July 27, 2010
Private Facebook Group's Conversations Aren't Defamatory--Finkel v. Dauber
By Eric Goldman
Finkel v. Dauber, 2010 WL 2872874 (NY Sup. Ct. July 22, 2010)
I previously blogged about this case last year. The case involves a private Facebook group comprised of 6 high school students apparently mocking and criticizing one of their classmates. Even if I acknowledge that the conversation was never meant for public consumption, to me the group's discussion is embarrassingly puerile and hearkens back to John Hughes' bleak depictions of high school life.
For reasons not explained in this opinion, the contents of the private group's discussion leaked out and got back to the target, who sued Facebook, most of the posters and the posters' parents. The suit against Facebook got some press when initially filed, but it was a farcically doomed legal endeavor, and I would have slapped it with a Rule 11 sanction if I had been the judge. The judge was more merciful than I would have been on the sanctions front but nevertheless dismissed the claim per 47 USC 230.
In last week's ruling, the court dismisses the plaintiff's defamation claims against the posters because, in context, the puerile discussion clearly did not constitute assertions of fact. The court says:
A reasonable reader, given the overall context of the posts, simply would not believe that the Plaintiff contracted AIDS by having sex with a horse or a baboon or that she contracted AIDS from a male prostitute who also gave her crabs and syphilis, or that having contracted sexually transmitted diseases in such manner she morphed into the devil. Taken together, the statements can only be read as puerile attempts by adolescents to outdo each other.
The court later reiterates the point:
The entire context and tone of the posts constitute evidence of adolescent insecurities and indulgences, and a vulgar attempt at humor. What they do not contain are statements of fact.
What baffles me is that this assessment was unmistakable from reading the complaint. Yet, despite the lawsuit's seemingly obvious futility, the plaintiff still thought this case was worth bringing. Why? Was it the hope of punching an ex post lottery ticket? Or was it an attempt to use the court system to redress the putative harms? If it was the latter, I wonder if some type of remedial action other than a judicial adjudication might have nevertheless satisfied the plaintiff, because the courts sure aren't providing a satisfying resolution to cyberbullying-style cases.
The court made two other rulings of interest. First, it rejected the plaintiff's efforts to impose negligence liability on the posters' parents for tortiously entrusting the kids with a dangerous instrument. The court says: "To declare a computer a dangerous instrument in the hands of teenagers in an age of ubiquitous computer ownership would create an exception that would engulf the rule against parental liability."
Second, the court rejects any standalone claim of "cyberbullying" as a tort. The court says: "the Courts of New York do not recognize cyber or internet bullying as a cognizable tort action."
This case reminds me a little of the DC v. RR "cyberbullying" case, which I have been meaning to blog for months and will get to eventually. The DC v. RR case is more serious because the taunts were publicly posted and much more violent, but in context, the postings were still obviously hyperbolic to me. Both cases present themselves as a combination of anti-social conversations by teens who don't realize the power of their words mixed with a plaintiff who perhaps felt more sensitive about such taunts than the average person. Either way, what's clear to me is that the court system is not doing a good job resolving cyberbullying claims to anyone's satisfaction. In my future post, I'll propose an alternative that might provide a better resolution for the plaintiff than bringing low-merit lawsuits.
Posted by Eric at 08:23 AM | Content Regulation | TrackBack
July 26, 2010
Facebook's Anti-Spam Filter Blocks Legitimate Conversations about Power.com
By Eric Goldman
On Friday, Venkat and I posted about the latest ruling in Facebook v. Power.com. After Venkat or I make a blog post, I typically post the blog headline and URL to Twitter. I have enabled the app that makes my Twitter posts into my Facebook status reports as well, so the headline and URL on Twitter should automatically propagate to Facebook. On Friday, I tweeted the following:
"Blog Post: Important ruling on California's anti-computer trespass statute--Facebook v. Power.com http://bit.ly/bM7hQT"
However, I noticed that the Twitter-to-Facebook app didn't work properly and the headline didn't appear. So I tried to manually enter the headline and URL and got this message from Facebook:
"This message contains blocked content that has previously been flagged as abusive or spammy. Let us know if you think this is an error."
I do think that's an error, and I reported the problem through Facebook's automated reporting tool on Friday. Not surprisingly, I still haven't gotten a response to that. But I was baffled how my headline and URL could have been "flagged as abusive or spammy." Who flagged it? Why?
After a little more experimentation, I discovered that every instance of the character string "power.com" is blocked in Facebook. Therefore, every time I put "power.com" into my status reports or in comments to those status reports--even if it's the only content in the post/comment--I get the "blocked content" message. However, it's easily avoided; I can post "power . com" (notice the spaces before and after the period) just fine. Basically, Facebook is using a very dumb word filter.
I emailed my PR contacts at Facebook about this. They pointed to their anti-spam filter and this blog post from June. The blog post explains that "we've been working to improve our warnings and make them more clear" and that "people misunderstand one of these systems. They incorrectly believe that Facebook is restricting speech because we've blocked them from posting a specific link."
So this is where things have gone wrong. Facebook told me it has blocked Power.com because "we found that Power was spreading links to its pages in a way that violated our Statement of Rights and Responsibilities. For example, when a Power user accessed Facebook, Power would automatically create an event on Facebook (typically called 'Power.com Party' or something similar) without the person's knowledge or permission. It would then send invitations to all of the user's friends." Fair enough, and I'm glad Facebook is trying to keep its system safe for users.
However, Facebook's dumb word filter block means that every reference to "power.com," even if it's in plaintext and not linkable, is still treated as a link and therefore is blocked as well. The messaging then disparages the plaintext reference as "blocked content that has previously been flagged as abusive or spammy" when, in fact, a link to the URL, not the plaintext reference I made, has been flagged. So much for clearer error messages.
I pointed out to Facebook's spokespeople the difference between a plaintext reference to a company's name ("Power.com") and a spammy URL/link. Their response? "Spammers turning their malicious urls into plain text is the oldest trick in the book. Not blocking all of the variations of a bad URL leaves a gaping hole."
There is a kernel of truth to this, of course. A plaintext URL is not materially different from an active hypertext link--if the user chooses to cut-and-paste the link into the browser (or right-clicks on it, or whatever). However, Facebook's method of blocking spammy links by blacklisting every instance of the character string actually has the effect of blocking *every* discussion of a blacklisted company with the name [noun].[tld]. Because the main word in the name is a noun (e.g., "Power"), referencing the name without the TLD can lead to semantic ambiguity. However, the system prevents me from using the complete name (Power.com) because it can't distinguish between a link and a plaintext reference to a company's name that acts as a URL. I received a private email that another Facebook user encountered a similar block with the string seppukoo.com, the Facebook suicide tool.
In my case, the net consequence is that Facebook automatically blocks any conversations involving the string "power.com"--including my headline to my blog post--and provides an error message telling me that I am posting spammy/abusive content when I try to make the posting, which makes me feel like I did something wrong. With all of the bright engineers at Facebook, I bet they could figure out a way to more precisely tune the filter so that a plaintext reference to [noun].[tld] gets through while active links to that URL, or more fulsome plaintext URLs, remain blocked.
That is, assuming Facebook actually wants to enable Facebook users to talk about Power.com or Seppukoo.com or other enterprises that threaten the Facebook franchise. Frankly, I haven't seen much evidence of Facebook's interest in those conversations. In light of Power.com's antitrust challenges against Facebook, the fact that Facebook's system suppresses legitimate conversations about Power.com (whether it had a censorious intent or not) struck me as particularly noteworthy.
Posted by Eric at 10:33 AM | Content Regulation , Domain Names , Privacy/Security , Spam | TrackBack
July 23, 2010
Judge Denies Facebook’s Request for Judgment on the Pleadings and Strikes Power.com Counterclaims -- Facebook v. Power.com
[Post by Venkat, with additional comments by Eric]
Facebook v. Power Ventures, Inc., Case No. C 08-05780 (N.D. Cal. July 20, 2010)
Background: Facebook and Power Ventures (Power.com) have been locked in a battle over whether Power.com should be allowed to access Facebook on behalf of users outside Facebook’s developer channels. Facebook wants all developers to go through its channel. Power.com seemed to go down in path but decided at some point that it didn’t like Facebook’s developer channel. It accessed (on behalf of its users) Facebook’s network. Facebook sued, and Power.com became an unlikely poster child for why data portability is important.
There’s been a lot of motion practice in this case. Facebook brought the typical array of copyright/computer fraud and abuse act claims that survived a motion to dismiss from Power.com. Power.com brought antitrust counterclaims that the court knocked out (with leave to amend). Facebook focused on its attention on its claims under the California computer crime statute (section 502), and moved for judgment on the pleadings. EFF filed an amicus brief arguing for a narrow construction of the statute. (In the meantime, there was a recusal by the judge who initially drew the case and dealt with the preliminary motions.) The court now deals with Facebook’s request for summary judgment or judgment on the pleadings that Power.com violated section 502, as well as a few other motions.
The Court’s Treatment of the Claims:
Standing under section 502: Power.com argued that Facebook lacked standing under section 502. The court easily disposes of this argument by noting that Facebook was forced (or decided it was prudent) to implement technical measures following its discovery that Power.com accessed its network. The court notes that there’s no dollar amount threshold, and rejects Power.com’s attempt to rely on its declaration that Facebook would not have had to invest any substantial amounts to implement these new technical measures.
Power.com’s liability under section 502: Facebook argued that Power.com accessed Facebook’s network without authorization because it exceeded the scope of the authorization allowed by Facebook’s terms of service. The court looks to the legislative history behind section 502 and declines to give legislative statements the broad-reaching meaning that Facebook urges. Facebook argued that any access in excess of authorization constitutes a violation of section 502, and the court doesn’t seem to agree with this. EFF filed an amicus brief arguing for a narrow interpretation of section 502. EFF also argued that Power.com’s actions did not violate section 502. The court settles on an interpretation of section 502 that requires some sort of circumvention of :
Technical or code-based barriers that a computer network or website administrator erects to restrict the user’s privileges within the system, or to bar the user from the system altogether.
[The court also drops a footnote noting that even though the defendant may not be liable under section 502, the defendant may still be liable for breach of contract. The footnote does not mention claims under the Computer Fraud and Abuse Act.]
Ultimately, the court leaves Facebook room to still make out a claim but says that (under section 502 at least) it can’t merely be based on a terms of service violation:
the Court finds that Power did not act “without permission” within the meaning of Section 502 when Facebook account holders utilized the Power website to access and manipulate their user content on the Facebook website, even if such action violated Facebook’s Terms of Use. However, to the extent that Facebook can prove that in doing so, Power circumvented Facebook’s technical barriers, Power may be held liable for violation of Section 502.
Power.com’s counterclaims based on Facebook’s alleged anti-competitive conduct: Facebook moved to dismiss Power.com’s antitrust claims against Facebook. The court focuses on Power.com’s allegations about Facebook’s acquisition of monopoly power. According to Power.com, Facebook gained monopoly power through allowing users to invite their friends (and making it easy), allowing people to access other networks through Facebook, while at the same time not allowing people to access Facebook through other networks. Power.com also alleged that Facebook alleged baseless intellectual property claims to dissuage new entrants into the market.
The court rejects these arguments, finding that Facebook has no obligation to allow others to access its network and it can set the terms of access without running afoul of antitrust rules. The court also finds that taking steps to protect its rights does not mean that Facebook is engaging in anti-competitive behavior.
Power.com’s affirmative defenses: The court previously struck Power.com’s affirmative defenses of copyright misuse and fair use. Power.com amended their pleadings and the court lets these affirmative defenses stand. The court’s discussion is a little sparse on whether these defenses actually are viable, but the court declines to strike them on the basis that the allegations provide Facebook with enough facts to put Facebook on notice as to what is being claimed.
__
I’d say overall it was not a big loss for Facebook. It still has viable claims under the Computer Fraud and Abuse Act and potentially copyright (in addition to auxiliary spam and other) claims. It has a chance to prove a violation of section 502 by showing that Power.com engaged in circumvention of a technical measure (IP address blocking, or additional security measures which Facebook implemented).
This is somewhat of a win for EFF, which got a ruling with a narrow construction under section 502. I’m not sure how useful this ruling will be in the Computer Fraud and Abuse context. Also, the court’s willingness to use circumvention of any technical measure to find a violation of section 502 sets a low bar. Still, in the garden variety context where an individual accesses a network in violation of the terms of service, section 502 claims don’t seem as likely (under the court’s ruling).
Power.com continues to slog it out. I’m guessing it will see this litigation as fairly unprofitable sooner rather than later, particularly with its antitrust claims out the window (I can’t imagine they thought these were terribly viable to begin with, judging by their initial set of allegations). Of course, they can bring their affirmative defenses and engage in some discovery, but this is not likely to bend the will of a company such as Facebook.
Additional Coverage:
Wendy Davis: “Facebook Rebuffed In Case Against Social Aggregator Power.com”
ars technica: “Social network aggregator no crook for violating Facebook TOS”
________
Eric's comments: A very small number of rulings have interpreted California Penal Code Sec. 502, the state law analog to the Computer Fraud & Abuse Act and a partial statutory codification of common law trespass to chattels. Based strictly on the statutory wording, Penal Code 502 (which authorizes civil suits in addition to being a criminal sanction) is the most plaintiff-friendly of the three doctrines because it does not require the plaintiff to show any minimum quantity of loss or harm from the defendant's harm.
This ruling partially reinforces why Penal Code 502 remains the most plaintiff-friendly of the three doctrines. Effectively, Facebook made the requisite showing of harm from Power.com's conduct even though Facebook's only purported harms appear to be remediation efforts. As the court says:
Defendants’ admissions that Facebook attempted to block Power’s access and that Power provided users with tools that allowed them to access the Facebook website through Power.com demonstrates that Facebook expended resources to stop Power from committing acts that Facebook now contends constituted Section 502 violations.
This is a bootstrapped type of loss that will be true in almost every anti-server use case.
The court then takes a decidedly less favorable turn when it comes to the authorization/permission question. Many CFAA rulings have allowed user agreements to delimit the authorized use of the plaintiff's servers. The court rejects that approach here, saying, in effect, that because Penal Code 502 is a criminal statute, allowing the user agreement to establish the boundaries of permitted server use is improper. I agree with that statement (some of you may recall my posts about the Lori Drew prosecution, conviction and dismissal). However, I would note Facebook's lawsuit is a civil case, not a criminal case, so the court could have distinguished between the legal requirements of criminal and civil cases. In particular, it was odd to see the court discussing constitutional limits to criminal prosecutions in a case where neither litigant really cared directly about the scope of criminality.
Even if the contract does not provide adequate notice to defendants, the court allows plaintiffs to delimit the permitted/authorized use of their severs technologically, and transgressions of those technological limits appears to satisfy the Penal Code 502 requirements and the constitutional protections applicable to a criminal prosecution. The court says:
the Court finds that accessing or using a computer, computer network, or website in a manner that overcomes technical or code-based barriers is “without permission,” and may subject a user to liability under Section 502.
This is because defendants are adequately put on notice when they encounter a technical block and try to route around it; therefore, with the technical block requirement, the statute will satisfy even the more stringent notice requirements of criminal law. There remained a factual dispute about Facebook's technical blocking efforts in this case based on the procedural posture of the case, so that point remains open for now.
If this case ends up setting the precedent that a user agreement cannot set the boundaries of authorized uses of computer servers in the California Penal Code Sec. 502 context, then this is a pretty important ruling. However, I don't really believe that result will necessarily be reached in other cases, especially given that Judge Ware disagreed with Judge Fogel's ruling in Facebook v. ConnectU on the same question.
In Cyberlaw I teach that an anti-computer trespass civil claim satisfying the four elements will probably win:
* Third party system use
* Damage
* Actual notice that use unpermitted
* Technological self-help
If Facebook can show these four elements, it has a good chance at winning the Penal Code 502 case; indeed, this ruling indicates that under Penal Code 502, the damage element is easy to meet and the notice/self-help elements effectively merge together. If you are prepping an anti-trespass case, the more clearly you can show all four elements, the more likely the court will find a legal doctrine to help you.
Posted by Venkat at 12:29 AM | Content Regulation , Licensing/Contracts , Privacy/Security
July 05, 2010
Q2 2010 Quick Links Part 1 (Content Regulation Edition)
By Eric Goldman
Online Publication
* Too Much Media, LLC v. Hale, 2010 WL 1609274 (N.J. Super. A.D. April 22, 2010). Curating blogger and message board commenter does not qualify for New Jersey's reporter shield law. The case also says that online defamation is libel, not slander (to the extent it makes a difference).
* Insightful interview with the FTC's David Vladeck. "We did not do a good job with the...Endorsement Guides [rollout]." Really…you think? The latest "guidance" from the FTC, the Facts for Businesses, hardly improves the situation.
* Former nurse charged with encouraging other folks in Internet chat rooms to commit suicide, which at least two did.
* Brayshaw v. Tallahassee, 4:09-cv-00373-RS-WCS (N.D. Fla. April 30, 2010) Publishing personal information about police officers to Ratemycop.com is protected by the First Amendment.
* Mortgage Specialists v. Implode-Explode Heavy Industries (N.H. Sup. Ct. May 6, 2010). Dissolving an injunction against a website republishing user-submitted comments on First Amendment grounds.
* Jiron v. Jiron, 2010 WL 1978704 (Ind. App. Ct. May 18, 2010). Mom giving a 10 year old unsupervised access to a MySpace account (and listing his age as 19) was a factor in Mom losing custody rights.
* McGee v. Patel, 2010 WL 1838621 (Cal. App. Ct. May 7, 2010). Ex-boyfriend sets up a password-protected blog and writes about his ex-girlfriend and her new boyfriend. The ex-girlfriend has a password to the blog, and she gives her new boyfriend the password after seeing blog postings threatening him. The ex-boyfriend says he didn’t expect the new boyfriend to be reading the blog because:
[California Penal Code] Section 502 provides that it is a public offense for a person to “[k]nowingly and without permission provide[ ] or assist[ ] in providing a means of accessing a computer, computer system, or computer network....” or to “[k]nowingly and without permission access[ ] or cause[ ] to be accessed any computer, computer system, or computer network.” There is nothing in the record to suggest that appellant's blog could be considered a “computer, computer system, or computer network.” More importantly, it is clear that respondent had J.S.'s permission to use her personal password to access appellant's blog, and respondent therefore was not acting “without permission” when he read appellant's posts.
I think this is wrong on two fronts. The servers hosting a blog should qualify for 502 protection, and an authorized user can’t share passwords without permission and have all of the password recipients also become authorized users.
* Edelman v. Croonquist, 2010 WL 1816180 (D.N.J. May 4, 2010). Court dismisses mother-in-law’s lawsuit that a comedienne’s shtick constitutes defamation, false light or infliction of emotional distress because the jokes were non-actionable opinions, not statements of fact.
* NY Times on the difficulties that schools have policing/responding to cyberbullying.
* JC v. Beverly Hills Unified School District, 2010 WL 1914215 (C.D. Cal. May 6, 2010). “Plaintiff's geography-based argument-i.e., that the School could not regulate the YouTube video because it originated off campus-unquestionably fails.” However, “the Court finds that no reasonable jury could conclude that J.C.'s YouTube video caused a substantial disruption to school activities, or that there was a reasonably foreseeable risk of substantial disruption as a result of the YouTube video…. C.C. felt embarrassed, her feelings were hurt, and she temporarily did not want to go to class. These concerns cannot, without more, warrant school discipline.”
* Insider Pages has launched a new doctor review website called Doctor Finder. Some of the data comes from HealthGrades (not a blog favorite). I’ll be interested to see how Medical Justice feels about Doctor Finder.
Pornography
* U.S. v. Strayer, 2010 WL 2560466 (D. Neb. June 24, 2010):
The court finds the seventeen-and-a-half to twenty-year sentence recommended under the Guidelines (based on the imposition of numerous and excessive enhancements for circumstances that appear in nearly every child pornography case such as use of the Internet, amassing numerous images, possessing images of prepubescent minors and violence, and some “distributing” of images in return for other images) is greater than necessary to protect the public and to deter Strayer from re-offending. The mandatory minimum sentence of five years is appropriate to achieve the goals of sentencing in this case. Five years is a significant term of imprisonment for a first offender. The public will be adequately protected by a five-year term of supervised release with strict conditions and by the provision of mental health treatment and sex offender treatment to Strayer.
The mere fact of the prosecution of these cases arguably deters others from engaging in this sort of conduct. The additional deterrent value of a sentence any longer than five years would be marginal. With respect to general deterrence, although conduct like Strayer's may sustain the market for child pornography, much of that market is driven by compulsive behavior that arguably will not be deterred in any event. The deterrent effect of a lengthy sentence is further lessened by the international character of the market for child exploitation offenses. To the extent that harsh punishment is necessary to deter harm to children, punishing a less-culpable offender as harshly as the worst does not satisfy the goals of sentencing and encourages disrespect for the law.
* American Booksellers Foundation for Free Expression v. Strickland, 2010 WL 1488123 (6th Cir. April 15, 2010). Upholding a state restriction on distributing "harmful to minors" material. Shades of O'Connor's concurrence/dissent in Reno v. ACLU.
* United States v. Richardson, No. 09-4072 (4th Cir. June 11, 2010). AOL, as an email service provider, was not a government agent when it automatically searched its network for child porn and then complied with its statutory child pornography reporting obligations.
47 USC 230
* The Ohio Attorney General has weighed in on myTriggers’ side in the myTriggers v. Google antitrust lawsuit, arguing that 47 USC 230(c)(2) doesn’t protect Google. For more on the myTriggers & TradeComet antitrust lawsuits against Google, see this interesting American Lawyer article.
* ReputationDefender’s GC on 47 USC 230 and the Internet's maturation. When he says "near-perfect anonymity is easily achieved," he might want to check with the AutoAdmit defendants to see if they agree!
Posted by Eric at 09:57 AM | Content Regulation , Derivative Liability | TrackBack
July 01, 2010
Recent Anti-SLAPP Developments
By Eric Goldman
As you may recall, I have endorsed HR 4364, the Proposed Federal Anti-SLAPP Bill. This blog post catches up on some recent anti-SLAPP developments both in and out of the courtroom.
First, many of you probably saw the NY Times article from the beginning of June entitled Venting Online, Consumers Can Find Themselves in Court. The article didn't break a lot of new ground, but I thought it did a great job calling attention to and framing the issues.
Second, HR 4364 now has three co-sponsors: Rep. Steve Cohen (D-TN9) (the bill's author), Rep. Charles Gonzalez (D-TX20) and, most recently, Fortney "Pete" Stark (D-CA13). Kudos to these visionary legislators! I hope other organizations and legislators will join the effort.
Third, a few words about three recent California anti-SLAPP cases have caught my attention (at some point I'll also blog separately about the DC v. RR case that's been sitting in my in-box for months):
Gibson v. Swingle, 2010 WL 2136655 (Cal. App. Ct. May 28, 2010)
Gibson is an attorney. The court recounts his travails:
Swingle submitted a declaration in which he admitted having posted messages on Craigslist.org accusing Gibson of breaking laws, using illegal drugs, harassing and stalking people, frequently using profanity, being mentally ill, and threatening people with violence. Swingle admitted he created a blog through Google Inc. [www.richardhilarygibson.blogspot.com, now defunct] and posted messages on it accusing Gibson of offering a reward for the murder of someone, threatening to blow up someone's car, threatening the image of then-presidential candidate Barack Obama, using illegal drugs, stalking people, expressing contempt for the Bible, making racist remarks directed at Mexican-Americans, and being a "perv." Swingle said he had "sent e-mails out regarding Mr. Gibson."
A little more background on the situation. Gibson initially sued Doe defendants but later named Swingle and his trust fund as defendants. Swingle countersued Gibson and then filed an anti-SLAPP motion. The appellate court rejects the anti-SLAPP motion because Swingle's speech lacks sufficient public interest. As the court says in a fairly abbreviated analysis, "the claims are based on Internet posts describing Gibson's alleged character flaws and his alleged illegal or otherwise improper conduct."
From my perspective, the court's conclusion about the lack of public interest seems plainly wrong. An attorney allegedly engaged in illegal activities should almost always qualify as having sufficient public interest. Further, to the extent Swingle was trying to educate potential customers/clients of Gibson, I personally believe that should qualify as a public interest as well. Under the proposed federal anti-SLAPP law, I believe it would.
Navarro v. Cruz, 2010 WL 2183227 (Cal. App. Ct. June 2, 2010)
Navarro runs a placement agency for foreign teachers looking for US teaching jobs. Cruz retained Navarro for placement services, but I'm inferring that didn't work out. Cruz then allegedly set up a blog, Pinoy Teachers Hub, "alleged to contain false and defamatory statements accusing Navarro and UPI of fraudulent business practices and crimes." (I say Cruz was allegedly the author because apparently that was a point of contention).
Like the Gibson case, the parties disputed the public interest of the blog. The court concludes that the blog satisfied the standard because:
the blog addressed issues ranging beyond the specific wrongs and breaches claimed to have been suffered by its writer, on issues such as immigrant exploitation, fraud, and substandard housing. These issues would affect and would be of interest to many present and future immigrant teachers-including not just those who had allegedly been victimized, and not even just those who had actually contracted with UPI, but also those who might be considering becoming immigrant teachers through UPI or other such agencies. And the blog expressly sought to rally others to support changes in the claimed practices and in the contractual and other requirements that foreign teachers believed they were forced to accept, and encouraging others "to 'stand up' to pursue a common goal" involving an ongoing controversy.
It's not clear to me how this differs from the Gibson case. In both cases, the published material was designed to educate a vendor's future customers about why they may want to choose a different vendor. In the Cruz case, it looks like the blog was more overtly activist than the personal griping in the Gibson case. Further, in the Gibson case, there was an undercurrent that the court simply didn't believe the griper and thus gave his statements less credit. Otherwise, to the extent they are not factually distinguishable, I think this case gets it right and the Gibson case got it wrong.
The trial court awarded over $31k in attorneys' fees to Cruz. The appellate court remanded to make sure the fee award did not include "fees and costs for the trial court proceedings...not incurred in connection with or necessary to the anti-SLAPP motion."
Calibra Pictures, Inc. v. Variety, BC 433 320 (Cal. Superior Ct. May 12, 2010)
Calibra produced the movie "Iron Cross." It also was a Variety magazine advertiser. Perhaps not surprisingly, Calibra was unhappy when Variety published a negative review of Iron Cross in its print and online editions. Surprisingly, Calibra sued Variety for the negative review, and Variety responded with an anti-SLAPP motion. The court says that Variety qualifies as a public forum and the "widespread interest" in the movie, such as high demand for screener DVDs, made the critical review a matter of public interest.
Thus, the burden shifted to Calibra to make a prima facie showing of its case. The breach of implied covenant of good faith and fair dealing failed because the court believed Variety had an effective church/state division between its advertising sales and editorial department. The negligence claim failed because Variety had no duty outside the contract. The court breezily dismissed the other soft tort claims and awarded Variety its attorneys' fees.
This is a nice ruling because it reinforces that product reviews can be protected by anti-SLAPP doctrines. It also shows that advertisers, unhappy that a publication running a negative review of them while taking their advertising dollars, can't easily find a way to sue based on the factual correlation.
Posted by Eric at 08:48 AM | Content Regulation | TrackBack
June 22, 2010
Three Gripers Get Disadvantageous Jurisdictional Appellate Rulings in Defamation Cases
By Eric Goldman
Three recent appellate rulings, coming within 8 days of each other, illustrate how hard it is for an online griper to stay out of his/her target's home court. None of these opinions are clearly wrong, but I wish courts could find better ways to ameliorate the terroram effects of litigation--especially remote litigation--on gripers.
Silver v. Brown, 2010 WL 2354123 (10th Cir. June 14, 2010)
David Silver is an investment banker at a small New Mexico investment bank, Santa Fe Capital Group. Brown, based in Florida, is CEO of GTI. GTI retained the investment bank to raise capital for it. The parties had a falling out. Brown then set up a gripe blog/website at DavidSilverSantaFe.com. The site is pretty standard for a gripesite, but allegedly Brown went out of his way to SEO the website and then offered not to launch the site if Silver refunded $6,000 that GTI had previously paid. Silver allegedly replied with legal threats, to which Brown allegedly promised to move the site offshore so it would be harder to take down. (The emails reprinted in the opinion indicate the parties used more colorful language). After the site launched, Silver made good on his threat to sue in New Mexico, but the district court dismissed for lack of jurisdiction.
The 10th Circuit reversed, citing the Calder v. Jones "Effects Test." The court says:
* Brown intended to damage Silver's reputation via the gripesite
* "Mr. Brown also expressly aimed his blog at New Mexico. It was about a New Mexico resident and a New Mexico company. The blog complained of Mr. Silver's and Santa Fe's actions in the failed business deal. Those actions occurred mainly in New Mexico. And the blog was widely available in New Mexico over the internet and all the various ways the internet may be accessed in this day and age."
* Brown knew the brunt of the injury would be felt in New Mexico.
I think this is mostly consistent with the Effects Test, but the court doesn't stop there. Instead, it expresses fear of all-powerful search engines and their effects on jurisdictional considerations:
sophisticated search engines do exist, and with their use it is becoming more and more irrelevant, for the purposes of our analysis, how many worldwide or nationwide internet connections there are, or how many men named David Silver exist in the world, because, with the use of these search engines, the people that are searching for information on this David Silver are the ones who are going to end up viewing Mr. Brown's blog. And Mr. Brown knows this, as evidenced by the concern for increased search engine optimization expressed in his e-mails. Consequently, it is clear that this is not a case of untargeted negligence that just happened to cause damage in New Mexico."
So what exactly did Brown do sealed the litigation's location in the target's home court? I can posit two alternative conclusions. Hypothesis A: he didn't do anything unusual--every griper would run afoul of this court's standard. Hypothesis B (and more likely): Brown crossed some invisible line by SEOing his site and threatening to move the site offshore (a point referenced later in the opinion). Advice to gripers: you might not want to say you're SEOing your site, but you might find ways to achieve the same result less explicitly.
Kauffman Racing Equip., L.L.C., v. Roberts, Slip Opinion No. 2010-Ohio-2551 (Ohio Sup. Ct. June 10, 2010)
This case is similar to the Silver v. Brown case. Kauffman makes high-performance aftermarket engines in its Ohio factory. Roberts, a Virginia resident, bought an aftermarket Pontiac engine. 8 months later, Roberts complained to Kauffman that the engine was defective. Kauffman offered to retrieve the engine and refund Roberts' purchase price if Kauffman had caused the defects. Instead, Kauffman claimed that the defects were due to Roberts' post-purchase modifications. Unsatisfied, starting in 2006, Roberts griped about Kauffman in forum posts at PerformanceYears.com and PontiacStreetPerformance.com and an item description on eBay Motors. From my perspective, the posts have a menacing/taunting attitude; you should check them out if you're curious why the court sided with its hometown employer. Kauffman subsequently sued Roberts in Ohio.
The court expressly bypasses the Zippo test because Roberts engaged in non-commercial activities and instead parses the state's long-arm statute. Kauffman alleged that five Ohioans read Roberts' posts. Thus, the court observes that "[d]espite the fact that Roberts’s publication of his comments did not emanate from Ohio, those comments were received in Ohio." As a backstop explanation, the court articulates a standard similar to the Calder v. Jones Effects Test, concluding that the state long-arm statute is satisfied "[w]hen defamatory statements regarding an Ohio plaintiff are made outside the state yet with the purpose of causing injury to the Ohio resident and there is a reasonable expectation that the purposefully inflicted injury will occur in Ohio," which the court apparently believes happened here.
The court then does a Constitutional due process analysis, notes Calder v. Jones, and says in language very similar to Silver v. Brown that "Roberts is not alleged to have engaged in untargeted negligence. Roberts’s Internet commentary reveals a blatant intent to harm KRE’s reputation" and Roberts knew Kauffman was in Ohio. The court summarizes all of the ways Roberts targeted his activities to Ohio:
The allegedly defamatory communications concerned KRE’s activities in Ohio. We are not dealing with a situation in which jurisdiction is premised on a single, isolated transaction. The posts detailed the transactions between Roberts and KRE. Moreover, the purchase of the engine block and subsequent transfers from Virginia to Ohio and back again served as the foundation from which this dispute arose. Roberts’s allegedly defamatory posts were predicated on his course of dealing with an Ohio resident corporation. At least five Ohio residents other than Kauffman read these postings. Finally, although KRE does business nationwide, its business reputation is centered in Ohio, because Ohio is the location of its sole base of operations. Roberts knew, and in fact intended, that the brunt of the harm caused be felt by KRE in Ohio. Thus, the focal point of the damage was Ohio, and Roberts’s actions therefore fulfill the requirement of causing a consequence in Ohio.
The dissent argues that the majority got the Calder v. Jones analysis wrong: "Roberts posted his comments on three general auto-racing websites and an auction site, none of which have any specific connection to Ohio or are more likely to be viewed by a resident of Ohio than by a resident of any other state. In fact, KRE could identify only five Ohio residents it believes actually viewed Roberts’s comments."
Thus, the dissent is concerned with the general applicability of the majority's rule to gripers: "While it is evident from Roberts’s Internet posts that he sought to discourage others from purchasing KRE’s products, any individual who posts a negative review of a product or service in a public forum arguably seeks the same objective. Subjecting all individuals to suit in Ohio who post Internet reviews — no matter how scathing — of purchases made from Ohio companies does not comport with the due process notions of 'fair play and substantial justice.'"
While I sympathize with the dissent's inclinations, I think the majority is closer to the current state of the law. Roberts appears to differ from an average online consumer who posts a negative product review in at least three ways. First, Roberts posted across multiple online fora, expanding the different audiences who would see the message. Second, Roberts appears to have sought out the focused community of folks interested in high-performance aftermarket Pontiac engines, and I suspect everyone knows everyone in that community--in which case, one high-profile community member calling out a key vendor is undoubtedly going to affect the entire community. Third, the specific wording of Roberts' posts suggested that he was on a vendetta/crusade.
Even so, the most remarkable thing about this case is that after four years of litigation and three court rulings, the litigation is still only in the preliminary stages. We now know where the case can be heard, but we have learned nothing about its substantive merits. Presumably, it will take more years of litigation to reach a final disposition. Given the associated financial expense and diversion of managerial attention, I can't believe that Kauffman's suit against Roberts is a rational profit-maximizing move.
Internet Solutions Corp. v. Marshall, 2010 WL 2400390 (Fla. Sup. Ct. June 17, 2010). The CMLP page.
Marshall, a Washington resident, operates tabathamarshall.com, a blog on consumer issues. In 2007, she made a critical post about VeriResume, an ISC operation. ISC sued her for defamation in its home court of Florida. The federal district court dismissed for lack of jurisdiction. On appeal, the Eleventh Circuit certified a question to the Florida Supreme Court. The Supreme Court restated the certified question to be:
DOES A NONRESIDENT COMMIT A TORTIOUS ACT WITHIN FLORIDA FOR PURPOSES OF SECTION 48.193(1)(b) WHEN HE OR SHE MAKES ALLEGEDLY DEFAMATORY STATEMENTS ABOUT A COMPANY WITH ITS PRINCIPAL PLACE OF BUSINESS IN FLORIDA BY POSTING THOSE STATEMENTS ON A WEBSITE, WHERE THE WEBSITE POSTS CONTAINING THE STATEMENTS ARE ACCESSIBLE AND ACCESSED IN FLORIDA?
As rephrased, the court answers the question "yes," saying "posting defamatory material on a website alone does not constitute the commission of a tortious act within Florida for purposes of section 48.193(1)(b), Florida Statutes. Rather, the material posted on the website about a Florida resident must not only be accessible in Florida, but also be accessed in Florida in order to constitute the commission of the tortious act of defamation within Florida under section 48.193(1)(b)."
Superficially, this answer makes sense. It's hard to say any legally significant activity occurred in Florida if no one in Florida read the content. But the court's answer only articulates a very low minimum baseline—one that will be satisfied in almost every case. Even relatively obscure web content is likely to be read by people in every state. It may be tricky for the plaintiff to make this showing, at least without evidentiary discovery, but the Florida Supreme Court's standard otherwise supports very few jurisdictional challenges.
Furthermore, the answer is incomplete. The Florida Supreme Court only interpreted the state long-arm statute, not the Constitutional due process overlay--which the court didn't address because that wasn't part of the certified question from the 11th Circuit. So effectively the court said that the state long-arm statute will be easily satisfied in online defamation cases and pushed all of the gatekeeping inquiry onto the Constitutional analysis.
Posted by Eric at 08:46 AM | Content Regulation , Search Engines | TrackBack
May 21, 2010
Second Circuit Stays Hot News Injunction--Barclays v. theflyonthewall
By Eric Goldman
Barclays Capital Inc. v. Theflyonthewall.com, Inc., 10-1372-cv (2d Cir. May 19, 2010)
This case is my choice for the most interesting Cyberlaw development of 2010 (so far). Unfortunately, I ran out of time to blog it when the district court opinion came out in March; the opinion was 89 pages, and I must confess that I let my quest for a perfect blog post become the enemy of a good blog post. Some commentary on the district court ruling: Wendy Davis, Sam Bayard (with a detailed First Amendment analysis), Jeff Neuburger. Fortunately, yesterday we got an important new development in the case, which gives me an excuse to recap the case and talk about its implications.
The case involves an anachronistic business model deployed by brokerage houses. Brokerage house analysts develop and publish stock recommendations. The recommendations are provided first to brokerage clients, who in theory get a chance to act on the new information before that information is generally incorporated into the stock price. Eventually these recommendations are published to the media or otherwise reach the general public.
This is where the business model get weird. The brokerage houses don't directly charge clients for this early access to this information that may move the stock price. Instead, there is an unwritten expectation that the clients who receive the recommendations early will place their stock trades with the brokerage house providing the information, generating commission revenue for the brokerage firm. Clients who take a firm's recommendations and then consistently transact with other (presumably cheaper) brokerage firms should eventually find themselves kicked off the distribution list for future recommendations.
Consider this business model from a game theory standpoint. It's a multi-iteration game that keeps the brokerage clients from "cheating" (taking the business elsewhere) on any one interaction by promising profits from future interactions so long as they cooperate (place the order with the brokerage house making the recommendation). But the entire model is premised on the brokerage house delivering valuable information that makes clients money, which in turn requires that the clients get the information before the marketplace has incorporated the information into the stock price. And because "information wants to be free" in the ways discussed in John Perry Barlow's seminal article, there is a significant risk that the information will "leak out" quickly, get absorbed into the stock price, and eliminate the brokerage house's quid that is designed to elicit its clients' quo.
Theflyonthewall is a publication that gathers brokerage house recommendations from a variety of sources and republishes them in a subscription newsletter. The quicker theflyonthewall gets a recommendation to its readers, the more likely that the readers can act before the information has already been incorporated into the stock price. In that sense, then, theflyonthewall strikes directly at the heart of the brokerage house's archaic business model. Instead of having to keep transacting with the brokerage houses to keep the information coming, theflyonthewall readers can get some of the same economic benefits and retain the freedom to transact with whomever they want.
Although theflyonthewall disaggregates the brokerage house's business model in a potentially fatal way, it's not like the brokerage houses are defenseless. They could make a number of changes to their business models that would fix the problems. Most obviously, they could charge a subscription fee for access to their stock recommendations directly, rather than being compensated indirectly through the resulting stock trade orders. They could also enter into exclusive dealing contracts with trading clients, i.e., anyone getting the reports MUST trade with the brokerage houses. I'm sure other business model changes are feasible.
Instead, the brokerage houses like the situation exactly as it used to work, without having the worry about accelerated information velocity provided by aggregators like theflyonthewall. So, instead of taking a hard look at their business models, the brokerage houses sued theflyonthewall for, among other things, hot news misappropriation. The Second Circuit revitalized the hot news misappropriation doctrine in its 1997 NBA v. Motorola ruling, which articulated a 5 element prima facie case:
(i) a plaintiff generates or gathers information at a cost; (ii) the information is time-sensitive; (iii) a defendant’s use of the information constitutes free riding on the plaintiff’s efforts; (iv) the defendant is in direct competition with a product or service offered by the plaintiffs; and (v) the ability of other parties to free-ride on the efforts of the plaintiff or others would so reduce the incentive to produce the product or service that its existence or quality would be substantially threatened.
I am not a fan of the hot news misappropriation doctrine. The last thing we need is another amorphous legal doctrine to protect intangible assets, and usually hot news misappropriation is a tool plaintiffs use to suppress competition rather than innovating to fix gaping holes in their business practices. However, if we choose to legally recognize the hot news misappropriation doctrine, this case seemed to be a fairly straightforward application of the doctrine.
A hot news claim requires there to be "hot news"--a narrow category of non-copyrightable information that derives value from its time-sensitivity. I can think of only three categories of information that will reliably meet this requirement: real-time sport scores (fans care about a game's score RIGHT NOW; in 3 days, it's a distant memory), real-time weather information (information about today's weather is far more valuable than information from 3 days ago), and certain types of financial information that feed into stock prices. Here, theflyonthewall was trading in the latter category of information that clearly had time-sensitivity--by the time the brokerage house recommendation was incorporated into the stock price, the information was essentially worthless.
Furthermore, unlike the NBA v. Motorola case, theflyonthewall's republication of the hot news does threaten its production. If the brokerage houses don't change their business model, theflyonthewall and other aggregators will eliminate the differential value that the stock recommendations can provide to clients, which undercuts a main point of producing the recommendations in the first place.
One more interesting fact about the hot news claim. During the pending legal proceedings in this case, theflyonthewall turned around and sued a third party aggregator for ripping off theflyonthewall--alleging, among other things, that the third party aggregator was committing hot news misappropriation of theflyonthewall's publications. This was an obviously duplicitous position, and as a result, the legal positions in theflyonthewall's enforcement action were liberally quoted against it in this lawsuit. A tip to all aggregators that should be common sense but apparently isn't: be very careful about bringing enforcement actions against other aggregators. You might just be helping to build precedent that will undercut your legal positions when the enforcement action comes against you. When I work with aggregators, I tell them that there's almost no circumstance when it will make sense for us to go after other aggregators that rip us off. Instead, I advise aggregators to build ex ante technology controls to restrict re-aggregation rather than relying on ex post legal proceedings.
So if there are going to be hot news cases, this case looks about as good as it gets for the plaintiff. As a result, I didn't see this ruling as particularly troubling for other aggregators, in part because most of them will not meet the elements nearly as well as theflyonthewall did. As a good example, Tom O'Toole recently reported on a lawsuit against Goldman Sachs that included a hot news claim. Putting aside the irony of a brokerage house being on the defense side of a hot news claim, the type of data at issue there looks nowhere as close to "hot" news as the data in theflyonthewall case.
After finding a hot news misappropriation, the district court then did something a little goofy. It issued an injunction that required theflyonthewall to delay publication of any stock recommendations it came across until 10 am (if the recommendation was issued before the stock exchanges open) or 2 hours after the brokerage house’s release, with an exception for theflyonthewall's independently developed reporting on a big news event. Note that the time delay applies even if the recommendations have already been extensively republished elsewhere, such as being picked up by major newswires, so the injunction puts theflyonthewall at a noticeable competitive disadvantage compared to other aggregators/news publishers who are freely publishing the same information without the court-ordered embargo.
Furthermore, the court said that theflyonthewall could request dissolution/modification of the injunction in a year "in the event that it can demonstrate that the Firms have not taken reasonable steps to restrain the systematic, unauthorized misappropriation of their Recommendations, for instance, through the initiation of litigation against any parties with whom negotiation proves unsuccessful." Say what? The court apparently took a carrot and stick approach to the brokerage houses—the plaintiffs get an injunction against theflyonthewall, but they get to keep it only if they take down lots of other news publishers and aggregators. Now, the brokerage houses might just be willing to do that, but do we really want them doing that? From my perspective, it sounds like a lot of extra litigation to prop up a broken business model.
Yesterday, in a noteworthy development that shows this issue is not going away, the Second Circuit put the kibosh on the injunction. The court's order says:
it is hereby ORDERED that the motion for a stay is GRANTED, and Appellant shall not be required to post a bond. It is further ORDERED that the motion to expedite the appeal is GRANTED.
The court then issued two related orders with deadlines for briefing and oral argument, but those orders had inconsistent schedules. I assume the court will issue a corrected order that lays out the schedule it actually meant to say. Either way, it doesn't look like this case will languish in the Second Circuit as so many other Internet cases have done (e.g., the Register.com v. Verio case emerging three years after the appeal).
The Second Circuit orders provide no substantive insight into the appellate court's thinking, but the fact they stayed the injunction is a pretty strong hint that they are unhappy with something in the district court's opinion--perhaps its assessment of hot news, or more likely some aspect of the injunction.
Either way, it would be hard to overstate the importance of the Second Circuit proceedings. I've recently been to a few angst-ridden "Future of Journalism" conferences where this case is highlighted as one possible way that news originators can get some legal and financial leverage over Google News and other news aggregators. I've been generally uncomfortable with those discussions on a number of fronts--most importantly because the news originators unduly denigrate the significant value created by curation, even though many traditional publishers do a fair amount of curation themselves. If the Second Circuit guts the district court's opinion, I assume the pro-hot news forces will go searching for some other menacing doctrine (or worse, crank up the lobbying machine for statutory relief). Or, if the Second Circuit endorses a broad reading of hot news, expect to see a lot more hot news lawsuits.
With the Second Circuit's lax standards for submission of amicus briefs, I expect a lot of amicus briefs will be filed in this case. Public Citizen has already announced its intent to file an amicus brief.
Posted by Eric at 07:36 AM | Content Regulation , E-Commerce | TrackBack
May 17, 2010
FTC Busts Check-Issuing Website for Unfair Practices--FTC v. Qchex
By Eric Goldman
Federal Trade Commission v. Neovi, Inc., 09-55093 (9th Cir. May 14, 2010)
Qchex allowed registered users to create and send checks via a website. Initially, users could submit bank account information and payee information, and Qchex would manufacture a check and send it (in some cases physically, in other cases electronically, depending on the sender's request) to the payee. Given that bank account information is widely available (i.e., it's on every check we send and receive), it sounded like it was trivially easy for fraudsters to submit other people's bank information and send an official-looking check drawing on an innocent bystander's account. These bogus checks can wreak havoc on the payment system when they are presented and then bounce (or worse, clear). According to the opinion:
Indeed, over a six-year period, Qchex froze over 13,750 accounts for fraud. Those accounts spawned nearly 155,000 checks, supplied over 37,350 bank account numbers, and were the source of checks totaling more than $402,750,000—an amount more than half of the total drawn during that time.
Eventually, Qchex enhanced its security procedures to deposit a small amount in a bank account and then require the accountholder to report that amount back to Qchex to authenticate the account. For a variety of reasons, this authentication procedure did not eliminate fraud.
The FTC pursued Qchex for unfair trade practices under Section 5 of the FTC Act. Qchex defended on lack of causation, saying the users supplied the relevant information and therefore were responsible for the bum checks. The court's response:
Qchex created and controlled a system that facilitated fraud and that the company was on notice as to the high fraud rate. Qchex’s approach would immunize a website operator that turned a blind eye to fraudulent business made possible only through the operator’s software. Even if the creation of the checks was impossible without user input, that does not mean Qchex did not create the checks that it later delivered.
(I dig the double/triple/quadruple negative in the last sentence. Say what?)
Even if the court's statement is true, isn't this exactly what 47 USC 230 was supposed to immunize? Amazingly, 230 isn't referenced in the opinion at all, although the court does cite the 230-based Accusearch case in support of its conclusion. It's not like 230 was unfamiliar to this panel; the opinion author is Judge McKeown, who also authored a pro-230 dissent in the Roommates.com en banc case.
Put the doctrinal finery to one side for a moment. We know Qchex has to go down for its sloppy authentication processes and the calamitous effect on our banking system. Fine. But the legal reasoning in support of this takedown is troubling. First, it's based on Section 5's unfairness restrictions, a lightly used prong because "unfairness" is unbelievably subjective and malleable. Second, it's based on some type of but-for causation theory, which applies universally to many service providers throughout the Internet (i.e., without PayPal, there would be no PayPal fraud). Third, the courts gave typical deference to the FTC—but perhaps too much deference. Finally, the causation discussion superseded any discussion about 47 USC 230--a conspicuous omission given that Qchex's whole system was premised on user-supplied content.
Having said that, it's not clear that Qchex’s 230 defense would have succeeded. The court emphasizes that liability is due to Qchex's conduct, not its users’. The court says "Qchex caused harm through its own deeds—in this case creating and delivering unverified checks." I expect any other businesses manufacturing inadequately authenticated fake checks will suffer a similar fate. However, I’m not sure this explanation adequately distinguishes between first party and third party content/actions.
It will be interesting to see how the plaintiffs try to misuse the language I quoted above for other types of claims. For example, replace the word “fraud” with “defamation” and see how the language reads. My hope is that the courts will entertain such citations only in FTC Act unfairness cases and not others, but I expect plaintiffs will try to expand its scope nonetheless.
This case brought to mind an old blog post on a site called "Cheezus," which provided a tool that people could use to create and print fake newspaper articles about another person's sexual misconduct. (Unlike Qchex, the user printed the resulting article). Cheezus caught my attention when a mischievous teen used the tools to prank his teacher and got disciplined. I thought the site was irresponsible, but under this rationale, is the Cheezus tool also illegal because it engaged in Sec. 5 unfair practices? If not, why not?
Posted by Eric at 01:55 PM | Content Regulation , Derivative Liability , E-Commerce , Privacy/Security | TrackBack
May 11, 2010
Internet Access Provider & Blocklist Publishers Denied 230(c)(2) Immunity for Anti-Spam Efforts
By Eric Goldman
Smith v. Trusted Universal Standards in Electronic Transactions, Inc., 2010 WL 1799456 (D.N.J. May 4, 2010)
It's usually a drag to read opinions in pro se lawsuits. Most of the time, the litigant gets flattened mercilessly. Occasionally, however, the judge bends over backwards to give the litigant the benefit of the doubt. Either way, the opinions are messy and untrustworthy.
This case fits that description. The judge says he can't figure out the facts from the complaint. but here's his best guess. It appears that Smith is a Comcast Internet subscriber. Comcast blocked his outgoing mail twice because he was allegedly sending spam. When pressed why it thought Smith's emails were spam, Comcast pointed the finger at IronPort (owned by Cisco), who in turn pointed the finger at Spamhaus. Smith then filed a "Consumer Watchdog" complaint against Comcast with TRUSTe (misnamed as the lead defendant).
Independently, Microsoft put Smith's email server on its Frontbridge blocklist. Smith separately filed a TRUSTe complaint against Microsoft for that. Smith ultimately decided to sue TRUSTe, Comcast, Cisco and Microsoft for 8 different legal violations in one big litigation fiesta.
Smith's claims go nowhere. The court dismisses all of them with leave to amend the complaint, so the story turns out largely happily for the defendants. Unfortunately, the plaintiff does get one more chance, and he even attached a massive 404 page (!) draft amended complaint. (Note: this is 404 pages, not a 404 error, although it certainly is an error). The court reminds the plaintiff that the rules require a short and plain statement of the claims.
Along the way, the court reaches a decidedly defendant-unfriendly conclusion by rejecting Comcast's, Cisco's and Microsoft's 230(c)(2) defense, the statutory immunity for online filtering decisions--and the often overlooked cousin of 230(c)(1) which I have blogged about many times. Worse, the court reaches its conclusion in the face of several clearly applicable precedent cases. In my opinion, this is an example of how Smith's pro se status causes the court to be overly cautious…to the point of reaching the wrong result.
The court starts off right by concluding that spam could qualify as "otherwise objectionable" content under 230(c)(2) (cite to e360insight v. Comcast). Doing a light ejusdem generis analysis, the court says "nothing about the context before or after that phrase limits it to just patently offensive items."
However, Comcast is denied 230(c)(2) on a motion to dismiss because Smith alleged that Comcast acted in bad faith. In support of this, Smith alleged that Comcast told him that they didn't mind his emails, but he just needed to upgrade to a more expensive subscription. The court says if this is true, "Comcast was not concerned that people were receiving large quantities of emails, or concerned about the content of the emails, but rather was concerned that Plaintiff had not purchased a sufficient level of service. This is not a good faith belief that the emails were objectionable, but rather a belief that they violated a service agreement."
This is a garbled statement at best. What I think the court was trying to say is that Comcast had a pink contract that allowed spam if the user paid enough money, and Smith hadn't gotten a pink contract. If so, then I can see the court's point that Comcast is being duplicitous arguing that spam is objectionable content because Comcast's assessments could be bought.
I was uncomfortable with the court's almost off-hand reference that "One would expect that if an interactive computer service had acted in good faith, it could and would come forward with the legitimate basis for its actions when questioned (though the Court is not suggesting they must do so)." First, as the court notes, this is a motion to dismiss, so Comcast can't proffer new evidence. Second, this is a burden-shift. As regular readers know, I believe 230 is an immunity against suit, not an affirmative defense, so the plaintiff has the burden to show why the service provider did not possess the requisite subjective good faith when making its filtering decision. It's not Comcast's responsibility to prove its own subjective good faith beliefs. (How does one prove those in any case?)
Cisco and Microsoft both published blocklist-type information. They try to fit into 230(c)(2)’s statutory definition of "access software providers," which requires them to show that they "provide or enable computer access by multiple users to a computer server." This issue was litigated in the Zango v. Kaspersky case, where Kaspersky distributed anti-spyware software that phoned home for new definitions. The Ninth Circuit said that the phone home feature satisfied the statutory requirement. In contrast, the court appears to say that pure blocklist publishers (i.e. those who do not distribute accompanying software with a phone home capacity) do not; this reading effectively kicks blocklist publishers out of the statute.
As the court acknowledges, this conclusion seemingly conflicts with the 2004 OptInRealBig decision, where the court held that IronPort as a blocklist publisher qualified for the statute because it was a user of an interactive computer service. The court doesn't explain why IronPort doesn't still qualify as an ICS user except to say that IronPort didn't make the requisite showing. The court also does not note that the OptInRealBig case was a 230(c)(1) decision (not a 230(c)(2)) because IronPort republished third party reports, and that should have applied here as well. The court also does not address the extensive 230(c)(1) precedent effectively treating online content publishers (which would include blocklist publishers) as "users" of ICSs, ranging from Barrett v. Rosenthal to the implicit conclusion in Novins v. Cannon.
More specific to 230(c)(2), the court doesn't explore either Pallorium v. Jared or MAPS v. Black Ice (an old 2000 case), both of which arguably contradict this particular conclusion in the 230(c)(2) context. Thus, because the court did not engage the applicable precedent, was overly solicitous to a pro se litigant, and knew that its discussion was dicta because it was ruling for the defendants anyways, the court chunks the analysis.
For more on 230(c)(2), see my 230(c)(2) talk notes from last summer.
One other noteworthy aspect of the ruling. Smith alleges that Comcast breached its privacy policy, but the court dismisses the contract claim because he doesn't show any loss from the alleged breach. This is yet another case holding that merely breaching a privacy policy isn't an actionable contract breach without more. See, e.g., the cited JetBlue case.
UPDATE: John Levine provides some perspectives about what might have happened.
Posted by Eric at 10:37 AM | Content Regulation , Derivative Liability , Privacy/Security , Spam | TrackBack
May 06, 2010
Brazil's Proposed Internet Regulation--an Update (That's Actually Good News) (Guest Blog Post)
by Guest Blogger Marcel Leonardi
Some fantastic news: in response to the waves of criticism toward the proposed notice and takedown regime that might have curbed online speech in Brazil - see my prior blog post - the Brazilian Ministry of Justice has announced a completely different system for online service provider liability and content removal.
According to the new system, online service providers are only liable for third-party content if they do not comply with a takedown order issued by a court of law. In addition, the proposed notice and takedown system is completely gone: instead of a simple request from the alleged victim, a court order will be mandatory to take down alleged harmful content, requiring a prima facie analysis of said content by a judge.
This does not mean, however, that online service providers cannot do anything unless ordered by a judge. In fact, online service providers can still remove any content on their own if it violates their terms of service or for any other legitimate reason. It is also worth noting that other Brazilian laws may require that Internet intermediaries take down specific illegal content as soon as they are made aware of its existence, as is the case of child pornography.
This is the text of the new article 20 of the bill:
An Internet service provider shall only be held responsible for damages resulting from content created by a third party if, after receiving a related court order, it does not take measures to render unavailable (within the scope of its services and within the timeframe specified) the content identified as infringing.
This new system acknowledges that removing true harmful content from the Internet is a legitimate goal and also recognizes that determining what is legal or illegal is a task best left for the courts, not to the whim of users or ISPs.
I am thrilled that all the criticism from civil society was heard and that quick measures were taken. This change in the text of the bill in such short time demonstrates that the public consultation regarding this bill is indeed very democratic and open to any helpful suggestions.
This bill also deals with some other equally important, different issues - data retention, net neutrality and judicial requests for user information, to name a few - and it is still open to discussion till May 23rd.
I would like to thank Eric Goldman and all readers of this blog for helping me bring awareness to this very important issue. Thanks to you, we may have a more balanced approach to Internet intermediary liability and online freedom of speech in Brazil.
Posted by Eric at 04:10 PM | Content Regulation , Derivative Liability | TrackBack
May 05, 2010
Troubling Ruling About 47 USC 230 and Moderators--Cornelius v. DeLuca
By Eric Goldman
Cornelius v. DeLuca, 2010 WL 1709928 (D. Idaho April 26, 2010)
I blogged about this case last year. In that post, I described the situation:
DeLuca runs bodybuilding.com, a fitness website and online retailer. The plaintiffs sell dietary supplements ("syntrax," whatever that is). The plaintiffs allege that their competitors posted shill reviews to bodybuilding.com designed to harm the plaintiffs' business. The plaintiffs sued both bodybuilding.com and the putative shillers.
In the previous ruling, a Missouri judge dismissed without prejudice a civil conspiracy claim against bodybuilding.com per 47 USC 230. Since then, the case has been transferred to Idaho, and the plaintiffs have launched another foray against bodybuilding.com, alleging that bodybuilding.com is derivatively liable for a Lanham Act false advertising claim. The court sidesteps a number of interesting questions, such as how 230 interacts with a Lanham Act false advertising claim, to what extent Lanham Act false advertising claims support derivative liability, and how a derivative claim interacts with the printer/publisher defenses in the Lanham Act. Instead, the court reaches two conclusions in response to bodybuilding.com's 12(b)(6) motion to dismiss:
1) Even though bodybuilding.com uses third party moderators, bodybuilding.com is not liable for every posting made on the site. This is a correct ruling and fully consistent with 230's immunization of the editorial function.
2) However, allegations that a moderator posted one of the offending messages survives a 12(b)(6) motion to dismiss based on the allegations that the moderator was a representative of the site and posted the message within the scope of the representation.
My hope is that the court will see the error of conclusion #2 on summary judgment. There are a number of cases that have rejected this agency-style argument as a workaround to 230, including the cases I cited in the last post:
* Joyner v. Lazzareschi: conspiracy argued but not alleged
* Higher Balance v. Quantum Future Group: no "alter ego" liability
* Cisneros v. Yahoo: no "aiding and abetting" liability. Accord: Goddard v. Google
* Best Western v. Furber: no liability for co-website operator activities
More recently, Novins v. Cannon says that there can be only 1 online defamation defendant per case. I also note the questionable Delfino v. Agilent case, where the court found the employer had a 230 defense for its employee's rogue actions.
Should conclusion #2 be followed by other courts (a doubtful proposition), it puts further legal pressure on websites relying on third party moderators. I have already raised this concern in my post on the uncited Columbia v. Fung case, which had some gratuitous language about site admins and moderators that is consistent with this case. I wrote:
The court also attributes the statements of site admins and moderators to the defendants, such as the admins’ technical support to people looking for or downloading copyrighted works. This part of the opinion was especially troublesome. Generally, UGC site moderators are unquestionably independent contractors, not agents, so the website isn't automatically liable for their statements and actions. Here, the court finds an "apparent agency" relationship between the admins and moderators because "Defendants assign this status and give these individuals authority to moderate the forums and user discussions. These individuals were under the control of Defendants and assigned duties related to the administration of the web forums." I believe this is a bad ruling, both normatively and doctrinally (see contrary discussion in, e.g., the Furber and Higher Balance cases in the 230 context). I could see UGC sites deciding to crack down or even eliminate non-employee moderators based on the agency exposure suggested by this opinion.
I am hoping these two rulings are outliers that other courts won't follow. I really can't imagine Web 2.0 succeeding without a robust cadre of site admins and moderators helping self-police an online community.
The rest of the opinion is filled with interesting nuggets too. For example, there is an interesting discussion about the (non-existent) statute of limitations in Lanham Act cases. Regarding the posters' direct liability for their allegedly shill posts, Rebecca recaps the discussion. The short story is that the court concluded many of the posts were non-actionable puffery. In her own unique way, she explains why the discussion about the commerciality of the allegedly shill posts may be "not just odd and marginal, it is bizarrely wrong."
My favorite part of the opinion was the court's straight-faced discussion about whether calling someone a "Cornholio" is defamatory. Believe it or not, this is not the first opinion in Westlaw to use the term "Cornholio"--that "honor" is reserved for State v. Lane, 2006 WL 687949 (Ohio App. Ct. March 17, 2006), which described a person as walking with his shirt over his head, "Cornholio style." This court says:
Calling Cornelius "Cornholio" is not a statement of fact. Cornholio is the alter-ego of a cartoon character, Beavis, from "Beavis and Butt-Head." See Beavis, in Wikipedia, the Free Encyclopedia, http://en.wikipedia.org/wiki/Beavis, last visited on April 8, 2010 FN6. While being compared to Cornholio is not flattering, it is not a "specific and measurable claim." Nor can it be reasonably interpreted as a statement of objective fact.
In FN6, the court admits to being embarrassed to having to cite the Wikipedia entry: "The Court does not encourage citations to Wikipedia. However, in rare circumstances, citation to a pop-culture encyclopedia is necessary in order to explain a pop-culture character." In fact, the Wikipedia cite looks significantly better than the Urban Dictionary, the only other marginally credible cite I could see in the first page of my Google results.
Posted by Eric at 10:04 AM | Content Regulation , Derivative Liability , Marketing | TrackBack
May 03, 2010
Proposed Internet Regulation in Brazil Might Curb Online Speech (Guest Blog Post)
by Guest Blogger Marcel Leonardi
[Marcel Leonardi is an attorney in São Paulo, Brazil, and Professor of Law at FGV-SP. He was a Google Policy Fellow in 2009, working with the international team at the Electronic Frontier Foundation. He has published articles and books in Brazil about ISP liability, online privacy and other Internet law issues. He can be reached at marcel@leonardi.adv.br, or follow him at Twitter.]
[Eric's introduction: notice-and-takedown schemes are generating lots of discussion. We've repeatedly seen problems with the notice-and-takedown scheme in copyright law (see, e.g., Wendy Seltzer's latest article), yet advocates keep evangelizing it as the solution for a range of unwanted content (see, e.g, Rep. McCotter's ill-fated proposal). Marcel has generously agreed to update us on a brewing notice-and-takedown initiative in Brazil.]
Brazil lacks a specific legal framework regarding the Internet. In order to create one, a collaborative process has been organized by the Ministry of Justice and the Center for Technology and Society from FGV-Rio. After a period of 45 days when anyone could suggest what this legal framework should encompass, the organizers have now published a draft of a bill, which is open for comments here.
The process has been touted as an unique collaborative approach to public policy. As far as allowing anyone to comment and discuss the draft online, it is indeed very democratic. Sadly, the same cannot be said of the bill itself.
The main issue is that the proposed legislation has the potential to curb online speech dramatically. It creates a notice and takedown system that allows any person or company to demand that any kind of online content is taken down.
In a nutshell, this system would work like this:
a) upon receiving a valid complaint, an intermediary must take down the questioned content “within a reasonable period”;
b) after the content is offline, the intermediary must notify the user responsible for the content, explaining the removal;
c) the user can either accept the removal or claim full responsibility for the content, in which case he or she can send a counternotice and demand that the intermediary puts the content back online;
d) if the intermediary receives no answer or cannot reach the user, the content remains offline;
e) any other person or company can also claim full responsibility for the content in place of the user, send a counternotice and demand that the intermediary puts it back online. Doing so subjects this person or company to the same legal risks and consequences the user would face;
f) if the intermediary fails to follow this procedure, it will be liable for the third-party content.
This system stems from articles 20-24 of the bill, which state the following:
Art. 20 An Internet service provider shall only be held responsible for damages resulting from content created by a third party if it has been notified by the injured party and has not taken measures to render unavailable (within the scope of its services and within a reasonable period) the content identified as infringing.
1. Internet service providers must offer in a conspicuous manner at least one electronic means of receiving notices and counternotices.
2. An Internet service provider is allowed to create an automated mechanism to respond to the proceedings provided by this section.
Art. 21. On penalty of invalidity, the notice contemplated by article 20 must contain:
I - the identity of the complainant, including complete name, identity and tax registration numbers, and current contact information;
II - date and time of transmission;
III - clear and specific identification of the content claimed as infringing, permitting the unambiguous location of the material by the recipient of the notification;
IV - description of the relationship between the complainant and the
content described as infringing; and
VI - legal justification for removal.
Art. 22. Upon making the content inaccessible, the service provider shall be responsible for informing the user responsible for the publication of this fact, advising the user of the substance of the complaint and establishing a reasonable period for the complete
elimination of the content.
Provided. If the user responsible for the infringing content is not identifiable or cannot be found, but all the required elements for the validity of the notice are present, the service provider is responsible for maintaining the blockage.
Art. 23. The user responsible for the publication may, following the requirements of article 21, counternotify the service provider, requesting the continued availability of the content and assuming exclusive responsibility for the eventual damages caused to third parties, in which case the service provider will have the duty to re-establish access to the content to which access was disabled and inform the complainant of the re-establishment of access.
Provided. Any other interested party, whether a natural or legal person, following the requirements of article 21, may counternotify the service provider, assuming responsibility for the maintenance of the content.
Art. 24. A complainant as well as a counternotifier shall have responsibility according to law for false or erroneous information and for abuse or bad faith.
My concern is that a notice and takedown system that can be used for any kind of content, like this one, will quickly become a tool to chill legitimate speech. So far, in the absence of regulation, Internet intermediaries in Brazil are free to take down content if they deem it inappropriate or if said content violates their terms of service. Outside of those situations, however, a court order is necessary to take down the alleged harmful content. After a prima facie analysis, judges can grant or refuse to grant an injunction for content removal, depending on the nature of the questioned content and the rights at stake.
Even though the judicial system is far from perfect, Brazilian judges have been exercising great care when analyzing lawsuits demanding online content to be taken down, refusing to grant injunctions that would affect legitimate, yet unwanted, speech.
Therefore, under the current system - created by legal doctrine and precedent - a lot of controversial, critical and political speech stays online in Brazil because those interested in its removal are very aware that judges would probably never grant injunctions to take it down. Frivolous and petty requests are not even filed, since whoever loses a lawsuit in Brazil must pay reasonable attorneys’ fees awarded by the judge. Other would-be plaintiffs give up, fearing the ever increasing “Streisand effect” - when the questioned content becomes “viral” and hugely popular precisely because it was questioned - which is an even bigger issue when an injunction is denied and news of the lawsuit reach the public (a situation that often leads plaintiffs to quickly ask the court for dismissal, before the defendant even knows about the lawsuit).
American readers should also bear in mind that, contrary to the situation in the United States, in Brazil it is neither too complicated nor too expensive (at least in comparison to American standards) to file a lawsuit demanding content to be taken down. In fact, under certain circumstances, such lawsuit can even be filed directly by the alleged victim in a small claims court at little to no cost. This partially explains why the Brazilian numbers are so high in the recent statistics about content removal and data requests that were published by Google, as these numbers include court orders for the removal of content, which often originate from private-party disputes, as explained here.
In summary, Brazilian victims of real online harms can find appropriate redress and take down content via the local judicial system. However, if this bill becomes law, I fear that this notice and takedown system will be heavily abused, as people and companies will then have a channel where they can send all of their previously unfiled frivolous, petty and abusive requests. All they have to do, after all, is complain to the intermediary, which must take the questioned content down to avoid liability.
This approach is significantly more problematic than the notice and takedown system established in the European Union by the e-commerce Directive (2000/31/EC). According to the Directive, hosting providers in the European Union are only required to remove content after being “aware of facts or circumstances from which the illegal activity or information is apparent”. This requirement does not exist under the proposed Brazilian system: all requests for content removal must be accepted, regardless of the legality of the content, or else intermediaries risk liability.
On the other hand, even if users are made aware of their ability to dispute the removal of their content, it is easy to see that many will not be willing to take the risk, even if there is nothing wrong with such content. I believe it is safe to assume that most users will simply be terrified of the potential liability, as they know that fighting back means risking a lawsuit, with all the emotional and financial costs it brings, even when the odds are in their favor. This is also why I do not believe that allowing anyone to “take the heat” in place of the user will solve the problem. In fact, it just adds another target for a lawsuit, as the user is not exempt from liability in this situation.
To be fair, the bill does mention that bad faith requests will be punished, albeit it fails to define how. Practicing attorneys like myself, however, know that proving bad faith in court is not an easy task. Besides, since anyone can send a complaint - not just the victim of the alleged wrongdoing - it is easy to imagine how different people could be used to send complaint after complaint to chill legitimate speech.
It is also worth noting that this system is not final. Even if the content remains online after the notice/counternotice process, the allleged victim can still go to court requesting an injunction for the content to be taken down.
In conclusion, if this bill becomes law, it is very possible that the number of lawsuits related to online content may drop. Ironically, though, the chilling effect on online speech might become far greater than ever before.
Removing true harmful content from the Internet is a legitimate goal, but determining what is legal or illegal is a task best left for the courts, not to the whim of users or ISPs. Despite the differences between the Brazilian and American legal systems, I believe the CDA 230 protections and DMCA histories of abuse can demonstrate the risks and potential pitfalls of a notice and takedown system, specially one that can be (ab)used for any kind of content.
Wth that in mind, I invite all readers to provide some feedback on the draft of this bill. An English version is available here.
Posted by Eric at 07:27 AM | Content Regulation , Derivative Liability | TrackBack
April 30, 2010
Website Gets 230 Immunity Despite Claim of Site Content Accuracy--Milo v. Martin
By Eric Goldman
Milo v. Martin, 2010 WL 1708895 (Tex. App. Ct. April 29, 2010)
This case involves allegedly defamatory "guestbook" messages posted by unknown users to a website entitled "The Watchdog." Framed like that, the precedent says the website should get an easy and uncontroversial 47 USC 230 dismissal (and IMO Rule 11 sanctionable).
The plaintiffs try to get around 230 by citing The Watchdog's first page, which contained the following statements:
The WATCHDOG
The unfiltered truth about Conroe politics and your tax dollars.
The Watchdog is a monthly publication by newsletter and website. It contains facts believed to be totally accurate by sources with character and truthfulness as their primary attributes. Our agenda is the truth and nothing less. Our sources and any information obtained are absolutely confidential and will remain so.
The plaintiffs argue that by asserting the website content's accuracy, The Watchdog "developed" the defamatory content and thus became a content provider of the user-supplied content. The majority doesn't bite, saying:
The Watchdog's failure to verify the accuracy of the information in the posts in issue here does not, in itself, make the Watchdog the "information content provider" of the defamatory statements about which [the plaintiffs] complain.
The court further rejects the plaintiff's arguments on several other grounds:
* this statement was not a guarantee against inaccuracies on the site
* the statement doesn't apply to the guestbook, which readers would have quickly assessed was not an area the site operators were policing for accuracy, especially because users had posted critical views of The Watchdog to the guestbook.
In its concluding remarks about the defamation claim, the court (like so many others) cites Roommates.com for the defense, saying that the plaintiffs did not provide any evidence that The Watchdog itself layered the allegedly unlawful material onto the user-supplied content.
The majority opinion sidesteps whether 230 would preempt an intentional infliction of emotional distress claim (it does if the claim is based on third party content—see, e.g., Barnes and Friendfinder), instead concluding that The Watchdog lacked the requisite scienter/bad faith.
The majority opinion concludes with a gratuitous parting shot at Congress:
We note our concern that section 230 does not provide a right to request a website's owner to remove false and defamatory posts placed on a website by third parties, and does not provide the injured person with a remedy in the event the website's owner then fails to promptly remove defamatory posts from its site, at least in the absence of extreme and outrageous circumstances that are not present here. Instead, Congress chose with only narrow exception to protect internet service providers from their potential liability for publishing false and defamatory content when that content is created by third parties and when the interactive computer service has not acted as an information content provider. Despite our concerns about section 230's breadth, the trial court did not err in applying section 230 to render summary judgment in this case.
Get in line with the other judges that dislike 230. It's a growing queue.
The concurring opinion bristles with even more hostility towards 230. I don't think I can do it justice by trying to summarize the arguments, in part because they are novel bordering on nonsensical. If I understand the concurring judge's arguments correctly (a big if), he collapses 230(c)(1) and 230(c)(2) into a single operative provision and uses the "good faith" language from 230(c)(2)(A) to restrict the availability of the 230(c)(1) immunity. This would be a crazy (mis)reading of 230, and fortunately the majority judges' cooler heads prevailed.
The concurring judge uses his odd logic to conclude that "In my view, if a malicious website operator intentionally and unreasonably refuses to delete an anonymous third-party's obviously defamatory statement, a claim based on an intentional tort may be asserted in the appropriate circumstances against the operator under Texas law." I suspect this is why the majority sidestepped a definitive conclusion that 230 preempts intentional infliction of emotional distress claims and ruled instead on scienter grounds. Even the concurring judge agreed that the defendants here did not engage in the required "extreme and outrageous" conduct by failing to remove the post because (1) the plaintiffs didn't make the removal request until after the litigation started, and (2) at that point, the defendants relied on their counsel's advice not to remove the post (presumably for evidence spoliation purposes).
Even though we get some fresh/novel/crazy readings of 230 here, the opinions suggest that everyone involved in the litigation missed at least two key points:
1) the takedown/stay-up decision is an editorial one, and 230 categorically protects these editorial decisions however they come out. So all of the concurring opinion's machinations about the website’s decision not to remove are completely immaterial in light of 230.
2) the plaintiffs might have had more success with a Mazur-style attack, skipping the defamation claim against the website and instead trying to hold the website liable for its first party marketing representations. Here, the website voluntarily announced that it "contains facts believed to be totally accurate by sources with character and truthfulness as their primary attributes." What, if anything, did the website do to make that statement correct with respect to the guestbook postings? If the answer is nothing, that creates an opportunity to hammer the defendants for possibly bogus marketing representations. The Mazur attack might not have succeeded even in this case; the majority opinion indicates that site visitors would not have assumed the marketing representations extended to the guestbook postings. Nevertheless, it would have been interesting to see the discussion (especially given both the majority and concurring judges' antipathy towards 230) if the plaintiffs had framed this case about the marketing representations specifically and not the defamatory postings.
For more on the interplay between marketing representations and 230, see, e.g.:
* 47 USC 230 and Consumer Protection Talk Notes
* 47 USC 230 Talk at Fordham
* Ninth Circuit Mucks Up 47 USC 230 Jurisprudence....AGAIN!?--Barnes v. Yahoo
Posted by Eric at 11:09 AM | Content Regulation , Derivative Liability | TrackBack
April 29, 2010
Online Defamation Action Can Have Only One Defendant--Novins v. Cannon
By Eric Goldman
Novins v. Cannon, 2010 WL 1688695 (D. N.J. April 27, 2010). The CMLP page on Novins' initial demand letter. The CMLP page on the lawsuit. An aborted lawsuit blog putatively by Novins.
This is a defamation action over a USENET post. Doing research for this blog post required me to go back into USENET, a place I haven't been in years, and I was instantly reminded why I don't go there any more. Putting aside the signal-to-noise ratio, I simply could not intellectually comprehend most of the posts I saw. It's like the posts were written for people who live in a parallel English-speaking universe with a very different grammar and logic than mine. Who is still reading and writing this stuff??? And who in the world takes anything in an unmoderated USENET group seriously???
Charles Novins is an attorney. On Feb. 13, 2008, a person using the name Kevin Cannon posted to several USENET groups (apparently, none topical, e.g., alt.culture.alaska) a not-nice-if-untrue post entitled "Law Offices of Charles Novins hires drug addicts to fill your legal needs." The text is also attached to the end of the original complaint. Novins alleges that the post cost his firm money and spooked clients, prospective employees and colleagues.
Novins sued a whole bunch of people. The complaint is opaque about what role these people played in publishing the defamatory post but, as it turns out, it doesn't matter. The court says that 47 USC 230 does not immunize the post's author (presumptively Cannon), but it applies to everyone else regardless of their role as publishers/republishers/whatever. Effectively, then, the court's logic indicates there can only be one defendant in an online defamation action--the originator of the defamatory content. Everyone else should be protected by 230, period. As the court says:
it does not matter how Defendants republished the alleged defamatory statements—whether by email, website post, or some other method. The point is that all the Defendants in this case—with the exception of Cannon—acted as re-publishers of another person’s information, and as such they are protected by the CDA.
This ruling just reinforces what we already knew, but it is a good reminder that Web 2.0 participants (and even USENET participants) will not be liable for other people's content.
Posted by Eric at 08:16 AM | Content Regulation , Derivative Liability | TrackBack
April 08, 2010
"Mistake of Age" Defense When a Sexual Abuse Victim Inflated Her Age on MySpace
By Eric Goldman
I continue to see a troubling number of cases in Westlaw that involve an overaged male and underaged female having illegal sex, in some case facilitated by a social networking site (especially MySpace). In the past few weeks, I saw four cases where the victim's self-reported age on her MySpace profile was raised as part of a defendant's unsuccessful "mistake of age" defense to statutory rape charges.
In State v. Breathette, 2010 WL 702446 (N.C. App. Ct. March 2, 2010), the court rejected a "mistake of age" defense to a variant of statutory rape charges even when the victim had misreported her age to MySpace.
State v. J.S., 2010 WL 765367 (Wash. App. Ct. March 8, 2010), is another mistake of age case. In this case, a 16 year old boy had sex with a 13 year old girl he met on MySpace. She had reported her age as 17 on MySpace and 15 in person, and she said she was in middle school The boy believed she was actually 14. The crime applies to sex when the parties' age are more than 3 years different, and it is a defense if the defendant proves that “the defendant reasonably believed the alleged victim to be [of legal age] based upon declarations as to age by the alleged victim.” The court rejected the defense because "presented with the victim's conflicting and inconsistent declarations as to her age, the trial court is not compelled to find that the defendant reasonably believed that one of the conflicting statements must be true."
Both cases brought to mind US v. Haile, where an undercover cop had (mis)reported three different ages. I found that case more troubling because the cop, not a victim, communicated inconsistent information when he could have easily provided consistent information. Further, because no sex actually occurred, the defendant never got a chance to confirm the putative victim's age face-to-face before revealing his true intent.
Recently there were also two cases where the victim misreported her age in MySpace but the defendant never saw that misrepresentation. In these cases, the court refused to admit the MySpace evidence. See State v. Bol, 2010 WL 934113 (Minn. App. Ct. March 16, 2010) and People v. Avelar, 2010 WL 1079416 (Cal. App. Ct. March 25, 2010)
Students, if you are looking for a paper topic for the summer, I think it might be worth exploring the legal implications of sexual abuse victims' misreporting their age. In particular, I would love to explore the hypotheses that (a) MySpace's efforts to screen out 13 and 14 year olds implicitly encourages teens to inflate their self-reported ages, and (b) this age inflation exacerbates the number of underage sex crimes (I have a few theories why this might be the case). If these hypotheses were true, the state AGs' deals with MySpace and Facebook to block young teens actually could be spectacularly counterproductive and bad social policy.
Posted by Eric at 08:15 AM | Content Regulation | TrackBack
April 05, 2010
230 Protects Newspaper from Liability for Reader Comments--Collins v. Purdue
By Eric Goldman
Collins v. Purdue University, 2010 WL 1250916 (N.D. Ind. March 24, 2010)
The plaintiff, Timothy J. Collins, III, is a Purdue student. The defendant in this ruling is Federated Publications, which publishes a Lafayette, Indiana daily newspaper, the Journal & Courier.
On Jan. 13, 2007, Collins was assaulted on campus and sought hospital treatment. Separately, another Purdue student, Wade Steffey, was reported missing and last seen on Jan. 12. (Months later, Steffey was discovered dead on campus--as far as I can tell, his death still has not been satisfactorily explained). UPDATE: This report explains Steffey's tragic accidental death.
In mid-January, the police started investigating Collins in connection with Steffey's disappearance. On Feb. 5, the police charged Collins with "False Informing" for alleged misinformation Collins had provided to the police. On Feb. 10, the Journal & Courier reported on Collins' Feb. 5 charges in an article, "Student Who Reported Mugging Charged," published both online and off. The article led some readers to infer that Collins was involved in Steffey's disappearance, a topic explored in the online article's "vitriolic and hateful" user comments. The court recaps that "The posting of these readers' comments fueled the suspicious, charged atmosphere on campus at that time and inflamed the frenzied efforts to unravel the Steffey mystery."
This opinion doesn't explicitly say why Collins is on a litigation tear, but I infer that Collins believes he was improperly linked to the Steffey disappearance and was subjected to some harsh treatment by those who made that link. In this ruling, Federated Publications seeks to exit his lawsuit (although many other defendants are left).
Federated defends Collins' libel and false light claims on 47 USC 230, saying part of his claims are based on third party comments. Collins responded that the newspaper website doesn't qualify as a provider/user of an interactive computer service, an argument that goes nowhere. Instead, the court treats this as easy case (which it is):
Federated can be held liable for defamatory statements in its own material published on the website-such as the article if the article was defamatory-but cannot be held liable for the publication of remarks or postings by third parties. Like the defendant in Dimeo, Federated did not create or develop the posted comments and cannot be held responsible for them. Also like Dimeo, none of the facts before the court show any encouragement by Federated for readers to comment on the website articles in a defamatory way. Moreover, Collins has made no assertions in either his First Amended Complaint or his response briefs suggesting that Federated engaged in any of the revisions or redrafting discussed in Nemet or applied any editorial function whatsoever over the comments posted by the readers on its website. Collins himself titles these counts in his First Amended Complaint as “reader comments,” making them unattributable to Federated. Because Federated is immune from liability for the third-party content posted on its website by the CDA, Collins' claims charging Federated with liability for the third-party postings on its website fail.
To get around this, Collins tried an "inducement" style attack on 230, but the court rejected that as well:
Federated did nothing to induce any readers to post a commentary on the article nor to express a preference for a particular viewpoint in the posts. Nowhere in Collins' Amended Complaint is the assertion that Federated chose the particularly hateful and denigrating posts over a batch of kinder, gentler comments. Nor does Collins suggest that any of Federated's staff writers or editors were responsible for the particular posts or their content. To the contrary, Collins has identified these posts on the website as “reader comments” or “reader posts”, and taking Collins at his word, Federated cannot be liable for the statements made by these third-parties.
Note that 230 should have applied even if Federated had done some of these things--especially making editorial judgments about user comments--but the court didn't need to be more precise because Collins' argument failed on the facts he was working with. So in the end, this is an easy 230 case holding that the newspaper isn't liable for the online user comments.
The newspaper wins on other grounds too. The emotional distress claims were dismissed because the newspaper article was not outrageous or published with the requisite scienter; the libel and false light claims were dismissed because of the veracity of the story's exact words; and the statute of limitations also applied.
Posted by Eric at 03:16 PM | Content Regulation , Derivative Liability | TrackBack
March 31, 2010
March 2010 Quick Links
By Eric Goldman
Internet Exceptionalism
* Stern v. Sony Corp., CV 09-7710 PA (C.D. Cal. Feb. 8 2010) "to the extent Plaintiff is suing Sony as a manufacturer of video games, and the provider of online services, Sony is not a ‘place of public accommodation’ and is therefore not liable for violating Title III of the ADA" Nice complement to the Estavillo case. My prior post on Internet exceptionalism.
Online Competition
* Microsoft’s head algorithms guru says that Google's search engine beat Microsoft because Microsoft ignored the long tail of search queries. If Google and Microsoft made different product design choices and the marketplace liked Google's choices better, doesn’t this make it hard for Microsoft to complain about Google’s "anti-competitive" practices? I wonder if this talk was pre-cleared by Microsoft’s antitrust counsel.
* SJ Mercury News: Google's most recent 10-K lists some new self-identified competitors, including Yelp, Kayak & WebMD. By identifying some vertical players as competitors, such as Kayak and WebMD, does Google lend credence to the arguments by TradeComet and myTriggers that Google does compete with vertical search engines?
* In re eBay Seller Antitrust Litigation, 2010 WL 760433 (N.D. Cal. March 4, 2010). eBay wins summary judgment in an antitrust challenge: "Despite the voluminous briefing permitted in connection with both of the instant motions-which includes hundreds of pages of supporting documents-Plaintiffs have not drawn the Court's attention to any actual proof of antitrust injury caused by eBay's alleged anticompetive acts-on an individual or a classwide level."
Online Pornography
* U.S. v. Beckett, 2010 WL 776049 (11th Cir. March 9, 2010). A man posed as a 17 year old girl on MySpace and AOL, engaged boys in discussions, induced them to send nude photos, and then coerced them to have sex with him to prevent his dissemination of the photos.
* Miller v. Mitchell, No. 09-2144 (3rd Cir. March 17, 2010). This is the case where the government prosecutor threatened to bring felony charges against girls for "sexting." The court upholds a preliminary injunction against requiring the girls to go through an education program in lieu of felony prosecution.
* U.S. v. Durdley, 2010 WL 916107 (N.D. Fla. March 11, 2010). No privacy expectations in a flash drive left in a public computer.
Online Security
* Cormac Herley of Microsoft Research, "So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users." In my observations, users are actually intensely rational when it comes to privacy and security issues, and privacy and security advocates who don't fully account for this user behavior do so at their peril.
* Reuters takes a deep look at Innovation Marketing, a Russian scareware operation.
User-Generated Content
* Josh King explains why Avvo supports the proposed federal anti-SLAPP law.
* T.V. ex rel. B.V. v. Smith-Green Community School Corp., 2010 WL 935574 (N.D. Ind. March 11, 2010). Denying class formation for a lawsuit in response to a ridiculously harsh school suspension for a MySpace photo of ribald off-campus activity.
* Melton v. Boustred, 2010 WL 881919 (Cal. App. Ct. Mar 12, 2010). Boustred throws a ragin' party and advertises it via a MySpace open invitation. The plaintiffs show up and were beaten and stabbed at the party by unknown assailants. The court concludes that Boustred isn't liable for the physical injuries. Note to self: stay away from parties advertised via MySpace.
* Yelp Litigation Mania!
- Cats & Dogs Animal Hospital v. Yelp first amended complaint
- LaPausky v. Yelp complaint. A write-up.
- Levitt v. Yelp complaint.
- ClickZ: Ex-Yelper Helps Law Firms Go After Yelp
Anonymity
* Park West Galleries, Inc. v. Global Fine Art Registry, LLC, 2010 WL 742580 (E.D. Mich. Feb. 26, 2010). Using an online pseudonym can lengthen the defamation statute of limitations.
* White v. Baker, 2010 WL 1009758 (N.D. Ga. March 3, 2010). Mandatory reporting of Internet usernames by registered sex offenders violates the First Amendment.
Advertising and Marketing
* ClickZ: New Facebook Policies Clamp Down on 'Loose' Ad Copy.
* Coyote Pub., Inc. v. Miller, 2010 WL 816936 (9th Cir. March 11, 2010). Upholding the constitutionality of Nevada's restrictions on advertising prostitution.
Trademark
* WSJ: It's a crowded namespace for bands.
* 1-800Contacts, Inc. v. Memorial Eye, P.A., 2010 WL 988524 (D. Utah March 15, 2010). It was not objectively baseless for 1-800 Contacts to bring a trademark enforcement action over competitive keyword advertising.
* Rhea Drysdale tells how she busted the trademark application for "SEO."
* The Utah governor has signed SB 26, which (among other things) creates a bastardized version of ACPA. My initial comments on the proposed bill.
Copyright
* James Grimmelmann on Reed Elsevier v. Muchnick.
* Ben Sheffner has some updates in the Scribd lawsuits. My initial post on Scott v. Scribd.
* Ars Technica on an experiment to block users who are using ad blocking software from accessing its site.
General
* Hudson v. University of Puerto Rico, 2010 WL 1131462 (D. Minn. March 23, 2010). Passive blog does not confer general jurisdiction.
* Doe 1 v. AOL LLC (N.D. Cal. Feb. 1, 2010). "Plaintiffs' claims for violation of the ECPA (Count I), unjust enrichment (Count VI) and for public disclosure of private facts (Count VII) are subject to the forum selection clause because none are California consumer law claims." Prior blog post.
* Commonwealth v. Interactive Media Ent’mt and Gaming Ass’n, Inc., No. 2009-SC-000043-MR (Ky. Mar. 18, 2010). Challenge to Kentucky's seizure of 141 gambling-related domain names tossed on standing grounds. Prior blog post.
Posted by Eric at 08:42 AM | Content Regulation , Copyright , Domain Names , E-Commerce , Internet History , Licensing/Contracts , Marketing , Privacy/Security , Search Engines , Trademark , Virtual Worlds | TrackBack
March 25, 2010
Craigslist Wins $1.3M Default Judgment Against Autoposting Facilitator -- craigslist v. Naturemarket
[Post by Venkat]
craigslist, Inc. v. Naturemarket, Inc., Case No. C 08-05065 PJH (MEJ) (N.D. Cal. March 5, 2010) [scribd] (report and recommendation adopted on February 5, 2010)
Craigslist obtained a 1.3 million dollar default judgment against defendants Naturemarket, Inc. and Igor Gasov.
Naturemarket (doing business as powerpostings.com [typical bad choice of name]) sold software which allowed its customers to automatically post listings to craigslist. As advertised by defendants, the software made "the difficult craigslist posting process child's play and [helped users] manage and multi-post . . . ads." Defendants also advertised "posting agent" services where defendants would post ads on behalf of customers. Finally, defendants sold software that scraped email addresses from the craigslist site.
Craigslist sued alleging claims under (1) copyright; (2) DMCA; (3) the Computer Fraud and Abuse Act; (4) trademark; (5) breach of contract/terms of use. Defendants failed to contest the suit. The court granted default judgment against defendants:
Copyright Infringement: Craigslist alleged it registered protectable elements of its site (the "post to classified, account registration and log-in features") and that defendants copied these elements of the craigslist site when developing, testing, and using their auto-posting software. The court accepted these allegations at face value, notwithstanding questions as to what parts of the craigslist site were copyrightable (minus the listings themselves, obviously), how the copying here was different from search engine copying under an implied license, and the fact that it's awkward to conclude that browsing in excess of the terms of use constitutes copyright infringement.
DMCA Violations: The court agreed with craigslist that defendants violated two provisions of the DMCA through making available, among other things, "pre-verified craigslist accounts and CAPTCHA credits." There's precedent that supports the proposition that at least some of these types of acts do not violate the DMCA. (See, for example Egilman v. Keller & Heckman, LLP, 401 F. Supp. 2d 105, 113-14 (D.D.C. 2005) ("using a username/password combination as intended--by entering a valid username and password, albeit without authorization--does not constitute circumvention under the DMCA.").) Real made a similar argument to the one defendants would have made here, but this argument was rejected. Either way, the trouble with the court's conclusion is that it's not clear that a violation should be based on use of an anti-circumvention mechanism in a way that's not authorized. This isn't the type of conduct that the DMCA is necessarily meant to address. Mike Masnick flags this aspect of the ruling here.
Computer Fraud and Abuse Act: The Computer Fraud and Abuse Act claims were premised on access of craigslist computers in violation of the craigslist terms of service. This argument is often used in civil cases, but most recently received attention in the Lori Drew case, a criminal case. The Lori Drew case illustrated many of the problems with imposing Computer Fraud and Abuse Act liability based on violations of a terms of use. Professor Goldman's post when the case first started is a good read.
Trademark Infringement: Craigslist alleged that defendants used the craigslist mark "in the text and . . . the headings of sponsored links on internet search engines to advertise their auto-posting products and services." The court cites to American Blinds for the proposition that this will cause "initial customer confusion". (Here's one of Prof. Goldman's posts on American Blinds.) It's odd to see craigslist arguing initial interest confusion. These are the types of arguments one would expect to see against craigslist (for example by someone suing it for trademark infringement, not made by craigslist.
Breach of Contract/Terms of Service: Craigslist pointed to provisions in its terms of use which prohibited the use of automated means and posting agents to post listings. Craigslist argued that defendants violated these provisions and induced craigslist users (who were customers of defendants) to violate these provisions. The court awards $840,000 in liquidated damages based on the terms of use claims asserted by craigslist. Craigslist argued that defendants posted at least 18,200 ads or alternatively defendants posted 4,200 ads as a posting agent. The court assumes for purposes of calculating damages, that the lower number is correct and awards $840,000 based on this number. For each listing posted in violation of the terms of service, the court awarded $100 in liquidated damages (and an extra $100 for each item posted as a "posting agent"). [Note to self: be careful about posting items in violation of the craigslist terms of service!]
Attorney's fees: Craigslist sought $83,614.45 in fees, for the work performed by 5 lawyers and one paralegal. The court found the hours expended reasonable, but reduced the hourly rate slightly, ultimately awarding $65,038.20 in fees. (As a side note, what's up with the reduction in billing rates by one dollar in the April-June 2009 time period. The hourly rates for one partner went from $525 in 2009 to $550 in January-March 2009, to $549 in April-June 2009. Does the one dollar change in someone's hourly rate really matter?)
____
This case is similar in many ways to Ticketmaster v. RMG, where Ticketmaster sued RMG, a company that automated the ticket buying process on behalf of its customers. Following the issuance of an injunction, Professor Goldman noted that this case was "a troubling Cyberlaw development." The claims asserted by craigslist here suffered from some of the same weaknesses as those in Ticketmaster. On the other hand, this was in the context of a default judgment, where the good faith allegations in the complaint are taken as true, and craigslist knew it had to only make colorable arguments. It wants to keep out certain perceived bad actors. In the default judgment context, I'm not sure how much it can be faulted for not fine-tuning its legal arguments. That said, it's always tough to read through these types of rulings without cringing.
One of the more troubling things about the ruling is how the terms of use supports three separate claims: the copyright claims, the Computer Fraud and Abuse Act claim and, of course, the breach of contract claim. It's unsettling to see the website terms of service (which are typically tough to read and digest, rarely read by end users, and incredibly one sided) be given enough clout to support serious statutory violations. But this is nothing new, and courts always seem to be willing to accept these types of arguments.
Another issue for craigslist to consider is whether any of the arguments could come back to bite craigslist. I haven't thought through whether there was a good section 230 argument to be made here, I'm guessing not. Assuming there was, it doesn't seem like such a good idea for craigslist to knock down that argument. It's the classic section 230 beneficiary. At any rate, at a basic level, craigslist is ultimately suing Naturemarket based on harm caused by end users. This is exactly what state regulators did to craigslist. The initial interest confusion argument is also one that does not seem like it's in craigslist's interest to push.
Finally, I'm always curious as to what these damage awards accomplish. How often does the company chase down the defendant's assets? More likely, this is something that can be waved around to other potential defendants to get them to comply and/or settle.
Related: Mike Masnick discusses some of these issues in a post flagging an early round of lawsuits filed by craigslist against spammers: "Craigslist's Dumb Lawsuit Against Spam Tool Provider"
Posted by Venkat at 09:25 AM | Content Regulation , Copyright , Licensing/Contracts , Spam , Trademark
March 22, 2010
Search Engine Legal Developments to Watch in 2010
By Eric Goldman
I recently spoke on a panel about search engines and the law at SMX West. I previewed four major trends in search engine law to watch in 2010:
1) Competition issues. Antitrust/competition law has become a big part of the search engine industry. There are two main flash points: Google’s high percentage of the search advertising business and Google’s black box algorithm for organic search results. Both facets are troubling to competitors and regulators, but they are creating extra friction with “vertical search engines” that portray themselves as competition for Google.
Recent antitrust/competition battles:
* Google-DoubleClick acquisition scrutiny
* Google-Yahoo search syndication deal killed by DOJ
* >a href="http://blog.ericgoldman.org/archives/2009/07/microsoftyahoo.htm">Microsoft-Yahoo deal
* DOJ and Microsoft opposition to Google Book Search settlement
* Person, KinderStart and Langdon civil lawsuits against Google
Present battles:
a) EU complaints from a UK price comparison site, Foundem, a French legal search engine called ejustice.fr, and Microsoft's Ciao! from Bing. Wired: “Google says the companies accuse it of wielding its dominance as a search engine to squelch competition by preventing people from finding their vertical search engines.”
b) US actions: TradeComet and myTriggers. Do these lawsuits have Microsoft ties? In a blog post “Competition Authorities and Search,” Microsoft came out of the closet and admitted it was harassing Google on antitrust issues.
The underlying battle: who should decide what content and ads that searchers see? Two main options: search engines or regulators. Seems like an easy call to me. See my Search Engine Bias article. An under-addressed issue: the role of 47 USC 230(c)(2) in search engines' filtering decisions.
2) keyword advertising lawsuits against Google. 8 lawsuits are pending. The Rosetta Stone case scheduled for trial in May. There are no known US legislative initiatives, especially now that the Utah legislature has adjourned for the year. We are all anxiously awaiting the issuance of the ECJ opinion tomorrow at 1:30 am CA time (I'll blog it as fast as I can).
3) Search engines and copyright. Pending US cases include Viacom v. YouTube, Perfect 10 v. Google and the Google Book Search settlement. Plus, Google's tussles with AP, News Corp. and other news organizations.
4) Search engine compliance with foreign laws, including the Google-China flap and the Google Videos conviction in Italy. This has stirred the pot in Congress again. The latest: Sen. Durbin’s is threatening to force Web companies to join the Global Network Initiative and stop dealing with repressive regimes…which is a resurrection of Chris Smith’s Global Online Freedom Act. Hypocrisy alert! In light of point #1, will the US itself be put on the list of repressive regimes? Plus, as we’ve seen, Google’s single-handed efforts to take down the Chinese government haven’t worked so well.
Posted by Eric at 10:15 AM | Content Regulation , Copyright , Derivative Liability , Internet History , Search Engines , Trademark | TrackBack
March 03, 2010
Why I Support HR 4364, the Proposed Federal Anti-SLAPP Bill
By Eric Goldman
In mid-December, in a move that got a little lost in the holiday shuffle, Rep. Steve Cohen (D-TN) introduced HR 4364, the “Citizen Participation Act of 2009,” proposing a federal anti-SLAPP law. This blog post explains why I enthusiastically support this bill as way to help preserve the Internet's vibrancy as an information resource.
What is a "SLAPP"?
SLAPP stands for "Strategic Lawsuit Against Public Participation." The term was coined about three decades ago by two Denver University professors, George Pring and Penelope Canan. Pring and Canan recognized that lawsuits were discouraging people from participating in vital government processes. Thus, they advocated for a statute that would curb these anti-democratic lawsuits.
How Do Anti-SLAPP Laws Work?
In the past quarter-century, more than half of the states have implemented anti-SLAPP protection. These laws vary in several key respects, but they generally have two features. First, they provide an expedited procedure for defendants to end SLAPPs early. Effectively, defendants can turn the tables on the plaintiffs, file an anti-SLAPP motion to strike the litigation, and thereby ask the court to end the lawsuit much more quickly than under traditional rules. Second, anti-SLAPP laws allow successful defendants to be awarded their legal defense costs.
Thus, anti-SLAPP laws have a number of benefits: they get meritless cases off court dockets early, they force plaintiffs to think carefully about their lawsuits’ merits, and they make defendants financially whole for improper lawsuits. The laws protect online and offline speech equally.
The Benefits of a Federal Anti-SLAPP Law
While a majority of states already have anti-SLAPP laws, a federal anti-SLAPP law would provide a baseline level of protection in those states plus provide new protection in the 20+ states that do not have an anti-SLAPP law. For more on this, see this blog post.
Why I Support the Proposed Legislation
Originally, SLAPPs were conceived as lawsuits suppressing citizens' rights to monitor government functions. Over time, we've realized that this construction is too narrow. Although we still need to protect government watchdogs, we also need to guard against plaintiffs who use litigation to remove socially valuable content from our information ecosystem.
Personally, I am especially interested in the flow of information about goods and services in our marketplace, such as consumer product reviews. All too often, vendors use actual or threatened litigation to take down content that criticizes their offerings. The proposed federal anti-SLAPP law applies to those lawsuits. Thus, if enacted, the federal anti-SLAPP law will help consumers share their true feeling about marketplace offerings with less fear of meritless lawsuits from vendors who would rather fight in court than compete.
BoingBoing’s recent resolution of a lawsuit brought by MagicJack nicely illustrates the virtues of anti-SLAPP laws. BoingBoing blogged some criticisms of MagicJack’s offerings, and MagicJack unwisely responded to that post with a lawsuit. Fortunately for BoingBoing, MagicJack sued it in California, which has a robust anti-SLAPP law. As a result, BoingBoing was able to end the lawsuit early (BoingBoing won its anti-SLAPP motion less than 3 months from complaint filing) and get the court to order MagicJack to pay its attorneys’ fees of over $50k. This story would have ended less happily for BoingBoing if the exact same lawsuit had been brought in a state without an anti-SLAPP law (or with narrower anti-SLAPP protection). In those states, even if BoingBoing had defeated the lawsuit, it would have taken much longer, and BoingBoing would have borne its $50k+ litigation costs. The federal anti-SLAPP law will ensure that content publishers throughout the country will enjoy the same protection that BoingBoing got.
For other examples of successful anti-SLAPP motions that I’ve covered on this blog, see:
* Griping Blogger Gets Fair Use and Anti-SLAPP Win--Sedgwick v. Delsman
* Gardner v. Martino (9th Cir. April 24, 2009)
* McVey v. Day, 2008 WL 5395214 (Cal. App. Ct. Dec. 23, 2008)
* Stress-Relieving Company Gets Anti-SLAPPed Per 230
* Vanginderen v. Cornell (S.D. Cal. June 3, 2008)
* Optima Funding, Inc. v. Strang, 2007 WL 1430699 (Cal. Ct. App. May 16, 2007)
* Blogger Protected by Anti-SLAPP Statute--GTX v. Left
* KinderStart v. Google Dismissed--With Sanctions Against KinderStart's Counsel (the anti-SLAPP motion was denied, but it should have been granted)
* Google Wins Lawsuit Over Search Results--Maughan v. Google
Why Federal Anti-SLAPP Legislation Isn't Enough
Although I strongly support the federal anti-SLAPP legislation, it’s just a start. Only a small fraction of disputes over consumer product reviews lead to court (which then triggers anti-SLAPP coverage), so anti-SLAPP protection--though valuable in litigated cases--won't help in the vast majority of disputes. Thus, I would like to see legislation that creates a cause of action when content publishers a receive bogus cease-and-desist/nastygram takedown demand. Those illegitimate demands intimidate many recipients who fear a lawsuit, even if they would win an anti-SLAPP motion. Accordingly, using meritless threats, vendors can excise critical content from the Internet. 17 USC 512(f) provides a limited counterbalance against bogus copyright takedown notices; it could provide a useful starting point for conceptualizing a broader anti-bogus-takedown law.
How You Can Help
While there’s no effort yet to extend 17 USC 512(f) protection beyond copyright law, we do have a federal anti-SLAPP bill pending in Congress that needs your support. Learn more about this important effort from The Public Participation Project. With so many issues percolating in Congress, it would be easy for the federal anti-SLAPP bill to get overlooked. As a result, the bill will require significant grassroots support to climb up the legislative priority list. If you are interested in being actively involved in the effort, contact me or go here.
Posted by Eric at 09:43 AM | Content Regulation , Copyright , Derivative Liability | TrackBack
March 02, 2010
February 2010 Quick Links
By Eric Goldman
Copyright
* Mavericks Recording Co. v. Harper (5th Cir. Feb. 25, 2010). 17 USC 402(d) precludes an innocent infringement defense in P2P downloading case when the record companies place proper copyright notices on their works. This is consistent with language from BMG v. Gonzalez in the Seventh Circuit.
* Perfect 10 and Amazon settle on confidential terms; Perfect 10 v. Google will keep going. Previous blog coverage of this case (1, 2, 3, 4, 5).
* Veoh won in court (1, 2, 3) but still got knocked out of the marketplace.
* Project DoD, Inc. v. Federici, 2010 WL 559115 (D. Me. Feb. 11, 2010). In a 512(f) lawsuit I blogged about in December, the judge upheld the magistrate report dismissing for lack of personal jurisdiction because the plaintiff had moved and no longer had ties to Maine.
* MCS Music America, Inc. v. YAHOO Inc., 2010 WL 500430 (M.D. Tenn. Feb. 5, 2010). MCS sued Yahoo over infringement of its songs, and the court says that it can only get statutory damages for each song infringed. This means that if Yahoo performed 8 different covers of the song, MCS is only entitled to statutory damages for one infringed work.
Trademark
* Monex Deposit Co. v. Gilliam, 2010 WL 325570 (C.D. Cal. Jan, 25, 2010). The courts says a gripe site called "MonexFraud.com" may cause initial interest confusion of the Monex trademark. Are you kidding me?
* Typographically erroneous phone numbers always struck me as a much greater problem than "typosquatters."
Contracts
* Asch Webhosting, Inc. v. Adelphia Business Solutions Investment, LLC (3rd Cir. Jan. 25, 2010). 3rd Circuit upholds consequential damages waiver in B2B Internet connectivity contract. Prior blog discussion.
Blogging/Social Networking Sites
* Cats & Dogs Animal Hospital v. Yelp (C.D. Cal. complaint filed Feb. 24, 2010). The plaintiffs allege that Yelp violates California B&P 17200 by using a pay-for-play scheme.
* Rick Frenkel speaks about his Troll Tracker blogging days.
* In re Perry, 2010 WL 374770 (Bankr. S.D. Tex. Feb. 3, 2010). Emailing links to a third party's defamatory blog constituted "publication" of the blog for defamation purposes. The court doesn't discuss 47 USC 230 at all!
* Cunningham v. West Virginia, 2010 WL 415257 (S.D. W.Va. Jan. 26, 2010). MySpace does not impermissibly discriminate against sex offenders.
* Evans v. Bayer, 2010 WL 521119(S.D. Fla. Feb 12, 2010). A student's off-campus creation of a Facebook Group called "Ms. Sarah Phelps is the worst teacher I've ever met" may not be an appropriate grounds for school discipline.
* Snowball fight leads to a rampage at Macy's? Blame Facebook!
* Marshall v. City of Savannah, 2010 WL 537852 (11th Cir. Feb. 17, 2010). A probationary firefighter posted an official fire department photo on her MySpace page. After a reprimand, the employment relationship deteriorated and she was fired. The 11th Circuit affirms the dismissal of her discrimination and retaliation claims.
* BoingBoing gets an anti-SLAPP win--including its attorneys' fees--in a defamation lawsuit over one of its blog posts. The anti-SLAPP ruling.
* Berkery v. Estate of Stuart, 2010 WL 610631 (N.J. Super. A.D. Feb. 23, 2010). "The investigative function an author performs is not substantively different from an investigative journalist. The dispositive element is not the form of the investigative process. In an era marked by a diminution of the classic newsmedia and the print investigative journalist and the proliferation of investigative reporting in media such as cable television, documentary journalism-both televisions and movies-internet reporting and blogging, the need for protection remains the same. Whether Hornblum was writing a book, news article, a screenplay or a blog, the substance of his body of work remains the same."
Search Engines
* After some innuendo about Microsoft’s role in harassing Google on antitrust/competition issues, Microsoft effectively admits as much. Also see this Wall Street Journal article on the Microsoft-Google tussles.
* Search Engine Land: Google AdSense Using Search History In Contextual Matching
* Munger v. State, 2010 WL 537641(N.C. App. Feb. 16, 2010). Rejecting a taxpayer challenge against a NC law designed to provide financial incentives for Google to build a facility there.
* Lengthy Wired article on Google's algorithm.
* Nature: Chinese researchers don’t want to lose access to Google. My blog post on this topic.
* Business Insider: In Case You Had Any Doubts About Where Google's Revenue Comes From
Advertising
* Thomas O'Toole: Does "No Contract" Really Mean No Contract?
* MediaPost: Start-Up Links 65 Million IP Addresses To Users, Readies Targeting Platform. This is not going to end well.
* More troubling words for online advertisers from FTC BCP Director David Vladeck.
* Zelotes v. Rousseau (Conn. Grievance Committee). Attorneys participating in an Internet lead generation system that allocated leads geographically didn't violate the attorney Rules of Professional Conduct.
Online Crimes
* F.T.C. v. Pricewert LLC, 2010 WL 329913 (N.D. Cal. Jan. 20, 2010). FTC gets a default injunction against an Internet access provider that allegedly provided connectivity for activities such as child pornography, botnets, spyware, and viruses.
* US v. Little. The Eleventh Circuit disagrees with the Ninth Circuit regarding the appropriate geographic scope to measure the obscenity of Internet material.
* 3 Google executives were convicted in Italy of criminal privacy violations for a user-uploaded video to Google Video. NYT article. Google's response. A refresher on the Felix Somm conviction from 1998.
* Online ticket sellers are getting the smackdown. Criminal prosecutions of online ticket brokers who allegedly played dirty in jumping the queue. The FTC cracks down on Ticketmaster and warns other online ticket sellers.
Posted by Eric at 05:04 PM | Content Regulation , Copyright , Derivative Liability , Domain Names , E-Commerce , Internet History , Licensing/Contracts , Marketing , Search Engines , Trademark | TrackBack
February 26, 2010
Forwarding Defamatory Email with Introductory Comments Protected by 47 USC 230--Phan v. Pham
By Eric Goldman
Phan v. Pham, 2010 WL 658244 (Cal. App. Ct. Feb. 25, 2010)
This is the first 230 case I'm blogging about in 2010 (see my 2009 recap), and what a nice ruling to start the year. The facts are crisp and clean: An email author wrote an allegedly defamatory email about plaintiff Phan and sent it to a group of recipients, including defendant Pham. Pham then forwarded the email with the following additional comments to at least one recipient:
“Everything will come out to the daylight, I invite you and our classmates to read the following comments of Senior Duc (Duc Xuan Nguyen) President of the Federation of Associations of the Republic of Vietnam Navy and Merchant Marine.”
[Note: the relevant emails were originally in Vietnamese, but no one contested the English translations]
As we know, 47 USC 230 divides the universe of content into two buckets: first party content and third party content. In some cases, like Roommates.com or Mazur, the division between the two buckets is very murky. But in this fact pattern, Pham's email can be cleanly zoned into first party and third party content, which makes 230's application pretty simple. Per the 2006 California Supreme Court ruling in Barrett v. Rosenthal, California law is unambiguous that Pham isn't liable for the contents of the forwarded email.
But what about the fact that Pham chose to forward the email? In the post-Roommates.com era, I routinely encounter misguided arguments that an online actor's affirmative decision to republish third party content strips away 47 USC 230 protection. Roommates.com even has some ambiguous language suggesting this outcome. (The court is so baffled by the Roommates.com opinion that it simply quotes multiple paragraphs in a footnote, as if we will be able to divine some coherence from the language that escaped this judicial panel).
However, that's never been the law. See, e.g., Barrett v. Rosenthal, Batzel v. Smith, D'Alonzo v. Truscello and the many Ripoff Report cases; but see the goofy Woodhull case). As this case illustrates, nothing on this point has changed in the post-Roommates.com era. Instead, the court believes (as I do) that the Roommates.com opinion turned on the fact that Roommates.com "created a website 'designed to solicit and enforce housing preferences that are alleged to be illegal.'” Without the mandatory illegality, 230(c)(1) protects an editorial decision to publish third party content just as much as it protects the decision not to. The court expressly rejects any implication that Roommates.com trumped Barrett v. Rosenthal or California law on that point.
In a footnote, the court says it is expressly not addressing the Moreno concurrence in Barrett v. Rosenthal that an alleged conspiracy between content originator and content republisher would trump 230.
For those of you keeping score, this is a rare case where Roommates.com was distinguished rather than cited in support of the defense. But in the end, the defense still easily won the 47 USC 230 ruling.
With 230 resolved in Pham's favor, the only remaining question is Pham's liability for his first party content--the email introduction he wrote. There's no question that Pham can be liable for his own words (see, e.g., the uncited Tefft case), but in a brief and breezy opinion, the court says that Pham didn't say anything impermissible. The only "substance" to Pham's introduction is a vague assertion to the effect that the truth will come out. That's not defamatory, even if it implicitly suggests that the forwarded email may help enlighten the truth.
Posted by Eric at 11:56 AM | Content Regulation , Derivative Liability | TrackBack
February 12, 2010
Ripoff Report Sues Blogger, Loses on Jurisdictional Grounds--Xcentric Ventures v. Bird
By Eric Goldman
Xcentric Ventures, LLC v. Bird, 2010 WL 447759 (D. Ariz. Feb. 3, 2010). See the initial complaint.
I usually find personal jurisdiction rulings mind-numbingly uninteresting, so I try my best to avoid them. However, some personal jurisdiction cases are exceptional, and this is one of them. It involves one of this blog's favorite litigants, the Ripoff Report, as a defamation plaintiff against a well-respected lawyer-blogger, Sarah Bird, COO and GC of SEOmoz.
The case involves Sarah's Jan. 2008 blog post on the SEOmoz blog entitled "The Anatomy of a RipOff Report Lawsuit." As you may know, many SEOs HATE Ripoff Report because of Ripoff Report's frustratingly high ranking in Google search results, which might be more attributable to Ripoff Report's venerability than its content quality. To cater to her audience's interest/fascination with Ripoff Report, Sarah undertook the Herculean effort of trying to catalog all of the Ripoff Report litigation she could find and narrate some of the litigation dynamics. It's a project I would not have undertaken because I know how long a project like that takes, but I was grateful she did the work and shared it with the rest of us. The post was a useful public service for researchers like me.
Perhaps not surprisingly given the overwhelming volume of information required to prepare her report, Sarah's post contained at least one factual error, which she subsequently admitted. The post also prompted a conversation between Sarah and Thomas Duffy, the Ripoff Report's former general counsel (a position now held by David Gingras). Sarah reported on their conversation in a follow-on post.
In my opinion, that should have been the end of it. Sarah undertook a near-impossible research task, made some errors, hashed out some issues with Ripoff Report and posted a follow-up. Instead, feeling that the article still encourages third party plaintiffs to bring false claims, Ripoff Report sued Sarah for defamation and "aiding and abetting" tortious acts by others.
This is not the first time that the Ripoff Report has gone on the defamation offensive. For example, I wrote about their lawsuit against the Phoenix New Times for an important work of investigative journalism they published. See my April 2008 blog post on that lawsuit and Thomas Duffy's response. So it isn't surprising that Ripoff Report sued Bird, but I still think it's an unfortunate turn of events.
It is also a lawsuit that could backfire. Every defamation lawsuit Ripoff Report brings could establish adverse legal precedent that increases the potential exposure of their own contributors--some of whom probably are not as careful as Sarah. In my opinion, this risk is doubly troublesome because contributors can't remove their reports from Ripoff Report, even if the contributor believes that taking down the content would reduce their liability.
In today's case, the court rejected the Ripoff Report's lawsuit against Bird due to her lack of personal jurisdiction in the Ripoff Report's home court of Arizona. Ripoff Report tried to establish jurisdiction using the Calder "Effects Test." The court, trying to read ambiguous 9th Circuit precedent interpreting that test, says:
mere knowledge of an individual's residence, combined with intentional posting of defamatory statements on the internet (which, taken together, makes it foreseeable an individual will be harmed in a certain forum location) does not amount to “express aiming.” Although what else is required is unclear, the express aiming requirement appears to demand a showing that there is at least some additional connection between the defamatory act and the forum.
Applying this standard, the court concludes "the Plaintiffs in this case have alleged no connection between the allegedly defamatory article and the forum other than that the article was about Plaintiffs and Defendants knew Plaintiffs resided in Arizona." Therefore, personal jurisdiction didn't attach.
It's clear from this opinion that the judge didn’t know what to do with the prevailing Ninth Circuit precedents. Surprise—another area where the Ninth Circuit has horked Internet law. As a result, the court's assessment of Ninth Circuit law is not completely free from doubt. However, it is also clear that this judge doesn't want to hear this case. In a footnote, the court notes the policy concerns about an expansive interpretation of the Calder Effects Test:
The ability to hale an internet user into a distant forum based on an allegation of intentional defamation could be used to chill free speech. It is true that a rule to the contrary could effectively deprive individuals who cannot afford to litigate outside their forum of a remedy for internet-based defamation....The harm caused by internet-based defamation can be quite severe and widespread, and conventional wisdom might be that one should have the right to remedy that harm without having to litigate in a distant forum. These concerns are mitigated, however, by the relative ease of modern air travel. It is also important to remember that at the pleading stage a plaintiff need only make a prima facie case of defamation. Requiring plaintiffs to bear the burden of traveling is consistent with requiring plaintiffs to bear the burden of proof at trial, and with the goal served by personal jurisdiction rules of preventing defendants from being unreasonably haled into a distant, and potentially biased, forum.
So true! Yet, judges rarely dismiss cases on jurisdictional grounds, so it's not clear how many other judges would embrace these sentiments.
I reached out to David Gingras, and he informed me that Ripoff Report is planning to appeal this ruling. There may be some legal ground to reevaluate the district court's reading of Ninth Circuit law, but going to the Ninth Circuit has some peril for Ripoff Report too (remember Kozinski's harrassthem.com example?). Stay tuned.
Posted by Eric at 01:02 PM | Content Regulation , Search Engines | TrackBack
February 09, 2010
Catching Up With Wikipedia
By Eric Goldman
I recently posted the final published version of my article Wikipedia’s Labor Squeeze and its Consequences. In the course of updating the draft, I reviewed the news coverage of Wikipedia from the second half of 2009, and I thought I would share some of the more interesting tidbits that caught my eye.
Flagged Protection v. Flagged Revisions
The biggest news from the second half of 2009 was the August announcement from the Buenos Aires Wikimania that the English-language Wikipedia was rolling out Flagged Revisions for living people's biographies. It was first reported by Noam Cohen at the New York Times and then repeated in countless articles. I think the announcement took everyone by surprise because it seemed to come from out of the blue. Several other Wikipedia versions deploy Flagged Revisions, but before Wikimania, the consensus had been to try Flagged Protection and Patrolled Revisions--not Flagged Revisions--on the English-language Wikipedia.
[Some of you may be wondering: what's the difference? A lot! With Flagged Revisions, most user edits are invisible to logged-out readers until a more trusted editor approves them. Flagged Protection is a variation of Full Protection and Semi-Protection. Edits from less trusted users to protected articles are invisible to logged-out readers until a more trusted editor approves them. Flagged Protection substitutes for Full Protection, where less trusted users cannot make any edits to the protected articles whatsoever; and semi-protection, where only some users can make edits to those articles. The percentage of articles currently fully- or semi-protected is very low--I believe less than 1%--and presumably Flagged Protection would be used equally sparingly. In contrast, the media announcements indicated that Flagged Revisions would apply to all living people's biographies, a significant minority of Wikipedia entries. Patrolled Revisions is more procedural than substantive; it's merely a way for editors to communicate with each other that they have verified previous edits.]
The fact that Wikipedia apparently leapfrogged Flagged Protection to adopt the much more restrictive Flagged Revisions seemed like an ominous development and perhaps an indication that the vandals and spammers were winning more than we thought. The public angst over Wikipedia's announced move was deafening. People seemed to be genuinely shocked that Wikipedia might make a wholesale move from an open edit site to something substantially more restrictive.
However, this angst was misdirected. Despite multiple efforts to get clear information from Wikipedia (including this unbelievably confusing blog post), it turns out that the English-language Wikipedia isn't adopting Flagged Revisions at all but instead is proceeding with its trial of Flagged Protection. I think Farhad Manjoo properly captured our collective frustration in his TIME article entitled Jimmy Wales Quietly Edits Wikipedia’s New Edit Policy: “In several interviews, including many with TIME, officials at the Wikimedia Foundation, the nonprofit that manages Wikipedia, explained that the user-edited online encyclopedia would soon impose restrictions on articles about living people.” I really don't understand how or why Wikipedia successfully misdirected us for weeks, but they could have easily avoided a lot of confusion with a clearer announcement and more prompt corrections.
So the bottom line is that, despite the August drama, Wikipedia is not flipping its default to closed editing yet.
Nevertheless, as I explain in my Wikipedia Labor Squeezes article, Wikipedia inevitably will adopt more restrictive editing policies. It's just a matter of time. Accordingly, I will not be surprised when Wikipedia announces more restrictions. In contrast, judging from the reaction to the August announcement, I expect most people will be shocked when they next hear of Wikipedia's next effort to deploy a more restrictive editing policy.
Wikitrust
In late August, Wired reported that Wikipedia was adopting Wikitrust, a tool that automatically color-codes edits to an entry to show the projected credibility of those edits. Thus, at a glance, a reader can tell which parts of an entry are more likely to be accurate and which parts should be scrutinized more closely. Amazingly, though, this was also a botched announcement (read the update to the Wired article). Wikipedia is only conducting a trial of Wikitrust.
A Couple Other Interesting Factoids
From New Scientist: ""Occasional" editors, those who make just a single edit a month, have 25 per cent of their changes erased, or reverted, by other editors, a proportion that in 2003 was 10 per cent. The revert rate for editors who make between two and nine changes a month grew from 5 to 15 per cent over the same period."
From NY Times: Wikipedia contributors are 80% male, 65%+ single, 85%+ childless and 70% under 30 years old. As I explain in my article, this is a group that will experience significant life changes, which in turn will reduce or eliminate the time they have to contribute to Wikipedia. Will sufficient numbers of replacements emerge?
From an article entitled The Singularity is Not Near: Slowing Growth of Wikipedia
- "the number of active editors and the number of edits, both measured monthly, has stopped growing since the beginning of 2007"
- "The rate of reverts-per-edits (or new contributions rejected) and the number of pages protected has kept increasing. Occasional editors experience a greater percentage of reverts per edits in comparison to the more prolific editors."
The Wall Street Journal Article
On November 23, the Wall Street Journal published an A1 article entitled I spoke with the reporter in June but my remarks only made the sidebar. The lead paragraph thesis is that "unprecedented numbers of the millions of online volunteers who write, edit and police [Wikipedia] are quitting." Citing research by Felipe Ortega, the article says that the English-language Wikipedia suffered a net editor loss of 49,000 in Q1 2009 (compared with a net loss of 4,900 in Q1 2008). It's worth reading the entire article. It stirred the pot quite a bit.
Erik Moeller, Wikipedia's Deputy Director, responded to the article with (among other things) a different cut at the numbers:
Studying the number of actual participants in a given month shows that Wikipedia participation as a whole has declined slightly from its peak 2.5 years ago, and has remained stable since then. (See WikiStats data for all Wikipedia languages combined.) On the English Wikipedia, the peak number of active editors (5 edits per month) was 54,510 in March 2007. After a more significant decline by about 25%, it has been stable over the last year at a level of approximately 40,000.
My Prediction
Consider this blog post my 4+ year check-in on my prediction in December 2005 that Wikipedia would fail in 5 years. In that post, I didn't tightly define what I meant by "failure," and frankly my "failure" rhetoric has been unintentionally and unnecessarily inflammatory. In all cases, I'm not rooting for Wikipedia's failure (however defined).
However, I remain baffled by the folks who are so enraptured by Wikipedia's mystique that they believe the site will defy gravity. Whatever you take away from the data points I cite in this post, I think it's undeniable that Wikipedia is changing in material ways. Bright minds might disagree about whether those changes are good or bad. From my perspective, Wikipedia's evolution has followed a fairly predictable path. Like many UGC websites, contributor activity peaks and then declines, and the transition from first generation contributors to second generation contributors naturally has some bumps. More structurally, Wikipedia has followed an entirely predictable evolution of progressively tighter editorial policies, and I anticipate even tighter editorial controls are come (to be accompanied by shocked public outcries each time).
As for my prediction, I'm waiting to see what develops this year, especially at Wikimania in August. Whether I'm right or wrong, I'll post my 5 year assessment of my prediction in December.
Posted by Eric at 11:48 AM | Content Regulation , Internet History | TrackBack
February 07, 2010
Third Circuit Schizophrenia Over Student Discipline for Fake MySpace Profiles
By Eric Goldman
J.S. v. Blue Mountain School District, 2010 WL 376186 (3rd Cir. Feb. 4, 2010)
Layshock v. Hermitage School District, 2010 WL 376184 (3rd Cir. Feb. 4, 2010)
Now that I’m a middle-aged man, I don’t find fake online profiles funny at all. But if the Internet had been around when I was in my early teens, I probably would have found a salacious fake online profile of a school authority figure side-splittingly funny. Unfortunately for today’s teens, the toxic brew of easy access to MySpace plus an underdeveloped sense of humor plus anti-authority sentiments has led to an unhealthy number of fake MySpace profiles—far too many of which result in lengthy and expensive court cases. In practice, the “joke” ends up being on the taxpayers.
The cases I’ve been seeing follow a predictable pattern:
Step 1: young teen creates a silly fake MySpace profile of a school authority figure.
Step 2: word of the MySpace profile spreads among the teen’s peers, and they have immature laughs.
Step 3: targeted authority figure discovers the fake profile.
Step 4: authority figure overreacts and metes out unnecessarily harsh discipline. Sometimes, the authority figure also sues the teen/parents or brings in the cops.
Step 5: the disciplined student brings a lawsuit for the authority figure’s overreaction.
Step 6: the parties’ lawyers win, but everyone else—the plaintiffs, defendants, and taxpayers—loses.
My opinion is that the world would be a better place if immature fake online profiles weren't created. It’s clear that any regulatory efforts to keep young teens off MySpace hasn’t eliminated this problem, and it’s unrealistic to expect that kids won’t find ways to pull silly stunts like this. Instead, our best hope for a better future rests at Step 4, when the authority figure decides whether to laugh off the fake profile or go on a rampage. Maybe over time school authority figures will be less shocked by fake online profiles and will learn not to take it personally. In an ideal world, authority figures will figure out how to use these immature stunts as a valuable opportunity to teach about online information credibility and the harms of cyberbullying.
When they get to court, judges are struggling with fake online profile cases, as best evidenced by a pair of Third Circuit cases issued on the same day last week. Two different panels reached different conclusions about whether school discipline for an off-campus-created fake MySpace profile violated the student's First Amendment rights (Layshock says yes, J.S. says no in a 2-1 split opinion). Why the difference?
Surprisingly, the two opinions don’t reconcile their outcomes very well. The Layshock case doesn’t acknowledge the J.S. opinion. The J.S. case does acknowledge Layshock, but only in a footnote:
we find the two cases distinguishable. Unlike the instant case, the school district in Layshock did not argue on appeal that there was, under Tinker, a nexus between the student's speech and a substantial disruption of the school environment.… This nexus, under Tinker, is the basis of our holding in the instant case. Rather, the Layshock panel held that the school district failed to establish that a sufficient nexus existed between the student's creation and distribution of the profile and the school district so that the district was permitted to regulate the student's conduct…. That panel also held, under Frazer, that the student's speech could not be considered "on-campus" speech just because it was targeted at the Principal and other members of the school community and it was reasonably foreseeable that school district and Principal would learn about the MySpace profile.
Obviously each case is fact-specific, so the dichotomous conclusions about the on-campus effects might be explained by factual differences in the fake profiles. From my perspective, the differences seemed pretty small, especially because I ignored the more outrageous fact-like claims as typical adolescent hyperbole. Putting aside the profile contents, I’d argue that Layshock’s on-campus effects were greater because: (1) his was just one entry in a series of fake profiles, and (2) the MySpace profiles were accessible on campus, while in contrast the school successfully blocked on-campus MySpace access in the J.S. case. In any case, any on-campus effects may depend on a number of factors out of the student’s control, including how the principal (over)reacts.
In the end, I think the main distinction between the two cases is that the J.S. court indulged its moral condemnation of the student’s poor choices, while the Layshock court kept its outrage in check. Another possible explanation is that the principal's response in Layshock was outrageously punitive—Layshock was diverted into 3 hours/day of special classes for behaviorally disruptive students even though Layshock was a gifted student normally taking AP classes—and applied inconsistently because the students who created the other fake profiles weren’t disciplined at all. Finally, the cases reached the Third Circuit panels in different procedural postures (e.g., Layshock won in district court on the First Amendment issue while J.S. lost in district court), and the respective school districts adopted different litigation strategies that appeared to have different efficacies.
Because the two Third Circuit opinions reach fact-specific outcomes without clearly distinguishing between the two factual circumstances at issue, the Third Circuit’s dichotomous rulings create a lot of uncertainty that will lead to more frequent, longer-lasting and unproductive courts battles over student-created fake online profiles. As a result, these two cases would benefit from an en banc rehearing. Or perhaps the Third Circuit intentionally or unintentionally created a split (an unusual intra-circuit split) to tee this issue up for Supreme Court review.
Some topically related blog posts:
* Principal Loses Lawsuit Against Students and Parents Over Fake MySpace Page--Draker v. Schreiber
* Teenager Busted for Creating Fake "News" Story
* Social Networking Sites and the Law
* Moreno v. Hanford Sentinel, another possibly vindictive principal response to a MySpace posting
Posted by Eric at 09:05 AM | Content Regulation | TrackBack
January 31, 2010
January 2010 Quick Links
By Eric Goldman
Copyright
* An English translation of Google's December loss in France on a Google Book Search lawsuit.
* Ed Felten reports on a survey of files available via BitTorrent. Acknowledging some methodological limits, he estimates ~99% were likely copyright infringing.
* Elsevier B.V. v. UnitedHealth Group, Inc., 2010 WL 150167 (S.D.N.Y. Jan 14, 2010). Denying copyright statutory damages and attorneys' fees to unregistered foreign works is constitutional because the Berne Convention (which Elsevier argued prohibits the statutory formalities) is not self-executing.
* Techdirt: Singapore Court Rules That Online DVR Is Infringing...While Noting How Copyright Law Isn't Really Set Up For This
* Techdirt: If Banning The Internet For Sex Offenders Is Unfair, Is Banning The Internet For Copyright Infringers Fair?
* The Copyright Office issued new regulations on the deposit of online-only works: “The regulation establishes that online–only works are exempt from mandatory deposit until a demand for deposit of copies or phonorecords of such works is issued by the Copyright Office.”
Trademark/Publicity Rights
* American Airlines v. Yahoo settled. Previous coverage:
- Yahoo Subpoenas Expedia in American Airlines Lawsuit
- Fifth Circuit Denies Yahoo's Jurisdictional Appeal in American Airlines Case
- American Airlines v. Yahoo Venue Transfer Denied
- Yahoo Countersues American Airlines for Declaratory Judgment
- American Airlines Sues Yahoo for Selling Keyword Advertising
* Duplicity alert! Rescuecom is in court defending its keyword ads triggered by competitor Best Buy's TMs.
* Bev Stayart sues Yahoo again over publicity rights. My September 2009 blog post on her prior loss against Yahoo.
Pornography
* Clark v. Commonwealth, 2009 WL 5125009 (Ky. App. Ct. Dec. 30, 2009). Upholding a conviction when "Clark knowingly used a computer for the purpose of getting a minor, or a peace officer whom Clark believed was a minor, to take a sexually explicit photograph of herself."
* Am. Booksellers Found. for Free Expression v. Cordray, Slip Opinion No. 2010-Ohio-149 (Jan. 27, 2010). Ohio's Supreme Court partially upholds its state law restricting Internet distribution of harmful to juveniles material to juveniles when the communications are to recipients known or believed to be juveniles.
Spam
* United States v. Zein (E.D. Mich. 2009). Posting an ad on Craigslist constituted a "mass marketing" activity sufficient to trigger a 2 level sentencing enhancement.
* Comcast and e360 settled their lawsuit. Previous blog coverage.
Blogs/Social Networking Sites
* Sieber v. Brownstone Publishing Company, 2007 CA 002549 B (D.C. Superior Ct. Dec. 23, 2009). A building contractor sued Angie's List and other people over consumer reviews. My prior mention of the case. After 2 years of litigation, a DC trial judge dismissed all defendants on summary judgment and awarded one defendant-counterclaimant $18k+. The entire text of the memo opinion:
MEMORANDUM OPINION AND ORDER GRANTING MOTIONS FOR SUMMARY JUDGMENT OF ALL DEFENDANTS, DENYING PLAINTIFFS' MOTIONS FOR SUMMARY JUDGMENT, and GRANTING POOLE'S MOTION FOR SUMMARY JUDGMENT ON HIS COUNTERCLAIM signed by Judge Long, efiled, eserved, and docketed in chambers on December 23, 2009. It is ORDERED that the Motions for Summary Judgment of Brownstone Publishing Co., the Washington Post Company, John Kelly, and John W. Poole are granted; and it is FURTHER ORDERED that the Motions for Summary Judgment filed on behalf of the plaintiffs are denied; and it is FURTHER ORDERED that judgment shall be entered in favor of all defendants against the plaintiffs as to all claims in the Second Amended Complaint; and it is FURTHER ORDERED that judgment shall be entered in favor of defendant Poole and against plaintiff SCS Contracting Group LP as to Poole's Counterclaim against plaintiff SCS Contracting Group for $18,300 plus 6% (six percent) per annum interest, and a separate money judgment for this sum shall be docketed. Court Jacket not in chambers.
* FINRA Regulatory Notice 10-06: Guidance on Blogs and Social Networking Web Sites.
* Duer v. Henderson, 2009-Ohio-6815 (Ohio App. Ct. Dec. 23, 2009). A web publication telling a ghost story and describing the location of purportedly paranormal phenomenon on private property is not liable for any resulting trespass to real property.
* The “moldy tweet” lawsuit was dismissed.
* Two lawsuits holding that bloggers aren't subject to jurisdiction in the plaintiff's home court:
- Silver v. Brown, 2009 WL 5220297 (D. N.M. Nov. 30, 2009).
- Workman Sec. Corp. v. Phillip Roy Financial Services, LLC, 2010 WL 155525 (D. Minn. Jan 11, 2010)
* BBC: France ponders a right-to-forget law.
E-commerce
* Appliance Zone, LLC v. NexTag Inc., No:4-09-cv-0089-SEB-WGH (S.D. Indiana Dec. 22, 2009). Upholding NextTag's clickthrough-formed advertiser agreement. Mehmet Munur’s comments.
* Edward A. Zelinsky, “New York’s 'Amazon Law': Constitutional But Unwise.”
* Largo Cargo v. Google, a new complaint over allegedly mismanaged AdWord bids. This is the latest incarnation of the Almeida case. I think Largo Cargo’s complaint is still a no go.
* The NYT catalogs an impressive roster of futility for US dot coms trying to compete in China.
Miscellaneous
* Gmail will consult the user's prior emails to pick an ad if a particular email doesn't lend itself to a good ad.
* Illustrating the divergence between the open source community and the Wikipedia community, APC reports that 75% of Linux code is now written by paid developers.
* Oddee: 15 Funny Facebook Fails.
* I expect to be in the Netherlands May 23-30. Let me know if you would like to meet up there.
Posted by Eric at 01:19 PM | Content Regulation , Copyright , Derivative Liability , E-Commerce , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Spam , Trademark | TrackBack
January 22, 2010
Google and China: Some General Thoughts
By Eric Goldman
I have deferred blogging on the Google/China imbroglio for a few reasons. First, heavyweights such as Jonathan Zittrain have tracked International online censorship and online security issues more closely than I have. Second, after Google’s provocative blog post, I wanted to see the facts develop rather than rely solely on Google’s assertions. The spin doctors are now moving in, so the useful development of the factual record will be slowing down.
Third, and perhaps most importantly, the Google/China situation is really complex and multi-faceted, and it’s been difficult keeping all of the issues straight. Some issues raised by Google’s announcement include:
* cybersecurity, both corporate and personal
* political and industrial espionage
* suppression of political speech, especially of dissidents
* censorship of search engine results and the likelihood that censorial efforts can succeed on the Internet
* “cyber-imperialism,” i.e., exporting US norms about Internet law to other countries
* economic protectionism and whether US companies compete with local Chinese companies on a level playing field
* geopolitical and trade relationships between two world nuclear superpowers
Heady stuff! It would make a good summer blockbuster movie.
Although most folks have lauded Google for its principled stand against China’s censorship, I’m not 100% clear that Google’s decision is entirely selfless. First, as has been noted frequently, Google has not been making inroads against local search leader Baidu. Further, the deck may be stacked against Google in changing that situation, due perhaps to economic protectionism from the Chinese government. Second, in a point that has gotten less attention, some members of Congress (most notably Rep. Christopher Smith) have repeatedly jawboned Google and other Internet companies to curtail their support of the Chinese government (see, e.g., the Global Online Freedom Act). Google might have rationally concluded that voluntarily cutting China loose could abate Congress’ interest in regulating its international operations, which might ultimately avoid profit-degrading domestic regulations.
On that point, I fear that we may hold duplicitous expectations when US Internet companies go global. If a US Internet company wants to successfully compete in a foreign market, it must open a local office and build a localized versions of their services reflecting local legal requirements. Inevitably, these localized versions will be more speech restrictive than the US version of the service. Foreign laws don’t have the First Amendment, 47 USC 230 or (in most cases) even a weak safe harbor like 17 USC 512, plus local cultural norms may tolerate unpopular speech less than we do. So what should a US service provider do when trying to expand internationally? It has a few options, none of them particularly attractive:
* It can skip unreasonably censorious markets altogether, like Google proposes to do in China.
* It can comply with local laws, even though that runs counter to US laws and norms.
* It can ignore local laws, which is typically not a successful plan. In extreme cases, it can lead to local company executives going to jail.
* It can try to change the local country’s laws to be more like ours, either through direct advocacy or by asking the US government to pressure the local government. We routinely use trade negotiations to do this; for example, we have successfully exported our copyright laws this way. But countries usually aren’t thrilled to have the US tell them what their laws should be.
Now, I don’t support China’s efforts to censor search results or suppress political dissent. I understand the arguments that free speech is such a basic human right, like freedom from torture, that we simply won’t tolerate any other local choice. However, we already implicitly accept that Internet companies routinely engage in some types of legally compelled or motivated speech restrictions in other countries when they localize their services—perhaps not to the degree exercised by China, but nevertheless more than we would allow in the US. (I note that China might factually dispute this claim because it claims to have an “open” Internet, although the reports I’ve seen suggest this claim is embarrassingly disingenuous). I recognize that I’m making a slippery slope argument about what government-mandated censorship we’ll tolerate from US Internet companies, but I think we should acknowledge the slippery slope before we categorically reject search engines’ efforts to comply with China’s rules.
If Google ultimately exits China, it would leave Baidu as the search engine market kingpin. This raises another issue I haven’t seen fully discussed. I’m going to assume for a moment that Google is a superior search engine to Baidu. (I’ve never used Baidu, so I have never actually compared the two). Knocking Google out of the Chinese market does two things. First, per my assumption, it takes the better information resource away from Chinese consumers. Second, by reducing competitive pressures on Baidu, quasi-monopolist Baidu is more likely to reduce R&D and service improvements.
If my predicate assumptions are correct, in the long run US consumers will have a consistently superior search tool compared to Chinese consumers. (I also assume China will keep interfering with Chinese consumers’ access to Google.com and that superior market entrants won’t overtake Baidu). Over time, China may hinder its overall long-term global competitiveness due to an inferior information infrastructure. Perhaps this assertion is overly stylized, but I think effective information resources—such as good search engines—are necessary to maintain healthy economic markets and to enable cutting-edge R&D. Thus, the Chinese government should view losing Google as a Chinese search engine competitor as a long-term detriment.
One final procedural point. Google sparked a global verbal spat between two nuclear superpowers through a single blog post. Talk about the power of blogging! Google’s decision to post a confrontational blog post may have helped get the US administration on board but simultaneously reduced Google’s ability to negotiate with the Chinese government. I’m no expert in diplomacy or Chinese cultural norms, but my reading of Google’s post is that its double-barreled accusations of government-sponsored hacking (which Google has not conclusively proved) and censorship left the Chinese government with few options to save face. Thus, Google effectively forced the Chinese government to take a hard line and reject most proposed compromises. I trust Google knew what it was doing and decided that was the right course of action, but in my opinion Google’s approach has pre-determined the final outcome.
Posted by Eric at 11:58 AM | Content Regulation , Search Engines | TrackBack
January 18, 2010
File Names Can Help Predict File Content in Child Porn Prosecution--US v. Beatty
By Eric Goldman
United States v. Beatty, 2009 WL 5220643 (W.D. Pa. Dec. 31, 2009)
This is a child porn prosecution. Using Phex P2P software, an undercover investigator accessed the Gnutella network and conducted searches using search terms known to be used by child pornographers. The investigator identified IP address 76.188.64.82 with 11 files with troubling titles such as:
* r@ygold-pedo-13yo brother fucks 11yo sister and sperm inside 61943812.mpg
* (Pthc) 14yo Isabel-(Rape and Fuck) (R@ygold).mpg
* Little young girl hardfucked by me-7 yrs R@ygold illegal pedo sex.mpg
* (Hussyfan) (pthc) (r@ygold ) (babyshivid) Jessica 11y o get fucktgood.mpg
The investigator then matched hash tag fingerprints of the 11 files with child porn files in a database maintained by the Wyoming Internet Crimes Against Children (ICAC) Task Force. Subsequently, the investigator connected Beatty to the IP address. Based on this information, the government got a search warrant for Beatty's home, found hundreds of incriminating files on his home computer, and got incriminating statements in an interview.
Beatty challenged the government's right to search his home computer. The judge and the litigants agree that the government can legally conduct remote warrantless searches of P2P share directories, but the government apparently argued that they were free by extension to look through Beatty's entire computer. The judge rejected such a broad position, saying:
even if the Defendant suffered no Fourth Amendment intrusion by virtue of Trooper Pearson's conduct in remotely accessing certain shared computer files, the Defendant nevertheless retained a reasonable expectation of privacy in his computer and his home such that he possesses "standing" to challenge the merits of the subject search
This shifts the inquiry to the officers' probable cause for the warrant. Apparently, the investigator did not download the files to review them or attach the files as evidence when requesting the search warrant. I'm not sure why the investigator didn't do either step other than to avoid the toxicity of child porn generally. As a result, Beatty challenged the warrant because the warrant-approving magistrate did not see the files directly or get an affidavit from the investigator stating what he saw in the files. However, the magistrate did have the file names and the matching hash tags. Beatty challenged both.
The judge and the litigants agree that file names do not dispositively predict the actual file's content. As we know, file names can be inaccurate for a variety of reasons: plain error, semantic ambiguity, an effort to surreptitiously install malware, and as a way of increasing the content's perceived illicit value (see, e.g., the discussion in the uncited Perfect 10 v. ccBill case about websites with names like "illegal.net" and "stolencelebritypics.com"). The court correctly concludes that "common knowledge dictates that actual file content cannot be definitively determined from the file name alone."
Nevertheless, the court says that file names have some predictive value:
one can also envision circumstances where the file name is so explicit and detailed in its description as to permit at least a reasonable inference as to what the actual file is likely to show. Many, if not most, of the files at issue here had titles that contained highly graphic references to specific sexual acts-including ejaculation, sexual intercourse, oral sex, and anal sex-involving children ranging in age from 7 to 13 years. Several of the files also reference terms such as "child_sex," "pedofilia," "illegal pedo sex," "incest," or "Lolita." The unmistakable inference which arises from such highly descriptive file names, is that the content includes material pertaining to the sexual exploitation of children-i.e., evidence of criminal activity, if not outright contraband. Given the number of files in question and the pointed references in their titles to specific sexual acts involving young children-described in the most coarse and vulgar terms, this inference is a strong one.
I'm reminded of the admonishments that airport security is not a joking matter, so don't make jokes about having a bomb while going through the airport security line. (I've seen a few airports, including the New Orleans airport, post reminders about this). Similarly, child porn is so toxic that no one in their right mind would falsely use a file title suggesting the file is child porn.
The judge also credits the file titles because accurate file titles enable searches by others. So, if you want to distribute child porn in a searchable way (a seemingly illogical proposition because, as this case illustrates, doing so puts you on a fast track to Club Fed), then you need to use keywords that match search terms. The court says:
As a matter of common sense, the very fact that individuals utilize search terms with P2P software to produce results (i.e., file names ) consistent with their chosen search terms suggests a substantial degree of correlation between file names and file content; if file names were, as a general rule, completely random and bearing no relation whatsoever to their content, then there would be no point in conducting a search in the first place and the whole purpose of peer-to-peer file sharing would be frustrated because there would be no meaningful method for locating the sought-after file content.
I agree with this only superficially. It's true that searchable metadata must have some relationship to the underlying content to make a successful match, but community outsiders might think the metadata looks inaccurate or even completely random. Consider how Napster users used alternative spellings to route around the court-ordered blocks on various names. Now, go one step further: if a group of Napster users agree (in an offsite discussion forum) to tag Britney Spears' songs using "Lolita" (a not wholly inappropriate appellation given some of the videos she made before the age of majority), then a block on searches for "Britney Spears" will eliminate an obvious matchmaking route but will fail to stop matchmaking completely. Indeed, subcommunities can develop multiple synonyms that are opaque to outsiders. For more on this, look at the Urban Dictionary to see how slang can have multiple meanings, and note my article on how a single search term can have dozens of possible meanings. As a result, the search matchmaking process may be more complicated--and the value of "accurate" file descriptors is lower--than the court contemplates.
In any case, it wasn't clear how much traction Beatty expected from reducing the predictive value of file names. Ultimately, the search warrant was issued based on the combination of the file names with the fingerprint matches. It's not like the investigator or the judge had no idea what the files might contain--they had a hash value fingerprint matching a known child porn file. (Beatty unsuccessfully argued that the underlying fingerprinted files should not be credited as known child porn ) Then again, there is no reason why law enforcement isn't routinely preserving copies of suspect files they think are child porn and describing the file contents (or submitting the files) when seeking search warrants, easy steps that would have largely mooted Beatty's challenges.
Posted by Eric at 10:23 AM | Content Regulation , Internet History , Privacy/Security , Search Engines | TrackBack
January 11, 2010
Top Cyberlaw Developments of 2009 (Eric's List)
By Eric Goldman
Guest blogger John Ottaviani recently dropped by to offer his perspectives on 2009’s top Cyberlaw developments. While I like his list a lot, I independently developed my own top 10 list that has a different emphasis. You might enjoy the contrasts. My list:
#10: Louis Vuitton v. Akanoc. After the judge ordered a web host to stand trial, a jury awarded the trademark owner $32 million due to the web host’s contributions to trademark infringement by its customers. This case stands out for the big damages award and as a rare example where an online provider was held liable under a contributory trademark liability theory. Many trademark practitioners are scratching their heads trying to figure out the import of this case, however. Does this case represent a dangerous new frontier of online liability? Was this a bad jury verdict fueled by poor defense lawyering? Or was this an appropriate outcome because the web host actually engaged in bad behavior that distinguishes it from most “legitimate” web hosts? 2010 may help us understand if this case is part of a new trend or an aberration.
#9: Gordon v. Virtumundo. We’ve seen a lot of silly anti-spam litigation, including the emergence of an entirely new group of entrepreneurs called “spam litigation entrepreneurs” who try to make a living on anti-spam lawsuits. These folks have a true love-hate relationship with spam; they hate it so much that they devote their lives to fighting it, but they love getting spam because each one is a potential revenue source. In general, judges hate spam a lot too, so over the years we have seen a number of doctrinally unsupportable results where judges bent the law to make sure spammers lost.
However, the judicial pendulum has swung in the opposite direction, and in Gordon v. Virtumundo, the Ninth Circuit destroyed a serial anti-spam plaintiff’s entrepreneurial business in a doctrinally questionable but strongly worded opinion. In short order, a number of other spam litigation entrepreneurs have seen their lawsuits shut down with emphasis. Due to this ruling, the era of anti-spammers partying in courts may be on the wane.
#8: Zango v. Kaspersky. The question raised in this issue is simple to state but hard to answer: who should decide what constitutes spam, spyware or a virus? Vendors of software designed to curb these threats would like unfettered discretion to make their classifications; businesses who are classified as a threat would like judges to overturn adverse decisions. As it turns out, in a relatively obscure provision (47 USC 230(c)(2)), in 1996 Congress said that software vendors get to make classifications decisions and unhappy businesses can’t complain about them. In June, the Ninth Circuit upheld Kaspersky’s decision to classify Zango’s software as a threat and rejected Zango’s efforts to take the classification decision out of Kaspersky’s hands. This ruling gives enormous freedom to vendors of anti-spam/anti-spyware/anti-virus software to do their best to keep us safe.
#7: Columbia Pictures v. Fung. This case came out just before the Christmas holiday, so it got lost in the holiday hoopla a bit, but it’s a case of potentially significant import. First, it held that the specific torrent sites at issue induced copyright infringement. Second, the court denied the torrent sites’ eligibility for the DMCA online safe harbors. In part, the court said that an inducing website was categorically disqualified from the DMCA online safe harbors. Like the Akanoc case, it’s not entirely clear if this result was a legal aberration or an appropriate reaction to the defendants’ poor choices. Either way, it is possible that more “legitimate” websites may change their behavior to minimize their exposure based on the legal precedents in this case. If they do, this case could have a major impact on UGC websites.
#6: Lori Drew’s acquittal. Megan Maier’s suicide remains a heartbreaking tragedy, but unfortunately, overzealous prosecutors compounded the tragedy by prosecuting Lori Drew using bogus legal doctrines. The tragic facts got a jury to convict Drew of some misdemeanor crimes. Fortunately, the judge recognized the legal errors of the prosecution’s theory and the jury’s conclusions and granted Drew an acquittal despite the jury findings. The judge finally got to the right result as a matter of Cyberlaw, but the case remains a chilling testament to prosecutorial power.
#5: Harris v. Blockbuster. The rule is really clear. Service providers can't amend online user agreements in the provider’s sole discretion without notice. As the Ninth Circuit informed us in 2007, those contracts don’t fare well in court. So although these provisions are in just about every online user agreement, they don’t work--as Blockbuster found out the hard way.
As part of the litigation detritus from the Facebook Beacon experiment, users sued Blockbuster for sharing their rental transactions with Facebook and all of their friends, allegedly in violation of the Video Privacy Protection Act. Blockbuster tried to bust the class action by invoking the contract’s arbitration clause. Instead, because Blockbuster had the impermissible amendment provision in its user agreement, the court said the contract was illusory and refused to send the case to arbitration.
This case should signal the end of the ridiculous amendment clauses. We’ll see how long it takes the lawyers to give the provisions up.
#4: Battles Over the First Sale Doctrine. We have seen numerous legal battles this year over the First Sale defenses in both copyright and trademark law.
Copyright owners try to engage in price discrimination by carving up the world into geographic territories with different prices for the same product. If they can use copyright law to keep the cheap products from entering the other geographic market, this keeps the product from effectively price-competing with itself.
This year, two cases involved European textbooks which were functionally equivalent to the textbooks being sold in the United States at higher prices. Entrepreneurs were buying the cheap European texts, shipping them to the US and then selling them online. The entrepreneurs invoked the First Sale doctrine, which says that copyright law can’t prohibit the legitimate purchaser of a tangible copyrighted item from reselling the item to whomever they want at whatever price they want.
However, copyright law has another provision that allows copyright owners to block the importation of copyrighted works into the United States. In the 1998 Quality King case, the US Supreme Court said that the First Sale doctrine trumped the importation right when the goods were manufactured in the US, sold overseas, and then imported back to the US. However, in Pearson v. Liu and John Wiley & Sons v. Kirtsaeng, the judges said that the importation right trumps the First Sale doctrine when the goods were initially manufactured overseas. This issue is ripe for further adjudication, though. A similar importation case, Costco v. Omega, is pending before the US Supreme Court, which is deciding whether or not it wants to hear the case. If it does, we may get clearer instructions about the interplay between the First Sale doctrine and the copyright importation right.
Copyright’s First Sale doctrine was also at issue in Vernor v. Autodesk, where the purchaser of a software disk wanted to resell the disk on eBay despite restrictions in the software licensing agreement barring such resales. The court held that the First Sale doctrine applied and allowed the resale. There are other cases percolating through the court system involving the resale of tangible media contained copyrighted material despite contractual restrictions on resale, so this issue remains a hot one.
Trademark owners also try to prevent competition with their products that leak out of their official channels of distribution. eBay has been the site of a couple battles over the First Sale doctrine in trademark law. In Mary Kay v. Weber, the court held that the trademark First Sale doctrine may not permit the eBay resale of expired cosmetics by a Mary Kay independent beauty consultant. In Beltronics v. Midwest, a trademark owner shut down the eBay resale of radar detectors that had leaked out of the manufacturer’s channel and were being sold (at a cheaper price) without the manufacturer’s warranty.
Clearly, the First Sale doctrine matters a lot to eBay and other consumer-to-consumer e-commerce websites. With a possible pending Supreme Court case and lots of IP owners looking to stifle competition from goods they have already profited from, expect the First Sale doctrines to get lots of attention in 2010.
#3: 47 USC 230. In my opinion, 47 USC 230 is the most important Cyberlaw statute, so new 230 developments will make my top 10 list for the foreseeable future. This year, there were three federal appellate court rulings interpreting 47 USC 230(c)(1):
* in Barnes v. Yahoo, the Ninth Circuit held that 230 protected a website’s negligent delay in removing user content. However, if the website had promised removal to the user, the user could have a viable claim for promissory estoppel that would not be preempted by 230.
* in FTC v. Accusearch, the Tenth Circuit held that a website’s resale of pretexted phone records—even if those records were supplied by third party suppliers—did not qualify for 47 USC 230 protection because of their illegality.
* in Nemet Chevrolet v. ConsumerAffairs.com, the Fourth Circuit held that a consumer review website was not liable for user-supplied reviews, even when the website worked with the user to submit the review, and despite the plaintiff’s unsubstantiated claims that the website had fabricated the reviews itself.
Really, the big 47 USC 230 news in 2009 is the absence of big news. Specifically, 2009 reinforced that the Ninth Circuit’s 2008 Roommates.com decision—one of the most significant defense losses under 47 USC 230—did not rip open a major hole in the statutory protection of websites. Of the 13 cases that I have seen that have cited the Roommates.com en banc opinion, eleven have cited the case in favor of the defense. (See the list here). The two exceptions are the Accusearch case, mentioned above, and the New England Patriots’ lawsuit against StubHub over season ticket resales, an odd opinion that may not have much influence. Therefore, despite our fears about Roommates.com, the 47 USC 230 immunity remained healthy and vibrant in 2009. For more on this topic, see my special recap of 47 USC 230's year-in-review for 2009.
#2: Keyword Advertising Battles. Keyword advertising battles are another perennial topic on these year-in-review lists. A multi-billion dollar a year industry has sprung up around the sale of keyword-triggered advertising, including some keywords that may be third party trademarks, and trademark owners don’t like it at all. This has led to a multi-front battle between trademark owners, keyword advertising sellers (such as Google), and keyword advertising buyers.
One of the biggest Cyberlaw cases of the year was the Second Circuit’s ruling in Rescuecom v. Google. In the district court in 2006, Google won an easy victory against a trademark owner because the court said that Google did not make the requisite “use in commerce” of the trademark. The Second Circuit reversed the district court, sending the case back for further proceedings. The reversal does not ensure Google’s defeat; Google will now litigate other legal doctrines and might very well win on one of those. However, the Second Circuit’s opinion largely spells the end of any “use in commerce” defense by either keyword advertising sellers or buyers.
Because of the “use in commerce” defense’s demise, keyword advertising cases will now likely turn on whether the advertisements create a likelihood of consumer confusion. One case, Hearts on Fire v. Blue Nile, offered up a new and complicated test for gauging consumer confusion. If other courts adopt this test, keyword advertising cases will get even more expensive and complicated—highlighting how important it was that the Rescuecom case eliminated an easy way to end these lawsuits early.
Meanwhile, despite the fact that keyword advertising battles have been taking place for at least a decade, we have not heard what a jury thinks about the practice—until the November jury ruling in Fair Isaac v. Experian. In that case, the jury found for the defense that the keyword-triggered ads did not create the requisite likelihood of consumer confusion. It remains to be seen if other juries reach the same conclusion. If they do, keyword advertising lawsuits should slowly fade away over time because the trademark owners can’t win in the end.
As for now, keyword litigation is going strong and hardly fading away. In Spring, Google made two changes to its trademark policies where it voluntarily agrees to take down certain types of ads at the trademark owner’s request. In May, Google extended its more liberal US-based policy to nearly 200 other countries, replacing the more restrictive policies it had in place there. Shortly thereafter, Google modified its US policy to do less for trademark owners in situations involving product resales, review websites and sales of complementary/replacement parts. Trademark owners were none too pleased with these changes. In response to these changes and the door opened by the Second Circuit Rescuecom decision, Google got hit with about a dozen new lawsuits, including some class action lawsuits, of which I believe 10 are currently still active.
Finally, all of the wrangling in court and over voluntary trademark policies could be mooted by legislative action, and for the third time, the Utah state legislature considered resolving the keyword advertising issue itself. A law regulating keyword advertising passed the Utah house but died in the Utah senate. Expect the pro-regulatory forces to round up the troops for a fourth try in 2010.
#1: FTC Endorsement Guidelines for Bloggers. The Obama administration has breathed new life into a pro-regulatory FTC, and the FTC sure is interested in all things Internet. The FTC has been nosing around Internet privacy and Internet marketing practices pretty carefully, and I expect 2010 to bring more FTC pronouncements designed to tackle the Internet.
But nothing stirred up a hornet’s nest of confusion and anger in 2009 like the FTC’s Endorsement and Testimonials Guidelines. I think it’s fair to say that the FTC’s guidelines rollout was a complete failure. As usual, the FTC’s guidelines were mealy-mouthed and filled with conditional statements (the FTC hates to lay out bright line rules that might constrain their future discretion). However, the FTC’s general gist was clear: bloggers should disclose when they receive financial or other consideration for their blog posts.
Unfortunately, this general principle leaves open some fairly fundamental questions, like when is disclosure required in situations less clear than straight cash-for-posting, and where should disclosure be made, especially in space-constrained media like Twitter. Needless to say, unhappy bloggers can be very noisy, so blogger response to the FTC’s announcement was loud and vituperative. The FTC tried to backpedal a little by saying that it did not intend to pursue individual bloggers, but this announcement only reinforced that bloggers do not understand what the FTC wants from them.
Meanwhile, the FTC’s proposed guidelines also took an interesting position about an advertiser’s liability for rogue blogger’s posts. This position is generally consistent with government enforcement agencies’ views that commercial players can be legally responsible for content they endorse or link to (see, e.g., my comments on the SEC’s liability-for-linking policy), but this position runs directly contrary to 47 USC 230’s provisions that say A isn’t liable for B’s online content. As a result, I believe that part of the FTC’s proposed guidelines violate 47 USC 230 and would not survive a court challenge.
Overall, the firestorm over the FTC’s Endorsement and Testimonials guidelines is a small part of a larger effort to regulatorily separate advertising from content. The Internet has collapsed those distinctions, perhaps irreparably, so regulators may be trying to accomplish the impossible. Nevertheless, the FTC seems determined to prop up the distinction, and I expect 2010 will bring more FTC efforts on this front.
* * * * *
While that concludes my top 10 list, there were a number of other interesting developments in 2009 that are worth a brief note:
* Moreno v. Hanford Sentinel. A woman trashed her hometown in an obscure but public MySpace posting and learned there is no “do-over” for Internet content publication. My vote for the most factually interesting Cyberlaw case of 2009.
* Google’s keyword metatag announcement. Courts generally treat the inclusion of third party trademarks in keyword metatags as per se trademark infringement. But Google has confirmed that it ignores keyword metatags. Will courts get the message?
* Google Book Search settlement. If the Google Book Search settlement ever gets approved, it may reshape the book industry, redefine libraries, and make all kinds of other socially significant changes. But the list of opponents to the settlement is long and growing. Professor James Grimmelmann of New York Law School is our community’s maven for all things “GBS.”
* Kindle book deletion. The Kindle store sold e-books it didn’t have the right to sell, so it took them back. Users learned of a key factual difference between physical books and e-books—the vendor can remotely make e-books go poof.
* States’ efforts to impose sales tax efforts based on marketing affiliates. For years, states have been looking for ways to make online retailers collect sales tax for them. They are generally stopped by Supreme Court precedent, but in 2008 New York finally figured out a workaround. The New York statute said that marketing affiliates were like traveling salespeople and thus created the physical nexus required for a state to impose sales tax collection obligations. The New York statute survived its first legal challenge, which opened the floodgates of other states passing similar laws hoping to get their piece of the action. Meanwhile, online retailers aren’t just rolling over; instead, they are threatening to cut off (or actually cutting off) marketing affiliates in states that enact these laws—thus potentially costing the states income tax from the marketing affiliates’ revenue, and creating the potential for the entire affiliate industry to be torn apart.
* Maine kids privacy law. Maine thought it could pass a law banning marketing to kids. It was wrong. The state had to withdraw the law and go back to the drawing board.
* UMG v. Veoh. Veoh won another nice DMCA online safe harbor victory.
* US v. Kilbride. The Ninth Circuit says that online obscenity prosecutions need to evaluate national attitudes towards obscene content, not local community standards.
* Kentucky domain name seizure. Kentucky tried to grab 141 domain names that enabled Kentucky residents to engage in illegal gambling. But those domain names also serviced customers for whom the gambling was completely legal, so the Kentucky courts are rethinking the grab.
* FTC v. Sears. As another example of the new pro-regulatory winds blowing through the FTC, the FTC cracked down on Sears for installing spyware on users’ computers that looked at the users’ hard drives, even though Sears paid the users for the installation and disclosed the spyware’s snooping in the user agreement (though in an inconspicuous manner). This case has made a lot of lawyers concerned that adverse disclosures in user agreements won’t satisfy the FTC.
* Facebook the Drama Queen. Ah, Facebook. Love it. Hate it. Facebook is a pretty nifty site and part of my daily routine, but boy, they sure do have a knack for stirring up trouble.
- In February, they made a relatively modest change to their user agreement that caused people to freak out.
- In response to this, Facebook took the provocative step towards user self-governance. Facebook let users vote on some choices and promised to be bound by the results, but with an asterisk: Facebook decided what options users could vote on, and Facebook would honor those choices only if a prohibitively large number of users exercised their franchise. Still, it was a nice gesture towards cyberspace community self-governance.
- In summer, they tried to settle their Beacon litigation, but that also reminded folks of how much Beacon irritated them in the first place.
- Summer also brought allegations of click fraud on Facebook, and lawsuits followed.
- Finally, in Thanksgiving, Facebook rolled out some changes to its privacy options that it pitched as giving users more choices, but it also took away some choices and defaulted users into some options that surprised them.
Given this track record, is it unrealistic to expect more Facebook drama in 2010?
* Estavillo v. Sony. Speaking of self-governance, virtual world enthusiasts would love to establish the legal proposition that virtual worlds are legally equivalent to governments and therefore obligated to restrain their actions just like governments are. One virtual world enthusiast sued Sony for kicking him off the network, claiming that Sony was legally governed as a “company town” and therefore lacked the discretion to kick him off. WRONG (and it wasn’t even close).
* Wikipedia's policy change. In August, the English-language Wikipedia announced that it was going to tighten up its editorial policies, and people Freaked Out. (In fact, I have predicted that Wikipedia cannot avoid increased editorial restrictions over time, so this change should not have been surprising). However, it turns out that everyone got it wrong, and Wikipedia’s editorial changes are far less dramatic (and consequential) than initially reported. I will post a separate recap on Wikipedia shortly.
If you would like a stroll down memory lane, you can see my previous top 10 lists from 2008, 2007 and 2006. Before that, John Ottaviani and I put together a list of top Internet IP cases for 2005, 2004 and 2003.
Posted by Eric at 10:46 AM | Content Regulation , Copyright , Derivative Liability , Domain Names , E-Commerce , Internet History , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Spam , Trademark , Virtual Worlds | TrackBack
December 27, 2009
November-December 2009 Quick Links, Part 2
By Eric Goldman
Copyright
* Want Ad Digest Inc. v. Display Advertising Inc. (N.D.N.Y. Sept. 3, 2009). A classified ads publisher wants to stop a competitor from republishing its classified ads. The court said that advertisers, not the publisher, generally own the copyrights to each individual ad, but the publisher claimed it had edited those ads sufficient to claim a copyright interest in them as well. This factual allegation prevented summary judgment. The publisher also claimed a compilation copyright based on the organization of individual ads into various headings and subheadings. The court said that the placement of ads within headings and the headings themselves weren't protectable. The organization of subheadings might support a compilation copyright, but the republisher didn't use the same organization and therefore didn't violate any compilation copyright. A little known fact: one of my key summer associate projects in 1993 was to analyze republication of classified ads. Note to my assigning attorney: it may be 16 years later, but I think I got my analysis right!
* Moberg v. 33T LLC, 08-625(NLH) (D. Del. Oct. 6, 2009). Publication of a photo on a German website does not constitute "publication" in the United States sufficient to require the copyright owner to register the photo before suing for copyright infringement in a US court.
* Sony v. Tenenbaum. Downloading copyrighted works via peer to peer software isn't fair use (something we already knew from BMG v. Gonzalez), but it might have been a closer call with a better litigation strategy by the defense.
* Rebecca on EsNtion Records v. TritonTM, an impressive copyright infringement and 1202 defense win.
Virtual Worlds
* The FTC thinks virtual worlds should clean up their act to keep kids away from online porn.
* GameSpot: Estavillo has appealed his loss in the Sony case and expanded his litigation to Microsoft and Nintendo.
* Prof. Miriam Cherry on employment law issues in virtual worlds.
Defamation
* Marine Pile Drivers, LLC v. East Coast Marine Pile Drivers, LLC, 2009 WL 3753526 (W.D. La. Nov. 9, 2009). Allegedly defamatory blog post gives rise to jurisdiction in the plaintiff's home court.
* Salyer v. The Southern Poverty Law Center, Inc., 2009 WL 4758736 (W.D. Ky. Dec. 7, 2009). The CMLP page. Subsequently linking to and referencing an allegedly defamatory online article does not reset the statute of limitations under the single publication rule.
* Colette Vogele put together an excellent presentation discussing plaintiff-side considerations when pursuing anonymous posters.
Miscellaneous
* The Feds dropped their appeal in the Lori Drew case, finally bringing to an end a case that never should have been brought.
* The FTC and other agencies have promulgated model Gramm-Leach-Bliley privacy policies. Five years in the making and battled tested by consumers. The instructions are pretty specific about font size, font color, page orientation, etc. Although the tabular format should make scanning the notices easier, it will be interesting to see if these notices actually do a better job than the current notices on any dimension that matters.
* LA Times: An in-depth look at Facebook's “judicial system.”
Posted by Eric at 08:41 AM | Content Regulation , Copyright , Privacy/Security , Virtual Worlds | TrackBack
December 18, 2009
Top Cyberlaw Developments of 2009
(Thanks to Eric for letting me post this list here!)
[Eric's note: some of you may recall John, a regular blog guest contributor from 2005-07. It's great to have another contribution from him.]
Eric will post his own list later, but I thought we could start off the holiday season with one person’s view of the top Cyberlaw developments of 2009. It was an interesting year. While intellectual property issues continue to dominate, and we continue to see plaintiffs and their attorneys running smack into Section 230 of the Communications Decency Act, we’ve also seen developments in the areas of Constitutional law, criminal law, and state and federal regulation. So, let’s recap 2009. Unlike David Letterman’s lists, this list is in no particular order of importance.
1. File Sharing Decisions.
After years of lawsuits against file sharers, we finally have two trial decisions. Both held against the peer-to-peer file sharers. Jammie Thomas managed to turn a 2007 verdict of $222,000 (which was later thrown out due to a mistrial) into a 2009 verdict of $1.29 Million. Her motion to reduce the award is pending.
Joel Tenenbaum received more favorable treatment and was subjected to only a $675,000 jury verdict after he admitted liability and his fair use defense was rejected by Judge Gertner. His motion to appeal/reduce the award is due to be filed in early January. Judge Gertner wrote a compelling decision urging Congress to modify the strict liability consequences of new technologies such as peer-to -peer file sharing. In her decision rejecting the fair use defense, Judge Gertner implored Congress “to amend the [Copyright Act] to reflect the realities of file sharing. There is something wrong with a law that routinely threatens teenagers and students with astronomical penalties for an activity whose implications they may not have fully understood. The injury to the copyright holder may be real, and even substantial, but, under the statute, the record companies do not even have to prove actual damages.” We’ll see if Congress listens.
2. Rise of Copyright First Sale Doctrine.
There were several decisions that turned on applications of the copyright “first sale” doctrine to new online situations. Section 209(a) of the Copyright Act permits the owner of a lawfully made copy of a work to sell or dispose of that copy without the consent of the copyright owner.
We also had two cases (John Wiley & Sons; Pearson Education v. Liu) dealing with the importation of copyrighted works (mostly textbooks) printed abroad and then imported into the United States for sale. Two courts said these transactions are not protected by the first sale doctrine because of the importation provision in Section 602. The courts so far have been following dicta in the Supreme Court’s 1998 Quality King case that goods manufactured overseas and then imported are not protected by the first sale right, despite their reluctance to do so. We may get a resolution of this issue in 2010. The U.S. Supreme Court has invited the Solicitor General to file a brief in the Costco Wholesale Corporation v. Omega, which is on a petition for certiorari to the Ninth Circuit Court of Appeals.
A third entry is Apple v. Psystar. Psystar specialized in creating copies of Apple’s Macintosh OS-X operating System and loading them onto Mac “clones.” The court rejected the first-sale doctrine defense because Psystar’s copies of the Macintosh OS-X operating system were not “lawfully made” within the meaning of Section 109. The parties subsequently settled all claims except for copyright infringement, and Apple obtained a permanent injunction against Psystar.
3. Demise of “Use in Commerce” Defense in Keyword Cases.
In Rescuecom v. Google, the Second Circuit reversed the district court and said that Google’s sale of trademarked keywords as ad triggers constitute a “use in commerce.” This probably is the end of the “use in commerce” defense in keyword advertising cases, which will now turn more on likelihood of confusion (or initial interest confusion) factors.
4. Internet Gambling.
Internet gambling continues to be regulated by a tangle of federal laws ill-adapted for the purpose. Some of the laws date back to the 1961 adoption of the federal Wire Act. This is an areas where Congress should really clean things up, especially with criminal liability sometimes at stake.
Proponents of online gambling took a couple of hits in 2009. In Interactive Media Entertainment and Gaming Association v. Holder, the Third Circuit upheld challenges to the Unlawful Intent Gambling Enforcement Act (UIGEA) on Constitutional grounds. The UIGEA does not prohibit Internet gambling, but does prohibit gambling businesses from accepting financial payments in connection with bets that are illegal under any federal or state law. (This Act has effectively forced legitimate offshore gambling sites to stop taking bets from the United States). The Third Circuit held that the phrase “unlawful Internet gambling” is not vague, and that there is no Constitutionally protected privacy right to gamble in one’s home.
Earlier in the year, the Department of Justice ordered four banks to freeze over $34 million in payments owed to about 27,000 poker players. Although the legality of online poker in the United States is a gray area, the DOJ takes the position that online poker games are prohibited by the federal Wire Act. The DOJ position runs counter to several court decisions that have refused to apply the Wire Act to non-sports related Internet gambling. After the funds were seized, the affected poker sites reportedly reimbursed the players the money that was seized.
5. State Attempts to Regulate the Internet.
This trend, a favorite target of Eric’s ire, continued in 2009. Some more notable attempts include Maine’s passage of a little COPPA Act, banning the use of personal information about minors for marketing purposes (which the Maine Attorney General then refused to enforce), Kentucky’s seizing of domain names associated with alleged gambling websites (the legality of which is pending before the Kentucky Supreme Court), and Utah and other state’s attempts to put sex offender information online or require sex offenders to register websites to which they belong and their passwords.
6. Attempts to Criminalize Breaches of Terms of Use.
Lori Drew created a fake MySpace profile to humiliate a 13-year-old neighbor girl and was subsequently blamed for the girl’s suicide death. Drew was convicted of three misdemeanor counts of unauthorized access to computers under the federal Computer Fraud and Abuse Act for violating MySpace’s terms of service. In United States v. Drew, the court dismissed Lori Drew’s conviction, concluding that MySpace’s terms of service were Constitutionally vague. The result is not surprising, because terms of service are not generally written with criminal prosecution in mind. The MySpace terms at issue prohibited a wide variety of conduct but did not explain what activities would make a user’s access “unauthorized”. The user’s conduct was reprehensible, but not criminal.
7. Online Endorsements.
In October, for the first time since 1980, the Federal Trade commission updated its guidelines for advertisers on how to keep their endorsements and testimonial advertisements in line with the FTC laws. The new guidelines explicitly target online endorsements by bloggers and others who receive cash or in-kind payments to review a product. Bloggers who make an endorsement must disclose the material connections they share with the seller of the product or service. While the new guidelines caused a stir among bloggers, they seem to be a reasonable extension of the FTC’s disclosure guidelines in other contexts
8. DMCA Take-Down Notices.
In UMG Recordings v. Veoh Networks, we received some further guidance on what constitutes a proper take-down notice. Here, the court said the copyright owner has the burden of identifying “potentially infringing materials.” A letter merely listing recording artists whose works were allegedly infringing did not give the Internet Service Provider actual knowledge of infringement because the letter does not comply with the DMCA requirements. The court also said that the ISP was not on general notice of copyright infringement just because the website allows users to post music files, which are frequently infringing content.
9. Section 230 of the Communications Decency Act.
There are too many cases to list here, and I am sure Eric has done (or will do) his own exhaustive compilation. The courts clearly expanded the scope of the Section 230 defense in various Craigslist cases (no liability for advertisements for guns or prostitution).
Barnes v. Yahoo showed us that service providers should not make statements and then not follow though. In that case, the plaintiff’s ex-boyfirend created fake personal ads for her on Yahoo and impersonated her in various online forums. She asked Yahoo to take the information down,. A Yahoo employee told her that Yahoo would take the profile down, but Yahoo did not do so until after the complaint was filed.. The Ninth Circuit upheld Yahoo’s Section 230 defenses for claims that Yahoo had an obligation to take the fake profiles down, and that Yahoo did not try to remove some objectionable material. But the court did permit the plaintiff’s claim to go forward that Yahoo had breached its oral contract with her to take the material down, which the Court held amounted to a modification of the “baseline” Section 230 rule.
10. Right to Privacy.
When someone publishes something on a MySpace website without her full name, and then deletes the post, does she have an expectation of privacy? In Moreno v. Hanford Sentinel, Inc., the California Court of Appeals said no. Here, the plaintiff posted an essay that was derogatory of her home town on her MySpace page and then deleted it six days later. In the meantime, the principal at the local high school saw the posting and submitted the poem to a local paper, where the editor (a friend of the principal) published the poem in the Letters to the Editor column and signed the plaintiff’s full name to it. The author and her family received death threats and her father had to close a 20-year old family business. However, the California Court of Appeals ruled that the principal did not invade the author’s privacy by handing the posting to the editor, and further held that the editor did not violate the author’s rights when it published her full name. (The case was remanded in order to address a claim of intentional infliction of emotional stress.)
Let’s hope 2010 brings even more exciting Cyberlaw developments. We have the potential for two Supreme Court rulings, in the Costco case (discussed above) and the Bilski case, which may address the validity of business method patents.
Posted by John Ottaviani at 07:04 AM | Content Regulation , Copyright , Derivative Liability , Domain Names , E-Commerce , Licensing/Contracts , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack
December 11, 2009
Denver University “Cyber Civil Rights” Symposium Recap
By Eric Goldman
The week before Thanksgiving, I attended an unusual symposium sponsored by the University of Denver Law Review entitled “Cyber Civil Rights: New Challenges for Civil Rights and Civil Liberties in our Networked Age.” The symposium covered standard Cyberlaw topics, but the raison d'être was University of Maryland law professor Danielle Citron’s two recent articles on online harassment of women: "Law's Expressive Value in Combating Cyber Gender Harassment" (Michigan Law Review) and "Cyber Civil Rights" (Boston University Law Review). It is unusual for a law school to celebrate another school’s professor and her research, especially when the professor is fairly junior. Nevertheless, Danielle’s participation brought together academics from both the Cyberlaw and civil rights communities, which provided a rare and interesting mix of folks..
First Panel
Danielle Citron started off by recapping her two papers. Online participation, such as blogging, is essential to professional standing, and employers are reviewing online profiles of prospective employees as part of their hiring considerations. However, women are being targeted for abuse online. These attacks are harming women by changing their online and offline activities, reducing their job opportunities, and causing women to change their gender representations online. Further, folks are trivializing these problems. Women are underreporting the attacks, and law enforcement only intervenes when there are offline harms. New laws can serve an expressive function to communicate that online attacks against women are socially unacceptable. The new laws can validate women’s feelings that they have been harmed and encourage law enforcement to pursue more cases.
Commenting on the papers, Robert Kaczorowski of Fordham Law (and Danielle’s stepdad) made an extended analogy between the Ku Klux Klan and cybermobs.
Wendy Seltzer asked if we could deemphasize the effect of words rather than prohibit them. Danielle responded that we don’t know how seriously to take any particular threat.
An audience member asked if is there a difference between mobs and individual actors who are just taking advantage of being anonymous. Danielle answered that groups can become more extreme online. I think this point deserves more exploration: a series of uncoordinated individual decisions to “pile on” to an attack can look like a coordinated attack to the victim. This is part of why I thought the KKK references were puzzling—KKK activities are clearly coordinated, while online attacks against women can succeed without any coordination or ongoing connection between the attackers.
Paul Ohm argued that that legal solutions are better for cyber civil rights problems than technological solutions. Paul discussed what he labeled “Felten’s Third Law.” (He doesn’t know of two earlier laws named for Ed Felten; he just assumes they exist given Ed’s impressive and influential oeuvre). As articulated by Paul, Felten’s Third Law is that in Cyberlaw conflicts, lawyers love technical solutions and technologists love legal solutions. In other words, we love the solution we don’t know because we assume it has to be better than the one we do. As both a law professor and technologist, Paul picks law over technology for these problems.
Paul categorically rejects any technical solution that would create a “fully identified Internet.” For example, we should not mandate server log retention because we know the logs will be co-opted to regulate other forms of unwanted content, not just online harassment.
Wendy Seltzer discussed the unintended consequences of legal intervention. For example, mandatory Internet filtering in school libraries hasn’t stopped kids from bypassing the filters, but it has facilitated a marketplace for improving filtering technologies that has benefited repressive regimes. Another example: anti-circumvention technology fails to restrict copying but has reduced innovation around DRMed content. Wendy also noted how norms can help curb abuses. For example, while there are online cesspools, she praised Wikipedia’s evolving guidelines for living people’s biographies.
In response, Danielle admitted that her solutions need to be more surgical. She said she might consider moving from a notice-and-takedown model to a notice-and-preserve model for intermediaries.
Second Panel
This panel was composed of three women academics from the civil rights community, so it was a noticeable shift from the typical Cyberlaw academic discussion.
Mary Anne Franks is a University of Chicago Bigelow Fellow and soon-to-be full-time law professor. She expresses our collective disappointment that cyberspace isn’t a utopia that allows people to escape offline discrimination and harassment. She laments that women can lose control of their identities online, such as when someone creates a fake online profile in their names.
She then addressed how cyberspace is unique/special/different with respect to gender harassment. Many commentators try to duck cyberspace exceptionalism, so it was refreshing to see her tackle the issue squarely. Existing offline discrimination/harassment laws assume interactions between repeat players at work and school; online harassment can be divorced totally from any existing social networks. However, because the online activities still harm targeted individuals at work and school, we should treat the harms the same. Offline, there are switching costs to changing jobs or school; online, search engines’ consolidation of results for search on a person’s name creates a different type of switching cost. In terms of supervisory power, she thinks web operators have analogous control to employers or school administrators. Thus, when web operators receive notice of online harassment, they should have a duty to do something about it. Offline, employers can develop a variety of responses and policies to combat workplace harassment. Web operators should have similar latitude; for example, they can delete offending posts or suspend/ban accounts.
Helen Norton, a University of Colorado law professor, did not share Danielle’s optimism (expressed in her first article) that existing discrimination laws can curb online harassment. Instead, Helen thinks a new civil rights statute is needed, but she might limit its remedies to exclude money damages. Helen is pessimistic that there will be regulation any time soon, noting that it can take years to enact civil rights legislation. Helen would also like to see more precise definitions of the exact harms that women are experiencing only online.
Nancy Ehrenreich, a Denver University law professor, began her talk by saying that we should not overstate the Internet’s benefits. She then clarified that we should not assume that disadvantaged folks can overcome barriers online. For example, we impose cultural categories on people in every interaction, so even if people try to mask their identity online, they can’t really escape. She wondered why we aren’t talking about an anti-discrimination law for the web. Her concern is that discrimination denies individuals access to the Internet.
In Q&A, Paul Ohm observed that civil rights scholars often invoke free speech as the countervailing concern to their desired regulations, but Cyberlaw scholars are often more interested in other “generative” effects of the Internet, such as new business models, new labor models and new modes of production.
Panel 3
James Grimmelmann (see his slides) started with the Skanks in NYC case. In that case, the defendant criticized someone else in her social network on a blog, calling the plaintiff (among other unflattering things) a “skank.” The plaintiff sued to obtain the blogger’s identity. After a successful unmasking, the plaintiff dropped the lawsuit, having successfully publicly shamed the blogger.
James hypothesized that this unmasking and shaming was an appropriate remedy—the blogger got shamed (like “an eye for an eye”), and unmasking is a better outcome than other legal remedies like damage suits. James then posited a thought exercise that provided plaintiffs with an expedited unmasking procedure if they drop any damages claim. This would have a number of benefits. Unmasking curbs online harassment is especially effective at busting online mobs. Also, an unmasking remedy avoids messy debates over the First Amendment’s scope, and it may be more desirable than trying to hold online providers liable.
Having advanced his own strawman, James then cut it down. In some cases, defamation remedies may be more desirable, and plaintiffs may not know that until they learn the putative wrongdoer’s identity. In other cases, plaintiffs who just want unmasking would appreciate a lower legal hurdle. Also, we provide legal protection for anonymity for good reasons.
James’ lessons from the thought exercise: we should consider ways to decouple an unmasking remedy from litigation. At the same time, we need to protect defendants from pretextual unmasking; in some cases, retaliation is a big concern, and we should incorporate this concern into the unmasking decision.
From Chris Wolf’s talk (see his full remarks), the most interesting thing I learned is that 18 states have laws banning wearing masks in public, enacted to suppress KKK activities. This was the second speaker’s KKK reference of the day, and it made me wonder if we were experiencing some variation of Godwin’s Law.
Panel 4
Viva Moffat observed that secondary liability issues generate the most heat in online harassment discussions. She expressed concern that imposing legal duties on third parties may not help law’s norm-shaping effect, and it’s not appropriate to impose liability just because the provider has deeper pockets or the direct actor can’t be found. She also suggested that imposing liability on third parties creates a greater risk of collateral damage than direct liability. [Note: I would like to know more about this last assertion. I suspect we cannot make a utilitarian calculation a priori]. As a result, she favors focusing more efforts on sharpening direct liability.
Ed Felten talked about identifying and anonymizing online activity. He explained the usual sequence of events in chasing bad online content:
log file => IP address => identity => justice
But the IP address => identity step breaks down when users use an anonymizing proxy or the user’s network uses network address translation (used by home wireless routers or in coffee shops) and all connected devices’ requests share a single IP address. He said that a majority of Internet connections use NAT.
Because IP address tracebacks can dead-end at the intermediary, an IP address can reveal too little information. However, even when users aren’t investigatory targets, IP addresses can reveal too much information, such as geolocation. This paradox—IP addresses simultaneously reveal both too much and too little information—reflects that the IP address system was built for routing, not identification. So could we design a better authenticating technology?
He then conducted a “semi-realistic” thought experiment of a new technological “tag” that could be used instead of IP addresses. This tag could have the following attributes:
* can be placed by any intermediary
* conveys no information about the sender unless unwrapped by the intermediary (presumably for good legal cause)
* unwrapping the tag yields the best identity information the intermediary has
* the tag’s use is voluntary as a technical matter
* the tag is removable as a technical matter
I then batted clean-up. A summary of my remarks:
Today’s conversation has revisited long-standing Cyberlaw issues, such as:
* anonymity v. accountability, and who should be responsible for online content and actions
* cyberspace as a physical place. See, e.g., Noah v. AOL (an online discrimination case), National Federation of the Blind v. Target (also an online discrimination case) and Estavillo v. Sony
* cyberspace exceptionalism and cyberspace utopianism (on the latter point, see my article on search engine utopianism)
* when is the optimal time to regulate rapidly evolving technology? Early, when the technology is still in its infancy, or later, when market forces and new technological evolutions may have cured the early problems?
Danielle’s articles convinced me that women are experiencing serious harms online that men—including me—could easily trivialize. Danielle’s articles also convinced me that online harassment has strong parallels to the 1970s legal evolution of workplace harassment doctrines, where a big part of the battle was to get people to take the harms seriously.
While I find a lot of descriptive value in Danielle’s work, the normative implications are not as clear. As usual with attempts to regulate rapidly evolving technology, there are many important but overwhelmingly hard definitional challenges, such as who is an “intermediary,” what are “online mobs” and what constitutes online “harassment.” For example, I do not think the Skanks in NYC incident is an online harassment case or an “attack,” but James Grimmelmann’s talk assumed those characterizations.
While we can debate what should be the right level of regulatory intervention, we should not overlook that Congress already enacted a law squarely governing intermediary liability for online harassment: 47 USC 230. The angst that prompted this conference—bad behavior online—is the logical consequences of 230’s broad immunity. The statute enables websites to adopt policies that they will not police user content or retain server logs of user activity. These choices aren’t a surprise or a per se abuse of the immunity; instead, they are the unavoidable implications of Congress’ action.
We might question Congress’ wisdom in adopting 230, but we should not diminish its potential importance to the Internet as we know it. [In Q&A, Chris Wolf asked about the comparative experience in countries that don’t have such broad immunity. In those countries, we know that websites take down user content much more freely, and I believe that the most interesting UGC innovations are all taking place here in the US, not countries with more restrictive UGC liability.] I can, at most, only prove correlation and not causation, but I believe 230 is one of the main causal reasons why the Internet has succeeded so well.
When I speak around the country about 230, I often encounter folks who generally accept 230’s immunity scope but want just one new exception, i.e., their pet topic. If everyone got their “just one” exception, the law would be eviscerated. (I said it would be Swiss-cheesed to death; maybe I should have said it would be overcome by a thousand duck bites). I’m not rejecting new exceptions categorically (they should be each considered on their own merits), but in aggregate 230’s immunization benefits are actually quite precarious. I believe 230 works precisely because of its strength and simplicity, so adding more exceptions could significantly reduce its efficacy.
I concluded my remarks by observing that online harassment is a subspecies of bullying and incivil behavior in our society. While we can and should work to curb online harassment, I am more interested in addressing bullying and incivility in all its forms, wherever it takes place.
In this regard, I have been impressed by how my son’s school is proactively addressing bullying. See more about this effort, called Project Cornerstone. The school is teaching kids not to bully or to tolerate being bullied, and the project gives bullied kids tools to go on the offensive against bullies. There’s no guarantee that anti-bullying programs will work in the short or long run, but I remain hopeful that online harassment today partially reflects that many current Internet users never got any anti-bullying education. Perhaps, then, online harassment issues will naturally abate (without any regulatory intervention) as new generation of Internet users, better educated about bullying, come onto the Internet.
Following my remarks, we had more Q&A.
Paul Ohm Q: Some cyber folks argue against secondary liability because they believe that a victim can pursue a direct action, but Ed’s talk suggests that user anonymity will continue to be possible.
Mary Anne Franks: civil rights isn’t about individual claims because victims have to bear too high a burden to pursue claims. Instead, civil rights are about changing large-scale social norms. The goal is to achieve anti-discrimination by any means necessary. Thus, civil rights scholars have already discussed and concluded that it’s appropriate to impose liability on intermediaries like employers and schools.
Danielle: intermediaries are the lowest cost avoiders.
James Grimmelmann: no, the harassers are the lowest cost avoiders. Civil rights folks would get more support from the Cyberlaw crowd if they focused their regulatory desires towards intermediaries who are in active concert with the bad actors.
Danielle's Wrap-Up
We all agree that:
* education can make a big difference
* online communities need to self-police
* there are numerous limits to using the law as a solution, including that lawsuits don’t make sense and 230’s immunity.
We don’t agree on what to do next. There are First Amendment limits, and technology doesn’t offer any panaceas.
Posted by Eric at 07:12 AM | Content Regulation , Derivative Liability , Internet History , Publicity/Privacy Rights | TrackBack
November 03, 2009
Law Professor Sues Over 'Above the Law' Blog Posts--Jones v. Minkin
By Eric Goldman
Jones v. Minkin, 1:09-cv-23256-MGC (S.D. Fla. complaint filed Oct. 27, 2009). The Above the Law blog post on the lawsuit with links to the posts in question.
Given its history of provocative and occasionally aggressive blog posts, it's actually a little surprising that popular law blog Above the Law has not been sued before. A blogger's life is inherently filled with peril. We bet our houses with every blog post, and eventually the law of large numbers starts working against us. The risks are even greater for bloggers covering legal topics. By definition, we routinely cover people who are prepared to mix it up in court. As a result, it's almost inevitable that blawgers who keep at it long enough will get sued eventually.
The plaintiff in this case is University of Miami law professor D. Marvin Jones, who in 2007 was improperly detained by police for possibly racist reasons. This prompted a series of blog posts on Above the Law that included an unflattering cartoon and unfavorable characterizations. Jones now claims that the blog posts put him in a false light, invaded his privacy and constituted copyright infringement because the blog posts used the photo from his university profile page. Although the complaint uses the word "defamation" earlier in the pleading, no defamation claim was alleged. For these violations, Jones asks for tens of millions of dollars to right the alleged wrongs.
I'm skeptical about all three claims, but the copyright claim is almost unquestionably bogus. It's not properly pleaded; there's no allegation of a copyright registration. More importantly, I would be shocked if Jones owned the copyrights in the photo on his faculty page. Usually faculty photos are taken by a university photographer or a third party vendor; in either case, the photo subject normally does not obtain ownership or an exclusive license to the copyright. Perhaps Jones has managed his IP affairs better than 99+% of professors. If not, 17 USC 505, the copyright fee-shifting provision, seems like it sets up Jones to potentially write a check to the defendants. (Fair use also seems strongly possible, but we don't need to get there if the plaintiff can't establish a prima facie case of infringement).
With respect to the alleged privacy violations, there is the obvious problem that police incident reports should be public documents. However, I’m also interested Jones' faculty bio does much to trumpet his high public profile. He self-describes himself as a "public intellectual" (a fairly rare self-characterization among academics) and says he has "appeared as an expert on national and local television" and "is a sought after speaker at many universities." These self-reported assessments about his public visibility don't obviate his privacy rights, but they do suggest that a police detention--especially one with racial overtones, exactly the type of thing he discusses in these public spaces—and the associated report either don't qualify as a "private fact" or are sufficiently newsworthy to trump his privacy interests.
Ben Sheffner's post on this case makes good points about the false light claim. He says it's DOA because (1) Florida doesn't recognize the cause of action, and (2) to the extent it's based on the cartoon, the cartoon was provided by a third party and therefore 47 USC 230 preempts the claim.
This lawsuit reminded me a little of the long-running Steinbuch v. Cutler lawsuit, which also involved a law professor/plaintiff Robert Steinbuch (now at UALR) claiming privacy violations against a blogger. That legal battle hasn't turned out so well for Steinbuch. Putting aside a number of substantive losses along the way, the lawsuit has been going nearly 5 years with no clear end in sight. Some of the delay was caused by Cutler's bankruptcy, but much more of it was due to the inherent weakness of judicial proceedings as a redress for unwanted speech. And in the end, I don't think the lawsuit has done much to enhance Steinbuch's reputation as a law professor or otherwise.
Two other minor points about the lawsuit. First, the complaint repeatedly criticizes Above the Law for referring to Jones as "D. Marvin Jones" rather than some other variation of his name, alleging that the usage was designed to ensnare searchers looking for his book. Perhaps that was the intent (doubtful, but possible), but I have chosen to refer to Jones by the name he uses on his faculty profile...which is "D. Marvin Jones." Second, it was jarring to see "Barack Obama" misspelled in a complaint (especially given the plaintiff's expertise) as "Barrack Obama."
Unfortunately for Above the Law, Florida does not have a robust anti-SLAPP statute. Nevertheless, given its facial lack of merit and the possibility that Jones will want to minimize the size of the check he has to write the defendants for his ill-conceived copyright claim, I hope this lawsuit will reach a quicker resolution than the Steinbuch v. Cutler saga.
FWIW, there is an attractive free conference tomorrow afternoon in San Francisco that, quite topically, will address the unique challenges of online reporting of legal cases. (The official page is down, but this page has all the relevant details). Hope to see you there.
UPDATE: Jones has voluntarily dismissed the case within days of bringing it.
Posted by Eric at 01:57 PM | Content Regulation , Copyright , Derivative Liability , Publicity/Privacy Rights | TrackBack
November 02, 2009
October 2009 Quick Links
By Eric Goldman
Just a reminder that I am posting most of these types of links exclusively to my Twitter feed.
* Tricome v. eBay, Inc., 2009 WL 3365873 (E.D.Pa. Oct 19, 2009). Court upholds eBay user agreement's venue selection clause. Evan Brown covers the case.
* The AutoAdmit case is over. Above the Law and the Yale newspaper.
* Google doesn't want to hear your complaints about your reputation management.
* Moneygram settles with the FTC (to the tune of $18M) that its money wiring service was used to perpetrate fraud.
* The FTC scores a rare COPPA settlement, this time with Iconix for $250,000.
* John Wiley & Sons, Inc. v. Kirtsaeng, 2009 U.S. Dist. LEXIS 96520 (SDNY Oct. 19, 2009). Another federal court holds that the purchase of foreign-manufactured textbooks and resale in the US via the Internet is blocked by the importation right and not excused by the First Sale doctrine. My coverage of the analogous Pearson v. Liu ruling.
* Utah's "Don't Spam the Kids" registry survived a constitutional challenge. That doesn't make it good policy!
* Saadi v. Maroun. Blogger hit with $90k judgment for defamation. MLRC coverage. My initial blog post on the case.
* Erik Estavillo, the gamer who sued for being kicked off the PlayStation Network, is appealing his district court loss to the Ninth Circuit. I guess he wants to lock in the adverse ruling as the binding law of the Western United States. My blog post on the district court ruling.
* Rep. Paul Kanjorski wants to end 47 USC 230 with respect to bogus stock investing info? This legislation needs careful monitoring due to its potential perniciousness.
* Venkat has his own version of Quick Links on his site.
Posted by Eric at 05:08 PM | Content Regulation , Copyright , Derivative Liability , E-Commerce , Licensing/Contracts , Privacy/Security , Spam | TrackBack
October 30, 2009
Internet Obscenity Conviction Requires Assessment of National Community Standards--US v. Kilbride
By Eric Goldman
U.S. v. Kilbride, 2009 WL 3448360 (9th Cir. Oct. 28, 2009)
Jeffrey Kilbride and James Schaffer were porn spammers, operating through Ganymede Marketing, a Mauritian company. I previously blogged on their case in 2007. Their spam failed to comply with CAN-SPAM in several respects, including forged headers, fake email addresses and bogus contact info. The FTC claimed that it had received over 662,000 complaints about their spam. After a 3 week trial, a jury convicted them of criminal CAN-SPAM violations, criminal obscenity for 2 spammed images and other charges. Kilbride was sentenced to 6 1/2 years and Schaffer got over 5 years. Both appealed their convictions.
In the resulting Ninth Circuit opinion, the most important discussion relates to their obscenity convictions. The Supreme Court defined obscene material in the Miller case as:
(a) whether the average person, applying contemporary community standards would find that the work, taken as a whole, appeals to the prurient interest; (b) whether the work depicts or describes, in a patently offensive way, sexual conduct specifically defined by the applicable ... law; and (c) whether the work, taken as a whole, lacks serious literary, artistic, political, or scientific value [emphasis added]
On the Internet, the question arises: whose community standards? The Miller test anticipates that geographically dispersed communities could have different norms, and in theory an Internet content publisher needs to conform to all of them or at least the most restrictive ones. For an early example of this, see United States v. Thomas, 74 F.3d 701 (6th Cir. 1996) (involving a dial-in BBS). However, the cost and limitations of geographic authentication technology means that many Internet content publishers can't steer their content into or away from a particular geography. Personally, I think this is especially true for publishing content by email because I know of no effective way to accurately authenticate the geography of most email recipients.
The US Supreme Court squarely wrestled with the issue of disparate geographic communities being collapsed on the Internet in 2002 in its first Ashcroft v. ACLU ruling (this should be distinguished with the more influential second Ashcroft v. ACLU opinion from 2004, which I still teach today in Cyberlaw). That case involved a challenge to the 1998 Child Online Protection Act (COPA), and the Third Circuit had affirmed a preliminary injunction against COPA on the grounds that the application of a "contemporary community standards" clause to Internet publication was constitutionally infirm due to disparate community standards. In 2002, the US Supreme Court reversed the Third Circuit in a massively fractured way, with 5 different opinions and no clear consensus on anything.
To resolve this appeal, the Ninth Circuit had to divine a single rule of law from this mess-o-opinions. After parsing the inscrutable Supreme Court opinions, the Ninth Circuit concluded that "a national community standard must be applied in regulating obscene speech on the Internet, including obscenity disseminated via email." Whether or not the Ninth Circuit read the Ashcroft v. ACLU precedent correctly, it reached the only logical outcome for a communication medium without clear geographic authentication. Nevertheless, this is hardly an unquestionable conclusion; the Miller case expressly rejected a national standard (whatever that means): "obscenity is to be determined by applying 'contemporary community standards'...not 'national standards.'" Presumably, the 2002 Ashcroft v. ACLU opinion overwrote this statement from Miller (and similar statements in earlier obscenity cases), but no one really understands what the Supreme Court said in 2002.
While the Ninth Circuit reached a sound result, its ruling doesn't help these appellants. Even though the district court provided different jury instructions, the Ninth Circuit concluded that the district court's instructions were not "plain error" (the applicable review standard), so the convictions stand. Harsh.
Even if appellants wrested a reversal, I'm not sure it would matter because I have never fully understood the import of regionally disparate "contemporary community standards." The phrase only explicitly modifies the Miller test’s determination of whether a work "appeals to the prurient interests"--basically, whether the work appeals to content consumers' interest in sex. Community standards can also implicitly come into play with the determination of what is "patently offensive" or the perceived value of the work, but these are not explicitly referenced in the Miller test.
With respect to the prurient interest reference, I could imagine regional differences about some borderline cases (say, a sex education tutorial) or with respect to niche sexual interests, where the niche audience would find that the work appeals to their esoteric interests and the remainder of a region's population might find the work so unappealing that it’s not viewed as sexually interesting at all. But for a lot of "mainstream" pornography, my guess is that there are not meaningful regional differences about the work's sexual appeal. I haven't seen the 2 images at issue in this case, so maybe they fall into the borderline cases. Otherwise, I wonder if a new trial using national community standards would actually change the result. (Another reason for skepticism: our rage towards spam frequently causes us to ignore the rule of law when we have a chance to punish spammers).
In the ruling, the Ninth Circuit also rejected the defendants' facial and as-applied challenges to the criminal CAN-SPAM provisions. The defendants focused their attack on CAN-SPAM restrictions on falsifying information in a way that would "impair" spam blocking. The court concludes that none of the provisions are constitutionally too vague. This wasn't really a close case for the as-applied challenge because of the defendants' egregious handling of their email campaigns. In contrast, I would like to think the facial challenge has not been resolved permanently; these were clearly not the right defendants to raise or litigate the facial issues.
Along the way, the Ninth Circuit takes a swipe at domain name proxy registrations. Pulling a quote only slightly out of context, the court says "Based on the plain meaning of the relevant terms discussed above, private registration for the purpose of concealing the actual registrant's identity would constitute 'material falsification'" (one of the elements of a CAN-SPAM crime). You may also recall the recent Solid Host v. NameCheap case suggesting that proxy service providers could face contributory ACPA liability. Collectively, these two opinions indicate legally disadvantageous treatment for proxy service usage. Given this disconcerting trend, I don't see the domain name proxy business as a growth industry.
Thomas O'Toole also discusses the ruling.
Posted by Eric at 03:00 PM | Content Regulation , Domain Names , Spam | TrackBack
October 21, 2009
Craigslist Isn't Liable for Erotic Services Ads--Dart v. Craigslist
By Eric Goldman
Dart v. Craigslist, Inc., 09 C 1385 (N.D. Ill. Oct. 20, 2009)
Yesterday, Judge John F. Grady of the Northern District of Illinois federal court dismissed Cook County Sheriff Dart's lawsuit against Craigslist for user-posted advertisements in Craigslist's erotic services/adult services category on 47 USC 230 grounds. This is hardly surprising, as I wrote in March that "this lawsuit is almost certainly preempted by 47 USC 230." However, it was nice to see such a clean and decisive opinion--and a little ironic, as our law enforcement officials, who are supposed to enforce the laws rather than bypass them, got schooled in the limits of their legal authority.
With respect to the 230 analysis, the court characterizes Sheriff Dart's claims as alleging that Craigslist negligently published the user-supplied ads. The court says that the Seventh Circuit implicitly said that 230 preempted such claims in the 2008 CLC v. Craigslist case. To get around this, Sheriff Dart tried a Roommates.com styled attack, arguing that Craigslist induced the users' advertisements by creating an erotic/adult services category and letting users do keyword searches. These arguments go nowhere (making this yet another case where Roommates.com is cited for the defense). An adult services category can legitimately contain postings for legal services, and the keyword search functionality was agnostic about the illegality of the search and therefore a "neutral tool" (whatever that meant from Roommates.com).
Two other interesting doctrinal notes from the opinion:
* In FN 6, the court reiterates that 230 preempts a civil action to enforce a federal criminal statute. See Doe v. Bates.
* the court rejects arguments that Craigslist "arranges" meetings for prostitution, "directs" people to prostitution or "provides" contact info for prostitutes because, in all three cases, the user-supplied ad (if anything) satisfies those verbs. Similarly, Craigslist's role in "facilitating," "assisting" or "aiding and abetting" these user activities is governed by 230. I believe this is consistent with my view that 230 should preempt any claim that one party "endorses" third party online content.
Given some ambiguous language floating in Seventh Circuit 230 jurisprudence from the CLC v. Craigslist case and the old Doe v. GTE case, it wouldn't surprise me if Sheriff Dart tried an appeal. However, this opinion was solidly reasoned and completely consistent with that jurisprudence, so I wouldn't expect a different result on appeal.
Posted by Eric at 01:13 PM | Content Regulation , Derivative Liability , Marketing | TrackBack
October 14, 2009
Q3 2009 Quick Links, Part 1
By Eric Goldman
My system of managing news items that don't warrant a full blog post but can't fit into a 140 character Twitter post has broken down. So, I'm belatedly catching up on my backlog of things that caught my attention in Q3 2009. This part focuses on online content issues:
Defamation
* Ava v. NYP Holdings, Inc., 2009 WL 1885099 (N.Y.A.D. July 2, 2009). A NY Post story quoting part of the plaintiff's MySpace page and characterizing it as a "fantasy" wasn't defamatory.
* Terrific post by Paul Levy on Ripoff Report, InfomercialScams.com, Video Professor and UGC sites that go bad
* A tweet about moldy apartment leads to a defamation lawsuit. MLRC and CMLP coverage.
* Cohen v. Google, Inc., 2009 WL 2883410 (N.Y. Sup. Ct. Aug. 17, 2009). Calling a woman a “skank,” in the context of a blog with photos and other critical material, was prima facie defamation sufficient to support a pre-action disclosure of the anonymous blogger’s identity.
* Cash4Gold sued Consumerist but then dropped it as a defendant.
* You may recall my earlier blog post on the Higher Balance lawsuit, a nice 230 defense win. Subsequently, the Higher Balance defendants were awarded over $50k in attorneys fees.
* Crookes v. Newton, 2009 BCCA 392 (Sept. 15, 2009). A British Columbia appellate court says that linking to defamatory content isn’t defamation.
* Joe Mullin: "Troll Tracker" blogger defamation lawsuit settles
Cyberbullying
* Larry Magid on the definitions of cyberbullying
* US v Voneida: 3d Circuit says student's MySpace postings were "true threats" that supported 19 month sentence
* Smoking Gun: Placing a bogus Craigslist ad is being prosecuted as felony cyberbullying.
* News.com: A Missouri prosecution under Missouri's new Megan Maier anti-cyberbullying aw.
Blogs and Social Networking Sites
* A New Jersey court says a blogger isn't entitled to the reporter shield.
* Pietrylo v. Hillstone Restaurant Group, No. 06-5754 (D.N.J. June 16, 2009). Jury verdict against a restaurant owner that forced employees to allow it to view their private MySpace group.
* HB1314: Illinois bans sex offenders from using social networking sites. Evan Brown explores the statute's constitutionality.
* Facebook Beacon is dead…and yet another privacy organization springs up in its wake. News.com, settlement agreement and motion for settlement.
* Public Citizen v. Louisiana Attorney Disciplinary Board, 2009 WL 2390866 (E.D. La. Aug. 3, 2009). A federal court struck down Louisiana’s state bar rules restricting lawyer advertising via the Internet.
Posted by Eric at 10:15 AM | Content Regulation , Derivative Liability , Privacy/Security | TrackBack
October 13, 2009
Sex Predator Stung By Undercover Officer Who Self-Reported 3 Different Ages--US v. Haile
By Eric Goldman
US v. Haile, 2009 WL 3163556 (W.D. Ky. Sept. 29, 2009)
Let me start out by stating the obvious: sexual predation of minors is an unacceptable crime. I remain deeply troubled by how many Westlaw cases report on social networking sites being used to facilitate sexual predation, knowing that Westlaw-reported cases are surely a small fraction of the overall volume of activity. And as a parent, I still haven't figured out how to set the appropriate Internet restrictions and supervision for my kids. So my post here isn't meant to apologize for this defendant or the choices he made. At the same time, I remain equally troubled that paranoia over sexual predation can tempt us to bend the law, which I fear may have happened here.
The overall story is fairly familiar. An undercover officer sets up a fake online account to lure and trap child sexual predators trolling through social networking sites. After someone bites and the parties have a multi-iteration dialogue, the officer reels in the putative predator with an offer of realspace sexual favors. The putative predator shows up at the designated place presumably looking for a minor, and instead gets steel handcuffs. A contemporaneous news report of Haile's arrest and a personal account from a friend.
But the bait and hook in this case raised my eyebrows. The saga starts at LouisvilleMojo.com, which had an 18-and-older social networking component. On there was the officer's fake profile with a claimed age of 77. The profile told interested folks to contact "her" Yahoo alias. For reasons not adequately explained in the case, the defendant instead found the officer's fake MySpace page for the same alias. On the page, the user claimed to be 62 years old, but the "about me" section said “I'm a girlie girl. I'm 14, and turn 15 on October 31! HALLOWEEN!!!!!” The defendant questioned the officer about the age issue in a Yahoo chat session as follows:
Defendant specifically inquired, “so your really 14?” Detective Arterburn, as “Amber,” responded: “lol” (or “laugh out loud”). Defendant's reply to this was “?”, and there was no further response from “Amber” about her age.
With these data points, what can we infer about the defendant's expectation of his chatting partner's age? At various times, the officer reported "her" age as 77, 62 and 14 and gave a cryptic and implicitly playful non-response to a direct question. In this context, some folks might interpret the coy non-response as part of adult fantasy or game-playing.
The age issue is made even more complex by MySpace’s unique issues with age reporting. 14 year olds on MySpace are supposed to have restricted user accounts, so a defendant might assume that if he could find the account, the user either lied about her age (hence the direct Q) or was really over 14. Further, if the defendant was at all familiar with the Lori Drew prosecution, the defendant would know that lying to MySpace about one's age (a violation of MySpace's user agreement) is potentially criminal, thereby giving the defendant another reason to think that the user’s age reported to MySpace (62, not 14) was truthful.
The court rightly points out that the profile page (and the claimed age of 14) should have cautioned the defendant, and there is a little more evidence corroborating the defendant's belief that the user was underage. At the same time, it is unclear why the courts expected the defendant to give more credence to the 14 reference than the other self-reported ages. By using three different self-reported ages, the user undeniably was lying about "her" age at least two places on the Internet. Accordingly, the defendant had no reason to assume that 14 was any more truthful than 62 or 77--a problem compounded by the non-response to the direct question, where "LOL" signals to me that the user was treating her age as part of a game.
I'm glad we have officers on the beat looking for online sexual predators. It's a job I wouldn't want, but I hope they do it well, especially if they can nab bad guys without any minors actually getting victimized. At the same time, where the age of the putative victim is central to the legal inquiry, it troubles me when an officer uses multiple incorrect ages as part of the trap.
Posted by Eric at 10:43 AM | Content Regulation | TrackBack
October 05, 2009
Ripoff Report Rolls to Another Win--Intellect Art v. Milewski
By Eric Goldman
Intellect Art Multimedia v. Milewski, 117024/08 (NY Sup. Ct. Sept. 15, 2009). For more background on the lawsuit, check out the companion blog.
This case involves the "Swiss Finance Academy," an expensive summer college program. A disgruntled student posted some criticisms about the program on Ripoff Report. See the post in question. The program brought a lawsuit against both the posting student and the Ripoff Report.
The plaintiff alleged defamation and a products liability claim against Ripoff Report. Both are dismissed per 47 USC 230. The court's discussion regarding the products liability claim is particularly interesting. First, the court says the site is a service, not a product, and therefore may be categorically excluded from any products liability doctrine. Second, the court says:
"the court does not need to reach this novel issue, since plaintiff has not even alleged that the website was in a defective condition which gave rise to its claimed injuries. Rather it was [the student's] purported posting that gave rise to plaintiff's injuries, not Xcentric's website itself. The claim that Ripoff Report was defectively designed to elicit defamatory statements from its users is devoid of commonsense and reasoning, is unsupported by law, and is, therefore, reject." [sic]
Oof. I've occasionally seen previous arguments that product liability doctrines get around 230. This case is one data point that they aren't...and arguments to the contrary are "devoid of commonsense and reasoning." Plaintiffs beware.
The plaintiff tried to add a few new claims against Ripoff Report and none of those get a chance mostly because of deficient allegations rather than 230. The tortious interference claims fail for lack of allegations about the specific affected relationships. The contract fails because the plaintiff isn't a third party beneficiary of the Ripoff Report-student contract. The negligent misrepresentation claim failed for lack of a special relationship. The negligence claim failed for lack of an alleged duty. The negligent falsehood claim fails for lack of alleged special damages.
In the end, the Ripoff Report walks away from this lawsuit.
The student also gets a good ruling. The court rejects the defamation claim because it characterizes all of the student's statements as protected opinion. [Note: the Ripoff Report posting was under a pseudonym, so it's not confirmed that the student is the same person as the poster.] It seemed to me that the court was cutting corners here. For example, the report said that the school only fed students toast for breakfast. That seemed like a pretty factual assertion to me; I'm not sure how to style that statement as an opinion. Even so, the court cut the corners for a good reason:
"the website, when viewed in its full context, reveals that Milewski is a disgruntled consumer and that his statements reflect his personal opinion based on his personal dealing with plaintiff. They are subjective expressions of consumer dissatisfaction with plaintiff and the statements are not actionable because they are Milewski's personal opinion."
Milewski isn't totally off the hook, as there are still unresolved issues about unpaid tuition. But otherwise, this court shuts down another vendor's attempt to squelch negative feedback about its business practices.
David Johnson has a more plaintiff-friendly take on this case.
Posted by Eric at 09:59 AM | Content Regulation , Derivative Liability | TrackBack
October 01, 2009
Online Game Network Isn't Company Town--Estavillo v. Sony
By Eric Goldman
Estavillo v. Sony Computer Entertainment America, 2009 WL 3072887 (N.D. Cal. Sept. 22, 2009)
Sony's PS3 online network isn't a company town or otherwise a state actor subject to First Amendment obligations. As a result, Judge Whyte of the Northern District of California dismissed pro se Estavillo's First Amendment challenge against Sony for kicking him off its network.
Judge Whyte’s analysis is fairly terse because this was such an easy case. He says:
Sony's Network is not similar to a company town. The Network does not serve a substantial portion of a municipality's functions, but rather serves solely as a forum for people to interact subject to specific contractual terms. Every regulation Sony applies in the Network is confined in scope only to those entertainment services that Sony provides. Although the Network does include "virtual spaces" such as virtual "homes" and a virtual "mall" that are used by a substantial number of users (Pl.'s Reply in Supp. of Opp'n. to Dismiss 1), these "spaces" serve solely to enrich the entertainment services on Sony's private network. In providing this electronic space that users can voluntarily choose to entertain themselves with, Sony is merely providing a robust commercial product, and is not "performing the full spectrum of municipal powers and [standing] in the shoes of the State." Hudgens, 424 U.S. at 519 (quoting Lloyd Corp. v. Tanner, 407 U.S. 551, 568-69 (1972)).
Sony does not have a sufficient structural or functional nexus to the government. Plaintiff has not suggested that Sony is part of the state or federal government. The Network was not created to further government objectives. The government retains no permanent authority to appoint any directors of Sony or the Network, or any other private body associated with the Network. There is no indication that Sony has assumed functions traditionally reserved to the government, or that the government had any part in encouraging Sony to create the Network. Count one of the complaint does not state a plausible First Amendment claim for relief, and therefore must be dismissed. Iqbal, 129 S.Ct. at 1940.
This discussion is appropriately brief because we've known for many years that private online companies aren't state actors, and at least a dozen precedential cases have reached this conclusion. For more on this, see my 2005 article Speech Showdowns at the Virtual Corral.
Nevertheless, this case could have significant import for academic discourse about the virtual worlds. I believe this is the first ruling to squarely conclude that an online game/virtual world isn’t a company town. As a result, this opinion emphatically rejects a meme that has become pretty popular among virtual world exceptionalists. Some exceptionalists have favored the company town analogy because it enable virtual world customers to reduce an operator's ability to run its business capriciously.
At the same time, as I explain in my 2005 article, importing constitutional doctrines into paying vendor-customer relationships could have untold detrimental effects on the entire online industry. This efficient ruling will hardly be the last word in that debate, but it should take a little wind out of the sails of the virtual-world-as-company-town meme that gets invoked so frequently in virtual world exceptionalist circles.
For more on this opinion, see Rob Heverly's blog post. Rob sees more merit in Estavillo’s argument than I do, but still he concludes that the case “was probably rightly decided.”
Posted by Eric at 09:57 AM | Content Regulation , Virtual Worlds | TrackBack
September 03, 2009
Employer Isn't Liable for Employee Misuse of the Internet--Maypark v. Securitas
By Eric Goldman
Maypark v. Securitas Security Services USA, Inc., 2009 WL 2750994 (Wis. App. Ct. Sept. 1, 2009)
As part of my efforts to keep up with new cyberlaw developments, I read a lot of cases involving yucky facts. But even with my constitution hardened over time, occasionally I still find some cases that really gross me out. So for this case, I'm just going to quote the key factual sentences from the court's opinion:
"At some point, Schmidt copied the photographs of approximately thirty female employees to a flash drive. He printed the photographs at home, ejaculated on them, and posted pictures of the adulterated photos on adult websites he created on Yahoo!." He made these postings without using the company's connectivity.
Schmidt was the employee of a third party vendor that provided security for a Wisconsin manufacturer's facility. The affected manufacturer's employees sued the security vendor for negligent training and supervision. In the trial court, the employees got total damages of $1.4M.
The appellate court reversed this ruling and held that Schmidt's employer was not negligent as a matter of law because Schmidt's misconduct wasn't foreseeable. Implicitly, the court rejects the argument that merely providing Internet access to employees, without more, constitutes per se negligent supervision or training. As the court says, "There is nothing inherently dangerous about permitting employees to access the internet at work."
The court goes on to say that public policy limits the employer's exposure to damages here. First, as the court says, "It would be an understatement to say Schmidt's actions were bizarre and unexpected. Schmidt's actions were unimaginable." Second, "employers have no duty to supervise employees' private conduct or to persistently scan the world wide web to ferret out potential employee misconduct."
This case reminded me a little of Delfino v. Aglient, where an employer avoided liability for an employee's rogue Internet activities on 47 USC 230 grounds. I never felt comfortable with 47 USC 230 applied to employer-employee relationships, but I liked that it offered an easy and decisive limiting doctrine to cut off employer liability for bizarre employee Internet conduct (otherwise, we get $1.4M judgments at the trial court level). In the Maypark case, I like how the appellate court anchored its reasoning, in part, on public policy grounds without getting into ambiguous statutory grounds like 230. I found the last statement I quoted ("employers have no duty...to persistently scan the world wide web to ferret out potential employee misconduct") especially apropos.
Posted by Eric at 10:29 AM | Content Regulation , Derivative Liability | TrackBack
August 31, 2009
Lori Drew Criminal Case Ends With a Whimper
By Eric Goldman
United States v. Drew, 2009 WL 2872855 (C.D. Cal. Aug. 28, 2009)
Almost 2 months ago, the judge presiding over the Lori Drew trial orally announced that he intended to rule in favor of Drew, but it was a little hard to decipher his statements without a written ruling. On Friday, the judge issued his written ruling, which indicates that he granted Drew's FRCP 29(c) motion for a post-verdict acquittal. I haven't seen any announcement of the prosecution's response and whether they plan to appeal. This ruling also has no direct bearing on any civil claims against Drew. Nevertheless, for now, Lori Drew has been fully acquitted of the criminal charges brought against her.
The Holding
While the written opinion clears up the judge's exact disposition of Drew's status, it is hardly a clear précis on the legal issues. The judge ultimately grants the acquittal because a Computer Fraud & Abuse Act (CFAA) prosecution based on negative behavioral restrictions in an online user agreement is void-for-vagueness. I think this makes a lot of sense because the negative behavioral restrictions are effectively incorporated into the criminal statute but lack the degree of drafting precision we require from criminal prohibitions. The judge gives a good example of such an imprecise restriction by citing a MySpace user agreement prohibition against posting in “band and filmmaker profiles...sexually suggestive imagery or any other unfair...[c]ontent intended to draw traffic to the profile.” The judge rightly asks what the terms "sexually suggestive imagery" and "unfair content" mean when incorporated into a criminal CFAA prosecution. If we aren't sure, that sounds like a valid basis for a void-for-vagueness dismissal.
Having said that, given this ruling, I still can't understand why the judge let this case go to the jury in the first place. I believe the judge's ruling was independent of the jury verdict and does not rely on any of the jury findings, so why did he wait until after the jury verdict to make a ruling that he could have made pre-trial? His delay was not costless. The jury verdict against Drew remains a public rebuke of Drew even though it's been wiped away, and the judge could have saved everyone a lot of time and money by cutting to the chase earlier.
The Dicta
The judge's actual void-for-vagueness discussion of Drew's situation starts on page 25 of a 32 page opinion. What's going on in the previous 25 pages? The remainder of the opinion apparently explains how the government may have successfully proven the elements of its case, but I found the discussion gratuitous, meandering and confusing. Some of it could also be pernicious. For example, consider this oh-no quote from FN 22:
As a “visitor” to the MySpace website and being initially limited to the public areas of the site, one is bound by MySpace’s browsewrap agreement. If one wishes further access into the site for purposes of creating a profile and contacting MySpace members (as Drew and the co-conspirators did), one would have to affirmatively acknowledge and assent to the terms of service by checking the designated box, thereby triggering the clickwrap agreement.
Read that first sentence again. WHAT??? Did the court just say that every visitor is bound to MySpace's browsewrap just by visiting the website? Uh, I don't think so, or at least I hope not. Whoa.
Another oddity: on page 9, the opinion says "According to Sung, MySpace owns the data contained in the profiles and the other content on the website." (Sung is MySpace's VP of Customer Care). The court slyly quotes the applicable provision in the user agreement which clearly points out that MySpace only takes a non-exclusive license to user data, not ownership. So what could this reference to ownership possibly mean?
Implications of the Ruling
Although I wish the judge had been more careful and laconic in his drafting, this opinion is still a good jurisprudential development. This opinion erects a significant hurdle for future CFAA criminal prosecutions for breaches of user agreements because they will face the same void-for-vagueness challenge that was dispositive here.
I'm less clear how this opinion might affect civil CFAA lawsuits for using third party servers in excess of a user agreement. As the case recounts, a number of cases already accept those claims, and I think this judge's dicta simply adds to those cases. So, for example, if MySpace wanted to sue Drew civilly under a CFAA theory for the behavior at issue with her criminal prosecution, I don't think this opinion would stand in the way. In fact, I think MySpace would cite it favorably. Then again, I doubt MySpace will be suing Drew; MySpace has been conspicuously low-profile about a crime purportedly committed against it.
I do not expect this ruling will defuse any debates over cyberbullying and how to deter it using legal means. If anything, the fact that Lori Drew walks is more likely to pour gasoline on the fire of state legislators who think they can solve the problem through their brilliant statutory drafting. They are wrong, of course, and they can do plenty of harm by trying (see, e.g., the broad and dangerous law that Texas just passed). Unfortunately, I expect more anti-cyberbullying legislative efforts, for better or (mostly) for worse.
Even though the judge corrected a judicial system error, I continue to believe that we as cyberlawyers need to mitigate the problems we create by putting extensive and ambiguous negative behavioral restrictions into our online user agreements. As I've explained before, I think best practices now move most negative behavioral restrictions into a non-binding statement of community norms and expectations.
Posted by Eric at 10:16 AM | Content Regulation , Licensing/Contracts | TrackBack
August 20, 2009
Private High School Not Liable for Cyberbullying--DC v. Harvard-Westlake
By Eric Goldman
D.C. v. Harvard-Westlake School, 2009 WL 2500343 (Cal. App. Ct. Aug. 14, 2009)
Harvard-Westlake is a highly-regarded private school in the Los Angeles basin with an impressive alumni roster and a lot of very affluent parents. I've known a few alums and, based on their descriptions, they seemed to have a remarkable and resource-rich experience far beyond what I had in public school.
DC was a Harvard-Westlake high school student and an aspiring entertainer. He ran a self-promotional website that contained a guestbook. Unfortunately, some of DC's peers were not fans of his, and they littered his guestbook with hateful homophobic "death threats." (I put that in quotes because they were ultimately deemed not to be serious threats.) It really breaks my heart to see coordinated venomous attacks like this among high schoolers. I understand that experimentation and limits-testing is part of the teenage experience, but IMO the hostility of these comments crossed the line. The death threats were so disconcerting that DC's parents contacted the local police, who brought in the FBI. Eventually the authorities advised DC to change schools. DC and his family followed this advice, requiring his entire family to relocate. The police ultimately decided not to prosecute the attacking students; according to one news report I saw, that decision was based on a conclusion that the attackers never actually intended to physically harm DC.
DC and his parents initially sued only Harvard-Westlake for a long list of claims, largely predicated on the school's allegedly derelict response to the students' attacks on DC. Among other things, the attacking students used Harvard-Westlake's computer network as part of their attacks, and the school did not suspend or expel any of the attacking students (although news reports indicate that the students were disciplined in some unspecified manner). The plaintiffs also complained that the student newspaper (supervised by a faculty member) published numerous stories about these incidents, including disclosing DC's new residence and school and repeating claims of his alleged homosexuality.
Subsequently, DC and his family also sued the attacking students and their parents. Needless to say, this has spawned a lengthy and expensive legal battle. The initial complaint was filed in 2005 and the proceedings are still going strong.
With respect to Harvard-Westlake as a defendant, DC's parents signed an enrollment contract that contained an arbitration clause and a fee-shifting provision. In 2005, the trial court ordered the Harvard-Westlake dispute to arbitration and stayed the actions against the attacking students and their parents until the arbitration was completed.
In Fall 2006, the arbitrator issued her first substantive ruling--the one that initially triggered my alert. In that ruling, the arbitrator dismissed several claims, including a state "hate crime" civil claim (the statute expressly protects sexual orientation) against the school on 47 USC 230 grounds. The arbitrator's ruling means that even if the school's computer network was used in the attack, the school isn't liable for that. Given its age, this is old news, and it isn't precedential because the ruling was made in arbitration. Nevertheless, in light of the various ongoing concerns about cyberbullying, I think this remains an interesting data point.
Subsequently in 2007, the arbitrator dismissed the remaining claims against the school and, per the fee-shifting agreement, awarded fees and costs to the school of over a half-million dollars. Last week's ruling in this case deals with (among other things) the plaintiffs' effort to avoid this award of fees and costs. They get a little relief from this court. To avoid discouraging plaintiffs with the specter of possible liability for defense costs, California's hate crime statute has its own "one-way" fee-shifting provision only for successful plaintiffs. Accordingly, the court concludes that public policy trumps the parties' enrollment contract and prohibits the plaintiffs from having to pay arbitration costs or defense attorneys' fees related to the hate crimes claim despite the contract.
The opinion isn't entirely clear about what happens next, but I believe the trial court ought to sever out any of the arbitration costs and defense legal fees tied to the defense of the state hate crimes claim. However, because the plaintiffs raised a long list of other claims in their lawsuit, I think a lot of defense legal fees still should be awardable under the fee-shifting provision in the enrollment contract. If so, the plaintiffs eventually will have a write a check of hundreds of thousands of dollars to the school.
I've previously blogged on other lawsuits involving high schoolers being mean to each other. The Sandler v. Calcagni and Finkel cases stands out most in my mind. These lawsuits seem to have some commonalities--they can be long-lasting all-out litigation wars that cost hundreds of thousands of dollars of legal fees. Based on my limited observations, my working hypothesis is that lawsuits over bad high schooler-on-high schooler behavior have no real chance of improving the plaintiff's life, regardless of the court's final disposition. Testing this hypothesis might be an interesting area to study. I wonder if a method like restorative justice might yield more satisfying results for plaintiffs than decade-long lawsuits.
I'm also wondering if Harvard-Westlake could have and should have done more to protect DC. I don't think the school was an appropriate defendant, but at the same time, there was clearly a crisis in its community that was detrimentally affecting the ability of one of its students to enjoy life. I'd welcome your thoughts about how schools can appropriately intervene in student-on-student cyberbullying attacks when they occur.
A final note: the court opinion does not mention either DC's identity or his parents' identity, so I've made the decision that it's not important for my blog post to identify the plaintiffs by name either. However, it was trivially easy to identify the plaintiffs. For example, you can see a list of most litigants from the lower court record in Case Number: BC332406 at the LA Superior Court website.
Posted by Eric at 02:12 PM | Content Regulation , Derivative Liability | TrackBack
August 10, 2009
Nursing Student's Blog Post Doesn't Support Expulsion--Yoder v. University of Louisville
By Eric Goldman
Yoder v. University of Louisville, 2009 WL 2406235 (W.D. Ky. Aug. 3, 2009). Yoder's initial complaint.
Nina Yoder was a University of Louisville nursing student. She posted a blog post to MySpace entitled "How I Witnessed the Miracle of Life” that describes her first-hand observations from a school assignment to go watch a patient-mother giving birth. The blog post now appears to be set to private, but you can see a PDF of it, and the opinion quotes the full text for your reading pleasure. This blog post and the resulting imbroglio sparked a lot of discussion. For more background, see this page with some of the source correspondence (and over 100 comments) and this thread from a nursing students' blog with about 250 comments.
Even if Yoder’s blog post was intended to be tongue-in-cheek, I can see why the blog post was so controversial. As just one example, the blog post repeatedly refers to newborn babies as "creeps." The court does not have kind words to describe the blog post, calling it "vulgar," "distasteful," "offensive," "crass and uncouth," and an "abject failure" as an attempt at humor. My personal take is that the blog post was, at best, ill-advised. I really can't imagine when I would want to work with a nurse who calls my baby a "creep," even if in jest, and (as discussed below) the amount of detail Yoder disclosed about her patient shows a reckless disregard for the confidentiality we expect from medical professionals.
When University of Louisville nursing school administrators discovered the post, they expelled Yoder from the nursing program on the grounds that she violated two contracts: the student honor code and a confidentiality agreement. Given how damaging Yoder's post was to the University's nursing school (after reading it, I suspect few patients would agree to let student nurses observe their treatments), I understand this impulse. However, the administrators’ decision to have two uniformed police officers at the termination meeting (because Yoder had separately blogged about her support of the Second Amendment) and to frisk her for weapons seemed a little over-the-top.
In this ruling, the court reverses the school's expulsion, holding that the school incorrectly interpreted the contracts. The main ruling relates to the contracts' requirement that Yoder not disclose patient confidential information. The defendants allege that the blog post disclosed "the following identifying information about the birth mother: the number of her children; the date that she was in labor; her behaviors; the treatment that she underwent (an epidural); her reaction to labor (vomiting); and the reactions of her family." The court says that none of this information was personally identifiable to the patient or her family because the post "does not disclose the birth mother's name, address, social security number, or the like. It does not disclose her age, race, or ethnicity. The Blog Post does not contain ‘financial’ or ‘employment related information’ about the birth mother. It does not disclose where she was in labor."
Well, the court is correct about the non-identifiable nature of the disclosures if you only consider the four corners of the blog post. No one could use the blog post to identify the mother or her family without relying on additional information. Nevertheless, the court's rationale is completely off-base. I’m confident that any savvy investigator could combine the blog post with other data sources and quickly identify the mom with a high degree of certainty, even if the investigator would rely only on easily obtainable published information. Just knowing the baby’s exact birthdate and limiting the inquiry to the Louisville area immediately limits the pool of possible women to a few hundred. Knowing that the child was the mom's third baby should narrow that restricted pool further. Thus, the court was clearly wrong when it said, categorically, "the Blog Post does not contain information that could possibly lead to the discovery of the birth mother's identity" (italics added). The first person who emails me the correct identity of the patient in question can, as their reward, choose a slinky from my special slinky stash.
As a result, this court's ruling illustrates the false distinction between personally identifiable and non-personally identifiable information. (The same issue arose in the recent Johnson v. Microsoft case declaring that IP addresses are not personally identifiable.) Paul Ohm has an important paper coming out on de-identification that should end this distinction permanently. The ability to combine multiple data sources makes it possible to uniquely identify data subjects even if each individual data source does not enable identification on its own. Especially in light of the healthcare context, this judge was way too charitable to Yoder on this point.
The court also says that Yoder did not violate a "professionalism" requirement in the school’s honor code because the blog post "was not created or used in any professional context." This is analogous to the K-12 school discipline cases (all uncited) where the principal disciplines a student for a blog post made off-campus. Clearly school administrators can reach too far into private conduct when meting out discipline, but again I think the judge is being very charitable here. Yoder was blogging her personal observations about a professional experience she had in a hospital, under confidentiality agreements, while doing her schoolwork. By this reasoning, any post that Yoder wrote in her personal time would not trigger the professionalism code, but given the subject matter of this post, this issue probably warranted more careful treatment.
Having said that, I totally agree with the judge's ultimate conclusion to reinstate Yoder. Although her post raised all kinds of yellow and even red flags about her judgment, the school had a wonderful teaching opportunity to explain/reinforce all kinds of lessons about the professional responsibility of a nurse (like, don't call patients' babies "creeps," even in jest). I think they didn’t capitalize on that opportunity by applying a one-strike rule to Yoder.
An update on Yoder's saga from the Chronicle of Higher Education.
Posted by Eric at 10:12 AM | Content Regulation , Trade Secrets | TrackBack
July 27, 2009
Griping Blogger Gets Fair Use and Anti-SLAPP Win--Sedgwick v. Delsman
By Eric Goldman
Sedgwick Claims Management Services, Inc. v. Delsman, 2009 WL 2157573 (N.D. Cal. July 17, 2009). The Justia page.
Delsman had a big issue with Sedgwick. The details of his gripes aren't all that important. To make his point, Delsman set up several griping blogs (e.g., 1, 2) and mailed out postcards styled as "WANTED" posters featuring photos of two Sedgwick executives. Delsman cut-and-paste those photos from the Internet. Sedgwick called out the big litigation guns to smush Delsman, who defended himself pro se. Fortunately, Delsman drew a sympathetic judge (Judge Brown) who clearly wasn't interested in wasting time on Sedgwick's overreaction to a small-time griper. Thus, she liberally construed Delsman's imprecise filings to dismiss the case early.
Judge Brown concluded that the republication of the photos on the "WANTED" postcards was fair use. She summarized her analysis:
Defendant's uses of the photographs of North and Posey are highly transformative and serve an entirely different function than originally intended. It was reasonable for Defendant to use the entire photograph in order to evoke the image of a "WANTED" poster. His use could not have had impacted the market for the photographs because no such market is alleged to have existed. But even if it did, Defendant's use was sufficiently transformative that it could not be deemed to be a substitute for the original. Allowing Defendant to use the photographs in the context of publicly criticizing and warning the public regarding Sedgwick's business practices is precisely the type of activity the fair use doctrine is intended to protect.
As Eugene Volokh says, the "fair use analysis strikes me as quite right."
Judge Brown then tossed the rest of the claims on anti-SLAPP grounds. This isn't the first time a blogger has won an anti-SLAPP motion (see, e.g., GTX v. Left), but it's still nice to see.
Posted by Eric at 05:45 PM | Content Regulation , Copyright | TrackBack
July 20, 2009
47 USC 230(c)(2) Talk Slides Draft--COMMENTS REQUESTED
By Eric Goldman
Later this week I'm giving a brand new talk on 47 USC 230(c)(2), the overlooked sibling of 47 USC 230(c)(1). With the help of a research assistant, we tried to identify and review every case referencing 47 USC 230(c)(2). I was surprised at how many cases cited 230(c)(2) (>30) and how few of them (<12) involved an actual holding turning on 230(c)(2) instead of discussing the provision in dicta or just citing it. I was also surprised at how little interpretative material discusses 230(c)(2) in any cogent way. The legislative history is useless, and the provision appears to have been virtually ignored in the law review literature--which itself is fascinating because 230(c)(2) is a really interesting and provocative doctrinal solution that warrants, at minimum, an appropriate theoretical justification (if one is possible). My talk is surely not the first to explore 230(c)(2) in a systematic way, but my research assistant and I really didn't find much to guide us.
That's where you come in. I've posted my draft slides. I would be very grateful if you could take a look and let me know what you think about my taxonomy of 230(c)(2) cases (and if you think I missed any cases) and my list of Constitutional and statutory substitutes. Also, if you are aware of any law review articles or other secondary materials that specifically discusses 230(c)(2) (and not just 230(c)(1) or 230 generally), I would appreciate the citation. For that matter, I would gratefully welcome all comments on the slides!
If I make any changes to my slides before I give the talk, I'll repost the "final" version of the slides by early next week to the same URL and announce the new version via Twitter.
Posted by Eric at 06:06 PM | Content Regulation , Derivative Liability | TrackBack
July 07, 2009
June 2009 Quick Links, Part 2
By Eric Goldman
State Regulation of the Internet
* iAWFUL, the Internet Advocates Watchlist for Ugly Laws
* Texas HB 2003. Part of the anti-cyber-harassment mania. Very broad statute with lots of room for prosecutorial mischief.
* BNA (BNA subscription required): "State Legislatures Consider Criminal, Civil Restrictions on Ticket Purchasing Software": "At least six state legislative bodies are considering bills this session that would place restrictions on the use of “ticket bots.""
* Because states are embracing the Amazon affiliate tax, the online affiliate industry is shrinking as we speak (1, 2, 3). But in one of his rare good moves, Schwarzenegger has vetoed CA's attempt to impose the Amazon tax.
* Clive Thompson in Wired: "By severing the link between location and geography, the internet turned everything upside down. Now mobile phones are inverting everything again, in the other direction — because your location becomes most important thing about you. So how is the return of geography going to change our lives?" My previous commentary on geolocation and the law.
Blogs/Social Networking Sites
* Yath v. Fairview Clinic, 2009 WL 1751767 (Minn. App. Ct. June 23, 2009). Posting illegitimately obtained health information to a MySpace page qualified as “publicity” for purposes of an invasion of privacy claim. The court says: “Yath's private information was posted on a public MySpace.com webpage for anyone to view. This Internet communication is materially similar in nature to a newspaper publication or a radio broadcast because upon release it is available to the public at large.” As a result, the publication qualified as “publicity” even if the material was posted for less than 48 hours and the plaintiff could only prove that a small number of folks actually saw it. Compare the Moreno v. Hanford Sentinel case, where republication of information the plaintiff voluntarily published on her MySpace page could not support an invasion of privacy claim.
Nevertheless, the defendants were excused because they had not created the MySpace page, even though they had supplied the information republished on the MySpace page.
* Richerson v. Beckon. Ninth Circuit upheld reassignment of teacher-mentor based on negative blog comments. My blog post on the district court opinion.
* Kaufman v. Islamic Soc. of Arlington, -2009 WL 1815641 (Tex. App. Ct. June 25, 2009). An online-only journalist qualified as a "member of the electronic or print media" for purposes of an interlocutory appeal statute.
* After von Brunn committed his hate crime outside the US Holocaust Museum, a bunch of his digital trails went dark as websites newly realized his vitriol was posted there.
* If you're looking for a paper topic, here's one: the use of MySpace, Facebook and other social networking sites in family law disputes, especially over child custody. I'm seeing cases every week where social networking site postings are being introduced to corroborate or contradict testimony about a parent's fitness.
Security
* FTC v. Pricewert. The FTC takes down an allegedly rogue Internet access provider. To the extent that the IAP is engaged in criminal activities, no problem; but it's less clear to me if the FTC can get a civil injunction under its Sec. 5 authority to stop the IAP from serving its putatively illegal customers. Such an action could be preempted by 47 USC 230. The FTC, in its brief, says the IAP fits into a Roommates.com exception, an argument presumably bolstered by their 10th Circuit win in FTC v. Accusearch.
* Johnson v. Microsoft Corp., 2009 WL 1794400 (W.D. Wash. June 23, 2009). This is a putative class action over Microsoft’s use of Windows Genuine Advantage (WGA) to validate copies of Windows XP. In this ruling, Microsoft gets SJ on the claim alleging that the contract prevented Microsoft from doing WGA validation. Especially interesting is the court’s conclusion that IP addresses are not personally identifiable information.
* Microsoft v. Lam. Microsoft brings a lawsuit against alleged click fraudders who caused Microsoft to issue $1.5M in credits to advertisers. The NYT article.
* EFF on the most recent amendments to the Computer Fraud & Abuse Act.
Miscellaneous
* Expedia tagged for $184M in damages for improperly marking up its service fees.
* In re Jamster Mktg. Litig., 2009 U.S. Dist. LEXIS 43592 (S.D. Cal. May 22, 2009). Wireless carriers aren’t liable under RICO and false advertising laws for various deceptive practices by wireless content providers.
* New unmeritorious patent lawsuit trend: lawsuits over patent markings for expired patents.
* NYT: Investing in Lawsuits, for a Share of the Awards
* Oddee: 15 geekiest license plates:
Posted by Eric at 09:18 PM | Content Regulation , Derivative Liability , E-Commerce , Licensing/Contracts , Marketing , Patents , Privacy/Security , Publicity/Privacy Rights , Search Engines | TrackBack
June 09, 2009
May 2009 Quick Links Part 2
By Eric Goldman
Blogs and Boards
* WSJ: Bloggers, Beware: What You Write Can Get You Sued
* j2 Global Communications v. Zilker Ventures, CV 08-07470 SJO (AJWx) (C.D. Cal. April 22, 2009). A consumer review website can putatively qualify for anti-SLAPP protection, but not in this case because the plaintiff established its prima facie case.
* Biggs Cardosa Associates Inc. v. Bradbury, 2009 WL 1508703 (Cal. App. Ct. May 29, 2009). Here's another one for all of you Rip-off Report fans. A former employee lost a jury trial (and was hit with over $100,000 of damages) for breaching a "non-disparagement" clause in his separation agreement by posting negative comments about his former employer and colleagues on a variety of online fora, including numerous posts on the Rip-off Report.
* Houston Chronicle article on a lawsuit against a website operator for a user post saying that a woman has herpes when she, in fact, does have herpes. She is claiming public disclosure of private facts. [Stupid Houston Chronicle expired the article and moved it to its archives, breaking a number of links throughout the web. Here's a short recap of the article.]
* Stengle v. Office of Dispute Resolution, 2009 WL 1138119 (M.D. Pa. April 27, 2009). The contract of an independent contractor government "hearing officer" was non-renewed because she blogged on the topics of her hearings, raising questions about her impartiality. As the court says in dismissing the resulting lawsuit from the hearing officer:
To reiterate, this Court fully recognizes the cherished right of free speech, as well as the commendable goals of the RA. But these cannot wash away the bona fide concerns that arise when a judicial officer elects to disseminate her opinions in cyberspace with little or no restraint. Because of her position, Plaintiff's attempts to qualify her stances as solely her own were entirely ineffectual. With particular jobs come certain precise responsibilities. In Plaintiff's case, one of these included avoiding even the appearance of bias via extra-judicial comments. Plaintiff's deep concerns about the special education issues and the resulting creation of her blog ultimately caused her to face a dilemma that she alone created. The choices she freely made thereafter led to her non-renewal, and as aforestated we do not find any of the Defendants' conduct actionable under the circumstances.
This case reminded me some of Richerson v. Beckon from last year.
* JuicyCampus redux: People's Dirt. Let the angst over anonymous online forums begin anew.
* Doe v. Ciolli, 2009 WL 1204361 (D. Conn. April 30, 2009). In the AutoAdmit lawsuit, the court rejected Matthew Ryan's (aka ":D") motion to dismiss for lack of jurisdiction.
* Facebook v. Power Ventures, Inc., 2009 WL 1299698 (N.D. Cal. May 11, 2009). Largely following the troublesome Ticketmaster v. RMG case, Power Ventures' motion to dismiss Facebook's copyright and DMCA claims was denied. (Other claims survived too). Comments from Jeff Neuburger and Tom O'Toole.
Miscellaneous
* Colleen Chien, Of Trolls, Davids, Goliaths, and Kings: Narratives and Evidence in the Litigation of High-Tech Patents, North Carolina Law Review, Vol. 87, 2009
* Mazur v. eBay Inc., 2009 WL 1203937 (N.D. Cal. May 5, 2009) Class certification denied. My blog post on this case’s more troubling ruling about 47 USC 230.
* Riggs v. MySpace, Inc., 2009 WL 1203365 (W.D. Pa. May 1, 2009). Venue selection clause in MySpace user agreement upheld.
* Salter v. State, 2009 WL 1409484 (Ind. App. Ct. May 20, 2009). Saving pornographic photos of a minor to a CD does not constitute the "creation" of child porn, even though a new "copy" has been created.
* State v. Bell, 2009 WL 1395857 (Ohio App. Ct. May 18, 2009). MySpace chat sessions aren't MySpace "business records" for hearsay purposes.
* Forbes: the Hidden Costs of Privacy. This article has been written, and written again, many times in the last decade; yet the regulatory dynamics have not improved.
Posted by Eric at 10:35 AM | Content Regulation , Copyright , Derivative Liability , Patents , Privacy/Security , Publicity/Privacy Rights | TrackBack
May 03, 2009
April 2009 Quick Links
By Eric Goldman
[Just a reminder that I am posting some “quick links” exclusively to my Twitter account, so if you want to keep up with everything, follow me at Twitter or subscribe to the RSS feed.]
Marketing/Spam
* Zango is dead (and so is adware), Ken Smith, Zango's CTO, conducts a post mortem: What Zango Got Wrong and What Zango Got Right. Mike Masnick's post-mortem.
* The FDA's instructions about pharmaceutical search marketing have led to lots of confusion. See Search Engine Land and the NYT.
* NYT: "Never Mind What It Costs. Can I Get 70% Off?"
* Tsan Abrahamson on social media and marketing law.
* Asis Internet Servs. v. Consumerbargaingiveaways. A district court diverges from Mummagraphics and says CAN-SPAM does not preempt CA's anti-spam law even if there is no common law fraud.
* Jackson v. American Plaza Corp., No. 08-8980 (S.D.N.Y. April 28, 2009), A Craiglist advertiser isn't a third party beneficiary of Craigslist's contract for purposes of stopping another advertiser from breaching the contract (in this case, spamming the forum).
Defamation
* Gardner v. Martino (9th Cir. April 24, 2009). I'm not a fan of talk radio, and the 9th Circuit apparently isn't either. The court upheld an anti-SLAPP dismissal of a defamation claim against the radio talk show host because "The Tom Martino Show is a radio talk show program that contains many of the elements that would reduce the audience’s expectation of learning an objective fact: drama, hyperbolic language, an opinionated and arrogant host, and heated controversy." Accord DiMeo v. Max. As Marc Randazza notes, rulings like this pose a challenge for those who think contextually ridiculous statements should be treated as "cyberbullying" or "cyber-harassment." Cf. the Finkel v. Facebook case involving asinine but clearly meaningless chatter on a private Facebook page.
* Some big defamation losses reported by CMLP:
- Blogger hit with $1.8M damage award.
- $12.5M defamation judgment against a gripe site.
* CMLP has a page organizing all of its 47 USC 230 material.
Intellectual Property
* Publicly republishing a private email leads to a default judgment of copyright infringement.
* Bryant v. Europadisk, Ltd., 2009 WL 1059777 (S.D.N.Y. April 15, 2009). In 2000, musicians authorized distributors to distribute their [hard copy] recordings, which the defendants ultimately ripped and allowed Amazon and Rhapsody to deliver via downloading. The resulting lawsuit turned on the interpretation of the license agreement term “internet sites.” The court says the term "is not ambiguous and does not extend to websites selling digital copies of songs. At the time the parties entered into the agreements, The Orchard sold physical copies only. As its Vice President explained by affidavit testimony, digital downloads of music did not become a “viable business” until iTunes was launched in approximately April 2004, long after Media Right and Gloryvision entered into contract."
* Octomom is seeking trademark registrations.
Miscellaneous
* GeoCities is shutting down.
* eBay will referee customer disputes.
* Wilson Sonsini's VC financing term sheet generator.
* Oddee: 10 Most Bizarre [Online] Gaming Incidents
Posted by Eric at 06:31 AM | Adware/Spyware , Content Regulation , Copyright , Derivative Liability , E-Commerce , Internet History , Licensing/Contracts , Marketing , Spam , Trademark , Virtual Worlds | TrackBack
April 14, 2009
Robert Steinbuch Loses Another Round--Steinbuch v. Hachette
By Eric Goldman
Steinbuch v. Hachette Book Group, 2009 WL 963588 (E.D. Ark. April 8, 2009). The Justia page.
Law professor Robert Steinbuch, a male "protagonist" from the notorious and risque Washingtonienne blog by Jessica Cutler, suffered another courtroom loss. As far as I can tell, he is fighting the battle against Cutler now on three fronts: (1) the 4 year old lawsuit against Jessica Cutler directly, (2) a lawsuit against Hyperion, the publisher of Jessica's novel (after the district court dismissal, the lawsuit was partially revived by the 8th Circuit), and (3) this lawsuit against Hachette, the distributor for the Hyperion-published book.
In this ruling, the court grants Hachette's 12(b)(6) motion to dismiss with leave to amend. Overall, the court criticizes Steinbuch (who is now acting pro se) for a sloppy complaint:
Despite the enumeration of six claims for relief, the real nature of Steinbuch's claim, as alleged in the complaint, appears to be a claim for public disclosure of private facts. Little effort appears to have been made to plead more than labels and conclusions with respect to the other five claims for relief. On each of those claims, Steinbuch appears to rely on a formulaic recitation of the elements of the cause of action, which the Supreme Court has held will not do.
It's not exactly clear how rulings like this improve Steinbuch's reputation.
Because of the conclusory allegations, the court breezily dismisses the claims other that public disclosure of private facts. That claim fails because Steinbuch did not allege the heightened scienter required to hold book distributors liable for the books they distribute. The court also notes, without resolving, potential concerns about Steinbuch's core argument that Cutler violates Steinbuch's privacy by disclosing their mutual sexual affair:
it should be noted that the parties have not briefed, and the Court has not considered, the issue of whether, if A and B conjoin [Eric's note: conjoin???] in a private place, and A later decides to publish an account of her experience in that encounter, B can bring an action for invasion of privacy. To put it another way, in that circumstance, does A need B's consent to publish an account of her experience with him?
As I've said before, 3 separate lawsuits spanning 4 years qualifies in my book as a really bad breakup.
Posted by Eric at 01:58 PM | Content Regulation | TrackBack
April 13, 2009
Blogspot Sued for Dead Blogger's Content--Davis v. Google
By Eric Goldman
Davis v. Google, 09 CH 15753 (Cook County Ct. complaint filed April 9, 2009)
Venkat sent a very interesting lawsuit this morning that raises some complex policy issues. The complaint alleges that Sean Healy created a blog at unknowncolumn.blogspot.com and posted defamatory content about speedskater Shani Davis' mom, Cherie Davis. [I believe the post in question is at http://unknowncolumn.blogspot.com/2006/02/memo-to-cherie-davis.html -- I'm not going to link to it, but it did show up as my first search result for "Cherie Davis"]. The complaint further alleges that Healy is now deceased, so he can no longer remove the content on Cherie's demand, and he did not have a "probate estate" to take over his blog. As a result, Cherie feels like she has nowhere to turn to clean up the alleged defamation, so she is suing Google's Blogspot for a takedown injunction.
On the face of it, the lawsuit is clearly preempted by 47 USC 230, and Google ought to get a quick and unambiguous win. However, there are some lurking policy issues about dealing with online content posted by now-deceased individuals:
* Presumably the content and the account passed through Healy's estate. Even if there was no "probate estate," whatever that means, there is still a legal protocol for succession of Healy's assets--including the copyrights in his blog. So someone now owns Healy's blog, and it should be possible to determine who that is.
* Even if the legal rights have been allocated, taking control over a deceased accountholder's account is not always easy. The last time I recall this issue being discussed, it was in the context of taking control over deceased military personnel's email accounts. Online providers have different policies about how to deal with this--and for good reason, as too loose a policy could enable account hijacking, plus there may be concerns about the deceased accountholder's privacy. I wonder what Blogspot's policy is. This issue won't come up often, but it will definitely come up again.
* If Cherie can't sue Healy's estate, instead of suing Blogspot, I wonder if Cherie could seek a declaratory judgment that the content is defamatory. I would be shocked if Blogspot wouldn't honor a declaratory judgment in Cherie's favor, and it's not exactly like Healy would contest it.
* If Blogspot won't voluntarily remove the content, I wonder if Cherie could have more cost-effectively achieved the same net result through a reputation management service. A good reputation management service should be able to obscure several year old content that hasn't been recently refreshed.
Posted by Eric at 08:52 AM | Content Regulation , Derivative Liability | TrackBack
April 11, 2009
Q1 2009 Quick Links, Part 3
By Eric Goldman
Blogging and Social Networking Sites
* A new version of the EFF Legal Guide to Blogging. While you're there, consider joining EFF as a member. The EFF does first-rate work, and they can use all the support they can get in this economic downturn.
* Red Tape Chronicles: "Blogger: Cash4Gold tried to 'bribe' me."
* Klein v. City of Laguna Beach, 594 F. Supp. 2d 1142 (C.D. Cal. Jan. 23, 2009): "many of the cases striking down ordinances that restrict sound-amplification equipment are artifacts of a bygone age that offered activists few media of mass communication. Twenty, thirty, or fifty years ago, a sound truck was an important means of spreading a message to a large group of people. Now, one must only have a computer and a printer to publish a newsletter or handbill. The Internet, e-mail, text messaging, and widespread mobile communications devices have made it easier than ever to reach a large audience on a small budget. Indeed, it might be easier for Mr. Klein to reach the youth he wishes to target by using Facebook or MySpace."
* Maybe everyone already knew this, but I learned something interesting about Blogger. Apparently in some cases they will place an interstitial warning in front of certain user-posted content.
* Doninger v. Niehoff, 2009 WL 103322 (D. Conn. Jan. 15, 2009). On remand from the Second Circuit, the district court denies damages for a student whose off-campus blog entry led to school discipline. At the same time, Wendy Davis reports on how a Conn. Bill Would Protect Students' Free Speech Online:
* Funny article on Facebook's efforts to police against people who create funny account names, which sometimes ensnares people who actually have funny names like Batman, Six, Super, Pancake and Kisser.
* Facebook Sex-Extortion Plot: a boy pretends to be a girl, gets boys to send naked photos to him, and then threatens to go public with the photos unless they consent to sex with him.
* Dynamic Sports Nutrition, Inc. v. Roberts, 2009 WL 136023 (S.D. Tex. Jan. 16, 2009). A former employee republishing confidential information via his blog is enjoined.
* We now know that Facebook settled with ConnectU for $65M. However, ConnectU might get a little more cash after this information was inadvertently disclosed by its former counsel, Quinn Emanuel, in a marketing brochure.
* Facebook gets TRO against Wallace.
* Some people gave up Facebook for Lent.
* Reuters writes up a shocking study: many teens on MySpace post things they might regret.
* State v. Hause, 2009 WL 295404 (Ohio App. Ct. Feb. 9, 2009). Facebook photos help convict a woman for allowing minors to drink alcohol in her house.
* U.S. v. Villanueva, 2009 WL 455127 (11th Cir. Feb. 25, 2009). MySpace photo and YouTube video showing defendant holding firearms contribute to sentence enhancements for firearms charges.
* John Palfrey & Adam Thierer discuss Palfrey's arguments to "improve" 47 USC 230 by reversing Doe v. MySpace.
Defamation/Cyberbullying
* JuicyCampus has shut down. LA Times, Chronicle of Higher Education, CMLP.
* Lengthy article on the AutoAdmit lawsuits. And a mixed ruling in Ciolli v. Iravani.
* Noonan v. Staples (1st Cir. Feb. 13, 2009). Truth is NOT an absolute defense to defamation in Massachusetts, which apparently also has seceded from the Union because the First Amendment no longer seems to apply.
* Neuwirth v. Silverstein, 2009 WL 294737 (Cal. App. Ct. Feb. 9, 2009). Reiterating that a website can be a public forum for purposes of anti-SLAPP laws. The CMLP writeup.
* Douchebags Lawsuit dismissed. Marc Randazza mocks the lawsuit.
* Rios v. Fergusan, 2008 WL 5511215 (Conn. Super. Ct. Dec. 3, 2008). Connecticut court has jurisdiction to issue restraining order against North Carolina man who posted YouTube video threatening Connecticut woman.
* Fahmy v. Hogge, 2009 WL 33418 (C.D.Cal. Jan. 2, 2009). Court denies Fahme's motion to set aside the dismissal based on lack of jurisdiction because Fahme made the error that caused the dismissal.
* 24Grille v. TripAdvisor (complaint filed April 2, 2009). Restaurant sues TripAdvisor for anonymous TripAdvisor review. Hello 230!
* Censorious laws brewing in WV and NJ.
Yelp
I have been meaning to post about my experiences with Yelp as a reader and a writer, but that has been repeatedly deferred. So, instead, how about a quick recap of Yelp’s woes? Yelp has been under the microscope quite a bit in the last few months.
* Wendy Davis recaps all the Yelp-related litigation she and I could find--at least 5 known cases. CMLP recaps a couple of the lawsuits.
* This East Bay Express article about Yelp caused quite a stir. It was followed up with more attributed sources. A number of other media outlets covered Yelp, including News.com and the NYT. For a full rundown of Yelp haters, check out the Eater coverage.
Wikipedia
* 25 Biggest Blunders in Wikipedia History.
* Two books about Wikipedia I’ve been checking out.
- Wikipedia, the Missing Manual.
- How Wikipedia Works.
Pornography
* Mukasey v. A.C.L.U., No. 08-565. The Supreme Court declined the cert petition regarding the challenge to the 1998 Child Online Protection Act, officially killing the law after a decade of litigation. Putting aside the merits of the law, it would have been a huge shock to the Internet community to have a circa-1998 criminal act resurrected! I'd like to think Congress will be wiser than to try to criminalize Internet porn a third time, but the regulation of Internet porn is like a siren song to Congressmembers.
* State v. Hurst, 2009 WL 580453 (Ohio App. Ct. March 6, 2009). From the unfortunately-named Licking County courts, the defendant downloaded 14,000 pornographic photos into his work computer's local cache in a five day period (he acknowledged he spent 70% of his workday downloading porn). An expert said that about 50 of the photos were child pornographic. The defendant was convicted of possessing child pornography even though he argued that he didn't intentionally download the photos, getting a 39 month sentence and classified as a sex offender.
* Excellent article by Colette Vogele on suing over a sex tape.
Gambling
* The credit card payment systems blocked the New Hampshire Lottery due to the Unlawful Internet Gambling Enforcement Act of 2006.
* Peer-to-peer gambling OKed in Washington.
Posted by Eric at 12:53 PM | Content Regulation , Derivative Liability , Internet History , Privacy/Security | TrackBack
April 04, 2009
Republishing MySpace Post in Local Paper Might Be Intentional Infliction of Emotional Distress--Moreno v. Hanford Sentinel
By Eric Goldman
Moreno v. Hanford Sentinel, Inc., 2009 WL 866795 (Cal. App. Ct. April 2, 2009)
This is one of the most interesting cases I've seen in a while. Moreno was a UC Berkeley undergraduate who grew up in Coalinga, a small town in California's Central Valley whose attractions include a prison, a mental health institution and Harris Ranch, one of the most odoriferous spots on Highway 5. (Coalinga was also the site of a big quake in 1983). After revisiting her hometown, Moreno posted an essay, "An Ode to Coalinga," on her MySpace page. I have not seen the ode, but it was a 700 word essay that started "the older I get, the more I realize how much I despise Coalinga" and then made very negative comments about the town and its residents. Moreno apparently had a change in heart and took the essay down in 6 days. However, while it was posted, the Coalinga high school principal saw the post and submitted it to the Coalinga Record newspaper, which published it as a letter to the editor under Moreno's full name. The community response to the published essay was severe; according to the court, "Appellants received death threats and a shot was fired at the family home, forcing the family to move out of Coalinga. Due to severe losses, [the dad] closed the 20-year-old family business."
Moreno and some of her family members sued a variety of defendants for public disclosure of private facts and intentional infliction of emotional distress. The newspaper defendants were dismissed through an anti-SLAPP motion to strike, leaving the principal and the school district as the defendants.
The privacy invasion claim was easily rejected. Once Moreno posted the essay to an open-to-the-public MySpace page (even if only briefly), it was no longer private. As the court says, "the fact that Cynthia expected a limited audience does not change the above analysis. By posting the article on myspace.com, Cynthia opened the article to the public at large. Her potential audience was vast." It also did not matter that Moreno did not use her last name on her MySpace page; the court says that her identity was readily ascertainable from her MySpace page (which included a photo)..
However, the intentional infliction of emotional distress claim wasn't ready to dismiss. The jury will get to decide if the defendants' conduct was extreme and outrageous. Personally, I would like to know more why the principal did what he did.
Observations about this case:
1) According to this article, the Coalinga Record editor who republished the essay was fired.
2) Although the newspaper publishers fortunately escaped liability on anti-SLAPP grounds, if they had republished the essay only online, it should have been an easy 47 USC 230 win.
3) You know the cliche: never post anything online that you don't want repeated on the front page of the newspaper. Proven true once again.
4) And on that front, I think some folks assume that they can "take back" Internet-published content by taking it down. As this case reinforces, in some circumstances there is no "do-over." As I describe in my talks on blogs and social networking sites, every time I hit the "publish" button, I'm betting my house. In this case, Moreno effectively bet her parents' house and business when she hit the publish button.
5) The court notes that a copyright infringement claim isn't in front of it. I wonder what the publishers' copyright liability analysis would look like. I suspect the copyright damages wouldn't be great, but I still wonder why the claim wasn't apparently brought.
6) This case provides more evidence that community members don't like to see their community disparaged. I'm reminded of the recent James Andrews kerfuffle. Andrews, a PR executive at Ketchum, was on his way to Memphis to make a presentation at FedEx about using social media when he Twittered "True confession but i’m in one of those towns where I scratch my head and say “I would die if I had to live here!”" That didn't go over so well with the FedEx folks following his Twitter account.
7) Nevertheless, I wonder if the violent and ostracizing community response to Moreno's post didn't in fact validate some of her critiques.
More on this case from Law.com and the Central Valley Business Times.
Posted by Eric at 06:47 PM | Content Regulation , Derivative Liability , Publicity/Privacy Rights | TrackBack
March 25, 2009
Web Host Convicted of State Child Porn Crimes Despite 230--People v. Gourlay
By Eric Goldman
People v. Gourlay, 2009 WL 529216 (Mich. App. Ct. March 3, 2009)
Hot on the heels of the Cook County Sheriff's publicity stunt filing against Craigslist, we get an interesting but complicated ruling exploring the application of 47 USC 230 to state criminal laws. The ruling tries to distinguish between ordinary web hosts and the defendant's behavior, and in doing so finds an adequate basis to punish the defendant for his role in producing and disseminating child pornography.
This prosecution is part of the fallout from "Justinscam," a tragic and well-documented story first told in exhaustive detail in this 2005 New York Times article (and its correction; see the NY Magazine for more about the NYT reporter's unorthodox and controversial role in the story). According to the opinion, at age 13, Justin Berry got a webcam and eventually started broadcasting pornographic images of himself over the Internet. The defendant, Kenneth Gourlay, operated Chain Communications, the host of the Justinscam website. Gourlay then engaged in a dialogue with Berry that ultimately led to the creation of two additional websites, JFWY and mexicofriends. With respect to the crimes on appeal, I quote the relevant portion of the opinion:
"The prosecution of defendant was based on the theory that defendant, knowing that the purpose of the JFWY and mexicofriends websites was to allow Internet viewers to watch Berry engage in pornographic acts, was an active participant in the creation of the two websites. The...prosecution presented evidence (1) that defendant knew Berry hosted his own pornographic website, that Berry wished to take this website, the justinscam website, to the “next level,” and that the purpose of both the JFWY and mexicofriends websites was for others to see pornographic images of Berry, (2) that defendant hosted the two websites with Chain Communications and registered the domain names, (3) that defendant programmed the websites with the JAVA applet to create a near live streaming video image, (4) that defendant created the members-only sections for the websites, and (5) that defendant provided Berry with an advanced web camera when he visited Berry in Mexico. In addition, in online conversations, defendant told Berry that Berry should “milk the cam for all its worth,” that Berry “got the money shots right before” Berry turned the web cam off, and that some high resolution images of the “money shots” would be nice in the website's members-only section."
The Wikipedia entry on Justin Berry also discusses Gourlay's repeated molestation of Berry. Based on this fact alone, Gourlay is destined for significant jailtime, and Gourlay's involvement in Berry's website is almost besides the point. Accordingly, personally I think the court's discussion about the web hosting relationship is hugely colored by the criminal molestation, which makes it hard to disaggregate the court's feelings if this was truly only a customer/vendor relationship.
Nevertheless, focusing only on the facts discussed by the court, Gourlay was more involved with Berry's websites than a typical hosting vendor would be. Gourlay was allegedly providing custom software programming, hardware and recommendations about content decisions to Berry. In a footnote, the court says:
We note that, although defendant claims on appeal that he was merely providing standard web hosting duties to Berry for the JFWY and mexicofriends websites, there was no evidence presented at trial that many of the services defendant provided to Berry for the two websites, such as use of the applet, the creation of members-only pages, the technical assistance given to members of the two websites, and the registration of domain names, were provided for any of Berry's other websites or to other clients of Chain Communications.
A jury ultimately convicted Gourlay of:
* two counts of child sexually abusive activity, MCL 750.145c(2)
* two counts of using a computer to communicate with another to commit child sexually abusive activity, MCL 750.145d(2)(f)
* two counts of distributing or promoting child sexually abusive material, MCL 750.145c(3)
* two counts of using a computer to communicate with another to commit distribution of child sexually abusive material, MCL 750.145d(2)(d)
* third-degree criminal sexual conduct (CSC), MCL 750.520d(1)(a), and
* soliciting a child for immoral purposes, MCL 750 .145a.
Although in this ruling the appellate court reversed the sentencing decision of the trial judge, Gourlay will be going to jail for a substantial period of time.
On appeal, Gourlay claims that the pornography-related offenses were preempted by 47 USC 230. The court says that some of the elements of a 230 defense are met; "There is no dispute that Berry was an information content provider for the JFWY and mexicofriends websites and that defendant, acting as Chain Communications, was an interactive computer service provider."
The state argued that 230 didn't apply because 230 covers only civil claims, not criminal claims. It's true that 230(e)(1) excludes federal crimes from the immunity, but the plain language of the statute is clear that state criminal prosecutions are preempted. The court easily concludes that "Congress intended that no liability may be imposed under a state criminal law that is inconsistent with § 230."
Nevertheless, the court concludes that the jury didn't need to be instructed about 47 USC 230 (which, it sounds like, defense counsel at trial may not have been aware of). The crime of child sexually abusive activity requires the state "to prove that the defendant 'persuade[d], induce[d], entice[d], coerce [d], cause[d], or knowingly allow[ed] a child to engage in a child sexually abusive activity for the purpose of producing any child sexually abusive material.'" The court says that a typical web host does not fulfill the scienter requirements:
An interactive computer service provider, by providing bandwidth, by publishing content that was generated by an information content provider's use of the service's general features and mechanisms, or by knowing of the nature of the published content, has not taken an intentional action directed toward a child to engage the child in child sexually abusive activity.
Therefore, the conviction could be consistent with 230. I didn't exactly follow the court's logic here, and I would be very interested to see how a jury would react in this case if told the foregoing quote. Inferentially, the court is saying that 230 does not apply because Gourlay as a vendor did more than provide bandwidth, publish content and know the contents being published.
With respect to the distribution count, the court lays out the prosecution's burden: "(1) the defendant distributed or promoted child sexually abusive material, (2) the defendant knew the material was child sexually abusive material at the time of distribution or promotion, and (3) the defendant distributed or promoted the material with criminal intent." The court says that some prosecutions under this statute would be preempted by 230 if the prosecution's theory was that "an interactive computer service provider distributes child sexually abusive material with the intent that it be seen by others when, after receiving notice of the material, keeps the material available to be viewed or discovered by others." In other words, failure to respond to a C&D/takedown notice would not convert the provider into a criminal distributor under 230.
Instead, based on the facts I quoted above, the court says that the prosecution's theory is that "defendant, knowing that the purpose of the JFWY and mexicofriends websites was to allow Internet viewers to watch Berry engage in pornographic acts, was an active participant in the creation of the two websites." Given that Gourlay defended on lack of knowledge grounds, not lack of involvement, the court said the conviction was consistent with 230.
This is a complicated case overlaying a tragic situation, but let me offer three implications:
* this case is a good reminder of the toxicity of child porn. As I teach in Cyberlaw class, if you run into child porn, you want to put it as far away from you as possible. Gourlay did not do that. Gourlay’s behavior would be more understandable if Gourlay didn't know there was child porn taking place and thought Berry was over 18 (he claimed both). I suspect the jury found those assertions hard to believe. If Gourlay had any doubts about his beliefs, he should have done more--a lot more--to investigate them.
* Although I think it's a close call, I think that on these facts and based on the precise wording of these statutes, I think the appellate court got it right that 230 doesn't protect Gourlay for the creation and dissemination of child porn. I would be very troubled by that conclusion if Gourlay was purely a technology provider, but the court was clear to distinguish 230's application to the provision of technology. What put Gourlay over the edge for me is the alleged facts that Gourlay appeared to become a co-venturer with Berry and took on a quasi-producer role, and apparently encouraged Berry to increase the pornographic content of the sites--all in the face of Berry being a young teen.
* While I think the court got it right, I'm also disappointed that the jury didn't learn about 47 USC 230. I'm not sure it would have produced a different result, but I imagine a jury would find the fact that Congress provided strong immunities for some of Gourlay's behavior potentially important. All of this reinforces the importance of finding lawyers who know the technology and the applicable law. I suspect many criminal defense lawyers have never heard of 47 USC 230, so it's not surprising if the trial lawyer didn't raise it, but a lawyer who knew that law might have been able to tilt the odds a little more in Gourlay's favor.
Tom O'Toole is similarly unsure what to make of the case.
Posted by Eric at 07:26 AM | Content Regulation , Derivative Liability | TrackBack
March 12, 2009
Rip-off Report Lawsuit Updates: Certain Approval Programs and Ecommerce Innovations
By Eric Goldman
Certain Approval Program v. Xcentric
Certain Approval Programs, L.L.C. v. XCentric Ventures L.L.C., 2009 WL 596582 (D. Ariz. March 9, 2009). I previously blogged about this case in November. This ruling is in response to the plaintiff's request to file an amended complaint, which Rip-off Report resisted on several grounds. Of particular interest is the plaintiff's desire to add a claim for “misappropriation of name or likeness." Rip-off Report responded that such a claim is futile due to 47 USC 230. The court rejected the futility argument at this early procedural stage, saying
Plaintiffs have alleged enough facts regarding Defendants' “creation or development of information provided through the Internet or any other interactive computer service” to make it plausible that Defendants are an “information content provider” for some content and therefore the CDA does not completely immunize Defendants.
This is not the first time that plaintiffs' allegations against Rip-off Report have survived the equivalent of a motion to dismiss, but getting further into the litigation process has proven difficult for plaintiffs.
The court didn't reach the issue, but it's also germane to the futility argument whether a "misappropriation" claim is even preempted by 230 at all or if qualifies as an "intellectual property" claim that is excluded from the immunization. Compare ccBill and Friendfinder.
Ecommerce Innovations v Doe
Ecommerce Innovations, L.L.C. v. Does 1-10, No. MC-08-93 (D. Ariz. Feb. 10, 2009). Thanks to Jeff Neuburger for calling attention to this case. In this case, a defamation plaintiff is seeking identifying information for an anonymous Rip-off Report contributor. The Rip-off Report initially fought the request, but the district court ordered Rip-off Report to comply because the plaintiff had established a prima facie case. The Rip-off Report responded that it plans to appeal the judge's order to the Ninth Circuit, and the district court has stayed the order pending the appeal (although I can't find any evidence that the appeal has been filed yet). As Jeff points out, an appeal by Rip-off Report may prompt the Ninth Circuit to articulate its standards for when plaintiffs can unmask anonymous defendants; it also could become a backdoor way to gauge the Ninth Circuit's attitude towards Rip-off Report in light of some ambiguous language in the initial Ninth Circuit Roommates.com opinion.
Posted by Eric at 11:54 AM | Content Regulation , Derivative Liability , Privacy/Security , Publicity/Privacy Rights | TrackBack
March 11, 2009
The Third Wave of Internet Exceptionalism
By Eric Goldman
[I initially wrote this as an editorial for our University magazine and republished that version through InformIT as well. Here's the original unedited version I submitted.]
From the beginning, the Internet has been viewed as something special and “unique.” For example, in 1996, a judge called the Internet “a unique and wholly new medium of worldwide human communication.”
The Internet’s perceived novelty has prompted regulators to engage in “Internet exceptionalism,” crafting Internet-specific laws that diverge from regulatory precedents in other media. Internet exceptionalism has come in three distinct waves:
The First Wave: Internet Utopianism
In the mid-1990s, some people fantasized about an Internet “utopia” that would overcome the problems inherent in other media. Some regulators, fearing disruption of this possible utopia, sought to treat the Internet more favorably than other media.
47 USC 230 (a law still on the books) is a flagship example of mid-1990s efforts to preserve Internet utopianism. The statute categorically immunizes online providers from liability for publishing most types of third party content. It was enacted (in part) “to preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services, unfettered by Federal or State regulation.” The statute is clearly exceptionalist because it treats online providers more favorably than offline publishers—even when they publish identical content.
The Second Wave: Internet Paranoia
Later in the 1990s, the regulatory pendulum swung in the other direction. Regulators still embraced Internet exceptionalism, but instead of favoring the Internet, regulators treated the Internet more harshly than analogous offline activity.
For example, in 2005, a Texas website called Live-shot.com announced that it would offer “Internet hunting.” The website allowed paying customers to control, via the Internet, a gun on its game farm. An employee manually monitored the gun and could override the customer’s instructions. The website wanted to give people who could not otherwise hunt, such as paraplegics, the opportunity to enjoy the hunting experience.
The regulatory reaction to Internet hunting was swift and severe. Over 3 dozen states banned Internet hunting. California also banned Internet fishing for good measure. However, regulators never explained how Internet hunting is more objectionable than physical space hunting.
For example, California Sen. Debra Bowen criticized Internet hunting because it “isn't hunting; it's an inhumane, over the top, pay-per-view video game using live animals for target practice….Shooting live animals over the Internet takes absolutely zero hunting skills, and it ought to be offensive to every legitimate hunter.”
Sen. Bowen’s remarks reflect numerous unexpressed assumptions about the nature of “hunting” and what constitutes fair play. In the end, however, hunting may just be “hunting,” in which case the response to Internet hunting may just be a typical example of adverse Internet exceptionalism. [For more, check out my 2005 editorial on Internet hunting.]
The Third Wave: Exceptionalism Proliferation
The past few years have brought a new regulatory trend. Regulators are still engaged in Internet exceptionalism, but each new advance in Internet technology has prompted exceptionalist regulations towards that technology.
For example, the emergence of blogs and virtual worlds has helped initiate a push towards blog-specific and virtual world-specific regulation. In effect, Internet exceptionalism has splintered into pockets of smaller exceptionalist efforts.
Regulatory responses to social networking sites like Facebook and MySpace are a prime example of Internet exceptionalism splintering. Rather than regulating these sites like other websites, regulators have sought social networking site-specific laws, such as requirements to verify users’ age, combat sexual predators and suppress content that promotes violence. The result is that the regulation of social networking sites differs not only from offline enterprises but from other websites as well.
Implications
Internet exceptionalism is not inherently bad. In some cases, the Internet truly is unique, special or different and should be regulated accordingly. Unfortunately, more typically, exceptionalism cannot be analytically justified and instead reflects regulatory panic.
In these cases, regulatory exceptionalism can be harmful, especially to Internet entrepreneurs and their investors. It can distort the marketplace between web enterprises and their offline competition—occasionally advantaging the website (such as 47 USC 230), but typically hindering the web business’ ability to compete. In extreme cases, such as Internet hunting, unjustified regulatory intervention may put companies out of business.
Accordingly, before enacting exceptionalist Internet regulation, regulators should articulate how the Internet is unique, special or different and explain why these differences support exceptionalism. Unfortunately, emotional overreactions to perceived Internet threats or harms typically trump such a rational regulatory process. Knowing this tendency, perhaps we can better resist that temptation.
Posted by Eric at 12:20 PM | Content Regulation , Derivative Liability , Internet History | TrackBack
March 05, 2009
Cook County Sheriff Sues Craigslist for Erotic Services Category
By Eric Goldman
Dart v. Craigslist, Inc., 09-CV-1385 (N.D. Ill. complaint filed March 5, 2009)
Dart, the Cook County, Illinois sheriff, has sued Craigslist in federal court for creating a "public nuisance" because its "Erotic Services" category facilitates prostitution. Unfortunately for Dart, this lawsuit is almost certainly preempted by 47 USC 230:
* 47 USC 230 covers the publication of third party ads. See Cisneros v. Yahoo.
* 47 USC 230 preempts a civil claim that is derived from a criminal statute. See, e.g., Voicenet v. Corbett; Doe v. Bates. The federal crimes exception only applies to the enforcement of federal criminal statutes. Therefore, a civil claim based on state or local criminal laws is unambiguously preempted.
* Although hardly a model of clarity, last year the Seventh Circuit clearly held that Craigslist was covered by 47 USC 230 in a claim that Craigslist violated the Fair Housing Act.
* In distinguishing the Seventh Circuit Craigslist case, the Ninth Circuit's Roommates.com case pointed out that Craiglist's listings were open narratives and therefore fully covered by 47 USC 230. The complaint's allegations that Craigslist was involved in creating the bad content because of its category title, search functions and other attributes aren't likely to get around either the Seventh Circuit or Ninth Circuit precedent.
* Indeed, the Seventh Circuit concluded its opinion by pointing out that the Craigslist ads made it easier to find lawbreakers:
Using the remarkably candid postings on craigslist, the Lawyers’ Committee can identify many targets to investigate. It can dispatch testers and collect damages from any landlord or owner who engages in discrimination....It can assemble a list of names to send to the Attorney General for prosecution. But given §230(c)(1) it cannot sue the messenger just because the message reveals a third party’s plan to engage in unlawful discrimination."
All of which is true here as well, and all of which is a good reason why the Seventh Circuit isn't likely to reach a different result here.
At a few points, the complaint implies that Craiglist harmed the sheriff's office because the office spent $105,000 busting 156 individuals for prostitution through Craigslist. WHAT?! Enforcing laws is what the sheriff's office is given taxpayer money to do! And, at less than $700/arrest, I wonder if this is CHEAPER than trying to bust prostitution criminals through other techniques. In other words, it's possible that Craigslist makes it cheaper for the sheriff's office to do its job, so to claim any harm by spending taxpayer money to do its job is ludicrous.
While this lawsuit is little more than a sad publicity stunt by the sheriff's office, I remain uncertain whether or not it's a good thing for Craigslist to have an "erotic services" category. I understand the argument that it centralizes these ads in one place rather than having these ads spammed through other Craiglist categories, but I'm confused what, if any, "erotic services" advertised in this category are ever legal. If everything directed to this category is always illegal, it seems like Craigslist could, and perhaps should, voluntarily choose to eliminate the category altogether. That may require Craigslist to invest some more resources policing its other categories to prevent their spamming/hijacking by the dispersed ads, but that may be the unavoidable cost of a free classified ads service.
UPDATE: A reader points out the Craigslist FAQs:
Q: Why does craigslist have an "erotic services" category?
A: It was established at the request of craigslist users, who were tired of seeing ads for escort services, sensual massage, adult web cams, phone sex, erotic dancing, adult websites, nude housecleaning, etc mixed into the regular personals and services categories.
So it seems that there could be some non-illegal activities mixed into this category. Not having checked out the category myself (and not really wanting to do so from my work computer...), I wonder what percentage of posts actually offer these alternative services? i.e., do users actually regularly post nude housecleaning ads?
UPDATE 2: Craigslist says that its existing deal with the state AGs has reduced erotic services ads 90-95% in 12 months.
Posted by Eric at 01:45 PM | Content Regulation , Derivative Liability | TrackBack
March 03, 2009
Facebook Sued Over Private Facebook Group--Finkel v. Facebook
By Eric Goldman
Finkel v. Facebook, Inc., 102578-09 (N.Y. Supreme Ct. complaint filed Feb. 24, 2009).
A New York teenager has sued Facebook and four Facebook users (plus their parents) for allegedly defamatory content posted in a private Facebook group called "90 Cents Short of a Dollar."
This case fits neatly with other legal battles over "cyber-bullying" (whatever that means), such as the AutoAdmit lawsuits, the Sandler case and the Lori Drew case. (For another recent and troubling example of cyber-bullying that I read just this morning, see Wolfe v. Fayetteville, Arkansas School Dist., 2009 WL 485400 (W.D. Ark. Feb. 26, 2009)).
In this case, the plaintiff's school peers said some not-nice things about her in a private Facebook page. The Newsday article has some more color about the sour relationships between Finkel and the defendants. The plaintiff claims that the posts meant that "the plaintiff was a woman of dubious morals, dubious sexual character, having engaged in bestiality, an 'I V drug user' as well as having contracted the H.I.V. virus and AIDS."
With respect to the claim against Facebook, this lawsuit is unquestionably DOA. Frankly, I'm not sure why the plaintiff bothered to sue Facebook. Facebook is completely immunized per 47 USC 230, and this should be an easy dismissal. The complaint didn't even try to do anything fancy to get around 230; in fact, the complaint alleges that Facebook "published" the content, the absolutely wrong allegation to make if you're trying to bypass 230. I think it significantly detracts from the sympathy we might otherwise feel for plaintiff for her to have futilely dragged Facebook into the lawsuit. And, it ensures there will be at least one aggressive defendant in the lawsuit.
With respect to the school peers' liability, this case raises some interesting and complex questions. First, and most obviously, how did the plaintiff get a copy of the private group's postings? This reminds me a little of the Washingtonienne case, although access to Cutler's blog wasn't technologically restricted like it was in Facebook.
Side note: the republication of the private group's posts in this complaint reminds us once again that we always have to be prepared for our digital words to show up on the front page of a national newspaper. In particular, including the transcript to the complaint without a protective order was an aggressive move; I suspect other people reading the transcript for the first time will not be happy.
Second, there were only 6 group members listed on the exhibit, which means the total universe of listeners for any defamatory statement was 5 other folks (the person posting the statement doesn't count). This may severely circumscribe any damages. Third, given that this group of 6 presumably represented a social clique with its own norms and mores, it's entirely possible that the small universe of readers completely understood that superficially factual statements weren't really factual and were never intended to be. In this respect, I'm reminded a little of the DiMeo v. Max case, where the judge adjusted the evaluative standards to reflect the fact that message boards fostered a laxer conversation, and readers understood that. A quick perusal of the posts suggests that all of them clearly were utter nonsense and, I suspect, fully understood by all readers to be inane and meaningless chatter. Finally, the posts apparently never referred to the plaintiff by name, although this may be irrelevant if everyone knew who was being discussed.
The lawsuit also goes after the students' parents. Among other things, to try to establish liability, the complaint alleges that the parents negligently supervised their children. I'd gladly write a $100 check today if the plaintiff or her lawyers could articulate a foolproof way that parents can use to prevent high schoolers from doing stupid things on Facebook (without denying them access to Facebook altogether).
From my perspective, going to court over this matter was not a good decision. Nevertheless, I remain troubled by the examples of mean behavior among students that I'm seeing in the alerts I'm getting. For example, the Wolfe and Sandler cases I mention above are absolutely horrifying. Even though I graduated high school nearly 25 years ago, reading about meanness among high schoolers still gives me the shakes, reminding me how bad high school can be! And it weighs heavily on my mind as a parent. However, I can't imagine any legal solution that will make people be less mean to each other.
Posted by Eric at 02:34 PM | Content Regulation , Derivative Liability | TrackBack
February 03, 2009
Social Networking Sites and Blogs Talk for Students
By Eric Goldman
Today I gave a talk entitled "Social Networking Sites and Blogs" for the on-campus Student Intellectual Property Law Association (SIPLA). My slides. In conjunction with this, I thought it might be useful to organize a bibliography of my previous postings and materials on these topics.
Blogs Generally
* Three part series on blogging: How I decide which blogs to read?, Should I blog? and If I decide I want to blog, how do I get started?
* LexBlog Q&A with Rob La Gatta, parts 1 and 2
* Blogging, Scholarship and the Bench and Bar Panel Recap
* North Carolina Blogging Conference Recap
* Recaps of the first and third gatherings of the Bay Area Blawgers
Blog Law
* A Guest Blogger's "Meta" Post About Guest Blogging
* Blog Content Aggregation, RSS Feeds and Copyright Law
* Steinbuch v. Cutler: New Lawsuit Over Blogging--Steinbuch v. Cutler, Steinbuch v. Cutler Update--Cutler's Motion to Dismiss, Steinbuch v. Cutler Update, Steinbuch v. Culter Update: Cox Out, Cutler Bankrupt, Steinbuch's Second Battlefront Against Cutler Shut Down
* BidZirk v. Smith: Griping Blog Post Leads to Lawsuit--BidZirk v. Smith and Blogger Wins Lawsuit Over Gripe Post--BidZirk v. Smith
* Defamation Lawsuit Against Blogger Dismissed on Jurisdictional Grounds--Fahmy v. Hogge
* Bloggers' Defamation Liability Not Dismissed--Saadi v. Maroun
* Blogger Protected by Anti-SLAPP Statute--GTX v. Left
* Connecticut Blogger Not Subject to Texas Jurisdiction--Healix Infusion v. Helix Health
* Co-Blogger Identity Isn't Disclosed via 512(h), but Takedown Letters Are Copyrightable
* Blog Defamation Lawsuit Lacks Jurisdiction--TrafficPower.com v. Seobook.com
Social Networking Sites Generally
* Social Networking Sites and the Law
* Facebook v. ConnectU. See also Facebook's Lawsuit Against Competitive Email Harvesting Continues--Facebook v. ConnectU
* Telephone Numbers as Identity Authenticators--Abrams v. Facebook
MySpace
* MySpace Defeats Sherman Antitrust Claim for Blocking Links to Competitor--LiveUniverse v. MySpace
* Lori Drew Conviction Reflections Parts 1, 2 and 3. See also Lori Drew Prosecuted for CFAA Violations--Some Comments, and a Practice Pointer
* MySpace Gets 230 Win in Fifth Circuit--Doe v. MySpace. See also MySpace Suit for Liability for Sexual Assault Dismissed and Doe v. MySpace.com --- Continued
* Principal Loses Lawsuit Against Students and Parents Over Fake MySpace Page--Draker v. Schreiber
Other Social Networking Sites
* Website Isn't Liable When Users Lie About Their Ages--Doe v. SexSearch and Doe v. SexSearch Affirmed by 6th Circuit, But Not on 230 Grounds
* Xanga.com Busted for COPPA Violation
Posted by Eric at 01:25 PM | Content Regulation , Derivative Liability , Internet History | TrackBack
January 20, 2009
Kentucky Reverses Seizure of 141 Gambling-Related Domain Names
By Eric Goldman
Interactive Media Entertainment and Gaming Association v. Wingate ex rel Kentucky, 08-CI-01409 (Ky. Ct. App. Jan. 20, 2009)
We see state enforcement agencies freak out about the Internet all the time, so I have a hard time determining which freakouts are more noteworthy than others. However, it definitely caught my attention when Kentucky tried to seize 141 domain names associated with worldwide gambling operations. Their objective was to shut down illegal gambling in Kentucky, but the domain name seizure would have the effect of shutting down those websites worldwide--even if the gambling site was legal with respect to some of its non-Kentucky users. This kind of extraterritorial impact should be categorically outside the province of individual states.
So it's a relief to see that the Kentucky court system has corrected its errors and rejected the seizure of the domain names. The judges don't agree on the matter, and we get 3 opinions out of a 3 judge panel. However, two of the judges emphatically agreed that domain names do not qualify as "gambling devices" under the statutory definition, making their seizure under the statute unlawful. Relying on this definition in the statute sidesteps the many important public policy issues underlying the case, but it's a good (and IMO correct) result nonetheless.
Posted by Eric at 02:59 PM | Content Regulation , Domain Names | TrackBack
January 08, 2009
December 2008 Quick Links, Part 2
By Eric Goldman
Social Networking Sites/Cyber-Bullying/Sexual Predation
* More on the Lori Drew conviction:
- Wired has a tough behind-the-scenes look at the Lori Drew jury deliberations.
- The jury instructions
- In case you missed it, my special three part series on implications of the Lori Drew conviction: Part 1, Part 2, and Part 3.
* Yet more fallout from the Lori Drew prosecution and conviction. Wired has a story on the cyberbullying litigation frenzy. The Washington Post has a recap on the proliferation of state anti-cyberbullying laws.
* U.S. v. Morris, 2008 WL 5101636 (7th Cir Dec. 5, 2008). Judge Posner talks about the difference between entrapment (not OK) and vigilantism (OK) in the context of a mom who created a fake MySpace persona to chat with an alleged sexual predator who had contacted her underage daughter.
* Facebook's policy on breast-feeding photos has sparked protests both online and off (1, 2, 3). It reminds me a bit of one of my first challenges as Epinions' general counsel. (search for Epinions).
* Barry Schwartz: is Google getting desperate for ad revenue?
* The Register: "Google this week admitted that its staff will pick and choose what appears in its search results." However, I don't think the article supports this aggressive statement. Instead, it appears the article is getting excited about the fact that Google manually tweaks the algorithms when they produce goofy results--something we've known for years.
* Updates on Axact v. Student Network Resources, the case involving alleged copyright infringement of term papers. Axact allegedly has been trying to get its domain name registrars to release its domain names for transfer, and SNR is trying to cut them off. Apparently Google also balked at the instructions to kick the subject domain names out of its index, but SNR and Google resolved their differences enough to reach a stipulation. Finally, I've received numerous threats and requests from Axact to modify my original post, which has prompted me to make some minor changes.
Marketing
* IMS Health v. Ayotte. New Hampshire passed a law restricting the use of a doctor's past prescribing practices (i.e., behavioral information) for personalized/targeted sales calls. This opinion upholds the NH law against a First Amendment and dormant Commerce Clause challenge.
* Australian advertisers are cookie-ing users at high CPM sites so that they can show the users targeted ads when those users appear at lower CPM sites.
* Sony busted for COPPA violations.
* New advertising medium: school exams.
Miscellaneous
* Good article on the Sprint v. Cogent peering fight.
* And a good article showing limits to the Long Tail theory.
* U.S. v. Grober, 2008 WL 5395768 (D. N.J. Dec. 22, 2008). Grober pleaded guilty to uploading and downloading child porn over the Internet. The judge rejects the 19 1/2 year minimum sentence specified by the Sentencing Guidelines and instead sentences Grober to the 5 year statutory minimum. This opinion poignantly explains why this judge, like several others, rejects the Sentencing Guidelines in Internet child porn cases because the dictated sentences are too severe.
* BusinessWeek is still amazed that people actually--get this--provide their time and efforts over the Internet without getting paid!
* Lior Strahilevitz, Reputation Nation: Law in an Era of Ubiquitous Personal Information, 102 Nw. U. L. Rev. 1667 (2008). Lior explores the cross-elasticities of demand for types of reputational information and shows that if some information isn't available (due to, say, privacy laws), decision-makers will consult less credible or pernicious sources. For example, if a landlord can't get good credit information about a prospective tenant, the landlord may resort to discriminatory considerations (like race) to decide whether or not to rent to the tenant. Good article.
* I have previously written about New York v. Synergy6, Inc., 404027/03 (N.Y. Sup. Ct. Jan. 6, 2006), where the court soundly rejected the New York Attorney General's office regarding a marketer's liability for allegedly illegal emails sent by downstream affiilates (i.e., not in direct privity)