E-Commerce Law Week, Issue 429

Another Court Enters the Trademarked Search Term Tempest

Like leaves caught in the autumn wind, legal questions surrounding the use of trademarked terms as search engine keywords continue to swirl in federal courts. A federal court in New Jersey is the latest to try to rake the legal leaves into a nice orderly pile. In its October 20 ruling in Buying for the Home, LLC v. Humble Abode LLC, the court found that a furniture company's purported purchase and use of a competitor's mark as a keyword advertising trigger constituted "use in commerce" within the meaning of the Lanham Act. The court's decision conflicts with recent rulings of federal courts in New York's Southern and Northern Districts, but is consistent with other rulings, suggesting that the final resolution of this issue remains up in the air pending review by federal courts of appeals. Though no search engine was a defendant in this case, Google and others have been defendants in other cases. The courts' ultimate resolution of this issue could have a significant impact on some search engines' advertising practices, especially Google's.

Financial Sector Announces New Data Security Initiative

While contractor security is a major concern for all companies that handle sensitive data, the issue is particularly important in the financial services industry, due to both the sensitive nature of the information involved and the high level of government regulation. Under both the Gramm-Leach-Bliley Act (GLBA) and the Federal Trade Commission's Safeguards Rule, financial institutions are required to ensure that data sent to their affiliates and service providers remains secure. But neither GLBA nor the Safeguards Rule suggests specific measures for assessing compliance, leaving financial institutions with the costly and time consuming task of creating assessment programs, and burdening service providers with an array of different metrics. In an effort to address this problem, the BITS Financial Services Roundtable has initiated the Financial Institution Shared Assessments Program (FISAP), which proposes using a Standardized Information Gathering Questionnaire and Agreed Upon Procedures to create a normalized approach to gathering information about service provider data security practices, processes and controls. This initiative should be of interest not just to financial institutions, but to all companies that handle consumers' personal information. At the very least, the FTC and courts might look to FISAP for guidance on what constitutes "reasonable care" in overseeing service providers' data security measures.

ACLU Drops Challenge to PATRIOT Act Business Records Provision

On October 27, the American Civil Liberties Union announced that it had withdrawn its lawsuit challenging Section 215 of the USA PATRIOT Act, which allows the FBI to obtain, as part of an international terrorism or espionage investigation, business records and other tangible items pursuant to a Foreign Intelligence Surveillance Court (FISC) order. According to the ACLU, recent revisions to the PATRIOT Act addressed many of its concerns regarding lack of judicial oversight, leading it to drop its suit. As a result of the ACLU's decision, businesses confronted with burdensome or seemingly overbroad Section 215 orders will have to decide whether to bring their own challenges rather than ride the ACLU's coattails.

Questions and comments about E-Commerce Law Week are always welcome. Please send your feedback to Sally Albertazzie.