Home

Biography

Tech & Marketing Blog

Goldman's Observations Blog

Writings

Presentations          

Classes

Resources

Contact


 

 
Technology & Marketing Law Blog

« September 2009 | Main | November 2009 »

October 30, 2009

Internet Obscenity Conviction Requires Assessment of National Community Standards--US v. Kilbride

By Eric Goldman

U.S. v. Kilbride, 2009 WL 3448360 (9th Cir. Oct. 28, 2009)

Jeffrey Kilbride and James Schaffer were porn spammers, operating through Ganymede Marketing, a Mauritian company. I previously blogged on their case in 2007. Their spam failed to comply with CAN-SPAM in several respects, including forged headers, fake email addresses and bogus contact info. The FTC claimed that it had received over 662,000 complaints about their spam. After a 3 week trial, a jury convicted them of criminal CAN-SPAM violations, criminal obscenity for 2 spammed images and other charges. Kilbride was sentenced to 6 1/2 years and Schaffer got over 5 years. Both appealed their convictions.

In the resulting Ninth Circuit opinion, the most important discussion relates to their obscenity convictions. The Supreme Court defined obscene material in the Miller case as:

(a) whether the average person, applying contemporary community standards would find that the work, taken as a whole, appeals to the prurient interest; (b) whether the work depicts or describes, in a patently offensive way, sexual conduct specifically defined by the applicable ... law; and (c) whether the work, taken as a whole, lacks serious literary, artistic, political, or scientific value [emphasis added]

On the Internet, the question arises: whose community standards? The Miller test anticipates that geographically dispersed communities could have different norms, and in theory an Internet content publisher needs to conform to all of them or at least the most restrictive ones. For an early example of this, see United States v. Thomas, 74 F.3d 701 (6th Cir. 1996) (involving a dial-in BBS). However, the cost and limitations of geographic authentication technology means that many Internet content publishers can't steer their content into or away from a particular geography. Personally, I think this is especially true for publishing content by email because I know of no effective way to accurately authenticate the geography of most email recipients.

The US Supreme Court squarely wrestled with the issue of disparate geographic communities being collapsed on the Internet in 2002 in its first Ashcroft v. ACLU ruling (this should be distinguished with the more influential second Ashcroft v. ACLU opinion from 2004, which I still teach today in Cyberlaw). That case involved a challenge to the 1998 Child Online Protection Act (COPA), and the Third Circuit had affirmed a preliminary injunction against COPA on the grounds that the application of a "contemporary community standards" clause to Internet publication was constitutionally infirm due to disparate community standards. In 2002, the US Supreme Court reversed the Third Circuit in a massively fractured way, with 5 different opinions and no clear consensus on anything.

To resolve this appeal, the Ninth Circuit had to divine a single rule of law from this mess-o-opinions. After parsing the inscrutable Supreme Court opinions, the Ninth Circuit concluded that "a national community standard must be applied in regulating obscene speech on the Internet, including obscenity disseminated via email." Whether or not the Ninth Circuit read the Ashcroft v. ACLU precedent correctly, it reached the only logical outcome for a communication medium without clear geographic authentication. Nevertheless, this is hardly an unquestionable conclusion; the Miller case expressly rejected a national standard (whatever that means): "obscenity is to be determined by applying 'contemporary community standards'...not 'national standards.'" Presumably, the 2002 Ashcroft v. ACLU opinion overwrote this statement from Miller (and similar statements in earlier obscenity cases), but no one really understands what the Supreme Court said in 2002.

While the Ninth Circuit reached a sound result, its ruling doesn't help these appellants. Even though the district court provided different jury instructions, the Ninth Circuit concluded that the district court's instructions were not "plain error" (the applicable review standard), so the convictions stand. Harsh.

Even if appellants wrested a reversal, I'm not sure it would matter because I have never fully understood the import of regionally disparate "contemporary community standards." The phrase only explicitly modifies the Miller test’s determination of whether a work "appeals to the prurient interests"--basically, whether the work appeals to content consumers' interest in sex. Community standards can also implicitly come into play with the determination of what is "patently offensive" or the perceived value of the work, but these are not explicitly referenced in the Miller test.

With respect to the prurient interest reference, I could imagine regional differences about some borderline cases (say, a sex education tutorial) or with respect to niche sexual interests, where the niche audience would find that the work appeals to their esoteric interests and the remainder of a region's population might find the work so unappealing that it’s not viewed as sexually interesting at all. But for a lot of "mainstream" pornography, my guess is that there are not meaningful regional differences about the work's sexual appeal. I haven't seen the 2 images at issue in this case, so maybe they fall into the borderline cases. Otherwise, I wonder if a new trial using national community standards would actually change the result. (Another reason for skepticism: our rage towards spam frequently causes us to ignore the rule of law when we have a chance to punish spammers).

In the ruling, the Ninth Circuit also rejected the defendants' facial and as-applied challenges to the criminal CAN-SPAM provisions. The defendants focused their attack on CAN-SPAM restrictions on falsifying information in a way that would "impair" spam blocking. The court concludes that none of the provisions are constitutionally too vague. This wasn't really a close case for the as-applied challenge because of the defendants' egregious handling of their email campaigns. In contrast, I would like to think the facial challenge has not been resolved permanently; these were clearly not the right defendants to raise or litigate the facial issues.

Along the way, the Ninth Circuit takes a swipe at domain name proxy registrations. Pulling a quote only slightly out of context, the court says "Based on the plain meaning of the relevant terms discussed above, private registration for the purpose of concealing the actual registrant's identity would constitute 'material falsification'" (one of the elements of a CAN-SPAM crime). You may also recall the recent Solid Host v. NameCheap case suggesting that proxy service providers could face contributory ACPA liability. Collectively, these two opinions indicate legally disadvantageous treatment for proxy service usage. Given this disconcerting trend, I don't see the domain name proxy business as a growth industry.

Thomas O'Toole also discusses the ruling.

Posted by Eric at 03:00 PM | Content Regulation , Domain Names , Spam | TrackBack

October 29, 2009

Court: Prosecutors Can't Rummage Around in a Defendant's Gmail Account -- U.S. v. Cioffi

[Post by Venkat]

The government is prosecuting a couple of Bear Stearns hedge fund managers for securities fraud and related offenses. I came across a story that prosecutors obtained evidence from the gmail account of one of the defendants which prosecutors recently disclosed. ("E-Mails Seen as a Flash Point in Bear Stearns Fund Managers' Fraud Trial") In some ways I think this illustrates one of the pitfalls of using a service such as gmail. Gmail stores your data forever - or at least doesn't give you a ton of control over when it is deleted - so it's much easier for prosecutors to obtain this evidence. If you stored the data on your own servers, you may be able to get by with deleting the data pursuant to a regular document retention/destruction policy. And more importantly, there's a much higher likelihood of you knowing when the data has been or is about to be seized. (It's more difficult to obtain email from a service provider in a civil case.)

Interestingly, the defendant whose email was disclosed by the government as evidence in the Bear Stearns case prevailed in a motion to suppress the gmail evidence. (US v. Cioffi, et al., Case No. 08-CR-415 (FB) (E.D.N.Y.; Oct. 26, 2009).) (Access a copy of the ruling at Scribd [pdf] here; see the WSJ story here ("In Setback for Bear Stearns Case, Judge Suppresses Email").)

Facts: The government initially obtained an email sent through non-company email accounts between Cioffi and Tannin (the two defendants) talking about how the "subprime market looks pretty ugly . . . ." The government used this email to support its allegations that Tannin used his personal (gmail) account to commit or further the crimes. The government's affidavit argued it needed to search the gmail account, but offered certain limitations on the access - for example, the search would be limited to emails created on or before the day prior to the defendant's retention of counsel, in order to avoid interception of privileged communications. The affidavit also noted that "the nature of electronically stored data" required the authorities (rather than Google) to search through the email account.

The magistrate judge issued the warrant, but did not attach the affidavit to the warrant. The government went to Google, which initially wrote to the government that "it was no longer able to extract the information requested in [the warrant] because Tannin's account had been deleted." Several months later, "on the eve of trial," Google advised that it had located a copy of the account and delivered a copy of its contents to the government. (??)

The Court's Ruling: The critical issue in front of the court was whether the warrant was sufficiently particular as to minimize unnecessary invasions into the suspect's privacy. The court noted at the outset that Tannin had "a reasonable expectation of privacy in the contents of his personal email account." The government did not dispute this point. (This doesn't seem to be a settled issue, as noted in the case mentioned below.) Turning to particularity, the court notes that searches of documents, data, computers, and email accounts raise tricky issues as to what level of particularity is required. A couple of different approaches have been used to avoid a general search by the government: (1) providing keywords or other search parameters in advance; or (2) having a third party conduct the search and segregate responsive information from non-responsive information.

The court noted that an overly broad warrant may be cured by incorporation of an affidavit that would constrain the agents' search, but Second Circuit cases have been less receptive lately to this approach. (In the context of a digital search, it would seem that this wouldn't work as well as it would with respect to physical objects. Exposure to data that doesn't fall within the search warrant would compromise the suspect's privacy and would undermine the whole point of particularity in this context.) Regardless of whether the affidavit could have cured the warrant's particularity problem, the affidavit was not actually attached to the warrant, so this argument was not in play.

The court ultimately concludes that the warrant did not comply with the Fourth Amendment. The government sought to invoke exceptions in order to have the evidence admitted notwithstanding these issues, but the court rejected both of these attempts. With respect to the good faith exception, the court was emphatic:

[t]his case . . . is not about search terms or firewalls. It is, rather, about the fundamental and venerable prohibition on general warrants. Since 'it is obvious that a general warrant authorizing the seizure of evidence without mentioning a particular crime or criminal activity to which the evidence must relate is void under the Fourth Amendment . . . no reasonably well trained officer could believe otherwise.'

As to inevitable discovery - the second exception - the court's ruling is also interesting. The court seemed to say that the government could only satisfy particularity after having seen the emails procured by the overbroad warrant: "the government's timing still presents a problem: [h]aving seen the November 23rd email, the government is now in a position to obtain a warrant with perfect particularity. There is, in other words, no way to purge the taint of its unconstitutionally overbroad search."

***

I can't tell if the government just dropped the ball here or whether there's something more to it. One view is that if the government had a narrow warrant application and the magistrate judge issued a narrow warrant, the government could have probably obtained the information they ultimately sought? On the other hand, the court is rightly skeptical that the government could have obtained the emails at issue by providing a set of keywords to Google. After all, wasn't this the argument the government used to justify the fact that the search needed to be conducted by the government, rather than by Google or by a third party? The court's rejection of the government's inevitable discovery argument seems significant. My practice does not stray into the realm of criminal cases so take that with a grain of salt. I'm curious to see what people like Orin Kerr and Scott Greenfield have to say. (Congrats to Professor Kerr, whose "Searches and Seizures in a Digital World" article is cited by the court. He has also posted extensively on a recent Ninth Circuit decision that bears on these issues: United States v. Comprehensive Drug Testing, Inc., 579 F.3d 989 (9th Cir. 2009).)

Interestingly, Professor Kerr notes a recent decision from federal court in Oregon where the court held that email was not covered by the Fourth Amendment. [Clarification: see this post for a clarification.] Pointing to the Google terms of service, the court held that most users expect their emails to be shared with Google employees and other third parties, and the account-holder was thus not entitled to notice before the government obtained a warrant to search someone's gmail account. I think (but I'm not sure) the account-holder still has the ability to challenge the search after-the-fact, as did the defendant in Tannin. Either way, the ruling seems noteworthy, and raises issues around process where the government subpoenas your email records from the service provider. When do you as the account-holder receive notice of a government search? Does Google have a consistent policy on this?

I'm still sticking with my instinct that using a third party service such as gmail raises the risk that your emails end up in the hands of prosecutors. I'm also curious about Google's policies for dealing with these sorts of issues.

Added: You can check out Professor Kerr's post on this ruling here. His conclusion: "the basic Fourth Amendment holding was likely right," but the court should have applied the good faith exception. He also posts a clarification to his earlier post about the Oregon decision, which I linked to above: court's conclusion only speaks to notice to subscribers, which the court concludes is not required under the Fourth Amendment.

Posted by Venkat at 09:14 AM | Privacy/Security , Search Engines

October 27, 2009

Zittrain on the Dark Sides of Crowdsourcing

By Eric Goldman

Last week, Cyberlaw expert/rock star Jonathan Zittrain of Harvard Law School (visiting at Stanford Law School this term) spoke as part of SCU's lecture series on IT, Ethics and Law. An overflow crowd of over 100 people came to the talk, and as usual Jonathan did a wonderful job. You should attend his talks if you have a chance. They are always highly entertaining and thought-provoking.

Overview

Jonathan's talk was opaquely titled "Minds for Sale: Ubiquitous Human Computing and the Future of the Internet." I think his talk really covered the Dark Sides of Crowdsourcing. Normally, such a talk would immediately raise red flags about the speaker’s intentions and net-savviness. However, Jonathan has sterling credentials as a crowdsourcing enthusiast, so he can raise concerns without sounding shrill or regressive.

He pointed to numerous examples throughout his talk, but one of his principal targets is Amazon.com's Mechanical Turk. Mechanical Turk describes itself as "a marketplace of work. We give businesses and developers access to an on-demand, scalable workforce. Workers select from thousands of tasks and work whenever it's convenient." LiveOps is also on his mind; the site hires individuals to provide live customer support for third party businesses from their homes on a flexible and dynamic basis.

The Problems

From the worker's perspective, Jonathan raised several potential concerns about Internet marketplaces for labor, including:

* surveillance. LiveOps can track and monitor every aspect of workers’ performance, including when they were online and where they connected from. This does depend on the employer’s specific technological architecture; I’m not sure if Mechanical Turk gets such deep looks into its workers' behavior.

* alienation. Online workers are often retained to do pieces of a larger project without understanding the whole project. Thus, they may apply existing rote skills but not broaden their expertise.

* moral valence. Because workers may not understand the greater project, they could help projects that are morally objectionable without realizing it. Jonathan gave some terrific examples, such as spammers distributing the work of breaking CAPTCHAs and the government asking citizens to identify folks in group/crowd photos for law enforcement or possibly dissident-busting purposes.

Jonathan also raised some systematic concerns that could arise from these online labor marketplaces, including:

* without uniform labor laws, employers could trigger a race to the bottom where the work flows to jurisdictions with the laxest worker protections. We’ve already seen an analogous situation as states try to enact “Amazon affiliate sales tax” laws designed to trigger sales tax collection obligations based on the presence of marketing affiliates in the state, which has prompted some Internet companies to dump affiliates overboard in some of those states based solely on their regulatory policy.

* crowding out. As it becomes easier for workers to monetize their time in smaller units, they may become less willing to contribute their labor to non-paying enterprises like Wikipedia. I address some of these dynamics in my Wikipedia paper.

Possible Solutions

Jonathan identified some possible solutions, including:

* revitalized labor standards, such as minimum wage laws or anti-child labor laws. As one example, he proposed that worker reputation should be “portable” so that good workers for an online enterprise can have their accomplishments follow them to future employers. Ironically, this may be unintended Internet exceptionalism because IMO worker reputation isn’t portable in physical space due to the collapse of the job reference market.

* unionize online workers. Unionization was a natural proposal given the talk’s tenor, but I found it anachronistic. How can unions be relevant to online labor markets where people can "change jobs" with a few clicks of a mouse? The Internet has much more competition among employers than any geographically restricted labor market, and the employees’ friction to change jobs online is so much lower than it is in physical space. For example, unhappy Mechanical Turkers can easily click to a large number of competitive websites that will gladly pay them for their contributions. At the same time, the Internet globalizes labor forces in ways that are unprecedented in physical space, so the value for “commodity” labor plummets. Both dynamics seem to doom any efforts to unionize online labor.

* disclosure. Employers should have to disclose who they are and why they are asking for the work to be done.

* opt-out. When people are doing work without knowing it, they should have the opportunity to opt-out. For example, the RECAPTCHA project uses human CAPTCHA-solving to correct OCR scanning errors. Zittrain thinks people should be given a choice not to provide those services.

Jonathan's final takeaway message was to express a general reservation that money is pervading our relationships and activities. He gave the example of how a Mechanical Turk employer offered to pay other Turkers to do kind acts--something, Jonathan pointed out, is oxymoronic because paying people to be kind means they aren’t actually being “kind.”

My Comments

Whether intended or not, Jonathan’s talk had a strong Marxist undercurrent that is tough for many of us to embrace. The Internet makes labor markets more efficient. It also increases the heterogeneity of ways that people can find gainful employment they can perform at the time and place of their choosing. Both generally sound like strongly positive developments to me.

I thought Jonathan’s strongest point was his dystopian view of bad actors (e.g., repressive governments and spammers) crowdsourcing socially detrimental work without workers knowing it. Disclosing the employer’s identity and motivations would be a partial but necessarily incomplete solution. More transparency would prevent people from inadvertently contributing to bad projects, but some people need cash so desperately that they will take it regardless of the moral valence. (I'm ignoring the malcontents who would gladly pay for the chance to facilitate social disruption).

Jonathan’s talk became harder to follow as he addressed examples well beyond online labor marketplaces. Specifically, a number of his examples seemed to conflate work activities, play activities and other ways that people voluntarily allocate their time. (FWIW, I’ve been accused by Timothy B. Lee of doing the same thing in my Wikipedia paper). For example, he treated Google’s use of website links for its PageRank algorithm as a form of “work” where Google gets the benefit of individual linking decisions. (In turn, he lauded Google’s nofollow link as a good example of how laborers can have an opt-out mechanism). While we collectively create value for Google by establishing links to third party sites, I don’t see how linkers are “working” for Google. Instead, I think the links are a positive externality captured by Google. We create positive externalities through our online (and offline) activities all of the time, and I think trying to characterize those as “work” is not the right direction. See, e.g., Frischmann and Lemley’s critique of regulatory overresponses to spillovers.

Similarly, Jonathan gave examples of “games” where the players provide valuable outputs to the game organizers through their ordinary gameplay. An example is where people are asked to tag photos as part of a game, where the tagging can become commercially valuable metadata. In this situation, the game organizers get an undisclosed private benefit (the beneficial work) from what is otherwise a fair market transaction (people voluntarily enjoying the game). Normally, we don’t worry about undisclosed private benefits; in fact, they occur in most economic transactions, even in efficient marketplaces. While increased disclosure about the game organizer’s motivations might help game players make more informed decisions about whether to play the game or how to price their participation, it’s not clear to me that such disclosures would actually help the game player’s make better decisions or enjoy the game more.

Terri Griffith, a colleague of mine in the SCU business school, wrote up her perspectives on the talk.

UPDATE: Mike Sardina, an SCU Law student, also wrote up a recap with commentary.

UPDATE 2: The Markkula Center provided a summary of the talk, and SCU student Courtney Meehan posted on it as well.

Posted by Eric at 12:06 PM | General , Internet History , Virtual Worlds | TrackBack

October 25, 2009

Tucows Not Liable for Spam Judgment Against 3rd Party Based on Private Registration Services -- Balsam v. Tucows

[Post by Venkat]

Judge Breyer (N.D. Cal.) rejected an attempt by a spam plaintiff to hold a registrar liable for a judgment against a third party based on private registration services provided by the registrar. (Balsam v. Tucows Inc., et al., CV 09-03585 CRB (N.D. Cal. Oct. 23, 2009). Access a copy of the order at Scribd here.) Incidentally, the plaintiff - Dan Balsam - is a recent law school grad who catalogues his extensive anti-spam efforts at his website: "danhatesspam.com."

Facts: As recounted by the court, Balsam received 1,125 pieces of spam advertising an adult-oriented website over a seven month period. Balsam performed a WHOIS lookup and found that the website was registered to Angeles Technology Inc. Some time later, Angeles started utilizing private registration services provided by Tucows. Balsam sued Angeles, and obtained a default judgment for $1,125,000. After Balsam brought suit but before he obtained judgment, Balsam requested the registrant’s identity from Tucows. Tucows refused to provide the name without a court order.

Balsam tried unsuccessfully to collect against Angeles and have garnished revenues from the website's payment processor. He even tried to have the underlying domain name seized. Understandably miffed, he brought suit against Tucows, arguing that Tucows was liable for the judgment due to its failure to disclose the identity of the person who held the beneficial interest in the domain name.

The Court's Ruling: Balsam sought to hold Tucows liable based on a variety of claims, but they were all premised on Balsam being a third party beneficiary to the "Registrar Accreditation Agreement" which registrars are required to sign with ICANN. Specifically, the RAA contains a clause which requires all registrars to enter into agreements which obligates registrants to provide accurate information and also for each registrar (referred to as a "Registered Name Holder") who provides private (or nominee) registration services to "accept liability for harm caused by wrongful use of the [domain name], unless [the registrar] promptly discloses the identity of the licensee to a party providing [the nominee registrar] reasonable evidence of actionable harm." I've reproduced the actual clause below at the end of this post. (Arguably, the reference in section 3.7.7.3 to the "registered name holder" should not necessarily be seen as a reference to the registrar. Registrars often wear multiple hats, and this results in some confusion. But to me it doesn't seem like the fact that registrars often provide private registration services through subsidiaries or related entities should be a determining factor. At the end of the day, the clause speaks to the person or entity in whose name the domain name is registered, which in the case of private registration services is the registrar or its subsidiary.)

Judge Breyer held that Balsam was not a third party beneficiary under the RAA and thus all of Balsam's claims failed.

Thoughts: To begin with, Balsam was fighting against the weight of precedent in arguing third party beneficiary claims under the RAA. Courts have refused to find that the RAA creates obligations enforceable by third parties. (See, e.g., Register.com v. Verio, 356 F.3d 393 (2d Cir. 2004).) Also, this isn't the first time a court has looked specifically at whether section 3.7.7.3 of the RAA creates a class of third party beneficiaries. As Professor Goldman previously noted, in Solid Host NL v. NameCheap, Inc. (No. 08-5414) (C.D. Cal. May 19, 2009), a judge in the Central District of California denied a registrar's motion to dismiss where a plaintiff sought to hold a registrar liable for cybersquatting under theories of direct and contributory liability (among other theories). That case also involved a registrar's failure to disclose the identity of the person or entity using the private registration services. Oddly, the court in Balsam cites NameCheap for the proposition that section 3.7.7.3 does not create an intended class of third party beneficiaries. I actually read NameCheap to say that third party beneficiary status was possible, depended on the facts as to intent and construction of the agreement, and thus could not be resolved on a motion to dismiss. (See pp. 39-49 of the NameCheap order.)

Balsam's case is somewhat tougher to make than Solid Host's, in that Balsam obtained a default judgment of over a million dollars. No judge is going to put the registrar on the hook for this type of a damage award absent some serious facts showing misconduct (i.e., the type of evidence the jury found persuasive in the Louis Vuitton case mentioned below). And that's where Balsam falls short in my opinion. It's tough to see where the real harm is to Balsam from the use by Angeles of private registration services. Balsam already knew the identity of the registrant, since the registrant he proceeded against started using the privacy protection services after Balsam after discovered its identity. (Stepping back, it's tough to see how a thousand emails should result in a million dollar damage award, but that's a separate issue.) Balsam only alleges that the failure by Tucows to reveal the identity of the beneficial registrant 'complicated' Balsam's ability to collect against Angeles Technology Inc. Regardless of how the third party beneficiary status discussion plays out, to me this casts a shadow over Balsam's claim.

As a side note, I agree with Professor Goldman that the court's reasoning in NameCheap isn't crystal clear, but I think it's a closer question as to whether - based on section 3.7.7.3 - a registrar should be held liable for harm flowing from a delay in disclosure. Regardless of whether the parties intended to create a class of third party beneficiaries, the thrust of section 3.7.7.3 is that if a registrant offers privacy protection services (i.e., register the domain name in your own legal name and allow someone else to be the beneficial owner), it seems to have a contractual obligation to disclose the identity of the beneficial owner upon request by an injured party. The fact that the RAA is an agreement registrars enter into with ICANN (which is a quasi-public entity) as a condition of being accredited and being allowed to offer domain name registration services also weighs in favor of the third party beneficiary argument. On the other hand, accepting that the RAA creates third party beneficiaries would result in a variety of problems and create unintended classes of plaintiffs and causes of action. Ultimately I don't think it's a very good idea, and courts have not been very receptive in general to third party beneficiary claims under the RAA.

To the extent the third party beneficiary argument flies, Solid Host had a stronger argument for why it should be treated as a third party beneficiary. Solid Host involved wrangling over a domain name that was originally registered in the name of Solid Host. Solid Host arguably relied on the provisions in the RAA in registering its domain name in the first place. (Note: to the extent a court accepts the third party beneficiary argument this leaves registrars in an arguably tricky spot. Section 3.7.7.3 does not limit itself to harm caused by the failure to disclose. It seems to cover harm "caused by wrongful use of [the domain name] . . .")

In any event, trying to hold a registrar (or someone else in the chain) liable for ACPA or trademark claims raises a host of thorny issues that courts struggle with. To the extent they can be unpacked, I'll admit I'm incapable of unpacking these issues in a blog post, or even a series of blog posts. I'll leave that to Professor Goldman. (See posts from Professor Goldman on the Solid Host case here and on the recent jury verdict for contributory liability for trademark infringement ($32MM!) obtained by Louis Vuitton here.) Suffice it to say that facts often dictate the result, and here, it just didn't pass the gut test to hold Tucows liable for a significant default judgment based on failure to disclose by Tucows. Particularly when in the court's view Balsam's evidence connecting the failure to disclose by Tucows with the underlying harm wasn't particularly strong.

As I read Balsam v. Tucows, I wondered whether Tucows had a Section 230 argument lurking in the background. My tentative thought is that it could have a viable 230 argument, since Balsam is seeking to hold Tucows liable based on third party content. Although Balsam could argue that under Barnes v. Yahoo Tucows could be viewed as having a contractual obligation which it didn't fulfill, this could be a tough argument to make, given that Tucows did not make any promises to Balsam directly. (See the two rulings in Goddard v. Google, Inc. (rejecting attempts to bring claims against Google based on third party beneficiary status under Google's advertising terms); see also Morrison v. America Online, Inc., 153 F. Supp. 2d 930, 934 (N.D. Ind. 2001) (rejecting attempt to evade § 230 immunity by claiming to be third-party beneficiary of AOL’s member agreement with chat-room users).) Given his interest in Section 230, I'll leave this issue to Professor Goldman as well.
__

ICANN Registrar Accreditation Agreement (pre-May 21, 2009):

3.7.7 Registrar shall require all Registered Name Holders to enter into an electronic or paper registration agreement with Registrar including at least the following provisions:
3.7.7.3 Any Registered Name Holder that intends to license use of a domain name to a third party is nonetheless the Registered Name Holder of record and is responsible for providing its own full contact information and for providing and updating accurate technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the Registered Name. A Registered Name Holder licensing use of a Registered Name according to this provision shall accept liability for harm caused by wrongful use of the Registered Name, unless it promptly discloses the identity of the licensee to a party providing the Registered Name Holder reasonable evidence of actionable harm.

Posted by Venkat at 10:45 PM | Domain Names , Spam

October 23, 2009

Judge Rejects Attempts by Texas Plaintiffs to Intervene in Beacon Class Action--Harris v. Facebook

[Post by Venkat]

I mentioned last week that a group of plaintiffs sought to intervene in the class action filed against Facebook in the Northern District of California. The Texas plaintiffs who sought to intervene were part of a class action filed against Blockbuster (Harris v. Blockbuster - this lawsuit was filed before the the Northern District of California class action). The Texas plaintiffs argued that the two lawsuits were "related," and that the parties to the California lawsuit should have filed a "notice of related action," so the California court could have evaluated whether the lawsuits should be consolidated.

In orders issued today, Magistrate Judge Seeborg denied the request to intervene brought by the Texas plaintiffs and conditionally approved the class certification and settlement ironed out by the parties to the Northern District of California lawsuit. Judge Seeborg noted that although the lawsuits were "related," the Texas plaintiffs were aware of the California class action in September 2008. Thus, their request to intervene was untimely.

Quick thoughts on the ruling:

1. The court notes that to the extent the Texas plaintiffs have substantive objections to the settlement, these objections can be raised at a later date.

2. With the caveat that I'm not familiar with the nuances of class action procedure, I would guess it will become tougher to object to a settlement further down the road. As a practical matter, conditional approval will set in motion the process of notifying potential class members and providing them the opportunity to opt-out. A low number of opt-outs may be viewed as an indication that there's not really enough of a separate class that objects to the terms of the settlement conditionally approved by Magistrate Judge Seeborg to warrant a second class action. (On a related note, I wonder if the Texas plaintiffs will mount some sort of campaign to try to demonstrate that a substantial number of potential plaintiffs object and the settlement should not be given final approval. I'm guessing they won't set up a Facebook group as part of this campaign, but you never know!)

3. It's sort of awkward for a group of putative plaintiffs who filed their lawsuit first to have their claims extinguished by a later filed class action. Blockbuster was named in the second filed action (in California) and to the settlement in the California lawsuit is approved, my instinct is that this may effectively kill the class claims asserted in the Texas lawsuit against Blockbuster. (There was some activity in the Texas lawsuit about whether the claims are subject to arbitration. The court in Texas found that Blockbuster's terms of service were "illusory," and rejected Blockbuster's request to arbitrate. Blockbuster has appealed this ruling.)

4. The terms of the settlement in the California lawsuit do not provide for payment of compensation to non-named class members. (See the notice approved by the court here: [pdf].) On the other hand, the Texas lawsuit alleged violations of the Video Privacy Protection Act, which provides for statutory damages.

5. The notice of settlement will be published through newspapers, and of course, "through Facebook updates."

It will be interesting to see how this plays out.

Posted by Venkat at 04:50 PM | Privacy/Security

Google AdWords Litigation Updates--Google Adds One Lawsuit and Ends Another

By Eric Goldman

It's been a little quiet on the Google AdWords trademark litigation front in the past couple of months, so it's timely to check in on the situation.

Jurin v. Google, Inc., 2:09-at-01695 (E.D. Cal. complaint filed Oct. 22, 2009)

You may recall Daniel Jurin, who claims ownership in the trademark "styrotrim" (a type of building exterior covering). In June, he sued Google for trademark infringement and related claims as part of the spate of lawsuits filed after Google changed its trademark policies in May. Then, less than 2 months later, he voluntarily dismissed the lawsuit after having parting ways with his attorneys. I figured losing his attorney would spell the end of Jurin's quest, but no! Breaking a two month dry spell in new Google AdWords lawsuits (the last being Flowbee in mid-August), Jurin has found a new attorney, Paul Bartleson, and has decided to tangle with the tiger once again. Welcome back to the party!

It appears that Jurin had to cast a pretty wide net to find a substitute attorney. Paul's website says for the past 19 years he "has focused almost exclusively on Bankruptcy matters," and his LinkedIn page says he is "also an entrepreneur and business development consultant in a business that teachers leadership, values and relationship skills, while capitalizing on the wealth building potential of the internet." Huh? Not sure what that means, but could this lawsuit be an example of their "wealth building" prowess???

The complaint itself doesn't break any new ground. It's fairly internally redundant, and the narrative appears to conflate paid ads with organic listings fairly freely (while ironically complaining that Google confuses ads and organic results).

Soaring Helmet Corp. v. Bill Me Inc., 2:2009cv00789 (W.D. Wash. voluntarily dismissed Oct. 15, 2009)

In an unpublicized move, Soaring Helmet voluntarily dismissed Google from its trademark lawsuit against Bill Me last week. Even with Google out of the picture, the trademark owner v. advertiser lawsuit appears to be going strong. My initial blog post on that lawsuit.

Rosetta Stone v. Google

A month ago, Rosetta Stone's lawsuit largely survived Google's 12(b)(6) motion to dismiss. In a non-substantive opinion, the court tossed out the false endorsement and conspiracy claims but left the remainder intact.

Google v. John Beck Amazing Profits

In mid-September, Google voluntarily dismissed its declaratory judgment action trying to wrest the John Beck v. Google lawsuit venue out of Texas. This dismissal does not appear to have affected the original John Beck v. Google case, nor did it succeed in affecting venue.

The roster of pending AdWords cases:

* Ezzo v. Google
* Rescuecom v. Google
* FPX v. Google
* John Beck Amazing Profits v. Google and the companion Google v. John Beck Amazing Profits
* Stratton Faxon v. Google (not initially a trademark case)
* Soaring Helmet v. Bill Me
* Ascentive v. Google
* Jurin v. Google 1.0 (voluntarily dismissed), succeeded by Jurin v. Google 2.0
* Rosetta Stone v. Google
* Flowbee v. Google

Posted by Eric at 09:54 AM | Derivative Liability , Search Engines , Trademark | TrackBack

October 22, 2009

Power.com Counterclaims Dismissed -- Facebook v. Power Ventures

[Post by Venkat]

Facebook and Power Ventures have been involved in a lawsuit over whether Power.com can allow its users to access user data on Facebook's network. Facebook brought suit against Power.com asserting a slew of claims ranging from copyright infringement to violations of the Computer Fraud and Abuse Act. Power.com brought a motion to dismiss, which the court denied. This ruling was noteworthy, among other reasons because it recognized Facebook's potentially tenuous copyright claims and gave credence to Facebook's argument that access of user data by Power.com (or Power.com users) in violation of Facebook's terms of use was potentially actionable by Facebook. (For comments on this ruling, see Cyberlaw Cases; BNA's TechLaw blog; Jeff Neuberger; and an earlier post from me.) After the court denied Power.com's motion to dismiss, Power.com answered the complaint and asserted counterclaims against Facebook. Power.com's counterclaims garnered some attention, likely due to the fact Power.com alleged that Facebook engaged in anti-competitive conduct by restricting consumers' access to their data. (See, e.g., NYT/Bits Blog ("Power.com Fights Back Against Facebook").)

In a recent order, Judge Fogel granted Facebook's motion to dismiss, finding that Power.com failed to sufficiently articulate the bases for its counterclaims. (Access a copy of the order here: [pdf].) There's not much to say about Judge Fogel's order, except that it was brief (four pages!), and the court was not moved by Power.com's vague allegations of misconduct by Facebook. As noted by the court:

Power's Answer and Counter-Complaint contains a seven and a half page 'Introduction and Background' narrative untethered to any specific claim. The claims themselves each consist of a conclusory recitation of the applicable legal standard and a general 'reference [to] all allegations of all prior paragraphs' . . . .[T]his form of pleading does not enable the Court to surmise which facts in the introductory narrative support which claims, if in fact they do.

The court observes that antitrust claims require a heightened standard of pleading, and throws in a reference to Twombly for good measure. The court also strikes Power.com's affirmative defenses (of misuse and estoppel) as unsupported by "any factual allegations." Although the court grants Power.com leave to amend its counterclaims and affirmative defenses, I would guess Power.com will think twice about filing amended counterclaims unless these claims have solid factual backup.

Rumors of an impending settlement between the parties swirled around, even after Facebook filed its complaint. Then it looked like Power.com was looking to fight back. It's always tough to tell from the win or loss of a particular motion which way the lawsuit will go, but Judge Fogel's order certainly lets the air out of Power.com's counterclaims. To the extent Power.com was looking to gain leverage by asserting counterclaims, it may be out of luck.

Posted by Venkat at 08:39 PM | Copyright , Spam

Facebook Not Liable for Private User Groups Per 230--Finkel v. Facebook

By Eric Goldman

Finkel v. Facebook, Inc., 2009 N.Y. Slip Op. 32248 (N.Y. Sup. Ct. Sept. 15, 2009)

This is a really interesting legal dispute with an entirely predictable outcome for Facebook as a defendant. See my initial blog post on the matter. A half-dozen high school students participated in a private Facebook group that ridiculed one of their peers. This wasn't a nice thing to do, and the conversation exhibits the kind of mean-spirited puerile comments forged by the insecurities and social pressures of high school. Whether the underlying conversation is actually tortious remains unresolved, but I have my doubts.

Nevertheless, we knew all along that Facebook wasn't liable for its users' private group or their conversations per 47 USC 230. This wasn't even close to a colorable question. The plaintiff's lawyer mistakenly read the law differently and unwisely sued Facebook. To get around 230, he alleged that Facebook took an ownership interest in the private group's messages, which he argued should cost Facebook its 230 immunity. There are at least two problems with this theory, though. First, Facebook doesn't take anything close to ownership in private group messages; at most, I believe they take a limited non-exclusive license. Second, even if Facebook did take ownership of the group's contents, 230 applies to third party-created online content irrespective of the ultimate IP ownership of the content. Several cases support that proposition, including Blumenthal v. Drudge from 1998 and Schneider v. Amazon.com from 2001. Here, the court makes the point emphatically, saying "Ownership of 'content' plays no role in the Act's statutory scheme."

Given this very clear and plainly stated proposition, the trial court judge gives Facebook its deserved early exit from the case per 230, correctly labeling the plaintiff's argument "meritless." Fortunately for the plaintiff's counsel, the court decided not to grant sanctions to Facebook, saying that the argument wasn't "frivolous." Future plaintiffs with similarly misguided theories about 47 USC 230 may not be so lucky.

For more, see CMLP.

Posted by Eric at 09:36 AM | Derivative Liability | TrackBack

October 21, 2009

Craigslist Isn't Liable for Erotic Services Ads--Dart v. Craigslist

By Eric Goldman

Dart v. Craigslist, Inc., 09 C 1385 (N.D. Ill. Oct. 20, 2009)

Yesterday, Judge John F. Grady of the Northern District of Illinois federal court dismissed Cook County Sheriff Dart's lawsuit against Craigslist for user-posted advertisements in Craigslist's erotic services/adult services category on 47 USC 230 grounds. This is hardly surprising, as I wrote in March that "this lawsuit is almost certainly preempted by 47 USC 230." However, it was nice to see such a clean and decisive opinion--and a little ironic, as our law enforcement officials, who are supposed to enforce the laws rather than bypass them, got schooled in the limits of their legal authority.

With respect to the 230 analysis, the court characterizes Sheriff Dart's claims as alleging that Craigslist negligently published the user-supplied ads. The court says that the Seventh Circuit implicitly said that 230 preempted such claims in the 2008 CLC v. Craigslist case. To get around this, Sheriff Dart tried a Roommates.com styled attack, arguing that Craigslist induced the users' advertisements by creating an erotic/adult services category and letting users do keyword searches. These arguments go nowhere (making this yet another case where Roommates.com is cited for the defense). An adult services category can legitimately contain postings for legal services, and the keyword search functionality was agnostic about the illegality of the search and therefore a "neutral tool" (whatever that meant from Roommates.com).

Two other interesting doctrinal notes from the opinion:

* In FN 6, the court reiterates that 230 preempts a civil action to enforce a federal criminal statute. See Doe v. Bates.

* the court rejects arguments that Craigslist "arranges" meetings for prostitution, "directs" people to prostitution or "provides" contact info for prostitutes because, in all three cases, the user-supplied ad (if anything) satisfies those verbs. Similarly, Craigslist's role in "facilitating," "assisting" or "aiding and abetting" these user activities is governed by 230. I believe this is consistent with my view that 230 should preempt any claim that one party "endorses" third party online content.

Given some ambiguous language floating in Seventh Circuit 230 jurisprudence from the CLC v. Craigslist case and the old Doe v. GTE case, it wouldn't surprise me if Sheriff Dart tried an appeal. However, this opinion was solidly reasoned and completely consistent with that jurisprudence, so I wouldn't expect a different result on appeal.

Posted by Eric at 01:13 PM | Content Regulation , Derivative Liability , Marketing | TrackBack

Domain Names as Property Subject to Creditor Claims--Bosh v. Zavala

[Post by Venkat]

Most people take it for granted that domain names are property. As such, there shouldn't be much dispute that domain names are subject to the claims of judgment creditors. But I've seen enough resistance to this position that I thought a recent case was worth a quick mention. This recent case (Bosh v. Zavala (08-CV-04851-FMC-MANx) (C.D. Cal. Sept. 24, 2009)) also raises some interesting questions about the mechanics of trying to use a domain name to satisfy a judgment. For more perspectives, see Marc Randazza's post on this case here; see also NYT; Domain Name News; Deadspin.

Background: One of the early and often-cited cases for the proposition that a judgment creditor cannot get a domain name is Network Solutions, Inc. v. Umbro Int’l, Inc., 259 Va. 759, 770 (Va. 2000). In Umbro, the Virginia Supreme Court held that "a domain name registrant acquires the contractual right to use a unique domain name for a specified period of time...[but this] contractual right is inextricably bound to the domain name services that [Network Solutions] provides." Umbro concluded that the domain name registration agreement was a "contract for services" (which was not subject to "garnishment") rather than property. (Umbro was preceded by the Eastern District of Virginia's decision in Dorel v. Arel where the court punted on the "issue of whether a domain name is personal property subject to [a lien]" because the judgment creditor could take advantage of an easier, practical solution: "the registrar's policies.")

Kremen v. Cohen: Enter Kremen v. Cohen, decided by the Ninth Circuit in 2003. Kremen cast a shadow over Umbro. Kremen involved an action for conversion where the underlying property was a domain name. One of the big questions in front of the court was whether a domain name was property which could support a claim for conversion. The court pretty definitively answered that a domain name was property and therefore could support a claim for conversion. Following Kremen, courts started to realize that since domain names are property, they should be subject to the claims of judgment creditors. (See Office Depot, Inc. v. Zuccarini, 621 F. Supp. 2d 773 (N.D. Cal. 2007).) More recently, in Bosh, Judge Florence Marie-Cooper of the Central District of California allowed Toronto Raptors basketball player Christopher Bosh to seize a slew of domain names held by Luis Zavala, based on a cybersquatting judgment obtained by Bosh.

The key conceptual question to resolve is whether domain names are freely transferable, or whether domain name registration services are contracts personal to the registrant. Given the emergence of the flourishing secondary domain name market, you would think there would be no dispute as a practical matter as to whether domain names are freely transferrable. But it's not as hard you may think to encounter people who argue that domain names are just personal contract rights. For example, in 2009, Network Solutions took this position in the Kentucky domain name case where the Kentucky AG tried to seize numerous domain names based on the fact that they were "gambling devices" used in contravention of Kentucky law. (See pages 7 through 11 of their amicus brief filed in Kentucky: [pdf].) The Kentucky AG's decision was on questionable legal grounds for a variety of reasons, but I was surprised to see Network Solutions' reliance in its amicus brief on Umbro.

From a practical standpoint, the big question is whether a judgment debtor has assets that can be sold to satisfy a judgment. If there are such assets (whether in the form of domain names or otherwise), most courts are going to find a way to let the judgment creditor get at them. There may be tweaks around whether the particular statute in question covers a certain type of property (see, e.g., Palacio Del Mar Homeowner's Association, Inc. v. McMahon, 174 Cal. App. 4th 1386 (2009) (domain names are not subject to "turnover order," coincidentally, the same type of order Bosh obtained)), but it's a mistake to see these cases as somehow rejecting the theory domain names are properly subject to the claims of creditors. One caveat: even if domain name registration services are not contracts personal to the registrant, not every domain name can be easily bought and sold. As discussed in a moment, certain types of domain names - including potentially those involved in Bosh - are tougher to monetize without stepping on the toes of third parties.

Process Questions: In Bosh, the domain names all related to the names of famous athletes and celebrities and were ordered "turned over" to Bosh. Bosh plans on distributing them to other athletes whose names the defendant was squatting on. (Bosh plays for the Toronto Raptors and the defendant squatted on the names of Bosh and many other athletes.) Bosh is somewhat atypical since Bosh didn't really care about satisfying the judgment he obtained and probably will not undertake further efforts to collect. But one of the problems with Bosh is that it doesn't set any sort of process to value the domain names. Is the defendant's judgment satisfied based on the turnover? Who is to say? A turnover to Bosh is sort of an awkward result, and seemingly precluded by the statute (see McMahon), but Zavala was not around to contest the issues, so it is what it is.

A related problem is that Bosh would have a tough time selling the domain names, given that there would be little guarantee that any purchaser would steer clear of engaging in the same conduct that the defendant did in Bosh. The court in Zuccarini alludes to this. (See Zuccarini, 621 F. Supp. 2d at 778, fn. 7.) It's unlikely a court would ever conclude this, but if Bosh decided to auction off the names that were turned over, would he be treading close to the cybersquatting line?

Back to the typical case. Some would argue there's some sort of non-infringing use for all domain names, and that it's up to the purchaser to figure out non-infringing uses. There are plenty of established auction houses that regularly deal in domain names (e.g., Moniker; Sedo). The best bet is to sell a domain name through a court-blessed third party auction. Theoretically, the market price at an auction will accurately reflect the assessment of purchasers as to how the domain name can be used. I guess a very rough analogy is that real property is freely exchangeable, but you can only use it without injuring the rights of your neighbors. No one argues based on the hypothetical nuisance claims of neighbors that real property is not freely exchangeable and therefore not subject to the rights of creditors.

At the end of the day, there are plenty of issues around the fringes, but domain names are likely not off limits for judgment debtors based on the theory that domain names are not "property". Most courts will find a way to let judgment creditors get at domain names. That's not to say that the process of seizing the names and disposing of them does not raise thorny issues.

Posted by Venkat at 10:02 AM | Domain Names , Licensing/Contracts , Publicity/Privacy Rights , Trademark

October 19, 2009

DePaul Reputation Talk Slides

By Eric Goldman

Last week I presented on my long-running Economics of Reputational Information project once again--this time at a DePaul conference on cyberlaw. I titled the talk "A Tale of Two Reputation Systems" and approached it as a comparative study between job references and online product reviews. As always, I'd gratefully welcome your comments.

Posted by Eric at 10:07 AM | Derivative Liability | TrackBack

October 18, 2009

Q3 2009 Quick Links, Part 4

By Eric Goldman

Spam

* Ars Technica: "a disturbing number of e-mail users respond to spam, and not just because they're dumb—some of them did so because they were actually interested in the product or service." I collected some empirical research establishing this point in 2004.

* SpamFighter: Software Creator Admits to Aiding & Abetting Spam

Fraud

* Reuters: A virtual bank rips off depositors in EVE Online.

* Click fraud concerns at Facebook: TechCrunch; Unified ECM v. Facebook complaint (one of at least three pending).

* There can be legitimate circumstances where it makes sense for a vendor to automatically pass a user's credit card number to another vendor, but the practice seems ripe for regulation.

Contracts

* BNA: End of the Notice Paradigm?: FTC's Proposed Sears Settlement Casts Doubt On the Sufficiency of Disclosures in Privacy Policies and User Agreements (BNA Subscription required)

* In August, the NYT interviewed David Vladeck, who suggests that the FTC v. Sears settlement could signal a changing of the guard at the FTC.

* Jonathan Ezor on common drafting mistakes in privacy policies.

* Hines v. Overstock.com, Inc., 2009 U.S. Dist. LEXIS 81204 (E.D.N.Y. Sept. 4, 2009). Browsewrap terms aren’t enforceable “because the website did not prompt her to review the Terms and Conditions and because the link to the Terms and Conditions was not prominently displayed so as to provide reasonable notice of the Terms and conditions.”

* Timothy D. Cedrone, Morals? Who Cares About Morals? An Examination of Morals Clauses in Talent Contracts and What Talent Needs to Know, Seton Hall Journal of Sports & Entertainment Law. I have given my first year contracts students an exercise involving morals clauses that I think worked pretty well (see the links on this page under the "endorsement contract" bullet).

Miscellaneous

* The USPTO has not renewed the peer-to-patent program.

* ABA Journal: E-Discovery is $4B/yr industry but is experiencing consolidation.

* Paul Ohm's paper on re-identification of putatively anonymous databases. This may be one of the more important privacy law papers in some time, as it indicates that we cannot meaningfully distinguish between personally identifiable and non-personally identifiable information.

Posted by Eric at 02:43 PM | E-Commerce , Licensing/Contracts , Patents , Privacy/Security , Spam , Virtual Worlds | TrackBack

October 17, 2009

Q3 2009 Quick Links, Part 3

By Eric Goldman

Copyright

* AP v. All Headline News settles. My initial blog post. The settlement order.

* The Turnitin case has settled. My blog post on the district court ruling.

* Corbis Corp. v. Starr, No. 3:07CV3741 (N.D. Ohio Sept. 2, 2009).. Company that retained web developer could be liable for copyright infringing photos included in the developed website. David Johnson's coverage.

* Creative Commons commissioned a study of what people think qualifies as “commercial” or “non-commercial” activity. While this is relevant to how CC drafts its various license flavors, these words also have significant import to many facets of the law, including copyright (such as the fair use test) and trademark (such as the definition of “use in commerce”). The executive summary:

Both creators and users generally consider uses that earn users money or involve online advertising to be commercial, while uses by organizations, by individuals, or for charitable purposes are less commercial but not decidedly noncommercial. Similarly, uses by for-profit companies are typically considered more commercial. Perceptions of the many use cases studied suggest that with the exception of uses that earn users money or involve advertising – at least until specific case scenarios are presented that disrupt those generalized views of commerciality – there is more uncertainty than clarity around whether specific uses of online content are commercial or noncommercial.

eBooks

* Advocates for the blind sue Arizona State University for distributing electronic textbooks via the Kindle.

* Rebecca on the relationship between the Kindle 1984 debacle and the Google Book Search settlement. See also this Slate article.

Search Engines

* Train2Game v. Google, [2009] EWHC 1765 (QB): UK opinion that Google isn't liable for its search results snippets.

* CEO Bartz said Yahoo was never a search company. What??? Danny Sullivan calls her out for her "revisionist history."

* Greg Linden: Google AdWords Now Personalized.

* ThirdVoice redux: Google launches SideWiki. Let the legal games begin! (See, e.g., this BusinessWeek article). I’d be more worked up if Google had a more successful track record with non-search offerings, especially user-generated content projects. Lively, anyone?

Marketing

* Some craziness in Maine, when the legislature tried to restrict marketing to kids. PUBLIC Law, Chapter 230 LD 1183, item 1, 124th Maine State Legislature. The Maine AG said she won't enforce it, and subsequently the law was given a timeout so the Maine legislature can rethink the error of its ways.

* eBay is changing to a per-click model for paying affiliates, where the per-click amount is reset daily based on actual value delivered by the affiliate.

* Ethical Quandary: Faxed attorney newsletter doesn’t violate TCPA.

Posted by Eric at 04:47 PM | Copyright , Derivative Liability , Internet History , Marketing , Search Engines | TrackBack

October 16, 2009

Texas Class Action Aims to Derail Facebook Beacon Settlement--Harris v. Facebook

[Post by Venkat]

In late September, Facebook announced the settlement of a class action challenging its ill-fated "Beacon" program. Facebook set aside $9.5 million to settle the class claims and agreed to set up a privacy foundation. Facebook also agreed to not oppose a request for fees up to $3 million. A group of plaintiffs who filed a separate class action against Blockbuster are trying to object to this settlement.

The California Class Action (Lane v. Facebook): Facebook launched Beacon in late 2007. Consumers were not particularly happy, and in 2008, one set of plaintiffs filed a class action in the Northern District of California. (Lane v. Facebook, Inc.; Justia Page.) After "thorough, extensive, ongoing negotiations," which started in December 2008, a settlement was finally reached in this lawsuit. (Some details are recounted in the motion to approve settlement: [pdf].)

The Texas Class Action (Harris v. Blockbuster): Meanwhile, a separate set of plaintiffs sued Blockbuster in April 2008 in the Eastern District of Texas, also alleging injuries based on beacon. This lawsuit was filed before the class action in the Northern District of California, and Facebook was not named. Blockbuster argued that the claims were subject to arbitration. In April 2009, Judge Lynn of the Northern District (where the lawsuit was transferred) issued a ruling [pdf] rejecting Blockbuster's motion to compel arbitration. Judge Lynn found that Blockbuster's terms of service were "illusory," because the terms could be unilaterally changed by Blockbuster. See Eric's post on that ruling. (This ruling raised some eyebrows. See, e.g., BNA's TechLaw here, and an earlier post from me here.)

The Harris Plaintiffs File Against Facebook in Texas: Apparently the two sets of plaintiffs were not keeping each other apprised of what was going on. The Harris (Blockbuster) plaintiffs recently filed a class action in the Northern District of Texas against Facebook alleging violations of the Video Privacy Protection Act based on Facebook's implementation of beacon. (Here's a link to the complaint: [pdf].) The Harris plaintiffs are not too happy about the fact that apparently "[d]espite the requirements of the Local Rules of the Northern District of California, neither Blockbuster nor Facebook informed the District Court in the California Litigation of the pendency of the Texas Litigation." The Harris plaintiffs allege that Facebook agreed to indemnify Blockbuster of all wrongdoing, including those acts underlying the Harris action, and this agreement was a violation of public policy. They also argue that Facebook "in furtherance of the civil conspiracy outlined [in the complaint], also sought to achieve for Blockbuster what Blockbuster could not achieve for itself - resolution of any [Video Privacy Protection Act] liability through a non-arbitral forum."

Predictably, the Harris plaintiffs also filed a motion in the Northern District of California seeking leave to intervene and object to the Lane settlement: [pdf]. According to a minute entry, the court heard argument on this motion and will issue a written ruling. The motion to intervene contains one fact which is potentially damning if true. The Harris plaintiffs informed all parties to the Lane action (in April 2008) that the two cases were related and that the parties to the Lane action should bring this to the court's attention. The parties to the Northern District of California lawsuit apparently declined to do so. On the other hand, I did not come across anything indicating that the Harris plaintiffs informed the court in Texas about the existence of the Lane class action.

What to Make of all This? I don't have a sense of how viable these arguments are. The dispute smacks of some amount of jockeying between two sets of plaintiffs' lawyers around the fee award that will be paid out. (Not that there's anything wrong with this.) My instinct is that the two cases were related enough that it was worth being conservative and informing both judges as to what was going on in the other cases. Blockbuster was named as a party in both cases, although the Northern District of California lawsuit was being defended primarily by Facebook. Also, the proposed settlement in the Northern District of California class action lets Blockbuster off the hook. Since there was a class action going in Texas while the Northern District of California settlement was being negotiated, it strikes me as odd that all of the parties were not folded into one big settlement (particularly since the Texas lawsuit was filed first).

In an earlier post at Circle ID looking at the terms of the Facebook settlement, I mentioned the Blockbuster case, and wondered what would happen if a chunk of plaintiffs opted out and pursued their claims separately. I guess we may have an opportunity to see what happens.

One thing is for sure. Someone could end up getting an earful from one or both of the judges.

Posted by Venkat at 02:17 PM | Privacy/Security

October 15, 2009

Q3 2009 Quick Links, Part 2

By Eric Goldman

Trademark

* Venkat: Twitter makes the dictionary.

* Federal Circuit says Hotels.com is generic.

* Steve Madden sues eBay for trademark infringement. Marty's coverage. Justia page. I found the fifth cause of action, "trademark delusion," a surprisingly apt malapropism.

* Yahoo! Inc. v. Ashantiplc Limited. Yahoo is suing over Flicker.com.

* Lots of action involving Mary Kay.

- Mary Kay sued Yahoo for its shortcuts being triggered by the Mary Kay trademark. The Justia page.

- Mary Kay brought another lawsuit to shut down aftermarket resales.

- The Mary Kay v. Weber case has reached a conclusion. See my initial blog post on the case. In March, Mary Kay won a jury verdict against Weber. In August, the district court judge denied Weber post-trial relief. Mary Kay v. Weber, 2009 WL 2569070 (N.D. Tex. Aug. 14, 2009). On Sept. 29, the judge awarded Mary Kay $1.1M, computed as “the defendants' pre-tax net profit for the years 2005 through 2008.”

* I hate greeting card IP cases...especially when they involve Paris Hilton. See the Ninth Circuit opinion.

* Rebecca on a complicated trademark and false advertising case involving cell phone reflashing.

* Third Educ. Group, Inc. v. Phelps, 2009 WL 2029758 (E.D. Wis. July 10, 2009). An oblique nod to a co-blogging situation:

It is possible to have a situation in which a voluntary association develops out of a preexisting creation of an individual (take, for example, a blog created, named, and operated entirely by a single individual that then expands into a voluntary association as it includes more collaborative members but continues to utilize the original name). Under such circumstances, the founding individual might register the name of the voluntary association as a trademark solely in his own name and then license it to the voluntary association because he has used the trademark separate from the voluntary association. However, that did not occur here.

* CollegeSource, Inc. v. AcademyOne, Inc., 2009 WL 2705426 (S.D. Cal. Aug. 24, 2009): "Plaintiff argues for personal jurisdiction on the grounds that Defendant purchased two of Plaintiff's trademarks from internet search engines, so that those engines would display Defendant's advertisements when Plaintiff's word marks were searched….Defendant's uncontroverted affidavit avers that its Adwords were selected by the search engines and were purchased before Defendant knew Plaintiff was located in California.…Accordingly, even if Defendant intentionally infringed Plaintiff's marks, there is no showing that act was “expressly aimed at the forum state” or that it caused “harm that the defendant knows is likely to be suffered in the forum state.”"

* GMA Accessories, Inc. v. BOP, 2009 WL 2634771 (S.D.N.Y. Aug. 25, 2009). A really interesting and confusing lawsuit that says (I think) that electronic usage of third party trademarks does not qualify as a use in commerce and may not constitute contributory trademark infringement, with obvious implications for the search engine keyword advertising cases:

Electric Wonderland's second alleged meritorious defense is that it did not use the CHARLOTTE or CHARLOTTE SOLNICKI marks....Electric Wonderland's President described its business as follows:
Electric Wonderland brokers and/or processes orders from wholesale purchasers for fulfillment by clients of Electric Wonderland. Electric Wonderland does not directly sell its clients [sic] products, does not fulfill orders, does not acquire or maintain any inventory for sale, and does not purchase products from its clients for resale. Electric Wonderland does receive commissions on sales it brokers....
According to the Flack Declaration, these were the services Electric Wonderland provided to Charlotte Solnicki. (Flack Decl. P 3.) "Electric Wonderland did not directly sell Charlotte Solnicki products, did not fulfill orders, did not acquire or maintain any inventory of such products for sale, and did not purchase such products from Charlotte Solnicki for resale." (Flack Decl. P 3.) If this were the extent of Electric Wonderland's role, a fact-finder could find that Electric Wonderland did not "use" the CHARLOTTE or CHARLOTTE SOLNICKI marks, because it did not place the marks on any goods. Likewise, a reasonable fact-finder could determine that Electric Wonderland never used the marks to sell or advertise any of the services Electric Wonderland rendered. Thus, Electric Wonderland would not be liable for direct trademark infringement.
...Electric Wonderland's president claims that "[a]t no time while Charlotte Solnicki was a client of Electric Wonderland was Electric Wonderland aware of GMA's 'Charlotte' products nor of any possibility that the Charlotte Solnicki products were potentially infringing any third party's trademark rights." (Flack Decl. P 5.) If true, a reasonable fact-finder could find that Electric Wonderland neither knew, nor had reason to know of the alleged infringement during the period in question.
In addition, the Second Circuit has not decided whether contributory infringement applies to entities like Electric Wonderland, which provide services instead of products....Thus, Electric Wonderland, as a matter of law, may have a complete defense to contributory infringement liability, a matter which this Court need not decide at this juncture.

* Dan Burk and Brett McDonnell, Trademarks and the Boundaries of the Firm. Interesting discussion (among other things) on how an entrepreneur's/employee's personal reputation and corporate reputation can be interlinked.

Domain Names

* The Eleventh Circuit affirmed the defense win in the domain name case of Southern Grouts & Mortars v. 3M, 2009 WL 2182605 (11th Cir. July 23, 2009). See my initial blog post on the case.

* John Levine: What are TLDs Good For? Bringing to mind the famous Edwin Starr song (I think the answer is the same!).

* ICANN claims it has killed domain name tasting.

Posted by Eric at 09:53 AM | Derivative Liability , Domain Names , E-Commerce , Marketing , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

October 14, 2009

Q3 2009 Quick Links, Part 1

By Eric Goldman

My system of managing news items that don't warrant a full blog post but can't fit into a 140 character Twitter post has broken down. So, I'm belatedly catching up on my backlog of things that caught my attention in Q3 2009. This part focuses on online content issues:

Defamation

* Ava v. NYP Holdings, Inc., 2009 WL 1885099 (N.Y.A.D. July 2, 2009). A NY Post story quoting part of the plaintiff's MySpace page and characterizing it as a "fantasy" wasn't defamatory.

* Terrific post by Paul Levy on Ripoff Report, InfomercialScams.com, Video Professor and UGC sites that go bad

* A tweet about moldy apartment leads to a defamation lawsuit. MLRC and CMLP coverage.

* Cohen v. Google, Inc., 2009 WL 2883410 (N.Y. Sup. Ct. Aug. 17, 2009). Calling a woman a “skank,” in the context of a blog with photos and other critical material, was prima facie defamation sufficient to support a pre-action disclosure of the anonymous blogger’s identity.

* Cash4Gold sued Consumerist but then dropped it as a defendant.

* You may recall my earlier blog post on the Higher Balance lawsuit, a nice 230 defense win. Subsequently, the Higher Balance defendants were awarded over $50k in attorneys fees.

* Crookes v. Newton, 2009 BCCA 392 (Sept. 15, 2009). A British Columbia appellate court says that linking to defamatory content isn’t defamation.

* Joe Mullin: "Troll Tracker" blogger defamation lawsuit settles

Cyberbullying

* Larry Magid on the definitions of cyberbullying

* US v Voneida: 3d Circuit says student's MySpace postings were "true threats" that supported 19 month sentence

* Smoking Gun: Placing a bogus Craigslist ad is being prosecuted as felony cyberbullying.

* News.com: A Missouri prosecution under Missouri's new Megan Maier anti-cyberbullying aw.

Blogs and Social Networking Sites

* A New Jersey court says a blogger isn't entitled to the reporter shield.

* Pietrylo v. Hillstone Restaurant Group, No. 06-5754 (D.N.J. June 16, 2009). Jury verdict against a restaurant owner that forced employees to allow it to view their private MySpace group.

* HB1314: Illinois bans sex offenders from using social networking sites. Evan Brown explores the statute's constitutionality.

* Facebook Beacon is dead…and yet another privacy organization springs up in its wake. News.com, settlement agreement and motion for settlement.

* Public Citizen v. Louisiana Attorney Disciplinary Board, 2009 WL 2390866 (E.D. La. Aug. 3, 2009). A federal court struck down Louisiana’s state bar rules restricting lawyer advertising via the Internet.

Posted by Eric at 10:15 AM | Content Regulation , Derivative Liability , Privacy/Security | TrackBack

October 13, 2009

Sex Predator Stung By Undercover Officer Who Self-Reported 3 Different Ages--US v. Haile

By Eric Goldman

US v. Haile, 2009 WL 3163556 (W.D. Ky. Sept. 29, 2009)

Let me start out by stating the obvious: sexual predation of minors is an unacceptable crime. I remain deeply troubled by how many Westlaw cases report on social networking sites being used to facilitate sexual predation, knowing that Westlaw-reported cases are surely a small fraction of the overall volume of activity. And as a parent, I still haven't figured out how to set the appropriate Internet restrictions and supervision for my kids. So my post here isn't meant to apologize for this defendant or the choices he made. At the same time, I remain equally troubled that paranoia over sexual predation can tempt us to bend the law, which I fear may have happened here.

The overall story is fairly familiar. An undercover officer sets up a fake online account to lure and trap child sexual predators trolling through social networking sites. After someone bites and the parties have a multi-iteration dialogue, the officer reels in the putative predator with an offer of realspace sexual favors. The putative predator shows up at the designated place presumably looking for a minor, and instead gets steel handcuffs. A contemporaneous news report of Haile's arrest and a personal account from a friend.

But the bait and hook in this case raised my eyebrows. The saga starts at LouisvilleMojo.com, which had an 18-and-older social networking component. On there was the officer's fake profile with a claimed age of 77. The profile told interested folks to contact "her" Yahoo alias. For reasons not adequately explained in the case, the defendant instead found the officer's fake MySpace page for the same alias. On the page, the user claimed to be 62 years old, but the "about me" section said “I'm a girlie girl. I'm 14, and turn 15 on October 31! HALLOWEEN!!!!!” The defendant questioned the officer about the age issue in a Yahoo chat session as follows:

Defendant specifically inquired, “so your really 14?” Detective Arterburn, as “Amber,” responded: “lol” (or “laugh out loud”). Defendant's reply to this was “?”, and there was no further response from “Amber” about her age.

With these data points, what can we infer about the defendant's expectation of his chatting partner's age? At various times, the officer reported "her" age as 77, 62 and 14 and gave a cryptic and implicitly playful non-response to a direct question. In this context, some folks might interpret the coy non-response as part of adult fantasy or game-playing.

The age issue is made even more complex by MySpace’s unique issues with age reporting. 14 year olds on MySpace are supposed to have restricted user accounts, so a defendant might assume that if he could find the account, the user either lied about her age (hence the direct Q) or was really over 14. Further, if the defendant was at all familiar with the Lori Drew prosecution, the defendant would know that lying to MySpace about one's age (a violation of MySpace's user agreement) is potentially criminal, thereby giving the defendant another reason to think that the user’s age reported to MySpace (62, not 14) was truthful.

The court rightly points out that the profile page (and the claimed age of 14) should have cautioned the defendant, and there is a little more evidence corroborating the defendant's belief that the user was underage. At the same time, it is unclear why the courts expected the defendant to give more credence to the 14 reference than the other self-reported ages. By using three different self-reported ages, the user undeniably was lying about "her" age at least two places on the Internet. Accordingly, the defendant had no reason to assume that 14 was any more truthful than 62 or 77--a problem compounded by the non-response to the direct question, where "LOL" signals to me that the user was treating her age as part of a game.

I'm glad we have officers on the beat looking for online sexual predators. It's a job I wouldn't want, but I hope they do it well, especially if they can nab bad guys without any minors actually getting victimized. At the same time, where the age of the putative victim is central to the legal inquiry, it troubles me when an officer uses multiple incorrect ages as part of the trap.

Posted by Eric at 10:43 AM | Content Regulation | TrackBack

October 12, 2009

A Fuller Explanation of Why the FTC Endorsement/Testimonial Guidelines Violate 47 USC 230

By Eric Goldman

Last week’s release of the FTC's new Endorsement and Testimonial Guidelines has generated a significant amount of angst online. The resulting commentary has been strongly and almost uniformly negative. Frankly, none of the sources I read have praised the guidelines, but perhaps I'm locked in an echo chamber. Declan has a useful recap/linkwrap.

In this environment of heightened negativity, people have been searching for angles to prove the FTC can't do what it's doing. This has led folks to my post from last week arguing that certain facets of the guidelines violate 47 USC 230.

Despite the general popularity of the post, privately it has attracted some skepticism. Several smart law professors/lawyers disagreed with my post in Facebook profile page comments, and I've gotten some private emails to the same effect. What’s caught my attention is that these disagreements are coming from folks who normally agree with my expansive 230 interpretations. This clearly indicated to me that 230’s application to the FTC’s scenario was not nearly as self-evident as I thought it was.

As a result, in this post, I'm going to describe my analysis in more detail than my previous post. I'm not sure I'll convince the doubters, but they deserve more detail than I initially provided.

The FTC's Example

There are many facets to the new guidelines, but I am focusing solely on Example #5 to §255.1, which reads:

Example 5: A skin care products advertiser participates in a blog advertising service. The service matches up advertisers with bloggers who will promote the advertiser’s products on their personal blogs. The advertiser requests that a blogger try a new body lotion and write a review of the product on her blog. Although the advertiser does not make any specific claims about the lotion’s ability to cure skin conditions and the blogger does not ask the advertiser whether there is substantiation for the claim, in her review the blogger writes that the lotion cures eczema and recommends the product to her blog readers who suffer from this condition. The advertiser is subject to liability for misleading or unsubstantiated representations made through the blogger’s endorsement. [my emphasis]
The blogger also is subject to liability for misleading or unsubstantiated representations made in the course of her endorsement. The blogger is also liable if she fails to disclose clearly and conspicuously that she is being paid for her services. [See § 255.5.]
In order to limit its potential liability, the advertiser should ensure that the advertising service provides guidance and training to its bloggers concerning the need to ensure that statements they make are truthful and substantiated. The advertiser should also monitor bloggers who are being paid to promote its products and take steps necessary to halt the continued publication of deceptive representations when they are discovered.

The FTC doesn't define what qualifies as a "blog advertising service," but it's fairly clear the FTC is targeting PayPerPost/Izea and its competition. So the example could be restated as:

* advertiser contracts with PayPerPost to get bloggers to write about its product
* PayPerPost makes a match with a blogger. There is no employment or agency relationship between the advertiser or the blogger; this is an ordinary customer-vendor relationship, mediated by PayPerPost
* without any pre-review or kibitzing by the advertiser, the blogger makes a truthful statement about the blogger's experience about the product, but the statement would be impermissible marketing if made by the advertiser
* the FTC treats the advertiser as having made the blogger's statement

Prima Facie Elements of a 47 USC 230 Defense

47 USC 230(c)(1) reads:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.

A successful 230(c)(1) defense breaks down into three prima facie elements:

1) the defendant must be a "provider or user of an interactive computer service"
2) the content generating the alleged liability must be "information provided by another information content provider"
3) the legal claim has to treat the defendant as the "publisher or speaker" of the third party content

230 has a number of statutory exclusions, but I don't think any of them are relevant to Example 5.

Application of 47 USC 230 to Example #5

With this in mind, the FTC's Example #5 satisfies the prima facie elements of a successful 230 defense as follows: the advertiser is the user of an interactive computer service, the blog post is content provided by another information content provider, and the FTC's theory that the advertiser adopts or endorses the blog post treats the advertiser as the publisher or speaker of the third party blogger's blog post.

I received significant skepticism about my characterization of the advertiser as the "user" of an interactive computer service. I can reach this conclusion in two ways. First, PayPerPost provides an interactive computer service, and the advertiser uses PayPerPost. Second, the advertiser is a "user" of some Internet connectivity provider just by getting online.

Admittedly, explanation #2 is expansive, perhaps disconcertingly so. By this reasoning, anyone online automatically qualifies as a "user" of an interactive computer service by definition, thus seemingly expanding the 230 immunization eligibility to everyone without restriction. While this may sound wrong, it’s entirely consistent with how courts have interpreted the term “user.” The leading case on the topic, the California Supreme Court opinion in Barrett v. Rosenthal, never provides a single crisp definition of "user" but seemed to contemplate that merely being online qualified. Some minor cases possibly read "user" more narrowly, but I think the dominant line of cases gives “user” an expansive definition.

From a doctrinal standpoint, I think the broad reading of 230's application makes a lot of sense. The cases over the past 13+ years have taught us that 230(c)(1) can be distilled into a simple syllogism: unless the plaintiff’s claim fits into one of the statutory exclusions (IP, federal crimes, ECPA), A isn't liable for third party B's online content or actions. Period.

In the FTC’s Example #5, A is the advertiser and B is the blogger. Applying the same syllogism as above, the advertiser can’t liable for the blogger's online content or actions. Period.

The fact that the advertiser paid the blogger to write the content doesn't change my analysis one bit. For example, in the 1998 Blumenthal v. Drudge case, AOL got a 230 defense for Matthew Drudge's allegedly defamatory content, even though AOL paid $3,000 a month for Drudge's columns and retained editorial control over the content. I'm pretty sure 230 has applied in other cases where the defendant paid for the content. If you can think of others, I’d appreciate the reminder.

Further, the payment doesn't create a respondeat superior relationship between the advertiser and blogger. There is no credible argument that the blogger is the advertiser’s employee. I don’t think the example indicates an agency relationship because the advertiser lacks the requisite control over the blogger. PayPerPost’s mediation of the advertiser-blogger relationship further reinforces the lack of agency; indeed, the advertiser may not even be communicating directly with the blogger. And even if the blogger were the advertiser’s employee or agent, 230 still might apply for the blogger’s statements that exceed the advertiser’s authorization. See Delfino v. Agilent and the Higher Balance case.

If you don't like the broad reading of "users" (even though I think it is defensible under the case law), then go back to my first explanation that both the advertiser and blogger are "users" of the interactive computer service provided by the blog advertising service provider (e.g., PayPerPost). This argument works just fine too.

Applicable 230 Precedent

Unfortunately, I can’t point to many 230 cases applying the immunization to circumstances where the defendant did not host or republish the allegedly tortious content. Most 230 cases involve a provider's liability for its user's content or actions (the “paradigmatic” 230 case).

In contrast, we don't see many cases interpreting the user defense, but then again, those lawsuits may be so tenuous anyway that they are rarely brought. For example, I could not find any specific cases applying 230 to the linking situation I critiqued in my SEC comments.

Even without any obvious precedent, I think the statute on its face leads easily to the conclusion that advertisers can't be liable for bloggers' independent posts. As I indicated in my initial post, I don't even see that as a close case under 230.

One reasonably close precedent, the Subway v. Quiznos case, hasn’t reached a solid 230 ruling yet. In that case, Quiznos reposted some user-created advertising videos, and Subway contended that the videos constituted false advertising. The court rejected Quiznos' 230 defense solely on the grounds that it was raised in a 12(b)(6) motion to dismiss, which the court said was too early. (This same issue arose in Barnes v. Yahoo, where the Ninth Circuit initially agreed with this court and then withdrew that portion of its opinion). Although 230 didn’t apply at the 12(b)(6) stage, could Quiznos claim 230 for the videos at a later stage of the proceeding? I think it can, even if it "adopted" the user-generated videos by republishing them, unless it actually authored the statements that are deemed false advertising. For examples where a republisher can claim 230 for content is putatively “endorses” through its republication, see, e.g., the Barrett case, the Batzel case, the Tefft case (one of the minor cases narrowly interpreting “user”), the D’Alonzo case and the Furber case. I’m sure I could find others.

I think the FTC's Example #5 is an even easier 230 case than Quiznos’ situation. Unlike Quiznos, the advertiser in Example #5 never republished the blog post or even signaled any adoption of or agreement with the post. With such a tenuous relationship between the advertiser and the blogger, the FTC’s overreaching—and the role 230 plays in preventing that overreaching—is even clearer.

Conclusion

As the old expression goes, when you’re a hammer, everything looks like a nail. So perhaps I’m just such a 230 enthusiast that I’m finding it in places it doesn’t belong.

However, having read many dozen 230 cases over the past 13 years, I’ve formed the strong opinion that courts treat 230 as saying A isn’t liable for third party B’s online content. If you accept that proposition (and resist the temptation to manufacture provisos and qualifications that don’t actually exist in the cases), then it should be clear why 230 preempts Example #5—because that’s exactly what the FTC is trying to do.

UPDATE: Paul Levy disagrees with my analysis in this post.

Posted by Eric at 11:55 AM | Derivative Liability , Marketing | TrackBack

October 09, 2009

Ochoa on the Duration of James Joyce's Copyrights

By Tyler Ochoa

[Eric's note: my colleague Tyler Ochoa contributes to the blog from time to time. This time, he submits a modified version of a letter he sent to the editors of the San Francisco Chronicle, wherein he explains some of the finer points of copyright duration.]

The San Francisco Chronicle recently reported that the estate of James Joyce has agreed to play Stanford Professor Carol Shloss $240,000 for her attorneys fees stemming from a lawsuit over her "fair use" right to quote from Joyce's unpublished letters.

Shloss wrote a book in 2003 about Joyce's daughter, Lucia Joyce, that quoted extensively from Joyce's papers. After the Joyce estate threatened to sue, Shloss removed many of the quotes and paraphrased others. When the book was published, Shloss was criticized for making unsupported assertions (that had been supported by the removed material). Aided by the Stanford Fair Use Project, she sued for a declaratory judgment that she had a right under U.S. "fair use" doctrine to quote from Joyce's papers in her scholarship. The case settled in 2007, allowing her to post the supporting material from Joyce's papers on the Internet.

Unfortunately, the otherwise excellent article contains an error concerning U.S. copyright law (although, given the complexity of the duration provisions of U.S. law, the error is entirely understandable).

In the penultimate paragraph, the article states: "The original U.S. copyright on Joyce's writings expired in 1991, 50 years after his death. But a law signed by President Bill Clinton in 1998 added 20 years to all such lapsed terms, restoring the Joyce estate's control through 2011."

That statement is not correct. The Sonny Bono Copyright Term Extension Act of 1998 (CTEA) did add 20 years to the duration of all existing (and future) copyrights, but it did NOT revive any copyrights which had already lapsed due to the expiration of duration. If the copyrights on Joyce's writings had in fact expired in 1991, they would NOT have been revived by the 1998 legislation.

Unfortunately, U.S. law on duration is ridiculously complicated. Here is the shortest version of those two sentences that would be legally correct:

"Although most U.S. copyrights in unpublished letters were to expire 50 years after the author's death, a statutory loophole preserved the copyrights in Joyce's unpublished letters through 2002. A law signed by President Bill Clinton in 1998 added 20 years to most existing copyrights, extending the Joyce estate's control through 2011, 70 years after the author's death."

Here is the longer explanation of the calculation:

For Joyce's unpublished works, such as his letters, he had a common-law copyright of unlimited duration at the time they were written. Under section 303 of the 1976 Copyright Act, as originally enacted, all common-law copyrights in unpublished works were converted into federal statutory copyrights on January 1, 1978, and were given a duration of life of the author plus 50 years, SUBJECT TO a statutory minimum. (Congress reasoned that even if the author had been dead more than 50 years, it was fair to provide the author's heirs with a minimum term, to compensate them for the loss of their theoretically unlimited common-law copyright.) The minimum term was 25 years (to the end of 2002), unless the work was published by the end of 2002, in which case the minimum term was extended 25 years (to the end of 2027). Thus, even though Joyce died in 1941, and a life-plus-50-years term would have expired in 1991, the statutory minimum maintained the copyright in his unpublished works at least until the end of 2002. (Without the statutory minimum, copyrights in any unpublished works by Joyce would not have been eligible for the 1998 extension, because they would have expired in 1991.)

When the CTEA was enacted in 1998, it extended the basic term for unpublished works to life of the author plus 70 years, subject to the statutory minimum. The statutory minimum remained to the end of 2002 for works that remained unpublished; but if the work was published between 1978 and 2002, the statutory minimum was extended twenty years to the end of 2047. [Existing 17 U.S.C. §303(a)] Thus, the copyright on any of Joyce's unpublished letters now extends to the end of 2011 (70 years after the author's death, extended to the end of the calendar year by 17 U.S.C. §305), unless the heirs published them between 1978 and 2002; in which case they will remain under copyright until the end of 2047.

For Joyce's published works, the original term at the time the works were published (under §23 of the 1909 Copyright Act, later renumbered §24) was 28 years from the date of first publication, which could be renewed once, for a maximum duration of 56 years from first publication. All such terms were temporarily extended while the 1976 Copyright Act was pending. The 1976 Act (which came into effect on January 1, 1978) extended the renewal term to 47 years, for a maximum duration of 75 years (28 + 47) from first publication. [Former 17 U.S.C. §304(a),(b).] The 1998 CTEA extended the renewal term to 67 years, for a maximum duration of 95 years (28 + 67) from first publication. [Existing 17 U.S.C. §304(a),(b)] Thus, for Finnegan's Wake, which was first published in 1939, the copyright (if renewed) originally would have expired in 1995; but it was extended to the end of 2014 by the 1976 Act, and it was extended again to the end of 2034 by the 1998 CTEA.

This example should suffice to demonstrate that the duration provisions of U.S. copyright law can be ridiculously complicated. How can a layperson possibly be expected to figure this out?

Posted by Eric at 02:57 PM | Copyright | TrackBack

October 08, 2009

CAN-SPAM Doesn't Preempt CA Privacy Law--Powers v. Pottery Barn

by Ethan Ackerman

On Sept. 19th, a California state appellate court held that CAN-SPAM doesn't categorically trump state laws that may address email. Defendant retail store Pottery Barn was hoping it would agree with the initial ruling of the California trial court and hold that the federal CAN-SPAM law preempted the state law at issue, the Song-Beverly Credit Card Act.

The Song-Beverly Credit Card Act (apparently the enemy of corporate defense attorneys everywhere judging from google search results) generally prohibits the collection of certain personal information as a condition of processing a credit card transaction. Powers sued Pottery Barn under this law over its practice of collecting email addresses at the time of payment. Faced with these fairly uncontested facts, Pottery Barn argued at the trial court that the federal CAN-SPAM Act, regulating the sending and content of email, should preempt the state law.

Putting aside the obvious difference between a law that governs the collecting of personal information and a law that governs the sending and content of commercial email, the California Court of Appeals took the arguably easier route in addressing the issue - it read the preemption exceptions contained in the federal statute.

Readers interested in the details and holding logic can read the actual opinion. My short summary:

The California court read the preemption exceptions in CAN-SPAM and rightfully held that since the federal statute itself said it didn't preempt general state laws not specific to email, Song-Beverly wasn't preempted by CAN-SPAM.

"By its terms CAN-SPAM does not pre-empt state statutes which are not specific to e-mail and have only such incidental impact on e-mail use. (Tit.15, U.S.C. § 7707(b)(2).)"

In thinking of just how weak the preemption argument is, it's not hard to come up with other instances of state law addressing the collection or use of email addresses that aren't specific to "the use of electronic mail to send commercial messages." Indeed, the court rules of all state courts in California address the redaction of certain types of personal information (although not ultimately email addresses in the rules' present version.) I suspect the state's freedom of information laws have similar provisions addressing personal identifiers. I don't imagine that defendant's counsel would have relished acknowledging that the logical extension of defendant's argument was that the courts own filing rules were preempted.

Tom O'Toole at BNA has more.

[Eric's comment: while I agree with Ethan that the court correctly concluded that the Song-Beverly law isn't preempted by CAN-SPAM, I remain a little confused and troubled by the implications of the plaintiffs' arguments. It seems to me like the logical extension of their arguments is that it is illegal to collect email addresses when accepting credit card payments online. If this is the direction the case heads, then this case could have disconcerting implications for virtually the entire e-commerce industry. UPDATE: Ethan has pointed out that Saulic v. Symantec and some other cases have constrained the application of the Song-Beverly law to online commerce, a point I had forgotten. I hope that precedent will help put this lawsuit to rest, but it does make me wonder why the defendant accelerated CAN-SPAM preemption argument, a weaker one, to the front of the line,]

Posted by Ethan Ackerman at 04:34 PM | E-Commerce , Spam | TrackBack

October 07, 2009

Resale of International Textbooks to US Students Not Protected by First Sale Doctrine--Pearson v. Liu

By Eric Goldman

Pearson Education, Inc. v. Liu, 2009 WL 3064779 (S.D.N.Y. Sept. 25, 2009)

As a complement to Venkat's excellent post on Vernor v. Autodesk from this morning, it turns out that we are celebrating First Sale Doctrine day here at the Technology & Marketing Law Blog. Although, this case isn’t so much of a celebration of the doctrine as a rejection of it.

Defendants are book resellers participating on various websites under the alias "JMBooks." They purchase legitimate copies of cheaper international editions of textbooks, ship them to the US, and then resell them online to US students in competition with the US editions of the same textbooks. The court describes the differences between the international and US editions:

The textbooks plaintiffs publish are customized for the geographical markets in which they are sold. Editions authorized for sale in the United States are of the highest quality, and are printed with strong, hard-cover bindings with glossy protective coatings. (Id. P 14.) Sometimes, plaintiffs include academic supplements, such as CD-ROMs or passwords to restricted websites, with these books. (Id.) Editions authorized for sale outside of the United States, by contrast, have thinner paper, different bindings, different cover and jacket designs, fewer ink colors, and lower-quality photographs and graphics. (Id. P 15.) These foreign editions are not bundled with academic supplements such as CD-ROMs. (Id.) The cover of a foreign edition may include a legend indicating that the book is a "Low Price Edition" or only authorized for sale in a particular country or geographic region. (Id.) The foreign editions are uniformly manufactured outside the United States. (Id.)

Students usually purchase a textbook only because the instructor required it, and even then they expect to "enjoy" the textbook for only 1 quarter or semester. So many students may not care about the lower quality printing or absence of various supplements, in which case the international editions could serve as a viable and cost-effective substitute for the US editions. Accordingly, Internet resale of the international editions creates a major channel conflict for the publishers and destroys their efforts to price discriminate by geography.

To block this substitution (in technical speak, to stop the parallel importation of the grey market goods), the publishers invoke the importation right in copyright law (17 USC 602). The defendants respond that the importation right, like the distribution right in 106(3), is subject to the First Sale limitations in Sec. 109(a). If so, the defendants hoped to take advantage of the fact that they bought legitimate copies of the international editions to allow them to freely resell those copies to US buyers.

This debate leads to the flagship 1998 US Supreme Court parallel importation case of Quality King v. L'anza, a case I still find goofy after all these years. In Quality King, a shampoo manufacturer made shampoo in the US, sold it in international markets at a discount compared to US prices, and then was horrified to find that these exact same bottles were being legitimately bought internationally and imported back to the US, where they competed with the higher-priced bottles intended for US sale. To stop this channel conflict and preserve its price discrimination scheme, the manufacturer claimed that it had a copyright in the bottle labels, which gave it the right to block importation of its copyrighted works (the labels) under 602. Ideally, the Supreme Court should have categorically rejected the manufacturer’s bogus effort to prop up their poorly constructed channel management scheme, perhaps by rejecting the label’s copyrightability or saying a copyrighted product label cannot restrict the movement of otherwise-legitimate chattels in our economy. No such luck. Instead, the Supreme Court rested the defense victory on the First Sale doctrine because the bottles had "roundtripped"--that is, they were initially manufactured in the US and then had been imported back into the US.

While the Quality King decision reached the right result (a defense win), it left open the obvious question of what would happen when the imported goods were manufactured overseas (as opposed to making the roundtrip from the US). Although this court clearly expresses disagreement with the result, the judge felt constrained by dicta in the Supreme Court opinion that the one-way trip violates the importation right and is not protected by the First Sale defense. Accordingly, the defendants reselling internationally-manufactured copyrighted works cannot claim the First Sale defense to the importation right.

Although this case hasn't reached its final conclusion, the logical implication of this ruling is that this channel-wrecking reseller is probably going to get kicked out of the industry. This, of course, is good for textbook manufacturers who want to overcharge US students for overproduced textbooks that the students don't want and probably don't need. However, many students would be just as happy with the cheaper textbooks; after all, most students just want the information in the textbook. Given the enormous price tags that textbooks now carry, it's hard to see how propping up the textbook publishers' silly channel management schemes is a particularly good outcome for anyone other than the publishers.

UPDATE: Ethan noted that the Omega v. Costco case, which raises the same basic issues, currently has a cert request pending with the Supreme Court.

Posted by Eric at 02:10 PM | Copyright , E-Commerce | TrackBack

Vernor v. Autodesk--Does the Right to Possession Distinguish Between Sales and Licenses?

By Venkat Balasubramani

[A big thanks to Professor Goldman for the guest blogging opportunity. I jokingly mentioned that asking me whether I was interested in guest blogging was the law blog industry equivalent of Oprah calling one of her viewers and asking if the viewer was interested in guest hosting the show. Seriously, it's exciting for me as a blogger and practitioner. From my standpoint, Professor Goldman's blog is probably one that I've come to view as indispensable.]

The Western District of Washington (Judge Jones) ruled last week that Autodesk could not prevent the resale of copies of its "AutoCAD packages" based on the theory that the sale was an unauthorized transfer under the terms of the AutoCAD license. (Vernor v. Autodesk, Inc., Case No. C07-1189RAJ (Sept. 30, 2009).) Congrats to Public Citizen for the win. Access the Public Citizen page which contains case documents here.

Background: Autodesk makes design software [link] which it licenses (or at least so it thought) to third parties. Autodesk licensed copies of its AutoCAD software to a Seattle architectural firm, Cardwell/Thomas Associates (CTA). Vernor acquired several copies of AutoCAD from CTA in an “office sale." Vernor then attempted to sell the software on eBay – the actual versions Vernor acquired from CTA. Vernor did not use the software or even install it on his computer. He just acquired physical copies from CTA and tried to sell these copies, along with the jewel box, license key, etc.

Autodesk went down the eBay takedown route, issuing the eBay equivalent of DMCA takedown notices (VeRO notices, also called NOCIs). Autodesk's takedown efforts delayed Vernor's sales and resulted in a temporary suspension of Vernor's eBay account. Vernor brought suit in the Western District of Washington alleging Autodesk wrongfully initiated the takedowns, that the takedowns constituted an unfair trade practice, and for declaratory relief that he had the right under the first sale doctrine to sell the copies of AutoCAD which he acquired from CTA.

In May 2008, the court rejected Autodesk's Motion to Dismiss, largely agreeing with Vernor's position. After oral argument last week on cross motions for summary judgment, the court issued an order granting in relevant part the relief sought by Vernor, and closing the case.

Discussion: The critical question for the court centered on the nature of the original Autodesk/CTA transaction: “whether Autodesk transferred ownership of the AutoCAD packages to CTA"?

What did the license agreements say?: The court first looked to the underlying documentation between Autodesk and CTA. Although the agreement(s) were styled as “licenses," prohibited transfers to third parties, and contained numerous other restrictions, none of this was determinative. In the court's view, the key fact was that CTA was entitled to perpetual possession of the AutoCAD copies. CTA was required to return or destroy these copies if CTA upgraded, but the fact that CTA could choose to upgrade rendered the return/destruction entirely optional from CTA's standpoint. The court beats up on the Autodesk licensing agreements, calling them a “hodgepodge of terms that, standing alone, support both a transfer of ownership and a mere license."

Autodesk sought to put forth evidence that CTA was not permitted to sell the copies of AutoCAD in the first place to Vernor because CTA was required to destroy the software, but the court was less than impressed with this evidence. The fact that the court references CTA's obligation to destroy certain version of AutoCAD upon upgrade as "evidence" (in quotes) is telling. Autodesk was involved in a proceeding with CTA in the Northern District of California in 2009 and CTA agreed to a consent judgment. Autodesk pointed to the provisions of the 2009 consent judgment, provisions of an earlier settlement between Autodesk and CTA, and a 2002 license agreement to support its theory that CTA was obligated to destroy the copies of AutoCAD which it transferred to Vernor, but none of these documents carried the day. Let's just say the documentation around CTA's receipt of AutoCAD seemed murky.

9th Circuit cases: As far as applicable Ninth Circuit precedent, the court found an answer favorable to Vernor in United States v. Wise, a case from the seventies. Wise was a criminal case where Wise was accused of “willfully and for profit vending copyright feature-length motion pictures” which he had purchased from certain licensees. The Ninth Circuit looked to the underlying agreements between the film studios and the licensees, and focused (somewhat erratically it seemed to me) on a variety of different factors in determining whether a particular transaction constituted a sale or license. While the court in Vernor conceded that Wise didn't really provide clear guidance on determining whether a transaction constituted a license or a sale, Vernor looked to Wise and focused on the right to perpetual physical possession as a key determining characteristic of a non-license transaction.

Later Ninth Circuit precedent takes a more copyright owner-favorable view, rejecting attempts by licensees to rely on certain rights as "owners" in defense to claims of unauthorized copying. These cases, starting with MAI and Triad, were decided under section 117, which allows the owner of a copy to make archival and back-up copies, and to reproduce the program, if reproduction is an “essential step in the utilization of the...program.” The court acknowledges the conflict between Wise and this line of cases and concludes that the court is required to follow the earlier precedent on point. Autodesk made a valiant but unsuccessful attempt to point out salient differences between these sets of cases and why MAI was more analogous than Wise.

Autodesk also relied on the expert testimony of Nimmer. Predictably, the court noted it wasn't bound by Nimmer's opinion on the core legal question. Along the way, the court pointed out that Nimmer's views have "proven malleable" over time. Ouch.

I wonder if Autodesk will appeal this one. On the one hand, it would be nice to clear up the confusion among the various cases discussed in the opinion. On the other hand, it seems like the record isn't the cleanest from the standpoint of the details of the Autodesk/CTA transactions. One thing is for certain: Wise is far from a model of clarity.

***

I typically fall on the consumer side in these cases, but I have to admit the decision struck a chord with me. There's obviously a spectrum of transactions that range from license to sale, with a big fuzzy line dividing the two. You buy a CD at the store and that's clearly a sale. No reasonable consumer expects to not be able to freely transfer the particular copy of the CD acquired at the store. Autodesk offers – relatively speaking – expensive software used by professionals and businesses. An Autodesk customer may or may not have the opportunity to negotiate the agreement, but we're certainly not talking about software you decide to pick up at Office Depot while you are out for lunch. (On a related note, check out the EFF's page collecting documents in UMG v. Augusto, a case which is currently on appeal, where the Central District of California found that UMG can't bar sale of “promotional copies" of CDs.)

The court's focus on perpetual possession as opposed to restrictions on transfer also seemed arbitrary, although this obviously has some support in Ninth Circuit precedent. At the end of the day, if you draft in a restriction on transfer or assignment in a license agreement, most users probably expect these restrictions to be enforceable. Drafters of these agreements certainly do. The dispute is really about whether a piece of software acquired by one person can be freely used by another person or entity. In the eyes of most reasonably sophisticated consumers I think the answer is "only if it's not barred by the license." Courts at the other end of the spectrum from Vernor are willing to hold that a licensee violated a no-transfer clause in a license as a result of undergoing a series of mergers and corporate restructuring. (See [pdf] Cincom Systems, Inc. v. Novelis Corp., Case No. 07-4142 (6th Cir. Sept. 25, 2009).) This result seems particularly draconian in light of Vernor. Along these lines, it seems like possession is becoming much less important in the context of software. The court almost seemed to chastise Autodesk for not having a mechanism by which it could assure destruction of the copies which it shipped to CTA. Obviously, these types of attempts raise another set of issues.

Ultimately, the court's opinion seemed like a pretty serious incursion into the contractual relationship between the parties. Granted, Autodesk's documentation was less than clear on the issue of whether CTA was required to destroy CTA's copies of AutoCAD, but the decision seemed to set a pretty high bar for when a transaction will be considered a license.

[A sidenote: about that copy of 1984 you just picked up on your Kindle. Is that a sale or a license? Since Amazon retains the right to zap it under limited circumstances, it's probably a license.]

Other coverage:

Cyberlaw cases: “Court Rules (Again) That Vernor Can Sell Autodesk Software"
Bill Patry: “First Sale Victory in Vernor" (discussing the 2008 order on motion to dismiss, with an interesting note from Peter Brantley on ownership of books)
EFF: “It's Still A Duck: Court Re-Affirms That First Sale Doctrine Can Apply to 'Licensed' Software"

Posted by Venkat at 10:18 AM | Copyright , Licensing/Contracts

Introducing Guest Blogger Venkat Balasubramani

By Eric Goldman

It's my pleasure to welcome Venkat Balasubramani as a guest blogger. I'm fortunate that I can make this introduction in writing and not orally because I still don't know how to pronounce his last name. As my students can readily attest, I have lousy pronunciation skills generally, and it usually takes me multiple reminders to get it right. It's nothing personal; I wasn't very good at pronouncing my old last name (Schlachter--rhymes with "doctor") either.

Anyway, back to Venkat. Regular readers may recognize his name because Ethan and I have frequently linked to his posts (at least 18 times by my count) at his excellent spamnotes blog. Venkat also has an active presence at Twitter, where he has a large following. I've been reading his blog faithfully for about 3 years now, and Venkat and I routinely share story tips and thoughts all the time. With our common interests and frequent cross-linking, it seemed like a natural for us to work together more closely.

Venkat is a principal at Focal PLLC, a small firm handling cyberlaw and related matters. Before that, he spent time at Gibson Dunn and Perkins Coie, in-house and as a solo practitioner. This range of legal experiences really enriches his posts, and I expect you'll find them as enlightening as I do.

Posted by Eric at 10:10 AM | General | TrackBack

October 06, 2009

Do the FTC's New Endorsement/Testimonial Rules Violate 47 USC 230?

By Eric Goldman

In reading the FTC's new rules on endorsements and testimonials in advertisements, I was struck by the FTC's expansive vision of advertiser liability for third party-caused violations. In particular, the FTC apparently has made the same analytical error that the SEC recently made in the SEC's proposal to hold securities issuers liable for third party content they link to. In my comments to the SEC, I explained that trying to hold a linker liable for content at the terminus of a link violates 47 USC 230.

In this case, in commentary to §255.1, the FTC provided example #5 (starting on page 63 of the PDF) clearly targeting PayPerPost/Izea and its competitors:

Example 5: A skin care products advertiser participates in a blog advertising service. The service matches up advertisers with bloggers who will promote the advertiser’s products on their personal blogs. The advertiser requests that a blogger try a new body lotion and write a review of the product on her blog. Although the advertiser does not make any specific claims about the lotion’s ability to cure skin conditions and the blogger does not ask the advertiser whether there is substantiation for the claim, in her review the blogger writes that the lotion cures eczema and recommends the product to her blog readers who suffer from this condition. The advertiser is subject to liability for misleading or unsubstantiated representations made through the blogger’s endorsement. [my emphasis]
The blogger also is subject to liability for misleading or unsubstantiated representations made in the course of her endorsement. The blogger is also liable if she fails to disclose clearly and conspicuously that she is being paid for her services. [See § 255.5.]
In order to limit its potential liability, the advertiser should ensure that the advertising service provides guidance and training to its bloggers concerning the need to ensure that statements they make are truthful and substantiated. The advertiser should also monitor bloggers who are being paid to promote its products and take steps necessary to halt the continued publication of deceptive representations when they are discovered.

Per this example, the FTC appears to think advertisers can be liable for a blogger's rogue content merely because there is an underlying sponsorship relationship. This situation is prima facie preempted by 47 USC 230. Frankly, this doesn't even look like a close case.

I'm kicking myself because I should have raised the 47 USC 230 concern with the FTC during the comment period. My weak excuse: too many misguided regulatory proposals, not enough Eric. The FTC's discussion prefacing its guidelines doesn't mention 47 USC 230 at all, which now makes me wonder if anyone raised the statutory concern to the FTC. Instead, the FTC breezily brushed off concerns about over-expansive advertiser liability by treating this as a situation where the advertiser assumes the risk that bloggers might write rogue content:

Imposing liability in these circumstances hinges on the determination that the advertiser chose to sponsor the consumer-generated content such that it has established an endorser-sponsor relationship. It is foreseeable that an endorser may exaggerate the benefits of a free product or fail to disclose a material relationship where one exists. In employing this means of marketing, the advertiser has assumed the risk that an endorser may fail to disclose a material connection or misrepresent a product, and the potential liability that accompanies that risk. The Commission, however, in the exercise of its prosecutorial discretion, would consider the advertiser’s efforts to advise these endorsers of their responsibilities and to monitor their online behavior in determining what action, if any, would be warranted. [emphasis added]

Uh, no. As I tried to explain at the ABA Consumer Protection Conference this summer (which many FTC staffers attended), 47 USC 230 requires the FTC and other consumer protection agencies to fundamentally rethink their basic endorsement liability paradigms. If you're looking for a paper topic, I think the interplay because 47 USC 230 and government agencies' theories about liability for endorsing online content is ripe for smart analysis.

While an FTC enforcement action pursuant to its misguided advertiser liability theory should be an easy defense win, I don't expect we'll ever see that result. As we know, the FTC is fairly careful in selecting enforcement actions, and most defendants choose quickly settle rather than fight. Those that don't settle usually don't present the best facts to the court, and sometimes their lawyers don't even know about 47 USC 230.

If the issue ever does get to court, I'd expect the FTC to marshal up every plaintiff win under 230 to show how it can pin third party content on the advertiser. However, at the moment, I don't think any of the scrappy plaintiff wins bolster its theory. For example, I don't think the Roommates.com case helps because this isn't a situation where the advertiser has encouraged illegal content. I also don't think the Mazur case helps the FTC because the advertiser never chose the words communicated by the blogger.

Because it appears fundamentally inconsistent with 47 USC 230, I hope the FTC will reconsider its basic liability approach here.

UPDATE: In response to comments I've received on this post, I have provided a fuller explanation of my thinking about 47 USC 230 and the new guidelines.

Posted by Eric at 10:04 AM | Derivative Liability , Marketing | TrackBack

October 05, 2009

Ripoff Report Rolls to Another Win--Intellect Art v. Milewski

By Eric Goldman

Intellect Art Multimedia v. Milewski, 117024/08 (NY Sup. Ct. Sept. 15, 2009). For more background on the lawsuit, check out the companion blog.

This case involves the "Swiss Finance Academy," an expensive summer college program. A disgruntled student posted some criticisms about the program on Ripoff Report. See the post in question. The program brought a lawsuit against both the posting student and the Ripoff Report.

The plaintiff alleged defamation and a products liability claim against Ripoff Report. Both are dismissed per 47 USC 230. The court's discussion regarding the products liability claim is particularly interesting. First, the court says the site is a service, not a product, and therefore may be categorically excluded from any products liability doctrine. Second, the court says:

"the court does not need to reach this novel issue, since plaintiff has not even alleged that the website was in a defective condition which gave rise to its claimed injuries. Rather it was [the student's] purported posting that gave rise to plaintiff's injuries, not Xcentric's website itself. The claim that Ripoff Report was defectively designed to elicit defamatory statements from its users is devoid of commonsense and reasoning, is unsupported by law, and is, therefore, reject." [sic]

Oof. I've occasionally seen previous arguments that product liability doctrines get around 230. This case is one data point that they aren't...and arguments to the contrary are "devoid of commonsense and reasoning." Plaintiffs beware.

The plaintiff tried to add a few new claims against Ripoff Report and none of those get a chance mostly because of deficient allegations rather than 230. The tortious interference claims fail for lack of allegations about the specific affected relationships. The contract fails because the plaintiff isn't a third party beneficiary of the Ripoff Report-student contract. The negligent misrepresentation claim failed for lack of a special relationship. The negligence claim failed for lack of an alleged duty. The negligent falsehood claim fails for lack of alleged special damages.

In the end, the Ripoff Report walks away from this lawsuit.

The student also gets a good ruling. The court rejects the defamation claim because it characterizes all of the student's statements as protected opinion. [Note: the Ripoff Report posting was under a pseudonym, so it's not confirmed that the student is the same person as the poster.] It seemed to me that the court was cutting corners here. For example, the report said that the school only fed students toast for breakfast. That seemed like a pretty factual assertion to me; I'm not sure how to style that statement as an opinion. Even so, the court cut the corners for a good reason:

"the website, when viewed in its full context, reveals that Milewski is a disgruntled consumer and that his statements reflect his personal opinion based on his personal dealing with plaintiff. They are subjective expressions of consumer dissatisfaction with plaintiff and the statements are not actionable because they are Milewski's personal opinion."

Milewski isn't totally off the hook, as there are still unresolved issues about unpaid tuition. But otherwise, this court shuts down another vendor's attempt to squelch negative feedback about its business practices.

David Johnson has a more plaintiff-friendly take on this case.

Posted by Eric at 09:59 AM | Content Regulation , Derivative Liability | TrackBack

October 01, 2009

Online Game Network Isn't Company Town--Estavillo v. Sony

By Eric Goldman

Estavillo v. Sony Computer Entertainment America, 2009 WL 3072887 (N.D. Cal. Sept. 22, 2009)

Sony's PS3 online network isn't a company town or otherwise a state actor subject to First Amendment obligations. As a result, Judge Whyte of the Northern District of California dismissed pro se Estavillo's First Amendment challenge against Sony for kicking him off its network.

Judge Whyte’s analysis is fairly terse because this was such an easy case. He says:

Sony's Network is not similar to a company town. The Network does not serve a substantial portion of a municipality's functions, but rather serves solely as a forum for people to interact subject to specific contractual terms. Every regulation Sony applies in the Network is confined in scope only to those entertainment services that Sony provides. Although the Network does include "virtual spaces" such as virtual "homes" and a virtual "mall" that are used by a substantial number of users (Pl.'s Reply in Supp. of Opp'n. to Dismiss 1), these "spaces" serve solely to enrich the entertainment services on Sony's private network. In providing this electronic space that users can voluntarily choose to entertain themselves with, Sony is merely providing a robust commercial product, and is not "performing the full spectrum of municipal powers and [standing] in the shoes of the State." Hudgens, 424 U.S. at 519 (quoting Lloyd Corp. v. Tanner, 407 U.S. 551, 568-69 (1972)).
Sony does not have a sufficient structural or functional nexus to the government. Plaintiff has not suggested that Sony is part of the state or federal government. The Network was not created to further government objectives. The government retains no permanent authority to appoint any directors of Sony or the Network, or any other private body associated with the Network. There is no indication that Sony has assumed functions traditionally reserved to the government, or that the government had any part in encouraging Sony to create the Network. Count one of the complaint does not state a plausible First Amendment claim for relief, and therefore must be dismissed. Iqbal, 129 S.Ct. at 1940.

This discussion is appropriately brief because we've known for many years that private online companies aren't state actors, and at least a dozen precedential cases have reached this conclusion. For more on this, see my 2005 article Speech Showdowns at the Virtual Corral.

Nevertheless, this case could have significant import for academic discourse about the virtual worlds. I believe this is the first ruling to squarely conclude that an online game/virtual world isn’t a company town. As a result, this opinion emphatically rejects a meme that has become pretty popular among virtual world exceptionalists. Some exceptionalists have favored the company town analogy because it enable virtual world customers to reduce an operator's ability to run its business capriciously.

At the same time, as I explain in my 2005 article, importing constitutional doctrines into paying vendor-customer relationships could have untold detrimental effects on the entire online industry. This efficient ruling will hardly be the last word in that debate, but it should take a little wind out of the sails of the virtual-world-as-company-town meme that gets invoked so frequently in virtual world exceptionalist circles.

For more on this opinion, see Rob Heverly's blog post. Rob sees more merit in Estavillo’s argument than I do, but still he concludes that the case “was probably rightly decided.”

Posted by Eric at 09:57 AM | Content Regulation , Virtual Worlds | TrackBack