Category Archives: Industry News

General Data Protection Regulation Form

The General Data Protection Regulation, GDPR,  that goes into effect on May 25, 2018 will require companies that do business in the EU to provide a form to the companies that they are dealing with.  This regulation strengthens the privacy rights of individuals living in the European Union (not only E.U. citizens) and applies to anyone who does business with those persons, even if that simply means collecting data for marketing purposes.

Here is a form that you can use to facilitate this process.

General Data Protection Regulation Explained

There is some confusion over the GDPR, the General Data Protection Regulation,  that goes into effect on May 25, 2018. This regulation strengthens the privacy rights of individuals living in the European Union (not only E.U. citizens) and applies to anyone who does business with those persons, even if that simply means collecting data for marketing purposes.

Nancy Wolff, DMLA Counsel, has written a comprehensive explanation of the regulation that you can read here.

Importance of Net Neutrality

Net neutrality means that internet service providers should enable access to all content and applications regardless of the source, without favoring or blocking particular products or websites.  Seems simple, right?  Why has it become such a major political issue?

The Senate voted today to pass a measure that would repeal changes to net neutrality rules that were recently adopted by the Republican-controlled Federal Communications Commission. Chances are that the House won’t approve this repeal.

Why is Net Neutrality so Important?  In an article written by Tiffany Li,  an attorney and resident fellow at Yale Law School’s Information Project,  a big picture of the impact is presented.

 

GDPR Explained

by Nancy Wolff, DMLA Counsel

You may have noticed an increase in urgent messages from companies updating their privacy policies in anticipation of the upcoming deadline to become GDPR compliant. “GDPR” refers to a new European Union law – the General Data Protection Regulation that goes into effect on May 25, 2018. This regulation strengthens the privacy rights of individuals living in the European Union (not only E.U. citizens) and applies to anyone who does business with those persons, even if that simply means collecting data for marketing purposes.

Privacy is becoming more and more of a global issue, and the E.U. is leading the way in attempting to protect personal data. The policies behind the GDPR aim to increase transparency, in terms of both what personal data is collected and how it may be used, and the accountability of those who maintain and use that personal data. The regulation is complex and extensive and includes steep penalties for those who are not compliant – up to €20,000,000 or 4% of global revenue from the previous year, whichever is greater.

But before you think the solution is to simply exclude all European residents from your client base, or have a panic attack, it is important to recognize that the E.U. “privacy police” are unlikely to expect immediate full compliance or have the operational capacity to scrutinize every business transacting with E.U. residents. Your goal should be to reevaluate your privacy practices to be as compliant as possible given your type of business and your use of personal data.

The stock industry is not a business that primarily engages in personal data collection. The purpose of the industry is to aggregate and license content on behalf of contributors to those who legitimately incorporate it in their publishing, marketing, or other media works. Stock companies should continue to use best practices regarding the security of personal data, obtaining proper consent from those who they send marketing communications, and updating privacy policies to accurately reflect how information is used and how an individual can contact someone in your company about what personal data is collected. (A new sample privacy policy that can be modified to comply with your company’s practices will be provided shortly). There is a common understanding in recent literature published about the GDPR that many industries will be provided a soft launch period, despite the fact that the regulation has been published since 2016.

At its highest level, the GDPR requires any company who collect personal data to maintain it securely, and to provide transparency in what ways it may use the personal data. The definition of “personal data” is quite broad and includes anyinformationthat relates to an identifiable person. See GDPR, Art. 4, Sec. 1. The individuals whose data is collected are called “data subjects.” See GDPR, Art. 4, Sec. 1. Those who collect data are called “controllers.” See GDPR, Art. 4, Sec. 7. Those who process data for controllers are referred to as “processers.” See GDPR, Art. 4, Sec. 8.  Any content library with contributors, distributors, customers and model releases, is a controller and needs to keep its records that contain personal data secure.

The first step toward GDPR compliance is to audit your data practices. Make a list of what personal data you collect and how you use that data. Then, when you update your privacy policy, you can use that list to make sure that you have provided adequate disclosure of how you use the personal data.The regulations require that the notice is not written in legalese but inclear and plain language.In general, you should not collect or retain information that you have no legitimate business purpose to collect.

The privacy notice should address the following to sufficiently inform the data subject:

  • Who is collecting the data?
  • What data is being collected?
  • What is the legal basis for processing the data?
  • Will the data be shared with any third parties?
  • How will the information be used?
  • How long will the data be stored for?
  • What rights does the data subject have?
  • How can the data subject raise a complaint?

Further, if someone from the E.U. requests information about the personal data you collect, you have an obligation to respond to requests within 1 month and may not charge the data subject for responding. You also need to give the E.U. resident the ability to update that information and the ability to remove the information if there is no legitimate reason to maintain that personal data.Additionally,any data breach of personal information must be reported within 72 hours.

Individuals subject to the GDPR can enforce these new rules, as it provides for a private right of action, but there must be some material damage.

In terms of marketing to customers or potential customers in the E.U., the consent rule under the GDPR is an “opt-in” instead of “opt-out” rule. Consent must be very clear and cannot be buried in terms and conditions. There should be a separate check box for marketing and promotions and for accepting terms and conditions.

It is too soon to know how these new regulations will impact the image licensing industry. To some extent all photographs of recognizable people contain personal data. Some have asked whether the new “right to be forgotten” will affect the industry and whether models or subjects could request that images be erased or consent withdrawn. While these regulations have not been officially interpreted yet, this kind of overly broad interpretation would be contrary to the purpose of the regulations – which is to address privacy issues with data collection.

The regulations do acknowledge that there are legitimate business reasons to retain certain personal information. The licensing of editorial as well as commercial images by image libraries serves an important business and newsgathering function and model releases are required to be retained for many business and legal purposes, and are necessary to produce in the event of a claim. Further, the “right to be forgotten” is not absolute and the regulations acknowledge that other rights, such as the right to freedom of expression and information, including processing for journalistic purposes and the purposes of academic, artistic or literary expression must be reconciled with this right. These exceptions should insulate the licensing of images and restrict persons from demanding that images be removed.

This article is intended to be a broad overview of this new regulation and not a complete description of the GDPR or any company’s obligations. You are encouraged to seek further advice and there are many websites offering insights. Importantly, the regulations have not been interpreted and we will continue to monitor this topic. The GDPR will be included in the DMLA legal panel at the DMLA Annual meeting in October.

Keep Fighting for Artists’ Rights!

The letters that are being sent are starting to make a difference so don’t stop!

More members of the House Judiciary Committee need to be paying attention to H.R. 3945 – CASE Act!

Keep up the fight by sending a letter each week! The more we send, the closer we’ll be to getting the copyright protection YOU deserve!

You can find your a sample letter and your representative here.  It’s easy.  Just do it!

AMAZON VP TO OPEN LICENSING EXPO

You’re invited to attend Licensing Expo 2018!

The landscape of commerce and customer expectations is rapidly changing. Nicholas Denissen, Vice President, Amazon, will deliver the opening keynote address at Licensing Expo 2018, speaking to how brands can grow their business online and what Amazon is doing to enable them. Nick, and panelists from industry leaders working with Merch by Amazon will discuss how they are capitalizing on e-commerce and reshaping their businesses to better anticipate customer appetite for unique content and larger selection.

 

Don’t miss these great insights and more from Licensing Expo – register for FREE today!
Acquire new strategies, shape innovative ideas, and build practical solutions by attending Licensing University™

Organized by LIMA (The International Licensing Industry Merchandisers’ Association), Licensing University includes a full day of “Basics” programming for industry newcomers, a full slate of “up close and personal” Roundtable sessions, and countless sessions on the latest trends in the licensing industry. Look no further to build and refine your brand licensing expertise at Licensing Expo.

Here are some Licensing University sessions we think you would enjoy:

In order to attend Licensing University, you must first be registered for Licensing Expo.

Register Now

SUPPORT NEEDED FOR CASE ACT!!

I’m sure that you’re aware we been working for the last few years with a group of other associations on what is now the CASE Act (HR#3945) the SMALL CLAIMS TRIBUNAL BILL, a bill by Representatives Hakeem Jeffries (D-NY), Tom Marino (R-PA), Doug Collins (R-GA), Lamar Smith (R-TX), Judy Chu (D-CA), and Ted Lieu (D-CA). The bill is ready for write-up and we are now awaiting a date for that to happen based on a couple of issues still being worked out, but it looks like it could be as early as next week.

It has come to our attention that so far only about 2200 letters have been received by the Copyright Alliance platform which is less than 5 letters per member of Congress–barely even noticeable. We have been told by the players on the Hill that the passage of this bill will come down to grassroots support and this is a very poor showing. They need to see that we are behind this important bill for creators!

We need every member and their photographers and their adult children, friends and neighbors to send letters to their representatives!

I am asking you to send out a plea to your staff and photographers to help us get this bill passed by contacting their representatives. It is really easy. There are letters ready for them to use here. If we fail and small claims doesn’t make it through this year, it will be very difficult to get it passed in subsequent years. THIS IS OUR CHANCE! Please help all creators protect their copyrights!

Thanks so much for your help!

DMLA’s Amicus Brief Supports Argument as Oracle defeats Google Fair Use Argument over Java Code Packets

Last week the U.S. Court of Appeals for the Federal Circuit reversed the U.S. District Court for the Northern District of California’s ruling of fair use in Oracle America, Inc. v. Google LLC, and held that a verbatim and non-transformative taking in the presence of an actual or potential licensing market fatally undermined the defense.

Even in industries unrelated to computers, mobile devices, software, and source code, the court’s broad pronouncement that “[t]here is nothing fair about taking a copyrighted work verbatim and using it for the same purpose and function as the original in a competing platform” is both powerful and beneficial to creators and licensors of copyrighted content. DMLA’s amicus brief with the support of the coalition of Visual Artists– and one of many amicus briefs in this hotly contested case– helped explain to the court of appeals the importance of licensing markets in fair use cases in general. Ultimately DMLA supported the winning argument and contributed to the creation of appellate-level precedent that will help image licensors everywhere in responding to many infringement claims, as it turns on harm to the licensing market.

Read the entire article here

Oracle defeats Google Fair Use Argument over Java Code Packets

(ORACLE AM., INC. V. GOOGLE LLC
No. 2017-1118, 2017-1202, 2018 WL 1473875 (Fed. Cir. Mar. 27, 2018)

by Nancy Wolff, DMLA Counsel

Last week the U.S. Court of Appeals for the Federal Circuit reversed the U.S. District Court for the Northern District of California’s ruling of fair use in Oracle America, Inc. v. Google LLC, and held that a verbatim and non-transformative taking in the presence of an actual or potential licensing market fatally undermined the defense. Oracle had sued Google for copyright infringement, alleging that Google had unlawfully used 37 packages of Oracle’s Java application programming interface – “pre-written Java source code programs” that serve as shortcuts for various computer functions to save programming time – in its Android-powered devices. Google copied verbatim 11,500 lines of Oracle’s copyrighted computer code as well as the structure, sequence, and organizing of the packages. After a second jury trial on fair use, Google prevailed on its fair use defense, and Oracle appealed after the district court rejected its post-trial motion for judgment as a matter of law.

The Federal Circuit disagreed with the district court’s assessment, and analyzed each of the four fair use factors in 17 U.S.C. 107. In particular, under the first factor (nature and purpose of the use), the court held that Google’s use of Oracle’s code was both commercial and not “transformative” because the purpose of the software packages in Google’s Android operating system was the same as the purpose of the package in Oracle’s Java platform; Google did not change the expressive content or message of the code; and use of the code in smartphones as opposed to other computer hardware did not constitute “new context.” As many courts do, the Federal Circuit did not pay much heed to the second factor (nature of the copyrighted work), but emphasized under the third factor (amount of the work used), that the taking at issue here was more than was defensible. For instance, there was no dispute that only 170 lines of code were needed to write in Java programming language, but Google copied 11,500 lines.

The court spent considerable time discussing the fourth factor (effect on the potential market), focusing on harm to actual markets for the copyrighted work, as well as the market for potential and derivative uses. The court noted that the record clearly showed actual market harm in that Oracle’s copyrighted works had already been used in mobile devices, that Google directly competed with Oracle using Oracle’s own code, and that the existence of the free Android operating system caused significant damage to Oracle’s negotiating position with third parties like Amazon. The district court also had failed to consider potential market harm, including licensing Java “for smartphones with increased processing capabilities”; importantly, the court observed that just because Oracle had never built its own smartphone device was irrelevant “because potential markets include licensing others to develop derivative works.” Because factors one and four weighed heavily against fair use (factor two weighed in favor, and factor three was likely against), the Federal Circuit reversed and remanded for a trial on damages.

Even in industries unrelated to computers, mobile devices, software, and source code, the court’s broad pronouncement that “[t]here is nothing fair about taking a copyrighted work verbatim and using it for the same purpose and function as the original in a competing platform” is both powerful and beneficial to creators and licensors of copyrighted content. DMLA’s amicus brief with the support of the coalition of Visual Artists– and one of many amicus briefs in this hotly contested case– helped explain to the court of appeals the importance of licensing markets in fair use cases in general. Ultimately DMLA supported the winning argument and contributed to the creation of appellate-level precedent that will help image licensors everywhere in responding to many infringement claims, as it turns on harm to the licensing market.