Home Data-Driven Thinking The Risk Of Clicking Facebook’s Social Plugin

The Risk Of Clicking Facebook’s Social Plugin

SHARE:

garykibel“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Gary Kibel, a partner in the technology, digital media and privacy practice group at Davis & Gilbert.

When developing an interactive campaign or product, incorporating social plug-ins is generally a quick and easy no-brainer. However, have you ever asked about what data is being collected by the plug-ins, or if there are any laws on the books that might apply to this activity?

The ad tech world often finds itself forced to resolve the conflict between decades-old laws and new technology. The round peg often does not fit into the square hole. This is precisely the situation in a pending class action lawsuit involving Hulu, the Facebook “like” button and the Video Privacy Protection Act (VPPA).

The VPPA is not some new law enacted to address online video. It was signed by President Ronald Reagan in 1988 in response to outrage over the disclosure of Supreme Court nominee Robert Bork’s video rental history. A reporter obtained the information from a local D.C. video rental store to highlight Justice Bork’s originalist views that the Constitution does not contain a right to privacy. He didn’t rent anything salacious, like “Rochelle, Rochelle,” by the way, but you can imagine why nervous policymakers passed the law in a hurry.

Pending Lawsuit

The plaintiffs assert that Hulu meets the definition of a “video tape service provider” under the VPPA. While the definition includes the word “tape,” it means a party engaged in the rental, sale or delivery of prerecorded audiovisual materials. The court held that the VPPA’s reference to “prerecorded video cassette tapes or similar audio visual materials” covers prerecorded video content in electronic or new formats, and not just hard copies. Therefore, the 1988 definition applies to modern online video services. The law was not just about physical videotapes, but was about preserving the confidentiality of private viewing preferences.

The plaintiffs next claimed that when the “like” button is clicked, it would transmit personally identifiable information to Facebook that was tied to these viewing preferences. Under the VPPA, personally identifiable information is that which “identifies a person as having requested or obtained specific video materials or services from a video tape service provider.” For a time, the referrer URL being used included the title of the video being watched, the user’s IP address and Facebook ID. The court agreed that personally identifiable information does not need to include a name, but can include a Facebook ID transmitted through a “lu” cookie. Taken together, the argument made was that the user’s personal (not anonymous) video viewing habits were being shared without the user’s consent.

Consent for the transfer of such personally identifiable information would satisfy the VPPA, but there is generally no consent process when clicking a social plug-in. The law states that the consent must be “informed.” A site may not understand what data is being transmitted, and the user certainly has no idea what data is involved.

Broader Implications

Due to procedural and factual matters, this particular lawsuit may not go too far but the lessons learned should be clear. When working with another party that collects data on your site or service via a social plug-in, tag or other tracking mechanism, you must first know what is being placed on your service and understand exactly what data is being collected through such mechanisms. You must also understand, and possibly control, how the tracker will use the data and consider any legal implications.

Netflix managed to have the VPPA amended in 2012, but technology has always moved at a faster pace that the law. The VPPA vs. online video is certainly not the first clash between old law and new technology, and it will unlikely be the last. Persistent identifiers have rich detail and are ubiquitous online. The line between personally identifiable information and non-personally identifiable information is rapidly eroding.

If you liked this article, please click … oh, never mind.

Follow Gary Kibel (@GaryKibel_law), Davis & Gilbert LLP (@dglaw) and AdExchanger (@adexchanger) on Twitter.

Tagged in:

Must Read

Why Media Mergers And Spin-Offs Don’t Always Keep Their Promises

With media megamergers, acquisitions and spin-offs left and right, the media landscape is changing at a pace that is difficult to keep up with.

TransUnion is partnering with Blockgraph so that advertisers can use its identity data to target, reach and measure TV households across channels.

How This Disaster Relief Nonprofit Tapped First-Party Data To Reach Donors Year-Round

Staying top of mind for potential donors is an ongoing challenge for Direct Relief. Nexxen’s audience curation helped it spread and sustain awareness.

Why Major UK Publishers Are Finally Joining Forces To Curate Ad Inventory

Atria’s collective approach is a response to growing monetization challenges and the need to protect the value of human journalism in the AI era.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Toronto Canada pride parade includes a crowd waving pride flags

Ad Performance And Politics Steered Brand Dollars Away From LGBTQ+ Communities – But The Pendulum Will Swing Back

The current administration has discouraged many marketers and organizations from showing support for the LGBTQ+ community, including during Pride month.

How AI Can Enhance Content Without Generating It

As much as consumers complain about AI-generated content, advertising experts say AI still has an important place in video creation and production, including for ads. But using AI in content without turning off consumers is a tricky dance.

How Tovala Banks On Subscriptions And Incrementality – But Not Ads – To Profit From Its Oven

Smart TVs, refrigerators and other home appliances may pester you with marketing, but at least the hardware is cheap. Another startup taking a different approach to the same theory is Tovala, which was founded in 2015 and combines a standalone countertop oven with a weekly meal kit subscription.