United States: Internet Advertising

Efforts to apply traditional principles of law to issues raised by the Internet have only intensified in the few years since Judge Easterbrook wryly noted that there is no more a "law of cyberspace" than a "law of the horse. (please see endnote 1)" With the ascendance of the World Wide Web, what were once thought to be settled boundaries in the law of trademarks, copyrights and patents have blurred, for example, with the arrival of domain names, "intermediate copying" and the patenting of "business methods."

These, of course, are not the only boundaries to have been crossed in cyberspace. The transnational character of the Internet has spawned a well-recognized, pressing need to resolve issues of extraterritorial jurisdiction and choice and conflicts of law. This need promises to become increasingly acute as more of the world goes online, particularly as nations less experienced in advertising regulation join the online marketplace.

Few, if any, areas of law have felt the impact of the Internet as much as the law of advertising, with respect to which the dimensions of content and medium of expression, intellectual property, user privacy and jurisdiction all play an integral part. While settled principles go far in lending guidance to Web advertisers, the unique applications and reach of the Internet call into question whether regulations directed specifically to Internet advertising can properly be dismissed as so much "law of the horse."

The following classification of advertising is largely untouched by the advent of the Internet. The issues raised by each of the various elements of this taxonomy -- respecting, among other things, proper targeting, expression and substantiation -- remain relevant and, indeed, vital, to the legal analysis of advertising claims.

• Express Claims
• Implied Claims
• Comparative Claims: - Superiority – Parity - Disparagement
• Noncomparative Claims
• Identity Claims:
• Compliance with Standards of Identity
• Composition, Constituents and Ingredients
• Manner of Production/Manufacture -- e.g., "hand crafted"
• Source or Origin -- identity of manufacturer or seller, geographic origin
• Sponsorship, Association and Affiliation -- including endorsements
• Performance Claims
• Use -- what does the product do?
• Efficacy -- how well does it do it?
• Durability -- how long will it do it?
• Quality, Availability and Convenience Claims
• Sensory Impression Claims -- e.g., taste
• Consumer Preference Claims
• Establishment Claims -- "tests show that . . ."
• Quality Claims
• Suitability and Safety Claims -- fitness for use by the target purchaser or user
• Health and Nutrition Claims
• Environmental Claims
• Style, Fashion and Aspirational Claims
• Contests, Sweepstakes and Games of Chance (please see endnote 2)
• Transactional Terms
• Nature of the Transaction -- e.g., license, lease or sale
• Price
• Discounts
• Coupons
• Rebates, Refunds and Returns
• Promotional Tie-Ins and Giveaways
• Availability at the Advertised Price
• "Free" Goods and Services
• Credit Terms
• Shipment and Delivery

The same constancy or uniformity cannot, however, be ascribed to the laws and regulations by which these classes of advertising are governed. First, as an interactive, "multimedia" resource, the Internet features characteristics of direct mail, telemarketing, television, radio and print that defy ready categorization under any one medium-based legal regime (e.g., the rules applicable to "television advertising" or "direct marketing"). Second, by virtue of its communication across borders, Internet advertising has been, and is almost certain to continue to be, subjected to the multiple and sometimes conflicting legal requirements of a variety of nations, localities and states.

Reno v. ACLU, 521 U.S. 844, 117 S.Ct. 2329, 2334 (1997).

The Internet affords advertisers a host of visual, textual and aural means by which to capture the interest of consumers and direct the advertiser's message to its target audience. Among the innovative tools and features of Internet advertising are banner ads, rich media, interstitials, pop-up windows, text links, opt-in e-mail, e-mail list rentals, e-mail newsletters, search engines, metatags, keywords, strategic linking, co-branded sponsorships, affiliate programs and webcasts, each of which is described below.

Banner Ads: The most common form of online advertising is the banner ad. Banner ads are the small rectangular boxes you see at the top of many Web pages. Banners (and buttons) come in many shapes and sizes, with the most common size being 468x60 (pixels high by pixels wide). Most banners have a specific call to action, such as "click here," because they are generally used as direct response tools. Banner response rates are measured in terms of clickthrough rate, which is a percentage of clicks to the total number of impressions served. Most sites offer the ability to "target" banner ads, either by section or by the profile of the user. In addition, banners can be targeted by geography, time of day, and more.

Rich Media: New forms of banner ads are emerging called "rich media" ads. These may include sound, video, animation, and interactivity. Because rich media is new and technologically complex, many sites are currently unable to accept rich media banner ads. An example of a rich media ad would be one where the user shoots a round of golf on the banner. This type of "interactive" advertising helps advertisers to attach an experience to the brand.

Pop-up Windows and Interstitials: Rich media can also go beyond banner ads -- through online media vehicles such as "interstitials" and "pop-up windows." An interstitial is an ad that loads between the time that a Web surfer moves from one page to the next. Many interstitials are similar to short TV commercials, including complex sound and animation. After the interstitial finishes playing, it usually includes a few different interactive options for the user to click. Pop-up windows, or "daughter windows" may be static or include animation. These windows are usually based on java programming, which causes them to "pop-up" when the Web surfer hits a certain page of the site.

Text Links: Text links are another alternative to banner ads. Also called "hot links", they blend in with the content of the site. Some advertisers separate the site content from the text advertisement by highlighting text links with words like "Advertised Sponsor." Text links work well for news-oriented Web surfers who prefer text to graphics.

E-mail lists: E-mail marketing is currently a hot topic in the advertising world -- with good reason. It is direct, personal, one-to-one, and can be extremely targeted. It is not uncommon to receive a 15% response rate on a targeted e-mail campaign. Another advantage to e-mail is that it can be forwarded to additional readers (please see endnote 3). Some critics have argued that uninvited e-mail is an intrusion and invasion of privacy.

E-mail newsletters: Another form of email advertising is e-mail newsletter sponsorships. These "push" e-mails are sent out on a regular basis, usually in conjunction with a particular site or magazine. For example, Red Herring offers their "Catch of the Day" e-mail alert, which brings breaking news and articles to top executives each morning. Email newsletter ads are usually short, three-to-five line text ads at the top of the newsletter with a hyperlink. Some e-mail newsletters are also available in HTML format, which allows for graphical, banner-type ads.

Search Engines: In addition to standard banners, there are two unique ways to advertise on search engine sites. First, they can target banners by "keyword." So, when someone searches for a particular keyword, the banner appears at the top of the results page. Keyword-targeted banners usually receive higher click rates than standard banner ads. The second way that an advertiser can use search engines to promote its site is to submit the domain name being sought by the Web user and that will be listed in the actual search results. Many marketers will craft their Web pages to deliver what the search engine spider is looking for. This process, called "Search Engine Optimization," includes putting keywords in the title, body, links, metatags, and so on. There are major differences in how each search engine ranks Web sites. Some of them use automated software called "robots" or "spiders" that "crawl" around the Web looking for new sites and indexing them. When you submit a new site to the search engine, you are telling the "spider" to crawl over to your site and assign you a particular relevancy score. Other search engines, such as Yahoo!, have actual humans review your site and assign a relevancy score or put your site in a certain category. With that in mind, the tricks that work to boost a site's rankings in one search engine may not work for another -- in fact they might hurt. So, many advertisers will build a number of different pages, each geared to push a particular search engine's buttons.

Linking: Often called "strategic linking," "link exchanging," "link swapping," or "reciprocal linking," this practice entails setting up a link from your site to someone else's on the premise that they will do the same for you. Link exchanges can be rewarding in a number of ways. In addition to driving traffic to your site, they can form the basis for an ongoing relationship. They can be the start of joint marketing agreements. Or they can bring members of a certain community together.

Co-branded sponsorships: Co-branded sponsorships merge two different brands on one Web site. For example, a Christmas site decorates Yahoo!’s home page during the holiday season or a computer company has a Dilbert computer store. In these instances, advertisers are leveraging well-known online brands to increase their own credibility.

Affiliate Programs: Affiliate programs work on a bounty (revenue-sharing) model. For example, one site will pay another a percentage of the revenue on products sold through a banner on the latter, host site. Amazon.com built their business on affiliate programs. They have amassed an online army of affiliates -- thousands of salespeople
-- all selling books through Amazon.com buttons on their sites. Affiliate programs are a low risk form of advertising, because the advertiser only pays if the product is sold.

Webcasts: A Webcast is a 60- to 90-minute interactive forum for reaching many people at one time. Usually the Webcast has an audio and/or video component while pushing a PowerPoint presentation to the audience. The Webcast may be live and offer the audience the ability to "chat" or call in questions. To date, Webcasts have been most effectively used for the launch of a new product or site, or for products that require a sales presentation.

Each of the foregoing Internet advertising tools has given rise to novel legal issues that test the applicability of conventional legal analyses to advertisements that appear on the Net.

For example, the U.S. Federal Trade Commission (FTC) has invited comment on whether advertising disclosures and disclaimers appearing on the Web must be "unavoidable" to satisfy the "clear and conspicuous" disclosure requirements promulgated under the FTC Act. Such a standard of "unavoidability," some have argued, would be counterproductive, as it would lead, inevitably, to unintelligible, cluttered Web pages on which advertisers would be compelled to "top load" government-mandated disclosures at the expense of the advertisers' core advertising claims. Moreover, given the facts that (a) "unavoidability" is unattainable in this era of increasing miniaturization (e.g., the "Palm Pilot"), and (b) Web navigational techniques, such as scrolling and linking, can provide ample access to any required information, the opponents of an "unavoidable disclosure" requirement contend that there can be little, if any, justification for such an exacting and uncommercial standard.

Additional unsettled issues reflect the difficulties inherent in pigeonholing the Internet into more conventional media categories so as to conform to preexisting legal requirements, for example, that certain communications be "written," in "writing" or in "print." These difficulties are likely to be compounded by the increasing expansion of bandwidth, which promises to blur distinctions between the Web and television -- and the regulations that are applicable to each.

One such unsettled issue is that which involves the "keying" of banner advertising. A recent development of note in this regard is the district court's decision in Playboy Enterprises, Inc. v. Netscape Communications Corp., SA CV 99-320 AHS (Eex) (C.D. Cal. Jun. 24, 1999), which treats the role of banner advertising, search engines and "key" search terms in addressing whether a key search term comprised of another party's trademark may properly be used to trigger the appearance of the advertiser's banner ad. The court in this instance answered "yes," holding that the defendants' practice of "keying" ads to the search terms "playboy" and "playmate" was permissible despite the trademark owner's protestation that this constituted an unauthorized use of its marks.

The defendants in the Playboy case, Netscape and Excite, operate Internet search engines and sell advertising space on their search result pages. Instead of posting ads in a random rotation, Netscape and Excite have programmed their servers to link a pre-selected set of banner ads to certain key search terms and market this targeted advertising ability as a value-added service. Playboy Enterprises, Inc. (PEI), owner of the registered trademarks "PLAYBOY" and "PLAYMATE," sued the defendant search engine operators, claiming infringement and dilution of its trademarks by reason of the defendants' (a) marketing and selling of the words "playboy" and "playmate" to advertisers, (b) programming banner ads to run in response to users' input of these words as search terms, and (c) displaying third parties' banner ads on the "playboy" and "playmate" search results page. As a result, PEI contended, Internet users were improperly diverted from its official and sponsored Web sites to other adult entertainment sites.

The court rejected this argument and denied PEI's request for an injunction barring defendants' keying of PEI's trademarks to third-party advertisers' banner ads. Central to this decision was the court's observance of the dual status of "playboy" and "playmate" as both proprietary trademarks and terms in common, non-trademark usage. Thus, finding that PEI could not demonstrate that the defendants were using these terms other than as "English words in their own right," the court held that PEI could not make the required showing that defendants used PEI's trademarks in commerce or otherwise infringed or diluted PEI's trademark rights.

The Playboy case cannot be viewed as the last word on the legal status of the practice of keying banner advertising, however, because, among other reasons, the Playboy decision: (a) was rendered by a district court and does not necessarily reflect the law of any U.S. federal circuit; (b) is not a final judgment, but rather, an interlocutory denial of a preliminary injunction; and (c) is narrowly tailored to its facts and, hence, of untested application to trademarks that are not comprised of words in common English usage. This last point stands to bear further treatment in an action currently pending before the U.S. District Court for the Southern District of New York, Estee Lauder Cos., Inc. v. The Fragrance Counter, Inc., No. 99 Civ. 0382 (RWS) (S.D.N.Y. filed Jan. 19, 1999), in which the trademark at issue is not a term in common parlance, but a proprietary and distinctive name.

Advances in computer technology have made possible the easy and inexpensive compiling and sharing of detailed information about the financial status, transactions, conduct, preferences and other characteristics of Internet users. The need to take precautions to protect against the misuse of personal information thus remains a major area of concern to advertisers and consumer advocates alike. Indeed, it is perhaps here, with respect to online privacy issues, that the transnational character of the Internet has had its greatest impact upon the U.S. legislative and regulatory environment, as government and industry continue to grapple not only with the demands of U.S. constituents, but with the exacting standards adopted by the Member States of the European Union. See Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the "Privacy "Directive"), available at http://europa.eu.int/eur-lex/en/lif/dat/1995/en_395L0046.html.

In effect since October 25, 1998, the EU’s comprehensive Privacy Directive restricts the permissible transfer of personal data from Member States to only such non-EU countries as provide an "adequate" level of privacy protection. To reduce the uncertainty that U.S. organizations will qualify under the Privacy Directive for the receipt of data from their EU counterparts, the U.S. Department of Commerce (DOC) has worked closely with the European Commission (EC) to develop "Safe Harbor Privacy Principles" (the "Principles"), compliance with which will enable the receipt from the EU of personal data based upon a presumption that the Privacy Directive’s "adequacy" requirement has been met. See 15 November 1999 DOC draft Safe Harbor Privacy Principles, available at www.ita.doc.gov/td/ecom/Principles1199.htm. See also Frequently Asked Questions, attached to letter of Ambassador David L. Aaron dated November 15, 1999 at www.ita.doc.gov/td/ecom/aaronmemo1199.htm. As a result of this safe-harbor proposal, the EU has adhered to a standstill on enforcement of the Privacy Directive, refraining from disrupting data flows to the U.S. so long as the U.S. is engaged in good faith negotiations to finalize and adopt the proposed Principles. While the DOC and European Commission (EC) have not yet entered into a final agreement upon the Safe Harbor Privacy Principles as of the date of this paper (the last draft of the Principles having been submitted on November 19, 1999), an informal framework has been developed with respect to the basic privacy safeguards that U.S. organizations will need to adopt to qualify for receipt of intra-EU-originating data. These privacy protection requirements and other notable features of the draft Principles are as follows (please see endnote 4):

NOTICE: An organization must inform individuals about the purposes for which it collects and uses information about them, how to contact the organization with any inquiries or complaints, the types of third parties to which it discloses the information, and the choices and means the organization offers individuals for limiting its use and disclosure, where the organization is using or disclosing it for a purpose other than that for which it was originally collected or for a purpose which it was processed by the transferring organization. This notice must be provided in clear and conspicuous language when individuals are first asked to provide personal information to the organization or as soon as is practicable, but in any event before the organization uses or discloses such information for a purpose other than that specified above.

CHOICE: An organization must offer individuals the opportunity to choose (opt out) whether and how personal information they provide is used or disclosed to third parties, where such use or disclosure is incompatible with the purpose(s) for which it was originally collected, or subsequently authorized by the individual (please see endnote 5).

For sensitive information, (i.e. personal information specifying (please see endnote 6) medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual) they must be given affirmative or explicit (opt in) choice if the information is to be used for a purpose other than those for which it was originally collected or disclosed to any type of third party other than those already notified to the individual, or used or disclosed in a manner other than as subsequently authorized by the individual through the exercise of opt in choice. Individuals must be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice.

ONWARD TRANSFER: An organization may only disclose personal information to third parties consistent with the principles of notice and choice. Where an organization has not provided choice (because a use is not incompatible with a purpose for which the data was originally collected or which was subsequently authorized by the individual) and the organization wishes to transfer the data to a third party, it may do so if it first either ascertains that the third party subscribes to the [P]rinciples or is subject to the Directive or another adequacy finding or enters into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant [P]rinciples. If the organization complies with these requirements, it shall not be held responsible when a third party to which it transfers such information processes it in a way contrary to any restrictions or representations.

SECURITY: Organizations creating, maintaining, using or disseminating personal information must take reasonable precautions to protect it from loss, misuse and unauthorized access, disclosure, alteration and destruction.

DATA INTEGRITY: Consistent with the [P]rinciples, an organization may not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, an organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.

ACCESS: Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated.

ENFORCEMENT: Effective privacy protection must include mechanisms for assuring compliance with the principles, recourse for individuals to whom the data relate affected by non-compliance with the principles, and consequences for the organization when the principles are not followed. At a minimum, such mechanisms must include (a) readily available and affordable independent recourse mechanisms by which each individual's complaints and disputes are investigated and resolved by reference to the principles and damages awarded where the applicable law or private sector initiatives so provide; (b) follow up procedures for verifying that the attestations and assertions businesses make about their privacy practices are true and that privacy practices have been implemented as presented; and (c) obligations to remedy problems arising out of failure to comply with the principles by organizations announcing their adherence to them and consequences for such organizations. Sanctions must be sufficiently rigorous to ensure compliance by organizations.

VOLUNTARY COMPLIANCE: Under the proposed safe harbor, organizations need only comply with the Principles if they wish to receive personal data from their counterparts within the EU. Such compliance may be attained by (a) joining a self-regulatory privacy program, such as the BBBonline seal program, (b) by developing and pronouncing one’s own privacy policy in conformity with the Principles, (c) by self-certifying to the Department of Commerce (or its nominee) that the organization is subject to statutory, regulatory, administrative or other legal regulation, or (d) by including terms requiring adherence with the Principles in contracts with parties transferring data from the EU in accordance with model contracts to be authorized by the EC and EU Member States. To assure compliance, an organization that professes voluntary adherence to the safe-harbor Principles but fails to do so would be subject to liability under Section 5 of the FTC Act (which prohibits unfair and deceptive acts and practices).

IDENTIFIABLE DATA AND INFORMATION ONLY: The Directive and Principles only regulate the flow of data and information respecting personally identified or identifiable persons and not data rendered anonymous in such a way that the person involved (the "data subject") is no longer identifiable.

NON-RETROACTIVE: Compliance with the Principles is not required with respect to personal information received before the recipient of such information has claimed the benefit of the safe harbor.

AUTOMATED DATA PROCESSING ONLY: Organizations need only apply the Principles to automated, not manual, data processing and filing systems to qualify under the safe harbor.

The U.S. business community, showing a strong preference for a sectoral approach that relies largely upon self-regulation, has thus far been able to stave off broadsweeping legislation of online privacy practices through the foregoing safe-harbor initiative, and by developing ambitious programs promoting effective private regulation, such as BBBOnline, TRUSTe, CPAWebtrust and other seal programs that certify Web site operators’ privacy practices. At the same time, industry and consumer groups have worked with Congress and the Federal Trade Commission (FTC) in an attempt to develop more finely-tailored, sector-specific privacy legislation. This multifaceted, government and industry approach can be seen, for example, in last year’s November 8, 1999 workshop on "online profiling" jointly held by the FTC and National Telecommunications and Information Administration (NTIA), a unit of the DOC (please see endnote 8).

These self-regulatory initiatives notwithstanding, Congress has recently passed at least two significant privacy-regulating statutes, principal among which, from the advertiser’s perspective, is the Children's Online Privacy Protection Act of 1998 (please see endnote 9). Also on the legislative horizon is the prospect of congressional regulation of the collection, use and disclosure of health and medical records, well recognized as an area that is ripe for legislative reform. The effect of these federal enactments, and the additional, State action that they may invite, could be a shift in the regulatory environment to one in which the carefully weighed, sector-by-sector regulation of online privacy may be eschewed for a more comprehensive approach.

The Children's Online Privacy Protection Act of 1998 (COPPA) (please see endnote 10) and the rules promulgated thereunder, bear brief examination with respect to the elements of data assemblage and use regulated thereby. The Act and its implementing rules, the latter of which were approved by the FTC October 20, 1999 (please see endnote 11), govern the online collection, use and disclosure of personal information from children under 13 and prescribe what a Web site operator must include in its privacy policy, when and how the operator must seek verifiable consent from a parent and what responsibilities the operator has to protect children's privacy and safety online. The Act regulates the collection and use of individually identifiable information about a child that is collected online, such as the child's full name, home address, email address, telephone number and such other information as would enable one to identify or contact the child. Also covered are types of information tied to individually identifiable information, such as, for example, hobbies, preferences, interests, and similar information collected through "cookies" (please see endnote 12) or other tracking mechanisms. While a comprehensive review of COPPA and its implementing rules is beyond the scope of this survey, the general purposes and requirements of COPPA may be summarized as follows:

Moreover, the FTC rules provide a "safe harbor" permitting industry groups and others to adopt self-regulatory programs and guidelines that will ensure participants’ compliance with the COPPA rules. Such programs must include independent monitoring and disciplinary procedures and be submitted for FTC approval. Once approved, participants’ compliance with the programs' voluntary guidelines will serve as a defense or "safe harbor" in any FTC enforcement action alleging a violation of the COPPA rules.

Congress's recent enactment of the Anticybersquatting Consumer Protection Act (please see endnote 13), and the Act's provision for in rem domain name jurisdiction, at best resolve but a small -- albeit significant -- portion of the jurisdictional issues that confront Internet advertising. Questions as to which countries, states or other sovereign entities have personal jurisdiction over Internet advertisers remain largely unsettled, as evidenced by the many inconsistent holdings rendered under U.S. and other national law.

A comprehensive review of jurisdictional principles and precedents is necessarily beyond the purview of this analysis. The factors looked to by the U.S. courts in assessing personal jurisdiction, however, may be summarized as follows:

Little controversy arises when the basis for assuming jurisdiction over the advertiser is the advertiser's physical presence or systematic activities in the forum (i.e., general jurisdiction). The gauntlet is thrown, however, once special jurisdiction is the asserted basis for jurisdiction. While the considerable U.S. precedent that has arisen in this area is far from a model of consistency, a general pattern of legal analysis has emerged. The cases decided to date may be placed along a continuum that ranges from mere, "passive" Internet presence to the "active" and intentional directing of advertising to, and solicitation and transaction of business in, the forum. As a general rule, in the U.S., the more "passive" and less interactive the advertiser's communications, the less likely it is to be subject to the jurisdiction of another State.

The resolution as to which of the several United States properly possesses jurisdiction over a U.S.-based advertiser speaks not at all, of course, to the issue as to whether the courts of other nations may assert jurisdiction over Internet advertisers who have no physical presence within their borders. It has been held, for example, that the English Courts have jurisdiction to try any dispute if the effects of the act alleged to cause injury have been suffered within the jurisdiction. In accordance with this principle, an action may be brought before an English court against the owner of a Web site even if the site is not hosted in England or Wales. Mecklermedia v. D.C. Congress [1997] 3 WLR 479 (asserting jurisdiction over German tradeshow organizer that posted German Web site under a German registered and hosted domain name using plaintiff's "Internet World" trademark). See also Playboy Enterprises, Inc. v, Chuckleberry Publishing, Inc., 939 F Supp. 1032 (S.D.N.Y. 1996).

For purposes of illustrating the potential hazards faced by Internet advertisers if divers national courts were to subscribe to the broad view of jurisdiction held in Mecklermedia, listed below are examples of advertising practices that are subject to disparate treatment under the laws of various national members of the European Union -- despite the European Council's and Parliament's attempts to harmonize the national laws of EU member states.

• Identification as Advertisement -- The requirement of identifying a piece as advertising may vary, depending, among other things, on the advertising medium (e.g., "print" or "broadcast")
• Product placement in programming -- as a species of potentially "hidden" advertising is also subject to varying national requirements and restrictions.
• Sponsorship -- of news and political programming may be prohibited
• Surveys and Market Research -- publication may be considered a form of prohibited hidden or comparative advertising
• Comparative Advertising -- while generally permissible by directive of the European Parliament and Council, comparative advertising may be restricted or prohibited, especially with respect to disparaging claims
• Children's Advertising -- may be prohibited or subject to special, national restrictions
• Couponing -- may be unlawful
• Prize Competitions & Sweepstakes -- may be prohibited or subject to national restrictions
• Promotional Gifts and Premiums -- may be prohibited or subject to national restrictions
• Package Offers - the bundling or tying of goods for sale at a special price may constitute an unlawful premium
• Price Advertising -- requirements of national "competition laws" (antitrust laws) may vary in prohibiting or restricting certain advertising, for example:
• Below-Cost Pricing -- advertising of products at prices below cost may be prohibited
• Price Advertising by Manufacturers -- may constitute unlawful retail price maintenance where the advertiser is not selling directly to end users
• Comparative Price Claims -- the general claim that the advertiser will "beat the price" of its competitors may be prohibited
• Price Information and VAT Disclosures -- may be required to be stated in local currency
• Sufficient Inventory to Meet Demand -- requirements may vary from jurisdiction to jurisdiction
• Going Out of Business and Clearance Sales -- may be regulated and require permits
• Omissions and Incomplete Statements -- national requirements may vary as to when, and how much, disclosure is required to render advertising claims truthful and nonmisleading
• Burden of Proof/Substantiation -- ad substantiation requirements and the burden of proof of establishing the truth or falsity of advertising claims may vary
• Establishment claims -- requirements vary with respect to required substantiation
• Environmental Claims -- requirements vary as to how environmentally benign or "friendly" advertised product or service must be to legitimize an environmental claim
• Health-related Claims -- may be prohibited with respect to certain classes of products (e.g., food and cosmetics)
• Charitable Advertising -- truthful claims that a percentage of the purchase price will be contributed to a charitable or humanitarian cause may be restricted or prohibited
• Product Liability -- different disclosures may be required respecting hazards associated with and proper use of the advertised products
• Standing -- jurisdictions vary as to the standing of consumers and other persons to bring suit
• Criminal Liability -- may attach to offending advertising claims, which may result in criminal prosecutions as well as civil actions brought by private parties
• Mandatory Language Requirements -- national laws may require advertising in the official national language (e.g., French)

Moreover, even where harmonization of EU members' advertising laws is complete, this fact need not spell uniformity, or even compatibility, with U.S. law. For example:

• Privacy -- greater restrictions on data collection and requirements of disclosure of personal files to the persons profiled in such files may be required than in the U.S.pursuant to the Directive of the European Parliament and of the Council dated July 24, 1995 (95/46/EC)
• Distance Contracts -- in member nations of the EU, advertisements that are coupled with offers for sale must conform to the requirements of the Directive of the European Parliament and of the Council of May 20,1997 on the protection of consumers in respect of distance contracts (97/7/EC) with respect to the following required disclosures:
• accepted methods of payment
• identification of the product
• identity of the seller
• period in which offer remains valid
• provision of a seven day grace period to renounce sale
• specification of quantity
• time for delivery
• total price

While online advertising remains largely subject to legal principles formulated well before the advent of the World Wide Web, the Internet offers unique, interactive means of exchanging information that require reexamination of the jurisdictionally-compartmentalized and media-bound approaches to regulation characteristic of conventional advertising law.

Paul D. Connuck is a partner in the Intellectual Property Department of Whitman Breed Abbott & Morgan, LLP. If you have any questions or concerns, please call Paul at 212-351-2511 or email him at pconnuck@wbam.com.

This paper was presented at the INTA/NAD False Advertising Forum on March 3, 2000. Daniel L. Jaffe, Executive Vice President of the Association of National Advertisers, and Michael Aaron of Online Marketing Manage, M2K contributed to this presentation.

1. Frank H. Easterbrook, Cyberspace and the Law of the Horse, 1996 U. Chi. Legal F. 297. See also Lawrence Lessig, The Law of the Horse: What Cyberlaw Might Teach, 113 Harv. L. Rev. 501 (1999).
2. This area has recently been the subject of considerable attention, leading to the enactment of the Deceptive Mail Prevention and Enforcement Act, Pub. L. No. 106-168 (Dec. 12,1999).
3. An "opt-in" list is one where the recipient has specifically requested to receive e-mail on a particular subject and can unsubscribe from the list at any time. Similar to direct mail, an opt-in e-mail list offers a number of selects for reaching very specific target markets. Some publications allow you to select by job title, industry, purchasing power, and company size.
4. Quoted from DOC November 15, 1999 draft, www.ita.doc.gov/td/ecom/ Principles1199.htm.
5. The DOC and EC are currently seeking to resolve their differences respecting additional language that would require disclosure of the fact that the proposed transfer of information is to a third party who is not in compliance with the Directive or Principles.
6. The EC and DOC are attempting to resolve whether the EC’s preferred term, "revealing," should be used in place of "specifying."
7. The FTC, which has assumed a prominent role in this arena, announced, effective December 16, 1999, the establishment of an Advisory Committee on Online Access and Security and invited nominations for committee members. In keeping with its 1998 report, Privacy Online: A Report to Congress (June 1998) -- in which the Commission advocated providing consumers with access to information collected about them and security for such information -- the declared purpose of the Advisory Committee is to "provide advice and recommendations to the Commission regarding options for the implementation by commercial Web sites of the access and security information practice principles and the costs and benefits of each option" in a written report to be submitted to the Commission by May 15, 2000. 64 Fed. Reg. No. 244 (Dec. 21, 1999) at 71457 et seq. See Advisory Committee Charter dated January 5, 2000 (available at www.ftc.gov). The Commission has also announced and conducted Internet "privacy sweeps," the next of which is to take place in March 2000. See FTC Release, "Agency to Review 1,200 Web Sites for Privacy Policy Disclosures" (www.ftc.gov/opa/1998/ 9802/webcom2.htm) (Feb. 26, 1998); see, generally, Self-Regulation and Privacy Online: A Report to Congress (July 1999); Individual Reference Services: A Federal Trade Commission Report to Congress (December 1997); FTC Staff Report: Anticipating the 21st Century: Consumer Protection Policy in the New High-Tech, Global Marketplace (May 1996); and FTC Staff Report: Public Workshop on Consumer Privacy on the Global Information Infrastructure (December 1996).
8. "Online profiling" is the practice of recording and compiling information about consumers' preferences and interests, primarily by tracking their online movements for the purposes of producing targeted advertising. Such "clickstream data" may be derived from virtually any interaction taking place on the World Wide Web, including sites visited, searches conducted, and goods and services purchased and/or viewed. Targeted advertising then takes into account the Internet user’s pattern of online behavior to present those goods and services the advertiser believes the user is most likely to buy. The compiled profile can then be matched up with the identity of specific users if personal information, such as the user’s name or address, has been provided to the advertiser or to affiliated Web sites or other sources. Online profiling can provide substantial benefits for both consumers and marketers. Profiling and personalized marketing allow an advertiser to reduce costs by sending information only to those individuals who are most likely to be interested in a specific product or service, based on their clickstream habits and patterns of Internet use. Correspondingly, consumers are better served by such profiling, being spared receipt of information that is of no interest to them. Concern has arisen, however, with respect to the ability of advertisers to infer intimate and personal details about Internet users, such as their medical conditions, political and religious beliefs, and sexual preferences, derived from such profiling of Internet use.
9. The other privacy bill, Title V of the Gramm-Leach-Bliley Act effecting banking, insurance and other financial services reform, was signed into law on November 12, 1999 as Pub. L. 106-102. Members of Congress have already voiced displeasure with the Act by introducing amending legislation.
10. Pub. L. 105-277, Title XIII (October 21, 1998), codified at 15 U.S.C. § 6501 et seq. (effective April 21, 2000).
11. 16 C.F.R. Part 312 (1999), reported in 64 Fed. Reg. No. 212 (Nov. 3, 1999) at 59888 et seq.
12. "Cookies" are text files placed on users' computers that enable online profiling by storing information about the host computer and its users’ online activities.
13. Intellectual Property and Communications Omnibus Reform Act of 1999 Part III, S. 1948, as enacted by H.R. 3194 and codified at 15 U.S.C. § 43(d).