« April 2008 | Main | June 2008 »
May 28, 2008
Citysearch Sued for Click Fraud--Lambotte v. IAC
By Eric Goldman
Lambotte v. IAC/InterActiveCorp. (Cal. Superior Ct. complaint dated May 27, 2008) [warning: 1.9MB file]
Ever since the Google and Yahoo click fraud settlements in 2006, it's been fairly quiet on the click fraud front. See my most recent click fraud recap from February 2008.
This lawsuit launches an interesting new battlefront in the click fraud war. Instead of going after yet another search engine (of which there are only so many to sue!), the plaintiffs are suing a web publisher for running its own PPC ad program--something many web publishers have done. This means lots of new potential defendants for class action lawyers. Ca-ching!
The allegations are fairly straightforward. Citysearch sells PPC ads as part of a package of services for small business owners. It promises to proactively screen out invalid clicks in its contract/documentation, but the plaintiffs believe Citysearch isn't doing that job well. The plaintiffs claim this failure constitutes breach of contract, negligence and 17200 unfair practices.
The plaintiffs repeatedly hammer on the allegation that Citysearch compensates its salespeople based on the number of clicks delivered for their advertisers, which provides an incentve for salespeople to boost clicks fraudulently. At first, the argument really resonated with me--how slimy to incent salespeople to manufacture clicks! But then I realized that simply commissioning salespeople for advertiser revenue--a very, very common practice in the ad sales industry--would have the same effect; just like commission-driven salespeople would have incentives to manufacture pageviews for any advertiser paying on a CPM basis. So the argument sounds scary but on further reflection it's really not all that meaningful.
I also found the named plaintiff's story of click fraud surprisingly flat. The named plaintiff gives an example of how he got ~10X the number of clicks after he tried to cancel his advertising, putatively because the salesperson manufactured clicks either to boost the perceived performance or to drain the advertising account before it cancelled.
However, there are a number of potential problems with this story. First, the total number of clicks at issue is small overall (the first measuring period only involves 9 clicks total), undercutting the statistical reliability of any inferences from the dataset.
Second, the measuring periods for this click comparison are very odd--the first period is Dec. 11-25, and the second period is Dec. 26-31--basically, right before and right after Christmas. I did a search on Tom Lambotte and this LinkedIn profile says he runs www.theSanDiegoMacTutor.com, described as "Professional Help, Training & Consulting for your Apple/Mac Needs." [Note: I have emailed the plaintiff's law firm's PR guy to confirm if this is the same Tom Lambotte, but I haven't gotten a response to my inquiry.] Anyone else troubled by comparing pre-Christmas clicks with post-Christmas clicks...especially if the guy provides installation and support for Apple computer products? It seems possible that a bunch of potential customers got shiny new Apple toys for Christmas and then looked for someone to help install them. At minimum, we know that shopper traffic doesn't abate after Christmas and in some cases can increase following the holiday, so the clickthrough patterns might simply reflect normal seasonality.
Third, I don't know how long it takes Google to fully index new pages to an existing high PR website, but another possible explanation is that the new Citysearch pages promoting Lambotte got fully indexed after 2 weeks, spiking traffic to the pages and increasing the absolute volume of conversion from the page.
To be clear, even if the named plaintiff's situation can be satisfactorily explained by alternatives other than click fraud, that doesn't mean the lawsuit will or should fail. On the other hand, generally a class action lawyer will try to showcase highly compelling stories in the complaint. If this is the best story they've got so far, that's pretty weak.
More on this lawsuit from News.com.
Posted by Eric at 01:40 PM | Licensing/Contracts | TrackBack
May 27, 2008
Connecticut Blogger Not Subject to Texas Jurisdiction--Healix Infusion v. Helix Health
By Eric Goldman
Healix Infusion Therapy, Inc. v. Helix Health, LLC, 2008 WL 1883546 (S.D. Tex. Apr 25, 2008)
I've mentioned before that I try to avoid blogging about Internet jurisdictional cases, but occasionally an interesting jurisdictional case comes along. This one caught my attention because it involves the jurisdictional implications of blogging, a topic near and dear to my heart!
This case involves, at its core, a trademark dispute between Healix Infusion Therapy, a Texas company, and Helix Health, a New York company. Stephen Murphy is a Connecticut blogger with an unclear connection to Helix. According to this Zoominfo page, Murphy is the president and owner of Helix, but the court actually never says that, and the Helix Health page just lists Murphy as part of the team.
Whatever the relationship, Murphy is an active blogger at Gene Sherpas. It appears that his blog is not an official endeavor of Helix Health, and the court treats it as an independent blog.
Healix and Helix started mixing it up when Healix opposed Helix's federal trademark application. After some interaction, Healix sued both Murphy and Helix in Texas on several grounds, including claims against Murphy for Texas state anti-dilution and federal cybersquatting (ACPA). Murphy and Helix moved to dismiss for lack of jurisdiction, and Healix tried to support Texas jurisdiction by pointing to the reach of Murphy's blog. The court applied the Calder "Effects Test" rather than a more traditional minimum contacts test. Doing so, it concludes that Murphy, even as an active blogger, isn't subject to Texas jurisdiction for the state anti-dilution claim:
HIT argues that the following facts establish that Murphy expressly aimed his conduct at Texas residents through his blog: (1) in some of his posts Murphy has cited the work of Texas residents; (2) Murphy's blog contains a link to another Web site, ClustrMaps, that shows that many users from Texas have viewed Murphy's blog; (3) in his blog posts Murphy has acknowledged that a large number of his users reside in Texas, specifically Houston; (4) Murphy's site is “highly interactive” and permits users to interact with Murphy and each other by allowing users to append comments to Murphy's blog posts, participate in surveys, and join organizations; (5) Murphy listed his blog on another Web site, BlogCatalog.com, which is located in Texas; and (6) Murphy placed a link on his blog to another Web site, Café Press, that offered many products bearing the Helix Health logo for sale, which one Texas resident purchased [Eric's note: the purchaser was Healix's counsel]. The court is not persuaded that these facts taken together warrant a finding that Murphy “expressly aimed” his activities on his blog at the residents of this forum. [citations omitted]
Some of Healix's supporting arguments were pretty bogus. A blogger citing the work of Texas residents? A blogger getting listed in a blog directory located in Texas? Puh-lease. But even on the core issue of a blogger having Texas readers, the court is unmoved:
Murphy provided content on his blog regarding issues that attracted many users, and provided a forum where those users, including users from Texas, could interact concerning those issues. However, the evidence does not indicate that Murphy specifically directed is blog toward Texas users; rather, the evidence shows that...Murphy geared his message toward an entire world of users, a fact supported by the vast geographic diversity of Murphy's users. And while Murphy sometimes used Texas sources to convey his message...Murphy's use of Texas sources was “merely collateral” to the focus of his posts: to inform all users about particular issues in the field of personalized medicine wherever they may arise. Thus, although Murphy knows that many residents of Texas use his blog, that fact alone does not mean that Murphy used his blog with the “‘intent to target and focus on [Texas] [us]ers.’" [Citations omitted]
As a result, the court dismisses the state anti-dilution claim for lack of personal jurisdiction. Along with the Traffic-power v. Wall case, this ruling reinforces that bloggers should not be exposed to lawsuits in remote jurisdictions just because they have an active blog with a wide and engaged readership.
Some other interesting aspects of this case:
* FWIW, Murphy didn't escape Texas completely; for reasons unrelated to his blog, the court found jurisdiction over the ACPA claim.
* This is my third blog post this year discussing opinions where a plaintiff tries to use a CafePress storefront against the defendant. See my prior posts on the Wal-Qaeda and Curran cases. The court doesn't find that the CafePress storefront mattered here because the only sale in Texas was a "manufactured" one to the plaintiff's lawyer. Even so, from my perspective, a CafePress storefront looks like it can be an unintended liability trap for bloggers and gripers.
* This dispute appears to have taken a nasty turn. It's never good when the judge has an entire section of the opinion entitled "Parties' Lack of Civility," sends the lawyers a copy of the Texas Lawyer's Creed and admonishes "Counsel for all parties are directed to read and reflect on the Creed...and conduct themselves accordingly."
* Healix apparently is ramping up for a possible litigation frenzy over the term "Helix." Not only did they lose a separate TTAB action over a different Helix registration, but they have opened a new battlefront in this dispute by recently suing Pragmatix for its role in the alleged violations associated with the helixhealth.org domain name. The relationship between Pragmatix, Helix and Murphy is unclear from Healix's complaint, but Pragmatix is listed as the technical and administrative contact for the domain name (see the Whois results) and the complaint alleges that Pragmatix owns the domain name, designed and hosts the Helix website, and provided a variety of other services to the enterprise. This secondary lawsuit could raise a variety of interesting issues over the liability of a website designer and host for allegedly infringing activity by its customers, although I suspect this lawsuit will avoid all of those interesting issues before it settles or is otherwise resolved.
Posted by Eric at 10:57 AM | Trademark | TrackBack
May 26, 2008
Search Engine Advertiser Litigation Updates
By Eric Goldman
Recently, there were intermediate rulings in two long-standing cases by search engine advertisers against search engines.
CLRB Hanson Industries, LLC v. Google Inc., 2008 WL 2079200 (N.D. Cal. May 14, 2008)
This lawsuit involves the Google AdWords feature that allows advertisers to set "daily budgets." Google doesn't enforce the daily budgets strictly; instead, it gives itself the permission to deliver up to 20% overage in any day and credit the overage against future performance. The lawsuit was initially filed in August 2005. In August 2007, the judge issued an important preliminary ruling that had three main holdings:
1) Google's AdWords contract was a binding contract.
2) Much of the breach of contract claim was dismissed, but the judge left open claims by advertisers of less than 1 month, advertisers who ended their campaign in a partial month, and advertisers who paused their campaign.
3) The false advertising claim was left open.
Because the August 2007 substantially limited the remedies available to advertisers, I expected that ruling to prompt the parties to settle. But here we are in May 2008, and the parties are still going at it. This month's ruling was largely procedural in that it attempted to clean up any lingering confusion over the August 2007 ruling. As a result, it really doesn't break much new ground; instead, the opinion largely reiterates the main rulings from the August 2007 opinion. Rebecca has more thoughts on the false advertising aspects.
In re Yahoo! Litigation, 2008 WL 1882786 (C.D. Cal. April 21, 2008)
This lawsuit got a lot of press when it was first filed in May 2006 as an example of "syndication fraud." See my initial post. It relates to Yahoo's display of ads on pages promoted by adware and on typosquatted and domain name parking pages. The advertisers believed these pages had lower quality traffic than other pages, and this disrupted their expectations.
In the past two years, the case has gone through various procedural shenanigans. This ruling addresses Yahoo's motion to dismiss the second amended complaint on a number of grounds.
Yahoo invoked a clause in its advertising agreement barring class litigation against it. Under prevailing California law, these clauses are probably unenforceable in consumer contracts; but there hasn't been a lot of litigation over these clauses in business-to-business contexts, especially because it's hard to argue unconscionability in B2B contexts. The court punts the issue on Yahoo's motion to dismiss, saying that it needs more facts about the parties' respective positions, which makes this issue more appropriate for resolution on summary judgment. Tom O'Toole has more to say about this issue.
Yahoo also tries to dismiss the breach of contract claim over its alleged promise of targeted ad placement, but the court refuses to dismiss because California law freely allows extrinsic evidence to explain unambiguous contractual terms. However, though the court didn't dismiss the claim, I think the plaintiffs will have difficulty prevailing on this contract breach claim because, as the court implicitly concludes, the plain language of the contract weighs heavily against their arguments.
Yahoo made several other efforts to dismiss clams, and the court rejects all but one of them (it dismissed the claim of civil conspiracy). Because so much of the lawsuit survived, this motion to dismiss ruling appears to be largely a win for the plaintiffs. However, I still think this remains a low-merit lawsuit because it's disingenuous for advertisers to complain when they got everything they paid for. Further, two years later, this lawsuit now seems strangely anachronistic given that the Great Adware Wars of the mid-2000s are over.
Posted by Eric at 08:57 PM | Licensing/Contracts , Marketing , Search Engines | TrackBack
May 23, 2008
Lori Drew Prosecuted for CFAA Violations--Some Comments, and a Practice Pointer
By Eric Goldman
Before I get started, let me first say that my heart goes out to Megan Meier's family. They have suffered a devastating tragedy, and I cannot possibly fathom the pain they must feel. As a result, I feel a little awkward blogging on the situation because I fear my words could be misinterpreted as some sign of disrespect or lack of empathy towards the family. I definitely don't intend that.
I have also passed on blogging about Megan Meier's suicide because, until recently, I didn’t think it raised a real cyberspace issue. Assuming the publicized facts are true, MySpace played a crucial role in mediating the communications between Drew and Meier, but Drew's ruse could have been perpetrated using a variety of communication media. Indeed, for millennia (and well before the Internet), people have been sending false messages to each other as part of some manipulative effort (Les Liaisons Dangereuses comes to mind, but we could find countless other examples). The fact that Drew chose MySpace for her scheme has always struck me as uninteresting at best. I recognize that perhaps MySpace made it easier for Drew to pull off her ruse, and perhaps Meier attached more credibility to MySpace messages than she would have attached to messages delivered in other media. But given that people can do serious harm to other people using many different types of communications media, I think it's a mistake to treat this tragedy as a source of profound insight into the nature of cyberbullying or the evils of cyberspace.
Despite this, we know that a high-profile situation like this will spur overreactions. Of most interest for this blog post is last week's federal indictment of Lori Drew for crimes predicated (at their core) on violations of the Computer Fraud and Abuse Act (CFAA). See the indictment. The CFAA violation putatively occurred because MySpace's user agreement required users to:
* provide accurate registration information
* not use information obtained from MySpace to harass or abuse others
* not solicit information from kids
* not promote false/misleading information
* not promote abusive or threatening conduct
* not post photos of third parties without their consent
Allegedly, Lori Drew breached the user agreement by failing to follow these provisions; and by breaching the user agreement, she made an unauthorized criminal use of MySpace's servers.
In the civil context, plaintiffs frequently use the CFAA to attack a defendant's server usage in violation of a site's user agreement. However, as far as I (and Orin) know, this is the first time the DOJ has tried to treat a user's breach of a site's user agreement as a CFAA crime. Not only is this theory potentially unsupported by the law (see, e.g., Orin Kerr and Dan Solove), but it puts almost all of us at risk of federal prosecution (see, e.g., Wired and the AP). Implicitly, the DOJ is saying that breaching a user agreement to provide false registration to a website or post a third party's photo without permission can be a federal crime. If you have never done any of these activities, please email me so I can send you some angel wings. For the rest of us, the DOJ seems to think that we should avoid the Big House only out of their sheer grace.
Also, though Drew's actions may have been heinous, her alleged breaches of the MySpace user agreement were, to be as charitable as possible, chickenscratch. Most websites like MySpace include contractual restrictions like the ones at issue simply to preserve their ability to kick off troublesome users at their discretion--not to put every non-conforming user at risk of looking down the barrel of an FBI agent's .45.
As a result, the DOJ prosecutors appear to be trying to make the MySpace user agreement do more work than it was designed to do. In that respect, I see this case as part of a broader trend where government enforcement agencies are misreading and misusing website user agreements. Consider two other very recent examples of government folks attaching undue emphasis to restrictions in website user agreements:
* the New Jersey Attorney General's office apparently misread restrictions in JuicyCampus' user agreement to think they should constitute affirmative marketing representations
* Joe Lieberman thinks YouTube should wipe terrorist videos off its site because its community guidelines discourage users from posting violent videos
This disturbing trend prompts me to offer a practice pointer to those of you who draft user agreements. Many user agreements—including MySpace’s—have gotten bloated with lengthy lists of restrictive rules (a manifestation of the rule proliferation phenomenon I blogged about here). It's pretty clear to me that government enforcement actors, either because of their fundamental misunderstanding of contract law or for their own self-aggrandizement, will treat these restrictions as expectations that the conduct won't occur on the site. But because most websites don't proactively enforce the restrictions they announce, this sets up a mismatch between rules and actual behavior—a mismatch that enforcers appear all too happy to exploit.
Therefore, I think it is better practice for contract-drafters to rely more heavily on general restrictive clauses in website user agreement (e.g., "we can kick you off at our convenience") than on overly detailed/specific but underenforced lists of restrictions. I know this stance runs contrary to the prevailing sentiment among most Cyberlawyers, who seem to believe that for every bad user behavior, it's easy enough to add a new contract prohibition that putatively eliminates the problem. But if the contracts are being misread, rule proliferation may be doing more long-term harm than good.
Posted by Eric at 05:49 PM | Content Regulation , Licensing/Contracts , Privacy/Security , Trespass to Chattels | TrackBack
May 21, 2008
Keyword Law Talk at MLRC
By Eric Goldman
Last week I spoke at the Legal Frontiers in Digital Media conference at Stanford, organized by the Media Law Resource Center. The topic was online advertising, and I was allotted 10 minutes to recap the state of keyword advertising law and provide some practical suggestions. Trying to stay within this tight time limit (I ended up taking more like 18 minutes), I redacted my hour-long talk into a 2 slide whirlwind. See my abbreviated slides. For more, see the full unredacted version of the Keyword Law talk (recently updated).
Posted by Eric at 01:17 PM | Derivative Liability , Trademark | TrackBack
May 20, 2008
Zango Files Reply Brief in Zango v. Kaspersky
By Eric Goldman
Zango has filed its reply brief in Zango v. Kaspersky [warning: 3+ MB file]. Some points that caught my attention:
* the brief starts out by quoting one of Kozinski's unfortunate rhetorical detours in Roommates.com that 230 wasn't intended to create a lawless no-man's land on the Internet. I'm sure some Zango haters would note the irony of Zango thinking this language benefits them. From my perspective, this is just another example of plaintiffs cutting and pasting pieces of the Roommates.com opinion to try to bolster their case.
* the brief doesn't acknowledge the existence of the significantly adverse e360insight case. Zango wasn't required to cite it, but the CDT brief did mention it, and I expect this precedent to figure prominently in the ruling.
* I thought this was an interesting statement (on page 19 of the PDF): "Notwithstanding the overheated protestations of Kaspersky and the holier-than-thou ideologues that it relies upon, millions of people find Zango not only acceptable, but desirable."
The case library:
* Amicus brief by CDT in favor of Kaspersky
* Kaspersky's answering brief [warning: 5MB file].
* National Business Coalition on E-Commerce and Privacy amicus brief in favor of Zango
* Zango's appeal brief [warning: 2.1MB file]
* The district court's dismissal and my commentary
* TRO Denial and my commentary
* Kaspersky's Response to TRO Motion
* Zango's TRO motion
Posted by Eric at 06:46 AM | Adware/Spyware , Derivative Liability | TrackBack
May 19, 2008
Content Generation and the Law
By Eric Goldman
Last week I participated on a panel at the ION Game Conference in Seattle to discuss UGC in virtual worlds and online games. You can see a reasonably faithful transcript of the discussion here. Here's a recap of the main points I made:
The Interface Between Content Generation and the Law: Game providers should think about how to generate both more UGC and the right kind of UGC. There are three main sources of law governing the UGC content generation choices:
* the site's EULA. Most EULAs give providers maximum flexibility to manage UGC as they see fit, but if I were researching the issue, I'd start with the EULA to see how the provider may have restricted itself.
* 47 USC 230. Many people operate under the outdated myth that a site must choose to be either a publisher or a passive conduit. Fortunately, the law facilitates heterogeneous approaches to UGC. Per 230, a VW isn't liable for third party content with limited exceptions. Ownership doesn't matter; editing doesn't matter, prescreening/policing doesn't matter. Most VW providers remain unaware of 230's power and import. Due to 230, providers have the choice of various UGC generation strategies, all of which have the same legal treatment.
* 17 USC 512. 512 doesn't go as far as 230 at enabling different content generation approaches, but it still provides some insulation from liability for user-caused copyright infringement.
In addition to these sources, many sites develop their own adjudicatory systems, including ways for users to report problems with other users, expedited takedown procedures (such as VeRO), and customer support representatives (CSRs) as private adjudicators.
How to Increase UGC: Obviously, users can be motivated through incentives/disincentives (carrots and sticks). For example, at Epinions, we used both cash and credit. There is also value in supporting and empowering a site's meta-community (the offsite interaction of power users).
Working with Power Users. I'm often amazed at just how much work users will do for a site for free if you just ask them/empower them. However, in asking users to do more work, sites should be cognizant of the amorphous boundary between independent contractors and employees. Recall the class action lawsuits against AOL and About.com over their volunteer labor force.
Site Responses to UGC Problems: I talked about the problem of "rule proliferation": in response to a new test case involving user behavior, a site often promulgates a new restrictive rule. This may happen infrequently, but even if it happens only 1X/week, that adds up to 50+ new rules/year. The collective effect is a burgeoning body of code and common law that eventually becomes unwieldy and unmanageable. To avoid this code creep, sites should promulgate new common law reluctantly.
What Works with UGC/What Doesn't: Sites should try to address two partially contradictory forces. Most users want to do the right thing, so sites should make it easy for them to do so. At the same time, sites need to build systems that are robust enough to squash the inevitable vandals and bad actors.
If you want a little more on the topic of this panel, I also did an interview for ION's pre-conference newsletter.
Posted by Eric at 12:01 PM | Content Regulation , Copyright , Derivative Liability , Virtual Worlds | TrackBack
May 17, 2008
MySpace Gets 230 Win in Fifth Circuit--Doe v. MySpace
By Eric Goldman
Doe v. MySpace Inc., 2008 WL 2068064 (5th Cir. May 16, 2008)
2008 has been a tough year for 47 USC 230. The immunization is still robust, but this year we've seen significant plaintiff opportunities created by the Roommates.com, Mazur and Friendfinder cases (and others). After this string of defense losses, yesterday's Fifth Circuit's opinion in Doe v. MySpace is refreshing. In a short but spirited opinion, the court hands MySpace (and 230 enthusiasts!) a clean and emphatic victory.
You probably recall this case when it was first filed. This is one of several lawsuits involving underage girls (who have typically lied about their age) who are sexually assaulted by men they met through and communicated with via MySpace. The plaintiffs in this case tried to avoid a frontal assault on 230 by arguing that MySpace was negligent policing its premises (a type of premises liability).
Like the district court, the Fifth Circuit makes short work of this attempted plead-around. After noting that the "Does do not present any caselaw to support their argument," the court correctly explains that failure-to-protect/failure-to-police arguments are really just thinly disguised claims that the plaintiffs don't like the site's editorial practices, which is exactly what 230 bars:
Their claims are barred by the CDA, notwithstanding their assertion that they only seek to hold MySpace liable for its failure to implement measures that would have prevented Julie Doe from communicating with Solis. Their allegations are merely another way of claiming that MySpace was liable for publishing the communications and they speak to MySpace’s role as a publisher of online third-party-generated content.
I know this case won't stop plaintiffs' efforts to claim that a site's failure-to-police/failure-to-protect excludes the site from 230's coverage, but it should.
In a last-ditch effort, the plaintiffs try to fit into the Roommates.com exception, claiming that "MySpace is not immune under the CDA because it partially created the content at issue, alleging that it facilitates its members’ creation of personal profiles and chooses the information they will share with the public through an online questionnaire." Because the plaintiffs had made inconsistent factual representations in the trial court proceedings (basically, acknowledging that the issue here was failure-to-protect, not joint content creation), the court estops the plaintiffs from raising the issue now. As part of reinforcing the inconsistency of the new argument, the appellate court quotes a transcript from the trial court:
THE COURT: I want to get this straight. You have a 13-year-old girl who lies, disobeys all of the instructions, later on disobeys the warning not to give personal information, obviously, [and] does not communicate with the parent. More important, the parent does not exercise the parental control over the minor. The minor gets sexually abused, and you want somebody else to pay for it? This is the lawsuit that you filed?
MR. ITKIN [Counsel for the Does]: Yes, your Honor.
Tough argument there, counsellor.
Even though the Fifth Circuit clearly got it right, and the plaintiffs never should have been brought this lawsuit against MySpace, I remain flummoxed by the number of cases I'm seeing involving teens making poor (and, in some cases, life-altering) decisions using MySpace. MySpace is taking steps to improve its age verification, which I applaud, but this should not simply be about minimizing its (negligible) legal risk. Instead, based on the limited empirical evidence I've seen, I think MySpace should feel a strong moral obligation to reduce what is clearly an irresistible temptation by many teens to misuse the site.
Posted by Eric at 08:32 AM | Derivative Liability | TrackBack
May 12, 2008
Lifestyle Lift v. RealSelf Settles
By Eric Goldman
In early March, I blogged on Lifestyle Lift's trademark infringement lawsuit against RealSelf based on user criticisms of Lifestyle Lift. This lawsuit was noteworthy on at least two fronts. First, it was a prime example of a trademark owner invoking trademark law to stifle online word of mouth. Second, RealSelf fought back with a novel counterclaim against Lifestyle Lift alleging that it wrote shill reviews.
The parties have now settled the lawsuit on confidential terms. See the dismissal order. It's not clear who "won" this lawsuit, but the conversation about Lifestyle Lift is still going strong at RealSelf.
Posted by Eric at 08:32 PM | Derivative Liability , Trademark | TrackBack
May 09, 2008
Ripoff Report Responds re. Xcentric Ventures v. Village Voice
By Eric Goldman
Last week I blogged about a lawsuit that some of the Ripoff Report folks brought against the Phoenix New Times and its reporter, Sarah Fenske, for defamation based on quotes attributed to attorney Christopher Sharp in an article published in February 2007. In my post, I pointed out some potentially ironic aspects of the lawsuit. Thomas Duffy, general counsel of Xcentric Ventures (the company that operates the Ripoff Report), was kind enough to send me a reply, which I am republishing below with his permission. (Note: I don't plan to let this blog become a new battleground to litigate the case in public, but I thought this response deserved airtime). I don't have much commentary to add to this response but I gratefully welcome thoughts from those of you who have faced similar litigation choices. In all cases, I sincerely hope the parties can find a prompt solution that doesn't involve wasted litigation expenses.
TEXT OF LETTER -----------------------------------------
Dear Professor Goldman:
Your analysis of the New Times suit is, as usual, very insightful. Rip-off Report not only saw the irony of a suit against New Times, but actually was loathe to even file the suit. In fact, we still have not even served it on the New Times. Here's the catch-22 that led to filing the suit: Sharp (the attorney quoted in the New Times) keeps saying he was taken out of context and the quote might not have been accurate. I am sure you have heard of the "empty chair" defense -- when a defendant points to someone not there to say it is their fault. Even with Sharp's statements that the quote was not accurate, we still did not want to involve New Times in a suit so we sent them a subpoena asking for the recording of the interview (if it exists), for any notes of the interview or to take Ms. Fenske's deposition. The answer we got was no, no and no. We will be filing a motion to compel. In the meantime, the statute of limitations would have run if we did not at least file the suit. Imagine if Fenske's testimony eventually is, "That's not what Sharp said at all and I intentionally misquoted him." Neither litigation counsel nor I wanted to explain to Ed nothing could be done because the statute of limitations has run. I am sure you understand this "in the trenches" litigation dilemma.
Even with all these litigation considerations, Rip-off Report would not have filed the New Times suit if they had simply published a retraction that what Attorney Sharp said was not supported by any evidence OR if New Times had proven to us that Sharp did actually say what was attributed to him. As you know, people assume newspapers have been fact checked and Ed and Rip-off Report just wanted a simple statement that Sharp's statement was unverified or, in the alternative, proof that Sharp was actually responsible for the statements in question.
As you point out, the irony was not lost on us that this situation is very similar to the usual attempt to get around Section 230 by claiming that Ed wrote the Rip-off Report in question. Proving that negative is never easy given that we guaranteed the report writer's anonymity. There are no such concerns here: there is a statement which has been attributed to Sharp and there may be a tape of the interview. There is no reason to keep a tape or notes private: the Shield Laws do not apply (Sharp was not an anonymous source and specifically waived any privilege), it is extremely relevant and, sooner or later, it is going to have to be produced. Given this doubt about who actually uttered the statements in question, I must respectfully point out that, even if New Times were solely an online provider, the suit against them would still be in exactly the same posture. There is an unfair dichotomy between print and online providers but this is not a case that shows the dichotomy: online or off, Ed and Rip-off Report will leave New Times alone if shown New Times is not responsible for the quote. Similarly, if New Times misquoted Mr. Sharp as he claims, there would be liability for both print and online media. Simply put, this is not a derivative liability case but Ed does want to get to the bottom of the issue of who made the statements.
I wish we could just assume that New Times had properly quoted Mr. Sharp. Unfortunately, there are some questions about New Times' motives in this. New Times knows Ed runs a legitimate site: they had listed Rip-off Report as the best consumer website in the past and Ed had assisted all the New Times newspapers around the country including the Village Voice before and after New Times purchased it. We have our suspicions about why New Times decided to do a hatchet job on Ed but we will leave that for another day. What I can tell you for sure is that Ed's contacts at several government agencies, such as the IRS, and members of the Corporate Advocacy Program independently told Ed that Ms. Fenske was only looking for dirt on Ed. When they had nothing but praise for Ed and Rip-off Report, she was not interested in what they had to say.
In summation, the problem here is New Times' lack of cooperation leaving us no choice in the particular (and, perhaps, peculiar) factual situation. For the sake of media accuracy, we hope New Times can show the statements are solely attributable to Mr. Sharp but, until they do, we have a client to protect.
Thank you for your commentary and for all your work keeping us all up to date on the latest in Internet Technology, Marketing and First Amendment Law.
END OF LETTER TEXT ----------------------------------
Sincerely,
Thomas B. Duffy,
General Counsel to Xcentric Ventures, LLC
Posted by Eric at 09:40 AM | Derivative Liability | TrackBack
May 08, 2008
Third Party Liability Presentation
By Eric Goldman
Last week I spoke at the "Center for Creativity and Commerce Symposium: New Media, New Markets, New Rights" at Georgia State University in Atlanta. This event was sponsored by four different departments within GSU (law, business, communications, digital media), which created an unusually heterogeneous audience that was heavy on content creators and their vendors (like their lawyers). As a result, after I did the audience assessment, I decided the most useful direction was a practice-oriented talk focusing on how rights owners can enforce against third party intermediaries. Of course, this topic should strike regular readers as odd/ironic: first, a law professor talking about practice issues, and second, a defense-side guy talking about bringing enforcement actions...?! With those caveats, my slides.
Posted by Eric at 04:49 PM | Copyright , Derivative Liability | TrackBack
May 07, 2008
April 2008 Quick Links
By Eric Goldman
Anti-Gaming
* Even though Ticketmaster won its lawsuit, Minnesota overreacted to the Hannah Montana ticket crush by banning software to circumvent an online ticket allocation process. See Sec. 609.806. Check out the hyperbole in this press release! What's next? Are legislators going to make SEO a crime?
* Google modified its relevancy algorithm 450 times in 2007. And yet courts still cite to Brookfield for how search engines operate!
* The UK cracks down on shill marketing online. ClickZ: "Under the new [UK] Consumer Protection from Unfair Trading regulations, it will be illegal to "Falsely claim or create the impression that the trader is not acting for purposes relating to his/her trade, business, craft or profession," or to "falsely represent oneself as a consumer."" See also AdAge.
IP
* Speaking of SEO....the latest pathetic attempt to grab a generic term and trademark it? "SEO." Sarah Bird is on the job.
* Do student notes of a professor's lecture constitute copyright infringement? We may find out.
* Atlantic v. Howell. More on the "making available" theory of copyright infringement.
* Sarah Bird on registering copyrights in websites and blogs.
* A for-profit T-shirt listing the names of deceased Iraq soldiers sparks a publicity rights lawsuit.
General
* Bowen v. YouTube, Inc., 2008 WL 1757578 (W.D. Wash. April 15, 2008). The court upheld the forum selection clause in YouTube's user agreement.
* eBay is ending its promotion of third party live auctions. Maybe because of this loss?
* Rebecca blogs on SuccessFactors, Inc. v. Softscape, Inc., 2008 WL 906420 (N.D. Cal.), an odd case involving the Computer Fraud & Abuse Act and an "attack PowerPoint" allegedly sent by a competitor to its prospective customers.
* Kate Kaye writes about the new Internet industry lobby group, the "State Privacy and Security Coalition," designed to fight laws like the Utah Trademark Protection Act.
* Kevin Werbach, The Centripetal Network: How the Internet Holds Itself Together, and the Forces Tearing it Apart, UC Davis Law Review, Forthcoming. An interesting paper applying "network formation" theory to show how the Internet came together as a unified network and how those unifying forces are under constant stress.
Posted by Eric at 08:52 PM | Content Regulation , Copyright , Internet History , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack
May 06, 2008
CDT Files Amicus Brief in Zango v. Kaspersky
By Eric Goldman
The Center for Democracy and Technology has authored a brief, for itself, anti-spyware vendors and other advocacy groups, in favor of Kaspersky in the Zango v. Kaspersky case. I thought this brief was a useful contribution to the discourse. The brief focuses heavily on the issue of empowering users' control over their desktops, which is the critical issue but a complicated one when users give instructions that may conflict with each other. The brief addresses this issue squarely:
Two scenarios illustrate the interplay of “consent” in the anti-spyware context. First, assume that a user did consent to the installation of Zango software, but later concluded that the software and resulting advertisements were harassing and objectionable. Kaspersky Lab (and most anti-spyware services and tools) offers the ability to disable Zango software, and for a user to choose to install Kaspersky software to block Zango’s advertisements is fully consistent with the user’s true choice (notwithstanding the assumed initial consent to install the Zango software).
Second, if the Kaspersky Lab software is installed on a computer before someone attempts to download and install the Zango software (and Kaspersky software blocks the Zango installation), that is quite possibly also fully consistent with the wishes of the user. By installing anti-spyware software, the user is asking to be protected from spyware even if the user does not immediately recognize certain downloaded software as spyware. Moreover, it may well be that the owner of the computer (such as a parent or an employer) decided to install anti-spyware software such as Kaspersky Lab’s, and then some other users (such as a child or employee) attempts to install Zango software (and that installation is blocked). In that scenario, the anti-spyware software is in fact doing precisely the job that it was asked to do.
I think both of these examples tell a story of how a user's putatively inconsistent instructions could be reconciled. But these examples are also pretty stylized, so minor changes in the facts would expose situations where the reconciliation might be tougher.
The case library:
* Kaspersky's answering brief [warning: 5MB file].
* National Business Coalition on E-Commerce and Privacy amicus brief in favor of Zango
* Zango's appeal brief [warning: 2.1MB file]
* The district court's dismissal and my commentary
* TRO Denial and my commentary
* Kaspersky's Response to TRO Motion
* Zango's TRO motion
Posted by Eric at 05:35 PM | Adware/Spyware , Derivative Liability | TrackBack
May 02, 2008
Spam Revisited: Virginia-style
By Ethan Ackerman
The Virginia Supreme Court revisits its First Amendment holding in Jaynes.
In what is likely a second stroke of luck for criminal spammer Jeremy Jaynes, the Virginia state Supreme Court recently granted a discretionary rehearing on the earlier 4-3 opinion. The Court limited review to First Amendment standing issues. These standing issues were the focus of skepticism in the dissent and in an earlier post on this blog.
The rehearing order is here.
This blog's earlier post discussing the ruling is here.
UPDATE 9/12/08
After granting a discretionary re-hearing, the Supreme Court of the State of Virginia reversed its earlier opinion, and Jaynes' coviction, and held the Virginia anti-spam statute unconstitutionally violates the 1st Amendment. Since the statute covers non-commercial as well as commercial speech, the Court ruled it is unconstitutionally broad. In doing so, the court concluded that its initial reading of Hicks was problematically narrow, and Jaynes properly had overbreadth standing.
Posted by Ethan Ackerman at 03:26 PM | Spam | TrackBack
May 01, 2008
Adware is Dead. Long Live Adware!
By Eric Goldman
In late January, I attended the Anti-Spyware Coalition's Public Workshop entitled Spyware: What's Worked, What's Left, and What's Coming. I was on a panel entitled "Is Adware Dead?" with Alissa Cooper from CDT and Colin O'Malley from TRUSTe. This is a timely topic because I've been pondering this question myself for a while now. This blog post recaps some of my thoughts.
Adware Is Dead
At the workshop, everyone agreed that adware is dead, although we may have been using different definitions of adware. (Commissioner Leibowitz declared adware "mostly dead," invoking the phrase from the Princess Bride). I was a little surprised to see such broad consensus on this topic. Let's explore what happened.
Looking back, it's clear that the 2003-06 period was a wild time for the adware industry. Several new entrants sought to build "legitimate" businesses on client-side software that displayed advertising, and others were seeking technical exploits for more nefarious purposes.
Collectively, these efforts sparked the Great Adware Wars of the 2000s. This was a time of mania, with everyone scrambling for the largest network of installs. In turn, vendors attempted lots of aggressive practices, such as bundled installs with obscure notice/consent, difficult uninstalls, loosely controlled/uncontrolled third party distribution chains, and overgrazing of user attention once a desktop install was achieved.
I'm declaring that the Great Adware Wars of the 2000s are over, and the anti-adware forces won. The signs of a decline in the adware industry are everywhere. Most obviously, most of the entrants are out of the business. Of the players trying to run legit adware companies, arguably only Zango persists in its client-side software business model circa 2004.
Why Did Adware Die?
It's hard to tell exactly what ended the Great Adware Wars. Some possible contributing factors:
* enforcement actions by the FTC, state AGs and private litigants (including class action lawsuits)
* new laws, including the laws passed by Utah and Alaska
* technological responses, including enhanced filtering/labeling by anti-spyware vendors
* changes in the economics. In particular, paying third party distributors for installs spurred a lot of unprofitable behavior, so installation economics improved. At the same time, due to the enforcement actions and negative publicity, advertisers have become increasingly gun-shy about advertising via adware. There is some anecdotal evidence that advertisers are now including anti-adware policies in their agency agreements. It's not clear that such policies are actually being enforced, but collectively they send a signal that suppresses the demand for advertising inventory in adware.
* changes in user behavior, due to user education and press attention to adware. Adware has become a dirty/tainted word, and that taint suppresses demand up and down the chain.
Ultimately, I think the single biggest contributing factor to the demise of adware is that it often provides a lousy consumer experience. Even when adware doesn't carpetbomb users with ads, it is still largely based on interruption marketing (a term from Seth Godin's excellent book Permission Marketing
In the end, I believe lousy consumer experiences always fail in the marketplace. The adware being deployed during the Great Adware Wars didn't prove otherwise.
What Consequences from the Death of Adware?
The Great Adware Wars are over. Now what?
Regulatory Proliferation
Even though the war is over, regulators haven’t gotten the message. In fact, I predict that we will see continued efforts to regulate 2005-era adware. Why? If the threat has been neutralized, shouldn't regulators focus their attention elsewhere?
This is a classic public choice problem. Everyone hates pop-up ads and scary adware, so regulators can pander to their constituencies' fears. At the same time, no one is opposing these efforts--the adware companies have largely vanished (not that they were ever a potent lobbying force in the first place), and no one else will stand up in their stead. As a result, regulators seeking some publicity bounce for being “tough on Internet threats” can easily enact ineffectual laws to combat past problems. (As an example of this, see the continued unopposed efforts of the Humane Society to ban Internet hunting).
Long Live Adware!
Adware circa 2003-06 may be dead, but adware in the broad sense--client-side software that displays advertising--will never die. Instead, as I argue here, adware is an inevitable part of our future for several reasons.
First, client-side software can interact with the user whenever they are using their computer. As a result, the vendor doesn’t have to worry about Internet connectivity. Plus, each vendor wants to be able to reach the consumer 100% of the time, not just when the user is visiting its servers.
Second, client-side software has access to the very best data about a user. Server-side applications generally only see the data made available when users are communicating with it. This partially explains the Facebook Beacon offering; it's an attempt by Facebook to aggregate data about user behavior that's captured by third party servers (i.e., data that Facebook ordinarily wouldn't see). But even compared with Beacon, client-side software will see more--and better--data.
At the conference, it was pointed out that behavioral targeting doesn't necessarily improve with deeper datasets. While this is true, it also remains true that a website never knows if the user has transacted with its competitor (i.e., when I searched for flights at both American and United's websites, the losing company has no idea if I transacted with its competitor or not). Client-side applications can see all of this valuable information.
As a result, vendors will always want to get onto users' hard drives and watch the users' communication flows from there. Thus, the race for client-side installations will remain an omnipresent fixture of our technological environment.
At the same time, the residual legislative and regulatory efforts--made in a vacuum without a direct threat and without any counterbalancing lobbying--has a serious risk of inhibiting the development of beneficial client-side applications. Simply put, in the legislative grandstanding to put the "nail in the coffin" of adware, regulators might in fact distort the innovation cycles of software developers who can improve users' lives. It's this risk of collateral fallout that drives my objection to most types of anti-adware regulation, and when I see stupid and regressive state laws (like the Utah Spyware Control Act, or Alaska's anti-adware law, or the screwed up Utah Trademark Protection Act), the potential harm on innovation is palpable.
So here's my proposal. Let's take a moment to pause and celebrate the end of the Great Adware Wars of the 2000s, and congratulate the many people who worked very hard to contribute to its demise. Then, let's all collectively vow to move on and focus our energies on looking forward to the next round of bona fide and serious threats, instead of looking backwards at perceived threats already vanquished.
Posted by Eric at 08:10 AM | Adware/Spyware | TrackBack