More Trouble Ahead for Google Over “Incognito” Mode?

Written By: Pierce Stanley

Last month, U.S. District Court Judge Lucy Koh rejected Google’s bid to dismiss a class action lawsuit alleging Google surreptitiously tracks users of its popular Chrome browser while they browse in “incognito” mode.[1] The decision is a small victory for privacy activists and a setback for Google, because it effectively dispenses with the tech giant’s argument that users consented to its data collection because users were aware from the browsers’ “new tab” pages.[2]

The decision keeps alive a lawsuit, Brown v. Google, brought in June of 2020, when three browser users filed a complaint[3] alleging Google operates a “pervasive data tracking business,” asserting that Google’s tracking persists even when users take affirmative steps to protect private information, such as using “incognito” mode in Chrome.[4] The ruling comes as Google, Apple, and other companies continue to face heightened scrutiny from lawmakers over their data gathering policies.[5]

At the time, Reuters reported the lawsuit sought at least $5 billion in damages—alleging a putative class in the millions—and accusing Google of violating several federal wiretapping statutes and the California Invasion of Privacy Act (“CIPA”).[6] The lead plaintiffs ask that the class receive at least $5,000 in civil damages for multiple CIPA violations.[7]

In her order, Judge Koh said Google has not demonstrated that users agreed to being tracked while in private browsing mode, particularly since Google’s privacy policies never mention private browsing or explain that Google collects some browser analytics such as IP addresses and screen dimensions, and operates some third-party cookies required for websites’ functionality.[8]

According to Search Engine Journal, “The consumers who filed the case are taking issue with Google collecting data using other services while in ‘incognito’ mode.”[9] For example, when a user visits a website in “incognito” mode, their data can still be collected by Google Analytics, which relies heavily on the use of third-party tracking cookies.[10]

The class leaders say they were under the impression “incognito” mode offered all-encompassing privacy protection from data trackers across the internet.[11] However, “incognito” mode does not preclude websites that use Google Analytics for routine analytics from continuing to track users’ behavior.[12] Class members therefore assert they were misled by Google’s failure to disclose tracking of its users while in incognito mode. Since most websites today deploy Google Analytics in some form, the potential harm of data collected about unknowing users through Google’s incognito mode is vast.[13]

Google argues that “incognito” browsing does not save users’ histories or any cookies after the end of their “incognito” session. Indeed, Google’s lawyers famously wrote, “‘incognito’ does not mean ‘invisible.’”[14] The search giant contends most “incognito” users are aware of this distinction and know that their histories and cookies are cleared by default when a user closes their “incognito” browser, but websites and services most users interact with on the internet may still be able to track them.[15] Google seemingly anticipated this public relations risk and recently declared its intention to move away from relying on third-party cookies, even though such a move may negatively affect the company’s advertising business.[16]

It is unclear what the future of this lawsuit will bring. Successful class actions often lead to payouts of only a fraction of actual damage to consumers.[17] Regardless of where this lawsuit goes, one thing is clear: it puts Google’s practices under the microscope. At the very least, the public is now more aware of how Google’s “incognito” mode works. The suit forces Google (and others) to stop burying important information in terms of service, and it places users on notice of what data companies collect. That’s a good thing—for privacy’s sake.


[1] Dorothy Atkins, Koh Wont Toss Google Privacy Suit Over ‘Incognito Mode’, Law360 (Mar. 15, 2021, 7:24 PM), https://www.law360.com/articles/1364818 [https://perma.cc/MF47-XVHV].

[2] Ron Amadeo, Judge Rules $5 billion Google Chrome Incognito Mode Lawsuit Can Go Forward, Ars Technica (Mar. 15, 2021), https://arstechnica.com/gadgets/2021/03/judge-rules-5-billion-google-chrome-incognito-mode-lawsuit-can-go-forward/ [https://perma.cc/ANU8-J3L6].

[3]Complaint, Brown, et al. v. Google LLC, et al, (N.D. Cal. (2020) (No. 20-3664).

[4] Kim Lyons, Judge rules Google Has to Face Lawsuit that Claims it Tracks Users Even in Incognito Mode, The Verge (Mar. 13, 2021, 3:40 PM), https://www.theverge.com/2021/3/13/22329240/judge-rules-google-5-billion-lawsuit-tracking-chrome-incognito-privacy [https://perma.cc/GAP8-VPKA].

[5] Malathi Nayak & Joel Rosenblatt, Google Must Face Suit Over Snooping on ‘Incognito’ Browsing, Bloomberg News (Mar. 13, 2021 1:36 AM), https://www.bloomberg.com/news/articles/2021-03-13/google-must-face-suit-over-snooping-on-incognito-browsing [https://perma.cc/3MR3-TVP2].

[6] Jonathan Stempel, Google faces $5 billion Lawsuit in U.S. For Tracking ‘Private’ Internet Use, Reuters (Jun. 2, 2020 6:11 PM), https://www.reuters.com/article/us-alphabet-google-privacy-lawsuit/google-is-sued-in-u-s-for-tracking-users-private-internet-browsing-idUSKBN23933H [https://perma.cc/RR5F-T6C5].

[7] Atkins, supra note 1.

[8] Jon Fingas, Google Will Face Lawsuit over Incognito Mode Tracking (Updated), Engadget (Mar. 13, 2021), https://www.engadget.com/google-must-face-incognito-mode-lawsuit-212859134.html [https://perma.cc/JWH8-93S9].

[9] Matt Southern, Google to Face $5B Lawsuit over Tracking Users in Incognito Mode, Search Engine J. (Mar. 15, 2021), https://www.searchenginejournal.com/google-to-face-5b-lawsuit-over-tracking-users-in-incognito-mode/399113/ [https://perma.cc/6UJP-K285].

[10] Id.

[11] Atkins, supra note 1.

[12] Southern, supra note 8.

[13] Atkins, supra note 1.

[14] Kevin Shalvey, A Lawsuit That Accused Google of Collecting the Data of People Who Were Using Incognito Mode Can Continue, Said a Federal Judge, Bus. Insider (Mar. 14, 2021, 6:45 A.M.), https://www.businessinsider.com/google-lawsuit-incognito-mode-user-data-privacy-can-continue-judge [https://perma.cc/57QN-EZ5H].

[15] Ryan Whitwam, Google Fails to Win Dismissal of Incognito Mode Lawsuit, ExtremeTech (Mar. 15, 2021, 2:32 P.M.), https://www.extremetech.com/internet/320847-google-fails-to-win-dismissal-of-incognito-mode-lawsuit [https://perma.cc/NX9J-UXNQ].

[16] Lyons, supra note 3.

[17] Fingas, supra note 7.


Hey Alexa, Are You Listening?

Written By: Adena Chen

The first thing I say every morning is, “Alexa, what’s the weather like today?” Homes, today, are commonly equipped with voice assistant smart devices. Many buyers purchased these devices to make their lives easier with the myriad of tools that are provided. In early 2019, Amazon revealed that they had sold over 100 million devices with their notorious built-in voice assistance named “Alexa.”[1] This means that Alexa devices are listening to over 100 million voices in order to collect data and adapt to their unique users.

What Are Buyers Sacrificing in Exchange for All the Conveniences that Alexa Devices Provide?

“The fact is that your Echo, Dot, or Show, is always eavesdropping.”[2] This does not mean that the device is always recording.[3] Alexa waits for a wake word, which is usually “Alexa,” before the device begins recording.[4] Once Alexa hears the wake word, this activates the device to record the user’s command to be sent to Amazon’s cloud computers so that a correct response may be given.[5] However, the Alexa device is not perfect. Many users have reported Alexa responding without a wake word or responding when a word similar to the wake word was spoken.[6] The result of this flaw is the recording of conversations or parts of conversations without the user’s consent. In 2018, an Amazon Echo sent a recording of a couple’s private conversation to someone in their contacts without their knowledge.[7] Although the couple’s private conversation was not scandalous, they felt that this was an invasion of their privacy and immediately removed all Amazon devices from their home.[8]

Can Users Delete the Data Collected by Alexa Devices?

Users can now delete all of Alexa’s recordings with a simple voice command: “Alexa delete everything I said today.”[9] Amazon lets users delete their voice recordings, but the company keeps transcripts of the voice recordings; these transcripts are then stored on the company’s cloud servers where users cannot delete them.[10] Amazon has stated that they erase transcripts from Alexa’s main system and are working on removing it from other areas.[11]

Amazon is collecting user data through their Alexa devices and there is no way for the user to truly know that their voice recordings have been erased. The question that users are presented with today is whether they trust Amazon to hold that data when the users themselves don’t even fully know what their devices are recording. The legality of this issue is playing out in the courts where a class action suit has been filed against Amazon for the recording of all persons who lived in a home with an operating Alexa device, which they didn’t set up.[12] This is just one of many pending lawsuits questioning the legality of Amazon’s Alexa’s recording features.[13]


[1] Dieter Bohn, Amazon Says 100 Million Alexa Devices Have Been Sold—What’s Next?, Verge (Jan. 4, 2019, 4:00 P.M.), https://www.theverge.com/2019/1/4/18168565/amazon-alexa-devices-how-many-sold-number-100-million-dave-limp [https://perma.cc/WM98-APVF].

[2] Grant Clauser, Amazon’s Alexa Never Stops Listening to You. Should You Worry?, N.Y. Times Wirecutter (Aug. 8, 2019), https://www.nytimes.com/wirecutter/blog/amazons-alexa-never-stops-listening-to-you/ [https://perma.cc/9Y2U-9UB3].

[3] Id.

[4] Id.

[5] Id.

[6] Geoffrey A. Fowler, Alexa Has Been Eavesdropping on You This Whole Time, Wash. Post (Mar. 6, 2019, 6:00 A.M.), https://www.washingtonpost.com/technology/2019/05/06/alexa-has-been-eavesdropping-you-this-whole-time/ [https://perma.cc/6NVE-2HNN].

[7] Laurel Wamsley, Amazon Echo Recorded and Sent Couple’s Conversation—All Without Their Knowledge, National Public Radio (May 25, 2018, 3:16 P.M.), https://www.npr.org/sections/thetwo-way/2018/05/25/614470096/amazon-echo-recorded-and-sent-couples-conversation-all-without-their-knowledge [https://perma.cc/7SWH-4GM6].

[8] Id.

[9] Jacob Kastrenakes, Amazon Now Lets You Tell Alexa to Delete Your Voice Recordings, Verge (May 29, 2019, 9:11 A.M.), https://www.theverge.com/2019/5/29/18644027/amazon-alexa-delete-voice-recordings-command-privacy-hub [https://perma.cc/6YLJ-73F5].

[10] Alfred Ng, Amazon Alexa Transcripts Live On, Even After You Delete Voice Records, CNet (May 9, 2019, 7:40 A.M.), https://www.cnet.com/news/amazon-alexa-transcripts-live-on-even-after-you-delete-voice-records/ [https://perma.cc/5YPA-T7JT].

[11] Id.

[12] Jim Siams, Federal Lawsuit Charges Amazon’s Alexa Violates Children’s Privacy, Claims J. (June 17, 2019), https://www.claimsjournal.com/news/national/2019/06/17/291497.htm [https://perma.cc/6A8P-CGRR].

[13] Id.


Spinning Out – Peloton’s IP Battle Is an Uphill Climb

Written By: Natalie Purcell

Peloton has become a household name by providing home fitness services during the Covid-19 pandemic. While sheltering in place throughout the pandemic, people were panic buying toilet paper, meat, baking supplies, and a $2245 Peloton exercise bike.[1] With sales soaring, reportedly topping $1 billion in their second-quarter earnings, Peloton’s success has been both sweet and sour.[2] The increase in demand has resulted in production and delivery delays as well as an onslaught of lawsuits involving civil class actions, strict liability, trademark, and patent infringement claims.[3]

With Peloton being on the defense for much of the legal action brought against them in 2020, it recently switched gears, filing a petition with the United States Patent and Trademark Office’s (“PTO”) Trademark Trial and Appeal Board against rival fitness company Mad Dogg Athletics.[4] In an attempt to cancel Mad Dog’s “Spinning” trademark, Peloton is claiming the competitor is abusively enforcing the generic use of the mark.[5] The petition alleges that Mad Dog is improperly protecting the mark to insulate an unfair monopoly over a word that had become a common term for indoor cycling.[6]

Peloton’s appeal is a glimpse into what could turn out to be a high-profile showdown of the controversial intellectual property theory of “genericide.”[7]  Genericide is “the idea that a prominent brand name has become such a fixture in the market that consumers start to use it for any company’s goods or services.”[8] Proving that a brand has surrendered to genericide is an uphill climb and no easy feat.[9] Marks such as aspirin, elevator, and thermos slipped into the public domain decades ago.[10] However,  there are many words that are often used generically by consumers that have managed to hang on to their protected status including Kleenex, Band-Aid, and Xerox.[11]

Mad Dog Athletics has successfully held onto its marks for “Spin” and “Spinning” for its indoor stationary bikes and cycling classes since the 1990’s, but now faces the reality that what was unique twenty years ago may have fallen into the common vernacular.[12] Mad Dog Fitness has sent countless cease and desist letters to small and big players alike for the use of its marks, and Peloton has had enough.[13]

Clip in and stay tuned, Mad Dog Fitness may have ridden into a hornet’s nest with deep pockets and the stamina to outride the competition.


[1] Erin Griffith, People Are Panic-Buying Meat, Toilet Paper … and Pelotons?, N.Y. Times (May 6, 2020), https://www.nytimes.com/2020/05/06/technology/peloton-boom-workout-virus.html [https://perma.cc/W598-4C7D].

[2] Yun Li & Thomas Franck, S&P 500 Falls Slightly on Friday to End a Losing Week, CNBC (Feb. 19, 2021, 4:00 PM) https://www.cnbc.com/2021/02/04/peloton-pton-reports-q2-2021-earnings.html [https://perma.cc/2W5M-K7VJ].

[3] Gonzalo E. Mon, Peloton Faces Uphill Ride on “Ever-Growing” Claims, Kelley Drye (Nov. 19, 2020), https://www.adlawaccess.com/2020/11/articles/peloton-faces-uphill-ride-on-every-growing-claims/ [ https://perma.cc/73XL-FEBU]; Alex Baldwin, Peloton Launches Legal Battle over ‘Spinning’ Trademark, World Intell. Prop. Rev. (2021), https://www.worldipreview.com/news/peloton-launches-legal-battle-over-spinning-trademark-21054 [https://perma.cc/4TAP-K84T]; and Bill Donahue, Is ‘Spinning’ Generic? Peloton is Willing to Pay to Find Out, Law 360 (Feb. 17, 2021, 8:13 PM), https://www.law360.com/articles/1319959/nordictrack-maker-says-peloton-s-new-bike-infringes-ip [https://perma.cc/4MH8-A66W].

[4] Alex Baldwin, supra note 3.

[5] Id.

[6] Bill Donahue, supra note 3.

[7] Id.

[8] Id.

[9] Id.

[10] Id.

[11] Id.


[13] Id.



How Social Media Can Help Black Businesses Establish Secondary Meaning

Written By: Jordan Hameen

If a proposed trademark or service mark is not inherently distinctive, it may be registered on the Principal Register only upon proof of acquired distinctiveness or “secondary meaning,” that is, proof that it has become distinctive as applied to the applicant’s goods or services in commerce.[1] “The crux of the secondary meaning doctrine is that the mark comes to identify not only the goods but the source of those goods.”[2] Establishing secondary meaning requires that “the primary significance of the term in the minds of the consuming public is not the product but the producer.”[3]

The author is disgusted by the heightened level of connectivity produced by widely used social media platforms. The author sees this phenomenon as a disease plaguing the nation’s consumer privacy concerns, but this connectivity is also aiding brand recognition for black owned businesses. Between Facebook, Instagram, and YouTube, average individuals can connect with thousands of people in a uniquely intimate way in a matter of seconds. This enables growing brands to reach a large number of consumers in a short time. Thus, technology is changing the ability to establish acquired distinctiveness, and the accompanying legal test should be flexible enough to accommodate this progression.

Prior to social media platforms, scholars noticed that technology was changing the way companies achieved trademark recognition. According to trademark specialist Thomas McCarthy, “With the advent of massive advertising campaigns on television and the Internet, a new trademark may achieve wide usage and ‘secondary meaning’ within a matter of days or weeks, compared to the many years required in the days of more leisurely advertising.”[4]

In the past few months, the nation has placed a spotlight on the police brutality and systemic racism that has plagued the United States for decades. In light of the circumstances, numerous companies have pledged a heightened commitment to inclusion and equality.[5] Yet, “[i]n the days following the death of George Floyd, Brooklyn-based entrepreneur Aurora James was skeptical of the deluge of corporate support for the Black community.”[6] In a handwritten note posted to her personal Instagram page, James made a simple request of retailers: Commit to having 15% of suppliers be black-owned businesses.[7] Subsequently, several large companies, including Sephora, West Elm, and Rent the Runway, took on this challenge and committed to the 15% pledge.[8] Instagram pages and hashtags were created and dedicated to highlighting black-owned businesses.[9] Now, consumers can search #backownedbusinesses and find a rich bank of brands on the Instagram “explore” page very easily. Here, social media served as a valuable tool for generating trademark and trade dress recognition for numerous black-owned businesses.

Social media provides a much-needed space for businesses owned by marginalized communities to establish secondary meaning, and the USPTO should aid this process by providing a more standardized legal test. “Previously employed multi-factor tests used to determine secondary meaning did not consider social media as a contributor. . .Such tests, which are outdated and need to be reconsidered, favor larger entities with sufficient financial capital to invest in traditional advertising and publicity.”[10] These tests place small businesses trying to break into the market at a disadvantage and “fail[] to reflect the shift that social media has caused in terms of how brands market their goods and services to consumers.”[11]

Also, the most pressing question is how quickly can these emerging businesses “acquire distinctiveness?” “Under the traditional formulation for evaluating proof of secondary meaning, the answer may all too often be ‘not quickly enough.’”[12] If changes are not made, these companies may find themselves defenseless against infringement.

“Courts have been hesitant to consider an applicant’s website traffic metrics as evidence of secondary meaning. It is clear that, although metrics that record website traffic provide concrete information to applicants and domain name managers, the hard numbers are missing the link between consumers and the source that allows for a showing of secondary evidence — that is, the link that connects the product and its source in the minds of consumers.”[13]

Yet, “[c]lose examination of the underlying judicial rationale for that formulation [] demonstrates that while the courts have not quantified the tools, metrics, or methodologies by which to measure social media impact of brand building, there is ample basis for courts to revise the traditional formulation and make allowance for the digital, new media era.”[14] When “secondary meaning is defined solely by criteria requiring large budgets, such as substantial advertising expenditures, many years in the market, or ‘substantial’ sales, it is clear that start-ups . . . will almost inevitably fail to prove acquired distinctiveness.”[15] Therefore, these small businesses entering the field will be blocked out of establishing secondary meaning due to a lack of advertising resources. Creating change to systematic oppression is difficult, but we must analyze all practices put in place and determine what we must do as a nation to make real improvements beyond the creation of a hashtag.


[1] Yamaha Int’l Corp. v. Hoshino Gakki Co., 840 F.2d 1572, 1580, (Fed. Cir. 1988).

[2] TMEP (Oct. 108) §1212 Acquired Distinctiveness or Secondary Meaning, USPTO, https://tmep.uspto.gov/RDMS/TMEP/current#/current/TMEP-1200d1e10316.html [https://perma.cc/J7TM-JPHV].

[3] Id.

[4] Thomas McCarthy, § 15:56 Length of Use for Secondary Meaning in Speeded-up Economy, 2 McCarthy on Trademarks and Unfair Competition (5th ed.).

[5] Louise Connelly, This Instagram Post Could Unlock Hundreds of Millions of Dollars for Black-owned Businesses, CNBC (Aug. 9, 2020.10:00 AM), https://www.cnbc.com/2020/08/09/how-this-instagram-post-could-unlock-millions-for-black-owned-businesses.html [https://perma.cc/28M2-5ZJM].

[6] Id.

[7] Id.

[8] Id.

[9] Id.

[10]  Caroline Mrohs, How Many Likes Did It Get? Using Social Media Metrics to Establish Trademark Rights, 25 Cath. U.J.L. & Tech. 154, 155 (2016).

[11] Id.

[12] Ronald Coleman, Fashion Dos: Acknowledging Social Media Evidence as Relevant to Proving Secondary Meaning, 106 Trademark Rep. 776, 777 (2016).

[13] Mrohs, supra note 10, at 154, 173.

[14] Coleman, supra note 11, at 776, 777.



Quantity Over Quality? CCPA Expands Definition of Personal Biometric Information but Limits Civil Recovery in Many Instances

Written By: Julia Aguilar

On January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) took effect. Created as a resource to offer “consumers more control over the personal information collected about them,” the CCPA was partly introduced in an effort by the California legislature to compete with privacy protections offered in other states.[1] Prior to 2020, biometric data laws were limited to a handful of states including Arkansas, Illinois, Louisiana, Texas, and Washington, offering citizens privacy protection from businesses that had access to their data. Biometrics are “unique physical characteristics, such as fingerprints, that can be used for automated recognition.”[3]

The CCPA requires businesses to give consumers notice of the personal information they retain in their files, and the option to consent or request deletion of that information. Additionally, it includes unauthorized storage of browsing and search history in its list of actionable offenses.[5] When a consumer is harmed following a breach of their personal data, however, their remedies are often limited under the act, which begs the question, how much protection does the CCPA actually offer consumers?

For instance, the social-media giant Facebook settled a class-action lawsuit just last month for $650 million brought by Illinois residents under the Illinois Biometric Information Privacy Act (“BIPA”).[6] The complaint alleged that Facebook created and stored users’ face templates without prior notification and written consent following the law’s enactment in 2008, which allows for a private right of action.[7] California District Judge James Donato, who approved the settlement payout of $350 to each class member on January 14, 2021, stated, “[t]his is money that’s coming directly out of Facebook’s own pocket. . . . The violations here did not extract a penny from the pockets of the victims. But this is real money that Facebook is paying to compensate them for the tangible privacy harms that they suffered.”[8]

For a similar breach under the CCPA, however, the California Attorney General’s own webpage admits that “[y]ou cannot sue businesses for most CCPA violations.”[9] In fact, “[y]ou can only sue a business under the CCPA if there is a data breach, and even then, only under limited circumstances.”[10] You may be able to sue if your personal information was stolen as a result of a business’ data breach, following their negligence.[11] However, if you are able to sue for statutory damages, “if the business is able to cure the violation and gives you its written statement that it has done so” then your ability to sue is null unless the business continues its unlawful conduct.[12]

If damages serve the function of deterring unlawful behavior, then how effective can laws such as the CCPA be, when tech companies have more than enough money to throw away on costly litigation? Compared to the CCPA, the BIPA cracks the whip on companies, like Facebook, in a much more palpable manner. By granting injured litigants a direct path to these business’ wallets, such verdicts send a resounding message discouraging data collection in a privacy war that has only just begun.


[1] California Consumer Privacy Act (CCPA), State of Cal. Dep’t of Just. Off. of the Att’y Gen. (Feb. 13, 2021, 1:00PM), https://oag.ca.gov/privacy/ccpa [https://perma.cc/3DWC-655Z].

[2] Seyfarth Shaw, LLP, The Growing Number of Biometric Privacy Laws and the Post-COVID Consumer Class Action Risks for Businesses, Jdsupra (June 11, 2020), https://www.jdsupra.com/legalnews/the-growing-number-of-biometric-privacy-62648/ [https://perma.cc/9QQA-ULSQ].

[3] Biometrics, U.S. Dep’t of Homeland Sec. (July 13, 2020), https://www.dhs.gov/biometrics [https://perma.cc/W3DN-SUXH].

[4] Seyfarth Shaw, LLP, supra note 2.

[5] Id.

[6] Robert Channick, Nearly 1.6 Million Illinois Facebook Users to Get About $350 Each in Privacy Settlement, Chicago Tribune (Jan. 14, 2021, 8:04PM), https://www.chicagotribune.com/business/ct-biz-facebook-privacy-settlement-illinois-20210115-2gau5ijyjff4xd2wfiiow7yl4m-story.html [https://perma.cc/C9FN-U8YE].

[7] Meg Graham, Illinois Biometrics Lawsuits May Help Define Rules for Facebook, Google, Chicago Tribune (Jan. 17, 2017, 9:00AM), https://www.chicagotribune.com/business/blue-sky/ct-biometric-illinois-privacy-whats-next-bsi-20170113-story.html [https://perma.cc/27PN-Y5XU].

[8] Channick, supra note 5..

[9] California Consumer Privacy Act (CCPA), State of Cal. Dep’t of Just. Off. of the Att’y Gen. (Feb. 13, 2021, 1:00pm).

[10] Id.

[11] Id.

[12] Id.








Battle of the Masters: Rerecording Issues in Copyright

Written By: Laura Odujinrin[1]

Earlier this week, musician Taylor Swift released a rerecorded single from her 2008 sophomore album, Fearless.[2] The rerecorded song is part of a new album, aptly named, Fearless: Taylor’s Version, and it will be just one of many rerecorded albums that Swift plans to release, giving Swift a new set of master recordings that she will own the full copyright to and have control over.[3] This move raises a few legal questions. Why doesn’t Swift already own the copyright to the master recordings of songs she wrote and composed, and how is she able to rerecord and release nearly identical versions of old records without breaching copyright?

Music’s Two Copyrights

Songs have two copyrights: a “musical composition,” which includes the music composition and lyrics, and a “sound recording,” which is the recorded version of the song, also known as the master recording.[4] The two copyrights are often held by different entities. The musical composition copyright is held by the person(s) who primarily wrote the lyrics and music,[5] and the sound recording is often held by the record label.[6] As a result, the two copyrights function independently, and permission from both the owner of the musical composition copyright and the sound recording copyright is required to license a song.[7] In Swift’s case, as the primary writer of her songs, she owns the musical composition copyright, and her previous music label, Big Machine, owns the sound recording copyright.[8] This means that any third party seeking to license a song from one of Swift’s first six albums recorded while she was signed with Big Machine needs permission from both Swift and Big Machine to do so.

Rerecording Copyrighted Music

Recording contracts typically include rerecording clauses, which “almost always restrict artists from rerecording musical compositions embodied on the label’s recordings for a number of years after the expiration of the recording agreement.”[9] Often, “rerecording those songs is prohibited until ‘the later of two years following the expiration of the agreement or five years after the commercial release.’”[10] Once the rerecording clause has expired, the artist is free to record new covers of their original songs. These new songs, like their original counterparts, will have a musical composition copyright and a sound recording copyright. Swift, as the primary writer of her songs and owner of the musical composition copyright, can fairly easily begin rerecording all of her old albums and creating a second set of master recordings of which she will own the sound recording copyright.

The Battle of the Masters

What happens when there are two nearly identical master recordings? From a licensing standpoint, Swift would be able to refuse to grant the musical composition copyright unless the licensee uses her new master recordings. This would mean that any television show, commercial, or movie, for example, would only be able to license the second set of master recordings, making the first set significantly less valuable.[11] On streaming sites, both versions will be available, and “while Swift can’t do anything to take the original [master recordings] off the sales and streaming market, what she can do is push the original versions down in rankings and search results as the new versions are embraced by her fans.”

The Future of Music Copyright

Swift joins a small group of artists who have rerecorded their songs to take back control of their masters. After Prince and Def Leopard rerecorded some of their previous hits, the recording industry was quick to react, making rerecord clauses standard in recording contracts.[13] It is unclear how the music industry will react once all of Swift’s rerecorded albums are released, but with money, creativity, and ownership at stake, both artists and labels will fight to protect their rights to music copyright.


[1] Laura Odujinrin is a 2022 J.D. Candidate at the University of San Francisco School of Law.

[2] Chris Willman, Taylor Swift Sets ‘Fearless: Taylor’s Version’ as First in Her Series of Full-Album Do-Overs, Variety (Feb. 11, 2021), https://variety.com/2021/music/news/taylor-swift-fearless-love-story-re-record-big-machine-albums-good-morning-america-1234905692/ [https://perma.cc/78SD-Q4U8].

[3] Id.

[4] U.S. Copy. Off., Copyright Registration of Musical Compositions and Sound Recordings 1, Circ. 56A (2020), https://www.copyright.gov/circs/circ56a.pdf [https://perma.cc/RB4M-ADQY].


[6] Frank Pallotta, Why Taylor Swift is Rerecording Her Songs, CNN (Feb. 11, 2021), https://www.cnn.com/2021/02/11/media/taylor-swift-fearless-rerecord/index.html [https://perma.cc/9FB5-QGX5].

[7] Travis M. Andrews, Can Taylor Swift Really Rerecord Her Entire Music Catalogue?, The Washington Post (Aug. 22, 2019), https://www.washingtonpost.com/arts-entertainment/2019/08/22/can-taylor-swift-really-rerecord-her-entire-music-catalogue/ [https://perma.cc/XYK9-F2GG].

[8] Willman, supra note 2.

[9] Brittany Spanos, Can Taylor Swift Re-Record Her Old Albums? Should She?, Rolling Stone (Aug. 22, 2019), https://www.rollingstone.com/pro/news/can-taylor-swift-re-record-her-old-albums-should-she-875296/ [https://perma.cc/7RNS-CQEE].

[10] Id.

[11] Id; Andrews, supra note 7.

[12] Willman, supra note 2.

[13] Jen Aswad & Shirley Halperin, When Could Taylor Swift Re-Record Her Big Machine Songs? It’s Complicated, Variety (Aug. 21, 2019), https://variety.com/2019/music/news/taylor-swift-scooter-braun-re-record-big-machine-songs-explained-1203309904/ [https://perma.cc/XWL5-FXTG].




Patient Data Privacy Concerns During the COVID-19 Pandemic

Written By: Nancy Avila Villatoro

March 2020 marked a historical moment in the U.S. as the COVID-19 pandemic spread to cities across the country.[1] In an effort to control the spread of the virus, many cities issued stay-at-home orders.[2] In fear of the virus, people avoided leaving their homes, even to attend in-person doctor’s appointments.[3] Health care providers scrambled to adapt to the changing environment and use technology to deliver care to patients from a distance.[4] Regulatory oversight was relaxed to accommodate new norms such as telemedicine—appointments by phone or video call—to serve patients at home, supporting social distancing efforts while continuing to provide needed patient care.[5] Telemedicine services “grew by more than 1000% in March” of 2020.[6] Although this dramatic shift to providing remote patient engagement was necessary for patient care, concerns continue to rise regarding privacy and health data security.[7]

The U.S. has a long history of data privacy patchwork, especially as it involves identifiable health information.[8] In 1996, Congress passed the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) which protects patient health records when they are recorded or used by one of the covered entities as defined in the act. [9] The main purpose of HIPAA was to ensure that electronic health data was properly secured as a shift to electronic health records emerged.[10] Although updates have been made to HIPAA over the years, HIPAA exempts a growing industry of health management applications that collects personal health data from consumers.[11] Prior to the pandemic, there were talks already to revamp the HIPAA framework to align with a “new era of digital-first health care.”[12]

On January 28, 2021, congressional Democrats introduced a new bill that aims to protect individuals’ data rights amid the pandemic.[13] The Public Health Emergency Privacy Act (“PHEPA”) would ensure that “data collected is strictly limited for use in public health, mandate [meaningful data security and data integrity protections, and] that tech firms delete data collected once the public health emergency is over and explicitly prohibit the use of health data for discriminatory, unrelated or intrusive purposes.”[14] Senator Mark R. Warner emphasized the importance of PHEPA as “we move forward with vaccination efforts and companies begin experimenting with things like ‘immunity passports’ to gate access to facilities and services.”[15] Rashad Robinson, President of Color of Change, a progressive nonprofit civil rights advocacy organization, strongly supports PHEPA, “as it would prevent corporate profiteering and government misuse of health data to help ensure Black people . . . can operate online without fear.”[16] Robinson explained the need to close loopholes that allow profit-incentivized corporations to “gather and sell sensitive health and location data . . .  [providing] stringent and enforceable safeguards . . .  to protect private health information of Black people and other marginalized communities, who are most at risk of both COVID-19 and surveillance.”[17]

Although long-term health data privacy concerns may not be addressed through the passage of PHEPA, if passed, patients may be able to breathe a sigh of relief knowing that protections will be in place to protect their health information during the pandemic.


[1] Emily Shapiro, Jon Haworth & Karma Allen, Coronavirus Shuts down Major Cities, Trump Asks Americans to Avoid Groups over 10 People, ABC News (Mar. 16, 2020), https://abcnews.go.com/US/coronavirus-live-updates-establishments-country-begin-shutting/story?id=69615056 (last accessed Feb. 12, 2021).

[2] Jiachuan Wu, et al., Stay-at-home Orders Across the Country, NBC News (Mar. 25, 2020, updated April 29, 2020), https://www.nbcnews.com/health/health-news/here-are-stay-home-orders-across-country-n1168736 [https://perma.cc/E3D7-5C8U].

[3] Cara Murez, Health Care After COVID-19: the Rise of Telemedicine,” Medical Xpress (Jan. 5, 2021), https://medicalxpress.com/news/2021-01-health-covid-telemedicine.html [https://perma.cc/LC26-7P7R].

[4] Id.

[5] Id.

[6] Id.

[7] Anuja Vaidya, Democrats Propose Bill to Protect Privacy, Data Security amid Growing Use of Pandemic-Related Tech, MedCity News (Feb. 2, 2021), https://medcitynews.com/2021/02/democrats-propose-bill-to-protect-privacy-data-security-amid-growing-use-of-pandemic-related-tech/ [https://perma.cc/VU7T-KKUU]; see also Press Release, Mark R. Warner, Warner, Blumental, Eshoo, Schakowsky & DelBene Introduce the Public Health Emergency Privacy Act (Jan. 28, 2021), https://www.warner.senate.gov/public/index.cfm/pressreleases?ID=52781B0E-D736-4F1F-A144-9D1CB67F4B1B [https://perma.cc/A59S-QQ6G].

[8] See Murez, supra note 3.

[9] Lisa Bari & Daniel P. O’Neill, Rethinking Patient Data Privacy in the Era of Digital Health, Health Affairs (Dec. 12, 2019), https://www.healthaffairs.org/do/10.1377/hblog20191210.216658/full/ [https://perma.cc/K7ZJ-NQLZ].

[10] Id.

[11] Id.

[12] Id.

[13] See Vaidya, supra note 7.

[14] Id.

[15] Press Release, Mark R. Warner, Warner, Blumental, Eshoo, Schakowsky & DelBene Introduce the Public Health Emergency Privacy Act (Jan. 28, 2021), https://www.warner.senate.gov/public/index.cfm/pressreleases?ID=52781B0E-D736-4F1F-A144-9D1CB67F4B1B [https://perma.cc/A59S-QQ6G].

[16] Id.

[17] Id.


Is Google’s Software Development Common Practice for Technical Progress or Plagiarism?

Written By: Allen L. Williams II

A decade long feud over copyright infringement between Oracle and Google has brought focus to the issue of copyright protections for the code used to create software interfaces and their structures . Oracle sued Google for $8 billion dollars, accusing Google of “an egregious act of plagiarism,” taking the case all the way to the Supreme Court. [1] As an issue of first impression, the Supreme Court will decide whether copyright protection extends to the code and structure for a type of software interface, application programming interfaces (“APIs”), and whether petitioners’ actions constitute “fair use” of Oracle’s API in the context of creating a new computer program. [2] While Oracle alleges that Google copied more than 11,000 lines of Oracle’s Java code, as well as the organizational structure of the API, Google contends that the portions it used are fair use, in conjunction with the lower court’s findings. [3]

This case has brought focus to the fact that software interfaces and copyrights not only affect large technology companies like Google and Oracle, but also broadly affect individual and independent entities like the concerns of songwriters, authors, photographers, and filmmakers.[4] Copywriting code used to develop software interfaces is essential to individual, independent, and smaller businesses because it protects individual ideas from being stolen by larger companies . While on a larger scale, copyright protections can stop these larger companies from being able to use their power, money, and influence to take part of someone else’s idea in the process of creating their own ideas, there are consumers, developers, and businesspeople who need open-source software interfaces to remain unmonopolized.

Partisanship in the United States has come into full effect as the Trump Administration has supported Oracle in this case by filing an amicus brief to the Supreme Court. The Department of Justice is urging the Supreme Court to rule in favor of Oracle, alleging Google has violated copyright law and that Oracle holds a valid copyright. [5] With congressional Republican support on its side, Oracle has great backing in this case from the executive and legislative branches, which seems to give Oracle the upper hand. Where should the line be drawn between the restrictions on the use of one’s copywritten ideas and the market’s needs to progress API technology to keep up with the growing digital age?

Google spokesperson Joe Castaneda contends, “A remarkable range of consumers, developers, computer scientists, and businesses agree that open software interfaces promote innovation and that no single company should be able to monopolize creativity by blocking software tools from working together.” [6] If Oracle wins this case, this could potentially transform software interfaces and restrict technology from advancement. This case is crucial for software engineers because most modern software development best practices are built around the reimplementation of APIs. [7] A decision in favor of Oracle could place current API creators at the top of the technological food chain in terms of software development and force all others who wish to engineer new and improved software to acquire Java licensing from any of them that have valid copyrights. With most companies likely unwilling to acquire API licensing, companies may change their API’s to simply not include other companies’ codes, in accordance with copyright law, which will cause a surplus of compatibility and cross compatibility issues that the average consumer would be forced to deal with. [8] Overall, upon the decision of this case, software engineering, coding development, and software interfaces will be forever affected. Only time and strong advocacy from both sides will tell where the line will be drawn. Until a decision has been reached on the case at bar, the battle to protect copyright in software engineering and arguments for open software interfaces remain in a cloudy mist of uncertainty.

[1] Google, Oracle Meet in Copyright Clash at Supreme Court, INDEPENDENT (Oct. 7, 2020, 5:10 PM),
https://www.independent.co.uk/news/google-oracle-meet-in-copyright-clash-at-supreme-court-oracle-speech-billions-supreme-court-practice-b852199.html [https://perma.cc/DRS9-CYA9]

[2] Google LLC v. Oracle America Inc., SCOTUSBLOG (Oct.7, 2020, 10:00am),
https://www.scotusblog.com/case-files/cases/google-llc-v-oracle-america-inc/ [https://perma.cc/L93E-V267]

[3] Sandra Aistars, High Court Oracle-Google Copyright War May Benefit Artists, LAW360 (Oct. 8, 2020, 4:38 PM),
https://www.law360.com/articles/1318139/high-court-oracle-google-copyright-war-may-benefit-artists [https://perma.cc/XL6U-UTVB]

[4] Id.

[5] Emily Birnbaum, Trump Administration Backs Oracle in Supreme Court Battle Against Google, THE HILL, (Feb. 19, 2020, 6:27 PM),
https://thehill.com/policy/technology/483750-trump-administration-backs-oracle-in-supreme-court-battle-against-google [https://perma.cc/HKS2-ZGTC]

[6] Id.

[7] Hanna Valtonen, How Oracle v. Google Could Upend Software Development, INFOWORLD (Oct. 7, 2020, 3:00 AM),
https://www.infoworld.com/article/3575359/how-oracle-v-google-could-upend-software-development.html [https://perma.cc/3SQL-PEJJ]

[8] Id.



Can Artists Stop Politicians from Using Their Music?

Written By: Amy Metzgar

Politicians use music as a soundtrack to their campaign rallies,[1] commercials,[2] and other election events.[3]  Generally, as long as the campaign has obtained a public performance license (or the venue they are using has a public performance license), the campaign is able to use the music.[4]  The problem arises when the artists do not support the politicians that are using the music and do not want their songs associated with certain political campaigns.

Besides simply asking politicians to stop playing the artist’s music, there are some legal remedies that an artist can use to challenge a politician and their campaign from using music that is properly licensed: the artist’s Right of Publicity, the Lanham Act, and False Endorsement.[5]  However, most artists who are signed with record labels do not own the copyright to their songs,[6] which makes it difficult for the artist to challenge the campaign’s use of their music.  When artists do not own the copyright to their music, they have to rely on the entity that owns the copyright to take any legal action.  So how do artists who do not own the copyright to their music stop politicians from using that music, especially when the campaigns have obtained the correct licenses?

While it is almost always an option for the owner of the copyright to file suit against the politician or the campaign, there is a much easier and more cost-effective method discussed in Danwill Schwender’s article The Copyright Conflict between Musicians and Political Campaigns Spins Around Again[7] where he concludes, “negative publicity may prove the most reliable deterrent” in artists stopping campaigns from using their music.[8]  Artists such as Adele, Neil Young, Bon Jovi, Elton John, and many more[9] have utilized the method of asking the campaign directly to stop using their music.  For some of the artists, this method worked, but for others, the campaign would simply prove that they had the proper license and continue to use the songs without the artist’s approval.[10]  This has worked for some artists because the fallout that can come from using music without the artist’s permission (even with the correct licensing) can have a negative impact on how people view the campaign.  Without legal recourse, asking the politician to stop using the music or sending a cease and desist letter is the only way that an artist has any chance of getting the politician to stop using their music.

In order to make it easier for artists to control when politicians use their music, the campaign should need to get explicit permission from the copyright owner, in addition to obtaining the proper license, in order to use music for campaign rallies, commercials, and other campaign related activities.  This would protect the rights of artists and keep them in control of how their music is used.  Until this happens, artists will have to rely on publicly asking politicians to stop using their music and hope that they listen.


[1] Ted Johnson, Adele Objects to Use of Her Music at Donald Trump, Other Campaign Rallies, Variety (Feb 1, 2016, 12:28 PM), http://variety.com/2016/music/news/donald-trumpadele-music-rallies-1201693891/ [https://perma.cc/V22L-BPMG].

[2] Daniel Kreps, Jackson Browne Settles With GOP Over “Running on Empty” Ad Use, Rolling Stone, (July 21, 2009 5:48 PM), https://www.rollingstone.com/music/music-news/jackson-browne-settles-with-gop-over-running-on-empty-ad-use-250454/ [https://perma.cc/P6T2-KYTV].

[3] Steve Knopper, Why Politicians Keep Using Songs Without Artists’ Permission, Rolling Stone, (July 9, 2015 7:13 PM), https://www.rollingstone.com/music/music-news/why-politicians-keep-using-songs-without-artists-permission-36386/ [https://perma.cc/LNN6-G8XR].

[4] ASCAP, Using Music In Political Campaigns: What You Should Know, https://www.ascap.com/~/media/files/pdf/advocacy-legislation/political_campaign.pdf [https://perma.cc/Z8JF-WZKV].

[5] Id.

[6] Helienne Lindvall, Why Artists Should Retain Ownership of Their Recordings, The Guardian, (Jan 29, 2009 12:17 PM), https://www.theguardian.com/music/musicblog/2009/jan/29/recording-copyright-ownership#:~:text=Traditionally%2C%20when%20an%20artist%20signs,have%20a%20right%20to%20royalties [https://perma.cc/LEJ2-RQ93].

[7] Danwill D. Schwender, The Copyright Conflict Between Musicians and Political Campaigns Spins Around Again, Jstor, (2007),https://www.jstor.org/stable/pdf/10.5406/americanmusic.35.4.0490.pdf?refreqid=excelsior%3Aa97a7447d5f5984e11545ec8c51ea878 [https://perma.cc/3C8W-7NEH].

[8] Id.

[9] Charles Stockdale & John Harrington, 35 Musicians Who Famously Told Politicians: Don’t Use My Song, USA Today, (Jul 16, 2018 3:10 PM), https://www.usatoday.com/story/life/music/2018/07/16/35-musicians-who-famously-told-politicians-dont-use-my-song/784121002/ [https://perma.cc/7BLP-6RBK].

[10] Id.


Section 230 and the First Amendment: Is speech freer with Section 230 or without it?

Written By: Anoli Motawala

Section 230, the Communications Decency Act, was introduced in 1996.[1] The act states that “no provider . . . of an interactive computer service . . . shall be treated as the publisher or speaker of any information provided by another,” thus granting “service providers” immunity from lawsuits stemming from the content posted on their sites.[2]

Each service provider was given the ability to customize the content they allowed on their sites so that they could distinguish themselves from other service providers, allowing them the flexibility to moderate as they saw fit without having any third party liability.[3] Section 230 makes it so that electronic content operators cannot be held liable for the posts, photos or videos that they allow or remove.[4]

On October 28, 2020, top executives from Facebook, Google, and Twitter were questioned about their content moderation methods.[5] Democrats contend that these sites do not do enough to take down harmful misinformation, especially as it relates to foreign interference in the 2020 presidential election.[6] Republicans contend that these social media companies deliberately censor conservative viewpoints.[7]

Lawmakers question the impartiality of these companies’ content moderation, and they are considering changes to Section 230 to address those perceived shortfalls.[8]

Repealing Section 230 would enable people to sue companies for the content allowed on their platforms, which, companies argue, would lead to costly litigation.[9] Facebook’s Mark Zuckerberg also argues that without the protections of Section 230, technology companies would not only be sued for content they did allow, but also for basic moderation of content they did not allow, leading to further costly litigation.[10] Twitter CEO Jack Dorsey argues that modifying Section 230 would lead to so much litigation that only the large, well-funded technology companies could afford to face, and would lead to less competition because smaller companies with fewer resources would not have enough money for the litigation that would likely follow.[11]

Experts say that the effects of repealing Section 230 would likely be similar to the effects of the passage of FOSTA-SESTA in the spring of 2018, which held platforms criminally and civilly liable for sexual service advertisements posted on their sites.[12] FOSTA-SESTA led Craigslist to preemptively shut down its personal ads section entirely because of the cost of litigation that would stem from the passage of the bill.[13]

Section 230 protects internet service providers and “domain name registries” as well.[14] Without section 230, the cost of litigation and cost of content moderation would make it so that smaller companies could not compete, leading to the centralization of content providers. As imperfect as Section 230 is, and as much power as companies have to moderate content, experts say that consumers would have even fewer choices of platforms without Section 230.[15]

It seems that, unless iron-clad protections can be put in place to protect smaller companies, Section 230 should be upheld because it ultimately leads to greater freedom of speech on the internet, whereas changing or repealing Section 230 would lead to fewer content providers, and in turn, fewer content moderators, which would further restrict the kinds of speech that can be shared.


[1] Roger Cochetti, What Were We Thinking in 1996 When We Approved Section 230?, The Hill (Oct. 20, 2020, 2:00 PM), https://thehill.com/opinion/technology/523523-what-were-we-thinking-in-1996-when-we-approved-section-230 [https://perma.cc/HWY5-QYYJ].

[2] Id.

[3] Id.

[4] Tony Romm, et al., Facebook, Google, Twitter CEOs Clash with Congress in Pre-Election Showdown, Washington Post (Oct. 28, 2020, 2:42 PM), https://www.washingtonpost.com/technology/2020/10/28/twitter-facebook-google-senate-hearing-live-updates/ [https://perma.cc/DM4A-762H].

[5] Id.

[6] Id.

[7] Id.

[8] Id.

[9] Kari Paul, Section 230: Tech CEOs to Defend Key Internet Law Before Congress, The Guardian (Oct. 27, 2020, 16:11 PM), https://www.theguardian.com/us-news/2020/oct/27/section-230-congress-hearing-facebook-twitter-google [https://perma.cc/BXT8-2HQ7].

[10] Id.

[11] Id.

[12] Id. (FOSTA-SESTA is short for the “Allow States and Victims to Fight Online Sex Trafficking Act” and “Stop Enabling Sex Traffickers Act.”)

[13] Id.

[14] Id.

[15] Id.