“What is privacy?” asked moderator Mason Weisz, associate at Hunton and Williams LLP, in his opening remarks of Friday’s Privacy In Social Media: Dealing With An Oxymoron panel, the last discussion held as part of Friday’s CMJ Entertainment Business Law Seminar. It’s a deceptively simple question that grows more complicated with each passing year as new modes of technology such as cloud storage, GPS location tracking and facial recognition software create thorny issues regarding the compiling, distributing and analyzing of seemingly private data. Given the occupational make-up of the panelists and the audience—lots of nice suits and not a lot of (visible) tattoos—the conversation was skewed toward private businesses and how those entities can comply with the law to avoid negative financial repercussions. However, there was still a lot to take away for an individual not fluent in legalese.
One tenet that all the experts gathered agreed upon was this: Technology moves faster than the law. “The law evolves slowly,” said Weisz, “and consumer expectations move very quickly.” The panelists often spoke of how the responsibility of lawyers and the clients they represent is to keep up with those changes in a way that gives the consumer a plethora of information and a variety of options. How do you introduce exciting new pieces of technology without stepping on a legal landmine? How do you offer new information-sharing options to consumers without alienating them and incurring the wrath of public uproar? When it came down to answering these questions, the panel focused on two key words: notice and choice.
Pauline Wen, the senior vice president of business and legal affairs for Viacom Media Networks, articulated the importance of these two words in her discussion of social media platforms like Facebook, Twitter and Foursquare. “Social media allows you to do so many things,” she said. But moments later she noted, “As an individual, I’m very uncomfortable with this stuff.” In her remarks Wen said the key to maintaining a positive image with the public is to have a clear message regarding what is public/private and get the appropriate consent from the participants. Facebook was noted as an example of a company that continuously changes its privacy policies but now, due to past accusations to the contrary, goes out of its way to provide its users with information regarding procedural changes and the option to opt out of some of them.
Maintaining a positive public image is one thing, but staying within the often vague and ever-shifting letter of the law is another issue entirely, and one that can have severe monetary consequences. Collectively, the panelists had all experienced their fair share of professional run-ins with the FCC, the FTC and other governmental bodies that oversee the communications field. Wade Leak, the deputy senior counsel for Sony Music Entertainment, spoke candidly about Sony’s record $1 million fine from violating the COPPA (Children’s Online Privacy Protection Act). Under the law, companies are not allowed to collect personal data from children under 13 without parental consent, but 196 of Sony’s websites had been engaged in this very activity without even knowing it, collecting personal information from at least 30,000 underage children. Though Sony was found to be unaware of the illegal activity, the company still faced a large fine.
Leak argued that Sony’s experience has made its internal system of legal checks and balances even stronger. “Look at your policies in-house,” said Leak. “Ask questions like, ‘Why do you need that information?’ Sometimes when you put them on the hot seat they can’t even tell you.” Leak discussed how at many companies the decisions regarding private data are made on the marketing or engineering side of the business, and most of the time, those departments don’t consult the legal department because they don’t even think about the potential legal problems that may arise. All the panelists agreed that the best defense against lawsuits is an open dialogue within a company and an equally open dialogue with the consumer. Or, at the very least, be more open than your competitors.
Marc Zwillinger, of ZwillGen PLLC, put it best: “Don’t be a target.” To illustrate his point, Zwillinger told an anecdote about a hiker. In the story, two buddies are on a hiking trip in a forest known for bear attacks. While discussing the possibility of being mauled by a bear Hiker No. 1 puts on a pair of new running shoes. Hiker No. 2 looks at him and says, “You can’t outrun a bear in those.” Hiker No. 1 smiles and says, “I don’t have to outrun the bear. I just gotta outrun YOU!”
Needless to say, the punch line killed with an audience of lawyers, but it also pointed toward a larger theme: With such high stakes, it’s always better to be prepared. Though the title of the day’s panel pointed out the apparent oxymoron in any conversation regarding privacy and social media, the discussion revealed that the contradiction at hand is more significant than any of the giant social media platforms or the latest hip new widget on the market. The legal field of social media may change every day, but the larger problems remain the same: public vs. private, free vs. secure, open vs. closed, individual vs. corporate entity. The idea of privacy relies on security to make it a reality, but America’s legal system is built on the principle of freedom above all other values. Sure, in a utopian vision of the Internet, information wants to be free, but, as the panelists pointed out, not every private citizen is comfortable with that freedom.