Technology & Marketing Law Blog: August 2012 Archives

Technology & Marketing Law Blog

« July 2012 | Main | September 2012 »

August 31, 2012

Stored Communications Act Does Not Bar Discovery of Employee Phone Records–Mintz v. Bartelstein Assocs.

Mintz v. Bartelstein & Assocs, CV 12 02554 SVW (SSx) (Aug. 14, 2012)

Mintz is a sports agent who represents among others, some NBA players. He worked for Bartelstein & Associates for 11 years. After leaving to accept a position with a competitor (CAA), he sought declaratory relief to invalidate his non-compete agreement. Bartelstein counterclaimed saying that Mintz allegedly misappropriated trade secrets and conspired with Mintz’s current employer to steal clients. Bartelstein subpoenaed Mintz’s phone records from AT&T. The subpoena sought ten categories of documents, the bulk of which related to the dates, times, and numbers/accounts for Mintz's phone calls. The court grants in part and denies in part Mintz’s motion to quash the subpoena as follows:

1. The Stored Communications Act allows for the disclosure of non-content information to non-governmental entities. Thus, the bulk of the sought-after information (with the exception of the content of the text messages) are not barred from disclosure by the SCA.

2. With respect to the content of the text messages, although Bartelstein can’t subpoena them from AT&T, Bartelstein can force Mintz to disclose them. This information is “within [Mintz’s] control,” because he has a legal right to get it from AT&T.

Mintz also argued that his California constitutional right of privacy protected against disclosure of the sought after information, including non-content information. The court resolves two factual issues relating to this argument. First, the phone started out as Mintz’s personal phone but was “converted” to his employer's phone along the way. The facts seemed grey and didn't establish the phone as having been used exclusively for business or pleasure; the fact that Mintz used the phone for both personal and business purposes cut both ways. The fact that Mintz and Bartelstein both paid for a part of Mintz's phone also cut both ways. There was also an employee manual in place which stated that any personal information placed on company emails would “not be considered the private or confidential property of the employee . . . [and the employer had] the ability and right to review e-mail, voice mail, and telephone messages.” [Interestingly, no mention of text messages.] Although Mintz raised the typical argument that he didn't read or agree to the employee manual, Bartelstein's evidence to the contrary was clear--it sent him a copy along with a follow-up email and produced both of these items of evidence for the court. Although Mintz did not sign an acknowledgement saying he read the manual, he clearly received a copy of it.

The court says that Mintz had a “limited expectation of privacy” in the non-content information. A protective order could adequately guard against any unwarranted intrusion into MIntz's privacy. The court also notes (citing to Quon and the third party doctrine) that federal law is consistent with this approach. (The court does mention the fact that federal courts are divided as to whether individuals have an expectation of privacy in historic cell cite information.)
__

The SCA is an unwieldy beast, and it provides for a labyrinthine framework for what can be disclosed and who can request what information. As the court notes, what law enforcement can obtain is different from what private parties may obtain in litigation. With respect to private parties, non-content information is fair game, but content information gets a clunky treatment that either relies on a waiver concept or allows the party requesting the information to get it from the person who has control over it. (The Juror No. 1 case which is playing out across several different tribunals discusses these issues, as does Flagg v. City of Detroit, which is discussed in the Juror No. 1 ruling.) The trend from courts is to treat the Stored Communications Act as a speedbump in civil discovery rather than a roadblock. Most of the courts to have looked at the issue have said that the SCA does not bar discovery of content information. It merely precludes obtaining it directly from the provider (in this case AT&T).

The decision illustrates the importance of a policy in the employment context. Allowing employees to mix business and pleasure on their devices results in unpredictable results as far as what information the employer can get access to. The employer in this case dodged a bullet by having a broad policy that was clearly communicated to the employee (Mintz).

The case is also a great illustration that virtually everything we do in the modern era results in digital footprints--and, when we fall out of love with each other, there will be resulting fights over who can get access to these footprints, the results of which will be unpredictable at best.

Previous posts:

"Court Orders Production of Five Years' Worth of Facebook and MySpace Posts – Thompson v. Autoliv"
"Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case -- McMillen v. Hummingbird Speedway"
"Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute -- Barnes v. CUS Nashville"
"Facebook Messages/Wall Posts, Civil Discovery, and the Stored Communications Act -- Crispin v. Audigier"
"Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson"
"Court Orders Plaintiff to Turn Over Facebook and MySpace Passwords in Discovery Dispute -- Zimmerman v. Weis Markets, Inc."

[Photo courtesy of ShutterStock.]

Posted by Venkat at 11:18 AM | Evidence/Discovery , Privacy/Security

August 30, 2012

We've Filed a Request to Publish Redmond v. Gawker Media

By Eric Goldman

My RA Sruli Yellin and I wrote a letter requesting that the California Appellate Court publish its opinion in Redmond v. Gawker Media, the recent case that said Gizmodo's hyperlinks to its sources helped defeat a defamation claim. Our short letter, filed today. The letter was joined by several additional individuals and organizations, and special thanks to Michael Barclay, who both suggested we make the filing and provided helpful comments, and Mark Goldowitz, who also provided helpful comments.

Until Michael suggested it, I didn't know third parties could request publication of unpublished opinions. Despite the time it took, this seems like a particularly leveraged way to help "make" new law. With a few hours of work, it's theoretically possible to add particularly useful opinions to the corpus of citable precedent. I'll be watching for other opportunities like this. Of course, it's only a good investment of time if the letters actually work, and I'm hoping our letter in this case does the trick.

Posted by Eric at 02:27 PM | Content Regulation | TrackBack

August 29, 2012

Sixth Circuit Affirms Conviction for Threat Posted to YouTube – US v. Jeffries

[Post by Venkat Balasubramani with a comment from Eric]

US v. Jeffries, 2012 WL 3641639 (6th Cir.; Aug. 27, 2012)

We blogged previously about US v. Jeffries, where the district court declined to dismiss an indictment for posting an allegedly threatening video to YouTube (and Facebook). My initial blog post about the case: “Court Finds That Threatening Video Posted to YouTube and Facebook Can Constitute a 'True Threat'.” The basic facts are that the defendant was involved in a custody dispute and posted a music video to YouTube and Facebook. The video extolled a father’s love for his daughter but also contained statements ostensibly directed at the judge who was set to hear the custody modification hearing for the defendant's daughter:

Let’s get them out of office. Vote ’em out of office.
If fathers don’t have rights or women don’t have their rights or equal visitation,
Get their ass out of office.
’Cause you don’t deserve to be a judge and you don’t deserve to live.
You don’t deserve to live in my book.
And you’re gonna get some crazy guy like me after your ass.
And I hope I encourage other dads to go out there and put bombs in their goddamn cars.
Blow ’em up. Because it’s children we’re, children we’re talkin’ about.
I care about her.
And I’m willing to go to prison, But somebody’s gonna listen to me, Because this is a new war.
This ain’t Iraq or Afghanistan. This is goddamn America. This is my goddamn daughter.
There, I cussed. Don’t tell me I can’t f___in’ cuss.
Stupid f___in’ [Guitar crashes over in the background] BOOM!
There went your f___in’ car. I can shoot you. I can kill you. I can f___ you.
Be my friend. Do something right. Serve my daughter.
Yeah, look at that, that’s the evil. You better keep me on God’s side.
Do the right thing July 14th.

Jeffries was convicted and appealed. The Sixth Circuit rejects his arguments on appeal.

Subjective intent requirement: The focus was whether the statute contained a subjective element. The district court said no, and the Sixth Circuit agrees. In other words, it’s sufficient to convict under the statute for the threat to be reasonably perceived as a threat; it doesn’t matter whether the defendant subjectively intended it to be a threat.

The court notes that the majority of circuits, including the Sixth Circuit, have construed the federal statute to not require subjective intent. Jeffries argued that the Supreme Court’s decision in Virginia v. Black (striking down a state statute that banned cross burning) required a subjective inquiry, but the court disagrees. Judge Sutton says that the Supreme Court’s decision in Black turned on overbreadth and the Court did not directly address the subjective intent question (the statute at issue in that case already contained a subjective element). The problem identified in Virginia v. Black – of separating constitutionally protected speech from proscribable speech – was adequately addressed in the context of the federal threat statute because the cases look to whether something would reasonably be perceived as a threat.

Sufficiency of evidence: The court also addresses Jeffries' argument that there was insufficient evidence to convict. The court says that a reasonable jury could have found the video to constitute a true threat. The video obviously refers to the family law judge who would hear the custody modification, and says to the judge that he should “do the right thing July 14th [the date of the hearing].” This is plenty for a reasonable jury to take the video as a “serious expression of an intention to inflict bodily harm” along with an accompanying goal. The court does note that this is the first time the statute has been applied to a music video, but the statute does not contain anything to preclude this, and a threat can be delivered by any means.

Facebook messages and other videos: Jeffries also argued that the jury should not have been shown the Facebook messages that he sent when he posted the video to Facebook. The court says that these provide the necessary context for the video, and it doesn’t make sense for the jury to have only considered messages that could have made their way to the family law judge. The threat does not need to be communicated to its target and as long as anyone would reasonably perceive it as a threat, that’s sufficient. In contrast, Jeffries actually wanted to show the jury other videos he posted to YouTube, but was prevented by the trial court from doing so. The Sixth Circuit says that this is also not erroneous. These videos were not part of the context for the allegedly threatning video, and the trial court was within its discretion in excluding them.

Interestingly, Judge Sutton, who wrote the Sixth Circuit opinion, wrote separately (“dubitante”) expressing his opinion that although precedent does not require the statute to contain a subjective component, maybe it should. He says that any definition of the term "threat" encompasses an expression of “intent” on the part of the author or speaker. Allowing a conviction based on a purely objective test “reduces culpability on the all-important element of the crime to negligence.” A lot of precedent only looks to the subjective test for whether something is a threat, but according to Judge Sutton, the cases don’t adequately dig in to the definition of “threat” or the history of the statute.

The Sixth Circuit panel viewed its hands as tied on the subjective intent question, although Judge Sutton's separate opinion is surely intended to flag this for the parties or other judges as something that hasn't necessarily been correctly decided (despite the appearance of settled precedent on the issue). As mentioned in the initial post, the video was pointed, and it's tough to not conclude that it wasn't made with the intent that it come to the family law judge's attention or have some sort of coercive effect on him. Nevertheless, it's troubling that the district court rejected Jeffries' proposed jury instruction on the issue of subjective intent, given that Sixth Circuit precedent appeared to require an intent to "effect some change" through the threat, and given the fact that the threat was made in the form of a music video. It's possible (although unlikely) that the defendant could have created the video purely as a vehicle for self expression, and the rejection of Jeffries' proposed jury instruction seems to preclude this defense. (This may be addressed elsewhere in the instructions.) [It's also worth noting that although I didn't go back and re-read Virginia v. Black, I recall it being one of the more confusing cases I've read.]

It will be interesting to see if Jeffries seeks rehearing en banc.

(h/t) ABA Journal: “6th Circuit Upholds Conviction for Threat to Judge in YouTube Song.”

Eric's comment

The standard maxim is that we should never say anything online that we wouldn't say in person. I wonder if that maxim would have helped Jeffries here. Would he have been willing to sing his song to the judge's face? If not, then it wasn't a great idea to post the video online. Overall, I'm seeing an increasing number of cases in this genre--a song recorded in a YouTube video as a means of expressing anger or angst--and I think all of those videos would benefit from being run through the "would you say this in person?" acid test.
_______

Venkat's follow up comment

I have no disagreement with Eric's comment that the video clearly didn't pass the "don't-post-stuff-online-that-you-wouldn't-say-in-person" test. Threats against public officials, including judges, are not something to be taken lightly. That said, I wonder whether criminalizing this activity is optimal. As the ABA article notes, the defendant, who happened to be a veteran, also got into hot water over posting allegedly "suicidal/homicidal" tweets. It's likely that this is part of an overall mental health issue that could benefit from treatment rather than punishment.

[image via ShutterStock]

Posted by Venkat at 12:58 PM | Content Regulation , Evidence/Discovery

Ranking of "Dirtiest Hotels" Based on User Ratings is "Unverifiable Rhetorical Hyperbole"--Seaton v. TripAdvisor (Partial Forbes Cross-Post)

By Eric Goldman

[This is another situation where I'm posting the first draft of this post here and linking to the Forbes version, which reads a little differently. As always, I welcome feedback about which version you liked better.]

Seaton v. TripAdvisor, LLC, 3:11-cv-549 (E.D. Tenn. August 22, 2012)

TripAdvisor compiles its user ratings into an annual ranking of the top 10 "dirtiest hotels." Not surprisingly, hotels making the list don't feel very honored. The 2011 loser, the Grand Resort in Pigeon Forge, Tennessee, sued TripAdvisor for defamation and related claims. Concluding that the "dirtiest hotels" ranking constituted non-actionable opinion, the court dismissed the case on a 12(b)(6) motion to dismiss.

This opinion necessarily gets into the messy distinction between objective facts and subjective opinions. (James Grimmelmann recently explored this ground in some detail, although I wasn't completely satisfied with his treatment). The underlying user ratings clearly are the users' opinions; these ratings may be coupled with objective statements that could be actionable (the court gives an example where a user says the hotel's bathtub was caked with a half-inch of dirt). TripAdvisor then layers its own content onto the user ratings. For example, it said that 87% of its users recommended against staying there, another statement of fact.

But what about just the rankings themselves? I believe TripAdvisor made an objective statement that of its ranked hotels, Grand Resort had the lowest numerical score for cleanliness. Grand Hotel doesn't seem to be contesting TripAdvisor's numerical computations. It seems that Grand Hotel is contesting TripAdvisor's choice of the word "dirtiest," perhaps enhanced by the numerical ranking which lends a veneer of objective precision to the list. The court rejects this line of thinking, saying "neither the fact that Defendant numbers its opinions one through ten, nor that it supports its opinions with data, converts its opinions to objective statements of fact."

The court then says that reasonable consumers would not interpret these types of rankings as facts:

TripAdvisor’s list is of the genre of hyperbole that is omnipresent. From law schools to restaurants, from judges to hospitals, everything is ranked, graded, ordered and critiqued. Undoubtedly, some will accept the array of “Best” and “Worst” rankings as impenetrable maxims. Certainly, some attempt to obfuscate the distinction between fact and opinion as part of their course of business. For those that read “eat here,” “sleep there” or “go to this law school” and are unable to distinguish measured analysis of objective facts from sensational “carnival barking,” compliance will be both steadfast and assured. Nevertheless, the standard, fortunately, is what a “reasonable person” would believe. A reasonable person would not confuse a ranking system, which uses consumer reviews as its litmus, for an objective assertion of fact. It does not appear to the Court that a reasonable person could believe that TripAdvisor’s article reflected anything more than the opinions of TripAdvisor’s millions of online users.

That's not to say that the judge is a fan of consumer reviews:

though TripAdvisor’s method of arriving at its conclusions, unverified online user reviews, is a poor evaluative metric, it is not a system sufficiently erroneous so as to be labeled ‘defamatory” under the legal meaning of the term.

Two general observations about this ruling:

1) This is a great ruling for user-generated content (UGC) sites that compile various rankings of user subjective views. So long as they make it clear that user opinions are the source material, it seems like UGC sites can go quite far in packaging user ratings and providing lists of top/bottom performers without fearing defamation liability for that distillation.

2) In particular, this ruling is a great complement to 47 USC 230, which otherwise immunizes websites for user content. In light of terrible language in the initial Ninth Circuit Roommates.com opinion, we feared that websites would shy away from gathering and providing structured data from users. Those fears partially ameliorated after the Ninth Circuit wiped away its initial ruling, but nevertheless, plaintiffs have continued to hammer websites for their characterizations of user content. This ruling bridges the gap: even if Section 230's immunity isn't available for a website's distillation of structured data provided by users, the website should still be able to avoid defamation liability because its compilation isn't a "fact."

Posted by Eric at 09:15 AM | Content Regulation , Derivative Liability | TrackBack

August 27, 2012

Virtual (SuperPoke!) Pet Owners Must Arbitrate Their Claims Against Google and Slide -- Abreu v. Slide

[Post by Venkat Balasubramani]

Abreu v. Slide, Inc., 12 0042 WHA (N.D. Cal.; July 12, 2012)

This is a motion to compel arbitration filed by Google and Slide, the developer of SuperPoke! Pets. As mentioned by Eric in this initial post about the case, SuperPoke! is a game developed by Slide, which was later bought by Google. The game allowed you to care for “virtual pets” and earn coins. You could use these coins to customize the environment for your virtual pets. You could also buy virtual currency which you could use to purchase certain premium items. Users apparently bought a bunch ($6MM worth, according to an earlier filing by Google) of virtual currency before Google ultimately shut the game down. Users sued, alleging that termination of SuperPoke! Pets by Google and Slide violated California consumer protection laws and California common law. Defendants moved to dismiss, or in the alternative to force the consumer-plaintiffs to arbitrate their claims.

Judge Alsup lays out the general standards for enforcement of arbitration agreements, noting the federal policy in favor of arbitration where there is a valid contract. He cites to Concepcion, a Supreme Court case which looked with disfavor on a California statute which imposed higher burdens for enforceability specifically on arbitration agreements. The court’s role is to determine whether there’s a valid and enforceable contract and whether the dispute falls within the parameters of the contract. Here, the terms of use contain an arbitration provision and it clearly applies to the dispute. The remaining question is whether defendants can show that the arbitration clause is unenforceable because it’s unconscionable. No luck on this front.

Plaintiffs attacked the arbitration clause in a variety of ways, but Judge Alsup says many of their challenges do not go to the enforceability of the arbitration provision and are aimed at the terms of service. These challenges (90 day limitation on recovery of monetary damages, a one year statute of limitations) are of no help to plaintiffs. The court turns to the four objections which are focused on the arbitration provision:

Waiver of injunctive relief: The court says that a one-way waiver of injunctive relief may be problematic (even though it doesn’t necessarily go the arbitration provision itself and is more directed overall at the terms of service). In any event, the court says that this is severable.

Filing fee: Plaintiffs complained about the filing fee, arguing that that $775 filing fee would be unduly burdensome. The court says that the actual filing fee is $125 (or $375 at the most) and this can’t be considered excessive.

No attorneys’ fees: Plaintiffs also say that the fact that the arbitration clause does not provide prevailing plaintiffs an opportunity to recover fees makes it unconscionable. The court says that there’s no requirement that an arbitration clause must provide for the recovery of fees.

Informal negotiations requirement: Finally, the court rejects plaintiffs’ argument that the requirement that they enter into “informal negotiations” prior to asserting their claim renders the clause unconscionable. This obviously does not get any play.
___

Ouch. Judge Alsup’s ruling puts this putative class action on ice. Without the possibility of recovering fees, I can’t see the plaintiffs lawyers pursuing this one (although if plaintiffs spent $6MM, maybe this is enough to maintain the interest of the lawyers).

How arbitration clauses in online terms would fare post-Concepcion was an open question. Although there are not enough data points to be sure, the available rulings indicate that these clauses will enjoy robust success. Companies have taken the Supreme Court’s cue and are adding back arbitration provisions into their user agreements, including sometimes adding class action waivers. (See, e.g., eBay.) At least in one instance, plaintiffs tried to attack this type of a change preemptively, but their claims (which were brought against Sony when Sony changed the terms of its PlayStation 3 terms to require arbitration) did not meet with success. (See “Users Can't Sue Sony for Changing Online Terms to Require Arbitration – Fineman v. Sony Network Entertainment.”)

Judge Alsup’s decision to reject plaintiffs’ arguments around the limitation clauses was interesting. A ninety day limitation on money damages and a one year statute of limitations is fairly harsh. Given the widely accepted notion that people don’t read online terms, I question whether other courts would enforce these types of draconian provisions as freely. (The court’s distinction between arguments that go to the terms and those that are focused on the arbitration clause was interesting. Even though the limitations/exculpatory provisions do not speak specifically to arbitration, the net effect is to nuke a plaintiff’s claims. I found this distinction somewhat formalistic.)

It may be that the real action is around procedural unconscionability. As the Qwest, Clearwire, Harris v. Blockbuster, and other cases linked below indicate, a surefire way to challenge an arbitration clause is to challenge formation or notice of the change to require arbitration (or on the basis that it can be changed “at any time, with or without notice”). Companies who change online terms to include arbitration provisions would be wise to dot their i’s and cross their t’s in this regard.

Posted by Venkat at 10:29 AM | E-Commerce , Licensing/Contracts

August 26, 2012

Online Marketplace Not Liable to Buyer for Aborted Private Sale of Facebook Shares -- Facie Libre Associates v. SecondMarket Holdings

[Post by Venkat Balasubramani]

Facie Libre Associates v. SecondMarket Holdings, 2012 N.Y. Misc. Lexis 3914; 2012 NY Slip Op 51545U (Supreme Court of NY; Aug 10, 2012)

SecondMarket operates an “online marketplace website” where shares of privately held companies are bought and sold. Karl Voskuil, a former Facebook employee, wanted to sell some of his Facebook shares prior to Facebook's IPO. He found a willing buyer in two "Facie Libre" entities that were organized to purchase Facebook shares and hold them until they became public. (This WSJ article provides background on the transaction, and also points out that Facie Libre is a latinate rendering of Facebook: "Deal For Facebook Shares Leads To Suit Vs. SecondMarket.")

Voskuil entered into a stock transfer agreement with Facie Libre to sell 75,000 Facebook shares (at $33 a share, a total purchase price of $2,475,000). Under this agreement, Voskuil was required to deliver a legal opinion to Facebook verifying that registration of the shares was not required under the Securities Act of 1933. This document had to be delivered to Facebook within 60 days of notifying Facebook that a shareholder proposed to sell Facebook shares. Separately, SecondMarket entered into an "Intermediary Services Agreement" agreement with Voskuil under which SecondMarket would “design, implement and facilitate” the transaction for $75,000. Facie Libre was not a party to any agreement with SecondMarket.

Fortunately or unfortunately (depending on which side of the transaction you were on), the transaction did not close. The required legal opinion was delivered on March 26, 2010, one day after the 60 day deadline. According to Facie Libre, SecondMarket undertook the obligation to deliver the legal opinion, failed to timely do so, and was not forthcoming about the transaction's status. SecondMarket allegedly only told Facie Libre three months after Facebook informed SecondMarket that the transaction would not close that Facebook did not approve the transaction. Some time after, Voskuil returned the purchase price that Facie Libre had wired to him ($2,400,000). Facie Libre sued SecondMarket alleging various theories relating to the aborted sale. Facie Libre’s primary argument was that SecondMarket was obligated to procure and timely deliver the legal opinion and its failure to do so was a breach.

Website terms: SecondMarket argued that it had an online agreement in place that contained a one year limitations period on when claims could be brought. The court dismisses this defense, saying that although SecondMarket had website terms in place, these were generally applicable to website users and do not supply any relevant terms for a separate transaction such as the Facebook stock sale.

Breach of contract: Facie Libre asserted a claim as a third party beneficiary under the Voskuil/SecondMarket intermediary services agreement. It argued that under this agreement, SecondMarket had an obligation to furnish the legal opinion. The court rejects this argument, saying that nothing in this agreement requires SecondMarket to procure the legal opinion. In fact, the intermediary services agreement expressly says that Voskuil has the obligation to furnish the legal opinion.

Negligence / Breach of Fiduciary Duty: The court also dismisses Facie Libre’s negligence and breach of fiduciary duty claims. As far as negligence, the court says that Facie Libre can’t sue in negligence since the relevant agreements require Voskuil to furnish the legal opinion (SecondMarket had no duty to do so). The breach of fiduciary duty claim fares no better. Facie Libre argued that it “subscribed to SecondMarket’s website and relied on [SecondMarket’s] expertise.” The court says that the parties engaged in an arms-length transaction and Facie Libre’s purported reliance (if any) on SecondMarket’s expertise didn’t establish a fiduciary relationship.

Misrepresentation: The one claim that survives is the misrepresentation claim. The court says that SecondMarket knew the transaction didn’t close and nevertheless strung Facie Libre along. Had Facie Libre known the transaction didn’t close, it would have taken steps to remedy the situation.
__

Oy. I don’t know the economics of who would have lost or gained from any appreciation in the Facebook shares had the transaction closed as planned, but it’s safe to say that given the downward slide in Facebook stock, someone may have actually benefited from the transaction not closing. This probably would be Facie Libre. The WSJ article linked above was written in June 2011, and it notes that at that time, Voskuil retained the shares after the botched sale, and the shares were "worth several times more than they were when he first agreed to sell them to Felix [one of the principals of Facie Libre]." He may have unloaded the shares since then, but if he has not done so, the shares are worth much less today than Facie Libre offered to pay for them. Given that Facie Libre likely didn't lose any money from the sale not having gone through, you wonder why the lack of damages didn't get any play from the court. (I thought this would be worth at least a passing mention, if nothing, to note how quickly fortunes can change.)

This court's conclusion with respect to SecondMarket's website terms argument is right--your agreement to the website terms do not supply contract terms for all aspects of your relationship with the website. Parties have tried this argument before and it typically goes nowhere. On the other hand, given that Facie Libre brought a fiduciary duty argument that seemed premised in part on SecondMarket's website representations, it's interesting that this didn't figure into the discussion of whether the limitations in SecondMarket's website terms could preclude Facie Libre's claims.

Posted by Venkat at 01:10 PM | E-Commerce , Licensing/Contracts

Amazon.com's Anti-Counterfeiting Efforts Blessed by California Appellate Court (Forbes Cross-Post)

By Eric Goldman

A California appellate court has blessed Amazon.com's ($AMZN) efforts to police counterfeit goods sold by its third party merchants. This is especially good news for Amazon because the leading precedent on the topic had blessed eBay's ($EBAY) more aggressive anti-counterfeiting efforts, so it wasn't clear Amazon would be equally protected even if it had less aggressive practices. Nevertheless, the news is not all good for Amazon. The opinion indicates that Amazon is having some difficulty keeping counterfeits off its site. If Amazon can't fix that, it could face both continued legal hassles and a consumer backlash.

The opinion tells a poignant story about a manufacturer's problems with counterfeiting. The manufacturer, Tre Milano, makes the "InStyler Rotating Hot Iron Hair Straightener." Tre Milano claims that the item has been a marketplace success, and that it's a popular item to counterfeit. Putting aside the lost revenues to Tre Milano, counterfeit versions of the InStyler can create other problems: they pose significant safety hazards to consumers, and unwitting buyers of the defective or poorly constructed counterfeit items are unfairly panning InStyler in consumer reviews.

Tre Milano has an active anti-counterfeiting program that includes buying goods to check if they are counterfeit and sending takedown notices to eBay and Amazon. It had an ongoing dialogue with Amazon. For example, the court says "From May 1, 2010 to April 28, 2011, Tre Milano sent 311 NOCI’s to Amazon." (NOCIs are "notices of claimed infringement," a type of takedown notice). To Tre Milano's chagrin, Amazon sometimes didn't honor its takedown notices when Tre Milano didn't confirm that it had done a test buy.

In this sense, Tre Milano and Amazon reached a typical impasse. Tre Milano has incentives to send takedown notices when sellers are setting low prices--maybe because they are counterfeiters, or maybe because they are overly aggressive discounters of legitimate goods or selling legitimate used goods. Either way, Tre Milano is fine with kicking those legitimate sellers out of the market as a collateral consequence of chasing counterfeiters. Meanwhile, Amazon doesn't want to kick legitimate merchants off its network simply based on self-interested allegations of bad behavior; this would sour its merchant relations and cost Amazon its cut of their sales. So Tre Milano doesn't care too much if its takedown notices are accurate, while Amazon cares a lot about the notice's accuracy.

The legal rules matter a lot to who bears the risk of errors in Tre Milano's takedown notices. If the law says Amazon has to assume Tre Milano's takedown notices are accurate (or bear liability for getting that wrong), then Tre Milano can send notices freely and Amazon will toss a lot of legitimate3 merchants overboard. In contrast, if the law says that Tre Milano has to verify the counterfeiting allegations before Amazon has to honor its takedown notices, then Tre Milano has to do more prep work and some counterfeit sellers will avoid the ax.

The court concludes that Amazon can ignore Tre Milano's unverified takedown notices because Amazon is a "transactional intermediary," not the actual seller of counterfeit goods. The court applies the same legal standards set by the Second Circuit in Tiffany v. eBay, even though (1) Amazon may have done less to police against counterfeits than eBay's practices endorsed by the Second Circuit, (2) Amazon acted as the payment service provider for its merchant sales, a service eBay didn't provide, and (3) Amazon didn't always remove items in response to takedown notices (in contrast, eBay always acted on Tiffany's takedown notices; the lawsuit was over Tiffany's demand that eBay should be even more proactive).

Obviously this ruling is good news for Amazon, but I think it's also good news for other e-commerce websites enabling third-party merchants to sell to consumers. Manufacturers routinely make unreasonable demands on e-commerce websites to do more to police against counterfeits. Here, the court rejected Tre Milano's demands on Amazon, and those demands were not nearly as unreasonable as many other demands that manufacturers make. Thus, this opinion sends a strong signal to manufacturers that they should tone down their anti-counterfeiting demands on e-commerce websites; and it gives some encouragement to e-commerce websites to stand up to overly aggressive manufacturer demands.

Even so, e-commerce websites can't simply ignore counterfeit sales on their websites, even if made by third party sellers. Doing too little anti-counterfeiting work can result in low judicial sympathy if challenged in court, and worse, it can undermine buyers' trust in the e-commerce site. In some cases, buyers are completely OK with counterfeit goods (such as luxury branded goods, where consumers may like the design or status and don't need an authentic good to achieve that goal), but buyers are not likely to be OK with counterfeit electronic goods like the InStyler due to the safety and quality issues. Even though Amazon may have dodged the legal bullet here, it's hardly comforting for Amazon consumers to know that Amazon hasn't figured out a reliable way to screen out sales of counterfeit InStylers.

Case cite: Tre Milano, LLC v. Amazon.com, Inc., 2012 WL 3594380 (Cal. App. Ct. August 22, 2012). Like so many California appellate court opinions, this was designed "not published" for no good reason, so it is not citable or binding precedent. For legal geeks: this opinion never explains why the lawsuit remained in state court despite Tre Milano's allegations of a Lanham Act violation.

Posted by Eric at 08:04 AM | Derivative Liability , E-Commerce , Trademark | TrackBack

August 25, 2012

Google Tries Again to Respond to Judge Alsup's Shill Disclosure Order. Now, How About Oracle?

By Eric Goldman

Oracle America, Inc. v. Google Inc., 3:10-cv-03561-WHA (N.D. Cal. Aug. 24, 2012)

In the ongoing saga about Judge Alsup's requests that Oracle and Google disclose possible shills, Google filed a supplemental disclosure that listed 13 individuals/organizations. There's not much in Google's disclosure that I didn't already know, and I wonder if the judge has finally gotten whatever he's looking for. Google has a better basis to argue that it properly responded to the judge's request, but I still have no idea how the judge will respond.

Some mildly interesting points about Google's supplemental disclosure:

* Google disclosed William Patry this time, but baffingly, Google did not identify him as a treatise author. Given that the judge has made his interest in treatise authors quite clear, I don't understand why Google didn't explicitly close this loop.

* Google cited a tweet by its employee, Tim Bray. Google didn't include the tweet's contents in the filing (or that it got retweeted 575 times!), but it's worth including here:

"Speaking only for myself as an individual of course: Fuck Oracle."

It's a little hard to characterize this as a "comment" on the case!

* Google disclosed Bruce Perens as a consulting expert. Normally, consulting experts aren't disclosed to a litigation opponent or the public at large unless they become testifying experts. I haven't checked to see if his involvement in this case was previously disclosed. If not, Oracle may have learned something new.

* Google lists Mike Masnick because a Google-funded organization (CCIA) paid him to write his The Sky is Rising report. I don't understand why this is on Google's list, as Judge Alsup's order clearly said he only was interested in "employees" of Google-funded organizations. Ditto for Google's disclosure of Michael Barclay, an EFF fellow.

Overall, Google's disclosure list disclosed, or name-checked, many well-known figures in the cyberlaw community, including the people I've already mentioned plus Mark Lemley, Paul Levy, Timothy B. Lee, Julie Samuels and others. If we got all of the referenced folks together in one room (and hid the knives), it would be a pretty cool party.

My biggest question: Why didn't Oracle supplement its initial disclosure in light of the judge's clarification? I can't believe Oracle has not provided any money to organizations whose employees commented on the case. So how about it, Oracle? Plead a mea culpa to the judge for blowing off his deadline and provide a more complete disclosure.

Our prior posts on this matter:

* Judge Alsup Tells Google to Try Harder With Its Shill Disclosures
* Oracle and Google Make Unenlightening Disclosures of their "Shills"
* Judge Alsup Tries to Out the Shills in Oracle v. Google
* Java APIs Aren't Copyrightable--Oracle v. Google (Guest Blog Post)

Posted by Eric at 10:12 AM | Copyright , Evidence/Discovery , Patents | TrackBack

Judge Seeborg Rejects Sponsored Stories Settlement For Now -- Fraley v. Facebook

[Post by Venkat Balasubramani]

Fraley v. Facebook, C 11-1726 RS (N.D. Cal.; Aug 17, 2012)

We’ve covered the Facebook Sponsored Stories litigation before. It's a putative class action arguing that Facebook improperly used the likeness and personality rights of its users to promote products and services. After extensive negotiations, the parties came to a deal, including (1) injunctive relief in the form of some changes to Facebook’s Sponsored Stories program; and (2) cy pres payment of $10 million. And of course, attorneys’ fees up to a certain amount (Facebook said it wouldn't object to any request up to $10 million). The users did not get any monetary recovery. In considering a motion for preliminary approval for the settlement, Judge Seeborg says no.

He identifies the following issues with the proposed settlement:

- It’s unclear that cy pres is appropriate because it's not clear it would be impractical to distribute the potential settlement payment. The parties argued that it would be impractical to divvy up $10 million among 70 million individuals. The court says this alone is not enough to justify a payout of zero dollars to the class. The outer range of possible class recovery is also something that should be considered, according to the court. If each plaintiff is entitled to $750 in statutory damages, the amount of available damages if the case went to trial may be much greater than the $10 million estimated by the parties.

- The court also questions whether the amount of the cy pres payment is appropriate. The court acknowledges that it’s appropriate to estimate damages and apply a discount, but the number shouldn’t be just “plucked from thin air.” A related problem is that Facebook's estimate assumes a discount based on the small number of plaintiffs who actually file claims. The court says that this gives Facebook a double discount.

- The court balks at the fees – up to $10 million.

- It’s unclear what exactly Facebook is signing up for in terms of injunctive relief. The court wants more information on this.

You don’t get the sense from the order that the settlement is dead. This is basically a warning shot from the court; maybe another way of saying that the parties should come back and dress up their settlement a little more nicely. While courts have scrutinized settlements more closely, cy press settlements are still an acceptable way of handling class action payments.

The court's statement that the lawsuit is "too big to settle" is an interesting one. It's tough to square this conclusion with the settlement number. If the possible range of damages is really that big, does it make sense for plaintiffs to agree to such a discounted amount in settlement? This brings one back to the issue of whether the settlement is in the class' interest. Because the money isn't even going to the class, that's sort of a moot point. (The number that's most important is probably the attorneys' fees figure, which makes the whole thing look like a toll that Facebook pays to plaintiffs' lawyers. Judge Seeeborg doesn't say this explicitly but he hints at it.)

There's a side-dispute about the identity of the cy pres fund recipients, and someone asked the court to expand the circle of entities who would be getting payouts but the court refused. On a related note, Eriq Gardner suggests that rejection of the proposed settlement is a victory for Hollywood because the cy pres recipient organizations are firmly in the anti-content camp: "Why Hollywood Wins in Judge's Rejection of Facebook Privacy Settlement." I think this reads a bit too much into the motivations and pliability of the cy pres recipients.

Most important I think is the scope of the injunctive relief, and this is where the settlement arguably falls short for users. As a previous post on Fraley mentioned, this lawsuit did not put a stop to Facebook's Sponsored Stories initiative. In fact, Facebook is expanding its love affair with Sponsored Stories. You would think any negotiated injunctive relief that addressed changes to this program would allow users to quickly and easily opt-out, but I don't think that's the case. Marc Rotenberg from EPIC made this point in a letter to the court--the letter is well worth reading: Fraley v. Facebook proposed settlement, No. 11-01726 (letter dated July 12, 2012).

There's a final aspect of the settlement that is worth noting: the push for confidentiality around Facebook's revenue figures. While the parties are still wrangling with the court over what exactly can be sealed (Judge Seeborg told the parties to go back to the drawing board on their initial request to seal), the revenue figures for Sponsored Stories should be made available, at least to potential class members. Of course, given the size of the potential class, that's pretty much the same as making it publicly available. It's interesting (and understandable) for Facebook to claim that it shouldn't have to disclose specifics, but people need enough information to meaningfully evaluate the settlement. It would be nice for the court to take a hard look at the parties' request to seal the financial figures.

[A final procedural note, plaintiffs in a separate class action that involved minors moved to intervene in order to object to the settlement. The court said that intervention is moot because the other plaintiffs could file an objection regardless of whether they are parties to the suit. The motion for intervention makes a few points that are worth considering but they didn't get much play in the overall discussion.]

Other coverage:

Eriq Gardner: Why Hollywood Wins in Judge's Rejection of Facebook Privacy Settlement
David Kravets: Judge Rejects Facebook ‘Sponsored Stories’ Lawsuit Settlement
Kash Hill: Judge Kicks Facebook's 'Sponsored Stories' Settlement To The Curb
Jeff John Roberts: "Judge rejects Facebook ad settlement, cites 10 million dollar payout"

Previous posts:

Facebook "Sponsored Stories" Publicity Rights Lawsuit Survives Motion to Dismiss--Fraley v. Facebook

Posted by Venkat at 07:56 AM | Publicity/Privacy Rights

August 22, 2012

Why Did Google Flip-Flop On Cracking Down On "Rogue" Websites? Some Troubling Possibilities (Forbes Cross-Post)

By Eric Goldman

Earlier this month, Google announced that it may downgrade search results for a website if Google receives a high volume of "valid" takedown notices against the website. Google's move has confused many Google-watchers, largely because the exact implementation details are important but aren't being disclosed.

However, I'm confused for a more fundamental reason. Google staunchly opposed the Stop Online Piracy Act (SOPA), yet Google's move partially implements SOPA anyway--and makes one of the analytical errors that made SOPA so objectionable. (See my prior blog post on other recent efforts to recreate SOPA). This post tries to figure out why Google flip-flopped on SOPA.

The Analytical Error

Theoretically, both SOPA and Google's algorithmic change are intended to curb "rogue" websites. Unfortunately, any definition of rogue websites creates false positives by including websites that will mature into legitimate players over time. For example, YouTube circa 2005 might have looked like a rogue website at the time, but few folks would characterize it that way now. Or, a site like Pinterest (with its legally questionable "sideloading") might initially look like a rogue website until its lawyers clean things up.

In 1998, Congress enacted a safe harbor scheme to balance the interests of copyright owners and providers of user-generated content (UGC) websites. The basic deal: copyright owners send takedown notices for specific items of user-posted infringing content, legitimate UGC websites honor those takedown notices, and the websites avoid copyright liability for their users' content. This scheme, while imperfect, has worked well enough to help the UGC ecosystem flourish.

SOPA threatened to undermine this balance. Instead of sending takedown notices for individual content items, copyright owners could send cutoff notices to the website's service providers that, if honored, would marginalize the entire website. Thus, SOPA's remedy didn't fit the problem: the problem is individual infringing items, but the remedy equally affects both legitimate and illegitimate content items.

Google's algorithmic change creates the same problem-remedy mismatch as SOPA. Based on complaints about individual content items, Google's algorithm may ultimately downgrade the entire website--even if all of the takedown notices are legitimate. (Thus, I'm not even addressing the many illegitimate takedown notices competitors will send Google to try to game its algorithm). By applying the penalty site-wide as opposed to individual content items, the search results for legitimate content items at that downgraded website also will be marginalized. Thus, Google's algorithm replicates one of the SOPA's most objectionable aspects.

Why Did Google Flip-Flop on SOPA?

After fighting SOPA, why did Google choose to partially implement it voluntarily? Some hypotheses:

1) The move helps searchers find more relevant results. This could be plausible if, for example, rogue websites are highly correlated with other problems for searchers, such as malware, that aren't adequately screened by Google's 200+ other algorithmic signals. Google's blog post didn't tell that story, though. Instead, Google offered only a weak explanation of how searchers might benefit from the move by seeing more "legitimate" content sources, and Google hasn't acknowledged the countervailing risk that legitimate content may be downgraded in searchers' results--an outcome that unquestionably hurts searchers in their quest for the most relevant results. Indeed, Google's algorithmic change, on a net basis, could degrade search results relevancy for searchers. Techdirt explores this issue more.

2) Google felt this move would help reduce its legal risk. However, Google already qualifies for Congress' 1998 safe harbor (17 U.S.C. 512(d)), and the voluntary algorithmic change doesn't directly improve its legal posture.

3) Google hopes the change will improve its relationship with Hollywood, which in turn could have ancillary benefits like unlocking more content deals. Given how many folks in Hollywood believe Google is the devil, I doubt an algorithmic change will change that.

4) Google hopes the move staves off more draconian Congressional regulation.

5) Google is acting at the Obama administration's behest to curry political favor for other Google policy initiatives.

6) Google philosophically believes rogue websites are bad and its algorithm doesn't do enough to screen them out.

I could make arguments supporting each of these hypotheses, but I remain troubled that Google hasn't persuaded us that its change is in searchers' best interests. Usually Google's good intent for its algorithmic changes is apparent, but earlier this year I had similar questions about Google's motives with "Google Search Plus Your World," which promoted Google+ in search results compared to other social media services. Google offered a very weak explanation that the Search Plus Your World change was in searchers' best interests, yet Google also was promoting its proprietary offering more prominently than its competitors' offerings. Regardless of Google's intent, the Search Plus Your World integration created potential anti-competitive effects.

Along those lines, let me offer one last hypothesis for Google's current move: Google flip-flopped on SOPA because the algorithmic change reduces the exposure of new disruptive marketplace entrants that compete against Google's other UGC properties. In effect, by (fatally?) downgrading their rankings, Google can keep websites like YouTube circa 2005 and the next nascent Pinterest from growing into bona fide competitors to Google's franchise. If this hypothesis is true, perhaps Google initially resisted the algorithmic change because it knew that the move didn't benefit searchers, but Google finally acceded to the copyright owners' requests when it dawned on Google that the move would help it suppress potential new competitors.

Conclusion

Don't get me wrong: for years, I have vociferously supported Google's right to use whatever ranking algorithm it thinks best serves searchers (see, e.g., my articles on search engine bias from 2006 and 2011). However, this is the second time this year (after Google+'s integration) I've had to ask if Google is really trying to benefit searchers, or if it's doing something else--such as acting like an incumbent trying to shut the door behind it. Even if Google's motives for the algorithmic change are, in fact, legitimate, the potential anti-competitive implications of this move are hard to overlook.

Posted by Eric at 09:46 AM | Copyright , Derivative Liability , Search Engines | TrackBack

No Privacy Claim Against Netflix for Disclosing Viewing Histories and Instant Queue Titles Through Netflix-Enabled Devices -- Mollett v. Netflix

[Post by Venkat Balasubramani]

Mollett v. Netflix, 11-CV-01629 (N.D. Cal.; Aug 17, 2012)

This is a putative class action under the Video Privacy Protection Act alleging Netflix violated the VPPA (and Cal. Civ. Code 1799.3) by .. get this .. freely displaying, to a subscriber’s family members, a subscriber’s “recently watched” and “instant queue titles” on the subscriber’s Netflix-Enabled Device. I’m surprised the court didn’t just enter a three word order (“WTF”) dismissing the claim.

Netflix allows you to register devices that can access your Netflix account. Once you enter your password, you need not keep entering it in again. Plaintiffs alleged that this was a problem because a subscriber’s family members could then access the device and see a subscriber’s "recently watched" and "instant queue" titles without entering a password.

Netflix did not contest that the VPPA applies to streaming video providers. As cited by the court, a different judge in the Northern District of California recently concluded that Hulu was subject to the VPPA regardless of the fact that it offers streaming services and doesn’t charge its customers for some of its services. (See "Court Declines to Dismiss Video Privacy Protection Act Claims against Hulu.")

Nevertheless, the court says that plaintiffs cannot state a claim because the disclosures in question were made to the customers themselves (i.e., through their devices). Although not determinative, the court notes that Netflix’s privacy policy tells users that if they share their devices or passwords with others, they take “full responsibility for their actions.”

Plaintiffs argued, citing to legislative history of the VPPA, that Congress intended to regulate disclosures among spouses. The court says that the example cited in the VPPA’s legislative history was not analogous because it involved a divorcing spouse requesting records of the soon-to-be-ex spouse’s viewing habits in order to use this information in a child custody proceeding. The situation in this case is more akin to someone walking into a video rental store with their wife or husband and overhearing a clerk’s reference to a previous rental record (maybe in the context of a late fee discussion). The latter is something the user can control—i.e., by not taking their spouse to the video store with them.

The court also concludes that any disclosure was not knowing (or in the case of 1799.3, willful). The court says that Netflix wouldn’t necessarily know that anyone other than the subscriber could access the rental records and this would be outside of Netflix’s control or knowledge anyway. The court also says that Netflix’s reading of the statute to permit this type of sharing was reasonable.

This was a crazily misguided lawsuit that just aimed to take advantage of a possible litigation opportunity. If the plaintiffs had won, Netflix would have to make it more difficult for anyone to access their account history on Netflix enabled devices. I doubt anyone wants this outcome (except for the plaintiffs' lawyers). Not surprisingly, the court shut it down. I'm only surprised that the judge didn't have harsher words for the plaintiffs' lawyers.

(This is not to say that intra-spousal disclosures are not consequential. In plenty of other scenarios (HIPPA and ECPA) these disclosures can rightly form the basis of liability. But here, the fact that the disclosure occurred on the device, and was something the account-holder could control should be determinative. The Apple in-app lawsuit that survived a motion to dismiss also came to mind, but there were additional facts in that case that made a claim more plausible.)

In re Hulu set potentially important precedent in construing the VPPA to apply to streaming providers. This lawsuit was filed well before the ruling in Hulu, but I'm curious as to whether the Hulu ruling will open up the floodgates to possible claims against other streaming services. In any event, it's clear that the VPPA is becoming an important weapon in the arsenal of plaintiffs' lawyers. We've seen cases against Hulu, Redbox, Netflix, among others. It will be interesting to see who else ends up in their crosshairs.

[Update: Netflix clarified via email that Netflix did not concede applicability of the VPPA to its service for all purposes, but only for purposes of the particular motion. To the extent the case continues, Netflix reserved the right to argue that the VPPA does not cover streaming and therefore Netflix is not a VTSP for purposes of the claims against it]

Posted by Venkat at 08:07 AM | Privacy/Security

August 21, 2012

6th Circuit Allows Police GPS Tracking on Prepaid “Burner” Phones -- United States v. Skinner

[Post by Jake McGowan]

United States v. Skinner, 09-6497 (6th Cir. August 14, 2012)

If the name Stringer Bell means anything to you, you probably know what a “burner” is. The third season of The Wire saw aspiring drug runner Bernard tasked with purchasing unregistered pre-paid cellphones from various corner stores in Baltimore. The Barksdale crime organization would use and then discard these burners about every two weeks, avoiding any potential wiretaps and making detective Lester Freamon’s life much more difficult.

But even police forces outside HBO’s jurisdiction struggled with these “burner” issues, at around the same time season three hit the airwaves. Without IDs tied to the mobile phones, agents had a hard time obtaining proper search warrants and had to come up with new ways to track down the bad guys.

But how far could they go before running afoul of the Fourth Amendment? Could they “ping” the phone’s GPS chip to track its location in realtime? The Sixth Circuit Court of Appeals considered this question recently in United States v. Skinner, and handed down its controversial decision on August 14th.

In a 2-1 ruling, the Court held that the police’s GPS pinging did not violate the Fourth Amendment, even without a search warrant based on probable cause.

Background

In 2006, DEA authorities gained inside knowledge relating to a large-scale drug-trafficking operation led by James Michael West and supplier Philip Apodaca. Defendant Melvin Skinner was a courier in this operation, transporting marijuana from Mexico to Tennessee. Throughout his travels, Skinner used burners purchased by Apodaca to communicate with West; none of whom were aware that the phones contained GPS chips.

At the time, the police only knew Skinner by his alias: Big Foot. Through a series of wiretaps on regular mobile phones registered to West, agents got an idea of the organization’s plan, and discovered the phone number of Big Foot’s secret phone. By pinging the phone and observing its GPS data, the police were ultimately able to locate Skinner’s RV. They brought out drug-sniffing dogs and then entered the motorhome, uncovering over 1,100 pounds of marijuana and two semi-automatic handguns.

Before trial, Skinner sought to suppress the search of the motorhome on Fourth Amendment grounds, since it took place without a warrant. The district court did not buy this argument, and Skinner appealed.

No Fourth Amendment Violation

The Sixth Circuit affirmed, holding that Skinner did not have a reasonable expectation of privacy in the data given off by his burner phones:

If a tool used to transport contraband gives off a signal that can be tracked for location, certainly the police can track the signal. The law cannot be that a criminal is entitled to rely on the expected untrackability of his tools.

That last sentence really sets the tone for the entire decision--leading with a moral obligation and then weaving through precedent to achieve that result.

Toward this end, the Court cited United States v. Knotts, and reasoned that the agents monitoring Skinner did not violate the Fourth Amendment because the information they received by pinging the burner could have been obtained by following Skinner down public roads. In other words, the Court saw the GPS data as “simply a proxy for [the defendant’s] visually observable location.”

Continuing this “proxy” argument, the Court brings up United States v. Forest, where DEA agents pinged the defendant’s cellphone and used the coordinates to reconnect after losing visual contact along a public roadway. Again, the Court points to the fact that the police only used the GPS data to “augment” what they could have seen with their own eyes, and thus did not conduct a “search” within the meaning of the Fourth Amendment.

Later on, the Court distinguishes United States v. Jones by emphasizing the ‘trespassory nature of the police action” in that case. The DEA agents in Jones "lojacked" the vehicle by attaching a tracking device. In Skinner, the police did not place a tracking device on the RV; they didn’t have to since they suspected he already had the phone. Nor did the Court see the police’s surveillance as “extremely comprehensive” to the point that it violated the Fourth Amendment in and of itself.

For these reasons, the Court held that Skinner did not have a reasonable expectation of privacy in the GPS data and location of his burner phone.

This decision reeks of “You’re gonna get what you deserve” to the point where it has already rankled a lot of legal analysts. The Court seems to start from a point of moral outcry (technology helps criminals but not the police), and then works backward toward a passable legal explanation for its ruling. Maybe there is a good legal explanation, but this decision is filled with logical leaps and slippery slope analogies.

For example, the Court reasons that a criminal should not be able to “rely on the expected untrackability of his tools.” But this reasoning seems to gloss over the important question of when the “suspect” turns into a full-fledged “criminal.” True, it’s hard to feel bad for Skinner (especially knowing what he did), but how will the Court’s logic affect future suspects? Will it not deprive them of Fourth Amendment rights on the police’s assumption that they are conducting criminal activity? It’s hard to see where the idea of probable cause fits into the equation.

Immediately following, the Court reduces the opposing argument to absurdity--imagining a world where “dogs could not be used to track a fugitive if the fugitive did not know that the dog hounds had his scent,” or where “a getaway car could not be identified and followed based on the license plate number if the driver reasonably thought he had gotten away unseen.” Without further development, these analogies do not seem to support the idea that Skinner forfeited his constitutional protections by driving on a public road.

As Julian Sanchez pointed out on the Cato@Liberty blog, the Supreme Court held in Katz v. United States that “what a person knowingly exposes to the public, even in his own home or offices is not a subject of Fourth Amendment protection . . . But what he seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected” (emphasis added).

This is important because while Skinner’s RV was viewable by the general public, the location of his phone and its connection to the drug plot were not. This would seem to cut against the Court’s comparison to Knotts.

The decision also seems to sidestep the fact that the police did not even know Skinner’s true identity when they started tracking him. To the Court, it is an irrelevant question because the police could have obtained this info “by other means.” In response, critics have pointed to Kyllo v. United States (absent from the decision), where the Supreme Court held that the agents’ use of thermal imaging did not escape the requirements of the Fourth Amendment, simply because the same information could have been acquired through other lawful means.

All in all, this decision is definitely worthy of its resemblance to The Wire--it forces you to grapple with the moral dilemma of admiring creative police work, while fearing how it could be abused. But hey . . . it’s all ‘n the game, right?

Posted by JakeMcGowan at 10:11 AM | Privacy/Security | TrackBack

Judge Alsup Tells Google to Try Harder With Its Shill Disclosures

By Eric Goldman

Oracle America, Inc. v. Google Inc., 3:10-cv-03561-WHA (N.D. Cal. Aug. 20, 2012)

I can't imagine Google is surprised that Judge Alsup did not like its response to his request that Google and Oracle disclose potential shills in Oracle v. Google. After all, Judge Alsup's order instructed both Oracle and Google to name names, and Google's response didn't name a single name while Oracle named three names (Mueller, an employee blogger, and Goldstein). Judge Alsup's quick response, only one business day after Oracle's and Google's disclosures, has almost a pleading tone to Google:

Please simply do your best but the impossible is not required. Oracle managed to do it.

Judge Alsup's follow-on order attempts to clarify his initial request, but amazingly it still does not tip Judge Alsup's hand about what exactly is bothering him. Judge Alsup reiterates that he meant what he said earlier: he wants to know bloggers who (a) covered the case, and (b) got money from Oracle or Google, not just bloggers who got paid to cover the case (a "quid-pro-quo" situation). As I pointed out before, to do this properly, Google should have to screen its thousands of vendors to see which of them covered the case. To speed this up, Judge Alsup specifies a few categories that don't need disclosure:

* AdSense publishers
* experts already disclosed
* university recipients. Excluding universities is a little odd, as universities are hardly above the fray when it comes to being influenced by corporate money.

In the end, the clarifications don't really doesn't narrow down Google's task very much. In particular, Judge Alsup reiterates that he wants Google to disclose organizations it has supported if "one of its employees was a commenter." Given organizations typically speak through their employees, Google will have to go through all of its supported organizations.

The judge also says:

Just as a treatise on the law may influence the courts, public commentary that purports to be independent may have an influence on the courts and/or their staff if only in subtle ways. If a treatise author or blogger is paid by a litigant, should not that relationship be known?

This is odd because judges and their clerks should be resistant to external influences like blogger coverage of the case. We understand that jury members (with their limited experience in the litigation process) might not be so disciplined, but judges and their clerks are trained professionals. Even so, judges and their clerks could be confused when a litigant cites a source when that source was on the litigant's dole--in those cases, it's possible the source changed his/her words to suit the benefactor, thus undermining the source's credibility in ways that may not be apparent to the reader. Oracle has tried to allege that Google did that by citing Jonathan Band's work, but Band didn't receive money from Google directly, and so we might debate if Band's words were tainted.

It's noteworthy that Judge Alsup keeps harping on treatises. Of course Google has William Patry, a copyright treatise author, on staff~~, but I am not yet aware that either party cited Patry's treatise (Please let me know if I missed something)~~. [I forgot that Oracle did cite Patry, as reported in this article.] Perhaps Judge Alsup wants every litigant in every case to disclose which treatise authors are on a litigant's dole, just in case one of his staff consults that treatise independently. Diminished credibility could be a problem when treatise authors become hired guns--especially if that's not disclosed either in the treatise or in a court filing--because a treatise writer could actually edit the treatise to reflect the interests of his/her clients. (I don't know if this has ever actually happened, so this might be a purely hypothetical discussion).

Perhaps one lesson to take away from all this: if you're a litigant and your filings cite a published work by your expert/consultant, maybe you need to disclose that. But in this case, if Alsup's clerks are traipsing through the treatises independently, surely they will discover Patry's affiliation with Google (I don't have a copy myself, but I assume Patry discloses it on the title page). As a result, there may be less risk of unintended treatise taint from Patry than from other treatise authors who become hired guns.

Perhaps as a sign of the judge's exasperation, the judge only gives Google until this Friday at noon to make its updated disclosure. I imagine a lot of Google's lawyers will burn the midnight oil--and rack up a lot of billable hours--this week. Per the judge's near-begging, Google can always claim that it "did its best" but wasn't able to do the "impossible." However, I wouldn't rely on that. I imagine any defects in its next disclosure will infuriate the judge, so I don't think it actually has the luxury of "only" trying its best in the time allotted. Google (or Oracle for that matter) could also challenge on the judge's order, which becomes increasingly likely as the parties realize the difficulty in complying with it.

Oracle may feel a little vindicated that Judge Alsup is hammering Google while giving Oracle a pat on the head, but this order isn't good news for Oracle either. Although it named three names, Oracle didn't come anywhere close to satisfying the judge's order. I expect Oracle will stand pat on its prior disclosure, but Oracle should be furiously scrambling right now too. I wonder if Google will try to drag Oracle down if Oracle doesn't update its disclosure.

Our prior posts on this matter:

* Oracle and Google Make Unenlightening Disclosures of their "Shills"
* Judge Alsup Tries to Out the Shills in Oracle v. Google
* Java APIs Aren't Copyrightable--Oracle v. Google (Guest Blog Post)

Posted by Eric at 07:28 AM | Copyright , Evidence/Discovery , Patents | TrackBack

August 17, 2012

Oracle and Google Make Unenlightening Disclosures of their "Shills"

By Eric Goldman

In Oracle v. Google, Judge Alsup recently ordered the parties to:

[f]ile a statement . . . identifying all authors, journalists, commentators or bloggers who have reported or commented on any issues in the case and who have received money (other than normal subscription fees) from the party or its counsel during the pendency of [the] action

As we previously wrote, this order is incredibly broad, which meant neither party could reasonably comply with its literal terms. As a result, initially I expected the parties to push back on the judge's request; but when they announced they both intended to comply, clearly there were going to make some limiting assumptions.

The statements are filed, and not surprisingly, they are dull. They don't tell us anything we didn't already know.

Oracle's statement discloses the following:

* Florian Mueller, who had previously disclosed his Oracle relationship.
* "certain Oracle employees" who blog. They specifically reference Hinkmond Wong.
* Stanford Law professor Paul Goldstein, who writes a copyright treatise and is of counsel at MoFo, Oracle's law firm in this case. Oracle says Goldstein hasn't commented on the case, but I haven't had a chance to confirm if Oracle cited his treatise in the case and disclosed his MoFo affiliation when doing so. Scott Graham's Recorder article notes that Google cited to Goldstein in its trial brief but didn't note any similar citations in Oracle's papers.

Google's statement doesn't name any names at all. Instead, Google explains to the judge that the literal terms of his order sweep in various categories of folks, and it asks the judge to speak up if he wants more information about folks in those categories. The categories:

1) Universities and non-profits
2) organizations that Google belongs to or contributes to, including political organizations and trade associations. With respect to these first two categories, Google notes that it publicly discloses its relationships (see also its supported academics). I'm curious if other companies make equally robust disclosures of their affiliations and supported researchers? Nevertheless, these lists may not be comprehensive (they have weasel words in the intro, and the academics list doesn't include competitively allocated research grants).
3) AdSense publishers (one of the disclosure categories I harped on--fortunately I wasn't on the list!)
4) Google employees, vendors and contractors
5) Expert consultants in this case. Confusingly, Google claims they are outside the order's scope because the experts only said what they were paid to say. This response would make more sense if we knew the identity of all such experts, but Google didn't offer a list here and could very well have experts that it didn't disclose to Oracle or the court. So it seems like Google may be cutting corners by not disclosing now any expert consultants who hadn't been previously disclosed, or confirming that no such folks exist.
6) Witnesses identified for trial. Google may also be cutting some corners here, saying that these folks were already identified in the litigation record. That's true, but Google didn't disclose which of those folks it paid, either for their testimony or for commenting on the case separately.

Perhaps fearing that Google wouldn't make adequately fulsome disclosures, and even though the judge didn't ask the parties to rat each other out, Oracle tries to "help" Google by anticipatorily naming some names for Google. Oracle calls out:

* Ed Black of the Computer and Communications Industry Association, which Oracle says is "funded in large part by Google." Oracle cites this Forbes post by Black.
* Jonathan Band, who wrote a book cited by Google, and whom Oracle says is indirectly funded by Google through Google-supported trade associations.

More generally, Oracle complains that "Google maintains a network of direct and indirect “influencers” to advance Google’s intellectual property agenda." I couldn't tell if Oracle was complaining out of concerns about the corrosive effect on society that such networks could have, or if it's simply jealousy that Google's influence network is better than Oracle's. I think this whole inquiry raises some very important social issues about credibility, transparency and the corrosive effects of money in our policy-making process, but I don't think we're likely to make real progress on any of those heady topics in this forum.

The parties' submissions now force Judge Alsup's hand. Did he really want the broad disclosure he ordered? If so, I wouldn't be surprised if a benchslap were in the offing for the obviously laconic disclosures. Or, is he going to accept these unenlightening filings and move on? In the former case, we're likely going to find out what was bothering Judge Alsup enough to start this inquiry. But if he doesn't force the parties to do more work, we may never know what started this.

Posted by Eric at 03:25 PM | Copyright , Evidence/Discovery , Patents | TrackBack

August 16, 2012

Section 230 Immunizes Links to Defamatory Third Party Content--Directory Assistants v. Supermedia

By Eric Goldman

Directory Assistants, Inc. v. Supermedia, LLC, 2012 WL 3329615 (E.D. Va. May 30, 2012)

[For some reason, this case just appeared in my Westlaw alerts today. Even at this late date, it's worth sharing. I have a lot of other cases stuck in my blogging queue, including other Section 230 cases. Eventually I'll clean up the backlog.]

Unknown parties posted negative reviews of Directory Assistants to various review sites, including RipOffReport.com, Scamlnformer.com, InsiderPages.com, JudysBooks.com, and YellowPages.com. Directory Assistants claims the reviews are defamatory. Supermedia, which apparently partially competes with Directory Assistants, allegedly sent prospective customers emails with links to those reviews. Directory Assistants sued Supermedia for circulating those links.

In this ruling, the court dismisses (on a 12(b)(6) motion to dismiss) Directory Assistants' suit against Supermedia on 47 USC 230 grounds. After incorrectly saying that Section 230 precedent only focuses on the immunity's applicability to providers of interactive computer services rather than users (thereby missing numerous cases, most obviously the California Supreme Court's opinion in Barrett v. Rosenthal), the court articulates its legal standard:

a user of an interactive computer service who finds and forwards via e-mail that content posted online in an interactive computer service by others is immune from liability

Supermedia easily met that standard. Directory Assistants tried to argue that discovery was required to determine if the linked-to sites qualify as "interactive computer services," but the court rejects the request because it's well-known that websites like Ripoff Report republish user-generated content. However, the court seems to have misread or misapplied the statute's reference to "interactive computer service." It shouldn't matter to the Section 230 inquiry if it was Ripoff Report or its users authored the linked-to reports; either way, a third party linking to that content isn't liable. Indeed, Section 230 applies even if the "republisher" publishes the full text of the third party content rather than linking to it (e.g., Barrett v. Rosenthal, Batzel v. Smith, Mitan v. A. Neumann & Associates, Phan v. Pham and D'Alonzo v. Truscello). The court got to the right place, but it made the inquiry more byzantine than it should be.

Directory Assistants also argued that discovery was required to determine if Supermedia constituted a "user." Because the court missed all of the Section 230 jurisprudence interpreting "user," the court makes up its own definition, citing the dictionary. The court synthesizes its analysis:

Defendants were users in that they put RipOffReport and other websites into action or service, and availed themselves of and utilized these websites by compiling their posts by copying links to commentary posted on them....The action of compiling information from a website and e-mailing that information to others clearly constitutes use of that website and its services. There are no allegations that Defendants created the posts or altered them. Indeed, the content of the posts was not even contained in the email.

Having reached the sensible conclusion that Section 230 immunized Supermedia for linking to third party content, the court could have (and should have) stopped there. Instead, the court concludes:

there is no authority in the statute or case law that makes a user responsible for the creation or development of posts on a website that is an interactive computer service....Nowhere has Plaintiff pleaded that Defendants actually wrote, created, or developed the allegedly defamatory content. Rather, as alleged in the Complaint, Defendants were downstream users of content created by other people and posted on these websites. Defendants' involvement was passive in nature—compiling links to the posts and sending those links via e-mail. If, on the other hand, Plaintiff had some evidence that Defendants had a hand in creating the allegedly defamatory posts, it may have had a case.

OK, fine, but then...

Congress has granted anonymous posters on these websites a license to libel people and companies because the people and companies who provide the fora for this content, and the subsequent users of it, are immune from common law defamation suits. This license is clearly subject to tremendous abuse, and the Court has serious misgivings about this Circuit's broad interpretation of § 230 immunity. The prospect of blanket immunity for those who intentionally redistribute defamatory statements could have widespread and potentially catastrophic consequences for individuals and entities alike. Nevertheless, under the CDA the Court's hands are tied.

The judge earns points for his candor, and more points for faithfully applying a statute he is troubled by. But he loses points for whining about defamation when it wasn't confirmed that the reviews were actually defamatory, more points for failing to acknowledge the beneficial aspects of this ruling (linking is a net win for society, even if sometimes the linked content isn't credible), and even more points for stating his concerns in unnecessarily hyperbolic terms ("widespread and potentially catastrophic consequences"). Because he got to the right result, I won't take any further points off for the major research gaffe (missing the caselaw interpreting "user") and the apparent statutory misreading that Section 230's immunity depends whether the linked-to site is itself user-generated.

Section 230 immunity for linking to third party sites seems completely obvious and intuitive, yet surprisingly, this is one of only a handful of cases actually reaching that conclusion. The only other two cases I know of (if I've forgotten anything, please email!):

* Shrader v. Biddinger, 2012 WL 976032 (D. Colo. February 17, 2012). Directly on point, and missed in this judge's "research."
* McVey v. Day, 2008 WL 5395214 (Cal. App. Ct. Dec. 23, 2008) (see Sec. B(3)(C)). This case also holds that linking is immunized by Section 230, but not in a very understandable way.

Also, in Parker v. Google, Inc., No. 06-3074 (3d Cir. July 10, 2007), it's not clear if the court is saying that Google's links to third party websites is immunized by Section 230 or just Google's snippets (or both).

Some other cases saying that linking to bad content isn't actionable, even without reference to Section 230:

* In re Gemtronics, Inc., Docket No. 9330, Initial Decision (F.T.C. A.L.J. Sept. 16, 2009)
* Crookes v. Newton, 2011 SCC 47 (Canadian Sup. Ct. 2011)

But compare my post, SEC's Proposed Guidance on Hyperlinking Contravenes 47 USC 230

Posted by Eric at 02:32 PM | Derivative Liability | TrackBack

No Fourth Amendment Violation When Your Facebook "Friend" Shares Profile Information With Law Enforcement--US v. Meregildo

[Post by Venkat Balasubramani]

US v. Meregildo, No. 11 CR 576 (WHP) (S.D.N.Y.; Aug 10, 2012)

Colon moved to suppress evidence seized from his Facebook account pursuant to a warrant. He did not contest the finding of probable cause, but he took issue with the government’s methods used to procure evidence in support of its showing of probable cause. The government used a cooperating witness who was "friends" with Colon on Facebook and who provided Colon's information (pictures or posts?) that supported the warrant application. (Friends is in quotes because obviously this wasn't a very friendly thing to do). Colon argued that the government's procurement of information in this way violated his Fourth Amendment rights.

(As a side note, this may be Colon's Twitter account and Facebook page.)

The court says that there is no Fourth Amendment protection in publicly posted information. On the other hand, if users post content to social networking sites “using more secure privacy settings, [this] reflect[s] the user’s intent to preserve information as private” and may engender Fourth Amendment protection. Colon’s Facebook profile did not fall into the second category. His profile allowed his friends to view a list of all his other friends, “as well as messages and photographs that Colon and others posted to Colon’s profile.” Because the privacy settings allowed Colon’s friends to view materials posted to his Facebook account, the court says there was no Fourth Amendment violation:

Where Facebook privacy settings allow viewership of postings by “friends” the Government may access them through a cooperating witness who is a “friend” without violating the Fourth Amendment…While Colon undoubtedly believed that his Facebook profile would not be shared with law enforcement, he had no justifiable expectation that his “friends” would keep his profile private.

In other words, when Colon posted sketchy stuff to Facebook, he did so at his peril!
__

I’m struggling with what to make of this one. It may be disconcerting to learn that the government can approach your Facebook friends and ask them for incriminating information about you, but that's what cooperating witnesses do. The government does this all the time and there's no reason why they can't do it online just like they do it offline.

The situation may have been different if the government prompted the friending. The court doesn't highlight this, but I think the fact that they were already friends is important. What about if the government just made up a fake Facebook profile and friended Colon? I'm not familiar enough with Fourth Amendment law to know the answers to these questions, but I’m regularly surprised at how far the government can go in obtaining information, even through subterfuge. While there are obviously limits on how far the government can go in "infiltrating" groups, even in this context, courts have given the government plenty of room. At a certain point, these efforts would bump up against the individual's right of association and chill First Amendment activity, but this isn't the easiest case to prove. In any event, those issues were not implicated here.

Of course, there’s the issue of Facebook’s privacy settings. I have long found them confounding and tough to use (tough enough that I deleted my account). Is the court saying here that if you have the default privacy settings on your Facebook profile (i.e., don’t restrict information to certain groups) then, if an informant friends you, there’s no Fourth Amendment bar to the government obtaining this information? The court’s discussion on privacy settings may have been gratuitous. Another way to look at it is that if your privacy settings are such that someone can access material through Facebook, then the government can obviously obtain this information (without a warrant) through whomever can access the information. There's nothing particularly shocking about this.

It's interesting to compare this case to the other cases where privacy settings ended up being relevant to the legal analysis. In the civil discovery context, courts regularly look to the privacy settings on your profile as one part of the question of whether this information can be obtained in discovery (e.g., Zimmerman; Romano v. Steelcase are a few of the many cases in this vein). The issue has come up in the employment context as well, where one court said that shoulder-surfing over a co-worker's shoulder could state a privacy claim (Ehling v. Monmouth Ocean) and another court rejected privacy claims based on an employer disciplining a worker's comments posted to a co-worker's Facebook profile (Sumien v. Careflite). It's worth noting that in the Monmouth case, the court said that there could be a privacy claim where an employer gains access to your Facebook profile through a co-worker, but the government can engage in exactly this conduct (at least there's no Fourth Amendment bar). Finally, in the generic privacy context, Moreno v. Hanford Sentinel is one of the early cases that said that there's no invasion of privacy where someone republishes a MySpace post that was publicly available, even it was disseminated more widely than the initial post.

At the end of the day, this case is yet another illustration that your circle of Facebook friends affects your privacy. This is just restating the obvious, but it seems like it's worth restating.

I guess we should look at the bright side. At least the government ultimately obtained a warrant, and didn’t just send Facebook an administrative subpoena requesting the information.

Other coverage:

Jeff John Roberts: 'Friends' can share your Facebook Profile With the Government, Court Rules
Evan Brown: No Fourth Amendment violation when government looked at Facebook profile using friend’s account
NY Post: Facebook 'gang-banger' outed to feds when 'friend' turns rat
Cyb3rcrim3: Facebook, “Friends” and the 4th Amendment

Posted by Venkat at 11:41 AM | Privacy/Security

August 15, 2012

Six-Month Retrospective of SOPA's Demise [Forbes Cross-Post, A Month Late!] + SOPA/PROTECT-IP/OPEN Linkwrap #3

By Eric Goldman

[This post is composed of three parts. The first part, all 2,700 words of it, is a cross-post from Forbes last month assessing where we stood 6 months after January 18, 2012. Sorry it's taken me so long to repost it. The second part is my third (and possibly final) linkwrap of SOPA/PIPA/OPEN links. I collected most of these links in January and have been slowly accreting more over the past 7 months. As you can imagine, a linkwrap doesn't improve with age. At this point, they are mostly for historical value, but you might enjoy the stroll down memory lane nonetheless. The third part is a comprehensive index of our SOPA-related posts on the blog.]
__________

Part 1: Celebrating (?) the Six-Month Anniversary of SOPA's Demise (Forbes Cross-Post)

Six months ago--January 18, 2012--was a major day in the Internet's history. Some of the most heavily trafficked websites went dark or rallied their users against proposed legislation called the Stop Online Piracy Act (SOPA) and its sister bill the Protect IP Act (PIPA). The resulting outcry effectively killed the legislation that day. But with 6 months of perspective, plus plenty of new developments, it's clear there may not be much to celebrate about the developments of January 18.

What Happened on January 18

January 18 witnessed some unprecedented political developments. In response to massive voter feedback to Congress, a remarkable 19 United States Senators (nearly 20% of all senators) either changed their position on PIPA (from supporting to opposing) or newly announced a position on PIPA by coming out opposed to it. I'm not aware of any other single day in American history when so many senators publicly changed their opinion on a pending bill in response to voter advocacy.

Even more remarkably, this meant consumers had squarely defeated a determined copyright owner lobby led by the MPAA, although they were hardly alone. (Trademark owners also supported the proposals, but they were less visible in the process). For decades, individual consumers have had virtually no voice in American copyright policy. Generally the process has been:

1) Copyright owners give lots of money to members of Congress.

2) Copyright owners then redeem this patronage by getting broad Congressional support for their legislative wish-lists.

3) The technology community, and other repeat-player groups that depend on third party copyrighted materials (like libraries), fight vigorously to make minor changes to the copyright owners' wish-list.

4) Congress passes the lightly modified proposal and then, feel self-satisfied, pats itself on the back for having engaged all of the relevant constituencies in a vigorous multi-stakeholder legislative process.

This cycle has played itself out a few dozen times over the decades, and SOPA/PIPA were well on their way to following this pattern--until January 18.

And then, an upset outcome. David defeated Goliath. The amateur boxer knocked out the undefeated heavyweight boxing champion. Copyright owners had never outright lost a legislative battle they choose to fight. Yet, on January 18, they did. And they lost that battle to consumers--the constituency who isn't even at the bargaining table. In the words of Vizzini from the Princess Bride: "Inconceivable!"

How January 18 Was a Turning Point

The defeat of SOPA/PIPA immediately shook the corridors of power and continues to ripple through policy circles. Two examples:

ACTA's Demise. The Anti-Counterfeiting Trade Agreement (ACTA) is a trade agreement putatively designed to encourage trans-border cooperation to fight counterfeiting. Unfortunately, ACTA did more than that, potentially upsetting existing delicate balances between IP owners and consumers. Worse, ACTA was negotiated virtually entirely out of the public eye. While industry insiders (such as the copyright lobby) had prominent seats at the table, consumers got very limited disclosures of the drafts and no meaningful opportunity to comment on the proposals. Thus, for consumers, ACTA had potentially unacceptable substantive terms and was developed via an unquestionably unacceptable process.

President Obama signed the agreement without getting Congressional approval, despite significant protests. Other countries started signing ACTA. ACTA looked like a fait accompli.

salajean / Shutterstock.com

Then, partially inspired by the SOPA/PIPA protests in the United States, European consumers started protesting ACTA. Their voices were heard. The European Parliament overwhelmingly rejected ACTA, which most likely takes all of Europe out of ACTA--which, in turn, largely moots ACTA. There are still wranglings and shenanigans involving ACTA, so it's too early to declare it dead. Still, the most likely outcome is that European consumers' protests scuttled an otherwise unstoppable international trade agreement on IP issues--just like US consumers derailed SOPA/PIPA. Could SOPA have been the first spark to ignite effective consumer input into future IP policy-making worldwide?

No Legislator Wants to Be "SOPAed." Back in the United States, politicians are walking on eggshells. Multiple Washington DC insiders have told me that no legislator wants to be "SOPAed," presumably a verb for having massive consumer protests melting the legislator's phones. To avoid the risk of being SOPAed, I'm hearing that some legislators are changing their proposals--presumably to tone them down--before they even are introduced. So even without lifting another finger, consumers may be beneficially influencing the legislative process.

How January 18 Didn't Make a Difference at All

For all of that good news, I believe the better analysis is that the events of January 18 made no real difference. Some examples supporting my conclusion:

SOPA's Death = Status Quo. I can imagine some backroom Hollywood strategist shaking his head, thinking to himself/herself, "Those [insert pejorative expletive] shut down the Internet and melted the phone lines in Washington DC, and what did they get? NOTHING." For all of the work that went into the anti-SOPA/PIPA campaign, the reality is that its demise just preserved the status quo. As the maxim goes, it's a lot easier to kill legislation than to get it passed. And it's hardly easy to kill proposed copyright legislation; it took a favorable confluence of multiple things going right just to kill SOPA/PIPA. But in the end, all of that enormous effort didn't change anything.

Congress Is Making the Same Systematic Mistakes. Procedurally, the advocates of SOPA/PIPA made several mistakes. First, the substantive proposals massively overreached. Legislators' fear of being SOPAed reduces the chance that error will recur, at least in the short run.

Second, SOPA/PIPA would have created some serious technical problems that the legislators simply did not understand. In response to this glaring lack of knowledge, Rep. Chaffetz suggested that Congress should "bring in the nerds" to advise Congress on the technical implications of its proposals. Despite that suggestion, Congress continues to regulate the Internet without adequate guidance from "the nerds." For example, despite protests from many expert technologists, the House passed a cyber-security bill (CISPA).

Third, SOPA/PIPA were drafted largely in secret by a few legislators and a coterie of industry lobbyists who have bought access to the legislative process; once this cabal was satisfied, the bills were introduced and then fast-tracked for passage. Yet, amazingly, Rep. Lamar Smith--a key figure in the SOPA battles--announced he was introducing a bill (the IP Attache Act) resurrecting a small part of SOPA after preparing the bill behind closed doors, and then intended to fast-track the bill. (The amount of overlap between SOPA and the IP Attache Act is complicated;this BNA report tries to unpack the issue). As Techdirt's Mike Masnick asked rhetorically, "Dear Lamar Smith & House Judiciary: Have You Learned Nothing from SOPA?" So for all of the whispertalk that legislators are running scared of being SOPAed, at least some legislators still think it's OK to procedurally navigate controversial bills in a way that (deliberately?) suppresses the public's ability to participate in the process.

Plaintiffs Are Getting SOPA's Remedies (or Better) in Court. As I indicated, SOPA/PIPA's demise preserved the status quo--but the status quo isn't so great for consumers. Without any new legislation, IP owners are already getting extraordinary remedies in court that compare favorably to the remedies contemplated by SOPA/PIPA. My co-blogger Venkat Balasubramani and I have cataloged some of these cases. Typically these cases involve foreign defendants who don't show up, meaning that the court only hears one side of the story (the plaintiff's) and basically gives the plaintiffs whatever they ask for. In many cases, this includes court orders that purport to bind third party service providers (who also aren't in court to defend their interests), even though Federal Rules of Civil Procedure Rule 65 doesn't allow judges to tell non-litigants what to do.

In my "favorite" example, involving a Chinese website allegedly selling counterfeit cigarettes, the court ordered Western Union (who wasn't in court and wasn't a defendant) to interdict all money buyers were sending to the website and put it into a special account for an unspecified period of time. In other words, buyers--who may not have realized they were buying counterfeit goods--weren't getting their ordered cigarettes but also weren't getting their money back. Compare an alternative approach, where the court could have told Western Union to reject the payments and simply return the money to the buyers. Without buyers or Western Union appearing in court to defend their interests, the court overly catered to the plaintiffs' interests. So much for due process.

Until judges start pushing back on plaintiff demands in these cases where defendants no-show, and until judges become more circumspect about their ability to reach non-litigants under Rule 65, who needs SOPA/PIPA? IP owners can synthetically achieve the same or better results without a new statute.

The Obama Administration is Implementing SOPA Even Though Congress Didn't Approve It. Even though Congress did not approve SOPA/PIPA, the Obama administration repeatedly has been tone-deaf to consumer concerns about SOPA and its underlying policies. Three examples of the Obama administration's efforts to create SOPA-like outcomes through its executive branch powers:

* Megaupload prosecution. On January 19, the day after SOPA/PIPA melted down and the copyright lobby was publicly grumbling that their years of campaign contributions weren't buying the patronage they expected, the Obama administration's Department of Justice loudly announced the criminal prosecution of a foreign cyberlocker--one of the types of websites that SOPA/PIPA nominally targeted. In effect, copyright owners convinced the US government (at taxpayer expense!) to enforce SOPA-like remedies even without SOPA on the books. Worse, as we've seen in the past 6 months, the Megaupload prosecution is deeply troubled, and the DOJ has not looked good at any step in the prosecution. Personally, I believe that the prosecution was lawless from inception, a point I explained more fully on my blog.

* Domain name seizures. For a couple of years, the Department of Homeland Security's Immigration and Customs Enforcement (ICE) division has been seizing (without any judicial oversight) hundreds and hundreds of domain names it thinks are used for infringing conduct. The bad news: ICE's legal authority for such domain name grabs is dubious at best. (PIPA and SOPA would have codified the government authority for these ex parte domain name seizures). Worse news: ICE has been acting on unverified claims from self-interested copyright owners. We learned, for example, that ICE seized Dajaz1's domain name based on an unverified report from the RIAA; and when ICE asked for supporting verification (after it had already seized the domain name), the RIAA didn't produce anything for an entire year--at which point ICE simply gave Dajaz1 its domain name back, without an apology or an explanation. The worst news: ICE's Dajaz1-related court proceedings were conducted in secret, meaning Dajaz1 could not see the court file or respond to it because, as near as we can, the file sat in a clerk's desk drawer rather than in the normal place where files are stored. Secret judicial proceedings where the defendant has no ability to see the charges or respond to them? That sounds more like a Kafka book than the country I know and love.

* "Voluntary" industry initiatives. Obama's "IP Czar," Victoria Espinel, has been actively negotiating "voluntary" industry agreements that replicate some of SOPA's key features.

First, Espinel helped broker a "voluntary" agreement where Internet access providers agreed to implement a "graduated response" program. Effectively, the access providers will build a system to process copyright owners' claims (which usually will be automatically generated) of copyright infringement via peer-to-peer file sharing. Each notice against a user will count as a "strike." When users get too many strikes, the Internet access provider will progressively subject the user to more stringent discipline, including potentially terminating the user's Internet access account completely. Users can protest the strikes, but only via a kangaroo court which is not designed to let users win. Corynne McSherry and I previously explained the anti-consumer aspects of the graduated response deal.

The fact that Internet access providers agreed to this deal is fascinating. They were already legally immunized from copyright infringement liability for users' conduct in 17 U.S.C. Sec. 512(a); they agreed to implement a technical system at a not-inconsiderable expense to them; and the ultimate remedy of firing their customers will cost them money too. One has to wonder just how hard the Obama administration leaned on Internet access providers to do something so clearly contrary to their interests; and one further has to wonder why the Obama administration would favor something designed to stack the deck against consumers. Perhaps not including adequate consumer representation at the table had something to do with that.

Second, Espinel brokered a deal where advertiser and ad agency industry groups "voluntarily" encouraged their members to adopt policies against displaying ads on websites that facilitate infringement--another key component of SOPA. This was a little easier sale than the graduated response deal. One of the recommended policy terms is that advertisers shouldn't pay publishers who run their ads alongside infringing content. Well, naturally, the advertisers weren't opposed to anything that would let them get advertising they don't have to pay for. More troubling is the apparent intent to develop a blacklist of allegedly infringing websites that advertisers should cut off. It remains to be seen if the private blacklist will offer an appropriate level of public accountability, transparency and due process.

In a related development, Espinel is also pressuring Yahoo, Google, AOL, and Microsoft to cut off allegedly infringing websites from their ad networks.

The graduated response system hasn't come online yet, and it remains to be seen just how vigorously advertisers will undertake their implied promise to police publishers who are engaged in infringing activity. So it's not clear if these government-brokered voluntary agreements will amount to much. But the fact that the Obama administration is going around to industry groups asking them to do what SOPA would have required or coerced them to do is a good sign that the Obama administration plans to implement SOPA if Congress won't.

One more data point showing that the Obama administration hasn't internalized the messages of January 18. Its trade reps, especially US Trade Representative Ron Kirk, have mishandled the latest trade agreement negotiations for the Trans-Pacific Partnership (TPP), committing the same sins that poisoned ACTA. Just like ACTA, all of the negotiations have taken place in backrooms, with no consumer representation but plenty of industry lobbyists around the table. Furthermore, the process has been not transparent at all (despite Kirk's twisted insistence otherwise, using a "day is night" definition of transparency). Drafts have not been made available to the public, so outsiders can only speculate what's even being discussed. As the EFF asked, "Is the TPP--Framed as a '21st Century Agreement'--the Best Way to Build a 21st Century Society?" More than anything, January 18 was about consumers rejecting backroom policy-making designed to bypass democratic governance. Yet, that's exactly what the Obama administration keeps doing, over and over again.

Conclusion

Franklin D. Roosevelt once said:

[L]et us never forget that government is ourselves and not an alien power over us. The ultimate rulers of our democracy are not a President and Senators and Congressmen and Government officials but the voters of this country.

For one day, on January 18, we reminded our government of this fact. But the burden is on us--the voters--to make our voices heard again and again. One day isn't enough. If you don't like what you see from the system we have, you do have the power--and, I would argue, the responsibility--to remind your elected officials of your displeasure. In response to my unhappiness with some of my elected representatives' stances on SOPA and copyright issues, I've changed my votes in June--and my vote for President is up-for-grabs in November based in part on the candidates' stances on IP (an especially salient issue given how many times the Obama administration has sold out consumers on IP issues). If you believe the system needs fixing, I hope you'll send that message to the folks who are supposed to be working for you.

If You Want More

In April, I gave a talk that amplifies these themes. Watch the 75 minute video. The associated PowerPoint slides.

UPDATE: In July, I gave another version of the talk at a bar association event in Wisconsin. Stream or download.
__________

Part 2: Linkwrap

Problems with SOPA/PIPA

* Pinterest is a good example of an important new start-up that would never survive under SOPA/PIPA because a single copyright owner could shut down its service providers. (FWIW, Pintererst is also a good example of how the social networking space remains dynamic and competitive despite Facebook’s headstart).

* Techdirt: Website Censored By Feds Takes Up Lamar Smith's Challenge: Here's Your 'Hypothetical'

* Sen. Wyden: "If members of Congress better understood the central role that the Internet plays in their constituents’ lives – the hub through which Americans work, communicate, share, learn, create and enjoy entertainment – they would understand why their constituents fought so hard to protect it."

* Jack Balkin explains the freedom-of-speech problems with SOPA

* Gartner: Collective Punishment: SOPA and Protect-IP are Threats to NSTIC and Federated Identity

* Techdirt: The Sky is Rising.

What Happened and Lessons Learned

* Eriq Gardner: Why Hollywood Is Losing the Public Relations War on Piracy. He cites three mistakes:

Mistake #1: Much of the legislation was negotiated behind closed doors.
Mistake #2: The legislation has been defended on broad generalities and dubious statistics.
Mistake #3: Hollywood has ceded the high ground on being an innovator and defender of speech.

* The Wrap: Sunk! How Hollywood Lost the PR Battle Over SOPA

* Talking Points Memo: a timeline of how the opposition against SOPA/PIPA succeeded

* Hollywood Reporter: The SOPA War: A Frantic Call, an Aborted Summit, and Dramatic New Details on How Hollywood Lost

* News.com: How Republican opposition derailed SOPA and Protect IP

* EFF recaps some of the consequences of January 18, the Great Internet Blackout, a historical day in many ways.

* Larry Downes: Who Really Stopped SOPA, and Why?:

to imagine that the millions of Internet users who took to the virtual streets over the last few months were simply responding to the clarion call of technology companies misses the real point–dangerously so....The bitroots movement wasn’t led by Google. It wasn’t led by anyone. Even to look for its leaders is to miss the point.... it’s already clear that the losers in the PIPA/SOPA fight have learned nothing from the profound activation of Internet users....The only place to really engage your new adversaries is where the live—online, in chat rooms and user forums and social networks, on Twitter and Facebook and Tumblr and Reddit and whatever comes next. If you want to understand what went so horribly wrong with your business-as-usual efforts, you’ll need to take up residence in the digital realm and learn its new rules of engagement.

* Macworld: Who was really behind the SOPA protests?

* HBR: The Real SOPA Battle: Innovators vs. Goliath

* Yochai Benkler: Seven Lessons from SOPA/PIPA/Megaupload and Four Proposals on Where We Go From Here

* Lesley Harris' lessons from the SOPA experience:

1) the online revolt against SOPA and PIPA was not a command and control operation
2) The dramatic online mobilization carries lasting implications for Internet policy.
3) A more cautious approach requires a more open process.
4) Ignorance about how the Internet works is no longer an option. [Eric's comments: I miss the Office of Technology Assessment]
5) Overreaching Internet related legislation is no longer a successful strategy.
6) The Internet community is borderless, and the whole world will be watching.

* Guardian: The online copyright war: the day the internet hit back at big media

* Chris Dodd of MPAA talks about his lessons learned--none of which involve actually improving the products and services offered to consumers.

* Hollywood Reporter: Sundance 2012: MPAA's Chris Dodd Calls Piracy Defeat a 'Watershed Event'

* NY Times: Hollywood is running scared. Snippets:
- “The grass roots they can generate is, frankly, concerning,” Cary Sherman, chairman and chief executive of the Recording Industry Association of America, said of the Internet community.
- the Web’s anti-SOPA message is “sexier” than the facts offered up by Hollywood.
- “Downloading stuff on the Internet for free is cool,” said a person close to Viacom, who spoke on the condition of anonymity so as not to jeopardize his relationship with the company. “Our message isn’t cool.”

Related: Politico: Hollywood to make over piracy message for D.C.

* Nice post by Sen. McCaskill about rethinking PIPA.

Related: A politician actually read the law professor letter against PIPA (which 100 law professors, including me, signed)--and was actually persuaded!

Other Angles

* Content owners are cutting off their donations to Obama over SOPA/PIPA. One Hollywood insider said "he and his fellow moguls won’t give any more money if they keep getting taken for granted," i.e., if Obama takes the money and doesn't deliver the results Hollywood demands.

Related: MPAA's Dodd threatens Obama's financial support due to SOPA. But where can Hollywood turn? All of the Republican presidential candidates opposed SOPA too. It must be unsettling for Hollywood to feel like it has no friends in Washington DC. Now they know how we've felt for decades!

* What reaches more people: a Wikipedia blackout, or a tweet from Kim Kardashian?

* EFF: Dear Hollywood: An Open Letter to the Hardworking Men and Women in the Entertainment Industries

* NY Times: On TV, Antipiracy Coverage May Include a Disclosure

* Hollywood is apparently telling DC lobby firms to drop Facebook as a client.

* In realpolitik terms, the OPEN Act is also dead.

What’s Next

* David Post on SOPA and the future.

* Eriq Gardner: SOPA Defeat Is Not the End Of Hollywood's Ramped-Up Fight Against Piracy

Related: Crazy Cary Sherman NYT Editorial on SOPA. Techdirt response. Ars Technica response.

Also related: Boing Boing on Hollywood's unwillingness to let SOPA go.

More related: Hollywood Reporter: MPAA Chief Christopher Dodd Says SOPA War Isn't Over

* EFF: No more back room deals -- Users must have a voice in governing the Internet.

My take: it's not enough to bring the tech companies to the negotiating table (although that must happen too). Tech companies might inadvertently advance the interests of the Internet user community, but at best that's a happy coincidence. Policymakers need to hear from Internet users--the ones whose content will be removed; or the legitimate Megaupload users who had their data destroyed as a collateral damage of clumsily seizing the assets of a tech company.

* Ars Technica previews the rightsowners' policy wishlist. The only thing missing is a new pony. "Despite a reputation for working in smoke-filled rooms, rightsholders have generally been quite upfront about their enforcement goals. For a few years it involved suing everyone in sight, then it moved to graduated response, and now it means roping in all key Internet players."

* Mark McKenna: Don’t Stop at SOPA

* News.com: White House calls for new law targeting 'offshore' Web sites

* Techdirt: Congress Keeps Pushing Bad Copyright Bills: Senator Stabenow Wants To Expand Treasury/ICE To Go After 'Pirates'

* Reuters: "the Justice Department asked Congress for $5 million to hire 14 new employees, including nine attorneys, to focus on intellectual property crimes"

* Wired: Uncle Sam: If It Ends in .Com, It’s .Seizable

* Operation in Our Sites strikes again, this type cracking down on sites to stream the Super Bowl.

* ICANN: “Thought Paper on Domain Seizures and Takedowns”

* Press release: "ANA, 4A’s Provide Best Practices to Prevent Marketers’ Ads from Appearing on ‘Rogue’ Sites that Infringe Intellectual Property Rights." More: "Addressing online piracy and counterfeiting has been a strong priority for both the White House Office of the Intellectual Property Enforcement Coordinator (IPEC) and the Congressional International Anti-Piracy Caucus. They have urged ANA, the 4A’s, IAB and other industry groups to play an active role in this fight"

Adweek discusses efforts to build a private blacklist that could also be used by domain name registrars and payment service providers. Is that better, or worse, than a government-operated blacklist???

More on this point: Some ad networks plan to use technology to block ads from showing up on sites dedicated to infringement.

* News.com: White House pressures AOL, Google over pirate sites

* Ars Technica: Did the Secret Service take down JotForm because of a user-generated form? Techdirt’s coverage.

__________

Part 3: Index of Prior Posts

* Can Korean Copyright Owners Sue Australian Defendants in California? Judges Disagree--DFSB Kollective v. Bourne
* Trademark Trolling by SEO Consultant Provides Cautionary Anti-SOPA Tale (and Other Lessons)--Premier Pool Management v. Lusk
* Hermès Obtains (Ex Parte) $100M Award Against Alleged Counterfeiters--Hermès v. Does
* Comments on the Megaupload Prosecution (a Long-Delayed Linkwrap)
* Egregious/Overreaching Ex Parte Orders for Rightsowners Keep Coming -- Deckers and Richemont
* SOPA/PROTECT-IP/OPEN Linkwrap #2
* More on Ex Parte Cutoffs of Foreign "Rogue" Domain Names
* Does the House Judiciary Committee Debating SOPA Know What's Going On In the Courts?--Philip Morris v. Jiang
* If You Dislike SOPA, You'll Dislike This Case Too--True Religion v. Xiaokang Lei
* The OPEN Act: Significantly Flawed But More Salvageable Than SOPA/PROTECT-IP
* I Don't Heart SOPA or PROTECT-IP: A Linkwrap
* Ad Network Avoids Contributory Copyright Infringement for Serving Ads to a Rogue Website--Elsevier v. Chitika
* Court OKs Private Seizure of Domain Names Which Allegedly Sold Counterfeit Goods--Chanel, Inc. v. Does
* Why I Oppose the Stop Online Piracy Act (SOPA)/E-PARASITES Act

Posted by Eric at 12:53 PM | Copyright , Derivative Liability , Trademark | TrackBack

August 14, 2012

No Liability for Takedown Notice that Results in Termination of Facebook Page -- Lown Cos. v. Piggy Paint

[Post by Venkat Balasubramani, with comments from Eric]

Lown Companies v. Piggy Paint, LLC, 1:11-cv-911 (W.D. Mich.; Aug. 9, 2012)

Lown and Piggy Paint are squabbling over “piggy paint” trademarks. Lown has a registration for “PIGGY POLISH,” and alleges that defendants’ “PIGGY PAINT NATURAL AS MUD” brand infringes on Lown’s mark. The court doesn’t explain the reasons for this, but the marks in question are for nail polish products. Pigs and nail polish don’t have a natural association in my mind from a branding standpoint, but I’m no branding expert. [Eric's observation: I'm not sure Venkat is an expert in nail polish, either.]

In response to the trademark infringement claims asserted by Lown, Piggy Paint asserted counterclaims based on Lown’s complaint to Facebook that apparently resulted in the “removal” of Piggy Paint’s Facebook page. Interestingly, Piggy Paint’s Facebook page had some 19,000 fans. The court describes Lown’s complaint as having requested removal of Piggy Paint’s page on the grounds of “copyright infringement.”

Tortious Interference: The court says that Piggy Paint’s counterclaim allegations do not state a tortious interference claim:

Piggy Paint has not shown any valid business expectancy. Although Piggy Paint alleges that it had 19,000 fans of the page, Piggy Paint has not and cannot show that the removal of the facebook page – which did not offer any means of placing orders or doing business – resulted in the loss of any business.

The court also says that there’s no malice on the part of Lown because it acted with “a desire to protect its own mark.”

Conversion: The court also says that there’s no conversion claim. Piggy Paint’s conversion argument was convoluted, and based on the theory that Lown wrongfully “exercised control over [Piggy Paint’s] mark . . . by removing [Piggy Paint’s] page from Facebook.” The obvious problem with this argument is that Facebook and not Lown was the one who removed the page.
__

Not to belittle the products or brands involved, but how in the heck did Piggy Paint amass 19,000 Facebook fans? Anyway, this dispute is a great reminder that brand pages and anything similar on a third party platform are not assets you should ever (ever) bank on. (Twitter caused a media dustup when it suspended then reinstated the account of a British reporter based on a complaint from NBC.) Facebook has its own processes for when and how it responds to complaints, but regardless of whether its reaction was over protective or under protective of rights, it is insulated and can’t be held liable. (See the Complexions case, among others.)

It’s not easy to hold the party who sends the takedown notice liable, either. The court rightly treats the Facebook page as something that doesn’t support a tortious interference claim. The Phonedog case, which is still pending, came to a different conclusion, although the facts were slightly different and the case dealt with Twitter followers. (A part of the ongoing struggle in the courts as to how to treat social media assets. See also Eagle v. Morgan, Maremont v. SF Design Group, and the OMGFacts case.)

Interestingly, the court notes that Lown sent a "copyright" takedown notice. This raises the question of whether Piggy Paint could have asserted a claim under Section 512(f) for sending a wrongful takedown notice. Even assuming that Piggy Paint could have argued that the takedown notice should be covered under Section 512(f), given the high bar for liability under Section 512(f), a mistaken takedown notice would be unlikely to support liability.

In any event, damages would likely be difficult to prove, and plaintiffs don't often win these types of cases. See the Ground Zero museum case, the Pandora jewelry case, among others linked below. Ordonez v. Icon Sky is a rare case where damages were awarded for a takedown request that disrupted someone's web presence. This case and Ordonez may have reached different results because this case was contested and did not involve a default judgment. Another possibility is that the judge gave short shrift to the potential for commerce on a Facebook "fan" page as opposed to a more traditional web presence; or that the Ordonez case involved a model, whose web presence would ostensibly be more important to booking gigs and generating revenue. Either way, this case's result is probably in the mainstream and the Ordonez result seems like an outlier regarding damages for disruption of a web presence.

Other coverage:

Tom O'Toole: Court Says Facebook 'Fans' Don't Translate Into Protected Expectation of Business

Eric's Comments

This is a breezy opinion that isn't likely to persuade other judges. However, the core ruling on the tortious interference claim goes right to the heart of the battle over social media accounts. As Venkat notes, the judge says:

Although Piggy Paint alleges that it had 19,000 "fans" of the page, Piggy Paint has not and cannot show that the removal of the facebook page — which did not offer any means of placing orders or doing business — resulted in the loss of any business

Let's assume this is true and Piggy Paint can't prove any actual lost sales from the page's takedown. Even so, the Facebook page was clearly a major part of Piggy Paint's relationship with its customer base, and the page takedown unquestionably disrupts that relationship and Piggy Paint's ability to keep in touch with its audience. At minimum, the judge was quite tone-deaf to the practical implications of this page's takedown. But if disrupting a communication channel between a business and its fans isn't a legal problem, then a lot of the other social media account battles should fail as well. For example, this thinking moots the Phonedog case because the continued patronage of the account's followers is the only real asset at issue.

Venkat is also right that businesses are constantly at peril that their cyberspace presence on third party websites will simply vanish. For more on this, see my article on 47 USC 230(c)(2) and online account termination. In particular, I'm nervous about all of the businesses heavily investing in their Facebook pages. Don't go crying to the lawyers if those pages go POOF.

Posted by Venkat at 10:51 AM | Copyright , Derivative Liability , E-Commerce , Licensing/Contracts , Trademark

Bank Might Bear Loss for Fraudulent Money Transfers Initiated From Its Website--Patco v Ocean Bank (Catch-Up Post)

By Blogging Assistant Jake McGowan (with Venkat's supervision), with a comment from Eric

Patco v. Ocean Bank, 11-2031 (1st Cir. July 3, 2012)

When a scammer siphons money from a customer's online bank account, should the bank or the customer bear the loss? Last year, we blogged about a pair of cases that considered this question and came to differing conclusions, albeit under slightly different portions of the Uniform Commercial Code.

Article 4A of the UCC states that the risk of loss falls on the banks by default, but banks can shift it back to the customer in two ways: (1) by showing the commercial reasonableness of the security procedures it offered, or (2) by showing that the payment was approved in good faith and in compliance with security procedures agreed to by the customer.

In Experi-Metal v. Comerica Bank, a district court in Michigan focused on whether the bank accepted suspicious transfers “in good faith.” The court sided with the customer, finding that Comerica did not act in good faith since it approved the fraudulent wire transfers despite several warning signs. In contrast, in the lower court opinion in Patco v. Ocean Bank, a district court in Maine focused on the other portion of Article 4A: whether the bank’s security procedures were “commercially reasonable.” That district court sided with Ocean Bank, ruling that the security procedures in question were commercially reasonable and thus insulated the bank from liability. Patco appealed the adverse ruling against it.

On July 3, the First Circuit reversed the district court decision and ruled in favor of Patco, holding that Ocean Bank’s online fraud security measures were not “commercially reasonable” under the UCC as codified under Maine law. The court, however, did leave room for Ocean Bank to argue that Patco might have been partially responsible for the loss.

After the First Circuit’s ruling, both this and the Experi-Metal decisions place the risk of loss (or in Patco’s case, proving the adequacy of security measures) on the bank. Still, questions linger how and when banks may successfully shift the risk of loss back to the customer.

Background

Patco was a small business that maintained a business account with Ocean Bank’s predecessor. Ocean Bank (and its predecessor, who Ocean Bank acquired during the time period at issue) used a “Premium” multifactor authentication scheme devised by Jack Henry & Associates to protect customer funds from ACH fraud. Along with passwords and device-specific cookies, Ocean Bank utilized “challenge questions” created by the customer as a last line of defense. The questions could be triggered by transactions with high-risk profiles (e.g., unusual IP address or unusual time of withdrawal) or by a transaction exceeding a specified dollar amount. Ocean Bank controlled what types of transactions would trigger additional security measures.

The ACH fraud that resulted in loss of the funds occurred after the bank decided to lower the dollar amount triggering the extra security steps from $100,000.00 to $1.00, meaning all Patco transactions triggered the “challenge questions” line of defense against ACH fraud. This increased the challenge questions’ vulnerability to key-logging malware, and thus diluted its protective qualities. As Venkat explained in his initial post on this case, the wrongdoers gained access to the account by installing malware on Patco’s computers. The key question was whether the security measures employed by the bank were commercially reasonable.

The First Circuit’s Ruling

“Commercial Reasonableness” and the One-Size-Fits-All Approach

The First Circuit found that the bank’s security procedures must take into account “the circumstances of the customer” known to the bank. In this case, Ocean Bank did not comply with this mandate because it lowered the challenge question dollar-amount trigger to $1.00. The bank claimed that it lowered the amount to combat low-dollar fraud, but the Court didn’t see that as a valid excuse. Patco’s transfers were typically much larger, so the one-size-fits-all approach would have violated the “circumstances of the customer” requirement anyway.

Ocean Bank also tried to satisfy the requirement by trotting out its risk-profiling procedure, which provides a numeric score based on the risk of fraud associated with the circumstances of a particular transaction. But the court quickly dismissed this line of reasoning, pointing out that Ocean Bank failed to act upon the unusually high-risk profile scores for the specific fraudulent transactions in question.

Further, the Court went on to suggest that compliance with federal security guidelines would not necessarily qualify the procedures as “commercially reasonable.” While Ocean Bank’s multifactor authentication scheme complied with federal guidelines, its one-size-fits-all security measures were ineffective for Patco, and therefore were not commercially reasonable. In other words, the scheme has to be geared to work for the particular customer.

Together, these passages raise the already high standard set for “commercially reasonable,” and make it harder for banks to shift the risk of loss in ACH fraud cases.

Customers’ Responsibilities in a “Commercially Unreasonable” Security System

While the court held that Ocean Bank could not prove that its security measures were commercially reasonable—and in fact the court said they were unreasonable—the decision also noted that Patco (the customer) might bear some blame for the loss: “Article 4A does not appear to be a one-way street. Commercial customers have obligations and responsibilities as well[.]” The Court stopped short of stating what those responsibilities might look like, and left those questions for development on remand.

From the perspective of the banks, this passage in the Patco ruling may be a sign that they lost a battle but can win the war. Arguably the most important feature of this decision is that it opens the door for an analysis of the customer's security obligations, even where the bank's security system is “commercially unreasonable.” It is unclear how the court will handle such an analysis; an egregious example of employee negligence regarding passwords or challenge questions may shift liability entirely. For example, even though Ocean Bank’s system was “commercially unreasonable,” Patco may have been partially liable for the breach if its carelessness with a password or user ID led to the breach.

On the other hand, a breach of such an obligation might just be a way for banks to mitigate damages, in a contributory negligence style of defense. Until this question is fleshed out in further decisions, it will be too early for either customers or banks to point to this decision as an emphatic victory.

Two other notes: We’ve blogged ad nauseam about data breach plaintiffs who get kicked out of court for lack of standing (not being able to prove harm). This is an easy standing case for the plaintiff for the simple reason that it suffered out-of-pocket loss. It’s also worth pointing out that the risk of loss rules here apply to commercial accounts. As the court footnotes, Reg Z governs consumer accounts (consumers can more easily shift much of the loss to the bank by default). A final question that remains is whether the bank (or more likely insurance company) can go after the security consultant for its own role in advising the bank regarding its security measures—is “premium” protection a guarantee of commercial reasonableness?

As always, both banks and customers should educate themselves of the latest phishing tactics and try to minimize the potential of ACH fraud. It’s nearly impossible to legislate security. In the same vein, an off-the-shelf anti-fraud prevention program will not necessarily protect you against the type of fraud that occurred in this scenario.
_____

Eric's Comment

Neither litigant looks great in this dispute. Patco allegedly got malwared with a keystroke logger, and now it may be trying to foist the economic consequences of that hack onto the bank. On the other hand, the bank is throwing its customer under the bus, even though the bank transferred money when its own security procedures had flagged a problem. As Jake points out, the consumer rules in these circumstances are more favorable. Otherwise, this case would be incredibly chilling for consumer online banking. Even so, I could see Ocean Bank's corporate customers questioning their banking relationship given Ocean Bank's corner-cutting on security, its security procedure failure and its willingness to fight its customer over losses that the bank could have prevented.

Posted by Venkat at 09:23 AM | E-Commerce , Licensing/Contracts , Privacy/Security

Introducing Blogging Assistant Jake McGowan, and Another Request for Help

By Eric Goldman

As I recently mentioned, I am also blogging at my Forbes blog, Tertium Quid. To help balance out some of this blog's workload, I'm pleased to introduce the Technology & Marketing Law Blog's first-ever blogging assistant, Jake McGowan, a 2L at Santa Clara University School of Law. I've had students post on the blog from time to time, but this will be a more involved relationship that, I hope, will run at least for the next 18 months or so. Jake will be contributing content under his own byline, he'll be helping Venkat and I prepare posts, and he'll be working on some of the site's technological underpinnings and user interface.

(Side note: if you are an employer looking to hire someone I've personally vetted and trained, you might want to act fast with Jake before your competition takes him off the market).

With Jake on the team, I'm ready to tackle the long-deferred project of upgrading the blog's technology. The blog's technology hasn't changed very much since a Marquette Law student built it in 2004, and its age definitely shows. I can't promise any changes yet, but I can say that the chances for improvement have never been greater.

Now, the REQUEST FOR HELP! As part of these possible technological changes, I would like to rename the blog. I trust the need for a blog rebranding is self-evident. So, here's how you can help: can you suggest the blog's new name? Please email me with your suggestions. We might not pick any reader suggestions, but if we do, the suggester will (in addition to earning massive good karma) get a special and highly coveted thank-you gift from my private Slinky stash. Thanks in advance for any help you can provide.

Posted by Eric at 09:16 AM | General | TrackBack

August 13, 2012

Request for Help: Fill Out a Short Survey on Entrepreneurs' Handling of Patent Demands

By Eric Goldman

While we may have some voyeuristic fun watching a high-profile patent trial like Apple v. Samsung, patent litigation isn't always a "sport of kings." To shed some light on these less-publicized aspects of patent enforcement, my colleague Colleen Chien [follow her at Twitter!] is conducting a survey about how small companies deal with demands by patent holders. If you work at a startup or small company, I would be so grateful if you would fill out this survey (or ask the person in your company handling patent demands to do so). Even if your company has not (yet) received a patent demand, your feedback would help. The survey is quick (2-15 minutes), and individual responses will be kept confidential unless you say otherwise. Colleen will publish the results, and I expect her report will improve the patent policy-making discussions based on what's taking place in the patent enforcement world outside the media glare. Thanks in advance for your help.

Posted by Eric at 03:18 PM | Patents | TrackBack

Court Declines to Dismiss Video Privacy Protection Act Claims against Hulu

[Post by Venkat Balasubramani]

In re Hulu Privacy Litigation, C 11-03764 LB (N.D. Cal.; Aug. 10, 2012)

Hulu is facing a putative class action alleging that Hulu improperly disclosed the video viewing choices of its users without obtaining consent. Hulu initially argued that plaintiffs lacked standing. Relying on the Ninth Circuit’s decision in First American Fin’l Corp. v. Edwards, the court said that alleging a violation of a federal statute was sufficient to satisfy Article III standing. Now the court looks at whether the allegations state a claim for 12(b)(6) purposes.

Is Hulu a “video tape service provider”? The VPPA only covers the rental, sale, or delivery of “prerecorded video cassette tapes or similar audiovisual materials.” Hulu argued that this language does not cover online providers. The court disagrees. The court looks to the language of the statute and finds that the phrase “similar audiovisual materials” focuses on the content, not the means of content delivery. While the dictionary definition of the word “material” is inconclusive, and everyone agrees that online delivery wasn’t around when the VPPA was enacted, the court looks to the legislative intent:

Congress was concerned with protecting the confidentiality of private information about viewing preferences regardless of the business model or media format involved. The question is whether the mechanism of delivery here – streaming versus bricks-and-mortar delivery – ends this case at the pleading stage. . . . Given Congress’s concern with protecting consumers’ privacy in an evolving technological world, the court rejects [Hulu’s] argument [that it’s not covered by the statute because the statute does not cover digital distribution].

Other defenses: Hulu raised two other defenses, neither of which the court buys, at least at the 12(b)(6) stage. First, Hulu says that its disclosures fall within the VPPA’s “ordinary course of business” exception. The statute defines ordinary course of business to include “debt collection activities, order fulfillment, request processing, and the transfer of ownership.” Hulu’s disclosures (to Facebook, Doubleclick, QuantCast, Google Analytics, and ScoreCard) do not clearly fall under this definition. No dismissal at the pleading stage based on this defense.

Second, Hulu argued that plaintiffs were not “consumers” as defined by the VPPA. The statute defines consumers as “any renter, purchaser, or subscriber,” and since the proposed class did not involve paying Hulu customers, Hulu argued that they were not consumers. The court disagrees with Hulu, saying that “[i]f Congress wanted to limit the word ‘subscriber’ to ‘paid subscriber,’ it would have said so.”

The VPPA has spawned a lot of litigation recently! Facebook’s ill-fated beacon initiative was the first target, but since then, Netflix, Redbox, and Hulu have all been ensnared in VPPA class actions. Interestingly, someone mentioned that books were initially proposed to be part of the VPPA, but at the FBI’s request, were carved out. [Eric's note: books are now covered in California under the Reader Privacy Act.]

To my knowledge, two of the three issues decided in this ruling have not been previously dealt with: (1) does the VPPA apply to purely online service providers, and (2) does it cover non-paying customers. The court could have probably gone either way on this, and the court's conclusion takes the privacy-friendly approach. As interpreted in this manner, the VPPA applies to a wide range of sites, from YouTube to Vimeo. The scope of the proposed class also shows the reach of the VPPA as construed in this manner. The proposed class encompasses people who visited Hulu.com between March 4, 2011 and July 28, 2011 and who viewed video content. Hulu didn’t actually provide a list to third parties of what videos these individuals viewed. It used certain cookies that respawned and were difficult to delete, and disclosed unique identifiers (e.g., Facebook IDs & Hulu profile identifiers). It’s tough to argue based on the allegations in the complaint that Hulu was guilty of some sort of knowing malfeasance. It used a third party ad network that allegedly engaged in aggressive tracking practices and as a result Hulu is potentially on hook for damages under the VPPA.

I’m somewhat surprised to not see any discussion of the Hulu terms of use. I would expect that, if I register on a free website to view videos, my viewing habits would at a minimum be used for ad targeting. As to why this and more was not disclosed and assented to in the terms of service is a mystery to me. I guess some interpret the VPPA to require consent on a movie-by-movie basis and something other than a term of use-based consent. See this post by Wendy Davis that mentions possible amendments to the VPPA that would tweak these to make sharing easier.

Other coverage:

ReadWriteWeb (Nancy Scola): The Hulu Dilemma: How Private is Your Video Playlist?
Forbes (Kash Hill): Court Case Spells Trouble for Frictionless Sharing of Videos on Facebook

Related posts:

Posted by Venkat at 08:43 AM | E-Commerce , Licensing/Contracts , Marketing , Privacy/Security

August 12, 2012

Using Links as Citations Helps Gizmodo Defeat a Defamation Claim--Redmond v. Gawker Media

By Eric Goldman

Redmond v. Gawker Media LLC, 2012 WL 3243507 (Cal. App. Ct. August 10, 2012)

Gizmodo.com published an article, Smoke & Mirrors: The Greatest Scam in Tech, about Redmond's venture, Peep Telephony. In addition to using the word "scam" in the title, the article had lots of denigrating things to say about Peep and about Redmond's prior initiatives. (The opinion lays out the beefs, although some of the hot spots are apparent from a quick review of the initial article). Gizmodo subsequently published Redmond's rebuttals. Later, Redmond apparently decided the rebuttal wasn't enough and asked Gizmodo to remove both articles, which Gizmodo declined to do. Redmond then sued Gizmodo's parent Gawker Media for defamation. The court dismisses the case on anti-SLAPP grounds, and that means Redmond will owe a check to Gawker for his lawsuit.

The court has no problem finding that Peep Telephony's activities were a matter of public interest, as Peep Telephony had received some high-profile coverage from technology reporters before Gizmodo's story, and Redmond apparently had been trying to stir up press coverage in advance of the 2011 CES conference. The court summarizes that the "Gizmodo article was a warning to a segment of the public—consumers and investors in the tech community—that Redmond‘s claims about his latest technology were not credible."

The court also says that Redmond's beefs relate to statements of opinion, not fact. The court notes that the word "scam" as not a factual assertion (a dicey outcome), the article was written in a "casual" and "sarcastic" first-person style ("the article‘s general tenor and language would give a reasonable reader the impression the authors were expressing subjective opinions, not reporting facts"), and the article used weasel words, such as "seems," "arguably," "looks like," etc., to qualify key fact-like assertions.

The most interesting part of the opinion is where the court talks about the article's "transparency." The court says (emphasis added):

The sources upon which the authors rely for their conclusions are specified, and the article incorporates active links to many of the original sources—mainly Web sites and promotional material created and maintained by Redmond and his ventures....Having ready access to the same facts as the authors, readers were put in a position to draw their own conclusions about Redmond and his ventures and technologies....Statements are generally considered to be nonactionable opinion when the facts supporting the opinion are disclosed.

This is true, of course, but a point often lost when defamation plaintiffs are breathing fire. A properly-cited article, filled with hyperlinks to original source materials, should be extra-resistant to defamation claims--even if written with typical blogger snark. Readers can easily inspect the source materials themselves and make their own judgments about the article's veracity. Thus, either the citations provide proper factual support for the article's opinion, or the links should eliminate any problems with the author's knowledge (where that matters to the prima facie defamation claim, which would have been the situation here). Either way, the defamation claim should fail, as it did here.

So this decision is a great ruling for bloggers. Unfortunately, it's unpublished (like far too many California appellate court opinions), which limits its precedential effect. To fix this, my RA and I are planning to request that the court publish it. Even if it remains unpublished, perhaps the ultimate takeaway--that defamation claims against well-cited blog posts will be quickly dismissed by anti-SLAPP laws and lead to the plaintiff paying money to the defense--will help dissuade similar lawsuits nonetheless. Especially in a situation like this, where the potential plaintiff already had gotten an on-the-spot rebuttal, suing over a blog post like Gizmodo's rarely makes sense.

Posted by Eric at 08:30 AM | Content Regulation | TrackBack

August 11, 2012

Breastfeeding Mom Can Sue Video Producer Despite Signing a Blanket Release--Sahoury v. Meredith

By Eric Goldman

Sahoury v. Meredith Corp., 2:11-cv-05180-KSH-PS (D. N.J. Aug. 2, 2012)

Sahoury consented to being video-recorded while breastfeeding for inclusion in an instructional video. She claims that the video producers orally agreed to two conditions: (1) the instructional video would only be shown on cable TV and the Parents magazine website, and (2) the video would not reveal the full name of Sahoury or her baby. However, she signed a blanket written release that didn't reference either promise. She says the release was presented to her after the taping, as she was in a rush to leave. Sahoury alleges that the producers broke both oral promises by posting the video to YouTube with her full name. She then alleges that rogue actors downloaded the video from YouTube and spliced the video of her breastfeeding into pornographic videos featuring a model who looked like her; and the rogue video referenced her full name and was distributed widely, ruining her vanity search results. To combat this, she hired a reputation management service.

Frustrated by the video producers' lack of pursuit against this rogue distribution, Sahoury sued the video producers. In this ruling, the court largely upholds her lawsuit against a motion to dismiss, mostly based on Sahoury's argument that she relied on the oral promises made by the producers. However, the court dismisses her publicity rights claim because using her name in connection with a freely available instructional video doesn't have enough commerciality.

From a legal drafting standpoint, it's interesting that the signed blanket release wasn't dispositive. The release might still work later in the case, but it didn't knock out the case on a motion to dismiss. She basically gets around the release by arguing procedural defects (presented after the video was shot, as she had to leave quickly to get her kid) and the contrary oral promises. Naturally, video/photo producers should never make oral promises to the depicted people that contradict the written releases. Here, it opens the door for the judge's outrage about Sahoury's treatment.

Putting aside the legal issues for a moment, I'm confused because Sahoury's allegations all rest on a questionable factual premise. It appears she thinks that she could avoid being reidentified if only her first name was used, but obviously this is wrong. As we've seen repeatedly, she could be easily reidentified by third parties in the comments or elsewhere online--especially as facial recognition technology improves. And, the ability of pornographers to extract and remix the video was equally possible if the video was on YouTube, on Parents.com or only shown on cable. In other words, by consenting to the production and distribution of a widely available video showing her breast-feeding, she was vulnerable to the porn splicing no matter what. Finally, as we saw in the Bev Stayart cases, a person's name can be splogged into web pages with adult content even if the person has done nothing supporting that association. So from my perspective, Sahoury never had a chance of achieving her putative objectives.

In light of where she is now, what can she do? (beyond reputation management and suing the initial video producers). She could try to go after the rogue video remixer and the various porn sites distributing the video. She would have to rely on privacy claims, as she doesn't own the video's copyright (more on that in a moment). Further privacy litigation against these third parties isn't likely to be productive. The rogue video remixer and porn sites aren't likely to be easy targets--they could be overseas, they are almost certainly judgment-proof, and there are just too many targets--and the privacy claims will be partially undercut by the wide public release of the initial video.

Similarly, legal efforts against search engines to de-index the porn sites linking to her name aren't any more productive. Bev Stayart has shown this is a losing proposition, and 47 USC 230 would also apply to any privacy-based claims.

In contrast to privacy claims, copyright infringement would provide Sahoury with a real cudgel. This is why we're seeing the troubling hack (most recently blogged in Scott v. WorldStarHipHop) of a photo/video subject acquiring the copyright to the visual depiction of them and then turning into a copyright plaintiff. Something like that would be a logical approach for Sahoury here. She can settle up with the initial video producers, get the copyright to the video or at least the portion with her in it, and then send copyright takedown notices not only to the republishing websites but to the search engines as well. I can't really applaud this approach, as it relies on the unwarranted power of copyrights over other legal claims.

Posted by Eric at 10:47 AM | Copyright , Derivative Liability , Licensing/Contracts , Publicity/Privacy Rights , Search Engines | TrackBack

August 09, 2012

Judge Alsup Tries to Out the Shills in Oracle v. Google

[Post by Venkat Balasubramani, with comments from Eric]

Oracle v. Google, Case No. C 10-03561 WHA (N.D. Cal.; Aug. 7, 2012)

Judge Alsup recently issued an order in Oracle v. Google, voicing concerns that the parties or counsel may have retained or paid “authors, journalists, commentators or bloggers who have and/or may publish comments on the issues in [the] case.” Accordingly, he ordered each side and its counsel to:

[f]ile a statement . . . identifying all authors, journalists, commentators or bloggers who have reported or commented on any issues in the case and who have received money (other than normal subscription fees) from the party or its counsel during the pendency of [the] action.

The order sparked a reaction online and generated a flurry of commentary. (See articles from Ars; BuzzFeed, and posts by Paul Levy and Scott Michelman, to name a few.)

As Eric noted in his comments to Ars and BuzzFeed, as phrased, the order is overly broad and would potentially capture bloggers who have commented on the case and participate in Google's AdSense. This could also sweep up journalists whose publications have published Google or Oracle ads. It’s also curious that Judge Alsup issued the order near the conclusion of the case, where it will have little if any prophylactic value to prevent taint of the proceedings. Although it’s not in his interest to create appealable issues, the order almost creates another issue for the parties to bicker about at the appellate level.

There was speculation about what spurred the order and whether it was directed at one or more writers in particular, including as Eric commented to BuzzFeed, perhaps the writer of a legal treatise (Patry, Nimmer, Goldstein?). But assuming it was narrowly written and issued at the outset of the case, what to make of an order such as this one?

This isn’t like an FTC endorsement-style rule which requires spokespersons to disclose material relationships about products or services that they endorse—the only thing being endorsed here is the idea that one side or the other should win in the litigation. This also isn’t like the Apple v. Samsung scenario where Samsung’s lawyers were accused of releasing evidence to the press that the court ruled wasn't admissible. This is more directed at writing that influences the public consciousness about the issues in the trial. In that way, there’s some peripheral relationship to the case overall, but from the face of the order, there’s nothing to indicate that it does any more than that. One could make an argument that in this day and age, people involved in the judicial process (e.g., jurors) will have a hard time obeying the court’s rules to stay away from the internet during the pendency of the trial, and this is aimed at remedying any taint that may result from shilling, but it doesn’t even directly address this problem. People are free to write and get paid to write, it’s just that they have to disclose this to the court. (It’s possible that the order is directed more to the appellate court who may read media accounts or even consult “internet sources” and therefore would be better served to know who is impartial and who is influenced by the payment of money, but that seems like an odd problem for Judge Alsup to tackle.)

There’s also the issue that people don’t lose the right to advocate publicly on behalf of their position just because they are involved in litigation. If there’s no effect on the integrity of the process—and it’s tough to make an argument at this stage in the litigation—why should companies and their law firms have to disclose who they paid to get their message out? (Journalists seem to laud this order, and I have to admit that as a blogger I shared a sort of morbid curiosity to see what was behind all of this and who would end up on the lists.)

Unfortunately, neither party is going to challenge the order, although as Eric notes, they will likely make some assumptions regarding the order that may slim down their lists.

A final thought is that maybe Judge Alsup got wind of the shilling, and issued this order as a shot across the bow, to shills in this case, and in future cases as well.
______

Eric's Comments

I don't see how the parties can properly comply with the order in such a short time-frame. They must have thousands or even tens of thousands of vendors (that's not including Google AdSense, which would boost the number for Google even more). There's no quick way to cross-check which of these folks have written about the lawsuit. So I expect both parties are going to make some "assumptions" to reduce their workload.

Even so, it will be quite exciting on Friday, August 17, when we get to pore over the lists provided by Oracle and Google. I imagine many of us will engage in the parlor game of trying to spot previously unknown shills for the parties.

Unfortunately, if the parties properly comply with the order, the lists will be riddled with "false positives," i.e., people who met the literal criteria (cash from litigant + coverage of case) but didn't meet the spirit of the order (covered case BECAUSE OF cash from litigant). As Venkat indicates, we should be on the list, but I'm skeptical that my pathetic AdSense earnings have affected my analysis. Thus, in theory, we as consumers of the lists won't rush to judgment, improperly assuming that everyone disclosed on the lists is a shill. But in practice we just don't have that kind of self-restraint, so there should quite a "J'accuse!" frenzy once the lists are public.

As Venkat indicates, because Judge Alsup's order was so cryptic, there remains some confusion over the legitimacy of Judge Alsup's order. I can think of two circumstances where the order is completely appropriate:

1) A litigant cited a source in its advocacy whose author was on the litigant's team and not disclosed. So, for example, imagine that a litigant cited a treatise without disclosing the author is on the payroll of the ligiant. A cynic might think that the treatise author wouldn't write anything in his treatise that conflicted with its benefactor's interests. Before a judge relied on a putatively credible treatise in rendering a decision, it seems logical that the judge would want to know if the author might have surreptitiously updated the treatise to advance the litigant's position. I can't imagine that happened in this case, plus I think the judge's effort would be most appropriate only if he had actually relied on the tainted source in making a decision.

2) The media din about the case, spurred by shills, somehow tainted the jury's deliberation. I haven't heard any evidence that occurred in this case, but it would be a problem if it occurred.

Instinctively, I applaud Judge Alsup's efforts because the phenomenon of shill public relations is out-of-control. See Chris O'Brien's recent articles on the Google/Microsoft proxy wars for more evidence of that (Microsoft and Google battle for influence in the policy shadows and Google vs. Microsoft: See who's clashing behind the scenes). However, if nothing has yet undermined the integrity of the judicial process in the Oracle-Google case, then I think he has overreached--especially at this late date in the proceedings. Shill public relations is bad, and could even violate the FTC's Endorsements/Testimonials Guidelines, but that doesn't give a federal judge the power to engage in fishing expeditions about the litigants' conduct. We'll know more when we see the lists and get more insight into what prompted Judge Alsup's move. I've blocked off some time on August 17 for further analysis!

UPDATE: Scott Graham of the Recorder analyzes some of the possible individuals who might have prompted Judge Alsup to issue the order.

Posted by Venkat at 04:03 PM | Evidence/Discovery , Marketing

Craigslist’s Latest Moves Show It Cares More About Its Market Position Than Delivering Value to Its Users (Forbes Cross-Post)

By Eric Goldman

Craigslist is resorting to increasingly desperate measures to control its users' classified ad listings. Last month, Craigslist sued 3Taps and Padmapper for scraping and repackaging its classified ads. Since then, it has extracted greater IP rights from its advertisers and reportedly may de-index the listings from Google.

Why is Craigslist making these moves? Because third parties are threatening to interpose themselves between Craigslist and its users--in effect, to disintermediate Craigslist. If a third party can interpose itself between an intermediary and its users, the new intermediary can draw the users away from the incumbent, thereby undermining or even eliminating the incumbent's franchise. Not surprisingly, the incumbent will try anything--even desperate anti-user measures--to negate this threat.

The archetypal example of an online intermediary striking back against distintermediation came, ironically, from Craigslist's arch-enemy eBay ($eBay). About a dozen years ago, a start-up, Bidder's Edge, sought to create a super-set of auction listings from multiple Internet auction sites. At the time, there were serious rivals to eBay, including Yahoo Auctions and Amazon Auctions, but eBay still had the bulk of online auction listings.

From eBay's perspective, having its listings in Bidder's Edge database threatened eBay's franchise. While Bidder's Edge might have brought some new buyers to eBay's auctions, one of eBay's competitive advantages was that it already had the largest pool of prospective buyers. From a prospective buyer's standpoint, it would be more advantageous to browse the super-set of all listings on the Internet than to browse only eBay's listings; more auction vendors means more choices and more competition for the buyer. If Bidder's Edge interposed itself between eBay and its buyers, sellers could go to the other auction sites (Yahoo or Amazon) and get exposed to the same pool of buyers that they could have gotten on eBay. In effect, then, by siphoning off eBay's buyers, Bidder's Edge would allow eBay's competitors to siphon off eBay's sellers too.

We know how the story turned out. eBay technologically blocked Bidder's Edge from scraping its website for auction listings. When Bidder's Edge routed around eBay's blocks, eBay sued Bidder's Edge and won a landmark injunction based on the ancient legal doctrine of trespass to chattels. Bidder's Edge kept going for a while by aggregating the auction listings from other auction sites, but without eBay's listings, Bidder's Edge's offering wasn't very compelling to buyers, and it faded away. Meanwhile, without the exposure to eBay's buyers that Bidder's Edge would have provided, the other auction sites also eventually faded away. eBay effectively rolled up the online auction industry, creating billions of dollars of wealth for its stockholders.

Craigslist is fighting the same fight against online aggregators that eBay fought--and won--a dozen years ago, for exactly the same reasons. If Craigslist succeeds with its lawsuit, we can expect that Craigslist will retain its market leader position for at least a little while longer. But if Craigslist can't control its listings, they can help seed a competitive aggregator's database. This, in turn, would give a big boost to existing and new competitors to Craigslist.

This situation is forcing Craigslist to assert more control over its users' advertisements. But this devolves into a zero-sum game between Craigslist and its advertisers, i.e., Craigslist improves its competitive position only by delivering less value to users. For example, taking exclusive copyright licenses to advertisements would prevent Craigslist advertisers from pursuing other advertising venues that could help them reach more potential buyers. (If Craigslist is asking for less copyrights than that, its move is legally ineffectual). Similarly, de-indexing from Google would severely cut off advertisers' exposure to potential buyers. Less potential buyers = less money for advertisers = less reason to use Craigslist.

This could start a downward spiral for Craigslist. Either Craigslist lets third party competitors aggregate its users' advertising into their databases, or Craigslist reduces the value of its services to advertisers and drives them to competitors. Thus, even though it might look like Craigslist is making bizarre moves, I think its moves are quite rational. They're exactly the kind of moves you'd expect from a panicked company realizing its uncomfortably precarious marketplace position.

Posted by Eric at 09:30 AM | Copyright , Marketing , Trespass to Chattels | TrackBack

August 08, 2012

Ex-Employee's Access/Misuse of Employer Files States CFAA Claim -- Weingand v. Harland Financial

[Post by Venkat Balasubramani with comments by Eric]

Weingand v. Harland Financial Solutions, C 11 3109 EMC (N.D. Cal.; June 19, 2012)

Weingand involves claims brought by an employee, and proposed counterclaims brought by the employer against the employee. Nor surprisingly, the employer tried to assert claims under the Computer Fraud and Abuse Act (and California Penal Code section 502, a state anti-hacking statute). The court grants the employer's motion for leave to amend, finding that the counterclaims would survive a 12(b)(6) motion.

The facts are similar to other employee CFAA cases in the sense that the employer alleges that the employee accessed the network and misused the employer's information, but there’s a small twist. The employee allegedly accessed the employer’s network after he left the company. He gained access to the network by telling the employer that he wanted to access some of his personal files. According to the employer, the employee then accessed some 2,700 business files of the employer, "all of which contained non-public information, copyrighted information, and/or confidential and propriety [sic] information." The big question is whether this constitutes access without authorization, or access in excess of authorization, under the CFAA.

CFAA: The court first addresses whether Harland Financial states a claim under the CFAA. Weingand argued that since he was authorized to access the network, he could not be held liable under the CFAA. Citing to Nosal, Weingand contended that:

[the] level of verbal . . . authorization was irrelevant because the only 'authorization' to which the statue speaks is 'code' authorization (i.e., whether someone is literally blocked from certain files by some security measure such as a password).

The court disagrees and says that Nosal draws a distinction between access and use, not between types of authorization pertaining to access. According to the court, you can be held liable if you access something without authorization, but not if you use information that you were authorized to access in a way that’s unauthorized.

Cal. Penal Code sec. 502: Section 502 is a state anti-hacking statute that was central to Facebook’s claim against Power Ventures. In that case Judge Ware said that a violation of the statute had to be premised on circumvention of technical measures (even circumvention of IP-address blocking could suffice, but there had to be something). Judge Chen declines to follow this approach, instead following Facebook v. ConnectU where Judge Seeborg held that access in violation of Facebook terms using log-in information supplied by registered users was sufficient to state a claim under Section 502. In other words, an employee's violation of an employer's network policy may state a claim under Section 502 because it's the same as unauthorized access.

Other miscellaneous claims: Finally, the court says that the employer's claims for conversion, breach of contract, unjust enrichment, interference with prospective economic advantage, and unfair competition (under California’s UCL statute) would survive a 12(b)(6) motion.
__

A question left open by Nosal is to what extent that decision would gut employer claims under the CFAA. Nosal (and the WEC Carolina Energy case from the Fourth Circuit) seemed to leave open the possibility that, if an employee is not authorized to access certain information at all (even though she is authorized to access "the network"), this may amount to unauthorized access under the CFAA. The court here seizes upon that--Weingand is authorized to access the network but not the information in question. However, it's worth noting that the factual scenario here is somewhat unique because the access occurred after the employment relationship ended (which would support some sort of access-obtained-by-fraud argument on the part of the employer). A similar factual scenario was presented in LVRC v. Brekka where the Ninth Circuit held that (1) access during employment in contravention of a policy is not sufficient to state a CFAA claim, and (2) while post-employment access may support a CFAA claim, the employer in that case failed to present sufficient evidence of post-employment access to withstand the employee's motion for summary judgment.

The court in this case doesn't delve into the precise exchange between the employer and employee relating to the access. Did the employee already have access and merely give the employer the heads-up that he was logging into the network? Had the employer terminated access (and revoked the password) and did the employer reinstate it to allow the employee to access the network? If it's the former, it's tough to make a principled distinction between Nosal (and WEC Carolina Energy) and this case, and the court certainly does not delve into this issue. In any event, as Eric explores below, CFAA jurisprudence remains murky, and as a result, employers will probably re-draft their network policies and continue to push the envelope on CFAA claims.

The fact that the employer here was able to assert numerous other claims illustrates that (as argued by the court in WCE Carolina Energy) the CFAA did not need to be interpreted as expansively as employers contend--i.e., they have adequate other remedies available.
____

Eric's Comments

I think it's safe to declare that the CFAA jurisprudence is officially a mess. (Apropos of this, see this Reuters recap). There are multiple scenarios that the courts keep jumbling up:

Scenario #1: defendant never has authorization to access the protected computer or the information on the protected computer (i.e., the bad hacker scenario)
Scenario #2: defendant does not have authorization to access the protected computer but does have authorization to information on the computer (i.e., maybe this describes the Lori Drew situation)
Scenario #3: defendant has authorization to access the protected computer but doesn't have authorization for information on the computer (i.e., employee misappropriation of trade secrets stored on company computers)
Scenario #4: defendant has both authorization to access the protected computer and information on it

Scenario #1 is the easy CFAA case. Scenario #4 should not result in any CFAA liability. Scenarios #2 and #3 are vexing the courts.

I had thought after Nosal and WEC that Scenario #3 wasn't actionable under the CFAA but would be actionable under the laws protecting the information (such as trade secret misappropriation). This case seems to disagree. This case also seems to imply that employers could simply redraft their employee computer use policies to say that employees aren't authorized to access the computers if they subsequently misuse the information on the computers, and that such a policy would revive the CFAA claim. This drafting workaround seems way too easy.

Another way of reading the situation is that CFAA law distinguishes between non-employees and employees. Perhaps there's no circumstance where employees can violate the CFAA when accessing their employee's computers, but all bets are off the moment they leave employment. If this latter distinction is true, then the CFAA remains a potent threat in the scraping context.

Putting aside the CFAA issues for a moment, what in the world was the employer thinking providing an ex-employee unrestricted/unsupervised access to its computers? This is a huge no-no. Cf. Meyerkord v. Zipatoni; Ground Zero Museum v. Wilson. Even ex-employees who left on the best of terms should not be given this power. At most, the employer should have had an HR person do the downloading him/herself.
____

Posted by Venkat at 02:30 PM | Privacy/Security , Trespass to Chattels

August 07, 2012

EA Faces Uphill Battle in Its Copyright Infringement Lawsuit Against Zynga (Partial Forbes Cross-Post)

By Eric Goldman

[Eric's note: I am still experimenting with how to write for different audiences. Below is the first draft of a post I wrote for my Forbes Tertium Quid blog. You'll see it's written for a lay audience, but structurally, it's still a geek post. So I've decided to move it over here. I wrote and posted a pithier version for Forbes. If you take a look at both, please email me and let me know which one you liked better (and why).]

Electronic Arts Inc. v. Zynga Inc., 3:12-cv-04099 (N.D. Cal. complaint filed Aug. 3, 2012).

Last Friday, Electronic Arts ($EA) sued Zynga ($ZNGA) for copyright infringement. EA alleges that Zynga's "The Ville" game takes too much of EA's "Sims Social" game.

The lawsuit is interesting for a number of reasons. First, it's always interesting to see two major Silicon Valley companies clash in court. (I know Zynga is located in SoMa--"South of Market Street" in San Francisco--but close enough). It's even more interesting to see big game manufacturers square off, something that happens relatively rarely. Second, the case raises interesting--and difficult-to-resolve--substantive questions about copyright law. Third, game developers copy each other's ideas all the time, meaning that if the case reaches a final adjudication rather than settling, it might set a vitally important precedent for the entire industry.

The Case Merits.

Games are protected by copyright law, but figuring out the precise parameters of EA's copyright protection is a tricky endeavor. Let's take a careful look at the different overlapping copyright interests in a game like Social Sims:

Code. The software code for a game is protectable, but EA doesn't allege Zynga copied its code.

Plot and Characters. A game's "plot" typically is protectable, such as a mandatory sequences of events the player must go through to reach the game's end. EA doesn't allege Zynga copied the plot for Social Sims. Indeed, one of the hallmarks of Social Sims is that it doesn't really have a plot. A game's characters may be protectable independent of the plot if they are drawn richly enough (think "Leisure Suit Larry"). As with the lack of a storyline, Social Sims doesn't really have characters with personalities.

Concept and Expression of the Concept. A game's concept, such as the ruleset for game play, usually is not protectable under copyright law. Thus, competitors may freely make a game with a Monopoly-style gameplay. Similarly, everyone is free to design a game where a player operates an avatar navigating through a virtual environment. At some indeterminate point, a game manufacturer's execution of the game's concept is imbued with enough creative choices that the exact implementation may be protectable.

EA alleges that Zynga took not only the game concept, but many of the unique and creative choices that EA made in implementing the concept. To prevail on this aspect, EA will have to show that its choices were sufficiently creative and unique to warrant copyright protection. EA will also have to show that there were a multitude of ways that a rival could have executed the concept and that its execution isn't a standard method in the industry.

So, for example, regarding para. 94 of the complaint, EA might get a little credit from its choice to communicate that an avatar needs to go potty by showing the avatar standing pigeon-toed (I don't believe that's a standard depiction in the game industry, but let me know if you see it differently). However, EA probably gets little credit from also showing the avatar with a thought bubble thinking of something potty-related (toilet paper in EA's game; a toilet in Zynga's game). Ultimately, many of EA's allegations go to this point: Zynga mirrored the big-picture concept and lots of specific details of that concept in Social Sims and chose a similar or identical method of expressing the specific details. But Zynga is free to copy the concept and free to execute the concept using similar details, so the key question is whether Zynga's execution of the freely copiable concept took too much.

User Interface. A game's user interface can be copyrightable, such as the unique visual depictions rendered by the software code. EA also alleges that Zynga copied aspects of its user interface, such as the exact color scheme and many other visual depictions (e.g., the avatar's thought balloons are quite similar in some cases). In most cases, and consistent with its standard practices, Zynga made small but discernable changes from EA's exact depictions. Like the copying of EA's concept, it's not easy to assess if Zynga changed enough of EA's unique expression.

Overall Assessment. As you can see, parsing the copyright issues is complicated (and I didn't even use any of the copyright law jargon, like the idea/expression dichotomy, "merger doctrine" or "scènes à faire"). What is clear is that EA has to go much further than just showing that Zynga copied its gameplay. Indeed, Zynga's slightly different execution of the specific details in EA's game might be just different enough to avoid the copying charge.

In a legal complaint, the plaintiff tells its very best story unrebutted by the opponent's side of the story. Even without seeing Zynga's response, I was surprised how unmoved I was by EA's allegations. That doesn't bode well for the merits of EA's claim.

What About the Employee Raid? EA makes numerous allegations about Zynga's acquisition of confidential information from ex-EA employees who joined Zynga. Yet, EA didn't complete this thought by making the logical claim of trade secret misappropriation. This leads me to believe that this lawsuit is, at least in part, a proxy battle over Zynga's raids of EA employees. Of course, Zynga's raids were a lot easier when it could offer EA employees a taste of high-flying stock. I'm guessing Zynga's recent stock performance makes future raids less likely.

EA's Risks of Aggressive Copyright Enforcement.

As the prior section indicates, EA may be pushing the envelope on copyright protection through this lawsuit. From my perspective, I can't imagine why EA would want to do that. Every game manufacturer copies other manufacturer's games at some level. There are only so many unique types of game concepts to go around, and most major games manufacturers want to offer a complete line of games covering all of the different game segments. This means that when a game manufacturer comes up with a completely new game concept, inevitably the other manufacturers will implement this game concept themselves.

So if EA succeeds in expanding protection for game concept and user interface details, it might win this battle but lose the war. Ultimately the next time it seeks to do its own version of someone else's concept, any precedent EA makes here will be cited against it.

This makes EA's enforcement effort a high risk endeavor. While this is a case that Zynga can't afford to lose, it's also a case that I think EA can't afford to win. As a result, the most likely outcome is that the parties will settle, probably with little consequences for either party. A logical settlement would involve Zynga making some changes to its game to placate EA, but not changing all of the issues raised in EA's complaint.

Implications for the App Industry Generally.

As with games, concept copying is rampant in the app industry generally. Recall, for example, how Apple declared that it didn't want any more fart applications after the success of iFart. If this case were to set a precedent on the boundaries of legitimate copying of app concepts and the specific details implementing the concept, it could have major implications for the entire app developer community.

I don't expect we'll achieve that result for two reasons. First, because neither EA nor Zynga want a final ruling on the merits, I don't think we'll get a decisive final opinion.

Second, parsing between concepts and expression of those concepts will always require comparison of the original app and the variant. In the context of comparing the plotlines and characters of two plays, over 80 years ago famed Judge Learned Hand said (citations omitted):

Upon any work, and especially upon a play, a great number of patterns of increasing generality will fit equally well, as more and more of the incident is left out. The last may perhaps be no more than the most general statement of what the play is about, and at times might consist only of its title; but there is a point in this series of abstractions where they are no longer protected, since otherwise the playwright could prevent the use of his “ideas,” to which, apart from their expression, his property is never extended. Nobody has ever been able to fix that boundary, and nobody ever can.

We've developed a lot of copyright law since Judge Hand wrote these words, but we've not made any meaningful progress towards fixing that boundary, and I doubt this case will do so either.

Posted by Eric at 04:49 PM | Copyright | TrackBack

August 06, 2012

Online Marketplace Isn't Liable for Bad Conduct by Merchants It Certifies--Englert v. Alibaba

[Post by Venkat Balasubramani]

Englert v. Alibaba, 11CV1560 RWS (E.D. Miss.; Apr. 27, 2012)

Englert and other plaintiffs purchased products found on alibaba.com. The products included “ExtenZe male enhancement, Vimax,VigRX Plus, Energy Wristband (Power Balance), and Razor Blades Fusion Power." Plaintiffs alleged that the products were counterfeit, or tampered with (some were seized by customs officials prior to delivery). The products were sold by third parties but displayed in a location on alibaba.com that allows third party merchants to display their products or services. Sounds like an easy Section 230 case for Alibaba, so where does it fit in? Alibaba, for a fee, allowed third party suppliers to list themselves as “Gold Suppliers”. As explained by its website:

A Gold Supplier is a paid membership for suppliers on the Alibaba website who have a serious interest in doing business with buyers worldwide . . . Gold Suppliers must complete an authentication and verification process by a third-party security service provider.

Alibaba’s website, however, stated that Alibaba:

disclaimed any warranty, express or implied, and liability whatsoever for any loss howsoever arising from or in reliance upon any information, action, or omission of any of its members on its websites.

Alibaba also had (an apparently leakproof) terms of service which explained that Alibaba is an intermediary, that it’s not responsible for the quality of any products or services, or any information provided by sellers.

The court dismisses plaintiffs’ claims for fraud, negligent misrepresentation, and breach of contract (plaintiffs didn’t contest Alibaba’s request to dismiss the breach of contract claims). The court says that plaintiffs’ claims do not allege any false statements on the part of Alibaba based on conferral of “Gold Supplier” status. The statements only refer to the sellers themselves (e.g., that they have a serious interest in doing business). Plaintiffs argued that this amounted to an implied representation that the products or services offered by “Gold Supplier” sellers are authentic, but the court doesn’t buy this argument. Moreover, the court looks to the terms of service and says that any understanding on the plaintiffs’ part that “Gold Supplier” status means that the underlying products or services would be of a particular quality is undermined by the unequivocal disclaimer of warranties and release of liability in the terms. Plaintiffs thus cannot allege that they relied on any statements from Alibaba, even to the extent the statements are false.

Alibaba kept its endorsement of third party sellers relatively narrow, and included robust disclaimers or warranties in its terms of use, thus nullifying the legal effect of its endorsement. It's a case worth noting from this standpoint, particularly for anyone who operates a marketplace or another ecosystem where an endorsement or rating system becomes important. Not particularly the best result for customers, who may or may not have thought that there was something special about "Gold Suppliers" vs. ordinary suppliers, but the court says in any event that a disclaimer in a leakproof terms of service trumps.

eBay Gets 47 USC 230 Dismissal of Products Liability Claim--Inman v. Technicolor
eBay Denied 230(c)(2) Defense Over Counterfeit Coin Policing
eBay Denied 230 Defense for Its Marketing Representations--Mazur v. eBay

Related:

Jeff Dotty, Choose Your Words Wisely: Affirmative Representations as a Limit on Section 230 Immunity, 6 Wash J.L. Tech. & Arts 259 (2011)

Posted by Venkat at 03:51 PM | Derivative Liability , E-Commerce , Licensing/Contracts , Marketing

Now Available: My Internet Law Syllabus and Reader for Fall 2012

By Eric Goldman

I posted my syllabus and my course reader (a $7.50 download at Gumroad) for Fall 2012. If you teach Internet Law (or hope to), email me if you'd like a free copy of the reader plus my course notes and PPT slides. I've priced this reader below the Advertising & Marketing Law casebook Rebecca and I just released because it's less than 50% as long and has less explanatory material. Still, I think it's an excellent value for the students.

Although I think it's been an interesting year for Internet Law, I ultimately didn't make too many changes to the syllabus and reader from last year. The only changes:

- I added UMG v. Shelter Capital and deleted Io v. Veoh and the district court opinion in Viacom v. YouTube. This was a tough call. I thought the UMG case was a better teaching case than the Second Circuit's Viacom v. YouTube ruling, even though the YouTube ruling came out second and had some important deviations from the UMG ruling. Plus, my students are located in the Ninth Circuit, so UMG is the governing law for them, and the UMG ruling distills a lot of Ninth Circuit law that had been murky since the 2007 Perfect 10 troika of rulings. On the minus side, the Ninth Circuit has asked the litigants to brief it on possible amendments to the ruling in light of the YouTube ruling, so the version I've included in the reader could be superseded (I'd be surprised if the Ninth Circuit didn't make some changes, even if minor).
- I added my Forbes essay, Celebrating (?) the Six-Month Anniversary of SOPA’s Demise. I haven't had a chance to repost that essay to this blog yet because I'm combining it with a beefy linkwrap. You'll get it here soon.
- I added WEC Carolina Energy Solutions v. Miller to the trespass to chattels section. I thought this case was easier to teach than the Nosal en banc ruling (i.e., no messiness associated with a criminal prosecution; and less time on tendentious parsing of the word "so"), and Nosal and its progeny appear to be reshaping the CFAA rapidly in ways that should apply outside the employment context.
- I beefed up my "notes and questions" sections after a number of cases (I'll post an example soon), plus lots of bug fixes.

I didn't include the Fourth Circuit's Rosetta Stone v. Google opinion for a number of reasons, mostly because I don't think it's an easy teaching case and because I think lawsuits over keyword ad sales are increasingly anachronistic. Plus, the Ninth Circuit's Network Automation case (binding law for my students) is already having a major impact on trademark law jurisprudence and is a solid enough foundation for teaching keyword advertising issues.

I also have not added any new materials on privacy, even though it's been a crazy time for Internet privacy. I still haven't found any cases I like better than the Pharmatrak case, and I'm not sure I've found any supplementary cases that are worth the time. I'd be grateful for your thoughts on this.

To streamline the reader and eliminate some maintenance hassle, I deleted the statutory texts from the reader and just linked to the key ones. I would welcome your thoughts about the best ways to impress upon students the importance of statutory analysis to Internet Law practice. For now, I'm assuming that burden as the course instructor.

My analogous blog posts from years past: 2011; 2010; 2009; 2008; 2007; 2006; 2005.

Posted by Eric at 11:12 AM | Copyright , General , Trespass to Chattels | TrackBack

The Newest Olympic Sport: Evasion of Geolocation (Guest Blog Post)

By Guest Blogger Marketa Trimble

The Olympic Games can be credited for spreading awareness about and generating excitement for sports that might otherwise be unknown in various parts of the world. The global promotion of sports is one of the undeniable benefits of the Games, which are watched by millions on television and the internet all over the world. Normally it is the sports that are included in the Olympics that receive the amazing publicity and therefore the attention of viewers. However, this year the Olympic contribution might rise beyond the sports seen in London stadiums.

As an article in the Reuters U.S. edition suggested a few days ago (Olympics Fans Find Ways to Circumvent NBC’s Online Control, July 31, 2012), this year the Olympics coverage by the omnipresent NBC will contribute to the popularization in the U.S. of a sport that has not been included in the program of the Games, has not even been considered as an Olympic sport and, frankly, would probably not be accepted as a “sport” by most: evasion of geolocation.

Evasion of geolocation is primarily an expatriate sport – a sport for those who long for their home television programming and other content on the internet that can be accessed only from inside their home country. By misleading the geolocation tools that website operators have installed, expatriates travel virtually to an internet IP address in their home country to access their home television programs. Not that others don’t engage in the evasion of geolocation as well – political activists, dissidents, and others evade geolocation also; however, just as running and swimming are sports for some but life necessities for others, so too may evasion of geolocation be considered as “sport” only in certain contexts.

With its broadcasting approach to the Olympic Games, as described in the Reuters article, NBC has created unwilling virtual expatriates out of at least some U.S. Olympic fans who now have to travel virtually to appear as if they are located outside the U.S. Whether they want to watch “exotic” sports or sporting events in “real” real time, they have to find stations other than NBC to show it to them, particularly if they don’t subscribe to a cable or satellite television service. Alternative stations will be foreign stations, such as (perhaps) the BBC, and likely ones that also prevent access by internet users located outside the country or countries for which the stations hold licenses. And so U.S. sports fans are learning about ways to access foreign websites by evading geolocation and pretending to be in foreign countries.

Are the acts of users who evade geolocation and the acts of providers who supply evasion tools legal? It depends; I wrote over 90 pages explaining the intricacies of those questions in my article The Future of Cybertravel: Legal Implications of the Evasion of Geolocation, 22 Fordham Intell. Prop. Media & Ent. L.J. 567 (2012) [prior blog coverage of the article]. As it could be for any questions about legality, these questions might be inconsequential if no one actually cares: unless there is a party who suffers damage, legality or illegality of acts might only be a matter for academic debate. So who cares? The BBC is gaining viewers, and with more viewers it might be able to charge more for advertising. (For a separate problem with pay-per-foreign-view, see my article.) NBC is losing viewers, which might not matter until the practice becomes widespread enough that advertisers begin to demand lower prices for advertising time on NBC. [Eric's note: if anything, NBC has fared better financially with this year's Olympics than it projected.] NBC’s inability to safeguard territorially limited access to third-party programs through sufficiently effective geolocation could lead to NBC’s losing licenses to programs in the future.

Those damaged by the new Olympic sport of geolocation evasion will be copyright holders who have licensed their content in a territorially limited manner. These might be music labels that have licensed music to advertising agencies for use only in the U.K. but now face the fact that U.S. users are enjoying the music in the U.S. without the labels’ consent. And, of course, no copyright holder will be unhappier about the new sport than the International Olympic Committee.

The practice of the evasion of geolocation, though it may not immediately damage IOC revenues, might in the long run necessitate a rethinking of IOC licensing strategies. Unless the legal status or technical aspects of evasion of geolocation change dramatically (meaning that it becomes illegal or technically too difficult), territorially limited licensing will be rendered ineffective, and the IOC – and, in fact, other copyright holders throughout the world – will have to create new licensing models or embark on new business models altogether.

Posted by Eric at 09:23 AM | Content Regulation , Copyright | TrackBack

August 04, 2012

CA Court Confirms that Pineda v Williams-Sonoma (the Zip-Code-as-PII Case) Applies Retrospectively -- Dardarian v. OfficeMax

[Post by Venkat Balasubramani]

Dardarian v. OfficeMax North America, Inc., 11-CV-0947-YGR (N.D. Cal.; Jun. 25, 2012)

The Song-Beverly Act is a California statute that prohibits retailers from requesting personal identification information in connection with credit card transactions. In Pineda v. Williams-Sonoma, the California Supreme Court held that the definition of personal information includes a zip-code (i.e., retailers cannot ask for zip codes during credit card transactions). The court in that case held that its decision could be applied retrospectively and rejected Williams Sonoma’s arguments that it would be unfair to apply this decision to conduct before the date of the decision. (Here is our prior blog post recapping that case: “California Supreme Court Rules That a ZIP Code is Personal Identification Information -- Pineda v. Williams-Sonoma.”)

The question in this case was whether OfficeMax offered any better arguments for why the statute should not be applied retrospectively against it. OfficeMax argued that the California Supreme Court’s decision in Pineda was a departure from previous precedent and that OfficeMax had relied on a lower court decision in Party City v. Superior Court, where a court of appeal held that a zip-code does not constitute personal information.

The court says that this is insufficient to escape retrospective application of the statute for several reasons. First, Pineda was a decision from the California Supreme Court and it did not overrule any existing precedent from the same court. Party City was a lower appellate court decision and the California Supreme Court did not sanction the lower court’s approach when it denied review. Moreover, the court finds that the Party City opinion was only around for two years before the California Supreme Court granted review in Pineda and announced the contrary rule. OfficeMax was unable to point to a “near-unanimous body of lower-court authorities” that sanctioned its practice of collecting zip-codes.

In addition to Party City, OfficeMax pointed to one other case it happened to be involved in in support of its argument that it relied on lower court decisions when it collected zip-codes: Thoms v. OfficeMax. In Thoms v. OfficeMax, the court granted OfficeMax’s demurrer based on the Party City decision. While both Party City and Thoms held that zip-codes are not personal information (and were effectively overruled in Pineda) the court says that OfficeMax did not start collecting zip-code information based on these decisions. It had a long-standing policy of collecting zip-codes and merely continued its practice in light of these two decisions. This isn’t the type of reliance (e.g., a change in behavior) that warrants against retrospective application.

OfficeMax also argued that Pineda granted review on the question of whether “reverse engineering” someone’s address based on their zip-code violated the statute and thus Pineda’s decision to address the larger question of whether a zip-code constituted personal information was a surprise. Although the court ruled on the broader question of whether it was appropriate to collect the zip-code information, OfficeMax argued that the decision in Pineda was unforeseeable. The court disagrees, noting that as early as when the parties filed their briefs in Pineda, the issue of whether a zip-code constituted personal information was on everyone’s radar screen and therefore, there was nothing unforeseeable about the court’s decision in Pineda.

Finally, the court also finds that public policy favors retrospective application of the statute. OfficeMax argued that it had ceased the practice of collecting zip-code information and that it never reverse engineered this information to obtain the addresses of its customers, but the court says that the policy furthered by the statute is to forbid retailers from collecting information that could result in a breach of the customer’s privacy. While the fact that OfficeMax did not reverse-engineer this information may bear on OfficeMax’s culpability, the fact that it collected the information in the first place meant that it engaged in conduct that the statute was aimed to prevent. The court also rejects OfficeMax’s argument that retrospective application would undermine the administration of justice by holding it liable for actions it thought were lawful when it engaged in them. The court says that OfficeMax should have taken the conservative route and not have collected this information in the first place.

Pineda was a harsh decision for retailers, and the court’s conclusion in that case was certainly not an obvious one given the language of the statute. Nevertheless, the court in this case does not give OfficeMax a reprieve and says that it should be held to this conduct.

The big take away from Pineda is that collecting seemingly innocuous bits of information that can be reverse engineered can trigger a privacy violation. (For another example of this, see the recent FTC settlement with MySpace, where the agency held that allowing third parties to derive someone’s identity through a unique ID was a privacy violation: “Syncing and the FTC’s MySpace Settlement.”) California is not alone in having this type of legislation directed at retailers in place. Here is a similar example from Massachusetts: “Mass. Court: ZIP Code is personal identification info under credit card statute but plaintiff must still allege harm—Tyler v. Michaels Stores.” (Interestingly, the retailer defeated the plaintiffs' lawsuit in Massachusetts where the court concluded that the collection of information in that case did not result in any harm.)

OfficeMax made some reasonable procedural and fairness based arguments for why it should not be in the hook for its past conduct, but given the prophylactic nature of the statute, the court was not persuaded. This illustrates that when it comes to privacy statutes and regulation, while companies have done fairly well in defending against privacy lawsuits (and numerous lawsuit have been dismissed due to lack of harm) overall, companies may want to exercise caution where a statute that specifically prohibits the collection of certain information is implicated.

[cross-posted at IAPP's Daily Dashboard]

Posted by Venkat at 08:30 AM | E-Commerce , Privacy/Security

August 03, 2012

What Are Trademark Defendants' Obligations to Clean Up the Internet After a Trademark Injunction?

By Eric Goldman

We're continuing to get cases interpreting a defendant's obligation after a court has issued an injunction against continuing to use a trademark. (The same basic issue arises after a settlement agreement). I don't know that we have any clear legal principles to draw yet, other than the defendant's good faith effort to comply with the injunction/settlement agreement clearly makes a difference. Three cases on the topic from the past few months:

M. Cohen & Sons, Inc. v. Cohen Iron Works, LLC, 2012 U.S. Dist. LEXIS 57104 (E.D. Pa. April 24, 2012)

After the court issued an injunction against using the name “Cohen Iron Works,” the defendant was in contempt by maintaining a YouTube account “cohenironworks” and a Twitter account @cohenironworks and by reclaiming and maintaining a Manta.com page for “Cohen Iron Works.”

Medi-Weightloss Franchising USA, LLC v. Medi-Weightloss Cline of Boca Raton, LLC, 2012 WL 2505930 (M.D. Fla. May 24, 2012)

Plaintiffs claim the Defendants have defied the preliminary injunction by failing to de-identify and disassociate VIP Wellington from Medi on various web sites. In their opposition memorandum and during the hearing before me, Defendants explained their diligent efforts to de-identify and disassociate their new business from Medi, including Defendants' efforts to contact third parties such as Angie's List, Yelp, Linked In, and Google. Moreover, Defendants explained that the “we are moving” status on Facebook was made after Medi Boca had closed and VIP had opened, in order to comply with the injunction order's requirements. And, Defendants stated that they have removed the photograph from VIP's Facebook page that included the reflection of Medi's slogan “The One that Works!” and have also removed Medi's logo from the protein bar packaging seen on their Facebook page. Accordingly, I find the Defendants have made reasonably diligent efforts to de-identify and disassociate their new business from Medi, and the Plaintiffs have failed to show by clear and convincing evidence that the Defendants have violated the injunction order in this regard.

SunEarth, Inc. v. Sun Earth Solar Power Co., Ltd., 2012 WL 2344081 (N.D. Cal. June 20, 2012)

As to the Sun-Earth.com/web, SunEarthPower.com/web, and SunEarthPower.net/web pages, Defendants contend that these were not encompassed within a literal reading of the modified preliminary injunction, which refers only to Sun-Earth.com, SunEarthPower.com, and SunEarthPower.net in paragraph seven….However, this is an unreasonably limited reading of the injunction, which clearly encompasses all subpages within those domain names.

Posted by Eric at 10:22 AM | Trademark | TrackBack

August 02, 2012

Video Embedding Site Isn't a Contributory Copyright Infringer, But Sideloading Could Be Direct Infringement--Flava Works v. myVidster

By Eric Goldman

Flava Works, Inc. v. Gunter, No. 11-3190 (7th Cir. Aug. 2, 2012). Prior blog post on district court ruling.

myVidster is a "social bookmarking" website that allows users to link to videos hosted elsewhere on the Internet and thereby embed the videos in myVidster's user interface. Today, myVidster scored a big win at the Seventh Circuit, which held that it had not committed contributory infringement by allowing users to embed infringing videos via myVidster. It's hard to state just how amazing this ruling was for myVidster, because myVidster's principal, Gunter, often refused to honor takedown notices (on the dicey premise that anything posted somewhere elsewhere on the Internet was freely linkable) and thus presumptively failed to qualify for the 17 USC 512(d) safe harbor. Normally, when a website fails to honor takedown notices, judges come down hard on the website—just like the district court did in this case.

While the opinion offers good news for myVidster and possibly other linking websites, it does raise a concern about sideloading, i.e., grabbing a remote file that a user links to and making an archive copy of that file for further delivery. The opinion, without much elaboration and without using the term, breezily characterizes sideloading as direct infringement by the website for grabbing and republishing the remote file. This is almost certainly bad news for Pinterest, which (I believe) routinely engages in sideloading without a lot of explanation to its users, presumably premised on the idea that storing the remotely linked files is authorized by the user and thus qualifies for the 512(c) safe harbor. It remains to be seen what will happen if Pinterest's sideloading is directly challenged and Pinterest is around to defend its interests, but this ruling provides a warning that judges may not see it the way Pinterest does.

Judge Posner drafted this opinion, which means that (as usual for him) it reads like a barely edited first-draft. As usual for Seventh Circuit opinions, it makes a number of questionable and undefended offline analogies, makes assumptions about factual questions that could/should be remanded to the district court, barely engages with or cites to other legal precedent, raises and addresses issues that the litigants never raised, and is filled with gratuitous digressions (e.g., an uncomfortable discussion that gay ethnic pornography might be illegal, a contention neither party advanced; and an odd discussion about the reputational capital benefits of sharing content). If I were Flava Works, I would be hopping mad about the manifest procedural defects in the opinion (and motivated to seek en banc review). As a result of the opinion’s characteristic affectations, parsing this opinion is needlessly difficult, so I can only do so much to deconstruct the legal principles in it.

The main ruling is that the folks uploading infringing videos are direct infringers, but myVidster isn't contributorily liable for letting users link to those infringing videos. Posner unhelpfully rejects the standard Gershwin definition of contributory infringement; instead, he idiosyncratically defines it as “personal conduct that encourages or assists the infringement.” (In my opinion, the last thing we need is further proliferation of definitional standards for secondary infringement!). myVidster wasn't responsible for any infringing activity mostly because it didn't copy or distribute the infringing videos or help users copy or distribute the infringing videos.

Posner sidesteps the concerns from amici Google and Facebook about possible “tertiary” liability, saying myVidster didn’t commit contributory liability and that ends the inquiry. And because the opinion doesn’t find any secondary infringement, it says the 512(d) safe harbor for linking to infringing content is not needed. That turns out to be good news for myVidster because it had a low chance of succeeding with a 512 defense. myVidster avoided an inducement claim because it didn’t “invite” its users to link to infringing files.

Posner does separately address the 106 public performance right, but I found the opinion about that especially inscrutable. I'm hoping someone else can help me understand what Posner was trying to say and, in particular, why he discussed Fonovisa (an offline swap meet case) when discussing the performance right. Although the opinion cited the Ninth Circuit’s Perfect 10 v. Amazon ruling, I also don’t understand why Posner did not discuss the Ninth Circuit’s thoughtful and highly relevant discussion about public display and the difference between embedding content via links and hosting it. The only thing that is clear to me is that Posner thought that linking to infringing content is just like citing to someone else's content, and thus myVidster was too remote from any infringing activity to be responsible for it.

[Rebecca provided this helpful distillation of Posner's public performance discussion: "the site hosting the unlawfully copied videos is publicly performing them, but the watcher is not, and therefore assisting the watcher (without hosting the video) does not assist copyright infringement." If that's where he was going, it would have been interesting to see Posner analogize to and distinguish the Cablevision case.]

The district court's ruling against myVidster reflected, in part, Posner's own opinion in Aimster, which basically threw a P2P file-sharing service under the bus. I personally think Aimster was one of numerous P2P exceptionalist cases and therefore only has precedential value in the P2P file-sharing context. Here, Posner distinguishes his own Aimster opinion in a way that strongly supports that interpretation, even though he doesn't explicitly acknowledge that implication.

In particular, he invokes the troublesome methodology of determining a service's liability based on the percentage of infringing activity taking place on it, saying most (all?) files on Aimster were infringing but that wasn’t the case for myVidster. Comparing infringement rates is a realpolitik approach, but one fraught with peril because (a) those ratios can and do change over time, and (b) they are notoriously difficult to measure properly. Worse, here it appears Posner (or possibly his clerks) did his own ad hoc empirical assessment of myVidster’s infringement rates--on July 4, no less. Your honor, like the American public you serve, you deserve to enjoy the holiday! If the outcome will turn on the current percentage of infringing activity—which it shouldn’t—that question should be remanded to the district court for further fact-finding, not by having a septuagenarian surfing for gay erotica (on court computers?) on a national holiday.

Posner also doesn’t renounce his ill-considered discussion Aimster about the service’s name, where he castigated it for using the –ster suffix just like Napster. Of course, myVidster also uses the –ster suffix, but to no legal consequence this time. Another reason to relegate Aimster to the P2P exceptionalist branch.

While the secondary infringement ruling is favorable to myVidster, the opinion indicates that myVidster could be enjoined from allowing users to archive the linked videos as part of a paid membership service. myVidster had already discontinued that premium service, so the opinion doesn’t spend much time discussing it. Nevertheless, the opinion flatly says that the archiving videos from other sites qualifies as direct infringement, not secondary infringement, even if it’s presumptively initiated by the users themselves as one of the benefits of a premium membership. I think it’s erroneous to treat sideloading as direct infringement when it’s done at a user’s direction, but chalk that up as another thing this opinion got wrong.

This opinion is not an instant classic. This opinion touches on so many important questions in secondary copyright jurisprudence—e.g., the 512(d) safe harbor, liability for tertiary infringement, the legitimacy of UGC linking sites that often link to infringing files stored somewhere else, sideloading and more. Unfortunately, because the opinion’s drafting is a train wreck, I’m skeptical it will be all that important or influential. As a result, it’s a big win for myVidster and less helpful for everyone else.

Nomenclature watch: I believe this is the first appellate opinion to use the term “pay wall” (or “paywall”). The only other opinion I found using either term in Westlaw or Lexis was the district court opinion in this case.

UPDATE: Mike Masnick sees more good news in the opinion than I do.

Posted by Eric at 11:52 AM | Copyright , Derivative Liability | TrackBack

August 01, 2012

Physical Props for Teaching the IP Survey Course

By Eric Goldman

[Note: this post is intended for readers who teach the IP Survey course or related courses. If that's not you, you might want to skip this post.]

I'm sure many of you are aware of the Georgetown database of electronic artifacts maintained by Rebecca Tushnet. If you haven't seen it and you teach in the IP/Internet/Advertising Law areas, email her for the login credentials. The Georgetown database is a goldmine for instructors, and I use it frequently (and contribute to it too--pay it forward!). See Rebecca's article explaining the Georgetown database and the value of audiovisual props.

However, I've never seen the complementary discussion about physical props we might use to aid our teaching. I use a bunch, and every year students favorably remark about the physical props in my student evaluations. In particular, I suspect there's something about the physical tangibility of the prop that facilitates student engagement and memory. (There's probably studies on this point...if you send me citations, I'll add the links).

This post is designed to give you some ideas of physical props I use--or wish I could find--to supplement my PPT deck/electronic props. It's keyed to the Merges/Menell/Lemley book, which I've been using for nearly a decade (although I'm exasperated by the 6th edition's $193 list price), but many of you are teaching some of these cases even if you're using a different book. Whatever book you're using, I'm also happy to share my PPT deck (containing my collection of electronic props) and course notes with you as well. Just email me.

Patents

* For non-obviousness, I give the example of Reese's Peanut Butter Cups and the innovation of putting chocolate and peanut butter together. I show one of the 1980s TV commercials (this one)--my generation can't forget the classic dialogue: "You got peanut butter on my chocolate! You got chocolate in my peanut butter!" I then distribute Reese's Peanut Butter Cups, which are usually on sale as Halloween candy by the time I get to this topic. I've discovered that my foreign students often are unfamiliar with the candy, which isn't offered in their home country, so it's a double pedagogical moment for them--they learn the joys of American trans-fats as well as get a lesson on non-obviousness.

* For the Dembiczak case, I bought an Allied 3 foot tall "Funkins" on eBay. Unfortunately, I haven't been able to find the "Jack Sak." I'd appreciate any help finding that (I tell a couple of borderline ribald jokes riffing on the Jack Sak name).

* For the Larami case, I bought both a SuperSoaker 50 (the one depicted in the book) and a SuperSoaker 20 on eBay. Used SuperSoakers are surprisingly expensive. Apparently they are retro-cool among a crowd of water-fight enthusiasts, so it took me a year or so to find one at a decent price. When I teach the case, I fill them up with water and am therefore well-armed to provide liquid feedback about how I feel when students are Facebooking in class or are not prepared for class. (Just kidding...a little). FWIW, I've never been able to find the plaintiff Amron/Talk to Me lighted water guns. All leads appreciated!

Copyrights

* For the Feist case, I show a photo of a white pages book. As painful as it is to realize this, many younger students never used a white pages book. Going forward, I'd like to bring in a physical version of a white pages book. If you're around SCU and have a spare, I'd welcome the trash transfer.

* For Baker v. Selden, the casebook's diagram is a little confusing. Fortunately, with some help from my research librarian, we have obtained a scan of the entire book. It's posted in the Georgetown database, and I also posted it to Scribd. I would LOVE to have a hard copy original of this book!!! I wonder if they ever show up at auction.

* Regarding CCNV v. Reid, the opinion indicates the possibility that miniature versions of the sculpture might have been prepared. I've never seen any other reference to one. If mini-sculptures were prepared, I'd love to have one! It's such a shame the original sculpture isn't on display anywhere.

* For Aalmuhammed v. Lee, I circulate a copy of the Malcolm X DVD.

* For Nicols v. Universal Pictures, I have a number of props associated with Abie's Irish Rose, including:
- a 1927 novelization/book
- 1923 programs from the play (from the Republic Theater on Broadway and the Colonial Theater in Cleveland)
- a cardboard fan that was distributed as marketing for the play

The play was such a huge hit that props were surprisingly plentiful (and several others are available that I didn't buy). Each of these items cost less than $10 on eBay. Search for "Abie's Irish Rose" in eBay.

* For Steinberg v. Columbia Pictures, I have full-sized posters both for the Moscow on the Hudson movie and the New Yorker cover. The Moscow on the Hudson poster wasn't too expensive, but it took me years to find a large poster of Steinberg's cover that was affordable. Given the huge demand for it, I can't believe that poster is out-of-print! I ended up spending $65 to get mine (unframed but including shipping); but that's only after I got outbid on eBay probably a dozen times.

* For Anderson v. Stallone, I circulate a copy of the Rocky IV DVD.

* For Sony v. Universal City, it occurred to me last year that some of my younger students probably missed the VCR era. Undoubtedly, that cohort of students will only grow in number over the years. As a result, I invested in buying a 1970s-era Sony Betamax on eBay. It is massive! I will have to wheel it down to the classroom on a cart. However, I decided that showing the actual item, and not just a photo of it, would be worth the investment. The VCR cost only $10 on eBay...plus $30 shipping! You might be able to find surplus VCRs even easier. Indeed, after I bought the Betamax, a student told me his parents had a surplus Betamax from the early 1980s that was just taking up space in their house, so he brought me that for free. Which means I now have two massive VCRs in my office.

* For Harper & Row v. Nation, I bought a copy of A Time to Heal from Half.com for a couple dollars. I know you'll be shocked, but demand for the book is weaker than supply, so the book was just pennies plus shipping. I tell students to pick a number and then I start reading the book from that page number. The randomly selected prose is always so incredibly dry and uninteresting that it really punctuates that most readers couldn't care less about most of the book. (Frankly, it reads a little like Ford blogged his life, right down to what he had for breakfast, so the book has not aged well). I like that the book cover shows Ford smoking a pipe--can you imagine a modern biography showing the book's subject consuming tobacco products? I also circulate a printout of the Nation article, which was included in the opinion. I've not taken the time to pull a copy of the original issue and photocopy the article but I should. Eventually I will find and buy the entire Nation issue containing the article.

* For American Geophysical v. Texaco, I printed out a random article from the Journal of Catalysis and circulate that.

* For Campbell v. Acuff-Rose, I have the original vinyl single of "Oh Pretty Woman" and a CD of 2 Live Crew's "As Clean As They Want to Be" album. I couldn't find a vinyl version of the 2 Live Crew album, nor could I find the "Pretty Woman" song as a single. I assume neither were issued.

Trademarks

* For the Qualitex case, my colleague Tyler has a full-sized ironing board in the green-gold color that I borrow. I haven't bought my own. Eric Johnson sent out swatches of the color as part of his Museum of IP, so I also have that.

* For the Zatarain's case, I have a box of Zatarain's seasoned Fish-Fri that I bought in Milwaukee (so it's getting a little ripe). It's easy enough to find these boxes in the grocery store or online. However, I haven't found a package of the Oak Grove Smokehouse seasoning.

* For the Zazu case, I have tried to find any of L'Oreal's hair cosmetics offering. Any leads appreciated!

* For the Louis Vuitton v. Haute Diggity Dog case, I have Chewy Vuitons in both the LV/CV design (in white) and the brown cherry design. They each cost about $20 online.

* I teach the Pillsbury v. Screw Magazine case as a supplement to the casebook. The Georgetown database has a scan of the image, which I show in class with strategic redactions (even showing that may be a questionable decision). I don't have the fortitude to buy an original version of the magazine issue. I also have plastic Poppin' Fresh and Poppie Fresh dolls. I also love calling students' attention to the wonderful 2000 Salon article, The Inner Doughboy.

* For the Brooklyn Dodgers abandonment case, I've had little luck finding any physical or electronic evidence of the restaurant. All leads appreciated!

* For the KP Permanent Markup case, I've not had any luck buying the original items at issue. Thoughts?

* For the Mattel v. MCA case, I circulate a CD of the Barbie Girl single. You better believe it that I play the song for students. IN ITS ENTIRETY.

Publicity Rights

* Although this isn't a physical prop, for the Midler case, I play Bette Midler's song and also show the original TV commercial, a classic slice of 1980s culture in the worst sense of the word.

* For the Saderup case, I would love to purchase one of Saderup's Three Stooges prints but haven't been able to find it. All leads appreciated!

If you are teaching the IP Survey course (especially from the Merges/Menell/Lemley book) and use physical props that I didn't mention, please email me the suggestions.

While I generally discourage students from giving gifts to their professors, any current or former student who can help me find some of the referenced props would bring a huge smile to my face!

UPDATE:

From Rebecca: For trademarks, she uses "scented yarn; perfume and near-lookalike knockoff "inspired by" the original, with scent cards too; Bad Frog beer bottle; Cocaine energy drink; Blow energy powder; Chewy Vuiton; Buttwiper dog toys..." For copyrights, she uses "The New Yorker/Moscow on the Hudson posters; spoons from a case about copyrightability of measuring spoons shaped like hearts at the front and arrowheads at the back; Winchester buckle from the buckle separability case (expensive!); Jar shaped like apple, candle shaped like apple, actual apple (separability)."

From Emily Michiko Morris: "For illustrating undue experimentation with regard to both non-obviousness and enablement in Patent Law, I often use combination locks. Simple (one or two digit entry) combination locks for "rote experimentation," and the dial-type combination locks of "undue" experimentation. The idea is for students to ask themselves how long it would take them to "reverse engineer" the correct combination for the lock in each case."

Emily also reminded me of the Museum of Intellectual Property, curated by Eric Johnson. It's an impressive collection.

Posted by Eric at 01:18 PM | General | TrackBack

P2P Infringement Lawyer Faces Possible Sanctions For Disregarding Court Order Regarding Subpoenas – In re: Bittorrent Adult Film Copyright Infringement Cases

[Post by Venkat Balasubramani]

In re: Bittorrent Adult Film Copyright Infringement Cases, 12-1147(JS)(GRG) and 12-1154(ADS)(GRB) (E.D.N.Y.; July 31, 2012)

P2P lawyers have come under a lot of fire lately for their tactics. As detailed here by Ars, the Fifth Circuit recently upheld a sanctions order in the amount of $10,000 against Evan Stone for issuing unauthorized subpoenas. (Added: the total amount was actually $32,000 when you also include the fees Stone was ordered to pay EFF.) Bizarrely, Stone offered the following comment to Ars:

I'm just going to move on from this whole sanction thing. I think it's bullshit and I think it shouldn't have happened.

(???) Separately, I blogged about another case in New York where the Court slammed copyright plaintiffs for their tactics in pressuring Doe defendants to settle, and severed the cases against the Doe defendants because joinder was improper—plaintiffs had to go after the Doe defendants one at a time or make a better showing as to how the defendants' actions were sufficiently related to support joinder. (“New York Judge *Slams* Bittorrent Copyright Plaintiffs – K-Beech; Malibu Media; and Patrick Collins v. Does.”)

In that case the court in no uncertain terms indicated that it was unhappy with plaintiffs’ conduct:

[t]his course of conduct indicates that the plaintiffs have used the offices of the Court as an inexpensive means to gain the Doe defendants’ personal information and coerce payment from them.

The order (issued on May 1) granted early discovery but imposed certain restrictions. Plaintiffs were granted early discovery as to one Doe defendant in each case, but the court was clear that the ISP should produce the information concerning the Does' identity to the court, not to counsel for plaintiffs. This would allow the court to adequately protect the Does’ rights and, if necessary, appoint pro bono counsel to protect their interests.

According to the court, a week after this order was issued, counsel for Malibu Media and Patrick Collins (Jason Kotzker) served two subpoenas seeking the names and addresses of two Doe defendants on Cablevision. Both subpoenas required production of the sought after information to plaintiffs' counsel, rather than to the court, in contravention of the court's May 1st order. Kotzker later moved for an extension of time to serve the complaint and summons, indicating that although he had issued subpoenas, Cablevision hadn't provided the subpoenaed information.

A few weeks later, the court issued an order raising the question of why plaintiffs’ counsel issued a subpoena seeking production of the Does’ identity to counsel rather than to the court. The order does not appear to be a result of a motion filed by any party. (I could be wrong about this, there are a slew of cases involved and they aren't consolidated on Pacer.) The court says that it will give Kotzker a chance to explain. It’s possible that the subpoenas (the face of which indicated that information should be produced to Kotzker) were accompanied by cover letters explaining the mechanics of the court’s May 1st order. (This seems unlikely, given that Kotzker filed a pleading requesting an extension and mentioned that he had not received the information requested from Cablevision.) The court says it’s difficult to ascertain whether the failure to “observe the precautions established in the Order . . . was deliberate, or simply the result of gross inattention.” The court orders Kotzker to file a declaration or affidavit explaining what happened, whether he reviewed the subpoenas and signed them, and to identify everyone involved who prepared the subpoenas. Kotzker is also directed to provide the court with all correspondence with Cablevision.

Ouch. This could result in counsel falling on his sword and getting a stern lecture from the court. It could also result in more severe sanctions. The subpoena process places a fair amount of power in the hands of lawyers. As this case among others (including the Fifth Circuit sanctions order and Theofel v. Farey-Jones) indicate, this power should be used wisely and judiciously. Judges are not happy when it's misused.

(h/t Ray Beckerman)

Posted by Venkat at 09:01 AM | Copyright , Evidence/Discovery

Search

Categories

Archives

Recent Entries

August 31, 2012

Stored Communications Act Does Not Bar Discovery of Employee Phone Records–Mintz v. Bartelstein Assocs.

August 30, 2012

We've Filed a Request to Publish Redmond v. Gawker Media

August 29, 2012

Sixth Circuit Affirms Conviction for Threat Posted to YouTube – US v. Jeffries

Ranking of "Dirtiest Hotels" Based on User Ratings is "Unverifiable Rhetorical Hyperbole"--Seaton v. TripAdvisor (Partial Forbes Cross-Post)

August 27, 2012

Virtual (SuperPoke!) Pet Owners Must Arbitrate Their Claims Against Google and Slide -- Abreu v. Slide

August 26, 2012

Online Marketplace Not Liable to Buyer for Aborted Private Sale of Facebook Shares -- Facie Libre Associates v. SecondMarket Holdings

Amazon.com's Anti-Counterfeiting Efforts Blessed by California Appellate Court (Forbes Cross-Post)

August 25, 2012

Google Tries Again to Respond to Judge Alsup's Shill Disclosure Order. Now, How About Oracle?

Judge Seeborg Rejects Sponsored Stories Settlement For Now -- Fraley v. Facebook

August 22, 2012

Why Did Google Flip-Flop On Cracking Down On "Rogue" Websites? Some Troubling Possibilities (Forbes Cross-Post)

No Privacy Claim Against Netflix for Disclosing Viewing Histories and Instant Queue Titles Through Netflix-Enabled Devices -- Mollett v. Netflix

August 21, 2012

6th Circuit Allows Police GPS Tracking on Prepaid “Burner” Phones -- United States v. Skinner

Judge Alsup Tells Google to Try Harder With Its Shill Disclosures

August 17, 2012

Oracle and Google Make Unenlightening Disclosures of their "Shills"

August 16, 2012

Section 230 Immunizes Links to Defamatory Third Party Content--Directory Assistants v. Supermedia

No Fourth Amendment Violation When Your Facebook "Friend" Shares Profile Information With Law Enforcement--US v. Meregildo

August 15, 2012

Six-Month Retrospective of SOPA's Demise [Forbes Cross-Post, A Month Late!] + SOPA/PROTECT-IP/OPEN Linkwrap #3

August 14, 2012

No Liability for Takedown Notice that Results in Termination of Facebook Page -- Lown Cos. v. Piggy Paint

Bank Might Bear Loss for Fraudulent Money Transfers Initiated From Its Website--Patco v Ocean Bank (Catch-Up Post)

Introducing Blogging Assistant Jake McGowan, and Another Request for Help

August 13, 2012

Request for Help: Fill Out a Short Survey on Entrepreneurs' Handling of Patent Demands

Court Declines to Dismiss Video Privacy Protection Act Claims against Hulu

August 12, 2012

Using Links as Citations Helps Gizmodo Defeat a Defamation Claim--Redmond v. Gawker Media

August 11, 2012

Breastfeeding Mom Can Sue Video Producer Despite Signing a Blanket Release--Sahoury v. Meredith

August 09, 2012

Judge Alsup Tries to Out the Shills in Oracle v. Google

Craigslist’s Latest Moves Show It Cares More About Its Market Position Than Delivering Value to Its Users (Forbes Cross-Post)

August 08, 2012

Ex-Employee's Access/Misuse of Employer Files States CFAA Claim -- Weingand v. Harland Financial

August 07, 2012

EA Faces Uphill Battle in Its Copyright Infringement Lawsuit Against Zynga (Partial Forbes Cross-Post)

August 06, 2012

Online Marketplace Isn't Liable for Bad Conduct by Merchants It Certifies--Englert v. Alibaba

Now Available: My Internet Law Syllabus and Reader for Fall 2012

The Newest Olympic Sport: Evasion of Geolocation (Guest Blog Post)

August 04, 2012

CA Court Confirms that Pineda v Williams-Sonoma (the Zip-Code-as-PII Case) Applies Retrospectively -- Dardarian v. OfficeMax

August 03, 2012

What Are Trademark Defendants' Obligations to Clean Up the Internet After a Trademark Injunction?

August 02, 2012

Video Embedding Site Isn't a Contributory Copyright Infringer, But Sideloading Could Be Direct Infringement--Flava Works v. myVidster

August 01, 2012

Physical Props for Teaching the IP Survey Course

P2P Infringement Lawyer Faces Possible Sanctions For Disregarding Court Order Regarding Subpoenas – In re: Bittorrent Adult Film Copyright Infringement Cases