« May 2011 | Main | July 2011 »
June 29, 2011
Court Dismisses Misappropriation Claims Against Facebook Over Its Friend Finder Service -- Cohen v. Facebook
[Post by Venkat Balasubramani]
Cohen v. Facebook, C 10-5282 RS (N.D. Cal. June 28, 2011)
There are a slew of publicity rights lawsuits pending against Facebook. This one alleged that Facebook misappropriated the names and likenesses of Facebook users by suggesting to Facebook users that their friends had utilized the "Friend Finder" service. (Ironically, Facebook's friend finder service looks similar to the service Power.com offered and which Facebook is trying to shut down.) Plaintiff brought a putative class action, alleging state law misappropriation, Lanham Act, and unfair competition claims.
Facebook's user agreement: Facebook argued that the consent contained in Facebook's terms of use barred plaintiff's claims. Facebook argued that its terms contained a broad license that was limited only by privacy settings for particular types of content:
For content that is covered by intellectual property rights, like photos and videos ('IP content'), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free license to use any IP content that you post on or in connection with Facebook ("IP License").
According to Facebook, an end user's name and profile picture have no privacy settings and therefore there were no limitations on the clause quoted above (i.e., no limitations on Facebook's right to use end user photos and user names). Judge Seeborg, disagreed, noting that:
a more natural reading of the provision is that it gives Facebook a worldwide license to reproduce any pictures or text posted by a user, subject to any privacy settings, that would insulate it from any copyright claims by the user, whether or not the reproduction was made on 'Facebook'.
Facebook also argued that its users had no expectation of privacy in their name or profile picture, but the court notes that this does not bar a user claim for publicity rights. It's one thing to disclose a person's name and it's another to use it for endorsement purposes. Although the discussion is slightly confusing, the court's conclusion was that it's not totally clear that Facebook's terms freely allow Facebook to exploit a user's publicity or personality rights in this manner. The court also noted that there was nothing in the terms which ostensibly allowed Facebook to disclose to other users what services a particular user utilized. [Ouch! I think the conclusion is debatable, and despite Facebook's clunky user agreements, the quoted language is broad. To be on the safe side, if I were Facebook, I would expressly reference publicity and personality rights.]
Plaintiff did not sufficiently allege injury: In order to make out a claim for misappropriation of publicity rights, the plaintiff has to allege injury. Although plaintiff included a conclusory allegation in the complaint that she "suffered injury-in-fact," plaintiff did not allege any harm whatsoever. Injury to feelings is sufficient to assert a publicity rights claim, but plaintiff failed to allege this. Plaintiff argued that she was entitled to statutory damages even absent a showing of harm, but the court disagreed. Under the case law, a plaintiff who suffers no economic loss but suffers emotional harm may be entitled to the minimum damages amount, but plaintiff failed to allege that she suffered any "mental anguish" as a result of Facebook's alleged misappropriation.
Plaintiff's lack of commercial interest in her name undermines Lanham Claim: With respect to the Lanham Act claim, the court held that plaintiff had to allege some "commercial interest" in his or her name in order to assert a Lanham Act Claim. While the plaintiff need not be in "actual competition" with Facebook, the plaintiff had to have some "economic interest" in her name "akin to that of a trademark holder." Plaintiff argued that she had a commercial interest (at least within the group of her Facebook friends) but the court rejects this argument.
Unfair competition: Plaintiff's unfair competition claims was derivative of her publicity rights claims and therefore were dismissed. The court also adds that apart from the injury issue, plaintiff is not likely to be able to show that she has lost "money or other property." The remedies available via a section 17200 action have been sharply limited in recent years, and if a plaintiff cannot show that Facebook wrongly took money or property belonging to plaintiff, he or she will be out of luck. The fact that Facebook offers a free service to end users makes section 17200 claims useless for anything other than prospective injunctive relief. (One or two cases have recognized that personal information can constitute "property," but the court does not discuss that possibility here. See "Judge Recognizes Loss of Value to PII as Basis of Standing for Data Breach Plaintiff".)
__
I'd characterize this as a partial win for both sides. Judge Seeborg's view that the Facebook end user agreement did not bar the misappropriation claims has to make Facebook nervous. On the other hand, if plaintiffs are going to have to show that they suffered "mental anguish" as a result of Facebook's use of their names and profile photos and they have an economic interest in their names, these present obvious barriers. [I can just imagine Facebook's investigators trolling the internet for examples of use by plaintiffs of their own photos and names on other sites or on Facebook, to show that plaintiffs did not really exert any control over use of their names and photos by third party websites.]
Facebook may also have an opportunity to argue that the claims are not amenable to resolution on a class-wide basis, given that individual facts may affect the determination of whether a particular user suffered "mental anguish" as a result of Facebook's use of plaintiffs' photos and user names.
Of course, the reality is that this is a cobbled together class action based on allegations of harm that are tenuous at best. The result may be different if plaintiff alleged that Facebook used plaintiff's name and likeness to advertise third party products or services or even promote something outside the Facebook ecosystem, but telling someone's Facebook's friends that they used the "friend finder" services sounds like a weak publicity rights claim at best.
Plaintiff may be able to amend and get past another motion to dismiss, but this lawsuit will probably be shuttled to the dustbin of internet privacy lawsuits in short order.
Posted by Venkat at 03:14 PM | Licensing/Contracts , Marketing , Publicity/Privacy Rights
Recapping Righthaven Developments from the Past Two Weeks
By Eric Goldman
I blogged about Righthaven two weeks ago ("Righthaven Benchslapped in Ruling Saying It Lacks Standing") and then went offline during a business trip to Russia (I have more to say about that trip shortly, but you can see the photos now). A lot has happened in the intervening two weeks, and this post catches up on the action.
Righthaven v. Hoehn, 2011 WL 2441020 (D. Nev. June 20, 2011)
In the Democratic Underground case, Judge Hunt said that Righthaven lacked standing because it didn't own or have an exclusive right to the copyright when it filed the complaint. In this ruling Judge Pro, also in the Nevada district, reaches the same conclusion as Judge Hunt. Judge Pro says:
the rights in the copyrighted Work retained by Stephens Media deprive Righthaven of everything except the right to pursue alleged infringers, a right that is still subject to Stephens Media’s oversight
Judge Pro went further than Judge Hunt and rejected the "clarification" amendment between Stephens Media and Righthaven. (Judge Hunt had cast doubt on the amendment's efficacy in a footnote but resolved the case without reaching the amendment's validity). Embracing substance over form, Judge Pro says the amendment "provides Righthaven with only an illusory right to exploit or profit from the Work."
Separately, Judge Pro ruled in favor of Hoehn on fair use. The four factor analysis:
* Nature of use: Hoehn didn't and couldn't profit from the article. Plus, Hoehn was facilitating "comment" when "he posted the Work to foster discussion in a specific interactive website forum regarding the recent budget shortfalls facing state governments."
* Nature of the work: The court says "Roughly eight of the nineteen paragraphs of the Work provide purely factual data, about five are purely creative opinions of the author, and the rest are a mix of factual and creative elements." This is not enough to consider the work a "purely creative work." Plus, this factor "is not terribly relevant."
* Amount used: Hoehn took the whole article but this doesn't preclude a fair use finding.
* Market effect: Righthaven failed to show any evidence that Hoehn's republication harmed it. "Merely arguing that because Hoehn replicated the entirety of the Work the market for the Work was diminished is not sufficient to show harm."
This last point is interesting because fair use is an affirmative defense, so normally the burden is on the defendant to establish the elements. Citing the Ninth Circuit Napster case, the court shifts the burden on the fourth factor to the plaintiff. I think this burden-shift is completely appropriate, especially because everyone (except Righthaven and the newspapers) believe the Righthaven defendants haven't caused any harm to the newspapers. Kudos to the judge for demanding more than Righthaven bluster. (On that front, check out the EFF's mockery of Righthaven's bluster).
Note that Judge Pro didn't rest his fourth factor analysis on the fact that Righthaven acquired the copyright as Judge Mahan did in the Jama/CIO case. Thus, Judge Pro broadened the bases on which the fourth factor could count against Righthaven.
Judge Pro's discussion on the second point (nature of the work) has attracted some criticism, perhaps justifiably so. It's difficult to say that a 19 paragraph editorial doesn't have the same level of creativity as other highly creative works. I tend not to obsess about the details of any fair use analysis given its nature as an equitable defense. The judge was twisting the analysis to make it clear Righthaven should lose. Denigrating the editorial's creativity is an awkward way to get there, but it demonstrates that judges aren't buying what Righthaven is selling.
Overall, Righthaven has lost the following three fair use rulings:
* Realty One. The defendant republished an excerpt, and the court granted the fair use defense on a motion to dismiss.
* Jama/CIO. Full republication of an article qualified as fair use.
* Hoehn. This case also says a full republication is a fair use.
Judge Mahan didn't grant summary judgment on fair use in the Choudry case but I still think Righthaven has a low chance of winning that case. The VCDL case (discussed in a moment) rejects fair use on a motion to dismiss; we'll have to see what the judge thinks after the case is more fully developed.
As a jurisprudential corpus, this fair use caselaw is becoming quite defense-favorable. Steve Green revisits the irony:
Thanks to Righthaven, newspapers and other media organizations now have less copyright protection for their hard-earned content than they did just three months ago. And that’s more than a little odd, given Righthaven’s stated mission of protecting newspapers from online content infringers.
Righthaven v. Barham, 2011 WL 2473602 (D. Nev. June 22, 2011) and
Righthaven v. DiBiase, 2:10-cv-01343-RLH-PAL (D. Nev. June 22, 2011) (see a prior ruling in the DiBiase case)
Citing the Democratic Underground and Hoehn cases, Judge Hunt dismisses both cases for Righthaven's lack of standing. He also dismisses both defendants' counterclaims against Righthaven because Righthaven isn't the copyright owner.
Righthaven v. Virginia Citizens Defense League, 2011 WL 2550627 (D. Nev. June 23, 2011)
Judge Navarro rejected a motion to dismiss on personal jurisdiction grounds. I can't recall Righthaven losing on personal jurisdiction grounds--am I forgetting something?--so that ruling isn't very surprising.
Her next two rulings indicate that she's not a fan of using 12(b)(6) motions to clean out bogus cases early. Many judges have differing views/styles about how aggressively they manage their docket. Judge Navarro appears to subscribe to the "better safe than sorry" approach.
Judge Navarro rejected fair use as grounds for a 12(b)(6) dismissal. The Realty One case notwithstanding, it's rare to win a fair use defense on a motion to dismiss, so Judge Navarro's caution isn't unusual. She does give some guidance about her considerations for a summary judgment motion, including a tidbit that "posting the entire article weighs against fair use if it was feasible for Defendants to just post a link on its webpage." I hope the VCDL defendants will help Judge Navarro understand why a link to the article isn't always as useful as a republication. See, e.g., Steve Green's article on FluTracker's responses to Righthaven's in terroram campaign.
Judge Navarro also rejects the standing issue as grounds for a 12(b)(6) dismissal. She says "the extent of the assignment is generally best determined through the discovery process." In a footnote, she acknowledges the Democratic Underground case, which came out after the defendant briefed the case. My guess is that she will be persuaded on summary judgment.
Despite this failed 12(b)(6) motion to dismiss, it seems inevitable that Righthaven's pending cases will fall like dominoes on the standing ground--if not on 12(b)(6) motions to dismiss, then on summary judgment. Righthaven could amend its agreements with newspapers to fix the standing problem and refile the cases, but this will degrade its already questionable margins. Otherwise, as I mentioned in my Democratic Underground post, losing the standing battle effectively acts as a reset on Righthaven's entire business.
Assessment
Righthaven's business is in tatters. Consider:
* Their existing inventory of cases is shrinking rapidly as judges clear their dockets.
* They are rarely expanding their inventory by filing new cases, probably because they have their hands unexpectedly full fighting tooth-and-nail over their existing cases.
* They have completely alienated the district court judges deciding their cases. As Steve Green says, "it appears federal judges don’t appreciate their courtrooms being used as ATM machines by Righthaven."
* They unquestionably will be writing checks to some defendants in due course, and that's going to take a huge bite out of their revenues to date.
* Given how amateurish Righthaven looks plus the risk of public relations and legal blowback, I can't imagine any new newspapers will sign up for their services in the foreseeable future.
* They have been plagued by staff turnover.
* They are potentially going to answer to the professional disciplinary authorities--a risk exacerbated by their harsh benchslap in the Democratic Underground case.
Short of completing a hail mary pass in the Ninth Circuit, there is only one possible endgame for Righthaven, and it won't be pretty.
Amazingly, Steve Gibson, Righthaven's CEO, continues to publicly deny that his business is going down the toilet. Watch this hilarious video interview where Gibson characteristically engages in misdirection and tendentious sophistry as the moderator justifiably works him over mercilessly.
Disclosure note: One of my ongoing clients was sued by Righthaven and settled its case.
Posted by Eric at 11:52 AM | Copyright | TrackBack
June 28, 2011
"Hot Topics in UGC Liability" Talk Slides
By Eric Goldman
Earlier this month, Internet law superstar Ian Ballon and I spoke for about 90 minutes on hot topics in Internet law. Watch the video by downloading or streaming (item #47) it.
I spoke about recent legal developments related to user-generated content. My talk slides.
In particular, the fourth slide is completely new. It's my initial attempt to catalog some of the abusive takedown practices I'm seeing. If you have thoughts about abuses I should add to the list, please let me know. I think it's important to start cataloging these practices for two reasons. First, should anyone propose mucking with the 230/512 allocation of responsibilities, it may be helpful to plop on the table some proposed defense-oriented statutory fixes to these bad practices rather than just respond to the maximalists' wish list. Second, with so much focus on whether or not there are abusive lawsuits (see, e.g., the farcical DOC report on trademark bullying), it seems useful to catalog some of the bad dispositions we're seeing without the dispute getting into court so that policy-makers can understand the true scope of the issues.
I'm also aggregating lawsuits where affected content publishers have sued the senders of abusive takedown practices. I feel like there's been an uptick of this litigation in the past year or so. If you've seen any lawsuits on that front I haven't covered, please let me know.
Posted by Eric at 05:42 PM | Content Regulation , Derivative Liability | TrackBack
San Diego County Bar Tackles Lawyer Friend Requests and the Ex Parte Rule
[Post by Venkat Balasubramani]
The San Diego County Bar Association recently tackled the issue of whether a lawyer's friend request to an employee of a party violates the rule barring ex-parte communications by a lawyer with a party whom the lawyer knows or should know is represented by counsel. You can access the opinion on Scribd here, and it's worth a read.
The factual scenario involved a lawyer who represented a plaintiff against a company in a wrongful discharge lawsuit. The lawyer knows the defendant-employer is represented by counsel, but obtained a list of the defendant's current employees. The client provides the list, identifying which of those employees may be disgruntled and therefore likely to provide dirt on the defendant-employer. The lawyer then sends Facebook friend requests to these individuals.
The opinion looks to California Rule 2-100, which provides that:
While representing a client, a [lawyer] shall not communicate directly or indirectly about the subject of the representation with a party the [lawyer] knows to be represented by another lawyer . . . unless [the other lawyer first consents].
The opinion first tackles the issue of whether the employees are "parties" for purposes of the rule. If they exercise discretion and determine the employer's policy, they may be treated as part of the represented corporate-party for purposes of this rule. Consequently, the opinion advises that the lawyer should first check with his or her client as to what role the employees play in the organization before treating the employees as unrepresented parties. Assuming they are policy-making employees and therefore "represented," the opinion looks to whether the lawyer's friend request constitutes a communication "about the subject of the representation." The opinion parses the language of the friend request and the fact that it's initiated by the lawyer but transmitted by Facebook, and concludes that the friend request would violate the rule against ex parte contact:
[i]f the communication to the represented party is motivated by the quest for information about the subject of the representation, the communication . . . is about the subject matter of that representation. . . . This becomes clearer when the request to friend . . . is transferred from the virtual world to the real world. Imagine that instead of making a friend request by computer, opposing counsel instead says to a represented party in person and outside of the presence of his attorney: "Please give me access to your Facebook page so I can learn more about you." That statement on its face is no more "about the subject of the representation" than the robo-message generated by Facebook. That what the attorney is hoping the other person will say in response to that facially innocuous prompt is "Yes, you may have access to my Facebook page. Welcome to my world. These are my interests my likes and dislikes, and this is what I have been doing and thinking recently.
The opinion also addresses a few objections:
The friend request does not refer to the issues raised by the representation: With respect to this objection, the opinion notes that even open-ended questions can "impel the other side to disclose information that is richly relevant to the matter," even if the question itself is directed to a subject relating to the representation. Information "uncovered in the immediate aftermath of a represented party's response to a friend request at least 'might reasonably assist a party in evaluating the case, preparing for trial, or facilitating settlement thereof.'" Although the initial friend request may not relate to the representation, it's the type of open-ended question that is designed to elicit a response that provides useful information. Indeed, the opinion notes that once you have become a person's Facebook friend, you have access to a wealth of information regarding that person, including information that will potentially be advantageous to know in litigation.
Friending a represented party is the same as accessing the opposing party's website: The second objection argued that accessing a publicly available website of a party who is represented is permitted, and this is no different. The opinion states that there is a key difference between the two. In one instance the webpage is publicly accessible, and in the other, you need permission--acceptance of the friend request--in order to access it. The opinion concludes that if a witness or opposing party maintains a profile on a social network that is freely accessible by the general public, there is no ethical bar to its access by a lawyer.
The opinion also dismisses a couple of other objections: (1) statements in a Facebook profile are not necessary protected by the attorney/client privilege (the restriction on ex parte contact goes beyond this information), and (2) courts have rejected deception as the basis for excluding evidence in the criminal context (the standards for when evidence should be excluded in a criminal case are not the same as those which prohibit ex parte contacts in civil cases). The opinion notes that the policy underlying the rule prohibiting ex parte access is to restrict the opposing lawyer from interfering in an existing lawyer/client relationship and exerting undue influence through this interference. The tenor of the opinion is that this risk of undue influence clearly exists in the context of a Facebook "friendship."
The opinion raises some interesting issues and takes a careful look at the rules and other opinions on this issue. (The Philadelphia Bar Association and the New York State Bar Association have both weighed in on this issue as well.) The opinion cites to another case (U.S. v. Sierra Pacific Industries, 2010 WL 4778051 (E.D. Cal. 2010)) where the court held that a lawyer who was litigating a claim against the U.S. Forest Service violated the ex parte rule when he attended a "field trip" organized by the Forest Service and extensively questioned Forest Service employees on their policies. The field trip was open to the public and thus mere attendance did not violate the rule. The court focused on the questioning, rather than the attendance. In contrast, here, the opinion concludes that merely sending a friend request could violate the rule.
I wonder whether the result would have been different if the lawyer in question sent a friend request that expressly addressed the ex parte issue--e.g., "I'm John Doe, counsel for Jane Doe, and I'd like to speak with you about this matter. If you are represented by counsel, please do not accept this friend request."
The opinion serves as a good reminder that despite the treasure trove of evidence that may be contained in social media profiles, accessing this information is another matter.
(h/t ABA Journal: "Facebook Friend Request to Exec of Represented Corp. May Violate Ex Parte Rule, Opinion Says")
Posted by Venkat at 02:25 PM | Evidence/Discovery , Privacy/Security
June 27, 2011
Another Ripoff Report Win--A-1 Technology v. Magedson
By Eric Goldman
[Note: I have a thick blogging queue of cases to tackle, so if I haven't gotten to your recent favorites yet, a post may still be coming.]
A-1 Technology, Inc. v. Magedson, 150033/10 (N.Y. Sup. Ct. June 22, 2011)
After a while, the Ripoff Report cases all start blurring together. The plaintiffs try the same tired arguments, the courts reject them as they should, and we all experience a little deja vu. This case involves 2 postings to Ripoff Report (from 2006 and 2009) that were allegedly defamatory of a New York company. The Ripoff Report defended on several grounds, including lack of personal jurisdiction, the statute of limitations (1 year for defamation cases in NY) and 47 USC 230.
The 230 discussion is appropriately efficient. The court cites the recent Shiamili ruling (in my queue to blog) for the proposition that 47 USC 230 bars defamation actions "even when the website provider exercises traditional editorial control, including the reposting of the comments of third-parties and providing headings, subheadings and illustrations." The court also rejects the 47 USC 230 immunity would change if Ripoff Report allegedly charged for removing posts.
The court also dismisses the case for lack of personal jurisdiction, following the general rule that simply publishing defamatory material online doesn't automatically confer jurisdiction in the plaintiff's home court. Finally, the court also dismisses any claim for the 2006 post based on the statute of limitations plus the single publication rule as articulated in Firth v. State, an early New York case interpreting the single-publication rule online.
Posted by Eric at 04:59 PM | Content Regulation , Derivative Liability | TrackBack
June 24, 2011
George Mason "Law and Economics of Search Engines and Online Advertising" Conference Recap
By Eric Goldman
Last week I participated in a conference entitled "The Law and Economics of Search Engines and Online Advertising" at George Mason Law School, sponsored by Google. In light of this week's disclosures about the FTC, state AGs and Senate Judiciary Committee all circling around Google looking to carve it up like a turkey, the event was exceptionally timely.
Because Google sponsored the conference, this event was much more Google-partisan than we normally see at an "academic" event. (Note: George Mason deals with all sides; it did an analogous event sponsored by Microsoft in 2009). Two speakers were Google employees; at least two other speakers expressly acknowledged their financial support from Google; and several others were unabashedly Google-friendly, even if they don't explicitly enjoy any Google largess.
As usual, these talk notes are my filtered impressions of the day’s proceedings and not verbatim transcriptions. You should double-check anything you want to cite or quote.
Panel 1: Network Effects in Search?
Geoff Manne: Google faces competition for advertising from online and offline sources. Online ads are a small part of the global ad industry’s revenue. Ex: Pepsi didn’t advertise during the 2009 Super Bowl and instead put that money into social media advertising. For online ads, Google competes with other search engines, social media sites, and other sites that aggregate eyeballs. Google’s ads also face competition from its own organic search results. Finally, there’s a cross-elasticity of demand between SEO and paid ads.
Network effects: ad networks aren’t just selling consumer quantity; they are selling their ability to deliver relevant consumers. The ad quality score helps mediate ad relevancy for consumers. Advertisers pay only for clicks, not for access to the entire ad network’s population. The auction format eliminates any uninternalized externalities. [In Q&A, Katz pushed back on whether this an “externality.”] Advertisers’ willingness to pay is based on improvements in click quality, not a competition-reducing network effect.
Michael Katz: Market characteristics: (1) weak/non-existent network effects, (2) switching costs are low, and there's no evidence that personalization has had a lock-in effect, and (3) room for product differentiation. If a new search engine enters the market, searchers can move and it doesn’t matter if other searchers do (no coordination between searchers is required). Because consumers and advertisers can try multiple vendors for free and without switching costs, multiple competitors should be able to survive. For advertisers, the auction format permits them to try multiple sites—there’s no quantity discount motivating them to consolidate their business with one vendor.
Stanley Liebowitz: Clearly no network effects for searchers. The story is more complicated for advertisers. In 1990s, we were concerned about lock-in effects and allowing an inferior offering to become the winner. If there were network effects among advertisers, he might worry more than Michael. But he hasn’t found examples where network effects cause consumers to get stuck with the wrong products. Many past claims to the contrary look silly now. We can’t predict where markets are going.
Q&A
Bill Page: does a search algorithm improve with greater number of searches? Liebowitz: he would call that an economy of scale, which could lead to natural monopoly. But are we worried about getting stuck with the wrong natural monopoly? Katz: is Google pushing its competitors below the minimum competitive scale? Manne: how many consumers make decisions on failed long tail searches? [at Epinions, failed long tail searches were make-and-break. Damien Geradin made this point in Q&A.]
Manne: Bing’s cashback program for searchers who bought from advertisers was an example of how new entrants can buy market share.
Liebowitz: he's a little surprised by consumer stickiness. Why don’t consumers try different search engines more frequently?
My Q: advertisers face transaction costs dealing with multiple publishers/ad networks, and as a result, they may require a minimum quantity of eyeballs to consider working with a publisher/network. How would those transaction costs affect the competitive environment? Katz: larger advertisers are more likely to multi-home with large search engines [multi-home being jargon for using multiple vendors simultaneously]. [My note: even if this is true for the larger search engines, start-ups could be frozen out from ad dollars]. Manne: all search engines in the market face this same problem. Katz: VCs are willing to provide enough capital to let companies ramp up enough scale. [I wasn't totally satisfied with these answers. I think there's a possible paper topic on understanding the transaction costs that advertisers face in vetting and managing multiple ad networks and publishers and how those transaction costs help or hinder competitive forces.]
Panel 2: Defining the Relevant Market
Dan Rubenfeld: Internet advertising has developed rapidly and is likely to keep changing rapidly.
Does online advertising constrain offline advertising? Not clear. His gut: yes, but not in every case. There may be geographic or industry advertisers who find offline advertising more useful.
Does offline advertising constrain online advertising? Also not clear. There are lots of offline advertising options, and many advertisers use multiple advertising options.
Focusing just on search vs. non-search online advertising markets. In DoubleClick, the FTC said they are two separate markets. But it’s too simple to say that display ads are for branding and search advertising for direct marketing. Many advertisers use search advertising to build their brands, so they may be the same market.
Damien Geradin: In Google/Doubleclick, the FTC concluded that offline and online advertising markets are different. Why? (1) Online ads can reach more targeted audiences in more effective way. (2) Reporting mechanism lets advertisers see their ad performance. (3) Differences in pricing mechanisms. This was confirmed in Microsoft/Yahoo. EU lawyers think the market definitions are already settled, so why are we still talking about this?
Search ads v. other online ads. Damien thinks they are different:
* Not demand-side substitutes. French Competition Authority (2010): search advertising is distinct relevant market. Google/Yahoo 2008: search advertising and search syndication are different markets. DoubleClick 2007: search and display are different markets. Damien: 1) different characteristics and intended use of search and non-search ads (brand v. direct marketing). 2) Different pricing methods (CPC v CPM). 3) ROI from search ads is higher than non-search ads because it can be better tracked.
* Not supply-side substitutes. A publisher/network faces lots of costs and time switching from running display ads to providing a search advertising offering.
* Algorithmic search doesn’t constrain search advertising. SEO isn’t a substitute for advertisers because SEO is less effective than ads at driving traffic, search engines change algorithms, and search ads yield better conversion.
Catherine Tucker: results of study on alcohol advertising restrictions:
* online display ads had the largest impact on consumers in geographic jurisdictions that legally restricted out-of-home ads
* the Internet reduces the effectiveness of these local regulations
* thus, online ads substitute for offline advertising
Another study: How offline advertising affect online ad pricing. Personal injury lawyers will pay more for online advertising when there is a ban on direct (offline) marketing to victims.
Her conclusion: “offline advertising appears to regulate both the effectiveness and pricing of online advertising.” This is consistent with other literature that online activity is integrated into an entire marketing campaign.
Q&A
Baye: He was the FTC chief economist during the DoubleClick review. Facebook wasn’t even on the commission’s radar screen at the time. [Eric: This isn’t surprising; the market continues to change rapidly.]
Geradin: Google has way more advertisers than Bing.
Q: if ROI is higher in search ads, doesn’t that indicate a price constraint? [The discussion was odd, but it seems that if search ad ROI was truly higher, advertisers should shift dollars to search ads over lesser-performing ads and arbitrage the ROI advantage. So either some factor is preventing advertisers from doing this, advertisers don’t know their ROIs enough to realize they should be shifting their dollars, or the ROI argument is wrong.]
Manne Q: even if the government agencies have made a judgment about market distinctions in the past, we should later check if they got it right.
Berin Szoka: what if Google synced with other search engines so that advertisers could have a one-stop place to manage their campaigns across all engines? Would that raise/end antitrust Qs? [There was a lot of consensus in the room that this would be a good thing.]
Lunch: Mark Paskin, Google Engineer
Search has moved far beyond 10 blue links. When the database was static, people thought search was about looking for encyclopedic information. Google’s freshness has changed this. There are 1 trillion documents on web, 1 billion searches/day, and 1 million new spam pages created every day.
In A/B tests of search relevancy, 25% of queries lead to irresolute differences about what people thought was the best ranking. This suggests there’s no “right” order.
Google’s ranking signals include how often query terms appear, where the query term appears on the page, and document quality signals like PageRank. Any one signal isn’t enough. Hand-coded knowledge can’t handle diverse queries.
Ways that Google exercises manual controls over rankings:
* security. Ex: warning that a site might harm the user's computer if they click on the link
* legal issues, such as child porn and copyright infringement
* exception lists = when algorithm fails but it’s easy to correct manually. Ex: essex.edu being blocked by SafeSearch because it contained the phrase "sex"
* spam. Google uses manual actions to deal with the whack-a-mole problem
Google decides what algorithm changes to explore by “losses,” which it defines as the opportunity to improve results. One solution: reinterpret searches to substitute synonyms, but those reinterpretations depends on context. Ex: GM cereal vs. GM motors vs. GM university vs. GM tomatoes.
Google’s process for making algorithmic changes:
Hypothesize an idea of how to change the algorithm => implement the idea in sandbox => generate a sample of before/after differences => send the differences to carefully trained external raters (who act as “proxies for users”) and look for statistically significant differences in ratings as well as the best and worst results from the changes => divert a tiny slice of live traffic to the sandbox and see where they click => forward data to data quality analyst, who prepares an independent report => forward the report to the launch committee, who approves the change or denies it. Launch considerations: (1) benefit to users, (2) how simple is the implementation, (3) is it an efficient use of resources. Factors that aren't considerations: how the change will affect ads or other monetization, how partners/clients rank, external metrics. There is a wall between search and ads: people in search don’t talk to people in ads about work. Divisions are in different buildings.
Last year: 13,311 algorithmic change ideas led to 8,157 side-by-side A/B experiments, which led to 2800 click evaluations, which produced 516 algorithm changes.
Dealing with misspellings: some users missed Google’s “did you mean” suggestion and clicked on low quality results. Even for situations where Google was really sure the consumer meant something different than they wrote, 5% of users missed Google's prompt. In response, Google changed the presentation to show results for the correction. It told the user and showed the substitute results page and gave user a prompt to go back to original results. Some users get frustrated by that. For a while, they tried a compromise: show the top 2 results at the suggested query, but below that, show results for the original query. Their way of thinking about it: which it comes to misinterpreting misspellings, a loss is worse for searchers than a win is good. Google’s standard for misspelling changes: it should get 50 searcher wins for every searcher loss. Now: when Google is very sure for the correction, it shows the replacement results plus the option to get the original results; otherwise, it gives the original results with a “did you mean?” prompt.
Baye Q: does Google show location-specific results? A: location is a big part of user’s context
Q: duration of retaining user queries. A: if you have 2x users in a month, it’s the same as retaining data from 2 months (but he noted the challenge of seasonal queries). He thinks personalization isn’t essential because web information is so rich.
Berin Q: can Microsoft replicate what Google does? A: in theory, but Google’s algorithm is really good, and that’s a key differentiator. Also, Google has a good system for improving efficiently.
Berin Q: does it matter that Microsoft has a smaller sample size for experiments? A: there are diminishing returns from bigger datasets.
Pasquale Q: does Google’s algorithm preference its own pages? A: no, and he didn’t agree with the Q framing. Ex: if Google prioritizes image search results, those pictures are still 3rd party info.
Q: how do you find testers? A: Google uses third party contractors to find testers. They muist have a minimum educational level. Q: does Google screen out testers who have a pro-Google bias?
Panel 3: Competition and Search Markets
Ben Edelman did his usual shtick.
Randy Picker: His talk generally related to how platforms try to extend their boundaries and what happens when two platform providers collide. His talk slides.
EU’s remedy of ordering Microsoft to distribute OS without media player completely failed. Almost no one took the version without the media player. But this was irrelevant to the development of the media player space—Apple rolled up the space and left Microsoft behind.
Then, EU deal with Microsoft re IE: order to let users choose between different browsers (5 shown first, but 12 available totally). Confusing for users.
Google Buzz was attempt to leverage its platform to strengthen its identity. Google is now in FTC Hell for 20 years.
ITA acquisition was conditioned on neutral treatment and spillover of information.
Paul Liu (Google Economist): How to define a market when the core product is free?
Search queries can be:
* navigational (30% of queries). Alternative options for searchers: typing into URL bar, selecting bookmark, clicking on link. 68% of users did both direct navigation and navigational queries in a week. Google did an unintended A/B test when Google accidentally flagged all sites as malware. At the peak of the incident, this led to a 9% increase in direct navigation (or 80% of navigational queries shifted to direct navigation).
* informational (50% of queries). Alternative options for searchers: other search engines, other websites (especially brand-name trusted sites), mobile apps. Many well-known branded sites get a small fraction of their traffic from search engines.
* transactional (products/services) (about 20% of queries, maybe half product and half service). Alternative options for product searches: other search engines, marketplaces, retailers, shopping comparison sites, review sites, social networks, official stores/malls, mobile apps. Many alternatives don’t depend on search engines for their traffic. Mix of online and offline activity: 51% of consumers research online and buy in-store. 32% research online, visit offline store, then buy online.
Service queries (i.e., trip planning, local services). Alternative options for service queries: other search engines, review/vertical sites, offline (yellow pages, word-of-mouth, radio, TV, magazines, local advertising), mobile apps (many sites have their own apps). In response to these searches, searchers clicks on local organic results: 28%; clicks to other organic results: 67%; 5% to Google Places. Some sites in this group get a lot of traffic from search: CitySearch gets nearly ½).
Most of Google’s search revenue comes from transactional queries. If Google degrades search result quality, users will switch to transactional alternatives—buy from Amazon, research travel on TripAdvisor, book restaurants on OpenTable, buy services at Groupon. If Google loses even a small percent of its transactional queries, that would have a disproportionate decrease in Google’s revenues.
Q&A
Liu in Q&A: switching between travel CRSs was much harder than switching with search engines. Google always focuses on user experience, so the changes are what consumers want.
There was some discussion about how some of Google’s competitors do the same thing as Google. If the competitors do the same thing as Google, does this indicate that those practices aren't the result of market power but instead benefit consumers?
Then, as expected, the Q&A devolved into heavy questioning of Ben’s assertions and lighter but still active questioning for Paul.
Panel 4: Potential Costs and Benefits of Search Regulation
Frank Pasquale: He's interested in transparency. His troubles with Google: the algorithm is a black box. Opacity + market concentration = concern. Frank’s core message for Google: if you’re ashamed about what you’re doing such that you don’t want it disclosed, then don’t do it.
Google’s duality: Is Google a platform for innovation, or an innovator? Is it a conduit or a content provider? We should be skeptical of blanket antitrust exception and blanket First Amendment protection.
Regarding technological innovation. Google’s unassailable competitive advantage: ability to self-promote itself + ability to impose blackbox penalties on others. Like a pharaoh, Google may be strangling its competitors in the crib. Inconsistent to say that competition is one click away while aggregating big search data.
Regarding the First Amendment. Google says it’s protected by the First Amendment. But this is discordant with being a conduit enough to take advantage of 47 USC 230 and 17 USC 512. [I didn’t understand this point--neither of those statutes depend on "conduit" status.] When Google’s owns its properties and they show up in organic searches, he thinks this is like an undisclosed ad.
Examples of Google’s transparency efforts:
* Webmaster Forum
* They show up at SEO conferences
* Discovery in litigation
* StopBadware participation
Still, it's not easy to see what they are doing. This is a general problem with companies driven by trade secret protection rather than patents.
Google’s definition of duplicate content: Google’s search engine looks like its own duplicate content.
His solutions:
* more technical expertise among government regulators so they can do better auditing
* more due process for penalized sites
* publicly funded alternatives
Eric Goldman. I blogged the notes from my talk yesterday.
David Balto: Where’s the beef?
Search engines democratize information and make markets more efficient.
There isn't enough emphasis on the remedies for problems with search engines.
Consumer sovereignty: choice, transparency, lack of conflicts of interest. Google’s conduct aligns with all three elements of consumer sovereignty. [I thought this was an odd argument because Google’s opponents are contesting them on all three.]
Search providers’ conduct aligns with consumers’ interest: accuracy, relevancy, disclosure, self-regulation. [Again, I think this is exactly what people are contesting]
Google’s algorithm is a fair umpire—it calls balls and strikes the right way. Google is agnostic as to the source of content. Google’s focus is matching consumer demand.
Evaluating cures:
* relevancy is inherently subjective
* transparent adjudication system would be ineffective
* increased disclosure is unnecessary
* consumers do not want regulation of search
Q&A
Frank’s Q: maybe the Google/CIA co-venture is an alternative model to a fully government-owned search engine. [I thought this was a disconcerting example!]
Randy Picker Q: we may see a government-operated search engine from the detritus of the Google Book Search settlement. The parties may develop a public digital library, and it may not be indexable by commercial search engines.
Berin Q: Frank is talking about Fannie Mae/Freddie Mac meets NPR meets search.
Josh Wright Q: why not just apply the standard antitrust model looking for consumer harm? [I didn’t answer this Q at the event, but I think it’s a useful framework. If no one can show consumer harm, then there’s no problem that antitrust law needs to fix. However, this only addresses antitrust issues; there may be other problems where a different standard of harm is useful.]
Damien Q to Balto: is your argument that we should just trust Google? David’s A: he sees industries where consumer interests aren’t prioritized, and Google acts as if the consumer could walk away.
Damien Q to Frank: nationalizing a search engine doesn’t seem like a good idea. In antitrust, the first remedy is to ask the company to stop the offending practice.
Liebowitz Q to Balto: advertisers are the consumers, so Google tries to maximize revenue from them. This is where the problem would be located, not on the searcher side. Eric’s A: I wonder if the auction model for pricing for advertisers partially ameliorates those concerns.
Mark Paskin Q for Frank: how would transparency affect gaming/spam? Frank: not arguing for complete transparency, just oversight of the algorithm. This is a general concern about the competitive restrictions when a company relies on trade secret protection.
Q: EU remedy on Microsoft Explorer was ridiculous. Assume any intervention in search would also be ridiculous. How could we deal with the situation that only one competitor in market is regulated while others aren’t? Frank: we do long-term regulatory oversight of marketplace actors. Ex: ASCAP. [once again, I wasn't sure this was a good exemplar]
Posted by Eric at 02:26 PM | Search Engines | TrackBack
Court Conducts in camera Review of Plaintiff's Facebook Page to Resolve Discovery Dispute -- Offenback v. Bowman
[Post by Venkat Balasubramani]
Offenback v. Bowman, 10-CV-1789 (M.D. Pa.; June 22, 2011)
Background: Discovery disputes over Facebook accounts and whether they are discoverable in civil cases are piling up. Courts and litigants continue to grapple with the central problem that even to the extent the information is properly discoverable, at least some portion of a litigant or party's Facebook's account deserves privacy protection and should also be protected by federal statutes such as the Stored Communications Act. On the other hand, an opposing litigant needs to get access to the Facebook profile in order to determine whether something contained in the account is relevant, in order to articulate a "likely to lead to the discovery of admissible evidence" argument.
Courts have come up with interesting and mostly imperfect ways to solve this problem. In one case, a court suggested that the litigants "friend" the court so the court could review the contents of the account which would be visible to the witness's friends. ("Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute.") In this case, the court conducted an in camera review of the plaintiff's Facebook profile and determined what information was discoverable.
The facts follow a familiar pattern. Plaintiff suffered a car accident, and sued, alleging he suffered physical and psychological injuries. He claimed that these physical injuries limited:
his ability to sit, walk, stand, ride in a vehicle, bend, stoop, push, pull, and lift. He claimed that he could not drive for any period of time and is physically limited as to riding his bicycle or motorcycle.
Defendant sought access to plaintiff's Facebook and MySpace accounts. The court asked for plaintiff's log-in information for these accounts. Plaintiff provided the Facebook password but said "he could no longer locate information related to his MySpace account, since he had neither activated nor used the account since November 2008." [Ouch! Plaintiff is not alone, this BusinessWeek article notes that even one of the co-founders of MySpace no longer checks his MySpace account: "The Rise and Inglorious Fall of MySpace."]
Discussion: The court reviews plaintiff's Facebook page and concludes that the bulk of the material there is unrelated to the accident and not discoverable. There were a few items that were discoverable and these included:
- photos of plaintiff taking numerous motorcycle trips;
- photos of plaintiff hunting;
- photos and comments suggesting that plaintiff "may have recently ridden a mule";
- comments confirming plaintiff's continued interest in riding motorcycles.
The rest of the page contained information that was not discoverable--such as "routine communications" with family and friends, and expressions of plaintiff's interests and hobbies. [The court notes that plaintiff had a passion for the Philadelphia Phillies "which was not dampened after he moved to Kentucky from Pennsylvania."]
___
The court drops a footnote in the order, knocking the parties for getting the court involved in this discovery dispute. Plaintiff conceded that some of the information in the Facebook profile was discoverable. Defendants appeared to have backed away from their initial position that all of the information was discoverable, but they did not actually narrow their discovery requests to the items that plaintiff admitted were discoverable. Translation: the parties ended up wasting the court's time, and should have worked it out themselves.
It still feels awkward that the court took the approach of actually logging in to plaintiff's Facebook account using plaintiff's password. Isn't this a violation of the Facebook terms of service?
There's another issue lurking in the background of these disputes that courts will be forced to confront: can a party be forced to consent to disclosure of information that falls under the Stored Communications Act? No case has directly confronted this question, although one court has held that a party's default and fugitive status is not consent. (See "Being a Fugitive is Not Consent for Production under the Stored Communications Act.")
Earlier related posts:
"Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute -- Barnes v. CUS Nashville"
"Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case -- McMillen v. Hummingbird Speedway"
"Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson"
Posted by Venkat at 09:45 AM | Evidence/Discovery , Privacy/Security
June 23, 2011
What Would a Government-Operated Search Engine Look Like in the US?
By Eric Goldman
[Today's WSJ announcement that the FTC plans to subpoena Google reminds us that search engine bias issues are heating up rather than winding down. I recently posted my article recapping the last 5 years of developments on the topic.
Last week, I attended a conference at George Mason Law School on the topic, and I will post a comprehensive recap of the event shortly. I was scheduled for the last panel of the day, and it was clear that anything I said from my recent article or my 2006 article was likely to be preempted by discussion throughout the day. Therefore, I came up with a topic that was unpreemptable, but I could do this only by setting up a strawman from fantasyland. My talk notes:]
Publicly-funded search engines are sometimes floated as a way to address search engine bias. Indeed, Europe attempted to develop its own publicly-funded search engine, Quaero, although that effort has apparently collapsed.
This led me to a thought exercise: what if US government tried to build its own search engine? (We could call this hypothetical engine “The Googlement”). My talk explores a pure case of a government-operated engine. Other models, such as subsidies to a private company, might avoid some of the pitfalls but also might produce fewer of the benefits.
The Case for a Government-Operated Search Engine
Some arguments in favor of a government-operated search engine:
1) it could advance national objectives, such as prioritizing nation-specific content. This particular rationale seems hollow given the US-centric bias of existing search engines.
2) more competition is good. The marketplace relies on the invisible hand. Another well-funded competitor in the market could help discipline other market players.
3) search engines create positive externalities. We might decide this infrastructural component is too important to be left to market forces. Otherwise, due to the positive externalities, the marketplace may undersupply it.
4) the search engine will be subject to public oversight, which can ensure transparency, due process and accountability to the people.
The Case Against a Government-Operated Search Engine
On the other hand:
1) in response to the positive externality point, we don't have good evidence of any market failure, or at least any undersupply.
2) operating a competitive search engine is expensive. Indeed, Yahoo offloaded a couple hundred million dollars of costs to Microsoft as part of their alliance. Also consider some of the second-order impacts of undertaking a major public infrastructure project like a search engine:
a) like most government works projects, the search engine would be under constant pressure to reduce costs or find new revenue sources. For example, PACER charges us to access public documents. And if the government defrayed costs through advertising, would it encounter the same church-state problems we fear with private actors?
b) the government could have difficulty recruiting best engineering talent. PACER's 1980s state-of-the-art technology is a good example.
c) providing due process for complaints (discussed below) would be expensive. For example, Saferproducts.gov has developed complex vetting mechanisms before publishing consumer complaints.
3) consumers may fear giving their personal information to Big Brother more than they fear Little Brother. For example, in Gonzales v. Google, Google fought back against ridiculous government request for data. If the government operated the search engine itself, it could have just arrogated the data for its own purposes without even Google's (thin) buffer.
4) who would make the editorial decisions about relevancy? I couldn't even parameterize this problem. Would it be done by committee? Following guidelines, or just using their own judgment? Frankly, I couldn't think of many examples of government-operated editorial publications where similar editorial judgments are made. A related question: who would decide the definition of spam?
5) decisions to downgrade, de-index or never index sites may be subject to First Amendment scrutiny.
For example, Christ’s Bride Ministries, Inc. v. Southeastern Pennsylvania Transportation Authority, 148 F.3d 242 (3d Cir. 1998) held that government bus ads are a limited public forum. In White Buffalo v. UT Austin (5th Cir. 2005), the court held that UT Austin's anti-spam filter were OK under First Amendment because they regulated high-volume commercial email. If the judgments were about other types of communications, would the same result apply?
Numerous plaintiffs against search engines have unsuccessfully tried First Amendment complaints—as sword, not shield—against private actors. Ex: Langdon, KinderStart, Murawski v. Pataki. The many terminated user account cases, such as Estavillo v. Sony and Young v. Facebook are also analogous. These would become tenable lawsuits against a government-operated search engine.
6) We get the purported benefits only if consumers actually use the government-operated search engine. However, if the search engine fails on relevancy or its anti-spam efforts, consumers simply won’t use it. Given the significant challenges, it would be tough for the search engine to win consumers from market-driven alternatives.
Conclusion
Even though it's a trip to fantasy-land, the thought exercise reinforces the merits of market-driven search engines:
* market forces will drive their quest for relevancy
* the marketplace will bear the costs rather than the public fisc
* the government doesn’t have direct access to consumer data
* for marketplace actors, the First Amendment acts as a shield for relevancy/anti-spam determinations, rather than a sword against the government
Posted by Eric at 05:44 PM | Search Engines | TrackBack
June 19, 2011
Employer Who Fails to Consistently Enforce Computer Usage Policy Cannot use the Policy to Justify Dismissal -- Branson v. Harrah's
[Post by Venkat Balasubramani]
Branson v. Harrah's Tunica Corp., et al., 08-cv-02804-BBD-cgc (W.D. Tn; June 3, 2011) (decision)
Background: Branson was an employee with the Grand Casino for over ten years, from 1996 to 2007. Harrah's acquired Grand in 2006. He received uniformly favorable employment ratings. In March 2007, Grand employed three "table games shift managers," Branson, Rob Keene, and Denise Alford, each of whom reported to Darrell Pilant. Each manager had their own computer log-in, password, and Windows account. As Branson described it, he accidentally accessed the email account of one of the other managers and forwarded himself an email:
Plaintiff sat down to use a shared, work computer when he noticed an email from Alford to Pilant. Alford had apparently failed to log out of her email account, and the email appeared on the screen when Plaintiff touched the mouse. The email stated that [Branson] and Keene were speaking in front of Mitch Pate, a pit manager, about the performance of [their] subordinates. . . . Apparently two hours into his shift, [Branson] forwarded a copy of Alford's email first to his business email account and then to his personal email account so that he could access the email from home.
Branson told his boss what he had done, and Pilant looked into it. Pilant had the IT department investigate to verify what happened, and once he did, he informed Branson that Branson "violated several policies and the trust that Pilant had placed in [Branson]." Ultimately, Branson was given the option of resigning or being terminated, and he chose the first option. Although Branson resigned, Harrah's placed a notation in his employee file that he was "eligible for rehire."
Branson brought claims alleging that he was forced to resign because of his age.
Discussion:
Employer status: The first issue the court addressed was whether Harrah's Entertainment, Inc. and Harrah's Operating Company, Inc. were Branson's employer. There was testimony that Harrah's acquired Grand (where Branson originally started working) in 2006. After the acquisition, employees received a Harrah's handbook and W-2's which listed Harrah's as their employer. Additionally, defendants' own witnesses, who purported to be Grand employees, listed Harrah's as their employer on their LinkedIn pages. Based on this evidence, the court held that Harrah's Entertainment, Inc. and Harrah's Operating Company, Inc. were both Branson's employers for purposes of the ADEA. (Coincidentally, Harrah's also got burned by LinkedIn evidence in another case where a different plaintiff asserted age discrimination claims against Harrah's: "Contrary LinkedIn Evidence Crushes Witness' Testimony." The plaintiff in that case testified in this case as well.)
The ADEA claim: Resolution of the ADEA claim was the more interesting part of the ruling. The court found that plaintiff put forth a prima facie case--he was within the protected class, received favorable ratings, and was replaced by someone younger than him. It was up to defendants to put forth a non-discriminatory reason for the termination, and defendants relied on the fact that Branson violated Harrah's computer use policy by improperly accessing his co-worker's email and forwarding an email to his own business and personal account. The court found that this was a sufficient non-discriminatory reason for the termination, and shifted the burden to Branson in order to show pretext. The court concludes that he put forth sufficient evidence to satisfy his burden.
The court found that defendants typically followed a four step disciplinary process before terminating an employee and that "the evidence presented [did] not support the conclusion that [Branson's] conduct was serious enough to justify deviating from this process." In particular, the court found that:
employees did not receive training or instructions on how to use the Grand's computer system. [The witness-employees did not appear] to be familiar . . . with the policies that defendants cite[d] as justification for [Branson's] termination. Furthermore, the proof show[ed] that it was not uncommon for employees to each other's email accounts, and presumably each other's passwords on the shared work computer, without fear of suffering any disciplinary action.
The court also found defendants' explanation was contradictory in that if Branson was terminated for a serious issue, defendants would not have found that he was eligible to be rehired.
As an added bonus, the court finds that defendants' conduct was willful, or at best, with reckless disregard of whether it was in violation of the ADEA. The court smacks defendants with a whopping award of $361,363.42.
___
Accessing someone else's email is risky behavior and a potential violation of federal statutes which protect the privacy in electronic communications. This has gotten a few employers into trouble. In Pure Power Boot Camp v. Warrior Fitness Boot Camp, for example, ex-employees were awarded (admittedly nominal) damages when their former employer accessed their emails. (See "Ex-Employees Awarded $4,000 for Email Snooping by Employer.") You would think when an employee does something like this and admits to doing it, the employer would have no problem firing the employee for this. Defendants even had a written policy in place which the employee in this case violated when he accessed his co-worker's account. One would think that a violation of this policy would put defendants in a position to prevail at summary judgment if not deter the plaintiff from pursuing his claims in the first place. Here, despite having a policy in place, this still didn't allow the employer to use the policy violation to justify the termination. Why? The policy was not taken seriously or consistently enforced. Despite the potential seriousness of plaintiff's act, there was testimony in the case that other employees regularly violated the policy and were not subject to disciplinary measures.
A useful reminder that regardless of what network/social media policies you have in place, if you do not actually implement them, and enforce them in a consistent way, they may not be of much use at the end of the day.
Posted by Venkat at 10:29 AM | Privacy/Security
June 18, 2011
Bank ACH Fraud Victims Get Mixed Rulings -- Experi-Metal v. Comerica Bank & Patco Constr. v. People's United Bank
[Post by Venkat Balasubramani]
We have posted on numerous cases involving data breach plaintiffs who are rebuffed by courts because they have not suffered cognizable harm such as out-of-pocket losses. A pair of recent cases involved businesses whose bank accounts were drained after their log-in credentials were compromised and who sued their banks for the resulting out-of-pocket losses. In one case, the court finds for the customer; in the other, it finds for the bank. (Standing was not an issue in either case, since the plaintiffs suffered out-of-pocket losses.)
Experi-Metal v. Comerica Bank, 09-14890 (E.D. Mich.; June 13, 2011)
Experi-Metal was a victim of a phishing attack, which led to unauthorized wire transfers of $1.9+ million from its bank accounts. Comerica recovered all but $560,000 of this amount, and Experi-Metal sought to hold Comerica liable for this remaining amount. Following a bench trial, the court concludes that Comerica did not act in good faith--i.e., did not observe "reasonable commercial standards of fair dealing."
Here is how the court recounts the phishing incident:
During the morning of January 21, 2009, Comerica was alerted to phishing e-mails sent to its customers by a third-party attempting to lure the customers into providing their confidential identification information . . . . Mr. Kind, Experi-Metal's Vice President of Manufacturing, forwarded [the phishing e-mail he received] to Mr. Maslowski [its controller]. The e-mail instructed the recipient to click on an attached link to complete a "Comerica Business Connect Customer Form." At approximately 7:35 a.m., Mr. Maslowski clicked on the link and was directed to a website where he responded to a request for his confidential secure token identification, Treasury Management Web ID, and login information. By doing so, Mr. Maslowski provided a third-party with immediate online access to Experi-Metal's Comerica bank accounts from which the individual began initiating wire transfer payment orders . . . .
Whether Maslowski was authorized to initiate wire transfers: Experi-Metal first argued that Maslowski was not authorized to initiate wire transfers so the bank should not have processed the requests. The court rejects this argument, finding that on numerous documents, the CEO of Experi-Metal designated appropriate "users," for Experi-Metal's Comerica account, and these documents included herself and Mr. Maslowski. The court finds that the CEO's explanation regarding Maslowski's lack of authority wasn't credible. He had the password and, in the aftermath of the phishing incident, the CEO did not raise a hue and cry about why he had the password.
Whether Comerica processed the payment orders in "good faith": Michigan's version of the Uniform Commercial Code allows the bank to get off the hook for unauthorized wire transfer orders if (1) the bank and customer agree to a security procedure for verifying payments; (2) the security procedure is commercially reasonable; and (3) the bank accepts the orders in "good faith." Even if these conditions are satisfied, the customer may shift the loss to the bank if the customer can show that "the person committing the fraud did not obtain the confidential information [facilitating the breach of the security procedure] from an agent or former agent of the customer or from a source controlled by the customer."
The parties agreed that the burden fell on Comerica to prove that it accepted the payment orders "in good faith." Both sides presented expert testimony on the issue of whether Comerica's acceptance and processing of the unauthorized wire transfers comported with industry or commercial standards. The court does not give much credence to the testimony of either party's expert. Ultimately the court concludes, based on a variety of facts that Comerica failed to satisfy its burden:
the volume and frequency of the payment orders and the book transfers [from one Experi-Metal account to another] that enabled the criminal to fund those orders; the $5 million overdraft created by those book transfers in what is regularly a zero balance account; Experi-Metal's limited prior wire activity; the destinations and beneficiaries of the funds; and Comerica's knowledge of prior and . . . current phishing attempts.
Based on these facts, the court concludes "that a bank dealing fairly with its customer, under these circumstances, would have detected and/or stopped the fraudulent wire activity earlier."
Patco Construction Co. v. People's United Bank, d/b/a Ocean Bank, 09-cv-005003 (D. Maine; May 27, 2011)
In this case, unknown third parties initiated a series of withdrawals from Patco's account with Ocean Bank over the course of several days. The withdrawals totaled $588,851, and of this amount Ocean Bank blocked $243,406 of the transfers. Patco sought to hold Ocean Bank liable for the remainder. The person who initiated the transfers obtained Patco's credentials:
The Bank authenticated [the initial unauthorized transfer] with Patco's company ID and password and [Patco's] proper credentials, including [an authorized user's] ID, password, and answers to challenge questions. Whoever initiated this transaction did not submit an incorrect password or answers to challenge questions even once.
The court focused on whether the security procedures employed by Ocean Bank were "commercially reasonable" (as in the Comerica case, the court looked to the UCC and the state law version of the relevant provision). In a 70 page opinion which includes discussion of the perspectives of competing experts, industry practices, and alternative security measures, the court concludes that the bank's procedures may not have been perfect, but were commercially reasonable. As summarized by Brian Krebs ("Court: Passwords + Secret Questions = 'Reasonable' eBanking Security"):
The magistrate analyzed whether the bank’s security satisfied "multi-factor authentication" guidelines by incorporating at least two of three checks: Something the user knows (such as a password), something the user has (such as the passcode generated by a one-time token); and something the user is, such as a biometric identifier. (Those guidelines were established in 2005 by banking regulators at the Federal Financial Institutions Examination Council (FFIEC).)
The magistrate judge said the bank's security satisfies these guidelines. Patco argued that the fraud was caused by keylogging software and the bank's security measures (its "rules" for when it would look into suspicious transfers and how it deployed its authentication procedures) were commercially insufficient to deal with this type of risk. Patco faced a bit of an uphill on this point because it failed to preserve the evidence in its computers--i.e., Patco did not immediately stop using them and allow them to be forensically examined.
___
Both cases had a few things in common. First, the actual breach happened on the user's end--there was no allegation that a criminal broke in to the bank's computer system and siphoned money out of it. Regardless, this did not preclude the claims in either case. Second, in both cases, the bank's customers were limited by the agreements in question. Although the agreement did not totally preclude Experi-Metal's claim, it undermined Experi-Metal's argument that the individual employee who was the victim of the phishing attack was not authorized to undertake wire transfers. I'm willing to bet the plaintiffs in both cases did not carefully review the voluminous documents and updates provided by their respective banks as to matters such as account security, authorized signatories, and loss prevention. In both cases, the parties entered into agreements which were "updated" by the banks numerous times, often via email notice or notice via the bank's online interface for online banking.
The court's conclusion in Comerica was very Solomonic: "I've taken in all of the evidence and here is my judgment." The court does not give much credence to either expert. In contrast, the court in Patco goes into mind-numbing detail about the processes, industry standards, and the contentions of the experts.
These decisions are both good wake-up calls to businesses about their exposure to security risks and limits on their ability to outsource losses to third parties. Both plaintiffs were small business who suffered relatively significant out-of-pocket losses, and it probably came as a surprise that there is no legal mechanism to shift the losses to the banks. From reading through both orders, you get the sense that neither the bank nor the customer is particularly well situated to prevent the losses in question. (Undeniably, some additional training and education at the customer end could have potentially averted these losses, but it's tough to say.) This looks like the type of loss where insurance would be well worth exploring, to the extent it is available. I wonder if we will eventually see federal legislation that sets minimum standards here.
Other coverage:
"Court Says Comerica Bank Must Pay After Customer Is Hacked" (Bob McMillan)
"Court: Passwords + Secret Questions = 'Reasonable' eBanking Security" (Brian Krebs)
Posted by Venkat at 08:46 AM | Privacy/Security
June 17, 2011
A Century of Trademark Law: Looking Back and Looking Forward (Notes from my INTA Annual Meeting Talk)
By Eric Goldman
At the INTA Annual Meeting in San Francisco in May, I spoke on a panel with Miles Alexander of Kilpatrick Townsend and The Rt Hon. Professor Sir Robin Jacob, now a professor at University College London. The panel was moderated by the esteemed Tom McCarthy. Nominally, the panel theme was celebrating 100 years of the Trademark Reporter, but in practice this theme allowed us to riff on the past and future of trademark law. We had a huge audience of over 300 folks. Photos of the panelists and the audience. Audio recordings are available presumably for a fee (you have to navigate this baffling website--no deep linking allowed there!).
I made 3.5 points during my remarks. The first two-and-a-half points relate to what has changed in trademark law; the last point relates to the future.
Point #1: Rise of Online Word of Mouth/Fall of Brand Control. In the old days, brand owners has pretty clear rules of engagement for reaching consumers. Following the 4Ps of marketing, brand owners who wanted to shape consumer perceptions could exercise tight control over distribution channels and could woo mass media gatekeepers. Consumer word of mouth was important, but it was slow, low-scale (in that any individual consumer could reach a relatively bounded universe of other consumers) and steerable through mass media exposure. Now, consumer word of mouth is lightening fast, can have the same reach as the traditional mass media, and is extremely difficult to control because of its fractured and democratized nature. I explore this point more in my paper, Online Word of Mouth and its Implications for Trademark Law.
Point #2: Crumbling of Commercial/Non-Commercial Distinction. Many legal doctrines are predicated on distinguishing commercial from non-commercial activity. None of them are prepared for the collapse of that distinction. Certainly trademark law isn't prepared. Commerciality is a Constitutional imperative for trademark law. Perhaps more importantly, most trademark doctrines are designed to correct a specific type of defect in the marketplace.
Trademark law has proven ill-equipped to handle non-commercial activity. The doctrinal boundaries are simply too plastic to work well when applied to fundamentally non-commercial activity. In the past, trademark law struggled with fundamentally non-commercial parodies like Air Pirates or the Screw Magazine depiction of the Pillsbury Doughboy that had relatively small reach. Now, a similarly non-commercial parody can generate 100M views on YouTube or a million Twitter followers (think BPGlobalPR)--thus having the reach, but not the intent or effect, of activity that used to be limited only to commercial actors.
Point #2.5: Emergence of Private Namespaces. One specific application of the rise of online word of mouth and the incoherence of the commercial/non-commercial distinction arises with the development of new private namespaces. Historically, any private non-trademark namespaces typically were limited in reach. But this changed with the rise of 1-800 vanity numbers, then domain names, then usernames on online services (especially social media). Now, each private namespace creates a new opportunity for third parties to register a trademark owner's brand and reach the world under that brand. Yet, we don't have consistent rules for the application of trademark law to private namespaces, and it seems like we have to invent the rules anew each time.
Point #3: Trademarks and Scientific Understanding of Consumers. A tension for the future: how much will trademark doctrine integrate scientific learnings about consumer behavior? Most of basic trademark doctrine was built decades ago, and our understanding of consumer psychology and behavior has improved substantially in the intervening years. Yet trademark doctrine hasn't really changed to reflect any of those learnings. In fact, we have weak or zero scientific support for the doctrinal contours of things like the multi-factor likelihood of consumer confusion test or trademark dilution.
At some point, we might just acknowledge that trademark law is the product of trademark owner rent-seeking rather than anything that tries to reflect actual consumer behavior. This is why the courts may be more useful than legislatures when it comes to improving trademark law. For example, the courts could unilaterally change the elements of the multi-factor likelihood of consumer confusion test because it's purely common law, although it will be hard for any single judge to reshape the test nationally. Nevertheless, as trademark doctrine further deviates from consumer behavior, trademark owners will encounter more friction in courts and society will have less respect for trademark law.
IP Kat/AmeriKat's recap of the panel. Managing IP's coverage of the talk.
Functionality Talk. Separately at the annual meeting, I also spoke on a panel with Mark Lemley and Dan Burk on the functionality doctrine, especially as applied to Rosetta Stone. A photo of the panelists. Managing IP's coverage of the talk.
Posted by Eric at 07:40 AM | Trademark | TrackBack
June 16, 2011
Injured Pedestrian Can't Sue Google for Providing Faulty Map Information -- Rosenberg v. Harwood
[Post by Venkat Balasubramani]
Rosenberg v. Harwood, No. 100916536 (Utah District Court; May 27, 2011) [pdf]
Lauren Rosenberg was struck by an automobile while walking along a rural highway "with heavy traffic and no sidewalks." She sued the driver of the car but she also sued Google, alleging that Google negligently provided directions and failed to warn that the highway was not suitable for pedestrians. The court grants Google's motion to dismiss. Although Google argued that it was entitled to First Amendment protection for its publication of information, the court does not reach the First Amendment question, and dismisses the claims under traditional negligence standards.
Google did not owe Rosenberg a duty: In order to assert a claim for negligence against Google Rosenberg had to show that Google owed her a duty. The court applies a four factor test to determine whether Google owes Rosenberg a duty and concludes that Google does not owe a duty. Rosenberg did not have a special relationship with Google. Rosenberg argued that in other cases courts have held service providers liable for negligently providing services to customers, but the court says that this duty is minimal or non-existent when a publisher or other information provider "publishes information to the general public."
The court also notes that the fact that an injury is unlikely to occur counsels against finding a duty. Although Rosenberg alleged that an accident is more likely to occur along a rural highway such as the one she was on, the court says that an accident involving a pedestrian likely involves the pedestrian's own breach of their duty to yield to cars on the road:
it is clear that Google was not required to anticipate that a user of the Google Maps service would cross the road without looking for cars . . . and that, absent negligence on the user's part, an injury while crossing the road would be unlikely.
Google's duty does not extend to preventing or warning against harm that is likely to occur through a plaintiff's breach of her own duty.
Policy considerations weigh against finding a duty: Rosenberg argued that since Google provided information on a one-to-one basis, the policy considerations for protecting publishers are not applicable when it comes to Google. The court disagrees with this as well:
[t]o claim that Google provided the information only to one individual, and therefore is not entitled to the protections afforded publishers, ignores the realities of modern society and technology. As Google notes, the Complaint itself states that the information provided on the Google Maps service "is readily available via the internet" . . . and any individual who enters the same starting and ending points will obtain the same walking directions that were provided to Rosenberg. While a user of the service is able to customize the results of his or her search, the exact same information provided to Rosenberg is readily available to any individual who uses the same search terms as Rosenberg, and anyone who obtains those directions is free to disseminate the search terms and directions to others. Given these facts, it is difficult to imagine that information could be disseminated more broadly to the public. Therefore, Google is clearly a publisher because it makes all of the information on the Google Maps service available to the public worldwide, and the fact that a user of the Google Maps service obtains customized search results does not remove the protections afforded to any other publisher of information to the public.
If Google, as a publisher which widely disseminates information, could be held liable for providing faulty information, this could lead to unlimited liability for Google. Rosenberg argued that the burdens to Google could be ameliorated if Google posted "a statement that included a warning of dangers of which Google knows or should know along a potential route," but the court notes that this would dramatically increase the burden on Google. Under Rosenberg's theory, Google would have to investigate and warn about all foreseeable risks, "which might include negligent drivers, drunk drivers, dangerous wildlife, sidewalks or roads in disrepair, lack of lighting, and other risks that might only exist during certain times of day." This burden would be difficult, if not impossible for Google to bear. The court also looks to the social utility of the service provided by Google (under the benefit/burden analysis formulated by Learned Hand) and finds that the service provided by Google has a high social value.
___
This is a nice win for Google as well as an endorsement of the social utility of its services. Plaintiffs have sought to sue Google for torts arising out of Google's services, including street view (Boring v. Google) and directory services (Harris v. Google). To date, these efforts have been largely unsuccessful.
The court recognizes that the practical result of a win for plaintiff in this case would be a flood of similar litigation which could ultimately force Google to include warnings or disclaimers or to offer its service in a different (and potentially less useful) form. Many of the online service provider cases understandably center around Section 230, and this case is a good reminder that even outside the Section 230 universe, it's not always easy to hold an online service provider liable. In addition to the difficulties in showing duty, Rosenberg would have had a serious causation hurdle as well.
While the court lets Google off of the hook in this case, the result may have been different if Rosenberg had asserted claims against a GPS provider. A GPS provider typically offers a paid service and arguably communicates with its customers on a one-to-one basis. It's unclear as to whether this would materially alter a court's analysis, but a GPS provider would not necessarily receive the same treatment as Google did in this case.
Other coverage:
"Judge Bars Woman From Suing Over Faulty Google Map"
Related posts:
"Google Sued for Publishing Home Address--Harris v. Google" (dismissed without prejudice for lack of prosecution)
"Google Street View Lawsuit Revived, But Only on Trespass Grounds--Boring v. Google"
Posted by Venkat at 01:41 PM | Content Regulation
June 15, 2011
Righthaven Benchslapped in Ruling Saying It Lacks Standing--Righthaven v. Democratic Underground
By Eric Goldman
Righthaven LLC v. Democratic Underground, LLC, 2:10-cv-01356-RLH-GWF (D. Nev. June 14, 2011)
This is another stinging defeat for Righthaven. The judge emphatically rejects Righthaven's substantive arguments about its copyright assignment from Stephens Media and harshly criticizes Righthaven's procedural conduct.
Regarding the assignment, the court focuses on the contract's effect: it was designed to give Righthaven only the right to sue and get the resulting cash, but Stephens Media retained all other control over the copyrighted asset. Thus, Stephens Media never assigned any portion of a Section 106 copyright right.
The opinion indicates that Stephens Media and Righthaven could fix this by giving Righthaven more control over the asset. I believe the contract amendment tried to do that, but it may not have gone far enough. Judge Hunt intimates as much, saying he "expresses doubt that these seemingly cosmetic adjustments change the nature and practical effect of the SAA." I remain skeptical that Stephens Media wants to give up enough control to Righthaven to satisfy the standing requirements.
The judge then indicates that Righthaven can't fix the existing contract defect for the existing litigation because standing is measured when the complaint is filed. This could lead to dismissal of all pending Review-Journal litigation and, depending on the exact wording of the MediaNews contract, possibly the Denver Post litigation as well.
If Righthaven can't get this opinion reversed on appeal and other judges defer to this opinion on the standing question (which I think it likely), Righthaven may be back at square one with its entire business. Thus, I assume Righthaven will appeal this decision. However, this is a pretty well-constructed opinion, so Righthaven will have an uphill battle overturning it on appeal. I wonder if the other pending cases will go on hold until an appeal is resolved.
Democratic Underground's declaratory judgment suit of non-infringement also survives dismissal. In doing so, the judge cites an unnecessarily inflammatory editorial posted by former Las Vegas Review-Journal publisher Sherman Frederick, who threatened to introduce his “little friend called Righthaven” to people who republished Las Vegas Review-Journal content. This quote invokes a famous line from the climatic scene in the film Scarface, where Al Pacino's "little friend" was an M-16A1 machine gun with a grenade launcher. I have always been baffled by the implicit symbolism of Frederick's analogy. Did he really mean to analogize Righthaven to a murderous weapon used by a drug lord to mow down his rivals in an ultimately futile last-stand?
In addition to the adverse substantive ruling, the judge criticized Righthaven unusually harshly in this opinion. The "high"lights:
* the judge rejects Righthaven's basic substantive argument as "flagrantly false—to the point that the claim is disingenuous, if not outright deceitful."
* the judge emphatically rejects Righthaven's attempt to argue that other judges had already upheld the copyright assignment, saying that "at best, this argument is disingenuous." Righthaven took the very aggressive position of citing one of the judge's earlier rulings back to him--and he seemed pretty angry that Righthaven sandbagged him in the prior ruling and then tried to estop him.
* the judge summarizes the overall ruling by saying "the Court believes that Righthaven has made multiple inaccurate and likely dishonest statements to the Court."
* the judge then goes on to lambaste Righthaven for not identifying Stephens Media as an interested party in the lawsuit, calling that omission "brazen" and "egregious."
The judge requires Righthaven to explain why the judge should not order sanctions. Given the tenor of this opinion, it seems like a sanctions order is inevitable. The opinion also hints that Democratic Underground may get its attorneys' fees. All told, this case is probably going to cost Righthaven dearly. And after a ruling like this, Righthaven's entire enterprise is on the ropes.
Other coverage from EFF (rightly touting its success) and Steve Green/Las Vegas Sun. In a rare move, the Las Vegas Review-Journal covered its own story, and it quotes some reactions from Righthaven. You can read it at http://www.lvrj.com/news/federal-judge-rules-las-vegas-firm-can-t-sue-over-copyright-infringement-123882024.html -- but do you even want to give them an extra page impression?
My prior blog posts on Righthaven:
* Another Defense-Favorable Righthaven Ruling--Righthaven v. Choudhry
* Republishing Entire Newspaper Story is Fair Use--Righthaven v. CIO
* Blogger Wins Fair Use Defense...On a Motion to Dismiss!--Righthaven v. Realty One
Posted by Eric at 06:28 AM | Copyright , Licensing/Contracts | TrackBack
June 14, 2011
Advertiser Fails in Suit Against Trademark Owner over Google Trademark Complaint--Pandora Jewelers v. Pandora Jewelry
By Eric Goldman
Pandora Jewelers 1995, Inc. v. Pandora Jewelry LLC, 2011 WL 2174012 (S.D. Fla. June 2, 2011)
The plaintiff is a long-time single-storefront jewelry retailer in Florida (in a strip mall, naturally) with an e-commerce website. Pandora Jewelry, one of the main defendants, is an international jewelry manufacturer and retailer. To make things more complicated, the Florida Pandora retailer was an authorized distributor of the Pandora manufacturer's goods for several years in the last decade. The parties terminated that relationship, the international Pandora moved more aggressively into opening retail outlets in Florida, and the Florida Pandora sued.
The lawsuit has lots of interesting angles, but I'm interested in Google's role in the battle. The international Pandora submitted a trademark complaint to Google for "Pandora," which affected about 67 advertisers, including the Florida Pandora. This meant that Florida Pandora couldn't advertise on "Pandora Jewelry," "Pandora bracelets," "Pandora charms," and "Pandora beads." The opinion is ambiguous about the nature of international Pandora's complaint, but given that it was placed by a Danish subsidiary, it appears that it was in Europe under Google's old rules and thus prevented the Florida Pandora's ads altogether on the blocked phrases. In the US, at most, the international Pandora should have only been able to block the Florida Pandora's reference to "Pandora" in the ad copy.
Florida Pandora claimed the trademark block was a tortious interference. That claim fails because Florida Pandora couldn't show the requisite malice in making the complaint. I believe the court is trying to say that because international Pandora was just attempting to enforce its trademark rights, the takedown lacked malice. The court also rejected several related claims by Florida Pandora.
Compare this discussion with yesterday's post on the Twilight-themed song, where the court said that the takedown might constitute a violation of 17 USC 512(f), a tortious interference and a defamation. Today's ruling is more comforting for rightsowners, but they shouldn't get too comfortable. There are increasing signs that an overzealous takedown campaign entails significant legal risk.
Posted by Eric at 07:43 AM | Marketing , Search Engines , Trademark | TrackBack
June 13, 2011
17 USC 512(f) Claim Against "Twilight" Studio Survives Motion to Dismiss--Smith v. Summit Entertainment
By Eric Goldman
Smith v. Summit Entertainment LLC, 2011 WL 2200599 (N.D.Ohio June 6, 2011). The THResq story on the complaint filing.
Summit Entertainment produces the Twilight series of movies. Matt Smith, a/k/a Matt Heart, is a musician. He posted a 2002 song of his, "Eternal Knight," to various websites, including YouTube. [You can "enjoy" the song here, but caveat listener. I was clearly not in the target demographic!] Because of the song's age, it predates the Twilight copyrights. However, it appears Smith tried to link the song to the movie series because the album cover used a font similar to the Twilight font and (apparently falsely) claimed the song was "inspired by the twilight saga." The case doesn't mention it, but the album cover also depicts a moon, reinforcing the linkage to Twilight.
Summit submitted takedown notices to the websites where Smith had posted the song. The court indicates that at least some of the takedown notices asserted copyright infringement, but everyone agrees now that Smith didn't infringe any of Summit's copyrights. Therefore, with respect to those takedown notices, the court rejects Summit's motion to dismiss Smith's 17 USC 512(f) claim for bogusly claiming that Smith infringed Summit's copyrights.
Summit counterargued that "it had no choice because some websites had only one notice form—for copyright violations." The court indicates that it might consider that argument later, but not in support of the motion to dismiss. Summit's argument makes me wonder if websites provide insufficiently granular takedown forms. Even so, I'm not sympathetic to Summit's retort. If the online form required Summit to make inaccurate assertions, then it needed to contact the websites some other way. Its failure to do so raises the possibility that Summit engaged in a scorched earth campaign to indiscriminately drive Smith's song off the web one way or another. That could prove to be costly.
The court also survives Smith's claim for intentional interference with contractual relations, basically for disrupting Smith's contract with the websites to publish the song. The court says "If the plaintiff can show that defendant knowingly falsely asserted such interest, he in all likelihood can also show that it knew that such false assertion, once made, would lead to removal of plaintiff’s song from the website. Given the contemporary importance to a creator of an artistic work of unimpeded website display, plaintiff’s claim of resulting damages is not implausible." For the same situations, the court survives the duplicative tortious interference with business relations claim.
The court also survives Smith's defamation claim--basically, a slander of title type claim. Smith's fraud, IIED and copyright infringement claims were dismissed.
17 USC 512(f) claims are notoriously hard to win, but Smith's complaint tells a pretty decent 512(f) story. Smith's progress with the alternative causes of action is also noteworthy.
Posted by Eric at 06:37 AM | Copyright | TrackBack
June 10, 2011
"Revisiting Search Engine Bias" Article Now Online
By Eric Goldman
In 2006, I published an article entitled Search Engine Bias and the Demise of Search Engine Utopianism in the Yale Journal of Law & Technology. The paper was based on my presentation at a December 2005 conference entitled "Regulating Search?" at Yale Law School.
At that time, I expected angst about search engine bias would die down over time as people became more familiar and comfortable with search engines generally. To my surprise, discussions about search engine bias/search "neutrality" are still going strong--perhaps stronger than ever. Next week, I'm speaking on the topic twice in Washington DC. First, on Tuesday, I'm speaking at a TechFreedom event, "Search Engine Regulation: A Solution in Search of a Problem?" Second, on Thursday, I'm speaking at George Mason Law School at a conference, "The Law and Economics of Search Engines and Online Advertising." If you're in the DC area, I hope to see you at one or both events.
In light of all this continued interest, I have posted to SSRN a new essay, "Revisiting Search Engine Bias." This essay supplements my 2006 article by talking about how the industry and technology has changed in the past 5 years and how those changes affect the discussion in my 2006 article. The abstract is below. As always, I welcome your feedback.
One of the arguments in my 2006 article was that search engines (and other information resources) compete on relevancy, and consumers who don't get relevant results will quickly lose confidence that the search engine is solving their informational needs. This argument doesn't completely address concerns that consumers don't know what results they are not seeing, but it does respond directly to critics who believe that search engines may self-promote other services at the expense of their competition. If a search engine self-promotes but the promoted services aren't what consumers want, they'll view those self-promotional efforts critically.
On this topic, Gord Hotchkiss published an interesting article at Search Engine Land called "Why Results Quality is So Important to Search Engines." Gord explains:
We’re none-too-patient in our hunt for usefulness....In our many studies over the years, we’ve found the typical session time, from first scan to first click, to be in the 10 to 12 second range. And in that time, we scan approximately 4 to 7 listings. This provides a clue as to why 3 ads at the top of the page seems to be the upper limit that users will tolerate.
This means search engines have a brief opportunity to make a good impression on consumers. If they don't get the top results right for consumers, and quickly, consumers will grade the experience as a fail.
Gord's research also reinforces the importance of ad relevancy. He describes an A/B test where they replaced the top ad with both a relevant and less relevant ad and kept everything else the same. The site with the less relevant ad fared poorly on several key consumer satisfaction metrics--including this conspicuous statistic:
For the first question – would you use the engine for a similar search, only 5% of the group shown the less relevant ad said yes. 75% of the group shown the relevant ad said they would use the engine again.
This seems to be an excellent cautionary tale for search engines trying to self-promote their own services. If those self-promotions aren't what consumers want, then the risk is high that it will drive away consumers.
While Google's "competition is one click away" argument depends on there, in fact, being a competitor that is only one click away, Gord's research supports the underlying assumption that consumers are finicky and not sticky--and thus Google is in a battle to win its consumers each and every time they visit.
_____
The abstract for my Revisiting Search Engine Bias article:
This essay takes stock of the search engine industry circa 2011. It recaps four important changes over the past half-decade:
1) Google now dominates the search engine industry, but it faces emerging competition from entities that are not traditional search engines.
2) Google has changed its search results pages substantially.
3) Google has expanded its proprietary service offerings, which it promotes on its search results page.
4) The emergence of Net Neutrality as a policy issue has spurred consideration of a “Search Neutrality” analogue.
The essay concludes with some observations about how these changes affect the discussion about search engine bias.
Posted by Eric at 10:30 AM | Search Engines | TrackBack
June 09, 2011
Trademark Owner Sues Over Alleged Twittersquatting--Coventry First, LLC v. Does
[Post by Venkat Balasubramani]
Coventry First, LLC v. Does, 11-cv-03700-JS (complaint filed June 7, 2011)
The last big tussle over twittersquatting, and infringement through use of a trademark or name in a twitter handle was between Tony La Russa and the person who operated a fake account in La Russa's name. La Russa sued Twitter but his lawsuit ended in a whimper, when he dropped the complaint. ("This Time, Tony La Russa Drops Twitter Case for Real.")
A couple of days ago, Coventry First, "a leading company in the life settlement industry" brought suit against unnamed defendants over the @coventryfirst twitter account. It has not named Twitter and looks like it's going after the person(s) behind the account. You can access a copy of the complaint here, and Exhibit A, which contains a screenshot of the account here. You don't see many lawsuits of this nature so this one surprised me.
The part that shocked me is that the twitter account was recently established and had 14 tweets and 5 followers at the time the complaint was filed (and now has 3 followers). The account has minimal activity and likely no effect whatsoever on Coventry First's business and affairs. It probably comes up when you do a search for "Coventry First," but it doesn't look like it's garnered much interest. There's also no indication from the complaint that Coventry First tried to utilize Twitter's complaint mechanism or otherwise brought up any issues it had with the person who runs the @coventryfirst Twitter account.
Coventry First's complaint suffers from many of the failings as La Russa's or any other complaint against a squatter or infringer on Twitter--there is no indication that the allegedly infringing Twitter account is being used for any commercial purpose. @coventryfirst is not selling or promoting any products or services. It's tough to see how this can amount to trademark infringement or unfair competition under the Lanham Act. In addition to trademark claims, Coventry First also asserts a claim for unjust enrichment. It's entirely unclear how anything @coventryfirst does amounts to unjust enrichment. Twitter accounts aren't exactly moneymakers on their own, and if anything, the person behind @coventryfirst has spent a few hours setting up the account and has generated zero dollars from it.
Coventry First also included a claim under the cybersquatting statute (the ACPA), but the ACPA only applies to second level domain names, and a user-name assigned by Twitter clearly does not fall into this category since Twitter is not a domain name registrar. The ACPA claim is a non-starter. (See Professor Goldman's post on Goforit v. Digimedia: "Wildcarding Subdomains Is OK; Reverse Domain Name Hijacking Isn't.")
This leaves Coventry First's claim for dilution or tarnishment. To bring a claim for dilution or tarnishment, Coventry First would have to show that its mark is "famous" (and distinctive). I wish them good luck with that.
Unless there's something that did not make its way into the complaint, this looks like a drastic overreaction on Coventry First's part. It may or may not result in action being taken by Twitter or by the person behind the @coventryfirst, account, but at first glance, Coventry First's legal claims do not appear particularly strong.
Added (additional coverage):
"Insurer sues Twitter imposter who cheers death, mayhem" (Reuters)
"Can a Twitter username be cybersquatting? One insurance company thinks so." (Domain Name Wire)
Posted by Venkat at 08:05 PM | Trademark
Buying Personal Names for Keyword Ads Isn't a Publicity Rights Violation--Habush v. Cannon
By Eric Goldman
Habush v. Cannon, 09-CV-18149 (Wis. Cir. Ct. June 8, 2011). The June 2010 denial of the motion to dismiss. A good overview article from when the complaint was filed.
Introduction
A Wisconsin court has said that a keyword advertiser didn't violate publicity rights by buying a person’s name for keyword advertising. Although the propriety of keyword advertising on a third party trademark has been hotly contested since at least 2004, I believe this is the first ruling addressing the publicity rights issue.
The legal novelty of the ruling makes it an important early precedent, but the opinion is not especially persuasive. To me, the judge seemed overwhelmed by both the challenging legal doctrines and technology at issue in this case. In response, the judge issued one of the most citation-free opinions of its length that I have ever seen. This is not a scholarly opinion, and that makes less likely to influence other courts. It also means that an appellate court will likely give this opinion relatively low deference.
The fact that the court dismissed the lawsuit is, on its face, good news for both search engines and advertisers. However, I thought the judge's arguments were questionable and, at least at one crucial juncture, internally inconsistent. The ruling turned on a specific word in the Wisconsin publicity rights statute, and courts applying other statutes can easily distinguish this opinion if they want to rule for the plaintiffs. Therefore, this ruling could morph from a defense win into a plaintiff's friend depending on how future courts rely on and interpret it.
Facts
The case involves two of the highest profile and most successful personal injury law firms in Wisconsin. The defendants bought two of their competitors' last names ("Habush" and "Rottier") for keyword ads at Google, Bing and Yahoo, in some cases bidding enough to ensure the first ad position. The ad copy didn't display those last names.
The plaintiffs sought an injunction. However, in that sense, the plaintiffs may have gotten a de facto extrajudicial win. It appears the defendants have stopped the ad campaign. Neither the court nor I could replicate the ads any more.
The Prima Facie Case
The court holds that the keyword ad buys satisfied the prima facie elements of a publicity rights claim but one. Among other arguments, the defendants argued it didn’t "use" the name "for advertising purposes or purposes of trade." This argument recalls the old and loquacious trademark battles over what constitutes a "use in commerce." The non-"use" defense doesn't get any more traction here than it did in the trademark cases. The court thinks it’s irrelevant that the "use" is invisible to consumers: "the simple, plain English meaning of the word ‘use’ certainly includes the purchase of a name to trigger results from a computer algorithm." Thus, the court concludes:
the defendants used plaintiffs‘ names for advertising and trade purposes without the plaintiffs‘ consent. Thus, plaintiffs have established that, under Wis. Stat. § 995.50, defendants invaded their privacy.
"Unreasonably"
It looks like the plaintiffs are home free. But then, the court says that the plaintiffs must also show that the defendant's use was "unreasonable." This appears to have been a contentious battle over the prima facie requirements; see lengthy FN9 and this transcript from March 2010.
The court then explains why a "privacy invasion" by buying keywords ads was reasonable in this case, including:
* positioning keyword ads by organic results is analogous to competitive adjacencies, such as competitors locating their stores next to each other and advertisers bidding against each other for prime positions in Yellow Pages. In the trademark context, I thoroughly examined these arguments in my uncited Brand Spillovers article. The judge sees the defendant lawyers' ad buys as "energetic business competition." Kudos to the judge for recognizing that keyword ads are usurping lawyers' Yellow Pages ads.
* the specific names here (Habush and Rottier) are part of their law firm's name, and the court says their publicity rights effectively merge with the firm's trademark. In other words, a person searching for "Habush" might be looking for the firm, not the lawyer, and it's impossible to separate those searcher motivations.
* users aren't confused by keyword ads (nor did the plaintiffs show any confused consumers), consumers scan the results page to find what they are looking for, and any confusion they experience will be brief (no acknowledgement of the abominable initial interest confusion doctrine). Further, "Internet users, and consumers in general, have learned to be skeptical about the first impression they may receive from a web page or commercial advertisement." If only that were unequivocally true!
* search engines are evolving, and the court can't figure out what an injunction would look like given how search engine user interfaces might change.
* no attorney ethics rules have banned these keyword advertising practice.
All of these are interesting and meritorious public policy considerations. None of them got any meaningful empirical or legal precedent support for the judge's arguments. An appeals court will feel free to substitute their own considerations for the judge’s proffered rationales.
Also, notice the problem with this court's solution. Other publicity rights statutes may not have the word "unreasonable" in their statutory language, and common law publicity rights doctrines may not require "unreasonableness" either. As a result, where the publicity rights doctrine doesn’t require defendants to engage in “unreasonable” usage, this ruling says pretty clearly that competitively buying a person's name is a publicity rights violation—in other words, what could be a clean win for the plaintiffs. I don't think this judge intends that result, but it’s the implications of the judge’s doctrinal solution.
Defenses
The court rejected the unclean hands defense. It appears that the plaintiffs' firm had bought category ads in some Yellow Pages sites, which caused their ads to show up on the defendants' firm listings in those categories. The court logically distinguishes category ads from keyword ads, though the 9th Circuit's Playboy v. Netscape panel treated them as equivalent.
The court also rejected a First Amendment defense because buying keyword ads is conduct, not speech: "This lawsuit involves the hidden process which causes the link to appear at all. That process is content neutral. It is not information; nor is it a message of any sort. It is not speech, commercial or otherwise."
What??? First, the court ahistorically ignores the 1990s-era rulings about encryption software and the First Amendment. Second, I believe this is internally inconsistent with the court's conclusion that the publicity rights statute applies to invisible activity (i.e., a use of a person’s name that a consumer never sees). The court seems to be saying that conduct without speech can constitute a publicity rights violation, and I don't see how that's possible. My position is that publicity rights violations necessarily require the defendant to engage in speech; so conduct without speech can never satisfy the statutory requirements.
Implications
This opinion got to the right result, but its reasoning is shaky and the opinion was poorly constructed and inadequately cited. The plaintiffs have already vowed to appeal—a fact the judge anticipated as you can see in the March 10, 2010 transcript. (After all, litigators litigate—and good litigators savor the challenge). Given the opinion’s weakness, I would be surprised if the appellate court relied very heavily on this opinion's analysis. However, I hope the appellate court recognizes that the judge's policy concerns were spot-on and finds a way to respect those concerns.
I can't take the lead on an amicus brief in the appeal, but I would be interested in actively supporting the effort. Contact me if you would be interested in working together on one.
Irrespective of what happens on appeal, I can't imagine this opinion will be the last word on publicity rights and keyword advertising. If you are looking for a paper topic, I think that issue offers a few promising angles to explore.
Finally, this opinion complements the uncited Stayart v. Google, which also involved alleged violations of Wisconsin's publicity rights statute and ended in favor of the defense. The Stayart v. Yahoo 7th Circuit opinion turned on the Lanham Act, but it too is relevant. I don’t have a good explanation why Wisconsans are trail-blazing litigation over search engine use of their names.
Posted by Eric at 07:04 AM | Marketing , Publicity/Privacy Rights , Search Engines | TrackBack
June 08, 2011
April-May 2011 Quick Links, Part 4
By Eric Goldman
Social Media
* The footballer superinjunction (for Ryan Giggs) was much bigger news in Britain than it was here. From my perspective, it was just another effort by a foreign government to squelch a Silicon Valley Internet company. The episode made it clear that superinjunctions (an injunction against discussing the injunction) are farcical in the modern age; the network hates informational asymmetries, and news information is a paradigmatic example of "information that wants to be free." We also learned that superinjunctions run strongly against US free speech norms. It also reminded us that people are still experiencing angst about territorial laws applied to a geographically borderless network. More on this episode from EFF and Adam Thierer.
* Yoder v. University of Louisville, 2011 WL 1345051 (6th Cir. April 8, 2011). The 6th Circuit overturned Yoder v. University of Louisville on procedural grounds and remanded to the district court to try again. My prior blog post.
* Beahm v Adecco complaint. Class action wage-and-hour lawsuit against Findlaw for how it handles its staff bloggers. More.
* In re Marriage of Pierce and Arreola, 2011 WL 1902851 (Cal. App. Ct. May 20, 2011): “Pierce's appeal did correctly point out that Arreola found and presented to the trial court several statements published by Pierce on Internet sites. However, Pierce failed to explain how, under any statute or law, the mere retrieval by Arreola of statements or articles that he had posted on a public website or blog amounted to illegally “stalking” him or why such activity entitled him to a protective order.”
* Facebook using filtering technology to combat child pornography.
* Cardone v. Cardone, 2011 WL 1566992 (Conn. Super. Ct. April 4, 2011). Ex-wife sees her alimony cut after she blogs about her boat trips in the Caribbean with her hitherto-undisclosed new boyfriend.
* McKee v. Laurion. A judge dismissed a lawsuit by a Duluth doctor who claimed he was defamed by a man who publicly criticized his bedside manner. News report. A highlight from the opinion: “Taken as a whole, the statements in this case appear to be nothing more or less than one man’s description of shock at the way he and in particular his father were treated by a physician.”
* A battle is taking place in Israel over Google/Blogger’s liability for a blog that criticizes an Israeli university.
* Twitter and Facebook both don’t like RSS. Is RSS dying?
* The Wikipedia community’s xenophobia strikes again: many initial posts on a new user’s talk page are negative feedback, not compliments.
* A professor was awarded tenure based in part on his Wikipedia contributions.
* Facebook requiring pharmaceutical Facebook fan pages to accept user comments.
* U.S. v. Lindeman, 2011 WL 1869924 (W.D. La. May 13, 2011). Defendant can’t move location of jury trial using only an undetailed assertion that blogs are talking about the case.
* Rakofsky v. the Internet. Many legal blogs criticized a lawyer’s courtroom performance, so he sued several dozen of them. Suing a single legal blogger is rarely a good idea; suing a gaggle of them seems to invite a massive blowback.
* Unmasking lawsuit rejected because no one takes anonymous blogs seriously.
* More bad news for Above the Law: Huon v. Above the Law complaint. Article. It’s dangerous blogging about lawyers. They are not shy about suing.
eBay
* Wired: “Going, Going, Gone: Who Killed the Internet Auction?” Good article on the rise and fall of variable prices on the Internet. “Today online auctions are a niche service, whereas a decade ago it seemed to many as if they were going to transform the way everything was bought and sold.”
* Dismissed again. Burgess v. Ebay, Inc., 2011 WL 1344167 (D. Mass. April 8, 2011)
* Ninth Circuit affirms dismissal of an antitrust challenge to eBay’s fees. In re eBay Seller Antitrust Litigation, 2011 WL 1749206 (9th Cir. 2011).
* Universal Grading Service v. eBay, 2011 WL 846060 (N.D. Cal. March 8, 2011). eBay defeats an antitrust challenge to its “Counterfeit Currency and Stamps Policy.” Related blog post.
Miscellaneous
* Classic Posner opinion: a live online video display of masturbation isn't "sexual activity" for purposes of the applicable statute.
* Ever wonder who writes those term papers advertised on Craigslist? It could be a (suspended) lawyer.
* The FBI did a major crackdown on Internet poker sites. The indictment. The lowdown on defense lawyers.
* Hawaii is considering holding travel guidebooks liable for recommending dangerous attractions. Another law that would be clearly preempted by the First Amendment.
* California Lawyer article on anti-spam litigant Dan Balsam asking if he's a consumer crusader or "spambulance" chaser. In the article, Ken Magill takes a stand, and he doesn’t mince words.
* South Park: HUMANCENTiPAD: Kyle clicks “I agree” to Apple’s iTunes T&Cs he didn’t read, and intensely scatalogical outcomes ensue.
* Brad Stone on the emergence of markets for "private" company stock.
* AT&T Mobility LLC v. Concepcion, 563 U. S. ____ (2011). Will this lead to a revitalization of arbitration clauses as an anti-class action technique?
* The FTC proudly announces that it busted a consumer who provided a bogus testimonial.
Posted by Eric at 03:08 PM | Content Regulation | TrackBack
June 07, 2011
Site Moderators Weren't Agents of the Site--Cornelius v. BodyBuilding.com
By Eric Goldman
Cornelius v. BodyBuilding.com, LLC, 2011 WL 2160358 (D. Idaho June 1, 2011)
This case involves a nutritional supplement called Syntrax, which is available for sale on an e-commerce site BodyBuilding.com. The site supports users comments and message boards and deploys user-moderators to oversee the conversations. Moderators "may, among other things, edit and delete posts, move threads, and ban forum users for violations of the forum’s terms and conditions." Moderators self-nominate but are elected by the community. Moderators don't get paid, but they get a discount for onsite purchases and a free trip to Boise.
This ruling involves three posts made by user "deserusan" and one by "INGENIUM" that made critical remarks about Syntrax. A Syntrax competitor, Gaspari, later hired deserusan as a part-time CSR, and deserusan disclosed that employment status in his onsite signature block. However, perhaps unexpectedly, when deserusan updated his signature block, the update automatically propagated to all of deserusan's old posts, thus making it appear that deserusan was bashing Syntrax as an official employee of a competitor. Meanwhile, INGENIUM subsequently became an onsite moderator, so his legacy posts (including the one at issue) got the elevated visibility given to posts by moderators, even though it was written when INGENIUM wasn't a moderator.
Syntrax initially sued more than 15 defendants over these posts. The case has generated a number of interesting and confused rulings along the way, and we've blogged it three times before:
* "Website Privacy Policy Supports Pseudonymous Poster's Expectation of Privacy -- Cornelius v. Deluca"
* "Troubling Ruling About 47 USC 230 and Moderators--Cornelius v. DeLuca" (which included the classic analysis of whether calling someone a "Cornholio" is defamatory)
* "Online Retailer Isn't Liable for User Comments--Cornelius v. DeLuca"
Gaspari and BodyBuilding.com are the only defendants remaining, and in this ruling, the court grants both summary judgment.
Regarding Gaspari's liability, deserusan had made the offending posts before becoming an employee, but the court had previously ruled that it could be liable if "Plaintiffs could prove that Gaspari intentionally and unreasonably failed to remove the allegedly defamatory posts after notice and opportunity to do so." The court concludes that Gaspari lacked adequate knowledge. It didn't know about the posts when hiring deserusan, it didn't know he changed his signature block or that doing so would affect old posts, and it didn't control the posts. Also, similar to Ripoff Report, BodyBuilding.com restricted its authors' ability to delete their old posts.
[In our exchange about this post in draft mode, Venkat wondered about the legal test the court used here. This is the standard legal test for, say, a business that leaves a defamatory comment posted on the bathroom wall. I don't know if the test makes sense in the context of an employer reviewing a new employee's old online activities, but the court gets to the right place either way.]
Regarding BodyBuilding.com's liability for the remaining claim of Lanham Act unfair competition, the plaintiff contends that "Bodybuilding.com endorsed or “adopted” INGENIUM’s statement – and therefore became responsible for it – when it failed to remove the post after INGENIUM became a moderator." This should have been an easy 47 USC 230 dismissal--even if the post was by a moderator, the website is never liable for it--but the court had previously ruled otherwise. This led to an inquiry whether the moderator was the website's agent.
The court concludes that moderators weren't acting within any agency scope when posting online, and nothing created apparent authority for those posts. Separately, the court says there may not be any damages because it's unclear if anyone saw the post during INGENIUM's time as a moderator.
With all of the facts on the table, it's easy to see why this case took so many rulings to resolve. Users changed their status to employees/moderators, which in turn changed how their posts were presented. It takes a little while to unpeel these layers. On the other hand, this shows why 47 USC 230 is so helpful. If the court had taken the position all along that a moderator's post was third party content, the case would have been tossed a long time ago, and the parties would have saved a lot of time and money.
The court reached a good place in declining to hold that agency law made the site responsible for its moderator's post. However, even if 47 USC 230 didn't apply, the entire inquiry was flawed because independent user-moderators should almost never be considered agents of the site, and therefore courts should screen out agency arguments much earlier in the process. We don't get too many agency arguments as bypasses to 47 USC 230, but this case leaves plaintiffs with some reason to explore those doctrinal interstices.
Rebecca is also covering this suit.
Posted by Eric at 09:28 AM | Derivative Liability , E-Commerce , Marketing | TrackBack
June 06, 2011
April-May 2011 Quick Links, Part 3
By Eric Goldman
Search Engines
* Google is working on a deal with the DOJ over illegal pharmaceutical ads and has set aside $500M for fines. Some background on the problem. Google isn’t the only search engine with problematic pharmaceutical ads. Will the other companies be getting the DOJ’s call too?
* Kevin Kelly: "This is the great gift of the free web. It has made some goods so cheap to acquire -- like answers, encyclopedia facts, directions, weather reports, recommendations -- that we generate entirely new realms of activity by doing far more of them. More is different. We ask so many more questions than before that this ask-and-answer is something new. Have you ever wondered where all our questions were before search engines? We didn't even bother to ask them."
* Vitaly Borker, who tried to game Google’s algorithm by seeking out bad consumer reviews, will be going to prison.
* Google won ALM's Best Legal Department in 2011. This article has a great inside look at Google’s legal department and how it makes decisions.
* More winners and losers from Google's algorithmic update.
* Latest antitrust enforcement challenge for Google: South Korea.
* More search censorship in Argentina. The ruling in Spanish.
* Yahoo changed its search log retention period from 3 months to 18.
* Market America is appealing its court loss to Google to the Third Circuit. Most recent blog post.
* Apple jiggers with the ranking algorithm for apps in its app store.
* CNET: “Bing head says 'traditional search' is dying.”
* Realcomp II, Ltd v. FTC, 11a0084p.06 (6th Cir. April 6, 2011). A monopolistic real estate electronic network violated antitrust laws when it provided only limited syndication of real estate listings subject to non-standard brokerage fee arrangements. Implications for Google?
* JC Penney’s 90 day timeout from Google for black hat SEO appears to be over.
* Gord Hotchkiss: “Why Results Quality Is So Important to Search Engines”
Privacy and Security
* Facebook tried to conduct a whisper campaign to bash Google on privacy. That backfired. Steven Levy: “Facebook’s Stealth Attack on Google Exposes Its Own Privacy Problem.” Danny Sullivan: “How Facebook Enables The Google Social “Scraping” It’s Upset About.”
* Not everyone loves the WSJ “What They Know” series.
* Kate Kaye of ClickZ on which of the half-dozen Congressional privacy bills the ad industry should favor.
* WSJ: Schmidt: Google Trying to Simplify Privacy Policies, but Lawyers Get In the Way.
* Less than 1% of Firefox users are using Do Not Track TPLs.
* Third party misuse of an open wifi leads to an unhappy wake-up call for the wifi owner.
* FTC gets $3M settlement from Playdom for COPPA violations. Among other purported defects, Playdom asked kids their ages and purported to bounce underage kids, but gave those kids the option to proceed just by checking a box rather than obtaining verifiable parental consent.
* An IP address can now pin down your location to within a half mile.
* The Sony Playstation hack of 70M member records will probably make my year-end list of top 10 Internet law developments. This event will be horking the law for the better part of a decade.
* EFF on how the Kerry-McCain privacy bill would preempt state law.
* Apple tried to squash the Mac Defender malware in its latest operating system release, but didn't get very far. Microsoft has made such benevolent dictatorship decisions before as well.
Publicity Rights and Trade Secrets
* Reality TV show participants were sued for prematurely revealing the show's outcome (in a lawsuit over the show's alleged failure to pay). See my first year Contract Law problem on maintaining secrecy in reality TV shows.
* Stars on the red carpet grant an implied license to their publicity rights in photos taken there.
* Basketball player Chris Bosh sues the mother of his child to prevent her from appearing in a reality TV show “Basketball Wives.”
* Larry Montz v. Pilgrim Film and Television, 08-56954 (9th Cir. May 4, 2011). In an idea submission case, “We again hold that copyright law does not preempt a contract claim where plaintiff alleges a bilateral expectation that he would be compensated for use of the idea, the essential element of a Desny claim that separates it from preempted claims for the use of copyrighted material.” The panel also reversed the district court conclusion that a “breach of confidence” claim was preempted.
* Many publicity rights complaints over Facebook's "Sponsored Stories": Fraley v. Facebook; JN v Facebook; and EKD v. Facebook. Filings in the Cohen v. Facebook case: motion to dismiss and supplemental brief on 47 USC 230.
* Litigation over Donald Trump’s licensing of his name to home developers. Interesting issues about a trademark licensor’s liability for a licensee’s activity and liability by endorsers for bum offerings.
* MGA spent $130M in its legal battle with Mattel.
Posted by Eric at 07:19 AM | Privacy/Security , Publicity/Privacy Rights , Search Engines , Trade Secrets | TrackBack
June 05, 2011
Forum Selection Clause in "Submerged" Terms of Service Presumptively Unenforceable -- Hoffman v. Supplements Togo
[Post by Venkat Balasubramani]
Hoffman v. Supplements Togo Mgmt. LLC, A-5022-09T3 (N.J. Ct. App.; May 13, 2011)
Plaintiff who happened to be a lawyer brought putative class claims against Supplements Togo, alleging that the "Erection MD" "dietary supplement" sold via defendants' website was not as performance enhancing as promised. The trial court dismissed the lawsuit, among other things, on the basis of a forum selection clause contained in the website's online terms. The appeals court reverses, finding that the forum selection clause was buried on the website and thus not presumptively enforceable.
Background: The background facts are somewhat interesting, but do not turn out to be particularly relevant to the court's analysis. As the court notes, the plaintiff has brought other lawsuits against online retailers asserting consumer protection violations. Defendants are a group of related companies which were started in the early 1980s by a weightlifting enthusiast. (The precise nature of the entities is unclear, but the court presumes a relationship between the various entities.) Defendants sold "Erection MD" in a bottle form for $59.99 per bottle. Their website said that Erection MD consisted of a proprietary blend, and promised numerous benefits from taking this product. The website also contained a disclaimer which stated that the information on the website "reflects the opinion of . . . staff and should not be interpreted as medical advice."
Plaintiff ordered one of these bottles, did not allege that he tried them out, but brought suit, arguing that defendants' representations regarding the product violated New Jersey's consumer protection laws. He argued that defendants were required under this law to substantiate claims regarding the "safety, performance, availability, efficiency, quality or price" of any advertised merchandise, and that defendants' failure to have any such substantiation renders their marketing practices a per se violation of the statute.
The trial court found that plaintiff:
made a conscious decision to order the product thereby manifesting both an agreement to purchase the product at the price offered and an acceptance of all relevant terms including that all litigation would be in Nevada.
The trial court also found that plaintiff failed to adequately allege damages--i.e., plaintiff did not allege that he used the product or that he asked for his money back. The trial court relied in part on the fact that plaintiff was "an experienced attorney" and "a repeat litigator in the field of Consumer Act Fraud Claims."
Discussion: The court ultimately reverses on the forum selection issue and its opinion contains a fairly useful summary of the basic principles at play:
as . . . internet transactions have become more prevalent, so too have legal disputes proliferated over the contractual rights created in cyberspace between buyers and sellers. The present case exemplifies such a modern-day dispute, raising the question of whether the presentation of the forum selection clause on defendants' website suffices, as a matter of law, to bind internet purchasers of defendants' merchandise. To resolve that issue in this contemporary setting, we consult basic and long-standing principles of law and jurisdiction.
The court notes that in order to be bound by a forum selection clause (or any other online contractual term) "there must have been a meeting of minds of the parties." Forum selection clauses are enforceable when they are presented "in a fair and forthright fashion." Where the online consumer must view the contractual term in order to complete the transaction, the term will be valid and enforceable. There is no particular placement necessary for a forum selection clause--the only requirement is that the party against whom the clause is sought to be enforced must have "reasonable notice." The court contrasted the clause in Caspi v. Microsoft, where the consumer had to click "I Agree" in order to complete the transaction, with Specht v. Netscape. in Specht, the online agreement contained an arbitration clause, but the clause "was located well below an icon inviting subscribers to download" the program. The Second Circuit found that the arbitration clause at issue in Specht was unenforceable because the plaintiffs were not provided "reasonable notice." The court in this case also distinguishes between "clickwrap" agreements (where users manifest assent by clicking "I Agree") with "browsewrap agreements, where the users ostensibly agree with online terms merely by browsing. The agreement in this case can be characterized as a browsewrap.
Here, the available evidence showed that consumers could complete the transaction without viewing the forum selection clause. In fact, the court found that:
the forum selection clause was unreasonably masked from the view of prospective purchasers because of its circuitous mode of presentation.
The court does not credit defendants' argument that plaintiff should have reasonably looked in to the applicable terms, and also does not take into account plaintiff's sophistication or experience in determining that the forum selection clause was unreasonably buried. On the other hand, the court also rejects plaintiff's argument that in order to be enforceable, the website had to have some affirmative manifestation of assent (other than completing the transaction). In the end the court states that the forum selection clause is "presumptively unenforceable," but also that defendants can overcome this presumption if they can show that plaintiff actually read and agreed to the terms.
___
The dust has long settled--online agreements are ordinarily enforceable. This case is a useful reminder that traditional contract principles still apply, and as a website, you should do everything you can to preempt the "I did not read the terms and could not agree to them" argument. In particular, as a merchant, there is no real excuse for not doing this. Consumers have to take certain steps to complete the transaction, and a simple check the box at the penultimate stage that says "I have read and agreed to the terms" should do the trick. This was the result in Feldman v. Google, where Google had a "leak proof" end user agreement ("Google AdWords Contract Upheld (Again)"): At the bottom of the webpage, viewable without scrolling down, was a box and the words, “Yes, I agree to the above terms and conditions.” The advertiser had to have clicked on this box in order to proceed to the next step. If the advertiser did not click on “Yes, I agree ...” and instead tried to click the “Continue” button at the bottom of the webpage, the advertiser would have been returned to the same page and could not advance to the next step. If the advertiser did not agree to the AdWords contract, he could not activate his account, place any ads, or incur any charges. Plaintiff had an account activated. He placed ads and charges were incurred.
This was also the result in Scherillo v. Dun & Bradstreet, where the court rejected the plaintiff's far-fetched argument as to why the agreement in that case was not "leak proof," even though there was a box which plaintiff had to check in order to complete the registration. ("Clickthrough Agreement With Acknowledgement Checkbox Enforced.")
There's some question as to whether particular clauses need to be highlighted, and the court's opinion here is not crystal clear as to whether forum selection clauses are more closely scrutinized in their presentation. (I think the answer is no, but there was some ambivalence in the court's opinion.) At the end of the day, the key is to make sure that no clause is buried. If the agreement was presented in a leak proof fashion in this case, I'm not sure it would have mattered either way. The plaintiff's argument would have received the same chilly reception as it did in Feldman. The argument that "although I'm a lawyer I didn't actually read the agreement" does not tend to resonate.
Posted by Venkat at 11:15 AM | Licensing/Contracts
June 04, 2011
NebuAd Deep Packet Inspection Lawsuits Sputter -- Deering v. CenturyTel & Green v. Cable One
[Post by Venkat Balasubramani]
The alleged monitoring and use of ISP subscribers' internet activity for advertisement targeting purposes by NebuAd spawned a slew of class actions. NebuAd shut down, leaving plaintiffs to go after the individual ISPs who partnered with NebuAd. ("Turning Out The Lights: NebuAd.") Plaintiffs have not had much luck with their claims against the ISPs.
In Mortensen v. Bresnan, the court dismissed the ECPA and state law privacy claims but left the Computer Fraud and Abuse Act claims intact. ("Deep Packet Inspection (NebuAd) Litigation: Court Dismisses ECPA Claim but CFAA Claim Continues.") As an update to that case, the court ruled that the claims were not subject to arbitration, but the defendant-ISP moved for reconsideration of this ruling in light of AT&T Mobility LLC v. Concepcion, the recent Supreme Court case where the Court held that the Federal Arbitration Act preempts state law unconscionability arguments which are applied disproportionately to invalidate arbitration agreements. You can access the motion for reconsideration here.
Deering v. Centurytel, Inc.: In Deering, the court came to the same conclusion as it did in Bresnan, dismissing the privacy and ECPA claims on the basis of the end user agreement. The court notes that as in Bresnan, the ISP here:
also provided notice of the NebuAd agreement. Specifically, an email to its subscribers was sent informing them that the Privacy Policy had been updated and providing a link to the updated Privacy Policy. Under the heading, "Online Advertising and Third Party Ad Servers," CenturyTel customers were notified that "CenturyTel partners with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. This delivery of advertisements may be facilitated by the serving of ad tags outside the publisher's existing HTML code. These advertisements will be based on those users [sic] anonymous surfing behavior while they are online." . . . CenturyTel customers were further notified of their right to opt out of receiving targeted advertisements by clicking on an imbedded link. The "Online Advertising and Third Party Ad Servers" section also contained a link to NebuAd's website.
I'm a little stumped by the court's reliance on the language in the privacy policy. The court cites to CenturyTel's privacy policy which at the time said that:
personal information collected [by CenturyTel] may include, without limitation, name, address, telephone number, personal computer specifications, e-mail address, user IDs and passwords, billing and transaction information, credit card information, and contact preferences.
It looks like this describes information collected by CenturyTel, as well as information provided to CenturyTel by its users. But it still doesn't come out and say that CenturyTel or a third party track the contents of users' communications. As described by the court, the policy also had standard "cookies and web beacons" language which made clear that CenturyTel used cookies and web beacons to target. This would put users on notice that their clickstream would be used for targeting purposes, but would not alert them to the fact that their traffic is being routed through a third party server or that the contents of their web surfing activity would be exposed to a third party (which is what NebuAd is accused of doing).
CenturyTel sent an email to its users alerting them of an update to CenturyTel's privacy policy, but the email only said that "advertisements will be based on . . . [the] anonymous surfing behavior" of end users." The court does not cite to the NebuAd agreement, but nothing in the CenturyTel disclosures look like they clearly state that the contents of users' communications would be viewable and accessible by a third party. The use of "anonymous surfing" language if anything would tend to minimize the effect of any disclosures in the NebuAd agreement or would create a conflict between the two. How exactly NebuAd was monitoring and targeting is not clear, but the disclosure could have certainly been much clearer, and the court doesn't delve into the details here.
More than anything, this ruling seems to reflect the court's antipathy towards privacy class actions or the motivations behind them. The subtext of the ruling is that there is no "there" there. The notice provided by the ISPs and NebuAd may not have been perfect, but the court had to be influenced by the fact that the plaintiffs were told about some monitoring and given the ability to opt-out. No one took advantage of this or alleged that they followed up.
The court also has harsh words for plaintiff's counsel, finding that it is "telling, and somewhat troubling" that the plaintiff did not mention the Bresnan case, "even though the same lawyers appear to have filed very similar complaints in these cases."
Green v. Cable One: In addition to Bresnan and CenturyTel there's another NebuAd case where plaintiff's claim went sideways (this happened in late February and I missed it at the time). In Green v. Cable One, plaintiff brought claims against Cable One based on alleged monitoring by NebuAd. According to a post at Wildman Harrold, here's what happened next:
Plaintiff filed a motion for class certification in August 2010. Cable One served a demand to copy and inspect plaintiff’s computer. The plaintiff then voluntarily dismissed with prejudice three of the four claims that depended upon allegations of harm/damage, leaving only the claim for violations of the ECPA remaining. (Dkt 43, October 2010). On November 9, 2010, the named plaintiff Green was deposed. During that deposition, he testified that he only accessed his Cable One account from one computer/IP address located in Alabama. Cable One’s records revealed that the Internet subscription had been canceled for that home address on November 19, 2007, one day before the NebuAd ad serving technology went into use by Cable One.
Cable One filed a motion to dismiss for lack of standing. In response, plaintiff filed a "non-opposition" with a curious explanation:
Plaintiff conferred with Defendants in effort to reach a stipulation on the Motion to Dismiss in an effort to minimize the use of judicial resources. Defendants requested the Plaintiffs file a Notice of Non-Opposition instead. Therefore, Plaintiff submits this Notice of Non-Opposition to Defendant's Motion to Dismiss.
Say what? The fact that the named plaintiff dismissed a chunk of the claims in response to a request to inspect plaintiff's computer is telling. The fact that plaintiff agreed to dismiss the claims in their entirety when Cable One argued that plaintiff cancelled his Cable One subscription the day before NebuAd filtering was implemented just demonstrates that (assuming what Cable One says its true), there was no way that plaintiff could have suffered any harm as a result of the alleged filtering. This points in the direction that courts' skepticism towards these lawsuits may be entirely warranted.
Posted by Venkat at 01:10 PM | Licensing/Contracts , Privacy/Security
TheDirty Defeats Privacy Invasion Lawsuit--Dyer v. Dirty World
By Eric Goldman
Dyer v. Dirty World LLC, 2011 WL 2173900 (D. Ariz. June 2, 2011). The summary judgment motion, Dyer's opposition and thedirty's reply.
An ex-boyfriend submitted to thedirty.com 2 photos of Dyer in a bikini and a comment that Dyer gave him and a buddy an STD. Nik of thedirty posted, in response to his standard "Would You?" question, "No it looks like she just had a baby, and if a girl is willing to take 2 guys on then I suggest you use a rubber." Dyer sued thedirty for public disclosure of private facts and false light. For reasons that aren't explained, Dyer didn't sue for copyright infringement for the republished photos (although I vaguely remember these may be self-portraits) or defamation (even though the complaint repeatedly alleges that the statements are false); nor does it seem that she sued the ex-boyfriend either.
Another oddity: the final posting on thedirty had three disparate information pieces--the photos, the submitted comments, and Nik's comments--but the court appears only to evaluate Nik's comments, which are characteristically acerbic but comparatively innocuous. Nik only advanced two statements: an opinion about Dyer's looks and a recommendation for safe sex practices when engaging multiple sex partners. As a result, the court says that Nik didn't make any statements of fact. The court concludes "the Court finds that the general tenor of Defendant’s website makes clear that the two statements at issue represent Mr. Ritchie’s personal viewpoint, rather than an assertion of fact."
However, the court doesn't explain why it effectively ignores thedirty's republication of the photos and the submitted comments. In FN2, the court says it's not relying on 47 USC 230, but if that were really true, it seems that the court should have considered all three information pieces, not just Nik's own words. So it appears that this is a 47 USC 230 case where the court denies it's relying on 47 USC 230.
Prior coverage of a different thedirty case: "thedirty.com's 47 USC 230 Defense Rejected on Motion to Dismiss--Jones v. Dirty World Entertainment"
Posted by Eric at 09:43 AM | Derivative Liability , Publicity/Privacy Rights | TrackBack
June 02, 2011
Ripoff Report Gets Another Big 47 USC 230 Win--Asia Economic Institute v. Xcentric
By Eric Goldman
Asia Economic Institute v. Xcentric Ventures LLC, 2:10-cv-01360-SVW -PJW (C.D. Cal. May 4, 2011)
The AEI Ruling
Keeping alive its truly remarkable winning streak, Ripoff Report got yet another decisive 47 USC 230 victory. This challenge came from Asia Economic Institute (AEI), suing over 6 posts to Ripoff Report from former AEI employees complaining about the work environment. The case raised some eyebrows last summer when the judge gave AEI a chance to plead a RICO claim. That ruling got some plaintiffs excited that a conspiracy theory might finally expose Ripoff Report to liability. No matter, as it turns out, because AEI still lost on summary judgment.
General Applicability of Section 230
The court accepted that the 6 posts in question all originated with the users. Ripoff Report gives some "generic and stylistic" writing guidance to users, such as an ALL CAPS instruction not to use ALL CAPS. (Ironic, I know). With respect to these formatting instructions, the court says:
these statements can not amount to encouragement, solicitation, or instruction to say anything in particular that might warrant labeling Defendants as “information content providers.”
Ripoff Report also does some things to enhance the SEO of user posts, and the court treats these visibility-enhancing efforts as irrelevant to a Section 230 analysis:
Plaintiffs fail to cite any authority that increasing the prominence of a page in internet searches amounts to “creation or development of information” that would render Defendants “information content providers” under the CDA. The very purpose of consumer reports such as the Ripoff Report website is to provide accessibility to the public on a grand scale. Increasing the visibility of a statement is not tantamount to altering its message....At best, increasing the visibility of a website in internet searches amounts to “enhancement by implication,” which is insufficient to remove Defendants from the ambit of the CDA.
This is yet another court opinion citing Roommates.com for the defense.
I think the court's key line comes immediately after this:
Absent a changing of the disputed reports’ substantive content that is visible to consumers, liability cannot be found.
This sentence is so simple and elegant, yet the concept frustrates plaintiffs to no end. Simply put, if content originates with a third party and the defendant doesn't substantively change its meaning, Section 230 applies--FULL STOP. All of the plaintiffs' kvetching about endorsing or ratifying third party content is getting plaintiffs nowhere. Once the court accepted that the reports came from third parties and that ROR employees didn't substantively modify the contents, there was nothing left to discuss. Section 230 applies. Case over.
The plaintiffs also tried the now-tired argument that Ripoff Report creates report titles by combining user content and Ripoff Report content. The court doesn't want to hear about this "circumvention" of the immunity either:
Users thus know precisely how the titles of their submissions will appear before posting. Defendants need not present users with a completely blank slate from which to create their reports in order to be protected by the CDA
Having determined that Ripoff Report qualifies for Section 230, the immunity wipes out a long list of claims:
(3) unfair business practices under Cal. Bus. & Prof. Code § 17200 et seq.;(4) defamation; (5) defamation per se; (6) false light; (7) intentional interference with prospective economic relations; (8) negligent interference with prospective economic relations; (9) negligent interference with economic relations; and (10) injunction.
The immunity for the 17200 UCL claim is particularly interesting. This is similar to the Levitt v. Yelp ruling, where the plaintiffs weren't able to bypass Section 230 by arguing that Yelp's UGC management practices mooted 230. This court also rejects the 17200 claim on standing grounds and the fraud/deceit claims for a variety of reasons.
Request for More Discovery
The court also denies the plaintiffs' request for further discovery. Among other things, the plaintiffs wanted to look for evidence that the HTML code/metatags aren't generated automatically. The court says that information wouldn't matter because it would just show that Ripoff Report wanted better search engine indexing, plus "Plaintiffs conceded that the HTML code and meta tags of the reports devoted to them were created automatically."
Anti-SLAPP Motion
The court denied Ripoff Report's anti-SLAPP motion to strike. This is the second time the court did so; the first time was a broader anti-SLAPP motion denied in April 2010. This was a narrower anti-SLAPP attempt, but it still failed.
Response to the Ruling
Lisa Borodkin, AEI's counsel, was kind enough to send me a statement, including this assessment:
Ripoff Report also changed several of its practices during the pendency of this litigation. Ripoff Report began informing telephone callers that their calls would be recorded and corrected the description of the Corporate Advocacy Program. Ripoff Report launched an arbitration program which is upfront about disclosing that Ripoff Report will redact names from Ripoff Reports for parties that prevail in arbitration.
The VIP Arbitration Program
This ruling shows that plaintiffs are running out of creative ways to sue Ripoff Report. They have tried just about every legal trick imaginable, and nothing has worked. Eventually, unhappy vendors will abandon frontal litigation assaults on Ripoff Report and aggressively pursue alternative ways to get the outcomes they desire.
One logical alternative is Ripoff Report's relatively new arbitration process, called the “VIP Arbitration Program.” The process lets unhappy vendors proceed to an arbitration service designated by Ripoff Report. If the complainant wins the arbitration, Ripoff Report will redact the complainant's name from the report. This may not be a perfect solution to a problematic report, but it's more useful than a 47 USC 230-preempted lawsuit against Ripoff Report.
Default Judgments and Google Search Results
Meanwhile, a few months ago, a Texas lawyer, Kenton Hutcherson, wrote at Search Engine Land about another way to redress a problematic report. With the seductive title of "How To Remove Ripoff Reports From Google – Not Just Bury Them," the article tells readers exactly what they desperately want to know--how to flush a bad report out of Google's index.
The answer isn't rocket science, and it takes advantage of Google's apparent pliability when presented with a court order. The article advocates that aggrieved parties sue the person who posted the report. Although the article doesn't say this explicitly, the article implies that defendants may quickly agree a default or stipulated judgment. The plaintiff can then present the court order to Google and anticipate that Google will honor it.
I found this article problematic for several reasons:
1) The author initially failed to mention that he had previously sued Ripoff Report--and lost. Do you think this past litigation experience is relevant to assessing the author's perspectives? I do. One way of reading the article is that the author initially planned to drum up some business suing ROR, failed to show the legal merits of that option, and is now cultivating a replacement business line.
You'll see that the article now contains the following disclosure:
Editors Postscript: For the purposes of full disclosure, Kenton J. Hutcherson has served as lead counsel in three lawsuits against Xcentric Ventures, LLC, the company that manages Ripoff Report.
That postscript was added in response to my inquiries to Search Engine Land over the past month.
2) The author mentions Ripoff Report's arbitration program but doesn't indicate that it may be less expensive than the path he recommends--and more effective too (success in arbitration would redact the problematic content everywhere, not just from Google). Omitting that crucial piece of pricing information (while downplaying the cost of litigation) provides further support for a hypothesis that the article is selling a new business line.
3) The article advocates taking advantage of Google's apparently lax responses to court orders. Perhaps that's a legitimate use of the court system, although it's hard for me to be enthusiastic about such efforts. Meanwhile, this article is a good cautionary tale to Google--and all other service providers--that default and stipulated judgments are a potential source of abusive takedowns requests, especially when they don't result from a proper substantive adjudication by the court. (As we know, for this reason, Ripoff Report sometimes stands up to default judgments; see the Blockowicz case).
I am a longtime regular reader of Search Engine Land, so I raised my concerns about this article directly to Danny Sullivan of Search Engine Land. On the point of Search Engine Land authors making adequate disclosures, Danny responded:
Going forward, we're drafting up a disclosure statement that will be added to our contributor guidelines, and our contributors will get a reminder of this in the next monthly newsletter that goes out to them. We'll be asking that they use common sense in disclosing any relevant relationships or background within their articles, as it makes sense within a story (say if they write about a client, they should disclose that) or provide general disclosure as part of their bio (if they are part of a company that might have bearing on what they've written, for example).
As you can see, this translated into the editor's postscript now in the article. At the same time, Danny pointed out:
The disclosure wouldn't have made you think he was somehow less biased against Ripoff Report (it was pretty obvious he wasn't a fan). The disclosure wouldn't have altered the advice he wrote, in terms of making what he was recommending more or less attractive -- nor would it have impacted the alternatives he wrote.
Perhaps this is true, but I find that litigation counsel tend to become deeply entrenched in the viewpoints they advocated, and so I find that knowing that background often helps me contextualize subsequent remarks from them.
Posted by Eric at 09:33 AM | Content Regulation , Derivative Liability | TrackBack
June 01, 2011
Updates on DoctoredReviews.com and Medical Justice
By Eric Goldman
You may recall our April launch of DoctoredReviews.com, a website explaining why Medical Justice's form agreement, the "Mutual Agreement to Maintain Privacy," was a bad deal for doctors, patients and review websites. See a list of the media coverage on the site's launch.
Since then, there have been three developments of interest.
First, Timothy B. Lee at Ars Technica covered his experiences with a dentist who asked him to sign the Mutual Agreement to Maintain Privacy and what happened when he balked at signing (predictably, there was no negotiation, and he was booted from the office). The entire article is a great read, but this line especially caught my eye: "we began to wonder if Medical Justice was taking advantage of medical professionals' lack of sophistication about the law." Watching the doctor community's response to our site launch, I had been wondering the same thing. Doctors and other healthcare professionals are very scared of the combination of privacy laws and unfettered consumer reviews; and Medical Justice has a several year headstart in (mis?)educating them about the law. It's clear that our advocacy site alone isn't enough to do the necessary counter-education.
Timothy also hammers on how Medical Justice has been backpedaling about the efficacy of the Mutual Agreement to Maintain Privacy. Medical Justice publicly claims that the agreement is principally useful for dealing with reviews from the doctors' competitors or ex-employees or other fraudsters. This is a baffling argument because (as Timothy points out) those folks undoubtedly haven't signed the Mutual Agreement to Maintain Privacy, so doctors can neither assert a breach of the agreement nor the assigned copyrights in those reviews. (And asserting copyright to the review websites could lead to 512(f) claims). There is a massive logic disconnect between the purported goals of the Mutual Agreement to Maintain Privacy and the legal effect of the contracts. For an outfit that was clever enough to develop a way to hack 47 USC 230 through a copyright workaround, the response that the agreement should be used only against people who haven't signed it is so oddly sophomoric that it makes me wonder about the sincerity of the proffered explanation.
Timothy followed up his initial story with a postscript. In it, the dentist who claimed he'd never enforced the Mutual Agreement to Maintain Privacy backpedaled and admitted that he had, in fact, help drive a negative review off the Internet. On the plus side, the dentist publicly acknowledged that the Mutual Agreement to Maintain Privacy wasn't a good deal for him, and he said he wouldn't renew with Medical Justice. Hey doctors and other healthcare professionals, I hope you took note.
Second, John Swapceinski of RateMDs made a post entitled "Medical Justice planting glowing reviews on RateMDs.com." Apparently, John saw some early activity from a new Medical Justice offering called the "Review Builder Program" that Medical Justice claims will help patients leave reviews from doctors' offices. Timothy at Ars Technica has plenty of sharp words about the program and the possibility of Medical Justice duplicity.
Third, we are working on Phase 2 of the DoctoredReviews project, during which we identified another doctrinal oddity: doctors, based on their purported copyright ownership, can obtain and send 512(h) expedited subpoena requests in an effort to unmask the review author--in a process that is outside of public view and without any substantive judicial oversight. Obviously, review websites can (and should) push back on these subpoenas, but I have some reason to believe that the Mutual Agreement to Maintain Privacy's purported copyright assignment is producing unmaskings that would not occur if supervised in a court of law. I'm adding this attack on privacy to the taxonomy of abusive takedown practices I'm developing.
Posted by Eric at 02:18 PM | Content Regulation , Copyright , Derivative Liability , Licensing/Contracts , Privacy/Security | TrackBack
Yahoo! Entitled to Immunity for Disclosing User Information in Response to Subpoena -- Sams v. Yahoo!
[Post by Venkat Balasubramani]
Sams v. Yahoo!, Inc., CV-10-5897-JF(HRL) (N.D. Cal.; May 18, 2011)
Fayelynn Sams sued Yahoo!, contending that Yahoo! improperly produced information in response to a subpoena which requested information regarding Sams's account. She brought a putative class action asserting a variety of claims, including a state law privacy claim, breach of contract, breach of the duty of good faith and fair dealing, and claims under the Electronic Communications Privacy Act. The court finds that Yahoo! is entitled to immunity under the Electronic Communications Privacy Act's immunity provisions and dismisses the case.
Yahoo! received a grand jury subpoena signed by the Clerk of the Superior Court of Lowndes County (Georgia). This subpoena sought:
any and all records regarding the identification of a user with the Yahoo! ID "lynnsams" or "lynnsams@yahoo.com" to include name and address, date account created, account status, Yahoo! E-mail [sic] address, alternate e-mail address, registration from IP, date IP registered and login IP address associated with session times and dates.
A second subpoena issued from the same court sought "any and all I.P. login tracker for "lynnsams" or "lynnsams@yahoo.com"" for dates in December 2008. The subpoenas, which stated that they were related to a child pornography investigation, specifically instructed Yahoo! to not inform the account-owner of the subpoena or that any information was provided. (See both subpoenas here.)
It's unclear exactly what information Yahoo! disclosed in response to the subpoenas, but the subpoenas do not seek the substantive contents of any communications--the subpoenas are directed to account and identification information. Sams did not specifically allege in her complaint that Yahoo! produced the contents of any of her email messages.
Yahoo! argued that it was entitled to immunity under 18 U.S.C. section 2703(e). Immunity under section 2703(e) is available to "any provider of wire or electronic communication service . . . for providing information . . . in accordance with the terms of a court order, warrant, subpoena, statutory authorization, or certification under this chapter." Yahoo! alternatively argued that 18 U.S.C. section 2707(e) immunized the disclosure in question. This subsection contains a similar immunity provision, but requires "good faith" reliance on a subpoena or other process, and requires notice in certain circumstances.
Resolution of affirmative defense on a motion to dismiss: The court first addressed Sams's argument that since Yahoo! raised defenses based on statutory immunity, these were not properly resolved on a motion to dismiss. The court says that Yahoo!'s defenses can be resolved at the 12b stage, citing Goddard v. Google, among other cases. Sams's pleading raised the issue of whether Yahoo!'s disclosure of information was proper, and this was something the court could resolve at the pleading stage because it turned on the Sams's arguments regarding validity of the subpoenas.
Was Yahoo! entitled to immunity?: Yahoo! was entitled to immunity to the extent it disclosed the information "in accordance" with a subpoena. Sams made a couple of creative arguments as to why this immunity was not available to Yahoo!
Sams first argued that the subpoena was invalid because it was issued out of Georgia and directed at a California company (Yahoo!). State procedural rules do not require an out-of-state company to comply with a Georgia subpoena, and there is a procedure (which is often ministerial in practice) to get a subpoena issued by a local court seeking information from a California company. Since these procedures were not followed, Sams argued that the subpoena was invalid. Yahoo! argued that although the subpoenas were faxed to Yahoo!'s compliance office in Sunnyvale, "the language [of the subpoena] could be read to refer generally to Yahoo! as a singular corporate entity." Yahoo! further explained that although it used to contest jurisdiction in states other than California (where it has offices and employees) and resist subpoenas on this basis, it no longer does so. It pointed to one decision where it raised the issue and lost. Apparently Yahoo! argued that it was subject to jurisdiction in Georgia, so it did not bother to raise the argument that the subpoena should have been issued out of a California court. [Going forward, it's not clear if you need to obtain a local subpoena if you are in a state where Yahoo! has an office, but it's interesting that Yahoo! says that it has a policy of no longer contesting subpoenas in states where it has an office.]
Sams also argued that Yahoo! did not produce the information "in accordance" with the subpoena because the subpoena directed Yahoo! to "appear and produce evidence," and Yahoo! instead sent the information to avoid the hassle of having to appear personally. The court says that there is no authority for the proposition that a person who produces documents instead of appearing in person is not producing the documents "in accordance" with the subpoena.
Finally, the court addressed Sams's argument that Yahoo! was not entitled to immunity because it disclosed the "contents" of her communications. The court says that there are no allegations to support her argument that Yahoo! disclosed the "contents" of any communication. The ECPA sets forth a hierarchy of protection for user information, and non-content information is entitled to less protection. The statute authorizes the disclosure of things like user identification information, records or session times and durations, and temporarily assigned network addresses in response to a subpoena, as opposed to a court order. The court concludes that Sams fails to adequately allege facts that Yahoo! is not entitled to immunity because she does not specify the contents of any communications which were actually disclosed by Yahoo!. The court dismisses the case, but grants leave to amend if Sams can allege that Yahoo! impermissibly disclosed any content-based information.
__
One notable thing about this case is Judge Fogel's willingness to dismiss at the pleading stage based on Yahoo!'s claim of immunity. Section 230 cases have been somewhat mixed, but the court cites to at least a couple of cases granting requests to dismiss on Section 230 grounds at the pleading stage. Goddard v. Google, cited by the court, was also decided by Judge Fogel. (Professor Goldman's post on that case: "Google Not Liable for False Ads.")
The disclosure of user information has generated a fair amount of attention recently. The United States government sought and obtained a court order requiring disclosure of the information of various Twitter users in connection with its Wikileaks investigation. (See "Court Refuses to Set Aside Order Requiring Disclosure of Twitter Users' IP Addresses." The court's refusal to set aside the order is currently on appeal, and in that case, Twitter sought permission in order to provide notice to the users in question.) More recently, a council in the UK subpoenaed (in California) user information from Twitter about a possible whistleblower who was badmouthing the council. This The Next Web story has some details, but the user in question was given the opportunity to contest the subpoena but he did not, citing to the costs involved. In both situations, Twitter looks like it did what it could as far as providing users notice and not just handing over the information.
Section 2703(c)(2) sets forth certain information (name; address; local and long distance telephone connection records, or records of session times and durations; length of service and types of service utilized; telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; and means and source of payment for such service (including any credit card or bank account number)), which can be disclosed to the government pursuant to an "administrative subpoena authorized by a Federal or State statute or a Federal or State grand jury or trial subpoena or any means available under paragraph (1) [a warrant, court order, or consent]." It would seem that in response to a subpoena such as this one, a service provider that falls under the statute would be well served to restrict the disclosure of information to what is contained in subsection (c)(2), unless its user agreement clearly allows for greater disclosure. User agreements are not always conclusive, and the court did not rely on the user agreement in this case. I'm somewhat surprised that the court did not look to this laundry list of items that may be disclosed to the government in response to a subpoena and compare it to the actual subpoenas in the case. The statute is specific as to what types of information may be disclosed, but the court focuses on the distinction between content information and all other information.
Although the court ruled in Yahoo!'s favor, disclosure of user information comes with risk, from both the perspective of the service provider and the party (and its lawyer) who seeks the information. The service provider should not take the shotgun approach of turning over user information. Cases have held that "content" information may not be produced in response to a civil subpoena, and at least one court has imposed liability on a party and its lawyer for obtaining email messages using what the court described as a "patently invalid" subpoena. (Theofel v. Farey Jones.) Additional uncertainties are present when a party seeks to subpoena information from social networking sites, where the sites' classification under the statute and the distinction between "content" information and other information are more fluid.
Posted by Venkat at 10:08 AM | Privacy/Security