Home

Biography

Tech & Marketing Blog

Goldman's Observations Blog

Writings

Presentations          

Classes

Resources

Contact


 

 
Technology & Marketing Law Blog

« June 2010 | Main | August 2010 »

July 31, 2010

Ripoff Report Defeats Extortion Claim, But Plaintiffs Keep Trying--AEI v. Xcentric

By Eric Goldman

Asia Economic Institute v. Xcentric Ventures LLC, 2:10-cv-01360-SVW-PJW (C.D. Cal. July 19, 2010). First Amended Complaint filed July 27, 2010.

I've lost track of the different techniques plaintiffs have tried to bypass 47 USC 230 and hold Ripoff Report liable for its UGC business. In this case, AEI played the "extortion" angle--that the combination of bad user reviews that Ripoff Report will not remove plus Ripoff Report's Corporate Advocacy Program (which offers to help businesses rehabilitate their reputation for a substantial fee) equals extortion, a predicate for the plaintiffs' civil RICO claim. This is hardly a new argument against Ripoff Report; but AEI has gotten further than most plaintiffs by getting a scheduled trial date.

But in a familiar denouement, Rip-off Report defeated the extortion charge on summary judgment. The court evaluated the undisputed evidence and held that evidence did not show extortion. This conclusion was aided by the previously unknown (to me) fact that Ripoff Report has been routinely recording its phone calls without telling callers--a troubling fact, but one that proved helpful as the plaintiffs withdrew and modified their declarations after having their memories refreshed by the recordings. Without the he said/she said disputes over the phone conversations, Ripoff Report was able to cut through the other evidence on summary judgment.

I doubt this will deter other plaintiffs from trying the extortion angle, but there is no reason to believe the extortion 230 bypass will work any better than others.

While Ripoff Report won this ruling, the court left open the possibility of a RICO claim based on wire fraud. The plaintiffs have filed a First Amended Complaint pursuing that.

One curiosity: AEI was a content publisher from 2000-2009 (it's now out of business), and during those 9 years, it had zero revenues. This could make it hard for AEI to garner much judicial sympathy over any harm to its business.

Posted by Eric at 10:09 AM | Content Regulation , Marketing | TrackBack

July 30, 2010

Google Protected by 17 USC 512(d) for Links to Infringing Content; Perfect 10's Takedown Notices Were Mostly Insufficient

By Eric Goldman

Perfect 10, Inc. v. Google, Inc., 2:04-cv-09484-AHM-SH (C.D. Cal. July 26, 2010)

In 2007, the Ninth Circuit issued an important but befuddling ruling in Perfect 10 v. Amazon and Google. That ruling addressed Perfect 10's prima facie case of secondary copyright infringement against Google (and Amazon, which was using Google results) and remanded the case back to the district court for consideration of that issue as well as the underexplored 17 USC 512 safe harbors.

We've had a couple of blog-worthy rulings since then (on a motion to dismiss and A9's eligibility for the DMCA safe harbors), but it's taken 3 years to see where the court stands on Google's eligibility for the DMCA online safe harbors. The news is largely good for Google.

* Google's lack of user accounts for content loaded into web search and image search means that Google can't have a repeat infringer policy for those services. Google's Blogger practices satisfied the requirement to terminate repeat infringers.

* Google web search, image search, Blogger (to the extent the problem is user posted links) and search cache (also to the extent the problem is cached photos) are all eligible for protection under 17 USC 512(d) with minor exceptions I'll discuss in a moment. This is a noteworthy ruling because it's one of only a handful explicitly addressing 512(d), which provides a safe harbor for links to infringing content. Most of the online safe harbor rulings have involved 512(c), the safe harbor for hosting infringing content. To refresh my memory, I did a quick search in Westlaw, and I did not immediately recall a prior ruling where a service provider won a 512(d) defense. If so, then this is an important precedent. (Please email me to let me know what 512(d) cases I've forgotten).

* The parties divided Perfect 10's takedown notices into three groups:

- Group A. These were categorically defective because Perfect 10 sent them to the wrong google.com email address and they "uniformly do not identify specifically which copyrighted works were infringed."

- Group B. Apparently most of these notices referenced bogus URLs, but some URLs were legit, which gave Google enough information to locate the infringing links. There is a factual dispute about how long it took Google to respond to the legit notices; Perfect 10 alleges that it was up to 7 months, which probably won't qualify as an expeditious response. As a result, for the legitimate Group B takedown notices, Google could be on the hook for any that weren't honored expeditiously.

- Group C. The court describes this group of Perfect 10's takedown notices:

The Group C notices generally consist of a cover letter, a spreadsheet, and a hard drive or DVDs containing electronic files. Where P10 provided spreadsheets, the spreadsheets do not identify the infringing URL, but merely the top-level URL for the entire website. P10 evidently expected Google to comb through hundreds of nested electronic folders containing over 70,000 distinct files, including raw image files such as JPEG files and screen shots of Google search results, in order to find which link was allegedly infringing. In many cases, the file containing the allegedly infringing image does not even include a URL, or the URL was truncated. The spreadsheets also do not identify the copyrighted work that was allegedly infringed....P10 then expected Google to search through a separate electronic folder—attached only to the June 28, 2007 DMCA notice—containing all of the more than 15,000 images that appeared on P10's website as of June 2007, in order to identify the copyrighted work that was infringed. [citations omitted]

Per the Ninth Circuit's ccBill ruling, this paint-by-numbers approach to takedown notices does not work. The delivery of a big database of copyrighted works does not sufficiently identify the infringed works as required by 512(c)(3), nor does Google have to navigate multiple documents to piece together the 512(c)(3) elements. The court helpfully lays out how the 512(c)(3) information must be presented to count as a 512(c)(3) notice:

at a minimum, the essential elements of notification—the copyright owner’s attestations of ownership, nonlicensed use, and veracity of the notice; contact information for the complainant; identification of the copyrighted work; and identification of the infringing material (including the location of that material and if necessary, a specific link under section 512(d))—must be included in a single written communication.

* Google qualifies for 512(c) for hosting infringing copies in Blogger with the exception of up to 23 URLs that might have been covered by a legitimate Group B notice.

The implications of this ruling are pretty straightforward. Copyright owners who want service providers to intervene on their behalf should not get creative or lazy with their 512(c)(3) takedown notices. Over and over again, we've seen that the big service providers will respond quickly to properly drafted takedown notices; and we've seen judges become increasingly less tolerant of plaintiffs who couldn't bother to follow the statutory roadmap. So plaintiffs, please just follow the statute; it's pretty clear on what you need to do.

Overall, this case reminded me of the recent (uncited) Perfect 10 v. RapidShare ruling because that judge also implicitly showed little sympathy to Perfect 10. Perhaps the courts are finally prepared to put an end to Perfect 10's litigation madness. However, given there are a sliver of legitimate Group B notices, Perfect 10 still has a way to continue to make Google's life miserable.

More comments on the case from the EFF and Techdirt.

Posted by Eric at 09:23 AM | Copyright , Derivative Liability , Search Engines | TrackBack

July 29, 2010

Internet Law Syllabus and Reader for Fall 2010

By Eric Goldman

I have posted my syllabus for this semester's Internet Law course, my 16th year teaching the course. This blog post describes some of the latest developments with the class, including the changes from my 2009 course reader. For a more general discussion of the course's pedagogy, see my Teaching Cyberlaw article.

Course Titling

The most obvious change is that I renamed the course to "Internet Law" from "Cyberspace Law"/"Cyberlaw." I discuss the titling choices/dilemmas in my Teaching Cyberlaw article. Though it took a few years to pull the trigger, James Grimmelmann's 2007 post helped convince me that I should rename the course.

Grading

Last year, I tried an experiment of allowing students to write a wiki entry for part of their course grade. I recapped my experiences with that experiment in this blog post. Although I might be willing to try the experiment again, this semester my teaching load will be too demanding as it is, so I didn't think I could find enough time to support the students' wiki writing.

As a result, the class is back to a 100% final exam. As you can see, for the first time I'm letting students choose when to take their exam within a set window. If you've offered exams on that basis and have any suggestions for me, I would be grateful to hear them.

Added/Subtracted Reader Material

It's been an interesting year for Internet law, but I ended up adding only two new cases: Viacom v YouTube and Tiffany v eBay.

To decide what I add, I made a rough list of the most significant developments of 2010 so far. A preview of what might make the top 10 list at the end of the year:

* Supreme Court cases that weren't: Bilski, Quon
* Trademark intermediary liability: Tiffany v eBay; Gucci v. Frontline
* Copyright intermediary liability: Viacom v YouTube; Arista v Lime Group
* Sony v Tenenbaum
* Google and China
* Google/Facebook product gaffes (Buzz, Street View, Instant Personalization) and the plaintiff bar's excited responses to those gaffes
* Trademark owners giving up their lawsuits against Google (Rescuecom, Parts Geek and http://blog.ericgoldman.org/archives/2010/07/yet_another_tm.htm">Ezzo). Also, Rosetta Stone v. Google (whenever the opinion issues)
* Barclays v theflyonthewall. One of the most interesting cases of the year.

Honorable mentions:
* Conflicting 3rd Circuit cases re student MySpace profiles
* Utah repealed its Spyware Control Act
* Anderson v. Bell (electronic signatures count for election petitions)
* Snap-on v. O'Neil. Perhaps the most interesting case of the year so far.
* FTC v. Twitter
* the new 1201 exceptions and the Fifth Circuit's puzzling 1201 ruling in MGE v. GE

Materials I dropped from the reader this year:

* Perfect 10 v. Amazon. I never knew how to teach the Perfect 10 troika of 2007 cases, and in practice I ended up skipping this case last year to conserve time. I think the Viacom v. YouTube decision is a worthwhile substitute, even if it deals with different issues.
* Parker v. Yahoo. This was intended as a recap, but it covers some of the same ground as Ticketmaster v. RMG (which is popular with the students, BTW), and I also cut it for lack of time.
* the UDRP rules. I had included them for completeness, but I never really taught them in detail.
* My slides on keyword advertising and blog/social networking law.

Also, I learned that the federal cyberpiracy protections for individuals, formerly codified at 15 USC 1129, moved to 15 USC 8131. Just so you know!

BTW, I had been looking for years for a good keyword advertising case to teach. Last year, I thought the Hearts on Fire v. Blue Nile case worked well. It does a pretty good job framing the issues. I was also happy concluding the semester with the Moreno v. Hanford Sentinel case--it was a great pedagogical wrap-up.

Electronic Casebook

My other big news about the course is that I have converted my reader into an electronic casebook. This may not sound like much, but it took me a fair amount of time to re-edit the cases and collate the materials.

Eventually, I will probably turn the electronic casebook into an official "published" casebook that can be adopted by other professors. That will require more work to supplement the case materials with pictures, notes, comments, explanatory material, etc. I didn't have time to do that this semester. Maybe next year.

However, I am making the electronic file available at Scribd as a $5 download. You can also buy a print-on-demand version from CafePress for $30 + shipping. This is a bit of an experiment to gauge general interest in the materials. Please let me know what you think of the experiment.

If you are a professor interested in adopting the materials for your course, I'm happy to provide you with a free editable copy of the materials (free to you and free for your students). Just email me.

Past Posts

My analogous blog posts from years past: 2009; 2008; 2007; 2006; 2005.

Upcoming Events

Two upcoming HTLI academic events this year are potentially interesting to cyberlaw specialists, so I'll mention them here. On November 5, we'll have a symposium on the First Sale/exhaustion doctrines, which will address a number of Internet legal issues. Then, on March 4, 2011, we'll have our 47 USC 230 15-year retrospective/geekfest royale, an event you will NOT want to miss! Registration has just opened, and this event could sell out, so get your seat early.

Posted by Eric at 09:23 AM | General , Internet History | TrackBack

July 28, 2010

E-SIGN Prevents Enforcement of Emailed Contract Terms--Buckles v. Investordigs

By John Ottaviani

Buckles Management, LLC v. Investordigs, LLC, No. 10-cv-00508-LTB-BNB (D. Colo. July 23, 2010).

It has been about 10 years now since Congress adopted the federal Electronic Signatures in Global and National Commerce Act (commonly known as “E-Sign”). Cases interpreting E-Sign have been relatively rare. A Colorado federal court judge last week purported to decide whether an e-mail could constitute an enforceable contract under E-Sign, and concluded that the e-mail in question could not be enforced as a contract. Unfortunately, the Court (and the parties briefing the motion) did not realize that this was not an E-Sign case. The Court should have analyzed the case under the Colorado Uniform Electronic Transactions Act. Had it done so, the result may have been different.

Background

The case involves a failed business relationship that is all too typical. An investor provides money, consulting services, and commercial space to a struggling company, without any legal documents to evidence such terms as whether the transaction is a loan or an investment, etc... When the business relationship falls apart, the parties meet to discuss how to end their relationship. After the meeting, a few e-mails are circulated to memorialize the terms discussed. Attorneys are asked to draft documents, but nothing is ever signed; and the parties disagree as to whether or not there was a final agreement.

The investors filed a lawsuit, asserting claims for enforcement of the purported settlement agreement, breach of loan, breach of a lease agreement, unjust enrichment and accounting. In response, the company and individual defendants asserted counterclaims for breach of contract, unjust enrichment, negligent misrepresentation, breach of fiduciary duty and fraud and false misrepresentation.

Decision

The decision in question arises from defendants’ Motion for Summary Judgment, where they maintain that the Colorado Statute of Frauds, which provides that any agreement not to be performed within one year must be in writing and subscribed by the party to be charged, renders the settlement agreement unenforceable. In response, the plaintiffs argued that the parties exchanged a writing that contained the material terms of the agreement sufficient to satisfy the Statute of Frauds. Specifically, the plaintiffs relied on an e-mail, containing a list of the purported agreed-upon settlement terms, sent from the e-mail account of one defendant (who was a principal of the corporate defendant) to another employee at the company, who in turn forwarded the e-mail to four or five other people (including one of the plaintiffs) with the message “thanks to everyone for participating today.”

The court’s basic framework for analyzing the issue seems correct:

• May an e-mail exchange satisfy the Colorado Statute of Frauds writing requirement?
• If so, does this particular e-mail constitute a “writing subscribed by the party to be charged” within the meaning of the Colorado Statute of Frauds?
• If so, does this e-mail adequately describe the terms of an enforceable contract?

The court embarked on a discussion as to whether the e-mail satisfied the Colorado Statute of Frauds. Initially, the court got the analysis right, and concluded that under Colorado law, an e-mail exchange may satisfy the “writing” requirement of the Statute of Frauds.

With respect to whether the e-mail constituted a writing “subscribed by the party to be charged” under the Colorado Statute of Frauds, here the court got off track, with the help of counsel for the parties. The plaintiffs argued that the e-mail contained an “electronic signature” under E-Sign. Section 106(5) of E-Sign defines an “electronic signature” as “an electronic sound, symbol or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” The defendants argued that E-Sign did not apply because the settlement agreement did not affect interstate or foreign commerce. The court concluded that E-Sign did apply, but that the e-mail was actually sent by an administrative employee who did not have authority to bind either the corporate defendant or its individual principal. As a result, the court concluded that the signature was not “executed or adopted by [the principal of the defendant] with the intent to sign the record,” so it was not a proper electronic signature under E-Sign. The court concluded that if there was no proper "electronic signature," then the e-mail was not “subscribed by the party to be charged” under the Colorado Statute of Frauds.

Analysis

Unfortunately, the court and the parties missed the fact that the case is governed by the Colorado Uniform Electronic Transactions Act (“UETA”), not the E-Sign Act. E-Sign has a peculiar “reverse preemption.” Those who have been around long enough recall that in the late 1990's states were adopting electronic transaction laws, but in a non-uniform manner. In 1999, the National Conference of Commissioners on Uniform State Laws issued its final draft of the UETA, but states continued to enact UETA in a non-uniform manner. These non-uniform enactments were in part responsible for Congress passing E-Sign in 2000. In effect, Congress forced states to adopt UETA in a uniform manner by providing that the state version of UETA would control over E-Sign if UETA were adopted without modification. In most cases, then, if a state has adopted UETA substantially in final form, the state’s version of UETA is controlling over E-Sign. (To date, 47 states, plus the DIstrict of Columbia, Puerto Rico and the U.S. Virgin islands, have adopted UETA).

Would the analysis have been any different under UETA? It might be, because UETA is more comprehensive than E-Sign, including areas not covered by E-Sign.

Under Section 24-71.3-107 of the Colorado UETA, a contract may not be denied legal enforceability solely because an electronic record was used in its formation. So the court was correct in concluding that an e-mail exchange may satisfy the Statute of Frauds “writing” requirement.

But what about the e-mail exchange in this case? The Colorado definition of “electronic signature” is the same as the E-Sign definition. But Section 109 of UETA also allows for signatures to be “attributable” to a person where the person may not have “signed” the record himself (for example, a human agent with authority signs the record). The court concluded that the e-mail was not signed by the indiividual principal of Investordigs, but by an administrative employee. Under Section 24-71.3-109 of the Colorado UETA, whether the e-mail sent by the administrative employee could be attributed to the defendant “may be shown in any manner”. Thus, there is room for the investor to argue that the e-mail was sent on behalf of the principal of the company or that the administrative employee was acting as an agent of the principal. Unless there are additional facts not appearing in the court’s opinion, this would seem to be a classic issue of material fact, sufficient to defeat summary judgment. It is not clear from the record why the plaintiffs did not make this argument.

If the case does not settle, then it is likely that this decision will be remanded on appeal for findings of further fact consistent with the application of UETA, not E-Sign. It may be that, in the end, the investors will not be able to enforce the settlement agreement if they cannot attribute the e-mails to the company itself or the principal, or if the terms are not sufficiently definite to warrant enforcement. But, for the sake of argument, what if the employee was charged with taking notes for the meeting or was otherwise instructed by the principal to send out the e-mails containing the terms? Then it may be that the plaintiffs will be able to resurrect their claims.

Posted by John Ottaviani at 08:32 AM | E-Commerce , Licensing/Contracts | TrackBack

July 27, 2010

Yet Another TM Owner Gives Up Against Google--Ezzo v. Google

By Eric Goldman

Jamil Ezzo has apparently given up his lawsuit against Google over AdWords. The dismissal. This was a silly lawsuit that never should have been brought (it was over the purported trademark "Locate Plastic Surgeon" for gosh sakes), and the only surprising thing is that the lawsuit lasted this long. The most noteworthy thing about this dismissal is that Google has successfully whittled the pending AdWords trademark cases down to five from a high water mark of a dozen--an impressive display of litigation skill and financial wherewithal.

The roster of pending AdWords cases (I most recently thoroughly double-checked the status of these cases on June 6, 2010):

* Ezzo v. Google
* Rescuecom v. Google
* FPX v. Google
* John Beck Amazing Profits v. Google and the companion Google v. John Beck Amazing Profits
* Stratton Faxon v. Google
* Soaring Helmet v. Bill Me
* Ascentive v. Google
* Jurin v. Google 1.0 (voluntarily dismissed), succeeded by Jurin v. Google 2.0
* Rosetta Stone v. Google
* Flowbee v. Google
* Parts Geek v. US Auto Parts
* Dazzlesmile v. Epic

Posted by Eric at 04:19 PM | Derivative Liability , Search Engines , Trademark | TrackBack

Private Facebook Group's Conversations Aren't Defamatory--Finkel v. Dauber

By Eric Goldman

Finkel v. Dauber, 2010 WL 2872874 (NY Sup. Ct. July 22, 2010)

I previously blogged about this case last year. The case involves a private Facebook group comprised of 6 high school students apparently mocking and criticizing one of their classmates. Even if I acknowledge that the conversation was never meant for public consumption, to me the group's discussion is embarrassingly puerile and hearkens back to John Hughes' bleak depictions of high school life.

For reasons not explained in this opinion, the contents of the private group's discussion leaked out and got back to the target, who sued Facebook, most of the posters and the posters' parents. The suit against Facebook got some press when initially filed, but it was a farcically doomed legal endeavor, and I would have slapped it with a Rule 11 sanction if I had been the judge. The judge was more merciful than I would have been on the sanctions front but nevertheless dismissed the claim per 47 USC 230.

In last week's ruling, the court dismisses the plaintiff's defamation claims against the posters because, in context, the puerile discussion clearly did not constitute assertions of fact. The court says:

A reasonable reader, given the overall context of the posts, simply would not believe that the Plaintiff contracted AIDS by having sex with a horse or a baboon or that she contracted AIDS from a male prostitute who also gave her crabs and syphilis, or that having contracted sexually transmitted diseases in such manner she morphed into the devil. Taken together, the statements can only be read as puerile attempts by adolescents to outdo each other.

The court later reiterates the point:

The entire context and tone of the posts constitute evidence of adolescent insecurities and indulgences, and a vulgar attempt at humor. What they do not contain are statements of fact.

What baffles me is that this assessment was unmistakable from reading the complaint. Yet, despite the lawsuit's seemingly obvious futility, the plaintiff still thought this case was worth bringing. Why? Was it the hope of punching an ex post lottery ticket? Or was it an attempt to use the court system to redress the putative harms? If it was the latter, I wonder if some type of remedial action other than a judicial adjudication might have nevertheless satisfied the plaintiff, because the courts sure aren't providing a satisfying resolution to cyberbullying-style cases.

The court made two other rulings of interest. First, it rejected the plaintiff's efforts to impose negligence liability on the posters' parents for tortiously entrusting the kids with a dangerous instrument. The court says: "To declare a computer a dangerous instrument in the hands of teenagers in an age of ubiquitous computer ownership would create an exception that would engulf the rule against parental liability."

Second, the court rejects any standalone claim of "cyberbullying" as a tort. The court says: "the Courts of New York do not recognize cyber or internet bullying as a cognizable tort action."

This case reminds me a little of the DC v. RR "cyberbullying" case, which I have been meaning to blog for months and will get to eventually. The DC v. RR case is more serious because the taunts were publicly posted and much more violent, but in context, the postings were still obviously hyperbolic to me. Both cases present themselves as a combination of anti-social conversations by teens who don't realize the power of their words mixed with a plaintiff who perhaps felt more sensitive about such taunts than the average person. Either way, what's clear to me is that the court system is not doing a good job resolving cyberbullying claims to anyone's satisfaction. In my future post, I'll propose an alternative that might provide a better resolution for the plaintiff than bringing low-merit lawsuits.

Posted by Eric at 08:23 AM | Content Regulation | TrackBack

July 26, 2010

Facebook's Anti-Spam Filter Blocks Legitimate Conversations about Power.com

By Eric Goldman

On Friday, Venkat and I posted about the latest ruling in Facebook v. Power.com. After Venkat or I make a blog post, I typically post the blog headline and URL to Twitter. I have enabled the app that makes my Twitter posts into my Facebook status reports as well, so the headline and URL on Twitter should automatically propagate to Facebook. On Friday, I tweeted the following:

"Blog Post: Important ruling on California's anti-computer trespass statute--Facebook v. Power.com http://bit.ly/bM7hQT"

However, I noticed that the Twitter-to-Facebook app didn't work properly and the headline didn't appear. So I tried to manually enter the headline and URL and got this message from Facebook:

"This message contains blocked content that has previously been flagged as abusive or spammy. Let us know if you think this is an error."

I do think that's an error, and I reported the problem through Facebook's automated reporting tool on Friday. Not surprisingly, I still haven't gotten a response to that. But I was baffled how my headline and URL could have been "flagged as abusive or spammy." Who flagged it? Why?

After a little more experimentation, I discovered that every instance of the character string "power.com" is blocked in Facebook. Therefore, every time I put "power.com" into my status reports or in comments to those status reports--even if it's the only content in the post/comment--I get the "blocked content" message. However, it's easily avoided; I can post "power . com" (notice the spaces before and after the period) just fine. Basically, Facebook is using a very dumb word filter.

I emailed my PR contacts at Facebook about this. They pointed to their anti-spam filter and this blog post from June. The blog post explains that "we've been working to improve our warnings and make them more clear" and that "people misunderstand one of these systems. They incorrectly believe that Facebook is restricting speech because we've blocked them from posting a specific link."

So this is where things have gone wrong. Facebook told me it has blocked Power.com because "we found that Power was spreading links to its pages in a way that violated our Statement of Rights and Responsibilities. For example, when a Power user accessed Facebook, Power would automatically create an event on Facebook (typically called 'Power.com Party' or something similar) without the person's knowledge or permission. It would then send invitations to all of the user's friends." Fair enough, and I'm glad Facebook is trying to keep its system safe for users.

However, Facebook's dumb word filter block means that every reference to "power.com," even if it's in plaintext and not linkable, is still treated as a link and therefore is blocked as well. The messaging then disparages the plaintext reference as "blocked content that has previously been flagged as abusive or spammy" when, in fact, a link to the URL, not the plaintext reference I made, has been flagged. So much for clearer error messages.

I pointed out to Facebook's spokespeople the difference between a plaintext reference to a company's name ("Power.com") and a spammy URL/link. Their response? "Spammers turning their malicious urls into plain text is the oldest trick in the book. Not blocking all of the variations of a bad URL leaves a gaping hole."

There is a kernel of truth to this, of course. A plaintext URL is not materially different from an active hypertext link--if the user chooses to cut-and-paste the link into the browser (or right-clicks on it, or whatever). However, Facebook's method of blocking spammy links by blacklisting every instance of the character string actually has the effect of blocking *every* discussion of a blacklisted company with the name [noun].[tld]. Because the main word in the name is a noun (e.g., "Power"), referencing the name without the TLD can lead to semantic ambiguity. However, the system prevents me from using the complete name (Power.com) because it can't distinguish between a link and a plaintext reference to a company's name that acts as a URL. I received a private email that another Facebook user encountered a similar block with the string seppukoo.com, the Facebook suicide tool.

In my case, the net consequence is that Facebook automatically blocks any conversations involving the string "power.com"--including my headline to my blog post--and provides an error message telling me that I am posting spammy/abusive content when I try to make the posting, which makes me feel like I did something wrong. With all of the bright engineers at Facebook, I bet they could figure out a way to more precisely tune the filter so that a plaintext reference to [noun].[tld] gets through while active links to that URL, or more fulsome plaintext URLs, remain blocked.

That is, assuming Facebook actually wants to enable Facebook users to talk about Power.com or Seppukoo.com or other enterprises that threaten the Facebook franchise. Frankly, I haven't seen much evidence of Facebook's interest in those conversations. In light of Power.com's antitrust challenges against Facebook, the fact that Facebook's system suppresses legitimate conversations about Power.com (whether it had a censorious intent or not) struck me as particularly noteworthy.

Posted by Eric at 10:33 AM | Content Regulation , Domain Names , Privacy/Security , Spam | TrackBack

July 23, 2010

Judge Denies Facebook’s Request for Judgment on the Pleadings and Strikes Power.com Counterclaims -- Facebook v. Power.com

[Post by Venkat, with additional comments by Eric]

Facebook v. Power Ventures, Inc., Case No. C 08-05780 (N.D. Cal. July 20, 2010)

Background: Facebook and Power Ventures (Power.com) have been locked in a battle over whether Power.com should be allowed to access Facebook on behalf of users outside Facebook’s developer channels. Facebook wants all developers to go through its channel. Power.com seemed to go down in path but decided at some point that it didn’t like Facebook’s developer channel. It accessed (on behalf of its users) Facebook’s network. Facebook sued, and Power.com became an unlikely poster child for why data portability is important.

There’s been a lot of motion practice in this case. Facebook brought the typical array of copyright/computer fraud and abuse act claims that survived a motion to dismiss from Power.com. Power.com brought antitrust counterclaims that the court knocked out (with leave to amend). Facebook focused on its attention on its claims under the California computer crime statute (section 502), and moved for judgment on the pleadings. EFF filed an amicus brief arguing for a narrow construction of the statute. (In the meantime, there was a recusal by the judge who initially drew the case and dealt with the preliminary motions.) The court now deals with Facebook’s request for summary judgment or judgment on the pleadings that Power.com violated section 502, as well as a few other motions.

The Court’s Treatment of the Claims:

Standing under section 502: Power.com argued that Facebook lacked standing under section 502. The court easily disposes of this argument by noting that Facebook was forced (or decided it was prudent) to implement technical measures following its discovery that Power.com accessed its network. The court notes that there’s no dollar amount threshold, and rejects Power.com’s attempt to rely on its declaration that Facebook would not have had to invest any substantial amounts to implement these new technical measures.

Power.com’s liability under section 502: Facebook argued that Power.com accessed Facebook’s network without authorization because it exceeded the scope of the authorization allowed by Facebook’s terms of service. The court looks to the legislative history behind section 502 and declines to give legislative statements the broad-reaching meaning that Facebook urges. Facebook argued that any access in excess of authorization constitutes a violation of section 502, and the court doesn’t seem to agree with this. EFF filed an amicus brief arguing for a narrow interpretation of section 502. EFF also argued that Power.com’s actions did not violate section 502. The court settles on an interpretation of section 502 that requires some sort of circumvention of :

Technical or code-based barriers that a computer network or website administrator erects to restrict the user’s privileges within the system, or to bar the user from the system altogether.

[The court also drops a footnote noting that even though the defendant may not be liable under section 502, the defendant may still be liable for breach of contract. The footnote does not mention claims under the Computer Fraud and Abuse Act.]

Ultimately, the court leaves Facebook room to still make out a claim but says that (under section 502 at least) it can’t merely be based on a terms of service violation:

the Court finds that Power did not act “without permission” within the meaning of Section 502 when Facebook account holders utilized the Power website to access and manipulate their user content on the Facebook website, even if such action violated Facebook’s Terms of Use. However, to the extent that Facebook can prove that in doing so, Power circumvented Facebook’s technical barriers, Power may be held liable for violation of Section 502.

Power.com’s counterclaims based on Facebook’s alleged anti-competitive conduct: Facebook moved to dismiss Power.com’s antitrust claims against Facebook. The court focuses on Power.com’s allegations about Facebook’s acquisition of monopoly power. According to Power.com, Facebook gained monopoly power through allowing users to invite their friends (and making it easy), allowing people to access other networks through Facebook, while at the same time not allowing people to access Facebook through other networks. Power.com also alleged that Facebook alleged baseless intellectual property claims to dissuage new entrants into the market.

The court rejects these arguments, finding that Facebook has no obligation to allow others to access its network and it can set the terms of access without running afoul of antitrust rules. The court also finds that taking steps to protect its rights does not mean that Facebook is engaging in anti-competitive behavior.

Power.com’s affirmative defenses: The court previously struck Power.com’s affirmative defenses of copyright misuse and fair use. Power.com amended their pleadings and the court lets these affirmative defenses stand. The court’s discussion is a little sparse on whether these defenses actually are viable, but the court declines to strike them on the basis that the allegations provide Facebook with enough facts to put Facebook on notice as to what is being claimed.
__

I’d say overall it was not a big loss for Facebook. It still has viable claims under the Computer Fraud and Abuse Act and potentially copyright (in addition to auxiliary spam and other) claims. It has a chance to prove a violation of section 502 by showing that Power.com engaged in circumvention of a technical measure (IP address blocking, or additional security measures which Facebook implemented).

This is somewhat of a win for EFF, which got a ruling with a narrow construction under section 502. I’m not sure how useful this ruling will be in the Computer Fraud and Abuse context. Also, the court’s willingness to use circumvention of any technical measure to find a violation of section 502 sets a low bar. Still, in the garden variety context where an individual accesses a network in violation of the terms of service, section 502 claims don’t seem as likely (under the court’s ruling).

Power.com continues to slog it out. I’m guessing it will see this litigation as fairly unprofitable sooner rather than later, particularly with its antitrust claims out the window (I can’t imagine they thought these were terribly viable to begin with, judging by their initial set of allegations). Of course, they can bring their affirmative defenses and engage in some discovery, but this is not likely to bend the will of a company such as Facebook.

Additional Coverage:

Wendy Davis: “Facebook Rebuffed In Case Against Social Aggregator Power.com

ars technica: “Social network aggregator no crook for violating Facebook TOS
________

Eric's comments: A very small number of rulings have interpreted California Penal Code Sec. 502, the state law analog to the Computer Fraud & Abuse Act and a partial statutory codification of common law trespass to chattels. Based strictly on the statutory wording, Penal Code 502 (which authorizes civil suits in addition to being a criminal sanction) is the most plaintiff-friendly of the three doctrines because it does not require the plaintiff to show any minimum quantity of loss or harm from the defendant's harm.

This ruling partially reinforces why Penal Code 502 remains the most plaintiff-friendly of the three doctrines. Effectively, Facebook made the requisite showing of harm from Power.com's conduct even though Facebook's only purported harms appear to be remediation efforts. As the court says:

Defendants’ admissions that Facebook attempted to block Power’s access and that Power provided users with tools that allowed them to access the Facebook website through Power.com demonstrates that Facebook expended resources to stop Power from committing acts that Facebook now contends constituted Section 502 violations.

This is a bootstrapped type of loss that will be true in almost every anti-server use case.

The court then takes a decidedly less favorable turn when it comes to the authorization/permission question. Many CFAA rulings have allowed user agreements to delimit the authorized use of the plaintiff's servers. The court rejects that approach here, saying, in effect, that because Penal Code 502 is a criminal statute, allowing the user agreement to establish the boundaries of permitted server use is improper. I agree with that statement (some of you may recall my posts about the Lori Drew prosecution, conviction and dismissal). However, I would note Facebook's lawsuit is a civil case, not a criminal case, so the court could have distinguished between the legal requirements of criminal and civil cases. In particular, it was odd to see the court discussing constitutional limits to criminal prosecutions in a case where neither litigant really cared directly about the scope of criminality.

Even if the contract does not provide adequate notice to defendants, the court allows plaintiffs to delimit the permitted/authorized use of their severs technologically, and transgressions of those technological limits appears to satisfy the Penal Code 502 requirements and the constitutional protections applicable to a criminal prosecution. The court says:

the Court finds that accessing or using a computer, computer network, or website in a manner that overcomes technical or code-based barriers is “without permission,” and may subject a user to liability under Section 502.

This is because defendants are adequately put on notice when they encounter a technical block and try to route around it; therefore, with the technical block requirement, the statute will satisfy even the more stringent notice requirements of criminal law. There remained a factual dispute about Facebook's technical blocking efforts in this case based on the procedural posture of the case, so that point remains open for now.

If this case ends up setting the precedent that a user agreement cannot set the boundaries of authorized uses of computer servers in the California Penal Code Sec. 502 context, then this is a pretty important ruling. However, I don't really believe that result will necessarily be reached in other cases, especially given that Judge Ware disagreed with Judge Fogel's ruling in Facebook v. ConnectU on the same question.

In Cyberlaw I teach that an anti-computer trespass civil claim satisfying the four elements will probably win:

* Third party system use
* Damage
* Actual notice that use unpermitted
* Technological self-help

If Facebook can show these four elements, it has a good chance at winning the Penal Code 502 case; indeed, this ruling indicates that under Penal Code 502, the damage element is easy to meet and the notice/self-help elements effectively merge together. If you are prepping an anti-trespass case, the more clearly you can show all four elements, the more likely the court will find a legal doctrine to help you.

Posted by Venkat at 12:29 AM | Content Regulation , Licensing/Contracts , Privacy/Security , Trespass to Chattels

July 20, 2010

Book Review: Building Web Reputation Systems by Farmer & Glass

By Eric Goldman

Building Web Reputation Systems by F. Randall Farmer & Bryce Glass (O’Reilly 2010) [affiliate link]

As you may know, for the past couple of years, I have been researching how we regulate reputation systems. My most recent recap of my progress-to-date. As part of researching other disciplines’ approaches to reputation systems, I was pleasantly surprised to find this book, which discusses web reputation systems from a technical/product development standpoint. I'm not aware of other books directly on point, so that alone makes the book noteworthy. [If you know of analogous books that I should look at, I'd be grateful for the references.]

The word “reputation” is a complex and nuanced word. This book defines reputation as “information used to make a value judgment about an object or a person.” Notice how this definition treats reputation as actionable information (i.e., making a “judgment”). I favor that approach; my work also uses an actionable definition of reputation.

Their definition equally treats both objects and people as having “reputation,” and this does not work. In general, people are dynamic, i.e., they can change behavior; while content is static, i.e., an item of content does not change its character unless subsequently edited. This single definition of "reputation" created significant tension throughout the book. Recognizing this, the authors often bifurcated the discussion to separately address the process of establishing a person’s “reputation” (which they confusingly called “karma”). However, the book primarily focuses on grading and sorting content items, especially user-generated content, and I personally would not describe content items as having a “reputation.” As a result, I think the book is mistitled. It principally addresses content filtering, not “reputation” as I use the term.

Although this analytical tension pervades the book, the book nevertheless contained a lot of useful insights about both content filtering and establishing user trustworthiness. The authors have a lot of experience building filtering systems for different websites, so the book is packed with the kind of first-hand observations that only an insider can offer. There’s no substitute for the voice of experience when designing Web 2.0 UGC systems, and this book provides an easy and accessible way to learn some tips and tricks.

The book emphasizes the authors’ contributions to the reputation system at Yahoo Answers, and rightly so. Yahoo Answers has emerged into a bona fide success story and recently trumpeted its billionth answer. In my opinion, the book’s high point is Chapter 10, a case study of how Yahoo Answers developed a new filtering and reputation system that helped turbocharge the Yahoo Answers community.

Although the book doesn’t say this directly, two key lessons from Yahoo Answers’ evolution are:

1) UGC websites should let users vote on content, but not all user votes should be weighted equally.

2) UGC websites do not need to publish all user-supplied content items in an equally prominent manner. Perhaps some content should be obscure/hard-to-find until other users validate it.

The book pitches these conclusions as novel, but they seemed fairly intuitive to me. We implemented a very similar system embodying these two points back in 2000-01 at Epinions. Epinions allowed users to grade each others’ content; we weighted votes differentially based on users’ credibility; and we displayed ungraded and poorly graded content only to registered users (a small fraction of our readers). The fact that the authors “discovered” these conclusions at Yahoo Answers shows the dire need for books like this to help websites implement best UGC management practices without reinventing the wheel.

The fact that the authors didn’t acknowledge the Epinions precedent (and other systems like it) highlights another weakness of the book. There is a deep academic literature addressing the book’s topics (especially on content filtering and user incentive systems), but the book barely acknowledges this literature. For example, several times the authors cite Dan Ariely's Predictably Irrational for descriptions of human psychology and foibles. That's a perfectly credible citation, but it should be one of many literature citations, not the only citation. Instead of dipping into the rich academic literature, the book almost exclusively relies on the authors’ experience-based impressions. These impressions are a valuable information source that makes the book worth reading. However, because those impressions aren’t tempered with more rigorous academic findings, it’s not clear to me at all that the authors’ conclusions represent true best practices...or even state-of-the-art.

Because of its many structural flaws, this edition will not become a classic. Nevertheless, I have enthusiastically recommended the book to several UGC start-ups because the book provides a good repository of high-value experience-based perspectives that are not readily available elsewhere. Even if the book’s recommendations are debatable, it’s a debate worth having.

Posted by Eric at 06:39 AM | E-Commerce , Internet History | TrackBack

July 16, 2010

Online Video Publisher Learns Why You Should Register Your Copyrights Early--LTVN v. Odeh

By Eric Goldman

LTVN Holdings, LLC v. Odeh, 2010 WL 2612690 (D.Md. June 25, 2010). The 2009 ruling on jurisdiction in this case.

Kramer is a litigator. He formed an organization that publishes educational videos about legal topics and provides both paid and free syndication options for third parties to incorporate the videos into their websites. I didn't fully understand the extra value from the paid syndication option, which may be part of the problem. The defendant Odeh inquired about a paid syndication option for his Claims Consulting website, got a price quote, apparently didn't like it, and then signed up for the free syndication option. The complaint then alleges:

Mr. Odeh posted 12 LTVN videos related to filing insurance claims on his website on March 12, 2009. Claims Consulting presented the videos as its own by removing references to LTVN and CLIENTELEVISION.com, deleting LTVN's animations that appeared at the beginning and end of each video, and removing LTVN's seven-second promotional video. Claims Consulting also referred to the videos as “our information videos” and displayed them in its own flash video player. Furthermore, on the bottom of the page displaying the videos, Claims Consulting posted the following notice: “Copyright© 2009 Claims Consulting, LLC. All Rights Reserved.” [citations removed]

If the allegations are true, this looks like a straightforward copyright infringement claim. This also looks like a good candidate for a 1202 violation based on the alleged removal of the copyright management information and addition of new false information, although the complaint doesn't allege 1202 (a cause of action seemingly overlooked by the plaintiff).

Despite the solid-looking copyright claim, the publisher made the tactical error of not making a timely registration of its copyrights. As a result, the publisher can't get statutory damages or attorneys' fees. The court also reminds the plaintiff that punitive damages aren't available for copyright claims. Thus, if the plaintiff wins the copyright claim, its only damages will be "actual damages for any fair market licensing fee they would have charged the defendants for use of their videos." In other words, the defendant's alleged ripoff won't cost it any more than if it had taken the license deal in the first place.

Most of the plaintiff's other claims are preempted by federal copyright law. The Lanham Act false designation of origin was preempted per Dastar. The breach of contract claim was preempted as coextensive with the copyright claim (an area of doctrinal controversy). Other claims (state copyright, reverse passing off, unjust enrichment, and conversion) are all typically preempted when predicated on a copyright violation. The publicity rights claim isn't preempted, but the plaintiff attorney's image only appears in the video's editorial content and therefore there was no implied endorsement.

So, after the motion to dismiss, the plaintiff's complaint has been cut down to a standard copyright infringement claim with only actual damages--i.e., standard licensing fees--available at the end. This case is now primed for settlement, especially because the plaintiff has to come out of pocket for all further litigation proceedings (eating into the ROI of further investments). Clearly, the tenor of any settlement discussions would be very different if the plaintiff had made timely copyright registrations--with 12 videos allegedly infringed, the case would have a maximum value of over $2M including attorneys' fees. A practice pointer: if you're going into the content licensing business and hoping to get people to pay you, timely copyright registrations are a must to support any enforcement actions.

Posted by Eric at 09:33 AM | Copyright | TrackBack

July 15, 2010

eBay Venue Selection Clause Upheld in Texas

By Eric Goldman

In re eBay, Inc., 2010 WL 2695803 (Tex. App. Ct. July 8, 2010)

In Comb v. PayPal, 218 F. Supp. 2d 1165 (N.D. Cal. 2002), PayPal defended a putative class action by invoking the arbitration clause in its user agreement. Judge Fogel tossed the arbitration clause on unconscionability grounds, noting (among other defects) the cost/benefit problem facing plaintiffs: their case values individually were much smaller than the arbitration costs, and arbitration blocked class adjudication. This ruling was quite influential. Since then, online user agreements--and especially mandatory venue selection clauses--have become vulnerable to unconscionability challenges and other collateral challenges on their enforceability. At this point, a vendor's attempt to destroy class consolidation through a mandatory arbitration clause is virtually per se unconscionable.

The Comb case involved PayPal's venue selection clause, but eBay's user agreement had a basically identical clause. With this clear warning sign, eBay revised its venue selection clause. eBay now uses a bifurcated approach. The baseline is mandatory venue in a Santa Clara County, California court. However, if the dispute amount is less than $10,000, the plaintiff can select arbitration that does not involve in-person hearings. I personally think eBay's approach is pretty savvy, and I have modeled some clients' venue selection clauses on it. It responds to the Comb v. PayPal concerns about the arbitration costs for small disputes by creating a "fast lane" for small disputes, while still keeping the important disputes in eBay's home court.

This recent ruling shows the strength of eBay's current approach. Richards is the victim of a busted eBay Motors transaction, apparently incurring an $18,000 loss. eBay apparently takes the position that the transaction took place off-website and therefore outside the scope of eBay's Vehicle Protection Program. Richards sued eBay and the car seller in his home court. eBay responded with its mandatory venue selection clause. Apparently, the trial court rejected eBay's motion, but the appellate court easily reverses the trial court and orders the trial judge to enforce eBay's clause.

Richards attacked the venue selection clause per Comb. The court distinguishes Comb on several bases:

* PayPal had frozen small amounts of money; there is nothing like that at issue here.
* there was no issue about case consolidation. Instead, Richards chose to pursue his case individually.
* Richards didn't show that his unrecoverable costs to litigate in California were greater than litigating in Texas.

From my perspective, the key is that Richards' dispute value of $18,000 exceeds the threshold for efficient ADR option in the user agreement; but it's also a big enough case value for the court to accept that Richards could afford to litigate the case individually (as, in fact, he was doing in Texas).

Related blog posts:

* Terminated eBay Vendor Gets Day in Court Against eBay--Crawford v. Consumer Depot
* Note about Tricome v. eBay
* Note about Universal Grading Service v. eBay
* eBay User Agreement Upheld, Part II--Durick v. eBay
* eBay User Agreement Upheld--Nazaruk v. eBay (upheld on appeal)

Posted by Eric at 07:33 AM | E-Commerce , Internet History , Licensing/Contracts | TrackBack

July 14, 2010

Funky Ninth Circuit Opinion on Domain Names and Nominative Use--Toyota v. Tabari

By Eric Goldman

Toyota Motor Sales, U.S.A., Inc. v. Tabari, 2010 WL 2680891 (9th Cir. July 8, 2010)

Every time I see a federal appellate opinion on domain names, I'm vaguely reminded of the Country Joe song I-Feel-Like-I'm-Fixin'-To-Die Rag, whose chorus goes "And it's one, two, three, what are we fighting for?" Fortunately, domain name disputes do not lead to the senseless loss of life we experienced from the Vietnam War. Unfortunately, lengthy domain name litigation usually has little more strategic value. Invariably, the domain name litigation has less to do with rational economic decision-making and more to do with chest-beating and posturing.

I bring this up because the Ninth Circuit's latest domain name opinion involves litigation that makes no financial sense for either side. The Tabaris are independent auto brokers that help their customers find and buy Lexus vehicles from an authorized Lexus dealer. They run a business called Fast Imports from the domains buy-a-lexus.com and buyorleaselexus.com.

What is Lexus’ problem with those domain names? The Tabaris are helping people buy Lexuses, so Lexus is going to get its fair share no matter what. The appellate opinion did not indicate that the Tabaris are crooks or trying to divert Lexus customers to other brands. So Lexus, why sue your friends? The opinion hints that Lexus was trying to improve dealer relations by squelching a broker who plays dealers off each other, but hey, that’s fair competition.

From the Tabaris’ perspective, losing these domain names should not be intrinsically fatal to their business. The Tabaris could set up shop at any number of other domain names, in which case they would lose only the built-up clicks from existing links to the site (I wonder how many of those there were in this case) and any extra Google juice from having a seasoned domain name with the trademark in it. I always find it weird when appellate courts treat a defendant’s domain name as the dispositive linchpin of communication between interested parties rather than just one of many SEO tools.

Refreshingly, this opinion does not overestimate the domain name’s value. However, it doesn’t see any reason to consider a switch either: "the Tabaris needed to communicate that they specialize in Lexus vehicles, and using the Lexus mark in their domain names accomplished this goal. While using Lexus in their domain names wasn’t the only way to communicate the nature of their business, the same could be said of virtually any choice the Tabaris made about how to convey their message."

While the opinion focuses on domain names, the Tabaris' websites also, at some point, used copyrighted Lexus photos and displayed the Big L logo. Normally, a photo rip and unauthorized logo display will get a district court judge to rule in favor of the IP owner. Before Lexus sued, the Tabaris cleaned up those issues, so the Ninth Circuit panel focuses solely on the two domain names (because an injunction was the only remedy at issue). This is a logical move by the Ninth Circuit, but most courts will not be so forgiving of sites that borrow the official logo and copyrighted photos.

With the Tabaris' use of the two domain names in their auto brokerage business the only issue on appeal, this should be an easy call per the nominative use doctrine. However, the words "easy" and "nominative use doctrine" go together like peanut butter and artichokes. Personally, I still have no idea when businesses outside a manufacturer's authorized channel can legally include the manufacturer's trademark in their name. Each case seems to be sui generis.

To segregate legitimate from illegitimate uses of third party trademarks in domain names, the opinion lays out a surprisingly lucid taxonomy with 3 categories of presumptively illegitimate domain names:

1) "When a domain name consists only of the trademark followed by .com, or some other suffix like .org or .net, it will typically suggest sponsorship or endorsement by the trademark holder." This makes sense intuitively, but (A) the court doesn't address the seemingly contradictory Lamparello case, and (B) the opinion’s reasoning remains predicated on dicey assumptions about consumer search behavior, such as consumers typing in trademark.com into their web browser address bar—an assumption that has grown dicier with the rise of omniboxes.

2) "Sites like trademark-USA.com, trademark-of-glendale.com or e-trademark.com will also generally suggest sponsorship or endorsement by the trademark holder."

3) "domains like official-trademark-site.com or we-are-trademark.com affirmatively suggest sponsorship or endorsement by the trademark holder and are not nominative fair use"

By implication, other domain names generally should be eligible for nominative use. At minimum, buy-a-TRADEMARK.com and buyorleaseTRADEMARK.com should be fair game for resellers and related parties like buying agents. In support of this, the court rejects Lexus' argument that there was something untoward about the Tabaris brokering other auto manufacturers if their customers decided they didn't want a Lexus. For more on this, see my Brand Spillovers article.

The opinion suggests that the following domain names should qualify for nominative use or otherwise be permissible as well:

* mercedesforum.com
* mercedestalk.net
* starbucksgossip.com
* frys-electronics-ads.com
* mercedesboots.com
* mercedeshomes.com [although I wonder about dilution with these two]
* comcastsucks.org

Procedurally, the opinion addresses several key issues about the interaction between the nominative use test and the likelihood of consumer confusion test. The opinion says that an evaluation of consumer confusion is implicitly built into the New Kids on the Block nominative use test. Therefore, "if the nominative use satisfies the three-factor New Kids test, it doesn’t infringe" without needing to consider the likelihood of consumer confusion test at all. Thus, "nominative fair use 'replaces' Sleekcraft as the proper test for likely consumer confusion whenever defendant asserts to have referred to the trademarked good itself." Further, once a "defendant seeking to assert nominative fair use as a defense...show[s] that it used the mark to refer to the trademarked good," the trademark owner bears the burden of disproving nominative use. All of these procedural points have been hotly contested in prior cases.

The court concludes that the district court's injunction against the Tabaris using "Lexus" in domain names was too broad and remands the case to the district court to try again. Although the court doesn't tell the district court exactly what to do, it does indicate: "At the very least, the injunction must be modified to allow some use of the Lexus mark in domain names by the Tabaris."

This is a rich and multi-faceted opinion written in a confident and emphatic style…perhaps too emphatically, as the opinion swings around like a bull in a china shop, breezily overturning or sidestepping numerous 9th Circuit precedents on both domain names and nominative use. Were this opinion to become the definitive 9th Circuit statement on either domain names or nominative use, this case would be a landmark opinion. However, the 9th Circuit's Internet trademark jurisprudence has awkwardly accreted on a case-by-case basis for more than a decade, and I doubt this opinion will meaningfully affect the next 9th Circuit panel’s considerations.

Even so, this case has to be good news for shopbots. Although the Tabaris were “manual” shopping agents, the case's reasoning should apply equally well to all shopbots comparison search engines and review sites that use third party trademarks as part of their taxonomy. These sites regularly get nastygrams from trademark owners. It will be interesting to see if this case helps turn that tide.

A final oddity: Judge Kozinski wrote both this opinion and the recent eVisa decision. Although the opinions involve different trademark doctrines applicable to domain names (a nominative use defense instead of dilution), their spirit couldn't be more different. The eVisa case was decidedly pro-plaintiff, while this opinion is very defense-favorable. I wonder if Kozinski bent over backwards to help a pro se litigant (the Tabaris represented themselves), or perhaps Lexus' anti-competitive intent set him off. Otherwise, although the split opinions in theory can be harmonized on numerous bases, they struck me as schizophrenic.

More comments from Rebecca Tushnet (smart and challenging, as always—especially about the numerous empirical deficiencies in the opinion), Ryan Gile and Tom O’Toole.

Posted by Eric at 01:08 PM | Domain Names , E-Commerce , Marketing , Trademark | TrackBack

July 13, 2010

AOL's Disclosure of Search Data May Support Claims Under California Law

[Post by Venkat]

Does v. AOL LLC, Case No. C06-5866 SBA (N.D. Cal.; June 22, 2010)

Plaintiffs bringing a class action against AOL for improper disclosure of search data scored in an initial victory in the Northern District of California. The court denied AOL's motion for judgment on the pleadings, and allowed claims (under California consumer protection laws) to go forward.

Background: AOL "records and stores member search queries in a manner rendering it possible to connect the stored search queries with a particular member." In July 2006 AOL "packaged" (??) approximately 20 million search records into a database which it then inadvertently posted on its website "for the public to download." The database contained records of 685,000 AOL members that were stored in a two month period in 2006. The disclosed data includes sensitive information such as names, social security numbers, addresses, telephone numbers, credit card numbers, user names, passwords, and financial bank/account information.

Shortly after it posted the database, AOL pulled the database. However, by this time it had been downloaded and reposted on other websites. According to the complaint, "AOL's response to the disclosure has been to do nothing." AOL attempted to impose conditions on third parties who downloaded the database but it hadn't taken any action to restrict such use.

Plaintiffs sued alleging federal claims (under the Electronic Communications Privacy Act) and state claims (under section 1750 and California false advertising statutes).

Discussion: The case is in an atypical procedural setting, but one that may be helpful to plaintiffs. AOL initially moved to dismiss and have the case transferred to Virginia based on the venue clause in its Member Agreement. The district court agreed and initially dismissed the lawsuit so it could be re-filed in Virginia. The Ninth Circuit reversed (in 2009) and held that the venue provision in AOL's Member Agreement was unenforceable as to California residents bringing claims under "California consumer law." On remand AOL moved to dismiss one of the named plaintiffs who is not a California resident and dismiss the claims that did not arise under California consumer law. The district court granted that motion. Plaintiffs appealed and asked the district court to stay resolution of the California consumer law claims until the Ninth Circuit resolves the issue of whether the remaining claims were properly dismissed. [That's a lot of procedural wrangling!]

Standing to seek injunctive relief: The court denies plaintiffs' motion to stay. Moving on to the substantive claims, the complaint seeks an injunction, and AOL argued that plaintiffs lacked standing to seek injunctive relief. Injunctive relief would be available if there's some risk that the complained of conduct would continue to occur. The court finds that plaintiffs had the requisite standing because plaintiffs alleged that AOL engages in a practice of storing search queries and "has taken no steps to ensure that such information is not disclosed again."

California Consumer Legal Remedies Act: AOL argued that plaintiffs did not sufficiently plead injury under the CLRA. The court notes that the CLRA sets a "low but nonetheless palpable threshold of damage," but encompasses harm "other than pecuniary damages." Getting to plaintiffs' allegations, the court notes that AOL allegedly "held itself out to the market as being a leader in internet security and privacy and represented . . . that its service was 'safe, secure and private.'" The information disclosed by AOL includes highly-sensitive information, financial information, social security numbers. "Also disclosed was information regarding members' personal issues, including sexuality, mental illness, alcoholism, incest, rape, adultery, and domestic violence." [emphasis added] The court concludes that this is more than enough to allege injury under the CLRA.

AOL also argued that the CLRA claim sounded in fraud and must be pled with particularity. The court finds that plaintiffs satisfied this requirement, in specifying that "misrepresentations were made in AOL privacy policy and other statements posted on AOL's website, and that the representations were false in that they assured members that AOL would endeavor to maintain the privacy and security of their personal confidential information." AOL finally argued that plaintiffs failed to allege causation, but the court quickly dispenses of this argument, noting that where there are representations in a privacy policy regarding safeguarding personal data, a reasonable consumer would only sign up to disclose personal information in reliance of representations contained in the privacy policy. At the end of the day, plaintiffs' CLRA claims are allowed to move forward.

UCL and FAL: AOL's arguments around the unfair competition and false advertising laws were similar to its arguments against the CLRA claims. The court rejects these arguments. Finally, the court dismisses plaintiffs' claims under the "Consumer Records Act," which requires businesses to take "reasonable steps" to dispose of customer records when they are no longer "retained" by the business. The court (citing to the legislative history) notes that the statute was intended to prevent "dumpster diving," and was not intended to encompass the situation in the present case.

__

It's tough to assess what happened (and what will happen) at the pleading stage, but if AOL really disclosed those sensitive records and didn't take any steps to remedy the situation what was AOL thinking?

It's been blogged to death that breach of a privacy policy is not actionable in the typical consumer context. (See for example: "When Does a Privacy Policy Breach Support a Breach of Contract Claim? In re JetBlue;" "9th Circuit Affirms Rejection of Data Breach Claims Against Gap [citing cases].") What's different here? For one thing, there's a statute which has a pretty low threshold for damages, and plaintiffs are wisely avoiding the negligence route. To the extent these are paying customers, they also can argue disgorgement and get their money back (or a portion of it). Finally, they're arguing about the disclosure of information (intimate and personal details) where the harm lies in the disclosure and not the misuse of the data.

It was also interesting to see that the court focused on flowery language in AOL's privacy policy. The FTC did something similar in its informal investigation of Twitter. ("The FTC Dings Twitter's Security Practices -- What Does This Mean for Everyone Else?.")

The case is a reminder of the huge quantity of personal information that networks store about users. One can never be reminded of this often enough.

Other coverage: Wendy Davis (MediaPost): "AOL Suffers Blow In Lingering 'Data Valdez' Case."

_______

Eric's Comments: In retrospect, AOL's decision to release the dataset was, at best, a ill-considered decision (and one that already cost several AOL employees their jobs). However, AOL claimed to release the dataset for research purposes, and it remains one of the few public datasets of how actual users search. (For obvious reasons, I don't anticipate new ones being posted any time soon). While it's hard to praise AOL here, the lawsuit has problems of its own. For one, Venkat mentions the damages/harm problem. Also, the ECPA claim raises the disconcerting specter that search queries are private communications between searchers and search engines--a legal proposition with potentially far-reaching effects that I've never been able to wrap my head around. If you want more information on these issues, this case is one of several explored in Paul Ohm's paper on re-identification that I've praised repeatedly.

Posted by Venkat at 11:56 AM | Privacy/Security , Search Engines

July 12, 2010

Copyright Statutory Damages Award Violates Constitutional Due Process--Sony v. Tenenbaum

By Eric Goldman

Sony BMG Music Entertainment v. Tenenbaum, 2010 WL 2705499 (D. Mass. July 9, 2010)

I have largely skipped blogging the Sony v. Tenenbaum lawsuit because (1) it was well-discussed elsewhere, and (2) for the most part, it was a pretty straightforward case. Then, on Friday, the judge dropped an opinion that should make my list of top 10 most important Cyberlaw cases of 2010.

The Sony v. Tenenbaum lawsuit is one of the multitudinous file-sharing copyright infringement cases. Tenenbaum admitted to impermissible file sharing, made an unsuccessful fair use defense, and was hit with a statutory damages award of $675,000. This ruling concludes that the jury award of statutory damages violated Constitutional Due Process, but a lesser award of $67,500 (10% of the jury award) would be Constitutional. This ruling is critically important because it has the potential to affect every copyright litigation's damages calculations when statutory damages are at issue.

I expect the copyright industry to FREAK OUT about this opinion. Recall their histrionic response to the Viacom v. YouTube opinion, which was 1/10 as damaging to them as this opinion. Meanwhile, as much as we might sympathize with the judge's normative sentiments in the opinion, the judge's doctrinal arguments did not completely convince me, so this may be a challenging opinion to uphold. Further, this ruling sends copyright litigation into anarchy until we get additional judicial guidance.

The Ruling

The opinion starts with an unusually public hand-wringing by a judge. Judge Gertner expresses frustration that the parties wouldn't settle and the plaintiffs made it clear they would refuse a remittitur. This meant she had no other options than to do the remittitur anyway (and force a new trial) or address a constitutional challenge she would have clearly rather avoided.

The court's substantive discussion involves civil procedure and Constitutional Due Process, two areas that aren't my strength. Despite my limited expertise in those areas, I spotted three fundamental assumptions that are likely to be critically tested on appeal.

First, the opinion subjects punitive damages and statutory damages to the same Constitutional analysis. The opinion acknowledges differences between the two types of damages, but it concludes that there is no Constitutional difference.

Second, the court apparently believes that statutory damages for non-commercial infringement that minimally harmed the copyright owner raises special Constitutional due process concerns that the rest of the copyright universe apparently does not.

Third, the court arbitrarily selects a Constitutional cap of 3x the statutory damages minimum. Of course, any bright line rule is going to be arbitrary, but computing the Constitutional cap using the statutory damages floor seems especially odd. It makes sense if the problem is notice to the defendant, but if the problem is the high ratio of statutory damages to actual damages--the court's main focus--then using the statutory floor makes no sense. Derek Bambauer explores this point more.

One more oddity (of several I could mention): Although it was ultimately irrelevant to her holding, Judge Gertner had a bizarre digression arguing that some members of Congress *like* peer-to-peer file sharing (see pages 36-37 of the PDF). She does this by citing a few examples where key members of Congress expressed lukewarm enthusiasm towards peer-to-peer file sharing. This conveniently ignores the mountains of evidence that Congress actually HATES peer-to-peer file sharing with a passion. For example, there's the pre-Napster No Electronic Theft Act, where Congress sent the clear signal that it wanted to jail non-commercial online infringers. See my lengthy deconstruction of that statute. Congress went back to the well in the ART Act in 2005, reinforcing that it wanted non-commercial file sharers to go to jail if they traded pre-release works. And there's the Higher Education Opportunity Act (HEOA) of 2008, which mandated that universities deploy efforts to block file-sharing. Finally, let's not forget the many (dozens?) Congressional hearings that had the sole objective of publicly excoriating file sharing. As I said, Gertner's argument wasn't essential to her ruling (the Constitutional dimension of her ruling negates Congress' role), but I thought the digression significantly damaged the opinion's credibility.

The Implications

I expect two immediate consequences of this decision.

First, I expect more litigation battles over statutory damages. Basically, almost every copyright infringement defendant can advance a non-frivolous argument that statutory damages in their case would be unconstitutional. As a result, statutory damages cases will take more time and money.

Second, I expect it will be harder to settle copyright cases pre-litigation. Right now, it's hard enough to settle a case when statutory damages are available, because the copyright owner may (over-optimistically) value the case at the statutory maximum ($150k per infringed work) while defendants often value the damages at much lower numbers. With such a wide range of possible damages, it’s already hard enough to reach a compromise value. However, after this ruling, defendants will have increased confidence in their low case valuations (given the possibility that statutory damages will be Constitutionally capped at $2,250/work), while most copyright owners will not accept this discount. As a result, due to the doctrinal uncertainty, the litigants will have an even harder time reaching a compromise value.

Because the judge found Constitutional limits to Congress' authority, it's not clear to me how Congress could overturn this decision even if it wanted to. For now, this battle will need to play out in the courts. Personally, because of the arbitrariness of the court's distinction between commercial/non-commercial infringement and the arbitrary computation of a damage "cap," I would be surprised if this opinion survives intact on appeal.

Conclusion

Given its questionable doctrinal analysis, I think this opinion is best viewed as a judicial nullification (the analogue to jury nullification, but done by a judge). The judge essentially concludes that copyright law goes too far, and the judge decides not to countenance that. Nullification isn’t normally within a judge’s toolkit, but I can understand the judge’s sentiment. The bad brew of an aggressive copyright lobby and pliable politicians have created a copyright legal scheme that often conflicts with mainstream norms about fairness. It’s not surprising to see some smart folks balk at this scheme, no matter how clear the statute is.

Trivia: Judge Gertner also wrote the quirky Hearts on Fire v. Blue Nile opinion. One commonality: the rulings in both that opinion and this one have the natural consequences of significantly jacking up the litigants' costs.

Posted by Eric at 08:46 AM | Copyright | TrackBack

July 11, 2010

Q2 2010 Quick Links Part 3 (Special Facebook Edition)

By Eric Goldman

It’s been an exciting quarter for Facebook, which earned its own special quick links edition. I’ve also been prompted to take a step back and reassess my relationship with Facebook.

From about 2007 through 2009, I really loved Facebook. It was a valuable tool that allowed me to do things I wanted to do and talk with people I wanted to talk with. As a result, during that time, Facebook was an essential part of my daily routine.

Then, something went wrong. It wasn’t really one single thing, but rather the accumulation of a series of missteps. For example, I was highly irritated that Instant Personalization required me to opt-out in FOUR different places. I’m a highly educated man and a reasonably sophisticated Internet user, but I couldn’t be sure if I had done everything required to completely opt out. That’s terrible.

Perhaps the last straw was this New York Times interview with Elliot Schrage of Facebook, which caused me to do a double-take when I saw this gaffe:

[Reader Q:] “Why not simply set everything up for opt-in rather than opt-out?...”

[Schrage answer:] “Everything is opt-in on Facebook. Participating in the service is a choice….”

What??? Sorry, but I’m going to have to call BULLSHIT on that. This is one of those “black-is-white” word twists that practically begs for an FTC enforcement action. It’s true that I “opted in” to voluntarily create a Facebook account, and it’s also true that I voluntarily participate in the service. However, it is not true that I therefore have “opted in” to every subsequent product choice Facebook makes, ESPECIALLY WHEN FACEBOOK CHANGES how it handles user data. A user does not “opt-in” to a new product change unless the user knowingly and affirmatively assents to the change—which Facebook didn’t solicit, especially when it launched Instant Personalization on an opt-out basis. As a result, I have to assume that Schrage’s response was either knowingly disingenuous or unbelievably naïve. Either way, I don’t really want to spend a lot of time with a service that doesn’t understand something as fundamental as the proper definition of “opt -in.”

So Schrage is right that I can choose to participate in the service, and I’m largely choosing not to. Three examples:

1) I used to have my profile fully public--and therefore fully indexable in the search engines--but I have since changed my profile to be visible only to friends. I’m not trying to keep secrets or maintain a dual persona; in fact, I don’t say anything different on Facebook than I would say elsewhere. I just don’t want Facebook to get my indexable content or any link love.

2) I have reengaged my Twitter-to-Facebook API so that my Twitter posts automatically populate to the Facebook newsfeed, which further reduces my visits to Facebook.

3) I used to read my newsfeed pretty religiously and comment on other folks’ posts routinely, but I rarely do that now. I had already reduced my commenting after a previous Facebook product change automatically posted my comments to my newsfeed despite my explicit opt-out of such postings.

Personally, I think this is how Facebook is going to go down. It’s not going out in a fiery blaze of mass account deletions. Instead, it will atrophy from the collective but individual decisions of people choosing to spend less time on Facebook and spend that time elsewhere. (I talk about this disengagement phenomenon in the context of virtual worlds here). That’s certainly what I’m doing. Indeed, there is some evidence that Facebook’s traffic is plateauing, so perhaps I’m not the only disengaging user. This is why new account signups aren’t the right measure of Facebook’s success any more, especially when the new accounts are coming from late adopters like my mom and my mother-in-law (both recent signups), both of whom have no idea what to do with their accounts and are not actually engaging in the service.

When Facebook reaches the negative tipping point, no one will go there because no one else is posting interesting content—a self-reinforcing downward spiral. As a prime example, I still have my Orkut and Friendster accounts, but I can’t imagine why I would go back because neither services offers any interesting content to me. Similarly, Facebook may become a virtual depopulated ghost town with interesting relics.

Other interesting links regarding Facebook’s imbroglio from last quarter:

* EFF: Facebook's Eroding Privacy Policy: A Timeline.

* “How Do I Delete My Facebook Account” is a popular search, which has led to bonus traffic for wikiHow’s web page on the topic. However, as I said, I don’t expect mass account deletions; mass account disuse is much more likely.

* Chris Kelly, Facebook’s former Chief Privacy Officer, disavowed himself from Facebook’s product changes as part of his unsuccessful candidacy for California attorney general. I’m hear you, Chris, but maybe could you tell us a little more about Beacon…wasn’t that on your watch??? The NYT recaps how Kelly’s Facebook background was a mixed bag for his campaign.

* EFF: Facebook should follow its own principles.

* CNET’s retrospective on some of Facebook’s missteps over the years. One they missed: Facebook v. Power.com. I am not entirely sympathetic to Power.com based on existing legal doctrine. However, the whole lawsuit would be completely unnecessary if Facebook provided a bona fide tool that lets users port their own data off Facebook—something Facebook has shown zero interest in doing. (Recall, for example, the Facebook representative painfully ducking the data portability question at the FTC’s Berkeley privacy workshop).

* Facebook’s product crisis caused an internal rift among Facebook execs.

A couple of other Facebook tidbits from the last quarter:

* Facebook's automated "Community Page" generator is leading to some wacky results for law firms.

* NYT: High school students are changing their Facebook names to aliases during college admission season.

Posted by Eric at 11:30 AM | Privacy/Security | TrackBack

July 09, 2010

Online Sports Ticketing Exchange Wins Dismissal Under Website User Agreement -- Duffy v. The Ticketreserve, Inc.

[Post by Venkat]

Duffy v. The Ticketreserve Inc. (FirstDIBZ.com), Case No. 09 C 1746 (N.D. Ill. July 6, 2010)

FirstDIBZ.com operates an online market place where end users can "buy, sell, and trade options to purchase tickets to sporting events." Plaintiffs who attempted to purchase tickets to the 2009 Super Bowl brought claims alleging fraud and breach of contract. FirstDIBZ scores a win. While plaintiffs get another chance, it's unlikely that they're going to be able to make out a complaint that survives a second motion to dismiss. The case overflows with interesting issues.

Background: FirstDIBZ essentially "operates as a futures market for tickets [for sporting events]." [This probably explains why I've never heard of it.] A "DIBZ" is an instrument which (i) gives the holder the right to purchase a ticket for an event, or a possible event and (ii) obligates the holder to purchase the ticket if the event occurs. As an example, the court notes that if you bought a DIBZ for Game 1 of the World Series at Wrigley Field,

in the event . . . the Cubs overcome their decades-long World Series Drought, the happy fan would then be guaranteed the right to purchase the ticket for Game 1 at face value. Should the Cubs disappoint, the DIBZ-holder would receive nothing and would lose the money she paid for the DIBZ.
[footnote referencing "DA CURSE OF THE BILLY GOAT: THE CHICAGO CUBS, PENANT RACES, AND CURSES" omitted]

FirstDIBZ operates two types of marketplaces. In the "FirstDIBZ-supplied" marketplace, FirstDIBZ guarantees the authenticity of the listings. In the "consumer-supplied" marketplace, FirstDIBZ only "acts as an exchange."

Plaintiffs brought tickets to Super Bowl 2009 in the consumer-supplied marketplace and their DIBZ turned out to be bogus - i.e., the sellers did not actually have the ability to procure Super Bowl 2009 tickets.

Plaintiffs agreed to a website user agreement that contained a description of the consumer-supplied marketplace which said that sellers "assume responsibility for . . . their listings." The agreement also contained a broad release pursuant to which users released FirstDIBZ and its affiliates "from claims, demands and damages . . . of every kind and nature . . . arising out of or in any way connected with [any disputes with Sellers]." The agreement also contained standard "as-is" and disclaimer language and contained a limitation of liability.

Discussion:

The release language: The court looks to the release and concludes that it applies to any breach of contract claims against FirstDIBZ. Plaintiffs tried to argue that their claims were not related to a dispute between plaintiffs and sellers, but rather were based on the acts or omissions of FirstDIBZ. The court rejects this argument, finding that plaintiffs' claims are "undoubtedly connected" to the underlying dispute between plaintiffs and sellers. The court notes that the claims relating to FirstDIBZ's failure to release certain funds from plaintiffs' online wallet accounts may not fall under the release, but cautions that if this is all that there is left, this probably presents a jurisdictional problem for plaintiffs (who alleged federal jurisdiction under the Class Action Fairness Act).

Warranty disclaimers and limitation of liability: The court finds the warranty disclaimers and the limitation of liability enforceable because they met the test under Illinois law that they could be reasonably construed with the remainder of the agreement and were "sufficiently conspicuous." The court did some fancy footwork around terms in the FirstDIBZ user guide which stated that "One DIBZ guarantees one face-value ticket," and that users could "sell [their] DIBZ to other fans . . . at any point during the season." The court finds that this only applies to holders of genuine DIBZ and does not amount to a warranty that any DIBZ would, in fact, be genuine.

Fraud and Illinois Consumer Fraud Act: Plaintiffs argued that they were misled regarding the authenticity of the DIBZ in statements made by FirstDIBZ in its marketing materials and in the media (which were posted on FirstDIBZ's website). The court finds that these arguments are precluded by the broad release. The court also dismisses the claims under the Illinois Consumer Fraud Act, finding that these claims are just dressed up versions of plaintiffs' contract claims.

Unjust enrichment: Finally, the court dismisses the claims for unjust enrichment, finding that this claim is quasi-contractual in nature and a party cannot circumvent a losing contract claim by bringing a claim for unjust enrichment.

__

Section 230: When I first read the case, I thought: what about Section 230? Courts have granted entities like eBay robust immunity against claims from purchasers who bought items that turned out to be not as advertised. (See, e.g., Gentry v. eBay (sale of fake sports memorabilia); Stoner v. eBay (sale of bootleg recordings).) However, this case in some ways reminded me of Mazur v. eBay, where eBay lost a section 230 defense in a case that revolved around live-bidding on eBay, which eBay supposedly screened. Here is Professor Goldman's post on the case: "eBay Denied 230 Defense for Its Marketing Representations--Mazur v. eBay." (Mazur was settled after the court denied class certification.) As his post notes, Mazur seemed to open up a website to a claim that would otherwise be covered by Section 230, by a plaintiff's allegation that "a website made a marketing representation somewhere that says or implies the tort wouldn't occur." (See also Barnes v. Yahoo, discussed in this post: "Ninth Circuit Helpfully Amends Barnes v. Yahoo Opinion".)

User Agreement/Release: Ultimately, the court bypasses the Section 230 discussion and looks to the user agreement, finding that the broad release precludes plaintiffs' claims. FirstDIBZ dodged a bullet for sure, and a big takeaway (which is nothing new) is that websites should keep close watch on their marketing representations, whether those representations are contained in a press release, sales materials, or off-the-cuff statements made by people at the company. I could see a court going the other way on this and finding that the FirstDIBZ marketing materials contained affirmative representations which modified and limited the effectiveness of the online terms and the release. The court's decision to rely on the release (which appeared to be cut and pasted from the eBay user agreement) instead of 230 is reminiscent of the Grace v. eBay appellate court decision, which the CA Sup Ct ultimately depublished. (The Citizen Media page provides background: "Grace v. Neeley.")

[Eric's comment: I've always been a big fan of contractual releases as a belt-and-suspenders risk management backstop to a 230 immunity. This case, combined with the lessons from the Grace v. eBay detritus, is a good reminder of the value of savvy contract risk management provisions as a complement/backstop to the statutory immunity. If you're drafting user agreements, you should consider the possible role of contractual releases from the user as part of the package. All too often, I see contracts where the drafters hope the warranty disclaimer and limits of liability achieve that result indirectly instead of just including an explicit release.]

The Scalping Problem: The court notes that neither party addresses whether FirstDIBZ's exchange runs afoul of laws prohibiting scalping. FirstDIBZ's exchange brings to mind the the hotly contested "Hollywood Futures" market, which is currently the subject of a few legislative skirmishes. (LA Times: "Watching a big bet on box-office futures go sour.") The FirstDIBZ market is a way that people can bet on teams. This raises an unclean hands problem. Except that everyone's hands are a bit dirty, so I'm not sure which way unclean hands would cut, and I suspect the parties weren't either, so they wisely left that issue to the side. (The plaintiffs could have attacked the legality of the whole scheme since FirstDIBZ didn't pay out due to capitalization issues, but the plaintiffs did not focus on this.) The scalping issue also has the potential to affect the Section 230 analysis. In a dispute between the New England Patriots and StubHub (where the Patriots were trying to prevent ticket resales through StubHub) the court recently ruled at summary judgment that a finding that StubHub contributed to a violation of anti-scalping laws by its users could result in a loss of Section 230 immunity. ("Two 47 USC 230 Defense Losses--StubHub and Alvi Armani Medical".)

Were Plaintiff's Acting Reasonably?: I go back and forth on whether the plaintiffs deserve sympathy here. I would think the whole point of an options exchange is to facilitate transactions where people actually have the right to sell what they are purporting to sell. I'm not familiar with options marketplaces, and I don't advocate looking to what a "reasonable online consumer" would perceive, but I would think customers would look at an options marketplace and think that the marketplace had some mechanism in place to verify what was at the selling end of the transaction. You would think the contingency would be in the sports team making it to the Super Bowl, not whether the seller turned out to actually have tickets. In a sophisticated financial marketplace, maybe things vary, but in the context of Super Bowl 2009 tickets, I can see where customers are coming from complaining that their DIBZ turned out to be bogus. That said, the terms clearly spelled out the differences between the two marketplaces and if the plaintiffs are using FirstDIBZ as a way to skirt the rules, I'm not sure how much sympathy they deserve.

Either way, an interesting case.

Posted by Venkat at 10:28 AM | E-Commerce , Licensing/Contracts , Marketing

July 08, 2010

Griper Gets Attorneys' Fees After Successful Defense--Career Agents v. Careeragentsnetwork.biz

By Eric Goldman

Career Agents Network, Inc. v. Careeragentsnetwork.biz, 2010 WL 2632298 (E.D. Mich. June 29, 2010). The CMLP page.

The underlying dispute involves a non-commercial gripe site. The trademark owner sells a type of "business in a box" (like a franchise). The defendant was an unhappy buyer of the "business in a box." The defendant set up a gripe site, warned potential buyers that they weren't likely to recoup their investment, and then SEOed the gripe site. In late February, the court dismissed trademark infringement and ACPA claims on summary judgment. Career Agents Network v. careeragentsnetwork.biz, 2:09-cv-12269-RHC-MJH (E.D. Mich. Feb. 26, 2010). I didn't blog the February decision because it seemed rather straightforward, but other people covered the decision (Wendy Davis, Tom O'Toole, Ars Technica).

Having dispatched the underlying lawsuit, the defendant moved for attorneys' fees under the Lanham Act fee-shifting provision. The court says that the plaintiff's ACPA claim became objectively unreasonable when plaintiff realized that the griper was a disgruntled customer (i.e., bummed-out business buyer) rather than a competitor or cybersquatter (cite to the Sixth Circuit's 2004 Lucas Nursery case, binding law on this court). The trademark claim was "weak but colorable" because the domain name didn't include the "sucks" suffix. (In this era, try to find me a trademark case that isn't colorable at some level). In terms of the plaintiff's subjective intent, "the court finds that Plaintiff's principal motivation was to silence Defendant White's criticism of Plaintiff's business." The court also praises the defendant's persistence given his counsel's settlement advice and an initial TRO loss.

In theory, the court could have just awarded the ACPA fees and excluded the trademark fees, but the court says the entire lawsuit "stood on thin ice" and therefore gives the whole enchilada to defendant. The court does take a haircut on the fees associated with seeking the fee award--too high an hourly fee for too many hours for a fee request motion the court unfairly characterizes as "only as difficult as shooting fish in a barrel." Nevertheless, the defendant got a lot of what it asked for--a total fee award of $23k. All told, this is another case where a plaintiff picked a fight only to end up writing a check to the defendant. Another poor enforcement decision by a plaintiff.

UPDATE: Paul Levy provides a behind-the-scenes look at this ruling.

Posted by Eric at 08:36 AM | Domain Names , Trademark | TrackBack

July 07, 2010

Q2 2010 Quick Links Part 2

By Eric Goldman

Marketing and Advertising

* Good talk from FTC Chair Leibowitz: “we have great hopes for self-regulation….So long as self-regulation is making forward progress, the FTC is not interested in regulating” behavioral targeting.

* NYT on teaching middle schoolers how to interpret ads. We're going to need to teach kids how to consume information if we have any chance to survive infoglut.

* The LA Times and Chicago Tribune are integrating paid text links into story content.

* Search Engine Land: Google: Now Recommending Brands For Searches.

* Keeller v. Groupon Inc., No. 10 CH 8666 (Ill. Cir. Ct. Cook Cty. March 2, 2010). Groupon settles lawsuit over expired and unused coupons.

* NYT: Online coupons may not be as anonymous as people assume.

* An inside look at the MPAA's self-regulatory effort to police movie ads.

* Avi Goldfarb & Catherine Tucker, Privacy Regulation and Online Advertising.

* Microsoft sues for click laundering. Coverage at Search Engine Land and WSJ

* The FTC shut down Pricewert/3FN.net.

Contracts

* News.com: Second Life sued by its users for changing the terms of land “ownership.” Evans v. Linden Research complaint.

* Shell v. AFRA: website venue selection clause not binding just because web visitors viewed it.

* Omri Ben-Shahar & Carl E. Schneider, The Failure of Mandated Disclosure. This paper shows why mandatory disclosures fail in part because regulators think in terms of what consumers SHOULD want to know rather than what information consumers ACTUALLY want to know.

* WaPo: Reality TV secrets are hard to keep in the age of social media. My 2003 analysis of using contract law to keep reality TV secrets.

* Want to be on the TV show Survivor? Check out its contract first.

* Anderson v. Bell, No. 20100237 (Utah June 22, 2010): “electronic signatures may satisfy the Election Code’s requirements under section 20A-9-502 regarding unaffiliated candidates wishing to run for statewide office.” Tom O’Toole’s writeup.

Trademarks/Copyrights

* Jim Jansen: “Only 4% of sponsored ads were triggered by competitors’ trademarked terms. When it does happen, the results are pretty much what consumers are use to seeing, so there doesn't appear to be many negative consequences….Thus, competitive use of trademarked terms to trigger online ads does not appear to be a widespread phenomenon and is similar to the query suggestion feature that many search engines employ.”

* Michael Geist on the first Canadian keyword advertising ruling (a nice defense win).

* 2010 Joint Strategic Plan on Intellectual Property Enforcement.

* Qassas v. Daylight Donut Flour Company LLC, No. 09-663 (N.D. Okla. June 10, 2010). A company and its entrepreneur are liable for their web developer's infringements when creating the company's own website.

Miscellaneous

* Stephen Wu on Estate Planning for Online Assets

* Declan at News.com lauds Justice Stevens' Internet jurisprudence. We owe Justice Stevens many thanks for helping the Internet bloom.

* Anthony v. Yahoo!, Inc., 2010 WL 1552819 (9th Cir. April 20, 2010). Upholding Yahoo's settlement in a class action lawsuit over its online dating site. My original blog post on the case.

* Tom O'Toole reports on various stupid state efforts to regulate technology, inadvertently making the case that they are a terrible laboratory of experimentation.

* Vacation Club Services Inc. v. Rodriguez (M.D. Fla. April 22, 2010). No CFAA action against the buyer of data from a database the seller allegedly acquired in violation of the CFAA.

* Lawyers behaving badly on the Internet.

* 23 state AGs have contacted Topix about its takedown procedures, including its fee for expedited takedown review.

Posted by Eric at 03:18 PM | Copyright , E-Commerce , Licensing/Contracts , Marketing , Privacy/Security , Search Engines , Trademark , Virtual Worlds | TrackBack

Scribd Can't Shake Copyright and Publicity Rights Lawsuit on Motion to Dismiss--Williams v. Scribd

By Eric Goldman

Williams v. Scribd, 3:09-cv-01836-LAB -BGS (S.D. Cal. June 23, 2010).

Larry Williams has written several books on commodities trading (their titles suggest they fit into the "Make Money Fast" genre). He alleges that rogue Scribd users, including the alias “GalaxiaMia Guy” [is it this user?], have repeatedly posted his books to Scribd. Williams sued Scribd for direct, contributory and vicarious copyright infringement and publicity rights misappropriation. The first amended complaint.

Scribd moved to dismiss but ran into a judge who appears to be a stickler about letting unmeritorious cases survive to summary judgment rather than crunching them quickly on 12(b)(6). The judge does nix the direct copyright infringement claim against Scribd. The judge notes Williams' only argument in support of direct infringement is that GalaxiaMia Guy is “friends” on Scribd with Scribd's CEO Trip Adler. Williams seems to think they are in cahoots with each other, but the judge rejects this ill-formed suspicion.

Along the way, the judge snarkily laments: "it’s no secret that the ‘friend’ label means less in cyberspace than it does in the neighborhood, or in the workplace, or on the schoolyard, or anywhere else that humans interact as real people." Ouch! I'm guessing the judge isn't a power Facebook user.

Then again, I don't understand the "friend" vernacular on Scribd. Scribd allows people to "subscribe" to each other's feeds--like a “follow” on Twitter, it isn't mandatorily reciprocal like a Facebook “friend.” Trip Adler has over a half-million subscribers on Scribd, so if GalaxiaMia Guy was one of those half-million, that doesn't mean anything. No matter what, the judge repeatedly says the "friends" argument is altogether irrelevant.

[This may be a good time to mention that I have been regularly using Scribd to post source materials. I often don't blog about what I post; in some cases, I don't even announce the posting to Twitter. So if you want to see everything I'm posting to Scribd, you can subscribe at Scribd.]

The court rejects Scribd’s motion to dismiss the contributory and vicarious infringement claims as well as Scribd’s 512 defense, all on the same basis that a 12(b)(6) is too early to make a decisive call. For example, regarding the 512 safe harbor, the court says that's properly awarded on a 12(b)(6) only "where the answer to the question is nearly obvious," which apparently isn't the case here. The court also breezes through a 47 USC 230 defense to the publicity rights claim, rejecting the immunity on a motion to dismiss "[b]ecause there are open questions in this case about the extent to which Scribd participated in the alleged infringement." Of course, many cases have granted 230 immunity on a motion to dismiss, but I'm guessing none of those were in front of Judge Burns.

Although Williams' complaint lives to see another day, it’s also clear that Williams will ultimately lose. The judge disparages the complaint (the complaint "isn’t a model of lucidity"), criticizes plaintiff's counsel for various factual omissions in the complaint (which "risks denting his credibility"), calls the remaining copyright claims "thin" and invites Scribd to seek summary judgment ("Scribd seems to have all of its arguments for summary judgment already teed up"). The judge continues:

Based on the evidence and the pleadings, the Court is inclined to say that it appears Scribd has the better arguments in this case; Scribd’s motion to dismiss is largely denied only because it is too early to raise those arguments. Williams should give serious consideration to whether he sincerely believes Scribd does not qualify for the safe harbor protections of the DMCA, as well as whether Scribd did not act as expeditiously as possible to remove Williams’s copyrighted works from its website as soon as it was asked to do so.

With a warning to the plaintiff like that, this case is an excellent candidate for a fee award to Scribd under 17 USC 505 when Scribd wins. I'll be interested to see if the judge remains irascible when it comes time to penalize Williams for wasting everyone's time.

Ben Sheffner has also blogged the case.

BONUS Blog Coverage! (kind of like a hidden track on a record album)

This is also an opportune time to note a recent ruling in Perfect 10 v. RapidShare, another opinion involving secondary copyright infringement also from the S.D. Cal. (in front of Judge Huff instead of Judge Burns). Like Scribd, RapidShare is a UGC web host that's agnostic about the types of content users publish; like Williams, Perfect 10 is a wild-eyed plaintiff.

However, unlike Scribd, RapidShare isn't eligible for the 512 safe harbors because it has not made the requisite Copyright Office filing. RapidShare is also unusual because it lacks any internal search functionality or navigation structure. Instead, each user self-publicizes the file's URL.

Procedurally, Perfect 10 faced a higher burden of proof than Williams because Perfect 10 requested a preliminary injunction, which requires the court to consider Perfect 10's likelihood of success.

Perfect 10's direct copyright infringement claim, based on a 106(3) distribution, isn't likely to succeed because RapidShare never indexes the file itself. The court also rejects an inducement claim.

Regarding contributory infringement, without 512 eligibility, Perfect 10 does not need to send 512(c)(3) notices. Instead, per Perfect 10's typical modus operandi, Perfect 10 simply sent a disk containing its copyrighted photos and basically told RapidShare to block those photos. The court says the disk delivery gave RapidShare actual knowledge of infringement. Wow. I miss 512(c)(3) after all!

Nevertheless, RapidShare does not make a material contribution because "RapidShare does not provide an integrated service that allows users to locate and download infringing files." Further, even though Perfect 10 didn't identify infringing URLs, RapidShare's other remediation efforts led the court to conclude that "RapidShare is using information provided by Plaintiff to locate and remove infringing materials, and is also taking independent steps to identify, locate, and remove infringing files." Therefore, "RapidShare is [not] failing to take simple measures to prevent further damage to Plaintiff’s copyrighted works."

Following this ruling, RapidShare countersued Perfect 10 for being a "copyright troll." I'm not sure about the legal merits of RapidShare's countersuit, but I heartily applaud its sentiments!

Posted by Eric at 08:31 AM | Copyright , Derivative Liability , Publicity/Privacy Rights | TrackBack

July 06, 2010

Puzzling 9th Circuit Dilution Opinion Over eVisa.com--Visa v. JSL

By Eric Goldman

VISA International Service Ass'n v. JSL Corp., No. 08-15206 (9th Cir. June 28, 2010)

A number of us in the trademark community are scratching our heads at last week's Ninth Circuit trademark dilution opinion, authored by Judge Kozinski. The case involves evisa.com, run by Joseph Orr. The domain name's origin is explained:

Orr traces the name eVisa back to an English language tutoring service called “Eikaiwa Visa” that he ran while living in Japan. “Eikaiwa” is Japanese for English conversation, and the “e” in eVisa is short for Eikaiwa. The use of the word “visa” in both eVisa and Eikaiwa Visa is meant to suggest “the ability to travel, both linguistically and physically, through the English-speaking world.”

We might be skeptical of this explanation, but the case poses two doctrinal problems for dilution. First, eVisa.com is not the same trademark as "Visa." As the opinion says, the "marks here are effectively identical." Well, yes and no. We have a line of cases ignoring the top level domains in trademarks, and many cases ignore an "e" or "i" prefix in Internet-related trademarks. But they are not literally identical, and given dilution's power to preempt all uses of a trademark irrespective of confusion, we have to tread carefully when extending protection beyond truly identical uses. The opinion treats this issue too breezily.

Second, and perhaps more importantly, the word "Visa" already has several dictionary definitions. This poses a problem for the blurring analysis. Visa the trademark can't co-opt the existing dictionary meanings. So does dilution-by-blurring mean that Visa the trademark can preempt every non-dictionary commercial use of the word? That seems to be a logical implication of this opinion. The court says "despite widespread use of the word visa for its common English meaning, the introduction of the eVisa mark to the marketplace means that there are now two products, and not just one, competing for association with that word."

Even so, the defendant argued it was using eVisa to invoke the dictionary meaning of the term Visa, i.e., Visa as a passport for Japanese who are going to travel to an English-speaking country. If the dictionary meaning isn't covered by the trademark, it seems logical that everyone should be free to suggest the dictionary meaning in their own trademarks. On that basis, if we believe the defendant's explanation for how it ended up using eVisa.com, the defendant should be in the clear.

Yet, instead, Visa the trademark wins the blurring case. The opinion treats the defendant's suggestion of the dictionary meaning as a "multiplication" of the word's meaning: "these allusions to the dictionary definition of the word visa do not change the fact that JSL has created a novel meaning for the word: to identify a 'multilingual education and information business.'" Apparently, any use of a dictionary word for anything other than a literal invocation of its dictionary meaning could now support a dilution claim.

This case has been floating around since 2002, so perhaps it's not surprising that the entire dispute seems a little old-school. The ruling reminded me a lot of the 1990s pre-ACPA domain name disputes where courts were so frustrated with cybersquatters that they stretched dilution law well beyond its intended scope because dilution was the only tool to effectively nail cybersquatters. Many of those dilution-stretching cases dropped away after the ACPA provided a better anti-cybersquatting tool for judges, and in some ways, the 2006 TDRA has made it even harder to use dilution in a domain name enforcement action. That makes this case that much more anomalous. Putting aside the law, it's logical to say that Visa the trademark should be the owner of eVisa.com. Yet, because infringement and the ACPA weren't getting the job done, the panel expands (bastardizes?) dilution law to make it happen. The outcome may make sense, but the intellectual shortcuts along the way are still a little cringe-inducing.

One final sour note in the opinion. The opinion says that plaintiffs can rely solely on intuition-based arguments to support their likelihood of dilution cases. The court says "a plaintiff seeking to establish a likelihood of dilution is not required to go to the expense of producing expert testimony or market surveys; it may rely entirely on the characteristics of the marks at issue." This is deeply troubling ruling for 9th Circuit law (now reversible only through an en banc opinion). We have never been clear what evidence was required to support a plaintiff's "likelihood of dilution" showing, but I had always assumed the plaintiff had to show some evidence, i.e., greater than zero. So now, what exactly must a plaintiff show to establish its prima facie dilution case? Under the 9th Circuit's standard, apparently anything that can convince a judge.

This case's tortured application of dilution law is a good excuse for me to remind you: if you haven't been there before (or recently), check out the materials from the High Tech Law Institute's 2007 academic symposium on trademark dilution, where we attempted to come up with good rationales for the dilution doctrine and largely struck out.

Posted by Eric at 11:20 AM | Domain Names , Trademark | TrackBack

July 05, 2010

Q2 2010 Quick Links Part 1 (Content Regulation Edition)

By Eric Goldman

Online Publication

* Too Much Media, LLC v. Hale, 2010 WL 1609274 (N.J. Super. A.D. April 22, 2010). Curating blogger and message board commenter does not qualify for New Jersey's reporter shield law. The case also says that online defamation is libel, not slander (to the extent it makes a difference).

* Insightful interview with the FTC's David Vladeck. "We did not do a good job with the...Endorsement Guides [rollout]." Really…you think? The latest "guidance" from the FTC, the Facts for Businesses, hardly improves the situation.

* Former nurse charged with encouraging other folks in Internet chat rooms to commit suicide, which at least two did.

* Brayshaw v. Tallahassee, 4:09-cv-00373-RS-WCS (N.D. Fla. April 30, 2010) Publishing personal information about police officers to Ratemycop.com is protected by the First Amendment.

* Mortgage Specialists v. Implode-Explode Heavy Industries (N.H. Sup. Ct. May 6, 2010). Dissolving an injunction against a website republishing user-submitted comments on First Amendment grounds.

* Jiron v. Jiron, 2010 WL 1978704 (Ind. App. Ct. May 18, 2010). Mom giving a 10 year old unsupervised access to a MySpace account (and listing his age as 19) was a factor in Mom losing custody rights.

* McGee v. Patel, 2010 WL 1838621 (Cal. App. Ct. May 7, 2010). Ex-boyfriend sets up a password-protected blog and writes about his ex-girlfriend and her new boyfriend. The ex-girlfriend has a password to the blog, and she gives her new boyfriend the password after seeing blog postings threatening him. The ex-boyfriend says he didn’t expect the new boyfriend to be reading the blog because:

[California Penal Code] Section 502 provides that it is a public offense for a person to “[k]nowingly and without permission provide[ ] or assist[ ] in providing a means of accessing a computer, computer system, or computer network....” or to “[k]nowingly and without permission access[ ] or cause[ ] to be accessed any computer, computer system, or computer network.” There is nothing in the record to suggest that appellant's blog could be considered a “computer, computer system, or computer network.” More importantly, it is clear that respondent had J.S.'s permission to use her personal password to access appellant's blog, and respondent therefore was not acting “without permission” when he read appellant's posts.

I think this is wrong on two fronts. The servers hosting a blog should qualify for 502 protection, and an authorized user can’t share passwords without permission and have all of the password recipients also become authorized users.

* Edelman v. Croonquist, 2010 WL 1816180 (D.N.J. May 4, 2010). Court dismisses mother-in-law’s lawsuit that a comedienne’s shtick constitutes defamation, false light or infliction of emotional distress because the jokes were non-actionable opinions, not statements of fact.

* NY Times on the difficulties that schools have policing/responding to cyberbullying.

* JC v. Beverly Hills Unified School District, 2010 WL 1914215 (C.D. Cal. May 6, 2010). “Plaintiff's geography-based argument-i.e., that the School could not regulate the YouTube video because it originated off campus-unquestionably fails.” However, “the Court finds that no reasonable jury could conclude that J.C.'s YouTube video caused a substantial disruption to school activities, or that there was a reasonably foreseeable risk of substantial disruption as a result of the YouTube video…. C.C. felt embarrassed, her feelings were hurt, and she temporarily did not want to go to class. These concerns cannot, without more, warrant school discipline.”

* Insider Pages has launched a new doctor review website called Doctor Finder. Some of the data comes from HealthGrades (not a blog favorite). I’ll be interested to see how Medical Justice feels about Doctor Finder.

Pornography

* U.S. v. Strayer, 2010 WL 2560466 (D. Neb. June 24, 2010):

The court finds the seventeen-and-a-half to twenty-year sentence recommended under the Guidelines (based on the imposition of numerous and excessive enhancements for circumstances that appear in nearly every child pornography case such as use of the Internet, amassing numerous images, possessing images of prepubescent minors and violence, and some “distributing” of images in return for other images) is greater than necessary to protect the public and to deter Strayer from re-offending. The mandatory minimum sentence of five years is appropriate to achieve the goals of sentencing in this case. Five years is a significant term of imprisonment for a first offender. The public will be adequately protected by a five-year term of supervised release with strict conditions and by the provision of mental health treatment and sex offender treatment to Strayer.
The mere fact of the prosecution of these cases arguably deters others from engaging in this sort of conduct. The additional deterrent value of a sentence any longer than five years would be marginal. With respect to general deterrence, although conduct like Strayer's may sustain the market for child pornography, much of that market is driven by compulsive behavior that arguably will not be deterred in any event. The deterrent effect of a lengthy sentence is further lessened by the international character of the market for child exploitation offenses. To the extent that harsh punishment is necessary to deter harm to children, punishing a less-culpable offender as harshly as the worst does not satisfy the goals of sentencing and encourages disrespect for the law.

* American Booksellers Foundation for Free Expression v. Strickland, 2010 WL 1488123 (6th Cir. April 15, 2010). Upholding a state restriction on distributing "harmful to minors" material. Shades of O'Connor's concurrence/dissent in Reno v. ACLU.

* United States v. Richardson, No. 09-4072 (4th Cir. June 11, 2010). AOL, as an email service provider, was not a government agent when it automatically searched its network for child porn and then complied with its statutory child pornography reporting obligations.

47 USC 230

* The Ohio Attorney General has weighed in on myTriggers’ side in the myTriggers v. Google antitrust lawsuit, arguing that 47 USC 230(c)(2) doesn’t protect Google. For more on the myTriggers & TradeComet antitrust lawsuits against Google, see this interesting American Lawyer article.

* ReputationDefender’s GC on 47 USC 230 and the Internet's maturation. When he says "near-perfect anonymity is easily achieved," he might want to check with the AutoAdmit defendants to see if they agree!

Posted by Eric at 09:57 AM | Content Regulation , Derivative Liability | TrackBack

July 02, 2010

Idaho District Court Dismisses CAN-SPAM Claims Due to Non-ISP Status -- Melaleuca, Inc. v. Hansen

[Post by Venkat]

Melaleuca, Inc. v. Hansen, Case No. CV 07-212-E-EJL-MHW (D.Id; June 29, 2010)

A federal magistrate judge in the District of Idaho dismissed spam claims brought by Melaleuca, Inc., in a (recommended) decision that's not particularly noteworthy, except for the fact that it's a carbon copy of Gordon v. Virtumundo.

Background: Hansen was an "independent marketing executive for a multi-level marketing company called ITV." Melaleuca was and is engaged in a similar business. Melaleuca "encourages its customers to become marketing executives by referring family and friends to Melaleuca to purchase its products and allowing them to earn commission on any orders made by the referred individuals." (Sounds Amway-like, from what little I know of Amway, but that's neither here nor there.) Hansen sent out emails while working for ITV inquiring as to whether the recipients "would be interested in hearing about a new business opportunity." Some of his emails were sent to Melaleuca marketing executives.

Melaleuca used an email service called "iglide.net," through which it provided email services to its customers. Melaleuca also used an ISP called "IP Applications," through which it provided internet access to its customers. It did not have control over (or even access to) the hardware that enabled the internet access. According to the court, Melaleuca was a customer of IP Applications and iglide.net, and simply made the services provided by these companies available to its customers.

Discussion: The court holds that Melaleuca did not fall under the definition of an "internet access provider," citing to the fact that Melaleuca did not play more than a "nominal role" in providing internet-related services. The court also finds that even if Melaleuca falls under this definition, it could not maintain claims under CAN-SPAM because it was not "adversely affected." In Virtumundo, the court noted that Congress intended private CAN-SPAM plaintiffs to be able to sue only when they suffer the type of harm that is "uniquely encountered by IAS providers." Typical consumer harm - such as calling technical support and having to undergo the inconvenience of deleting unsolicited emails - did not suffice. Melaleuca did not put forth evidence that it required hardware upgrades or even more bandwidth due to the emails at issue (or as a result of increased spam in general). No luck for Melaleuca.

Melaleuca argued that it obtained an assignment of claims from its ISP, but the court found that the assignment could not rescue Melaleuca's claims. The assignment occurred more than a year after the case was filed. (The precise nature of the relationship between Melaleuca and the ISP is unclear, but if nothing more, the assignment shows that they are friendly parties.)

The court declines to address Hansen's preemption arguments as to the state law claims, leaving those to be addressed in state court. While Melaleuca has another shot at its state law spam claims, it may have to contend with some sort of adverse fee award, which the court may well award to Hansen.

Related: Professor Goldman previously posted on another dispute involving Melaleuca, this one involving an expedited DMCA subpoena which also touched on the copyrightability of a take-down letter: "Co-Blogger Identity Isn't Disclosed via 512(h), but Takedown Letters Are Copyrightable."

Posted by Venkat at 11:30 AM | Spam

OECD Project on Internet Intermediaries, Part 2

By Eric Goldman

As I mentioned last week, in June I went to Paris to participate in an OECD Experts Workshop on Internet Intermediaries. At the end of the day, I was one of several people to try to summarize the day's lessons. The notes for my 5 minutes of remarks:
______

My remarks: 2 big points that are clear and some implications that are less clear

1) Clear: intermediaries play an important role on the Internet. This workshop effectively rejects the Internet as disintermediator (as contemplated in the late 1990s).

1a) Less clear: what constitutes an Internet intermediary, and what common properties they share. Among other things, different intermediaries face very different competitive environments (different entry barriers; lots of competition vs. little vs. non-commercial) and have different consumer relationships (free, subscription, B2B/no interaction at all).

1b) Less clear: how Internet intermediaries have different properties than offline intermediaries. In that sense, this workshop embodies Internet exceptionalism.

2) Clear: Internet intermediaries have the technical capacity to prevent harms. But other than violating the laws of physics, anything is possible with the proper application of time and money. As Archimedes pointed out, with a long enough lever, we can move the earth.

2a) Less clear: the overall consequences of deputizing intermediaries to exercise that capacity for the government.

2b) But some likely consequences:

• deputization shifts financial burdens from government to private actors, and that makes it harder for free-to-consumers Internet services and can entrench big players to the exclusion of new entrants.

• Moral hazard—the consumers’ interests in privacy and free speech may conflict with the intermediaries’ profit-maximizing choices.

2c) Possibly clear: if we deputize intermediaries, we expect that the deputization will incorporate “due process” like government proceedings would. Prof. Mueller offered some possible elements:

• transparent process
• accurate disposition
• accountability and right of redress
• minimize collateral damage
• remedy proportionality
• respects personal data obligations and user privacy
______

Lillian Edwards provided a partial summary of the day's proceedings.

As part of the workshop, in April, the OECD issued a report entitled "The Economic and Social Role of Internet Intermediaries." I'm not sure what to say about the report except that its definitional problems seem apparent. Also, it may seem odd to most cyberlaw academics to try to address the universe of "Internet intermediary" legal issues in a single project.

Posted by Eric at 07:05 AM | Derivative Liability | TrackBack

July 01, 2010

Recent Anti-SLAPP Developments

By Eric Goldman

As you may recall, I have endorsed HR 4364, the Proposed Federal Anti-SLAPP Bill. This blog post catches up on some recent anti-SLAPP developments both in and out of the courtroom.

First, many of you probably saw the NY Times article from the beginning of June entitled Venting Online, Consumers Can Find Themselves in Court. The article didn't break a lot of new ground, but I thought it did a great job calling attention to and framing the issues.

Second, HR 4364 now has three co-sponsors: Rep. Steve Cohen (D-TN9) (the bill's author), Rep. Charles Gonzalez (D-TX20) and, most recently, Fortney "Pete" Stark (D-CA13). Kudos to these visionary legislators! I hope other organizations and legislators will join the effort.

Third, a few words about three recent California anti-SLAPP cases have caught my attention (at some point I'll also blog separately about the DC v. RR case that's been sitting in my in-box for months):

Gibson v. Swingle, 2010 WL 2136655 (Cal. App. Ct. May 28, 2010)

Gibson is an attorney. The court recounts his travails:

Swingle submitted a declaration in which he admitted having posted messages on Craigslist.org accusing Gibson of breaking laws, using illegal drugs, harassing and stalking people, frequently using profanity, being mentally ill, and threatening people with violence. Swingle admitted he created a blog through Google Inc. [www.richardhilarygibson.blogspot.com, now defunct] and posted messages on it accusing Gibson of offering a reward for the murder of someone, threatening to blow up someone's car, threatening the image of then-presidential candidate Barack Obama, using illegal drugs, stalking people, expressing contempt for the Bible, making racist remarks directed at Mexican-Americans, and being a "perv." Swingle said he had "sent e-mails out regarding Mr. Gibson."

A little more background on the situation. Gibson initially sued Doe defendants but later named Swingle and his trust fund as defendants. Swingle countersued Gibson and then filed an anti-SLAPP motion. The appellate court rejects the anti-SLAPP motion because Swingle's speech lacks sufficient public interest. As the court says in a fairly abbreviated analysis, "the claims are based on Internet posts describing Gibson's alleged character flaws and his alleged illegal or otherwise improper conduct."

From my perspective, the court's conclusion about the lack of public interest seems plainly wrong. An attorney allegedly engaged in illegal activities should almost always qualify as having sufficient public interest. Further, to the extent Swingle was trying to educate potential customers/clients of Gibson, I personally believe that should qualify as a public interest as well. Under the proposed federal anti-SLAPP law, I believe it would.

Navarro v. Cruz, 2010 WL 2183227 (Cal. App. Ct. June 2, 2010)

Navarro runs a placement agency for foreign teachers looking for US teaching jobs. Cruz retained Navarro for placement services, but I'm inferring that didn't work out. Cruz then allegedly set up a blog, Pinoy Teachers Hub, "alleged to contain false and defamatory statements accusing Navarro and UPI of fraudulent business practices and crimes." (I say Cruz was allegedly the author because apparently that was a point of contention).

Like the Gibson case, the parties disputed the public interest of the blog. The court concludes that the blog satisfied the standard because:

the blog addressed issues ranging beyond the specific wrongs and breaches claimed to have been suffered by its writer, on issues such as immigrant exploitation, fraud, and substandard housing. These issues would affect and would be of interest to many present and future immigrant teachers-including not just those who had allegedly been victimized, and not even just those who had actually contracted with UPI, but also those who might be considering becoming immigrant teachers through UPI or other such agencies. And the blog expressly sought to rally others to support changes in the claimed practices and in the contractual and other requirements that foreign teachers believed they were forced to accept, and encouraging others "to 'stand up' to pursue a common goal" involving an ongoing controversy.

It's not clear to me how this differs from the Gibson case. In both cases, the published material was designed to educate a vendor's future customers about why they may want to choose a different vendor. In the Cruz case, it looks like the blog was more overtly activist than the personal griping in the Gibson case. Further, in the Gibson case, there was an undercurrent that the court simply didn't believe the griper and thus gave his statements less credit. Otherwise, to the extent they are not factually distinguishable, I think this case gets it right and the Gibson case got it wrong.

The trial court awarded over $31k in attorneys' fees to Cruz. The appellate court remanded to make sure the fee award did not include "fees and costs for the trial court proceedings...not incurred in connection with or necessary to the anti-SLAPP motion."

Calibra Pictures, Inc. v. Variety, BC 433 320 (Cal. Superior Ct. May 12, 2010)

Calibra produced the movie "Iron Cross." It also was a Variety magazine advertiser. Perhaps not surprisingly, Calibra was unhappy when Variety published a negative review of Iron Cross in its print and online editions. Surprisingly, Calibra sued Variety for the negative review, and Variety responded with an anti-SLAPP motion. The court says that Variety qualifies as a public forum and the "widespread interest" in the movie, such as high demand for screener DVDs, made the critical review a matter of public interest.

Thus, the burden shifted to Calibra to make a prima facie showing of its case. The breach of implied covenant of good faith and fair dealing failed because the court believed Variety had an effective church/state division between its advertising sales and editorial department. The negligence claim failed because Variety had no duty outside the contract. The court breezily dismissed the other soft tort claims and awarded Variety its attorneys' fees.

This is a nice ruling because it reinforces that product reviews can be protected by anti-SLAPP doctrines. It also shows that advertisers, unhappy that a publication running a negative review of them while taking their advertising dollars, can't easily find a way to sue based on the factual correlation.

Posted by Eric at 08:48 AM | Content Regulation | TrackBack