Law Office of Bridgett Brumbaugh

12/13/2025

Meta’s New AI/Privacy Policy is taking your information to train AI

Meta’s new privacy policy quietly rewrites the rules on how your data fuels artificial intelligence and in most of the U.S., you can’t meaningfully say no.

As a privacy attorney, these are the biggest problems, without the fear‑mongering or rumor mill.

1. AI training is now the default

You can limit some uses of your data, but in most of the U.S. you cannot fully opt out of AI training unless you live in a jurisdiction with strong privacy rights and enforcement.

Meta can use your posts, photos, captions, interactions, and cross‑device metadata to train its AI systems by default, often based on broad “legitimate interests” or similar theories rather than explicit consent.

Legally, this is a massive expansion of implied consent that most users will never notice. The practical effect is that the burden shifts from the company asking permission to the user trying to claw it back through obscure settings and request forms.

2. The policy is broad by design

The updated terms give Meta authority to use data in almost any way that benefits its machine‑learning models, across products and services.The scope reaches cross‑platform and cross‑device tracking, behavioral profiling, and social‑graph analysis across the entire Meta ecosystem, not just a single app.

When language is this open‑ended, it is less a narrow permission and more a standing license to reuse data for future AI features that have not even been built yet. That uncertainty is exactly what makes meaningful, informed consent so difficult.

3. “Controls” exist, but the power doesn’t

Meta highlights privacy and AI controls, but they are often hard to find, limited in effect, and not consistently available to all users or all data types.Some objections or opt‑out mechanisms are time‑limited, region‑specific, or require users to repeat the process when policies shift.

This is a familiar dark‑pattern: surface a settings menu that looks empowering, while the core data processing continues in the background. The legal risk is that “choice” becomes more cosmetic than substantive.

4. Message content is protected, metadata is not

Meta emphasizes that encrypted private message content is not used to train AI models, especially on services that support end‑to‑end encryption.

But the company still retains and analyzes metadata such as who you talk to, when, how often, from what device, and for how long.

From a privacy perspective, metadata can be just as revealing as content. AI systems can use it to map relationships, routines, and behavioral patterns with high precision, even if the text of the messages remains unread.

5. The U.S. has no federal privacy backstop

In Europe, data protection authorities have pushed back on Meta’s AI training plans, forcing changes, delays, and opt‑out mechanisms under GDPR.

U.S. users do not benefit from a comprehensive federal privacy law or a unified federal AI framework that sets similar boundaries.

That means companies like Meta effectively write their own rules, and users are bound to them by continuing to log in and use the services. The result is that U.S. privacy protections continue to lag behind global standards, and consumers have little leverage beyond individual settings and account deletion.

6. The long‑term risk: model “memory”

Even if you delete content later or change your settings, AI models may already have been trained on historical posts, photos, and interactions.

Once your image, writing style, or behavioral patterns are embedded in a model’s parameters, they cannot be cleanly disentangled on a per‑user basis with current mainstream techniques.

That creates a form of model “memory” that outlives your individual decisions. From a legal and technical standpoint, the gap between “we’ll stop collecting going forward” and “we can actually unwind past training” is much larger than most users realize.

7. A transparency gap by design

Most people will never read a multi‑layered AI and privacy policy, and even fewer will grasp its technical and legal implications.

Major changes to how personal data feeds AI systems are often surfaced through short notices, help‑center pages, or buried Account Center options rather than clear, unavoidable prompts.

A change of this magnitude should involve plain‑language disclosures, explicit consent, a genuine opt‑out, and region‑specific safeguards for U.S. users similar to what regulators demand abroad. Instead, critical choices are fragmented across menus and forms that require significant knowledge and effort to use.

Final takeaway

Meta’s AI policy is not just a privacy document; it is a case study in how far companies can push data use when the law lags behind the technology. In the absence of real federal privacy and AI legislation in the U.S., the burden stays on users, and most of the “controls” remain superficial

Until that changes, every login, post, and upload effectively extends the license to collect more, infer more, and train more, often with far less choice than the interface suggests.

Read more:

How to opt out of Meta's AI training MIT Technology Review https://www.technologyreview.com/2024/06/14/1093789/how-to-opt-out-of-meta-ai-training/

https://informationdemocracy.org/wp-content/uploads/2024/09/FID-Insight-Nr-1-Data-protection-authorities-and-AI.pdf

Meta faces call in EU not to use personal data for AI models | Reuters https://www.reuters.com/technology/meta-gets-11-eu-complaints-over-use-personal-data-train-ai-models-2024-06-06/

A Meta plan to use personal data to train its artificial intelligence (AI) models without seeking consent came under fire from advocacy group NOYB on Thursday, which called on privacy enforcers across Europe to stop such use.

10/31/2025

Online reviews can reveal more about the reviewer than the lawyer. Read more below👇

https://medium.com/lla-law-leadership-and-athletics/when-fake-and-misleading-reviews-target-lawyers-ba2c6df4aac5

10/28/2025

🎃 Trick or Treat... or Just Collecting Your Data? 👻

It’s Halloween season and while ghosts and ghouls make for fun scares, the real fright comes from what we can’t see: invisible data collection, surveillance tracking, and privacy breaches that happen quietly in the background of our digital lives.

The truth is, most of us give away personal information more freely than candy on Halloween night. But data is valuable. Once shared, it rarely finds its way back.

🕵️‍♀️ This season, protect your privacy from the digital tricksters:

Read before you click “Accept.” If a site wants your data, ask why.

Limit permissions on apps, browsers, and smart devices: your habits, voice, and location are powerful identifiers.

Secure your accounts with strong passwords, passkeys, and multi-factor authentication.

Be skeptical of “free.” If the product costs nothing, your data is the product.

In a world where “AI ghosts” can mimic voices and faces, the scariest thing isn’t what’s lurking outside, but what’s quietly collecting inside your phone.

10/11/2025

Texas just passed two major tech laws that every app developer and AI company should not about read more here: ️⬇️
https://medium.com/lla-law-leadership-and-athletics/two-new-texas-laws-every-tech-company-should-prepare-for-before-2026-625820182bff

09/01/2025

Ever wonder how much a prize win might be taxed for a fight match in Vegas? Read more here:

https://medium.com/lla-law-leadership-and-athletics/bjj-prize-money-in-las-vegas-what-it-might-look-like-for-u-s-international-athletes-9f191053866a

08/31/2025

The $22 billion secret destroying government from within
✅ 80 million workers affected
✅ Public sector = highest risk
✅ 62% of targets lose jobs
✅ 87% want new laws

Your tax dollars fund this crisis. Read more here: https://medium.com/lla-law-leadership-and-athletics/the-22-billion-secret-destroying-government-from-within-3e140b18cddf

08/24/2025

The Massachusetts Cannabis Control Commission is asking for public feedback on draft social consumption regulations, a major step toward legal cannabis cafés and event spaces.

This could reshape how communities interact with cannabis by balancing public safety, equity, and business innovation.

I break down the details, why it matters, and how you can get involved in my latest article on Medium:
👉 https://medium.com/lla-law-leadership-and-athletics/massachusetts-poised-to-pilot-cannabis-caf%C3%A9s-47f7146f45b0

08/18/2025

Why Some Cases Are Better for Small Claims

Ever wonder why an attorney might not take a case? It’s not always about case strength. A lot of times it’s about time vs. payout.

Attorney’s fees aren’t always recoverable.
Even if you win, the law may not let you get back what you spent on a lawyer. That can leave you paying more in fees than you recover.

Some cases take more time than they’re worth.
If a case is small but requires big hours, it’s not fair to you (or practical for the attorney) to spend more than the case is worth.

That’s where small claims court or going pro se (representing yourself) can be a great option. These courts are designed to be accessible: lower filing fees, simpler procedures, and quicker results.

So if a lawyer suggests you handle a matter in small claims, it’s not a brush-off. It’s often the most cost-effective and efficient way to get justice.

08/03/2025

Columbia Sportswear v. Columbia University: A Trademark Attorney’s Perspective

On July 23, 2025, Columbia Sportswear filed a lawsuit against Columbia University in the U.S. District Court for the District of Oregon, Case No. 3:25-cv-01299, alleging trademark infringement, breach of contract, unfair competition, false designation of origin, and breach of the implied covenant of good faith and fair dealing. The dispute centers on the university’s alleged violation of a June 13, 2023, coexistence agreement governing the use of the “Columbia” mark on apparel and accessories.

Case Background

Columbia Sportswear, a Portland, Oregon-based outdoor apparel company founded in 1938, owns federal trademark registrations for the “COLUMBIA” mark, covering apparel such as shirts and hats. The company distributes its products through over 800 retail locations, including 150 branded stores, its website, and third-party marketplaces. Columbia University, an Ivy League institution founded in 1754, uses the “Columbia” name on merchandise sold through its online bookstore to promote school pride.

To address potential consumer confusion, the parties entered a coexistence agreement on June 13, 2023. This agreement allowed Columbia University to use the “Columbia” mark on its merchandise, provided it included distinguishing indicia such as the university’s shield, crown, lion mascot, the word “university,” an academic department name, or the founding year (1754). These requirements aimed to differentiate the university’s products from Columbia Sportswear’s branded apparel.

Columbia Sportswear alleges that by September 2024, the university breached the agreement by selling apparel—such as T-shirts, hats, and sweatshirts—bearing only the word “Columbia” without the required indicia. The complaint, filed in Columbia Sportswear v. Columbia University, No. 3:25-cv-01299 (D. Or. July 23, 2025), further claims that many items feature a bright blue color “confusingly similar” to Columbia Sportswear’s branding and some include logos of competitors like Nike and Champion, potentially suggesting unauthorized affiliations. The company asserts that these actions cause “irreparable harm” to its brand’s goodwill and reputation.

Columbia Sportswear seeks injunctive relief to halt sales of non-compliant merchandise, recall products already sold, and donate remaining inventory to charity. The company also requests treble damages for willful infringement, citing economic and reputational harm.

Analysis

Trademark Infringement

The trademark infringement claim under the Lanham Act (15 U.S.C. § 1114) hinges on the likelihood of consumer confusion. Courts evaluate confusion using factors such as the strength of the plaintiff’s mark, similarity of the marks, similarity of the goods, and marketing channels (AMF Inc. v. Sleekcraft Boats, 599 F.2d 341 (9th Cir. 1979)). The “COLUMBIA” mark is strong due to Columbia Sportswear’s extensive use since 1938 and global market presence. The marks are identical, the goods (apparel) are closely related, and both parties sell online, increasing confusion risk. The university’s use of a similar bright blue color and competitor logos (e.g., Nike) may lead consumers to mistakenly assume affiliation, strengthening the infringement claim.

The coexistence agreement bolsters Columbia Sportswear’s case by establishing that the university acknowledged the potential for confusion and agreed to mitigating measures. The alleged absence of required indicia undermines these safeguards, supporting the claim of willful infringement.

Breach of Contract

The breach of contract claim centers on the June 2023 coexistence agreement. Columbia Sportswear alleges that the university’s failure to include required indicia constitutes a material breach. The complaint notes that the company attempted to resolve the issue in September 2024, but the university continued selling non-compliant merchandise. Courts will likely examine the agreement’s specificity, particularly the indicia requirements, and whether the breach was willful. The inclusion of competitor logos may also support a claim for breach of the implied covenant of good faith and fair dealing, as it suggests an intent to blur brand distinctions.

Unfair Competition and False Designation

The unfair competition and false designation of origin claims (15 U.S.C. § 1125(a)) overlap with infringement, focusing on the university’s alleged misrepresentation of its merchandise as affiliated with Columbia Sportswear. The bright blue color and competitor logos enhance these claims by suggesting a deliberate attempt to trade on the company’s goodwill.

Potential Defenses

Columbia University may argue that its 1754 founding predates Columbia Sportswear’s 1938 establishment, claiming priority. However, trademark priority is based on commercial use, and Columbia Sportswear’s federal registrations and extensive apparel sales likely prevail. The university could assert that its bookstore sales are a niche market, reducing confusion, but the online overlap with Columbia Sportswear’s retail weakens this defense. Challenging the agreement’s enforceability is another possibility, though the specific indicia requirements suggest a clear, binding contract.

Why the Lawsuit Was Filed

Columbia Sportswear’s filing in Columbia Sportswear v. Columbia University, No. 3:25-cv-01299, reflects several strategic objectives:

Brand Protection: The company’s 80-year investment in the “COLUMBIA” mark drives its need to prevent dilution. The university’s alleged use of a similar color and competitor logos risks confusing consumers and suggesting unauthorized affiliations, potentially harming Columbia Sportswear’s reputation and market position.

Enforcing the Coexistence Agreement: The 2023 agreement was a compromise to avoid litigation following the university’s attempt to register “Columbia” for apparel. The university’s alleged non-compliance, despite notice in September 2024, necessitated legal action to enforce the agreed-upon terms.

Mitigating Consumer Confusion: The identical marks, similar goods, and overlapping online sales channels heighten confusion risks. The presence of competitor logos on university merchandise could falsely imply partnerships, further damaging Columbia Sportswear’s goodwill.

Setting a Precedent: By seeking injunctive relief and treble damages, Columbia Sportswear aims to deter future violations by the university and other entities, reinforcing its commitment to protecting its intellectual property.

Preventing Similar Trademark Disputes

Trademark attorneys can advise clients to avoid disputes like Columbia Sportswear v. Columbia University, No. 3:25-cv-01299, through the following strategies:

Draft Robust Coexistence Agreements:

Specify permissible mark usage (e.g., fonts, colors, indicia) and include enforcement mechanisms like regular audits.

Incorporate dispute resolution clauses, such as mandatory mediation, to address breaches pre-litigation.

Implement Proactive Monitoring:

Use AI-powered tools to scan online marketplaces for infringing products, as Columbia Sportswear did in detecting non-compliant merchandise.

Require licensees or partners to adhere to trademark guidelines via contractual obligations, with periodic compliance reviews.

Develop Clear Branding Guidelines:

Provide detailed style guides to partners, specifying approved logos, colors, and designs. The university’s failure to include indicia suggests inadequate internal oversight.

Conduct training for merchandising teams to ensure compliance with coexistence agreements.

Pursue Early Dispute Resolution:

Document pre-litigation efforts, as Columbia Sportswear did in September 2024, to strengthen claims of willfulness if litigation is needed.

Use mediation or arbitration to resolve disputes efficiently, reducing costs.

Strengthen Trademark Protections:

Secure registrations across relevant classes and jurisdictions, as Columbia Sportswear did for apparel.

Consider registering distinctive elements like colors if integral to brand identity (Qualitex Co. v. Jacobson Products Co., 514 U.S. 159 (1995)).

Leverage Technology:

Deploy AI tools for real-time monitoring of trademark violations.

Explore blockchain-based authentication for branded merchandise to verify authenticity and reduce confusion.

Conclusion

The Columbia Sportswear v. Columbia University case, No. 3:25-cv-01299 (D. Or.), underscores the critical role of coexistence agreements in managing shared trademarks and the consequences of non-compliance. Columbia Sportswear’s lawsuit seeks to protect its brand from consumer confusion and enforce a carefully negotiated agreement, particularly given the university’s use of similar colors and competitor logos. For trademark attorneys, this case highlights the need for precise contract drafting, proactive monitoring, and early dispute resolution to prevent costly litigation.

07/30/2025

The AI Copyright Reckoning: Why Courts Won't Kill the Industry (But Change Is Coming)

The recent Fortune report on Anthropic's potentially "business-ending" copyright lawsuit highlights a fundamental tension in the AI industry that we've been avoiding for too long. While headlines scream about trillion-dollar damages, the reality is more nuanced and reveals why our entire approach to AI training data needs a reset.

The Piracy Problem Is Real

Let's be clear about what's happening here. Judge William Alsup made an important distinction: training AI on legally obtained books may qualify as fair use, but downloading millions of copyrighted works from shadow libraries like LibGen and PiLiMi is a different story entirely. Anthropic allegedly built a "central library" containing "all the books in the world" using pirated content, a practice that's become disturbingly commonplace across the industry.

The issue isn't just about one rogue download. These companies have systematically harvested copyrighted content at unprecedented scale, often from illegal sources, then claimed fair use after the fact. That's not how intellectual property law works.

Why Courts Won't Destroy AI Companies

Despite the scary headlines about potential trillion-dollar damages, several factors suggest courts won't deliver industry-killing verdicts:

The current administration is actively pushing to maintain U.S. leadership in AI. As legal expert Luke McDonagh noted, it's unlikely the Trump administration would allow a ruling that essentially destroys a major AI company. The geopolitical stakes are too high.

Courts generally avoid rulings that could lead to bankruptcy without strong legal justification. With Anthropic valued between $60-100 billion, even a multi-billion settlement wouldn't be existential.

Judges understand that overly punitive rulings could cripple an entire industry that's considered strategically important for national competitiveness.

The Fundamental Licensing Problem

Here's what the industry doesn't want to admit: even if every book was purchased legally rather than pirated, there's still no license to use that content indefinitely for commercial AI training. Buying a book,whether physical or digital, grants you specific usage rights, not unlimited reproduction and derivative work rights.

This applies to ChatGPT, Claude, and every other major LLM. The fair use defense only goes so far when you're talking about ingesting millions of copyrighted works to build commercial products worth billions.

What This Means for the Future

The Anthropic case is likely to result in a significant but manageable settlement. More importantly, it will establish clearer boundaries for future AI development.

Companies will need to:
- Develop legitimate licensing frameworks with publishers and authors
- Create transparent opt-out mechanisms for content creators
- Build training datasets through legal channels, even if it's more expensive
- Accept that "move fast and break things" doesn't work when you're breaking copyright law

Rather than fighting this inevitable reckoning, the AI industry should embrace it. Proper licensing deals with content creators could actually benefit everyone. Authors get compensated, AI companies get legal certainty, and we build a more sustainable foundation for the technology.

The current model of "train first, ask permission later" was always unsustainable. The Anthropic lawsuit is just the beginning of a long-overdue conversation about how we balance innovation with intellectual property rights.