Technology & Marketing Law Blog: March 2013 Archives

Technology & Marketing Law Blog

« February 2013 | Main | April 2013 »

March 30, 2013

Facebook Password Exchange Between Parties to Litigation Results in Spoliation Debacle – Gatto v. United Airlines

[By Venkat Balasubramani with comments from Eric]

Gatto v. United Air Lines, 10-cv-1090-ES-SCM (D.N.J. Mar. 25, 2013)

Background: Gatto brought a personal injury action against United and Allied arising out of an accident at the airport. Defendants sought a range of social networking evidence and disagreed over what Gatto was required to produce. During a settlement conference, a magistrate judge ordered Gatto to execute an authorization for the release of documents from Facebook. Presumably in response to this, plaintiff “agreed to change his account password to ‘alliedunited’”.

It’s unclear from the court’s order the parties’ understanding regarding defendants or defense counsel’s access to the Facebook account:

While the parties dispute whether it was agreed that defense counsel would directly access Plaintiff’s account, the parties do not dispute that the password was provided to counsel for the purpose of accessing documents and information from Facebook.

On the other hand, Gatto thought he had been given assurances that “there would not be unauthorized access to the Facebook account online.”

Things spiraled downward from there. Counsel for United accessed the account and printed out some materials. Gatto received an alert from Facebook that his account had been accessed via an unfamiliar IP address. Gatto claimed he received this alert after he received assurance from defense counsel that they would not access the account, and he proceeded to deactivate the account. Although counsel for defendants tried to get Gatto to reactivate his account, apparently 14 days had passed and the parties understood that account was permanently deleted. (But see Romano v. Steelcase.)

Discussion: The key question was whether Gatto should be on the hook for spoliation. The court says there are four elements to this charge: (1) the evidence has to be within a party’s control; (2) an actual suppression or withholding; (3) of relevant evidence; (4) where it was reasonably foreseeable that the evidence would be discoverable. The court focuses on the key question of whether there was an “actual suppression or withholding.”

Gatto argued that he had been through contentious divorce proceedings and his account had been “hacked into,” so it was reasonable for him to deactivate the account. Coupled with the fact that he was never personally advised that it was defense counsel who accessed his account, he said there was no intentional destruction or actual suppression.

The court disagrees and says that:

Even if plaintiff did not intend to permanently deprive the defendants of the information associated with his Facebook account, there is no dispute that plaintiff intentionally deactivated the account. In doing so, and then failing to reactivate the account within the necessary time period, plaintiff effectively cause the account to be permanently deleted. Neither defense counsel’s allegedly inappropriate access of the Facebook account, nor plaintiff’s belated efforts to reactivate the account, negate the fact that plaintiff failed to preserve the relevant evidence.

This fiasco was entirely avoidable, and everyone—the parties, and even the court—deserves some blame. Starting with cases such as McMillen v. Hummingbird Speedway, we’ve flagged before how the “password exchange” is a ~~poor~~ terrible solution to Facebook discovery issues, and this is just one more example of how things can go down the wrong path. I’m also surprised that the court signed off on this and that counsel treated access of a party’s Facebook account by another party’s lawyer so casually.

Maybe a good side project for someone to undertake may be to come up with procedures or model standing orders to deal with this issue and educate courts and litigants of the pitfalls associated with these types of decisions.
_____

Eric's Comments Ermahgerd, stahp. Please, stahp exchanging social media passwords. There is no situation where Litigant A should be given the login credentials to Litigant B's social media account. It's never a good idea for either side, it's never necessary, and it can lead to goofy unintended consequences like this. I can't imagine any circumstance where litigants would turn over the keys to their houses to let their litigation opponent rummage around freely. Handing over social media login credentials is at least as invasive, which makes it a concept that needs to be stomped out ASAP.

Other coverage:

Deletion of Facebook page found to be spoliation of evidence (Mary Pat Galagher / NYLJ)
Delete at Your Own Risk: Spoliation of Social Media Evidence (Brian Wassom)

"Social Media Evidence Roundup – January 2013 Edition"
"Court Orders Password Turnover and In Camera Review of Social Media Accounts – EEOC v. Original Honeybaked Ham Co."
"Social Media Discovery Case Update and Tips for Those Seeking Discovery"
"Social Media Discovery Roundup"
"Court Orders Production of Five Years' Worth of Facebook and MySpace Posts – Thompson v. Autoliv"
"Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case -- McMillen v. Hummingbird Speedway"
"Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute -- Barnes v. CUS Nashville"
"Facebook Messages/Wall Posts, Civil Discovery, and the Stored Communications Act -- Crispin v. Audigier"
"Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson"
"Court Orders Plaintiff to Turn Over Facebook and MySpace Passwords in Discovery Dispute -- Zimmerman v. Weis Markets, Inc."

[image credit: ">Shutterstock/morphart - "man shredding documents"]

Posted by Venkat at 11:07 AM | Evidence/Discovery

March 29, 2013

FTC Warns Nordstrom Over Tweetup Freebies

[Post by Venkat Balasubramani]

The FTC conducted an investigation on Nordstrom's marketing and promotion in connection with a “tweetup” held in Boise. Apparently Nordstrom provided free gifts to “influencers”, including $50 gift cards to Nordstrom Rack. [Sadly, I did not receive an invitation to this event.]

The FTC says it was concerned that Nordstrom:

did not tell the social media influencers . . . that, when they posted or wrote about the event, they should disclose they had received gifts for attending.

Nevertheless, it declines to initiate an enforcement action based on a number of factors: (1) the event size; (2) the fact that influencers who posted about the event made appropriate disclosures; and (3) the fact that Nordstrom subsequently revised its social media policy.

Hard to draw much of a conclusion from this, except that the FTC’s watchful eye is always scanning the online landscape. Although the FTC has been active in tackling what it views as problematic endorsements, I’m not aware of an enforcement action involving social media and freebies. It's worth noting that the FTC has been perfectly clear about what it wants brands to do when they hold these types of events, but for some reason, big brands have been slow to grok this.

Other coverage (and h/t): "FTC Declines to “Rack” up Another Enforcement Action After Reviewing Nordstrom’s “TweetUp” Event"

Posted by Venkat at 08:59 AM | E-Commerce , Marketing

March 27, 2013

Why Google's Commitment Letter to the FTC Isn't Commercial Speech (Guest Blog Post)

By Guest Blogger Josh King

[Eric's introduction: Josh King is Vice President, Business Development & General Counsel at Avvo. Among other ways we work together, he's a fellow board member of Public Participation Project, which is advocating for a federal anti-SLAPP law. Here's a 2012 photo of Josh and me on top of Mt. Si. Josh didn't agree with my blog post over the weekend and submitted this provocative response:]

Google’s settlement of its FTC antitrust investigation was widely viewed as a resounding victory for the search giant. But Eric had a slightly different view, when wrapping up some of the reactions to the settlement: that the commitment letter submitted by Google to the FTC could be considered commercial speech, and thus expose Google to private party litigation based on allegations that it violated the letter’s terms.

As Eric points out, there is some precedent for materials that are not obviously advertising being treated as commercial speech, including Kasky v. Nike. In that case, the California Supreme Court determined that Nike – stung by a series of media reports about labor conditions in the shoemaker’s foreign factories – had engaged in commercial speech when it responded to the allegations by engaging in a public relations campaign.

Because commercial speech is subject to less constitutional protection than ordinary speech, the fact that Nike’s campaign was considered commercial speech left Nike exposed to liability under California’s unfair competition law. Were Google’s commitment letter likewise held to be commercial speech, it could suffer a similar fate.

But here’s the thing: Kasky is dead. Or, rather, undead; it’s going to live on in zombie-like fashion until it gets reversed.

Mixed Messages

The problem with Kasky – which was decided over a decade ago – stems from the court’s struggle to distinguish commercial from non-commercial speech, particularly where communication has multiple purposes. To make this determination in “mixed” cases, the Kasky court used a 3-element test that basically pre-ordained the outcome:

1) That the speaker be a commercial entity;
2) That the communication be intended for a commercial audience; and
3) That the communication contain representations of fact about the commercial entity’s products or services.

This is, to put it mildly, a ridiculous test. Under this formulation, almost anything a commercial entity says about itself in public would qualify as commercial speech. Take, for instance, the New York Times – Tesla kerfuffle from last month. Should Tesla Chairman Elon Musk’s blog post criticizing John Broder’s review of the fancy electric car be treated as commercial speech? After all, it’s Musk speaking for Tesla (a commercial entity), speaking to potential buyers of the car (a commercial audience) in a statement containing representations of fact about the car’s performance.

I’m pretty sure we’d all agree the answer is NO. [Eric's observation: actually, I'm 100% sure that Musk's blog post would be considered advertising if challenged by the FTC, competitors or consumers.]

Since Nike v. Kasky

It’s unfortunate that Kasky did not receive federal court review, as it likely would have been reversed. The U.S. Supreme Court initially granted cert, but then thought better of it; the case was settled shortly thereafter. In the decade since, there have been a number of federal decisions more tightly circumscribing the commercial speech doctrine (most recently 2011’s Sorrell v. IMS Health [blog coverage]). And late last year, the 9th Circuit finally got an opportunity to address the “mixed” issue directly, articulating a different, more limited test than that used in Kasky.

The test set forth by the 9th Circuit in Dex Media v. City of Seattle [blog coverage] takes a multi-step approach to determining “close cases” of commercial speech. The first step is a 3-element test similar to that used by Kasky, but with some significant differences. The factors include:

1) That the communication be in an advertising format;
2) That the communication reference a specific product; and
3) The underlying economic motivation of the speaker.

None of these factors are dispositive, but the combination of all three provides “strong support” for a finding of commercial speech. This represents a much narrower test than that used by the California Supreme Court in Kasky. [Eric's comment: I agree with Josh's analysis. I just don't believe the Dex ruling provides any reliable guidelines for how the next 9th Circuit case will come out.]

What’s more, there’s a second step that must be taken, one that was glossed over by Kasky: even if the threshold commercial speech classification is found, full first amendment protection will still apply if the commercial aspects of the speech are “inextricably intertwined” with otherwise fully-protected speech.

As Applied to Google . . .

Kasky is a reminder that bad facts make bad law. The California Supreme Court faced a massive public relations campaign, waged by a heavily-funded and brand-savvy corporation, that bore many hallmarks of brand advertising. It’s not terribly shocking that they “leaned in” to find that Nike’s speech was commercial. But Google’s commitment letter is a different beast. It’s a single communication, directed at a regulator, and delivered in settlement of an investigatory proceeding. That’s a far cry from the Nike campaign; even under the expansive test set forth in Kasky, it would likely not be considered commercial speech given its provenance and the fact that it was not written directly for a commercial audience.

And under the likelier test it would face, that of Dex Media? A case where the 9th Circuit determined that the Yellow Pages are not commercial speech? Not much chance. It fails both the first and third prongs of the test: the commitment letter is not an advertising format, and Google has no underlying economic motivation in writing it (at least not in the commercial sense; Google’s interest in avoiding a consent decree wouldn’t count). What’s more, even if the letter somehow met that bar, it would likely fail the “inextricably intertwined” test that would await it. The statements made by Google are part and parcel of its defense and commitments made to regulators in settlement of potential litigation. While one could try to parse out the terms of the commitment itself, it’s hard to imagine that it wouldn’t be treated as inextricably intertwined with Google’s protected speech in communicating with a regulator.

Ultimately, Google made a deal with the FTC. If it doesn’t abide by the terms of that deal, the FTC has remedies. However, that doesn’t mean that any competitor gets to turn Google’s commitment into an independent basis to pursue their own commercial claims. Kasky v. Nike is an outlier; beyond what would be unmistakable as advertising, commercial enterprises have first amendment rights, too.

[Photo Credit: Toy Ball // ShutterStock]

Posted by Eric at 11:44 AM | Content Regulation , Marketing , Search Engines | TrackBack

Judge Boots Privacy Lawsuit Against Pandora but Plaintiffs Can Replead – Yunker v. Pandora

[Post by Venkat Balasubramani]

Yunker v Pandora Media, Inc., 2013 US Dist LEXIS 42691 (N.D. Cal. Mar. 26, 2013)

Pandora has been sued before for allegedly revealing listening preferences, but this is a more run-of-the-mill privacy lawsuit against Pandora. Pandora represents to its users that it will not disclose personally identifiable information to third parties. (The representation is implied as the quoted portion of its privacy policy says that it would share non-PII to third parties.) Yunker claims that Pandora did not de-identify the PII and allowed advertisers to access end users’ PII. Predictably, plaintiff considered the PII to be his property and as having economic value. Separately, plaintiff also alleged that certain Pandora components ate up the memory on his device.

Standing: the court concludes about standing: (1) dimunition in the value of PII is not sufficient to confer standing; (2) the allegations regarding decrease in memory space are insufficient; (3) the prospect of future harm from non-anonyized PII is too speculative; and (4) he has standing to pursue violations of his constitutional privacy rights.

Wiretap Claim: the court dismisses Yunker’s wiretap claim on familiar grounds: (1) there is no interception of any communication (using a separate device); and (2) as the recipient of any communication, Pandora could divulge it without running afoul of the Wiretap Act.

Stored Communications Act: the SCA claim has similar definitional problems. Yunker does not identify anything in “storage” that was wrongly disclosed. Cookies don’t fall within the SCA’s protection for stored communications because they are temporary. Yunker also tried to argue that Pandora provided remote computing services but, other than parroting the statutory definition, he did not identify what Pandora offered that fit within this definition. Although he cited to the discovery ruling in the YouTube case, the court distinguishes this on the basis that, unlike YouTube, nothing is uploaded and stored to Pandora by the user.

CFAA claim: the CFAA claim fails due to Yunker’s failure to allege loss sufficient to satisfy the $5,000 jurisdictional threshold. The court says there are other problems with this claim, but dismisses on the basis of failure to satisfy this element.

State law claims: Yunker’s state law claims also suffer from a variety of deficiencies. He cannot advance a claim under the Unfair Competition Law because he has not lost “money or other property” (and PII is not property); Yunker is not a “consumer” under the CLRA because he has not leased or purchased anything; his contract claim is deficient because he fails to allege damages; his privacy claim fails because Pandora’s conduct does not constitute an “egregious breach of social norms”; his disclosure of private facts claims because no personal/intimate facts were disclosed to anyone; and finally, his trespass and conversion claims also fail.

Yunker has the chance to file an amended complaint, but given the skepticism expressed by the court, his chances of curing the deficiencies are fairly slim.

This is a fairly unsurprising result, and in line with numerous recent cases that have tried to assert claims against networks or companies for failing to anonymize information before disclosing to advertisers. As I mentioned in my post about Hoang v. IMDB, that’s a case where a plaintiff actually has some chance of proving harm. Unless plaintiff comes forward with an “Insider”esque smoking gun, these lawsuits are doomed to fail from the start.

Previous privacy lawsuit against Pandora: Judge Dismisses Claims Against Pandora for Violating Michigan’s Version of the VPPA – Deacon v. Pandora Media

[image credit: Shutterstock]

Posted by Venkat at 09:30 AM | E-Commerce , Privacy/Security

March 26, 2013

Ex-Lover Can Use Non-Disparagement Provision to Suppress Revenge Porn--Walls v. Klein

[Post by Venkat Balasubramani]

Walls v. Klein, 2013 Tex. App. LEXIS 2462 (Tx. Ct. App. 4th Dist. Mar. 13, 2013)

Walls and Klein were in a romantic relationship that soured. The parties volleyed legal threats but ultimately entered into a settlement agreement. In exchange for the payment by Klein of $30,000, the parties settled their claims and agreed to a non-disparagement and no-contact term:

The Parties agree and acknowledge that they will not disparage one another. The Parties will have no further contact with each other in any form, their respective family members and close friends relating in any way to the [claims asserted against each other or underlying factual matters] . . . .

Walls also agreed that she would not make any claims or complaints regarding Klein to any agency (e.g., the police dept.). The agreement provided that it was intended to be enforceable, including through specific performance, and that both parties had entered into it voluntarily. (They both had counsel, at least when they entered into the agreement.)

Shortly afterwards, Walls sought and obtained a TRO against Klein, allegedly because Klein continued to “stalk, harass, and humiliate” Walls (among other things, by trying to run Walls and her pets over). Klein responded with his own request for an injunction, asserting claims for defamation, breach of contract, and invasion of privacy. He alleged:

Walls was needlessly walking in front of his residence, sending threatening emails to his close friends, sending anonymous, disparaging emails to members of the religious institution he attended . . . . Klein [also] alleged Walls posted on her Facebook page that she intended to publically disparage Klein with the launch of a website containing photographs of him that Walls had taken while they were still in a relationship.

The trial court denied Walls’ request for an injunction and granted an injunction in favor of Klein. The injunction prohibited Walls from:

(1) Communicating . . . with any person, entity, organization, agency or religious institution regarding or concerning Klein . . . concerning any allegation or matter set forth in the Agreement and any exhibits attached thereto, except as may be necessary to defend herself in this action, or to respond to an investigation by a governmental agency initiated by that agency; (2) Publishing or attempting to publish on any website, including but not limited to Facebook, any fictional narrative concerning or based, in whole or in part, on Klein, without his written consent or without leave of court; (3) Publishing to any third parties in any form or fashion any photographs or depictions of Klein, without his written consent or without leave of court; (4) Interfering with Klein's personal, familial, or business relationships or the relationship between Klein and [his religious institution] by intentionally, knowingly, or recklessly making anonymous false complaints and reports to governmental, private, and religious regulatory agencies; . . . and (7) Disparaging and/or defaming Klein in any mode, form, or fashion whatsoever.

On appeal, the court affirms, although it slightly modifies the scope of the injunction.

Is the injunction a prior restraint?: Ordinarily an preliminary or temporary injunction would run into prior restraint issues, but here the court says the question is whether Walls waived her speech rights unequivocally. Based on her testimony, the fact that $30,000 changed hands, and the fact that the agreement contained language saying the parties voluntarily entered into it, the court finds waiver, and thus no prior restraint issue. The court also footnotes that this is essentially a private dispute between parties that does not implicate issues of public concern.

Is the injunction overly broad?: The court says that there is credible evidence (via a Facebook post) that Walls intended to create a website/art project sliming Klein. The project was ostensibly about a fictional narcissistic, passive-aggressive drug dealing prostitute named Samuel, but there were numerous similarities between the fictional character and Klein that made it clear it was really about Klein. The court says that this falls within the no-contact and non-disparagement provisions of the agreement. The court footnotes the question of whether Klein impliedly consented to Walls’ right to use any photographs of him after the relationship ended, but says at the preliminary injunction phase, Klein has the right to preserve the status quo. Therefore, subsections (2), (3), and (7) of the injunction are OK.

The court finds subsection (4) appropriate as well, on the basis that Walls allegedly lobbied church leadership to prohibit Klein from engaging in certain activities, alleging that he dealt drugs while his child was in the house. The court says this provision of the injunction falls within the non-contact and no-disparagement provision as well.

Finally, the court modifies the scope of subsection (1), which prohibited her from communicating with third parties regarding Klein. The court says this could be read to impermissibly prohibit her from reporting illegal conduct. The court modifies this provision to provide that she can report to law enforcement “truthful incidents of illegal conduct directed at her.”

No abuse of discretion: Finally, the court says that it was not an abuse of discretion to enter the injunction. Klein demonstrated that Walls made accusations and threats, and generally she tried to interfere with his activities at church. The court also cites to Walls’ statement of intent to publish a website containing photographs of Klein and “portraying him a disparaging light.” According to the court, Klein adequately showed that Walls’ activities posed a threat of irreparable harm.

I confess I’ve never understood non-disparagement clauses in settlements or contracts. This case illustrates that they can have broad reach if they are enforced, going well beyond merely prohibiting defamatory statements or stuff that is considered to be harassment. This case is a good illustration that you should carefully consider whether you want to agree to such a clause.

The relationship between an agreement and the prior restraint issue is also interesting. Not only will a non-disparagement clause be used to justify restriction on a far greater quantity of speech than would otherwise be possible, the court relies on the agreement to say there is no prior restraint. This is a double whammy for Walls as a speaker.

Finally, and perhaps most interestingly, it’s interesting to view this against the overall context of the revenge-porn discussion that has recently lit up the internet. (See Eric’s post at Forbes, which generated a fair amount of push back.) Although the court does not discuss the precise nature of the photos Walls plans to use, the court notes that she intended to use photos she took of him while they were in a relationship and implies they were intimate. The conventional wisdom around revenge-porn is that it’s perpetrated by men against women, and this is a counter-example. Perhaps an isolated counter-example, but it’s worth noting that taking revenge on the internet using photos collected during the course of a relationship is not exclusively the province of men.

[image credit: Shutterstock/ollyy: man telling an astonished woman some secrets]

Posted by Venkat at 01:48 PM | Content Regulation , Publicity/Privacy Rights

The Supreme Court's Kirtsaeng Ruling Is Good News for Consumers, but the First Sale Doctrine Is Still Doomed--Kirtsaeng v. John Wiley (Forbes Cross-Post)

By Eric Goldman

Kirtsaeng v. John Wiley & Sons, No. 11–697 (U.S. Supreme Court March 19, 2013). Prior blog post of the Second Circuit ruling in the case.

In Kirtsaeng v. John Wiley & Sons ($JW-A), the U.S. Supreme Court ruled that U.S. copyright law doesn't restrict the importation of legitimate copyrighted works manufactured and sold overseas. As a result, publishers cannot use U.S. copyright law to enforce their price discrimination schemes of pricing copyrighted works on a per-nation basis.

This ruling is a legal victory for U.S. consumers, who should see cheaper prices in the short run. This ruling is also a win for museums, libraries and other institutional collectors of copyrighted works, who face less risk now when acquiring copyrighted works (especially those initially sold overseas). Still, amidst the good news, it's impossible to ignore the rapid and probably irreversible demise of copyright's First Sale doctrine, meaning this legal victory is likely short-lived at best.

What Happened

In 1998, the U.S. Supreme Court decided Quality King Distributors, Inc. v. L’anza Research Int’l, Inc., 523 U. S. 135 (1998), holding that a copyrighted item manufactured in the U.S. and initially sold outside the U.S. could be legally imported back into the U.S. pursuant to copyright's First Sale doctrine (17 U.S.C. 109) and without violating the copyright owner's importation right (17 U.S.C. 602). The Quality King court expressly declined to resolve the much more common situation where the copyrighted item was initially manufactured overseas and then imported into the U.S.

That well-known issue has remained legally ambiguous for 15 years. The 2010 Costco v. Omega case squarely raised the issue, but the court deadlocked at 4-4 (Judge Kagan recused) and didn't definitively resolve the issue, necessitating the court to revisit the issue just 3 years later. The legal interplay between the First Sale doctrine and the importation right vexes the courts because Congress' poor statutory drafting supports at least two different but equally plausible interpretations of its language. Courts often produce inconsistent results and split opinions in those situations.

The Kirtsaeng court concluded that Quality King didn't apply only to copyrighted goods manufactured domestically. Instead, copyright's First Sale doctrine--allowing the unrestricted resale of legitimate copyrighted goods after they are first sold into the market--applies regardless of where the goods are initial made or sold. This means copyright owners can't prevent goods sold in cheap markets from competing with the same goods sold in higher-priced markets. With the emergence of efficient online retail markets such as eBay ($EBAY), a textbook publisher who sells a low-priced book in Thailand won't be able to sell the same textbook in the U.S. market for a much higher price. The pricing gap will allow arbitragers to buy the books in Thailand, resell them via eBay or textbook e-tailers, and still make a profit even after shipping and taxes. Thus, a copyright owner's trans-border price competition with itself will jeopardize the now-common international price discrimination schemes.

Why the First Sale Victory Will Be Short-Lived

It's hard to be too sympathetic to publishers deploying international price discrimination. Culturally, U.S. consumers intuitively oppose price discrimination; and U.S. consumers are paying higher prices due to price discrimination against them. Still, to the extent that price discrimination helps put more money overall in publishers' hands, the current price discrimination schemes (in theory) have been encouraging publishers to publish more content, so without international price discrimination, at the margins some of that content will go unpublished. At least, that's the story copyright owners like to tell.

Don't cry for publishers just yet. Copyright's First Sale doctrine has become increasingly less useful to consumers over the past couple of decades due to changes in technology and business practices, and I anticipate this ruling will accelerate the trend. Some of the ways publishers may strike back without seeking any changes to the law:

Localization. Publishers can localize their offerings for local markets such that different countries' versions can't substitute for each other. For example, if John Wiley releases a Thai-language textbook, it won't be very interesting to most U.S. consumers. Publishers have numerous other ways of localizing copyrighted works (beyond translations) to restrict trans-border substitutability.

Versioning. Publishers can quickly issue new editions of their works that moot prior editions. We're already seeing this in the textbook market. Publishers are increasingly releasing new textbook editions on a 3-year (or even 2-year) schedule to eliminate competition with used books.

"Shrinkwrapping." Instead of relying on copyright law, publishers can try to impose and enforce contract restrictions on resale. It's clear that software can be sold subject to a contract that restricts transfer (see Vernor v. eBay), but it's less clear if the resale of other physical items containing copyrighted works--such as books, CDs or DVDs--can be restricted by copyright law. The seminal Supreme Court case Bobbs-Merrill Co. v. Straus, 210 U.S. 339 (1908) could be read to say that such shrinkwrapped contracts are ineffective, but I consider that issue legally unresolved.

Geographic Coding. Publishers can encode electronic media in geographic-specific technical formats. For example, DVDs currently have "region codes" that do not permit DVDs sold in one region to be played on equipment built for that region.

Tethering/DRM. Increasingly, physical versions of copyrighted works are "tethered," i.e., they require an interaction with a central server to operate. For example, with some videogames and software, consumers need to input an "unlock code" to access the game or software; and the unlock code can be limited to the initial buyer or to a particular machine in a way that restricts transfer. Even textbooks may be subject to tethering if they have an integrated online component, which is increasingly the case.

Even without any of those efforts, the long-term movement from publishing content in physical items to electronic publication has been effectively shrinking the importance of copyright's First Sale doctrine. There is no "digital" First Sale doctrine, meaning that a buyer of an electronic file cannot resell or transfer "possession" of that electronic file under the First Sale doctrine. So as consumers buy fewer physical copies of copyrighted works and more electronic versions, consumers implicitly forego the First Sale rights associated with the physical goods. Plus, as fewer physical goods enter the market, the copyright owner feels less price competition from them.

In addition, copyright owners might assault the First Sale doctrine legislatively. One possibility is that publishers will simply ask Congress to statutorily reverse the Kirtsaeng opinion. More likely, publishers will advance their interests via negotiations over international treaties or Free Trade Agreements (FTAs). Coordinated special interests can game international negotiations more easily than Congress--the publishers have direct financial payoffs from participating in the process, while the interests of consumers, libraries, museums and other "buyers" are more diffuse. Anticipate more publishers showing up at the negotiations, and don't be surprised if publishers overturn the Kirtsaeng decision without ever approaching Congress directly.

So, as a content consumer, enjoy the upcoming price competition while it lasts. The First Sale doctrine is dying rapidly, and we as consumers are becoming poorer as that happens.

Some Related Materials

* In 2010, the High Tech Law Institute at Santa Clara University School of Law held an all-day academic conference on the First Sale doctrine. See the associated symposium issue in the Santa Clara Law Review.

* In 2010-11, the Ninth Circuit issued a troika of First Sale doctrine cases: Vernor v. Autodesk, MDY v. Blizzard, and UMG v. Augusto. In my opinion, the net effect of these cases was irresolute.

[Photo credit: CD/DVD safely backed up by padlock // ShutterStock]

Posted by Eric at 11:18 AM | Copyright , E-Commerce , Licensing/Contracts | TrackBack

March 25, 2013

Minnesota’s Proposed Anti-Trademark Bullying Statute Misses the Mark (Guest Blog Post)

By Guest Blogger Leah Chan Grinvald

Last April, Minnesota became the first state in the U.S. to introduce anti-trademark bullying legislation with the proposal of H.F. 2996. The proposed “Small Business Trademark Protection Act” had a whole host of problems, in particular a mandatory alternative dispute resolution mechanism if one party opted to request it, as discussed by Steve Baird over at DuetsBlog. Perhaps this explains why the bill went nowhere after its introduction, and why Representative Peppin’s recently proposed HF 1116 does not include this dispute resolution mechanism.

Although I applaud Minnesota’s attempts at addressing the very serious issue of trademark bullying, and I am generally in agreement that we need some sort of statutory answer to trademark bullying, neither versions of the proposed laws quite hit the mark. The current version provides a fee-shifting provision:

The court in exceptional cases may also award reasonable attorney fees to the prevailing party. Exceptional cases include cases where a party brings suit for harassment, malicious, fraudulent, or willful purposes, including trademark bullying.

The proposed law also defines “trademark bullying” for the purposes of this fee-shifting provision: “the practice of a trademark holder using litigation tactics in an attempt to enforce trademark rights beyond a reasonable interpretation of the scope of the rights granted to the trademark holder.”

While I am all for educating the public about what is and what is not trademark bullying, I don’t think that the term “trademark bullying” is actually needed in this fee-shifting provision. I think that fee-shifting is generally a good idea overall, and I worry that labeling the activity with the controversial term will produce another stalemate on the legislation. I’m also not particularly a fan of the proposed definition in part because “litigation tactics” seems so unclear (and in the interests of full disclosure I have proposed my own definition of trademark bullying). In addition, the use of the term “prevailing party” probably duplicates the problems with obtaining attorney’s fees under Section 34(a) of the Lanham Act, especially in cases where the trademark bully decides to voluntarily dismiss the case – with or without prejudice.

But more importantly, the scaled-back version of this anti-trademark bullying law doesn’t reach the true problem of trademark bullying: the lack of access to cheap (or free) legal resources that small businesses and individuals who are victims of trademark bullying need. I have argued elsewhere that victims of trademark bullying need a “groundless threats” cause of action so that they could perhaps find attorneys willing to help on a contingency fee basis. In addition, I support instituting a small claims IP court where these types of cases could be heard quickly and cheaply.

Overall, bravo to Representative Peppin and Minnesota for continuing the fight against trademark bullies, but I am doubtful that this new version will go anywhere, especially as Steve Baird reported on DuetsBlog that no hearings on the bill will be scheduled until next year.

[Photo Credit: A chalkboard with the chalk letters bully free zone // ShutterStock]

Posted by Eric at 09:00 AM | Trademark | TrackBack

March 24, 2013

Linkwrap of Google's Antitrust Deal With the FTC

By Eric Goldman

It seems like forever since the FTC settled its antitrust investigation with Google, even though it's been less than 3 months. My recap post from the initial announcement. We're waiting for the European denouement, but in the interim, some of the more interesting links I've seen about the FTC settlement:

* Frank Pasquale and Siva Vaidhyanathan, Borking Antitrust: Google Secures Its Monopoly

* James Grimmelmann: Not with a Bang and Devils and Details.

* Politico: How Google Beat the Feds

* Tim Wu: Why Does Everyone Think Google Beat the FTC?. Perhaps it has something to do with the rumored 100 page staff memo advocating a Google bust just 3 months before the official resolution?

* TPM: FTC Chairman Defends Google Settlement: We Did What The Law Required.

* Commentary on Commissioner Leibowitz's resignation. FTC and NY Times.

As I've been thinking about the settlement over the past 3 months, I'm struck by one point raised by James Grimmelmann. Google submitted a commitment letter to the FTC promising to give websites the ability to opt-out of being indexed in certain Google services. It also promised that "Exercise of this option will not...be used as a signal in determining conventional search results on the google.com search results page." From my perspective, Google's letter should constitute advertising speech the same way Nike's letters to universities constituted advertising in Nike v. Kasky. If so, then competitors should be able to enforce Google's violation of this promise using any legal doctrine allowing competitor standing, such as the Lanham Act. This opportunity differs from the typical FTC settlement, where competitors and consumers have no standing to enforce a company's promises to the FTC.

How could such a lawsuit play out? Imagine this scenario: A vertical search engine opts-out of being indexed in Google's sub-services. At some point later, the vertical search engine shows up less favorably in search results. There are many explanations for why a site might rise or fall in the search rankings, but now the vertical search engine could assert a Lanham Act (or other legal doctrine) violation because, it believes, Google downranked it for opting-out, and doing so violated Google's commitment letter. The opt-out/downrank correlation may not be enough to survive Twombly/Iqbal--but if the lawsuit gets over the motion to dismiss, the vertical search engine should be able to take discovery on Google's rankings algorithm to determine if the downranking was payback for opting-out. This would be a bad outcome for Google, even if Google ultimately defeats the Lanham Act claim.

For those who've criticized the FTC for not locking down Google's promises in a consent decree, I feel like I'm missing something. By getting this commitment letter, the FTC may have handed a powerful litigation tool to many Google gripers, and any enforcement action (going to their core algorithmic questions) would be quite high-stakes for Google. Sure, the commitment letter resolution may be unorthodox, but my instincts are that this particular resolution worked to Google's detriment.

[Photo credit: white roadsign with a commitment concept // ShutterStock]

Posted by Eric at 09:14 AM | Marketing , Search Engines | TrackBack

March 23, 2013

First Amendment Protects Online Republication of Court Records--Nieman v. VersusLaw

By Eric Goldman

Nieman v. VersusLaw, Inc., 2013 WL 1150277 (7th Cir. March 19, 2013)

[As I mentioned in my prior post about the case, the plaintiff has made legal threats against me for the same conduct discussed in this opinion. As a result, I'll have to stick to the facts. You'll have to draw your own conclusions.]

The court summarizes the facts:

Nieman discovered in 2009 that certain legal-search websites (such as Lexis/Nexis.com, Justia.com, Leagle.com, and VersusLaw.com) were linking copies of documents from his prior lawsuit to his name. That litigation involved a former employer and was settled in 2011. When Nieman encountered difficulty obtaining another insurance job, he suspected that potential employers had learned of his prior lawsuit online and “blacklisted” him from employment opportunities. Nieman alleged that in late 2011 he wrote to each of the defendants and asked them to delink his court cases from their online search results. The defendants declined.

The court's efficient disposition of the resulting lawsuits (citations omitted):

The First Amendment privileges the publication of facts contained in lawfully obtained judicial records, even if reasonable people would want them concealed. We have explained that judicial “[o]pinions are not the litigants' property. They belong to the public, which underwrites the judicial system that produces them.” Other legal documents included by the court as part of the public record of the judicial proceedings are also covered by the First Amendment privilege. The forprofit nature of the defendants' aggregation websites does not change the analysis; speech is protected even when “carried in a form that is ‘sold’ for profit.” All of Nieman's claims are based on the defendants' republication of documents contained in the public record, so they fall within and are barred by the First Amendment privilege.

The district court also relied on 47 USC 230; the Seventh Circuit doesn't address that issue.

[Photo Credit: old legal / law books // ShutterStock]

Posted by Eric at 07:43 AM | Content Regulation | TrackBack

March 22, 2013

N.Y. Yankees Block Clothing Manufacturer's "Baseball's Evil Empire" Trademark Registration (Catch-Up Post)

By Jake McGowan [writings][LinkedIn]

New York Yankees Partnership v. Evil Enterprises, Inc., TTAB Opposition No. 91192764 (TTAB Feb. 8, 2013)

With nagging injuries to several key starters, it looks like the New York Yankees are in for a long season. Off the field, however, it seems the marketing department has already chalked up a win.

Last month, the New York Yankees Partnership found itself in front of the Trademark Trial and Appeal Board, fighting to block a clothing company from registering the trademark “Baseball’s Evil Empire.” On February 8, the Board sided with the Yankees, sustaining the team’s opposition for likelihood of confusion and false suggestion of a connection.

Background

In 2002, sought-after Cuban pitcher Jose Contreras chose the Yankees over the Red Sox, prompting Red Sox president Larry Lucchino’s now famous remark:

The evil empire extends its tentacles even into Latin America.

The Board noted that since then, the team has “implicitly embraced” the nickname, even going so far as to “[play] ominous music from the soundtrack of the STAR WARS movies at baseball games.”

On July 7, 2008, Evil Enterprises filed a trademark application for the mark “Baseball’s Evil Empire” for various clothing.

The Yankees opposed the mark on three grounds: (1) likelihood of confusion; (2) false suggestion of a connection; and (3) disparagement.

Board Agrees with Yankees that the Mark is Likely to Confuse Consumers

Right off the bat (sorry), the Board reminds that the Yankees don’t necessarily have to use the mark to oppose; it’s enough that the public associates a mark with the goods or services of the opposing party.

The Yankees’ counsel provided hundreds of such examples, including news articles, stories, and blog entries all using “Evil Empire” to describe the team, such as:

“We love it that baseball has an Evil Empire, a team to beat, the perpetual villain in the New York Yankees.”

“the Red Sox finally defeated the Evil Empire (the Yankees) en route to their first World Series win in ages.”

“Yankees 6 Red Sox 5! The Evil Empire lives!"

Even applicant Evil Enterprises admitted that the term had been used in connection with the Yankees. Instead, the company argued that that the Evil Empire nickname has been thrown around for other teams as well (I can think of at least one that’s currently trying to fit the mould).

But the Board denied that the nickname had stuck for any other team:

[A]pplicant’s evidence shows only that these other teams aspire to be in the position of the Yankees, i.e., spending more on salaries and winning more championships. In short, the record shows that there is only one EVIL EMPIRE in baseball and it is the New York Yankees.

Based on the abundance of evidence, the Board decided that the Evil Empire mark was famous and thus afforded a broader scope of protection. It also noted that t-shirt shopping entails a low standard of purchasing care, which thereby increases the risk of confusion. Weighing these factors, the Board sided with the Yankees and sustained likelihood of confusion as a ground for blocking registration of the mark.

Board Views Evil Enterprises as Purposely Suggesting a Connection With the Yankees

Here’s language taken from Evil Enterprises’ own web page:

The official home of Baseballs Evil Empire. The one source for all the latest tee-shirts and hats for all the Yankee Fans around the world. Be seen in our Yankee apparel and help us in our message that the Yankees are truly “Baseballs Evil Empire” . . . “Thank you, for being a Yankee Fan” (emphasis added)

Reasoning that the whole purpose of the clothing line was to target Yankees fans, the Board had no trouble deciding that consumers would likely assume that the clothing line was connected with the baseball franchise.

“Implicit Embrace” of Evil Empire Persona Undermines Yankees’ Disparagement Argument

The Board noted that a growing number of Yankees fans have adopted the nickname as a “badge of honor,” as it brings to mind the ire and jealousy of rival fans (and by extension, the team’s 27 world championships).

Given this developing positive connotation, the Board declined to block the registration on grounds that the mark disparaged the baseball club:

[H]aving succumbed to the lure of the dark side, opposer will not now be heard to complain about the judgment of those who prefer the comfort of the light.

_________

It's worth noting that the Yankees partnership was able to block this registration without creating the trademark or even using it at all. Instead, the baseball community created the "evil empire" nickname and the TTAB ultimately granted the Yankees private rights in the mark. In that regard, this situation is consistent with the "Bug" line of cases, where courts allowed Volkswagen to block others from using the "bug" mark because the public had come to associate the term with VW Beetles. In the end, the origins of such publicly-coined nicknames may not change the outcomes of these cases. But they still raise interesting questions about the theoretical bases for granting private rights in certain trademarks.

This is also a good example of a marketing department protecting each nuance of a brand, including those that might seem unwanted at first glance. When this story first broke, it gained national attention partly because it might have seemed strange to a casual observer that the team would want to associate with a “negative” nickname. But when a fan develops a positive association with a negative nickname, the name acquires value to the franchise and takes its place alongside any other in the team’s lore.

Throughout sports and entertainment, embracing the “bad-guy” persona is nothing new (See: the Oakland Raiders, WWE wrestling, LeBron James circa 2011, Rap music, etc.). In this case, the Yankees fought to protect “Evil Empire” just like they would for “The Bronx Bombers” or “The Yanks.”

Photo Credit: Anthony Correia / Shutterstock.com

Posted by JakeMcGowan at 09:10 AM | Trademark | TrackBack

Another Credit Card Breach Lawsuit Fails – Willingham v. Global Payments

[Post by Venkat Balasubramani]

Willingham v. Global Payments, Inc., 12-CV-01157 (N.D. Ga. Feb 5, 2013) (case later dismissed by the parties)

This is a data breach lawsuit arising out of an incident in which credit card information was purloined from a payment processor. Global Payments, the defendant in the lawsuit, handled transaction processing for merchants. Two plaintiffs sued on their own behalf and on behalf of a putative class. Willingham alleged she noticed fraudulent charges made using her card totaling approximately $1,000. The Hieslers, the other named plaintiffs, made similar allegations. The plaintiffs did not allege whether they were able to get their credit card company to reverse the charge. Plaintiffs assert a variety of state and federal law claims. The court dismisses them all.

Standing: The court engages in a long but ultimately academic discussion on standing. The court says that injury-in-fact requires out-of-pocket loss, and even an unauthorized charge is not necessarily enough:

To sufficiently allege that identity theft actually occurred, a plaintiff must, allege more than fraudulent charges which were removed . . . some further factual allegation, such as that Plaintiff was not reimbursed for those charges or that she incurred fees or other expenses or financial consequences [is required] . . . .

If there is no injury-in-fact, plaintiff may find standing based on future harm only if it is “imminent.” The court says that plaintiffs’ allegations fall short, and also that they are speculative because they depend on the actions of a third party. (The court expresses disagreement with other cases that have held that the risk of future harm is sufficient for standing.) The court also says that plaintiffs’ personal information does not have “inherent monetary value.” (citing to the Facebook privacy litigation and RockYou)

After all this, the court says that it’s preferable to resolve the dispute on the merits than dismiss on the basis of standing.

Stored Communications Act: Plaintiffs argued that Global Payments violated the Stored Communications Act because it knowingly divulged plaintiffs’ credit card information to third parties, by having in place lax authority and allowing hackers to access it. The court debates the issue of whether Global Payments falls under the statute’s definitions of providing an electronic communications service or a remote computing service. Regardless of how this issue shakes out, the court says that Global Payments does not provide a service “to the public” (it deals with merchants). More importantly, it did not “knowingly” divulge any information. At best, it failed to take appropriate steps to safeguard the data, but this does not amount to “knowing” disclosure.

Fair Credit Reporting Act: Plaintiff also alleged that Global Payments willfully and negligently violated the FCRA by failing to implement reasonable security procedures to maintain the confidentiality of plaintiffs’ information. The court rejects this claim as well, saying that under the FCRA, liability in this context only attaches where the covered entity improperly “furnishes” a consumer report to third parties. Here, the court says, Global Payments did not “furnish” the information to anyone.

Georgia Unfair Trade Practices Act: Plaintiffs argued that Global Payments misrepresented the level of security provided and engaged in a deceptive trade practice. The court says that plaintiffs fail to allege reliance on any misrepresentations and failed to allege damages sufficient to support injunctive relief. Plaintiffs also argued that the are entitled to injunctive relief because defendant “farmed out” its obligation to provide adequate security to third parties. Plaintiffs tried to rely on the data breach notification provisions in further support of this argument, but the court says this doesn’t necessarily require notification when an entity delegates its obligations; and in any event, the obligation only applies to the information of residents of the state.

Negligence: A big problem with the negligence claim is that there’s no relationship between Global Papyments and plaintiffs (they are not direct customers). Thus, the court says there is no duty. Plaintiffs tried to rely on the “voluntary undertaking doctrine,” but the court says that the lack of bodily injury or physical harm renders this unavailable. Plaintiffs’ negligence claim was also barred by the economic loss doctrine which limits a party to contractual remedies (where there is a contract) and only allows negligence claims for certain exemplary damages or conduct.

Contract: Plaintiffs’ contract claims fail because they are not third party beneficiaries to the agreements between Global Payments and the merchants. The court also says that there’s no basis for an implied contract—any broad statements that Global Payments would safeguard the underlying data are insufficient to form an implied contract.

Plaintiffs are having a tougher and tougher time in data breach cases. Courts seem to require the allegations of out-of-pocket loss to be unequivocal, and here, the court says that even the allegation of an errant charge is insufficient, absent an accompanying allegation that they were not reimbursed or charged back. A stray case or two seemed to offer a glimmer of hope to these types of plaintiffs, but cases rejecting claims keep piling up. If you can't cobble together a claim when your credit card information has been compromised, I wouldn't be very optimistic, in general, as a data breach plaintiff.

Data breach notification laws also do not seem to offer much help to plaintiffs. Granted, plaintiffs only presented their claims under the data breach statute obliquely, in order to support their unfair competition claims, but I can’t think of many cases where consumers were able to recover damages based on an entity’s alleged failure to provide timely notice or otherwise comply with a notification statute.

Federal statutes similarly do not offer much help. From the beginning, early data breach plaintiffs have tried many different variations of federal privacy statutes, but none have really stuck. I thought plaintiffs were creative here with their invocation of the FCRA, but the court rejects this as well.

Although the results in these cases may make sense, courts do engage in some doctrinal contortion to get there. As such, appellate relief is possible. (Again, while a few cases have offered slight rays of sunshine to these types of plaintiffs, none have truly opened the door.)

Other coverage:

Magistrate recommends lawsuit against global payments should be dismissed

[image credit: Sutterstock/budiadiliansyah: a programmer work at night to be a cracker]

Posted by Venkat at 07:00 AM | E-Commerce , Privacy/Security

March 21, 2013

Griping Blogger Protected by Fair Use But Not Section 230--Ascend Health v. Wells

By Eric Goldman

Ascend Health Corp. v. Wells, 2013 WL 1010589 (E.D.N.C. March 14, 2013)

Brenda Wells gripes about University Behavioral Health of Denton ("UBH") at two blogs, which she promotes via Twitter, Facebook and YouTube. UBH and related parties sued Wells for, among other things, copyright infringement and defamation.

Copyright

Wells allegedly posted the followed copyrighted materials:

images of UBH’s facility; an image apparently of Ascend’s officers, including Kresch; an image of UBH’s logo; and, a still image of a man outdoors with other people in the background from a UBH promotional video

The court grants Wells' motion to dismiss on fair use grounds. The court says she used the images for criticism of UBH, and that makes her use transformative even though she didn't modify the images (cite to Sedgwick v. Delsman). Further, the images had no independent commercial value, so the reuse of the images for criticism didn't harm the market value of the images. It's great to see a blogger win a fair use defense on a motion to dismiss; the caselaw is split on this topic. Compare Righthaven v. Realty One with Katz v. Chevaldina.

Defamation

Among other defenses, Wells claimed that she was protected by 47 USC 230. Wells argued that she:

“simply . . . re-post[ed] content provided by a third party.” Specifically, she points to two statements on her blog which plaintiffs allege are defamatory. As to one statement, plaintiffs allege that Wells removed the name of the commentator, and with the other, plaintiffs allege it was purportedly authored by the mother of a former UBH patient. Therefore, Wells argues, because the statements were authored by others and published on her website, albeit with some edits, she cannot be held liable for those statements. (cites omitted)

While the court says that quoting third parties could potentially qualify for Section 230 (see, e.g., the uncited D'Alanzo case), the plaintiffs' allegations knock her out of the immunity:

Plaintiffs allege that Wells herself created some of the defamatory statements on her blog. Furthermore, as to the defamatory statements based on information provided by others, it is not evident the extent to which Wells may have made more than mere editorial changes to that information, and the court agrees with plaintiffs that discovery should bear this out. Section 230 immunity does not cover content which Wells created herself or other content, although originating with a third party, which Wells significantly altered.

Unfortunately, the court's discussion isn't adequately nuanced. It's true that significantly altered third party content can lose Section 230 immunity, but only if the editing actually changed the meaning of the edited content. My hope is that those facts will become clearer in discovery, and if the facts are favorable, perhaps the judge will reconsider the Section 230 analysis on summary judgment.

Blogs and Fair Reporting Privilege

The court also rejects Wells' fair reporting privilege argument because she's a blogger, not a "newspaper or other periodical":

Wells’s internet blogs are not akin to a newspaper or other periodical, even one published electronically. Postings on the blog are not published at regular intervals. They are not composed of articles, news items, or the like.

Sigh.

[Photo credit: to illustrate poor customer service, with complain message on keyboard // ShutterStock]

Posted by Eric at 08:49 AM | Copyright , Derivative Liability | TrackBack

March 20, 2013

Book Recommendation: "Trademark and Deceptive Advertising Surveys"

By Eric Goldman

I read only a couple of books per year. As very long-form scholarship, books usually require big blocks of time to read (and I rarely have such blocks), and I typically find the payoff isn't worth the time investment. As a result, it's rare that I read a book, rarer when I like a book, and exceptionally rare when I think a book is worth recommending to you.

Yet, I can hardly contain my enthusiasm for the 2012 book, "Trademark and Deceptive Advertising Surveys: Law, Science and Design," edited by Shari Seidman Diamond and Jerre B. Swann and published by the ABA's IP Section. It may be the best book I've read in years.

Why do I like this book so much? It's the *perfect* legal resource guide. The chapters are written by the leading experts in the field--names you most likely recognize, including William Barber, Jerre Swann, Bruce Keller, Shari Seidman Diamond, Itamar Simonson, Jacob Jacoby and many more. In each chapter, an expert explains how he/she handles an aspect of the consumer survey process and why he/she makes certain professional judgments. It's like having am initial consultation with, or some private coaching from, the leaders in the consumer survey field, except that they aren't billing you by the hour and they give you citations for your deeper investigation if you want. I know I'm a hardcore geek, so my experience may not be representative, but I found this book a page-turner that I couldn't put down. Every page was packed with a golden nugget or two of insight, page after page, chapter after chapter. I'm not exaggerating at all when I say that I found the book gripping.

Of course, you won't be able to do consumers surveys on your own just by reading the book (you'll still need to hire an expert), but you'll be able to have a more intelligent discussion with your expert and evaluate and supervise their professional choices better. After reading the book, you should be able to save thousands of dollars in the costs of a consumer survey and increase the likelihood that the $100k+ you invest in a consumer survey will yield useful results.

If you deal with consumer surveys in the trademark or advertising context--which means pretty much every trademark and advertising law professional--this book is a must-have. Unfortunately, the book is priced for professional purchases, not the consumer market. Right now Amazon [affiliate link] lists it for $280 (though that price fluctuates), but it's "only" $180 at the ABA website and even cheaper if you're an ABA IP Section member. The book will more than pay for itself after your first consumer survey using it.

Posted by Eric at 02:49 PM | Marketing , Trademark | TrackBack

March 19, 2013

IMDB's Disclosure of Actress’s Age Will Go To Trial – Hoang v. Amazon

[Post by Venkat Balasubramani with a comment by Eric]

Hoang v. IMDb.com, C11-1709MJP (W.D. Wash. Mar. 18, 2013)

We’ve blogged about this dispute—involving an actress’s attempt to hold IMDb liable for publishing her age against her wishes—before. The court recently denied the parties’ motions for summary judgment, setting the case up for a trial.

Background: The court discusses some of the factual background on how IMDb decided to “disclose” Hoang’s age information, and this is somewhat damning to Hoang. Apparently, she signed up without including her age, but later used her friend’s account to submit an incorrect birthdate (1978 instead of 1971). She then decided that she no longer wanted this date on her profile and followed up with IMDb in an attempt to get this error fixed. She even sent IMDb a scanned copy of a fake Texas identification, but none of this had the intended effect. Eventually, she emailed IMDb and asked it to:

Go back on your files and see if you have any documentation, verification, or identification that [her] birthdate [was] in 1978.

In response to her email, a customer service manager accessed information from IMDb’s database containing “pro” registration details. He found Hoang’s legal name. He then searched for her name in “PrivateEye,” a public records database, and ascertained that her birthdate was in 1971. He directed IMDb to update her profile to include the correct birthdate.

Hoang continued to lobby IMDb to change the birthdate:

press[ing] ahead with her false information campaign, sending IMDb links to her fake passport to ‘collect/delete [her birthdate]' . . . .

She sought summary judgment on her then-remaining claims for breach of contract and violations of the consumer protection act. Amazon and IMDb both sought summary judgment as well.

Amazon is entitled to dismissal: The court dismisses Amazon because there is no evidence that it was involved in the decision-making of IMDb (a separate entity). Hoang asserted a variety of arguments, including that the customer service manager listed Amazon along with IMDb on his LinkedIn profile, but none were sufficient to overcome the general rule against holding a parent liable for the acts of its subsidiaries. The court notes there is no evidence that the two entitles shared databases.

Unclean hands: IMDb argued that Hoang should be barred by the doctrine of unclean hands. The court rejects this argument, noting that her unclean hands played no part in acquiring the rights at issue.

Breach of contract: The court rejects summary judgment on the key issue of whether IMDb breached the terms of the privacy policy by updating Hoang’s birthdate information. The privacy policy provided that IMDb would use “the information [end users] provide for such purposes as responding to [users’] requests.” The court says that a jury could conclude that IMDb was responding to her requests in searching its files and updating her information. The court cites to an (all caps) email from Hoang that exhorted IMDb to:

GO BACK ON YOUR FILES AND SEE IF YOU HAVE ANY DOCUMENTATION, VERIFICATION, OR IDENTIFICATION THAT MY BIRTHDATE IS IN 1978. IF YOU DO, PLEASE EMAIL IT TO ME BECAUSE I’M CURIOUS TO SEE WHAT YOU’RE GOING OFF OF. IF YOU DON’T FIND ANY PROOF ON RECORD, PLEASE DELETE IT BECAUSE I KNOW THAT 1978 ISN’T MY DATE OF BIRTH

Damages: The court addresses Hoang's damages.

First, the court nukes the limitation of damages contained in IMDb’s term of service. [Ouch.] Its terms of service excluded consequential and exemplary damages, and capped liability to the amount of any fees paid to IMDb in the year prior to the claim. These provisions operated only in favor of IMDb, and the court says these provisions effectively result in a situation where no attorney would want to take a case alleging a violation of IMDb terms.

Second, the court says that Hoang can seek the following damages: (1) nominal damages; (2) direct losses; and (3) career damages. Emotional distress damages are not available in contract cases. The court also rejects her attempt to claim damages in the form of diminution to the value of her property (her personal information). On the other hand, the court does reject IMDb’s argument that no reasonable jury could conclude she has been damaged.

CPA claim: The consumer protection act claim turned on whether this was part of a pattern or likely to recur. If it’s an isolated one-time dispute between these two parties, then there’s no public interest. As part of her argument that this was part of a pattern, Hoang presented evidence that IMDb accessed the PrivateEye database over 20 times. However, IMDb came forward with evidence that each of these instances of access involved searches based on public record or publicly available IMDb information.

This is a super interesting dispute. We should be excited at the prospect of trial. Unlike the numerous class action cases we blog about, this presents the situation where a single plaintiff has an opportunity to present evidence to a jury that a company’s misuse of her information has resulted in damages.

Of course, the court’s “unclean hands” discussion is not particularly flattering to Hoang, and the fact that all of this was precipitated by her initial inclusion of incorrect information and subsequent attempts to “correct” this information doesn’t make her look good. That’s setting aside the fact that she’s complaining about IMDb’s publication of her information that only disclosed her accurate date of birth to prospective employers. [We've seen another instance or two of privacy plaintiffs being subject to the harsh light of scrutiny, so this is not surprising.]

Other items of interest in the ruling:

- databases are a treasure trove of information, as demonstrated by the fact that IMDb obtained her birthdate from a public database
- it’s sort of a reminder of how de-anonymization isn’t always effective (or can often be circumvented or reverse-engineered)
- the PII as valuable information argument doesn’t seem to resonate
- it's always interesting to see a terms of use get axed by court--I would say a one-way limitation is fairly typical in these types of agreements, but the decision illustrates that they are by no means safe

I’m excited to see this case go to trial. I fear that the court’s ruling effectively steers the parties towards settlement, but if it goes to trial, I’ll make sure to attend and report back (since it’s in Seattle).
___

Eric's Comment. The court has nicely teed this case up for settlement. Without the contract risk provisions, IMDB doesn't want the damages exposure. And Hoang runs the real risk of a jury negatively reacting to her serial incidents of deception. A small check from IMDB to Hoang should be in both parties' interest.

Other coverage:

Actress' Lawsuit Against IMDb for Revealing Her Age to Proceed to Trial
Actress’s Suit Against IMDb for Publishing Her Actual Age Can Go to Trial

Previous post:

Actress Suing IMDB Can Assert Claim Based on Privacy Policy – Hoang v. Amazon.com, Inc.

Posts on data breach cases:

Posted by Venkat at 03:35 PM | E-Commerce , Privacy/Security

March 18, 2013

It's Legally Okay if Google Thinks Your Name and Erectile Dysfunction Drugs Have Something to Do With Each Other (Forbes Cross-Post)

By Eric Goldman

Stayart v. Google Inc., 2013 WL 811793 (7th Cir. March 6, 2013).

Would you be upset if people searching for your name are prompted to search for your name plus the name of an erectile dysfunction drug like Viagra or Cialis? For example, if you search for "Eric Goldman," a search engine might suggest that you search for "Eric Goldman Viagra." I suspect many of us would never discover that the search engines were doing this, and those who did would find it perplexing but amusing.

(The reasons why a search engine might make this suggestion aren't complicated or nefarious. "Sploggers" build web pages that remix content from legitimate web pages as search engine "bait" to attract searchers to pages that advertise or link to illicit goods such as pharmaceuticals that require a prescription. As a practical matter, splogged pages don't show up well in search results, but they may influence the search engine's suggestion algorithms anyway).

As it turns out, this scenario isn't hypothetical. Google suggested that searchers on "Bev Stayart" (a/k/a Beverly Stayart) search for "bev stayart levitra" (Levitra is an erectile dysfunction drug). See the recent screen shot on the right. Many of us would shrug this off; in contrast, this situation has launched Bev Stayart into a multi-year, multi-lawsuit campaign against Google and Yahoo (see this page for my chronicle of her lawsuits and related suits).

None of her lawsuits have made any progress at all. Last week, she notched yet another loss in court. The Seventh Circuit Court of Appeals dismissed her lawsuit--again--in a brief and unceremonious opinion befitting the lawsuit's lack of merit.

Stayart argued that Google's suggestions using her name violated her publicity rights under Wisconsin's publicity rights statute. There are probably a dozen reasons why this claim should fail, but the court explores only two.

First, Wisconsin's law permits the commercial use of a person's name when it's newsworthy or in the public interest. The court says that exception applies to Stayart because her ongoing litigation crusade has caused her name to be associated with erectile dysfunction drugs, and people have a legitimate right to search for court records related to her case. The fact that Bev Stayart's vanity search results now suggest erectile dysfunction pills is a predictable Streisand Effect of her litigation, but the court is uncomfortably "punishing" a plaintiff for enforcing his/her rights. Further, the court's rationale is specific to Stayart, and thus may not apply to other cases.

Second, the Wisconsin statute requires that the commercial use be "substantial" and not "incidental." In a terse and unenlightening paragraph, the court says that Stayart didn't convince the judges that Google's search results made more than an incidental commercial use of Stayart's name.

Rather than rely on these technicalities, the court should have looked to the Wisconsin Court of Appeals, which just issued an opinion in Habush v. Cannon (not cited by the 7th Circuit) that buying keyword ads on a person's name doesn't constitute a commercial "use" of the name under Wisconsin's publicity rights statute. While the Habush opinion partially relied on the invisible nature of the keyword triggering, I think its logic should broadly apply to all organic search activity. In contrast, because of the Stayart court's narrow rationales, it's unclear how the opinion will apply to other cases.

Still, I think a favorable macro-trend is emerging for Google, Yahoo, Bing and other search engines. Putting aside the legal machinations of how they get there, courts are not receptive to legal attacks on organic search operations, whether the claim is based on defamation (see, e.g., the futile lawsuit by Dr. Hingston), trademark law or publicity rights. Thus, the Stayart ruling is philosophically consistent with the recent opinion in Multi-Time Machine v. Amazon, which rejected a trademark lawsuit over Amazon's search results merchandising of other vendors' goods. These rulings reinforce that plaintiffs suing to force changes to organic search results--or the search engine's suggestions of alternatives--are almost certainly doomed to fail in court, one way or another.

[Photo Credit: Sean Nel / Shutterstock.com]

Posted by Eric at 09:55 AM | Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

March 14, 2013

Court Rejects Attempt to Hold Software Company Liable for Surveillance Conducted by Its Customer – Luis v. Zang

[Post by Venkat Balasubramani]

Luis v. Zang, 12 cv 629 (S.D. Oh. Mar. 5, 2013)

Divorces have spawned some of the most interesting privacy disputes, such as the cases involving whether GPS surveillance of a vehicle violated one spouse’s privacy rights and whether accessing webmail using a shared computer constitutes a violation of privacy laws. This particular case involved the use of “WebWatcher” software that ostensibly allows people to monitor the computer-related activities of individuals. We blogged on a separate matter involving this divorce (see “Lawyer Who Advised Brother-in-Law Regarding the Use of Spyware on His Wife Disqualified in Ensuing Privacy Dispute”), but this particular lawsuit is one of a three lawsuits spawned out of the divorce; two of which were filed by Javier Luis (against a variety of defendants) relating to the monitoring of his communications with Cathy Zang:

[a]lthough Plaintiff alleges that he has never met Cathy Zang in person, he alleges that he virtually met her, via a "Metaphysics" internet chat room, in January or February 2009 (Doc. 39, P 15). Shortly thereafter, Plaintiff alleges that he began to have "daily" communications, in the course of a "caring relationship" with Ms. Zang via the telephone and computer.

[Zang filed a separate lawsuit as well.] The key question before the court is whether Access Technologies, maker of WebWatcher, can be held liable for the monitoring activities conducted by its customer.

Whether WebWatcher ‘Intercepts” Communications: The court struggles with several semantic questions surrounding whether there has been an ‘interception’ as defined by the wiretap statute: (1) is information captured instantaneously; (2) is the information captured transmitted locally; and (3) is the information re-routed. The court rejects Access’ argument that there has been no interception, noting that the facts at this stage indicate a near-instantaneous capture and re-routing of information to a remote location.

Can Access be held liable for its customers’ conduct: Even assuming an interception occurred, the court says Luis’s claims fall short because remedies are only available against the individuals that “intercepted, disclosed, or intentionally used” communications in violation of the statute. The court says that the statute does not contemplate imposing civil liability “on software manufacturers and distributors for the activities of third parties.” While there is a provision of the statute that prohibits the "[m]anufacture, distribution, possession, and advertising [of devices” that can be used for interception]," (and imposes criminal liability for this activity) the court says that the civil remedies provision does not extend to this part of the statute.

The court also dismisses the litany of state law claims brought against Access (invasion of privacy, infliction of emotional distress, “bullying and harassment”) on the basis that Access did not have any knowledge of Mr. Zang’s use of the product and was not a party to any agreement that involved unlawful interception of communications. (The court does not mention Section 230, but that sounds like a fairly plausible basis for rejecting the state law claims as well.)
__

Although the two cases analyzed slightly different statutory provisions, this dispute is reminiscent of the SpectorSoft case, where a federal district court in Tennessee held that an ex-spouse could not assert federal or state law claims against the company that made monitoring software. In SpectorSoft, the court focused on whether the disclosure of communications was knowing or intentional. In this case, the court says there was an interception, but says that liability for the interception does not extend to third parties. Either way, the result is the same: in the garden-variety case, it's difficult to hold the software developer liable for interceptions effected by customers and clients. This decision reaffirms what is a fairly helpful result for developers of these types of software providers.

As far as derivative liability goes, both with respect to the Wiretap Act and the Computer Fraud and Abuse Act, plaintiffs have fared poorly in holding third parties liable for the actions of the people who actually did the monitoring, intercepting, or accessing. Courts have been reluctant to extend the reach of these statutes to third parties who did not directly participate in the allegedly wrongful activities themselves.

It's worth flagging that in addition to lawsuits from private parties, these software providers also have to worry about FTC actions. As noted in this 2008 Wired article, the FTC shut down the websites of a company that sold 'DIY spyware'.

[image credit -- kar/shutterstock: eyeball spy catcher]

Posted by Venkat at 10:25 PM | Adware/Spyware , E-Commerce , Privacy/Security , Publicity/Privacy Rights

March 13, 2013

Ex-Employer's Hijacking of a LinkedIn Account Is a Publicity Rights Violation--Eagle v. Morgan

[By Venkat with comments from Eric]

Eagle v. Morgan, 11-4303 (E.D. Pa. Mar. 12, 2013)

We’ve previously covered this dispute over a LinkedIn account. (See Another Set of Parties Duel Over Social Media Contacts; Battle Over LinkedIn Account Between Employer and Employee Largely Gutted.) Surprisingly, the case went to trial! Although the court finds that plaintiff adequately proved several of her claims (an impressive feat, given that she proceeded pro se), she ultimately loses the case. The court declines to award damages, finding that she did not prove any with reasonable certainty.

Background: Eagle founded Edcomm with Clifford Brody. In 2010, a company bought Edcomm. Although the purchaser retained the three founders of Edcomm, they were ultimately terminated. Screen Shot 2013-03-07 at 9.23.47 AM.jpg The present dispute focuses on Edcomm’s use of Eagle’s LinkedIn account following her termination.

The court discusses, in some detail, Edcomm’s approaches to LinkedIn accounts. During Eagle’s tenure, the company encouraged the creation and use of LinkedIn accounts. Interestingly, although the executives were aware of and discussed the ownership issues surrounding use of these accounts, Edcomm did not adopt any policy that would advise employees that LinkedIn accounts were the property of Edcomm. [The court cites to a fascinating email exchange where the principals debate the merits of the ownership arguments, and whether the company policy that it would own all data on company hardware would adequately resolve the issue of account ownership (answer: no).]

Interestingly, Eagle provided her LinkedIn password to other Edcomm employees who assisted with responding to invitation requests and maintaining the account. This came back to haunt her, as the employees who remained with the company following Eagle’s termination continued to use the account and locked her out of it. Edcomm (sans Eagle) had control of the account between June 20, 2011 (the date of Eagle’s termination) and July 6, 2011. LinkedIn then took control of the account, presumably at Eagle’s request, and she regained control of the account by July 14, 2011.

During the time period when Edcomm used the account following Eagle’s termination, it did not overtly state via the LinkedIn account that Eagle was no longer with the company. However, Edcomm swapped out the bulk of Eagle’s information for the details of Sandi Morgan, the interim CEO of Edcomm. Eagle’s custom URL remained, and the profile was accessible “via linkedin.com/in/lindaeagle.” Therefore, people who were looking for "Linda Eagle" via LinkedIn (or perhaps even a search engine) would be directed to Eagle's account which now contained largely Morgan's information.

Unauthorized use of name under 42 Pa. C.S. 8316: The court says that Eagle adequately states a claim under the Pennsylvania statute that protects a person’s commercial interest in their name or likeness. The court says that Eagle's name clearly has commercial value, given that she has wide acclaim and appears to be a thought leader in the space. The court also says that Edcomm “used” her name:

[a]n individual conducting a search . . . for Dr. Eagle . . . by typing in “Linda Eagle,” would be directed to a URL for a web page showing Sandi Morgans name, profile and affiliation with Edcomm Group Banker’s Academy. In other words, by looking for Dr. Eagle, an individual would unwaringly be put in contact with Edcomm despite the fact that Dr. Eagle was no longer affiliated with Edcomm and did not consent to Edcomm’s use of her name.

[emphasis added]

Invasion of privacy/misappropriation of identity and misappropriation of publicity: The court largely relies on similar reasoning to find that Eagle adequately states a claim for invasion of privacy by “misappropriation of identity” and for misappropriation of publicity:

[the search results] clearly provided promotional benefit for Edcomm and constitutes misappropriation of [Eagle's] name for commercial use.

Identity theft: Identify theft under the Pennsylvania statute requires “possession or use [of] identifying information or another person . . . to further any unlawful purpose.” The court says that Edcomm only used information that was publicly available. Interestingly, the court does not discuss whether use of the password constitutes identity theft. Also, the court points out that the “honors and awards” portion of Eagle’s LinkedIn page could not be identifying information. In the process, the court states:

in all logic, a person directed to [Dr. Eagle’s page] could not reasonably believe that the page was intended to identify Dr. Eagle. Rather, a reasonable individual, while perhaps confused as to how he or she arrived at this page, would have no doubt that the page belonged to Ms. Morgan and was describing Ms. Morgan’s resume.

[Every now and then I come across language that seems like it’s judicially trolling Professor Goldman. This is a prime example of this.]

Conversion: The court says that the tort of conversion is somewhat limited under Pennsylvania law when it comes to intangible property. While other courts have held that things like domain names (and even Twitter accounts) can be converted, the court says that under Pennsylvania law conversion is only available where the intangible rights are “customarily merged in, or identified with, a particular document (for example, a deed or a stock certificate).” This is not the case here. (Again, the court does not discuss the possibility of the password being converted.)

Interference with contract: The court says that Eagle has established the elements of interference with contract (the contract between her and LinkedIn). The only problem is that she fails to satisfy the element of damages. In discussing this cause of action, the court also notes that the agreement was between her in her individual capacity and LinkedIn, and not between Edcomm and LinkedIn.

Damages: After finding that Eagle adequately proved the bulk of her existing causes of action, the court concludes that she has not proven her entitlement to compensatory damages. First, the court says that she has not established damages with reasonable certainty. She relied on an interesting formula that apportioned the total (historical) revenue she generated across her LinkedIn accounts, and like the parties in the Twitter account case, came up with a per month per “connection” damage figure. However, the court says that she falls short in failing to show that she actually generated the revenues through her contacts:

Aside from her own self-serving testimony that she regularly maintained business through LinkedIn, Plaintiff failed to point to one contract, one client, one prospect, or one deal that could have been, but was not obtained during the period she did not have full access to her LinkedIn account. Indeed, the very real possibility exists that even with full access to her LinkedIn account, she would have not made any deals with any of her contacts during the time period in question.

The court says that she fails to show a reasonably fair basis for calculating her damages. She did not retain an expert, and only presented the testimony of her co-founder Clifford Brody. He admitted to “guestimating” on the damages, and more importantly “failed to connect Dr. Eagle’s successful sales with any use of LinkedIn . . . “

The court also declines to award punitive damages, saying that it was just as reasonable to conclude that Edcomm was acting to protect its property (or what it perceived as its property) rather than acting to harm plaintiff. On this basis, the court says Eagle fails to satisfy her burden on entitlement to punitives.

Edcomm’s counterclaims: The court also rejects Edcomm’s counterclaims.

First, it argued that Eagle committed misappropriation when she continued to use her account. The court says no:

Edcomm never had a policy of requiring that its employees use LinkedIn, did not dictate the precise contents of an employee's LinkedIn account, and did not pay for its employees' LinkedIn accounts. Indeed, as noted above, the LinkedIn User Agreement expressly states that Plaintiff's account is between LinkedIn and the individual user. Edcomm did not itself maintain any separate account. Moreover, Edcomm failed to put forth any evidence that Eagle's contacts list was developed and built through the investment of Edcomm time and money as opposed to Eagle's own time, money, and extensive past experience . . . .

The court also rejects its unfair competition claim, saying that apart from misappropriation (that the court rejects) Edcomm does not identify any other basis for how she unlawfully or improperly competed by using the LinkedIn account.

This is a pretty interesting end to a wide-ranging dispute that spanned several lawsuits and jurisdictions.

There is so much to take away from this dispute:

- it’s a demonstration again of the difficulty of slotting things like LinkedIn accounts into existing regimes of intellectual property.

- It’s also a good illustration of how helpful an employer's social media policy can be, although policies may not always resolve the issues.

- Personality rights and trademarks are a good hook for plaintiffs, and continuing to use the name of an ex-employee (if you are a company) or mark of a company (if you are a contractor) in an account can be risky, absent contractual authorization.

- Possession of the password is important, and password-sharing is risky activity, no matter what the context.

- Would social media password legislation have resulted in a different resolution? Tough to say, although Edcomm would likely have been reluctant to ask for and use the password post-termination.

- As Eric mentions below, identify theft statutes can be broadly worded. The court correctly rejects plaintiff's argument in this case that Edcomm violated the statute, but I expect plaintiffs will continue to rely on this argument.

I’m curious about two things factually that the court does not delve into. First, how easy would it have been for Edcomm to have changed the vanity URL? Second, I’m curious about the process through which Eagle regained control of her account.

The court’s finding that Eagle adequately asserted a publicity rights claim is interesting in that it relies on the fact that end users would be routed to her account while searching for her. On the one hand, the court says that users will be "unwaringly" directed to her profile, but on the other hand, the court says that there’s no way users will be confused, since Edcomm replaced the bulk of Eagle’s account details. The court does not cite to the recent Wisconsin decision involving keyword ads and personal names (nor does it discuss the Stayart case). The Wisconsin case is slightly distinguishable since there the name was an invisible trigger (and deals with Wisconsin’s statute, which probably differs from Pennsylvania’s), but still somewhat analogous I thought. The court could have just found that she did not state a claim to begin with, but perhaps took the “no damages” route as this rationale would better insulate the court’s decision against appellate review. Either way, the court’s ruling shows the broad reach of personality and publicity type statutes and claims and their possible applicability to these types of disputes. (See also Maremont v. Fredman Design Group.)

Above all, perhaps it's a good illustration of the fact that these lawsuits may not be worth it from an economic standpoint. The extent to which Eagle overstated the economic importance of her LinkedIn account was also interesting, almost bizarre. There is some value in being able to get in touch with someone and for a person to advise their network on what is going on with them professionally, but the likelihood of actually depending on LinkedIn and using it to generate revenue seems like a stretch to me. In any event, the court was not sold, based on the available evidence, that this was the case for Eagle's account. It's worth mentioning again that the account was under Edcomm's control for a relatively short period of time, and this could have driven the ruling on damages. It's possible the outcome may have been different if it took over and continued to use the account.

A final follow-up thought. In the old days, non-competes were a classic term that should be addressed by the parties in the context of any acquisition. I would probably add treatment of social media assets and accounts to this. I wonder if the acquisition agreement contained a non-compete agreement. I'm guessing the answer is no, given that the court did not mention it.
____

Eric's Comments

Although I have some quibbles, overall I think Judge Buckwalter did a commendable job with this case. Having recently raised some questions about a prior ruling of his, I thought he deserved props for his navigation of the issues.

Some highlights from the case:

1) One of the most shocking things I read in a judicial opinion recently: "As the CEO at the time, Brody found that "LinkedIn was awesome" for marketing, and he testified enthusiastically about it." Holy cow, someone actually found a good use for LinkedIn!!! Just kidding, I actually find LinkedIn quite useful in a number of contexts, and I certainly like it better than Facebook.

2) David Shapp, the company's senior vice president, tried to play junior lawyer and failed miserably--twice! Shapp first took the position that the company owned Eagle's LinkedIn account because it "owns all data on its hardware, including email archives." This isn't true, and it's factually inapplicable as LinkedIn is a pure cloud-based server. When Brody noted the latter point, Shapp then argued a former employee "cannot use [the LinkedIn] account because she does not own the email address that opened it." Also not true legally or factually. These kinds of mistakes are common when folks play junior lawyer. However, Shapp was closer to the truth when he says that the company can use a former employee's LinkedIn account so long as "we do not pretend to be her." Which is exactly what Edcomm did with Eagle's account when it edited the profile with Morgan's data. Whoops.

3) The judge says "the LinkedIn User Agreement clearly indicated that the individual user owned the account." In support of this, the judge cites the following language: "If you are using LinkedIn on behalf of a company or other legal entity, you are nevertheless individually bound by this Agreement even if your company has a separate agreement with us." Am I missing something? I don't see this language as saying the employee owns the account. I see it as LinkedIn trying to hold both the employee individually and the company accountable for any misuse.

4) I was pleased to see the judge reject the identity theft claim. We've previously complained about overexpansive interpretations of identity theft laws (see, e.g., Rolando S and State v. Madrigal) but the court steers clear of the pitfalls. However, the case turns on the legitimacy of Edcomm's possession of the LinkedIn log-in credentials--a potentially perennial issue under California's restriction of employers' ability to ask for employee log-in credentials.

5) I was also pleased to see the judge reject the conversion claim. We've seen other judges misunderstand the interplay between conversion, IP protection and chattels vs. intangibles, but Judge Buckwalter nails it.

6) Although the opinion doesn't say this so expressly, the opinion implicitly concludes that Dr. Eagle's LinkedIn profile is advertising for publicity rights purposes, such as that misusing the profile constitutes a commercial use of her personality. This gets into some sticky areas. For example, some state bars are taking the position that a lawyer's profile on LinkedIn is attorney advertising. If so, then the new LinkedIn feature allowing for "endorsements" of a person's "skills and expertise" could constitute unlawful attorney advertising (see this discussion from South Carolina). It's not automatic that a finding that a LinkedIn profile is advertising for publicity rights purposes means that it will be advertising under other legal doctrines, but still, that issue isn't going away any time soon.

7) We've maintained all along that litigation battles over social media accounts are economically irrational. This case provides further support for that proposition. Here, Dr. Eagle makes a prima facie showing of a publicity rights violation and still gets nothing.
____

Added: a post from Jeffrey Gross, who represented Eagle in an earlier phase of the case "Court Rules That LinkedIn Account Belongs to Employee, and not Employer"

Previous posts on this case:

Battle Over LinkedIn Account Between Employer and Employee Largely Gutted--Eagle v. Morgan
Another Set of Parties Duel Over Social Media Contacts -- Eagle v. Sawabeh

Posts on other social media ownership cases:

Employer Fails to State Stored Communications Act Claims Absent Allegations That Employees Interfered With Company Accounts – Castle Megastore v. Wilson
Facebook Posts and Twitter Invites Don't Violate Non-Solicitation Clause -- Pre-Paid Legal v. Cahill
Employee/Ex-Employer Lawsuit Over Twitter Account Settles – Phonedog v. Kravitz
Court Denies Kravitz’s Motion to Dismiss PhoneDog’s Amended Claims -- PhoneDog v. Kravitz
An Update on PhoneDog v. Kravitz, the Employee Twitter Account Case
Employee's Claims Against Employer for Unauthorized Use of Social Media Accounts Move Forward--Maremont v. SF Design Group
Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Account can Proceed--PhoneDog v. Kravitz
Ex-Employee Converted Social Media/Website Passwords by Keeping Them From Her Employer--Ardis Health v. Nankivell
Court Declines to Dismiss or Transfer Lawsuit Over @OMGFacts Twitter Account -- Deck v. Spartz, Inc.
Employee's Twitter and Facebook Impersonation Claims Against Employer Move Forward -- Maremont v. Fredman Design Group
MySpace Profile and Friends List May Be Trade Secrets (?)--Christou v. Beatport

Eric’s talk notes: "Social Media and Trademark Law"

Posted by Venkat at 12:30 PM | Publicity/Privacy Rights

March 12, 2013

"Regulation of Social Media and Mobile Media" Talk Slides

By Eric Goldman

Last month, I spoke at the ABA Antitrust Section's always-well-done Consumer Protection Conference. This time I was recruited as the provocateur to discuss the challenges of regulating social media and mobile media. Regular readers know where I stand on that question. My talk slides.

I did forget to make one joke in my talk, so I'll share it here. Can you imagine how much crime-fighting time that Dick Tracy lost while trying to scroll through the privacy policy on his wrist TV? BTW, the other device on that slide is a Kaypro, the very first computer my family owned over 3 decades ago running the long-forgotten CP/M operating system. They marketed it as a portable device, calling it "luggable" because it weighed in about 30 pounds.

Posted by Eric at 07:12 AM | Internet History , Privacy/Security | TrackBack

March 09, 2013

Family Law Judge Discounts Tweets That Threatened Children and Discussed Alcohol Use – R.M. v. D.Z.

[Post by Venkat Balasubramani]

R.M. v. D.Z., 2013 IL App (3d) 120846-U (Mar. 4, 2013) [pdf]

We’ve seen countless examples of litigants zinged by their social media posts. A family law judge recently took a different approach, giving minimal weight to tweets from a family member that threatened harm to kids and talked about drinking with one of the parents.

DZ and RM were married; they had twins and ultimately separated. RM was awarded primary custody. RM and the twins resided for some time with DZ (after the marriage). Later, RM and the twins moved out and moved into a residence where RM’s 17 year old daughter from another marriage allegedly resided. party pic.jpg DZ argued that the parenting plan and custody should be modified due to the changed circumstances. Among other things, DZ cited the 17 year old daughter’s alleged drug use and tweets from the daughter that threatened the kids and recounted drinking with the mother (RM):

I'm going fucking insane I hope these little fuckers have school tomorrow or I will probably kill them ... my brothers are such ungrateful pricks I hate disrespectful little cretins.'

'beat kids.’

drinking with my mom … now I know why I only drink wine
drinking Bailey’s with my mama

I love drinking with my mom LMFAO.

The trial court concludes that RM only resided with her 17 year old daughter, if at all, temporarily. The court also finds that RM did not have knowledge of her daughter’s drug use. Based on this, the court says that there is no change in circumstances that warrant a modification of the initial custody/parenting plan.

Interestingly, the court ends up discounting the daughter’s tweets almost entirely, saying that:

it's become apparent to the court after hearing many of these types of cases now that young people don't put the normal every day occurrences of life on their Twitter account postings. *** And trying to rely upon Twitter account postings or MySpace or Facebook as proof of facts, actually things that have happened, just can't be done -- especially with young people.

The appeals court declines to reverse, saying that the trial court—being in “the best position to observe the conduct and demeanor of the parties and the witnesses and ha[ving] a degree of familiarity with the evidence that a reviewing court cannot possibly obtain”—is entitled to deference.
__

As we’ve blogged on numerous occasions, courts ruling on defamation claims often discount seemingly fact-like statements made online. Although this is not a defamation case, the court has the same view of the tweets the father cited--basically, though they looked like facts, we can't assume they are meant as facts. It’s unclear whether the court here relied on the medium, the context, or the age of the individual who wrote the posts in question.. In either event, this is another example of courts taking into account the hyperbolic nature of online posts.

Interestingly, the court goes to the other extreme, and discounts the tweets entirely, not even according them minimal probative value. The court's treatment of the events discussed in the tweets as "not real facts" is questionable, and the appeals court's affirmance also reflects a degree of online exceptionalism. If the statements in question came in the form of in-court testimony, you would think the result may have been different.

[image credit: Kzenon/Shutterstock ("Young people in club or bar drinking cocktails and having fun")]

Posted by Venkat at 08:12 AM | Evidence/Discovery

March 07, 2013

Court Dismisses Data Breach Lawsuit Against LinkedIn Based on Compromised Passwords – In re LinkedIn User Privacy Litigation

[Post by Venkat Balasubramani]

In re LinkedIn User Privacy Litigation, 2013 WL 844291 (N.D. Cal. Mar. 5, 2013) [pdf]

LinkedIn suffered a data breach in 2012. Someone allegedly posted 6.5 million passwords and email addresses from LinkedIn users on the internet. Screen Shot 2013-03-07 at 9.23.47 AM.jpg Shortly after the password dump, LinkedIn announced that it switched encryption and would store passwords in a more secure encrypted format.

Plaintiffs predictably sued. The two named plaintiffs (in a now-consolidated lawsuit) were LinkedIn “premium” users, which meant that they paid a monthly or yearly fee for upgraded services. One of the plaintiffs alleged that her password was posted online, but the other did not. They sued on behalf of a putative class, consisting of all premium account subscribers. They also asserted claims on behalf of a subclass consisting of individuals whose information was compromised by the data breach. Plaintiffs pointed to language in LinkedIn’s privacy policy as evidence that LinkedIn had misrepresented the level of security for the storage of user passwords:

All information that you provide will be protected with industry standard protocols and technology.

In a short 8 page order, Judge Davila says plaintiffs lack standing. Plaintiffs proceeded based on a “benefit of the bargain” theory because they were paying customers, but the court found several problems with this theory.

First, there is no plausible allegation that plaintiffs paid money to LinkedIn in exchange for any enhanced security services. In fact, the privacy policy and levels of security were expressly the same for paying and non-paying users. As the court notes, the purchase of a premium account is “actually for the advanced networking tools and capabilities to facilitate enhanced usage of LinkedIn’s services.”

Second, plaintiffs failed to allege reliance on any alleged misrepresentations—they did not allege that they read the privacy policy.

The court also says that the cases where plaintiffs asserted claims for insufficient performance have required plaintiffs to allege “something more” than merely overpaying. For example, damages based on identity theft would constitute something more, but neither plaintiff alleged any damages in this category.

One of the plaintiffs separately raised the argument that she suffered injury by virtue of her information being posted online, but the court also rejects this theory:

Plaintiff Wright fails to show how this amounts to a legally cognizable injury, such as, for example, identify theft or theft of her personally identifiable information.

Plaintiffs’ failure to sue on behalf of a subclass that actually suffered out-of-pocket loss as a result of their information being posted online is telling, and probably spells the end of this lawsuit. Although they have a chance to amend, the court appears fairly hostile to plaintiffs’ claims.

The lay of the land for data breach lawsuits has not changed much. The overwhelming majority of plaintiffs lose, either on the basis of standing or the merits. In either scenario, the underlying rationale is the same: no out-of-pocket losses equals no cognizable damages.

The plaintiffs here tried a different tack that a few other plaintiffs have also tried: as paying customers, they asserted contract-based claims and claims for misrepresentation. Like earlier plaintiffs, these plaintiffs were also unsuccessful, at least on the first round. Early indications from these cases are that the “benefit of the bargain” argument is unlikely to be successful in the typical data breach case.

It's worth noting that dodging a civil lawsuit does not mean that LinkedIn may not come under fire from the FTC for its representations. More than one company has gotten into trouble over flowery language in its privacy policy about security that did not match up with actual practices.

Other coverage:

(Threat Post): LinkedIn Data Breach Lawsuit Dismissed

Posted by Venkat at 09:31 AM | E-Commerce , Privacy/Security

March 01, 2013

Amazon's Merchandising of Its Search Results Doesn't Violate Trademark Law (Forbes Cross-Post)

By Eric Goldman

Multi Time Machine, Inc. v. Amazon.com, 2013 WL 638888 (C.D. Cal. Feb. 20, 2013). The complaint.

No retailer does a better job of cross-selling to its customers than Amazon.com ($AMZN). Amazon is quite effective at exposing customers to complementary—and competitive—goods along with the products a customer initially considers. Many of us have had the experience of going to Amazon to buy one thing but checking out with a huge shopping cart of items that we didn’t initially seek—or even know were available. Amazon’s merchandising often benefits Amazon’s customers, but trademark owners who lose sales to their competition due to it aren’t as thrilled. Fortunately for Amazon, a California federal court recently upheld Amazon’s merchandising practices in its internal search results.

The Case

The plaintiff is Multi Time Machine (MTM), which makes expensive "military and tactical" watches and tightly controls its distribution channel to prevent resales on Amazon. When Amazon customers searched within Amazon’s internal search engine for “mtm special ops” (the name of one of MTM’s watches), Amazon’s search results page didn’t contain any results for MTM watches due to MTM’s distribution control (see screen shot). Instead, the court says, “all of the watches retrieved by Amazon belong to MTM’s competitors, in particular Luminox and Chase-Durer.”

In other words, Amazon merchandises its customers. In this case, because it doesn’t carry the products requested by customers, it suggests alternative options. We could analogize Amazon’s search results to a retailer’s store shelves. Following this analogy, when a customer walks into Amazon's store and asks where MTM watches might be found, the only thing they find on the store shelves are watches that Amazon thinks are comparable to MTM watches.

MTM sued Amazon for trademark infringement. Note that this is not a typical trademark lawsuit, where a trademark owner sues a competitor for copying its trademark too closely. Instead, this is a trademark owner-vs.-retailer lawsuit for merchandising competitors' items. Trademark law wasn’t built to handle lawsuits like this, and the typical multi-factor test courts use to evaluate consumer confusion doesn't make sense when applied to litigants at different levels of a distribution chain.

As I explain in my Brand Spillovers paper, we almost never see merchandising-related trademark owner-vs.-retailer lawsuit in the offline world, even though offline retailers engage in such activities frequently, such as:

* retailers often adopt vendor-submitted shelf design plans (a planogram) that shows the relative position of both the vendor's products and its competitors’ products;

* retailers charge vendors "slotting fees" to place their products on store shelves next to the competitors’ products;

* Catalina Marketing’s competitive couponing system monitors customers' buying activities and triggers competitors' coupons at the checkout stand.

In my research, I could find few—if any—lawsuits where trademark owners challenged these practices in the offline world. Yet, we regularly see legal challenges like this in the online world. Why the difference? In my Brand Spillovers paper, I argue it’s due to Internet exceptionalism.

Fortunately for Amazon and other online merchandisers, MTM’s lawsuit goes nowhere. The court sidesteps the thorny “use in commerce” question (compare Habush v. Cannon, which I blogged about yesterday) and instead rules that Amazon doesn’t create a likelihood of consumer confusion about the watches' source. The court hews closely to the Ninth Circuit’s important 2011 ruling in Network Automation v. Advanced Systems Concepts, another example of how that case has helped defendants.

The court’s central point is that Amazon’s search results page clearly explains what it’s doing to consumers. These labels and disclosures reduce the likelihood that consumers are confused when reviewing the results page. The court provides an illustrative analogy:

the instant situation does not appear to be a case of palming off in the traditional sense. It is akin to the consumer asking for a Coca-Cola and receiving a tray with unopened, labeled, authentic cans of Pepsi-Cola, RC Cola, Blue Sky Cola, Dr. Pepper, and Sprecher Root Beer, and a copy of Coca Kola: The Baddest Chick, by Nisa Santiago. This is a substitution, but given the context it is not infringing because it is not likely to confuse.

Implications

Because the opinion only deals with Amazon’s internal search engine, the court doesn’t explicitly address search results pages at general-purpose search engines like Google ($GOOG) or Bing. Still, this opinion probably applies to those pages as well. Google, Bing and other search engines routinely merchandise their customers by automatically reinterpreting search queries, suggesting other useful search terms (like a “Did you mean….?” prompt), displaying links to sister properties, and displaying sponsored links/ads such as Google AdWords. This case suggests that so long as viewers understand the relationship between their search query and the search results page, search engines should not suffer actionable trademark infringement based on those pages. Over the past decade, Google has largely achieved that legal conclusion via its many court battles, but this ruling will help if Google has to defend the likelihood of consumer confusion question again.

While trademark owners may be frustrated by the exposure their competitors get when retailers and other intermediaries merchandise their prospective customers to alternative offerings, we as consumers want—and expect—online intermediaries like Amazon and Google do such merchandising to help us achieve our goals. Although the court doesn’t get into the pro-consumer and pro-competition benefits of its ruling, undoubtedly the ruling is a win for both.

Posted by Eric at 07:38 AM | E-Commerce , Search Engines , Trademark | TrackBack

Search

Categories

Archives

Recent Entries

March 30, 2013

Facebook Password Exchange Between Parties to Litigation Results in Spoliation Debacle – Gatto v. United Airlines

March 29, 2013

FTC Warns Nordstrom Over Tweetup Freebies

March 27, 2013

Why Google's Commitment Letter to the FTC Isn't Commercial Speech (Guest Blog Post)

Judge Boots Privacy Lawsuit Against Pandora but Plaintiffs Can Replead – Yunker v. Pandora

March 26, 2013

Ex-Lover Can Use Non-Disparagement Provision to Suppress Revenge Porn--Walls v. Klein

The Supreme Court's Kirtsaeng Ruling Is Good News for Consumers, but the First Sale Doctrine Is Still Doomed--Kirtsaeng v. John Wiley (Forbes Cross-Post)

March 25, 2013

Minnesota’s Proposed Anti-Trademark Bullying Statute Misses the Mark (Guest Blog Post)

March 24, 2013

Linkwrap of Google's Antitrust Deal With the FTC

March 23, 2013

First Amendment Protects Online Republication of Court Records--Nieman v. VersusLaw

March 22, 2013

N.Y. Yankees Block Clothing Manufacturer's "Baseball's Evil Empire" Trademark Registration (Catch-Up Post)

Another Credit Card Breach Lawsuit Fails – Willingham v. Global Payments

March 21, 2013

Griping Blogger Protected by Fair Use But Not Section 230--Ascend Health v. Wells

March 20, 2013

Book Recommendation: "Trademark and Deceptive Advertising Surveys"

March 19, 2013

IMDB's Disclosure of Actress’s Age Will Go To Trial – Hoang v. Amazon

March 18, 2013

It's Legally Okay if Google Thinks Your Name and Erectile Dysfunction Drugs Have Something to Do With Each Other (Forbes Cross-Post)

March 14, 2013

Court Rejects Attempt to Hold Software Company Liable for Surveillance Conducted by Its Customer – Luis v. Zang

March 13, 2013

Ex-Employer's Hijacking of a LinkedIn Account Is a Publicity Rights Violation--Eagle v. Morgan

March 12, 2013

"Regulation of Social Media and Mobile Media" Talk Slides

March 09, 2013

Family Law Judge Discounts Tweets That Threatened Children and Discussed Alcohol Use – R.M. v. D.Z.

March 07, 2013

Court Dismisses Data Breach Lawsuit Against LinkedIn Based on Compromised Passwords – In re LinkedIn User Privacy Litigation

March 01, 2013

Amazon's Merchandising of Its Search Results Doesn't Violate Trademark Law (Forbes Cross-Post)