This document provides an overview of social technology and legal issues related to its use. It begins with introductions and an agenda, then covers topics like understanding the mechanics of social media, its impact, limitations, risks, opportunities, and recommendations for action. Key points discussed include how social media can cause government overthrow, the myth of user consent, integration risks, jurisdiction issues, privacy concerns, and resources for further reading on relevant case law and regulations. The overall message is that technology is complex and constantly evolving, so legal and risk management expertise is needed to properly understand and address potential issues.

1. Social Technology
Points of Practice
Amy Larrimore | Managing Partner

2. Meet Amy Larrimore
@AmyAllStar
#140 Speaker
2013
New York, NY
Advisor to Three
Heads of State,
including the USA
Pennsylvania Bar Institute
Faculty and Course Planner
Managing Partner,
The Empire
Builders Group
$43.25 = average daily web revenue
generated her first cup of coffee

3. Agenda
Today, we work on understanding:
Mechanics
Impact
What you don’t know
What they don’t know
Limitations
How events occur
Risks, Probability and Severity
Opportunities
What to do now
Resources and References

4. Social Media the Noun? Or the Verb?
Or something else entirely.

5. All the Legal Disciplines
Plus regulations that are
industry specific.
• Employment Law
• Litigation
• IP Issues
• Contract Law
• Family Law
• Privacy and Security
• Defamation

6. Technology:
What’s Your Goal?
Selection, Setup and Management
Litigation
Business Risk Management
It all starts with
understanding.

7. Username
(begins with @)Display Name
(link to profile)
Avatar
(Photo)
See related
tweets
(blue line)
Types of Interactions
• Reply (Respond to all, into conversation view)
• Retweet (Republish to your followers)
• Favorite (Bookmark or save – public)
Content
limited to 140
characters including
usernames, spaces and
links.
#funny
Understanding
Mechanics

8. Stop Thinking It’s One Monster
One brand technology
(“Facebook”) is actually a
combination of many
separate products with
separate terms managed by
separate entities in separate
places.

9. Technology Architecture
Domain
Website + Web Hosting
Ecommerce Platform
Financial System
Shopping Cart
Payment Gateway
Merchant Processing
MRP or ERP
Order Fulfillment
Shipping
CRM Email Host
Email Client
SEM & Social
Hootsuite Google Analytics
There are so many secret terms and conditions, your head might explode.

10. The New Real Estate
http://dodynamic.com/latest-news/a-website-is-like-a-house/

11. Domains
ICANN regulates Ownership
and Use of Domain Names
• empirebuilders.com (TLD)
• teaching.empirebuilders.com (SLD)
• empirebuilders.technology (gTLD)
Inclusion on DPML requires an
application to TMCH.
Recourse for domain names
held hostage via URS.
ICANN: Internet Corporation for
Assigned Names and Numbers
TLD and SLD: Top and second level
domain (respectively)
gTLD: (new!) Generic top level
domain which shows as a suffix at
the end of a domain name
DPML: Domains Protected Marks
List
TMCH: Trademark Clearinghouse
URS: Uniform Rapid Suspension
System

12. Integrations
Social Media
Planning or Scheduling Tools
Email Marketing
Customer Service and Support
CRM
Invoicing
Document Management
Affiliate Tools & Sponsored Content
Google Analytics/Forms/Adwords
Example: Plugins are
foreign code embedded
into your website to run
executable scripts.

13. Understanding Impact

14. Social Media is CAUSAL
It’s not about breakfast cereal and grandkids pics.

15. • Anonymous
• Instant
• Global

16. Government Overthrow
• 2009 Moldova civil unrest
• 2009 Iranian election protests
• 2010 Tunisian Jasmine Revolution
• 2011 Egyptian Revolution

17. Big Data & Research
Predict Disease
Outbreak Locations

18. Profound
Statistically
Significant
Global Pulse

19. Messaging is Viral – No Relationship Required

20. Understanding What You Don’t Know
Technology is built on trickery and most people try extra hard to trick the lawyers.

21. The Myth of Opt In
• SaaS forces the user to agree to
terms to proceed.
• It is outside of regular contract
negotiation.
• Good user experience designs
trickery to deliver a “seamless
experience”

22. The Mirage of User Experience
“The Redirect - Masked”

23. The Mirage of User Experience
“The Redirect - Obvious”

24. The MIRAGE of USER EXPERIENCE
“The Jigsaw Puzzle”

25. Understanding What They Don’t Know
Don’t Bet on the IT Department

26. If you think hiring an
expert is expensive,
wait until you see the
cost of an amateur.
• Requirements Creation
• Sourcing/Due Diligence
• Deployment
• Management

27. Where exactly is our
CONTENT?
The Jurisdiction of
“Everywhere”

28. Uzbekistan
Inventory of States and Countries Whose Regulations May
Apply or Where Jurisdiction May Be Established

30. The sales chat rep says it’s just
three easy steps:
1. Enter company credit card
2. Upload all company data
3. Watch a six minute video

31. Stored
Communications Act
Courts are moving in a more protective
direction regarding Fourth Amendment
and electronically-stored information
Privacy rights in electronically-stored
information are not lost solely because
that data is stored in a medium owned
by another.
SCA provides a potential loophole in
most jurisdictions that may allow the
government to issue a subpoena for
past emails in the possession of the
service provider but also future emails.
Are Facebook Messages Email?

32. Understanding Your
Limitations
Contract Management vs.
Risk Management
Contract Law is
backwards now.

33. Understanding how
events actually occur
McMillen is Zimmerman
v. Weis Markets, Inc.
(2011 Pa. Dist. & Cnty. –
May 19, 2011)
I miss my
ivory tower…

34. The Business Unit Can’t Help You Either.

36. The green software or the blue one
mentioned in a Linkedin Group?
I really like the green one…

37. The Data Keepers – Enforcing Destruction Policy

38. Understanding risks, probabilities and severity

39. “Resume Generating Events”

40. Suddenly Toy Planes Have
Everyone Talking….

41. The Theft of @N
 A story of how
hacking, extortion &
bad vendor practices
can lose $50,000 in 7
hours.
Social Media
setup with
company email
and connected
to website
Website
content
stored on a
Host
Empirebuilders.com
Domain
registered at a
Registrar

42. The Theft of @N
A story of how hacking, extortion & bad vendor practices can lose $50,000 in 7 hours.

43. The Theft of @N
A story of how hacking, extortion & bad vendor practices can lose $50,000 in 7 hours.

44. What @N teaches us
Phone Staff are the largest risk for breach.
Not understanding how it all works together
is the largest risk for exposure.
Company security policies need to be
sensible.
Company case review policies need to
consider exposure.
Both the business unit and IT needed
proactive legal and risk management help
that they didn’t receive.
Not embracing new technology (two factor
authentication) is a serious exposure.

46. Establishing
Controls
Protection of Trade Secrets
What is unauthorized access?
Employees, Third Party Providers,
Social Media
Importance of policy vs.
hardware controls
Social media
Use or Excessive Use
Social Media Policy
CFAA: Computer Fraud
and Abuse Act
U.S. v. Nosal, 676 F.3d
854 (9th Cir. 2012)

47. You Can’t Make Me Be
Friends!
Piccolo v. Paterson (Pa.
Common Pleas 2011)

48. The SCA applies to
entities
Largent v. Reed (Court of
Common Pleas of the 39th
Judicial District of PA –
Franklin County –
November 8, 2011)

49. Understanding Opportunity
Get your head out of the sand and get out of the way.

50. Provide Good
Customer Service
Pissed off people take to
the web and businesses
who don’t react quickly
pay dearly.

51. Proactive
Crisis Management
•Haitian Earthquake
•Mumbai Shootings
•Boston Marathon

52. Recruitment…

53. Management
Get fired and almost lose your company a few billions in funding.

54. …Termination

55. Inspire and Fundraise
#FLPRevolution

56. Showcase Your Work
When “Going Viral” is cause for celebration.

57. Understanding Content Involvement

58. Digital Millennium Copyright Act
Computer maintenance
DVDs
Ebooks
Distance learning
Interoperability
are only a few carve out
examples.

59. Is staff creating content
the company can own?
Getty will come after you for
licensing.
Did the theme go home with the
assistant web developer?
Source of Inspiration?
Employment Agreements

60. Protecting company IP
Staff Training and Policies – Trade
Secrets
Understanding Provider Recourse
– Copyright and Trademark
Proactively securing brands online
– Copyright and Trademark

61. Are you paying attention?
www.google.com/alerts
www.twitter.com/search
www.addictomatic.com
www.whois.com

62. WHAT DO WE DO?
Evolve or Die.

63. Think Differently
Approving NOTHING is the worst
strategy
Avoid the BRAND trap
Focus on the DATA and the
PROCESS, not the tool.
Start the conversation with IT now
and support funding for experts.

64. Make some POLICIES
Mainly, because it requires you to review
the process.
Secondly, because it requires
documentation in accordance with
regulation, standards and best practice.
http://socialmediagovernance.com/polici
es/
http://www.womma.org/ethics

65. Vanquish the Luddite
Basic operational know how of how the interwebs works is the best risk management.

66. Index and Resources
Resource Guides, Case Law, Regulations, Standards

67. CFAA
U.S. v. Nosal, 642 F. 3d
781 (9th Cir. 2011)
U.S. v. Tolliver, 2011 U.S.
App. LEXIS 19090 (3rd Cir.
2011)

68. Copyright and Trademark
 The Copyright Act of 1976
 Crossfit, Inc. v. Alvies 2014 U.S. Dist
LEXIS 7930 (N.D. Cal. Jan. 22, 2014)
 Digital Millennium Copyright Act, 17
U.S.C. §512 (DMCA)
 Edelman v. N2H2
 Flava Works Inc. v. Gunter
 IO Group, Inc. v. Veoh Networks, Inc
 Lenz v. Universal Music Corp.
 Ouellette v. Viacom International Inc.
 RealNetworks, Inc. v. DVD Copy
Control Association, Inc.
 Sony v. George Hotz
 Viacom Inc. v. YouTube, Google Inc.
 Vernor v. Autodesk, Inc.

69. Data Breach
Anderson v. Hannaford
Bros. Co., 659 F.3d 151
(1st Cir. 2011)
HIPAA
Resnick v. AvMed Inc.,
693 F.3d 1317 (11th Cir.
2012)
Sony Gaming Networks
and Customer Data Sec.
Breach Litig.,
No.11md2258, 2012 U.S.
Dist. LEXIS 14691 (S.D. Cal
Oct. 11, 2012)
PCI

70. E-Discovery
 Columbia Pictures, Inc. v. Bunnell, 245
F.R.D. 443 (C.D. Cal. 2007)
 Consol. Edison Co. of New York, Inc.
v. United States, 90 Fed. Cl 228, 231
(Fed. Cl. 2009)
 FRCP
 FACTA
 Largent v. Reed (Court of Common
Pleas of the 39th Judicial District of PA
– Franklin County – November 8,
2011)
 McMillen v. Hummingbird Speedway,
Inc. (2010 Pa Dist. & Cnty. –
September 9, 2010)
 Piccolo v. Paterson (Pa. Common
Pleas 2011)
 Stored Communications Act (SCA)
(SEE ALSO PRIVACY)

71. Jurisdiction
Business Software Alliance
The EU Data Protection
Directive
Forward Foods LLC v. Next
Proteins, Inc., 2008 BL
238516 (N.Y. Sup. 2008)
Gelmato S.A. v. HTC Corp.,
2011 U.S. Dist. LEXIS
133612 (E.D. Tex. Nov. 18,
2011)

72. Privacy
Crispin v. Christian Audigier,
Inc., 717 F. Supp. 2d 965 (C.D.
Cal, 2010)
Matter of United States, 770 F.
Supp. 2d 1138 (W.D. Wash.
2011)
McMillen is Zimmerman v.
Weis Markets, Inc. (2011 Pa.
Dist. & Cnty. – May 19, 2011)
State v. Bellar, 217 P.3rd 1094
(Or. App. Sept. 30, 2009)
Stored Communications Act
(SCA)
U.S. v. Warshak, 631 F. 3d 266
(6th Circ. 2010)

73. Questions?
Amy Larrimore
@AmyAllStar
datatechprocess.com
#FLPRevolution