December 30, 2008
Doe v. SexSearch Affirmed by 6th Circuit, But Not on 230 Grounds
By Eric Goldman
Doe v. SexSearch.com, 2008 WL 5396830 (6th Cir. Dec. 30, 2008)
I previously summarized this case as follows:
Defendants operate a website that helps people hook up to have sex. Roe posted a profile saying that she was 18 and wanted sex. After Doe connected with Roe via the profile, they met offline at Roe's home and had "consensual" sex. But Roe was actually 14, and Doe was busted for felony statutory rape. Doe turned around and sued the website on 14 counts, which the court summarizes as claims that "(a) Defendants failed to discover Jane Roe lied about her age to join the website, or (b) the contract terms are unconscionable."
In August 2007, the district court dismissed the case. Frankly, I always thought this should be an easy case for the reason articulated by the district court judge: "Plaintiff clearly had the ability to confirm Jane Roe’s age when he met with her in person, before they had sex, yet failed to do so." But fitting the claim into legal doctrines is trickier, and the district court relied on both 47 USC 230 and substantive contract/marketing law to dismiss the case.
On appeal, the defendant fared no better, and the Sixth Circuit has little trouble dismissing the case. However, the Sixth Circuit disavows the district court's 47 USC 230 discussion:
we do not reach the question of whether the Communications Decency Act provides SexSearch with immunity from suit. We do not adopt the district court’s discussion of the Act, which would read § 230 more broadly than any previous Court of Appeals decision has read it, potentially abrogating all state- or common-law causes of action brought against interactive Internet services.
The court instead dissects the substantive contract and marketing law claims one-by-one (all 14 of them) to show why none of them were valid. The opinion is a pithy read, so if you're interested in seeing how an online contract survives a multi-front attack, check it out. I did get a chuckle out of the part when the court explains why the contract's dollar cap wasn't unconscionable: "Given the nature of the service, which encourages members to meet in person for sexual encounters, SexSearch’s potential liability is nearly limitless. For example, arrest, diseases of various sorts, and injuries caused by irate family members or others may be the result of such hedonistic sex. When selling such services, then, it is commercially reasonable for SexSearch to limit its liability to the price of the contract."
It's easy to see why the Sixth Circuit was troubled by the 230 issues in this case. This case involves a knotty question that has become a blog perennial: when is a website liable for its marketing representations that are rendered false by user content or actions? In this case, the website said in a variety of ways that users were over 18, but it never authenticated users' ages, and Roe affirmatively lied about her age. As I've mentioned before, this creates a legal conundrum--on the one hand, websites should be responsible for the marketing representations that they choose to make; but on the other hand, this can open up a bypass to 230 as plaintiffs use the marketing representations as a proxy to hold websites liable for third party content. I'm disappointed the Sixth Circuit didn't decide to tackle this issue head-on, but I understand why they chose to sidestep the issue and make clear that they weren't ratifying the district court's rationale.
I noticed that the court also doesn't mention Doe v. MySpace, the recent Fifth Circuit 230 opinion also involving online hook-ups leading to offline statutory rapes. That case turned on a negligence-style "premises liability" theory rather than a breach of contract/false marketing representation theory, but the Sixth Circuit could have tried to equate the two if it wanted (especially in its discussion about "failure to warn").
So, where does this ruling leave us? This ruling, along with the Goddard opinion from earlier this month, reinforces that plaintiffs trying the breach of contract/false marketing representations workaround to 47 USC 230 still have to establish their prima facie substantive case or they will be dismissed (in this case, on a 12b6 motion). Plus, numerous district court cases still hold that 47 USC 230 applies to false marketing representations, including the Mazur and Friendfinder cases from earlier this year. So I think the news remains very, very good for defendants. Nevertheless, I remain confused about the precise boundaries between 47 USC 230 and breach of contract/false marketing representations, and clarity will have to wait until 2009 (or beyond).
Unless something really big happens in the next 36 hours, I'll see you in 2009. Happy new year!
December 29, 2008
MySpace Defeats Sherman Antitrust Claim for Blocking Links to Competitor--LiveUniverse v. MySpace
By Eric Goldman
LiveUniverse runs VidiLife.com, which it characterizes as a social networking site that competes with MySpace. There is also some personal drama here: LiveUniverse's CEO is Brad Greenspan, the former CEO of eUniverse/Intermix--the company that sold MySpace to News Corp in 2005 for a half-billion dollars, although Greenspan opposed the deal at the time and remains disgruntled to this day.
In October 2006, MySpace allegedly redesigned its site to block VidiLife.com, including allegedly preventing MySpace users from embedding LiveUniverse-hosted videos into their MySpace pages or even mentioning VidiLife on MySpace. LiveUniverse sued MySpace for a Sherman antitrust violation and 17200 unfair competition.
In an opinion unfortunately designed as non-precedential, the Ninth Circuit dismissed the Sherman Act and 17200 claims, saying that MySpace could break links to competitive sites if it wanted and that such behavior did not constitute an actionable "refusal to deal." While the opinion itself is brief and unremarkable, the implications of this ruling are potentially significant:
First, I see this case as an interesting and useful counterpart to the KinderStart v. Google case (and, to a lesser extent, the Person v. Google and Langdon v. Google lawsuits). In KinderStart, the court said that Google wasn't liable for its editorial decisions about indexing and ranking third party sites, including sites that compete with Google. This case extends those principles to kibosh a possible Sherman Act "refusal to deal" bypass to the KinderStart ruling.
Second, I remain intrigued that my limited review of materials never revealed a good explanation for exactly what changes MySpace made in October 2006 and why it did so. Perhaps the explanation is somewhere, but it certainly wasn't front and center. Could MySpace be systematically interfering with user outlinks not for putatively legitimate reasons (such as to reduce the risks of drive-by downloads or the in-line linking of unwanted porn) but instead for questionable motivations, such as reducing its users' awareness of competitors or a personal vendetta against a former CEO? Greenspan's initial press release indicated that in 2005 and 2006 MySpace also tried to block outlinks to similarly competitive YouTube and Revver before MySpace users revolted against those blocks. I'm glad the marketplace mechanisms worked there, but I'd still like to know more about MySpace's practices and motivations. Public scrutiny and monitoring can be a reasonably good substitute for legally compelled disclosures, but I wonder if MySpace's choices are getting enough attention. I can't vouch for its authenticity, but I thought this was a fascinating and disturbing chart. Not that I was in the target audience anyway, but if this chart is anywhere close to correct, MySpace sure doesn't look like the right community for me.
Third, the case didn't discuss 47 USC 230(c)(2), the statutory immunization for filtering decisions. It seems fairly obvious to me that the statute should protect MySpace's filtering choices--even from an antitrust challenge so long as the challenge is civil, not criminal. We should learn a lot more about 230(c)(2) from the Ninth Circuit's ruling in the Zango v. Kaspersky case, which is still pending on appeal.
Fourth, I try to stay away from net neutrality topics, but this case may have some implications for that debate. My understanding is that some anti-net neutrality advocates argue that antitrust law, including the Sherman Act, will regulate discriminatory decisions made by the carriers sufficient to deter bad practices. That may be true, but here the court rejects a refusal-to-deal challenge when one online competitor freezes out another online competitor. This might portend poorly for a refusal-to-deal challenge to non-neutral practices by carriers, which in turn might eliminate a safety valve that the anti-net neutrality folks have pointed to as an alternative to regulation. Don't get me wrong, I'm very suspicious of net neutrality regulation, but this case might indicate that existing regulations won't prohibit discriminatory carrier practices as well as some people hope.
December 24, 2008
Stress-Relieving Company Gets Anti-SLAPPed Per 230
By Eric Goldman
If you're a 47 USC 230 junkie like me, there are few better Christmas gifts than a nice defense-side 47 USC 230 win. So just when I thought I was done blogging for the holidays, this goodie appears in my satchel. Ho ho ho!
Maybe I'm overcome by the holiday feeling, but I naively assume that a company selling products to help "customers relieve stress, reduce anxiety, and achieve emotional balance and spiritual enlightenment though meditation techniques” wouldn't need to use tough litigation tactics. But this lawsuit belies my utopianism. Can't we all just get in touch with our chakras?
The plaintiff is in the stress-relieving business. The defendants all have some connection to SOTT.net, a/k/a "Sign of the Times," a website that describes itself as "The World for People Who Think." Depending on your definition of "think," they should have either a very large or very small audience, but a few moments poking around the site left me baffled about their editorial focus. (Pictures like this one are interesting and slightly disturbing, but I don't quite understand the message). Their "quick guide" isn't very quick and doesn't do much to guide me, but I get a vague sense that the site may occasionally dabble in conspiracy theories.
OK, back to the lawsuit. Laura Knight-Jadczyk is the key defendant in this lawsuit. In response to some anonymous postings on an SOTT.net message board, Laura allegedly posted disparaging comments about the plaintiff (HBI) to the website, including alleged assertions (quoting from the court's opinion) "that “HBI is a ‘front for pedophilia;’ HBI is a “cointelpro” organization; HBI markets nothing more than an act of “falling into confluence with a psychopathic reality;” and HBI is “conning” the public." Other SOTT.net forum moderators also posted some allegedly defamatory material. The plaintiff sued Laura plus:
* her employer, QFG
* QFS, a think-tank operated by QFG
* the SOTT.net website. Laura pays the website's expenses and the domain name is owned by her husband
The plaintiff alleged that these parties fund each other's activities and share a common physical location. The plaintiff does not appear to have sued the anonymous posters who contributed to the allegedly defamatory discourse.
This opinion rules on the defendants' joint anti-SLAPP motion. The court grants the motion for Laura because the assertions were her protected opinions and for the other defendants per 47 USC 230.
The court establishes the defendants' two required elements of Oregon's anti-SLAPP statute:
* "Website forum pages allowing users to read and post comments free of charge constitute a public forum under the anti-SLAPP statute."
* "There is no doubt that the statements here were made in connection with an issue of public interest, specifically, the quality of HBI's products and services developed by Pepin [HBI's co-founder]."
With these two points established, the burden shifts to the plaintiff to establish its prima facie case. Laura is the putative tortfeasor, so QFG, QFS and SOTT all claim 47 USC 230 for her postings. The plaintiff responded that these parties are alter egos of Laura, but the court rejects that assertion: "Notwithstanding significant links between Knight-Jadczyk, QFG, QFS, and SOTT that indicate some measure of control over general operations, plaintiff fails to show control over the specific conduct at issue that is required to find QFG, QFS, and SOTT alter egos or instrumentalities of Knight-Jadczyk."
The plaintiff also argued that some of the forum moderators were QFS employees, but the court says that the plaintiff failed to make the requisite evidentiary showing. As a result, all of the forum moderators are third parties for 47 USC 230 purposes, and the defendants aren't liable for their postings either.
In addition to validating that robust online message board discussions can be protected and evidencing the power of anti-SLAPP motions to quickly quash unmeritorious lawsuits, this opinion reinforces that:
1) Website operators aren't liable for the work or postings of independent forum moderators. This is consistent with the recent Best Western v. Furber case.
2) Employers can claim 47 USC 230 protection for employee actions that they do not control. This reminds me a little of the Delfino v. Agilent case.
3) Attempts to get around 47 USC 230 by alleging that the defendants are “alter egos” of each other are unlikely to work, just like the “aiding and abetting” pleadaround also fails.
December 22, 2008
Lawsuit Over Google Ads for Mobile Services Dismissed Per 230--Goddard v. Google
By Eric Goldman
Goddard sued Google because Google displayed third party AdWords ads for allegedly fraudulent mobile subscription services. On its face, this lawsuit appeared preempted by 47 USC 230 (consistent with other opinions granting 230 for third party ads, such as the recent Cisneros case), although the plaintiff included some allegations to try to get around 230. No such luck for them. This ruling kicks the lawsuit out on 230(c)(1) grounds with leave to amend (more on that in a moment).
I'm a big fan of Judge Fogel's opinions. He's a meticulous and thoughtful judge, and his opinions are always carefully constructed. In particular, this opinion is a terrific read for anyone who would like to see a cutting-edge 230 opinion. It discusses many of the major recent 230 cases (Roommates.com, Mazur, Doe v. MySpace, Craigslist, National Numismatic) and contextualizes them nicely. It's like a 230 year-in-review opinion. If you want a one-stop resource to see what's happened in 47 USC 230 jurisprudence in 2008, read this opinion.
Among other interesting aspects, this is the first opinion by a Ninth Circuit-bound district court judge that has a robust analysis of how Roommates.com applies to the case. (Roommates.com has been cited in a few other opinions, but usually in a very cursory fashion). Judge Fogel deftly wrestles with the multiple contradictory provisions of Roommates.com, noting that it is principally is a defendant-favorable ruling with only a thin layer of plaintiff-side opportunity. For example, Fogel reads the Roommates.com opinion very narrowly when he says "The [Roommates.com] court emphasized repeatedly that the website lost immunity only by forcing its users to provide the allegedly discriminatory information as a condition of access." The opinion did say that, but I'm not sure about the "only," and it said lots of other contradictory things as well.
The Unfair Competition Claim
The plaintiff argued that Google engaged in 17200 unfair competition by receiving funds from fraudulent ads. Though this may be a novel way of framing Google's involvement, it doesn't adequately mask the underlying argument that the defendant should lose 230 coverage because it received an economic benefit from third party tortious conduct--an argument that has been rejected many, many times before and doesn't fare any better here. The court reframes the argument as a premises liability argument and rejects it per Gentry and Doe v. MySpace.
Along the way, the court addresses the plaintiff's allegation in the complaint that Google helped draft the impermissible ad copy. The plaintiff didn't press this point after the complaint, and the court says (referencing its reading of Roommates.com) that "there is no suggestion in the current record that Google “encouraged” the [advertisers] to create the allegedly fraudulent content, or that the creation of such content was anything less than voluntary."
The court also addressed the plaintiff's argument that the claim was anchored in the federal anti-money laundering criminal statute and therefore should drop out of 230 per the exclusion for federal criminal law (230(e)(1)). The court correctly rejects this but doesn't cite precedent on this point, missing Doe v. Bates.
Breach of Contract/Negligence
The plaintiff's other main attack vector is that Google should be liable because it failed to enforce a provision in Google's AdWords contract with advertisers restricting fraudulent conduct. I've complained repeatedly about arguments trying to treat a vendor's contractual negative behavioral restriction as an affirmative representation by the vendor that such behavior won't occur on the website (my latest rant on this point). Fortunately, Judge Fogel has little difficulty rejecting this argument, correctly pointing to the Green v. AOL precedent involving the distribution of third party viruses in an AOL chatroom (the Noah v. AOL precedent would have been an appropriate additional citation).
To try to get around this, the plaintiff cites to the Mazur case, which said that eBay can be liable for its affirmative marketing representations even if they are rendered untrue by third party conduct. I've repeatedly expressed my concern that the Mazur case is a more scary ruling to defendants than Roommates.com, but this opinion slightly calms my fears. Judge Fogel correctly notes that Google never made affirmative marketing representations on this point and the negative behavioral restrictions in the AdWords contract weren't an affirmative marketing representation.
Google also argued that this line of claims are barred by 230(c)(2), the immunization for filtering decisions. Citing to National Numismatic v. eBay, Judge Fogel rejects the argument based on the statutory list of immunized harmful content, saying "the relevant portions of Google's Content Policy require that [advertisers] provide pricing and cancellation information regarding their services. These requirements relate to business norms of fair play and transparency and are beyond the scope of § 230(c)(2)." I'm not sure the 230(c)(2) argument was Google's strongest, but I would have loved to see Judge Fogel unpack this discussion and the implicit assumptions a little more.
Aiding and Abetting
Finally, the court rejects the attempted 230 pleadaround that Google aided and abetted the advertisers, saying "there are no allegations here that Google “developed” the offending ads in any respect." (Cite to Roommates.com).
Leave to Amend
Given that this case was filed after the Roommates.com en banc opinion, and therefore the plaintiff had the chance to structure the complaint based on a reading of the latest Ninth Circuit standard, it would have made sense to dismiss this complaint without leave to amend. Instead, Judge Fogel gives the plaintiff another chance and articulates his reading of allegations that should survive 230 preemption:
there may be instances in which an internet content provider will be considered “ ‘responsible’ at least ‘in part’ for [posted third-party content] because every [posting] is a collaborative effort” between the internet provider and the third-party content provider. Fair Housing Council, 521 F.3d at 1167. If Plaintiff could establish Google's involvement in “creating or developing” the AdWords, either “in whole or in part,” she might avoid the statutory immunity created by § 230. In light of that possibility, Plaintiff will be given an opportunity to amend her complaint in order to allege such involvement.
Reading between the lines, the writing is on the wall for this lawsuit. The plaintiff can't win, and it would be a mistake for the plaintiff to refile. The judge even says as much in a footnote to this quote, saying "at present it appears unlikely that Plaintiff can" make the requisite allegations. Nonetheless, I'd be shocked if the plaintiff didn't refile. If they do, I hope Judge Fogel vigilantly polices the boundaries of Rule 11 for any allegations the plaintiffs make but can't back up--just like he did in the KinderStart v. Google case.
A Final Point
By my count, this is the third post-Roommates.com case where Roommates.com has been cited in favor of the defendant in kicking the case out of court. (The other two are Best Western v. Furber and GW Equity). In contrast, I am not aware of any case yet citing Roommates.com in favor of a plaintiff. It's obviously early, but at this point the limited evidence suggests that Roommates.com was not a watershed change to 230 jurisprudence. On that basis, Roommates.com may not be as bad a substantive ruling as we had initially feared.
December 19, 2008
Vulcan Golf v. Google Class Certification Denied
By Eric Goldman
This is a complex lawsuit by trademark owners attacking domaining and the role of the Google AdSense for Domains program in funding domaining activity. When I first blogged on the case in 2007, I wrote:
the lawsuit could effectively fall apart if the judge rejects formation of a class. Trademark class action lawsuits are rare for good reason-- trademark owners must establish the validity of their marks, the famousness of their marks (for dilution) and the similarity between their marks and the defendants' usage. These are all intensely fact-specific questions; none of which seem susceptible to class adjudication
Yesterday, the court ruled on class certification, and perhaps not surprisingly, the court denied certification--giving Google and the other defendants an early Christmas gift. Happy holidays! This ruling doesn't completely squelch the lawsuit, but without class certification, the case becomes a whole lot less interesting to the plaintiff's lawyers. For that reason, it also wouldn't surprise me to see them appeal the class certification denial.
The ACPA and Trademark Infringement Claims
The court rejects class certification for the trademark infringement and Anti-Cybersquatting Consumer Protection Act claims because the individual questions of fact predominate over the common questions of law.
The court blanches at the thought of trying to determine the owners of the applicable trademarks. The plaintiffs said that TESS could answer any ownership questions, but the court rightly realizes that TESS is not a definitive and comprehensive source of trademark ownership information. As a result, the court says "Even if the court has to conduct hearings regarding ownership on even a tiny fraction of the potentially millions of registered and unregistered marks or personal names of the putative class members, such an undertaking would render proceeding as a class unmanageable."
The court also rejects the verifiability of trademark "distinctiveness." The plaintiffs argued that a trademark registration could suffice as evidence of distinctiveness, but the court rightly points out that registration only provides rebuttable evidence of distinctiveness. The court also points to problems with unregistered trademarks and personal name marks. The court thus concludes "were the class to be certified, the court would be required to engage in thousands (or more) of individual inquiries as to whether a class members’ mark is distinctive," which would be a "staggering" undertaking with respect to the unregistered and personal name marks.
The court also assesses the prospects for adjudicating various affirmative defenses, such as abandonment or fair use. The court says "the affirmative defenses related to the putative class members’ marks simply add another layer to an already fact-specific inquiry that the court must delve into with respect the putative class members’ marks or names."
The Unjust Enrichment Claim
The court bounces the unjust enrichment claim because unjust enrichment laws vary by state. The plaintiffs tried to say California law applies categorically due to Google's involvement, but the court correctly points out that there are plaintiffs and defendants who have nothing to do with California and therefore would not be appropriately governed by CA law. Once CA law is out of the picture, the court confronts the state-by-state variations in unjust enrichment law and concludes that those variations are enough to deny class certification.
Whether Class Action Relief is Superior to Other Methods
In addition to these legal problems, the court has some interesting discussion about the plaintiffs' desired remedy. The court expresses some frustration that the plaintiffs seem to vacillate between saying they want damages and saying they only want injunctive relief. If the plaintiffs only want injunctive relief, the court says that a class action lawsuit is inferior to the extrajudicial options to plaintiffs of pursuing a UDRP action and opting-out of Google's and the domainers' program (which the plaintiffs have already done to some degree). This is the first time I can recall a court favorably citing either the UDRP or a search engine trademark policy as a substitute for judicial action such that it curtails legal recourse. The court also notes the availability of direct non-consolidated actions against the defendants, including large statutory damages plus attorneys fees under ACPA, as another substitute for the class action.
Some Further Implications
First, this case reinforces the difficulty of establishing class action lawsuits to enforce trademark rights. They are possible, but so often the idiosyncrasies of each trademark preclude summary adjudication.
Second, this case might have some utility for the multitudinous other class action lawsuits against Google and the other search engines over their advertising practices, such as the CLRB Hanson case and the string of advertiser lawsuits against Google over AdSense placement on domainer sites. Although this ruling principally turns on the vagaries of trademark law and the other lawsuits typically involve contract interpretations, this court signaled some clear discomfort with class litigation where there are meaningful factual differences between the plaintiffs. To that extent, this case does not suggest favorable outcomes for class certification in those cases either.
December 17, 2008
Google's Latest Attempt to Kill the CLRB Hanson Lawsuit Fails
By Eric Goldman
CLRB Hanson Industries, LLC v. Google, Inc., NO. C 05-03649 JW (N.D. Cal. Dec. 16, 2008)
CLRB v. Google is the long-running lawsuit (3 1/2 years and counting) over Google's adherence to advertising limits that advertisers set in Google AdWords. I have blogged on the case several times, including:
* my initial post from August 2005
* the August 2007 determination that advertisers were bound by the AdWords contract
* the May 2008 initial refusal to grant summary judgment to Google
Over the course of the litigation, the court has substantially narrowed the scope of claimants who have a potentially viable claim against Google to just three groups: advertisers of less than 1 month, advertisers who ended their campaign in a partial month, and advertisers who paused their campaign. Seemingly undaunted by the May 2008 ruling denying summary judgment to squash these three groups, Google again sought summary judgment on narrower grounds. Maybe Google thought it had a real chance of winning this second attempt at summary judgment, but it smelled a little "hail mary" to me. Thus, perhaps not surprisingly, Judge Ware rejected the motion and reiterated that summary judgment isn't appropriate (at one point saying, with a hint of frustration, "Defendant appears to be attempting to re-litigate an issue decided in the May 14 Order").
As a result, it appears that at least some aspects of the case appear destined for a trial--which, as far as I can recall, would be the first US trial on Google's AdWords practices. Fortunately for Google, the class is so limited that Google's damages exposure should not break the bank even if it loses badly at trial. Normally cases with light damages would settle, but I suspect the case is still around because the parties can't work out a deal on the attorney's fees--which, if this situation is anything like the click fraud cases, almost certainly will dwarf any actual monetary relief received by the putatively injured advertisers. If the parties can work out the plaintiff attorneys' cut of the spoils, I'm confident this lawsuit will settle before trial.
December 16, 2008
Lori Drew Conviction Reflections, Part 3 of 3: Lessons for Cyberlawyers Drafting User Agreements
By Eric Goldman
[Note: this is Part 3 of a special 3-part series on the Lori Drew conviction. Part 1 discussed why MySpace, the putative victim of Lori Drew’s crime, might end up regretting the conviction. Part 2 discussed some problems with holding Lori Drew responsible for a contract she never clicked through. This post concludes the series.]
Last week, I went to my first CLE conference for Cyberlawyers since Drew’s conviction, and the conference included panels about online contract drafting. Given that Drew’s conviction was based on MySpace’s user agreement and contract formation process, I expected some discussion about the case’s implications. Instead, I was very surprised that the panels had no discussion about the lawyer’s role in drafting MySpace’s contract or any lessons we as Cyberlawyers should take from her conviction for drafting future contracts. The materials were identical to the discussion we would have had before the conviction.
Personally, I think this is a huge oversight. We as Cyberlawyers cannot lose sight of the social responsibilities that complement our client responsibilities. And as this case illustrates, when we draft overly expansive contract restrictions in online user agreements, we may be unwittingly turning many or all of our clients’ users into criminals. Not only is criminalizing our clients’ customers users potentially bad for their businesses, but it is irresponsible—and unnecessary.
The problem is particularly acute for user behavior restrictions that the service provider never plans to enforce. As has been pointed out elsewhere, a contract restriction saying that "kids under 18 cannot use the website" has no legal meaning (it’s designed to deal with the voidability of contracts with minors, although this might be less of an issue than we thought), but it potentially criminalizes any minors who ignore the language. Similarly, a restriction on creating accounts using false registration information might be handy in those rare cases when the service provider is chasing spammers who create bogus accounts, but it also potentially criminalizes many users who legitimately might not want to tell the complete truth to the website during registration. Thus, while there might be some limited circumstances where these clauses are appropriate, for the most part we need to dump these overly expansive behavioral restrictions from our toolkits.
Based on the Lori Drew conviction and other recent developments, such as the JuicyCampus enforcement action, I have two recommendations for how Cyberlawyers should draft user agreements in the post-Lori Drew conviction era.
Use Generalized, Not Specific, Behavioral Restrictions
First, user agreements should rely more heavily on generalized permissive statements like “the website may terminate users at any time in its sole discretion” instead of laundry lists of prohibited user behaviors. Historically, unrestricted termination clauses were considered troublesome because they were cited against Napster as satisfying the “right and ability to supervise” prong of vicarious copyright infringement. However, we have since learned that Napster was an aberrational case and it would be foolish to try to change our in-the-field practices based on the case. At this point, I see no clear legal downside to using a generalized termination right, and it obviates the need for long, ambiguous, thesaurus-driven behavioral codes.
Alternatively, liquidated damages provisions can deter unwanted behavior without establishing negative covenants. For example, MySpace’s anti-spamming liquidated damages clause paid off big for MySpace in its lawsuit against theglobe.com.
Move Behavioral Restrictions to a Separate Community Norms Document
Second, behavioral restrictions that do not need to be specifically barred in the user agreement can be moved into a separate statement of community norms/standards. This way, users are told what they can do and not do, but the statement does not have the force of law. Ideally, other users can be given tools to help them enforce the community norms. Even better, the norms can be posted on a wiki so that the site’s users can help update them as the site’s community evolves.
This community norms approach has at least three benefits. First, because the norms aren’t part of the agreement, overzealous prosecutors can’t use them as a basis of prosecution, so the site avoids unwittingly criminalizing its users. Second, if the norms are phrased right, overzealous plaintiffs cannot argue that the negative restrictions are implicit marketing representations that such user conduct will not take place on the site. This will squelch analytically corrupt claims like the ones advanced by the New Jersey’s attorney general office against JuicyCampus. Third, a separate non-legal document may be a more effective tool to communicate site expectations than embedding those rules in a user agreement that no one will read (all statistics I’ve seen indicate that well less than 1% of users read user agreements).
I realize it’s unlikely Cyberlawyers will enthusiastically change their drafting techniques in response to the Lori Drew conviction. If nothing else, I find contract drafting attorneys tend to ossify their techniques; plus a number of forces conspire to push drafting attorneys to make longer and meaner user agreements. But at the same time, I think it would further compound the tragedies of Meier’s suicide if we don’t internalize the message that our user agreements are being used to try to send people to jail, whether we intend that or not.
December 15, 2008
Lori Drew Conviction Reflections, Part 2 of 3: Who is Bound by Clickthrough Agreements?
By Eric Goldman
[Note: this is Part 2 of a special 3-part series on the Lori Drew conviction. Part 1 discussed why MySpace, the putative victim of Lori Drew’s crime, might end up regretting the conviction. Part 3 will discuss some lessons for Cyberlawyers who draft online user agreements.]
From everything I’ve seen, Lori Drew apparently never affirmatively manifested assent to the MySpace user agreement. My understanding is that Drew’s babysitter, Ashley Grills, testified that she, not Drew, created the MySpace account and clicked through the MySpace user agreement. (I understand that the jury disbelieved Grills, although I am not aware of any contrary testimony on this point). Furthermore, I am not aware of any testimony that Grills informed Drew that Grills was accepting the MySpace user agreement on Drew’s behalf or that Grills provided any other form of notification to let Drew know that a contract was being formed--let alone educating Drew about the terms of that contract.
If this is true, then how can Drew be legally connected to the contractual restrictions that she was convicted of violating? Principal-agency doctrines would be one way. If Grills was Drew’s agent, then Grills would have actual or implied authority to bind Drew contractually. However, I am skeptical that Grills was Drew’s agent for contract formation purposes. First, I am not clear about whether Grills was Drew’s employee or was an independent contractor. The latter status would cut off most forms of agency liability for Drew. Second, even if Grills was an employee, it is difficult to argue that entering the MySpace user agreement was within the scope of Grills’ employment, even if it was putatively done at Drew's request.
As a result, I think the only way Grills could bind Drew to the MySpace user agreement was via the apparent authority doctrine. This argument is not completely untenable. For example, in the 2005 Abramson v. AOL case, the plaintiff’s son bound his mother to the AOL user agreement based on his apparent authority to act on her behalf. (The court also said that mom ratified the contract by continuing to use the service knowing of the contract terms). Similarly, an earlier 2004 case, Motise v. AOL (briefly discussed here), held that a stepfather bound his stepson, who shared use of the same computer, to the AOL user agreement.
It should be obvious why the courts have reached these conclusions. After all, if a click on the clickthrough agreement binds only the clicker, but the vendor cannot authenticate the identity of the person who clicked, then online user agreements could be easily defeated by anyone who simply claims someone else using their computer did the clicking. Consider an analogy (I’ve been holding this one as a possible future contracts exam question, but oh well): is a contract formed when a retailer cashier presses the “OK” button on the credit card swiping pad on behalf of a befuddled/distracted customer who is holding up the line? I’ve seen this happen dozens of times, but could the customer renege on the contract because he/she wasn’t the one literally pressing the button?
At the same time, the Abramson and Motise cases both involved family relationships. Although family members don’t automatically have agency authority to bind other family members, judges seeking equitable results would have little discomfort holding family members accountable for their online clicks. In contrast, the Grills-Drew relationship wasn’t familial and therefore not as susceptible to equitable readings.
More importantly, it’s one thing to use apparent authority to uphold a venue selection clause in a civil lawsuit (the only stakes at issue in the Abramson and Motise cases), but it’s quite another to apply that doctrine, or something similar, in the criminal context with the consequences of depriving liberties based on a user agreement the defendant never saw and didn’t affirmatively agree to. Indeed, I am not aware of any evidence that Drew ever learned of any applicable restrictions in the MySpace user agreement or otherwise “ratified” the agreement.
Therefore, based on everything I’ve seen, Grills would have been an appropriate target for criminal enforcement predicated on the MySpace user agreement because she actually clicked through. In contrast, holding someone else legally responsible for that click, especially if they never learned of the contract terms, makes no sense. Convicting them of a crime based on these contract terms is unconscionable.
More generally, the issue of who is bound by a click (other than the clicker, of course) seems like a recurring issue for the future. I’m not sure if we can draw too many insights from Drew’s conviction on this question, but this case—combined with Abramson and Motise—does suggest that courts and juries may take an expansive view of the circle of responsibility for clicks. While this is fantastic news for the sites trying to form these user agreements, in the criminal context, it can be tragic.
December 12, 2008
Lori Drew Conviction Reflections, Part 1 of 3: Why MySpace Might Regret the Conviction
By Eric Goldman
[As I’ve mentioned before, I think Lori Drew’s conviction is a tragic denouement to an already tragic situation. After thinking more about the conviction, I initially planned to blog some brief additional commentary to my initial post. However, that post grew so long that I decided to split it into a special three-part series. This post, Part 1, explains why MySpace, the putative victim of Lori Drew’s crime, might end up regretting the conviction. Part 2 will address some problems with holding Lori Drew responsible for a contract she never clicked through. Part 3 will discuss some lessons for Cyberlawyers who draft online user agreements.]
On this year’s Cyberlaw exam, I tested students on the federal crimes exception to 47 USC 230. As I’ve thought more about that, I realized that once Lori Drew was convicted of a federal crime, everyone else associated with Drew lacks 47 USC 230 protection if the government decides to prosecute them as well.
As a result, if overzealous prosecutors decided to prosecute any of Lori Drew’s online support vendors—such as, say, her Internet access provider—these additional defendants cannot defend using 47 USC 230. Of course, prosecutors may not be able to establish a prima facie claim against these third parties, but the point remains that companies that normally expect to rely on 47 USC 230 for user behavior now face a new exposure risk.
The most obvious potential defendant who might fear this consequence is MySpace, which facilitated the fateful conversation between Drew/Grills and Meier. However, Drew was convicted of violating the Computer Fraud & Abuse Act, which protects against harms to computer servers. This means that, as a matter of criminal law, MySpace was the victim of Drew’s crime in this case.
It’s easy to forget that MySpace is the victim. First, for a victim of such a high profile case, MySpace has been surprisingly quiet in this matter. I believe MySpace provided some support to the prosecution and made a few public remarks critical of Drew, but overall my impression is that they have tried to avoid public scrutiny of their role in this tragedy. Second, it stretches credibility to believe that Drew harmed MySpace. MySpace is hardly a sympathetic victim; and if anything, given the serious problems taking place on MySpace (1, 2, 3, 4, 5), many Americans probably view MySpace as part of the problem, not a victim.
Ironically, then, MySpace could go from victim in this case to defendant in the next. For example, if any of its users use the MySpace network to commit a similarly de minimis Computer Fraud & Abuse violation against a third party website, MySpace may not be able to invoke the 47 USC 230 shield that it normally depends upon. As a result, MySpace may have to rely on prosecutorial discretion to avoid a high-risk and expensive criminal prosecution. As highlighted by Drew’s prosecution, we all know how comforting that is.
More generally, I realize that the federal crimes exception to 47 USC 230 is underexplored (making it another good paper topic if you’re looking for one). I’ve only blogged on it a few times, including my comments to the SEC anti-linking proposal, the Google and Yahoo settlement regarding gambling ads and civil plaintiffs’ (failed) arguments that civil claims deriving from federal criminal laws are not preempted (they are) (1, 2). I could see why this dearth of material might change: the angst about 47 USC 230’s broad immunization inevitably will put more pressure the immunity’s few exclusions.
December 11, 2008
Patent Lawsuit Filed Over Google Reader--Priest v. Google
By Eric Goldman
I normally try to stay away from patent lawsuits, and frankly so many are filed against the major search engines that it would be impossible for me to keep up. However, I got such a good laugh out of this complaint that I had to share it with you.
The lawsuit alleges that Google, and in particular Google Reader, infringes two patents, #5,167,011 and #5,829,002. I have no opinion on the merits of the lawsuit. It appears that the lawsuit was filed pro se, and I can't remember the last time I saw a pro se patent lawsuit. Maybe that explains the strangeness of the complaint.
The complaint tells the story of how the plaintiffs approached Google in 2007 about the patents by emailing Google's bizdev email account. The complaint suggests that in March 2008, Google sent a nice "buzz off" email. The complaint then indicates that the plaintiffs were scared to engage Google in further discussions due to the 2007 SanDisk v. STMicroelectronics Federal Circuit ruling, which held that plaintiffs' stronger assertions of its patent rights might create the basis for Google to file a declaratory judgment--something the plaintiffs apparently really, really wanted to avoid. Therefore, the plaintiffs decided to let their complaint do the talking from there.
But now that the complaint has been filed in their home court and it will be difficult for Google to usurp jurisdiction, the plaintiffs want to keep talking with Google. So, in their complaint, they write (para. 15):
Further, as Priest & Morris, in good faith, only wish that the invention be used to its fullest potential, and have a strong wish that precious court and corporate resources be conserved, the plaintiffs prefer reaching this fair settlement through friendly appreciation and negotiation. In any event, we encourage defendant to not view this complaint as 'litigious behavior' and to view it in respective good faith and action.
I'm not exactly sure what planet these plaintiffs are from, but here on Earth, we tend to view the filing of a lawsuit as "litigious behavior." Further, given that the typical cost to defend a patent lawsuit is around $5M, it's a little hard to see how Google will interpret this lawsuit as a friendly gesture.
December 08, 2008
Keyword Ads and Other Marketing Supports Remote Jurisdiction--Market America v. Optihealth
By Eric Goldman
Market America v. Optihealth Products, Inc., 2008 WL 5069802 (M.D.N.C. Nov. 21, 2008)
This lawsuit involves the trademark "OPC-3." "OPC" is the generic term for "group of antioxidant bioflavonoids" that companies sell as dietary supplements. The plaintiff has obtained a trademark registration for "OPC-3." Numbers can become trademarks with enough marketing to educate consumers that they have secondary meaning, but I'm pretty suspicious of trademarks that consist of generic term + number. It's like "Bread 7" for bread.
The defendants sell OPCXtra, a competitive dietary supplement to OPC-3. The defendants deployed some aggressive marketing approaches (which reminded me of the Nowcom case), including registering the domain name opc3.com, purchasing keyword ads that apparently included opc3 and other plaintiff trademarks as keyword triggers, and including OPC-3 in the metatags (as usual, the court was imprecise about which type of metatag, but I infer it was a keyword metatag). In response, the plaintiff sued for trademark infringement, cybersquatting and other claims.
In this ruling, the court held that the NY-based defendant was subject to jurisdiction in the plaintiff's home court of North Carolina. That ruling, on its own, isn't all that interesting. The court found jurisdiction using the standard "minimum contacts" test, but even if it hadn't, trademark infringement lawsuits support jurisdiction based on the "Effects tests" and this circumstance (with its aggressive marketing) seems particularly well-suited to do so. Unfortunately, the court plotzed in excitement because the case involved the Internet and the analytical rigor suffered accordingly, but it got to the logical result.
More interesting is that to attack jurisdiction, the defendants argued that their metatags didn't constitute a trademark use in commerce. This is an odd attack on jurisdiction, though it would have been more logical for a 12b6 motion to dismiss. Consistent with courts outside the Second Circuit, the court rejects the defense because metatag usage qualifies as a trademark use in commerce. Frankly, even if the metatags didn't qualify as a trademark use in commerce, the keyword advertising is probably a use in commerce in all jurisdictions outside the Second Circuit, and the domain name registration presumably qualified as a use in commerce in every court (the domain resolved on comparative reference material with prominent ads for defendants' products). As a result, the no-use-in-commerce defense to jurisdiction seemed doomed from the get-go..
While I still don't understand why the defendants tried this substantive doctrinal attack on jurisdiction, the defendants did get some valuable information. The judge clearly signaled no interest in supporting the defendants' choices, so the defendants got a strong hint to settle up before things get worse.
December 02, 2008
November 2008 Quick Links
By Eric Goldman
* NYT: "A handful of new Web sites with names like Typo Bay and Typo Buddy are out to help shoppers save money by searching eBay for misspelled brand names." In 2005, I blogged that typographical errors are a significant issue for eBay's search engine.
* Domain name tasting down 84%?
* Wired: "Think Godzilla's Scary? Meet His Lawyers"
* Reuters: "Instead of triggering the usual take-down notices, copyright-infringing footage of select MTV Networks programing uploaded by MySpace subscribers would be automatically redistributed with advertisements that would generate revenue for the companies." I'm interested to see how this system applies to fair uses of the works!
* Arista Records LLC v. Usenet.com, Inc., 2008 WL 4974823 (S.D.N.Y. Nov. 24, 2008). The court dismisses USENET.com's counterclaims for declaratory relief that it doesn't violate 17 USC 512 because the claims duplicate its affirmative defenses.
* James Grimmelmann does an excellent job parsing the Google Book Search settlement agreement and makes some sage recommendations for how it should be modified before court approval.
* The Google-Yahoo ad syndication deal is dead. Some behind-the-scenes discussions.
* I'm not sure about the implications of this, but Google is expanding its efforts to allow website and ad targeting based on automatic geographic detection. See my prior post about the future of geolocation and a bordered Internet.
* Good news: entrepreneurs want to authenticate children's ages to keep them out of online trouble. Bad news: entrepreneurs might use age authentication to hit the kids with targeted marketing.
* The Supreme Court denied cert in Doe v. MySpace, 2008 WL 4218722. According to Tom O'Toole, this is the seventh time that the Supreme Court has denied cert in a 47 USC 230 case.
* It appears that Children of America v. Magedson has settled.
* The Santa Clara University community is having a catharsis about Juicy Campus.
* Dan Solove and I chatted with Doug Lichtman about social networking sites (asynchronously--I spoke with Doug after Dan had), with most of my conversation focusing on 47 USC 230. Doug edited the conversations together into a one-hour podcast entitled "Privacy in the Networked World." An added bonus for listening--you may be able to earn one hour of CLE FREE!
* Facebook v. Guerbuez. Facebook wins $873M default judgment under CAN-SPAM. Now, if Facebook could only collect any of this, they would have finally figured out a way to make money!
* Gordon v. SubscriberBASE Holdings, Inc., 2008 WL 4809833 (E.D. Wash. Oct. 31, 2008). Serial anti-spam plaintiff lost again on whether he has standing under CAN-SPAM.
* eHarmony settles claim that it discriminates against gay singles.
* NYT: "almost five years into its expansion into Europe...Google is getting caught in a web of privacy laws that threaten its growth and the positive image it has cultivated as a company dedicated to doing good."
December 01, 2008
Yahoo Countersues American Airlines for Declaratory Judgment
By Eric Goldman
As you recall, American Airlines recently followed its July settlement with Google by bringing a clone-and-revise trademark infringement lawsuit against Yahoo in Fort Worth, Texas. I thought that this lawsuit might go away quickly because the parties should be able to iron out their differences. Instead, Yahoo apparently has decided to fight back by bringing a declaratory judgment action against American Airlines in the presumably more friendly confines of the Northern District of California.
I'm not enough of a civil procedure expert to handicap the odds that Yahoo can strongarm the case out of Texas and into California. I've seen a few such ploys in Internet cases fail recently, but I'm not sure if those were aberrational. Regardless of the likelihood of success, I'm fascinated by the fact that Yahoo wants to move the battle to a Ninth Circuit jurisdiction. After all, until the Rescuecom oral argument train wreck, most of us thought that the Second Circuit was the most defendant-favorable jurisdiction for keyword advertising lawsuits because courts have regularly dismissed those cases on trademark use in commerce grounds. In contrast, I highly doubt that a Ninth Circuit court will kick out American Airlines' lawsuit on that basis. See, e.g., the American Blinds and Picture It Sold cases.
Meanwhile, the Ninth Circuit has issued some awful Internet trademark opinions, such as the horrendous 1999 Brookfield case that opened the floodgates of bogus initial interest confusion Internet cases. Worse, fairly directly on point is the Ninth Circuit's 2004 Playboy v. Netscape case, where (among many other analytical defects) the court couldn't even decide if search engines should be analyzed under direct or contributory trademark infringement doctrines--but kept going and trashed Netscape anyway. I realize that the Fifth Circuit Internet trademark jurisprudence is thin, so Yahoo might want to opt out of the unknown, but opting into Ninth Circuit Internet trademark jurisprudence seems...well...counterintuitive....
Of course, Yahoo may be trying to benefit from home court jurisdiction just like American Airlines is, but Yahoo's complaint gives another clue why it might be seeking out Ninth Circuit law. The declaratory judgment complaint references "nominative fair use" repeatedly, suggesting that Yahoo's trademark policy only allows advertisers to bid on American Airline trademarks when doing so would qualify as a nominative fair use. The Ninth Circuit has a more well-developed nominative use doctrine than other circuits and has issued several favorable nominative fair use cases, including the seminal New Kids on the Block case. In contrast, the nominative use doctrine is not as well accepted elsewhere; for example, the Sixth Circuit expressly disclaimed it in the PACCAR case. Therefore, Yahoo may be hoping that the Ninth Circuit's favorable and well-established nominative fair use doctrine may provide it with the strongest chance of success, even if Yahoo has to abandon any chance of a quick victory based on the use in commerce defense (not that such a defense was probable in Fifth Circuit courts).
(FWIW, I personally think that keyword sales are more accurately characterized as a commercial referential trademark use than a nominative use, but I haven't found many folks buying into this theory).
One other reason why Yahoo might be able to pull the jurisdictional switcheroo. The complaint brielfy notes that American Airlines has entered into a contract with Yahoo containing a venue selection clause. Even if true, Yahoo should have been able to raise the contract clause as a defense to the Texas litigation. The declaratory judgment may be a way to try to prevent a Texas judge from disregarding the venue selection clause. Or Yahoo's move might just be a show of strength that Yahoo is going to defend its turf aggressively.