Posted on November 25, 2009 by Adam Snukal

FDA Seeks to Understand Social Media

Earlier this month, the Food and Drug Administration (FDA) held public hearings to better understand the role of, and the risks associated with, the promotion and marketing of FDA-regulated products using the Internet and social media. The last such hearing of this kind (which focused solely on the Internet) was organized by the FDA in 1996; and with a very different landscape before them, the FDA felt it was time to invite several of the industries’ players back to D.C. for another chat.

Of key concern to the FDA during the recent hearings were: (1) how can drug companies safely and effectively advertise on the Internet and via social media, and (2) how best can drug information and health side-effects be disclosed and managed in a social media context. This is no surprise, as FDA appears ready to develop a framework through which it will apply product advertising and promotional labeling statutory provisions and regulations to these communications. 

At the outset, both the FDA and its invited speakers, which included representatives from Eli Lilly, sanofi-aventis, Pharmaceutical Research and Manufacturers of America (PhRMA), Pfizer, Google, Yahoo and others, all agreed that the Internet and social media present both new opportunities and unique challenges, as compared with traditional promotional labeling and print, or broadcast advertisements. Today, drug companies have a greater ability to optimize their message and respond more quickly/more effectively to developments in the marketplace. On the other hand, everyone questioned how much control these same companies are expected to exercise over the enormous magnitude of user-generated content that is found across the Internet. As one presenter described the current landscape, “The industry’s share of voice on the Internet – especially the social media part of the Internet – is rapidly being dwarfed.” 

The prevailing view seemed to indicate a willingness and acceptance that drug companies should be responsible and held accountable for any content located on their corporate websites and on third-party sites (Facebook, Twitter, etc.) over which they exert or influence control. These same companies should not, however, be held responsible for content on third-party sites over which they have no control or influence. Along this line of thinking, online pharmaceutical-marketing expert John Mac of Pharma Marketing News, suggested that the FDA take the unprecedented step of requiring that drug manufacturers put “tags” on their Twitter posts in order to monitor and potentially censor discussions about specific products.

Another concern that was raised in the context of user-generated content across the Internet is the reliability and trustworthiness factor of information that is widely available on sites ranging from corporate websites to blogs to Wikis. PhRMA, among others, suggested the creation of an FDA-approved logo or seal of approval that could be affixed to a particular website, link, or even an information set that is presented on a third-party site. The seal would indicate that the FDA has reviewed and approved the information in question.

A focal point for the hearings was the issue of adverse events. Simply put, drug companies have a legal obligation to disclose adverse events that are brought to their attention in certain situations, even after the drug has been approved by the FDA and released to the market. Two specific issues arose on this topic:

  • Manufacturers were genuinely reluctant and hesitant to create a presence for themselves within the social media universe in order to avoid learning about potential adverse events associated with their drugs. Although the FDA has established guidelines and steps that must be followed by both consumers and health care professionals to report adverse events, there was still concern expressed that a manufacturer could suffer consequences by ignoring or refusing to investigate adverse events that it learns about through social media.
  • Both the speakers and the FDA alike uniformly acknowledged that the medium (i.e., the Internet) and its advertising vehicles (i.e., banners, paid search links, etc.) lend themselves to lesser rather than more disclosures. Hence, these same companies were concerned about how best to present and disclose these potential adverse events and other risks, and avoid running afoul of their reporting requirements, considering so little FDA guidance exists within this area at the current time.  

Thomas Abrams, Director of the FDA’s Division of Drug Marketing, Advertising and Communication, concluded the hearing by acknowledging the FDA has much work to do to further understand and institute guidelines for the promotion of FDA-regulated products on the Internet and social media sites. 

Why This Matters

If Facebook were a country, its user base would make it the fourth-largest country in the world. The number of users participating in some form of social media interaction is increasing at explosive rates day-by-day. Social media has quickly become an environment in which all manner of communication, information sharing and commerce exists. Although drug companies, large and small, are eager to embrace and engage this environment, many have largely avoided using social media out of fear that its use may result in FDA enforcement action. However, the pressure to adopt social media despite this risk continues to increase as competition grows and more consumers adopt these communication tools.

FDA’s social media hearing was a welcome relief to many. It provided industry leaders and stakeholders an opportunity to take an early lead in contributing to the FDA’s emerging policy on Internet advertising and promotional labeling. FDA is accepting public comments until Feb. 28, 2010 on specific questions it posed to the public (FDA Docket No. FDA-2009-N-0441) (74 Fed. Reg. 48083 (September 21, 2009). With the advent of these meetings, and the likelihood that FDA will begin to apply advertising standards to Internet communications in a more consistent manner – and perhaps continue to engage the industry throughout 2010 and beyond – drug companies should begin to think about and act on: (1) any FDA requests for industry input and guidance on social media and industry regulations; and (2) the creation of social media policies and procedures covering everything from employee do’s and don’ts to the management of adverse event information that surfaces through user-generated content. Companies should also be developing strategies to deal with misinformation about their drugs that they become aware of on blogs and Wiki’s. Lastly, companies must continually keep current on positions, approaches and policies taken or instituted by the FDA.

For more information on contemporary legal issues in social media, including many of the points raised above, we encourage you to download our White Paper entitled, “Network Interference: A Legal Guide to the Commercial Risks and Rewards of the Social Media Phenomenon.

For a detailed analysis of the recommendations and themes raised at FDA’s hearings, please see the Reed Smith Life Sciences Legal Update Blog.

Tags: , , ,
Posted on October 30, 2009 by Adam Snukal

Facebook Catches a Big Phish

Once again, that truism that old habits die hard has been substantiated. The U.S. District Court of Northern California just awarded Facebook a $711 million judgment against the self-described “spam king,” Sandford Wallace, for violating the CAN-SPAM Act. The CAN-SPAM Act establishes the rules for sending commercial emails and bans “false and misleading” marketing emails. 

Wallace and two others were sued by Facebook in February, alleging they used various phishing sites, technologies and other means to gain unauthorized access to Facebook users’ accounts, and then used those same accounts to distribute SPAM throughout Facebook’s network. Specifically, Facebook asserted that Wallace had used the site to induce members to click on messages that appeared to be legitimate, but were actually designed to capture personal information.

Judge Jeremy Fogel wrote in his order, “The record demonstrates that Wallace willfully violated the statutes in question with blatant disregard for the rights of Facebook and the thousands of Facebook users whose accounts were compromised by his conduct.” In addition to the aforementioned monetary judgment, Wallace has been permanently prohibited from accessing or using Facebook, or from creating a Facebook account.

Along with Wallace’s violation of the CAN-SPAM Act, Judge Fogel noted that Wallace “willfully violated” a temporary restraining order and preliminary injunction issued earlier in the case against accessing Facebook. The court referred this matter to the U.S. Attorney’s Office for criminal prosecution.

You may recall Wallace’s name being mentioned in the past in the context of anti-spam and/or CAN-SPAM violations. Wallace was a defendant in a similar case in 2008 in which he was ordered to pay MySpace $234 million for similar violations. He was also the target of the FTC in a suit brought in 2006, in which he was fined $4 million after the FTC accused him of running an operation that infected computers with software that caused flurries of pop-up ads, known as “spyware.”

Why This Matters

Interestingly, this not the largest CAN-SPAM award. That honor also belongs to Facebook, who in November 2008 won an $873 million victory against Adam Guerbuez and Atlantis Blue Capital. In all earnest, Facebook realizes the likelihood of enforcing its judgment is remote at best. In fact, Facebook’s lead counsel for litigation and intellectual property remarked on a Facebook blog post: “While we don’t expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals. This is another important victory in our fight against spam.”

However, this case proves, once again, that even in a dynamic and evolving landscape such as social media, fundamental legal principles, rules and regulations still apply, and have an excellent chance of being enforced by the courts around this country.

Tags: , , ,
Posted on August 3, 2009 by Adam Snukal

Your Medical Information; Just A Mouse Click Away - From Hackers?

It's our pleasure to provide you with a link to an article written by Joe Rosenbaum that recently appeared on our sister-blog, Legal Bytes, describing yet another controversy over Facebook's User Policy.

Tags: ,
Posted on June 19, 2009 by Adam Snukal

Reed Smith's Advertising, Technology, & Media Teleseminar: Facebook Personalized URLs - A Titanic Opportunity for Brands, or the Tip of an Iceberg?

Facebook announced last week the availability of a personalized Facebook URLs for individual profiles, e.g., www.facebook.com/[your name].

As discussed in our June 12 Client Alert, "Just When You Thought You Were Too Old for Facebook," this latest offering from Facebook raises serious issues—issues that are typically encountered when technology collides with traditional intellectual property laws intended to protect trademarks and brand names.

Much like the confusion and abuse that proliferated when cybersquatting became rampant over the ownership and administration of domain names, we now have social networks and service providers allowing users to generate content and offering customized http://www.thecompany.com/YOURNAMEHERE URLs within their own domains in a digital and borderless world.

Significantly, the promotional momentum created by Facebook's offer has caused every astute brand and trademark owner to ponder whether they should be in a rush to register their personalized URL on Facebook, or let it ride and deal with potential infringements when—and if—they occur!

While it can be stimulating to consider whether the intellectual property laws have kept up with the Internet, you need practical guidance and insightful approaches to these problems today. The Media & Entertainment Industry Team and the Advertising Technology & Media Law Group at Reed Smith have put together a teleseminar to help you understand the issues, formulate an approach, and make informed decisions. Join us for this informative one-hour teleseminar on Tuesday, June 23 at 12 p.m. EDT with partners Doug Wood and Joe Rosenbaum

UPDATE:  To view the seminar's PowerPoint presentation, please click here.

Tags: , , , ,
Posted on June 12, 2009 by Douglas J. Wood

Just When You Thought You're Too Old for Facebook

Earlier today, you may have received numerous memos from law firms and bloggers anxious to respond to the announcement by Facebook that Facebook is allowing trademark owners to notify Facebook of their IP rights through use of a special electronic form. The purpose is to allow trademark owners to record their IP rights in advance of Facebook allowing its users to register personalized Facebook URLs. While we applaud advising clients and friends of issues, we think the matter is considerably more complicated than previous briefs and hasty reports may indicate. As is so often the case, the devil is in the detail and this memorandum provides a deeper look at the process and related issues before undertaking Facebook’s new program to record trademark.

Facebook Announcement

On Tuesday, June 9, Facebook, Inc., the popular social networking website, announced that on Saturday, June 13th at 12:01 a.m. U.S. EDT, it will allow Facebook users, subject to certain criteria and qualifications, to create personalized URLs for their pages on Facebook. By way of example, John Smith will be able to register "Facebook.com/johnsmith." Currently, a user’s Facebook URL consists of the Facebook.com URL followed by a random series of numbers, e.g., facebook.com/profiles.Php?349485).

Whenever users can register any name on the Internet, however, it raises infringement issues under federal and state trademark and related intellectual property laws, particularly for owners of well know brands. Any registration process creates fears of cybersquatting or other attempts to hijack trademarks and brand names. Sometimes these fears are real; other times they are not.

What Trademark Owners Need to Know

Facebook has responded to concerns trademark owners in several ways. Here’s what you need to know:

  • Facebook has created an online form for use by registered trademark owners (whether Facebook users or not) to record their trademarks and thereby notify Facebook of their IP rights, at least in the first instance, to prevent others from using their trademarks in their personalized URL. For example, if a company had a registered trademark for, e.g., Robert Hall for shoes, by registering the mark with Facebook, it could prevent someone else from registering Facebook.com/roberthall, although it is unclear whether a registration protects only the exact trademark as opposed to variations. While the FAQs indicate user names are not case sensitive, that does not necessarily mean every variation of a trademark is protected by recording a claim.
  • Regrettably, Facebook has given trademark owners only a couple of days to notify Facebook of their IP rights. If a trademark owner has not done so by end of day, Friday, June 12, anyone else can potentially register a personalized Facebook URL using the brand owner's trademark.
  • The new form can be found here.
  • Facebook has also provided FAQs here.
  • The notification process applies only to registered trademarks. At present, it appears that a trademark owner can only submit a registration based on a United States registration, as that number is used for the account number. While state and foreign registrations and pending applications have not been specifically addressed, presumably any registration number in the field of the form will suffice. But there must be an official registration number. Common law claims are not covered. A trademark owner must also complete a separate form for each trademark, which could prove to be a significant undertaking for a company that has a significant portfolio of trademarks. And what if other social networking sites adopt similar provisions?
  • Facebook is limiting the June 13 URL registration to individual users who already had a user profile page prior to the June 9th announcement and to Facebook Pages (these are the Facebook pages owned by businesses, public figures, brands and artists) that were live prior to May 31, 2009 that had at least 1,000 fans at that time. If your Facebook account does not meet these requirements, you have to wait until June 28th to register a personalized URL using a trademark or brand name.
  • Facebook also has a procedure and a form for notifying Facebook of alleged infringements of a non-copyright nature such as trademark infringement or rights of publicity. Presumably, this form can be used in lieu of the new form but will apply only after an infringement has occurred. This form is available at here.
  • Note that copyright infringement allegations are directed to a separate Digital Millennium Copyright Act form for users to complete.
  • Facebook users can sign up for only one username for their Facebook page and profile. Once selected, the username cannot be changed or transferred to third parties. If a user cancels an account, the associated URL will not be available as a new Facebook URL. Users will also not be permitted to register generic terms as usernames. Facebook reserves the right to remove or reclaim a username at any time and for any reason. Facebook hopes these restrictions will help to prevent the trafficking in usernames and leaves a remedy open even where a trademark owner has failed to record its claim with the new form.

The $64,000 Question

If you are a trademark owner, should you record your trademark claim through use of the new form or wait to assert claims as alleged infringements occur? This is not an easy question to answer.

By failing to record its claim, a trademark owner does not waive any rights to its intellectual property otherwise provided by law. Failing to record a claim simply means that a trademark owner may have to enforce its intellectual property rights after an infringement has occurred as opposed to preventing it prior to use.

However, it is unclear whether using the new form to notify Facebook of IP rights subjects the trademark owner to the Facebook general terms of use (referred to by Facebook as the “Statement of Rights and Responsibilities”) should the trademark owner have any issues with Facebook regarding to the processing and enforcement of its claim to a trademark.

For example, the Facebook terms of use provide that venue for any claims or disputes against Facebook are vested exclusively in the courts in Santa Clara County, California. Absent consent to such venue, a trademark owner could proceed against Facebook in virtually any jurisdiction in the United States, including the trademark owner’s home state. Whether that is an advantage or not is debatable, but it is an unresolved issue. Other provisions in Facebook's terms of use may also be problematic for some trademark owners.

Before deciding to undertake notifying Facebook of IP rights, however, a trademark owner should also consider the likelihood of someone hijacking its marks. Moreover, while the initial notification (and even later registration of a personalized URL) is free, it remains unclear whether Facebook will seek to monetize the offering in the future.

On the other hand, if a brand already has a Facebook Page (or knows that it will soon create one), then it is already (or will be) subject to the Facebook terms of use. Under such circumstances, notifying Facebook of IP rights through the new form may be the easiest means of avoiding a needless intellectual property battle that will most certainly cost more than the time spent completing a form.

The Evolution of Social Media

Facebook is adding another dimension to social networking -- allowing personalization of pages while seeking to develop mechanisms to deal with brands and brand owners. But Facebook users interact with brands as well as people. The personalized URL launch is another example of the collision of social media interaction and intellectual property protection. While Facebook’s latest offering may be the next evolutionary step forward, it may also be a passing fad. Time will tell. But one thing is certain:

If you are a brand owner with trademark registrations, you need to consider all of the issues before blindly jumping on anything that appears simple and easy but may be more costly than first meets the eye.
Tags: , , , ,
Posted on February 24, 2009 by Adam Snukal

Facebook Makes a U-Turn

On Feb. 4, 2009, Facebook decided to change (aka “update”) its Terms of Use Policy. The new policy provided, essentially, the right of Facebook to continue using a user’s data even once he/she left the service. The following is an excerpt from Facebook’s current Terms of Use Policy:

You hereby grant Facebook an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to (a) use, copy, publish, stream, store, retain, publicly perform or display, transmit, scan, reformat, modify, edit, frame, translate, excerpt, adapt, create derivative works and distribute (through multiple tiers), any User Content you (i) Post on or in connection with the Facebook Service or the promotion thereof subject only to your privacy settings or (ii) enable a user to Post, including by offering a Share Link on your website and (b) to use your name, likeness and image for any purpose, including commercial or advertising, each of (a) and (b) on or in connection with the Facebook Service or the promotion thereof.

The change that caused the uproar, however, was the deletion of the following, which appeared at the end of the aforementioned section: “You may remove your User Content from the Site at any time. If you choose to remove your User Content, the license granted above will automatically expire, however you acknowledge that the Company may retain archived copies of your User Content.”

Interestingly, Facebook’s amended policy went largely unnoticed until the popular consumer rights advocacy site, Consumerist.com, brought these changes to light.

This has sparked a very interesting debate on data ownership, and one that Facebook for now has decided to avoid as it backed down last week and reverted to its previous Terms of Use. According to Mark Zuckerberg, founder and CEO of Facebook, “Going forward, we’ve decided to take a new approach towards developing our terms. We concluded that returning to our previous terms was the right thing for now.”

While the arguments supporting why a user should have the right to control his/her data and information are both persuasive and intuitive, one must also consider the “reality” of the situation. For example, Facebook currently boasts a user base of approximately 175 million users around the world. Without having first-hand knowledge of Facebook’s IT policies and protocol, presumably a user’s data is stored across multiple networks and servers that are backed up regularly. Is it even possible for Facebook to delete all of a user’s data when he/she leaves Facebook? It is reasonable to demand that Facebook undertake a search and destroy mission for each departing user by deleting his/her data from each and every server that ever touched such data (including each back-up server), and then scrub the same servers to ensure that the deleted data can never be recovered? Moreover, if a user elects to leave the service without deleting his/her information, should Facebook then be required to do so?

Furthermore, social networking sites like Facebook are designed for data sharing between users—hence the term “social network.” Is it reasonable to expect Facebook to comb through millions of user pages to hunt down data that must be deleted and purged when a user leaves the service? Perhaps the changes reflected above were merely intended to address rights-clearance issues and to protect and insulate Facebook against claims from old users.

Whichever position one wishes to take in this debate, two points are certain: one, the reaction to Facebook’s changes to its Terms of Use reflects a much wider issue about user data, who owns the personal information, and what should happen to it if a user decides to leave a service; and two, the industry will be keen to see what Facebook decides to do next.

Tags: , , , ,