« June 2011 | Main | August 2011 »
July 29, 2011
Court Smacks Down Koch Industries' Attempt to Shut Down Satirical Website -- Koch Industries v. Does
[Post by Venkat Balasubramani]
Koch Industries, Inc. v. Does, 10CV1275DAK (D. Utah; May 9, 2011) [.pdf]
[This is one of those cases that I intended to cover when it came out, but it got lost in the shuffle. Eric talks about his 'backlog' of blog-worthy cases that he tackles from time to time. I prefer to view it as a quagmire that I wade in and out of.]
EFF, Public Citizen and other similar organizations have excellent resources for creators of parody and satire on the internet. A recent case (litigated by Public Citizen) illustrated a few pitfalls a plaintiff--who is seeking to shut down such non-commercial content--may face. A commercial motivation does not automatically doom a parody or satire defense, but the total absence of a commercial motive will neutralize a plaintiff's claims.
A group who identified themselves as "Youth for Climate Change" set up a faux website at "koch-inc.com" at which they purported to announce Koch Industries' official shift in position towards groups who undertake climate change research and advocacy. The website was announced via a press release which was mailed to news organizations. The site was up for only a few hours but drew a fair amount of media attention. The media quickly identified the site and release as a hoax. Koch sued, asserting claims under the Lanham Act, the cybersquatting statute and the Computer Fraud and Abuse Act. Koch requested and obtained the court's permission to issue subpoenas in order to determine defendants' identity. Defendants appeared, moved to quash the subpoenas and moved to dismiss. The court dismisses the lawsuit, and grants defendants' request for a protective order, keeping their identity under wraps.
Lanham Act and Cybersquatting Claims: Both the Lanham Act and ACPA claims were dead-on-arrival, since defendants' press release did not relate to any goods or services. There was no reference to Koch's products or even to any of Koch's business practices. Koch tried to argue that defendants set up the fake website to draw attention to defendants and to ultimately raise funds for defendants' activities but the court rejects this argument, noting that defendants "did not identify their website or provide a means for making a contribution to [defendants'] entity." In fact, neither the press release nor the fake website contained a link to defendants' website. Koch asserted a similar argument with respect to its ACPA claim but the court notes that since defendants set up and operated the website "completely anonymously . . . the only agenda [defendants] could have been promoting was [their] message, not any entity." Again, the court notes that defendants' anonymity made any donations impossible.
CFAA Claim: Koch also asserted a Computer Fraud and Abuse Act claim and this claim fared no better. This claim was presumably based on defendants' access of the Koch website in the course of preparing their fake press release. The court found that Koch made its website available to the general public. Although the website contained a restriction that "competitors" were not permitted to access the website, the court found that defendants did not agree to this restriction since it was "buried" at the bottom of the first page. Koch cited to Specht v. Netscape for the proposition that browsewrap agreements are normally enforceable but the court notes that this case, and others cited by Koch, were all decided in the commercial context. Koch was unable to identify "a single case imposing 'contractual' speech restrictions on noncommercial web users."
Other coverage:
"Utah Court Strikes Blow for Free Speech, Dismisses Trademark and CFAA Claims Against Political Activists" (EFF)
"Court Protects Hoax Press Release" (Bill McGeveran)
"In Which We Lose Our Funding And Are Reduced To Eating Gravel" (Popehat)
"In Koch spoof case, judge favors First Amendment" (CitizenVox)
Posted by Venkat at 10:33 AM | Publicity/Privacy Rights
July 27, 2011
Power.com Up For Auction -- Facebook v. Power Ventures
[Post by Venkat Balasubramani]
Facebook v. Power Ventures, Case No. 5:08-cv-05780 JW (N.D. Cal.)
[Update/Clarification: I received an email from the CEO of RokMe Inc. (who is handling the power.com auction) to this effect:
Power.com is being sold by its owner Power Assist Inc. The domain was never owned by Power Ventures. According to Scott Smith (CEO of RokMe Inc. who is handling the auction) the domain was always owned by Power Assist Inc. (or its beneficial owner). The domain name was only leased to Power Ventures, and when the lease expired, the owner of the domain name decided to sell it.]
We've blogged a bunch about Facebook v. Power Ventures. Power Ventures operated power.com and billed itself as a social network aggregator. Facebook was unhappy with, among other things, the fact that Power.com allowed Facebook users to access their Facebook accounts and extract data (and contacts) through Power.com, which bypassed Facebook's developer program.
The dispute received attention because it raised the issue of data ownership--whether Facebook could prevent a third party from accessing or exporting user data, when the third party engaged in access purportedly on behalf of users (who arguably owned the data). Facebook primarily proceeded under the theory that access of Facebook by Power Ventures violated California's anti-hacking statute. Judge Ware agreed, and held that Facebook could make out a violation of the statute, to the extent Power Ventures circumvented technical barriers in accessing Facebook. (The EFF weighed in on the dispute, arguing that the California statute should be construed narrowly.)
Since then, very little activity has taken place in the dispute. Power Ventures moved for summary judgment, but Facebook successfully resisted the motion on the basis that it had not had an opportunity to conduct sufficient discovery.
Now I see a report from Domain Name News that power.com is listed as being up for auction (minimum bid - $2.5mm!). I'm not sure when power.com shut down its service, but this is certainly a public admission that Power Ventures is not looking to continue the fight with Facebook for the sake of operating the service at power.com. At this point, given that only attorneys' fees are at stake, I'm surprised the parties don't quickly settle. (I would be surprised if Facebook is looking to recover significant damages from Power Ventures. To the extent it is, Facebook may assert some sort of lien on the auction proceeds.) Sidenote: I wonder what happened to the user data from power.com?
Previous posts:
Power.com Counterclaims Dismissed -- Facebook v. Power Ventures
Judge Denies Facebook’s Request for Judgment on the Pleadings and Strikes Power.com Counterclaims -- Facebook v. Power.com
EFF Weighs in on Facebook v. Power Ventures -- Facebook v. Power Ventures
Posted by Venkat at 09:39 AM | Privacy/Security
July 26, 2011
Court Rejects First Amendment Challenge to CAN-SPAM Indictment -- US v. Smallwood
[Post by Venkat Balasubramani, with comments from Ethan Ackerman]
US v. Smallwood, 09-CR-00249 (N.D. Tex.; July 15, 2011)
First Amendment challenges to spam statutes are long shots at best, with Jaynes v. Virginia being the big exception. In this case, Smallwood was charged with a variety of criminal acts, including violations of CAN-SPAM's criminal provisions (18 U.S.C. 1037(a)(2) and (b)(2)(C)). The statute is aimed at anyone who:
uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages.
Subsection (C) kicks in where there is a significant volume of messages (2,500 during any 24 hour period, 25,000 during any 30-day period, or 250,000 during any 1-year period). Smallwood argued that the statutory provisions were vague and overbroad, because it chilled "protected anonymous speech."
The court rejects Smallwood's arguments that the statute is overly broad. Smallwood cited Jaynes v. Virginia, a case where the Virginia Supreme Court struck down a portion of Virginia's spam statute, but the court here distinguishes Jaynes from this case: CAN-SPAM only applies to commercial email messages. In contrast, the statute in Jaynes applies to all communications, including religious or political speech.
Smallwood's vagueness arguments fared no better. She argued that:
she could not have known from the statute the circumstances that would cause sending multiple emails to be unlawful, because the Internet is diverse in terms of origin identification, and because multiple emailings may have multiple sources, or origins; "origin" is a broad term, defying easy definition; and there is no clear notice as to the type of conduct that might mislead or deceive someone about the origin of the emailings.
The court agrees with the government that since Smallwood is charged with something which requires a showing of intent to deceive, common sense definitions of the term "deceive" or "mislead" provides sufficient notice as to the scope of the statute.
__
There were two aspects of the statute that caught my attention.
First, the statute covers emails that are misleading not only to recipients, but also to any "internet access service" as to the origin. This reminds me of Kleffman v. Vonage where the California Supreme Court construed the scope of the California spam statute. ("Use of Multiple (Even Random or Garbled) Domain Names to Bypass Spam Filter Does not Violate Cal. Spam Statute.") In that case the plaintiff argued that using multiple domain names to bypass a spam filter violated California's spam statute. While the California Supreme Court rejected this argument, I wonder if the language in the statute (about deceiving an ISP) is aimed at something similar? Is there a legitimate vagueness argument on this point?
Second, it's interesting that the defendant is charged with providing "SPAMmers with equipment, bandwidth, corporate infrastructure, and IP addresses, and domain names from which their customers could send SPAM with the intent to mislead recipients and Internet access services as to the messages' origin." Once you start penalizing people who provide bandwidth, domain names, and infrastructure, you're pretty far afield from the people who are actually sending the emails. It looks like there's some sort of "knowingly" limitation on this (i.e., that she supplied the assistance knowing that the customers were spammers) but it still surprised me.
Not necessarily an earthshattering ruling, but given the dearth of cases dealing with First Amendment challenges to spam statutes, an interesting data point.
Ethan's comments:
It's worth noting that the Court's cursory dismissal of Smallwood's overbreadth argument isn't as uncontroversial as the Court suggests. The opinion dismisses Smallwood's overbreadth argument with a quote from Village of Hoffman Estates v. Flipside, Hoffman Estates, Inc., "the overbreadth doctrine does not apply to commercial speech." That quote was itself a footnoted description of Central Hudson's holding. Interestingly enough, Central Hudson doesn't actually say anything of the sort, noting only that commercial speech is less at risk of being chilled due to overbroad laws. Supreme Court caselaw on the overbreadth doctrine as applied to commercial speech is not as simple as "not applicable." Several Court cases describe it, like Central Hudson did, as being "seldom," or "unlikely to be," applicable. Bigelow v. Virginia says using the overbreadth doctrine to facially invalidate a statute restricting commercial speech is a remedy that should be used "sparingly," but then finds the statute in question overbroad. Only Hoffman describes the overbreadth doctrine as inapplicable to commercial speech.
The Court rejects Smallwood's vagueness challenge by adopting the Government's argument that the intent element of the crime remedies any arguable vagueness concerns for terms like "origin." If it explored deeper, the Court could have also pointed out that the challenged statutory terms are made rather clear by the other definitions in the Act--the defined terms "initiate," "procure," "sender," "header information," and "routine conveyance" use the contested terms, inform those terms, or provide categories that function to exclude some of those terms. It is an uphill battle to argue vagueness on a statute that has around twenty fairly specific definitions.
Previous related posts:
Internet Obscenity Conviction Requires Assessment of National Community Standards--US v. Kilbride
Still Standing? Catching Up on the Jaynes Case
Posted by Venkat at 01:57 PM | Spam
July 25, 2011
Employee Terminated for Accessing 'Inappropriate' Websites not Entitled to Unemployment Benefits -- Berglund v. ITI
[Post by Venkat Balasubramani]
Berglund v. Industrial Tech. Institute, No. 298227 (Mich. Ct. App. July 21, 2011)
Berglund worked at Industrial Technology Institute and was terminated for "using his computer to access inappropriate websites" (and for printing materials unrelated to his employment).
Under Michigan law, an employee is disqualified from receiving benefits if he or she is terminated for "misconduct." Michigan courts define misconduct as:
conduct evincing . . . willful or wanton disregard of an employer's interest as is found in deliberate violations or disregard of standards of behavior which the employee has the right to expect of his employee, or in carelessness or negligence of such degree or recurrence as to manifest equal culpability, wrongful intent or evil design, or to show an intentional and substantial disregard of the employer's interests or of the employee's duties and obligations to his employer.
Misconduct is not "mere inefficiency, unsatisfactory conduct, [or] failure in good performance . . . ."
The hearing officer found that Berglund was placed on probation and directed to not use ITI's resources or equipment to further his outside activities. After this warning, Berglund was found to have printed materials relating to his outside employment (his teaching gig at Central Michigan University). In addition, the hearing officer found that Berglund visited a number of "inappropriate" websites (e.g., teenagecheerleaders.com, sextelevision.net). Based on the records, the hearing officer concluded that "in an eight hour day, the records reflect some 3½ to 4 hours of visiting those types of sites." The hearing officer concluded that this was "misconduct," and as a result, Berglund was denied benefits. The review board agreed with this determination.
The trial court reversed the agency's determination on the basis that there was insufficient proof that the websites in question were "inappropriate." The court of appeals reversed, holding that testimony regarding the inappropriate nature of the websites was sufficient, and documents and exhibits demonstrating the content of those sites were not necessary. The court also noted that accessing inappropriate websites may compromise the employer's network and the employer thus has a strong interest in preventing the access of inappropriate websites:
An employer has an interest in maximizing the capability of its network. An employee who deliberately accesses websites that hinders the work network's capability harms the interests of the employer. Contrary to Berglund's position that his actions were immaterial, use of the employer's computer equipment to access websites with nudity is not the equivalent of keeping a magazine in a desk drawer.
___
I can't say that the decision is much of a shocker, and it's tough to muster any sympathy for an employee who allegedly spent 3 to 4 hours during a workday on non-work related activities, but I am definitely breathing a sigh of relief that the court did not address the issue of whether accessing sites such as Facebook at work constitutes "misconduct." A decision to that effect would leave us all in a precarious position indeed.
On a more serious note, the court's analogy to the magazine kept in a desk drawer, which the court implies would not constitute 'misconduct,' is interesting. As more activities migrate online, it becomes increasingly easier for employers to regulate employee conduct.
Posted by Venkat at 11:22 AM | General
July 20, 2011
Social Media Marketing Is Relevant to Trademark Confusion Analysis--Quia v. Mattel
By Eric Goldman
Quia Corp. v. Mattel, Inc., 2011 WL 2749576 (N.D.Cal. July 14, 2011)
Both parties offer educational games under the brand "IXL" (presumably a homophone for "I excel"). The parties dispute who came first.
Mattel sought a determination that Mattel's product's presence in search results was legally irrelevant. Judge Fogel tosses Mattel a bone, saying "The mere fact that an internet search engine intermingles links to two products is not evidence of consumer confusion."
Quia responded that it wasn't kvetching about search at all (at least, not after Mattel boxed it in). Instead, Quia says the fact both parties are engaged in social media marketing increases the likelihood of consumer confusion. Quia offers the following evidence:
Defendants have taken steps such as reserving “tags” to improve search results on Google and Bing; monitoring “Google Blogs Alert for: ixl,” sending email “blasts,” creating Facebook applications, developing You-tube “channels,” and fostering tie-ins with “mommy bloggers.”
What are they talking about? What does it mean to "reserve tags" to improve Google search results? And why does it matter that Mattel has a Google Blog alerts on its purported trademark? And surely it's not a surprise that an educational game has mommy-blogger tie-ins?
Exploring the Network Automation case and its implications for a Sleekcraft analysis in the online context, Judge Fogel responds:
While purchasing search engine keywords or selling product on Amazon.com are now “ubiquitous marketing channels,” social media marketing, such as tie-ins with “mommy bloggers,” may be more akin to niche marketplaces such as the specialty retail outlets and trade magazines at issue in Sleekcraft. At this stage of the proceedings, the Court cannot conclude that Plaintiff's theories with respect to Defendants' marketing strategies are irrelevant to the issue of consumer confusion.
That's clearly the correct reading of Network Automation. Even so, given the things it's alleged so far, I'm not clear what information Quia can introduce regarding marketing channels that will matter to the analysis.
Posted by Eric at 02:00 PM | Marketing , Search Engines , Trademark | TrackBack
P2P Swarm Defendants Can't Be Joined in the Same Lawsuit -- Pac. Century Int'l Ltd. v. Does
[Post by Venkat Balasubramani]
Pacific Century International Ltd. v. Does, C-11-02533 (DMR) (N.D. Cal. July 8, 2011)
There have been a slew of recent procedural rulings in mass copyright cases, with plaintiffs mostly getting smacked down by courts. Plaintiffs have tried to sue defendants en masse in a single lawsuit and courts have been unreceptive to this idea. One open question was whether P2P "swarm" defendants can be sued in the same lawsuit because of defendants' interactions with one another in downloading or distributing the same copyrighted work. In this case, the court says no, and sua sponte, severs a bunch of Doe defendants from the lawsuit.
Pacific Century International sued a hundred and one Doe defendants in the Northern District of California, alleging that defendants reproduced and distributed plaintiff's copyrighted work titled "Amateur Cream Pies -- Erin Stone." Plaintiff requested leave to take early discovery. The court approved the request for early discovery, but had questions about the propriety of joining Does 2 through 101 in the same lawsuit. Plaintiff offered the following explanation, and argued that all defendants should be joined together because they were all part of the same BitTorrent "swarm":
the [BitTorrent] protocol breaks a single large file into a series of smaller distributable pieces. Then, an initial file-provider (the "seeder") intentionally elects to distribute the pieces to third parties. . . . Other users ("peers") on the network download a small "torrent" file that contains directions on where to find the seeder as well as an index of the pieces. The torrent file is loaded into BitTorrent software, and the software follows the directions in the torrent file to connect to the seeder. When peers connect to the seeder, they download random pieces of the file being seeded. When a piece of download is complete, the peers automatically become seeders with respect to the downloaded pieces. In other words, each peer in a swarm transforms from a pure downloader . . . to a peer that is simultaneously downloading and distributing pieces of a file.
Plaintiff essentially argued that since all of the defendants worked together to download and distribute a copyrighted work, Plaintiff's claims arose out of the "same transaction." The court disagreed, noting that just because the Doe defendants happened to download or distribute the same copyrighted work does not mean that they were involved in the same swarm. For example, one defendant may distribute a low definition version of a video while another may distribute a high definition version. The court says:
[t]hat BitTorrent users have downloaded the same copyrighted work does not, therefore, evidence that they have acted together to obtain it.
Although plaintiff alleged that the Doe defendants were all involved in a civil conspiracy, the court concludes that plaintiff "failed to demonstrate that it has any right to relief against [Defendants] . . . . arising out of the same transaction, occurrence, or series of transactions of occurrences."
__
Ouch! As a bonus, although the court authorizes early discovery, it directs the ISP in question to provide the affected subscriber (Doe 1) with notice of the subpoena, and gives Doe 1 an opportunity to object.
This is just one more decision of many recent decisions where courts push back using procedural rules on copyright plaintiffs who are trying to sue multiple defendants in the same lawsuit. (See, e.g., "Judge Tells John Steele To Stop Mass Suing Anonymous People For File Sharing.") In addition to the problem highlighted by the court, there is one other obvious problem with suing a bunch of unidentified defendants in a single forum. You have no idea where the defendant is based and whether they're subject to jurisdiction in the forum. Most people view the mass lawsuits as an efficiency play by plaintiffs, at the expense of procedural rules and defendants' rights. I haven't been keeping a close tally, but it's clear that at least some judges are starting to push back on this tactic.
Strangely, some recent copyright plaintiffs don't seem to pick up on the subtle messages that courts send in their rulings. As a litigant, you don't want to blindly accept a judge's procedural rulings and directives, but you also want to pick your battles. One or two decisions out of ten is probably worth fighting over, and if the ruling is one that involves some exercise of the judge's discretion, you probably want to consider following the path laid out by the judge. Copyright plaintiffs don't seem to view things this way, and resist every single adverse decision issued by judges. Righthaven is probably the most prominent example of this, as extensively catalogued by Eric and others. We'll see what happens in this case.
(h/t Ray Dowd)
Posted by Venkat at 12:05 PM | Copyright , Evidence/Discovery
July 19, 2011
Judge Ware OKs Immediate Appeal of Street View ECPA Ruling -- In re Google Inc. Street View Electronic Communications Litigation
[Post by Venkat Balasubramani]
In re Google Inc. Street View Electronic Communications Litigation, 2011 WL 2571632 (N.D. Cal. July 18, 2011) (Order granting Google's request to certify and staying case) [pdf]
Judge Ware recently denied Google's request to avail itself of the "Readily Accessible to the General Public" ECPA defense in the Street View litigation. Judge Ware's ruling acknowledged that it was a novel issue, and both Eric and I expressed surprise at the ruling. (See "Judge Ware: Google Not Entitled to "Readily Accessible to the General Public" Defense in Street View Class Action.")
Google sought an interlocutory appeal because of the issue's novelty, the importance to the litigation's outcome, and the possibility that reasonable judges may disagree on the outcome. Judge Ware granted Google's motion and certified the question for interlocutory appeal.
This means that the lawsuit is stayed at the trial court level while the Ninth Circuit hears the appeal. I'm sure Google wants to get this lawsuit resolved, but it would much rather spend a year in the appeals court than being mired in discovery at the trial court level. Plaintiffs can't be too happy about this turn in the lawsuit.
What are the chances of success for Google on appeal? It's anyone's guess, and Judge Ware's opinion was thorough and written with an eye to the appeals court, but I can see a judge or two disagreeing with Judge Ware. [If I could predict the outcome of appeals in the Ninth Circuit, I would be doing something a lot more gainful than lawyering and blogging!] EPIC weighed in as amicus in the trial court, and I would expect that there will be others involved as amici in the Ninth Circuit. In any event, this will be a high stakes, fun-to-watch appeal.
Other coverage:
Judge Grants Google ‘Street View’ Wiretap Appeal (Wired)
Posted by Venkat at 11:19 AM | Privacy/Security
July 18, 2011
The “Graduated Response” Deal: What if Users Had Been At the Table? (Co-Authored Post)
[Cross-posted to EFF's Deeplinks as well as here]
By Corynne McSherry and Eric Goldman
As was widely reported last week, several major internet access providers (including, very likely, yours) struck a deal last week with big content providers to help them police online infringement, educate allegedly infringing subscribers and, if subscribers resist such education, take various steps including restricting their internet access. We’ve now had a chance to peruse the lengthy “Memorandum of Understanding" (MOU) behind this deal. Turns out, as is often observed, the devil is in the details – and they are devilish indeed.
Let’s start with the people taking credit: major content owners, service providers, and some government officials, principally New York Attorney General Andrew Cuomo. But guess who wasn’t invited to the party? The millions of subscribers who will be governed by the deal—the same subscribers who elect the politicians, buy the content owners’ goods and pay subscription fees to the internet access providers (which are likely to go up as administration costs are passed on – the UK’s graduated response system was estimated to cost about $40 per subscriber). Given that subscribers weren’t consulted, it’s probably not surprising that this deal is not in their interests.
Here’s some of the biggest problems with what resulted--and some ideas on what subscribers should demand of the system they’ll be paying for:
Who’s in Charge? The MOU calls for the creation of a new organization, called the Center for Copyright Information (CCI), to administrate the six-strikes system. CCI will be governed by a six-person executive committee comprised of representatives from content owners and internet access providers. Throwing a bone to subscribers, a three-person advisory board will include members “from relevant subject matter and consumer interest communities,” who will be given the chance to speak up whenever the executive committee asks. This possible advisory presence for subscribers is completely inadequate. Given they are the whole point of the MOU, subscribers deserve seats at the table as voting members of the executive committee.
“Mitigation” Measures and Independent Review: Internet access providers can punish accused subscribers by interfering with the subscribers’ connectivity, including by slowing transmission speeds, temporarily restricting web access for “some reasonable period of time,” and conditioning web access on completing a “meaningful copyright education program.” These mitigation measures can be imposed solely on the basis of the content owners’ assertions, without a judge ever determining that the subscriber did anything wrong.
Internet access has become an essential service in the digital age. Thus, just as we restrict the power of utilities to turn off services to their customers, we should not allow content owners to cause internet access providers to degrade or suspend their services without adequate due process.
The MOU does create a process designed to protect subscribers from unfounded accusations and punishment, but it’s hardly due process. Consider some of the procedural protections that subscribers might have sought if they had been at the bargaining table:
* The burden should be on the content owners to establish infringement, not on the subscribers to disprove infringement. The Internet access providers will treat the content owners’ notices of infringement as presumptively accurate--obligating subscribers to defend against the accusations, and in several places requiring subscribers to produce evidence “credibly demonstrating” their innocence. This burden-shift violates our traditional procedural due process norms and is based on the presumed reliability of infringement-detection systems that subscribers haven't vetted and to which they cannot object. (The content owners’ systems will be reviewed by “impartial technical experts,” but the experts’ work will be confidential). Without subscribers being able to satisfy themselves that the notification systems are so reliable that they warrant a burden-shift, content owners should have to prove the merits of their complaints before internet access providers take any punitive action against subscribers.
* Subscribers should be able to assert the full range of defenses to copyright infringement. A subscriber who protests an infringement notice may assert only six pre-defined defenses, even though there are many other possible defenses available in a copyright litigation. And even the six enumerated defenses are incomplete. For example, the “public domain” defense applies only if the work was created before 1923--even though works created after 1923 can enter the public domain in a variety of ways.
* Content owners should be accountable if they submit incorrect infringement notices. A subscriber who successfully challenges an infringement notice gets a refund of the $35 review fee, but the MOU doesn’t spell out any adverse consequences for the content owner that make the mistake – or even making repeated mistakes. Content owners should be on the hook if they overclaim copyright infringement.
* Subscribers should have adequate time to prepare a defense. The MOU gives subscribers only 10 business days to challenge a notice or their challenge rights are waived (a subscriber might get an extra 10 business days "for substantial good cause"). This period isn’t enough time for most subscribers to research and write a proper defense. Subscribers should get adequate time to defend themselves.
* There should be adequate assurances that the reviewers are neutral. The MOU requires that reviewers must be lawyers and specifies that the CCI will train the reviews in “prevailing legal principles” of copyright law – an odd standard given the complexity of, and jurisdictional differences in, copyright law. We’re especially interested in the identity of these lawyers, and why they are willing to review cases for less than $35 each (assuming the CCI keeps some of the $35 review fee for itself). Perhaps there will be a ready supply of lawyer-reviewers who are truly independent. Given the low financial incentives, another possibility is that the reviewers will be lawyers tied—financially or ideologically—to the content owner community. To ensure that the reviewers remain truly neutral, reviewer resumes should be made public, and checks-and-balances should be built into the reviewer selection process to ensure that the deck isn’t stacked against subscribers from day 1.
Education or Propaganda? The MOU repeatedly emphasizes subscriber education as one of its main goals. Unfortunately, this education won’t offer a very balanced view of copyright, at least if the current version of the CCI website is any indication. That website currently is full of scare-mongering rhetoric decrying the ill effects of so-called “content theft” and stressing the security risks of P2P. As the site is further developed, the executive committee should reject the rhetoric and look instead to the numerous online resources that provide a balanced and nuanced view of copyright law, helping to inform subscribers about their rights as well as their responsibilities when it comes to creative works.
Transparency: The MOU contemplates ongoing evaluation of the system through a variety of reports. That seems like a good idea, but neither subscribers nor the general public get to see or comment on those reports. Similarly, the statement of “prevailing legal principles” used to instruct reviewers also should be made public so that subscribers know how reviewers are interpreting U.S. copyright law. Simply put, if subscribers are supposed to treat the system as credible, they need enough information to determine that the system actually is credible.
Conclusion: This MOU has been in development for years, and we imagine the parties will be reluctant to revisit it. But it has yet to be implemented, which means there’s still time for the parties (and their friends in government) and to address the deficiencies of their proposal from perspective of the subscribers who’ll be paying for it. This deal is never going to be good for subscribers (nor for the artists who won’t see one more red cent as a result of it) -- but it sure could be better.
Posted by Eric at 01:13 PM | Copyright , Derivative Liability | TrackBack
July 15, 2011
Court Denies Injunction in Webcam Case Against Aarons -- Byrd v. Aarons, Inc.
[Post by Venkat Balasubramani]
Byrd, et al. v. Aaron's, Inc., et al., 11-cv-00101-SJM-SPB (W.D. Pa. July 8, 2011). Magistrate report. Judge's approval.
Plaintiffs leased (and then purchased) their computer from Aspen Way, a franchisee of Aaron's. Many of the computers leased by Aspen Way reportedly had a piece of software called "PC Rental Agent" installed on them. This software was designed (by DesignerWare) to purportedly "assist rental companies in the recovery of lost or stolen computers." One feature of this program allowed for the remote capture or recordation of "keystrokes, screenshots, and photographers" from a computer it was installed on.
Crystal and Brian Byrd received a visit from someone who by mistake sought to repossess the laptop which they had purchased from Aspen Way. The repo man showed the Byrds a picture of Brian which was taken from the webcam of the Byrds' computer. The Byrds called the police, who came to investigate. The police took the Byrds' computer (presumably for investigative purposes).
The Byrds sued Aaron's, Aspen Way, Aaron's, and DesignerWare, alleging violations of the Wiretap Act and the Computer Fraud and Abuse Act. They sought an injunction seeking four different items of relief, but resolved the bulk of the issues, leaving for the court the sole issue of whether the court should enjoin "suspension of the Detective Mode of the PC Rental Agreement."
Somewhat surprisingly, the court denies the request for injunctive relief. At oral argument, plaintiffs argued that irreparable harm was a given:
I can't imagine anything more obvious than this prong. You have literally thousands of people who are sitting at their computers right now who have this program on it where detective mode may be enabled today, tomorrow, at any time, and this information, private information, can flow from their kitchen table through the server in Erie and back to the people who they don't know in these local stores. I don't know when a trial will be set in this case, but I do know that this is--there will be irreparable harm if this information, private information will be distributed.
The court finds that because plaintiffs' laptop was no longer in their possession, there is no showing of ongoing irreparable harm as to plaintiffs. With respect to other potential members of the class, the court finds that
it is purely conjecture that the other members of the putative class will be subjected to remote access of personal information.
The court cites to the testimony of the co-owner of DesignerWare that only eleven computers were transmitting information to Aaron's franchises. (Roughly 80 to 100 computers are supposedly reported "stolen" from Aaron's in any given month.) Plaintiffs also submitted the testimony of a former employee of Aspen Way, who was a sales manager and testified that she witnessed Aspen Way employees viewing personal information of Aspen Way customers (including bank accounts, names, addresses, and social security numbers). The court rejects this evidence, finding that it does not speak to the current practices of the particular franchise in question and is thus not relevant to the irreparable harm analysis.
While it is permissible to grant injunctive relief based on the type of testimony adduced by plaintiffs and in protection of as-yet-unnamed class members, the court declines to do so in this case. Along the way, the court drops a footnote, expressing some skepticism as to the merits of the case. The court notes that it's entirely unclear that the information collection at issue constitutes an "electronic communication," because there is no evidence that Mr. Byrd was "online" when the information was collected. The court also says it has "grave doubts" as to whether the communications "affected . . . interstate or foreign commerce." The court also states that it is unclear as to whether the Wiretap Act reaches a person's "communication with his own computer."
__
Yikes! Privacy class actions seem out of control to me, but I'll admit even I was surprised by this result. I'm equally surprised that the Aaron's-affiliated defendants did not all just stipulate to suspending use of the software until things were sorted out. (Aarons, Inc. did, but its franchisee Aspen Way did not. In fact, Aspen Way did not participate in the hearing, which makes the denial of injunctive relief all the more perplexing.) Setting aside whether the court was correct in its view of the merits of the case, the court takes an unduly restrictive view of the facts when it states that no "interception" of an electronic communication occurred because there was no evidence that Mr. Byrd was online or communicating with someone else when the image in question was captured. Surely, given the ex-employee's testimony as to what type of information was viewed through use of the software, it's fair to presume that the Aspen Way employees are not sitting around making sure that the capture only occurred while the computer user was offline or not communicating with another person. The court's skepticism about whether the communications in question affected interstate commerce also seems off-base. The communications of Aspen Way customers probably traveled halfway around the world, even if they were transmitted between computers that were in the same city.
This is not to say that it should be an easy path to finding liability for all defendants. DesignerWare developed the software in question, and it's far from clear that it should face liability as a developer/vendor for what may turn out to be the errant acts of Aspen Way employees. (See the SpectorSoft keylogger case: "Keylogger Software Company Not Liable for Eavesdropping by Ex-spouse -- Hayes v. SpectorSoft.") Similarly, it's also unclear as to whether Aaron's Inc. should face liability for the CFAA and Wiretap Act violations of Aspen Way employees or for the acts of its franchisee. Courts are mixed on whether you can even assert a derivative claim under the CFAA. Regardless, both claims will probably require some showing of knowledge on the part of Aaron's Inc., the deep pocketed defendant.
Another pair of laptop cases which also happened to be out of Pennsylvania involved a school district's use of webcams to allegedly spy on students. Those cases settled, with the school district agreeing to pay a named plaintiff $175,000 along with attorneys' fees of $425,000. I'm guessing this setback will not deter plaintiffs, who probably will soldier on in discovery and see what they can unearth (despite a clearly unsympathetic judge).
Other coverage:
"Injunction Denied in Rental Computer 'Spyware' Case" (Courthouse News)
Posted by Venkat at 12:30 PM | Privacy/Security
17 USC 512(f) Preempts State Law Claims Over Bogus Copyright Takedown Notices--Amaretto v. Ozimals
By Eric Goldman
Amaretto Ranch Breedables, LLC v. Ozimals, Inc., 2011 WL 2690437 (N.D. Cal. July 8, 2011).
I generally like furry critters, but I'm beginning to hate the virtual horses and virtual bunnies for their deleterious effect on Internet law. A prior ruling in this case held that Amaretto (the horses) couldn't claim 17 USC 512(f) when Ozimals (the bunnies) sent takedown notices to Second Life that Second Life didn't act upon. Now, in this ruling, the court says that 17 USC 512(f) preempts all state law claims based on the takedown notices, agreeing with language in the Diebold and Lenz 512(f) cases.
I must confess that copyright preemption baffles me generally. Consistent with that, I couldn't tell if this ruling is relying on statutory preemption (17 USC 301), conflict preemption or field preemption. It might just be my shaky reading skills, but the opinion seemed to imply it was all three simultaneously.
There is a key difference between this case and the Diebold/Lenz cases, however. In those cases, the court said 512(f) was a viable claim. Here, the court has already said 512(f) isn't viable for Amaretto. So Amaretto rightly pointed out that this ruling would leave Amaretto remediless. The court expressly acknowledges this result, saying: yup, that's exactly what federal preemption means.
Amaretto also cited to the recent Rock River ruling, which indicated that 512(f) didn't preempt a tortious interference case. The court distinguishes the Rock River case by saying that case did not involve a 512(c)(3) takedown notice, so the notice never fell within 512(f)'s ambit in the first place and thus 512(f)'s preemption wasn't triggered. The court unfortunately doesn't reference or distinguish Smith v. Summit Entertainment, which survived various state law claims in addition to a 512(f) claim. I don't remember a preemption challenge in that case, but that's perhaps because the case was really about trademarks, not copyrights.
All this leaves me more confused than before. If you're looking for a good but challenging paper topic, the preemptive effect of 17 USC 512(f) looks worth exploring. It also reinforces that 512(f) is a limited solution that may be miscalibrated for its supposed purposes of helping to suppress bogus copyright takedown notices.
Prior blog posts on this case:
* Copyright Takedown Notice Isn't Actionable Unless There's an Actual Takedown--Amaretto v. Ozimals (April 2011)
* Second Life Gets Out of Dispute Between Virtual Bunnies & Virtual Horses (Jan. 2011)
* Second Life Ordered to Stop Honoring a Copyright Owner's Takedown Notices--Amaretto Ranch Breedables v. Ozimals (Jan. 2011)
Posted by Eric at 07:22 AM | Content Regulation , Copyright , Derivative Liability | TrackBack
July 13, 2011
Coventry First Withdraws Twittersquatting Lawsuit Against @Coventryfirst -- Coventry First, LLC v. Does
[Post by Venkat Balasubramani]
Coventry First, LLC v. Does, 11-cv-03700-JS (voluntarily dismissed)
I previously posted about Coventry First's lawsuit against the operator of the @coventryfirst Twitter account. ("Trademark Owner Sues Over Alleged Twittersquatting--Coventry First, LLC v. Does.") I did not expect the plaintiff to prevail. Perhaps not surprisingly, then, Paul Levy of Public Citizen, who represented Doe, sends word that Coventry First voluntarily dismissed the lawsuit. (See "Coventry First’s Abuse of Trademark Law to Suppress Criticism Falls Apart.")
The dismissal of the lawsuit was precipitated by a procedural gaffe on Coventry First's part. In order to proceed with the lawsuit, it had to identify the Doe defendant, and jump through a few hoops before it sent a subpoena. Coventry First did not jump through the right hoops, and sent a deficient subpoena to Twitter. Twitter, to its credit, did not blindly comply with the subpoena; it passed the subpoena on to Doe's lawyer, Paul Levy. Paul prepared a hammer down motion to quash, and upon being advised of the grounds for the motion, Coventry First withdrew its lawsuit. Even if Coventry First had complied with the rules governing subpoenas, it's unclear that it would have been unable to unmask Doe because this requires some sort of showing that Coventry First had colorable claims.
Paul's post mentions that the @CoventryFirst account was pushing the envelope on Twitter's guidelines for parody and fan accounts, which do not allow for exact matches. In order to bring itself into compliance with Twitter's policy, the account-holder (Doe) added disclaimers, and also added "in" to the username, so the account is now @coventryfirstin.
With more and more companies establishing and relying on a presence on Twitter or Facebook, many of these types of disputes will be resolved by the likes of Twitter or Facebook rather than by the courts. Given that they face risk of secondary liability for trademark claims from brand owners, Twitter and Facebook will probably end up adopting a policy and making decisions that are more favorable to trademark and brand owners. Paul notes that Twitter's policy has a slight brand-owner bias, but it looks fairly nuanced. The fact that Twitter adopted a parody/fan account policy is in itself a win. Also, as mentioned above, Twitter took steps in this case to notify Doe of the subpoena, and this reflects a thoughtful approach on its part.
In any event, it looks like we will have to wait for another case to come along and resolve "the interesting issue of whether the many cases authorizing the use of trademarks in the domain names, titles and meta tags of non-commercial commentary web sites apply equally to Twitter account names." In the meantime, at least you now know who Coventry First is.
Other coverage:
Coventry First’s Abuse of Trademark Law to Suppress Criticism Falls Apart (Public Citizen)
Posted by Venkat at 11:25 AM | Trademark
"Recent and Future Developments in Trademark Law" Talk Slides
By Eric Goldman
Last month, I spoke with Mark Lemley and Peter Menell at a Silicon Valley IP Law Association dinner event designed to be a "year-in-review" of IP. I spoke on trademark law. My talk slides. To avoid the inherent limitations of a talk built around seriatim case highlights, I converted the year-in-review into a "hot topics" type presentation highlighting 5 key developments. These types of talks are much more time-consuming to prepare than my typical talk, so I don't expect to do them very often!
Posted by Eric at 09:13 AM | Trademark | TrackBack
July 12, 2011
Mortuary Sciences College Student Disciplined for Threatening Facebook Posts--Tatro v. University of Minnesota
By Eric Goldman
Tatro v. University of Minnesota, 2011 WL 2672220 (Minn. App. Ct. July 11, 2011)
This sounds like it could have been an episode of Six Feet Under! Tatro is a student in University of Minnesota's mortuary sciences department, a step towards working in a funeral home or as a mortician. She made a series of Facebook posts suggesting she would take violent actions towards her cadaver and perhaps against still-living people, including a post ("I still want to stab a certain someone in the throat with a trocar") that she admitted she intended for her ex-boyfriend to read. After being alerted to the posts, the university began disciplinary proceedings against her, resulting in the following discipline:
giving Tatro a failing grade in her anatomy-laboratory class and requiring her to enroll in a clinical ethics course; write a letter to mortuary-science department faculty addressing the issue of respect within the department and profession; and complete a psychiatric evaluation. The CCSB also placed Tatro on academic probation for the remainder of her undergraduate career
Tatro claimed she was being improperly disciplined for off-campus behavior. The appellate court disagreed:
Tatro's posts referenced, albeit anonymously, an anatomy-bequest program donor, spoke of taking out "aggression" in a university class, and mentioned wanting to "stab" an unidentified individual with a trocar....the realities of our time require that our schools and universities be vigilant in watching for and responding to student behavior that indicates a potential for violence.
This takes us back to the unresolved question about when online activity is on-campus or off-campus. This question is bedeviling courts in the K-12 context, as we recently saw in the messy en banc opinions from the Third Circuit (see my original post on the Third Circuit rulings). The question doesn't get any easier when it arises in the university context. Regarding Tatro's First Amendment challenge, Eugene Volokh notes the rarity that this opinion applied Tinker to the university context (an expansion from its roots in K-12 education). Applying Tinker, the court found adequate grounds to conclude that Tatro's posts disrupted the university, referencing both her potential for future on-campus violence as well as the problems her posts caused for future cadaver donations.
She then claimed the university rules didn't prohibit her behavior. The university claimed she engaged in "threatening" conduct. As Venkat recently noted, courts are treating threats communicated in social media posts very seriously, even if the threats are fairly unspecific--and even though social media posts are often gratuitously hyperbolic and readers know it. There's a fine line between ill-advised social media rants and truly threatening posts, but there's a mini-trend in court to collapse those two categories. Unquestionably, Tatro's posts were ill-advised; and unquestionably, they made other members of the university community nervous. Presented in the cold type of an appellate opinion and divorced from any other context other than knowing they were written by a college student who has chosen a career in death, I'm having a hard time seeing them as truly threatening.
She also violated a university rule that "Conversational language of cadaver dissection outside the laboratory should be respectful and discreet. Blogging about the anatomy lab or the cadaver dissection is not allowable." Irrespective of the legality of this gag order, it seems like a common-sense restriction given the nature of the subject matter. Tatro tried to argue that blogging and Facebooking are two different things. The court sidestepped the argument but that seemed pretty weak.
This case reminded me a lot of the Yoder v. University of Louisville and Byrnes v. Johnson County CC cases. In Yoder, a nursing student called her patients' newborn babies "creeps" on her blog, and in Byrnes, nursing students posted a photo of a patient's placenta to Facebook. In both of those cases, the schools overreacted by expelling the students; and the courts rejected such extreme remedies. In this case, the university's sanctions were far short of expulsion, so perhaps the more measured response made it easier for the court to accept. In all three cases, the students demonstrated poor professional judgment--a not uncommon thing among college students, but it still disappoints educators who are trying to inculcate students with higher professional standards. The University of Minnesota apparently had taken several steps to educate the mortuary science students about the need to respect their profession, an effort that's clearly needed.
Posted by Eric at 04:59 PM | Content Regulation | TrackBack
Court Orders Plaintiff to Turn Over Facebook and MySpace Passwords in Discovery Dispute -- Zimmerman v. Weis Markets, Inc.
[Post by Venkat Balasubramani]
Zimmerman v. Weis Markets, Inc., CV-09-1535 (Pa. Ct. Common Pleas; May 19, 2011)
Courts continue to struggle with the discoverability of social network evidence in civil cases and the logisictal problems posed by these discovery disputes. In this case, the court orders the plaintiff to turn over his Facebook and MySpace passwords to defendant.
This was a personal injury case where plaintiff sued Weis Markets for injuries he suffered on the job. Weis Markets had a contracting relationship with plaintiff's employer. Plaintiff sought damages for physical injuries, but also for "suffering, scarring and 'embarrassment'."
Weis Markets reviewed the publicly available portions of plaintiff's Facebook and MySpace pages and discovered a bunch of clearly relevant evidence: (1) photographs of the plaintiff with a black eye, before and after the accident; (2) photographs of the plaintiff wearing shorts, which he claimed he was too embarrassed to do because of the accident, and (3) the fact that plaintiff listed "ridin" and "bike stunts" as interests.
The court weighs plaintiff's privacy arguments and finds that they are insufficient to overcome defendant's need for the requested information. Quoting Romano v. Steelcase, the court notes that refusing the discovery request would:
condone Plaintiff's attempt to hide relevant information behind self-regulated privacy settings.
The court also relies on the fact that Facebook's terms do not guarantee privacy (regardless of what Facebook may say):
It is well publicized that Facebook's privacy policy and its revisions have been the subject of criticism and controversy that may be never ending. One need only "Google" search the terms "Facebook privacy" for an exhaustive list of . . . articles on the topic.
Ouch! The court also drops in a warning to social networkers everywhere that the details you share with your social circle are not magically off-limits in litigation:
By definition, a social networking site is the interactive sharing of your personal life with others; the recipients are not limited in what they do with such knowledge. With the initiation of litigation to seek a monetary award based upon limitations or harm to one's person, any relevant, non-privileged information about one's life that is shared with others and can be gleaned by defendants from the internet is fair game in today's society.
The court orders plaintiff to turn over his log-in information for all MySpace and Facebook accounts and also orders plaintiff to not delete or alter "existing information and posts" on those accounts.
__
I don't have a good solution to the logistical problem posted by this discovery dispute, but I'm convinced that forcing a party to hand over his or her log-in information is not the correct result. Problems with this approach are legion, starting with the fact that the party seeking discovery will undoubtedly be exposed to irrelevant, non-discoverable information that may be private, intimate, or embarrassing. There's a chance that attorney/client privileged communications can be exposed. There's the possibility that the party who gets access to the profiles may alter or delete information unwittingly, or change settings. Then there's also the thorny Stored Communications Act issue, which prevents the party from seeking any private communications directly from the social networking site by means of a subpoena. Is court ordered disclosure of the log-in information an end-run around the Stored Communications Act?
Interestingly, in the criminal context, a district court is currently considering whether a defendant can be compelled to reveal a decryption password. ("DOJ: We can force you to decrypt that laptop.") Whether the government can force you to reveal your encryption password depends on different standards than those applicable to a civil discovery matter, but there are still interesting parallels.
A better approach is to generate some sort of inventory of the page, similar to a privilege log. Of course, this runs in to the problem that it relies on the good faith of the party who creates the inventory. An alternative is for the court to conduct in camera review. The court rejects that proposal outright here, saying that this would be "an unfair burden to place on the court, which would not only require the time and resources necessary to complete a thorough search of these sites, but also require the court to guess as to what is germane to defenses which may be raised at trial."
Finally, I'm not sure what to make of the court's directive to the plaintiff to not alter or delete "existing information or posts" on his Facebook and MySpace accounts. I guess you could imply a "relevant to the dispute" limitation onto this, but the court does not include such a limitation here, and it's overly broad for the court to order the plaintiff to not delete or alter any of the content in his accounts.
Additional coverage:
Pa. Court Finds Facebook Posts to be Discoverable Evidence
Previous posts:
Facebook Messages/Wall Posts, Civil Discovery, and the Stored Communications Act -- Crispin v. Audigier (June 2, 2010)
Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute -- Barnes v. CUS Nashville (June 9, 2010)
Deleted Facebook and MySpace Posts Are Discoverable--Romano v. Steelcase (Sept. 29, 2010)
Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case -- McMillen v. Hummingbird Speedway (Oct. 24, 2010)
Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson (May 19, 2011)
Court Conducts in camera Review of Plaintiff's Facebook Page to Resolve Discovery Dispute -- Offenback v. Bowman (June 24, 2011)
Posted by Venkat at 08:55 AM | Evidence/Discovery , Privacy/Security
July 11, 2011
Comments on NY Highest Court Ruling on 47 USC 230--Shiamili v. Real Estate Group [Catch up post]
By Eric Goldman
Shiamili v. The Real Estate Group of New York, Inc., 2011 WL 2313818 (N.Y. App Ct. June 14, 2011). My blog post on the intermediate appellate ruling.
[I was traveling in mid-June and a few interesting rulings fell through the cracks. This is a catch-up post.]
Shiamili founded Ardor, which competes with the Real Estate Group in the apartment rental brokerage business. A pseudonymous user posted a comment to REG's blog allegedly defaming Shiamili. The blog administrator elevated the comment into a full blog post by republishing it with some introductory remarks. This sparked further allegedly defamatory comments to the post. The blog administrator allegedly also responded to one of those comments to try to elicit further details about Shiamili's deficiencies.
Based on this recitation, this looks like an easy 47 USC 230 dismissal. The plaintiffs made it seem even easier by alleging the defendants' tortious conduct was to "administer and choose content for" the blog. Administering and choosing UGC is exactly what 47 USC 230 protects, so this was a relatively uninspired effort to bypass the immunity.
The court summarizes the state of play in 47 USC 230 jurisprudence and distills a conclusion:
Today, we follow what may fairly be called the national consensus...and read section 230 as generally immunizing internet service providers from liability for third-party content wherever such liability depends on characterizing the provider as a 'publisher or speaker' of objectionable material
I'm not sure how this broad philosophy statement advances the ball beyond the statute's plain text, and the last 3 words are odd. The immunity applies irrespective of whether or not "objectionable" material is involved. The court does explain that the immunity applies equally to both neutral and selective publishers. The court punts on the Roommates.com's discussion about "development," saying that the plaintiff loses even under the more plaintiff-friendly reading. (Count this opinion as yet another citation of Roommates.com for the defense). The court says:
1) "Creating an open forum for third-parties to post content -- including negative commentary -- is at the core of what section 230 protects"
2) "there is no allegation that the defamatory comments were posted in response to any specific invitation for users to bash Shiamili or Ardor"
3) elevating the comment to its own blog post didn't make the blogger a content provider of the comment's content. The court doesn't cite the email forwarding cases, but this ruling is completely consistent with them (see, e.g., Phan v. Pham).
The court distinguishes Roommates.com and Accusearch because the site did not require users to do anything illegal.
Finally, the court says the blogger is the content provider (and thus not insulated by 47 USC 230) for his introductory remarks, the blog post title and an accompanying drawing, but those three elements weren't defamatory as a matter of law.
There was a surprisingly strong dissent (and a 4-3 split among the judges), concluding that "an interpretation that immunizes a business's complicity in defaming a direct competitor takes us so far afield from the purpose of the CDA as to make it unrecognizable." This is at least the second time a state's highest court has split 4-3 on a 230 case--the old Doe v. AOL case in Florida is the other that comes to mind. Perhaps this difficulty agreeing on 47 USC 230's application makes sense for state courts that don't see 47 USC 230 cases regularly and might be surprised by the counter-intuitive breadth of Congress' immunity.
Posted by Eric at 08:55 AM | Derivative Liability | TrackBack
July 10, 2011
Virginia Appeals Court Affirms Conviction for Posting Threatening Rap Lyrics on MySpace -- Holcomb v. Virginia
[Post by Venkat Balasubramani]
Holcomb v. Virginia, 0546-10-1 (Va. Ct. App. June 7, 2011)
Defendant was involved in a romantic relationship with the victim and fathered their child. The Defendant and the victim had a contentious custody dispute. Defendant posted several blog entries to his MySpace page. The title to one entry was "Unfinished Biznezz God, I give you the 'woodroll' family ... Tell them to 'F the F OFF' and "GET OFF ME" with the following content:
Poof? Make ya daughter disappear like 2pac!
He knew now what he do like 2 cops
With no vest, off'd with 2 shots
Thru the chest from 2 blocks
....
Custody battles, restraining orders
Bitch made me go mad I just had to stab her
Blind now I see her true colors
On the front cover of The World's Most Murdered Mothers
By Americas Most Wanted Fathers
....
Ain't nobody playing bitch, slit your neck into a fountain drink
This is your pre-accident announcing
Fuck your fliers, I already put the word out for the crowd 2 see
No one hearing your screams from the knife cut sounds
The Defendant testified that he did not direct the entries to the victim. In fact, the victim did not read the entries until a member of her family alerted her to the entries and she accessed the defendant's MySpace page with her mother's computer (she did not have a computer of her own). Based on the references to "Woodroll," her maiden name, and references in the entries to specific incidents of their custody battles, the victim testified that she had a reasonable fear of harm.
Were the threats directed to the victim?: The first question was whether the threats were directed to the victim. It turns out that this does not matter. The court holds that even though the statute requires a threat to be "communicated," this does not mean that the threat has to be specifically communicated to the victim--it can be generally disseminated:
it is sufficient [defendant] made numerous references to his history with Rollman that allowed her to identify herself as the subject of violent fantasies once she [viewed] the profile . . . [f]urther, [defendant] knew that [the victim] had access to his MySpace page and had viewed it in the past.
Were the lyrics 'true threats'?: Defendant argued that he had used MySpace as a medium for posting other music and lyrics, and that he had an "established history of involvement" with 'Juggalo-style' music. The court rejects these arguments, focusing on prior incidents between the victim and the defendant, the specificity of the posts, and the "graphic and violent" imagery in the posts. The court also finds that the victim's reaction was reasonable--she moved out of her house and back in with her parents in order to take advantage of the security system that her parents had in place.
__
It's hard to say whether this has risen to the level of a trend, but courts seem to find that posting a threat on the internet that references another person can fall under statutes prohibiting threatening communications (even where the threat is not directed to the person in question). The Jeffries case was one I blogged about where the court similarly relied on the specific references in the defendant's post to find that the threat constituted a 'true threat.' ("Court Finds That Threatening Video Posted to YouTube and Facebook Can Constitute a "True Threat.") That case also involved a disgruntled participant in the family court system as a defendant, although the threats in question where ostensibly directed to a family court commissioner.
There are obvious First Amendment issues lurking in the background of these cases, and courts should be worried about developing a body of precedent that prevents people from venting about their trials and tribulations in life. Although the court does not give much credence to them, these issues were at the forefront in this case since the defendant previously posted lyrics to his site and had a credible argument that these particular lyrics were just a manifestation of his ongoing frustrations in life. Interestingly, the courts don't seem to take the contexts of the postings into account much in these cases. Is a post to a MySpace page more likely to fall into the "rant" category and not meant to be taken seriously? Several courts have said as much in the defamation context (see DiMeo v Max, Finkel v Dauber, and more recently, Sandals Resorts v. Google), but courts have not embraced this view when it comes to threats online.
Posted by Venkat at 04:14 PM | Content Regulation
Comments on the Second Circuit Hot News Decision--Barclays v. theflyonthewall [Catch up post]
By Eric Goldman
Barclays Capital Inc. v. Theflyonthewall.com, Inc., 10-1372-cv (2d Cir. June 20, 2011). My prior blog post on the case.
[I was traveling in mid-June and a few interesting rulings fell through the cracks. This is a catch-up post.]
Even if I might be persuadable about the merits of a very circumscribed hot news doctrine if I saw sufficient utilitarian evidence (i.e., without hot news protection, society will suffer a demonstrated loss of socially valuable production), plaintiffs will always try to stretch and morph such a circumscribed doctrine into something unrecognizable. Given the transaction costs and error costs associated with this pushing by plaintiffs, I don't think the hot news game is worth the candle. In other words, we'd be better off killing the doctrine outright rather than trying to preserve it as a niche IP. For this reason, I'm cheered whenever I see defense-side hot news wins. Chances are those rulings move us closer to the socially optimal result.
As you recall, this case involved a website's republication of stock recommendations made by brokerage firms. The brokerage firms aimed to give their loyal customers a headstart in trading a stock based on the recommendation. By republishing the recommendations, the website substantially narrowed or eliminated this time advantage. The majority takes a seemingly dim view of the brokerage firms' scheme. In FN29, the majority almost characterizes it as a type of insider trading:
[hot news protection] would ensure that the authorized recipients of the Recommendations would in significant part be profiting because of their knowledge of the fact of a market-moving Recommendation before other traders learn of that fact. In that circumstance, the authorized recipient upon whose commissions the Firms depend to pay for their research activities would literally be profiting at the expense of persons from whom such knowledge has been withheld who also trade in the shares in question ignorant of the Recommendation.
None of this affects our analysis, nor do we offer a view of its legal implications, if any. We note nonetheless that the Firms seem to be asking us to use state tort law and judicial injunction to enable one class of traders to profit at the expense of another class based on their court-enforced unequal access to knowledge of a fact -- the fact of the Firm's Recommendation.
[Although I'm sympathetic to this, isn't this also a defining characteristic of our market economy--that buyers and sellers have differential information that affects their valuation of goods and services? The concurring judge thinks this discussion was unnecessary.]
Based on my standards, there was plenty of good news in the Second Circuit's hot news ruling. The majority says that the website wasn't free-riding because the brokerage recommendations were the news (not a reporting of someone else's news), and the website was just reporting the news created by the brokerage firms. The majority says: "the Firms seek only to protect their Recommendations, something they create using their expertise and experience rather than acquire through efforts akin to reporting." The majority also notes the website attributed the information to the brokerage firms. The majority implies that the website doesn't compete directly with the brokerage firms because it doesn't sell stock trading services, although it says later that it's not addressing the direct competition prong. Finally, the majority seems to treat the standard 5-factor hot news test articulated in the Motorola case as dictum. Although I can see this argument because the Motorola court ruled for the defense, the concurrence disagrees with the dictum characterization, and I suspect most other panels will as well.
Even though the majority and concurrence don't agree on a lot, this case indicates it will be hard to find a successful hot news claim that doesn't involve one direct competitor doing a straight ripoff of the other. Perhaps the INS v. AP facts would still trigger the hot news doctrine, but not much else ought to. Certainly the majority is wary of incumbents' efforts to expand IP doctrines as a way of fighting off new technological innovations. The court says:
The adoption of new technology that injures or destroys present business models is commonplace. Whether fair or not, that cannot, without more, be prevented by application of the misappropriation tort.
Along the way, the opinions express mixed sentiments about one of the recent plaintiff hot news successes, the All Headline News case. Among other things, the majority observes that the case may have interfered with the state-by-state uniformity sought by the copyright preemption doctrine. I wonder if this discussion kills that case as precedent (not that it was very strong to begin with).
Although this ruling gets to a good place, it's too bad the court couldn't embrace what was clearly on its mind--that the Second Circuit screwed up in the Motorola case by revitalizing the hot news doctrine and therefore the entire hot news doctrine needs rethinking.
Posted by Eric at 11:02 AM | Copyright | TrackBack
July 09, 2011
"App Store" Isn't Generic, But Apple Can't Enforce Its Purported Trademark in the Term--Apple v. Amazon
By Eric Goldman
Apple, Inc. v. Amazon.com Inc., 2011 WL 2638191 (N.D. Cal. July 6, 2011)
Apple's enforcement campaign over the term "App Store" is ridiculous. Apple is trying to prop up a farcically weak trademark claim--and to what end? To prevent its competitors from using the only logical term to describe their venue? Apple's efforts to control the term seem to be anti-consumer because Apple wants to make consumers think harder to figure out the relationships between various vendors. I'm glad Microsoft and Amazon are fighting Apple's overzealousness.
The judge apparently didn't think much of this dispute either, because she almost certainly had a law clerk do the heavy lifting on this opinion. The opinion doesn't start its analysis until page 11 (of 18); the prior material being an uninsightful summary of the parties' contentions. I can read the contentions in the parties' briefs if I really care, thank you very much.
When the opinion actually starts cooking, it breezily dismisses Amazon's claim that "app store" is generic:
The court does not agree with Amazon that the mark is purely generic, for the reasons argued by Apple
Okay...
The opinion next concludes that Amazon didn't create a likelihood of consumer confusion by offering an "appstore." The LOCC factors:
* "App Store" isn't a strong mark.
* even though the parties' services are related (both are app stores using that term in the proper generic sense), Amazon's apps only run on Android, not iPhones.
* the terms are identical in sight/sound/meaning, but the opinion again notes the Android/iPhone divide.
* no evidence of actual confusion.
* the point on marketing channels was incoherent and irresolute.
* the parties' arguments on purchaser care were too speculative.
* the intent factor favors Amazon because it believes the term is generic.
* the product line expansion point was also irresolute. The court says Amazon would like to offer iPhone apps but needs Apple's permission to do so.
Here's how the court summarizes the LOCC analysis:
Thus, two of the eight factors somewhat favor Apple, and three factors somewhat favor Amazon. The remaining three factors are neutral, or do not clearly favor either side. Accordingly, under this analysis, the court finds that Apple has not established that it is likely to prevail on the “confusion” element of its infringement claim.
This is what happens when you use the LOCC test to adjudicate a generic term. The LOCC test isn't insightful in that case, and some of the factors will weigh in favor of the plaintiff because the defendant is just trying to use the dictionary term for its dictionary meaning. Microsoft is still fighting Apple's trademark registration application in the TTAB, and I'm hoping the TTAB's expertise with trademarks will help it do what this judge seemed afraid to do: call the term generic.
The opinion allocates another 5 pages to a dilution analysis, although most of those pages are also a recap of the parties' contentions. The court's complete analysis of dilution issue:
The court finds that Apple has not established a likelihood of success on its dilution claim. First, Apple has not established that its “App Store” mark is famous, in the sense of being “prominent” and “renowned.” The evidence does show that Apple has spent a great deal of money on advertising and publicity, and has sold/provided/furnished a large number of apps from its AppStore, and the evidence also reflects actual recognition of the “App Store” mark. However, there is also evidence that the term “app store” is used by other companies as a descriptive term for a place to obtain software applications for mobile devices.
With regard to the statutory “blurring” factors, the marks are similar, but “App Store” is more descriptive than it is distinctive. Apple did have substantially exclusive use of “App Store” when it launched its service a little over three years ago, but the term appears to have been used more widely by other companies as time has passed. The mark does appear to enjoy widespread recognition, but it is not clear from the evidence whether it is recognition as a trademark or recognition as a descriptive term. Moreover, there is no evidence that Amazon intended to create an association between its Android apps and Apple’s apps, and there is no evidence of actual association.
With regard to tarnishment, there is no evidence to support a likelihood of success on this part of the claim. Apple speculates that Amazon's App Store will allow inappropriate content, viruses, or malware to enter the market, but it is not clear how that will harm Apple's reputation, since Amazon does not offer apps for Apple devices.
This discussion is so garbled, I'm not even sure where to begin. Let's drill down on the blurring discussion. In the LOCC analysis, the court assumed without deciding that "App Store" had achieved secondary meaning. Here, the court apparently undercuts that assumption by implying (saying?) that the mark isn't "distinctive"--in other words, lacking secondary meaning.
If the court intended to conclude that App Store had secondary meaning, then stacking up new definitions for the term is exactly what blurring is supposed to prevent, so the court should allow Apple to shut down Amazon and all of the other parties who are adding those new definitions. Or, if the court is saying that the term was once "distinctive" but now isn't, that's genericide. I don't know of a way for a descriptive term to obtain secondary meaning and then lose it without that term becoming generic for trademark purposes.
We all know what really happened--the term was generic from the moment Apple started using it, and the term has been proliferating through the English language as new useful dictionary terms tend to do. The court's timidness in reaching that conclusion forces it to contort the rest of its doctrinal analysis.
Despite the doctrinal mush, one thing seems pretty clear to me. Apple may have delayed the genericide death of its App Store trademark claim, but I don't see any situations where Apple can enforce its mark currently. I read this opinion as saying that so long as the term isn't being used in connection with a store for iPhone apps, there won't be any consumer confusion or dilution. But my understanding is that Apple isn't letting other stores offer iPhone apps, so the defendant pool should be a nullset. So whether it's because of genericism or the impossibility of consumer confusion, this opinion signals to Apple that it's wasting everyone's time and money trying to protect the App Store term.
Posted by Eric at 12:47 PM | E-Commerce , Trademark | TrackBack
July 08, 2011
NJ Appeals Court: No Privacy Violation When Spouse Uses GPS to Track Vehicle -- Villanova v. Innovative Investigations, Inc.
[Post by Venkat Balasubramani]
Villanova v. Innovative Investigations, Inc., et al., A-0654-10T2 (N.J. Ct. App. July 7, 2011)
A New Jersey appeals court decided that a wife's use of a GPS device to track her husband's movements did not violate the husband's privacy rights.
Background: The plaintiff was married, and his wife suspected him of having an affair. The wife hired an investigative firm (the defendants), who conducted a preliminary investigation. It recommended that the wife place a GPS device in the husband's car in order to better track his movements and assist with the investigation. The wife purchased the device [through the internet, of course!] and placed it in the glove compartment of the husband's Denali, where it remained for forty days. The wife sporadically checked the GPS device's movements online and passed along the information to defendants. Defendants used the information to conduct their investigation, which did not seem to yield any information that I would characterize as a blockbuster. The closest the investigators came to a confrontation with the plaintiff is when they waited outside the home of the woman the husband was suspected of having an affair with, and observed the husband and this woman in his car. The investigators followed the car, but the husband realized he was being followed.
The husband brought invasion of privacy claims against the investigative firm and its principal. (The husband waived his privacy claims against the ex-wife in the divorce settlement.)
Discussion: The court notes the four types of invasion of privacy claims under New Jersey law: (1) intrusion, (2) public disclosure of private facts, (3) false light, and (4) misappropriation. Here, plaintiff argued that his (now-ex) wife and the firm intruded upon his solitude. Intrusion requires a showing that the intrusion would have been "highly offensive to the reasonable person." A defendant is only liable if he or she "intrudes into a private place."
The court rejects the plaintiff's claims finding that:
There is nothing [in the record] to support an inference that any surveillance of plaintiff extended into private or secluded locations that were out of public view and in which plaintiff had a legitimate expectation of privacy.
Additionally, the court found that there was no evidence that the wife passed along any private location tracking information to defendants:
a factfinder might, at the very most, infer that [the wife] verbally passed on to defendants information from the GPS company's reports and that defendants used that information as a basis for proceeding on July 28, 2007 to the Heritage Road area. However, there is nothing to establish that any possible invasion of plaintiff's privacy and seclusion ever occurred. Such a finding would require that [the husband] was in a location where he had a reasonable expectation of privacy.
Based on this, the court finds that summary judgment was properly granted to defendants.
___
Divorces seem to be fertile grounds for court decisions around privacy and technology. (See, e.g., my post on Miller v. Meyers, an email access case: "Court: Husband's Access of Wife's Email to Obtain Information for Divorce Proceeding is not Outrageous.")
There was an interesting fact that didn't receive as much as attention as I thought it should: the car was jointly owned. I'm surprised the court did not discuss the fact that since the wife owned the car, she could have argued that she had the right to track its movements. (On a related note, the plaintiff, who was a police office, tried to argue that he used the car for law enforcement purposes once in awhile, but the court is extremely skeptical of this argument.) Another fact that the court did not focus on directly is whether the result would have been different if the investigative firm (rather than the wife) was the one who did the GPS tracking. Kash Hill's post makes this point.
It was also interesting that despite using a "reasonable expectation of privacy" standard, the court does not discuss the diminished expectation of privacy for the husband vis a vis his wife . . . who is trying to investigate him for having an affair. I'm not suggesting that spouses waive their privacy rights with respect to one another, but if you're having an affair, is it not reasonable to expect that your spouse may be checking up on you? In Miller v. Meyers, the email case, the court notes:
A husband prying into his wife's email, after learning that she was engaging in conversations and photo sharing, and then using damaging emails in a divorce and custody proceedings can hardly be considered "extreme and outrageous," "beyond all possible bounds of decency," or "utterly intolerable in a civilized society."
I wondered whether the same could be said of this case. Here, the wife's argument is even stronger, because she's not allegedly violating any other statutes intended to protect the privacy of electronic communications.
GPS tracking is one of those areas where technology and notions of privacy clash. The case law says that you have no expectation of privacy when you are in a public space, but a GPS device can track your every movement in a way that someone who physically followed you in a car couldn't conceivably do. The argument from privacy advocates is that GPS tracking--particularly long-term tracking--reveals more information than could be obtained if you physically followed someone. This was one of the arguments made by the federal appeals court in D.C., which held that warrantless GPS tracking caused Fourth Amendment problems because, among other things, "the sequence of a person’s movements may reveal more than the individual movements of which it is composed." (The Supreme Court accepted review of this case, as noted in this Wired article: "Supreme Court to Decide Constitutionality of Warrantless GPS Monitoring." A slew of federal appeals courts have come to the opposite conclusion that warrantless tracking of a car does not cause any Fourth Amendment problems.)
A final note is that private investigators have it tough these days. They definitely do not travel down a risk-free path in pursuing their investigations. Virtually any investigative decision would seem to cause concern that the subject will assert some sort of privacy claim. I suppose this was always true, but as technology improves, it becomes much easier to eavesdrop and track in a way that creates a greater risk of liability for the investigator.
Other coverage:
"Judges Say It’s Okay To Use GPS To Track a Cheating Spouse" (Kash Hill)
Posted by Venkat at 09:00 AM | Publicity/Privacy Rights
July 06, 2011
Supreme Court Strikes Down Statute Restricting Sale and Use of "Prescriber" Data on First Amendment Grounds -- Sorrell v. IMS
[Post by Venkat Balasubramani with comments by Eric]
Sorrell v. IMS Health Inc., 10-779 (June 23, 2011) [pdf]
The Supreme Court struck down a Vermont statute restricting the dissemination of "prescriber-identifiable" information for marketing purposes. While this case was viewed as one that could potentially have far-reaching effects on data-mining and privacy, the majority and dissenting opinions ended disagreeing on the level of protection accorded to commercial speech.
The Vermont statute was aimed at data-mining companies which gather information regarding what drugs doctors prescribed. Drug companies obtained and used this information to better target their marketing efforts to doctors. The statute restricted the sale or transfer this information to make it harder for the drug companies to target. The statute also restricted pharmaceutical manufacturers from using this information for "marketing or promoting a prescription drug" without the prescriber's consent. The statute included an exception which allowed this information for education and research purposes. Finally, the statute set aside funds for a "prescription drug education program," which would inform prescribers as to when generic alternatives became available for drugs which they prescribed. (The statute was not aimed at the dissemination of patient information, which the data-mining companies did not disseminate or sell--as Professor Goldman notes, this case was only nominally about privacy.)
Majority: Justice Kennedy wrote that "speech in aid of pharmaceutical marketing ... is a form of expression protected by the First Amendment." In his view, the statute restricted certain speakers from disseminating certain types of content to particular recipients. Because the statute was discriminatory in this respect, it was subject to a heightened level of scrutiny. Applying this scrutiny, he finds a poor fit between the State's goals and the statute.
The first justification asserted by the State was prescriber privacy. However, the existence of numerous exceptions to the statute, including an exception for educational and research uses, undermined this objective. Wile the State pointed to the fact that the statute contained an exception for prescriber consent, the Court finds that this merely offers a "contrived choice." Either the prescriber withholds consent which allows prescriber-information to be used in support of the State's message, or grants consent and allows for the wide dissemination of the information.
The second justification offered by the State was that the statute would lower the cost of medical care. The Court finds that which this is a laudable and important goal, the State may not accomplish this goal by "restraining certain speech by certain speakers." If the State wants to tip the balance in favor of generic drugs, this is an acceptable goal, but it cannot accomplish this goal by hamstringing the marketing efforts of the drug companies who manufacture brand-name drugs.
Dissent: Justice Breyer wrote in dissent that since commercial speech was at issue the Court should employ a lower standard, and not require a perfect fit between the State's asserted goals and the means. In fact, he even seemed skeptical that speech was at issue at all, since the statute regulated the transfer of data, and not necessarily a particular message. In his view, this was just one aspect of the State's overall regulatory program which the government should have room to pursue.
---
The big question was whether this decision will have broader effect for data mining or behavioral targeting. I'm guessing it will probably have less effect than what people envisioned. More than anything this case represents a victory for commercial speech, which has steadily inched up the scale in the amount of protection it is accorded.
The fact that the sale of data is characterized as speech deserving of a high degree of protection may make it tougher for legislators to enact laws which regulate the transfer of consumer information, but what bothered the majority here is that the purported privacy interest was ill-served by the statute and the fact that the state sought to favor one set of products by suppressing the flow of data to its marketers (while allowing the competition to use the information). To use an analogy, the State went beyond restricting the transfer of information to car manufacturers for marketing purposes. It authorized the use of this information only by manufacturers of electric cars.
Will this opinion affect more general laws aimed at the collection, use, or transfer of information for marketing purposes? Some of these already exist in specific contexts (e.g., COPPA for information collection from children under 13; CAN-SPAM includes provisions restricting the transfer of email address in certain contexts; the Video Privacy Protection Act deals with video tape rental records; and there's of course HIPPA, which deals with patient records). Provided that the regulation is not discriminatory, this case should not present an impediment to enacting this type of legislation.
The Court's treatment of the consent issue was interesting. Are doctors really powerless from a bargaining standpoint that they can't take steps in the market to somehow fix the supposed forced consent issue? The majority opinion had a paternalistic tone to it, which may make sense if the statute was dealing with patient records and patient choices, but I found it odd, given that the statutory scheme was about sales pitches to doctors!
Other coverage:
CDT Statement on Supreme Court Decision in Sorrell v. IMS Health (CDT)
Information is not Beef Jerky (info/law)
Supreme Court Rx Records Case: Not So Bad (info/law)
Court’s data-mining ruling: big change on commercial speech? (First Amendment Center)
_________
Eric's comments:
I agree with Venkat's comments but I wanted to add a few more:
Let's start with two basic premises: (1) healthcare costs have spiraled out of control, and (2) doctors' medical decisions are a big part of that. For example, it turned out that Wisconsin healthcare costs were unusually high because Wisconsin doctors are more likely to require various tests/diagnostics than doctors in other areas. It was unclear if this was because local doctors had a heightened fear of malpractice liability, different regional norms, different assessments of medical best practices or something else. However we get there, the cumulative effect of Wisconsin doctors' choices was dramatic: enormous healthcare insurance premiums (and heaven help you if you didn't have medical insurance).
Therefore, it's quite logical for a state to look more closely at doctors' drug prescribing choices both as a matter of public health and fiscal responsibility. If a state could identify systematic drug prescribing judgment-calls that unnecessarily jack up medical costs, it would be in the public interest to curb those.
The theory behind Vermont's statute (and other states in the Northeast that adopted similar laws) is that doctors are overprescribing branded pharmaceuticals when they could be prescribing generic drugs instead; and that doctors are overweighting branded drugs because drug reps are bending their ears to persuade them to prescribe the branded drug in preference to the generics; and that the drug reps are successfully persuading doctors to make this choice because the drug reps are armed with the doctor's past prescribing practices and therefore can make a more effective but socially unwanted sales pitch that is overriding the doctor's own medical judgment that would otherwise lead the doctor to prescribe the generic drug.
Stated this way, we see that the statute is targeting a problem (high medical costs) through a very indirect means (suppress a doctor's past prescribing practices from drug sales reps). Should any inference in this logic chain be wrong, then the statute is, at best, ineffectual. However, there are a broad range of other ways the state could try to remediate the problems with branded drugs jacking up medical costs, including monkeying with the states' reimbursement policies for branded vs. generic drugs; counter-educating doctors about the merits of generic drugs; educating patients about the bioequivalence of branded and generic drugs so they could make their own substitutions or push their doctors to prescribe generics when available; etc. The state was trying some of these as well.
There are two other aspects of the unique situation of doctors that I feel get lost in the top-line headlines. First, the whole concern here is face-to-face meetings between doctors and drug sales reps. Given how hard it is for us as patients to see our doctors face-to-face, it is a little shocking that doctors are voluntarily choosing to spend discretionary time with the drug reps for meetings that the doctors know are sales pitches. Why are the doctors allocating their time this way?
Putting aside the odds that the drug sales rep is very attractive and charming (have you ever noticed that on the Survivor TV show, the former beauty queens all list their job title as "pharmaceutical sales"?), it's presumably because doctors find the meetings valuable to them. Indeed, even Justice Breyer in dissent acknowledges that the drug sales reps impart valuable information in those meetings. The state statute very explicitly tried to make those meetings less useful to doctors by making the drug sales rep less well-prepared. If the drug sales reps wanted to provide tailored information to the doctor's practice, the drug reps would have to take time out of these meetings to interrogate doctors about their prescribing practices; and if the doctors concluded that the meetings weren't productive because they took too much time on irrelevant or uninteresting chatter, the doctors would simply skip the meetings entirely and perhaps lose the other valuable information being exchanged in the meetings. So before we get too worked up about the evilness of the drug reps working against the consumer interest, we should not forget that very busy doctors are voluntarily choosing to take these meetings, and doctors can and will choose otherwise when it doesn't make sense for them.
Second, the opinions talk a lot about "privacy," and this baffled me. Everyone agrees we're not talking about patient privacy. Instead, there is some back-and-forth on DOCTOR privacy in their prescribing patterns. What??? In this situation, doctors are business operators making business decisions. Tracking their prescribing decisions is similar to tracking how other businesses interact with third party vendors. We might have concerns about how tracking these decisions exposes trade secrets or competitive intelligence, but we wouldn't talk about business decision-making as being covered by "privacy" concerns. So the notion that this case teaches us anything about "privacy" law confuses me greatly.
In the end, what we really want to know is whether this case will enable more First Amendment challenges to behavioral advertising or other privacy statutes. I personally don't feel any more knowledgeable about that question after reading the majority and dissenting opinions. Part of this reflects my cynicism about the Supreme Court's First Amendment's jurisprudence, which still seems to me that it's developed case-by-case instead of forming a coherent body of jurisprudence. Part of this reflects the quirks of Vermont's statute, which suffered from two easily targeted defects. First, it sought to regulate the doctor-drug rep conversation, setting up the possibility of content-based and perhaps even viewpoint-based review. Second, Vermont changed its position about who could get access to the database of prescribing information, and this flip-flopping gave the majority extra reasons to suspect the state's policy rationales. So I suspect that Vermont or other states could find a way to draft around this opinion if they chose to; and I'm skeptical that other behavioral advertising or privacy laws would set off the justices' First Amendment hackles like this statute did.
Posted by Venkat at 12:19 PM | Marketing , Privacy/Security
Righthaven Defendant Awarded $3,800 in Attorneys' Fees--Righthaven v. Leon
By Eric Goldman
Righthaven, LLC v. Leon, 2011 WL 2633118 (D. Nev. July 5, 2011). My most recent post on Righthaven.
Judge Navarro ordered Righthaven to pay $3,815 to the attorneys for one of its defendants, Michael Leon. This award came about because Righthaven did not properly serve Leon's complaint. In light of this, the court in April gave the parties a choice: Righthaven voluntarily dismisses the complaint without prejudice and pays attorneys' fees, or Righthaven dismisses the case with prejudice and Leon gets nothing. The parties agreed to the latter. (It's not clear from the record why Righthaven agreed to this solution). Leon retained the Randazza Legal Group on a pro bono basis to represent him at the April hearing. Because the Randazza firm came in pro bono and based on the parties' discussions, it appears Righthaven assumed it was going to write a check to charity. Instead, the judge switched this up and put the money in the Randazza Legal Group's pocket.
Because Righthaven had agreed to this payment previously, this fee award doesn't represent a judicial condemnation of Righthaven's practices. (That will come soon enough). Nevertheless, Righthaven's failure to properly serve Leon is yet another costly but avoidable litigation error made by Righthaven. I don't know if it's their staff turnover, general incompetence or something else, but Righthaven has made a surprisingly high number of unforced errors for a company whose sole business is litigation.
Beyond this case, there are several pending Righthaven defendants' motions for fee shifts under copyright's fee shifting statutes. There are also some pending sanction motions against Righthaven that could further require Righthaven to pay the defendants. This case's relatively small award of attorneys' fees won't break Righthaven's bank, but I think it symbolically represents that Righthaven's profitability has crested. Going forward, I predict Righthaven's cash meter will start running in reverse with some frequency as judges make Righthaven write checks to its defendants. How many of those checks will Righthaven write before until it acknowledges that it has no chance of profitability?
Posted by Eric at 07:39 AM | Copyright | TrackBack
July 05, 2011
"Can IP Be Protected in the Internet Age?" Panel Recap from Russian Economic Development Conference
By Eric Goldman
In June, I attended the St. Petersburg International Economic Forum ("SPIEF"), organized by the Russian government's Ministry of Economic Development. This was a major event drawing thousands of participants to St. Petersburg, including the heads of state from Russia, China and several other major countries. The conference was designed to advance Russia's economic development, which seems to focus on natural resource extraction from Siberia. However, the conference included a few Internet-related panels, and conceptually they fit nicely with the theme of how Russia can develop its economy.
I participated on a panel entitled "Can IP Be Protected in the Internet Age?" Right away, I trust many of you find the titling odd. This is the kind of panel we had in the United States in 1996 and 1997. I can't imagine that anyone in the United States would organize a panel seriously asking that question in 2011. But the question seemed oddly appropriate given Russia's awkward status as a developed nation that bears some commonalities with the economies of the developing world.
Putting the titling aside, this was easily one of the most bizarre panels I've ever been on. The panel consisted of SIXTEEN presenters for a 75 MINUTE panel (one didn't show, so 15 actually spoke). Yes, you read that right. Doing the math, each speaker was allocated a little over 4 minutes (not surprisingly, some ran over). I should add that the Russian government paid thousands of dollars to cover my travel expenses so I could participate in this panel, making this a jaw-droppingly high per-hour rate for my time!
They sat the 16 panelists around a round table. You can see the room set-up in this photo. As you can see, it was a tight fit around the table. You can also see the monitors overhead and the videocameras pointed at the table; so audience members who couldn't see the speaker (for example, because they sat behind the speaker) could watch on the overhead monitor. At the peak, there may have been about 60 people in the audience (although I'm not sure how many of those were staff members). In the back left is the translator booth--about half the speakers spoke in English; the other half in Russian. One final thing to note is that everyone you see in the photo was an SPIEF staffer, meaning that the ratio between staffers and panelists approached 1:1. You've heard the stereotypes about Russian efficiency; this panel seemed to exemplify it.
Because there were too many panelists for the time allotted, not surprisingly the panel devolved into a series of short position statements not dissimilar to the "interaction" at an OECD workshop or other international forum. Some of the later speakers commented on the remarks of earlier speakers, but there was no audience Q&A or panelist back-and-forth. The panel moderator was Igor Drozdov, Director for Law and Legal Matters, Skolkovo Foundation, and he had the unenviable task of herding too many cats in too little time.
I'm not exactly sure why the panel was organized as it was, but it turns out, this event became another iteration in the dialogue between the Russian and United States governments over Russian copyright law. Because Russia's economy is still developing, Russia isn't faithfully toeing the US line on draconian copyright laws. Techdirt does a nice job summarizing some of the recent considerations for Russian copyright reform--something about baking Creative Commons into the copyright statute, which doesn't really make sense but reflects the theory that not every copyright owner needs nuclear-grade copyright rights. It's the kind of discussion we could never have in Congress because US copyright law is exclusively on a one-way ratchet to become more draconian. The US government isn't responding to Russia's flirtation with weaker copyright laws with smiles, and some of that tete-a-tete spilled over to this panel.
I'm going to relay my notes from the panel, but my usual caveats apply--these are my impressions of the discussion, not faithful transcriptions, so you should double-check before quoting or relying on my summary. In this case, capturing the discussion was even more difficult because I was working on very little sleep and relying on the English translations for the Russian speakers, and the translators cut out during a few speakers. If you want to watch the panel yourself and draw your own conclusion, go here. You can also read the organizers' official summary, which doesn't really capture the dynamics. You can also see the organizers' pull quotes.
Miriam Sapiro, US Deputy Trade Representative, started the discussion. Her bio and a Q&A where she lists her work on ACTA as her favorite moment--uh oh. Her remarks were what you would expect from a US trade rep. She rattled off the typical content owner talking points: IP theft is no less illegal than the theft of tangible property; IP protection is essential in the Internet era; legislation should provide for secondary infringement when service providers have the object of promoting infringement.
She tossed out a few Russia-specific quips, including:
* a concern about mandatory licensing of content to a monopolist--presumably a warning that Russia should not officially embrace Spotify as a private compulsory license;
* an expectation of vigorous government enforcement against Internet infringement, including cyber-lockers and BiTorrent.
* advocacy that Russia should join the WTO--and ACTA.
Svetlana Mironyuk, Editor-in-Chief, RIA Novosti. She expressed frustration with the work required to police their rights against UGC, which she says requires a team of 20 lawyers. They brought only 1 case, which they won, but she said the victory doesn't solve the whack-a-mole problem, and enforcement actions aren't good public relations.
Tom Rubin, Chief Counsel for Intellectual Property Strategy, Microsoft Corporation. Tom offered up the DMCA online safe harbor as a good example of how rightsowners' and technologists' interests can be balanced. It has promoted vibrant online innovation, helped proliferate legitimate commercial platforms, and led to voluntary cooperation between content owners and technology platforms that supplement the legal rules. He said there is a problem with rogue websites that have no legitimate purpose--these should be easy for content owners to remove. Creative Commons and other permissive licensing schemes are a complement to copyright law, not a substitute.
Oliver Metzger, Senior Copyright Product Counsel, Google Inc. IP enforcement works well when there is a shared responsibility between IP owners and websites. IP owners are in the best position to know when there is an infringement. We should not require websites to monitor UGC. Monitoring is hard for big companies and a crushing obligation for small ones. He pointed to Content ID as an example of a voluntary IP enforcement mechanism that YouTube has adopted.
Eric Goldman, Associate Professor, Santa Clara University School of Law. My remarks: Copyright protection is a good thing. Unfortunately, this leads to the mistaken assumption that more copyright protection is better.
In the Silicon Valley, much of the innovation takes place in the "unregulated spaces," i.e., the cracks in the regulatory structure. (I know many people have advanced this argument, but I acknowledge Mark Lemley's recent evangelism of this point). Regulation often creates barriers to entry, in many cases at the request of incumbent players.
In contrast, expressly creating unregulated spaces, through safe harbors and immunities, can spur entrepreneurship around those safe spaces. For example, the 17 USC 512 notice-and-takedown scheme. Service providers still feel the takedown process is onerous, but at least they know the rules of engagement and can find profitable ways to implement it, which has led to UGC success stories like YouTube.
From the perspective of content creators, there's an emerging recognition that copyright isn't their only solution. Information asymmetries are unstable on the Internet (an application of the idiom that "information wants to be free"), which reflects the nature of information as non-rivalrous. Many content creators are embracing the instability of information asymmetries by treating non-rivarlous content as marketing for rivalrous goods and services. As just one example, bands voluntarily post recordings of their live performances as marketing for future live performances.
Ivan Zasursky, Head of New Media and Communications Theory, Faculty of Journalism, Lomonosov Moscow State University. I didn't get any notes from him.
Andrei Loginov, Plenipotentiary Representative of the Russian Government in the State Duma. I'm not sure what his title means, but he spoke from a librarian's perspective. He noted that content creators' interests aren't always commercial, and increased commercialization of Internet content can increase piracy.
Yuri Lubimov, Deputy Minister of Justice of the Russian Federation. The traditional copyright owner's rhetoric is that we should do more to bust pirates. He thinks we should consider different perspectives. Paper-based rules are increasingly outdated. There is a decrease in the circulation of traditional media, and TV content is eroding in quality. We may not want to enforce existing rules; instead, we should anticipate when copyright rules will fall apart by finding new ways to monetize content in new technological environments. We can't protect content using the same means as we used to protect paper-based content. If we don't develop new methods to monetize content, then the old system will fail and a new system won't come online.
Kevin Lawric, President, Sony Europe and Africa. He acknowledged that rightowners had made bad decisions for years. [We all know this is true, but it's still refreshing to hear from a music exec.] He pointed to Spotify as a success story that was aided by government nudging. He gave the example of Sweden and Pirate Bay. The government pressured the illegitimate sites, and the legitimate services (Spotify) got licenses.
Ekaterina Chukovskaya, Secretary, Deputy Minister of Culture of the Russian Federation. Her talk seemed especially interesting but it was hard to tell with the translation. She started out by noting that IP owners have different perspectives. They understand the best monetization model for them, and we should give authors the right to do what they want, including sometimes not taking the full package of copyrights. [I believe this is part of the idea of baking Creative Commons into the statute.]
She also appeared to be interested in revitalizing formalities. She indicated there was thought about a digital registration process that libraries could implement. The author could register his/her interest; but if not, the author lets it go.
[At this point we had gone about 70 minutes of the 75 minute panel and we still had 5 speakers left. For reasons that weren't entirely clear, Miriam Sapiro said she had to leave. There was no graceful way for her to leave. She could have just left, but there were Russian government officials around the table and they might have perceived her departure as US government disinterest in the discussion. At the same time, announcing her departure consumed more time from speakers who hadn't been given their chance. She decided to do the latter and shared a few parting words:]
Miriam Sapiro (again). There is consensus around the table that (1) protection of IP is a universal right, (2) rightsowners, and not the government, should make the decision what to do with their rights. [In fact, I don't think there was any consensus around the table. The Russian government representatives were saying some pretty funky things that we'd never hear a US government official say in his/her official capacity.]
Benoit Ginisty, Director General, International Federation of Film Producers' Associations. "Free" isn't a sustainable business model, and it disturbs concepts of right and wrong. Their content is a value driver for ISPs.
Alexander Maslov, State Secretary, Deputy Minister of Telecommunications and Mass Communications of the Russian Federation. They surveyed Russian users. 80% will support pirated content despite its dangers, but 83% don't object to advertising, and many will pay if they can get timely access to content (no windowing). So there's no reason to be pessimistic if lawmakers adapt their laws and IP owners adapt their business models.
Tim Renner, Managing Director, Motor Entertainment GmbH. Intellectual property rights on the Internet are illusory. All control is lost. We need to ramp up legal options like Spotify. There will always be geographic locations where pirates can find a safe haven, so it's not possible to stop them.
Peter Jenner, Producer, Music Manager, ex-Manager of Pink Floyd and The Clash, Visiting Professor in Music and Entertainment Industry Economics. We need to find business models that are consistent with consumer behavior. We need to work with consumers, not against them. Consumers have different levels of enthusiasm for content, so content owners need to be more subtle with their pricing. We can compete with "free" by making content "feel like free," such as a flat tax paid through IAPs. He asked where the money to Spotify is going? It's not going to the artists. If consumers don't feel like the money is going to the right people, they are less willing to pay. [I'd like to see some social science backing that assertion up.] He also advocated for developing content registries as a formality.
Artemy Troitsky, Russian rock journalist and music critic. Talented artists and scientists will never stop, but we need to remove intermediate publishers from the system and we need to overcome greed. [The translation was garbled so I didn't catch what he was saying at the end, but something in his conclusion made the crowd go wild--his impassioned remarks produced a rousing ovation from an otherwise completely passive audience. Maybe the audience was just happy to reach the end of a frenetic and completely non-interactive panel before dark.]
After the conference, I did some tourism around St. Petersburg. I will post a comprehensive recap of that to my personal blog. In the interim, you can see my photo gallery.
Posted by Eric at 01:05 PM | Copyright , Derivative Liability | TrackBack
New Jersey Appeals Court Neuters Cell Phone Driving Statute -- State v. Malone
[Post by Venkat Balasubramani]
State v. Malone, 2011 N.J. Super. Unpub. LEXIS 1738 (N.J. Ct. App. July 1, 2011)
New Jersey's cell phone driving statute suffered a serious blow at the hands of the New Jersey appeals court, which held that the statute does not prohibit a driver from "activating" or "dialing" a cell phone equipped with a hands-free device.
Background: Elliot Malone was charged with using a cell phone while driving under New Jersey's cell phone statute (N.J.S.A. 39:4-97.3). An officer observed Malone driving in the opposing direction and saw that Malone was holding a cell phone in his hand and "pushing buttons." At the municipal court hearing, the officer testified that he had no idea whether Malone was using a hands-free device and could not testify conclusively as to what exactly Malone was doing with his phone. The municipal court rejected Malone's arguments, found him guilty, and imposed a fine of $106, along with $33 in court costs.
On review, the trial court concluded that Malone had been using a hands-free device, but that Malone could not satisfy the exception for activating or deactivating the phone. The trial court concluded that it was sufficient for the state to show that Malone "used" the cell phone while driving, and that Malone was "guilty of holding his cell phone while driving." [Malone tried to introduce his cell phone records to support his contention of innocence, but the municipal court rejected this evidence as not having been properly authenticated.] Proceeding pro se, Malone appealed and won.
The Statute: The statute provides that:
the use of a wireless telephone or electronic communication device by an operator of a moving motor vehicle on a public road or highway shall be unlawful except when the telephone is a hands-free wireless telephone or the communication device is used hands-free
The statute also defines a "hands-free wireless telephone," but this definition expressly excludes "the use [while driving] of either hand to activate, deactivate or initiate a function of the telephone."
The Appeals Court's Decision: The appeals court finds that the statute prohibits a motorist from talking or listening to another person or texting with another person, unless the motorist uses a hands-free device to accomplish those functions. Unfortunately for the state, the court also concludes that:
The driver may . . . hold the telephone in one hand for the period of time necessary to 'activate, deactivate or initiate' a function of the telephone.
The state argued that a cell phone equipped with a hands-free device can only be used by a motorist for listening. The state also argued that pushing buttons is the same as dialing, and that "activating" or "deactivating" a phone does not require the motorist to push multiple buttons.
The use of a hands-free phone is not limited to "listening" under the statute: The court rejects the state's interpretation of the statute that it only allows for hands-free equipped mobile devices to be used for listening. The statute defines "use" to include "talking or listening to another person . . . or sending an electronic message [or text message]." The statute's exception for the use of hands-free equipped cell phones thus clearly allows a motorist to "use" the phone that is equipped with a hands-free device for talking as well as listening, and for texting as well.
Motorists are permitted to activate their hands-free device equipped cell phones while driving: The state tried to argue that motorists are not permitted to hold hands-free cell phones at any time while driving unless one of the emergency exceptions was satisfied. The state was fighting an uphill battle on this issue as well given the language of the statute. Motorists are allowed to "use" hands-free equipped cell phones, and the definition of "hands-free wireless telephone" expressly recognizes that the statute does not prohibit "the use of either hand to activate, deactivate, or initiate a function of the telephone."
The state also argued that even if the statute allows motorists to activate or deactivate a hands-free equipped mobile phone, this does not permit motorists to dial the phone. The court rejects this argument as well, citing to legislative history to the effect that hands-free devices should be permitted because they "reduce [but do not eliminate] the distractions associated with dialing, holding, reaching for or picking up a dropped handset." The court also notes that the legislature did not define the terms "activate, deactivate or initiate" and did not expressly prohibit "dialing." Because motorists were permitted to "activate" or "initiate" a phone while driving, this implicitly includes the ability to "dial" while in the process of initiating or activating the phone.
Motorists may press buttons while activating a hands-free equipped wireless device: The court rejects the argument that activation of a wireless phone "should not take the pressing of buttons," noting that there are a variety of ways in which users can dial when using a wireless telephone. Even with voice dialing, which is the most "advanced" of the options, the operators is typically required to press one or more buttons. The legislature did not specify which particular method of voice activation was allowed under the statute. Thus, the court concludes:
There are many ways by which a motorist would 'activate' the wireless telephone, and the statute does not limit the methods used by a motorist.___
The court's decision neuters the statute to make it totally useless as an enforcement tool. To summarize, under the court's interpretation: (1) motorists can listen and talk while using a hands-free device; (2) motorists can hold the phone in one hand to activate or deactivate the phone; (3) motorists may dial the phone while activating or initiating it; and (4) dialing may require the pressing of multiple buttons. As long as you have a hands-free-equipped phone, the court's interpretation gives you wide berth to argue that, although you were holding it while driving, you were only holding it in order to activate or deactivate it and dial it in the process of activating or initiating it.
Like the majority of people out there, I'm thoroughly opposed to texting or talking while driving. The statute is well intentioned, but the drafters included a hands-free exception (likely in order to satisfy some special interests), and in the process, unwittingly created a loophole big enough to drive a truck through. Legislative drafters don't seem to have a good sense of precision, particularly when it comes to applying the law to technology. Even the simple definition of "dial" is something that is subject to a variety of different possibilities, depending on the type of equipment and application used, and the drafters did not specify which method of dialing was permitted. Given the pace with which technology moves, I'm not sure the legislature could have effectively locked down this definition even if it tried.
I'm guessing the state will appeal this decision, so we'll see whether the New Jersey Supreme Court has a different take on the statute.
Posted by Venkat at 10:03 AM | General
July 04, 2011
June 2011 Quick Links, Part 2
By Eric Goldman
Social Media
* The Third Circuit issued its en banc rulings in Layshock v. Hermitage School District and J.S. v. Blue Mountain School District, both involving school discipline against kids who created fake MySpace profiles of school administrators. Prior blog post on both cases. The good news is that the kids won in both cases; the courts held that the administrators overreacted. However, the decisions don't resolve any of the fundamental issues about the legitimacy of school discipline for kids discussing school-related issues online.
* Too Much Media, LLC v. Hale, 2011 WL 2305620 (N.J. June 7, 2011). A blog commenter doesn’t qualify for the NJ reporter shield law.
* Dr. T.S. v. Plain Dealer, No. 96201 (Ohio App. Ct. June 16, 2011). Uploading a 20 year old version of a newspaper doesn’t reset the single publication rule, even if the article becomes newly indexable in Google.
*Back in September 2010, Xcentric v. Bird settled in a no money deal. The settlement agreement. Ripoff Report's appended response to the original blog post. Prior blog post.
* Scott P. v. Craigslist dismissed. It appears Scott P. gave up against Craigslist. Prior blog post.
* News.com: Is the FTC going after Twitter...again?
* Another PR agency loses a client account over an ill-advised tweet.
* NY Times tries to deconstruct the Twitter hashtag convention.
* Art of Living Foundation v. Does, 2011 WL 2441898 (N.D. Cal. June 15, 2011). Griping bloggers about Ravi Shankar and his organization avoid defamation and trade secret liability for now.
* Jakobot v. American Airlines, 2011 U.S. Dist. LEXIS 64824 (S.D. Fla. June 20, 2011). In a battle over whether the plaintiff lives in Florida or Texas, the court says: “The internet is often filled with old, out-of-date, unsubstantiated, self-aggrandizing and misleading information. It is not enough to submit a selective chunk of Plaintiff's 'Google footprint' and note every time that a tie to Florida appears -- Defendant must do more to connect the dots.”
* State v. Hanson, 2011 WL 2301801(Minn. App. June 13, 2011). Statutory rape conviction reversed based on a mistake of age defense when the victim misreported her age to MySpace. Prior blog post.
* The Duluth doctor is appealing his defamation lawsuit loss against a patient's family member who criticized him online.
* Marin IJ: "A Greenbrae cosmetic surgeon who filed a defamation suit against an online reviewer was ordered to pay nearly $20,000 in attorney's fees after a judge dismissed the case."
* IT World: Is Facebook really 'hated' more than Bank of America?
* Job opening: Executive Director, Public Participation Project, to work towards a federal anti-SLAPP law. Spread the word!
* Reuters on how the FTC's investigation of Google could chill innovation regardless of its outcome. Google's blog post about the investigation.
* In June, I participated in a TechFreedom panel on search engine bias on Capitol Hill. Declan McCullagh moderated. His writeup: "On Capitol Hill, it's all about beating down Google". The video.
* News.com: Google's Enemies: a Primer.
* Google hires TWELVE lobbying firms to fight the FTC (on top of the 6 they already had).
* Neeley is appealing his loss to Google. Prior blog coverage.
Spam
* Spam filters have taken a huge bite out of spam. See my 2003 article expressing confidence that technology would do a much better job fighting spam than legislation.
* Amazon's Kindle hit by spammed e-books. Another example that service providers have to exercise editorial control to curb spam.
Miscellaneous
* The FTC approved the final order in the Chitika case.
* CA enacts an Amazon tax and Amazon instantly tosses its affiliates overboard--including me! More evidence that the taxman will effectively kill the affiliate industry.
* Weinstein v. eBay Inc., 2011 WL 2555861 (S.D.N.Y. June 27, 2011). As a secondary market, StubHub does not need to comply with NY state law requiring printing the face value on tickets.
* Ni v. Slocum, A128721 (Cal. App. Ct. June 30, 2011). Rejecting electronic signatures in support of a ballot petition. Contrast Anderson v Bell in Utah about the application of UETA to election petition signatures.
* Zamora Radio, LLC v. Last.fm LTD., 2011 WL 2580401 (S.D. Fla. June 28, 2011). A defense-favorable Internet personal jurisdiction ruling: "the AccuRadio website reflects a low quality of commercial activity; visitors cannot purchase products or download music and are primarily limited to live streaming audio. Moreover, Plaintiff has not established that (1) Florida constitutes a principal consumer base for AccuRadio's service; (2) AccuRadio.com makes any reference to Florida, or directs visitors to any Florida establishments; (3) AccuRadio has engaged in any print, radio, television, or Internet advertising targeting Florida residents; or (4) AccuRadio has in any way specifically encouraged Florida residents to visit AccuRadio.com." The court distinguishes co-defendant Last.fm: "AccuRadio users do not have to download a program to access and listen to AccuRadio's programming and AccuRadio users do not download music from AccuRadio's website....Further, AccuRadio's website is not specifically directed at Florida consumers and local information about concert events is not provided on AccuRadio's website."
* Take James Grimmelmann's Internet Law exam.
Posted by Eric at 08:43 AM | Content Regulation , E-Commerce , Search Engines , Spam | TrackBack
July 03, 2011
Job Posting to LinkedIn Group Doesn't Violate Non-Solicitation Clause -- Enhanced Network Solutions v. Hypersonic Technologies
[Post by Venkat Balasubramani]
Enhanced Network Solutions Group v. Hypersonic Technologies Corp., 2011 WL 2582870 (Ind. Ct. App. June 30, 2011)
Enhanced developed software, and had a relationship with Hypersonic, which modified existing software. The two companies often jointly bid on projects together. They were parties to an agreement which contained the following non-solicitation clause:
Employee Protection. During the term of this Agreement and for a period of twelve (12) months from the date of effective date of its termination, unless mutually agreed to in writing otherwise the Parties . . . shall refrain from soliciting or inducing, or attempting to solicit or induce, any employee of the other Party in any manner that may reasonably be expected to bring about the termination of said employee toward that end . . . .
Some time after Enhanced and Hypersonic unsuccessfully bid on a project, Hypersonic posted an open position for an outside sales representative to "its LinkedIn webportal" (which the court describes as "a social internet site that connects businesses and people"). As the court describes it:
The LinkedIn job posting was available for viewing by the people who belonged to a certain public group within LinkedIn.
An Enhanced employee saw the posting and informed the President of Hypersonic that he was interested. After this, the employee met with Hypersonic's owner and hammered out a deal. Hypersonic then filed a complaint for declaratory relief regarding the enforceability of the agreement between Hypersonic and Enhanced. (There must have been some sabre-rattling obviously that prompted the filing of the complaint by Hypersonic.) The trial court concludes that Hypersonic did not violate the non-solicitation clause by posting the opening on LinkedIn. The appeals court affirms.
The court looks to the dictionary definitions of the relevant terms ("solicit" and "induce") and concludes that Hypersonic did not solicit or induce the Enhanced employee to terminate his relationship with Enhanced:
[t]he record clearly supports that [the employee] made the initial contact with Hypersonic after reading the job posting on a publicly available portal of LinkedIn. In other words, [the employee] solicited Hypersonic.
The court notes that the agreement precludes Hypersonic from soliciting applications, but nothing prevents Hypersonic from talking to Enhanced employees if they reach out to Hypersonic. The court concluded that this is what occurred here. In a footnote, the court also notes that the agreement could have been drafted more broadly to prevent Hypersonic from considering applications regardless of who initially solicited the contact.
__
This case raises the interesting question of when an online communication is one-to-one communication as opposed to a posting that is directed to the world at-large. It reminds me of the lawyer ethics question of whether a keyword targeted advertisement (in response to a catastrophic occurrence) can be a "solicitation" to a prospective client. (See Erik Turkewitz's post which discusses this issue in the context of New York's anti-solicitation rule: "New York’s Anti-Solicitation Rule Allows For Ethics Laundering and Must Be Modified.") Posts to social networking sites can fall into either category, but with increasing personalization, it's become more difficult to slot them in the appropriate box.
The court doesn't dig deep into the issue of whether the post was made in a way that it would be restricted to a small group or whether the sender would know in advance who the post was initially sent to. The court sates that the post was made to a "publicly available portal of LinkedIn," but also mentions that the post was for viewing by people "who belonged to a certain public group." My understanding is that LinkedIn group owners have to approve membership in the group. If the court determined that Hypersonic approved membership in the group, and knew in advance that Enhanced employees were a part of this group, I wonder if this would have changed the court's thinking. The court also doesn't discuss whether the post was made in a manner that Hypersonic would have "reasonably . . . expected" to bring about the termination of the employee's relationship with Enhanced.
I'm sure we will see many more courts address this type of a non-solicitation question over time. As far as I know, this is the first ruling that deals with this question. A previous case addressing the question of whether recruiters violated their non-compete clause by "connecting" (on LinkedIn) with candidates who were in discussions with their previous employer settled quietly. Here's Evan Brown's initial post on the case: "Nefarious LinkedIn use finally makes it to the courts." Here is a copy of the stipulated permanent injunction, which imposes broad restrictions on the defendants' solicitation of certain customers, but interestingly does not mention LinkedIn.
UPDATE: Ken Adams' thoughts on the case.
Posted by Venkat at 02:44 PM | Licensing/Contracts , Marketing
June 2011 Quick Links, Part 1 (Copyright & Trademark Edition)
By Eric Goldman
Copyright
* Good news: the US government is funding alternative networks that dissidents can use to communicate when the Internet is censored by repressive regimes. Bad news: the US government is teaching the rest of the world how to censor the Internet through DHS domain name seizures and COICA/PROTECT IP Act. Maybe the US-funded alternative networks will help out those censored by the US government?
* Speaking of which, the EFF and Mark Lemley are fighting back against the DHS ICE domain name seizures. The EFF has more on the topic.
* Warner Bros. settled the Hangover 2/Mike Tyson tattoo lawsuit. Prior blog post.
* We don't have too many publicly announced settlement amounts for Righthaven. The latest: Righthaven settled with the US Marijuana Party for $1k. It's hard to see a profitable business model in that.
* Righthaven's dwindling inventory of cases: it filed 25 in March, 2 in April, 9 in May and ZERO in June.
* Are major US IAPs about to voluntarily implement a graduated response program?
* Murphy v. Millennium Radio (3rd Circuit June 14, 2011). Cropping the "gutter credit" from a photo violates 17 USC 1202.
* Friedman v. Guetta. Photographer gets summary judgment against an artist who copied photos from the Internet and remixed them.
* Jonathan Basamanowicz and Martin Bouchard, Overcoming the Warez Paradox: Online Piracy Groups and Situational Crime Prevention, Policy & Internet, Vol. 3, Iss. 2, Article 5 (2011). Abstract:
US federal law enforcement operations occurring between 2001 and 2005 attempted to disrupt the online piracy scene, targeting copyright piracy rings known as 'warez groups'. Previous work on warez groups has demonstrated a paradoxical situation where attempts to curtail warez group activities through policing and advancements in DRM only further encourage such groups to crack and distribute content. This study collected data on 93 convictions from these policing operations to construct a crime script of these groups' motivations and modus operandi in the release process. The results confirm previous findings that attempts to disrupt the activities of warez groups are counterproductive. To avoid the paradox, this study suggests that industry account for the motivations and modus operandi of these groups by creating DRM technologies which allow un-cracked content to seep through the testing step of the script, thereby placing a group's ability to obtain prestige at risk. Law enforcement should focus on apprehending crackers, as they are the most significant step in the release process.
See my complementary article, The Challenges of Regulating Warez Trading, from 2005.
Trademarks and Domain Names
* I'm not 100% sure what happened when ICANN approved the rollout of new gTLDs, but I'm pretty sure a lot of lawyers are going to find it lucrative for them.
* Scooter Store, Inc. v. Spinlife.com, LLC, 2011 WL 2160462 (S.D. Ohio June 1, 2011). Court allows a litigant to obtain discovery on its opponent's keyword ad buys. As I blogged in 2007, I'm surprised we don't see those discovery requests more frequently.
* Best Buy is chasing lots of folks to enforce its "Geek Squad" trademark. A prior blog post on other trademark litigation involving "geek."
* GoForIt Entertainment, LLC v. DigiMedia.com L.P., 2011 WL 2516163 (N.D. Tex. Jun 23, 2011). Plaintiff's theory that third-level domains were "domain names" for ACPA purposes did not justify awarding attorneys' fees as an "exceptional" case. Prior blog post.
* Lens.com v. 1-800 Contacts complaint. An antitrust lawsuit predicated on 1-800 Contacts' overzealous TM enforcement efforts (what some might call trademark bullying). Wendy Davis' writeup. Prior blog posts on the 1-800 Contacts v. Lens.com litigation (1, 2).
* ISystems v. Spark Networks, Ltd., 2011 WL 2342523 (5th Cir. June 13, 2011). The dating website Jdate's efforts to obtain jdate.net through a UDRP was not reverse domain name hijacking.
* Video from the March STLR Symposium panel on Emerging Issues of Secondary Liability in Trademark Law.
* Evan Williams: Five Reasons Domains Are Getting Less Important.
Posted by Eric at 06:49 AM | Copyright , Domain Names , Trademark | TrackBack
July 02, 2011
Court Finds That the Value of Bartered-For Services Constitutes Loss Under the Computer Fraud and Abuse Act -- Animators at Law v. Capital Legal Solutions
[Post by Venkat Balasubramani]
Animators at Law, Inc. v. Capital Legal Solutions, 10cv1342 (E.D. Va.; May 10, 2011)
This lawsuit presented an increasingly familiar fact pattern. Employees leave a company and the employer sues the ex-employees under the Computer Fraud and Abuse Act for accessing the employer's computers without authorization. I previously blogged about US v. Nosal, which held that any violation of an employer's network use policy can constitute "unauthorized access" under the CFAA. In addition to proving that the employee engaged in unauthorized access of an employer's computer system, the CFAA contains a $5000 jurisdictional loss threshold. This case focuses on what the employer must show in order to satisfy that jurisdictional threshold. The answer: not much.
The now ex-employees quit and took a company owned laptop. Animators, the employer, realized this a week from when the employees left, and promptly hired a forensic computer security/data recovery firm to assess the damage. The firm performed its services and realized that some files had been deleted from the laptop. Animators also concluded that the employees accessed its Dropbox account where the company stored files. The ex-employees apparently also accessed a time-keeping program which the employer used.
The court denied the ex-employees' motion to dismiss and granted limited discovery on the issue of what "losses" Animators had suffered as a result of the alleged data breach. Following limited discovery, the ex-employees brought a motion for summary judgment. The court denies the motion.
The forensic firm hired by Animators had an engagement letter in place with Animators which said that it would bill Animators on an hourly basis at $0 per hour. After the court denied the motion and allowed discovery, the forensic firm invoiced Animators. The invoice included approximately 63 hours of professional services for $24,000 and hosting services for $29,000. Animators acknowledged that it did not pay the forensic firm in cash for these services. However, the principal of Animators testified that he apparently made available the "Law Prospector" subscription services offered by one of his affiliated entities at no charge to the forensic firm.
The key issue was whether the invoices issued by the forensic firm were a sham or whether Animators actually incurred the costs. Animators explained the belated invoice on the basis of a credit relationship between Animators and the forensic firm. Apparently the parties did not operate on a cash basis. (!) The court agrees with Animators and rejects the ex-employees' position, finding that there is nothing in the Computer Fraud and Abuse Act which requires the aggrieved party to actually shell out cash in the course of taking remedial steps in response to an incident involving unauthorized access to its computers. The court notes that the CFAA expressly states that value of in-house time spent addressing a breach can go towards satisfying the loss requirement and this points in the direction that the CFAA does not restrict plaintiffs to claiming cash-based losses. (The CFAA contains a broad definition of "loss," which includes: (1) the cost of responding to an offense, (2) the cost of conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and (3) any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service. Courts are split on whether lost revenues are recoverable absent an "interruption in service," and whether there has to be a relationship between the lost revenues and the unauthorized access.)
The court was required to take a view of the facts at summary judgment that was most favorable to Animators, but the record as described by the court was littered with red flags. The fact that the invoice was sent by the forensic firm after the court denied the motion to dismiss and the fact that the engagement letter between the forensic firm and Animators required the firm to provide Animators services at "zero dollars per hour" were just some of these red flags. Others included the fact that Animators' principal spent twelve hours setting up a box.net account after the dropbox account used by the ex-employees was determined to have been compromised. The court notes in passing that the Dropbox password "was not disabled" after the ex-employees left. As a final bonus, Animators' counsel spent thirty hours assisting Animators with its remediation efforts. (I'm not suggesting there was anything improper about this, but thirty hours is a lot of time.)
It's tough to get a clear sense of what happened from the record, but the court does not seem to take into account steps Animators could have taken which would have prevented or mitigated against the losses. For example, when the ex-employees left, Animators could have asked them to leave the laptop on their final day. Animators could have also disabled the Dropbox password which the ex-employees used to access Animators' account. The CFAA allows a plaintiff to use costs attributable to "reasonable" steps to satisfy the damages threshold, but the court does not employ a very strict definition of reasonable here. I blogged about US v. Nosal awhile back. ("9th Cir: Access of Computer in Violation of Employer's Use Policy Violates Computer Fraud and Abuse Act -- US v. Nosal.") That case held that any violation of an employers network policy--including for example, using internet access for personal reasons--is sufficient to find liability under the CFAA. When you add a lax definition of what's reasonable in response to an alleged breach, employers are virtually guaranteed to be able to make out a prima facie CFAA claim against ex-employees.
The CFAA was a statute that was intended to address hacking. The Lori Drew case was one example of a use of this statute by prosecutors outside its intended scope. Use by employers in this type of a case is another example. The CFAA has become a potent weapon in the hands of employers, who have taken to asserting CFAA claims against ex-employees as a matter of course.
Posted by Venkat at 03:40 PM | Privacy/Security , Trespass to Chattels
July 01, 2011
Judge Ware: Google Not Entitled to "Readily Accessible to the General Public" Defense in Street View Class Action
[Post by Venkat Balasubrmani, with comments from Eric]
In re Google Inc. Street View Electronic Communications Litigation, 2011 WL 2571632 (N.D. Cal. June 29, 2011) (Order) (Google's Motion to Dismiss) (Google's Reply) (Google's Supplemental Brief) (EPIC's Amicus Brief)
The multitudinous consolidated lawsuits over Google's access of plaintiffs' Wi-Fi networks, as part of its Street View data collection, survived an important juncture this week. Judge Ware rejected Google's defense that it cannot be held liable under the Electronic Communications Privacy Act because the Wi-Fi transmissions were "radio communications" which were "readily accessible to the general public."
Background: Google deployed its Street View vehicles to capture 360 degree views of the streets. Google's vehicles were equipped with 3G/GSM/Wi-Fi antennas and "custom-designed software for the capture and storage of wireless signals and data." Google also deployed smaller vehicles known as "Google Trikes," which were outfitted with cameras and Wi-Fi equipment, to "capture photo and Wi-Fi data from areas inaccessible to cars." Although Google issued a press release letting the public know that it intended to use these vehicles to capture photo data, it did not inform the public of its intent to capture Wi-Fi data.
Multiple class action lawsuits were filed across the country, and these were all consolidated and transferred to Judge Ware in the Northern District of California. Plaintiffs brought claims under the ECPA, state wiretap statutes, and Cal. B&P 17200.
Discussion: Google argued that state wiretap law claims were preempted, and there was no "money or other property" taken by Google that the Court could force Google to disgorge under the unfair competition statute. With respect to the ECPA claim, Google argued that since the Wi-Fi networks were configured in a manner that was "readily accessible to the general public," the ECPA claim failed.
ECPA Claim: The ECPA provides for a private right of action but also contains a section which provides exemptions to this. One of the exemptions is a general one for an interception of an "electronic communication" that is readily accessible to the general public (2511(2)(g)(i)):
It shall not be unlawful . . . to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible the general public.
A separate subsection (2511(2)(g)(ii)) also provided an exemption that was applicable to the interception of "radio communications," but this subsection contained a laundry list of the types of "radio communications" which were exempt (none of which were readily applicable in this case). Separately, the statute contains a definition for when something is "readily accessible to the general public," and this definition says that "readily accessible to the general public' means, with respect to a radio communication" that such communication is not (among other exceptions) "scrambled or encrypted."
When I see these three sections of the statute, I see a drafting error, or at least some seriously clunky drafting. The most obvious interpretation to me is that a "radio communication" enumerated in 2511(g)(ii) is exempt. A "radio communication" that is spelled out in 2510(16) is also exempt, because it is "readily accessible to the general public." (Anything that fits 2510(16) would fall within 2511(2)(g)(i).) Judge Ware didn't see it this way. He sees the definitions of 2510(16) as describing exceptions that only apply to "traditional radio broadcast mediums." According to Judge Ware, these definitions "do not address any broader radio-based communications technology of the time," and nor do they address modern technologies--such as Wi-Fi--that were obviously not contemplated by the drafters of the statute. As support for this interpretation, Judge Ware points to the legislative history, which indicates a reluctance to include cell-phone transmissions within the scope of the exception. (This part of the discussion really confused me.) At the end of the day, even though plaintiffs failed to plead that their Wi-Fi networks were scrambled and encrypted (and arguably made admissions to the contrary), Judge Ware concludes that:
the wireless networks were not readily accessible to the general public as defined by the particular communications system at issue, wireless internet networks, which are not "radio communications," as the term was intended by Congress in drafting Section 2510(16).
Google also argued that United States v. Ahrndt [pdf] supported its interpretation of the statute. Ahrndt was a criminal case where a defendant moved to suppress evidence that defendant's neighbor encountered while accessing the defendant's wireless network. When the neighbor accessed the network (which was open), she could view the files in defendant's iTunes account, which included child porn. The court denied defendant's request (citing 2511(g)(i)) to suppress the evidence because defendant had configured his system so "the electronic communications [at issue were] readily accessible to the general public." Judge Ware distinguished Ahrndt because, in the Street View case, the users had only set their Wi-Fi settings so that the networks themselves (and not the content) were accessible to the general public.
State wiretap claims: Google argued that ECPA preempted plaintiffs' claims under state wiretap statute. Judge Ware found that although there was no express preemption in the statute, ECPA demonstrated a Congressional intent to comprehensively regulate the field. Therefore, the state law claims were preempted. The order does not cite to Velentine v. NebuAd [pdf], also recently decided in the Northern District, where Judge Henderson came to a contrary conclusion.
Section 17200 claims: Plaintiff's section 17200 claims suffered a familiar flaw: they were unable to allege that they lost "money or other property" as a result of Google's actions. The court rejects the argument that "data packets" are property for section 17200 purposes, finding that recognizing a property interest in data would undermine the intent of Proposition 64 (which created stricter standing requirements for Section 17200 claims).
__
I'm not sure where to begin with this one. This is yet another case where the statute was written with certain technology in mind, and the court struggles with which box the present day technology belongs in. Is a transmission via open Wi-Fi a "radio transmission"? An "electronic communication"? Both? It's unclear from the order where the court comes out on this issue. There is no dispute that Wi-Fi was not around when the statute was drafted or more recently amended, and the contortions required to figure out what statutory box it fits in are downright painful.
A factual question which did not receive much attention in the order was how difficult it is for the average person to access someone else's content through an open Wi-Fi. Is this the same as picking up a transmission on a ham radio? Is this like picking up police scanner transmissions? Google argued that accessing data through an open Wi-Fi can be easily accomplished using inexpensive (or free) and widely available software, but there wasn't much discussion of this in the court's opinion. The fact that Google reportedly filed for a patent over some aspect of this did not help its argument.
I can see unintended consequences that would flow from either approach. Finding that data transmitted over an open Wi-Fi is not protected under the ECPA would undermine privacy in a big category of communications. On the other hand, by creating a special category of "radio communications" that don't get the benefit of the general exemption, this broadens the scope of a statute which has criminal consequences. Judge Ware decided Power.com, and applied the rule of lenity in that case in construing the statute narrowly. Given that a violation of this statute can result in criminal liability as well, I'm surprised this doctrine did not come into play in interpreting the statute narrowly.
________
Eric's comments:
1) I continue to insist that the ECPA is one of the worst-drafted statutes of all time. As Venkat's confusion indicates, no one really knows what the statute means, which suggests it's hard to advance an implausible interpretation of the statute.
2) This case is a fairly typical "technological convergence" case where we try to interpret technological terms in a statute in light of unanticipated technological evolution. Congress couldn't conceive of private WiFi back in 1986, so the statute doesn't fit the technology very well. Personally, in light of modern sensibilities, I think "radio" most naturally means the entire wireless spectrum. Judge Ware saw it differently and found reasons to separate out pieces of the spectrum for differential statutory application. I could see other judges reading the term more broadly on appeal.
3) Google's loss on the motion to dismiss is surely disappointing to Google, but I don't think the plaintiffs should start cashing their checks yet. There are plenty more interstices of the ECPA for both parties to explore on summary judgment and perhaps at trial.
4) As Congress revisits the ECPA as part of the Digital Due Process initiative (which I support), I desperately hope Congress also reconsiders the ECPA's private cause of action. The class action plaintiffs have gone crazy with the statute, and due to its drafting deficiencies, the plaintiffs claims are rarely clearly wrong on the surface. The result has been a huge tax on innovation with no commensurate social benefits; only the private benefits of a few privacy class action lawyers getting fat and happy while feasting on Silicon Valley companies.
5) The ECPA's preemption of state wiretap laws, if followed by other courts, could be a Very Big Deal. However, Judge Ware didn't cite any caselaw in support of his conclusion, and frankly I'm skeptical that ruling will survive further challenge.
Other coverage:
Judge to Google: sniffing even open WiFi networks may be wiretapping (Ars Technica)
Judge: Google Can Be Sued for Wiretapping in Street View Debacle (Wired/Threat Level)
Posted by Venkat at 11:09 AM | Privacy/Security