints.

The FCC has provided a suggested CPNI Certification Template to help companies ensure that their certifications contain all of the required information. Use of the template is not mandatory.

Do We Have a Right to Online Anonymity? Depends On Which Judge You Ask

Posted in Privacy & Data Security

The Edward Snowden leaks have forced Americans to question whether the government monitors their online activities.  But intelligence-gathering is not the only government threat to Internet privacy: plaintiffs in defamation cases are using court subpoenas to attempt to unmask Internet users’ identities.

In some seedy corners of the Internet, commenters use the veil of anonymity to utter vulgar, false, and damaging comments that they likely would never write if their names were attached.  Some defamation victims file lawsuits to mitigate the harm to their reputations.  Before they can collect damages, they must identify the defendant, and they typically accomplish this by issuing a subpoena to the defendant’s Internet Service Provider, seeking the defendant’s name and address.

Although these repulsive cases receive much publicity, they represent only a sliver of all anonymous online speech.  Online anonymity enables commenters to express unpopular political views, expose government corruption, and seek information about sensitive topics such as personal health.  Indeed, anonymous speech was the cornerstone of our nation’s founding, with the publication of the Federalist Papers under the pseudonym Publius.  Removing protections for anonymity would, to some degree, chill a form of speech that has been a bedrock of American democracy.

For more than a decade, state and federal judges have attempted to balance these competing interests as they determine whether the First Amendment protects the right to speak anonymously online.   Some courts require plaintiffs to demonstrate an exceptionally strong defamation case, and to satisfy numerous procedural requirements, before the courts will enforce subpoenas for the identity of anonymous Internet posters.  Other courts provide very little, if any, protection for online anonymous speech.

The issue came to a head in two recent defamation cases in the past month.  The Virginia Court of Appeals ordered Yelp to disclose the identities of seven users who wrote negative reviews of Alexandria, Va. carpet cleaning company.  Because the carpet cleaning company suggested that the reviewers were not actually customers, the court held that the reviewers’ identities were not protected under the First Amendment or state law.  The Court acknowledged that customers’ opinions on Yelp are generally protected opinion under the First Amendment, but reasoned that if “the reviewer was never a customer of the business, then the review is not an opinion; instead, the review is based on a false statement of fact—that the reviewer is writing his review based on personal experience.”

Also last month, a three-judge panel of the Michigan Court of Appeals granted a protective order that prevented a Warren, Mich. public works official from using court discovery to unmask the identities of people who anonymously criticized him on a local message board.   But the Michigan judges struggled to distinguish their decision from last year’s decision by another three-judge panel on the same court, which held that Michigan’s discovery rules, and not the First Amendment, apply to such requests.  In last week’s decision, the judges recognized the lack of concrete standards on this “complex and emerging” issue, and invited the state Legislature or Supreme Court “to consider anew this important question.”

Although the threat to anonymity is most commonly present in online defamation cases, it arises in other types of cases as well.  For instance, a federal magistrate judge in New Orleans recently granted a criminal defendant’s request to force the New Orleans Times-Picayune to provide identifying information about online commenters who had posted about a criminal investigation into the defendant.  The magistrate judge wrote that if the commenters was a Justice Department manager, “his or her identity might lead to the conclusion that there was a pattern, policy or practice of pre-indictment prosecutorial misconduct in the accusatory process material to Jackson’s defenses alleging violations of her due process rights.” The Times-Picayune has moved to quash the subpoena.

If one thing is clear, it is that there is no clarity.  State and federal courts will continue to issue a mish-mash of conflicting opinions that provide little consistency or certainty for online speech.  The U.S. Supreme Court, which is the final arbiter of all things constitutional, has not ruled the right to anonymous online speech.  The lower courts have been forced to guess the proper constitutional outcome based the Supreme Court’s most recent opinion on anonymous speech, a 2002 case involving a municipal requirement for door-to-door solicitors to display a permit that lists their name.

Eventually, the U.S. Supreme Court will have no choice but to provide a concrete guidance on whether the First Amendment protects anonymous online speech.  When it does, the justices should ensure that plaintiffs cannot use the court system to chill speech and suppress unpopular viewpoints.

Some plaintiffs have good reason to attempt to expose the identities of individuals who make revolting, untrue, and damaging comments online.  But these trolls are a vocal minority of online speakers.  Courts should not address these rare cases by eroding the First Amendment protections that have been vital to our nation’s political discourse for centuries.

—  Jeff Kosseff is a media and privacy associate at Covington & Burling LLP.  The views expressed are those of the author and not of the firm.

Journalists Nationwide Face Surge of Subpoenas in Federal and State Courts

Posted in Privacy & Data Security, Uncategorized

Reporters nationwide have faced a flurry of subpoenas in recent months, calling into question whether journalists can guarantee confidentiality to sources.  The repeated attempts to force journalists to reveal their confidential sources and other information about their newsgathering demonstrate the need for strong reporter “shield laws” on both the federal and state level.

Among some recent examples of attempts to force reporters to reveal information in federal court:

  • The lawyer for former Trenton, N.J. mayor Tony Mack, who is facing federal corruption charges, issued a subpoena to a reporter for the Trenton Times, to ask about the reporter’s interview of a co-defendant.
  • A military judge ordered CNN and CBS to release unaired interview footage as part of a Naval Academy midshipman’s court-martial on charges of aggravated sexual assault and false statements.
  • New York City’s lawyers subpoenaed a Village Voice reporter for recordings that he obtained as part of his investigation into New York Police Department’s manipulation of police reports.

These recent cases demonstrate that journalists face the constant threat of being forced to reveal confidential information in federal courts.   At the federal level, Congress has not yet enacted a shield law.  Last September, the Senate Judiciary Committee, in a 13-5 vote, approved a bill that would prevent federal prosecutors, agencies, and civil litigants from forcing journalists to reveal their confidential sources without court approval.  The Free Flow of Information Act (FFIA), sponsored by Sens. Charles Schumer, D-N.Y., and Lindsay Graham, R-S.C, would require anyone seeking confidential source information to exhaust alternative sources, demonstrate that the information is essential to the resolution of the matter, and would require a federal judge to conduct a balancing test to determine whether to allow a prosecutor or litigant to subpoena a journalist in federal court.  The bill now awaits a vote in the full Senate. 

Similarly, at the state level, prosecutors and litigants are also attempting to force journalists to reveal information about their reporting.  Among some recent examples:

  • The publisher and a reporter from The Edina Sentinel in Missouri received subpoena for information about their coverage of a murder trial. 
  • As part of an investigation into a shooting, a detective served a search warrant at the Daily Herald in Everett, Wash., seeking the identity of a person who posted a comment on the newspaper’s website.
  • A Missouri prosecutor issued a subpoena to a St. Louis Post-Dispatch reporter for testimony about a confrontation that the reporter allegedly witnessed in courthouse elevators.
  • The Union County, N.J. prosecutor subpoenaed a local blogger who writes critical articles about the county government, seeking the names of county employees who she alleged wrongly used the county’s generators after Hurricane Sandy.
  • Lawyers for a former water district official in Nevada, who is facing a criminal trial for misconduct of a public official, subpoenaed the Mesquite Citizen Journal for documents, computer hard drives, audio recordings, and videotapes.
  • A reporter in Philadelphia was subpoenaed by a civil plaintiff for information related to his ongoing coverage of a sex abuse scandal in the Philadelphia Catholic Church.
  • The lawyer representing the Texas Windstorm Insurance Association subpoenaed the Austin American-Statesman for notes, emails, and other unpublished information, as part of its defense of a civil lawsuit.  The lawyer later withdrew the subpoena after the newspaper announced plans to challenge it.

Because these subpoenas are in state courts, the federal shield law would not apply to these cases. But they are illustrative of the continued pressure that journalists face to reveal their sources.  Although most states provide some protection either through statute or common law, that protection is not absolute, and even if the subpoena violates the shield law, litigants and prosecutors may still attempt to issue it. 

–  The author, a media and privacy lawyer at Covington & Burling, represents a 70-member media coalition seeking passage of the FFIA.  The views expressed are those of the author and not of the firm.