The American Intellectual Property Law Association (AIPLA) will host its annual Trade Secret Law Summit at the American Express Company in New York City’s Financial District on March 21-22, 2019.

Seyfarth is a proud sponsor of the Summit, at which partners Erik Weibust (Vice Chair of AIPLA’s Trade Secret Law Committee) will be speaking on Protection of Trade Secrets in the Social Media Era,  and moderating a panel on Trade Secrets and Restrictive Covenants in the Financial Services Industry, on which Scott Humphrey will be speaking.  Other Seyfarth attendees will include James Yu, Jeremy Cohen, and Dawn Mertineit.

We hope you can join us there.  For more information and to register, please click here.

Seyfarth Shaw Partner Erik Weibust and Associate Alex Meier published a Law360 article about trade secret protections related to social media. Weibust and Meier discuss risks employers face when employees access social media accounts, as well as some e-discovery considerations for social media. To learn more, check out “Trade Secret Protection and Social Media: A 5-Year Update” from Law360 here.

There is no denying that social media continues to transform the way companies conduct business. In light of the rapid evolution of social media, companies today face significant legal challenges on a variety of issues ranging from employee privacy and protected activity to data practices, identity theft, cybersecurity, and protection of intellectual property.

Seyfarth Shaw is pleased to provide you with the 2017–2018 edition of our easy-to-use guide to social media privacy legislation and what employers need to know. The Social Media Privacy Legislation Desktop Reference:

  • Describes the content and purpose of the various states’ new social media privacy laws.
  • Delivers a detailed state-by-state description of each law, listing a general overview, what is prohibited, what is allowed, the remedies for violations, and special notes for each statute.
  • Provides an easy-to-use chart listing on one axis the states that have enacted social media privacy legislation, and on the other, whether each state’s law contains one or more key features.
  • Offers our thoughts on the implications of this legislation in other areas, including trade secret misappropriation, bring your own device issues and concerns, social media discovery and evidence considerations, and use of social media in internal investigations.
  • Concludes with some best practices to assist companies in navigating this challenging area.

How To Get Your Desktop Reference

To request the 2017–2018 Edition of the Social Media Privacy Legislation Desktop Reference as a pdf or hard copy, please click the button below:

In Seyfarth’s final webinar in its series of 2017 Trade Secrets Webinars, Seyfarth attorneys Justin Beyer, Dawn Mertineit, and Ryan Behndleman presented Protecting Trade Secrets in the Social Media Age. The panel focused on how to define and protect trade secrets on social media.

As a conclusion to this well-received webinar, we compiled a summary of takeaways: Continue Reading Webinar Recap! Protecting Trade Secrets in the Social Media Age

Social media and related issues in the workplace can be a headache for employers. There is no denying that social media has transformed the way that companies conduct business. In light of the rapid evolution of social media, companies today face significant legal challenges on a variety of issues, ranging from employee privacy and protected activity to data practices, identity theft, cybersecurity, and protection of intellectual property.

On September 28th at 12:00 p.m. Central, in Seyfarth’s fifth installment in its Trade Secrets Webinar Series, Seyfarth attorneys Justin Beyer, Ryan Behndleman, and Dawn Mertineit will discuss the relationship between trade secrets and social media.

The panel will specifically address the following topics:

  • The interplay between social media privacy laws and workplace investigations and how developing internal company policy and/or contracts can protect company assets
  • Defining, understanding, and protecting trade secrets in social media
  • How courts are interpreting ownership of social media accounts and whether social media sites constitute property
  • How to prevent trade secret misappropriation or distribution through social media channels
  • The interplay between protection of company information and ownership of company accounts in the social media age

Please join us for this informative webinar.

Season’s Tweetings

In the first UK high court decision on tweeting, the Employment Appeal Tribunal has held that dismissal of an employee for offensive posts on his private twitter account could potentially justify termination under the UK’s unfair dismissal rules.

The employee was dismissed after a colleague raised an anonymous complaint about the content of his tweets. The Court held that termination of an employee for offensive comments on his social media account could fall within the ‘range of reasonable responses’ open to employers.  The employee’s right to freedom of expression needs to be balanced against the employer’s concern to protect its reputation.

To decide whether termination was justified, UK Employment Tribunals will look at the entire picture, including:

  • Was the twitter account relevant to the employee’s role? In this case, the employee used the twitter account in his role as an internal investigator, to monitor the posts of other employees.
  • Was the twitter account genuinely private? If it linked the employee to the employer, or was followed by a number of work colleagues or customers, it may not be seen as private.
  • Did the employer’s social media policy or disciplinary rules make clear that offensive twitter posts could result in discipline, up to and including termination?
  • Is there evidence of actual damage to the employer’s reputation, such as complaints from customers or wider publicity?

This case extends the principles already applied to Facebook comments, as in the case of Apple v Crisp where termination was justified for an employee who criticized Apple’s products on Facebook in breach of a clear internal policy.

[Game Retail Ltd v Laws]

 

As the social media landscape continues to evolve rapidly, Trading Secrets is committed to keeping pace with this evolution in order to provide the most value for our readers. Regular blog contributors Erik Weibust and Dawn Mertineit, both attorneys in Seyfarth’s Trade Secrets Practice, serve as the Trading Secrets “social media directors” and will be actively monitoring the social media outlets for the blog, including Twitter, Facebook, Google+, Tumblr, YouTube, and LinkedIn.

We will continue to educate about news and legislation relating to trade secrets, non-competes, computer fraud, privacy and social media. Through our social media accounts, Erik and Dawn engage directly with influencers in our industry/area of expertise, share content with them, and stay active in conversations through various social media platforms — all with a focus on sharing items that are of value to our audience. We encourage our readers to engage in the conversation as well!

Social media clearly has numerous uses and benefits, as hundreds of millions of users worldwide can attest. From connecting with a long lost friend, to marketing a new product or service, to organizing a high school reunion or even an uprising in the Middle East, social media has become a ubiquitous part of our lives. But its rapid proliferation comes with risks.

In addition to the hazards to individuals on which the media regularly reports — invasion of privacy, harassment, bullying and the like — the increased risks to employers are just as compelling, albeit perhaps not as sensational. Most employers today have implemented social media policies that govern such things as if and when employees may access social media during the workday and appropriate uses thereof, but many companies fall short in protecting their trade secrets and customer relationships or goodwill.

Employees, especially younger ones, may unwittingly put their employers at risk simply by connecting with customers and/or vendors on LinkedIn, or by boasting about their latest achievements on Facebook or Twitter. Or they may be using social media intentionally to solicit customers or employees after termination.

As the line between business and personal information becomes increasingly blurred, employers must be cognizant of the risks inherent with the increased use of social media and take affirmative steps to protect their trade secrets and customer relationships before it is too late. Once a trade secret has been disclosed, its protections cannot be recovered; and once a customer leaves, he or she may never return.

 Setting Expectations

The most basic step that any employer should take to protect itself is to set expectations for its employees. In addition to creating the kind of culture where employees want to be protective of their employer, this can be accomplished by implementing policies that limit what employees are permitted to post on social media, and the security or privacy measures that must be put in place if they do so.

For instance, subject to the strictures of the National Labor Relations Act, employees should not be permitted to comment publicly on confidential projects or issues, even if they believe it is only to their “small” group of friends. While this is universally true, any policy should explicitly reference social media. Moreover, if employees are permitted to connect with customers and vendors on LinkedIn, their list of contacts should be set to private so that other LinkedIn users cannot view them. This type of policy is the building block for all others, and it isn’t enough simply to have such a policy in place; it must clearly and repeatedly be explained to employees, and perhaps even be the subject of an annual training.

While most employers have confidentiality and nondisclosure policies and agreements in place, they oftentimes do not specify that customer contact information, preferences, and the like that are maintained on LinkedIn and other social media sites fall within the strictures thereof. These policies and agreements should require that such information be deleted immediately from the employees’ accounts if they leave the company for any reason (just as hard copy customer lists must be returned or destroyed).

Although potentially difficult to enforce on their own, absent evidence of misappropriation or improper solicitation, policies such as this can influence a court’s opinion of a noncompliant former employee and add support to a request for injunctive relief should litigation be initiated. Of course, one purpose of these policies is to set clear expectations so as to avoid the need for litigation in the first place.

Who “Owns” Social Media?

Once employee expectations are established, the next thing an employer should do is assert an ownership interest over social media accounts and content, even if that content is already identified as confidential and must be deleted when the employment relationship ends. Few courts have addressed the issue of who “owns” social media. It is a difficult issue because accounts are often free and employees have already joined at the time of hire. Employers should, at the very least, have policies in place that inform employees that the company owns any content that was developed on the job or using the employer’s resources or confidential information.

For instance, the policy should be clear that customer information and goodwill are the company’s property even if posted on an employee’s LinkedIn account. (This policy must go hand in hand with the confidentiality policies discussed above or it will be ineffective.) There will always be disputes over whose goodwill it actually is, and social media ownership policies will certainly not be enforced by every court under every set of circumstances, but it is better to implement such a policy than face the risks of not doing so.

Last year, in Eagle v. Morgan, a federal court in Pennsylvania ruled that a company could not assume its former CEO’s LinkedIn account after she was terminated because although the company had expressed “an intense interest in the issue involving ownership of LinkedIn accounts,” it was clear that on the date the CEO was terminated “no policy had been adopted to inform the employees that their LinkedIn accounts were the property of the employer.” Had the company implemented such a policy, the outcome may have been different.

On the flip side, in Ardis Health LLC v. Nankivell, a federal court in New York ruled that a former employee must turn over the login, password and other access information to several websites, blogs, and social media pages that she had created and maintained for her former employer, because the employee had signed an agreement at the outset of her employment that all work created or developed by her “shall be the sole and exclusive property of [the employer], in whatever stage of development or completion,” and that she must return all confidential information upon request. The existence of such an agreement in this instance protected the company.

Where there is no policy or agreement, a court may leave the question of ownership to a jury, which is not a good result for employers, as jurors will not want to believe that their employers can appropriate or monitor their social media accounts. In PhoneDog v. Kravitz, a federal court in California denied a former employee’s motion to dismiss claims by his employer, alleging that the former employee unlawfully continued using the company’s Twitter account after he quit. There was no policy or agreement in place in this case, and the ultimate outcome will necessarily turn on who actually owns the Twitter account.

Similarly, in Christou v. Beatport LLC, the plaintiff claimed that a former employee misappropriated its trade secrets, including login information for profiles on MySpace and lists of MySpace “friends.” The defendants argued that a list of MySpace friends “is broadcast to the public via the Internet and thus cannot be considered a trade secret.” A federal court in Colorado denied the defendant’s motion to dismiss, holding that whether the information was a trade secret is a factual issue, but opined that:

Social networking sites enable companies … to acquire hundreds and even thousands of “friends.” These “friends” are more than simple lists of names of potential customers. “Friending” a business or individual grants that business or individual access to some of one’s personal information, information about his or her interests and preferences, and perhaps most importantly for a business, contact information and a built-in means of contact. Even assuming that employees generally knew the names of all of the “friends” on [the former employer’s] MySpace pages, it is highly unlikely, if not impossible, that employees knew the contact information and preferences of all those on the “friends” list from general experience.

This is an evolving area of law, and information that was protectable 10 years ago may not necessarily be protectable today.

In Sasqua Group Inc. v. Courtney, a federal court in New York ruled that LinkedIn connections and Facebook relationships with clients cultivated by a former employee were not trade secrets belonging to the firm because although that information “may well have been a protectable trade secret in the early years of [the company’s] existence when greater time, energy and resources may have been necessary to acquire the level of detailed information to build and retain the business relationships at issue … for good or bad, the exponential proliferation of information made available through full-blown use of the Internet and the powerful tools it provides to access such information [now] is a very different story.”

While this case is a classic example of bad facts making bad law, having policies in place at the very least sets expectations for employees, and at best it could carry the day in court.

Beware of Overreach

When implementing policies and agreements related to social media, employers must beware not to infringe upon employees’ rights under state or federal law, including the National Labor Relations Act, which safeguards employees’ right to engage in “protected concerted activities,” Additionally, many states have now enacted or proposed some form of social media privacy laws, some of which prohibit employers from requiring employees or applicants to disclose login information to social media accounts and retaliating against those who refuse to do so.

Employers must also ensure that their own conduct does not run afoul of any laws, including the federal Stored Communications Act, which prohibits the unauthorized access of electronic communications and has been applied to social media. Earlier this year, in Ehling v. Monmouth-Ocean Hospital Service Corp., a federal court in New Jersey held that an employee’s Facebook posts were protected by the Act because she had configured her privacy settings to restrict posts to her “friends” (but found that the employer had not violated the act by viewing the employee’s wall, because a co-worker, who was one of her Facebook friends, showed the post to their employer).

Similarly, in Maremont v. Susan Fredman Design Group Ltd., a federal court in Illinois refused to grant summary judgment to an employer on claims brought by an employee alleging that it had illegally accessed her Twitter and Facebook accounts while she was on medical leave, finding that there were factual disputes as to whether the employer exceeded its authority in accessing those accounts.

Legal issues aside, most employers do not want to create a culture where their employees are constantly in fear of being monitored, which will harm morale and decrease loyalty. This can have the exact opposite effect of what the policies are intended to promote, as disgruntled or disloyal employees are the most likely to take actions harmful to the company.

What Constitutes Solicitation on Social Media?

Regardless of what policies and agreements are implemented, employers must typically still establish that a former employee misappropriated trade secrets and/or improperly solicited customers or employees to obtain relief. The lines are not as clear as they were in the past, however. Does “friending” a customer on Facebook constitute solicitation? Updating one’s LinkedIn account to identify a new employer? Tweeting how great a new employer’s product or service is? These questions largely remain open and have not been addressed in most jurisdictions.

In fact, recent research has uncovered no published decisions in the employment context regarding what constitutes improper solicitation using LinkedIn, the most prolific business-centric social media site that has more than 225 million users worldwide.

However just last month, a Massachusetts court issued an unreported decision in KNF&T Staffing Inc. v. Muller, holding that updating a LinkedIn account to identify one’s new employer and to list generic skills does not constitute solicitation. In this rather narrow decision, the court did not address whether a LinkedIn post could ever violate a restrictive covenant, and several other cases involving this issue settled before it could be resolved.

Outside of the employment context, the Court of Appeals of Indiana, in Enhanced Network Solutions Group Inc. v. Hypersonic Technologies Corp., held that a nonsolicitation agreement between a company and its vendor was not violated when the vendor posted a job publicly on LinkedIn and an employee of the company applied and was hired for the position, because all major steps that led to the employment were initiated by the employee.

In the context of Facebook, a Massachusetts court ruled in Invidia LLC v. DiFonzo that a hairstylist did not violate her nonsolicitation provision by “friending” her former employer’s customers on Facebook because “one can be Facebook friends with others without soliciting those friends to change hair salons, and [plaintiff] has presented no evidence of any communications, through Facebook or otherwise, in which [defendant] has suggested to these Facebook friends that they should take their business to her chair.”

Likewise, in Pre-Paid Legal Services Inc. v. Cahill, a former employee posted information about his new employer on his Facebook page “touting both the benefits of [its] products and his professional satisfaction with [it]” and sent general requests to his former co-employees to join Twitter. A federal court in Oklahoma denied his former employer’s request for a preliminary injunction, holding that communications were neither solicitations nor impermissible conduct under the terms of his restrictive covenants.

In sum, common sense continues to reign supreme in determining what constitutes solicitation in the age of social media, and if it looks, tastes and smells like solicitation, it probably is. Nevertheless, it is imperative that employers protect their trade secrets and goodwill by setting clear expectations and implementing policies and agreements that clearly express those expectations and provide a means by which to enforce them if necessary.

In dismissing a claim for violation of Fourth Amendment rights, the United States District Court for the District of Nevada in Rosario v. Clark County School District, No. 2:13-CV-362, 2013 U.S. Dist. LEXIS 93963 (Nev. Jul. 3, 2013) recently became the latest court to hold there is no reasonable expectation of privacy in Twitter tweets.

This case arises out of plaintiff Juliano Rosario’s tweets about his high school’s basketball team. Juliano tried out for the team in his senior year, but was initially cut. After his father protested the cut, Juliano was eventually given a spot on the team. Immediately following the final game of the season, Juliano made numerous sexually and racially offensive tweets about several school officials, including coaches and the athletic director. The school disciplined Juliano for “cyberbullying” after learning of the offensive tweets. Juliano and his father then filed a 10-count complaint against the school district and six of its employees alleging, among other things, that the defendants (the school district and several officials) violated Juliano’s Fourth Amendment rights by searching his Twitter account.

In ruling on the defendants’ motion to dismiss the Fourth Amendment claim, the Court recited Supreme Court precedent providing that a person has a constitutionally protected reasonable expectation of privacy when that person has both a subjective expectation of privacy and that expectation is one that society recognizes as reasonable. The plaintiffs argued that Juliano had such a reasonable expectation of privacy in his tweets. The Court disagreed and explained that Twitter has two privacy settings: (1) “private,” where tweets can arguably only be read by a tweeter’s “followers”; and (2) “public,” where tweets can be read by anyone. The Court reasoned that tweeters using the “public” setting intend that anyone who wants to read the tweet may do so, and there can therefore be no reasonable expectation of privacy. The Court opined that tweeters using the “private” setting have a “more colorable argument about the reasonable expectation of privacy in his or her tweets,” but nevertheless held that such users are still “disseminating [] postings and information to the public, [and] they are not protected by the Fourth Amendment.” United States v. Meregildo, 883 F. Supp. 2d 523, 525 (S.D.N.Y. 2012) (relating to Facebook posts).

For purposes of ruling on the defendants’ motion to dismiss, the Court assumed as true the plaintiffs’ allegations that Juliano’s Twitter account was “private,” and not “public.” The Court nevertheless concluded that Juliano had no reasonable expectation of privacy in his tweets, and that there was no Fourth Amendment violation when the school accessed his tweets through a follower’s account after that follower gave the tweets to school officials. The Court concluded that it is well-established that a person who shares information with a third party takes the risk that that third party will share it with the government, and that the same logic applies in the social media context.

This decision may also help support the notion that social media followers may not constitute protectable trade secrets. (See also our previous blogs regarding trade secret protection for followers on Twitter, MySpace, and LinkedIn).

Did you think Facebook was just for “likes” and “status” updates? Think again! A federal district court in New York recently tackled the issue of service of process via social media head on, permitting service via Facebook as a backup means of service for serving foreign defendants.

In the case of Federal Trade Commission v. PCCare247, Inc., the Federal Trade Commission (“FTC”) sued multiple defendants, including five based in India. The foreign defendants included two businesses and three individuals. According to the FTC, the defendants had violated certain provisions of the Federal Trade Commission Act by developing a business to deceive American consumers into fixing non-existent computer problems. The FTC had already secured a temporary restraining order against the defendants, which enjoined specific business practices and froze some of the defendants’ assets.

Each defendant had been provided with the summons, complaint, and related court documents by email to their last known addresses, by Federal Express (“FedEx”), and by personal service through a process server. FedEx had confirmed delivery for some of the defendants, and the process server had confirmed delivery to all defendants.

The FTC also served the documents to the Indian Central Authority for service, pursuant to Rule 4(f)(1) of the Federal Rules of Civil Procedure and the terms of the Hague Convention. After multiple inquiries over a four month period, the Indian Central Authority had not responded to the FTC in order to confirm receipt. The Defendants were on notice of the lawsuit, and hired attorneys to represent them at the preliminary injunction. However, defendants’ attorneys withdrew a few months later for nonpayment.

Since the Indian Central Authority failed to confirm service, the FTC filed a motion seeking permission to serve additional documents via email and Facebook. In its analysis, the Court concluded that service by email and Facebook was not prohibited by international agreement, nor had India objected to this type of service. The court conducted a due process analysis, and found that Facebook service was reasonably calculated to notify the defendants of future filings.

Here, the defendants used both email and social media frequently to run their business, and therefore, service by email alone was sufficient to satisfy due process. Furthermore, the fact that two of the defendants had registered their email accounts with Facebook, included their job titles on Facebook, and were Facebook friends with one another, suggested they were highly likely to receive such messages. According to the court, “where defendants run an online business, communicated with customers via email, and advertise their business on their Facebook pages, service by email and Facebook together presents a means highly likely to reach defendants.”

Although the district court permitted service of process in PCCare247, the fact that it was merely an alternative means of service seems to have played a key role in the decision. Prior case law from the same district court suggests that we should not necessarily expect Facebook service to spread like wildfire, and that such service may be limited to cases where the Facebook profile can be properly authenticated. For example, in Fortunato v. Chase Bank USA, the court declined to permit service of a third party complaint by Facebook message to an address found on the individual’s Facebook profile, as the plaintiff failed to show the Facebook profile was authentic or that it was regularly used by the individual.

The use of social media for service is likely to become an increasingly disputed issue in the coming months and years. This past month, Texas became the first state to propose a bill allowing for service of legal process via social media. Texas State Representative Jeff Leach, a Republican, recently introduced a bill in the state’s House of Representatives regarding the use of social media for service of process. If passed, House Bill 1989, would permit “an electronic communication sent to the defendant through a social media website” to act as a method for service of process, provided that “the defendant maintains a social media page on that website, the profile on the social media page is the profile of the defendant, the defendant regularly accesses the social media page account, and the defendant could reasonably be expected to receive actual notice if the electronic communication were sent to the defendant’s account.” If the bill were to become law, Texas would be the first state to legalize social media as an alternative means of service.

Service via social media has become increasingly prevalent in other countries, suggesting the United States may not be far behind. In England, the High Court recently approved the use of Facebook for service of legal documents in a commercial dispute. Similarly, “Facebook is routinely used to serve claims in Australia and New Zealand.”

The use of social media for service of process is likely to be a continuing issue in the United States, and we will keep you apprised of future developments in this rapidly changing area.