Top 10 Internet Law Developments of 2014 (Forbes Cross-Post)

Top 10 Internet Law Developments of 2014 (Forbes Cross-Post)

Photo credit: "the words Top 10 in a burst of colorful stars" // ShutterStock

Photo credit: “the words Top 10 in a burst of colorful stars” // ShutterStock

It’s time for my annual recap of the top Internet Law developments of the year.

#10: Copyright Fair Use Tilts To Defense. Larry Lessig has famously said that “fair use in America simply means the right to hire a lawyer to defend your right to create.” While that may still be the case, 2014 was generally a good year for fair use defendants. Some rulings were straightforward, like the cases involving the circulation of an expert witness’ resume and copying a blogger’s posts in a disciplinary proceeding. More surprising is the strong fair use rulings protecting the aggregation of copyrighted works into large-scale databases–the subject of several significant defense wins, including the Author’s Guild v. HathiTrust, White v. West Publishing and Fox News v. TVEyes rulings. For a more thorough review of fair use in 2014, see this post.

#9: Online Sex Stings and Entrapment. I’m glad that officers are on the Internet beat busting sexual predators. Unfortunately, we’re seeing too many cases where undercover officers entrap people who weren’t looking for underage sex partners. I first blogged this issue in 2013. This expose by a Florida TV station provides an important, and troubling, update.

#8: European Regulators Want to Destroy Google–At Any Cost. We’ve known for years that European regulators hate Silicon Valley generally and Google specifically. What got worse in 2014 is the willingness of those regulators to pursue anti-Google initiatives that would hurt European consumers and businesses as much or more than Google.

First, Germany (in 2013) and Spain enacted an “ancillary copyright” to force Google to pay license fees to newspapers for indexing content snippets in Google News. There’s really no policy rationale for this new IP right; it’s just a wealth transfer from Google to local newspapers. Except…it totally backfired. The Germany law allowed print publishers to waive their license fees, which the major print publishers did after realizing that losing the Google News traffic cost them way more money than the license would generate. As a result, most players just worked around the law in Germany. Spain, however, made its right non-waivable. Google responded by shutting down Google News in Spain altogether–leading the Spanish publishers to beg Google to come back. So let’s tally up the effect of the Spanish law: Spanish publishers got no license fees, Spanish publishers lost a lot of traffic and the revenue they would have generated from it, and Spanish consumers lost access to a valuable tool. Great job there, guys.

Second, the European parliament passed a resolution calling for the breakup of Google. As I explained earlier, rather than stimulating competition, a breakup of Google would almost certainly lock in Google’s ongoing dominance of the European search market and hurt both consumers and publishers. If your regulatory plan to combat a monopolist is to help strengthen its monopoly, UR DOING IT WRONG.

#7: Regulatory Struggles With Online Marketplaces. The Internet makes marketplaces more efficient, something we learned from its very earliest days (think eBay). Now we’re seeing a second generation of online marketplaces tackling big industries, from transportation (Uber/Lyft/Sidecar) to lodging (AirBnB) to illicit goods (Silk Road). As the online marketplaces proliferate in regulated industries, not surprisingly we’re seeing plenty of regulatory blowback, including barriers to entry and attempts to make new enterprises fit into regulatory frameworks that weren’t designed for them. These are fairly typical cyberlaw problems, but the stakes are high because of the huge dollars at stake, plus the tenacity of existing incumbents who don’t want to compete with new entrants governed by less restrictive regulations.

As online marketplaces proliferate, their customers and vendors will suffer a growing number of harms and look to the online marketplace operators as insurers or guarantors. Ordinarily, online marketplaces shouldn’t be liable for the harms one marketplace participant causes another. As we saw this year, this result is dictated by 47 USC 230 (Section 230), the 1996 federal law that says websites aren’t liable for third party content. See Witkoff v. Topix and Hinton v. Amazon. It might also be dictated by default legal principles (see the Vesely v. Armslist ruling). On the other hand, when the federal government dislikes an online marketplace operator, it has the functional power to unilaterally take that business permanently out of the industry, as we saw with the Silk Road prosecution.

#6: A/B Tests by Internet Companies. Internet companies routinely run A/B tests where two or more alternatives are presented to selected users, the results are compared, and the best-performing option gets more widely adopted. A/B testing is an integral part of product marketing and, when used properly, can lead to better products and services. Yet, when Internet companies run A/B tests, they are effectively conducting experiments on live people. In academic settings, experimentation on humans is governed by Institutional Review Boards (IRBs) to ensure that the experiments are ethical.

The tension between Internet product marketing and experimenting on humans boiled over when Facebook researchers published a paper on an A/B test designed to see if Facebook could make its users sad. While the A/B test had a valid goal (could Facebook help its users be happier?), it also was deliberately messing with people’s emotions. This prompted speculation about what other types of manipulation that Facebook could “experiment” with. Could it manipulate political content and change election results? People also started asking questions about Facebook’s disclosures to users. Did Facebook adequately tell its users that they might be the subject of its experiments? Do other companies make adequate disclosures?

For reasons completely unclear to me, OKCupid publicly rallied to Facebook’s defense, saying OKCupid had run experiments where it apparently lied to its members by indicating they were more compatible with other members than their numerical scores indicated. OKCupid’s intervention backfired by making people even more suspicious of how their Internet services might be lying to them and manipulating their emotions.

While we may be legitimately fearful of undisclosed emotional manipulation due to A/B testing, the solutions are less clear. Telling users about the possibilities is a good start, but getting informed consent without spoiling the experiment is tricky, and large companies might be running dozens or hundreds of experiments at any one time. Perhaps we can get Internet companies to incorporate ethical decision-making when structuring their A/B tests. Facebook made minor incremental changes on this front, and most other Internet companies have ducked the issue entirely.

#5: Involuntary Pornography. Our society is producing enormous amounts of pornography–more pornography than we’ve ever produced in human history. Disseminating pornography without the consent of everyone depicted (“involuntary” pornography) is not OK, but we’ve nevertheless seen massive security hacks (like the Fappening and the Snappening) and socially deviant behavior such as “revenge porn.”

Legislatures are cracking down on involuntary porn. Perhaps not surprisingly, these legislative solutions aren’t always well thought out (see, e.g., Arizona’s unconstitutional law). The legislatures also don’t do a great job accounting for the many successful revenge porn lawsuits and prosecutions we’re seeing throughout the country (e.g., 1, 2, 3, 4).

The sad and troubling reality that the involuntary pornography has become ubiquitous in some communities. For example, The Atlantic explained how the trading of sexting photos was so rampant in one high school that law enforcement had no practical choice but to ignore most of it. Could they really send most of the high school to jail?

#4: Garcia v. Google. The Ninth Circuit suggested that an actress, who appears for 5 seconds in a 14 minute video, could claim copyright in her performance of the script (even though her words were overdubbed). Based on that conclusion, the court issued a secret order requiring YouTube to take down every copy of the video and then ensure the video stayed down. Fortunately, the Ninth Circuit vacated this terrible opinion and agreed to rehear the case. I hope we’ll get a smarter ruling on the Ninth Circuit’s second try. If not, the case threatens to break the Internet by allowing anyone depicted in a video to claim a copyright in the recording. If that’s the law, it will be functionally impossible to publish videos without the consent of every person depicted–a nonsensical standard in the age of citizen journalism and widespread video documentation of public activities.

#3: Cybersecurity Breaches. After the Snowden revelations, 2013 was the year we realized the NSA was listening to everything we did online. 2014 may be the year we realized that every hacker is listening to everything too. We had more cybersecurity breaches than we could track, many with colorful names: Heartbleed, Shellshock, Poodle, the Fappening, the Snappening. Some of the biggest companies (Apple, eBay, Home Depot, Sony and many more) got hacked for massive amounts of personal data. Let’s face it: data in electronic form is insecure, period.

Unquestionably, we need a better digital security infrastructure. I think everyone agrees on that. But how will we make actual progress on this front? Not with the government’s leadership. The government still wants to know everything about its citizens, so they keep demanding backdoors and “secure golden keys.” Thus, Apple’s move to encrypt iPhone data by default sparked Crypto Wars 2.0 (1.0 was back in the 1990s). The Obama Administration’s response to 2014’s cyber-insecurities was hardly inspiring; mostly it dredged up moldy-oldie policy ideas that wouldn’t improve cybersecurity but would make law enforcement happy, such as CISPA and unnecessarily ramped-up Computer Fraud & Abuse Act provisions.

#2: Europe’s Right To Be Forgotten. Europe’s “right to be forgotten” (RTBF), announced in a European Court of Justice (ECJ) opinion in March, easily qualifies as the worst Internet Law policy development of 2014. The ECJ ruling gives people the ability to selectively scrub unwanted search results for their name when the search results are “inadequate, irrelevant or no longer relevant” (whatever those terms mean). Erasure breaks the links in the search engine’s database, but doesn’t eliminate the source material, which can may show up in search results for other keywords. Thus, the doctrine obscures truthful information by making it harder to find; or stated another way, makes search engines dumber than their technology allows.

The ECJ ruling raised big logistical concerns. How would Google and its regulators build an infrastructure to process the onslaught of erasure requests (as of January 22, nearly three-quarters of a million URLs). Still, everyone knew Google could rise to this challenge, even if it had to build expensive manual processes. (I focus on Google because Bing and Yahoo have gotten trivial numbers of erasure requests). Superficially, it looks like we weathered the storm. The ECJ launched a new requirement, Google handled it, finis.

Clearing the logistics issue allows us to focus on the policy merits. On that front, I’d rank the right to be forgotten as a terrible policy result. A few reasons why:

* it forces Google to make highly subjective but socially important decisions about content removal. How can Google determine if a search result is “irrelevant”? What do we as society lose when Google makes the wrong call–and how will the public know about these errors? The ruling says the public interest should be considered, but who represents that public interest? Certainly not the European DPAs!
* it undermines users’ trust in search engines because they know that searches on a person’s name can be curated by that person and therefore exclude information the searcher might have found relevant. Thus, searchers are being trained not to trust search engines for useful results.
* the increased costs raise barriers to entry for future competitors of Google.
* it’s just the next step on governments’ long-term effort to censor search results. It started with child porn, then copyright, now truthful reputational information. As we slide down the slippery slope, you can be sure that Google’s successful implementation of RTBF will be invoked as justification for the next censorious desire.

Fortunately, the United States won’t implement a right to be forgotten like Europe’s. We’d call it censorship of truthful information, which violates the First Amendment, and any mandatory removal of search results also would violate Section 230. As for whether Europe or the United States has the better policy, we should check in 20 years and compare the results of this social experiment. I have a good guess who’s going to win.

#1: Sony Hack and Its Fallout. The Sony hack is a security breach unlike any other we’ve ever seen. A major international corporation had most or all of its secrets laid bare and posted on the Internet for its customers, competitors and regulators to enjoy. We’ve never seen such a thorough unmasking of a major company’s inner workings.

We’re still feeling the long-term effects of the Sony hack, such as:

* the U.S. accused North Korea of the hack, which sparked a word of wars reminiscent of the Cold War’s peak.
* in response to threats of physical violence at theaters showing the movie, Sony initially pulled the release of its film The Interview. In effect, a terrorist–maybe North Korea?–was able to censor the film. Even President Obama chided Sony for giving into terrorism.
* the fearful responses of movie theaters forced Sony to explore an online release of the film simultaneous with its theatrical release. As a result, we got some results from an experiment Sony was too scared to run otherwise: is the early online release of a film in theaters financially profitable. The early signs suggest that Sony did OK with the release. This might pave the way for a reengineering of the movie distribution business and “windowing”; or at least open the door to more simultaneous online distribution of theatrical releases.

The details released via the Sony hack shed light on the MPAA’s campaign to crush Google. It’s raised a lot of questions about the legitimacy of the MPAA’s entanglements with the state attorneys’ general, most notably Mississippi’s attorney general Jim Hood, who seems unusually cozy with them. Why does the MPAA care about online pharmaceutical sales? Because it can be used to attack Google. And why is AG Hood so focused on curbing online copyright infringement with the MPAA’s help? How does that benefit his constituents in any direct way?
____

For another perspective on the big Internet Law developments of 2014, see John Ottaviani’s year-end recap.
____

Hidden Track #1: Honorable Mentions

* Ownership of Selfies. IP law professors had tons-o-fun debating who owned Ellen DeGeneres’ “Oscar Selfie.” The debates continued when the monkey selfie came back into the public discourse and the Copyright Office took the position that it was in the public domain.

* Federal Circuit Taken To the Woodshed. The Federal Circuit had a terrible year in the Supreme Court. It lost the first five appeals of its decisions unanimously, i.e., 45 Supreme Court votes against its holdings, not a single one for it.

* Alice v. CLS Bank. The Supreme Court’s Alice ruling has had a big–and deleterious–effect on the viability of business method and software patents.

* Viacom v. YouTube Settlement. This case was expected to define online copyright liability, but after 7 years in court and tens of millions of dollars spent on legal fees, the case settled with few lasting effects. Imagine if the parties had spent all that time and money trying to work together and improve the service and content offerings to consumers instead…

* Aereo. The Supreme Court shut down Aereo’s broadcast-TV-to-computers service, but it’s hard to know what other consequences its ruling will have.

* Riley. The Supreme Court said no to warrant-less cellphones searches. Yay! But will this ruling change things in the field? Maybe not.

* Proposed New Federal Trade Secret Law. This is probably the most significant IP policy proposal you aren’t paying attention to. I think it’s bad news.

* Efforts to Ban Consumer Reviews. In the ongoing battle to curb unwanted negative reviews, we’ve seen the proliferation of contract clauses trying to suppress negative reviews. California banned such clauses and Congress is considering doing the same.

* Are Parents Liable for Kids’ Online Pranks? Possibly.

* Doe v. Internet Brands. Overall, Section 230 had a pretty good year, but the Ninth Circuit exposed a potentially giant hole in the immunity when plaintiffs allege that the website failed to warn them of risks associated with using the site.

* People Losing Their Jobs from Ill-Advised Social Media Posts. The advice remains the same: post in haste, repent at leisure (but probably without unemployment insurance).

* Browsewraps Are Vexing Courts. Most of the online contract cases in 2014 reached logical results, but the “browsewrap” nomenclature is sure confusing judges.
____

Hidden Track #2: Curiosities

Some of the oddest cases I blogged this year:

* the Banana Lady rulings. It’s hard to take too seriously anyone who dresses in a banana costume, sings in a helium voice and has an over-expansive view of their IP rights.

* Gulliver v Snay. If you’re going to tell your opponent to “SUCK IT” on social media, make sure you won’t be “SUCKING IT” yourself.

* Robert Half v. Ainsworth. Of course your former employees can tell the world that they used to work for you.

* In re Reynolds. Daughters can blog about their mom without violating publicity rights.

Bonus: Jargon watch. Terms on everyone’s lips in 2014 include cybersecurity, browsewraps, Bitcoin, Big Data, A/B testing and the Internet of Things (IoT).
____

Lists from Previous Years

Previous top 10 lists from 2013, 2012, 2011, 2010200920082007 and 2006. Before that, John Ottaviani and I put together a list of top Internet IP cases for 20052004 and 2003.