On June 18, 2024, California Attorney General (AG) Rob Bonta announced a third CCPA enforcement settlement, this one with Tilting Point Media LLC. Tilting Point was allegedly using its mobile app game “SpongeBob: Krusty Cook-Off” to collect, share, and sell the data of minors, in violation of the California Consumer Privacy Act (CCPA), California’s Unfair Competition Law (UCL), and the Children’s Online Privacy Protection Act (COPPA). Tilting Point agreed to pay a $500,000 civil penalty and implement certain measures to address the alleged violations. The settlement is notable for combining enforcement of COPPA alongside the CCPA, targeting similar practices but different age groups under each law. Also notably, the AG investigated Tilting Point after the Children’s Advertising Review Unit (CARU) of BBB National Programs issued findings alleging that Tilting Point’s practices violated COPPA. The AG alleged that Tilting Point failed to correct its practices following the investigation by CARU. The case illustrates the risks of ignoring industry self-regulatory reviews and provides a roadmap other states can use to leverage multiple laws against the same activities.

The AG’s complaint focused on the key allegations outlined below:Continue Reading California Attorney General’s Recent Enforcement of CCPA and COPPA

Generative AI is creating previously unimaginable possibilities for influencers and brands to engage with consumers. Rather than merely posting on social media, influencers will be able to utilize AI to have two-way conversations that feel authentic. Influencers can do this literally in their own voice, having unique dialogs with countless people at the same time.

Influencers and brands are accustomed to the rules governing what can be said on social media, but now they’ll need to start thinking about what sort of information they can elicit from their fans and consumers in the course of unique and unpredictable interactions, and what they can do with that information, because they will have the ability to gather more consumer information than ever before, and in ways that may be difficult to control.Continue Reading Let’s Chat: Influencers and Brands Testing the Waters of Generative AI Must Navigate Data Privacy and FTC Issues

Venable is pleased to announce that Hemanshu (Hemu) Nigam has joined the firm as a partner in the eCommerce, Privacy, and Cybersecurity Practice in its Los Angeles office. Mr. Nigam has nearly 25 years of experience in solving online security, privacy, and safety challenges facing celebrities, pro athletes, high-net-worth individuals, corporations, and start-ups, as well as government and law enforcement. He has extensive experience conducting end-to-end cyber assessments and protection and often provides counsel on cutting-edge online privacy and security issues. Mr. Nigam seeks justice for entertainment and sports professionals who are cyberstalked, hacked, or harassed, or who have fallen victim to other forms of online attacks.
Continue Reading Venable Expands Service Offerings for the Entertainment and Media Industry with the addition of Privacy and Cybersecurity Veteran Hemanshu Nigam

There is more demand for content than ever, and media and entertainment companies face a wide variety of challenges that come along with the increase in production and distribution of content. In-house and outside counsel for media and entertainment companies need a working knowledge of how to deal with insurance issues that arise in their business, including the types of insurance policies that may cover the legal risks they face, and how to navigate the issues that arise when dealing with insurers, such as selection of counsel, allocation between covered and uncovered claims, and who controls the settlement of a claim.
Continue Reading Join Us on July 14 for a Discussion on Entertainment and Media Liability Claims

Many celebrities balance maintaining their brand by staying in the public eye with privacy in their personal life. A new California law, however, has some business managers and celebrities concerned about maintaining their privacy. With little fanfare, Governor Newsom signed into law Senate Bill 592 (the Bill) on September 28, 2020, which may raise eyebrows this year as business managers and taxpayers navigate the 2020 tax reporting season. Specifically, the Bill requires the California Franchise Tax Board (FTB) to revise the California resident income tax return form to include a line item for the taxpayer’s address of their principal residence and their county of principal residence. In the past, high-profile taxpayers often used their business manager’s address when filing tax returns, to maintain privacy and security. The Bill, however, takes effect this year, so that California residents must now disclose the address of their principal residence on their 2020 California income tax returns.
Continue Reading New Disclosure Law for California Taxpayers: A Huge Breach of Privacy? Probably Not.

New York has protected the rights of living persons to control the use of their name and likeness in commerce for over one hundred years. The existing right to privacy gives any person the right to sue for an injunction or damages if their name or likeness is used within New York for advertising or trade purposes without their written consent. See NY CRL § 51. These privacy rights dissipate at death. But starting in May of this year, New York’s new right of publicity statute will grant successors of certain individuals a right of publicity after death. This brings New York’s statute closer to that of California, which has recognized postmortem rights since 1985. The statute also grants new rights concerning the use of deepfakes in sexually manipulated content. More on that below.

The postmortem part of the statute protects only certain individuals who die as New York domiciles and only if they die after the statute goes into effect on May 29, 2021 (i.e., no retroactive effect). The rights that are granted last for 40 years after death and can be transferred by contract, license, trust, will, or another instrument. The bill differentiates between “performers” and “personalities.”Continue Reading New Yorkers Receive Postmortem Rights and Protection Against Digitization of Sexually Manipulated Content in New Right of Publicity Statute

The United States District Court for the Middle District of Florida recently dismissed all claims against the coupon database and news website Coupons in the News, reinforcing protections for online publications and associated photographs that are of legitimate public concern.  See Anderson v. Best Buy Stores, Case No: 5:20-cv-41-JSM-PRL (M.D. Fla. July. 28, 2020).

The lawsuit arose over a disagreement about the use of expired coupons at a Best Buy store.  Courtney Anderson allegedly caused a disturbance by pulling down her pants during the argument, ultimately finding herself under arrest for disorderly conduct. Coupons in the News, a website offering coupons, advertisements, and a news service pertaining to couponing, posted an article on its website that detailed Anderson’s alleged actions at the store and included her mug shot. The article labeled Anderson the “Pantless Couponer.”Continue Reading Florida Court Reinforces Protections for Newsworthy Publications

Last week, it was announced that eminent entertainment law firm Grubman, Shire, Meiselas and Sacks (Grubman) was the victim of a significant cyberattack. Current reports suggest that in addition to encrypting the firm’s data, so that the firm cannot gain access to its own files, the perpetrators made away with a massive amount of privileged data, including contracts, nondisclosure agreements, phone numbers, email addresses, and private correspondence of the firm’s clients. The attack has garnered international attention for the high-profile individuals potentially affected and the large public ransom demand, which stands at $42,000,000 as of this writing.

The attack involved the use of well-known ransomware (called REvil/Sodinokibi), which has been used in a number of other high-profile cyberattacks, such as the one on foreign exchange firm Travelex. The identities of the attackers are not publicly known, but the track record of REvil’s operators suggests they are sophisticated and experienced. The perpetrators have released a handful of documents to prove the validity of their claims, and sources suggest that they will publish the data in installments if their demands are not met.
Continue Reading The Grubman Ransomware Attack and What It Means for the Cyber Risks That You May Face

Supermodel Jelena Noura “Gigi” Hadid was not the first celebrity to be photographed by paparazzi and then to post the resulting photo to social media, nor was she the first to be subsequently sued for copyright infringement for doing so. Other celebrities, including Jennifer Lopez and, most recently, Victoria Beckham, have made news for the same situation.

This trend falls into an interesting intersection of two significant tenets of law: a celebrity’s right of publicity in their own image and a photographer’s right to copyright their artistic work. The district court dismissed the case due to a lack of a copyright registration. In addition to that defense, though, her attorneys also raised the defenses of fair use and implied license. The second may have begun paving the way for future legal challenges to clarify these issues by raising a novel argument—implied license—alongside the more typical defense of fair use.Continue Reading Are Paparazzi Images Fair Game for Social Media?