September 29, 2006
Google Wins Keyword Lawsuit--Rescuecom v. Google
By Eric Goldman
Rescuecom Corp. v. Google, Inc., No. 5:04-CV-1055 (N.D.N.Y. Sept. 28, 2006). You can find the ruling here (WARNING: 1.7MB file)
Introduction and the 1-800 Contacts Precedent
Last year, the Second Circuit issued a major ruling in the 1-800 Contacts v. WhenU case saying that an adware vendor didn't make a trademark use in commerce by selling keyword-triggered ads. However, the Second Circuit expressly left open whether its ruling would apply to search engines as well.
In Spring, search engines got a boost when a district court within the Second Circuit extended the 1-800 Contacts reasoning to apply to search engines. See Merck v. Mediplan (initial ruling and motion for reconsideration). However, this ruling was made in the context of a lawsuit between advertisers, so it didn't directly apply to the search engines' own liability.
Yesterday, search engines got the ruling they wanted, with a decisive victory in a trademark lawsuit over keyword advertising. For the second time, a court in the Second Circuit felt bound by the 1-800 Contacts precedent to find that selling keyword advertising isn't a trademark use in commerce.
How good of a win is this for the search engines? It's the first ruling expressly saying that search engines aren't liable for selling keyword advertising. It goes against all four precedent rulings that specifically opined on whether search engines make a "use in commerce" (Playboy v. Netscape--although the court sidestepped this topic, GEICO, American Blinds and 800-JR Cigar), plus another group of cases that held advertisers made a trademark use in commerce when they bought keyword advertising (e.g., Edina Realty), And best of all, the court granted Google's 12b6 motion to dismiss--meaning that the case got knocked out at the earliest possible stage, without discovery or a trial on the facts. This is perhaps the best possible outcome that Google could have hoped for from this case.
The Court's Analysis
The court's analysis is relatively straightforward. The court cites the statutory definition of "use in commerce" from 1127, implicitly rejecting a variety of other interpretations of "use in commerce" that have sprung up over the years. Then, the court systematically rejects the plaintiff's arguments, in each case citing to the 1-800 Contacts precedent:
* that Google is free-riding by reselling the keyword to Rescuecom's competitors.
* that Google is preventing people from reaching Rescuecom's website.
* Google's sale of keywords alters the search results delivered to searchers, and this alteration diverts consumers.
Instead, the court says: "Defendant's internal use of plaintiff's trademark trigger sponsored links is not a use of a trademark...because there is no allegation that defendant places plaintiff's trademarks on any goods, containers, displays, or advertisements, or that its internal use is visible to the public." (Cite to 1-800 Contacts and Merck; implicit cite to the 1127 definition of "use in commerce.") As a result, the court dismissed the trademark infringement claims.
As an added bonus, the court dismissed Rescuecom's dilution claim, arguing that it lacked the requisite "commercial use in commerce."
The court dismissed Rescuecom's state law claims as lacking supplemental jurisdiction. In theory, Rescuecom could refile those in state court.
As I said in my writeup of the 800-JR Cigar case, it has become impossible to predict the outcome in the next search engine trademark case, and this case reinforces that statement--here, based on the four on-point precedents that all went against search engines, I would have predicted a Google loss. So the remaining question is: will other courts follow this case? It's simply a district court ruling, so no one is precedentially bound to the ruling.
However, this case could be a watershed case that will turn the tide. Subsequent courts, after seeing the clean and elegant analysis of this case, may be persuaded by its reasoning. Further, for reasons that I argue in my Deregulating Relevancy article, this court got the outcome exactly right from both a legal analysis perspective and from a policy analysis, so there are good legal and policy reasons for future courts to follow this precedent.
But there's no way to be sure what the next court will do, so only time will tell. However, I'm pretty certain that Google is hoping any plaintiffs will bring future lawsuit in a court located in the Second Circuit!
September 25, 2006
Outdated Metatags Don't Infringe--Pop Warner v. NH Youth Football & Spirit Conference
By Eric Goldman
Pop Warner Little Scholars, Inc. v. New Hampshire Youth Football & Spirit Conference, 2006 WL 2591480 (D. N.H. Sept. 11, 2006)
Metatag lawsuits befuddle me for two reasons. First, and most importantly, KEYWORD METATAGS ARE IRRELEVANT from an indexing standpoint because they are ignored by most search engines. It's worth repeating, because the message hasn't yet reached everyone. KEYWORD METATAGS ARE IRRELEVANT for all practical purposes.
Second, even if metatags did matter (WHICH THEY DON'T), I can imagine very few circumstances where they "divert" enough customers who generate enough revenues to cover the litigation costs. (This is particularly true in this case, where it's not clear to me how consumer diversion affects any financial interests). If it were up to me, I'd much rather invest those litigation dollars in real marketing, not in fighting over the hypothetical lost sales of "divertable" consumers--assuming that there is such a thing. (For more on this point, see here).
With these two points in mind, perhaps you can appreciate how the latest metatag case completely mystified me. The gist: the NHYFSC was once affiliated with the Pop Warner league. During that time they registered a domain name based on the acronym and put the term "Pop Warner" in the metatags. NHYFSC bolted to a rival league, removed most metatags (but missed some) and kept using the acronym domain. Litigation ensued.
With respect to the metatags, the court says:
Plaintiffs give considerable weight to the fact that on many Internet search services such as Google, defendants' web site will continue to be associated with Pop Warner long after the metagags [sic] are changed. Although such search results may be due to defendants' old metatags, any continued use of the data in those metatags is not the fault of defendants, but rather, of the inefficient or inaccurate search algorithms employed by the operators of Internet search tools. Put differently, defendants used the plaintiffs' marks on their web site, including the metatags, when they were authorized to do so. When such authorization was terminated, defendants' use of the marks ceased. That Google and other search tools continue to associate defendants' web site with plaintiffs' marks even after the metatags have been changed may demonstrate a problem with the methods by which search web sites operate, but that is not an issue that can be easily resolved by the defendants.
Can you see my confusion? The court is analyzing how search engines deal with outdated metatags--an incomprehensible topic given that the metatags were never indexed in the first place. The ironic thing is that the court "blames" the "inefficient or inaccurate search algorithms employed by the operators of Internet search tools"--except, search engines aren't that inefficient or inaccurate given that THEY ARE SMART ENOUGH NOT TO RECOGNIZE KEYWORD METATAGS IN THE FIRST PLACE. So, exactly who is "inefficient and inaccurate"? I'd start with the plaintiff's counsel for their bogus and outdated arguments...
(So why is NHYFSC still showing up? NHYFSC also appears to have used the term in its main text, and the search engines might not have reindexed the revised site. Or, it could be due to anchor text on third party sites.)
At least we can find a silver lining here--the court didn't hold the defendant liable for trademark infringement based on the phantom metatag effect, unlike some other recent courts that still don't get it.
UPDATE: My top AdSense ad today?
"Free Meta Tag Generator
Easily generate meta and title tags & boost your search engine rankings
September 22, 2006
Texas Assistant Principal Sues Students and Parents Over Defamatory Profile on MySpace.com
By John Ottaviani
High school students have been battling with and lampooning their assistant principals for generations. Last Spring, students in San Antonio, Texas, applied 21st century technology to the practice, when they allegedly set up a profile for their female assistant principal on MySpace.com, using her name and picture as if she has posted the information herself. But these students went too far. The profile contained the assistant principal’s name and picture, as well as other “lewd, defamatory and obscene comments, pictures and graphics,” including the false statement that she is a lesbian.
The profile was up for about a month before another teacher at the school told the assistant principal about the website. Apparently, MySpace took the site down as soon as it was notified that the assistant principal did not post the information. After an internal investigation, the school identified at least two students as either creating or assisting in creating the webpage.
According to an article in MySanAntonio.com, one of the students was suspended for three days, and the other had to attend a parent conference. After the police department was called in to investigate, criminal felony charges were also filed against one of the students.
It doesn’t end there. The assistant principal has now filed a complaint in Texas state court alleging causes of action against the students for defamation, libel per se, and gross negligence. The assistant principal has also sued the parents of the students, alleging that they negligent breached their duty to the assistant principal to supervise the activities of their children as they access the Internet. The complaint seeks an unspecified amount of compensatory and punitive damages, lost wages, damages for emotional distress and mental anguish, and reimbursement of medical expenses.
The assistant principal’s primary goal is accountability, according to her attorney. She wants the students to face consequences.
Interestingly, the complaint does not name MySpace.com as a defendant. This could be a recognition by the assistant principal’s attorney that Section 230 of the Communications Decency Act would probably absolve MySpace.com from liability in this situation.
As I have argued previously, I have a hard time seeing that MySpace.com has any legal duty here other than to take down offensive content when notified. This case may, however, be the first to test my argument that it is the parents of teenagers who are better situated to protect their children and others from harm that their children may cause with their computers.
A copy of the complaint can be found here.
New York v. Direct Revenue Amicus Brief
By Eric Goldman
David Post, Scott Christie and I have filed an amicus brief in New York v. Direct Revenue LLC, No. 401325/06 (N.Y. Supreme Ct.), one of Spitzer's office's high-profile enforcement actions against adware companies.
Among other aggressive positions, the NYAG's office argues that Direct Revenue committed deceptive trade practices by disclosing certain information only in the EULA. Our amicus brief notes the potential implications of this argument given the ubiquity of clickthrough agreements as a disclosure mechanism on the Internet. We don't opine on Direct Revenue's specific practices, but we express concern that the expedited procedure chosen by the NYAG's office isn't the right venue to set precedent implicating the practices of millions of companies.
September 21, 2006
eBay User Agreement Upheld, Part II--Durick v. eBay
By Eric Goldman
Durick v. eBay, 2006 WL 2672795 (Oho Ct. App. Sept. 11, 2006)
I didn't anticipate this being eBay Law Week, but these issues often seem to arise in cycles. Yesterday I blogged on the Nazaruk case, which upheld eBay's forum selection clause. In that post, I claimed that the Nazaruk case was, to my knowledge, the only currently published opinion upholding eBay's user agreement.
It turns out that a few days before the Nazaruk case, an Ohio appellate court upheld the eBay user agreement. Not only that, Durick was issued by an appellate court, making it the only currently binding precedent that eBay's user agreement is enforceable.
In the Durick case, the plaintiff tried to sell various bottles, in some cases containing prescription drugs or hazardous materials that putatively violated eBay's user agreement. eBay issued 12 warnings to plaintiff over 2 years and then finally suspended his account. Instead of seeking reinstatement, the plaintiff ran to the courthouse, claiming that eBay was in breach of contract by suspending him because his auction items didn't violate the user agreement.
The court dispenses with this lawsuit pretty efficiently. It says that there was a binding contract, the plaintiff violated the contract and therefore eBay wasn't in breach of its contract. SJ for eBay.
Two interesting tidbits:
1) The court says: "The language contained in appellee's user agreement is clear and easily understandable." eBay will happily cite this sentence in future opinions!
2) eBay's user agreement has a lengthy list of documents incorporated by reference, including its "Prohibited, Questionable & Infringing Item Policy," which in turn contains sub-documents incorporated by reference, including its "Prescription Drugs" policy and its "Hazardous, Restricted, and Perishable Items" policy. Thus, for the plaintiff to see the applicable restrictions, he had to scroll down the lengthy eBay user agreement, choose from a variety of referenced links, and click at least two pages down. The court doesn't seem to care at all about this user interaction process, treating the distantly incorporated terms as an integral and enforceable part of the agreement.
September 20, 2006
eBay User Agreement Upheld--Nazaruk v. eBay
By Eric Goldman
Nazaruk v. eBay, 2006 WL 2666429 (D. Utah Sept. 14, 2006)
Another lawsuit involving the eBay feedback forum. In this case, the pro se plaintiff alleges that eBay and the feedback submitter deprived her of her civil rights (per 42 USC 1983 and 1985) because the posted feedback denigrated her national origin. eBay moved to dismiss on several grounds, including improper venue based on the mandatory California venue clause in eBay's user agreement. The court says that the plaintiff became bound by the mandatory clickthrough user agreement when she registered with eBay, so the court makes short work of her arguments, finding eBay's contract valid, the mandatory venue clause binding and the venue inappropriate.
As a result of the dismissal based on venue, the plaintiff can refile in CA (an unlikely development given her pro se status, but weirder things have happened). I'm sure eBay would have preferred to shut down this lawsuit definitively, but on the bright side, eBay has to like having another court bless its contract and the mandatory venue clause. The other cases I know of: Bergraft, Grace (now depublished) and Ploharski--so this may be the first (currently) published case upholding eBay's contract/clause.
At the same time, the court had the ability to dismiss this lawsuit entirely on 47 USC 230 grounds (see here and here). If the plaintiff chooses to refile, her prospects of success are very, very dim...and I see an anti-SLAPP motion in her future.
September 18, 2006
Nails, Coffins, Spam, and the Dormant Commerce Clause?
By Ethan Ackerman
Have the state spam laws that survived CAN-SPAM finally fought off Dormant Commerce Clause and preemption challenges? Yes, they have, but not for the reasons you might think...
The ‘net was awash with news articles last week trumpeting that the nation’s first felony spamming conviction had been upheld. Prolific North Carolina spammer Jeremy Jaynes lost an appeal in the Virginia Court of Appeals of his nine year conviction for violating Virginia’s criminal anti-spam law.
Jaynes alleged the Virginia criminal anti-spam law was an unconstitutional violation of the Dormant Commerce Clause and the First Amendment. Finally, Jaynes challenged the jurisdiction of Virginia courts to convict him over emails that were initiated in North Carolina. These three arguments – the Dormant Commerce Clause, the First Amendment, and jurisdiction – have fairly consistently been plans A, B & C in any challenge to state spam laws, and I’ve blogged about some of them before.
I think plans A & B in an alleged commercial spammer’s legal defense (the Dormant Commerce Clause and First Amendment challenges) have now taken enough hits to be declared at least in the coffin, if not dead. Why? In the case of the Dormant Commerce Clause, it isn’t the slow accretion of adverse cases swaying the tide of legal thinking (as with First Amendment cases), but an intuitively and legally obvious reason I explain below. While plans A&B lay near death, courts (much like they have been doing for the last 200-plus years) are still struggling with notions of jurisdiction. As a result, plan C (resisting the jurisdiction of an out-of-state court) looks to remain a source of continued litigation between spammers and those who would sue them.
First Amendment Claims
I’d hoped that this post could include just a quick, cursory review of the First Amendment argument that Jaynes would make and the court would correctly shoot down before moving on to the meatier Dormant Commerce Clause and jurisdictional issues. As it turns out, I can’t do that. At fault: Virginia’s slightly unusual anti-spam law that seems to apply to both commercial and non-commercial email. Apparently I’m not the only one who thought the usually dead issue of a First Amendment challenge may well be alive in this case, either. While I still think that properly constructed state anti-spam laws can easily survive a First Amendment challenge, let’s see what’s going on with this particular one...
In his defense, Jaynes alleged that the Virginia criminal anti-spam statute was a facially unconstitutional violation of the First Amendment, as it impermissibly regulated some types of anonymous non-commercial speech. Jaynes, along with supplemental briefing by the ACLU of Virginia as amicus solely on this issue, pointed out that such content-based restrictions require strict judicial scrutiny, with its test for a narrowly tailored means to achieve an end that must be a compelling state interest.
At this point in a "standard" anti-spam prosecution, the plaintiff or state would respond that protecting citizens, ISPs and networks from the well-documented scourge of spam is a compelling state interest and point to studies and legislative findings, and courts would agree with them. That seems to be what happened in the Jaynes case, as well. No one was really arguing against the idea that controlling spam constitutes a "compelling state interest," it was the "narrowly tailored means" that caused problems. On the issue of "narrowly tailored," plaintiffs in a "standard" case would argue that in only addressing misleading commercial speech, the category with the least First Amendment protection, the law was narrowly tailored around common types of ‘more-protected’ speech like political or religious speech, and the additionally limitation of ‘misleading’ regulated even less, only covering that thin slice of speech where the state’s interest in protecting consumers and commerce was strongest.
The ACLU and Jaynes argued that the Virginia act was not narrowly tailored in that it was not limited to commercial speech, and even worse, that it effectively precluded anonymity (an important, recognized First Amendment value) by criminalizing false headers regardless of commercial or non-commercial status. Reading the Virginia statute, the ACLU and Jaynes seem to be on to something. Unlike many other state anti-spam laws that are restricted to unsolicited commercial email, the Virginia statute addresses unsolicited bulk email - apparently regardless of its commercial or non-commercial nature.
The Jaynes Court seems to agree with the ‘standing’ and ‘standard of review’ aspects of the argument, correctly recognizing that Jaynes can assert "facial" unconstitutionality - that it may be unconstitutional to some, even if the act is constitutional as applied to him. Unfortunately, the court then seems to misapprehend (or the ACLU and Jaynes didn’t clearly and persuasively make) the second half of the argument about being narrowly tailored.
Instead, the court seemed to read the statute as requiring that some type of trespass be achieved as a result of the header falsification, as though a misrepresented header was presented, password-like, to allow access to a computer network – much like many computer fraud statutes prohibit. Perhaps the near proximity of the statutes in the Virginia Code confused the court? The Court’s opinion goes on for several pages, correctly espousing and illuminating the (correct, but not actually raised) principle that the First Amendment doesn’t sanction trespass. The court seems to labor under the impression that Jaynes got ‘access’ to AOL’s email network by falsifying his headers and that he wouldn’t have such access but for the falsifications. As a result, several interesting legal and technical questions are left unexplored or unanswered. Is the Virginia statute, targeting emails based on their "bulk" status rather than commercial nature, still narrow enough to survive strict scrutiny? Does the prohibition on false or misleading apply to preclude anonymity as a practical matter, or just make it harder? Would that make a difference for First Amendment purposes?
Part of Jaynes’ case is worth noting for what it doesn’t contain – a preemption argument. Most other spam cases arising under state laws since the passage of the federal CAN-SPAM Act have at least alleged federal preemption as a defense against the state law. The uniform result of those cases -- holdings that recognize CAN-SPAM expressly preserves some types of state spam laws -- probably drove Jaynes away from this losing argument and toward more viable defenses instead.
Preemption claims argue that federal law, either explicitly or as a practical result, governs the details of a subject to such a degree that it must be regarded as the controlling law on a subject. With CAN-SPAM’s enactment in 2003, another text-book example of federal preemption was born. Indeed, the Act contained comprehensive definitions, it detailed offenses and standards and labeling and safe harbors, and it even had explicit language preempting state laws. It also, however, ‘saved’ state anti-spam laws from preemption to the extent they complied with a preemption "exception." This exception, which says CAN-SPAM preempts state law "except to the extent that any such [law] prohibits falsity or deception in any portion of a commercial electronic mail message...", saves at least part of most every state’s anti-spam laws, because most state anti-spam laws focus on fraudulent messages or fraudulent header information.
Even before Jaynes’ case, defendants were beginning to give up on the preemption argument. The BSI v. Keynetics defendant didn’t try a direct preemption argument, conceding that preemption exception made that argument fruitless, but instead artfully argued that the state statute was preempted by CAN-SPAM because the specific fraud pleading provisions of the Federal Rules of Civil Procedure (FRCP) applied. The Keynetics defendant argued, and the judge rejected, the idea that non-compliance with FRCP brought the state law claim out of the CAN-SPAM exception it might otherwise enjoy. The judge held that the case was sufficiently pleaded, and compliance or non-compliance with the FRCP was not a preemption issue, but really just a simple FRCP pleadings issue. Insufficient pleadings would result in a failure for FRCP reasons, not some artfully twisted extension to the unrelated issue of preemption.
Dormant Commerce Clause Claims
Jaynes argued the often argued (but seldom won) theory that the Dormant Commerce Clause prevented state spam regulations that have the effect of regulating interstate commerce, arguing that the U.S. Constitution’s Commerce Clause doctrine precluded states from doing this. The court quickly rejected this notion, applying a test the Supreme Court has identified for Dormant Commerce Clause challenges. As the Virginia law regulated evenhandedly between in-state and out-of-state companies, both in appearance and in practice, the court applied the Pike balancing test and found that the impacts on interstate commerce were minimal (only complying with the law’s prohibition on false/misleading headers) compared with the benefit to Virginia consumers. Like the oft-cited Heckel court cases and other spam cases before this, the Virginia court recognized that these "truth in labeling" provisions hardly could be said to "burden" commerce, emphasizing that compliance was actually easier than non-compliance, and the results (less fraudulently-headered spam) would, if anything, benefit commerce.
While I’ve suggested that everything so far in this analysis is by-the-book, I should note that some cases and legal scholars have a slightly more expansive Dormant Commerce Clause jurisprudence than this cut-and-dried Pike balancing test. Not surprisingly, this more expansive view is frequently adopted by spammer defendants. This argument relies on bleeding the "extraterritorial effect" aspect of the Dormant Commerce Clause test into the heightened scrutiny standard appropriate for state laws that are discriminatory.
Instead of looking only to ensure that the statute was not written with the discriminatory intent or effect of covering wholly extraterritorial conduct, this expansive view operates on the principle that, separate from intent, statutes that could or do have wholly extraterritorial effects are assumed invalid. This camp rejects the notion that it should just boil down to a balancing test, and espouses the broader notion that an additional threshold test for wholly extraterritorial effect, independent of and in addition to the threshold "discriminatory intent or effect" test, is appropriate.
This "two threshold tests" camp is supported by local and national court cases that use language from Commerce Clause jurisprudence suggesting a second separate test. Perhaps the high-water mark for this camp is found in Healy v. The Beer Institute, where the Supreme Court adopted choice bits of language from prior opinions to hold that "A statute that directly controls commerce occurring wholly outside the boundaries of a State exceeds the inherent limits of the enacting State’s authority and is invalid regardless of whether the statute’s extraterritorial reach was intended by the legislature." A great contemporary example of applying this standard is American Booksellers v. Dean, where the 2nd Circuit held Vermont anti-indecency law invalid because it had the effect of regulating some wholly extraterritorial Internet conduct.
One interesting subset of this "two thresholds" argument – perhaps one that takes it a step too far – is the argument that in requiring extraterritorial actors to even perform an inquiry into each state’s laws – to see whether each law is applicable, where email recipients are located, and any conditions of compliance – a state has impermissibly burdened interstate commerce. Just having to check other states becomes a burden. The Jaynes court, as have most other courts addressing spam laws, embraced the Pike-only camp’s logic and rejected this "checking is a burden" notion. The Jaynes and Heckel courts pointed out that that "discovery burden" isn’t the tested burden, but rather the appropriate burden to test is what it takes to comply with the law – compliance only "requires" refraining from mislabeling email headers.
This "extraterritorial actors making an inquiry is a burden" argument seems a bit weak to me (and others) for several additional reasons - not the least of which is that it seems inconsistent with the Supreme Court’s own Pike test. The Pike test seems to contemplate that some state impact on interstate commerce is acceptable, and so attempts to erect a "per se" invalidity rule for anything with interstate effect seem inconsistent with Pike accepting such impacts. There is another inconsistency with this expansive view and the Pike test: If inquiring is onerous, it only gets more onerous as more states pass laws on the subject, and so a law that on its own merits passed the Pike balancing test might later become unbalanced due only to the fact that additional states have passed laws on the same subject, no matter how similar or consistent.
The "checking is a burden" subset of the "two threshold tests" camp of Dormant Commerce Clause jurisprudence has become somewhat of a straw man argument for those espousing a blended "Pike-only" balancing test. The Jayne court, like the Heckel court and most every other court upholding state anti-spam laws, focused most of its arguments on refuting the "checking is a burden" argument, without significantly addressing other legitimate concerns (Does it or doesn’t it regulate wholly extraterritorially?) elaborated on by the "two threshold tests" camp. In some cases, like Heckel’s, the statute was intentionally written to be limited to activities within the state. Other statutes, like the Virginia statute, have no limiting language of any type. The Virginia court could have perhaps at least addressed these inconsistencies rather than embrace a wholesale adoption of the logic of a case that turned out to have entirely different factual and legal circumstances.
I’ve walked through these different camps of Dormant Commerce Clause jurisprudence, and their sub-camps, and failings of each, to bring a new conclusion to the reader -- the Dormant Commerce Clause will almost never matter in spam cases brought after CAN-SPAM. Legal theorists may welcome the competing ideologies and policy implications (Pike supports state authorities in the federalist debate, the "two thresholds" camp facilitates national market uniformity, and so on back and forth...) but the legal landscape for everyone else now faces a not-so-dormant Commerce Clause.
The "Active" Commerce Clause
Metaphors of nails in coffins aside, the CAN-SPAM Act put quite a lid on the Dormant Commerce Clause debate surrounding state spam laws – it just seems someone forgot to tell the lawyers. No longer do courts need to worry about extraterritorial application interfering with an interstate market, or whether such an examination should be a part of a balancing test or its own independent threshold test. Congress has spoken. And where federal legislation exists, the Dormant Commerce Clause should recede, no? Looking to see if there is federal law on the issue is actually the first step in determining whether a court should begin a Dormant Commerce Clause analysis or instead initiate a preemption analysis under the Commerce Clause and preemption jurisprudence. If contemporary Commerce Clause jurisprudence had to be put in Boolean form, it would go roughly like this: If federal law, then preemption analysis, else Dormant Commerce Clause analysis.
Court decisions after the CAN-SPAM Act have given recognition to CAN-SPAM’s stance on state spam laws, but mainly in the context of preemption debates, not ‘active’ Commerce Clause analysis. The BSI v. Keynetics court was perhaps the first to do so clearly when it rejected the argument that the Internet was so inherently interstate that the Dormant Commerce Clause required exclusively federal law:
"This Court need not dwell on this argument. While perhaps interesting from an academic standpoint, it is clear that Congress itself, in enacting CAN-SPAM, specifically reserved to the States, as will be discussed presently, authority to regulate certain aspects of Internet activity."
But then, seemingly inconsistently, the Keynetics court in the next paragraph dove into an as-applied Pike balancing discussion under Dormant Commerce Clause principles. What gives? Was the court just shooting down the "two threshold" camp in favor of the "Pike-only" camp? Perhaps, but more likely, the Court thought that CAN-SPAM merely sanctioned state laws, and didn’t completely remove the need for a Dormant Commerce Clause analysis. Or perhaps it was taking the belt-and-suspenders approach and addressing each argument?
I would suggest that contemporary Commerce Clause jurisprudence dictates that the presence of actual federal law explicitly sanctioning the presence of concurrent state law on the same subject matter should displace Dormant Commerce Clause analysis. At most, analysis should be limited to the related issue of whether the law was applied outside the state’s jurisdictional reach. I think that the common (almost universal) tactic of arguing against spam laws on Dormant Commerce Clause grounds has created something of a self-perpetuating response. Courts have addressed the issue and there is at least some precedent on both sides of each argument, so everyone (plaintiffs, defendants, and Courts) cite it and repeat it and maybe even elaborate on it. If they approached it fresh, I have little doubt courts would proceed down the standard Commerce Clause/preemption analysis ‘path’ and recognize that Congress and the President did, in fact, sanction these state laws.
I suspect that as courts escape from the habitual rut of Dormant Commerce Clause analysis, they will hold, as did the Jaynes Court, that:
"Congress, in enacting CAN-SPAM, expressly accorded the States the right to regulate false and misleading e-mail transmissions. 15 U.S.C. 7707(b)(1). If Congress itself was satisfied that supplementary state legislation would impose no undue burden on interstate commerce, this Court can hardly presume to tell Congress it is wrong.’"
And actually stop right there.
The Jaynes case seems ripe for detailed Constitutional analysis of the reach and scope of a court’s power to subject out-of-state actors to its own state’s criminal law, as well as a conflicts and choice of law analysis occasioned by an admittedly dual-state-act with differing substantive law. Out-of-state actor jurisdiction and the extraterritorial applicability of a law with regards to internet activity are both exciting due process issues even without any extraterritoriality tests under the Dormant Commerce Clause.
Unfortunately for legal scholars and doubly unfortunately for Mr. Jaynes, the Virginia Court of Appeals really punts on this issue, giving a scant three pages to the issue, far less than the eight pages of First Amendment discussion. Even worse, the Court’s conclusion is the sweeping statement that "a person may be charged in the place where the evil results, though he is beyond the jurisdiction when he starts the train of events of which the evil is the fruit."
This expansive and vague holding was justified with only one citation to a U.S. Supreme Court case, in a subject ripe with precedent. The Virginia Court of Appeals justified this assertion from an old (1950) civil enforcement case arising under Virginia’s securities laws and narrowly upheld by the U.S. Supreme Court. In that case, Travelers Health Assn v. Virginia, while explicitly declining to rule on the issue of general jurisdiction or the enforceability of any judgments, the Supreme Court found sufficient specific jurisdiction for the state agency to issue a cease and desist order. The Virginia Court of Appeals went on to cite other state courts for support of the idea that an act can be criminally prosecuted where its impact is felt, rather than the site where it was committed, but hardly acknowledged the multitude of Virginia cases stating the opposite rule (that the locus of the crime is where it is committed) or any of the many cases, both federal and state, developing which rule should apply. Verizon v. Ralsky was the only other spammer jurisdiction case cited, not for its thorough ‘due process assertion of jurisdiction’ analysis, but primarily for the assertion that spam to addresses ending in "@aol.com" necessarily have to pass through AOL’s (Virginia) servers.
The appropriateness of jurisdiction is critical to so many spam cases, and it is often one of the most fact-intensive and case-by-case analyses. It is disappointing that the Court of Appeals addresses it so slightly and in passing, especially in a criminal case where the defendant’s due process rights are at risk.
As this post just suggested, it does matter that Mr. Jaynes is being charged with a criminal violation of Virginia’s anti-spam laws. He faces 9 years in prison, either two or four times the national average state sentence, depending on whether it is compared to ‘time sentenced’ or ‘time served.’ As a Virginia felony convict, Mr. Jaynes does not face the option of parole, and so his sentence is closer to four times the average - an average that includes mostly violent or repeat offenders. As indicated above, claims asserting lack of jurisdiction bear heightened scrutiny because the liberty interest being deprived is not just potentially money, but actual deprivation of Mr. Jaynes’ physical liberty. Perhaps CAN-SPAM’s criminal provisions should have explicitly preempted state criminal law?
September 16, 2006
Internet Law Updates Talk
By Eric Goldman
September 13, 2006
By Eric Goldman
I wanted to see what was going on now at the Grokster website, so I checked out www.grokster.com today. I got this stern lecture:
The United States Supreme Court unanimously confirmed that using this service to trade copyrighted material is illegal. Copying copyrighted motion picture and music files using unauthorized peer-to-peer services is illegal and is prosecuted by copyright owners.
There are legal services for downloading music and movies. This service is not one of them.
YOUR IP ADDRESS IS [redacted] AND HAS BEEN LOGGED. Don't think you can't get caught. You are not anonymous.
In the meantime, please visit www.respectcopyrights.com and www.musicunited.org to learn more about copyright.
I'm not sure I agree with the characterization of the Supreme Court opinion. But I love the fact that they logged the IP address of an academic researcher merely because I visited the site's home page. Although, I'll admit, that sure does sound scary!
September 12, 2006
KinderStart Second Amended Complaint
By Eric Goldman
KinderStart v. Google, Case 5:06-cv-02057-JF (N.D. Cal. second amended complaint filed Sept 1, 2006)
After its last complaint was dismissed in its entirety, not surprisingly KinderStart is trying again with a second amended complaint—a 63 page behemoth. I’ve been bearish on this lawsuit all along, and after a cursory read, I wasn’t persuaded to change my views.
In particular, I’m very surprised that KinderStart continues to allege that Google is a state actor (in support of a "Violation of Rights of Free Speech" claim). This claim is a clear loser, and I thought the judge has already signaled that view pretty strongly. Among other weak supporting evidence, the complaint tries to argue that the Google Library project creates sufficiently involved relationships with public libraries to convert Google into a state actor. The Google Library project is so fundamentally disconnected from the algorithmic ranking decisions that this argument struck me as embarrassingly irrelevant.
One other potshot: the complaint touts the importance of the Open Directory Project (see Para. 52), saying among other things, "Any new search engine must have access to and index the largest possible and most comprehensive database of Websites, which is the OPD." [the ODP/OPD transposition recurs throughout the paragraph] I wasn’t sure if this was a joke. Not only does Google have zero control over the ODP, but the ODP has become virtually irrelevant—it’s a prime example of how collaborative projects can slowly degrade into junk (I’ve predicted a similar fate for Wikipedia).
So, what happens next? I expect Google will file a motion to dismiss, which the judge will grant, at least in part (at minimum, to eliminate the Violation of Free Speech claim). I expect Google to go on the counter-offensive and renew its anti-SLAPP motions. As for exactly when Google is able to shut down this lawsuit, well, stay tuned.
UPDATE: Rebecca has a detailed discussion.
September 07, 2006
Xanga.com Busted for COPPA Violation
By Eric Goldman
The FTC announced today that Xanga.com had settled charges that it violated the Children's Online Privacy Protection Act (COPPA). The settlement includes, among other remedies, a payment of $1 million--by far the largest fine in a COPPA case to date.
Xanga.com's transgression can be easily summarized, as stated in the FTC's press release:
The Xanga site stated that children under 13 could not join, but then allowed visitors to create Xanga accounts even if they provided a birth date indicating they were under 13. ... The defendants created 1.7 million Xanga accounts over the past five years for users who submitted age information indicating they were under 13.
Two practical observations:
1) Statements in EULAs/user agreements saying that users should not sign up if they are underage (or in the wrong geography, or whatever) are worthless from a risk management/legal compliance standpoint. The complaint also indicated that Xanga.com required users to check a box certifying that they were over 13. This might have been slightly more helpful, except when Xanga.com got conflicting data and didn't cross-check it against the certification.
2) Collecting birthdates is a well-known and paradigmatic way to violate COPPA. For years, I've been saying that one simple way to mitigate COPPA exposure is simply not to collect birthdates. (COPPA also covers sites that target kids 12 and under, so avoiding birthdates isn't a complete solution). Or, if birthdates are collected, simply refuse to register underage users. Here, according to the FTC, Xanga.com violated these well-known and basic approaches--1.7 million times!
FWIW, when COPPA became effective in 2000, Epinions had a field where users could self-report their age. We ran a script and found a few dozen users 12 and under. We promptly kicked those users off the site (they were ticked about being evicted--I told them to take it up with Congress and the FTC). We then disabled the ability of users to self-report their age.
Adware, Spam and Some of My Other Favorite Topics
By Eric Goldman
There has been a flurry of interesting legal developments in the last few days:
* The Battaglia v. DirectRevenue lawsuit, another of the putative class actions against adware vendors, has preliminarily settled. As David Fish points out, the settlement offers very little additional value for consumers beyond the settlement in the Sotelo case. Plaintiff's counsel gets $45,000--a pretty small payday for a case like this.
* The FTC case against Enternet Media has reached a stipulated order/settlement, including a $2M+ payment to the FTC. Enternet Media allegedly was one of the companies flashing banner/pop-up ads warning that your computer was infected and they would help; when users took advantage of their "help," they allegedly installed a bunch of harmful software onto users' computers.
* Jaynes v. Virginia, 2006 WL 2527678 (Va. App. Ct. Sept. 5, 2006). Virginia's intermediate appellate court upheld Virginia's harsh anti-spam law against both jurisdictional and First Amendment challenges. I believe Ethan Ackerman will guest-blog a more thorough analysis of this case soon. For now, Venkat has a thoughtful discussion. According to the Washington Post, Jeremy Jaynes will appeal the appellate ruling. If he can't overturn the ruling, he's facing an incredible 9 years in jail.
* Lands' End, Inc. v. Remy, 2006 WL 2521321 (W.D. Wis. Sept. 1, 2006). An affiliate registers some typosquatted domain names as a way of "diverting" consumers through those URLs to get the affiliate commission. The court denies the defendants SJ on the ACPA, fraud and breach of contract claims, but they do get SJ on the false advertising claim. Rebecca has the recap.
* According to Reuters, Bertelsmann is paying $60 million to settle Vivideni's lawsuit over Bertelsmann's investment in (and support of) Napster. (It's not clear how this settlement relates to Vivendi's acquisition of BMG). This lawsuit was particularly interesting because it tested the boundaries of investor liability for investing in copyright-infringing companies (a liability normally we expect to be precluded by the corporate veil). John O's discussion of some previous rulings in this case. Note that Bertelsmann was not the only investor-defendant in the case, so it may still be ongoing.
* The lawsuit over the fictional status of James Frey's putatively non-fiction book A Million Little Pieces has preliminarily settled. Buyers can get a full refund, but only if they jump through some significant hoops (like sending in an actual part of the book or packaging, plus a sworn statement that the purchaser would not have bought the book if they knew it was partially fiction). The publisher's liability is capped at $2.35M, which includes refunds, attorneys' fees and a donation to charity. Note that the publishers had offered rescission earlier in the case, but some plaintiffs were seeking compensation for their lost time/attention. It appears the publisher successfully limited its liability to rescission, and by making the barriers high enough, the publisher won't even have to make rescissions across-the-board.
September 05, 2006
Barrett v. Rosenthal Oral Argument Recap
By Eric Goldman
Today I attended the California Supreme Court's oral argument in the Barrett v. Rosenthal case. A short recap of the case: Bolen sent an email to Rosenthal that is allegedly defamatory of the plaintiff. Rosenthal then forwarded that email, unmodified, to a USENET newsgroup. In separate lawsuits, the plaintiff then sued Bolen and Rosenthal. Rosenthal defended on 230 and also claimed anti-SLAPP. The trial court granted the 230 motion to dismiss. The appeals court reversed the trial court. The California Supreme Court then granted cert in 2004. For reasons unknown, this case has been sitting dormant for almost 2 years.
The oral argument turned out to be quite the party scene! There were representatives from at least three of the major California-based Internet brands, as well as some of the most prominent litigators in the area. The EFF had several people in their contingent, and the Samuelson Clinic had a big group. It was a little hard to do head-counting because a group of Icelandic lawyers (representatives of the Icelandic Bar Association) had a sizable delegation in the room, but my guess is that over 100 people showed up specifically for the Barrett oral arguments. About 40 or so people had to watch in the simulcast overflow room.
This is the first time I had attended an oral argument in court (and, in fact, only the second time in my life that I had been in a courtroom for a live case--the first time is when I appeared before a judge to get approval of my name change from Schlachter to Goldman). I was impressed by the judges' preparation and by their attentiveness. They paid full and close attention to the litigants for the entire hour, even in the relatively limited situations when the rhetoric got sloppy.
Although it's impossible to make reliable predictions based on questions at the oral arguments, I would characterize the questioning as extremely defense-favorable. The court fully understood the tilted nature of the precedent (all favorable to the defense), and several justices expressed sentiments showing a good understanding of the adverse policy implications of notice-based liability. So while I am a little reluctant to make any predictions, what the heck. I think the court will reverse the appellate court 7-0 in a fairly broad ruling that joins the Zeran line of cases. I expect the opinion to be written by either Justices Kennard or Corrigan, both of whom took the lead on questioning Grell.
Ann Brick of the ACLU-Northern California and Mark Goldowitz of the California Anti-SLAPP Project argued for the defense, and Christopher Grell argued for the plaintiff (he had another unnamed gentleman sitting with him at the table). Here's a loose blow-by-blow of the event, mostly focusing on the questions asked by the judges. Except where I put the language in quotes, this is my interpretation of the discussion, not a transcription of the actual words used.
Ann led off the argument by saying that the Dot Kids act showed that Congress ratified the Zeran precedent. After about 2 minutes, Kennard asked her what was the purpose of 230 (a seemingly odd question; in retrospect, this was a softball). George asked who is a user. Moreno asked what deference should be given to the Dot Kids act. Someone (sorry, forgot who) asked if the statute was intended to cover Rosenthal's situation. Chin asked if someone could edit so much that they drop out of 230. Ann responded by citing the standard from the Donato case: when the person makes a "material substantive contribution to the information that is ultimately published." Baxter asked what happens if someone adds new defamatory content to third party content that is also defamatory. Corrigan asked if someone edited content to make it defamatory, would they be liable. George asked if the ICS's intent/scienter mattered. He then made the point that Congress may have made the choice to tolerate the intentional republication as the cost of enabling the benefits of 230--he said that Congress chose the lesser of two evils.
It was then Mark's turn. Before he could speak, Baxter asked him if someone could game 230 by submitting content to a judgment-proof entity. He also asked if 230 preempted conspirators' liability. Kennard then asked if the court didn't follow Zeran, what problems would arise. The correct answer is that the floodgates of litigation would open up, but Mark responded that the split of authority would encourage forum-shopping. Kennard then corrected his oversight by asking if the real problem would be the time and expense of companies responding to notices. Corrigan then piled on, asking if the court didn't follow Zeran, wouldn't it discourage Internet companies from locating in CA. Kennard then asked what, in addition to the goals Ann mentioned in response to her first question, were there other goals of 230? Specifically, she noted the protection of minors. She asked if the various goals were in tension. Mark gave an interesting but goofy response, saying that 230(c)(1) was designed to foster speech, while 230(c)(2) was designed to facilitate protection of kids. Kennard then remarked that tension in the statutes shows that Congress was doing its job.
There was a brief silence here, so Mark then tried to cover some of the points on his prepared remarks by saying that there was no difference between active and passive users. Werdegar asked what is the difference between publishers and republishers. Mark responded with the Donato standard. Werdegar asked if Bolen was the publisher. Mark said yes. Werdegar asked if the plaintiff had a cause of action against Bolen. Mark said yes. Baxter asked if there was a difference in the legal treatment of online and offline publications.
It was now Grell's turn. He led by saying that there was a tension between free speech and redress for harmful speech, and upholding 230 would obliterate defamation online. George asked how the Internet could function with a constructive knowledge standard. Corrigan then piled on, asking about the heckler's veto, saying that the most prudent response to notices is to take down. Grell's response was that every Internet company has departments to handle incoming complaints, the amici in this case have "armies of lawyers," and newspapers deal with these incoming notices all the time. Corrigan then asked--isn't the point that the Internet is just different? Werdegar then asked what part of the statute supported his argument. She then asked how Rosenthal should be characterized under the statute--as a user, publisher, republisher, something else? Grell then made a major admission (a gaffe?) by saying that everyone who goes online is a "user." [this seems to concede that Rosenthal is directly covered by the statute.] Corrigan then said that there was no need for an immunity for a passive user--such a person never does anything that could create liability that needs immunization, Moreno asked if the term user was defined in the statute, or if any cases had distinguished between active and passive users. Grell replied that the term user is very broad--anyone who can access the Internet. Kennard noted that the court of appeals opinion stands alone, as Zeran had been widely adopted, and she expressed concern about forum-shopping.
At this point, Grell referenced the Cubby v. CompuServe precedent, but he referred to it as the "Chubby" case. I practically burst out laughing. He then referred to the Chubby precedent about half-a-dozen times. I worked so hard to suppress my laughter that I got tears in my eyes. Moreno finally corrected him.
Kennard then noted that plaintiffs have other remedies, including complaining to the intermediary plus ordinary tort remedies against the author. Grell argued that this leads to an absurd result where someone could set up a website, allow defamatory anonymous feedback, and plaintiffs would have no remedy. Moreno asked if there was any evidence that Congress intended to protect someone like Rosenthal. Grell responded that 230 only protects against liability for removing content. This immunity thus defeats Congressional intent when it preempts other federal statutes, such as laws prohibiting discriminatory ads for housing. [Unfortunately, no one made the point that Congress expressly contemplated the preemption of other federal statutes, which is why it excluded federal criminal law from the immunization--see 230(e)(1)] Grell then said that the Internet is like Pandora's box and 230 opens up the box. George asked why not just defer to Congress? Kennard asked if someone gets a notice, must they immediately take down, or do they have a duty to investigate. Grell responded that the court can determine the appropriate level of notice, but more than a bald assertion should be required to give notice. Corrigan asked how much is required. Grell responded that in this case, the plaintiff supported his notice with documentation. Kennard asked about the possibility of chilling effects. Grell responded that the chilling effects are overstated, and he made a policy argument that notice-based liability would enhance speech by encouraging people to speak up without fear of being defamed in response.
It was time for the defendants' rebuttal, handled by Mark. Chin led off, saying that Grell cited no legal authority supporting his position, but asked if was there any legal authority undercutting the defendants' position. Kennard then noted that this court wasn't a sheep (i.e., not going to follow precedent blindly). Moreno asked about the DMCA. Mark responded that the DMCA shows that Congress knows how to write notice-based liability. Mark concluded on a nice note by pointing out that intermediaries may face market incentives to self-police.
The court is expected to issue its opinion within 90 days. We'll all be waiting anxiously!
September 04, 2006
47 USC 230 Preempts State Criminal Law--Voicenet Communications v. Corbett
By Eric Goldman
Voicenet Communications, Inc. v. Corbett, 2006 WL 2506318 (E.D. Pa. Aug 30, 2006)
Does 47 USC 230 preempt state criminal laws that otherwise meet its statutory requirements? For a decade, we've thought the answer was yes, but no court had said so explicitly. This ruling confirms our understanding.
42 USC 1983 creates a cause of action when the government (and others) deprives individuals of their civil rights. In this case, Usenet service providers and Internet access providers sued Pennsylvania law enforcement officials under 1983. My understanding is that law enforcement agencies targeted these service providers as part of an anti-child porn effort brought under state anti-child porn laws. The law enforcement officials obtained and executed a search warrant against the service providers for distributing child porn (presumably via USENET groups), but the law enforcement officials apparently never alleged that the service providers did anything more than carry the USENET groups (as opposed to, say, uploading or downloading the illegal images). Thus, the service providers claim that the government deprived them of their civil rights by targeting them for distributing child porn when 47 USC 230 preempted their legal liability.
This raises the important question: does 230 preempt an intermediary's liability under state criminal laws based on third party content/actions? The statute clearly does not preempt federal criminal liability, but inferentially, it plainly seems to preempt state criminal liability. However, as far as I can recall, no court had ever said so directly. This court fills that hole, expressly saying that 230 preempts liability under state criminal laws for user content/actions. So, in this case, the service providers cannot be criminally liable for state anti-child porn laws based on carrying other people's content.
Due to the intricacies of 1983 law, however, the service providers are not entitled to damages under 1983 (something about no damages when the 1983-protected right isn't clearly established). However, the service providers may be entitled in injunctive relief under 1983.