November 30, 2005
New Metatag/SEO Lawsuit--Salu, Inc. v. Pitts
By Eric Goldman
Salu, Inc. v. Pitts (E.D. Ca. complaint filed Nov. 17, 2005).
Salu operates skinstore.com, a website that sells skin care products. (With that name, I was totally expecting to find a porn site, but the website is office-safe). Pitts operates a competitive website newskinspa.com (also office-safe). Her co-defendant, Hogsett, is a search engine optimizer.
The complaint alleges (para. 15):
"the www.newskinspa.com website had copied the code and content of the Skinstore.com website. From this review Salu employees were able to determine that the defendants had copied the content of Salu’s website and then made superficial cosmetic changes so the website would not at first appear to be a copy. Salu employees determined, however, that the name “skinstore.com” repeatedly appeared within the code for the www.skinspa.com website, proving that the site had originally been created as a copy of the Skinstore.com website."
The complaint then alleges that newskinspa.com "took over" skinstore.com's high search engine placement because of this copying. The complaint specifically gives the example of search placement for the keyword "hylexin" (a third party trademark apparently owned by none of the litigants).
The complaint starts out with a run-of-the-mill trademark infringement claim because the trademark "skinstore.com" appeared in newskinspa.com's metatags. From my perspective, this claim looks fatally defective because the plaintiff never alleged that newskinspa.com was ever indexed on the term skinstore.com, so the factual allegations do not claim that any searcher on the keyword skinstore.com ever saw newskinspa.com listed in the search results. (Unlike the plaintiff's claims about the search term "hylexin"). Indeed, we know that Google's robot ignores text in the keyword metatags, so if skinstore.com appeared in newskinspa.com's keyword metatag, the robot would never make the match.
Then again, I don't like this claim because I don't link any of the keyword metatag cases. Unfortunately, there's plenty of caselaw treating the mere inclusion of a third party trademark in keyword metatags as per se trademark infringement, so this claim may have legal grounding.
The more interesting claim is a 43(a) false advertising claim based on copying the HTML code. With reference to the allegedly copied HTML code, skinstore.com claims (para. 37):
"The defendants’ copying of the code for the Skinstore.com website is a use in commerce of words, terms, names, symbols, and combinations thereof, in connection with goods or services, which, in commercial advertising or promotion, misrepresents the nature, characteristics, qualities, or geographic origin of Newskinspa’s goods, services, or commercial activities, within the meanin of 15 U.S.C. §1125(a)(1)(B)."
This struck me as a bizarre claim. How, exactly, does using someone else's HTML code misrepresent the "nature, characteristics, qualities, or geographic origin" of either newskinspa.com's website or goods sold via the website? The plaintiff did not allege a pagejacking, where a website copies HTML code such that the search result displayed to searchers looks like it's from another website. (I've argued elsewhere that a pagejacking could be false advertising). Nor did the plaintiff allege that (a) its trademark was ever visible to searchers (either on newskinspa.com's website or in the search results), or (b) any search result displayed to searchers contained any false content.
So who was confused about what? Perhaps the plaintiff is trying to claim that newskinspa.com was "deceiving" the search engines. Some commentators made arguments like this back in the late 1990s, but that argument never got much traction. I really don't know how one deceives an automated process--especially one built to resist SEO gaming.
Instead, I think the plaintiff's key assertion is that "defendants’ copying has caused Skinstore.com to drop off the search results list altogether and caused Newskinspa.com to take its place." Here's a news flash to the plaintiffs: WEBSITE RANKINGS CHANGE ALL THE TIME FOR LOTS OF REASONS--including changes in inbound links to the plaintiff or to the defendant, changes in third party anchor text, or changes in the search engine's algorithms. Also, when I hear a website get dropped from the index completely, I start to wonder if maybe someone pushed their SEO too hard and got caught for search engine spamming.
In any case, we all know that correlation doesn't equal causation, and I simply don't see how the plaintiff can connect the dots between the defendant's deployment of code on its website and the plaintiff getting kicked out of Google.
Consider what the plaintiff didn't claim: it didn't claim a copyright infringement of its HTML code (or its technique for optimization), it didn't allege a common law trademark in the HTML code (not that the claim would have been strong), and it didn't sue the search engines. Instead, the entire case rests on the premise that newskinspa.com can take over the ranking position of skinstore.com. Unless I'm missing something very big, this premise seemed pretty naive.
Cases like these usually fade into oblivion, often because the costs of litigation exceed the value. However, this case could easily fade away because skinstore.com either realizes that it was doing something that caused Google to kick it out, or skinstore.com magically reappears in Google's index during the litigation pendency.
One more thing. Skinstore.com repeatedly touts its good placement for hylexin. I'm not saying that skinstore.com infringed that trademark, but they are pretty boastful about how well they were indexed on a term they don't own, and I wonder how the trademark owner feels about that.
Hat tip: the Nutritional and Dietary Supplement Law Blog
November 29, 2005
Microsoft Will Be an Adware Vendor
By Eric Goldman
Microsoft is considering migrating some of its software titles to an ad-supported model instead of a consumer licensing fee model. This isn't exactly a new idea--this development has been anticipated for at least a decade. However, if Microsoft decides to scrap a licensing fee model (even for a limited number of software titles), this will be a Big Deal. Microsoft has made billions in licensing fees, and giving up upfront cash for the hope of ongoing ad revenues could radically shift their basic economic structure.
Ad-supported software makes a ton of sense to me. CNET reports that Microsoft makes only $2/copy from its Works product, and its Money software loses money. With the $2/copy revenue number, I'm convinced that Microsoft could do better--way better--with ads. Depending on CPCs, Microsoft could make that amount from as little as one click. Surely they can get several clicks during the years that a user uses that software install. Heck, I would gladly pay Microsoft $2/copy for the opportunity to plug Google AdSense into the software. If Microsoft cuts out an intermediary, the profits would be even greater.
From the consumer's perspective, I think ad-supported software is a good move. First, consumers won't have to pay upfront for software they may not even want. (Right now, consumers implicitly pay some license fees as part of the bundled price when they buy new computers). Second, the ads could have significant utility for consumers, especially if they are contextualized based on the consumer's behavior and data.
As for Microsoft, I think the move towards ad-supported software reinforces that Microsoft is a media company, not a technology company. Microsoft may currently sell functionality, but eventually it will be in the business of selling attention.
As that process matures, I expect to have a tough time recognizing the differences between adware and Microsoft ad-supported software. Many adware vendors already provide some software functionality as part of their adware bundle, and Microsoft will do the same. Therefore, the way I see it, Microsoft inevitably will become an adware vendor. Perhaps this confirms that adware is an essential part of our future information economy, current anti-adware sentiments notwithstanding.
November 28, 2005
Supreme Court Denies 1-800 Contacts Cert Petition
By Eric Goldman
Today the US Supreme Court denied 1-800 Contacts' petition for certiorari of the second circuit opinion in 1-800 Contacts v. WhenU. I'm not surprised by the denial, but the bigger question is--now what for 1-800 Contacts' campaign against WhenU? Will they drop the obsession? Or will they just move the battle front to Utah and Alaska and bring suit under those states' anti-adware laws?
November 25, 2005
Wheel PTO Examiner Profiled
By Eric Goldman
Washington Post runs an amusing but surprisingly insightful story about the PTO's chief examiner of wheel and axle patents, Russell Stormer. One would think that after 5,500 years, there would be few new inventions in the world of wheels. However, the article points out that the PTO received about 350 applications in these categories last year, and has approved 30,000 wheel patents in total since 1790. Stormer himself reviews 124 wheel-related patents a year and approves about 90 of them (around 75% approval). At 124 applications a year, Stormer averages about 15 hours of attention on each patent application.
November 22, 2005
DMCA Online Safe Harbor Empirical Study by Urban and Quilter
By Eric Goldman
Jennifer Urban of USC and Laura Quilter have released a working report entitled "Efficient Process or “Chilling Effects”? Takedown Notices Under Section 512 of the Digital Millennium Copyright Act." To my knowledge, this is the first empirical study of the notice-and-takedown provisions of 17 USC 512, and it's a fascinating read.
17 USC 512 represents a compromise between content publishers and Internet companies brokered in 1998 as part of the much larger DMCA. Specifically, 512(c) and (d) provide an extra-judicial procedure for copyright owners to combat online infringements. These sections give online service providers ("OSPs") a statutory safe harbor for copyright liability due to users' activities. However, copyright owners can send a notice (a "512(c)(3) notice") to OSPs that users are infringing. In response, OSPs must either take down the specified material or lose the safe harbor.
Theoretically, there are several checks on the OSPs' decisions to remove content improperly. First, the statute (17 USC 512(g)) contemplates that users can provide their OSPs with a "counter-notification" that the users' content isn't, in fact, infringing. However, the statute doesn't require OSPs to respond or react to these counter-notifications, and 512(g) exculpation of liability is usually irrelevant based on the risk allocation provisions in the OSPs' EULA.
Second, the statute creates a new cause of action (512(f)) for sending bogus 512(c)(3) notices. 512(f) has been litigated infrequently. A Ninth Circuit case (the Rossi case) appeared to substantially weaken the cause of action, but the Online Policy Group v. Diebold and Marvel v. NCsoft cases indicate that the cause of action may have some teeth. Nevertheless, because 512(f) appears to have been litigated fairly infrequently, 512(f) acts as weak counterpressure on sending 512(c)(3) notices.
Third, market forces should punish OSPs who too quickly side with copyright owners at the expense of the OSP's customers. It's possible these market forces exist, but I've never seen any evidence suggesting or supporting that users choose OSPs based on copyright infringement takedown policies.
As a result, there is some concern that the extra-judicial adjudication procedure contemplated by 512(c) and (d) are skewed too far in favor of copyright owners. The fear is that copyright owners can lob in 512(c)(3) notices without much fear of negative consequences, even if the legal basis for those notices is questionable. Meanwhile, OSPs, when they receive questionable 512(c)(3) notices, have every incentive to take down content as requested (to preserve the 512 safe harbor) and no incentive to push back or resist the notice.
Urban and Quilter examine these issues by looking at a database of actual 512 notices. The data comes from the chillingeffects.org website, which acts as a repository of such notices and provides recipients of the notices with some information about what the notices mean. Unfortunately, this dataset is extremely skewed because the principal contributor of 512 notices is Google. While the data skew limits the report's ability to reach strong conclusions, the empirical data is revealing nonetheless.
The report's principal findings:
* 30% of 512 notices asserted copyright infringement where the notice raised "significant questions related to the underlying copyright claim, including fair use defenses, other substantive defenses, very thin copyright, or non-copyrightable subject matter"
* Many notices sought recourse for activity where the OSP would be covered by the more robust 512(a) safe harbor
* 9% of the notices significantly failed to comply with the requirements of 512(c)(3). [Eric's comment: I'm very surprised this number is so low; my own anecdotal experience is that very few people send 512(c)(3)-compliant notices]
* 57% of notices sent to Google sought to kick competitors out of Google's index
* 37% of notices sent to Google targeted International sites
Because of the skewed dataset, it's hard to make absolute policy inferences based on these findings. However, the findings may illustrate the structural deficiency of 512(c)(3) (a point Urban and Quilter also made in their presentation on this topic at Santa Clara University School of Law in October): the notice-and-takedown process was built before the rise of P2P file sharing and assumes that copyright owners needed expeditious response from a centralized host operator. The data also suggests that putative plaintiffs use 512 notices (or 512-style notices) for legal gripes far beyond the scope of copyright law.
The harder question is whether 512(c)(3) notices are leading to socially undesirable consequences, such as the shutdown of critics/parodists/whistleblowers. Any notice-based liability scheme will lead to mistaken judgments or overreactions by those on notice, so we should expect some curtailing of socially-desirable content from 512(c)(3). However, these costs may be offset by the benefit of giving copyright owners a potential means to quickly squelch harmful copyright infringement.
This study empirically reinforces that a lot of junk 512(c)(3) are zinging around cyberspace. Unfortunately, to resolve the broader policy point, we don't know how OSPs are responding to these notices. Are OSPs ignoring them? Are OSPs pushing back? Do OSPs instantly fold like a house of cards? Are OSPs making lots of mistaken/erroneous judgments? Without the OSPs' response, it's hard to know exactly how much damage is caused by junk 512(c)(3) notices.
Nevertheless, this report provides a very useful starting point to examine these questions. More broadly, I hope it prompts us to carefully examine why copyright owners get special extra-judicial leverage to address copyright infringement while virtually all other plaintiffs have zero recourse against OSPs under 47 USC 230, irrespective of the notices sent.
UPDATE 2: Scrivener's Error critiques the report.
November 21, 2005
Texas AG Sues Sony Under State Anti-Spyware Law
By Eric Goldman
Texas v. Sony BMG Music Entertainment (Tx. Dist. Ct. complaint filed Nov. 21, 2005).
From a legal standpoint, today wasn't a good day for Sony. In addition to being sued by the EFF, Texas decided to join the fray. Texas has brought a lawsuit against Sony based on Texas' new Consumer Protection Against Computer Spyware Act.
Based on the specific requirements of that statute, the alleged violations involve Sony's file naming conventions, Sony's masking of file names and Sony's implied claims that its software needed to be installed to enjoy the music on the CD. The claims do not involve any of the software's phone-home capabilities (which is what I thought was Sony's biggest legal problem), nor do they directly involve the challenges of uninstalling the software or the software's ability to be used by bad actors for malicious purposes.
I was amused by the extensive self-promotion of Texas AG Greg Abbott in the news release. Abbott's name is referenced no less than 6 times on the page (among other self-aggrandizement). I don't think there can be a serious question that Texas' lawsuit represents the typical exercise of prosecutorial discretion for political benefit. Does Texas need to correct a failure of private enforcement against Sony? No. Is this a strong case to test a newly-enacted statute? No (at least, not in my opinion). So why is Texas rushing to join the party? My instincts tell me that Abbott wants to break Spitzer's current monopoly as the only state AG who gets press as being tough on spyware.
Even though the prosecutorial motivation is questionable, there's no question that Sony's strongest--and perhaps only--move is to settle up with Texas, and quickly. There is no upside to a long-term battle on this topic, so the quicker that Sony makes amends for its choices, the quicker it can refocus on its core business.
UPDATE: Unsurprising announcement--Spitzer wants to grab some of the spotlight for himself.
November 17, 2005
Reality TV Show Contracts
By Eric Goldman
I've blogged about the Apprentice TV show before. See, e.g., this post about product placement on the Apprentice. At ContractsProf blog, where I'm doing some occasional blogging, I critique the Apprentice's participant contract clause imposing a $5M penalty for breaching confidentiality.
November 14, 2005
Spyware Litigation Recap
By Eric Goldman
There's been an explosion of litigation involving spyware/adware--so much that I've not been able to blog it all on a timely basis. This post "catches up" some of the lawsuits from the last couple of months.
In re. Trudeau. On November 7, a Minnesota attorney was disciplined for using spyware in her personal dealings.
FTC v. Enternet Media, No. CV05-7777 (C.D. Cal. complaint filed Oct. 27, 2005). The FTC got a TRO against some adware/spyware distributors, their principals and an affiliate. The defendants allegedly bundled adware and spyware with various freeware. According to Para. 38 of the complaint, the defendants had a EULA but did not encourage or require users to read it before the download commenced. (As a backup, the FTC claims the EULA disclosures were too general to adequately disclose the bundled software's implications). FTC press release.
FTC v. Odysseus Marketing (D. N.H. complaint dated Sept. 21, 2005). Software vendor and its principal sued for alleged spyware/adware. Interestingly, the FTC implicitly acknowledges that the EULA formation process and disclosures were pretty good. The complaint is a little vague (and I didn't have time to trace through the exhibits), but it appears that the EULA explains most of the software's operation, and users had to check a box acknowledging that they had read the T&Cs before downloading (see complaint Para. 14-20). Nevertheless, the FTC initiated the bust based on (1) false representations about how the software would anonymize P2P file sharing, (2) inadequate disclosure of bundled software coming along for the ride (this claim seems difficult given the EULA disclosures), and (3) inability to remove the software. I'm not convinced that these defendants should be free from liability, but to me it looks like the FTC is stretching a bit here. FTC press release.
Michaeli v. eXact Advertising, No. 05 CV 8331 (SDNY complaint filed Sept. 27, 2005). The third lawsuit in a troika of class action lawsuits against adware vendors (the Sotelo and Simios cases are the other two). The plaintiffs allege trespass to chattels, deceptive consumer acts under NY law (NY Gen. Bus. Law 349), false advertising under NY law (NY Gen. Bus. Law 350), common law negligence and unjust enrichment. See my write-ups on Sotelo and Simios for critiques about these causes of action. Suzi's comments.
I hate to state the obvious, but I can pass along a friendly tip to current/prospective law students: spyware/adware litigation appears to be a growth industry!
November 12, 2005
Yahoo Wins Online Harassment Case Under 47 USC 230
By Eric Goldman
Barnes v. Yahoo, 2005 WL 3005602 (D. Or. Nov. 8, 2005)
Barnes claimed that her ex-boyfriend harassed her by creating Yahoo user profiles containing nude photos of her plus her contact info. Barnes also claimed that her ex impersonated her in chat rooms, chatting up men who then chased her down at work. Barnes complained to Yahoo about these profiles repeatedly with no results; only after the dispute was picked up by the press did Yahoo give her some attention, at which point she alleges that a Yahoo employee promised to fix the problem.
I assume that Barnes has plenty of recourse (both civilly and criminally) against her ex, but this lawsuit seeks to hold Yahoo responsible for providing tools to create and host the profiles. On its face, this lawsuit is squarely covered by 47 USC 230.
Recognizing this, Barnes analogizes this situation to the rescue cases--Yahoo didn't have any initial duty to intervene, but once they promised to intervene, they undertook an affirmative duty to do so non-negligently. This is a novel argument to avoid the fate of the many other failed attempts to plead-around 47 USC 230 based on employee promises to correct the problem. In prior cases, plaintiffs have used those promises to claim negligence, breach of contract and promissory estoppel--all to no avail.
Unfortunately for Barnes, her basic situation is just like Zeran's--someone posted bogus info on a website to harass a target and the service provider made unfulfilled promises to remediate the online postings. The plaintiff in Zeran lost on these facts, and Barnes can't distinguish this case from Zeran, so her plead-around doesn't advance the case one bit. Like so many other 230 cases, the lawsuit is dismissed on a 12(b)(6) motion to dismiss--no jury, no discovery, case over. The only thing surprising about this case (or its result) is that plaintiffs continue to bring these meritless cases that have no chance under 47 USC 230.
November 11, 2005
Yale "Regulating Search?" Symposium
By Eric Goldman
On December 3, Yale is sponsoring a symposium on regulating search engines. Although search engine issues have come up at plenty of other symposia, I think this is the first major law school symposium dedicated to the topic. Further, based on the panel issues and the speakers, this looks like a particularly interesting event.
I plan to talk about bias in search engine results, a topic on which I have (characteristically) contrarian views. I'll post about search engine bias soon. The early-bird deadline is November 15--it would be a delight to see you there.
November 10, 2005
Gonzales Seeks Harsher Criminal Copyright Infringement Standards
By Eric Goldman
CNET reports that Atty. Gen. Gonzales has proposed new amendments to criminal copyright infringement, including:
* criminalizing the "attempt" to infringe
* requiring criminal defendants to pay "other victims of the offense" in addition to the copyright owner
* giving the DOJ the right to enforce unregistered copyrights
(I haven't seen a copy of the proposal; please let me know if you've seen it). [see below for URL]
The stated rationales include easing prosecutors' burdens and, of course, the typical innuendo that copyright infringers are linked to and support terrorism. [see Brett Frischmann's gripe about the innuendo]
I continue to find these requests for tougher criminal copyright infringement laws bewildering from a policy standpoint. We have a high degree of confidence that increased criminalization will not affect behavior. Prosecutors already have ample discretion. The DOJ already is having plenty of "success" throwing warez traders and other non-commercial infringers in jail. Copyright owners like the RIAA have plenty of leverage in their civil lawsuits. So what's broken that needs to be fixed?
In partially-related news, last month the Sentencing Commission issued "emergency" guidelines to implement the ART Act prohibition on making a copyrighted work publicly accessible. (Declan's story). The emergency guidelines are pretty standard fare for the IP guidelines, but one provision isn't. The emergency guidelines say:
"(E) Indeterminate Number of Infringing Items.—In a case in which the court cannot determine the number of infringing items, the court need only make a reasonable estimate of the infringement amount using any relevant information, including financial records."
I'm not a criminal law expert, but this seems to completely ignore the Supreme Court's basis for attacking the sentencing guidelines in the Booker case. Here, the Sentencing Commission is telling judges to accept a sentencing-related fact without the government having proved the fact beyond a reasonable doubt. Accordingly, this guideline seems particularly questionable. It should also work to the disadvantage of warez traders, where evidence problems have helped keep sentences comparatively moderate. If estimates of infringement suffice, the potential quantum of infringements attributed to warez traders could skyrocket.
November 09, 2005
Google Launches Affiliate Programs
By Eric Goldman
Google has launched 2 new affiliate programs. The first pays $100 for referring a new AdSense publisher who generates $100 in AdSense earnings. The second pays $1 for each new FireFox install containing the Google Toolbar.
When I first heard the announcement, I thought it was a joke. Could Google really be this clueless? Let's consider the likely consequences of Google's affiliate programs:
1) A surge in junk content. Plenty of fraudsters have already found it profitable to create niche sites (splogs, sites that steal RSS feeds from legitimate sites and add no value to that content) that index well in Google, siphon traffic from other sites and then present AdSense listings for a cheap buck. Undoubtedly, an extra $100 bounty will spur the creation of even more of these no-value-added sites.
2) A surge in click fraud. The $100 bounty is effectively an offer to match, dollar for dollar, any click fraud at any newly created site. It's like a 2-for-1 special on click fraud. The sound you hear is a million mouse-savvy workers in India cheering.
3) Allegations that Google "supports/funds spyware." I'm sure Google money will trickle down to adware vendors. For example, some marketers will buy cheap ad space on adware to drive traffic to their site promoting the referrals. Animus from the anti-spyware crowd should ensue.
As I see it, Google's affiliate program is like throwing yet more chum into demonstrably shark-infested waters. There will be countless attempts to game these referral programs, and it will be impossible for Google to adequately police them. Accordingly, I suspect a huge chunk (50%+?) of Google's payments under the referral program will go to fraudsters or others who do not create true value for advertisers or searchers. Once Google realizes that it incited a fraudster frenzy, I predict this program will be short-lived.
One other thing that's bothering me. I haven't yet been able to figure out why the toolbar is so valuable to Google. Does it increase the number of Google searches conducted by each searcher? Does Google get valuable insights about searchers by having it on the desktop? Is the toolbar like the camel's nose in the tent--get it on the desktop and then the searcher will make other software installs? Does the toolbar increase brand loyalty and freeze out competitors? I'm not clear why Google values the toolbar so highly, but paying a buck an install sends a pretty strong message about its role in Google's future.
November 08, 2005
Keyword Lawsuit Between Office Depot and Staples
By Eric Goldman
The WSJ picked up this story a few weeks ago, but I finally got my hands on the court documents so that I could see what was actually being litigated. (I also have electronic copies of the motion for PI and the response; I can email those to you if you want).
The story appears to be a sad and unfortunately all-too-familiar tale of competitive zeal and overreaction. Office Depot owns a separate company, Viking Office Products, that principally caters to business customers. On September 12, Office Depot announced that it was going to eliminate the standalone Viking brand in the US and consolidate the brand (and some operations) on the Office Depot brand. Staples seized on this brand retirement announcement to try to convince Viking's customers to switch to Staples' competitive brand, Quill.
Staples bought the keyword "viking" at Google and made various announcements at its website about the brand retirement and the ability of Viking's customers to migrate to Quill. Office Depot characterizes these announcements as misrepresentations that were designed to confuse Viking's customers into thinking that Quill had acquired Viking. Staples characterizes these announcements as lawful comparative advertising/fair use statements, and Staples said it purchased the Viking keyword because it sells some Viking-branded products. On that front, I did a search today and found 1 product, a "Viking 16MB Flash 5.0V Disk."
Whatever the case, Office Depot isn't alleging infringement based solely on the keyword purchase alone; rather, it appears that the problem is the combination of the keyword purchase plus the various statements on Staples' website. Furthermore, this isn't the first lawsuit between competitors over a keyword purchase as some have suggested; I haven't found too many examples that have resulted in some type of reported opinion, but I have found a few.
In response to the lawsuit, Staples has gone on the offensive, claiming that Office Depot bought the keywords "staples" and "Staples TV ad." I thought the purchase of the keyword "staples" was laugh-out-loud funny--of course an office supply retailer will buy a keyword that's the noun for one of the office products they sell! But the purchase of the keyword "staples tv ad" is more damning (and also odd--I wonder how many people search for that?).
From my perspective, this dispute looks like an all-too-typical pissing contest that gives trademark law a bad name. Office Depot may have overreacted to Staples' efforts (although they claim that Staples ignored 2 C&Ds, so they may have sought a non-judicial resolution before suing). Office Depot also may have engaged in competitive keyword purchases that would undercut its moral authority to complain about Staples' keyword purchases. And even if Staples hewed the line in their characterizations of the Office Depot-Viking brand merger, they may have gone close to the line (if not over). In situations like this, there is only one logical outcome--settle, quickly, before the legal fees vastly exceed the value of any resolution.
UPDATE: If you haven't already seen it, I've written a much lengthier review of keyword legal issues here.
UPDATE 2: This case appears to have settled Nov. 17, 2005.
November 07, 2005
Amazon Pages and Google Library's Fair Use Defense
By Eric Goldman
I'm intrigued by Amazon's and Random House's introduction of a pay-per-book-page feature (Amazon is calling its feature "Amazon Pages"). From a legal standpoint, I wonder: will this announcement have any effect on Google's fair use arguments for its Google Library project? (My previous comments on Google Library, and Mark McKenna's).
A key fair use factor is the "effect of the use upon the potential market for or value of the copyrighted work." A pay-per-page market makes the unit of commercial value much smaller (down to a page instead of an entire book) and thus closer in size to the snippets displayed by Google. Google's snippets may not hurt the market for the book as a whole, and may help it. However, I could see an increasingly plausible argument that the snippets are a good substitute, and thus will hurt the market, for individual book pages--a commercial market that is no longer hypothetical but rather a market actively being exploited by some publishers.
If Google Library has a potential detrimental effect on the market for book pages, then Google's fair use defense has taken a major step backwards. Indeed, the timing makes me a little suspicious. Was this announcement made deliberately to undercut Google's legal position?
My suspicion is only partially allayed by the NYT report that Google is planning a similar pay-per-page program. I'm not sure what to make of this, except that I don't see how Google could launch a commercial program to sell access to individual pages (and generate revenue for Google accordingly) while simultaneously insisting that an opt-out approach is fair use. Those positions seem legally inconsistent to me.
Regardless of whether Google's legal position has been undermined, I think Google should abandon its standalone project and should merge it into the Open Content Alliance. Doing so would avoid any risk of wasteful duplication of scanning/indexing resources, and it would mean that the complete scanned book database will become more universally available. Google has really dug in its heels about Google Library for reasons not entirely clear to me, but the OCA offers a graceful way for it to accomplish its goals while avoiding unnecessarily messy and distracting legal disputes.
Is Sony's DRM Spyware?
By Eric Goldman
Sony's DRM software generated lots of discussion and new information since my last post on the subject. The discussion (especially the many great comments I got in response to my previous post) has prompted me to change some of my thoughts—in particular, my statement that the DRM software isn’t spyware.
1) Sony's technological implementation of DRM exhibited some ineptitude, but Sony is being held to a rigorous standard because of DRM
ZDNet called Sony’s DRM “ineptware”—-software that doesn’t have a malicious intent but nevertheless can have a pernicious effect. For example, the software may make a computer unstable or slow. And the unnecessarily intrusive use of a rootkit “smokescreen” allows bad actors to hide behind the smokescreen.
However, Sony (and its upstream vendor First4Internet) hardly has cornered the market on inept software designs that lead to undesirable outcomes. There's plenty of brain-dead software implementations out there. Why beat up on Sony?
I continue to believe that the underlying problem is DRM. Many technologists and consumer advocates harbor a deep animus towards DRM, so Sony's technology failings are being held to a heightened standard.
I understand why there's so much antipathy towards DRM, but I don't think we should overreact to Sony's failings. In particular, sloppy software design isn't "spyware" or "malware," or else those terms become far too overinclusive and thus meaningless.
2) Most of Sony's failures to disclose are probably legally inconsequential, but the implied affirmative representation that the software could be uninstalled may be problematic
In my previous post, I said that Sony's EULA adequately obtained consent to install its software. I still stand by that statement, for the most part, but the issue is more nuanced than my statement might indicate. Specifically, there are 2 separate disclosure issues-—Sony’s affirmative disclosures and Sony’s failure to disclose--and they should be addressed separately.
Except for the “phone-home” aspect (discussed below), I’m not particularly troubled by Sony’s failures to disclose the details of its software. In general, vendors aren’t obligated to make every affirmative disclosure that every consumers might find interesting. In this situation, I think many disclosures desired by the technologists aren’t legally compelled or expected. Sony and its vendor have made dozens or hundreds of design choices to implement the software. Consumers don’t need to know those choices, would not change their behavior if the choices were disclosed affirmatively, and would be overwhelmed by complete disclosure.
In contrast, I’ve become less comfortable with Sony’s disclosures regarding the difficulties uninstalling its software. The difference is that Sony made some affirmative statements that implied the software could be uninstalled. If Sony created the false impression that the software could be uninstalled when it couldn't (or could be uninstalled only by breaking the OS), then Sony may have created some problems for itself.
3) If Sony's DRM software reports information back to a central server, this looks like spyware and could be legally problematic
Of the various problems with Sony’s technological implementation, I am most troubled by the allegations that Sony's software "phones home"; i.e., reports some information about each user back to a central server, including the combination of an IP address and a record of each album the user plays.
In my previous post, I said that Sony’s software wasn’t spyware. However, if the software is reporting back information about each user’s behavior, and that reporting back feature wasn't disclosed, then I agree with Suzi that surreptitious and undisclosed monitoring and reporting back of user activity sounds like spyware.
Further, if the reports are true, the software’s behavior could be a prima facie violation of the Computer Fraud & Abuse Act (18 USC 1030(a)(2)), which applies to an actor who:
"intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains...information from any protected computer…"
Every computer connected to the Internet is a protected computer. The software allegedly obtains information (at minimum, the album being played). The phone-home “feature” may exceed the authorization given by the user; I don't think that mere consent to installing the software acts as consent to the reporting back of information. If the reports are true, I don’t envy the position of Sony’s defense counsel.
UPDATE: Declan reports that the class action lawyers are circling.
UPDATE 2: Several anti-spyware software vendors have classified Sony's software as spyware.
November 06, 2005
Rothman on Initial Interest Confusion
By Eric Goldman
Jennifer Rothman, a new full-time law professor at Washington University in St. Louis, has published Initial Interest Confusion: Standing at the Crossroads of Trademark Law, 27 Cardozo L. Rev. 105 (2005). She uses the initial interest confusion doctrine to muse about the loose policy rationales for expansive trademark law doctrines, but she gets right to her bottom line in her introduction:
"This Article provides a wake-up call to courts, Congress, the online
and offline business communities, and the public. Initial interest
confusion must be revisited and replaced."
(A familiar refrain for regular readers of this blog!)
UPDATE: For more of the same, see Glazer & Dhamija, Revisiting Initial Interest Confusion on the Internet, 95 Trademark Reporter 952 (2005). The authors say: "the reported decisions make clear that there is no need for an initial interest confusion 'doctrine' to address any harm that may result from the unauthorized use of another's mark on the Internet to capture consumer attention. Traditional remedies available in trademark law suffice."
November 03, 2005
Search Engine Indexing Case--Newborn v. Yahoo
By Eric Goldman
Newborn v. Yahoo, Inc., 2005 WL 2416336 (DDC Sept. 27, 2005)
We got a new case on search engine liability for indexing content. The importance of the topic makes the case blog-worthy, even though this particular case gives very little insight into the legal propriety of search engine indexing.
In this case, a web publisher sued Google and Yahoo for contributory copyright and contributory trademark infringement based (apparently) on their indexing the publisher's press releases. I say "apparently" because the plaintiff was unable to articulate a legal complaint or a statement of facts that the judge could understand. Because of the defects in the complaint, the judge granted a motion to dismiss with prejudice, ending the case before it started.
On the contributory copyright infringement claim, the court said that the complaint failed to allege sufficient facts that the defendants substantially participated in the infringements. The court then cited the legal rule from Perfect 10 v. Visa: "plaintiff must show 'a relationship between the ... services provided by [the] defendants and the alleged infringing activity as opposed to the mere operation of the website businesses."
This is an interesting citation because the Visa case dealt with a very attenuated service provider--the payment systems--who did not host or data-process any of the infringing content. I could see many courts avoiding the Visa case as precedent because its facts were so extreme. But if courts are willing to use it as precedent, the Visa/Newborn standard is very defense-favorable.
There are some other interesting and off-the-wall points to the case, but mostly their illustrate that poor advocacy leads to low judicial precision. If you're going to sue Google or Yahoo for indexing practices, get a top-notch lawyer. Meanwhile, the legal propriety (or lack thereof) of search indexing practices will have to wait to another day.
November 02, 2005
Adult Webmaster Criminally Prosecuted for User-Uploaded Photos
By Eric Goldman
Chris Wilson runs a website called NowThatsFuckedUp.com (first page is office-safe; I didn't look further!). The website describes itself as "an Amateur community for wife and girlfriend pictures," and the photos contain graphic depictions of people engaged in sex. All of the photos are uploaded by site users.
On October 7, Wilson was arrested by Florida state police and charged with 301 counts of obscenity (each of 100 photos have been charged with distribution, offering to distribute and conspiring to distribute; plus a bonus felony charge of wholesale distribution). My understanding is that the subject photos were all user-uploaded and that the charges are all based on state law (not federal law).
Let's assume the photos are truly obscene. This assumption may be questionable; the probable cause report indicates that they are extremely hard-core pornography but not out of the ordinary. But even if the photos are obscene, I simply can't understand this prosecution. If the photos are user-uploaded, then all state anti-obscenity laws trying to hold the webmaster liable for them should be preempted by 47 USC 230. It wouldn't matter if Wilson screened or edited the photos (as claimed by the probable cause report)--see, e.g., Ramey v. Darkside Productions, Schneider v. Amazon.com.
I recognize that 47 USC 230 hasn't been publicly tested in a criminal case, but the statute expressly does not preempt federal criminal law and expressly preempts all state laws. So this seems like an easy application of the statute, and I can't understand what the prosecutors are thinking.
However, there's a twist. The website also has allowed military personnel serving in Iraq and Afghanistan to upload photos of enemy corpses. (The idea was that military personnel couldn't easily use their credit cards from overseas. The webmaster was willing to waive the fees for active-duty personnel. The photos were a (perhaps twisted) way to prove that the users were actually serving on active duty.) There has been some speculation that Wilson has been singled out for prosecution because some in the military are unhappy about this aspect of his website.
If this is true, then the state prosecutors are engaged in a truly egregious abuse of their power--trying to censor socially-protected speech through an unrelated criminal prosecution. But even if this military angle isn't true, the prosecution is still an abuse of prosecutorial power--there is a federal safe harbor directly on point, and prosecuting the case despite that is irresponsible at best.
Some articles on this prosecution and the Iraq/Afghanistan photo angle:
Ynotmasters, October 27 (barely office-safe)
Orlando Weekly interview with Wilson's counsel, Lawrence Walters, October 13
AP Story, October 8
Reuters story, October 8
CNN story on soldiers trading photos for porn access, Sept. 28
AmericaBlog.com, Sept. 26 (reporting on the photos of dead Iragis/Afghanis)
East Bay Express story, Sept. 21
Wilson also has a defense site set up.
UPDATE: Wilson has pleaded no contest to 5 misdemeanor counts to resolve the matter. If those misdemeanor counts were based on user-uploaded content, then it's a shame he had to do even that.
Sony, DRM and Trespass to Chattels
By Eric Goldman
A minor storm is brewing over Sony's installation of DRM software on users' computers when they play Sony's CDs. Sony's software is installed as a "rootkit," a difficult-to-remove installation, and it supports Sony's DRM, which really irritates the anti-DRM crowd.
Let's be clear on 2 things:
1) Sony's software install is not "spyware." The installation process may use some techniques also used by "spyware"/adware vendors, but the DRM software doesn't engage in any of the pernicious activities normally associated with spyware or malware.
2) Sony's software was installed based on a EULA that contained disclosures about the software. Though we may doubt the efficacy of disclosures in the EULA (a point I'll discuss more below), this was not a surreptitious installation.
Accordingly, I'm a little perplexed about what Sony has done wrong from a legal perspective. (I have mixed views about the propriety of Sony's behavior from other perspectives). Sony has the right to protect its music via DRM. Doing so may require the installation of client-side software. Sony has disclosed the install in the EULA. It seems like everything is legally kosher.
(One possible angle I haven't seen addressed: when was the EULA presented, and what happened if a buyer balked at the EULA? In the context of a CD, it may be that the EULA wasn't presented until after purchase. If the EULA doesn't allow for a refund if the buyer doesn't agree with its terms, the EULA disclosure may be too late from a legal standpoint).
However, the Sotelo case doesn't offer us much insight here. First, the Sotelo decision was just a denial of a motion to dismiss, so its precedential value is low (especially if the court ultimately finds that there was no trespass to chattels). Second, a properly formed EULA consenting to the install would negate a trespass to chattels claim (and all of the various other related claims, like the Computer Fraud & Abuse Act).
In the end, the Sony blow-up simply might be a barometer of our fears about DRM, especially given how much some people hate DRM. But, personally, I think it's part of a larger phenomenon about the interplay between EULAs and control over a user's hard drive. In the end, even whrn a vendor discloses in a EULA that the vendor is going to install software on a user's computer, in some circumstances we simply find it impossible to believe that users in fact really meant "yes" when they clicked yes.
This disbelief reflects what I consider to be a crisis of contract--a EULA may have all of the legal niceties required to form a contract, but we still don't believe the user's consent to the EULA accurately reflects the user's true preferences. I'm still working out in my own mind how we solve this crisis. For now, I'm sure that an overbroad application of doctrines like trespass to chattels (where there in fact has been disclosure and consent) is not the right answer. I'm also not convinced that more disclosures, or more prominent disclosures, really solves the underlying problem, especially if users don't fully understand how software works in the first place. Therefore, I think this crisis raises some tough questions that will require thoughtful and non-emotional responses to work through.
UPDATE: Ed Felten says that the EULA disclosure isn't adequate. He quotes the current EULA (query what the EULA has said in previous incarnations):
"As soon as you have agreed to be bound by the terms and conditions of the EULA, this CD will automatically install a small proprietary software program (the “SOFTWARE”) onto YOUR COMPUTER. The SOFTWARE is intended to protect the audio files embodied on the CD, and it may also facilitate your use of the DIGITAL CONTENT. Once installed, the SOFTWARE will reside on YOUR COMPUTER until removed or deleted. However, the SOFTWARE will not be used at any time to collect any personal information from you, whether stored on YOUR COMPUTER or otherwise"
He says this is misleading because "a rootkit neither protects the audio files nor facilitates use of the content." While it's true that the rootkit aspect may be unnecessary, I think this EULA disclosure is clear that DRM software will be installed on users' hard drive. This should be dispositive on all legal issues that the installation was consensual.
I do agree that the difficulty uninstalling the software may not be adequately disclosed. It would be nice to have that additional disclosure, but I'm not sure that it's legally required.
UPDATE 2: Ed Felten comments in response to this post, saying "Surely the user’s consent to installing “a small proprietary software program … intended to protect the audio files embodied on the CD” does not give SonyBMG free rein to do absolutely anything they like to the user’s computer."
I think this statement is true as far as it goes, but I'm not sure that Sony's behavior is fairly equated with doing anything they want. While Sony might have engaged in unnecessarily problematic ways to accomplish their software install, it appears that their install was only for the stated purpose, and I find it hard to believe that a judge would second-guess the specific installation choices accordingly.
UPDATE 3: I've updated my thoughts and addressed some of the comments in a more organized fashion in a new post.