Technology & Marketing Law Blog: Publicity/Privacy Rights Archives

Technology & Marketing Law Blog

January 31, 2012

Court Denies Kravitz’s Motion to Dismiss PhoneDog’s Amended Claims -- PhoneDog v. Kravitz

PhoneDog v. Kravitz, 2012 U.S. Dist. LEXIS 10561 (N.D. Cal.; Jan. 30, 2012)

PhoneDog and Kravitz are fighting over ownership of the Twitter account Kravitz used while he was working for PhoneDog. In an earlier order, the court allowed several of PhoneDog’s claims to continue, although it dismissed PhoneDog’s claims for economic interference due to Kravitz’s allegedly improper taking of the Twitter account.

The court's initial order allowed PhoneDog's claims for conversion and misappropriation of trade secrets to proceed, but dismissed PhoneDog's claims for negligent and intentional interference with economic relationships. I thought PhoneDog’s claims were weak at best, and the court could have whittled down the litigation and guided the parties to their ultimate destination—settlement—by culling some of the claims, but no such luck.

With respect to intentional interference with prospective economic advantage, the court accepts PhoneDog’s theory that:

[d]ue to Kravitz’s alleged conduct, there is decreased traffic to [the] website through the [Twitter] Account, which in turn decreases the number of website pageviews and discourage advertisers from paying for ad inventory on PhoneDog’s website.

This looks like a broad theory of economic interference that would sweep up a lot of otherwise innocent conduct, but the court says that at the pleading stage, this is sufficient. The judge’s decision on economic interference seems to view traffic as an asset that can be misappropriated (even if there is no trademark claim, the economic interference claim is like a claim for diversion of traffic). The court also says that PhoneDog’s negligent interference theories also have merit at the pleading stage because “Kravitz owed a duty of care to PhoneDog as an agent of PhoneDog.”

The net result is that all of PhoneDog’s claims move forward, and Kravitz (and PhoneDog) will have to slog through some additional discovery in order to resolve PhoneDog’s claims at the summary judgment stage.

I can't think of any new lessons to draw from this ruling, except that some sympathetic judges will let claims move forward. It would have been cheaper and quicker for everyone involved to have entered into a written agreement addressing the issue, or at least to have addressed this question up front (even if informally).

Previous posts:

An Update on PhoneDog v. Kravitz, the Employee Twitter Account Case
Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Account can Proceed

Posted by Venkat at 08:25 AM | Marketing , Publicity/Privacy Rights , Trespass to Chattels

December 19, 2011

Facebook "Sponsored Stories" Publicity Rights Lawsuit Survives Motion to Dismiss--Fraley v. Facebook

By Eric Goldman

Fraley v. Facebook, Inc., 2011 WL 6303898 (N.D. Cal. Dec. 16, 2012)

Because Facebook does so many things that aren't in users' interests, their "Sponsored Stories" program barely registers. Nevertheless, Sponsored Stories demonstrates why many people are burned out on Facebook. Facebook collects user preferences through its semantically ambiguous "like" button and then uses that data to show ads to the users' friends with a seeming endorsement. Using my preferences does little to advance my relationship with my friends, but the implicit endorsement is designed to get my friends to investigate the ads, increasing the advertiser's credibility and Facebook's profits. So Sponsored Stories creates a zero-sum game: I as a user probably don't get any value from the public presentation of my implicit endorsement (if anything, it might hurt my position with my friends), but Facebook and its advertisers benefit from it.

My response to Facebook's rollout of Sponsored Stories was swift and decisive: I don't "like" any businesses on Facebook or do any other activities on Facebook that I believe can trigger a Sponsored Story. (I would also categorically opt-out of being a part of Sponsored Stories if Facebook actually let me decide what I want to share with my friends, but Facebook doesn't). Instead, if I want to make a commercial recommendation to my friends--something I do occasionally--I just share it directly in my status report. That way, I control the message I deliver to my friends, instead of letting Facebook or advertisers control how they communicate my interest to my friends. And the zero-sum nature of Facebook's offering drives a deeper wedge into my relationship with Facebook, making me less willing to use Facebook generally and more receptive to alternatives.

To me, this marketplace response is adequate. To plaintiffs' lawyers, however, Sponsored Stories gives another reason for a litigation fiesta. Remarkably, unlike so many other "privacy" lawsuits against Internet companies, this lawsuit survives the motion to dismiss--dramatically increasing the odds that Facebook will be writing a check for this so-called "feature."

This is a rich and interesting opinion by Judge Koh that has something for everyone to "like" (or dislike). Some of the highlights:

Article III Standing

In a ruling that bucks a mini-trend, Judge Koh upholds the case from an Article III standing challenge. She says that violation of a statutory right (in this case, California's publicity rights statute) automatically satisfies the actual harm requirement of Article III standing. The plaintiffs also satisfied the "particularized" and "concrete" requirements of Article III by explaining how the Sponsored Stories feature used their information.

She explicitly distinguishes numerous defense-side Article III wins (including her own recent iPhone application litigation and Low v. LinkedIn decisions) by noting the particular nature of the plaintiffs' publicity rights claim. In this case, unlike the others, the plaintiffs are claiming that their endorsement had commercial value to help sell goods to others, compared to the situation in the prior cases where the commercial value of a user's data came from theoretically improved marketing to the user him/herself. She says:

Plaintiffs here do not allege that their personal browsing histories have economic value to advertisers wishing to target advertisements at Plaintiffs themselves, nor that their demographic information has economic value for general marketing and analytics purposes. Rather, they allege that their individual, personalized endorsement of products, services, and brands to their friends and acquaintances has concrete, provable value in the economy at large, which can be measured by the additional profit Facebook earns from selling Sponsored Stories compared to its sale of regular advertisements.

She says later:

Plaintiffs assert that they have a tangible property interest in their personal endorsement of Facebook advertisers’ products to their Facebook Friends, and that Facebook has been unlawfully profiting from the nonconsensual exploitation of Plaintiffs’ statutory right of publicity. Thus, in the same way that celebrities suffer economic harm when their likeness is misappropriated for another’s commercial gain without compensation, Plaintiffs allege that they have been injured by Facebook’s failure to compensate them for the use of their personal endorsements because “[i]n essence, Plaintiffs are celebrities—to their friends.”

Clearly, Judge Koh is making a tricky intellectual move, and I bet it's going to make some privacy advocates unhappy. There is unquestionably a street value to data about a person to improve the marketing to that person, just as there is unquestionably commercial value in gaining an endorsement from a consumer. It's awkward to recognize one value and not the other. (Of course, in many of the precedent cases, there was only the possibility of data leakage; there wasn't actually a showing that any marketer had bought the leaked data for commercial reuse).

However, Judge Koh's fancy footwork rips open only a very small hole in the Article III jurisprudence. Her exception only applies where there's a statutory publicity rights claim, and only when the defendant made a commercially-motivated endorsement. I'm sure we'll see plaintiffs advance claims to take advantage of this ruling, but few plaintiffs will be able to style their claims accordingly.

In another tricky intellectual move, Judge Koh distinguishes Cohen v. Facebook, which dismissed a publicity rights claim based on Facebook's "Friend Finder" service, because this case showed a more direct connection between the friend's endorsement and the commercial value derived by Facebook. She also implies the lawyers did a better job here than in Cohen. I didn't fully understand this distinction other than Judge Koh's desire to reach a different result without disturbing the Cohen precedent.

47 USC 230

Facebook's 230 defense is tricky. First, it seeks to invoke the defense against a publicity rights claim, which the 9th Circuit said was possible in Perfect 10 v. ccBill in a controversial statutory reading that has been rejected by every other court outside the Ninth Circuit. Judge Koh doesn't touch that issue.

Second, Facebook seeks 230 protection for the ad copy it created automatically. The ad is based on a user action, the "Like," plus various pieces of user content, but Facebook assembles it all into a package that the user never sees, blesses or necessarily even wants. We've had some other cases upholding 230 when a service provider is so intimately involved with creating the final content, such as the Carafano case, but Facebook is clearly playing at the edge of the statutory immunity.

Judge Koh rules that Facebook is over that line and doesn't get the immunity. Unfortunately, she does so by saying that Facebook is partially the information content provider of the ads in question. She references the dispositive allegations:

Plaintiffs allege that Facebook creates content by deceptively mistranslating members’ actions, such as clicking on a ‘Like’ button on a company’s page, into the words “Plaintiff likes [Brand],” and further combining that text with Plaintiff’s photograph, the company’s logo, and the label “Sponsored Story.” ... Plaintiffs allege that they themselves have no control over whether to post a particular company’s name or logo, and that Facebook maintains sole control over whether to display a Sponsored Story at all.

Personally, I'd be much more sympathetic to Facebook's position if users had the specific ability to "like" a business page without simultaneously authorizing the Sponsored Story. Because Facebook's controls are insufficiently granular, Facebook automatically interprets a "like" as both a statement of user attitudes and as a green light to create the Sponsored Story. In contrast, imagine that when a user "liked" a business page, Facebook prepared the ad copy for the Sponsored Story, presented it to the user, and asked the user if the user wanted to publish the ad copy to his/her friends. At this point, I would feel much more strongly that the ad copy really was the user's words. Naturally, Facebook doesn't give users this level of control over the words being put into their mouths.

On the other hand, consider an alternative example where a website both publishes UGC on its site and then syndicates the content to third party sites. It's my position that the website gets 230 for both acts of publication, even if the user never expressly green-lighted the syndication (so long as the user-to-website license permitted the syndication). See, e.g., Prickett v. infoUSA. Based on Judge Koh's explication, I'm not exactly sure why Facebook crossed the 230 line while some of these other situations probably don't.

Facebook responded that its activities didn't make it a content provider but just represented traditional editorial functions. The court rejects the argument, citing this allegation:

Plaintiffs allege not only that Facebook rearranged text and images provided by members, but moreover that by grouping such content in a particular way with third-party logos, Facebook transformed the character of Plaintiffs’ words, photographs, and actions into a commercial endorsement to which they did not consent.

In the context of this case, I see her point. Sadly, the opinion's wording will give false hope to a slew of plaintiffs who will argue that the website's presentation of third party content constituted some type of unauthorized endorsement. It will take a few cases to burst the plaintiffs' bubbles about a new exception to 230.

The Statutory Publicity Rights Claim (CA Civil Code 3344)

Facebook took a few cracks at the claim, all of which were unsuccessful:

Newsworthiness. The publicity rights statute does not restrict using someone's personality "in connection with any news." This is a backdoor First Amendment defense, as what constitutes news tracks First Amendment jurisprudence on "matters of public interest." This defense seemed like a hail-mary for Facebook--a user "liking" a page is clearly "new" information to the marketplace, but it's not "news" in either the traditional or First Amendment sense. The court seems unimpressed, saying that even if a user "liking" a commercial product is news to that user's social network, using that information commercially drops out of the exception. I wasn't persuaded by the judge's distinction here, but then again Facebook's argument about what constituted "news" was obviously tendentious.

I was a little disappointed that Judge Koh sidestepped some interesting lurking issues about what is "news" in the modern environment, where all of us are publishers to our local communities and we as publishers can have significant clout in a small community. Some academic literature in the 1990s discussed these issues in the Internet context, but it might be worth revisiting as a paper topic. Judge Koh also sidestepped the intellectually interesting issue of whether opinions about marketplace goods are "newsworthy," something that I strongly believe to be the case in the context of anti-SLAPP laws.

Consent. Facebook argued that users consented to Sponsored Stories as part of its terms of use. The plaintiffs retorted that Sponsored Stories didn't exist when they signed up, so they couldn't have consented to it. The court says there's a factual dispute which prevents a motion to dismiss.

Injury. Facebook argued that non-celebrities have to show economic injury as part of their 3344 prima facie case. The court rejects this distinction, saying "[i]n a society dominated by reality television shows, YouTube, Twitter, and online social networking sites, the distinction between a “celebrity” and a “non-celebrity” seems to be an increasingly arbitrary one." Furthermore, the plaintiffs did allege injury by showing that their endorsements were valuable to Facebook, which helps distinguish this case from the Cohen "Friend Finder" precedent. I liked this quote:

While traditionally, advertisers had little incentive to exploit a non-celebrity’s likeness because such endorsement would carry little weight in the economy at large, Plaintiffs’ allegations suggest that advertisers’ ability to conduct targeted marketing has now made friend endorsements “a valuable marketing tool,” just as celebrity endorsements have always been so considered.

For more on this point, see my Online Word of Mouth paper.

Unfair Competition Law (UCL)

Normally, we'd expect the UCL claim to be tossed because the plaintiffs can't make the required showing that they lost "money or property." Numerous Internet privacy cases have reached that conclusion. Judge Koh makes the same intellectual move she did with Article III standing, saying that publicity rights are different than other privacy torts. She says: "[t]o the extent Plaintiffs allege they can prove that their endorsement of commercial products to their Facebook Friends has concrete, quantifiable value for which they are entitled to compensation, the Court finds that Plaintiffs have properly alleged loss of money or property for purposes of establishing standing under the UCL." I wonder if plaintiffs can make that showing because there's no existing market for consumer-to-consumer endorsements, but it's enough to survive the motion to dismiss. In particular, she says California's statutory damages for publicity rights violations aren't enough to demonstrate the value of the endorsements.

Judge Koh also concludes that plaintiffs properly alleged that Facebook's activities were unlawful, unfair and fraudulent (in the latter case, because Facebook allegedly overclaimed users' abilities to opt-out of Sponsored Stories).

Unjust Enrichment

Recent caselaw makes it even clearer that there's no separate cause of action for unjust enrichment; instead, it's just a synonym for restitution. As a result, the court tosses this claim.

Conclusion

This is not a good ruling for Facebook, but I can't really feel too sorry for it. Facebook has been playing fast-and-loose with the law in many different contexts (see, e.g., its FTC bust), and Sponsored Stories is no different. Before rolling it out, Facebook surely knew that the Sponsored Stories offering was on murky legal ground. It can't be surprised that it didn't get an easy dismissal.

Even so, if it gets that far, Facebook may yet win this case. Judge Koh has made it clear that she's a tough customer, but Facebook has plenty of power to its remaining arguments. Nevertheless, I'm reasonably confident it won't get that far. Given the importance of maximizing ad revenues and its desire to clean up legal issues in advance of an IPO, it seems more likely that Facebook will cut a deal with plaintiffs' counsel. I imagine Facebook might try to do a settlement like the Facebook Beacon settlement that results in minimal restrictive covenants, a chunk of money into the lawyers' hands, and a chunk of money that doesn't get into users' hands but instead goes into something like Facebook's privacy foundation.

UPDATE: Facebook is blazing ahead with its Sponsored Stories offering, moving the Sponsored Stories module into the newsfeed instead of on the side. (And with almost-invisible disclosure that it's an ad). Surely this means Facebook plans to win this lawsuit or to settle up. I'm voting the latter.

Posted by Eric at 09:10 AM | Licensing/Contracts , Marketing , Publicity/Privacy Rights | TrackBack

December 08, 2011

Employee's Claims Against Employer for Unauthorized Use of Social Media Accounts Move Forward--Maremont v. SF Design Group

[Post by Venkat Balasubramani]

Maremont v. Susan Fredman Design Group, Ltd., et al., 10 C 7811 (N.D. Ill.; Dec. 7, 2011)

I blogged about a case earlier this year where a plaintiff sued her former employer for improperly accessing the plaintiff's social media accounts. (Here's my earlier post on the case: "Employee's Twitter and Facebook Impersonation Claims Against Employer Move Forward.") I thought the case was dismissed due to plaintiff's inaction, but it looks like the case is still trudging along.

The basic facts: Susan Maremont worked for the Susan Fredman Design Group as the director of marketing. Maremont created a blog and Facebook account for SFGD. She also created Facebook and Twitter accounts that the court says are undisputedly her personal accounts. Maremont suffered an accident. While she was in the hospital, SFDG continued to access and post from Maremont's accounts. (The court is never 100% clear on which of the two Facebook accounts SFDG posted from.) Maremont returned to work briefly on a part-time basis, and during this time she thanked her temporary replacements "for their amazing posts on [the blog] in [her] absence." Subsequently, Maremont apparently changed her mind and sued for alleged misuse of her personal accounts. [The order says that Maremont stored her account access info on the SFDG server, although the folder in which she stored this info was ‘locked’ and she never gave authority to anyone to access it. This was Maremont’s version of the facts. The order does not say exactly how SFDG got access to the passwords (SFDG could have obtained the passwords through accessing the folder on the SFDG server, or it's possible that the computer Maremont used to create the accounts--which were SFDG computers--remembered them).]

SFDG brings a motion for summary judgment, which the court largely punts for lack of evidence on damages.

Lanham Act claim: Maremont's Lanham Act claim requires her to show that she had an intent to commercialize her identity. The court says that she satisfies this requirement, noting that "it is undisputed that Maremont created a personal following on Twitter and Facebook for her own economic benefit . . . " However, Maremont also must show that she was somehow damaged by her unauthorized affiliation with SFDG. The court gives Maremont additional time to marshal evidence as to how she was damaged. Maremont tells the court that she will bring an expert to testify as to the damages issue.

Stored Communications Act claim: As to the Stored Communications Act claim (which Maremont added later on in the lawsuit) there is no dispute that SFDG accessed Maremont's accounts:

there is undisputed evidence in the record that Defendants accessed Maremont's personal Facebook account and accepted friend requests at least five times from September 23, 2009 through November 24, 2009. Moreover, evidence in the record reveals that Defendants posted seventeen Tweets to Maremont's personal Twitter account during the relevant time period.

This probably amounts to unauthorized access of "a facility through which an electronic communication service is provided." However, the court says that in order to be entitled to statutory damages under the SCA, Maremont has to show that she suffered some "actual damages." (See Van Alstyne v. Electronic Scriptorium.) Because of the dearth of evidence on the damages issue, the court declines to grant summary judgment at this juncture. (Although the court's discussion of whether the SCA requires actual damages as a prerequisite to relief is not extensive--and as Van Alstyne acknowledges, there is mixed authority on the issue--the ruling is significant in this regard.)

Right of Publicity claim: The right of publicity claim fails because SFDG did not pass itself off as Maremont, even though it posted tweets through Maremont's Twitter account. The first of the objectionable tweets explained Maremont's absence and linked to a blog post by Susan Fredman. Additionally, upon returning to work on a part-time basis, Maremont "thanked" SFDG's guest editors for their efforts. Thus, the court concludes that SFDG did not misappropriate Maremont's likeness.

Common Law Privacy claim: Maremont also brought a common law privacy claim, which appeared to be based on the "intrusion of seclusion" tort. The court says that she has to show that defendants intruded into a matter that was private and which the plaintiff attempted to keep private. The court says that Maremont cannot satisfy these elements:

there is no dispute [that] . . . the matters discussed in Maremont's Facebook and Twitter posts were not private and that Maremont did not try to keep any such facts private. In short, Maremont fails to point to any private information upon which Defendants intruded.

Cf. Moreno v. Hanford Sentinel.
__

This is a messy dispute, and some of the facts don't seem clearly developed by either the court or the parties. For example, there were two Facebook accounts involved (one for SFDG and one which Maremont uses personally), but later in the discussion, the court doesn't specify which Facebook account it is talking about. Second, the court notes that "there is no evidence in the record concerning the actual Facebook postings and their content." This is a strange evidentiary omission by the plaintiff.

Then there's the issue of actual damages. Maremont has a Herculean task in proving that her affiliation with SFDG as a result of a smattering of social media posts somehow had a negative financial effect on her. How exactly was she damaged by this association? It's not as if SFDG said anything negative about her. Maremont's claim is that while she was in the hospital, SFDG continued to post and make it look (to the untrained eye) that Maremont continued to handle SFDG's social media efforts. Would a prospective client really refuse to hire Maremont because of these posts? Did this somehow diminish Maremont's earning capacity? I'm not sure what Maremont's expert is going to say, but he or she better come up with something good.

The court's analysis of the invasion of privacy issue also threw me for a loop. The court concludes that the information contained in the posts were public, so there's no violation by SFDG when it posted to Maremont's accounts, but this didn't seem to be the crux of Maremont's invasion of privacy claims. Maremont should be arguing that when SFDG accessed Maremont's accounts, SFDG could also have accessed private facts stored in the account, such as private messages, DMs, photos, and other information in the Twitter/Facebook accounts that were not public. The court's analysis makes me think that the court didn't understand that Twitter or Facebook accounts can contain other information than what's actually publicly "posted" through the account. (Of course, Maremont would have faced a challenge when it comes to damages. She may not have had a standing problem, but she would have to show that she suffered damage as a result of the intrusion, and it's fair to presume from the court's dismissal of her claim that she failed to put forth adequate evidence on this issue.)

This case, along with the PhoneDog case (and Ardis Health) highlight the inherent ambiguity in ownership over social media accounts. Property-wise, it's tough to slot the accounts in a particular box. There also seems to be differing expectations on the part of the employer and employee. The employee obviously wants to take the account with her when she leaves, but the employer would like to continue to take advantage of the goodwill built by the account. There is a solution, and that's to have a written policy in place! A policy is not a cure-all, and I think it's equally important to have a discussion up front about whose account this is and what happens when the relationship terminates. (This is a mini-version of the "blog ownership question" that Eric has harped on.)

As with the PhoneDog case, this is another dispute where the attorney's fees expended could eclipse the value of the case. If the facts as alleged are true, SFDG stepped way over the line in accessing Maremont's accounts, but Maremont's damages are probably minimal. (Ironically, I would think the invasion of privacy claim would be one of the strongest, but the court kicks this claim.)

As a final note, it's worth comparing the result in this case to In re Rolando S., the case where a California appeals court found that a juvenile violated California's identity theft statute when he took someone's Facebook account for a joyride. Here, SFDG gets dangerously close to this line, although it was not clear that the posts in question purported to be from Maremont. As I mentioned in my initial post on the case, depending on what jurisdiction you are in, meddling with someone's social media account in this context could result in e-personation liability.

Posted by Venkat at 03:45 PM | Privacy/Security , Publicity/Privacy Rights , Trademark

November 22, 2011

Court Awards Damages for Wrongful Disruption of Web Presence -- Ordonez v. Icon Sky Holdings

[Post by Venkat Balasubramani]

Ordonez v. Icon Sky Holdings LLC, 10-cv-60156-PAS (S.D. Fla. Aug. 30, 2011)

This was another dispute involving two parties who jockeyed for control of an online presence. I guess you could say that one “jacked” the other’s presence.

Elizabeth Ordonez is a dancer, model, actress, choreographer (etc.) and is known by her fans as “Elizabeth Sky.” She sued Nisha Elizabeth George and her entity Icon Sky Holdings alleging that Icon Sky wrongly obtained a trademark registration for “ELIZABETH SKY” and went on a campaign to disrupt Ordonez’s web presence. George allegedly sent letters to ModelMayhem, Twitter, MySpace, and Facebook, all of whom took down Ordonez’s content, account, or forced Ordonez to change her name.

Ownership of the mark: As far as which of the two parties should be entitled to use the ELIZABETH SKY mark, the facts were pretty unfavorable to George and Icon Sky. Ordonez had been using Elizabeth Sky as a stage name for many years, and the court described some pretty serious irregularities in George’s procurement of the trademark. George was aware of that Ordonez was the senior user, and submitted a specimen that wasn’t really a specimen (it was the exact same specimen which George submitted for another trademark application, but appeard to have been “graphically edited”).

Athough it was a default case, the court easily disposes of the trademark issue. The court finds that George was the junior user and used the ELIZABETH SKY mark in connection wich similar goods and services. This is sufficient for the court to find for plaintiff on her Lanham Act and state law unfair competition claims and this entitles Ordonez to injunctive relief as to George’s use of the ELIZABETH SKY mark.

Tortious interference: Plaintiff also prevailed on her tortious interference claims, which were premised on George’s interference with the contractual relationships between plaintiff and various social networks. The court found that (1) there was a contractual relationship, (2) George knew about this relationship (since she signed up for the services, she was aware of the applicable terms of use), (3) an intentional and unjustified interference, (4) which caused damage. In addition to the social networks, George also demanded that other website take down content which plaintiff had put up. The court found that Ordonez was damaged because her business contacts “discontinued showcasing plaintiff on their websites for fear of being sued,” and many entertainment industry professionals “stopped requesting plaintiff for jobs.”

Libel per se: Finally, plaintiff made out a claim for libel because George falsely accused plaintiff of identity theft. Since identify theft is an “infamous crime,” the court says that plaintiff satisfied the elements of libel per se and did not need to prove damages from George’s statements.

Relief: The court grants plaintiff injunctive relief with respect to the trademark issue and enjoins defendants from continuing to use the mark. Plaintiff also asked to freeze certain of George’s domain names but the court denies this relief since the complaint did not specifically allege a cause of action under the ACPA. Finally, the court awards $81,000 in damages. The bulk of the damages were for plaintiff’s tortious interference claim, and plaintiff put forth evidence that it cost her $78,000 to build her “online presence” – ten hours per week at $50 per hour (over a period of three years). She sought $243,000 in damages for performances that plaintiff’s booking company refused to book because of George’s actions, but the court found the evidence flimsy on this point (and duplicative of the $78,000 in damages it already awarded). The court awards $3000 for lost booking.
__

Eric has blogged a bunch about brands dueling on social networks via takedowns. The Complexions spa case: “Business Sues Facebook to Restore Its Fan Page” and the Ozimals case “Second Life Ordered to Stop Honoring a Copyright Owner's Takedown Notices” are two recent examples. In both of those cases, the networks ended up embroiled in the dispute whereas here Ordonez went after the alleged wrongdoer directly. A user can be enjoined from sending improper takedown notices, but it’s legally questionable as to whether a court can force a network to put someone’s webpage back online (both from a First Amendment and section 230 filtering standpoint, the network should be able to keep content off-line). This particular case is a trademark case, but in the copyright context, section 512 provides some applicable rules: Wrongful takedowns can result in money damages (Lenz), Someone can be enjoined from sending bogus takedown notices (Design Furnishings v. Zen Path), and an intermediary can be enjoined from providing access to a piece of content (section 512(j)).

The interesting thing about this dispute is how the networks in question readily took down plaintiff’s webpages and content. It’s unclear as to whether George went to Facebook, Twitter, and YouTube and waved around the trademark registration—from the court’s recitation of the facts, it did not seem like George was armed with a registration when she complained to the various networks. It’s tough to draw any conclusions from this case, but my instinct is that networks are more than willing to honor takedown notices without closely scrutinizing them, although at times it seems like networks have their own (sometimes maddening) administrative mazes in place.

This is a rare ruling awarding damages to a plaintiff who is claiming tortious interference based on a wrongful takedown. Where the takedown is based on copyright ownership, there may be a preemption issue, so it’s not easy to assert a tortious interference claim based on a copyright takedown notice. (See the Ozimals ruling, “17 USC 512(f) Preempts State Law Claims Over Bogus Copyright Takedown Notices” but see the Smith v. Summit Entertainment case: “17 USC 512(f) Claim Against 'Twilight' Studio Survives Motion to Dismiss” and Rossi v. MPAA. Where a copyright takedown is involved, a plaintiff is better off proceeding under section 512(f).)

Since this case was resolved on a default motion, it’s unclear as to whether in a contested case damages are viable. At any rate, this is one additional datapoint that people who submit takedowns want to keep mind. You can be liable under section 512 if you send a wrongful DMCA takedown, but you may also face liability for tortious interference for causing a network to take someone’s web presence off-line.

Posted by Venkat at 09:39 AM | Publicity/Privacy Rights , Trademark

October 29, 2011

Publicity Rights Class Action Against Facebook Over Promotion of 'Friend Finder' Service Dismissed -- Cohen v. Facebook

[Post by Venkat Balasubramani]

Cohen v. Facebook, Inc., C10-5282, 2011 U.S. Dist. LEXIS 124506 (N.D. Cal. Oct. 27, 2011)

This is a putative class action against Facebook for "promoting its 'friend finder' feature by disclosing to users that their Facebook 'friends' have used that function." The first time around, the court dismissed the claims, but granted leave to amend. ("Court Dismisses Misappropriation Claims Against Facebook Over Its Friend Finder Service.")

This time around, the court's order focused on the issue of whether plaintiffs adequately alleged injury. Facebook argued in its earlier motion that the claims were undermined by Facebook's terms of service, but the court says this issue is not amenable to resolution at the motion to dismiss stage, and Facebook does not bring this argument up again. The court previously ruled that plaintiffs are not automatically entitled to relief under California's publicity rights statute and that plaintiffs can recover non-economic damages if they suffer emotional harm.

In the amended complaint, plaintiffs did not take the route of claiming emotional distress damages. They alleged instead that their names and likeness had economic value to Facebook. The court says that the allegations are insufficient, noting that plaintiffs did not allege that they were entertainers or models, or some other category of individuals who had "an obvious economic interest in [their] likenesses." The court also says that Facebook is using the likeness in a context where it already appeared:

the names and likenesses were merely displayed on the pages of other users who were already plaintiffs' Facebook "friends" and who would regularly see, or at least have access to, those names and likeness in the ordinary course of using their Facebook accounts.

The court says anyone who alleges some cognizable injury under the publicity rights statute can recover statutory damages, but plaintiffs failed to allege the minimum necessary. The court dismisses the case with prejudice.
__

It's possible that judges in the Northern District of California are getting sick of privacy class actions, because lately they have been pretty harsh on them. I don't think it's necessarily a bad thing, but it seems like courts are scrutinizing these complaints very closely. The iPhone class action, where the court shreds the complaint, was the most recent example before this one: "iPhone Privacy Class Action Dismissed for Lack of Standing."

Plaintiffs face the challenge that they have to tailor their complaints to suit a class, but they do not do a good job of coming out and arguing what exactly the harm is or where exactly the misappropriation occurred. Was this simply a case of Facebook disclosing to your friends that you had used the 'friend finder' service and showing your profile picture when they did this? Or was there something more? (This is a publicity rights and not a privacy lawsuit, but am I missing something, and is Facebook's 'friend finder' some sort of super secret risque alternative dating service?) If there was more to this, it did not come through in the court's order, and maybe plaintiffs just didn't do a great job of making sufficient allegations of nefarious conduct on the part of Facebook.

Plaintiffs tend to rely on this argument that the information or likeness has value, because it has value to Facebook (it must have value, because Facebook is exploiting it). But courts are not buying this argument. Facebook may or may not be exploiting your personal information or likeness, but you have to be able to articulate some value to it independent of the fact that Facebook is exploiting it. As we've seen in several cases, this is often a challenge.

The court dismisses on the basis that plaintiffs have not suffered cognizable injury under the statute, but in a footnote alludes that Article III standing would be a problem anyway. It's not clear as to whether alleging a statutory violation is sufficient to confer standing, or whether plaintiffs have to independently satisfy Article III standing requirements. A case pending before the United States Supreme Court raises this issue with respect to a federal statute; Facebook, Yahoo! and others have weighed in with a friend of the court brief. (See "'Sleeper' Case Asks Whether Plaintiffs Can Sue Without An Injury.") If there's an independent Article III standing requirement, can plaintiffs proceed in state court?

These lawsuits don't leave us with much clarity. Is Facebook engaging in some edgy practices to exploit users' likenesses and information? It's possible, but the best you can say after this case is that plaintiffs' allegations were muddled and the judge threw them out.

Previous post:

"Court Dismisses Misappropriation Claims Against Facebook Over Its Friend Finder Service -- Cohen v. Facebook"

Posted by Venkat at 07:50 AM | Publicity/Privacy Rights

September 24, 2011

Gilbert Arenas' Tweets Sinks His Motion to Enjoin "The Basketball Wives" -- Arenas v. Shed Media

[Post by Venkat Balasubramani]

Arenas v. Shed Media, CV 11-05279 (C.D. Cal.; Aug 22, 2011)

Arenas is a basketball player for the Orlando Magic. He goes by various nicknames, including "Agent Zero, Agent Arenas, and Hibachi." Arenas and Laura Govan were once in a relationship and have four children together. Shed Media produces the "Basketball Wives" television series, which centers around a cast of women, "most of whom have or have had a romantic relationship with a professional basketball player." Govan was set to appear in "Basketball Wives: Los Angeles," a spinoff of "Basketball Wives." Arenas moved to enjoin the broadcast and publicity around Basketball Wives: Los Angeles. He principally brought claims under the Lanham Act and under California's publicity statute.

Publicity Rights

The court notes that it's unclear as to whether the show will use and appropriate Arenas' identity. Arenas conceded that Shed Media "[took] care to avoid explicit reference to [Arenas'] name in the advertisements." Shed Media tried to argue that there's no publicity rights issue because the show would not discuss Arenas by name and any reference would be in reference to Govan's relationship with a certain unnamed basketball player. The court rejects Shed Media's argument, finding that it's inevitable that Arenas would come up in the show, either by name or by implication. The court then moves on to the two available affirmative defenses: (1) transformative use and (2) the "public interest" defense.

The court finds that Shed Media is likely to succeed on its transformative use defense. According to the court, the focus of the show is on "women who have or have had relationships with basketball players" rather than "the players themselves." The show is not using Arena's likeness to sell or endorse unrelated products or services.

The court also found that Shed Media would be likely to prevail on the "public interest" defense. This turned on whether Arenas' life is a matter of "public concern," and Arenas argued that his personal life and relationships were not a matter of public concern. The court disagrees, pointing to Arenas' Twitter feed for the proposition that Arenas has himself publicized many mundane details about his life (e.g., "dont u hate waking up doing the same thing..wash face..brush teeth..pee..take shower (well sum of us)...put on clothes...eat...etc.").

Trademark claim

The court characterizes Arenas' trademark claim as "muddled." (The court doesn't discuss the issue of whether Arenas' name, as a personal name, is entitled to trademark protection at all.) There's no possible confusion between the title of the show and any of Arenas' marks. Arenas also argued that Shed Media's use of his name in the show itself constitutes infringement. The court disagrees, saying that Shed Media would readily have a "nominative fair use" defense available (citing to Toyota Motor Sales v. Tabari). It would be virtually impossible for the show to refer to Arenas without actually mentioning his name. Additionally, any discussions Arenas' ex would have in the press would not necessarily suggest endorsement: "common sense suggests that a celebrity may not agree with his ex-girlfriend's opinion of him."

Irreparable harm

Having found that Arenas is unlikely to prevail on his claims, the court does not need to address the issue of whether he will be irreparable harm, but it touches on this issue anyway. Arenas argued that the show is one that "prides itself on its coarse brand of drama" featuring "cat fights" and "infidelity issues," and the association between the show and Arenas' brand would lessen his reputation. The court disagrees, again turning to Arenas' Twitter feed and his own statements:

Shed Media provides a treasure trove of newspaper articles about and tweets by Arenas that, taken as a whole, convince the Court that Plaintiff's reputation will suffer no serious blow if BWLA airs as scheduled. For example, to paraphrase Shed Media, it is difficult to see how an association with 'cat fights' will tarnish Arenas' reputation when he has been publicly associated with potential gunfights. [Ouch!] Arenas made national headlines at the beginning of 2010 over an incident in the Washington Wizards locker room in which he drew a gun on a teammate during a dispute over a gambling debt, and ultimately pled guilty to carrying a pistol without a license. Arenas has publicized on Twitter his views of women and other groups--opinions that would be characterized by many, if not most, people as crude and offensive.

Moreover, Arenas has already associated himself with the show by tweeting directly or indirectly about Govan's appearance on it. In these tweets, Arenas expresses his opinion that he "doesn't care what Govan does" because "if she gets a job he pays less money to her." According to Arenas, most basketball players do not know that (1) "they" (presumably ex-wives and ex-girlfriends) cannot lie about basketball players on television because the players can sue the show; and (2) the basketball players pay less money if "they" have a job.

Then there's my personal favorite of Arenas' comments:

Arenas opines that he 'care[s] more about [watching people] plank [i.e., lie prone] th[a]n my ex on tv.'

Ultimately, the court blocks Arenas' attempts to shut down the show. To add insult to injury, the court grants Shed Media's anti-SLAPP motion.

The court's ruling paves the way for the show to discuss aspects of Arenas' life as they relate to Govan. The tenor of the ruling is that, in this day and age of hyper-focused attention on the lives of celebrities, some discussion of this nature has to be tolerated and the fact that a reality show may seize on this is not something a celebrity can prevent by asserting his or her personality rights. Arenas' trademark claims seemed fairly weak, and while it's not quite on par with the 1-800 GET THIN v. Hiltzik case which Eric blogged about last month, the court makes clear that the show has some breathing room to refer to Arenas without running the risk of consumer confusion. Finally, we're left with the classic situation of a modern litigant making an argument that's inconsistent with statements he or she said online.

NB: this isn't the only dispute around Basketball Wives, Los Angeles. Chris Bosh sued Allison Mathis, his former paramour and the mother of his children to block her appearance on the same show. The court (same judge) granted Mathis' motion to dismiss for lack of personal jurisdiction. You can access that order here.

Additional coverage:
THR (Eriq Gardner): Judge Rejects Gilbert Arenas' Attempts to Block VH1's 'Basketball Wives' (Exclusive)

Posted by Venkat at 10:12 AM | Publicity/Privacy Rights

September 06, 2011

Marijuana Activist Can't Change His Name to "NJWeedman.com" -- In re Forchion

[Post by Venkat Balasubramani with additional comments by guest blogger Laura Heymann and Eric]

[Eric's note: this may be our first post with *three* different bloggers covering the same case! Venkat starts us off:]

In re Robert Edward Forchion, Jr., 2011 WL 3834929 (Ca. Ct. App. Aug 31, 2011)

Robert Edward Forchion, Jr. filed a petition to have his name changed legally to "NJWeedman.com." The trial court denied the request, and the appeals court affirms.

Background: As the court describes him, Forchion:

is a resident of New Jersey. Since 2009, he has managed a Rastafarian temple in Los Angeles and has operated a medical marijuana dispensary that he claims is lawful under the Compassion Use Act of 1996. . . . He has devoted his adult life to promoting the legalization of marijuana and, in 2000, was convicted in New Jersey of marijuana offenses. Forchion is currently facing trial in New Jersey on marijuana charges arising out of an arrest on April 1, 2010. He is free on bail.

Forchion has a national reputation as a marijuana advocate and is popularly known as NJweedman. He operates a Web site, "NJweedman.com," which discusses his efforts to legalize the drug. In 2001, Forchion unsuccesfully petitioned the New Jersey state courts to change his name to "NJWeedman.com."

Discussion:

Forchion's life: The court spends approximately 20 pages recounting the details of Forchion's life, including his protests, and brushes with the law. (These facts were apparently taken from Forchion's website.) For example, the court notes that he "smoked his first marijuana cigarette and 'was immediately impressed by its medical healing powers, in regard to his asthma' . . . . [b]y age 18 he was a regular user . . . and dismissed the Surgeon General's claims of its harms as 'propaganda and Christian superstitions.'" He enlisted in the United States Marine Corps where he continued to use marijuana, despite the government's prohibition. He became a coast-to-coast trucker in 1994. In 1995 he "became a practicing Rastafarian."

In 2008, he apparently fled to California, "seeking asylum, leaving the garden state for the pot friendly environs of Los Angeles." In 2009 he opened a "Rastafarian Temple" on Hollywood Boulevard. The temple was named "Liberty Temple II, after a series of protests he held at the Liberty Bell in Philadelphia." He then became a "Hollywood persona," and opened a "party promotions company called "NJweedmanPromotions." In 2010, he penned his biography, which was titled "Public Enemy #420." None of this is particularly relevant to Forchion's name change petition, but the court walks through the facts in some detail and they were strangely interesting. (All of this just gets to page 6 of the court's recitation of facts.)

Name changes generally: The court notes that people who wish to change their names have two different options. They can take the route of a "common law change of name," and simply start referring to themselves as something else (as long as their purpose is not to "defraud or intentionally confuse"). They can also formally change their names pursuant to statute. The statutory route offers certain advantages, namely the change of name is "definitely and specifically established and easily proved." In contrast:

[a] common law name change . . . carries with it no mandate to those with whom one comes in contact to accept at face value the nexus between the new name and the individual who assumes it.

In any event, the court concludes that while there must be a "substantial" reason for denial of a request to change one's name, the trial court is vested with discretion in ruling on a name change petition and the reasons offered in case law for refusing a name change request are not exhaustive.

Can Forchion change his name to a domain name?: The court turns to the key issue of whether Forchion can change his name to a domain name. This turns on whether Forchion is guaranteed to be able to use the NJWeedman.com domain name indefinitely. The court notes that although domain name registrants "appear to possess all [of] the component rights" of property owners, on closer examination, "it becomes apparent that a domain name is not property." The court concludes that a domain name is merely the product of an agreement for services between the registrant and the registrar. The agreement--pursuant to which a registrant secures a domain name--is not guaranteed to continue indefinitely. The registrar places numerous limitations on the registrant's use of a domain name and if the registrant breaches the domain name registration agreement in any number of ways (e.g., fails to pay fees, allows the domain name registration to lapse, uses the domain name in violation of the law), the registrar can cease providing the registration services. The court sees this as problematic because if Forchion's name change is approved, his name would "permanently" become "NJWeedman.com," but if he loses the domain name a subsequent user could end up with the rights to NJWeedman.com. In the court's eyes, the "dual use might create confusion, depending in part on what the new registrant did with NJweedman.com."

The court also notes that even if Forchion continued to pay the registration fees in perpetuity, his use of the domain name may run into problems due to a conflict with third party trademark rights. If a third party is able to assert trademark rights and successfully force Forchion to change his website or discontinue his use of the NJweedman domain name, the court says that his continued use of NJweedman.com as a personal name would be problematic. The court says it's not aware of any procedure pursuant to which a third party could force NJweedman.com (f/k/a Forchion) to change his personal name. The court says that these types of trademark considerations are not ones that the trial court should be forced to consider, when ruling on a name change. [Strangely enough, the court relies on those considerations in making its decision.] At the end of the day, the court says that domain names and personal names should remain in separate realms and the streams should not be crossed:

In sum, personal names and domain names should not overlap; they belong in distinct realms. Domain names were created for use on the Internet and should be limited to assisting a user in finding a desired Web site. By the same token, we should not treat a person as part of a domain.

As an added bonus, the court also points out that Forchion's website encourages others to break the law and is on thin legal ice. The website provides instructions on how to grow marijuana. It urges individuals to call New Jersey law enforcement and "provide false reports about the use of marijuana, hoping to send the police on wild goose chases and squander valuable resources." The court also closes the 37 page (!) order with a nod to comity principles. The court notes that while courts are "divided over res judicata applies to name changes . . . the principles that underlie the application of that doctrine are present here."

The court's opinion borders on entertaining and covers a lot of different ground. In particular, the discussion of the two types of name changes was interesting. At 37 pages, it felt a bit excessive, but I can't say I was disappointed after reading it.

I was surprised to see the court treat the domain name registration rights as a contract right, rather than a property right, given that numerous cases have discussed the issue since Kremen v. Cohen and have concluded that (at least for conversion and creditor remedies purposes) domain names are considered property and not a contract right. (See, for example: Eysoldt v. ProScan and CRS Recovery, Inc. v. Laxton.) As Eric points out, the fact that the domain name registration agreement could lapse or be terminated wasn’t a particularly persuasive basis to deny Forchion’s name change request.

I hadn't given any thought to the interplay between trademarks and personal name changes, but a quick Google search led me to a Yahoo! answers question titled "Can i legally change my name to Krispy Kreme," which in turn led to a New York Times article about a 1995 lawsuit between Coca Cola and Fredrick Koch, who wanted to change his name to "Coke-is-It." (See "Coke Settles With 'Coke-is-it.'") It looks like Coca Cola settled with Mr. Coke-is-it based in part on his agreement to not use his name commercially. To the extent the court should have even raised the issue on its own, the trademark versus personal name conflict was unrealistic in this case, given the name chosen by Forchion. I guess a lawn maintenance company in New Jersey could have a similar name and grumble, but really?

I wasn't particularly persuaded by the court's reasoning that a person should not share a personal name with a website because of the possibility of confusion between the two. Is there a realistic possibility that someone would look at Forchion post-name change and equate him with a website found on the internet? Even to the extent there is confusion, would this really result from the addition of .com to NJweedman? Courts and the PTO have long recognized the lack of trademark significance of a .com, and the court's conclusion seems to presume that Forchion's use of a dot com for his personal name would somehow be the basis for confusion.

I didn't have any immediate plans to change my name to balasubramani.com, but at least in California it looks like this wouldn't fly.

Other coverage:

"Court won’t let marijuana activist change his legal name to njweedman.com" (Evan Brown)

______________

Laura Heymann's Comments

[Eric's introduction: I'm pleased to include the following thoughts from Laura Heymann, the Class of 2014 Professor of Law at William & Mary Law School. Laura has been doing some excellent and thought-provoking work on the regulation of naming, and this case squarely implicates the issues she has been thinking about deeply.]

In In re Robert Edward Forchion, the California Court of Appeal affirmed a lower court decision denying Forchion the right to change his name to NJweedman.com, which also happens to be the URL for his website. Forchion is not the first individual to attempt to change his name to a URL. In 2003, animal rights activist Karin Robertson legally changed her name to GoVeg.com, the website of her employer, the People for the Ethical Treatment of Animals, in order to spark discussions about vegetarianism and animal rights; she reverted to her birth name three years later.

Forchion has apparently long advocated in favor of the legalization of marijuana, and both his advocacy and his personal experience with the drug have been the cause of a number of run-ins with the law, all of which is detailed at his website. (As Venkat notes, the California appellate court, taking “judicial notice of the content of [Forchion’s] Web site and any other Web site to which it provides a link,” quoted extensively from the website in rendering its decision.) While he was incarcerated in New Jersey, his home state, Forchion unsuccessfully petitioned the New Jersey state courts to change his name to NJWeedman.com. Forchion subsequently moved to California, where he continued his advocacy (and also operated an allegedly lawful medical marijuana dispensary). In California, Forchion tried again, petitioning a lower court to change his name to NJweedman.com, and was similarly rebuffed both there and on appeal.

As Forchion’s choice of moniker demonstrates, and as I have discussed in a recent article (Naming, Identity, and Trademark Law), personal names have at least three functions. A name is denotative, in that it refers to or identifies a person, allowing us to talk about an individual when he or she isn’t present. A name is also connotative, in that it often suggests or brings to mind a set of characteristics or attributes relating to the person to whom the name is connected. Parents typically have connotation in mind when they decide what to name their children, particularly when choosing a name that signifies a connection to a religious or ethnic heritage. And a name also has an associative function in that it signals a connection to a group or family. Indeed, the decision of Eric and his wife, Lisa, to take on a new shared surname upon their marriage is an example of, as he once wrote, establishing a “new common identity which is uniquely [theirs] as a couple.”

Our personal names also function, in a sense, like trademarks. When we write or speak or otherwise share our creativity with the world, our name is what tells people who is responsible for those thoughts and what allows us to build our reputations. And, like trademarks, we may well want to choose a name for our efforts that is itself creative – that expresses something about ourselves that our given names do not. Indeed, each time we participate in an online environment – a social network, a virtual world, a blog, or even sending e-mail – we choose a name through which we will present ourselves to the world.

Many naming choices are made informally – we ask friends and relatives to call us by a nickname or choose a pseudonym when we decide to comment on a blog post. But in an increasingly administrative world, some choose to make names “official” by petitioning the courts for a change in name. Despite the claim by many jurisdictions that this process is ministerial – simply to create an official record of the exercise of the right we have under the common law to change our name – courts will, from time to time, deny such requests on the grounds that the requested name was chosen for fraudulent or deceptive reasons, is offensive or obscene, or is otherwise objectionable. California’s name change statute has been interpreted as granting the courts discretion in deciding whether to grant a name change petition but also as providing that petitions should not be denied without some “substantial reason.” Indeed, the California courts’ own website suggests that the “main reasons” for denying a name change petition in the state are a finding that the petitioner is changing his name to commit fraud, hide from authorities, or for some other illegal reason.

So why was Forchion’s petition to change his name to NJweedman.com denied? The California appellate court offered four reasons, all of which seem somewhat curious. First, the court held that allowing Forchion to change his name to NJweedman.com ran the risk of confusing others. For example, the court noted, if Forchion ever lost the domain name for his website and someone else were to pick it up, there would now be two entities out there sharing the name NJweedman.com: Forchion and the now unrelated website. This, the court held, was untenable because “if both parties used that name to conduct business, confusion might result.” Second, even if Forchion did maintain the website, the court held, “the name might be so similar to another Web site name or trademark that the multiple usage would create confusion.” Third, the court held that the name change would encourage those who encountered Forchion to view his website, which, the court concluded, encouraged illegal activity. And, finally, the court held that given Forchion’s failed attempt to request a similar name change in New Jersey, his home state, principles of comity militated in favor of denying relief in California.

The idea that changing one’s name to that of an existing URL would create a level of confusion warranting the denial of the name change – either as between that URL or another URL or trademark – seems implausible. Naming is always contextual, and it is the rare name that isn’t also being used by someone else. We all like to think of our names as unique, but a quick Google search will often reveal at least one other person who shares our first name/last name combination. [Eric's note: recall our mockery of Bev Stayart on this point]. It’s also not uncommon for a personal name to be identical to a common word in the English (or another) language, such as the first names Hope, Faith, Hunter, and Clay. None of this presents a considerable difficulty either for the named or for those who refer to them; context will typically tell us whether the sentence “Faith is important to me” is being uttered by a congregant or by Faith’s partner. Although it has communicative components to it, a URL is ultimately an address. “Montana,” for example, has ranked among the top 1,000 girls’ names in the United States in recent years [you can do a search for Montana in NameVoyager], but no one would suggest that the existence of hundreds of little Montanas running around is going to cause travelers to have problems finding the state on a map. Nor is the potential similarity to an existing trademark problematic. A quick Internet search reveals more than fifty individuals with the given name John Deere, but it is unlikely that anyone negotiating with any of these men has been confused into thinking that they are dealing with the farm equipment manufacturer.

Comity also seems to be a curious basis for denying a name change petition. Given the mobility of individuals today and evolving family situations, it’s possible that an individual might change one’s surname upon marriage, change it back to one’s birth name upon divorce, change it again upon remarriage, and change it again for professional reasons. It would be odd to suggest that the ruling of any one state on one of these petitions would affect in any way the ability of another state to make a subsequent ruling. There may be statutory limitations on a court’s ability to render such a judgment, in that a particular state statute might require that the petitioner be a resident of the state in order to file a petition (as the appellate court suggested here). But comity doesn’t seem to be the reason to bar such requests, particularly if part of the basis for deferring to a sister state is, as the court stated here, that “the first two letters of the requested name — NJ — are not only the home state’s abbreviation but are intended to refer to that state.”

And so we come to what seems to be the primary motivation for the denial: the content of Forchion’s website. The court did not conclude that the name “NJweedman.com” was itself offensive; indeed, it noted that several New Jersey residents bear the surname Weedman. And while courts have rejected petitions to change one’s name to words that are, on their face, offensive or obscene, on the ground that the court should not be seen as stamping its imprimatur on the name choice, the name “NJweedman.com” does not seem to rise to that level. Nor should the fact that the name request is unusual be dispositive. Courts have approved name changes to single words, such as “Variable,” and to names that include punctuation marks, such as exclamation points. Not all courts have followed this path; a Pennsylvania court in 2000 affirmed a lower court’s rejection of a woman’s request to change her surname to the letter R on the ground that such a surname was “bizarre” and would therefore arouse suspicion. But even the New Jersey appellate court hearing Forchion’s previous petition noted, in its 2004 ruling, that “the name is not so bizarre as to call for denial of the request on that basis.”

But denying a name change petition on the ground that it may lead others to read about the petitioner’s views on controversial matters – even if those views can be characterized as supporting illegal activity – seems to create difficult boundary problems. A name change inspired by a reclaiming of one’s heritage, for example, may connect that individual to new or additional communities, but it would be problematic to suggest that a court’s view of that community should be the basis for rejecting the change. The fact that Forchion’s requested name change is also the URL of the site may well inspire a few who encounter Forchion to visit the site. But given Forchion’s own self-promotion efforts – and the media stories that have resulted, many of which use Forchion’s adopted name in any event – any such effect seems to be a thin justification for deeming the name change improper. Indeed, the fact that the court stated that the URL “should not also serve as Forchion’s personal name as long as he uses the Web site to encourage others to violate the law,” thus suggesting that the name would be appropriate were the content of the website to change, raises interesting First Amendment implications.

Here, the words of an Ohio appellate court seem relevant, when, in 2005, it granted a petitioner’s request to change his name to “Sacco Vandal,” after the anarchist Nicola Sacco and the Germanic tribe. “It’s a free country,” the court wrote. “The applicant is a grownup. He can change his name to anything he wants so long as the new name is not clearly improper or unreasonable . . . . If the applicant is using the name change to make a statement to society – and most applicants do – it is a subtle one.” The statement that Forchion is making by calling himself NJweedman.com may be considerably less subtle, but that does not mean it is without expressive content.
___________

Eric's comments

I agree with Laura's comments that the court's rationales for rejecting the name change are indefensible. It seems that the court implicitly--and improperly--shifted the burden onto Forchion to have a good reason for the name change, instead of retaining the burden to provide a good reason why the name change was problematic.

I was especially unpersuaded about the possibility that the NJWeedman.com domain name would end up in someone else's hands. If this is the court's concern, Forchion could have prepaid the domain name registration for the maximum length permissible, which I believe is at least a decade. That wouldn't have changed the fact that Forchion could still lose the domain name due to a breach of the registration agreement, but I believe those interventions are exceedingly rare. So the "permanence" of a domain name registration could be largely addressed through cash, and the court cut an analytical corner by treating a domain name registration as impermanent.

I'm also scratching my head because Forchion can still effectuate a common law name change, which will give him 90% of the website publicity traffic he seeks. So it's not clear how the court actually advances its policy concerns by denying the official name change.

More generally, despite Laura's scholarly work, state policies governing name spaces remain undertheorized and under-scrutinized. For example, as I blogged on my personal blog, California went decades with a facially illegal distinction in its marriage license, letting the woman take the man's name but not letting the man take the woman's name. California finally fixed this problem with a statute in 2007. For more discussion on government policies towards personal names, see these articles on marriage names and baby names). Another government-operated namespace that doesn't get much attention are vanity automobile license plates; we've seen a variety of questionable government policies emerge there without much pushback.

FWIW, because I changed my name to Eric Goldman from Eric Schlachter, the name Eric Schlachter is freely available for other takers (although, I should point out, there are a few other Eric Schlachters currently using the name). As I mentioned in this blog post, anyone else is free to adopt "Eric Goldman" too, but I plan to defend my favorable search engine placement vigorously!

Posted by Venkat at 08:41 AM | Domain Names , Publicity/Privacy Rights , Trademark

August 29, 2011

Bev Stayart Racks Up Two More Losses--Stayart v. Yahoo and Stayart v. Google

By Eric Goldman

Stayart v. Yahoo, Inc., 2011 WL 3625242 (E.D. Wis. Aug. 17, 2011)
Stayart v. Google Inc., 2:10-cv-00336-LA (E.D. Wis. Aug. 17, 2011)

Persistence is a virtue, but sometimes, enough is enough. You probably remember Bev Stayart as the woman who was upset that sploggers had built pages associating her name with the drug Levitra. In a litigation campaign now spanning 2 1/2 years, she has sued both Google and Yahoo for showing these splogged results. Her lawsuits have gotten zero traction. See the end of this post for my prior blog posts on her futile campaign.

The most recent rulings address her motions to reconsider the dismissal of her publicity rights claims, as well a dismissal in the Yahoo case for lack of subject matter jurisdiction and a motion in the Google case for attorneys' fees. Stayart avoids paying Google's fees--which I would have enthusiastically awarded against her if I had been judge--so I guess she might call that a win. She loses everything else.

The court rejects Stayart's publicity rights claim under Wisconsin's statute. It says that Stayart must establish a substantial connection between her name and advertising, not a de minimis or incidental connection. She didn't do that; her allegations only suggest that "defendant reported the results of its search of other websites." The court wraps up this point by saying:

Because it is not a misappropriation to use a person’s name primarily for the purpose of communicating information, displaying these search suggestions does not provide a basis for plaintiff’s claims.

The court doesn't cite the Habush v. Cannon ruling (also interpreting Wisconsin publicity rights law, although that case involved ads), but I think its ruling is philosophically in sync with that case.

In the Google case, Stayart pointed out that a keyword search for "bev stayart levitra" triggered ads for Levitra. The court, without using the phrase "broad matching," concludes that the logical conclusion is that the ads are based on broad-matching to Levitra. The court's discussion isn't so definitive that this language will be followed as precedent, but the court's reasoning would help defendants in keyword advertising lawsuits where broad matching is involved as well.

In the Yahoo case, the court dismisses subject matter jurisdiction because she didn't clear the $75,000 threshold. She tries to count the possibility of punitive damages towards the $75,000, but noting the Gore case, the court says:

Even assuming that punitive damages were available, such damages would necessarily be limited given the de minimis nature of the compensatory damages alleged.

The court couches the discussion in fairly turgid legal prose, but the message is clear: Bev Stayart's claims substantially overread the law, and she hasn't suffered any damage the court is going to recognize. Most plaintiffs would get the hint and cut their losses.

Among other consequences of her litigation campaign, Bev Stayart's litigation campaign has irrevocably changed the search results on her name. Instead of associating her with sexual dysfunction drugs, her search results forevermore will be associated with unmeritorious litigation. Thus, I still fail to understand why these lawsuits aren't fundamentally counterproductive to her apparent goal of improving her online reputation.
____

Prior blog posts:

* Google Not Liable for Suggested Vanity Searches--Stayart v. Google
* Seventh Circuit Tosses Beverly Stayart's False Endorsement Claims--Stayart v. Yahoo
* Beverly Stayart Strikes Again! This Time, Stayart Sues Google
* Yahoo's Search Results Snippets Aren't False Endorsement--Stayart v. Yahoo
* Yahoo/Overture Sued for Search Results Snippets Containing Plaintiff's Name--Stayart v. Yahoo

Posted by Eric at 10:12 AM | Publicity/Privacy Rights , Search Engines | TrackBack

August 05, 2011

TheDirty Defeats Publicity Rights Claims--Gauck v. Karamian

By Eric Goldman

Gauck v. Karamian, 2011 WL 3273123 (W.D.Tenn. July 29, 2011)

TheDirty.com has an increasingly active litigation docket. This case comes from Lauren Lee Gauck Giovanetti, a TV news reporter for Fox 13 in Memphis, Tennessee. She sued over two user-submitted posts to TheDirty that claimed she "used illicit drugs, was sexually promiscuous, exchanged sexual favors in return for drugs and money, and assaulted an unknown person." The posts contained photos of her and several nude photos that also claimed to be of her, but she denied that claim. As usual, Nik Richie added his terse and snarky comments to the user posts. He also watermarked the photos and covered up portions of the nude photos.

Gauck sought an injunction based on her publicity rights. The court sidesteps the obvious 47 USC 230 defense, assuming without deciding that the publicity rights claim would fit into 230's IP exception.

Instead, the court rejects the injunction request on the merits of the publicity rights claim. This is based on the specific wording of Tennessee's publicity rights statute, which applies only to advertisements or solicitations. TheDirty made a commercially motivated editorial usage of Gauck's name and image. This type of usage gives courts fits, especially when the editorial publication isn't a traditional journalistic enterprise like a print newspaper. (See more about that problem in trademark law). Even so, there was no way to interpret TheDirty's "editorial content" as an advertisement or solicitation. The court says:

Plaintiff has offered no evidence that Defendants marketed their site by emphasizing Plaintiff’s appearance on the site, used portions of the posts in teasers on other sites to draw more visitors, prominently displayed the posts regarding Plaintiff on the site, advertised Plaintiff’s appearance in connection with the sale of any of Defendants’ products, or charged higher premiums to advertisers for advertising space on the pages pertaining to Plaintiff.

The court rejects Gauck's generalized assertion that TheDirty's editorial content generates more ad money because it deals with celebrity gossip:

Plaintiff has suggested, at most, a currently unsubstantiated connection between the general use of celebrity personas on the site and an increase in traffic and/or advertising revenue.

I think that line of inquiry was irrelevant if we maintain the artificial distinction between editorial content and advertising. If the statute applies only to advertising, then it shouldn't matter if editorial content becomes more interesting because it addresses third party personalities. But the distinction truly is artificial--editorial content is its own form of marketing, i.e., more interesting editorial content naturally draws in more readers. The court didn't make a misstep here, but it could have been sharper or more succinct.

More coverage of TheDirty litigation:

* TheDirty Defeats Privacy Invasion Lawsuit--Dyer v. Dirty World
* thedirty.com's 47 USC 230 Defense Rejected on Motion to Dismiss--Jones v. Dirty World Entertainment

Posted by Eric at 11:32 AM | Derivative Liability , Publicity/Privacy Rights | TrackBack

July 29, 2011

Court Smacks Down Koch Industries' Attempt to Shut Down Satirical Website -- Koch Industries v. Does

[Post by Venkat Balasubramani]

Koch Industries, Inc. v. Does, 10CV1275DAK (D. Utah; May 9, 2011) [.pdf]

[This is one of those cases that I intended to cover when it came out, but it got lost in the shuffle. Eric talks about his 'backlog' of blog-worthy cases that he tackles from time to time. I prefer to view it as a quagmire that I wade in and out of.]

EFF, Public Citizen and other similar organizations have excellent resources for creators of parody and satire on the internet. A recent case (litigated by Public Citizen) illustrated a few pitfalls a plaintiff--who is seeking to shut down such non-commercial content--may face. A commercial motivation does not automatically doom a parody or satire defense, but the total absence of a commercial motive will neutralize a plaintiff's claims.

A group who identified themselves as "Youth for Climate Change" set up a faux website at "koch-inc.com" at which they purported to announce Koch Industries' official shift in position towards groups who undertake climate change research and advocacy. The website was announced via a press release which was mailed to news organizations. The site was up for only a few hours but drew a fair amount of media attention. The media quickly identified the site and release as a hoax. Koch sued, asserting claims under the Lanham Act, the cybersquatting statute and the Computer Fraud and Abuse Act. Koch requested and obtained the court's permission to issue subpoenas in order to determine defendants' identity. Defendants appeared, moved to quash the subpoenas and moved to dismiss. The court dismisses the lawsuit, and grants defendants' request for a protective order, keeping their identity under wraps.

Lanham Act and Cybersquatting Claims: Both the Lanham Act and ACPA claims were dead-on-arrival, since defendants' press release did not relate to any goods or services. There was no reference to Koch's products or even to any of Koch's business practices. Koch tried to argue that defendants set up the fake website to draw attention to defendants and to ultimately raise funds for defendants' activities but the court rejects this argument, noting that defendants "did not identify their website or provide a means for making a contribution to [defendants'] entity." In fact, neither the press release nor the fake website contained a link to defendants' website. Koch asserted a similar argument with respect to its ACPA claim but the court notes that since defendants set up and operated the website "completely anonymously . . . the only agenda [defendants] could have been promoting was [their] message, not any entity." Again, the court notes that defendants' anonymity made any donations impossible.

CFAA Claim: Koch also asserted a Computer Fraud and Abuse Act claim and this claim fared no better. This claim was presumably based on defendants' access of the Koch website in the course of preparing their fake press release. The court found that Koch made its website available to the general public. Although the website contained a restriction that "competitors" were not permitted to access the website, the court found that defendants did not agree to this restriction since it was "buried" at the bottom of the first page. Koch cited to Specht v. Netscape for the proposition that browsewrap agreements are normally enforceable but the court notes that this case, and others cited by Koch, were all decided in the commercial context. Koch was unable to identify "a single case imposing 'contractual' speech restrictions on noncommercial web users."

Other coverage:

"Utah Court Strikes Blow for Free Speech, Dismisses Trademark and CFAA Claims Against Political Activists" (EFF)
"Court Protects Hoax Press Release" (Bill McGeveran)
"In Which We Lose Our Funding And Are Reduced To Eating Gravel" (Popehat)
"In Koch spoof case, judge favors First Amendment" (CitizenVox)

Posted by Venkat at 10:33 AM | Publicity/Privacy Rights

July 08, 2011

NJ Appeals Court: No Privacy Violation When Spouse Uses GPS to Track Vehicle -- Villanova v. Innovative Investigations, Inc.

[Post by Venkat Balasubramani]

Villanova v. Innovative Investigations, Inc., et al., A-0654-10T2 (N.J. Ct. App. July 7, 2011)

A New Jersey appeals court decided that a wife's use of a GPS device to track her husband's movements did not violate the husband's privacy rights.

Background: The plaintiff was married, and his wife suspected him of having an affair. The wife hired an investigative firm (the defendants), who conducted a preliminary investigation. It recommended that the wife place a GPS device in the husband's car in order to better track his movements and assist with the investigation. The wife purchased the device [through the internet, of course!] and placed it in the glove compartment of the husband's Denali, where it remained for forty days. The wife sporadically checked the GPS device's movements online and passed along the information to defendants. Defendants used the information to conduct their investigation, which did not seem to yield any information that I would characterize as a blockbuster. The closest the investigators came to a confrontation with the plaintiff is when they waited outside the home of the woman the husband was suspected of having an affair with, and observed the husband and this woman in his car. The investigators followed the car, but the husband realized he was being followed.

The husband brought invasion of privacy claims against the investigative firm and its principal. (The husband waived his privacy claims against the ex-wife in the divorce settlement.)

Discussion: The court notes the four types of invasion of privacy claims under New Jersey law: (1) intrusion, (2) public disclosure of private facts, (3) false light, and (4) misappropriation. Here, plaintiff argued that his (now-ex) wife and the firm intruded upon his solitude. Intrusion requires a showing that the intrusion would have been "highly offensive to the reasonable person." A defendant is only liable if he or she "intrudes into a private place."

The court rejects the plaintiff's claims finding that:

There is nothing [in the record] to support an inference that any surveillance of plaintiff extended into private or secluded locations that were out of public view and in which plaintiff had a legitimate expectation of privacy.

Additionally, the court found that there was no evidence that the wife passed along any private location tracking information to defendants:

a factfinder might, at the very most, infer that [the wife] verbally passed on to defendants information from the GPS company's reports and that defendants used that information as a basis for proceeding on July 28, 2007 to the Heritage Road area. However, there is nothing to establish that any possible invasion of plaintiff's privacy and seclusion ever occurred. Such a finding would require that [the husband] was in a location where he had a reasonable expectation of privacy.

Based on this, the court finds that summary judgment was properly granted to defendants.
___

Divorces seem to be fertile grounds for court decisions around privacy and technology. (See, e.g., my post on Miller v. Meyers, an email access case: "Court: Husband's Access of Wife's Email to Obtain Information for Divorce Proceeding is not Outrageous.")

There was an interesting fact that didn't receive as much as attention as I thought it should: the car was jointly owned. I'm surprised the court did not discuss the fact that since the wife owned the car, she could have argued that she had the right to track its movements. (On a related note, the plaintiff, who was a police office, tried to argue that he used the car for law enforcement purposes once in awhile, but the court is extremely skeptical of this argument.) Another fact that the court did not focus on directly is whether the result would have been different if the investigative firm (rather than the wife) was the one who did the GPS tracking. Kash Hill's post makes this point.

It was also interesting that despite using a "reasonable expectation of privacy" standard, the court does not discuss the diminished expectation of privacy for the husband vis a vis his wife . . . who is trying to investigate him for having an affair. I'm not suggesting that spouses waive their privacy rights with respect to one another, but if you're having an affair, is it not reasonable to expect that your spouse may be checking up on you? In Miller v. Meyers, the email case, the court notes:

A husband prying into his wife's email, after learning that she was engaging in conversations and photo sharing, and then using damaging emails in a divorce and custody proceedings can hardly be considered "extreme and outrageous," "beyond all possible bounds of decency," or "utterly intolerable in a civilized society."

I wondered whether the same could be said of this case. Here, the wife's argument is even stronger, because she's not allegedly violating any other statutes intended to protect the privacy of electronic communications.

GPS tracking is one of those areas where technology and notions of privacy clash. The case law says that you have no expectation of privacy when you are in a public space, but a GPS device can track your every movement in a way that someone who physically followed you in a car couldn't conceivably do. The argument from privacy advocates is that GPS tracking--particularly long-term tracking--reveals more information than could be obtained if you physically followed someone. This was one of the arguments made by the federal appeals court in D.C., which held that warrantless GPS tracking caused Fourth Amendment problems because, among other things, "the sequence of a person’s movements may reveal more than the individual movements of which it is composed." (The Supreme Court accepted review of this case, as noted in this Wired article: "Supreme Court to Decide Constitutionality of Warrantless GPS Monitoring." A slew of federal appeals courts have come to the opposite conclusion that warrantless tracking of a car does not cause any Fourth Amendment problems.)

A final note is that private investigators have it tough these days. They definitely do not travel down a risk-free path in pursuing their investigations. Virtually any investigative decision would seem to cause concern that the subject will assert some sort of privacy claim. I suppose this was always true, but as technology improves, it becomes much easier to eavesdrop and track in a way that creates a greater risk of liability for the investigator.

Other coverage:

"Judges Say It’s Okay To Use GPS To Track a Cheating Spouse" (Kash Hill)

Posted by Venkat at 09:00 AM | Publicity/Privacy Rights

June 29, 2011

Court Dismisses Misappropriation Claims Against Facebook Over Its Friend Finder Service -- Cohen v. Facebook

[Post by Venkat Balasubramani]

Cohen v. Facebook, C 10-5282 RS (N.D. Cal. June 28, 2011)

There are a slew of publicity rights lawsuits pending against Facebook. This one alleged that Facebook misappropriated the names and likenesses of Facebook users by suggesting to Facebook users that their friends had utilized the "Friend Finder" service. (Ironically, Facebook's friend finder service looks similar to the service Power.com offered and which Facebook is trying to shut down.) Plaintiff brought a putative class action, alleging state law misappropriation, Lanham Act, and unfair competition claims.

Facebook's user agreement: Facebook argued that the consent contained in Facebook's terms of use barred plaintiff's claims. Facebook argued that its terms contained a broad license that was limited only by privacy settings for particular types of content:

For content that is covered by intellectual property rights, like photos and videos ('IP content'), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free license to use any IP content that you post on or in connection with Facebook ("IP License").

According to Facebook, an end user's name and profile picture have no privacy settings and therefore there were no limitations on the clause quoted above (i.e., no limitations on Facebook's right to use end user photos and user names). Judge Seeborg, disagreed, noting that:

a more natural reading of the provision is that it gives Facebook a worldwide license to reproduce any pictures or text posted by a user, subject to any privacy settings, that would insulate it from any copyright claims by the user, whether or not the reproduction was made on 'Facebook'.

Facebook also argued that its users had no expectation of privacy in their name or profile picture, but the court notes that this does not bar a user claim for publicity rights. It's one thing to disclose a person's name and it's another to use it for endorsement purposes. Although the discussion is slightly confusing, the court's conclusion was that it's not totally clear that Facebook's terms freely allow Facebook to exploit a user's publicity or personality rights in this manner. The court also noted that there was nothing in the terms which ostensibly allowed Facebook to disclose to other users what services a particular user utilized. [Ouch! I think the conclusion is debatable, and despite Facebook's clunky user agreements, the quoted language is broad. To be on the safe side, if I were Facebook, I would expressly reference publicity and personality rights.]

Plaintiff did not sufficiently allege injury: In order to make out a claim for misappropriation of publicity rights, the plaintiff has to allege injury. Although plaintiff included a conclusory allegation in the complaint that she "suffered injury-in-fact," plaintiff did not allege any harm whatsoever. Injury to feelings is sufficient to assert a publicity rights claim, but plaintiff failed to allege this. Plaintiff argued that she was entitled to statutory damages even absent a showing of harm, but the court disagreed. Under the case law, a plaintiff who suffers no economic loss but suffers emotional harm may be entitled to the minimum damages amount, but plaintiff failed to allege that she suffered any "mental anguish" as a result of Facebook's alleged misappropriation.

Plaintiff's lack of commercial interest in her name undermines Lanham Claim: With respect to the Lanham Act claim, the court held that plaintiff had to allege some "commercial interest" in his or her name in order to assert a Lanham Act Claim. While the plaintiff need not be in "actual competition" with Facebook, the plaintiff had to have some "economic interest" in her name "akin to that of a trademark holder." Plaintiff argued that she had a commercial interest (at least within the group of her Facebook friends) but the court rejects this argument.

Unfair competition: Plaintiff's unfair competition claims was derivative of her publicity rights claims and therefore were dismissed. The court also adds that apart from the injury issue, plaintiff is not likely to be able to show that she has lost "money or other property." The remedies available via a section 17200 action have been sharply limited in recent years, and if a plaintiff cannot show that Facebook wrongly took money or property belonging to plaintiff, he or she will be out of luck. The fact that Facebook offers a free service to end users makes section 17200 claims useless for anything other than prospective injunctive relief. (One or two cases have recognized that personal information can constitute "property," but the court does not discuss that possibility here. See "Judge Recognizes Loss of Value to PII as Basis of Standing for Data Breach Plaintiff".)
__

I'd characterize this as a partial win for both sides. Judge Seeborg's view that the Facebook end user agreement did not bar the misappropriation claims has to make Facebook nervous. On the other hand, if plaintiffs are going to have to show that they suffered "mental anguish" as a result of Facebook's use of their names and profile photos and they have an economic interest in their names, these present obvious barriers. [I can just imagine Facebook's investigators trolling the internet for examples of use by plaintiffs of their own photos and names on other sites or on Facebook, to show that plaintiffs did not really exert any control over use of their names and photos by third party websites.]

Facebook may also have an opportunity to argue that the claims are not amenable to resolution on a class-wide basis, given that individual facts may affect the determination of whether a particular user suffered "mental anguish" as a result of Facebook's use of plaintiffs' photos and user names.

Of course, the reality is that this is a cobbled together class action based on allegations of harm that are tenuous at best. The result may be different if plaintiff alleged that Facebook used plaintiff's name and likeness to advertise third party products or services or even promote something outside the Facebook ecosystem, but telling someone's Facebook's friends that they used the "friend finder" services sounds like a weak publicity rights claim at best.

Plaintiff may be able to amend and get past another motion to dismiss, but this lawsuit will probably be shuttled to the dustbin of internet privacy lawsuits in short order.

Posted by Venkat at 03:14 PM | Licensing/Contracts , Marketing , Publicity/Privacy Rights

June 09, 2011

Buying Personal Names for Keyword Ads Isn't a Publicity Rights Violation--Habush v. Cannon

By Eric Goldman

Habush v. Cannon, 09-CV-18149 (Wis. Cir. Ct. June 8, 2011). The June 2010 denial of the motion to dismiss. A good overview article from when the complaint was filed.

Introduction

A Wisconsin court has said that a keyword advertiser didn't violate publicity rights by buying a person’s name for keyword advertising. Although the propriety of keyword advertising on a third party trademark has been hotly contested since at least 2004, I believe this is the first ruling addressing the publicity rights issue.

The legal novelty of the ruling makes it an important early precedent, but the opinion is not especially persuasive. To me, the judge seemed overwhelmed by both the challenging legal doctrines and technology at issue in this case. In response, the judge issued one of the most citation-free opinions of its length that I have ever seen. This is not a scholarly opinion, and that makes less likely to influence other courts. It also means that an appellate court will likely give this opinion relatively low deference.

The fact that the court dismissed the lawsuit is, on its face, good news for both search engines and advertisers. However, I thought the judge's arguments were questionable and, at least at one crucial juncture, internally inconsistent. The ruling turned on a specific word in the Wisconsin publicity rights statute, and courts applying other statutes can easily distinguish this opinion if they want to rule for the plaintiffs. Therefore, this ruling could morph from a defense win into a plaintiff's friend depending on how future courts rely on and interpret it.

Facts

The case involves two of the highest profile and most successful personal injury law firms in Wisconsin. The defendants bought two of their competitors' last names ("Habush" and "Rottier") for keyword ads at Google, Bing and Yahoo, in some cases bidding enough to ensure the first ad position. The ad copy didn't display those last names.

The plaintiffs sought an injunction. However, in that sense, the plaintiffs may have gotten a de facto extrajudicial win. It appears the defendants have stopped the ad campaign. Neither the court nor I could replicate the ads any more.

The Prima Facie Case

The court holds that the keyword ad buys satisfied the prima facie elements of a publicity rights claim but one. Among other arguments, the defendants argued it didn’t "use" the name "for advertising purposes or purposes of trade." This argument recalls the old and loquacious trademark battles over what constitutes a "use in commerce." The non-"use" defense doesn't get any more traction here than it did in the trademark cases. The court thinks it’s irrelevant that the "use" is invisible to consumers: "the simple, plain English meaning of the word ‘use’ certainly includes the purchase of a name to trigger results from a computer algorithm." Thus, the court concludes:

the defendants used plaintiffs‘ names for advertising and trade purposes without the plaintiffs‘ consent. Thus, plaintiffs have established that, under Wis. Stat. § 995.50, defendants invaded their privacy.

"Unreasonably"

It looks like the plaintiffs are home free. But then, the court says that the plaintiffs must also show that the defendant's use was "unreasonable." This appears to have been a contentious battle over the prima facie requirements; see lengthy FN9 and this transcript from March 2010.

The court then explains why a "privacy invasion" by buying keywords ads was reasonable in this case, including:

* positioning keyword ads by organic results is analogous to competitive adjacencies, such as competitors locating their stores next to each other and advertisers bidding against each other for prime positions in Yellow Pages. In the trademark context, I thoroughly examined these arguments in my uncited Brand Spillovers article. The judge sees the defendant lawyers' ad buys as "energetic business competition." Kudos to the judge for recognizing that keyword ads are usurping lawyers' Yellow Pages ads.

* the specific names here (Habush and Rottier) are part of their law firm's name, and the court says their publicity rights effectively merge with the firm's trademark. In other words, a person searching for "Habush" might be looking for the firm, not the lawyer, and it's impossible to separate those searcher motivations.

* users aren't confused by keyword ads (nor did the plaintiffs show any confused consumers), consumers scan the results page to find what they are looking for, and any confusion they experience will be brief (no acknowledgement of the abominable initial interest confusion doctrine). Further, "Internet users, and consumers in general, have learned to be skeptical about the first impression they may receive from a web page or commercial advertisement." If only that were unequivocally true!

* search engines are evolving, and the court can't figure out what an injunction would look like given how search engine user interfaces might change.

* no attorney ethics rules have banned these keyword advertising practice.

All of these are interesting and meritorious public policy considerations. None of them got any meaningful empirical or legal precedent support for the judge's arguments. An appeals court will feel free to substitute their own considerations for the judge’s proffered rationales.

Also, notice the problem with this court's solution. Other publicity rights statutes may not have the word "unreasonable" in their statutory language, and common law publicity rights doctrines may not require "unreasonableness" either. As a result, where the publicity rights doctrine doesn’t require defendants to engage in “unreasonable” usage, this ruling says pretty clearly that competitively buying a person's name is a publicity rights violation—in other words, what could be a clean win for the plaintiffs. I don't think this judge intends that result, but it’s the implications of the judge’s doctrinal solution.

Defenses

The court rejected the unclean hands defense. It appears that the plaintiffs' firm had bought category ads in some Yellow Pages sites, which caused their ads to show up on the defendants' firm listings in those categories. The court logically distinguishes category ads from keyword ads, though the 9th Circuit's Playboy v. Netscape panel treated them as equivalent.

The court also rejected a First Amendment defense because buying keyword ads is conduct, not speech: "This lawsuit involves the hidden process which causes the link to appear at all. That process is content neutral. It is not information; nor is it a message of any sort. It is not speech, commercial or otherwise."

What??? First, the court ahistorically ignores the 1990s-era rulings about encryption software and the First Amendment. Second, I believe this is internally inconsistent with the court's conclusion that the publicity rights statute applies to invisible activity (i.e., a use of a person’s name that a consumer never sees). The court seems to be saying that conduct without speech can constitute a publicity rights violation, and I don't see how that's possible. My position is that publicity rights violations necessarily require the defendant to engage in speech; so conduct without speech can never satisfy the statutory requirements.

Implications

This opinion got to the right result, but its reasoning is shaky and the opinion was poorly constructed and inadequately cited. The plaintiffs have already vowed to appeal—a fact the judge anticipated as you can see in the March 10, 2010 transcript. (After all, litigators litigate—and good litigators savor the challenge). Given the opinion’s weakness, I would be surprised if the appellate court relied very heavily on this opinion's analysis. However, I hope the appellate court recognizes that the judge's policy concerns were spot-on and finds a way to respect those concerns.

I can't take the lead on an amicus brief in the appeal, but I would be interested in actively supporting the effort. Contact me if you would be interested in working together on one.

Irrespective of what happens on appeal, I can't imagine this opinion will be the last word on publicity rights and keyword advertising. If you are looking for a paper topic, I think that issue offers a few promising angles to explore.

Finally, this opinion complements the uncited Stayart v. Google, which also involved alleged violations of Wisconsin's publicity rights statute and ended in favor of the defense. The Stayart v. Yahoo 7th Circuit opinion turned on the Lanham Act, but it too is relevant. I don’t have a good explanation why Wisconsans are trail-blazing litigation over search engine use of their names.

Posted by Eric at 07:04 AM | Marketing , Publicity/Privacy Rights , Search Engines | TrackBack

June 06, 2011

April-May 2011 Quick Links, Part 3

By Eric Goldman

Search Engines

* Google is working on a deal with the DOJ over illegal pharmaceutical ads and has set aside $500M for fines. Some background on the problem. Google isn’t the only search engine with problematic pharmaceutical ads. Will the other companies be getting the DOJ’s call too?

* Kevin Kelly: "This is the great gift of the free web. It has made some goods so cheap to acquire -- like answers, encyclopedia facts, directions, weather reports, recommendations -- that we generate entirely new realms of activity by doing far more of them. More is different. We ask so many more questions than before that this ask-and-answer is something new. Have you ever wondered where all our questions were before search engines? We didn't even bother to ask them."

* Vitaly Borker, who tried to game Google’s algorithm by seeking out bad consumer reviews, will be going to prison.

* Google won ALM's Best Legal Department in 2011. This article has a great inside look at Google’s legal department and how it makes decisions.

* More winners and losers from Google's algorithmic update.

* Latest antitrust enforcement challenge for Google: South Korea.

* More search censorship in Argentina. The ruling in Spanish.

* Yahoo changed its search log retention period from 3 months to 18.

* Market America is appealing its court loss to Google to the Third Circuit. Most recent blog post.

* Apple jiggers with the ranking algorithm for apps in its app store.

* CNET: “Bing head says 'traditional search' is dying.”

* Realcomp II, Ltd v. FTC, 11a0084p.06 (6th Cir. April 6, 2011). A monopolistic real estate electronic network violated antitrust laws when it provided only limited syndication of real estate listings subject to non-standard brokerage fee arrangements. Implications for Google?

* JC Penney’s 90 day timeout from Google for black hat SEO appears to be over.

* Gord Hotchkiss: “Why Results Quality Is So Important to Search Engines”

Privacy and Security

* Facebook tried to conduct a whisper campaign to bash Google on privacy. That backfired. Steven Levy: “Facebook’s Stealth Attack on Google Exposes Its Own Privacy Problem.” Danny Sullivan: “How Facebook Enables The Google Social “Scraping” It’s Upset About.”

* Not everyone loves the WSJ “What They Know” series.

* Kate Kaye of ClickZ on which of the half-dozen Congressional privacy bills the ad industry should favor.

* WSJ: Schmidt: Google Trying to Simplify Privacy Policies, but Lawyers Get In the Way.

* Less than 1% of Firefox users are using Do Not Track TPLs.

* Third party misuse of an open wifi leads to an unhappy wake-up call for the wifi owner.

* FTC gets $3M settlement from Playdom for COPPA violations. Among other purported defects, Playdom asked kids their ages and purported to bounce underage kids, but gave those kids the option to proceed just by checking a box rather than obtaining verifiable parental consent.

* An IP address can now pin down your location to within a half mile.

* The Sony Playstation hack of 70M member records will probably make my year-end list of top 10 Internet law developments. This event will be horking the law for the better part of a decade.

* EFF on how the Kerry-McCain privacy bill would preempt state law.

* Apple tried to squash the Mac Defender malware in its latest operating system release, but didn't get very far. Microsoft has made such benevolent dictatorship decisions before as well.

Publicity Rights and Trade Secrets

* Reality TV show participants were sued for prematurely revealing the show's outcome (in a lawsuit over the show's alleged failure to pay). See my first year Contract Law problem on maintaining secrecy in reality TV shows.

* Stars on the red carpet grant an implied license to their publicity rights in photos taken there.

* Basketball player Chris Bosh sues the mother of his child to prevent her from appearing in a reality TV show “Basketball Wives.”

* Larry Montz v. Pilgrim Film and Television, 08-56954 (9th Cir. May 4, 2011). In an idea submission case, “We again hold that copyright law does not preempt a contract claim where plaintiff alleges a bilateral expectation that he would be compensated for use of the idea, the essential element of a Desny claim that separates it from preempted claims for the use of copyrighted material.” The panel also reversed the district court conclusion that a “breach of confidence” claim was preempted.

* Many publicity rights complaints over Facebook's "Sponsored Stories": Fraley v. Facebook; JN v Facebook; and EKD v. Facebook. Filings in the Cohen v. Facebook case: motion to dismiss and supplemental brief on 47 USC 230.

* Litigation over Donald Trump’s licensing of his name to home developers. Interesting issues about a trademark licensor’s liability for a licensee’s activity and liability by endorsers for bum offerings.

* MGA spent $130M in its legal battle with Mattel.

Posted by Eric at 07:19 AM | Privacy/Security , Publicity/Privacy Rights , Search Engines , Trade Secrets | TrackBack

June 04, 2011

TheDirty Defeats Privacy Invasion Lawsuit--Dyer v. Dirty World

By Eric Goldman

Dyer v. Dirty World LLC, 2011 WL 2173900 (D. Ariz. June 2, 2011). The summary judgment motion, Dyer's opposition and thedirty's reply.

An ex-boyfriend submitted to thedirty.com 2 photos of Dyer in a bikini and a comment that Dyer gave him and a buddy an STD. Nik of thedirty posted, in response to his standard "Would You?" question, "No it looks like she just had a baby, and if a girl is willing to take 2 guys on then I suggest you use a rubber." Dyer sued thedirty for public disclosure of private facts and false light. For reasons that aren't explained, Dyer didn't sue for copyright infringement for the republished photos (although I vaguely remember these may be self-portraits) or defamation (even though the complaint repeatedly alleges that the statements are false); nor does it seem that she sued the ex-boyfriend either.

Another oddity: the final posting on thedirty had three disparate information pieces--the photos, the submitted comments, and Nik's comments--but the court appears only to evaluate Nik's comments, which are characteristically acerbic but comparatively innocuous. Nik only advanced two statements: an opinion about Dyer's looks and a recommendation for safe sex practices when engaging multiple sex partners. As a result, the court says that Nik didn't make any statements of fact. The court concludes "the Court finds that the general tenor of Defendant’s website makes clear that the two statements at issue represent Mr. Ritchie’s personal viewpoint, rather than an assertion of fact."

However, the court doesn't explain why it effectively ignores thedirty's republication of the photos and the submitted comments. In FN2, the court says it's not relying on 47 USC 230, but if that were really true, it seems that the court should have considered all three information pieces, not just Nik's own words. So it appears that this is a 47 USC 230 case where the court denies it's relying on 47 USC 230.

Prior coverage of a different thedirty case: "thedirty.com's 47 USC 230 Defense Rejected on Motion to Dismiss--Jones v. Dirty World Entertainment"

Posted by Eric at 09:43 AM | Derivative Liability , Publicity/Privacy Rights | TrackBack

May 25, 2011

Ohio Appeals Court: GoDaddy can be Held Liable for Wrongly Transferring Control Over Domain Name and Email Accounts -- Eysoldt v. ProScan

[Post by Venkat Balasubramani]

Eysoldt v. GoDaddy, et al., C-100528 (Ohio Ct. App.; May 18, 2011)

Actions against registrars for allowing domain names to be wrongly transferred have been relatively rare. Members of the Eysoldt family brought claims against GoDaddy alleging these types of claims. A jury ruled in their favor and the Ohio Court of Appeals declined to set aside the verdict.

Jeff Eysoldt registered Eysoldt.com through GoDaddy. He used this account for personal purposes--he stored photos and used it for email, and he allowed other family members to do so. He also registered and managed a domain name for his sister's business through this account. Separately, he entered into a business arrangement with ProScan, and the parties sought to build out a website which would promote cosmetic surgery centers. As part of this project with ProScan, he registered Myrejuvenate.com and placed this domain name in the same GoDaddy account as his personal domain name and his sister's domain name.

The relationship between Eysoldt and ProScan soured, and ProScan sought control of the domain name and the website. One of the ProScan executives called GoDaddy directly. GoDaddy's customer service representative saw that the domain name was registered under Eysoldt's name but "verified" the account information with the ProScan executive by confirming the method of payment and account number used to pay.

GoDaddy gave ProScan control over the Myrejuvenate.com domain name. Unfortunately, it also gave ProScan control over the other domain names and associated email accounts in Eysoldt's GoDaddy account. Eysoldt contacted GoDaddy to fix the problem, but he was told he had to fill out a verification form and fax this along with his drivers license. He did this, but GoDaddy responded to him that his face was not legible in the copy of the drivers license. The ProScan executive also contacted GoDaddy and asked that the domain names other than Myrejuvenate.com be transferred back to Eysoldt, but this too was unsuccessful.

Ultimately, Eysoldt sued GoDaddy. He sued ProScan as well but settled with them. The jury ruled in favor of the Eysoldt and awarded him $50,000 ($20,000 for invasion of privacy and $30,000 for conversion). Two other Eysoldt family members were awarded $10,000 each ($7,000 for invasion of privacy and $3,000 for conversion). (Here is a link to the verdict form.)

GoDaddy made several technical arguments on appeal and the court rejects them all.

Economic Loss doctrine: GoDaddy argued that Eysoldt's claims were barred by the economic loss rule, but the court says that this rule only applies to negligence claims and not to intentional torts.

Conversion: GoDaddy argued that a domain name cannot form the basis for a conversion action because it is intangible property. The court says (citing to CRS Recovery, Inc. v. Claxton) that times have changed. A domain name is readily identifiable and can be converted. GoDaddy also argued that the family members could not assert conversion claims because they testified that they lacked any ownership interest in the accounts. On this point, the court ruled that there was sufficient evidence from which a jury could conclude that GoDaddy converted the "conditional email and private communications [of the family members] that were contained in the GoDaddy account."

Invasion of Privacy: Finally, GoDaddy argued that there was insufficient evidence to support an invasion of privacy claim because there was no evidence that GoDaddy accessed the email accounts. The court rejects this argument also, noting that Eysoldt testified that someone had accessed the emails. According to the court, the harm flowed from the disclosure and not the misuse of the emails. In any event, the court cites to the fact that GoDaddy took control of personal emails, websites, and communications and just handed them over to a third party.

---

GoDaddy had a pretty tough argument here given the facts. To treat a domain name as anything other than valuable third party property would be a mistake by registrars. There was some confusion early on as to whether domain names are contract rights (which do not support conversion claims) instead of property, but courts have long moved on from this question. (See Kremen v. Cohen, CRS v. Claxton, Office Depot v. Zuccarini, Bosh v. Zavala, etc.) I'm surprised GoDaddy didn't raise an argument based on waivers or limitations of liability contained in its end user agreement, but the opinion does not discuss them.

The court's conclusion regarding the invasion of privacy claim is worth noting because the court did not take the approach numerous courts have taken in data breach cases and require any showing of out-of-pocket loss. The likely explanation for this is that the plaintiff here asserted claims under the "intrusion" theory, where the harm flows from the mere disclosure, rather than the misuse, of data, but this should require a showing that the accounts contained information that was of an intimate nature. The court alludes to this in describing what type of information was contained in these email accounts, but does not come out and explicitly state this or cite to any specific information which would support a claim of intrusion.

The court's conclusion that the other family members could recover for conversion also glosses over a few nuances. The sister had a domain name registered through GoDaddy, but the court does not connect the dots on how giving Proscan control over the GoDaddy account translates into a conversion claim for the other family members. The court instead focuses on the email accounts and notes:

[w]hile Jill and Mark [the other family members] acknowledged that the account was registered to Jeff, the evidence showed that each of them had email accounts set up within Jeff's account. Additionally, Jeff and Jill had created content for Jill's website for her business, Good Karma Cookies. When Go Daddy gave control of the account to Wallace and ProScan, Jill could not access her website. Likewise, Jill and Mark could not access their email accounts. Thus, as the trial court stated, 'there was sufficient evidence produced at trial that would support the jury finding that GoDaddy converted the conditional and private email communications of Mark and Jill Eysoldt that were contained in the GoDaddy account.'

The court's focus on control over email accounts and content does not square well with the cases which say that domain names can be converted because they are freely transferable and can be bought and sold. Under the court's approach, a registrar could be found liable for terminating access to an email or hosting account, and this sounds problematic.

[Eric's comment: indeed, I read this opinion as hinting that any cloud service provider could "convert" a user account's to the extent that service provider "wrongfully" "cuts off" the user's access to his/her own intangible files. I don't think the court means to go there, but holding that GoDaddy converted the emails (as opposed to the domain names) naturally leads to a very dark place.]

It's clear that courts are not reluctant to impose some sort of obligation on the part of registrars to guard against identity theft. Registrars may need to adopt authentication procedures as rigorous as the procedures that banks use to authenticate bank accounts. Of course, even this approach is not infallible, and not easy to implement, given that much of the customer service interaction between a registrar takes place over the phone. Another suggestion is for registrars to respond promptly to any claims by customers of domain name theft. Sending a canned response from customer service when a customer frantically emails saying that his or her domain name has been stolen is not going to look good in the eyes of the fact-finder.

I'm struck at how often people register business and personal domain names in the same account, and how often the web-person ends up registering the domain name for a project in his or her account, rather than in the name of the entity, or a separate account which both joint ventures have control over. The domain name as a bank account analogy is useful here, and if you are part of a joint venture, think about whether you would want to give your co-venturers sole control over the bank account.

Posted by Venkat at 09:20 AM | Domain Names , Internet History , Licensing/Contracts , Publicity/Privacy Rights

May 20, 2011

Court Allows Fair Credit Reporting Act Claims Against Spokeo to Move Forward -- Robins v. Spokeo

[Post by Venkat Balasubramani with comments from Eric]

Robins v. Spokeo, No. CV10 05306 ODW (AGRx) (C.D. Cal.; May 11, 2011)

I previously blogged about Spokeo, which is being sued for disseminating reports which allegedly contain inaccurate information about plaintiff. The court initially dismissed the lawsuit without prejudice due to plaintiff's failure to allege actual harm.

Plaintiff refiled its lawsuit and alleges harm sufficient to satisfy the court:

the court finds that plaintiff has alleged sufficient facts to confer Article III standing. Specifically, Plaintiff has alleged an injury in fact - the "marketing of inaccurate consumer reporting information about plaintiff" - that is fairly traceable to defendant's conduct - alleged FCRA violations - and that is likely to be redressed by a favorable decision from this court.

This just sounds like a formulaic recitation of harm, but it's good enough for the court. To allege standing under certain statutes you, just have to allege a violation of the statute. In other cases, you have to allege actual harm.

Apart from lack of standing, Spokeo argued that it is not a "consumer reporting agency" under the Fair Credit Reporting Act. Spokeo pointed its disclaimers which stated that the reports furnished by Spokeo "cannot be used for FCRA purposes." The court is not swayed by this argument and points to plaintiff's allegations that Spokeo marketed its reports to "HR professionals and potential employers." Plaintiff presented the court with some typical gotcha website copy that easily made the case at the pleading stage that regardless of what the disclaimers said, Spokeo intended the reports to be used for employment and credit verification purposes.

Spokeo also argued that it was entitled to protection under Section 230. The court punts on the Section 230 issue. The court's discussion of this issue is somewhat disappointing in that it gives the parties very little to work with as far as how the court will ultimately deal with the issue. The details around how the collection and dissemination of information occur could end up being important to the Section 230 analysis. (Prof. Goldman's post on Accusearch discusses this: "Roommates.com Infects the Tenth Circuit--FTC v. Accusearch.") Spokeo should be able to take in information from various agencies, aggregate it, and redistribute it without losing Section 230 protection. (See, e.g., AOL v. Drudge.) To the extent Spokeo is just taking in reports that third parties already create, it should be difficult for plaintiff to argue that Spokeo falls under the Ninth Circuit's Roommates decision and somehow plays a role in the creation of the content. It's also worth separating the "score" assigned by Spokeo, with respect to which Spokeo will likely be able to argue some First Amendment protection (see Brown v. Avvo), from the information that is taken in from third parties and disseminated. Maybe the pleadings and the briefing didn't highlight what exactly whether plaintiff was complaining about the information that came from third parties or the "score" assigned by Spokeo, but these seem like issues the court could have delved into in order to provide some clarity to the parties.

The court also dismisses plaintiff's claims under California's unfair competition statute on the basis that the plaintiff did not allege that he "lost money or property" as a result of the unfair competition. Here the court finds that the plaintiff's conclusory allegations of lost income from continued unemployment are insufficient.

Previous post: "Court Dismisses Class Action Against Spokeo for Lack of Standing"
____________

Eric's comments

The court's 47 USC 230 discussion is terse. The entire substantive discussion:

Defendant asserts that it is immune under the CDA because it is an “interactive computer service” that “passively displays content that is created entirely by third parties.” Plaintiff, however, alleges that CDA immunity does not apply to Defendant because unlike information content providers that simply reorganize information obtained from other content providers, “Defendant develops original content based on information obtained from a variety of sources and posts it online[.]” Accordingly, application of the immunity is not clear at this time and the Court declines to dismiss the Complaint on this basis.

This could be another example of a judge being too cautious to use 230 on a motion to dismiss. The court appears to have allowed the bald assertion that Spokeo "develops" content to survive the dismissal motion. As Venkat says, what the judge should have done is require the plaintiff to be more specific about exactly what Spokeo did to develop the content.

We've seen a couple other recent examples where courts have let bald assertions like this survive a 230 dismissal, only to come to its senses at the summary judgment stage and decide 230 applied after all. (See the Kruska and Smith cases). My guess is that something similar will happen here too, with the twist that anything Spokeo actually develops will be its protected opinion (much like the Avvo case, as Venkat notes). A late 230 defense is better than no 230 defense, but it still incurs a lot of needless costs and wasted motion. It's unfortunate this judge wasn't more aggressive at policing the obvious 230 issue at the pleading stage.

Posted by Venkat at 08:08 AM | Derivative Liability , Publicity/Privacy Rights

May 19, 2011

Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson

[Post by Venkat Balasubramani]

Piccolo v. Paterson, No. 2009-04979 (Pa. Ct of Common Pleas; May 5, 2011) [.pdf]

In addition to cases dealing with whether Facebook posts are discoverable in civil cases, courts and litigants continue to grapple with the logistical issues of how a party seeking such evidence can get access to it, or make arguments about whether or not they are entitled to access certain information contained in the profile.

Piccolo v. Paterson was a personal injury case where the plaintiff claimed she suffered lacerations to her face from the impact of an air bag. In her deposition, she was asked whether she posted pictures to Facebook and she said yes. Defense counsel asked if Piccolo would accept a "neutral" friend request from defense counsel so defense counsel could view the pictures. Piccolo later demurred, stating that the "materiality and importance of the evidence ... is outweighed by the annoyance, embarrassment, oppression and burden ...." Defense counsel brought a motion to compel. Defendant cited to McMillen v. Hummingbird Speedway, where the court ordered the plaintiff to provide his Facebook password to defense counsel.

The court rejected defendant's arguments, noting that defendant had already been provided an accurate photographic representation of the relevant evidence. As the Legal Intelligencer notes:

Piccolo [the plaintiff] allowed the insurer to come to her home in 2008 and take photographs of her face. She also gave the defense 20 photos of her face from the week following the accident as well as five photos from the months just before the accident. She allowed the defense to take more pictures at the September 2010 deposition.

Plaintiff's counsel argued that there was no showing from the defendant that plaintiff had posted photos which were inconsistent with what she alleged in the lawsuit, or that any of the other material in plaintiff's Facebook profile was in any way relevant to the case. The court granted plaintiff's motion in a brief one paragraph order which did not contain any reasoning, so it's tough to tell the precise basis for the court's decision.

It looks like litigants (or their lawyers) are overreaching when they seek social media evidence, and at least some courts are pushing back. (Plaintiff's lawyers are also starting to advise their clients as to the dangers of using social networking sites, at least during the pendency of ligitation. See "Social Networking Warning Letter Form for Clients.") In this case, there was little justification to force plaintiff to "friend" defense counsel and give defense counsel access to personal details that only plaintiff's Facebook friends would be privy to. There was some confusion as to whether plaintiff's profile was "public," so it's unclear as to whether defense counsel truly would be privy to information that only a select group of individuals would have access to. Regardless, given that defense counsel had access to ample photos of plaintiff's face from shortly after the incident, and was provided photos later, and could evaluate plaintiff's injuries contemporaneously, defendant didn't have a credible argument for rooting around in plaintiff's Facebook profile. As a Facebook friend, defense counsel would be exposed to information, including personal details about the plaintiff's life, that would not be relevant to the case.

I blogged about McMillen v. Hummingbird Speedway and had some qualms with the court's approach of forcing a litigant to turn over their Facebook password. Among other things, there is no way that all of the information in a profile could be relevant:

for starters, the court totally glosses over the relevance analysis. There is no way that all of the information in the plaintiff's social networking site can be relevant to the dispute, and the court's decision grants defendant access to both relevant and irrelevant information.

It looks like the court took the correct approach here.

In another decision addressing a similar issue, the court ordered the litigants to both friend the judge so the court could review the materials and address the question of relevance. ("Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute.") That was a wacky approach to say the least, but it looked like the court did not even need to consider it in this case, given the lack of relevance of the materials which defense counsel was seeking.

Social networking evidence is generally viewed as an evidentiary treasure trove for lawyers, but as is becoming increasingly clear, it's easier said than done to get access to it. Statutes such as the Stored Communications Act restrict the networks' ability to disclose private communications, which may or may not include wall posts, in response a civil subpoena. An alternative is to get the information directly from the party in question, but if the party seeking the information doesn't know exactly what is in the profile, they will have a tough time articulating relevance.

As a final note, I wonder if there are any ethical issues lurking in the background for a lawyer who "friends" a party in order to gain access to evidence (even when there is no deception involved in the friending process).

Other coverage:
Legal Intelligencer: "Facebook Postings Barred From Discovery in Accident Case"
The Employer Handbook: "Court bars Facebook "friending" in discovery"

Previous posts:
"Court Orders Disclosure of Facebook and MySpace Passwords in Personal Injury Case -- McMillen v. Hummingbird Speedway"
"Judge Offers to Facebook 'Friend' Witnesses in Order to Resolve Discovery Dispute -- Barnes v. CUS Nashville"
"Facebook Messages/Wall Posts, Civil Discovery, and the Stored Communications Act -- Crispin v. Audigier"

Posted by Venkat at 08:30 AM | Evidence/Discovery , Publicity/Privacy Rights

March 28, 2011

Website Privacy Policy Supports Pseudonymous Poster's Expectation of Privacy -- Cornelius v. Deluca

[Post by Venkat Balasubramani]

Cornelius v. Deluca, 10-Cv-027-BLW (D.Id.; Mar. 15, 2011)

A district court judge in Idaho denied a request to unmask the identity of a pseudonymous forum poster. In support of its decision, the court looked to the website's privacy policy to find an expectation of privacy.

The case revolved around comments made on bodybuilding.com which Cornelius and his company are not happy about. The lawsuit has spanned two jurisdictions (Idaho and Missouri) and spawned two rulings mentioned on this blog. Professor Goldman's initial post describes the situation as follows:

DeLuca runs bodybuilding.com, a fitness website and online retailer. The plaintiffs sell dietary supplements ("syntrax," whatever that is). The plaintiffs allege that their competitors posted shill reviews to bodybuilding.com designed to harm the plaintiffs' business. The plaintiffs sued both bodybuilding.com and the putative shillers.

The first time around, the Missouri judge awarded bodybuilding.com an easy Section 230 win to the extent plaintiff tried to hold it liable for posts made by third parties. ("Online Retailer Isn't Liable for User Comments.") In a second ruling (after the dispute moved to Idaho), the court strayed from the Section 230 path and said that bodybuilding.com could be held liable for posts made by "moderators." ("Troubling Ruling About 47 USC 230 and Moderators.") In response to this ruling, plaintiff tried to find out the identity of a pseudonymous poster named "INGENIUM," who posted the following:

despite S103's constant matrix pimping in CASEIN threads, matrix is not a micellar casein product.

[I'm not even sure what the products in question are, and what claims are being made about them, but the extensive litigation activity in this case makes me think that they must be useful in some way.]

After a November 2010 hearing, the court allowed plaintiff to discover INGENIUM's identity, based in part on defense counsel's purported concession that bodybuilding.com did not object to disclosure of INGENIUM's identity. The court's earlier decision was also based on the court's conclusion - relying on a recent Ninth Circuit case (In re Anonymous Online Speakers) - that the statement in question was commercial speech. Bodybuilding.com complained, saying that counsel was not authorized to make this concession, and requested that the court reconsider its prior ruling. Also, in between the court's earlier ruling and its reconsideration of the order, the Ninth Circuit withdrew its opinion in In re Anonymous Online Speakers and left the opinion intact, except for the language that characterized the speech as commercial speech versus core political speech.

Anonymity v. Disclosure of INGENIUM's identity: The court decides that INGENIUM's speech is neither purely commercial nor core political speech, and it then looks to the question of whether plaintiffs' need for INGENIUM's identity outweigh INGENIUM's right to speak anonymously. Without deciding the appropriate test in this context, the court looks to previous cases and settles on five relevant factors (citing Sony Music v. Does, Dendrite, 2TheMart): the plaintiff's ability to establish a prima facie case; the specificity of the discovery request; the availability of alternate means to obtain the information; the need for discovery to advance plaintiff's claim; and defendant's (or the speaker's) expectation of privacy.

The court reverses itself and finds that plaintiffs could advance their claim without obtaining INGENIUM's identity - i.e., this information was not central to plaintiffs' claims. Noting that an 'extra-high hurdle' exists when a non-party's information is involved, the court finds that plaintiffs failed to clear that hurdle here. In particular plaintiffs sought to identify the precise nature of the relationship between bodybuilding.com and INGENIUM, but plaintiffs hadn't conducted any discovery directed to bodybuilding.com on this issue. Bodybuilding.com submitted a declaration setting forth its relationship with INGENIUM (that INGENIUM was a community-elected volunteer), but plaintiffs did not bother deposing the individual who submitted the declaration. Thus, there was no need for plaintiffs to unmask INGENIUM to obtain this information, at least not at this stage.

The privacy policy: The court also added that:

INGENIUM has an expectation of privacy based on bodybuilding.com's terms of service and privacy policy. Bodybuilding.com's terms of service state that no poster may make any post that would infringe on another poster's right to privacy. Bodybuilding.com's privacy policy also states that protecting users' privacy is a top priority, and bodybuilding.com has taken reasonable measures to protect users' private information.

Ultimately, the court concludes that plaintiff's attempt to discover INGENIUM's identity "is a fishing expedition based on speculation that INGENIUM was or is an agent or representative of bodybuilding.com."
__

There have been a couple of cases dealing with website privacy policies and their effect on whether a user should be unmasked. I blogged about Sedersten v. Taylor, where the court held that language in the policy providing that the site could freely use user information did not result in a waiver of the right to post anonymously. ("Online Commenter Did Not Waive Right to Anonymity by Agreeing to News Website's Privacy Policy.") In McVicker v. King, the court held - as the court did in this case - that language in the policy created an expectation of privacy. (Here's Tom O'Toole's post on that case: "Newspaper Website's Privacy Policy Creates Expectation of Privacy for Commenters?")

The expectation of privacy that is derived from a site or service's terms is something that courts have looked to in the Fourth Amendment context, in dealing with questions of privilege or whether an employer has the right to access employee communications, and whether disclosure of a person's social networking profile and communications is appropriate in civil litigation. But thus far, it has not made an appearance in anonymity cases. There are a couple of questions or concerns that this approach raises: (1) whether looking to terms in privacy policies would leave anonymous users at the whim of website terms (which may change from time to time based on business considerations), and (2) whether it makes sense to impute the expectation of privacy on users based on policies that they don't necessarily read or digest? (See Chris Soghoian's post the Twitter/Wikileaks disclosure order on the second point: "Federal judge in Twitter/Wikileaks case rules that consumers read privacy policies.") The First Amendment cases dealing with online anonymity do not discuss whether the poster had a "reasonable expectation" of privacy, and looking to the online terms and privacy policy will just muddy the analysis. While it bolsters the poster's privacy in this case, it may leave online posters in general worse off. Also, in many instances it will not be determinative because sites tend to include wiggle room in their policies so they can disclose user information if it's in their interest to do so.

Interestingly, the issue is in front of the court only because of its ruling that bodybuilding.com could be held liable if INGENIUM is found to be an "agent or representative of bodybuilding.com." See Professor Goldman's skepticism about this conclusion in his earlier post on the case: "Troubling Ruling About 47 USC 230 and Moderators."

Posted by Venkat at 12:55 PM | Derivative Liability , Evidence/Discovery , Privacy/Security , Publicity/Privacy Rights

March 17, 2011

Employee's Twitter and Facebook Impersonation Claims Against Employer Move Forward -- Maremont v. Fredman Design Group

[Post by Venkat Balasubramani]

Maremont v. Susan Fredman Design Group, 2011 U.S. Dist. LEXIS 26441 (N.D. Ill.; March 15, 2011)

As alleged in the complaint, Fredman is a prominent interior designer who runs the Susan Fredman Design Group (SFDG). SFDG also has an internet presence. Maremont is an interior designer that started working at SFDG in October 2005 (as SFDG's Director of Marketing, Public Relations, and e-commerce).

Maremont was active in the online community and created "a popular personal following" on Twitter and Facebook. Maremont also created a SFDG blog entitled "Designer Diaries: Tales from the Interior" ("Designer Diaries") that is hosted on SFDG's blog." Maremont's likeness was tied to her online activities:

she authored frequent Posts and Tweets to her personal Facebook and Twitter accounts, along with the material for the Defendants' "Designer Diaries" blog. Maremont's image appeared on each personal Post and Tweet, which unmistakably distinguished her likeness.

In September 2009, Maremont was injured in an accident and was in the hospital for an extended period of time. While Maremont was at the hospital, Fredman and another SFDG employee visited Maremont and asked Maremont about various work projects. Meanwhile, one of Maremont's visitors at the hospital advised that Fredman and SFDG was impersonating Maremont by:

impersonating her by authoring Posts and Tweets to her personal Facebook and Twitter followers promoting SFDG . . . each Post and Tweet displayed Maremont's name and image giving followers the appearance that [Maremont] was the author.

Maremont then asked Fredman and SFDG to stop this practice. Apparently, the practice continued, but in December 2009, Maremont's husband read some of the posts which Fredmand and SFDG authored and published via Maremont's account and this caused Maremont to suffer distress. Maremont and her husband changed the passwords to her personal Facebook and Twitter accounts.

Maremont ultimately returned to work at SFDG on a part-time basis in February 2010 but found that she got a chilly reception at work. In May, Fredman expressed misgivings about Maremont's part-time schedule and that SFDG was having cash flow problems. In response to the perceived hostility towards her, Maremont quit, and brought claims against SFDG and Fredman.

Lanham Act Claim: Maremont brought a Lanham Act claim for "false endorsement". In order to bring a claim, she should show that she has commercialized her name or likeness. (See Stayart v. Yahoo, discussed by Eric here: "Seventh Circuit Tosses Beverly Stayart's False Endorsement Claims.") The court says that she has commercialized her name:

Maremont has . . . alleged that - as a professional interior designer - she became well-known in the Chicago design community allowing her to create a popular following on Facebook and Twitter. Maremont also alleges that her Tweets and Posts relate to her work in a commercial context, namely, as a professional interior designer and employee of SFDG.

The court did not discuss whether Maremont's online activity inured to the defendants' benefit since Maremont was posting and built up her following while she was an employee of SFDG. It's unclear whether defendants made this argument, but even if they did, given how egregious the facts were alleged to be, it would not be a surprise for it to have fallen on deaf ears. That said, given that Maremont was an employee and clearly posted on behalf of SFDG, SFDG had a possible argument that any copyright or trademark rights accrued to SFDG's benefit and not to Maremont. Also, given that some of Maremont's followers were following because of her official employment status, and assume that some of the posts related to her job. Shouldn't SFDG have an argument here that it should be able to keep up with its audience via the accounts in question?

Right of Publicity: The right of publicity claim requires Maremont to show that her identity was used for "commercial purposes . . . without [her] . . . written consent." Defendants did not argue that Maremont failed to satisfy this claim. Instead, defendants argued that the claim was barred by the statute of limitations since it first accrued in September 2009, "the approximate date of defendants' first Tweet impersonating Maremont." The court rejects this argument, citing to the "continuing violation rule." Defendants allegedly continued to exploit Maremont's publicity rights, despite Maremont's instructions to the contrary. No luck for defendants here.

Privacy Claim: Maremont also brought a common law privacy claim based on misappropriation of her likeness. Defendants argued that the Illinois publicity statute replaced the common law tort of misappropriation of likeness. In response, Maremont argued that she could also state claims for intrusion into seclusion and false light. With respect to her false light claim the court says she failed to allege actual malice. With respect to her claim that defendants "intruded into her personal 'digital life'" the court finds that she failed to develop this argument fully. The court dismisses these claims without prejudice and gives her a chance to replead.
__

I'm not sure what SFDG was thinking, but its head was not on straight when it accessed and continued to post from its hospitalized employee's Twitter and Facebook accounts. This pretty much fails every common sense test there is out there. But employers seem to want to access employee accounts (see, e.g., "Pure Power Boot Camp v. Warrior Fitness Boot Camp - Ex-Employees Awarded $4,000 for Email Snooping by Employer"). Maybe employers think that they own the accounts since they are employee accounts, but this is not the case. For some reason, employers seem slow to realize this.

In accessing the accounts, SFDG potentially incurred liability under the Stored Communications Act as well. Illinois does not seem to have an online impersonation statute, but if Maremont was in California, she could have thrown in this argument as well.

The case highlights the importance of having a social media policy, which should at a minimum designate "official" employer accounts and specify when an employee's Twitter/Facebook posts are their own vs. the employers. The case also brings up the question of who owns a company's Facebook fans and Twitter followers. Given the value companies are placing on their Facebook and Twitter presences, litigation over this issue is likely to increase. Professor Goldman recently posted about a case where two companies were fighting over their Facebook fan page: "Business Sues Facebook to Restore Its Fan Page--Complexions v. Complexions Day Spa." We can expect to see more of this litigation activity in the future.

Posted by Venkat at 10:11 AM | Marketing , Publicity/Privacy Rights

March 10, 2011

Google Not Liable for Suggested Vanity Searches--Stayart v. Google

By Eric Goldman

Stayart v. Google, Inc., 2011 WL 855316 (E.D. Wis. March 8, 2011)

Beverly Stayart (a/k/a Bev Stayart) has graced these pages so many times, I feel a little silly recapping her story yet again. The short story behind this case: In the course of doing vanity searches, Bev Stayart discovered that Google suggested her name plus the name of a sexual dysfunction drug ("bev stayart levitra"). Rather than ignoring these search results, as almost all of us would do, she boldly clicked on the results and decided they were worth a lawsuit because these searches degrade her sterling reputation and generate profits for Google.

She brought a similar lawsuit against Yahoo and lost. Now, she racks up a loss against Google. Her litigation quest has unquestionably helped define her reputation in the Internet law community, but perhaps not in the way she might desire.

This opinion is relatively brief and breezy, befitting a case so devoid of merit. The court references 47 USC 230 (which should have worked, as it did in her suit against Yahoo) but sidesteps it, instead granting a 12(b)(6) motion to dismiss on the elements themselves. The court rejects Stayart's publicity rights claim because she didn't show her name has any commercial value or that Google made any use of it (commercial or not). Instead, "Google enables internet users to access publically available materials connected to plaintiff’s name." The court also says Google isn't impermissibly selling the phrase "bev stayart levitra" because clearly any resulting ads are broad-matched to "levitra."

The Seventh Circuit already has had one chance to mock Stayart (in the Yahoo lawsuit). I wonder if she will give them a second mocking opportunity.

UPDATE: On the same day, the court also dismissed Stayart's latest foray against Yahoo on less substantive grounds.

Prior blog posts on Beverly Stayart's litigation:

* Seventh Circuit Tosses Beverly Stayart's False Endorsement Claims--Stayart v. Yahoo
* Beverly Stayart Strikes Again! This Time, Stayart Sues Google
* Yahoo's Search Results Snippets Aren't False Endorsement--Stayart v. Yahoo
* Yahoo/Overture Sued for Search Results Snippets Containing Plaintiff's Name--Stayart v. Yahoo

Posted by Eric at 10:02 AM | Publicity/Privacy Rights , Search Engines | TrackBack

February 12, 2011

Debt Collection Text May Result in Liability under the Telephone Consumer Protection Act -- Gutierrez v. Barclays Group

[Post by Venkat Balasubramani]

Gutierrez v. Barclays Group, Case No. 10cv1012 DMS (BGS) (S.D. Cal.; Feb. 9, 2011)

The Telephone Consumer Protection Act is a big stick. And it's being wielded against debt collectors.

Plaintiffs (a husband and wife) applied for a credit card. On the application, the husband listed his work number and his wife's cell phone number. Credit cards were issued to both the husband and the wife. At some point, when the couple were delinquent on their payments, Barclays began making collection calls to both numbers. It also sent text messages to the numbers. In response to one of the text messages, the husband asked (via text message) to cease further text messages. Although the court doesn't explicitly say this, presumably, the messages from Barclays continued. Plaintiffs filed claims under the TCPA.

Defendants argued that plaintiffs consented to the text message by listing their number on the credit application, and sought to dismiss the claims against the wife on the grounds that she was not the "called party." The court denies defendants' request for summary judgment.

Consent: The first question was whether the wife consented to listing her telephone number and provided the "prior express consent" that would allow defendants to argue that the communications fell under this exception to the TCPA. Defendants pointed to an FCC Report and Order which stated that calls made by a creditor to a debtor to the number which the debtor provided in the credit application fall under the "prior express consent" exception. However, the wife argued that since she did not fill out the application in question, she could not have consented. The court found that there was little case law on the issue of how this type of consent must be expressed. The court looked to the criminal context and found that courts find consent to a search by the defendant, but also by a third party who possessed "common authority over or other sufficient relationship to the premises or effects" in question. Defendants put forth evidence that the husband possessed "common authority" over the phone because he freely used it. On this basis, the court finds that the wife effectively gave prior express consent to receiving the calls.

Revocation of consent: Unfortunately for defendants, that was not the end of the story. Plaintiffs argued that they revoked the consent via text message. Defendants argued that the revocation had to be in writing, but the court disagrees, noting that if consent could be provided by telephone or other means, it would be odd to require a revocation to be in writing. Ouch!

Whether the wife was the proper plaintiff: Defendants finally tried to get the wife's claims dismissed on the basis that since she did not receive the texts in question, she was not the "called party" for purposes of the TCPA. The court looked to mixed rulings on the issue of who could sue for a TCPA violation. One case held that unintended and incidental recipients could not sue. At least one case held to the contrary that any recipient could sue. The court takes a different approach and rules that only the subscriber has a cause of action to sue under the TCPA.

The TCPA is a tough statute for people who send unsolicited text messages. Third party consent is unreliable in the marketing context (see "Ninth Circuit Revives TCPA Claim--Satterfield v. Simon & Schuster"), but it looks unreliable in general. When you add the fact that consent can be revoked by text message or orally, people who send unsolicited text messages are not left with much comfort. I think that's worth remembering is that unlike spam, it does not matter whether an unsolicited text message as sent for advertising purposes. It is also no defense that the recipient was not "separately charged" for the call. Debt collection text messages can violate the statute, absent consent (which can be easily revoked).

Unsolicited text message litigation has followed almost the opposite trajectory to spam litigation. Defendants just can't seem to get a break. Some of this is a result of the overzealous plaintiffs involved in spam litigation. Some of it is also the structure of the respective statutes. The TCPA is just much more of a plaintiff friendly animal.

Posted by Venkat at 11:16 AM | Publicity/Privacy Rights , Spam

December 24, 2010

Deep Packet Inspection (NebuAd) Litigation: Court Dismisses ECPA Claim but CFAA Claim Continues

[Post by Venkat with comments by Eric]

Mortensen v. Bresnan Comm., CV 10-13-BLG-RFC (D. Mont. Dec. 13, 2010)

A district court in Montana hearing one of the many NebuAd "deep packet inspection" lawsuits partially granted a defendant's motion to dismiss. This lawsuit arises out of NebuAd's alleged attempt to monitor and use an end user's internet activity for advertisement targeting purposes - i.e., not using cookies or other tracking, but actually routing the communications themselves through NebuAd's "appliance." There have been a slew of lawsuits out of this practice; this lawsuit involved claims against Bresnan Communications, an Internet access provider, who is accused of letting NebuAd install the appliance for its profit.

Electronic Communication Privacy Act Claims: Bresnan first argued that it did not engage in any interception itself, so it could not be held liable under the ECPA. The court rejects this argument on the basis of plaintiff's allegation that Bresnan "allowed" NebuAd to install its device on Bresnan's network, and but for the appliance, the monitoring would not have occurred.

However, the court accepts Bresnan's argument that the plaintiffs agreed to the interception based on disclosures in the terms of service and elsewhere. The court quotes from Bresnan's "Online Privacy Notice," which says:

the equipment used to provide the service collects information . . . [including] information about . . . 'electronic browsing,' and the text of email or other electronic communications the [users] send or receive using [the] services.

The notice also references that the information that is collected will be disclosed to third parties. Bresnan's "Online Subscriber Agreement" contained similar disclosures. Finally, the court notes that Bresnan alleges that it provided customers "specific notice" and a link to opt-out from information collections.

Shockingly, plaintiffs did not contest that "they agreed, by way of Bresnan's Privacy Notice and Subscriber Agreement to the interception." (??) Instead, plaintiffs quibble with the scope of the documents in question and argued that Bresnan construes plaintiffs' consent "cavalierly." The court rejects plaintiffs' argument, and grants Bresnan's motion to dismiss the ECPA claim on the basis of consent.

Invasion of Privacy Claims: Plaintiffs brought a common law invasion of privacy claim. The court finds that the notice and disclosure (discussed above) undermines any expectation of privacy plaintiffs had in their use of the service. This ends the court's discussion.

Computer Fraud and Abuse Act Claims: Although the court rejects plaintiffs ECPA claim, the court allows plaintiffs' Computer Fraud and Abuse Claim to go forward. The court concludes (based on Bresnan's disclosures to its customers) that Bresnan's access of plaintiffs' computers had some authorization. Nevertheless, the court finds that Bresnan may have exceeded the authorization that was initially granted. The court bases this conclusion on the fact that the notices provided by Bresnan did not clearly apprise plaintiffs that "their computer settings were to be actively altered or tampered with by Bresnan." The court concludes that for purposes of surviving a motion to dismiss, plaintiffs have sufficiently alleged that:

Bresnan's act of tampering with the security and privacy protocols exceeded any authorization that Plaintiffs may have given.

The court also addresses the jurisdictional damage requirement, under which a CFAA plaintiff must show that the unauthorized access caused $5,000+ in damages. The court notes that plaintiffs' allegations of emotional distress are not compensable, since only economic losses are recoverable under the CFAA. However, the court finds that plaintiffs satisfy the jurisdictional damage threshold since they allege they were "forced to mitigate Bresnan's invasive actions by expending time, money and resources to investigate and repair their personal computer's diminished performance."

Trespass to Chattels: Finally, the court allows plaintiffs' trespass to chattel claims to go forward. With respect to the trespass claim, the court says that the plaintiffs sufficiently alleged an interference with their chattel (their computers).
__

Venkat's Comments:

This is one of many privacy lawsuits that are percolating through the courts right now. I think this one differs qualitatively from many of the others in that here, there is an allegation of improper monitoring of the contents of the plaintiffs' communications. It's one thing to surreptitiously find out what websites someone has been visiting or leak someone's unique user ID. It's another thing entirely to read their email and the contents of what they access while browsing. This is an important distinction to keep in mind. I don't think you can necessarily extrapolate a tentative result in the other cases based on this result. Apart from the damages issue (discussed below) a key unknown in the pending cases is to what extent the information that is captured or disclosed are covered by the statutes in question.

I was somewhat surprised to see little or no discussion from the court on whether the policies were presented in a "leak proof" manner, or whether the disclosure satisfied FTC standards. Was there evidence that plaintiffs could not access the service without encountering the policy? (See Prof. Goldman's post on that topic: "Clickthrough Agreement With Acknowledgement Checkbox Enforced.")

The court's conclusion on the consent issue is also somewhat perplexing, in light of the exact same judge's earlier order denying Bresnan's request to compel arbitration, which you can access here. BNA recaps the decision denying Bresnan's request to subject the claims to arbitration as follows: "A mandatory arbitration clause in an internet service provider's terms of service—which was presented in capitalized text in the ninth paragraph of the unsigned document—was an inconspicuous part of a contract of adhesion and unenforceable under Montana law."

On the other hand, if plaintiffs conceded the consent/disclosure issue, then the court did not need to get into it. [What were the plaintiffs thinking, conceding this? If you are bringing this type of a lawsuit, you have to be able to put together enough allegations of no-consent to get past the motion to dismiss stage.]

At the end of the day, if consent is going to be the basis to defend against these types of privacy claims, defendants would be well advised to really be thorough in procuring this consent. In fact, I'm surprised that Bresnan - given that it is an IAP allegedly engaging in gray area practices - didn't just secure written consent at the time it first provided the service.

I'm also surprised at the court's conclusion on the Computer Fraud and Abuse Act damage issue, given its conclusion on the ECPA issue. If it was going to split hairs on the notice and consent (as it did with respect to the CFAA claims), it could have probably done so on the ECPA claims as well. Courts often keep in claims they may otherwise dismiss if they decided that some claims are going to survive. Also, some cases construe the CFAA narrowly as requiring damage to the protected computer (or an interruption in data). It's conceivable that plaintiffs could have suffered the requisite loss (which can be aggregated in the class action context), but the court's discussion of plaintiffs' allegations made the damage allegations seem awfully light. (Two posts from Nick Akerman look at some recent CFAA dismissals and discuss the restrictive approach taken by some courts with respect to the CFAA's jurisdictional damage requirement: "Dismissal of CFAA Claim for Lack of Jurisdiction" and "Why Two District Courts Dismissed Valid Computer Fraud and Abuse Claims for Lack of Jurisdiction.")

The dismissal of the ECPA claim as opposed to the CFAA claim could have some ramifications on the damages front. Statutory damages are available under the ECPA, but not under the CFAA. For what it's worth, there's conflicting authority on the issue of whether non-economic damages are recoverable under the CFAA. (See Garland-Sash v. Lewis, 348 Fed. Appx. 639 (2d Cir. 2009) (construing the phrase "compensatory damages" - which was added to a provision of the CFAA after the DoubleClick case came down - to include damages for pain, suffering, and other emotional harms").) Even if for some reason the court decides that plaintiffs are entitled to non-economic damages, it will be interesting to see how plaintiffs prove up these damages.

The trespass claim is a bonus claim, but again, the court doesn't dig in to the damage issue with respect to common law trespass. Although the court cites to California law, the court does not discuss damage or slowdown to the machine in question as articulated by the California Supreme Court in Intel v. Hamidi (an email bombardment case) or as interpreted by the Fourth Circuit in the Omega v. Mummagraphics case.

I'm not sure how much light this ruling will shed on the many pending privacy lawsuits that involve things like surreptitious tracking, sniffing, and leakage of personal information. Damages issues aside, the ruling may highlight the importance of choice, consent, and the requirement that any disclosures or disclaimers be conspicuous, all issues the FTC seems to frequently opine on and issue reports about.

(h/t Wendy Davis)
__

Eric's Comments:

As Venkat notes, this ruling is an inconsistent mix of formalism and realism. In light of the judge's ruling last month that Bresnan made inadequate disclosures to uphold an arbitration clause, it's odd for the judge to now find that Bresnan made adequate disclosures to wipe away the ECPA and privacy invasion claims via dense/buried EULA language plus an opt-out notice; while that same consent wasn't good enough to wipe away the CFAA and Trespass to Chattels claim. The CFAA ruling on damages was also oddly formalist given the consent ruling. I respect formalist judges for being careful and methodical, but it would have been nice if this judge had been a little more aggressive about calling a spade a spade.

I am not a fan of deep packet inspection (DPI) by IAPs done on anything but an opt-in basis. We're basically back to the old battles about unwanted adware/spyware getting onto users' hard drives as part of some bundle. Sure, the adware vendors could claim user consent through a formalist reading of the contracts, but there wasn't true consumer consent, and we all knew it. I'm reminded a little of the FTC's bust of Sears for its trackware installations--Sears paid people for the installation, but the software did things far beyond anything users might have expected, even though these attributes were putatively explained deep in the EULA. If you're an IAP trying to implement DPI on an opt-out basis, bonne chance, and don't expect a lot of friends to rally around your cause.

At the same time, I'll be interested to see if the plaintiffs can marshal any true evidence of harm. If the plaintiffs are advancing a recycled version of the old, tired and completely laughable arguments that installing cookies on a user's computer creates cognizable harm, I hope this judge will quickly give them the boot they deserve. In that respect, I'm disappointed the judge didn't more aggressively police the trespass to chattels claim on the harm requirement per Hamidi. Personally, I think these plaintiffs should have been forced to put-up-or-shut-up on the harm issue early. Then again, this case came out the day before the Ninth Circuit's recent Starbucks case, but perhaps it's consistent with it.

Overall, this ruling is just another small data point in a much larger struggle over targetable consumer data. My Coasean Analysis of Marketing article doesn't directly address DPI by IAPs, but the article tells the story of how different intermediaries are fighting with each other to capture better datasets of targetable consumer behavior. After the flameout of the early 2000s model of adware, IAPs are trying to squeeze into the middle by using their more favorable position (compared to websites) to see more complete consumer data. Similarly, Facebook is trying to use tools like Beacon nee Instant Personalization to sweep up targetable consumer data from throughout the web, not just the smaller dataset it can capture at facebook.com. Meanwhile, Google is trying to move onto the desktop (the toolbar, Desktop, Chrome and its various OSes) to let it get closer to the honeypot of consumer data residing there, rather than just rely on the data it can get at google.com properties. Adware circa 2005 may be dead, but battles between different intermediaries fighting to get the good stuff is a perennial. For more, see my posts Adware is Dead and Relevancy Trumps Creepiness.

Posted by Venkat at 09:00 AM | Derivative Liability , Licensing/Contracts , Privacy/Security , Publicity/Privacy Rights , Spam , Trespass to Chattels

October 06, 2010

Tip for Clean Living: Don't Use a 14 Year Old's Self-Portrait in Advertising for Porn--Lara Jade Coton v. TVX

By Eric Goldman

Coton v. Televised Visual X-ography, Inc., 2010 WL 3768039 (M.D. Fla. Sept. 16, 2010). The initial complaint. Lara Jade's blog post on the court victory. Comprehensive recap from Plagiarism Today, who has been tracking the case all along.

Lara Jade Coton is a precocious photography talent. When she was 14, she took a self-portrait photo dressed up in a top hat and black strapless dress. The photo has no nudity and really isn't all that salacious. Coton posted the photo to a website called deviantArt, which describes itself as "the largest online social network for artists and art enthusiasts." Her account page.

The case involves a pornographic film "Body Magic," redistributed by TVX/Burge. The IMDB page. A contractor, Cohen, copied the photo from deviantArt (or some third party site that had picked up the photo) to use in Body Magic's marketing collateral, including on the DVD package's cover and as the image on the disc itself.

Obviously, this was a poorly considered decision. First, this decision appears to reflect the misapprehension that any photos on the Internet are free to reuse. Second, the decision appears to ignore the overlaps between copyright and publicity rights. We've seen this issue arise from time to time with Flickr photos and Creative Commons licenses; even if a Flickr photo can be freely republished due to a permissive CC license, the photo can't be used for advertising purposes if a person is identifiably depicted in the photo without obtaining that person's publicity consent. As part of our forthcoming casebook on Advertising and Marketing Law, I took a deeper look at publicity rights in advertising, and the case law is horrible for defendants--courts adopt very broad views of what constitutes advertising and identifiability in the advertising even when faces aren't shown. Every principal case we've included in the draft chapter is a defendant loss. Basically, if you're going to show or reference people in advertising, you need their permission.

After Coton discovered that her photo was being used, Coton contacted Burge and entered an email exchange rife with grammar and spelling errors. In one email, Burge replied:

Not only will you not be compensated for your photo we have turned this problem over to our attorney it seems the company my graphic company got the photo from on the internet is a public domain operation. You knew this when you originally sent us your scheming letter. Nice try toots.

Bonus tip for clean living: don't use the word "toots" in any responses to cease-and-desist letters.

After promising to remove Coton's photo, Burge further replied:

I'M SURE BY THE END OF THE MONTH YOUR FACE WILL BE HIS TORY. WE HAVS TOPPED SELLING THE DVD UNTIL COVER IS REPLACED. WE HAVE FURTHER CHECKED OUT YOUR NAME AND ITS NOT LIKE IT'S A HOUSE WHOLE NAME. ACTUALLY, REMOVING YOUR IMAGE WILL HELP IMPROVE THE SELL OF THE DVD ..... SO FAR IT BOMBED.

In retrospect, it is awkward for the film distributor to blame a 14 year old for not selling more copies of a pornographic video.

Coton sued a number of parties; all of them settled except for TVX/Burge, who defaulted on liability but contested damages. At issue were damages for three successful claims: direct copyright infringement, statutory misappropriation of her image, and defamation by implication.

Copyright Infringement. Coton didn't have a timely registration to qualify for statutory damages or attorney's fees. Without those, the damages are pretty low. As a professional photographer, the court accepts her asserted licensing fee of ~$3k. With low sales and a low retail price, the distributor's profits are ~$1k, for a total copyright damages award of a little over $4k.

As we've discussed so many times before (see, e.g., this post), timely copyright registration can mean the difference between a big payday and an uneconomic case. If Coton had made the timely registration, she would have likely gotten a larger damages award than $4k, and this court probably would have awarded attorneys fees of many tens of thousands of dollars.

(Note: at the time she posted the photo to deviantArt, she was an amateur photographer in Britain, so it's not surprising she didn't make a timely copyright registration. I'm sure she registers her photos early and often now).

The court rejects her claims for contributory copyright infringement for the distributor's liability for the retailers' activity, both because the distributor didn't know it was infringing the photo and because a separate damages award for contributory infringement would be double-counting.

Florida Publicity Rights (a/k/a "misappropriation"). The court denied Coton's statutory damages request for the misappropriation, treating it as a double-recovery with the copyright license award. To me, this seems like a clear error. Typically, a photo used in advertising will require separate copyright license and publicity rights license fees. In this case, it just so happened that Coton was both the photographer and the photo subject, but that shouldn't affect the respective license fees. However, Coton requested only $770, so the court's apparent error isn't a big financial deal.

The court accepts Coton's request for $25k compensatory damages for reputational harm but rejects the request for punitive damages because TVX/Burge didn't know of the misappropriation (Cohen made the error) and remediated it quickly following notice. The court also rejects any separate damages under common law misappropriation (not preempted by Florida statutory law; see the Almeida case) as double-dipping with the statute-based damages.

Defamation by Implication. Coton argued that using her self-portrait on a porn DVD false implied her participation in or support of the porn industry. The court accepts Coton's request for $100k compensatory damages "for the humiliation and mental anguish caused by the defendants' defamatory use of her self-portrait" but denies punitive damages for the same reason it denied punitive damages for misappropriation.

Net Effect. Coton won this ruling, but I would characterize it as a small win, not a big one. She had so many factors in her favor: copyright infringement, defaults by defendants, sloppy business practices by the defendants and the overall unsavoriness of the tort (associating a 14 year old with porn). At the case outset, if I knew Coton was going to win on liability, I would have estimated a higher case value than $130k. (I presume she got cash from some of her settlements, so the total payday is likely more). Factoring in attorneys' fees and the fact she will still have to work hard to get the defendants to pay the judgment, this result isn't very lucrative for her or her attorney.

From the defendants' perspective, they probably feel a little relief being on the hook for "only" $130k. Nevertheless, it's an expensive penalty for their sloppiness. The defendants sold less than 200 disks, so they are paying nearly $700 per disk. Worse, all of this was completely avoidable through industry standard rights clearance procedures. It's especially surprising to see a mistake like this by a porn company, who should already be accustomed to processing 18 USC 2257 model releases.

This case reinforces some lessons I think we already knew:

* copyright owners who want sizable damages need a timely copyright registrations
* just because a photo is available on the Internet--even on a site that represents itself as a collection of public domain images--does not mean it's free to use as a copyright matter
* even if the proper copyright license is obtained, a separate publicity rights license/consent may be required for using the photo in advertising. Watch out for being lulled into complacency by favorable Creative Commons licenses, which only address the copyrights and not the publicity rights.
* verify the age of all models used in porn ads if they aren't the actors in the film. Even if not legally required to use overage models, nothing good can come from showing an under-age model in an advertisement for porn.
* don't use the phrase "toots" in business correspondence (or, really, ever).

Lara Jade's blog post adds two tips for photographers: "Remember to be wise about where you upload your images [and] the size you upload them."

Posted by Eric at 01:22 PM | Copyright , Licensing/Contracts , Publicity/Privacy Rights | TrackBack

October 01, 2010

Seventh Circuit Tosses Beverly Stayart's False Endorsement Claims--Stayart v. Yahoo

By Eric Goldman

Stayart v. Yahoo! Inc., 2010 WL 3785147 (7th Cir. Sept. 30, 2010).

I have previously blogged about Beverly Stayart's lawsuits against Yahoo and Google for apparently sploggy (and possibly cloaked) objectionable search results delivered when she searched on her name. Whatever sympathy I might otherwise feel for her is overridden by the lawsuits' complete lack of merit.

Yesterday, the Seventh Circuit affirmed the dismissal of her false endorsement claims against Yahoo. My prior posts on the district court opinion and her initial complaint. The court efficiently points out that she has not made a use in commerce of her name sufficient to trigger Lanham Act protection, and therefore she lacks standing for a false endorsement claim.

Stayart argued that her humanitarian/charitable work satisfies the Lanham Act commerciality requirement. This is a nonsense argument that the court easily rejects: "While Stayart’s goals may be passionate and well-intentioned, they are not commercial. And the good name that a person garners in such altruistic feats is not what § 43 of the Lanham Act protects." The Lanham Act's false endorsement provisions are not a general purpose publicity right.

The district court cited two other reasons (beyond standing) to dismiss the case, including an analytically confused 47 USC 230 defense. The Seventh Circuit opinion did not address the 230 issue at all.

While this *should* be the end of Stayart's litigation, it probably won't be. She can refile her state law claims against Yahoo in state court. She also still has a pending lawsuit against Google.

An aside: It's been a busy Cyberlaw week at the Seventh Circuit, including uBID v. GoDaddy, Chicago v. Craigslist and now this opinion.

Posted by Eric at 01:02 PM | Derivative Liability , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

July 07, 2010

Scribd Can't Shake Copyright and Publicity Rights Lawsuit on Motion to Dismiss--Williams v. Scribd

By Eric Goldman

Williams v. Scribd, 3:09-cv-01836-LAB -BGS (S.D. Cal. June 23, 2010).

Larry Williams has written several books on commodities trading (their titles suggest they fit into the "Make Money Fast" genre). He alleges that rogue Scribd users, including the alias “GalaxiaMia Guy” [is it this user?], have repeatedly posted his books to Scribd. Williams sued Scribd for direct, contributory and vicarious copyright infringement and publicity rights misappropriation. The first amended complaint.

Scribd moved to dismiss but ran into a judge who appears to be a stickler about letting unmeritorious cases survive to summary judgment rather than crunching them quickly on 12(b)(6). The judge does nix the direct copyright infringement claim against Scribd. The judge notes Williams' only argument in support of direct infringement is that GalaxiaMia Guy is “friends” on Scribd with Scribd's CEO Trip Adler. Williams seems to think they are in cahoots with each other, but the judge rejects this ill-formed suspicion.

Along the way, the judge snarkily laments: "it’s no secret that the ‘friend’ label means less in cyberspace than it does in the neighborhood, or in the workplace, or on the schoolyard, or anywhere else that humans interact as real people." Ouch! I'm guessing the judge isn't a power Facebook user.

Then again, I don't understand the "friend" vernacular on Scribd. Scribd allows people to "subscribe" to each other's feeds--like a “follow” on Twitter, it isn't mandatorily reciprocal like a Facebook “friend.” Trip Adler has over a half-million subscribers on Scribd, so if GalaxiaMia Guy was one of those half-million, that doesn't mean anything. No matter what, the judge repeatedly says the "friends" argument is altogether irrelevant.

[This may be a good time to mention that I have been regularly using Scribd to post source materials. I often don't blog about what I post; in some cases, I don't even announce the posting to Twitter. So if you want to see everything I'm posting to Scribd, you can subscribe at Scribd.]

The court rejects Scribd’s motion to dismiss the contributory and vicarious infringement claims as well as Scribd’s 512 defense, all on the same basis that a 12(b)(6) is too early to make a decisive call. For example, regarding the 512 safe harbor, the court says that's properly awarded on a 12(b)(6) only "where the answer to the question is nearly obvious," which apparently isn't the case here. The court also breezes through a 47 USC 230 defense to the publicity rights claim, rejecting the immunity on a motion to dismiss "[b]ecause there are open questions in this case about the extent to which Scribd participated in the alleged infringement." Of course, many cases have granted 230 immunity on a motion to dismiss, but I'm guessing none of those were in front of Judge Burns.

Although Williams' complaint lives to see another day, it’s also clear that Williams will ultimately lose. The judge disparages the complaint (the complaint "isn’t a model of lucidity"), criticizes plaintiff's counsel for various factual omissions in the complaint (which "risks denting his credibility"), calls the remaining copyright claims "thin" and invites Scribd to seek summary judgment ("Scribd seems to have all of its arguments for summary judgment already teed up"). The judge continues:

Based on the evidence and the pleadings, the Court is inclined to say that it appears Scribd has the better arguments in this case; Scribd’s motion to dismiss is largely denied only because it is too early to raise those arguments. Williams should give serious consideration to whether he sincerely believes Scribd does not qualify for the safe harbor protections of the DMCA, as well as whether Scribd did not act as expeditiously as possible to remove Williams’s copyrighted works from its website as soon as it was asked to do so.

With a warning to the plaintiff like that, this case is an excellent candidate for a fee award to Scribd under 17 USC 505 when Scribd wins. I'll be interested to see if the judge remains irascible when it comes time to penalize Williams for wasting everyone's time.

Ben Sheffner has also blogged the case.

BONUS Blog Coverage! (kind of like a hidden track on a record album)

This is also an opportune time to note a recent ruling in Perfect 10 v. RapidShare, another opinion involving secondary copyright infringement also from the S.D. Cal. (in front of Judge Huff instead of Judge Burns). Like Scribd, RapidShare is a UGC web host that's agnostic about the types of content users publish; like Williams, Perfect 10 is a wild-eyed plaintiff.

However, unlike Scribd, RapidShare isn't eligible for the 512 safe harbors because it has not made the requisite Copyright Office filing. RapidShare is also unusual because it lacks any internal search functionality or navigation structure. Instead, each user self-publicizes the file's URL.

Procedurally, Perfect 10 faced a higher burden of proof than Williams because Perfect 10 requested a preliminary injunction, which requires the court to consider Perfect 10's likelihood of success.

Perfect 10's direct copyright infringement claim, based on a 106(3) distribution, isn't likely to succeed because RapidShare never indexes the file itself. The court also rejects an inducement claim.

Regarding contributory infringement, without 512 eligibility, Perfect 10 does not need to send 512(c)(3) notices. Instead, per Perfect 10's typical modus operandi, Perfect 10 simply sent a disk containing its copyrighted photos and basically told RapidShare to block those photos. The court says the disk delivery gave RapidShare actual knowledge of infringement. Wow. I miss 512(c)(3) after all!

Nevertheless, RapidShare does not make a material contribution because "RapidShare does not provide an integrated service that allows users to locate and download infringing files." Further, even though Perfect 10 didn't identify infringing URLs, RapidShare's other remediation efforts led the court to conclude that "RapidShare is using information provided by Plaintiff to locate and remove infringing materials, and is also taking independent steps to identify, locate, and remove infringing files." Therefore, "RapidShare is [not] failing to take simple measures to prevent further damage to Plaintiff’s copyrighted works."

Following this ruling, RapidShare countersued Perfect 10 for being a "copyright troll." I'm not sure about the legal merits of RapidShare's countersuit, but I heartily applaud its sentiments!

Posted by Eric at 08:31 AM | Copyright , Derivative Liability , Publicity/Privacy Rights | TrackBack

June 20, 2010

No Wrath in this Quon--Ontario v. Quon

The Supreme Court passes on almost every issue before it in City of Ontario v. Quon.

By Ethan Ackerman (with comments from Eric below)

On Thursday, the U.S. Supreme Court released its opinion in City of Ontario v. Quon, a Fourth Amendment case over the privacy government employees, and those who communicate with them, have in their workplace communications.

I noted with some surprise in December 2009 when the Court granted certiorari, and wondered whether this was a good or bad thing for online privacy. The glass half-full or half-empty quandary remains after the court's narrow opinion. The result for officer Quon and his text message recipients is a loss, but only because the Court found the city's search sufficiently narrow to pass muster even assuming he was entitled to all the possible Fourth Amendment protections, even while the Court declined to conclude whether or not he did actually have those protections. Everyone else will have to await the further development of Fourth Amendment case law, as Justice Kennedy's opinion for the unanimous Court said that "Prudence counsels caution before the facts in the instant case are used to establish far-reaching premises that define the existence, and extent, of privacy expectations enjoyed by employees when using employer-provided communications devices."

There is more insightful commentary than this brief note at Scotusblog.
_____________

Eric's comments: after seeing the opinions, it remains baffling why the court granted cert in this case. The only obvious reason is that the Supreme Court felt like it had to fix the 9th Circuit’s mistakes, as it yet again reversed the 9th Circuit (like that wasn’t entirely predictable). Otherwise, the opinions are so limited to the facts of the case that they provide almost no value to anyone other than the litigants. That seems like a real lost opportunity for an appellate court with discretionary appeals. Even so, it's better than dealing with a Supreme Court screwup that could have easily occurred given the messy facts in this case.

I had a chance to moot the case earlier in Spring, so I read the litigants' SCOTUS briefs. By far the most compelling fact in that massive stack of paper was that Quon was a SWAT team member who was texting on the job using a government-issued device. The on-the-job conduct of SWAT team officers is especially likely to be subject to investigation/discovery requests if/when something goes wrong, so it makes total sense to narrowly circumscribe the privacy afforded to SWAT team members’ text messages. I would feel differently about the privacy rights of other government employees whose minute-by-minute choices don’t have the same instantaneous life-and-death consequences. I don't see how this case's outcome has any implications for private-sector employees or employers.

Posted by Ethan Ackerman at 07:21 PM | Publicity/Privacy Rights | TrackBack

June 19, 2010

MySpace Photo and Internet Gang Roster Evidence Improperly Admitted -- People v. Beckley

[Post by Venkat]

People v. Beckley, Case No. B212529 (Cal. Ct. App. June 9, 2010)

Two defendants were convicted of a gang-related homicide in this case.

MySpace Photos: The girlfriend of one of the defendants offered an alibi that one of the defendants was babysitting her child at the time of the shooting. She also testified that the defendant ceased gang involvement (at her request) after the two became involved. In order to rebut the gang affiliation testimony, the prosecution offered a photograph of the girlfriend flashing a gang sign - the photograph was downloaded from the MySpace page of one of the defendants. The prosecution relied on the testimony of the detective who downloaded the photograph.

The court of appeals held that admission of the photograph was error (unfortunately for the defendants, the court held that this error was harmless). The court noted that there are two methods for authenticating a photograph: (1) testimony of a person who was present when the photograph was taken and (2) expert testimony that the photograph is not "a composite and had not been faked," along with foundational testimony. Here, neither method of authentication was used. The court urged particular caution when it came to digital photos and photos found on the internet:

Although defendants conceded that the face in the MySpace photograph was Fulmore's, neither method of authentication recognized in Bowley qualified the photo for admission as accurately depicting that Fulmore had assumed the pose shown in the photograph. [The detective] could not testify from his personal knowledge that the photograph truthfully portrayed Fulmore flashing the gang sign and . . . no expert testified that the picture was not a "'composite' or 'faked'" photograph. Such expert testimony is even more critical today to prevent the admission of manipulated images than it was when Doggett and Bowley were decided. Recent experience shows that digital photographs can be changed to produce false images. (See e.g. U. S. v. Newsome (3d Cir. 2006) 439 F.3d 181, 183 [digital photographs used to make fake identification cards].)
. . . .
Indeed, with the advent of computer software programs such as Adobe Photoshop "it does not always take skill, experience, or even cognizance to alter a digital photo." (Parry, Digital Manipulation and Photographic Evidence: Defrauding The Courts One Thousand Words At A Time (2009) 2009 J. L. Tech. & Pol'y 175, 183.) Even the Attorney General recognizes the untrustworthiness of images downloaded from the internet, quoting the court's warning in St. Clair v. Johnny's Oyster & Shrimp, Inc. (S.D. Tex 1999) 76 F. Supp.2d 773, 775 that "'[a]nyone can put anything on the Internet. No web-site is monitored for accuracy and nothing contained therein is under oath or even subject to independent verification absent underlying documentation. Moreover, the Court holds no illusions that hackers can adulterate the content of any web-site from any location at any time.'"

Online Gang Roster: The prosecution also sought to show that defendants belonged to a gang (the Southside Compton Crips) and as evidence offered a roster which appeared on a web page.

The court found that this evidence was also improperly admitted. The detective admitted that "he did not know who authored the roster." Although the detective claimed that "they themselves put [the list] together," he did not explain the basis for this assertion. The court noted that the issue with respect to authenticity was not "whether the computer's printer could be trusted to reliably print out what was . . . stored on some site but whether the content of what was on the site was reliable."

Unfortunately for defendants, the court held that admission of this evidence was also harmless error. This is not the first time a court has found that MySpace gang affiliation evidence was improperly admitted but that the admission was harmless.

Additional Coverage: "'Unauthenticated' Photo From Website Held Inadmissible" (Metropolitan News-Enterprise)

Posted by Venkat at 11:25 AM | Evidence/Discovery , Publicity/Privacy Rights

May 09, 2010

Updates to the Outed Judge-Commenter's Lawsuit Against the Plain Dealer -- Saffold v. Plain Dealer

[Post by Venkat]

I posted a while ago on the lawsuit brought by Judge Saffold against the Plain Dealer newspaper where she alleges the newspaper improperly outed her as a commenter in breach of its privacy policy.

A few updates:

1. Judge Saffold Removed: Judge Saffold was presiding over a serial murder case, and among other things, she was accused of making comments about case on the Plain Dealer's website. At the defendant's request, she was removed from the case.

2. Comments by "lawmiss" on Other Sites: The Plain Dealer reports (in a detailed article) that a commenter with the same username as Judge Saffold ("lawmiss") made comments on other sites, including those that allegedly "target Arabs, Asians, others."

3. A Second Username for Judge Saffold?: The Plain Dealer (again) reports that "other commenters on cleveland.com have noted a similarity between the lawmiss comments and postings under the username 'governmentwatcher.'"

4. Judge Saffold's Unpaid Parking Tickets: The Plain Dealer also reports that Judge Saffold has over $1000 in "fines and late fees for city of Cleveland traffic and parking tickets." (via Volokh Conspiracy)

5. Judge Saffold's Work Computers Removed: The Plain Dealer subpoenaed Judge Saffold's work computers which were removed from her chambers.
___

The Plain Dealer, which reported on all of these stories, seems to be engaged in a media war against the judge. To me, this just highlights the tricky situation the Plain Dealer was in in the first place, by having access to Judge Saffold's account particulars. To the extent they as a media entity have access to information, the temptation to use it will be strong, and tough to resist. Also, the Plain Dealer is providing Judge Saffold ample ammunition to argue that the Plain Dealer was being vindictive, and if it's found to be liable, this may not help the damage calculus. (They're certainly not abiding by the "less is more" rule.) On the other hand, a plaintiff who brings claims revolving around his or her reputation can expect to have everything in his or her background dredged to the surface. If Judge Saffold is found to have been the prolific online commenter that the Plain Dealer says she is, this is not going to do wonders for her reputation, which has probably already suffered some damage following the lawsuit.

Two other posts that I came across that are worth checking out: (1) "Judge Suing Newspaper for Breach of Web Privacy Agreement Over Being Outed as Author of Anonymous Comments" (this post by Professor Volokh and the comments to the post highlight the fact that there's no clear answer under the policy) and (2) "Unmasking a Judge’s Anonymity: Saffold v. Plain Dealer Publishing Co" (this post by Professor Solove discusses the various legal claims, and also points in the direction of no clear answer, at least on the privacy policy issue).

Finally, Professor Goldman was on a Berkman Center panel that briefly discussed this case, along with a host of other issues faced by those who build and maintain online communities [YouTube link]: "Building and Managing Online Communities: Anonymity, Defamation and Privacy, Oh My!" The panel is well worth checking out.

Posted by Venkat at 10:39 PM | Publicity/Privacy Rights

April 23, 2010

Beverly Stayart Strikes Again! This Time, Stayart Sues Google

By Eric Goldman

Stayart v. Google, Inc., 2:10-cv-00336-LA (E.D. Wis. complaint filed April 20, 2010)

I've previously blogged about Beverly Stayart (a/k/a Bev Stayart) and her mockable lawsuit against Yahoo. She has repeatedly declared that she is the only Beverly Stayart / Bev Stayart in the world and that her name--due to the cachet she has built up from being a quality human being--is being used to peddle sex-related pharmaceuticals. She lost her first foray against Yahoo on 47 USC 230 grounds but nevertheless is trying again.

Now, she has launched another effort to defend her name—this time she is suing Google for similar concerns. (Like we couldn't see that coming!). She objects to the fact that Google Suggest prompts searchers on "bev stayart" to search for "bev stayart levitra." (para. 13). Anticipating a 47 USC 230 defense, she argues (para. 15) that Google Suggest represents first party editorial content that drops out of 230 coverage. The complaint also seems to raise the question of whether selling a personal name as a keyword trigger constitutes a publicity rights violation; but the complaint does not appear to evidence any understanding of broad matching, i.e., that a search for "bev stayart levitra" will deliver Levitra-related broad-matched ads for reasons having nothing to do with Bev Stayart. (See this recurring defect in paras. 90-109).

(Note: this prompted me to check out a search for "eric goldman levitra." My first result, from www.hosmersoda.com, looks pretty sploggy to me, but there's no way I'm going to click on these links!!!)

Some unsolicited advice for Bev Stayart: stop suing search engines, and stop running vanity searches on the search engines. Life is too short to fret about sploggers!

Two final notes: Bev's attorney is, once again, Gregory A. Stayart, her employer and presumably a family relation. Also, searches for "Bev Stayart" and "Beverly Stayart" are worth a look—I can’t recall other search results quite like that.

Posted by Eric at 09:29 AM | Derivative Liability , Publicity/Privacy Rights , Search Engines , Spam | TrackBack

April 13, 2010

Google Sued for Publishing Home Address--Harris v. Google

By Eric Goldman

Harris v. Google, Inc., 1:10-cv-21119-AJ (complaint removed to S.D. Fla. April 8, 2010). The original complaint filed in state court. Google's removal to federal court.

Jonathon Harris sells rare coins. His business office is in Stuart, Florida, and he lives in Jupiter, Florida. As gold prices soared, Harris claimed a heightened fear of being robbed; and to the extent his home address was publicly known, he feared that criminals would seek him out there.

Searches for Harris' business in Google Phonebook pointed potential customers to his home address in Jupiter, not his business address in Stuart. Google Phonebook provides a takedown procedure that promises a "permanent" fix within 48 hours. Harris claims that he made a takedown submission and Google initially honored it; but subsequently his home address showed up again, and Google then ignored multiple takedown requests. He sued in state court for public disclosure of private facts and intentional infliction of emotional distress. Google has removed the complaint to federal court.

On its face, I am skeptical that publication of Harris' home address was sufficiently "outrageous" to satisfy the prima facie elements of either of his claim. But even if it does, Google ought to be protected by 47 USC 230. It appears that Google Phonebook is provided by a third party provider, so it should qualify as third party content to Google, and the types of claims Harris makes are squarely covered by 230. Compare, e.g., the Doe v. MySpace cases, where the victims actually experienced physical harm; here, Harris just raises the possibility of prospective harm.

While this looks like an easy 230 case, I wonder if this case implicates some of the interstices of the Barnes v. Yahoo ruling. At its core, Harris isn't complaining just about the publication of his home address; he is also complaining that Google Phonebook's promised a fix and didn't deliver. Per Barnes, any negligence-style claim for failure to remove should be preempted; but did the website disclosures provide Harris with sufficient grounds for a promissory estoppel claim? (Note he didn't make a promissory estoppel claim per se, but it is perhaps implicit in the claims he did make). Ultimately, even if he tries to push the promissory estoppel angle, Harris may have difficulty establishing sufficient reliance on the Google Phonebook disclosures.

I am a little confused why Harris' court filings didn't redact his home address. As is so common for plaintiffs bringing privacy invasion lawsuits, Harris' lawsuit may have been counterproductive at trying to keep the world from knowing his home address. In this respect, I'm reminded a little of the Boring v. Google lawsuit; like the Borings, perhaps Harris is unusually sensitive about his home privacy, and a public lawsuit is an ineffectual method of preserving that. Then again, I bet Harris' lawsuit would not have even materialized if he hadn't felt that Google was such a black box when he repeatedly complained.

Posted by Eric at 09:01 AM | Derivative Liability , Publicity/Privacy Rights | TrackBack

April 08, 2010

Unmasked Judge/Commenter Sues Newspaper for $50mm -- Saffold v. Plain Dealer

[Post by Venkat]

Saffold v. Plain Dealer Publishing Co., Cuyahoga County Court of Common Pleas (filed April 7, 2010) [scribd]

A judge/commenter who was unmasked by the Cleveland Plain Dealer is reportedly suing the newspaper for 50 million dollars. (h/t ABA Journal) There are plenty of bad facts to go around, but I see an uphill battle for the plaintiff.

Background: Cuyahoga County Common Pleas Judge Shirley Strickland Saffold (or someone with access to her email, commenting as "lawmiss") allegedly left some eighty plus comments on the website of the Cleveland Plain Dealer (at cleveland.com). Some of the comments included:

All of these criminals committing crimes against women must stop. None of them should get out of prison, EVER.

Rufus Sims (lawyer of Sowell and of a bus driver convicted of vehicular homicide) did a disservice to his client. If only he could shut his Amos and Andy style mouth ... This was not a tough case, folks. She should've hired a lawyer with the experience to truly handle her needs. Amos and Andy, shuffling around, did not do it.

I'm confused. There's three stories. The first accuses Saffold of being a bully and demeaning the presence of this reporter for no reason. The second indicates that she refused to allow the Plain Dealer reporters to view the proceedings today, and the last indicates that the defense attorneys and the prosecutors agreed that the court needed to find out who the leak was, but they disagreed about the leaking spoiling the pool. What did Saffold do that was wrong??

The Plain Dealer decided to "unilaterally . . . unmask" Judge Saffold and wrote an article about the unmasking. The Plain Dealer and Judge Saffold were not on the best of terms prior to this incident. While Judge Saffold allegedly commented on pending capital murder cases, her comment dealing with the mental health of a relative of Jim Ewinger, a Plain Dealer reporter, supposedly led to the unmasking. (Wendy Davis covered this in an article here: "Cleveland Paper Unmasks Judge As Commenter".)

The Complaint: The Complaint asserts various claims based on the privacy policy (including a promissory estoppel claim), a claim for fraud, a claim for invasion of privacy/false light, and a claim for defamation.

Privacy Policy: The privacy policy claim is tough. For starters, the privacy policy is not clear that it guarantees anonymity. Second, claims for damages based on a breach of privacy policy are not very easy to make. Many recent cases rejected privacy policy-based claims for lack of actual damages (and some jurisdictions have a rule that precludes recovery for emotional damages unless a physical injury is involved). (See, for example, Pinero v. Jackson Hewitt; Bell v. Acxiom; Pisciotta v. Old National Bancorp [pdf].) There's even a case which expressly rejects a claim based on the disclosure of an email address in violation of a privacy policy. (Cherney v Emigrant Bank) Of course, all of these cases are based on the view that disclosure in itself does not cause damage, and Judge Saffold's case presents different facts. She will probably get past the damages hurdle, but she will have to deal with any provisions in the terms of service that the paper could use to undercut her claims or at least limit damages (disclaimers of warranty, limitations of liability, etc.). Her bigger challenge is to prove that the privacy policy actually guaranteed anonymity, and as Wendy's article points out, the policy envisions that the newspaper would use personal information in a variety of scenarios, including for the newspaper's own benefit.

Invasion of Privacy: The invasion of privacy claim is similarly tough because it will probably turn on whether plaintiff reasonably expected that her comments would remain anonymous. Anyone using the internet will tell you that there's no guarantee of anonymity, and in addition to the ambiguity of any guarantee in the policy, the paper will likely argue that the policy made clear that there are a variety of circumstances in which any user's personal information would be disclosed. Disclosure in response to a subpoena is obviously the classic example. Use of personal information for business purposes is another example.

First Amendment/Media Privilege Defense: At the end of the day, plaintiff will have a challenge proving that she reasonably expected some guarantee of anonymity, and even if the court finds that there was a guarantee, the newspaper could also try to invoke some sort of First Amendment/media privilege defense. It's certainly newsworthy for a judge to have commented on pending cases. While this wasn't what prompted the newspaper's unmasking of the plaintiff, this could bolster the newsworthiness argument. The fact that the judge used the same online profile to supposedly comment on a case she was presiding over (!) is extremely problematic and will cut against the expectation of anonymity. A litigant in that case certainly has a shot at discovering the identity of the commenter in order to support a recusal motion, and once the litigant figures out the judge's identity, the cat is out of the bag. The lawyers litigating the serial murder case Judge Saffold was presiding over (and allegedly commented on) are actually making this argument. ("After Web Post About Serial Murder Case, Judge Should Step Down, Lawyer Says"; "‘Lawmiss’ Comment on Accused Serial Killer Is Linked to Judge Overseeing His Case") This makes the Judge's expectation of anonymity argument that much harder. Had the newspaper found this information out from another source, the First Amendment argument would probably be a fairly strong one. However, given that the Plain Dealer doesn't seem to have the cleanest hands, I'm not sure how much mileage this will get here.
__

There are two strong facts on the other side, in the plaintiff's favor. First, the paper seems to have been engaged in a feud with her, and the reporter may have had his own personal score to settle. This will not look good for the paper. Second, media entities can't pick and choose. It certainly is arbitrary for a paper to say "we have a privacy policy and will protect your anonymity . . . except when your identity as a commenter is newsworthy, in which case we'll exploit that to our benefit." Newspapers are in a tricky position as far as commenter anonymity, and no one will reasonably think that media can have it both ways, which is what they'll have to end up arguing. Finally, while the newspaper could have disclosed the Judge's identity in response to a subpoena, that doesn't mean the paper should voluntarily disclose it in order to publish something it thinks is newsworthy (or to settle a score).

The key question here, is how, why, and when the newspaper decided to check out the real identity of "lawmiss."

When all is said and done, plaintiff will finally have to actually prove damages, and suffer the additional embarrassment of a very public dispute around her comments on a newspaper website. Discovery sure is not going to be pretty. (Interestingly, the complaint cites to many public statements made by the Plain Dealer. The Plain Dealer should have adhered to the "less is more rule," when making statements about potential disputes.) Regardless of how the dispute plays out, I guess it illustrates that when interacting online, people need to keep common sense at the forefront. To the extent the she commented on a serial murder case she was presiding over, what was she thinking? On the other hand, what was the newspaper thinking when it decided to "check out the identity of a commenter?"

The case raises the issue of the ethical quandary inherent when a newspaper is the custodian of anonymity. To the extent the newspaper has access to the identity of commenters, there will always be the temptation to check out who particular commenters are. The newspaper in many situations ends up making the call on when to release the identity of the commenter, when to publicize it, and when to fight for anonymity. There will always be conflicting considerations and ethical issues present here.

A final note. Whether someone had the expectation of privacy when dealing with a website or social network is becoming an increasingly litigated issue. I question how useful it is to use the actual language of a privacy policy to determine the expectation of privacy. These are clunky documents that no one ever reads, much less understands. I cringe every time a court wades through a privacy policy, picking and choosing among language it thinks supports or detracts from an expectation of privacy. I blogged about a recent case where a court held that a newspaper website commenter did not waive the expectation of privacy based on language of a policy: Sedersten v. Taylor. Tom O'Toole makes a similar point in a post about another recent case, McVicker v. King: "Newspaper Website's Privacy Policy Creates Expectation of Privacy for Commenters?"

Update: I've added a few additional links below, and clarified that the comments were left with someone who shares the same email address as Judge Saffold. (Judge Saffold's daughter is taking credit for the comments, or at least some of them.) The Plain Dealer reported that someone with the same email address as Judge Saffold left the comments, and verified some of the information behind its reporting through a public records request. It reported that its public records request revealed that someone used Judge Saffold's work computer to access the paper's website at the same exact time as when someone left some of the comments.

Additional Coverage:

Courthouse News has a post which provides some good factual background: "Judge Demands $50 Million From Plain Dealer"

ABC News has a post which also contains some interesting background facts: "Judge Saffold Files $50M Suit Against Cleveland Newspaper Over Online Comments" (It looks like the Judge's daughter who is or was a law student says she was the one who made some of the comments! An Ohio law professor is also quoted as saying it would have been a "major ethics violation" for the judge to have commented on pending cases.)

Cleveland Plain Dealer: "Cuyahoga County Judge Shirley Strickland Saffold files $50 million lawsuit against The Plain Dealer and others"

Gawker: "Can Anonymous Commenters Be Outed if They Do Something Newsworthy?"

The Newsroom Law Blog had a good post about the ethics of the unmasking: "Cleveland Newspaper Unmasks Anonymous Commenter" The post makes a good point about what this may mean for future anonymity arguments asserted by the Plain Dealer on behalf of anonymous commenters. [The Plain Dealer's John Kroll comments on the post . . . fodder for discovery?]

Posted by Venkat at 08:36 AM | Privacy/Security , Publicity/Privacy Rights

February 01, 2010

Google Street View Lawsuit Revived, But Only on Trespass Grounds--Boring v. Google

By Eric Goldman

Boring v. Google Inc., 2010 WL 318281 (3rd Cir. Jan. 28, 2010).

You may recall the book project A Day in the Life of America [Amazon affiliates link], which published what 200 photojournalists saw on May 2, 1986. The book provided a great snapshot of Americana, both sensational and banal. As a dataset, Google's Street View reminds me a lot of that book. The Google camera cars automatically capture whatever they see, which in some cases can lead to unintentionally amusing results. See, for example, this list of 20 crimes captured on Google Street View and the Huffington Post's list of "Craziest Google Street View Shots OF ALL TIME."

Inevitably, some people are going to be unhappy with whatever Google's camera cars indiscriminately captured and published. The plaintiffs in this case, Aaron and Christine Boring, are Pennsylvania homeowners with a reclusive streak. The Google camera car drove down the Borings' private driveway (allegedly ignoring the Borings' signage), took pictures of their house and published the photos through Google Street View.

The Borings were not satisfied with exercising Google's opt-out mechanism and instead made a federal case out of Google's transgressions. However, the district court was not impressed and kicked the Borings out of court.

The Borings appealed to the Third Circuit, which rewarded them with a small window of opportunity. The district court had rejected the Borings' trespass claims because they had not adequately alleged damage from the trespass. The appellate court reversed this point, saying a real property owner does not need to allege damage in order to state a valid trespass claim. As the court says, "Here, the Borings have alleged that Google entered upon their property without permission. If proven, that is a trespass, pure and simple." I'm not a real property expert, but this sounds right to me. The district court cited an 1899 case in support of its ruling, but the appellate court said that precedent was inapplicable.

Thus, the trespass claim survives a 12(b)(6) motion to dismiss, and the case gets sent back to the district court. While the appellate court expressly didn't tell the judge what to do, it's pretty clear that the appellate court doubts that the Borings will be able to assert any cognizable damage. As the court says, "it may well be that, when it comes to proving damages from the alleged trespass, the Borings are left to collect one dollar and whatever sense of vindication that may bring." My guess is that's the best possible outcome for the Borings.

In my opinion, the court's rejection of the Borings' privacy claims is the more interesting cyberlaw development. The court sensibly concludes that any violation suffered by the Borings would not highly offend a reasonable person. In other words, the Borings overreacted in a way the law does not recognize.

Given that the Borings weren't depicted in the photos, the court's ruling suggests that publishing online photos of private property categorically can't qualify as a privacy violation, whether the photos are taken on public or private property. The court's ruling, however, leaves open the possibility that depicting people in the photos might still be actionable--a question not before the court.

While the case has been revived, it's entirely clear to me that the Borings will not find much success on remand. Nevertheless, to save the litigation costs, Google ought to write a small check to settle the case, and the Borings would be prudent to take it rather than wait for the inevitable judicial denouement. To avoid further unwanted intrusions, they should use their settlement money to buy a gate for their driveway.

Posted by Eric at 06:43 AM | Publicity/Privacy Rights , Search Engines | TrackBack

January 31, 2010

January 2010 Quick Links

By Eric Goldman

Copyright

* An English translation of Google's December loss in France on a Google Book Search lawsuit.

* Ed Felten reports on a survey of files available via BitTorrent. Acknowledging some methodological limits, he estimates ~99% were likely copyright infringing.

* Elsevier B.V. v. UnitedHealth Group, Inc., 2010 WL 150167 (S.D.N.Y. Jan 14, 2010). Denying copyright statutory damages and attorneys' fees to unregistered foreign works is constitutional because the Berne Convention (which Elsevier argued prohibits the statutory formalities) is not self-executing.

* Techdirt: Singapore Court Rules That Online DVR Is Infringing...While Noting How Copyright Law Isn't Really Set Up For This

* Techdirt: If Banning The Internet For Sex Offenders Is Unfair, Is Banning The Internet For Copyright Infringers Fair?

* The Copyright Office issued new regulations on the deposit of online-only works: “The regulation establishes that online–only works are exempt from mandatory deposit until a demand for deposit of copies or phonorecords of such works is issued by the Copyright Office.”

Trademark/Publicity Rights

* American Airlines v. Yahoo settled. Previous coverage:
- Yahoo Subpoenas Expedia in American Airlines Lawsuit
- Fifth Circuit Denies Yahoo's Jurisdictional Appeal in American Airlines Case
- American Airlines v. Yahoo Venue Transfer Denied
- Yahoo Countersues American Airlines for Declaratory Judgment
- American Airlines Sues Yahoo for Selling Keyword Advertising

* Duplicity alert! Rescuecom is in court defending its keyword ads triggered by competitor Best Buy's TMs.

* Bev Stayart sues Yahoo again over publicity rights. My September 2009 blog post on her prior loss against Yahoo.

Pornography

* Clark v. Commonwealth, 2009 WL 5125009 (Ky. App. Ct. Dec. 30, 2009). Upholding a conviction when "Clark knowingly used a computer for the purpose of getting a minor, or a peace officer whom Clark believed was a minor, to take a sexually explicit photograph of herself."

* Am. Booksellers Found. for Free Expression v. Cordray, Slip Opinion No. 2010-Ohio-149 (Jan. 27, 2010). Ohio's Supreme Court partially upholds its state law restricting Internet distribution of harmful to juveniles material to juveniles when the communications are to recipients known or believed to be juveniles.

Spam

* United States v. Zein (E.D. Mich. 2009). Posting an ad on Craigslist constituted a "mass marketing" activity sufficient to trigger a 2 level sentencing enhancement.

* Comcast and e360 settled their lawsuit. Previous blog coverage.

Blogs/Social Networking Sites

* Sieber v. Brownstone Publishing Company, 2007 CA 002549 B (D.C. Superior Ct. Dec. 23, 2009). A building contractor sued Angie's List and other people over consumer reviews. My prior mention of the case. After 2 years of litigation, a DC trial judge dismissed all defendants on summary judgment and awarded one defendant-counterclaimant $18k+. The entire text of the memo opinion:

MEMORANDUM OPINION AND ORDER GRANTING MOTIONS FOR SUMMARY JUDGMENT OF ALL DEFENDANTS, DENYING PLAINTIFFS' MOTIONS FOR SUMMARY JUDGMENT, and GRANTING POOLE'S MOTION FOR SUMMARY JUDGMENT ON HIS COUNTERCLAIM signed by Judge Long, efiled, eserved, and docketed in chambers on December 23, 2009. It is ORDERED that the Motions for Summary Judgment of Brownstone Publishing Co., the Washington Post Company, John Kelly, and John W. Poole are granted; and it is FURTHER ORDERED that the Motions for Summary Judgment filed on behalf of the plaintiffs are denied; and it is FURTHER ORDERED that judgment shall be entered in favor of all defendants against the plaintiffs as to all claims in the Second Amended Complaint; and it is FURTHER ORDERED that judgment shall be entered in favor of defendant Poole and against plaintiff SCS Contracting Group LP as to Poole's Counterclaim against plaintiff SCS Contracting Group for $18,300 plus 6% (six percent) per annum interest, and a separate money judgment for this sum shall be docketed. Court Jacket not in chambers.

* FINRA Regulatory Notice 10-06: Guidance on Blogs and Social Networking Web Sites.

* Duer v. Henderson, 2009-Ohio-6815 (Ohio App. Ct. Dec. 23, 2009). A web publication telling a ghost story and describing the location of purportedly paranormal phenomenon on private property is not liable for any resulting trespass to real property.

* The “moldy tweet” lawsuit was dismissed.

* Two lawsuits holding that bloggers aren't subject to jurisdiction in the plaintiff's home court:
- Silver v. Brown, 2009 WL 5220297 (D. N.M. Nov. 30, 2009).
- Workman Sec. Corp. v. Phillip Roy Financial Services, LLC, 2010 WL 155525 (D. Minn. Jan 11, 2010)

* BBC: France ponders a right-to-forget law.

E-commerce

* Appliance Zone, LLC v. NexTag Inc., No:4-09-cv-0089-SEB-WGH (S.D. Indiana Dec. 22, 2009). Upholding NextTag's clickthrough-formed advertiser agreement. Mehmet Munur’s comments.

* Edward A. Zelinsky, “New York’s 'Amazon Law': Constitutional But Unwise.”

* Largo Cargo v. Google, a new complaint over allegedly mismanaged AdWord bids. This is the latest incarnation of the Almeida case. I think Largo Cargo’s complaint is still a no go.

* The NYT catalogs an impressive roster of futility for US dot coms trying to compete in China.

Miscellaneous

* Gmail will consult the user's prior emails to pick an ad if a particular email doesn't lend itself to a good ad.

* Illustrating the divergence between the open source community and the Wikipedia community, APC reports that 75% of Linux code is now written by paid developers.

* Oddee: 15 Funny Facebook Fails.

* I expect to be in the Netherlands May 23-30. Let me know if you would like to meet up there.

Posted by Eric at 01:19 PM | Content Regulation , Copyright , Derivative Liability , E-Commerce , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Spam , Trademark | TrackBack

January 11, 2010

Top Cyberlaw Developments of 2009 (Eric's List)

By Eric Goldman

Guest blogger John Ottaviani recently dropped by to offer his perspectives on 2009’s top Cyberlaw developments. While I like his list a lot, I independently developed my own top 10 list that has a different emphasis. You might enjoy the contrasts. My list:

#10: Louis Vuitton v. Akanoc. After the judge ordered a web host to stand trial, a jury awarded the trademark owner $32 million due to the web host’s contributions to trademark infringement by its customers. This case stands out for the big damages award and as a rare example where an online provider was held liable under a contributory trademark liability theory. Many trademark practitioners are scratching their heads trying to figure out the import of this case, however. Does this case represent a dangerous new frontier of online liability? Was this a bad jury verdict fueled by poor defense lawyering? Or was this an appropriate outcome because the web host actually engaged in bad behavior that distinguishes it from most “legitimate” web hosts? 2010 may help us understand if this case is part of a new trend or an aberration.

#9: Gordon v. Virtumundo. We’ve seen a lot of silly anti-spam litigation, including the emergence of an entirely new group of entrepreneurs called “spam litigation entrepreneurs” who try to make a living on anti-spam lawsuits. These folks have a true love-hate relationship with spam; they hate it so much that they devote their lives to fighting it, but they love getting spam because each one is a potential revenue source. In general, judges hate spam a lot too, so over the years we have seen a number of doctrinally unsupportable results where judges bent the law to make sure spammers lost.

However, the judicial pendulum has swung in the opposite direction, and in Gordon v. Virtumundo, the Ninth Circuit destroyed a serial anti-spam plaintiff’s entrepreneurial business in a doctrinally questionable but strongly worded opinion. In short order, a number of other spam litigation entrepreneurs have seen their lawsuits shut down with emphasis. Due to this ruling, the era of anti-spammers partying in courts may be on the wane.

#8: Zango v. Kaspersky. The question raised in this issue is simple to state but hard to answer: who should decide what constitutes spam, spyware or a virus? Vendors of software designed to curb these threats would like unfettered discretion to make their classifications; businesses who are classified as a threat would like judges to overturn adverse decisions. As it turns out, in a relatively obscure provision (47 USC 230(c)(2)), in 1996 Congress said that software vendors get to make classifications decisions and unhappy businesses can’t complain about them. In June, the Ninth Circuit upheld Kaspersky’s decision to classify Zango’s software as a threat and rejected Zango’s efforts to take the classification decision out of Kaspersky’s hands. This ruling gives enormous freedom to vendors of anti-spam/anti-spyware/anti-virus software to do their best to keep us safe.

#7: Columbia Pictures v. Fung. This case came out just before the Christmas holiday, so it got lost in the holiday hoopla a bit, but it’s a case of potentially significant import. First, it held that the specific torrent sites at issue induced copyright infringement. Second, the court denied the torrent sites’ eligibility for the DMCA online safe harbors. In part, the court said that an inducing website was categorically disqualified from the DMCA online safe harbors. Like the Akanoc case, it’s not entirely clear if this result was a legal aberration or an appropriate reaction to the defendants’ poor choices. Either way, it is possible that more “legitimate” websites may change their behavior to minimize their exposure based on the legal precedents in this case. If they do, this case could have a major impact on UGC websites.

#6: Lori Drew’s acquittal. Megan Maier’s suicide remains a heartbreaking tragedy, but unfortunately, overzealous prosecutors compounded the tragedy by prosecuting Lori Drew using bogus legal doctrines. The tragic facts got a jury to convict Drew of some misdemeanor crimes. Fortunately, the judge recognized the legal errors of the prosecution’s theory and the jury’s conclusions and granted Drew an acquittal despite the jury findings. The judge finally got to the right result as a matter of Cyberlaw, but the case remains a chilling testament to prosecutorial power.

#5: Harris v. Blockbuster. The rule is really clear. Service providers can't amend online user agreements in the provider’s sole discretion without notice. As the Ninth Circuit informed us in 2007, those contracts don’t fare well in court. So although these provisions are in just about every online user agreement, they don’t work--as Blockbuster found out the hard way.

As part of the litigation detritus from the Facebook Beacon experiment, users sued Blockbuster for sharing their rental transactions with Facebook and all of their friends, allegedly in violation of the Video Privacy Protection Act. Blockbuster tried to bust the class action by invoking the contract’s arbitration clause. Instead, because Blockbuster had the impermissible amendment provision in its user agreement, the court said the contract was illusory and refused to send the case to arbitration.

This case should signal the end of the ridiculous amendment clauses. We’ll see how long it takes the lawyers to give the provisions up.

#4: Battles Over the First Sale Doctrine. We have seen numerous legal battles this year over the First Sale defenses in both copyright and trademark law.

Copyright owners try to engage in price discrimination by carving up the world into geographic territories with different prices for the same product. If they can use copyright law to keep the cheap products from entering the other geographic market, this keeps the product from effectively price-competing with itself.

This year, two cases involved European textbooks which were functionally equivalent to the textbooks being sold in the United States at higher prices. Entrepreneurs were buying the cheap European texts, shipping them to the US and then selling them online. The entrepreneurs invoked the First Sale doctrine, which says that copyright law can’t prohibit the legitimate purchaser of a tangible copyrighted item from reselling the item to whomever they want at whatever price they want.

However, copyright law has another provision that allows copyright owners to block the importation of copyrighted works into the United States. In the 1998 Quality King case, the US Supreme Court said that the First Sale doctrine trumped the importation right when the goods were manufactured in the US, sold overseas, and then imported back to the US. However, in Pearson v. Liu and John Wiley & Sons v. Kirtsaeng, the judges said that the importation right trumps the First Sale doctrine when the goods were initially manufactured overseas. This issue is ripe for further adjudication, though. A similar importation case, Costco v. Omega, is pending before the US Supreme Court, which is deciding whether or not it wants to hear the case. If it does, we may get clearer instructions about the interplay between the First Sale doctrine and the copyright importation right.

Copyright’s First Sale doctrine was also at issue in Vernor v. Autodesk, where the purchaser of a software disk wanted to resell the disk on eBay despite restrictions in the software licensing agreement barring such resales. The court held that the First Sale doctrine applied and allowed the resale. There are other cases percolating through the court system involving the resale of tangible media contained copyrighted material despite contractual restrictions on resale, so this issue remains a hot one.

Trademark owners also try to prevent competition with their products that leak out of their official channels of distribution. eBay has been the site of a couple battles over the First Sale doctrine in trademark law. In Mary Kay v. Weber, the court held that the trademark First Sale doctrine may not permit the eBay resale of expired cosmetics by a Mary Kay independent beauty consultant. In Beltronics v. Midwest, a trademark owner shut down the eBay resale of radar detectors that had leaked out of the manufacturer’s channel and were being sold (at a cheaper price) without the manufacturer’s warranty.

Clearly, the First Sale doctrine matters a lot to eBay and other consumer-to-consumer e-commerce websites. With a possible pending Supreme Court case and lots of IP owners looking to stifle competition from goods they have already profited from, expect the First Sale doctrines to get lots of attention in 2010.

#3: 47 USC 230. In my opinion, 47 USC 230 is the most important Cyberlaw statute, so new 230 developments will make my top 10 list for the foreseeable future. This year, there were three federal appellate court rulings interpreting 47 USC 230(c)(1):

* in Barnes v. Yahoo, the Ninth Circuit held that 230 protected a website’s negligent delay in removing user content. However, if the website had promised removal to the user, the user could have a viable claim for promissory estoppel that would not be preempted by 230.
* in FTC v. Accusearch, the Tenth Circuit held that a website’s resale of pretexted phone records—even if those records were supplied by third party suppliers—did not qualify for 47 USC 230 protection because of their illegality.
* in Nemet Chevrolet v. ConsumerAffairs.com, the Fourth Circuit held that a consumer review website was not liable for user-supplied reviews, even when the website worked with the user to submit the review, and despite the plaintiff’s unsubstantiated claims that the website had fabricated the reviews itself.

Really, the big 47 USC 230 news in 2009 is the absence of big news. Specifically, 2009 reinforced that the Ninth Circuit’s 2008 Roommates.com decision—one of the most significant defense losses under 47 USC 230—did not rip open a major hole in the statutory protection of websites. Of the 13 cases that I have seen that have cited the Roommates.com en banc opinion, eleven have cited the case in favor of the defense. (See the list here). The two exceptions are the Accusearch case, mentioned above, and the New England Patriots’ lawsuit against StubHub over season ticket resales, an odd opinion that may not have much influence. Therefore, despite our fears about Roommates.com, the 47 USC 230 immunity remained healthy and vibrant in 2009. For more on this topic, see my special recap of 47 USC 230's year-in-review for 2009.

#2: Keyword Advertising Battles. Keyword advertising battles are another perennial topic on these year-in-review lists. A multi-billion dollar a year industry has sprung up around the sale of keyword-triggered advertising, including some keywords that may be third party trademarks, and trademark owners don’t like it at all. This has led to a multi-front battle between trademark owners, keyword advertising sellers (such as Google), and keyword advertising buyers.

One of the biggest Cyberlaw cases of the year was the Second Circuit’s ruling in Rescuecom v. Google. In the district court in 2006, Google won an easy victory against a trademark owner because the court said that Google did not make the requisite “use in commerce” of the trademark. The Second Circuit reversed the district court, sending the case back for further proceedings. The reversal does not ensure Google’s defeat; Google will now litigate other legal doctrines and might very well win on one of those. However, the Second Circuit’s opinion largely spells the end of any “use in commerce” defense by either keyword advertising sellers or buyers.

Because of the “use in commerce” defense’s demise, keyword advertising cases will now likely turn on whether the advertisements create a likelihood of consumer confusion. One case, Hearts on Fire v. Blue Nile, offered up a new and complicated test for gauging consumer confusion. If other courts adopt this test, keyword advertising cases will get even more expensive and complicated—highlighting how important it was that the Rescuecom case eliminated an easy way to end these lawsuits early.

Meanwhile, despite the fact that keyword advertising battles have been taking place for at least a decade, we have not heard what a jury thinks about the practice—until the November jury ruling in Fair Isaac v. Experian. In that case, the jury found for the defense that the keyword-triggered ads did not create the requisite likelihood of consumer confusion. It remains to be seen if other juries reach the same conclusion. If they do, keyword advertising lawsuits should slowly fade away over time because the trademark owners can’t win in the end.

As for now, keyword litigation is going strong and hardly fading away. In Spring, Google made two changes to its trademark policies where it voluntarily agrees to take down certain types of ads at the trademark owner’s request. In May, Google extended its more liberal US-based policy to nearly 200 other countries, replacing the more restrictive policies it had in place there. Shortly thereafter, Google modified its US policy to do less for trademark owners in situations involving product resales, review websites and sales of complementary/replacement parts. Trademark owners were none too pleased with these changes. In response to these changes and the door opened by the Second Circuit Rescuecom decision, Google got hit with about a dozen new lawsuits, including some class action lawsuits, of which I believe 10 are currently still active.

Finally, all of the wrangling in court and over voluntary trademark policies could be mooted by legislative action, and for the third time, the Utah state legislature considered resolving the keyword advertising issue itself. A law regulating keyword advertising passed the Utah house but died in the Utah senate. Expect the pro-regulatory forces to round up the troops for a fourth try in 2010.

#1: FTC Endorsement Guidelines for Bloggers. The Obama administration has breathed new life into a pro-regulatory FTC, and the FTC sure is interested in all things Internet. The FTC has been nosing around Internet privacy and Internet marketing practices pretty carefully, and I expect 2010 to bring more FTC pronouncements designed to tackle the Internet.

But nothing stirred up a hornet’s nest of confusion and anger in 2009 like the FTC’s Endorsement and Testimonials Guidelines. I think it’s fair to say that the FTC’s guidelines rollout was a complete failure. As usual, the FTC’s guidelines were mealy-mouthed and filled with conditional statements (the FTC hates to lay out bright line rules that might constrain their future discretion). However, the FTC’s general gist was clear: bloggers should disclose when they receive financial or other consideration for their blog posts.

Unfortunately, this general principle leaves open some fairly fundamental questions, like when is disclosure required in situations less clear than straight cash-for-posting, and where should disclosure be made, especially in space-constrained media like Twitter. Needless to say, unhappy bloggers can be very noisy, so blogger response to the FTC’s announcement was loud and vituperative. The FTC tried to backpedal a little by saying that it did not intend to pursue individual bloggers, but this announcement only reinforced that bloggers do not understand what the FTC wants from them.

Meanwhile, the FTC’s proposed guidelines also took an interesting position about an advertiser’s liability for rogue blogger’s posts. This position is generally consistent with government enforcement agencies’ views that commercial players can be legally responsible for content they endorse or link to (see, e.g., my comments on the SEC’s liability-for-linking policy), but this position runs directly contrary to 47 USC 230’s provisions that say A isn’t liable for B’s online content. As a result, I believe that part of the FTC’s proposed guidelines violate 47 USC 230 and would not survive a court challenge.

Overall, the firestorm over the FTC’s Endorsement and Testimonials guidelines is a small part of a larger effort to regulatorily separate advertising from content. The Internet has collapsed those distinctions, perhaps irreparably, so regulators may be trying to accomplish the impossible. Nevertheless, the FTC seems determined to prop up the distinction, and I expect 2010 will bring more FTC efforts on this front.

* * * * *

While that concludes my top 10 list, there were a number of other interesting developments in 2009 that are worth a brief note:

* Moreno v. Hanford Sentinel. A woman trashed her hometown in an obscure but public MySpace posting and learned there is no “do-over” for Internet content publication. My vote for the most factually interesting Cyberlaw case of 2009.

* Google’s keyword metatag announcement. Courts generally treat the inclusion of third party trademarks in keyword metatags as per se trademark infringement. But Google has confirmed that it ignores keyword metatags. Will courts get the message?

* Google Book Search settlement. If the Google Book Search settlement ever gets approved, it may reshape the book industry, redefine libraries, and make all kinds of other socially significant changes. But the list of opponents to the settlement is long and growing. Professor James Grimmelmann of New York Law School is our community’s maven for all things “GBS.”

* Kindle book deletion. The Kindle store sold e-books it didn’t have the right to sell, so it took them back. Users learned of a key factual difference between physical books and e-books—the vendor can remotely make e-books go poof.

* States’ efforts to impose sales tax efforts based on marketing affiliates. For years, states have been looking for ways to make online retailers collect sales tax for them. They are generally stopped by Supreme Court precedent, but in 2008 New York finally figured out a workaround. The New York statute said that marketing affiliates were like traveling salespeople and thus created the physical nexus required for a state to impose sales tax collection obligations. The New York statute survived its first legal challenge, which opened the floodgates of other states passing similar laws hoping to get their piece of the action. Meanwhile, online retailers aren’t just rolling over; instead, they are threatening to cut off (or actually cutting off) marketing affiliates in states that enact these laws—thus potentially costing the states income tax from the marketing affiliates’ revenue, and creating the potential for the entire affiliate industry to be torn apart.

* Maine kids privacy law. Maine thought it could pass a law banning marketing to kids. It was wrong. The state had to withdraw the law and go back to the drawing board.

* UMG v. Veoh. Veoh won another nice DMCA online safe harbor victory.

* US v. Kilbride. The Ninth Circuit says that online obscenity prosecutions need to evaluate national attitudes towards obscene content, not local community standards.

* Kentucky domain name seizure. Kentucky tried to grab 141 domain names that enabled Kentucky residents to engage in illegal gambling. But those domain names also serviced customers for whom the gambling was completely legal, so the Kentucky courts are rethinking the grab.

* FTC v. Sears. As another example of the new pro-regulatory winds blowing through the FTC, the FTC cracked down on Sears for installing spyware on users’ computers that looked at the users’ hard drives, even though Sears paid the users for the installation and disclosed the spyware’s snooping in the user agreement (though in an inconspicuous manner). This case has made a lot of lawyers concerned that adverse disclosures in user agreements won’t satisfy the FTC.

* Facebook the Drama Queen. Ah, Facebook. Love it. Hate it. Facebook is a pretty nifty site and part of my daily routine, but boy, they sure do have a knack for stirring up trouble.

- In February, they made a relatively modest change to their user agreement that caused people to freak out.
- In response to this, Facebook took the provocative step towards user self-governance. Facebook let users vote on some choices and promised to be bound by the results, but with an asterisk: Facebook decided what options users could vote on, and Facebook would honor those choices only if a prohibitively large number of users exercised their franchise. Still, it was a nice gesture towards cyberspace community self-governance.
- In summer, they tried to settle their Beacon litigation, but that also reminded folks of how much Beacon irritated them in the first place.
- Summer also brought allegations of click fraud on Facebook, and lawsuits followed.
- Finally, in Thanksgiving, Facebook rolled out some changes to its privacy options that it pitched as giving users more choices, but it also took away some choices and defaulted users into some options that surprised them.

Given this track record, is it unrealistic to expect more Facebook drama in 2010?

* Estavillo v. Sony. Speaking of self-governance, virtual world enthusiasts would love to establish the legal proposition that virtual worlds are legally equivalent to governments and therefore obligated to restrain their actions just like governments are. One virtual world enthusiast sued Sony for kicking him off the network, claiming that Sony was legally governed as a “company town” and therefore lacked the discretion to kick him off. WRONG (and it wasn’t even close).

* Wikipedia's policy change. In August, the English-language Wikipedia announced that it was going to tighten up its editorial policies, and people Freaked Out. (In fact, I have predicted that Wikipedia cannot avoid increased editorial restrictions over time, so this change should not have been surprising). However, it turns out that everyone got it wrong, and Wikipedia’s editorial changes are far less dramatic (and consequential) than initially reported. I will post a separate recap on Wikipedia shortly.

If you would like a stroll down memory lane, you can see my previous top 10 lists from 2008, 2007 and 2006. Before that, John Ottaviani and I put together a list of top Internet IP cases for 2005, 2004 and 2003.

Posted by Eric at 10:46 AM | Content Regulation , Copyright , Derivative Liability , Domain Names , E-Commerce , Internet History , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Spam , Trademark , Virtual Worlds | TrackBack

December 26, 2009

November-December 2009 Quick Links, Part 1

By Eric Goldman

Trademarks/Domain Names

* Yahoo and Mary Kay settled Mary Kay's trademark lawsuit over Yahoo's email shortcuts.

* uBID Inc. v. The GoDaddy Group Inc., No. 09-cv-2123 (N.D. Ill. Nov. 5, 2009). uBid’s anti-domain name parking lawsuit failed on jurisdictional grounds. Tom O'Toole explains why this is an unusual jurisdictional ruling.

* Trademark Blog: “Sellify, operator of ONEQUALITY.COM, sues Amazon over Amazon affiliates' alleged misuse of ONEQUALITY.COM as Google keywords.”

* In an unenlightening memo opinion, Second Circuit affirms the Cintas v. Unite Here opinion involving union activists’ web activities using a target company’s trademark. My initial blog post on the case.

* Bloomberg: Buyers of counterfeit luxury goods understand they are getting counterfeits, and many of them upgrade to the real thing eventually.

* Transamerica v. Moniker Online Services, 2009 WL 4715853 (S.D. Fla. Dec. 4, 2009). Domain name registrar does not qualify for ACPA's registrar safe harbor when: "Transamerica alleges that Oversee and the Moniker Defendants, together with the ostensible registrants-the John Doe Defendants-are the de facto registrants of the domain names in question. Transamerica claims that Moniker was not merely acting as a registrant in providing registration services to the John Doe Defendants for the infringing domain names, but instead was part of a scheme to profit from the use of the infringing names. As Transamerica points out, Moniker receives a fee each time an internet user clicks on one of the links attached to the infringing domain sites; such payment establishes at least partial ownership in the domain name." Troubling ruling.

* SafeWorks, LLC v. Spydercrane.com, LLC (W.D. Wash. Dec. 7, 2009). A trademark owner's preemptive registration of domain names containing typographical errors of the registrant's trademarks does not infringe a third party trademarks.

Marketing and Advertising

* In re Gemtronics (FTC ALJ decision Sept 16, 2009). A dietary supplement seller wasn't liable for comments on a website that it didn't own or control but (among other things) it had linked to. While this is great, I still believe the FTC needs to rethink its entire liability scheme of online content endorsement or adoption due to 47 USC 230. See 1, 2.

* Avvo settles Florida bar lawsuit and gets Florida to admit that client testimonials on Avvo aren't lawyer advertising. Rebecca explains why an analogous South Carolina regulation violates 47 USC 230.

* After the FDA spooked pharmaceutical companies to stop engaging in search advertising, the FDA held hearings on Internet pharmaceutical marketing. The Arnold & Porter recap. Ironically, BusinessWeek ran a story wondering if pharmaceutical ads reduce consumer demand.

* The FTC cracks down on online negative option/"continuity plan" offerings.

* In re Miva Inc. Securities Litigation, 2009 WL 3821146 (M.D. Fla. Nov. 16, 2009). The court dismissed a securities class action lawsuit over Miva's/FindWhat's investor disclosures relating to click fraud and spyware. My initial blog post on the case.

* NYT: False advertising litigation is a growth industry.

Search Engines

* A Milwaukee lawyer has alleged that another lawyer buying keyword advertising triggered by his name violates his publicity rights. I’ve posted the complaint to Scribd.

* Google is now personalizing search results for everyone, not just logged-in users. In 2006, I wrote about how universal personalization would affect SEO and concerns about search engine bias. Danny Sullivan believes Google’s change deserves "extraordinary attention."

* Google took out an ad from itself to explain why its image search results for Michelle Obama contained an offensive result. This is after it first tried to remove the image on the pretext that the website was hosting malware.

* Danny Sullivan asks some good questions about Google's integration of Twitter into its search database.

* BusinessWeek: Matt Cutts, Google’s search engine anti-spam superstar, talks about his job. He doesn't sound like the most fun person to travel with

* Rose Hagan, Google's chief trademark counsel, is retiring after 7 years at Google. She leaves behind big shoes to fill.

Posted by Eric at 02:59 PM | Adware/Spyware , Derivative Liability , Domain Names , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

December 18, 2009

Top Cyberlaw Developments of 2009

By John E. Ottaviani

(Thanks to Eric for letting me post this list here!)

[Eric's note: some of you may recall John, a regular blog guest contributor from 2005-07. It's great to have another contribution from him.]

Eric will post his own list later, but I thought we could start off the holiday season with one person’s view of the top Cyberlaw developments of 2009. It was an interesting year. While intellectual property issues continue to dominate, and we continue to see plaintiffs and their attorneys running smack into Section 230 of the Communications Decency Act, we’ve also seen developments in the areas of Constitutional law, criminal law, and state and federal regulation. So, let’s recap 2009. Unlike David Letterman’s lists, this list is in no particular order of importance.

1. File Sharing Decisions.

After years of lawsuits against file sharers, we finally have two trial decisions. Both held against the peer-to-peer file sharers. Jammie Thomas managed to turn a 2007 verdict of $222,000 (which was later thrown out due to a mistrial) into a 2009 verdict of $1.29 Million. Her motion to reduce the award is pending.

Joel Tenenbaum received more favorable treatment and was subjected to only a $675,000 jury verdict after he admitted liability and his fair use defense was rejected by Judge Gertner. His motion to appeal/reduce the award is due to be filed in early January. Judge Gertner wrote a compelling decision urging Congress to modify the strict liability consequences of new technologies such as peer-to -peer file sharing. In her decision rejecting the fair use defense, Judge Gertner implored Congress “to amend the [Copyright Act] to reflect the realities of file sharing. There is something wrong with a law that routinely threatens teenagers and students with astronomical penalties for an activity whose implications they may not have fully understood. The injury to the copyright holder may be real, and even substantial, but, under the statute, the record companies do not even have to prove actual damages.” We’ll see if Congress listens.

2. Rise of Copyright First Sale Doctrine.

There were several decisions that turned on applications of the copyright “first sale” doctrine to new online situations. Section 209(a) of the Copyright Act permits the owner of a lawfully made copy of a work to sell or dispose of that copy without the consent of the copyright owner.

First, the held that resales of the AutoCAD software were permitted under the first sale limitations in Section 109(a). The court found that although the underlying documents were styled as “licenses,” the fact that the licensee was entitled to perpetual possession of the copies was the key fact.

We also had two cases (John Wiley & Sons; Pearson Education v. Liu) dealing with the importation of copyrighted works (mostly textbooks) printed abroad and then imported into the United States for sale. Two courts said these transactions are not protected by the first sale doctrine because of the importation provision in Section 602. The courts so far have been following dicta in the Supreme Court’s 1998 Quality King case that goods manufactured overseas and then imported are not protected by the first sale right, despite their reluctance to do so. We may get a resolution of this issue in 2010. The U.S. Supreme Court has invited the Solicitor General to file a brief in the Costco Wholesale Corporation v. Omega, which is on a petition for certiorari to the Ninth Circuit Court of Appeals.

A third entry is Apple v. Psystar. Psystar specialized in creating copies of Apple’s Macintosh OS-X operating System and loading them onto Mac “clones.” The court rejected the first-sale doctrine defense because Psystar’s copies of the Macintosh OS-X operating system were not “lawfully made” within the meaning of Section 109. The parties subsequently settled all claims except for copyright infringement, and Apple obtained a permanent injunction against Psystar.

3. Demise of “Use in Commerce” Defense in Keyword Cases.

In Rescuecom v. Google, the Second Circuit reversed the district court and said that Google’s sale of trademarked keywords as ad triggers constitute a “use in commerce.” This probably is the end of the “use in commerce” defense in keyword advertising cases, which will now turn more on likelihood of confusion (or initial interest confusion) factors.

4. Internet Gambling.

Internet gambling continues to be regulated by a tangle of federal laws ill-adapted for the purpose. Some of the laws date back to the 1961 adoption of the federal Wire Act. This is an areas where Congress should really clean things up, especially with criminal liability sometimes at stake.

Proponents of online gambling took a couple of hits in 2009. In Interactive Media Entertainment and Gaming Association v. Holder, the Third Circuit upheld challenges to the Unlawful Intent Gambling Enforcement Act (UIGEA) on Constitutional grounds. The UIGEA does not prohibit Internet gambling, but does prohibit gambling businesses from accepting financial payments in connection with bets that are illegal under any federal or state law. (This Act has effectively forced legitimate offshore gambling sites to stop taking bets from the United States). The Third Circuit held that the phrase “unlawful Internet gambling” is not vague, and that there is no Constitutionally protected privacy right to gamble in one’s home.

Earlier in the year, the Department of Justice ordered four banks to freeze over $34 million in payments owed to about 27,000 poker players. Although the legality of online poker in the United States is a gray area, the DOJ takes the position that online poker games are prohibited by the federal Wire Act. The DOJ position runs counter to several court decisions that have refused to apply the Wire Act to non-sports related Internet gambling. After the funds were seized, the affected poker sites reportedly reimbursed the players the money that was seized.

5. State Attempts to Regulate the Internet.

This trend, a favorite target of Eric’s ire, continued in 2009. Some more notable attempts include Maine’s passage of a little COPPA Act, banning the use of personal information about minors for marketing purposes (which the Maine Attorney General then refused to enforce), Kentucky’s seizing of domain names associated with alleged gambling websites (the legality of which is pending before the Kentucky Supreme Court), and Utah and other state’s attempts to put sex offender information online or require sex offenders to register websites to which they belong and their passwords.

6. Attempts to Criminalize Breaches of Terms of Use.

Lori Drew created a fake MySpace profile to humiliate a 13-year-old neighbor girl and was subsequently blamed for the girl’s suicide death. Drew was convicted of three misdemeanor counts of unauthorized access to computers under the federal Computer Fraud and Abuse Act for violating MySpace’s terms of service. In United States v. Drew, the court dismissed Lori Drew’s conviction, concluding that MySpace’s terms of service were Constitutionally vague. The result is not surprising, because terms of service are not generally written with criminal prosecution in mind. The MySpace terms at issue prohibited a wide variety of conduct but did not explain what activities would make a user’s access “unauthorized”. The user’s conduct was reprehensible, but not criminal.

7. Online Endorsements.

In October, for the first time since 1980, the Federal Trade commission updated its guidelines for advertisers on how to keep their endorsements and testimonial advertisements in line with the FTC laws. The new guidelines explicitly target online endorsements by bloggers and others who receive cash or in-kind payments to review a product. Bloggers who make an endorsement must disclose the material connections they share with the seller of the product or service. While the new guidelines caused a stir among bloggers, they seem to be a reasonable extension of the FTC’s disclosure guidelines in other contexts

8. DMCA Take-Down Notices.

In UMG Recordings v. Veoh Networks, we received some further guidance on what constitutes a proper take-down notice. Here, the court said the copyright owner has the burden of identifying “potentially infringing materials.” A letter merely listing recording artists whose works were allegedly infringing did not give the Internet Service Provider actual knowledge of infringement because the letter does not comply with the DMCA requirements. The court also said that the ISP was not on general notice of copyright infringement just because the website allows users to post music files, which are frequently infringing content.

9. Section 230 of the Communications Decency Act.

There are too many cases to list here, and I am sure Eric has done (or will do) his own exhaustive compilation. The courts clearly expanded the scope of the Section 230 defense in various Craigslist cases (no liability for advertisements for guns or prostitution).

Barnes v. Yahoo showed us that service providers should not make statements and then not follow though. In that case, the plaintiff’s ex-boyfirend created fake personal ads for her on Yahoo and impersonated her in various online forums. She asked Yahoo to take the information down,. A Yahoo employee told her that Yahoo would take the profile down, but Yahoo did not do so until after the complaint was filed.. The Ninth Circuit upheld Yahoo’s Section 230 defenses for claims that Yahoo had an obligation to take the fake profiles down, and that Yahoo did not try to remove some objectionable material. But the court did permit the plaintiff’s claim to go forward that Yahoo had breached its oral contract with her to take the material down, which the Court held amounted to a modification of the “baseline” Section 230 rule.

10. Right to Privacy.

When someone publishes something on a MySpace website without her full name, and then deletes the post, does she have an expectation of privacy? In Moreno v. Hanford Sentinel, Inc., the California Court of Appeals said no. Here, the plaintiff posted an essay that was derogatory of her home town on her MySpace page and then deleted it six days later. In the meantime, the principal at the local high school saw the posting and submitted the poem to a local paper, where the editor (a friend of the principal) published the poem in the Letters to the Editor column and signed the plaintiff’s full name to it. The author and her family received death threats and her father had to close a 20-year old family business. However, the California Court of Appeals ruled that the principal did not invade the author’s privacy by handing the posting to the editor, and further held that the editor did not violate the author’s rights when it published her full name. (The case was remanded in order to address a claim of intentional infliction of emotional stress.)

Let’s hope 2010 brings even more exciting Cyberlaw developments. We have the potential for two Supreme Court rulings, in the Costco case (discussed above) and the Bilski case, which may address the validity of business method patents.

Posted by John Ottaviani at 07:04 AM | Content Regulation , Copyright , Derivative Liability , Domain Names , E-Commerce , Licensing/Contracts , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

December 11, 2009

Denver University “Cyber Civil Rights” Symposium Recap

By Eric Goldman

The week before Thanksgiving, I attended an unusual symposium sponsored by the University of Denver Law Review entitled “Cyber Civil Rights: New Challenges for Civil Rights and Civil Liberties in our Networked Age.” The symposium covered standard Cyberlaw topics, but the raison d'être was University of Maryland law professor Danielle Citron’s two recent articles on online harassment of women: "Law's Expressive Value in Combating Cyber Gender Harassment" (Michigan Law Review) and "Cyber Civil Rights" (Boston University Law Review). It is unusual for a law school to celebrate another school’s professor and her research, especially when the professor is fairly junior. Nevertheless, Danielle’s participation brought together academics from both the Cyberlaw and civil rights communities, which provided a rare and interesting mix of folks..

First Panel

Danielle Citron started off by recapping her two papers. Online participation, such as blogging, is essential to professional standing, and employers are reviewing online profiles of prospective employees as part of their hiring considerations. However, women are being targeted for abuse online. These attacks are harming women by changing their online and offline activities, reducing their job opportunities, and causing women to change their gender representations online. Further, folks are trivializing these problems. Women are underreporting the attacks, and law enforcement only intervenes when there are offline harms. New laws can serve an expressive function to communicate that online attacks against women are socially unacceptable. The new laws can validate women’s feelings that they have been harmed and encourage law enforcement to pursue more cases.

Commenting on the papers, Robert Kaczorowski of Fordham Law (and Danielle’s stepdad) made an extended analogy between the Ku Klux Klan and cybermobs.

Wendy Seltzer asked if we could deemphasize the effect of words rather than prohibit them. Danielle responded that we don’t know how seriously to take any particular threat.

An audience member asked if is there a difference between mobs and individual actors who are just taking advantage of being anonymous. Danielle answered that groups can become more extreme online. I think this point deserves more exploration: a series of uncoordinated individual decisions to “pile on” to an attack can look like a coordinated attack to the victim. This is part of why I thought the KKK references were puzzling—KKK activities are clearly coordinated, while online attacks against women can succeed without any coordination or ongoing connection between the attackers.

Paul Ohm argued that that legal solutions are better for cyber civil rights problems than technological solutions. Paul discussed what he labeled “Felten’s Third Law.” (He doesn’t know of two earlier laws named for Ed Felten; he just assumes they exist given Ed’s impressive and influential oeuvre). As articulated by Paul, Felten’s Third Law is that in Cyberlaw conflicts, lawyers love technical solutions and technologists love legal solutions. In other words, we love the solution we don’t know because we assume it has to be better than the one we do. As both a law professor and technologist, Paul picks law over technology for these problems.

Paul categorically rejects any technical solution that would create a “fully identified Internet.” For example, we should not mandate server log retention because we know the logs will be co-opted to regulate other forms of unwanted content, not just online harassment.

Wendy Seltzer discussed the unintended consequences of legal intervention. For example, mandatory Internet filtering in school libraries hasn’t stopped kids from bypassing the filters, but it has facilitated a marketplace for improving filtering technologies that has benefited repressive regimes. Another example: anti-circumvention technology fails to restrict copying but has reduced innovation around DRMed content. Wendy also noted how norms can help curb abuses. For example, while there are online cesspools, she praised Wikipedia’s evolving guidelines for living people’s biographies.

In response, Danielle admitted that her solutions need to be more surgical. She said she might consider moving from a notice-and-takedown model to a notice-and-preserve model for intermediaries.

Second Panel

This panel was composed of three women academics from the civil rights community, so it was a noticeable shift from the typical Cyberlaw academic discussion.

Mary Anne Franks is a University of Chicago Bigelow Fellow and soon-to-be full-time law professor. She expresses our collective disappointment that cyberspace isn’t a utopia that allows people to escape offline discrimination and harassment. She laments that women can lose control of their identities online, such as when someone creates a fake online profile in their names.

She then addressed how cyberspace is unique/special/different with respect to gender harassment. Many commentators try to duck cyberspace exceptionalism, so it was refreshing to see her tackle the issue squarely. Existing offline discrimination/harassment laws assume interactions between repeat players at work and school; online harassment can be divorced totally from any existing social networks. However, because the online activities still harm targeted individuals at work and school, we should treat the harms the same. Offline, there are switching costs to changing jobs or school; online, search engines’ consolidation of results for search on a person’s name creates a different type of switching cost. In terms of supervisory power, she thinks web operators have analogous control to employers or school administrators. Thus, when web operators receive notice of online harassment, they should have a duty to do something about it. Offline, employers can develop a variety of responses and policies to combat workplace harassment. Web operators should have similar latitude; for example, they can delete offending posts or suspend/ban accounts.

Helen Norton, a University of Colorado law professor, did not share Danielle’s optimism (expressed in her first article) that existing discrimination laws can curb online harassment. Instead, Helen thinks a new civil rights statute is needed, but she might limit its remedies to exclude money damages. Helen is pessimistic that there will be regulation any time soon, noting that it can take years to enact civil rights legislation. Helen would also like to see more precise definitions of the exact harms that women are experiencing only online.

Nancy Ehrenreich, a Denver University law professor, began her talk by saying that we should not overstate the Internet’s benefits. She then clarified that we should not assume that disadvantaged folks can overcome barriers online. For example, we impose cultural categories on people in every interaction, so even if people try to mask their identity online, they can’t really escape. She wondered why we aren’t talking about an anti-discrimination law for the web. Her concern is that discrimination denies individuals access to the Internet.

In Q&A, Paul Ohm observed that civil rights scholars often invoke free speech as the countervailing concern to their desired regulations, but Cyberlaw scholars are often more interested in other “generative” effects of the Internet, such as new business models, new labor models and new modes of production.

Panel 3

James Grimmelmann (see his slides) started with the Skanks in NYC case. In that case, the defendant criticized someone else in her social network on a blog, calling the plaintiff (among other unflattering things) a “skank.” The plaintiff sued to obtain the blogger’s identity. After a successful unmasking, the plaintiff dropped the lawsuit, having successfully publicly shamed the blogger.

James hypothesized that this unmasking and shaming was an appropriate remedy—the blogger got shamed (like “an eye for an eye”), and unmasking is a better outcome than other legal remedies like damage suits. James then posited a thought exercise that provided plaintiffs with an expedited unmasking procedure if they drop any damages claim. This would have a number of benefits. Unmasking curbs online harassment is especially effective at busting online mobs. Also, an unmasking remedy avoids messy debates over the First Amendment’s scope, and it may be more desirable than trying to hold online providers liable.

Having advanced his own strawman, James then cut it down. In some cases, defamation remedies may be more desirable, and plaintiffs may not know that until they learn the putative wrongdoer’s identity. In other cases, plaintiffs who just want unmasking would appreciate a lower legal hurdle. Also, we provide legal protection for anonymity for good reasons.

James’ lessons from the thought exercise: we should consider ways to decouple an unmasking remedy from litigation. At the same time, we need to protect defendants from pretextual unmasking; in some cases, retaliation is a big concern, and we should incorporate this concern into the unmasking decision.

From Chris Wolf’s talk (see his full remarks), the most interesting thing I learned is that 18 states have laws banning wearing masks in public, enacted to suppress KKK activities. This was the second speaker’s KKK reference of the day, and it made me wonder if we were experiencing some variation of Godwin’s Law.

Panel 4

Viva Moffat observed that secondary liability issues generate the most heat in online harassment discussions. She expressed concern that imposing legal duties on third parties may not help law’s norm-shaping effect, and it’s not appropriate to impose liability just because the provider has deeper pockets or the direct actor can’t be found. She also suggested that imposing liability on third parties creates a greater risk of collateral damage than direct liability. [Note: I would like to know more about this last assertion. I suspect we cannot make a utilitarian calculation a priori]. As a result, she favors focusing more efforts on sharpening direct liability.

Ed Felten talked about identifying and anonymizing online activity. He explained the usual sequence of events in chasing bad online content:

log file => IP address => identity => justice

But the IP address => identity step breaks down when users use an anonymizing proxy or the user’s network uses network address translation (used by home wireless routers or in coffee shops) and all connected devices’ requests share a single IP address. He said that a majority of Internet connections use NAT.

Because IP address tracebacks can dead-end at the intermediary, an IP address can reveal too little information. However, even when users aren’t investigatory targets, IP addresses can reveal too much information, such as geolocation. This paradox—IP addresses simultaneously reveal both too much and too little information—reflects that the IP address system was built for routing, not identification. So could we design a better authenticating technology?

He then conducted a “semi-realistic” thought experiment of a new technological “tag” that could be used instead of IP addresses. This tag could have the following attributes:

* can be placed by any intermediary
* conveys no information about the sender unless unwrapped by the intermediary (presumably for good legal cause)
* unwrapping the tag yields the best identity information the intermediary has
* the tag’s use is voluntary as a technical matter
* the tag is removable as a technical matter

I then batted clean-up. A summary of my remarks:

Today’s conversation has revisited long-standing Cyberlaw issues, such as:

* anonymity v. accountability, and who should be responsible for online content and actions
* cyberspace as a physical place. See, e.g., Noah v. AOL (an online discrimination case), National Federation of the Blind v. Target (also an online discrimination case) and Estavillo v. Sony
* cyberspace exceptionalism and cyberspace utopianism (on the latter point, see my article on search engine utopianism)
* when is the optimal time to regulate rapidly evolving technology? Early, when the technology is still in its infancy, or later, when market forces and new technological evolutions may have cured the early problems?

Danielle’s articles convinced me that women are experiencing serious harms online that men—including me—could easily trivialize. Danielle’s articles also convinced me that online harassment has strong parallels to the 1970s legal evolution of workplace harassment doctrines, where a big part of the battle was to get people to take the harms seriously.

While I find a lot of descriptive value in Danielle’s work, the normative implications are not as clear. As usual with attempts to regulate rapidly evolving technology, there are many important but overwhelmingly hard definitional challenges, such as who is an “intermediary,” what are “online mobs” and what constitutes online “harassment.” For example, I do not think the Skanks in NYC incident is an online harassment case or an “attack,” but James Grimmelmann’s talk assumed those characterizations.

While we can debate what should be the right level of regulatory intervention, we should not overlook that Congress already enacted a law squarely governing intermediary liability for online harassment: 47 USC 230. The angst that prompted this conference—bad behavior online—is the logical consequences of 230’s broad immunity. The statute enables websites to adopt policies that they will not police user content or retain server logs of user activity. These choices aren’t a surprise or a per se abuse of the immunity; instead, they are the unavoidable implications of Congress’ action.

We might question Congress’ wisdom in adopting 230, but we should not diminish its potential importance to the Internet as we know it. [In Q&A, Chris Wolf asked about the comparative experience in countries that don’t have such broad immunity. In those countries, we know that websites take down user content much more freely, and I believe that the most interesting UGC innovations are all taking place here in the US, not countries with more restrictive UGC liability.] I can, at most, only prove correlation and not causation, but I believe 230 is one of the main causal reasons why the Internet has succeeded so well.

When I speak around the country about 230, I often encounter folks who generally accept 230’s immunity scope but want just one new exception, i.e., their pet topic. If everyone got their “just one” exception, the law would be eviscerated. (I said it would be Swiss-cheesed to death; maybe I should have said it would be overcome by a thousand duck bites). I’m not rejecting new exceptions categorically (they should be each considered on their own merits), but in aggregate 230’s immunization benefits are actually quite precarious. I believe 230 works precisely because of its strength and simplicity, so adding more exceptions could significantly reduce its efficacy.

I concluded my remarks by observing that online harassment is a subspecies of bullying and incivil behavior in our society. While we can and should work to curb online harassment, I am more interested in addressing bullying and incivility in all its forms, wherever it takes place.

In this regard, I have been impressed by how my son’s school is proactively addressing bullying. See more about this effort, called Project Cornerstone. The school is teaching kids not to bully or to tolerate being bullied, and the project gives bullied kids tools to go on the offensive against bullies. There’s no guarantee that anti-bullying programs will work in the short or long run, but I remain hopeful that online harassment today partially reflects that many current Internet users never got any anti-bullying education. Perhaps, then, online harassment issues will naturally abate (without any regulatory intervention) as new generation of Internet users, better educated about bullying, come onto the Internet.

Following my remarks, we had more Q&A.

Paul Ohm Q: Some cyber folks argue against secondary liability because they believe that a victim can pursue a direct action, but Ed’s talk suggests that user anonymity will continue to be possible.

Mary Anne Franks: civil rights isn’t about individual claims because victims have to bear too high a burden to pursue claims. Instead, civil rights are about changing large-scale social norms. The goal is to achieve anti-discrimination by any means necessary. Thus, civil rights scholars have already discussed and concluded that it’s appropriate to impose liability on intermediaries like employers and schools.

Danielle: intermediaries are the lowest cost avoiders.

James Grimmelmann: no, the harassers are the lowest cost avoiders. Civil rights folks would get more support from the Cyberlaw crowd if they focused their regulatory desires towards intermediaries who are in active concert with the bad actors.

Danielle's Wrap-Up

We all agree that:

* education can make a big difference
* online communities need to self-police
* there are numerous limits to using the law as a solution, including that lawsuits don’t make sense and 230’s immunity.

We don’t agree on what to do next. There are First Amendment limits, and technology doesn’t offer any panaceas.

Posted by Eric at 07:12 AM | Content Regulation , Derivative Liability , Internet History , Publicity/Privacy Rights | TrackBack

December 02, 2009

Case Western “Signifiers in Cyberspace” Conference Recap

By Eric Goldman

In mid-November, I attended a conference at Case Western Reserve University School of Law in Cleveland, Ohio entitled “Signifiers in Cyberspace: Domain Names & Online Trademarks.” My notes:

David Fewer spoke about Canada’s WHOIS policy. The old Canadian registry policy published registrant information without restriction. Then, the registry proposed a new policy not to publish personal information in the WHOIS database for individual registrants and for organizations that can show harm from publication. To reveal registrant information in those situations, a warrant would be required. That policy got amended to allow warrantless access for cybercrime enforcement, registered IP infringement and ID theft. Fewer argued that the amended policy violates Canadian privacy laws (PIPEDA) because consumers are not given adequate disclosures, the exclusions from the privacy policy are arbitrary, and consumers aren’t given the required option not to participate.

Corynne McSherry of EFF discussed how TM owners are bypassing direct challenges against gripers and instead putting pressure on domain name registrars. She focused on the Yes Man spoof website of the New York Times, which included a parody ad of the De Beers diamond manufacturer. Humorless De Beers sought relief from Joker.com, the parodist’s registrar. EFF has responded to De Beers that the parody is legitimate because it has no commercial aspect, it’s nominative use, and the First Amendment applies. The EFF is also encouraging Joker.com to ignore De Beers because it (as the registrar) can’t be liable for the registered domain name. So why is Joker.com even entertaining De Beers’ complaint? Corynne notes the registrar’s revenue from any single domain name registration is less than legal cost of investigating and responding. Corynne discussed how parodists and gripers can minimize their legal risk (I blogged on these recommendations in May).

I remain very interested in situations where domain name registrars apply their own takedown policies to their customers. For example, I’ve previously mentioned GoDaddy’s “itchy trigger finger” when it comes to intervening with its registrants. I suspect there is significant heterogeneity among registrars’ interventionist tendencies. I think this is an area worth exploring. If you have other examples of domain name registrar intervention in its customers' content, please share them.

Stacey Dogan spoke about the aftermath of the Rescuecom ruling. Stacey is disappointed that courts aren't adopting her arguments to use the “trademark use in commerce” doctrine to insulate intermediaries (she calls it her “biggest failure in life”). She described three post-Rescuecom uncertainties: (1) what acts by intermediaries constitute TM infringement? (2) on what doctrinal basis? (direct v. contributory), and (3) what remedies do the intermediaries face?

Stacey thinks courts need to be more precise about the nexus between defendant behavior and TM owner harm. This should lead to better distinctions between direct and contributory infringement.

She offered a taxonomy of claims against intermediaries:

* General confusion = when the intermediary creates confusion through the blurring of ads and editorial content. Stacey thinks these aren’t TM issues. But if commingling is the problem, then the remedy should be an injunction requiring the intermediary to label the ads.

* Strict liability = when the search engine is automatically on the hook for its involvement with the ads. Stacey says courts should reject this approach due to the search engines' lack of proximate causation for consumer confusion. If a search engine faces any liability, it should be solely on the basis of contributory infringement (with its higher scienter bar).

* Failure to act = when the search engine fails to respond to TM owner’s takedown notice. She said we don’t see this in search engine cases [a point I disagree with given that the TM owner vs. search engine lawsuits all represent a failing of the search engines’ voluntary TM policies]; instead, she was thinking of the Tiffany case. Stacey thinks the failure of act prong is where the legal action should be. She wants courts to map out appropriate scienter levels. General knowledge of infringement isn’t enough, and courts should let defendants make reasonable judgments about whether the advertiser will qualify for any trademark defenses. If the advertiser is obviously infringing, and intermediary gets notice and fails to act, she thinks contributory liability could be appropriate.

Graeme Dinwoodie believes the ECJ will not follow the Advocate General’s opinion in the Google case. He explored two parallels between the AG’s opinion and Rescuecom: Both get away from trademark use of commerce, and both consider underlying policy values. Graeme thinks search engine defendants should move away from disputing the lack of harm to the trademark owner; instead, he thinks they will get more traction by showing the countervailing benefits of their advertising. For example, he thinks they should be showing how keyword advertising can facilitate investment and innovation.

Jeffrey Samuels shared his perspectives as a panelist in 200 UDRP proceedings. Since the UDRP’s implementation, there have been about 25,000 UDRP decisions. 40% are US registrations. 75% involve .com. 75% are defaults.

The UDRP isn’t designed to solve all domain name disputes. He gave an example of a domain name registration containing a celebrity child’s name. The UDRP isn't helpful because a 2 week old kid doesn’t have protectable trademark rights.

“The UDRP is hardly a model of clarity.” All cases are fact-dependent. If a UDRP proceeding has unusual facts, he recommends requesting a 3 member panel--these proceedings get more carefully evaluated opinions and minimize the effects of any one panelist’s idiosyncratic views.

Some issues that regularly arise in UDRP proceedings:

* What the TM owner has to do to establish its rights. The majority view is that a registration anywhere in the world suffices. Common law rights generally require presenting sufficient evidence validating the rights.
* There remains a split of authority on “sucks” sites.
* In the early days, panelists used to run through the multi-factor likelihood of confusion factors. That’s rarely done today. Now, most panelists just make sight and sound comparison.

Karl Auerbach discussed two interrelated issues: (1) ICANN lacks any political authority for its “Internet governance” role, and (2) technology does not require that ICANN monopolize DNS root services. He argues that we would benefit from competition among DNS root services. His argument reminds me a bit of the net neutrality debate. We can hypothesize many possible net neutrality problems, but most of them go away with vigorous competition. Similarly, ICANN’s often-ridiculous shenanigans would be less vexing in the face of bona fide competition for DNS root services.

Dan Hunter spoke about a new paper he’s writing with Mark McKenna. Their target is the fundamental trademark principle that trademark law protects against consumer confusion. They think consumer confusion is an imperfect proxy for our normative goal of protecting consumers. Some confusion is endemic in a complex society; and some methods of communication, like humor, require confusion to work. Therefore, they want to move away from trying to block consumer confusion and instead refocus trademark law on reducing errors in consumer decision-making. This seems like a fruitful endeavor, but they are also taking a swipe against the consumer search cost justification for trademark law, a move I didn't follow.

Bill McGeveran recapped his recent work on social networking sites and gave a preview of his next article. His target is fake online profiles such as the Tony La Russa fake Twitter account. He expects to see more pressure to create IP rights in personal identities.

I spoke about trademarks and behavioral targeting, and in particular the competition among marketers for consumer preference information. For example, I believe the anti-deep packet inspection pushback wasn’t based solely on privacy concerns. Instead, destination websites fear that an IAP will disintermediate them and use its prime access to consumer preference information to steer customers to competitors. (See this blog post for more on that point). My (very brief) slides.

Posted by Eric at 07:16 AM | Derivative Liability , Domain Names , Internet History , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

November 03, 2009

Law Professor Sues Over 'Above the Law' Blog Posts--Jones v. Minkin

By Eric Goldman

Jones v. Minkin, 1:09-cv-23256-MGC (S.D. Fla. complaint filed Oct. 27, 2009). The Above the Law blog post on the lawsuit with links to the posts in question.

Given its history of provocative and occasionally aggressive blog posts, it's actually a little surprising that popular law blog Above the Law has not been sued before. A blogger's life is inherently filled with peril. We bet our houses with every blog post, and eventually the law of large numbers starts working against us. The risks are even greater for bloggers covering legal topics. By definition, we routinely cover people who are prepared to mix it up in court. As a result, it's almost inevitable that blawgers who keep at it long enough will get sued eventually.

The plaintiff in this case is University of Miami law professor D. Marvin Jones, who in 2007 was improperly detained by police for possibly racist reasons. This prompted a series of blog posts on Above the Law that included an unflattering cartoon and unfavorable characterizations. Jones now claims that the blog posts put him in a false light, invaded his privacy and constituted copyright infringement because the blog posts used the photo from his university profile page. Although the complaint uses the word "defamation" earlier in the pleading, no defamation claim was alleged. For these violations, Jones asks for tens of millions of dollars to right the alleged wrongs.

I'm skeptical about all three claims, but the copyright claim is almost unquestionably bogus. It's not properly pleaded; there's no allegation of a copyright registration. More importantly, I would be shocked if Jones owned the copyrights in the photo on his faculty page. Usually faculty photos are taken by a university photographer or a third party vendor; in either case, the photo subject normally does not obtain ownership or an exclusive license to the copyright. Perhaps Jones has managed his IP affairs better than 99+% of professors. If not, 17 USC 505, the copyright fee-shifting provision, seems like it sets up Jones to potentially write a check to the defendants. (Fair use also seems strongly possible, but we don't need to get there if the plaintiff can't establish a prima facie case of infringement).

With respect to the alleged privacy violations, there is the obvious problem that police incident reports should be public documents. However, I’m also interested Jones' faculty bio does much to trumpet his high public profile. He self-describes himself as a "public intellectual" (a fairly rare self-characterization among academics) and says he has "appeared as an expert on national and local television" and "is a sought after speaker at many universities." These self-reported assessments about his public visibility don't obviate his privacy rights, but they do suggest that a police detention--especially one with racial overtones, exactly the type of thing he discusses in these public spaces—and the associated report either don't qualify as a "private fact" or are sufficiently newsworthy to trump his privacy interests.

Ben Sheffner's post on this case makes good points about the false light claim. He says it's DOA because (1) Florida doesn't recognize the cause of action, and (2) to the extent it's based on the cartoon, the cartoon was provided by a third party and therefore 47 USC 230 preempts the claim.

This lawsuit reminded me a little of the long-running Steinbuch v. Cutler lawsuit, which also involved a law professor/plaintiff Robert Steinbuch (now at UALR) claiming privacy violations against a blogger. That legal battle hasn't turned out so well for Steinbuch. Putting aside a number of substantive losses along the way, the lawsuit has been going nearly 5 years with no clear end in sight. Some of the delay was caused by Cutler's bankruptcy, but much more of it was due to the inherent weakness of judicial proceedings as a redress for unwanted speech. And in the end, I don't think the lawsuit has done much to enhance Steinbuch's reputation as a law professor or otherwise.

Two other minor points about the lawsuit. First, the complaint repeatedly criticizes Above the Law for referring to Jones as "D. Marvin Jones" rather than some other variation of his name, alleging that the usage was designed to ensnare searchers looking for his book. Perhaps that was the intent (doubtful, but possible), but I have chosen to refer to Jones by the name he uses on his faculty profile...which is "D. Marvin Jones." Second, it was jarring to see "Barack Obama" misspelled in a complaint (especially given the plaintiff's expertise) as "Barrack Obama."

Unfortunately for Above the Law, Florida does not have a robust anti-SLAPP statute. Nevertheless, given its facial lack of merit and the possibility that Jones will want to minimize the size of the check he has to write the defendants for his ill-conceived copyright claim, I hope this lawsuit will reach a quicker resolution than the Steinbuch v. Cutler saga.

FWIW, there is an attractive free conference tomorrow afternoon in San Francisco that, quite topically, will address the unique challenges of online reporting of legal cases. (The official page is down, but this page has all the relevant details). Hope to see you there.

UPDATE: Jones has voluntarily dismissed the case within days of bringing it.

Posted by Eric at 01:57 PM | Content Regulation , Copyright , Derivative Liability , Publicity/Privacy Rights | TrackBack

October 21, 2009

Domain Names as Property Subject to Creditor Claims--Bosh v. Zavala

[Post by Venkat]

Most people take it for granted that domain names are property. As such, there shouldn't be much dispute that domain names are subject to the claims of judgment creditors. But I've seen enough resistance to this position that I thought a recent case was worth a quick mention. This recent case (Bosh v. Zavala (08-CV-04851-FMC-MANx) (C.D. Cal. Sept. 24, 2009)) also raises some interesting questions about the mechanics of trying to use a domain name to satisfy a judgment. For more perspectives, see Marc Randazza's post on this case here; see also NYT; Domain Name News; Deadspin.

Background: One of the early and often-cited cases for the proposition that a judgment creditor cannot get a domain name is Network Solutions, Inc. v. Umbro Int’l, Inc., 259 Va. 759, 770 (Va. 2000). In Umbro, the Virginia Supreme Court held that "a domain name registrant acquires the contractual right to use a unique domain name for a specified period of time...[but this] contractual right is inextricably bound to the domain name services that [Network Solutions] provides." Umbro concluded that the domain name registration agreement was a "contract for services" (which was not subject to "garnishment") rather than property. (Umbro was preceded by the Eastern District of Virginia's decision in Dorel v. Arel where the court punted on the "issue of whether a domain name is personal property subject to [a lien]" because the judgment creditor could take advantage of an easier, practical solution: "the registrar's policies.")

Kremen v. Cohen: Enter Kremen v. Cohen, decided by the Ninth Circuit in 2003. Kremen cast a shadow over Umbro. Kremen involved an action for conversion where the underlying property was a domain name. One of the big questions in front of the court was whether a domain name was property which could support a claim for conversion. The court pretty definitively answered that a domain name was property and therefore could support a claim for conversion. Following Kremen, courts started to realize that since domain names are property, they should be subject to the claims of judgment creditors. (See Office Depot, Inc. v. Zuccarini, 621 F. Supp. 2d 773 (N.D. Cal. 2007).) More recently, in Bosh, Judge Florence Marie-Cooper of the Central District of California allowed Toronto Raptors basketball player Christopher Bosh to seize a slew of domain names held by Luis Zavala, based on a cybersquatting judgment obtained by Bosh.

The key conceptual question to resolve is whether domain names are freely transferable, or whether domain name registration services are contracts personal to the registrant. Given the emergence of the flourishing secondary domain name market, you would think there would be no dispute as a practical matter as to whether domain names are freely transferrable. But it's not as hard you may think to encounter people who argue that domain names are just personal contract rights. For example, in 2009, Network Solutions took this position in the Kentucky domain name case where the Kentucky AG tried to seize numerous domain names based on the fact that they were "gambling devices" used in contravention of Kentucky law. (See pages 7 through 11 of their amicus brief filed in Kentucky: [pdf].) The Kentucky AG's decision was on questionable legal grounds for a variety of reasons, but I was surprised to see Network Solutions' reliance in its amicus brief on Umbro.

From a practical standpoint, the big question is whether a judgment debtor has assets that can be sold to satisfy a judgment. If there are such assets (whether in the form of domain names or otherwise), most courts are going to find a way to let the judgment creditor get at them. There may be tweaks around whether the particular statute in question covers a certain type of property (see, e.g., Palacio Del Mar Homeowner's Association, Inc. v. McMahon, 174 Cal. App. 4th 1386 (2009) (domain names are not subject to "turnover order," coincidentally, the same type of order Bosh obtained)), but it's a mistake to see these cases as somehow rejecting the theory domain names are properly subject to the claims of creditors. One caveat: even if domain name registration services are not contracts personal to the registrant, not every domain name can be easily bought and sold. As discussed in a moment, certain types of domain names - including potentially those involved in Bosh - are tougher to monetize without stepping on the toes of third parties.

Process Questions: In Bosh, the domain names all related to the names of famous athletes and celebrities and were ordered "turned over" to Bosh. Bosh plans on distributing them to other athletes whose names the defendant was squatting on. (Bosh plays for the Toronto Raptors and the defendant squatted on the names of Bosh and many other athletes.) Bosh is somewhat atypical since Bosh didn't really care about satisfying the judgment he obtained and probably will not undertake further efforts to collect. But one of the problems with Bosh is that it doesn't set any sort of process to value the domain names. Is the defendant's judgment satisfied based on the turnover? Who is to say? A turnover to Bosh is sort of an awkward result, and seemingly precluded by the statute (see McMahon), but Zavala was not around to contest the issues, so it is what it is.

A related problem is that Bosh would have a tough time selling the domain names, given that there would be little guarantee that any purchaser would steer clear of engaging in the same conduct that the defendant did in Bosh. The court in Zuccarini alludes to this. (See Zuccarini, 621 F. Supp. 2d at 778, fn. 7.) It's unlikely a court would ever conclude this, but if Bosh decided to auction off the names that were turned over, would he be treading close to the cybersquatting line?

Back to the typical case. Some would argue there's some sort of non-infringing use for all domain names, and that it's up to the purchaser to figure out non-infringing uses. There are plenty of established auction houses that regularly deal in domain names (e.g., Moniker; Sedo). The best bet is to sell a domain name through a court-blessed third party auction. Theoretically, the market price at an auction will accurately reflect the assessment of purchasers as to how the domain name can be used. I guess a very rough analogy is that real property is freely exchangeable, but you can only use it without injuring the rights of your neighbors. No one argues based on the hypothetical nuisance claims of neighbors that real property is not freely exchangeable and therefore not subject to the rights of creditors.

At the end of the day, there are plenty of issues around the fringes, but domain names are likely not off limits for judgment debtors based on the theory that domain names are not "property". Most courts will find a way to let judgment creditors get at domain names. That's not to say that the process of seizing the names and disposing of them does not raise thorny issues.

Posted by Venkat at 10:02 AM | Domain Names , Licensing/Contracts , Publicity/Privacy Rights , Trademark

October 15, 2009

Q3 2009 Quick Links, Part 2

By Eric Goldman

Trademark

* Venkat: Twitter makes the dictionary.

* Federal Circuit says Hotels.com is generic.

* Steve Madden sues eBay for trademark infringement. Marty's coverage. Justia page. I found the fifth cause of action, "trademark delusion," a surprisingly apt malapropism.

* Yahoo! Inc. v. Ashantiplc Limited. Yahoo is suing over Flicker.com.

* Lots of action involving Mary Kay.

- Mary Kay sued Yahoo for its shortcuts being triggered by the Mary Kay trademark. The Justia page.

- Mary Kay brought another lawsuit to shut down aftermarket resales.

- The Mary Kay v. Weber case has reached a conclusion. See my initial blog post on the case. In March, Mary Kay won a jury verdict against Weber. In August, the district court judge denied Weber post-trial relief. Mary Kay v. Weber, 2009 WL 2569070 (N.D. Tex. Aug. 14, 2009). On Sept. 29, the judge awarded Mary Kay $1.1M, computed as “the defendants' pre-tax net profit for the years 2005 through 2008.”

* I hate greeting card IP cases...especially when they involve Paris Hilton. See the Ninth Circuit opinion.

* Rebecca on a complicated trademark and false advertising case involving cell phone reflashing.

* Third Educ. Group, Inc. v. Phelps, 2009 WL 2029758 (E.D. Wis. July 10, 2009). An oblique nod to a co-blogging situation:

It is possible to have a situation in which a voluntary association develops out of a preexisting creation of an individual (take, for example, a blog created, named, and operated entirely by a single individual that then expands into a voluntary association as it includes more collaborative members but continues to utilize the original name). Under such circumstances, the founding individual might register the name of the voluntary association as a trademark solely in his own name and then license it to the voluntary association because he has used the trademark separate from the voluntary association. However, that did not occur here.

* CollegeSource, Inc. v. AcademyOne, Inc., 2009 WL 2705426 (S.D. Cal. Aug. 24, 2009): "Plaintiff argues for personal jurisdiction on the grounds that Defendant purchased two of Plaintiff's trademarks from internet search engines, so that those engines would display Defendant's advertisements when Plaintiff's word marks were searched….Defendant's uncontroverted affidavit avers that its Adwords were selected by the search engines and were purchased before Defendant knew Plaintiff was located in California.…Accordingly, even if Defendant intentionally infringed Plaintiff's marks, there is no showing that act was “expressly aimed at the forum state” or that it caused “harm that the defendant knows is likely to be suffered in the forum state.”"

* GMA Accessories, Inc. v. BOP, 2009 WL 2634771 (S.D.N.Y. Aug. 25, 2009). A really interesting and confusing lawsuit that says (I think) that electronic usage of third party trademarks does not qualify as a use in commerce and may not constitute contributory trademark infringement, with obvious implications for the search engine keyword advertising cases:

Electric Wonderland's second alleged meritorious defense is that it did not use the CHARLOTTE or CHARLOTTE SOLNICKI marks....Electric Wonderland's President described its business as follows:

Electric Wonderland brokers and/or processes orders from wholesale purchasers for fulfillment by clients of Electric Wonderland. Electric Wonderland does not directly sell its clients [sic] products, does not fulfill orders, does not acquire or maintain any inventory for sale, and does not purchase products from its clients for resale. Electric Wonderland does receive commissions on sales it brokers....

According to the Flack Declaration, these were the services Electric Wonderland provided to Charlotte Solnicki. (Flack Decl. P 3.) "Electric Wonderland did not directly sell Charlotte Solnicki products, did not fulfill orders, did not acquire or maintain any inventory of such products for sale, and did not purchase such products from Charlotte Solnicki for resale." (Flack Decl. P 3.) If this were the extent of Electric Wonderland's role, a fact-finder could find that Electric Wonderland did not "use" the CHARLOTTE or CHARLOTTE SOLNICKI marks, because it did not place the marks on any goods. Likewise, a reasonable fact-finder could determine that Electric Wonderland never used the marks to sell or advertise any of the services Electric Wonderland rendered. Thus, Electric Wonderland would not be liable for direct trademark infringement.

...Electric Wonderland's president claims that "[a]t no time while Charlotte Solnicki was a client of Electric Wonderland was Electric Wonderland aware of GMA's 'Charlotte' products nor of any possibility that the Charlotte Solnicki products were potentially infringing any third party's trademark rights." (Flack Decl. P 5.) If true, a reasonable fact-finder could find that Electric Wonderland neither knew, nor had reason to know of the alleged infringement during the period in question.

In addition, the Second Circuit has not decided whether contributory infringement applies to entities like Electric Wonderland, which provide services instead of products....Thus, Electric Wonderland, as a matter of law, may have a complete defense to contributory infringement liability, a matter which this Court need not decide at this juncture.

* Dan Burk and Brett McDonnell, Trademarks and the Boundaries of the Firm. Interesting discussion (among other things) on how an entrepreneur's/employee's personal reputation and corporate reputation can be interlinked.

Domain Names

* The Eleventh Circuit affirmed the defense win in the domain name case of Southern Grouts & Mortars v. 3M, 2009 WL 2182605 (11th Cir. July 23, 2009). See my initial blog post on the case.

* John Levine: What are TLDs Good For? Bringing to mind the famous Edwin Starr song (I think the answer is the same!).

* ICANN claims it has killed domain name tasting.

Posted by Eric at 09:53 AM | Derivative Liability , Domain Names , E-Commerce , Marketing , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

September 08, 2009

Yahoo's Search Results Snippets Aren't False Endorsement--Stayart v. Yahoo

By Eric Goldman

Stayart v. Yahoo! Inc., 2009 WL 2840478 (E.D. Wis. Aug. 28, 2009)

Earlier this year, I blogged about Beverly Stayart's quixotic lawsuit against Yahoo and others for showing search results snippets that contained her name adjacent to spammy porn and adult content links. Last month, the court efficiently dismissed her federal Lanham Act "false endorsement" claims and then dismissed the remainder of her lawsuit on procedural grounds, allowing Stayart to refile those claims in state court if she chooses. (She shouldn't but she probably will). The court rejected Stayart's Lanham Act false endorsement claim on three different grounds.

Commerciality

The court says that Stayart has not made adequate efforts to commercialize her name sufficient to give her standing for a Lanham Act claim. I agree with the court's factual assessment. Although Stayart alleged that she has been an active participant in online communities, she hasn't done anything to commercialize her name. Stated differently, if Stayart has standing under the Lanham Act's false endorsement provisions, then just about everyone in the world would.

Confusion

The court rejects any likelihood of consumer confusion. I don't particularly like the court's reasoning, which seems to be that since Stayart has lived a squeaky clean life, no one would believe that she could be associated with the seedier activity promoted in the spammy links. This reasoning seems completely inconsistent with the nature of gossip. Nevertheless, the court is completely right when it says "No one who accessed these [spammy] links could reasonably conclude that Bev Stayart endorsed the products at issue." I think this is true because the spammy links lack internal credibility enough for anyone to believe them at all.

With respect to Various, the defendant whose adult website was advertised at some of the spammy links, Stayart argued initial interest confusion because people interested in her might be induced to click on the spammy links. The court rejects the argument by saying "The type of person looking for information about Bev Stayart would not be fooled into using an online adult-oriented dating website." I'm not sure why the court thinks this is true; people have all sorts of “hidden interests.” Nevertheless, I'd like to think no prudent person would be fooled into clicking on spammy porn links in a search engine, even if it referenced Stayart's name.

47 USC 230

The court's discussion up to this point has some odd reasoning, but the 47 USC 230 discussion is quite bizarre. The court's conclusion is that "Yahoo! should be entitled to immunity because it acted as an interactive computer service, even though Stayart’s claims are nominal intellectual property claims....Immunizing Yahoo! from Stayart’s claims would not limit the laws pertaining to intellectual property because Stayart does not state a valid intellectual property claim."

What? Is the court saying that it doesn't need to discuss 230 because Stayart failed to state a valid IP claim, or is the court saying that Yahoo qualifies for the 230 immunity because doing so would be consistent with 230's policies--even if the court has to ignore 230's statutory exclusion for IP claims? The court could have found a role for 230 by concluding that the Lanham Act false endorsement claim wasn't really an IP claim at all, any more than a Lanham Act false advertising claim is an IP claim, but I don't think the court said that.

So I'm not sure what the 230 references means, and I personally think the court would have been better off not discussing 230 at all. (As Rebecca writes, the whole 230 digression was "obviously useless.") At minimum, I don’t think it would be accurate to say that this court found a 230 defense to a federal IP claim. As a result, I’m filing this case in the bucket of “not very interesting” 230 cases.

Note: we already knew that 230 protects search engines from liability for their search results snippets when IP claims aren’t involved. See, e.g., Maughan v. Google and Murawski v. Pataki. A British court also reached the same result on common law grounds. See the Metropolitan International Schools case.

Conclusion

The court denies Various' 230 defense because its association with the banner ad was unclear. Having dismissed the federal Lanham Act claims completely, the court then declines supplemental jurisdiction over the state law claims. The court also rejects Stayart's guffaw-inducing request for sanctions against the defendants for having the temerity of moving to dismiss her complaint.

I'm glad to see Stayart's lawsuit quickly dismissed. It was a ridiculous lawsuit from inception. At the same time, the court's corner-cutting leaves me lamenting the absence of better doctrines to deter junk lawsuits like this in the first place. It's actually can be tricky to say that any trademark complaint is "wrong" given how much doctrinal contortions some courts have indulged in--even when lawsuits like this are so clearly wrong.

More comments on the case: Rebecca Tushnet, Mike Masnick (who has had first-hand dealings with Stayart) and Ars Technica

Posted by Eric at 03:05 PM | Derivative Liability , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

July 07, 2009

June 2009 Quick Links, Part 2

By Eric Goldman

State Regulation of the Internet

* iAWFUL, the Internet Advocates Watchlist for Ugly Laws

* Texas HB 2003. Part of the anti-cyber-harassment mania. Very broad statute with lots of room for prosecutorial mischief.

* BNA (BNA subscription required): "State Legislatures Consider Criminal, Civil Restrictions on Ticket Purchasing Software": "At least six state legislative bodies are considering bills this session that would place restrictions on the use of “ticket bots.""

* Because states are embracing the Amazon affiliate tax, the online affiliate industry is shrinking as we speak (1, 2, 3). But in one of his rare good moves, Schwarzenegger has vetoed CA's attempt to impose the Amazon tax.

* Clive Thompson in Wired: "By severing the link between location and geography, the internet turned everything upside down. Now mobile phones are inverting everything again, in the other direction — because your location becomes most important thing about you. So how is the return of geography going to change our lives?" My previous commentary on geolocation and the law.

Blogs/Social Networking Sites

* Yath v. Fairview Clinic, 2009 WL 1751767 (Minn. App. Ct. June 23, 2009). Posting illegitimately obtained health information to a MySpace page qualified as “publicity” for purposes of an invasion of privacy claim. The court says: “Yath's private information was posted on a public MySpace.com webpage for anyone to view. This Internet communication is materially similar in nature to a newspaper publication or a radio broadcast because upon release it is available to the public at large.” As a result, the publication qualified as “publicity” even if the material was posted for less than 48 hours and the plaintiff could only prove that a small number of folks actually saw it. Compare the Moreno v. Hanford Sentinel case, where republication of information the plaintiff voluntarily published on her MySpace page could not support an invasion of privacy claim.

Nevertheless, the defendants were excused because they had not created the MySpace page, even though they had supplied the information republished on the MySpace page.

* Richerson v. Beckon. Ninth Circuit upheld reassignment of teacher-mentor based on negative blog comments. My blog post on the district court opinion.

* Kaufman v. Islamic Soc. of Arlington, -2009 WL 1815641 (Tex. App. Ct. June 25, 2009). An online-only journalist qualified as a "member of the electronic or print media" for purposes of an interlocutory appeal statute.

* After von Brunn committed his hate crime outside the US Holocaust Museum, a bunch of his digital trails went dark as websites newly realized his vitriol was posted there.

* If you're looking for a paper topic, here's one: the use of MySpace, Facebook and other social networking sites in family law disputes, especially over child custody. I'm seeing cases every week where social networking site postings are being introduced to corroborate or contradict testimony about a parent's fitness.

Security

* FTC v. Pricewert. The FTC takes down an allegedly rogue Internet access provider. To the extent that the IAP is engaged in criminal activities, no problem; but it's less clear to me if the FTC can get a civil injunction under its Sec. 5 authority to stop the IAP from serving its putatively illegal customers. Such an action could be preempted by 47 USC 230. The FTC, in its brief, says the IAP fits into a Roommates.com exception, an argument presumably bolstered by their 10th Circuit win in FTC v. Accusearch.

* Johnson v. Microsoft Corp., 2009 WL 1794400 (W.D. Wash. June 23, 2009). This is a putative class action over Microsoft’s use of Windows Genuine Advantage (WGA) to validate copies of Windows XP. In this ruling, Microsoft gets SJ on the claim alleging that the contract prevented Microsoft from doing WGA validation. Especially interesting is the court’s conclusion that IP addresses are not personally identifiable information.

* Microsoft v. Lam. Microsoft brings a lawsuit against alleged click fraudders who caused Microsoft to issue $1.5M in credits to advertisers. The NYT article.

* EFF on the most recent amendments to the Computer Fraud & Abuse Act.

Miscellaneous

* Expedia tagged for $184M in damages for improperly marking up its service fees.

* In re Jamster Mktg. Litig., 2009 U.S. Dist. LEXIS 43592 (S.D. Cal. May 22, 2009). Wireless carriers aren’t liable under RICO and false advertising laws for various deceptive practices by wireless content providers.

* New unmeritorious patent lawsuit trend: lawsuits over patent markings for expired patents.

* NYT: Investing in Lawsuits, for a Share of the Awards

* Oddee: 15 geekiest license plates:

Posted by Eric at 09:18 PM | Content Regulation , Derivative Liability , E-Commerce , Licensing/Contracts , Marketing , Patents , Privacy/Security , Publicity/Privacy Rights , Search Engines | TrackBack

June 09, 2009

May 2009 Quick Links Part 2

By Eric Goldman

Blogs and Boards

* WSJ: Bloggers, Beware: What You Write Can Get You Sued

* j2 Global Communications v. Zilker Ventures, CV 08-07470 SJO (AJWx) (C.D. Cal. April 22, 2009). A consumer review website can putatively qualify for anti-SLAPP protection, but not in this case because the plaintiff established its prima facie case.

* Biggs Cardosa Associates Inc. v. Bradbury, 2009 WL 1508703 (Cal. App. Ct. May 29, 2009). Here's another one for all of you Rip-off Report fans. A former employee lost a jury trial (and was hit with over $100,000 of damages) for breaching a "non-disparagement" clause in his separation agreement by posting negative comments about his former employer and colleagues on a variety of online fora, including numerous posts on the Rip-off Report.

* Houston Chronicle article on a lawsuit against a website operator for a user post saying that a woman has herpes when she, in fact, does have herpes. She is claiming public disclosure of private facts. [Stupid Houston Chronicle expired the article and moved it to its archives, breaking a number of links throughout the web. Here's a short recap of the article.]

* Stengle v. Office of Dispute Resolution, 2009 WL 1138119 (M.D. Pa. April 27, 2009). The contract of an independent contractor government "hearing officer" was non-renewed because she blogged on the topics of her hearings, raising questions about her impartiality. As the court says in dismissing the resulting lawsuit from the hearing officer:

To reiterate, this Court fully recognizes the cherished right of free speech, as well as the commendable goals of the RA. But these cannot wash away the bona fide concerns that arise when a judicial officer elects to disseminate her opinions in cyberspace with little or no restraint. Because of her position, Plaintiff's attempts to qualify her stances as solely her own were entirely ineffectual. With particular jobs come certain precise responsibilities. In Plaintiff's case, one of these included avoiding even the appearance of bias via extra-judicial comments. Plaintiff's deep concerns about the special education issues and the resulting creation of her blog ultimately caused her to face a dilemma that she alone created. The choices she freely made thereafter led to her non-renewal, and as aforestated we do not find any of the Defendants' conduct actionable under the circumstances.

This case reminded me some of Richerson v. Beckon from last year.

* JuicyCampus redux: People's Dirt. Let the angst over anonymous online forums begin anew.

* Doe v. Ciolli, 2009 WL 1204361 (D. Conn. April 30, 2009). In the AutoAdmit lawsuit, the court rejected Matthew Ryan's (aka ":D") motion to dismiss for lack of jurisdiction.

* Facebook v. Power Ventures, Inc., 2009 WL 1299698 (N.D. Cal. May 11, 2009). Largely following the troublesome Ticketmaster v. RMG case, Power Ventures' motion to dismiss Facebook's copyright and DMCA claims was denied. (Other claims survived too). Comments from Jeff Neuburger and Tom O'Toole.

Miscellaneous

* Colleen Chien, Of Trolls, Davids, Goliaths, and Kings: Narratives and Evidence in the Litigation of High-Tech Patents, North Carolina Law Review, Vol. 87, 2009

* Mazur v. eBay Inc., 2009 WL 1203937 (N.D. Cal. May 5, 2009) Class certification denied. My blog post on this case’s more troubling ruling about 47 USC 230.

* Riggs v. MySpace, Inc., 2009 WL 1203365 (W.D. Pa. May 1, 2009). Venue selection clause in MySpace user agreement upheld.

* Salter v. State, 2009 WL 1409484 (Ind. App. Ct. May 20, 2009). Saving pornographic photos of a minor to a CD does not constitute the "creation" of child porn, even though a new "copy" has been created.

* State v. Bell, 2009 WL 1395857 (Ohio App. Ct. May 18, 2009). MySpace chat sessions aren't MySpace "business records" for hearsay purposes.

* Forbes: the Hidden Costs of Privacy. This article has been written, and written again, many times in the last decade; yet the regulatory dynamics have not improved.

Posted by Eric at 10:35 AM | Content Regulation , Copyright , Derivative Liability , Patents , Privacy/Security , Publicity/Privacy Rights | TrackBack

April 21, 2009

Certain Approval Program v. Rip-off Report Update: Misappropriation Claim Dismissed

By Eric Goldman

Certain Approval Programs, L.L.C. v. XCentric Ventures L.L.C., CV08-1608-PHX-NVW (D. Ariz. April 13, 2009).

Yet another update on Rip-off Report litigation. In March, a ruling in Certain Approval Program v. Xcentric caused a minor stir. The plaintiff sought to amend its complaint against the Rip-off Report to add a claim for "misappropriation of name or likeness." Rip-off Report defended that the new claim was futile due to 47 USC 230. The court allowed the amendment, saying that the complaint had alleged enough facts that Rip-off Report was involved in the requisite activity to overcome 47 USC 230. Based on the plaintiff's allegations in its complaint, this was the correct ruling on a 12(b)(6) motion to dismiss, yet some commentators seemed to think this was a crack in Rip-off Report's litigation armor. I didn't see that ruling as a big deal. Instead, I wrote "This is not the first time that plaintiffs' allegations against Rip-off Report have survived the equivalent of a motion to dismiss, but getting further into the litigation process has proven difficult for plaintiffs."

Indeed, after allowing the claim, the court immediately granted Rip-off Report's 12(b)(6) motion to dismiss, saying that:

While the alleged conduct may or may not be immune from defamation liability, the necessary use of Plaintiffs’ names to identify them fails to state a claim upon which relief can be granted for misappropriation. No one could possibly think that Plaintiffs are somehow endorsing Defendants, and the count adds nothing to Plaintiffs’ defamation claims.

I'd like to think that this may provide a significant new defense against publicity rights claims when websites are making "commercial referential uses" of an individual's name, but a laconic ruling like this isn't likely to have much precedential weight.

Posted by Eric at 02:59 PM | Derivative Liability , Publicity/Privacy Rights | TrackBack

April 09, 2009

Boring v. Google Reconsideration Motion Denied

By Eric Goldman

Boring v. Google Inc., 2009 WL 931181 (W.D. Pa. April 6, 2009)

[I'm not quite sure why so many people are interested in this lawsuit. Maybe it's because of the oddly (and aptly?) named plaintiffs; or because Google is a defendant; or because Google Street View raises some interesting privacy issues. Whatever the case, this reconsideration ruling isn't all that interesting or significant, but I recap it here for completeness.]

You recall the Borings, a Pennsylvania couple that sued Google because Google's Street View captured and published their private driveway. In an opinion that showed zero sympathy for the plaintiffs, the district court judge dismissed the lawsuit back in February. Undeterred by the adverse ruling, the plaintiff asked the judge for reconsideration. Not surprisingly given the tenor of the initial opinion, the judge said no.

The plaintiffs appear to have abandoned their privacy and negligence claims. They asked the judge to reconsider their trespass to real property claim, arguing that a trespass claim does not require damages. The judge agrees with that proposition but rejects the reconsideration on a technicality (the Borings did not plead nominal damages in their complaint). The plaintiffs also asked for reconsideration of their unjust enrichment claim, but the judge rejected that as well because apparently they didn't point to any errors.

As a result, the case remains dismissed. Nevertheless, I suspect we haven't heard the last of this lawsuit.

Posted by Eric at 09:18 AM | Publicity/Privacy Rights , Search Engines | TrackBack

April 04, 2009

Republishing MySpace Post in Local Paper Might Be Intentional Infliction of Emotional Distress--Moreno v. Hanford Sentinel

By Eric Goldman

Moreno v. Hanford Sentinel, Inc., 2009 WL 866795 (Cal. App. Ct. April 2, 2009)

This is one of the most interesting cases I've seen in a while. Moreno was a UC Berkeley undergraduate who grew up in Coalinga, a small town in California's Central Valley whose attractions include a prison, a mental health institution and Harris Ranch, one of the most odoriferous spots on Highway 5. (Coalinga was also the site of a big quake in 1983). After revisiting her hometown, Moreno posted an essay, "An Ode to Coalinga," on her MySpace page. I have not seen the ode, but it was a 700 word essay that started "the older I get, the more I realize how much I despise Coalinga" and then made very negative comments about the town and its residents. Moreno apparently had a change in heart and took the essay down in 6 days. However, while it was posted, the Coalinga high school principal saw the post and submitted it to the Coalinga Record newspaper, which published it as a letter to the editor under Moreno's full name. The community response to the published essay was severe; according to the court, "Appellants received death threats and a shot was fired at the family home, forcing the family to move out of Coalinga. Due to severe losses, [the dad] closed the 20-year-old family business."

Moreno and some of her family members sued a variety of defendants for public disclosure of private facts and intentional infliction of emotional distress. The newspaper defendants were dismissed through an anti-SLAPP motion to strike, leaving the principal and the school district as the defendants.

The privacy invasion claim was easily rejected. Once Moreno posted the essay to an open-to-the-public MySpace page (even if only briefly), it was no longer private. As the court says, "the fact that Cynthia expected a limited audience does not change the above analysis. By posting the article on myspace.com, Cynthia opened the article to the public at large. Her potential audience was vast." It also did not matter that Moreno did not use her last name on her MySpace page; the court says that her identity was readily ascertainable from her MySpace page (which included a photo)..

However, the intentional infliction of emotional distress claim wasn't ready to dismiss. The jury will get to decide if the defendants' conduct was extreme and outrageous. Personally, I would like to know more why the principal did what he did.

Observations about this case:

1) According to this article, the Coalinga Record editor who republished the essay was fired.

2) Although the newspaper publishers fortunately escaped liability on anti-SLAPP grounds, if they had republished the essay only online, it should have been an easy 47 USC 230 win.

3) You know the cliche: never post anything online that you don't want repeated on the front page of the newspaper. Proven true once again.

4) And on that front, I think some folks assume that they can "take back" Internet-published content by taking it down. As this case reinforces, in some circumstances there is no "do-over." As I describe in my talks on blogs and social networking sites, every time I hit the "publish" button, I'm betting my house. In this case, Moreno effectively bet her parents' house and business when she hit the publish button.

5) The court notes that a copyright infringement claim isn't in front of it. I wonder what the publishers' copyright liability analysis would look like. I suspect the copyright damages wouldn't be great, but I still wonder why the claim wasn't apparently brought.

6) This case provides more evidence that community members don't like to see their community disparaged. I'm reminded of the recent James Andrews kerfuffle. Andrews, a PR executive at Ketchum, was on his way to Memphis to make a presentation at FedEx about using social media when he Twittered "True confession but i’m in one of those towns where I scratch my head and say “I would die if I had to live here!”" That didn't go over so well with the FedEx folks following his Twitter account.

7) Nevertheless, I wonder if the violent and ostracizing community response to Moreno's post didn't in fact validate some of her critiques.

More on this case from Law.com and the Central Valley Business Times.

SEPTEMBER 2010 UPDATE: The jury ruled that the principal's conduct was outrageous but did not cause any damages, so Moreno ended up getting nothing. The Fresno Bee posted a copy of Moreno's initial post.

Posted by Eric at 06:47 PM | Content Regulation , Derivative Liability , Publicity/Privacy Rights | TrackBack

March 12, 2009

Rip-off Report Lawsuit Updates: Certain Approval Programs and Ecommerce Innovations

By Eric Goldman

Certain Approval Program v. Xcentric

Certain Approval Programs, L.L.C. v. XCentric Ventures L.L.C., 2009 WL 596582 (D. Ariz. March 9, 2009). I previously blogged about this case in November. This ruling is in response to the plaintiff's request to file an amended complaint, which Rip-off Report resisted on several grounds. Of particular interest is the plaintiff's desire to add a claim for “misappropriation of name or likeness." Rip-off Report responded that such a claim is futile due to 47 USC 230. The court rejected the futility argument at this early procedural stage, saying

Plaintiffs have alleged enough facts regarding Defendants' “creation or development of information provided through the Internet or any other interactive computer service” to make it plausible that Defendants are an “information content provider” for some content and therefore the CDA does not completely immunize Defendants.

This is not the first time that plaintiffs' allegations against Rip-off Report have survived the equivalent of a motion to dismiss, but getting further into the litigation process has proven difficult for plaintiffs.

The court didn't reach the issue, but it's also germane to the futility argument whether a "misappropriation" claim is even preempted by 230 at all or if qualifies as an "intellectual property" claim that is excluded from the immunization. Compare ccBill and Friendfinder.

Ecommerce Innovations v Doe

Ecommerce Innovations, L.L.C. v. Does 1-10, No. MC-08-93 (D. Ariz. Feb. 10, 2009). Thanks to Jeff Neuburger for calling attention to this case. In this case, a defamation plaintiff is seeking identifying information for an anonymous Rip-off Report contributor. The Rip-off Report initially fought the request, but the district court ordered Rip-off Report to comply because the plaintiff had established a prima facie case. The Rip-off Report responded that it plans to appeal the judge's order to the Ninth Circuit, and the district court has stayed the order pending the appeal (although I can't find any evidence that the appeal has been filed yet). As Jeff points out, an appeal by Rip-off Report may prompt the Ninth Circuit to articulate its standards for when plaintiffs can unmask anonymous defendants; it also could become a backdoor way to gauge the Ninth Circuit's attitude towards Rip-off Report in light of some ambiguous language in the initial Ninth Circuit Roommates.com opinion.

Posted by Eric at 11:54 AM | Content Regulation , Derivative Liability , Privacy/Security , Publicity/Privacy Rights | TrackBack

February 26, 2009

McGeveran on Facebook Beacon and Social Media Marketing

By Eric Goldman

Bill McGeveran, a law professor at University of Minnesota, has posted Disclosure, Endorsement, and Identity in Social Marketing to SSRN. The paper walks through Facebook Beacon and marketers' other efforts to take advantage of online word of mouth through social media. It's a surprisingly complex endeavor to parse the various harms putatively experienced by consumers and applicable legal regulations protecting against those harms, and McGeveran's paper navigates through the morass in a sophisticated but easy-to-read way. Facebook Beacon may be over as a cause celebre, but for reasons that McGeveran explains, online word of mouth marketing will undoubtedly play a big role in our future.

The abstract:

"Social marketing" is among the newest advertising trends now emerging on the internet. Using online social networks such as Facebook or MySpace, marketers can send personalized promotional messages featuring an ordinary customer to that customer's friends. Because they reveal a customer's browsing and buying patterns, and because they feature implied endorsements, the messages raise significant concerns about disclosure of personal matters, information quality, and individuals' ability to control the commercial exploitation of their identity. Yet social marketing falls through the cracks between several different legal paradigms that might allow its regulation-spanning from privacy to trademark and unfair competition to consumer protection to the appropriation tort and rights of publicity. This Article examines potential concerns with social marketing and the various legal responses available. It demonstrates that none of the existing legal paradigms, which all evolved in response to particular problems, addresses the unique new challenges posed by social marketing. Even though policymakers ultimately may choose not to regulate social marketing at all, that decision cannot be made intelligently without first contemplating possible problems and solutions. The Article concludes by suggesting a legal response that draws from existing law and requires only small changes. In doing so, it provides an example for adapting existing law to new technology, and it argues that law should play a more active role in establishing best practices for emerging online trends.

Posted by Eric at 10:16 AM | Marketing , Publicity/Privacy Rights | TrackBack

February 17, 2009

Google Street View Case Dismissed--Boring v. Google

By Eric Goldman

Boring v. Google, Inc., 2:08-cv-00694-ARH (W.D. Pa. Feb. 17, 2009)

You may recall the Boring case from last Spring. A Pennsylvania couple sued because Google's camera car drove up their private driveway and the resulting pictures were posted to Google's Street View. I thought the whole lawsuit was such a silly publicity stunt that I didn't think it was blog-worthy at the time. Apparently I'm not the only person who wasn't impressed with the suit, because the court didn't give the plaintiffs any benefit of the doubt and dismissed the lawsuit handily (without leave to amend).

Some highlights from the discussion:

Intrusion Into Seclusion. The court says that the plaintiffs did not allege facts supporting that the intrusion was substantial and highly offensive. To reinforce the point that perhaps the plaintiffs didn't experience much harm, the court points out that the plaintiffs didn't take advantage of Google's opt out procedure, plus they drew public attention to themselves by suing and by not redacting or suppressing their contact info in the court filings. I was a little troubled by the latter point, which seemed circular to me--plaintiffs bringing intrusion into seclusion lawsuits unavoidably thrust themselves into the public eye, whether they want to do so or not. This is especially true for anyone suing Google. As a result, it's not fair to hold that consequence against plaintiffs. (As an example of the unwanted publicity faced by privacy rights plaintiffs, consider Robert Steinbuch's experience as a plaintiff against Jessica Cutler). The court also skips over the legal nuances regarding why Google should get a free legal pass when it offers an opt out.

Public Disclosure of Private Facts. As with the intrusion into seclusion claim, the court says that the plaintiffs have not shown the disclosures were highly offensive to reasonable people, as evidenced by the fact that other people haven't opted out of Google's Street View. (An interesting argument on a 12b6).

Common Law Negligence. The court says Google didn't have a duty to the Borings, and it isn't willing to manufacture one.

Trespass. The court says that the plaintiffs' emotional damages were not proximately caused by the trespass.

Unjust Enrichment. The court (correctly, IMO) says that this is not an independent cause of action but is just a quasi-contract remedy.

Injunctive Relief. The court says that the plaintiffs failed to plead "a plausible claim for entitlement to injunctive relief." Which, I think, is one way of saying "not interested."

A clean sweep for Google, and the end (absent an appeal) of a silly lawsuit.

Posted by Eric at 04:41 PM | Publicity/Privacy Rights , Search Engines | TrackBack

February 16, 2009

Yahoo/Overture Sued for Search Results Snippets Containing Plaintiff's Name--Stayart v. Yahoo

By Eric Goldman

Stayart v. Yahoo!, 2:2009cv00116 (E.D. Wis. complaint filed Feb. 5, 2009). The Justia page.

Bev Stayart appears to be proud of her accomplishments. As the complaint recounts her credentials, we are informed that she has an MBA in finance, was a VP at an unnamed financial institution, is passionate about animals, participates in an online discussion forum where her "scholarly" posts have generated 17,000 hits in three years, and has written two poems about protecting seals that were published on Danish websites. I'm not quite sure exactly what we are supposed to glean from these facts, but if they are designed to establish that she has had a life-well-lived, then we might extend her some kudos for that. These facts--IMO, much less compellingly--also apparently support her allegation (para. 21) that her name has commercial value because of "her humanitarian endeavors, positive and wholesome image, and the popularity of her scholarly posts on the Internet." If 17,000 hits in three years creates commercial value in the author's name, then the Internet is filled with rock stars!

Perhaps more remarkable is that Bev Stayart claims she is the only "Bev Stayart" and "Beverly Stayart" on the Internet (para. 19), and it appears that she would like to keep it that way. Thus, she is seemingly taking the position that any reference to "Bev Stayart" and "Beverly Stayart" on the Internet must be referring to her and only her. That would be a neat trick if true because it could give her exclusionary power over every Internet reference containing those names, but I would be shocked if there is and has been only one Bev/Beverly Stayart in the entire world.

It's a little unclear from the complaint exactly what's going on to make Bev Stayart unhappy, but it looks like she ran into some cloaked search engine spam pages that referenced her name. For example, she searched for "Beverly Stayart" in Yahoo and got the following search result out of a total of 7 unique search results (surprisingly small number for a person with commercial value in their name):

Pm 10 kb Loading Cialas -- Online Pharmacy

Pm 10kb loading cialas january th, at: pm hi friends i met you

in the tim horton s on bloor st a few Sundays ago I ... on february

bev stayart on march th ...

chitosan-as-a-pharmaceutical-excipient.pills-n-health.cn/...

Incredibly, she then clicked on this search result (whoa!) and was taken to a page on mysharedvideo.com which had her name centered in a darkened movie screen and ultimately played an adult video. Her Norton software went crazy on the page (surprise!), suggesting malware was on the page.

She subsequently tried the same search (in both Yahoo and AltaVista) multiple times and got the same search results each time, which took her to other similar websites that all promoted adult entertainment. She also tried some searches with her name plus an erectile dysfunction drug's brand name and got similar results. Finally, she clicked on the .cn domain name in the search result (bold!) multiple times and was apparently taken to some type of splog pages. The fact that she repeated this search and clicked on the search results many times suggests a rare combination of self-interest and amazing--and undoubtedly unwarranted--confidence in her Norton software.

(Various is a defendant because it showed up as a result in the "related searches" feature of AltaVista and apparently provided spam pages that contain her name in the page title and post-domain URL).

Based on the foregoing, she alleges that Yahoo and Overture's display of the false snippets constituted Lanham Act false endorsement and false designation of origin and violation of Wisconsin's publicity rights statute and common law privacy rights.

There are two obvious problems with the lawsuit against Yahoo and Overture. First, if there is or has been even one other Bev or Beverly Stayart in the world, the plaintiff has a real problem proving that the online references were to her and not the other person. And, with all due respect to Ms. Stayart's lifetime of accomplishments, it would be ridiculous for her to argue that her name is so well-recognized that readers would assume that the references were to her instead of other folks with a common name.

The other major problem is 47 USC 230. Per 230, Yahoo and Overture are not liable for creating snippets of third party content, even if they create a false impression. See, e.g., Maughan v. Google and Murawski v. Pataki. Nevertheless, 230 is not a perfect defense because these claims are close to being "intellectual property claims" that would drop out of 230 coverage in some places. Lanham Act trademark claims are unquestionably IP claims, although I personally think Lanham Act false advertising claims are not. See, e.g., the Kruska case. Even so, irrespective of 230, I think the recent Heartbrand Beef v. Lobel's case suggests that search engines may not be liable for false designation of origin simply by presenting third party content.

Similarly, the WI publicity rights statute might be preempted by 230 even though there is more unanimity that publicity rights are IP; compare ccBill (preempted) and Friendfinder (not preempted). The common law right of privacy claim is almost certainly preempted by 230 in all jurisdictions.

One last tidbit that may help contextualize this case. Bev Stayart appears to be "CFO and Director of Business Development" for Stayart Law Offices, and her co-worker (and family relation?) Gregory A. Stayart is the lawyer in the case. (I had difficulty finding enough info about Gregory or the Stayart Law Offices to clarify the connection; that may have something to do with the fact that Gregory isn't licensed to practice law in Wisconsin). Sorry for the snarkiness, but I guess this is one way for Ms. Stayart to develop a law firm's business, especially in a down market like this.

[A favor: please take a look at the search results for "Stayart Law Offices" and let me know what might explain the widespread redundant distribution of Bev Stayart's resume information at mulitple no-name services. Is this what a typical reputation management campaign produces?]

Posted by Eric at 01:26 PM | Publicity/Privacy Rights , Search Engines | TrackBack

February 06, 2009

2008 Cyberlaw Year-in-Review

By Eric Goldman

It's a sign of my schedule that I'm just now getting to this, and this post will be more pithy than I initially conceived. This post recaps some of the Cyberlaw highlights from last year. Frankly, the two biggest stories of 2008 were the financial markets meltdown and the ascension of President Obama, neither of which have a lot of Cyberlaw angles. In light of those big developments, Cyberlaw in 2008 was comparatively quiet. However, there is still plenty of interesting developments to revisit.

Broad Themes

A few broad themes emerged last year:

* Ludicrous trademark claims. 2008 hardly had a monopoly on dumb trademark claims; those are perennial. But 2008 certainly saw some asinine entries, including putative Cyberlawyer Eric Menhart's claim to own a trademark in the term "Cyberlaw," Jones Day's efforts to claim that a web page referencing its name as the employer of some homebuyers violated its trademark rights, and putative Cyberlawyer John Dozier's claim that if his name is used as anchor text, the link must go to his website or it violates his trademark right.

* This was a good year for expansive readings and applications of user agreements. Some examples:
- the Lori Drew prosecution, where Lori was convicted of violating an agreement that someone else clicked through.
- Jacobsen v. Katzer, where a user of copyrighted material is bound by a contract that he/she never clicked through at all.
- AV v. iParadigms, where kids were not allowed to void a user agreement despite their status as minors (and despite the fact that some of them had no meaningful choice about whether or not to consent).
- JuicyCampus enforcement action, where the New Jersey Attorney General's office tried to treat a negative user behavioral restriction in a user agreement as an affirmative marketing representation that such user behavior would not occur on the site.

* One of the long-standing Cyberlaw memes is that websites must either be passive conduits to avoid liability or active editors to manage their liability, but if a website chooses the latter, the website is liable for any editorial mistakes. That is, if the website edits its site but misses something, it's fully liable for what it missed. This simply isn't true under 47 USC 230, which allows websites to choose to be passive, active or anything in between without varying liability. In the IP context, this passive v. active meme has had more traction, but 2008 saw two solid cases suggesting that if a website tries to police its premises and fails, courts will be sympathetic and excuse any omissions. Example #1: Tiffany v. eBay, where the court gave eBay extra credit for its VeRO program as a basis to excuse any counterfeit goods that slip through. Example #2: Io v. Veoh, where the court was more willing to excuse Veoh because it had undertaken extra policing efforts than was required for the 17 USC 512 safe harbor. Finally, although not an IP case, the court in Cisneros v. Yahoo also lauded search engines for their affirmative efforts to block gambling ads, which the court acknowledged was a hard challenge.

* Despite some adverse rulings early in the year, punctuated by the Ninth Circuit's en banc ruling in Roommates.com, the 47 USC 230 immunization is still extremely robust. We saw a number of expansive and pro-defense rulings per 230 throughout the year, including Craigslist, Doe v. MySpace, Cisneros v. Yahoo and Goddard v. Google. Perhaps more importantly, in the three 230 cases I've seen since Roommates.com that cited to the opinion, all three cited the opinion in ruling for the defense.

* Battles over keyword advertising are hardly over, even though Utah officially backed off its attempt to ban them. The ABA IP Section tried to get into the act, and American Airlines sued Google, settled, and then sued Yahoo.

Top 11 Cyberlaw Developments of 2008

#11: Utah Trademark Protection Act repealed. The Utah Trademark Protection Act had the potential to throw the entire keyword advertising business into turmoil. Instead, now that it's repealed, it just remains as a dramatic reminder of the Utah legislature's incompetence regarding Internet legislation.

# 9 and 10: Fair Housing Council v. Roommates.com and Goddard v. Google. The Roommates.com en banc opinion makes the list based mostly on its potential consequences, not its actual effect. It remains one of the most significant pro-plaintiff incursions into the solidly defense-favorable interpretations of 47 USC 230, but it's so riddled with contradictory and ambiguous language that no one really knows what to do with it. I think Judge Fogel's reading of the case in Goddard v. Google has the potential to become the defining interpretation of the case, and his solidly defense-favorable reading of the precedent in excusing Google for ads placed by its advertisers may only reinforce how little Roommates.com changed the law.

#8: AV v. iParadigms. This case was a terrific win for online fair use enthusiasts because the for-profit commercialization of a database of third party copyrighted works was still deemed fair use. The upholding of the contract against the minors forced to enter into it was also significant. Before this ruling, my assumption is that any plaintiff trying to form a class action lawsuit in the face of an adverse user agreement could always form the class on behalf of any minors who had the right to void the contract. This case seems to shut down that loophole in user agreement protection.

#7: Io v. Veoh. The 17 USC 512(c) safe harbor has been law for over a decade and has produced a couple dozen rulings, but few are cleaner and more decisive for the defense than this one. It was a textbook example of a court rejecting the many different arguments plaintiffs make to kick a defendant out of the safe harbor, and as mentioned before, it was a great validation for Veoh's decision to do more than 512 required.

#6: Jacobsen v. Katzer. From a doctrinal standpoint, this case raises really difficult questions about how a copyright consumer can be bound to terms that he/she never "assented" to. Even so, this case had huge implications because it effectively validated that open source licenses can be binding on licensees, giving much more legal credibility to the entire multi-billion open source software industry. However, an odd footnote: on remand, the district court denied an injunction for the plaintiff, raising more issues about what exactly the plaintiff won at the Federal Circuit.

#5: Tiffany v. eBay. A fantastic validation of eBay's practices against a very serious and sympathetic challenger who had plenty of evidence that counterfeit goods were being sold on eBay's site. The case also shows that courts can grow tired of IP owners simply making up their own rules about how online sites should protect them and then suing the sites for breaching these artificial rules.

#4: Mazur v. eBay. A more scary case to 47 USC 230 defense enthusiasts than the Roommates.com opinion. The court says that eBay isn't protected by 230 for some of the marketing representations it makes, even if those representations are rendered untrue by third parties. While this makes a lot of doctrinal sense, it is also a green light for plaintiffs to mine a website's marketing representations as a way to bypass the otherwise-fatal consequences of 230 on a lawsuit triggered by user behavior or content.

#3: Google Book Search settlement. This makes the list for two independent reasons. First, many folks were hoping the case would establish solid precedent on online fair use, and the settlement ended that hope. Second, the proposed Book Rights Registry has the potential to reshape a number of major industries, including the book publishing business, the book retailing industry and the library industry.

#2: the Lori Drew prosecution. I think this may have been the most polarizing Cyberlaw development of 2008, exposing deep divides in people's appetite for punishing bad conduct online. It's hard to assess the overall implications of her conviction because no one rallied to praise Lori Drew's choices, and her case is still a ways from a final legal outcome. However, the possible implications of the case were so complex that it took a special three part series for me to explore its nuances (1, 2, 3).

#1: Cartoon Network v. CSC (the "Cablevision" case). Boy, the more I think about this case, the more important it becomes. The case upends our assumption that if we see it online, it's fixed, creating a new class of unfixed electronic works. Also, the court treats the users, not the service, as making the requisite copies, which reinforces the possibility that online providers can be just "dumb technology providers" for copyright law purposes and reinvigorates the possible defense that a service provider's copying is just done as a proxy for its users. However, the Supreme Court's ambiguous response to the cert petition--not yes, not no, but a request to the Solicitor General for comments--leaves this decision in a precarious position.

Other Developments of Special Note

47 USC 230

* Doe v. MySpace. The Fifth Circuit soundly rejects the argument that MySpace had an obligation to police its “premises.”

* Craigslist. Judge Easterbrook's language in Doe v. GTE had given plaintiffs some hope that the Seventh Circuit would provide a friendly venue to plaintiffs trying to overcome 47 USC 230. Judge Easterbrook may still love his language (which he quoted extensively in the Craigslist ruling), but his practical and no-nonsense ruling for the defense squelches the hope that the Seventh Circuit will become a plaintiff's haven.

* New Jersey's enforcement action against JuicyCampus. State AG offices HATE 47 USC 230.

Affiliate Liability

* Impulse Media. A jury thumped the FTC's overly expansive views of affiliate liability for spam.

* NY v. Direct Revenue. A state judge emphatically rejected the NY AG's office's expansive views of affiliate liability for adware.

Trademarks/Domain Names

* American Airlines' lawsuits against Google and Yahoo. No one I know fully understands why American Airlines sued Google for selling its trademarks for keyword ads. No one I know understands what concessions Google gave to American Airlines to settle the case. And no one I know understands why American Airlines decided to sue Yahoo after procuring the Google settlement. It's all a big mystery.

* NSI's grabbing of domain names in response to WHOIS queries. Is there any better example of ICANN's failings to police domain name retailers than to have one retailer selling a scarce good grabbing the good exclusively (blocking attempted sales by all other retailers) when a customer merely inquires about it?

* Kentucky's attempted seizure of 141 gambling-related domain names. As I wrote before, "Is a domain name property? Yes. See the Sex.com case. Can a plaintiff seize a domain name pursuant to a favorable judgment? Yes. Is it appropriate for Kentucky to seize domain names for gambling websites available in Kentucky? Of course not, because this would effectuate an extraterritorial reach by curtailing non-Kentucky residents from making possibly legal uses of the domain name."

* Eric Menhart, a lawyer who claims to practice Cyberlaw, doesn't know that Cyberlaw is a generic term.

* New gTLDs. Maybe I should reserve this development for 2009...if it happens.

Others

* McCain complains about 512(c)(3) notices taking down his YouTube videos. Surprise! 512(c)(3) notices are unforgiving. Sen. McCain, now that you've had a first-hand taste of their power, maybe you'd like to revisit the statute to see if it's producing the right incentives?

* FCC's bust of Comcast. The pro-regulatory forces were queued up to pounce on any examples where an IAP violated Net Neutrality principles, and Comcast's chicanery in forging reset packets was impossible for anyone to defend.

* NebuAd's flameout. Behavioral ad targeting is in our future unless regulators stop it. NebuAd won't be the winning provider of targeting services, but legislators will keep trying to regulate it further out of existence nonetheless.

Posted by Eric at 05:50 PM | Adware/Spyware , Copyright , Derivative Liability , Domain Names , E-Commerce , Internet History , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Spam , Trademark | TrackBack

January 20, 2009

Outdated Whois Information Might Lead to False Light Tort--Meyerkord v. Zipatoni

By Eric Goldman

Meyerkord v. The Zipatoni Co., 2008 WL 5455718 (Mo. App. Ct. Dec. 23, 2008)

It's a late entry, but this opinion may be a dark horse candidate for the most bizarre case of 2008.

Meyerkord was a Zipatoni employee and listed as the registrant on domain names at Zipatoni's Register.com account. Meyerkord left in 2003. In 2006, Zipatoni ran an astroturfing viral campaign for Sony to promote the Play Station Portable at the domain alliwantforxmasisapsp.com. A BusinessWeek story on the campaign and the Urban Dictionary entry.

Unfortunately for Sony--and Meyerkord--the campaign did not go well. Bloggers and others got suspicious of the overly colloquial site, unmasked the astroturfing and decided to "out" the people involved. They pulled up the Whois records, saw the outdated information that Meyerkord was the registrant, and mistakenly assumed he was involved in the campaign.

The case doesn't get into the specific treatment of Meyerkord, but it seems logical to assume that he was subject to a blogger firing squad circa 2006, i.e., shoot first and ask questions later (I'd like to think the blogosphere would be a little more circumspect circa 2009, but maybe not). For example, the Consumerist has its own category tag for alliwantforxmasisapsp, and it awarded Sony the "Lucky Golden Shit" award for best "flog" of 2006. In this post, the Consumerist "outs' Meyerkord and calls him a "douchebag" (which, for reasons my aging brain can't comprehend, has become the modern derogatory term of choice) until they modified the post, striking out his name and recanting "he is an innocent bystander in this sordid affair." Oops...a little late for that, don't you think, Consumerist?

In response to this rough justice from the blogosphere, Meyerkord sued Zipatoni for the privacy tort of false light. The lower court dismissed the complaint for failure to state a claim. In this ruling, the appellate court reverses the lower court and remands the case to allow Meyerkord to file an amended complaint if he can allege that Zipatoni acted with actual malice.

While I can see why the court was sympathetic to Meyerkord for being falsely associated with an astroturfing campaign, in my opinion, Zipatoni's real negligence was its failure to keep its domain name records updated FOR THREE YEARS! I feel silly mentioning the obvious and well-known practice pointer that you should keep your Whois records up-to-date; and especially remove any former employees from Whois records. Not only does outdated Whois information pose a major security risk, but it could allow former employees to assert ownership over the domain. Now, keeping them on the record may be tortious to the former employee as well. In any case, for having a former employee listed on its domain names for three years, Zipatoni deserves whatever punishment they get.

One more oddity: alliwantforxmasisapsp.com now is a promotional site for Haagen Dazs ice cream. Huh? I presume Haagen Dazs bought the residual traffic from all of the links bashing the domain, but (1) the association between PSP and Haagen Dazs doesn't make any sense, and (2) I would have thought a big brand like Haagen Dazs wouldn't want the implicit taint of benefiting from an astroturfed website.

Posted by Eric at 07:08 AM | Domain Names , Marketing , Publicity/Privacy Rights | TrackBack

July 11, 2008

The Sex Tape Problem...and a Possible Legislative Solution?

By Eric Goldman

An inescapable fact of the digital era is that people will be depicted in digitized sex videos ("sex tapes") that they wish did not exist. Sex tapes can be classified into a variety of types:

* sex tapes of non-consensual sex. The taping may exacerbate the harm to the victim, but the non-consensual sex is already criminal--and the sex tape could provide valuable evidence to the prosecution to help convict the criminal. The consent issue gets trickier when dealing with underage participants who are legally incapable of consenting to sex, such as two underage teens who might jointly decide to tape their sexual encounter.
* sex tapes of consensual sex where one of the parties didn't consent to the taping.
* sex tapes where both the sex and the taping were fully consensual, but one of the parties exceeds the scope of consent about subsequent use or disclosure. Ex 1: sex partner keeps and watches sex tape after breakup in contravention of other party's wishes. Ex 2: sex partner distributes the tape to third parties who the other party didn't contemplate would see the video. In the most egregious case, the sex partner publicly distributes the tape via the Internet when the other party intended the video to remain private.
* sex tapes where the sex, taping, and further use or distribution are fully consensual among all depicted parties. I believe this describes some of the publicity hounds that deliberately leak sex tapes as a type of marketing for the depicted individual(s) (unfortunately, another seemingly inescapable fact of our lives), even if the depicted individual lightly protests about the distribution to increase the scandal factor. These don't raise a lot of interesting legal issues.

Public distributions of sex tapes are surprisingly common. Check out the long list of celebrity sex tapes at Wikipedia. A Westlaw search for the term "sex tape" in all state/federal cases yields 29 lawsuits reported in Westlaw (I'm sure there are synonyms that would reveal more litigation that has made it into Westlaw, and of course Westlaw covers only a small fraction of the cases).

From a legal standpoint, it's easy to offer some proactive suggestions for people creating a sex tape. One, don't make a sex tape unless you can fully control it technologically (or you don't mind if the tape becomes the most-downloaded video on the Internet). Of course, perfect technological control over digital bits may be impossible nowadays; for example, some of the celebrity sex tapes were allegedly leaked by computer repair personnel. Two, if you make a sex tape and don't fully control it technologically, clearly delineate with the other party/parties the disposition of the sex tape in various circumstances, such as breakup. From a lawyer's standpoint, a written contract would be nice.

(This last paragraph demonstrates a third immutable truth that I'm not oblivious to: proactive guidance about the production, control or distribution of sex tapes from a law professor is not that useful. But I digress...).

Unfortunately, once lawyers are brought in to deal with the non-consensual creation, use or distribution of a sex tape, they may not be able to do much to help the non-consenting party. Simply put, existing law provides poor controls for a non-consenting party. There is a long list of torts and crimes that MIGHT provide some control to the non-consenting party depending on the precise facts of the specific situation, including privacy rights (such as public disclosure of private facts), anti-child porn laws, obscenity, ECPA/wiretapping, copyright infringement, breach of contract, intentional infliction of emotional distress, cyberbullying or cyber-harassment and extortion (if the tape possessor makes a "do X or the tape goes up on YouPorn" type threat).

At the same, depending on the precise facts, it is also possible that the non-consenting party could have no effective recourse against a non-consensual public distribution of a sex tape. First, the laws simply may not fit the facts. Second, even if they do, some of the legal doctrines (such as privacy rights violations) are so "squishy" that they can be hard to enforce, and any criminal prosecution requires a prosecutor to actually take the case. Third, and most problematically, a sex tape posted online might quickly be reposted on multiple servers, including some overseas, exponentially increasing the costs, and substantially decreasing the likelihood, of successfully purging the tape from public view.

Meanwhile, the harm to the non-consenting party can be substantial. The sex tape be profoundly embarrassing to the party (even if the person didn't actually do anything "embarrassing"). The sex tape might provide forensic evidence of illicit adultery/cheating, and that could irreparably change social relationships. Finally, the tape can change the way people perceive the person. For example, a person may have economic or social prospects predicated on a wholesome image, such as beauty pageant contestants, in which case the tape can undermine that image and destroy economic prospects or social relationships.

I was recently discussing this issue with a colleague over lunch and we started kicking around the idea that maybe the sex tape problem would benefit from legislative intervention. Yes, in this limited circumstance for this specific problem, even I am willing to acknowledge that a new law might be worth considering. Our discussion covered two interrelated ideas:

1) It should be impermissible for someone to distribute a sex tape online without all depicted individuals having consented to the distribution. (We could easily extend that to offline distributions as well, but I'm just focusing on the problems of Internet publication now).
2) Intermediary online publishers should be subject to a DMCA-style notice-and-takedown scheme where a non-consenting party can provide suitably rigorous notice that the tape was distributed without his/her consent, in which case the intermediary has some time post-notification to remove the tape before facing further consequences. The notice-and-takedown scheme should also provide the poster with a counter-notification process that shifts the legal liability back to the poster and off the intermediary. Obviously, this requirement would need to override 47 USC 230. However, the notice-and-takedown scheme is essential to give the non-consenting party some effective recourse against the quick proliferation of a video to multiple sites.

I know these suggestion aren't perfect. Some of the obvious deficiencies:

* the definition of a sex tape. It's easy to define the paradigmatic situation, but there are a lot of edge cases that might be hard to resolve in a statutory definition.
* defining consent. Would written consent be required? If oral consent is enough, doesn't that open the door to lots of irresolute and time-consuming he-said/she-said factual disputes?
* the level of validation required for the takedown notice. We could just allow a person to claim identity and lack of consent, or we could require the person to go through some hoops before their takedown notice is effective.
* Constitutional considerations. Personally, I don't think these are especially problematic here, but they are always a consideration when regulating sexual material.

Finally, the most obvious problem is that this would proliferate yet another limited privacy law as a point solution to a specific problem instead of providing a more comprehensive omnibus privacy regulatory scheme preferred by privacy advocates. This would definitely be true, but the limited nature of the regulation and the remedies is a part of why this proposal appeals to me. If we are dealing only with sex tapes, and only requiring consent of the depicted individuals, the risks of plaintiff litigation frenzies, takedown spam and collateral content censorship goes way down, but still a particularly pernicious problem becomes much easier to solve.

So, what do you think? Comments are still down, but feel free to leave a trackback or email me and let me know if I can append your comment to this post.

COMMENTS:

From Colette (7/11):

I would advocate that the new law not only apply to on-line. The sort of law should cover dissemination of sex tapes (however defined) in any format (though the on-line medium is of course much worse because of the viral distribution options).

To the list of possible claims, in some circumstances you might have a defamation claim (e.g. if the sex tape editor/poster refers to the person depicted in the tape as a "porn star", but the person is not).

For the "getting/proving consent" (or perhaps the opposite: expressly stating non-consent) problem, the participants may fairly easily put their consent on the video itself. For most of the cases, that may work in place of a paper agreement re: consent. (One obvious problem of putting the consent on the tape itself, is make sure both (or all) parties have a copy of the tape, including the part of the tape that deals with the consent issue. In the real world, I can imagine that the party who is harmed may not keep a copy of the tape (it's old, from a long time ago, lost in moves, deliberately thrown out because s/he wants to put the incidence behind them). The other party who has it, could easily discard/delete the part of the tape where the "non-consent" is stated. Even if the harmed party expressly stated on the tape that s/he does not consent to distribution, that party would have no proof. Ahhh. This is why we lawyers wold prefer a written agreement. Much easier to track that down if it exists!

[Eric's response: I love it! From a legal perspective, it would be better if before the parties got frisky, they both looked into the camera and expressed their consent. Maybe something like "I consent to this video being posted to the web. Now, show me your &^%$!" Then again, this type of videoed consent to being videoed was instrumental in squelching Ashley Dupre's lawsuit against Girls Gone Wild.]

Posted by Eric at 10:38 AM | Content Regulation , Publicity/Privacy Rights | TrackBack

May 07, 2008

April 2008 Quick Links

By Eric Goldman

Anti-Gaming

* Even though Ticketmaster won its lawsuit, Minnesota overreacted to the Hannah Montana ticket crush by banning software to circumvent an online ticket allocation process. See Sec. 609.806. Check out the hyperbole in this press release! What's next? Are legislators going to make SEO a crime?

* Google modified its relevancy algorithm 450 times in 2007. And yet courts still cite to Brookfield for how search engines operate!

* The UK cracks down on shill marketing online. ClickZ: "Under the new [UK] Consumer Protection from Unfair Trading regulations, it will be illegal to "Falsely claim or create the impression that the trader is not acting for purposes relating to his/her trade, business, craft or profession," or to "falsely represent oneself as a consumer."" See also AdAge.

* Speaking of SEO....the latest pathetic attempt to grab a generic term and trademark it? "SEO." Sarah Bird is on the job.

* Do student notes of a professor's lecture constitute copyright infringement? We may find out.

* Atlantic v. Howell. More on the "making available" theory of copyright infringement.

* Sarah Bird on registering copyrights in websites and blogs.

* A for-profit T-shirt listing the names of deceased Iraq soldiers sparks a publicity rights lawsuit.

General

* Bowen v. YouTube, Inc., 2008 WL 1757578 (W.D. Wash. April 15, 2008). The court upheld the forum selection clause in YouTube's user agreement.

* eBay is ending its promotion of third party live auctions. Maybe because of this loss?

* Rebecca blogs on SuccessFactors, Inc. v. Softscape, Inc., 2008 WL 906420 (N.D. Cal.), an odd case involving the Computer Fraud & Abuse Act and an "attack PowerPoint" allegedly sent by a competitor to its prospective customers.

* Kate Kaye writes about the new Internet industry lobby group, the "State Privacy and Security Coalition," designed to fight laws like the Utah Trademark Protection Act.

* Kevin Werbach, The Centripetal Network: How the Internet Holds Itself Together, and the Forces Tearing it Apart, UC Davis Law Review, Forthcoming. An interesting paper applying "network formation" theory to show how the Internet came together as a unified network and how those unifying forces are under constant stress.

Posted by Eric at 08:52 PM | Content Regulation , Copyright , Internet History , Licensing/Contracts , Marketing , Publicity/Privacy Rights , Search Engines , Trademark | TrackBack

April 28, 2008

47 USC 230 Trifecta of Cases--Friendfinder, e360insight, iBrattleboro

By Eric Goldman

47 USC 230 cases have been coming at such a rapid clip that I've fallen behind. In this blog post, I'll catch up on three recent cases:

Friendfinder

Doe v. Friendfinder Network, Inc., 2008 WL 803947 (D.N.H. March 27, 2008)

This case involves the publication of a false user-supplied profile on adult dating/hook-up services operated by AdultFriendfinder and Various. Fake dating profiles have been the source of a fair amount of 230 litigation; see, e.g., the Anthony v Yahoo, Landry-Bell v. Various, Doe v. SexSearch, Barnes v. Yahoo, and of course the Carafano case. The Friendfinder case involves two allegations we haven't seen before: (1) when the plaintiff complained, the sites removed the profile but displayed the following message on the profile page: "Sorry, this member has removed his/her profile," which allegedly implied that the plaintiff in fact had authorized the page initially, and (2) portions of the fake profile had been displayed on third party sites as "teasers" to advertise the adult dating services.

The court quickly dismisses the defamation, intentional infliction of emotional distress and various soft tort claims per 230, even if the defendants affirmatively reposted the profiles and even with respect to pull-down menus used to help profile building. This opinion came out before the Ninth Circuit en banc ruling in Roommates.com, but taking Kozinski's disclaimers at face value, the discussion about pull-down menus should have survived Roommates.com.

The court also says that 230 protects the site-authored announcement on the removed profile because "the allegedly tortious nature of those statements proceeds solely from the association they create between the plaintiff and the content of the profile." This might be an important standard to help future courts determine when 230 governs allegations of false marketing representations predicated on bad user info.

The court takes a less defense-favorable direction regarding the right of publicity claim. In direct conflict with the Ninth Circuit's ccBill ruling, this court says that 230 does not preempt state IP claims. Personally, I think this court got the statutory construction right and the Ninth Circuit got it wrong. As this court correctly explains, a court cannot interpolate the word "federal" into 230(e)(2) if it uses intellectually rigorous statutory interpretation.

Having left open the state IP claims, the court (also correctly, IMO) says that a right of publicity claim is an IP claim while any other invasion of privacy claim (i.e., the other three prongs of Prosser's four privacy torts) is not.

The court also survives the plaintiff's allegation of a Lanham Act false designation of origin claim with respect to the use of the false profile in the advertising teasers. But why didn't the court examine the application of 230 to this Lanham Act provision, which arguably isn't an IP claim? I think the court considered the false designation of origin claim, as applied to a false endorsement, to be equivalent to a right of publicity claim, but it would have been nice for the court to unpack this assumption.

The litigation over teaser content raises a question that's been bothering me for some time--when is republication of user-supplied editorial content (in this case, the dating profile) as teaser content on third party websites legally governed as commercial advertising? Teaser editorial content is ubiquitous, but it also serves a marketing function that could (should?) be regulated by commercial advertising restrictions such as the right of publicity. Hey, if you're looking for a paper topic, I think this issue (use of user content in teaser content as a right of publicity issue) is a good one.

More discussion about this case: CMLP, Rebecca, Jeff Neuburger, John Leonard

e360Insight

e360Insight, LLC v. Comcast Corp., 2008 WL 1722142 (N.D. Ill. April 10, 2008)

e360 is an email marketer/alleged spammer. Comcast blocks their emails from getting to Comcast subscribers. e360 sues Comcast for a variety of torts. The court sweeps all of the claims away on a judgment on the pleadings per 230(c)(2), saying that spam filtering constitutes the blocking of objectionable content contemplated by the statute. Further, agreeing with the Kaspersky case, the court says that any good faith requirement in the statute is subjective, not objective, and e360 didn't plead any evidence of subjective bad faith. Case dismissed.

This opinion adds to the burgeoning caselaw under 230(c)(2) showing that it will crunch claims by anyone upset that their communications are being filtered. As applied to an IAP like Comcast, I think this raises an interesting angle in the net neutrality debate. If you're looking for a paper topic, it seems like it would be timely to recap 230(c)(2) jurisprudence and analyze its interplay with other speech-preserving doctrines (must-carry laws, Constitutional free speech restrictions, net neutrality, consumer protection requirements of disclosure, etc.).

iBrattleboro

Mayhew v. Dunn, 580-11-07 (Vt. Superior Ct. March 18, 2008)

This is a simple and clean opinion. The defendants operate the iBrattleboro.com website. A third party posted material to the website that allegedly harmed the plaintiff. The website operators get a judgment on the pleadings. Case dismissed. This is a nice illustration of 230 working exactly as it should. Some useful color on the case from CMLP.

Posted by Eric at 10:27 AM | Derivative Liability , Publicity/Privacy Rights , Spam | TrackBack

February 25, 2008

CaféPress Denied 230 Motion to Dismiss--Curran v. Amazon

By Eric Goldman

Curran v. Amazon.com, Inc., 2008 WL 472433 (S.D. W.Va. Feb. 19, 2008)

Erik Curran was a National Guard soldier who served in "a combat zone." For reasons unclear from this opinion, he was photographed by an unspecified photographer, and the photo (or photos) of Curran became widely republished. Erik is now suing numerous defendants for violations of his publicity and privacy rights based on these republications.

CaféPress is a defendant because third party users provided Curran's photos for republication on CaféPress-produced t-shirts. CaféPress asserts a 230 defense.

Superficially, 230 looks possible. The images were provided to CaféPress by third parties, CaféPress is a website, and 230 preempts right of privacy claims. I also think 230 probably bar right of publicity claims; even if the publicity claims are IP claims, they would still be state-based IP claims that should be preempted per ccBill.

Nevertheless, I'm a little confused about CafePress' 230 defense. Even assuming 230 facially applies, it should cover only CaféPress' web-based publications and not the vending of physical goods. (As discussed in the Accusearch case, it's possible that any vending by a merchant of record is outside 230's scope, even when the vended materials are just online data). Thus, CaféPress' shipment of physical space t-shirts with an improper image could be outside 230's scope. Perhaps CaféPress believes (much like Amazon did in the Corbis v. Amazon case) that the physical space sales are made by its users, not CaféPress. I could see a judge buying that argument, but if CaféPress is integrally involved in every aspect of the physical retailing, manufacturing and shipment of the impermissible items, it's not clear CaféPress can avoid liability for the non-cyberspace activities, none of which should be covered by 230. (In this sense, I believe CaféPress provides substantially more services to its third party "merchants" than Amazon provides its zShop merchants that were at issue in the Corbis case).

The court doesn't get into this nuance here. Instead, CaféPress argued that Curran's complaint had not alleged that CaféPress had created or developed the content at issue. The court says this argument is insufficient because "CaféPress relies upon the absence of facts not pled in the complaint and seeks to place the onus on the plaintiff to plead around affirmative defenses, which it need not do." I think the court is wrong about this--many courts have granted the 230 defense on a motion to dismiss based on incomplete allegations--but this may not matter in the end. The court adds that "plaintiff faces an uphill battle given the broad grant of immunity conferred by § 230, as interpreted in the seminal case of [Zeran]." But the denial of the motion to dismiss gives Curran a fishing expedition license and some time to parse through the liability associated with vending physical items.

One other interesting note. Curran also sued Amazon for displaying a book cover (from a third party publisher) that featured Curran without his consent. Amazon defended by citing the Almeida case, which dealt with an identical issue. In Almeida, the court sidestepped Amazon's 230 defense and instead held that Amazon wasn't liable because the book cover display was just incidental to Amazon's sale of the book. This court defers the issue, refusing the motion to dismiss as too early to make that judgment.

UPDATE: Michael Erdman's comments.

Posted by Eric at 10:33 PM | Derivative Liability , Publicity/Pr

Search

Archives

Recent Entries

January 31, 2012

Court Denies Kravitz’s Motion to Dismiss PhoneDog’s Amended Claims -- PhoneDog v. Kravitz

December 19, 2011

Facebook "Sponsored Stories" Publicity Rights Lawsuit Survives Motion to Dismiss--Fraley v. Facebook

December 08, 2011

Employee's Claims Against Employer for Unauthorized Use of Social Media Accounts Move Forward--Maremont v. SF Design Group

November 22, 2011

Court Awards Damages for Wrongful Disruption of Web Presence -- Ordonez v. Icon Sky Holdings

October 29, 2011

Publicity Rights Class Action Against Facebook Over Promotion of 'Friend Finder' Service Dismissed -- Cohen v. Facebook

September 24, 2011

Gilbert Arenas' Tweets Sinks His Motion to Enjoin "The Basketball Wives" -- Arenas v. Shed Media

September 06, 2011

Marijuana Activist Can't Change His Name to "NJWeedman.com" -- In re Forchion

August 29, 2011

Bev Stayart Racks Up Two More Losses--Stayart v. Yahoo and Stayart v. Google

August 05, 2011

TheDirty Defeats Publicity Rights Claims--Gauck v. Karamian

July 29, 2011

Court Smacks Down Koch Industries' Attempt to Shut Down Satirical Website -- Koch Industries v. Does

July 08, 2011

NJ Appeals Court: No Privacy Violation When Spouse Uses GPS to Track Vehicle -- Villanova v. Innovative Investigations, Inc.

June 29, 2011

Court Dismisses Misappropriation Claims Against Facebook Over Its Friend Finder Service -- Cohen v. Facebook

June 09, 2011

Buying Personal Names for Keyword Ads Isn't a Publicity Rights Violation--Habush v. Cannon

June 06, 2011

April-May 2011 Quick Links, Part 3

June 04, 2011

TheDirty Defeats Privacy Invasion Lawsuit--Dyer v. Dirty World

May 25, 2011

Ohio Appeals Court: GoDaddy can be Held Liable for Wrongly Transferring Control Over Domain Name and Email Accounts -- Eysoldt v. ProScan

May 20, 2011

Court Allows Fair Credit Reporting Act Claims Against Spokeo to Move Forward -- Robins v. Spokeo

May 19, 2011

Plaintiff Can't be Forced to Accept Defense Counsel's Facebook Friend Request in Personal Injury Case -- Piccolo v. Paterson

March 28, 2011

Website Privacy Policy Supports Pseudonymous Poster's Expectation of Privacy -- Cornelius v. Deluca

March 17, 2011

Employee's Twitter and Facebook Impersonation Claims Against Employer Move Forward -- Maremont v. Fredman Design Group

March 10, 2011

Google Not Liable for Suggested Vanity Searches--Stayart v. Google

February 12, 2011

Debt Collection Text May Result in Liability under the Telephone Consumer Protection Act -- Gutierrez v. Barclays Group

December 24, 2010

Deep Packet Inspection (NebuAd) Litigation: Court Dismisses ECPA Claim but CFAA Claim Continues

October 06, 2010

Tip for Clean Living: Don't Use a 14 Year Old's Self-Portrait in Advertising for Porn--Lara Jade Coton v. TVX

October 01, 2010

Seventh Circuit Tosses Beverly Stayart's False Endorsement Claims--Stayart v. Yahoo

July 07, 2010

Scribd Can't Shake Copyright and Publicity Rights Lawsuit on Motion to Dismiss--Williams v. Scribd

June 20, 2010

No Wrath in this Quon--Ontario v. Quon

June 19, 2010

MySpace Photo and Internet Gang Roster Evidence Improperly Admitted -- People v. Beckley

May 09, 2010

Updates to the Outed Judge-Commenter's Lawsuit Against the Plain Dealer -- Saffold v. Plain Dealer

April 23, 2010

Beverly Stayart Strikes Again! This Time, Stayart Sues Google

April 13, 2010

Google Sued for Publishing Home Address--Harris v. Google

April 08, 2010

Unmasked Judge/Commenter Sues Newspaper for $50mm -- Saffold v. Plain Dealer

February 01, 2010

Google Street View Lawsuit Revived, But Only on Trespass Grounds--Boring v. Google

January 31, 2010

January 2010 Quick Links

January 11, 2010

Top Cyberlaw Developments of 2009 (Eric's List)

December 26, 2009

November-December 2009 Quick Links, Part 1

December 18, 2009

Top Cyberlaw Developments of 2009

December 11, 2009

Denver University “Cyber Civil Rights” Symposium Recap

December 02, 2009