January 11, 2012
An Update on PhoneDog v. Kravitz, the Employee Twitter Account Case
[Post by Venkat Balasubramani]
PhoneDog v. Kravitz, No. C 11-03474 MEJ (N.D. Cal.) (Amended Complaint) (Motion to Dismiss) (PhoneDog Opposition) (Kravitz's Reply)
In November, the court allowed PhoneDog’s claims against Kravitz for conversion and trade secrets to proceed. ("Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Account can Proceed.") In its initial order, the court rejected PhoneDog's interference with economic advantage claim because it was muddled and didn't clearly specify what economic relationship PhoneDog alleged Kravitz allegedly interfered with.
PhoneDog filed an amended complaint, clarifying its economic interference arguments (or trying to at least). Kravitz moved to dismiss the amended claims. I've linked to the pleadings above. PhoneDog claims that it had an economic relationship with the followers of Kravitz’s Twitter account, so Kravitz taking the account disrupted this relationship. PhoneDog also claims this affected its relationship with “existing and prospective advertisers” on PhoneDog’s website. Finally, PhoneDog argues that Kravitz interfered with its economic relationship with CNBC and Fox News by continuing to contribute to programs on these channels after he left PhoneDog. Regardless of how the court rules on the economic interference claims, the conversion and trade secrets claims will continue (for now).
For what it’s worth, although I don't know the precise contours of economic interference claims under California law, PhoneDog’s claims look tenuous--especially the one about the disruption of economic relationship between PhoneDog and the followers of Kravitz’s Twitter account. In the usual scenario, there's no real economic relationship between an account and followers. People follow because they are interested in information. It's not like anyone is charging their followers--i.e., typically there's no money changing hands between an account and followers. (I assume some sort of direct economic relationship (or expectation) is required to bring a claim, but the court's order isn't overly specific on this point.) Another thing to consider is that the account/follower relationship is dynamic. If people don't like what they hear from an account or they don't like a change in voice, they can unfollow, instantly and at no cost. The core of the economic value, if any, is in the ongoing content and the voice. PhoneDog also argued Kravitz continuing to use the Twitter account was a disruption of its relationship with advertisers, but I'm skeptical that PhoneDog will be able to show that advertisers on its website cared about the Twitter follower numbers. It may be true that traffic to the website diminished and and as a result PhoneDog generated less revenues from advertising, but that shouldn't amount to Kravitz's interference with PhoneDog's relationship with its advertisers.
After the court initially ruled on Kravitz’s motion to dismiss, another court (in Pennsylvania) issued its order in the LinkedIn case (Eagle v. Morgan). That order didn't cleanly resolve the claims over ownership of the LinkedIn account, but it does take a pretty dim view of the economic interference claim based on Dr. Eagle’s continued use of her LinkedIn account. (“Edcomm failed to point to “one potential contract that would . . . have materialized” absent Eagle’s alleged interference.”) As WSJ’s Law Blog notes, Kravitz filed a copy of this ruling as supplemental authority and requested the court to take judicial notice of it. Interestingly, in Eagle, the court notes that a password can’t be a trade secret because it’s not something that a competitor can derive economic value from. This should be equally applicable to PhoneDog’s argument that Kravitz misappropriated trade secrets by continuing to use the Twitter account. A Twitter account shouldn’t be a trade secret. But the court already allowed the claim to go forward, and Kravitz is going to have to raise this in a summary judgment motion.
I previously expressed some skepticism about PhoneDog’s case, but I’m even more skeptical now. I also question whether it was really in PhoneDog's interest to sue Kravitz over this. Was it really worth PhoneDog's expenditure of energy and fees to try to get back the Twitter account? Also, public sympathies have mostly tilted towards Kravitz. Kravitz has experienced a media bonanza as a result of this lawsuit and has gotten (mostly favorable) press coverage in a variety of different outlets, including the New York Times. Kravitz continues to Tweet, and he has taken a few opportunities to poke PhoneDog over its claim that each follower was worth $2.50 per month. His Twitter bio even says “People are not property. Love over gold.” People overall seem sympathetic to Kravitz’s side of the story. Someone even set up a “Save Noah” website and Twitter account. The net result of PhoneDog's lawsuit so far is a personal branding bump for Kravitz.
I’m not seeing a clear parth to victory for PhoneDog here (and more likely I’m guessing the case settles), but in the unlikely event PhoneDog wins control over the Twitter account, it will be interesting to see if the followers unfollow the account en masse.
Other coverage:
Before Dispute over Twitter Account, a Fight Over LinkedIn (WSJ Law Blog)
A Dispute Over Who Owns a Twitter Account Goes to Court (NYT)
Previous posts:
Another Set of Parties Duel Over Social Media Contacts -- Eagle v. Sawabeh
Employee's Claims Against Employer for Unauthorized Use of Social Media Accounts Move Forward--Maremont v. SF Design Group
Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Account can Proceed--PhoneDog v. Kravitz
Ex-Employee Converted Social Media/Website Passwords by Keeping Them From Her Employer--Ardis Health v. Nankivell
Court Declines to Dismiss or Transfer Lawsuit Over @OMGFacts Twitter Account -- Deck v. Spartz, Inc.
Posted by Venkat at 09:45 AM | Marketing , Trade Secrets
January 03, 2012
Nov.-Dec. 2011 Quick Links, Part 2 (Extended IP Edition)
By Eric Goldman
Copyright
* Costco v. Omega (E.D. Cal. Nov. 9, 2011). On remand after the disappointing non-result from the Supreme Court in this case, the district court gives Costco a decisive win, holding that Omega engaged in copyright misuse:
Omega concedes that a purpose of the copyrighted Omega Globe Design was to control the importation and sale of its watches containing the design, as the watches could not be copyrighted. Accordingly, Omega misused its copyright of the Omega Globe Design by leveraging its limited monopoly in being able to control the importation of that design to control the importation of its Seamaster watches.
The net effect is that Costco violated copyright law's importation clause but Omega's copyright misuse makes the importation not actionable. This is one of the most significant copyright misuse decisions we've seen. Assuming it goes to the Ninth Circuit again, it will be interesting to see what they do with it. If this latest ruling stands, Omega's legal hack will be decisively shut down; and other manufacturers trying to use copyright to control their channels for non-copyrightable articles will want to reevaluate their approach.
* The Righthaven debacle continues to wind towards its messy but inevitable conclusion. Some of the items from the last couple months that caught my attention:
- Every time Righthaven's lawyers whine about opponents' unfair litigation tactics, I'm dumbstruck by the duplicity.
- Stephens Media dropped its efforts to contest that Democratic Underground made a fair use by republishing a newspaper article excerpt.
- Righthaven v. Wolf: "The Court admonishes Mr. Mangano regarding his lack of civility. The motion for reasonable attorney's fees in the amount of $32,147.50 and costs of $1,000.85 is GRANTED."
- Righthaven LLC v. Newsblaze LLC, 2011 WL 5373785 (D. Nev. Nov. 4, 2011). Yet another dismissal for lack of standing.
- the auction for Righthaven.com is going on right now. Current high bid is $1,900.
* C-70/10, Scarlet Extended SA v. Societe Belge des auteurs, compositeurs et editeurs (SABAM) (ECJ Nov. 24, 2011). Some interesting quotes from an ECJ opinion:
- "EU law precludes the imposition of an injunction by a national court which requires an internet service provider to install a filtering system with a view to preventing the illegal downloading of files"
- "The filtering system would also be liable to infringe the fundamental rights of its (Scarlet's) customers, namely their right to protection of their personal data and their right to receive or impart information"
- “E.U. law precludes an injunction made against an Internet service provider requiring it to install a system for filtering all electronic communications passing via its services, which applies indiscriminately to all its customers, as a preventive measure, exclusively at its expense, and for an unlimited period”
* Brownmark Films LLC v. Comedy Partners, 2011 WL 6002961 (E.D. Wis. Nov. 30, 2011): In awarding a fee shift to defendants, "the Court finds that Brownmark's legal positions were also objectively unreasonable, and thus their position was frivolous. To this Court, there is little that could justify the plaintiff's stated view that the South Park version was not parody....given the transformative nature of the use and the lampooning Brownmark's original received, there is ample reason to believe that South Park's use would have greater spurred the market for the original. In the internet era, with information freely and quickly accessible, viewers interested in South Park's version could turn to the internet to find a copy of the original. And any confusion over which version was the original could be supplied to online viewers through a statement at the video's web page. For all of these reasons, the Court finds that Brownmark was objectively unreasonable in its position that South Park's use was not fair." Wendy Davis' writeup.
* Carolyn Wright, a/k/a PhotoAttorney, who helps photographers enforce their copyrights, got side-swiped in a misguided enforcement action and had her photo site mistakenly taken offline by a DMCA takedown notice (not surprisingly, GoDaddy was in the middle of this).
* UC Berkeley revamps its policies about student note-taking and recordings of classes. It seems a little odd to encourage faculty members to be sending 512(c)(3) takedown notices freely. James Grimmelmann has more criticisms.
* Gibson v. Amazon (C.D. Cal. Sept. 8, 2011). The court rejected a copyright infringement case against Amazon, Urban Dictionary and others. Gibson is appealing to the Ninth Circuit.
* RIAA is in pre-litigation enforcement mode against ReDigi for reselling digital files.
* The Zynga-Vostu litigation settled.
* Ars Technica: Warner Bros: we issued takedowns for files we never saw, didn't own copyright to
* Megaupload brought a 512(f) suit against UMG for wrongfully taking down a promotional video. The complaint. The contract. James Grimmelmann's comments.
* The economics of the record label-online music site deals look very, very bad for the music sites.
* Techdirt: Congressional Research Service Shows Hollywood Is Thriving
* David v. CBS complaint. Tertiary infringement re-redux: Download.com sued again for secondary copyright infringement for distributing LimeWire and BitTorrent clients.
* A Singapore newspaper sued Yahoo News for copyright infringement.
* An analysis of the Trans Pacific Partnership (TPP).
Trademark
* 1-800 Contacts, Inc. v. Lens.com, Inc., 2011 WL 5403368 (D. Utah Nov. 4, 2011). The court denies 1-800 Contacts' motion for post-judgment relief based on newly discovered evidence. This case could be a textbook case of trademark bullying--remember, 1-800 Contacts has spent well over $650k on this case and Lens.com made $20 (not a typo) of profit directly from its keyword ads based on 1-800 Contacts' trademarks. Prior blog post.
* Speaking of trademark bullying, does an "Eat More Kale" t-shirt infringe any IP rights that Chik-fil-A has in "Eat Mor Chikin"? See the 2011 C&D letter, the 2006 C&D letter and the 2006 C&D response. I assume most kale eaters don't overlap with Chik-fil-A consumers. But, Paul Levy explains why there should be a pox on both parties' houses.
* Lovely Skin, Inc. v. Ishtar Skin Care Products, LLC., 2011 WL 6055489 (D. Neb. Dec. 6, 2011). In a trademark lawsuit, the defendant asked for:
REQUEST NO. 32: All documents referring or relating to purchasing of keywords, “Ad Words,” “sponsored links,” or other advertisements for search engines and any efforts to achieve search prominence on search engines, including but not limited to Your purchase, or consideration to purchase, the name “Lively Skin” or the URL www.livelyskin.com.
REQUEST NO. 37: Documents referring or relating to communications with Google to purchase “lively skin” and “livelyskin.com” as keywords or “Adwords.”
The court says (cites omitted):
In support of its motion to compel, Ishtar states that Lovely Skin's production of documents in response to these requests are “deficient for two reasons.” First, the Google information lacks the dates that the keywords were used, which are necessary to establish “(1) whether Lovely Skin's marks had achieved secondary meaning when Ishtar entered the market; and (2) the extent of Lovely Skin's inequitable use of the term “livelyskin” in its keyword advertising campaigns.” Second, Ishtar claims that as a result of its recent Internet searches, Ishtar has learned that “Lovely Skin possesses additional information regarding keyword purchases made by Lovely Skin through other search engines.” The Court finds that the information sought by Ishtar is relevant to its affirmative defenses of the claims made against it by Lovely Skin.
* Partners for Health and Home, L.P. v. Seung Wee Yang, 2011 WL 5387075 (C.D. Cal. Oct. 28, 2011):
Defendants have infringed Plaintiff's Perma–Life trademark by each of the following acts, taken either individually or as a whole:
a. Registering the domain www.perma-life.co.kr and using it to promote their competing Pearl Life cookware;
b. Applying the metatags “perma life” and “permalife” to the website at www.perma-life.co.kr through which they sold their competing Pearl Life cookware;
c. Applying the term “permalife” as visible video tags (indexes) on videos promoting Pearl Life cookware which they posted on the Internet at video sharing websites YouTube (www.youtube.com) and Tag Story (www.tagstory.com), and on the “blog” site Daum (www .daum.net).
d. Purchasing the term “permalife” as an Internet search engine advertising keyword to direct Internet users to their website at www.pearllife.com at which they advertised their Pearl Life cookware.
* Foreword Magazine Inc. v. Overdrive Inc., No. 10-1144 (W.D. Mich. Oct. 31, 2011). Offering to sell a domain name after getting a C&D can't be introduced as evidence of bad faith in the resulting ACPA suit.
* Weather Underground v. Navigation Catalyst (E.D. Mich. Nov. 9, 2011). Typosquatters' liability for ACPA violations must be evaluated on a domain name-by-domain name basis, not based on the defendant's entire portfolio; and ACPA bad faith cannot be established on a "willful blindness" standard.
* iYogi Holding Pvt. Ltd. v. Secure Remote Support, Inc., 2011 WL 6291793 (N.D.Cal. Oct. 25, 2011). A default judgment against a competitor who created fake reviews bashing the plaintiff.
* Fordham sent a trademark demand letter to Texas Wesleyan for using the acronym "CLIP" to describe its IP center, which garnered derision from many other IP professors. The demand letter (currently set to private; I'm trying to fix that).
* Multi-Time Machine v. Amazon complaint. A watch manufacturer sues Amazon for trademark infringement based on Amazon's internal search engine's results.
* Night Owl Games v. Zynga complaint. Another game developer seeks a declaratory judgment against Zynga over the -ville trademark, this time "Dungeonville."
* Harvard spikes a Yale t-shirt making fun of it.
* Rebecca provides three updates on Southern Snow Manufacturing Co. v. Sno Wizard Holdings, Inc. (see my prior blog post on the case): insurer had duty to defend, a baffling battle over false trademark marking, and a further rejection that metatags matter.
Patents/Trade Secrets
* The Trade Secret Litigator: The America Invents Act: What Will the Impact of the New Patent Law's "Prior Commercial Use" Defense Have on Trade Secret Protection?
* Coca-Cola turns the vault for its secret formula into a tourist attraction.
* The producers of the Bachelor/Bachelorette sued Reality Steve for inducing show participants to leak spoilers. Reality Steve’s response.
* Are strict limits on e-discovery coming for patent cases?
* All Things D reports on Abhyanker v. Benchmark Capital, an idea theft lawsuit against a VC fund involving the entrepreneur who also is behind Trademarkia.
Posted by Eric at 01:05 PM | Copyright , Domain Names , Evidence/Discovery , Patents , Trade Secrets , Trademark | TrackBack
December 28, 2011
Another Set of Parties Duel Over Social Media Contacts -- Eagle v. Sawabeh
[Post by Venkat Balasubramani]
Eagle v. Morgan, 11-4303 (E.D. Pa.; Dec. 22, 2011)
Background: Dr. Linda Eagle, who holds a Ph.D. in communication and psychology, teamed up with Clifford Brody and founded Edcomm. They were later joined by Davi Shapp. Eagle maintains a reputation in the field of “banking training,” and has “cultivated relationships with thousands of individuals and organizations.” In October 2010, Sawabeh Information Services entered into an agreement with Eagle, Brody, and Shapp to purchase Edcomm. Sawabeh proposed to retain the three as executives, but abruptly terminated them in June 2011. This prompted a flurry of litigation.
The Lawsuits: Eagle sued the principal of Sawabeh and others working in concert with them (in Pennsylvania), alleging that defendants improperly accessed and continued to use Eagle’s LinkedIn account. Defendants turned around and asserted counterclaims, alleging that Eagle misappropriated a telephone number that had been assigned to Edcomm and improperly caused AT&T to transfer this number to Eagle personally. Defendants also asserted that Eagle misappropriated a laptop, as well as the LinkedIn “connections” associated with Eagle’s LinkedIn account (which defendants allege was maintained by Edcomm for the Edcomm's benefit).
In a separate lawsuit (in the Southern District of New York), Sawabeh asserted securities fraud and breach of contract claims against Eagle, Brody, and Shapp, alleging that the principals failed to disclose Edcomm’s obligation to make a substantial severance payment to Brody, and further failed to disclose that Edcomm transferred all of its IP to Brody in an earlier transaction. In this lawsuit, the court recently denied a motion to dismiss brought by defendants. (Sawabeh v. Brody, et al., 11-civ-4164 (S.D.N.Y.; Dec. 16, 2011).) [For some unknown reason, the courts don't seem to have a problem with the maintenance of two separate lawsuits arising out of the same transaction. I would have thought that consolidation was a no-brainer here.]
The parties have widely divergent views on the background facts, so it's hard to assess the viability of the claims. For example, Edcomm alleges that it created and maintained LinkedIn accounts for its employees, and as a matter of policy, employees were expected to turn over their LinkedIn accounts when they left Edcomm. Eagle disagrees, but also has to contend with a very unhelpful fact: Eagle committed the ultimate no-no and provided her LinkedIn password to someone at Edcomm.
(For what it’s worth, this looks like the account in question. The court entered a TRO prohibiting defendants from accessing the LinkedIn account. The order expired of its own accord, and none of the filings in the docket reflect any additional action by the parties with respect to this issue. Although it’s hard to tell, judging from the account, it looks like Eagle continues to use the account and defendants likely agreed to not interfere with this usage.)
Motion for Judgment on the Pleadings as to the Counterclaims:
Computer Fraud and Abuse Act: The CFAA claim was premised on Eagle’s alleged improper access of Edcomm’s AT&T account and misappropriation of Edcomm’s number. The claim is somewhat strange in that it doesn’t really identify what computer Eagle gained “unauthorized access” to. The court seizes on this and says that, in simpler terms, the counterclaims allege Eagle walked into an AT&T store and convinced AT&T to transfer Edcomm’s number to her--this does not involve the "access" of any computers. Along the way, the court also tackles the issue of whether Edcomm sufficiently alleges damages, and whether Eagle’s access was truly “without authorization” because she was once an employee of Edcomm and ostensibly had authorization to access the account. As to damages, the court says that Edcomm’s allegation that it suffered loss of business relationships as a result of Eagle’s transfer of the number does not count towards the jurisdictional threshold (“Nothing in these allegations avers any loss related to the impairment or damage to a computer or computer system, any remedial costs of investigating or repairing computer damage, or costs incurred while the computers were inoperable.").
Trade Secrets: The trade secret claim had a fatal weakness in that it was premised on information that obviously was not a trade secret: (1) the AT&T account information, and (2) the identities of clients and instructors. Eagle persuasively argued that Edcomm’s website disclosed the identity of more than 1,000 clients and the instructor identities were publicly available on their LinkedIn profiles. The court also says that the AT&T account information could not be a trade secret because it doesn’t have any “independent economic value” that would be of use to competitors. The arguably valuable asset in question is the telephone number, and there’s nothing secret about this.
Conversion: The conversion claim was premised on Eagle’s retention of a laptop allegedly belonging to Edcomm. The court allows this claim to proceed.
Misappropriation: The misappropriation claim can either be misappropriation of a trade secret or misappropriation of an “idea.” The court says that the misappropriation based on trade secrets must fail based on the court’s conclusion that Edcomm failed to specify any protectable trade secrets. The court however declines to dismiss the “misappropriation of an idea” claim. The parties had conflicting allegations as to whose investment generated the content on the LinkedIn account. Given these conflicting allegations, the court declines to grant judgment on the pleadings on the misappropriation claim.
Tortious Interference: The court dismisses the remaining claims. Edcomm asserted that Eagle interfered with the contract between AT&T and Edcomm, but the court says that Edcomm failed to adequately allege specific intent and damages. Eagle cared about the number, and the contractual relationship between AT&T and Edcomm was incidental to the number (it's unclear this was terminated anyway). Edcomm also argued that Eagle interfered with relationships with prospective clients, but the court dismisses this claim on the basis that Edcomm’s allegations were speculative. Edcomm failed to point to “one potential contract that would . . . have materialized” absent Eagle’s alleged interference. (The court declines to dismiss an unfair competition claim but this claim piggybacks on the misappropriation claim.)
__
The dispute raises interesting issues, and as with PhoneDog, OMGFacts, and Maremont cases, illustrate the difficulty of neatly categorizing social networking accounts and the goodwill in those accounts. The obvious question is whether the parties had an agreement addressing Eagle’s competitive efforts and use of her contacts. Judging by the fact that the parties did not mention any contractual terms, it’s fair to say that there was no written agreement dealing with Eagle’s competitive activities. This is somewhat surprising, given that Edcomm was acquired, and to the extent the the key assets in the acquisition were human resources, the parties should have had an agreement in place addressing Eagle's post-acquisition competitive activities.
It looks like the vagaries of Pennsylvania law may have made it harder to bring a conversion claim based on the phone number (the court footnotes that conversion claims are limited to tangible personal property), but at least one court has held that phone numbers can be subject to conversion claims. (Can a Telephone Number Be the Subject of a Conversion Claim?, discussing Staton Holdings, Inc. v. First Data Corp, 2010 U.S. Dist. LEXIS 48688 (N.D. Tex. May 11, 2010).) Given the current rules on phone number portability, to the extent they are freely transferable, it seems like phone numbers are increasingly similar to domain names, which can form the basis of conversion claims.
The fight over the LinkedIn account was probably the most interesting, but there is little discussion about the fact that LinkedIn terms restrict usage of log-in credentials to the person who created the account. (Eagle's sharing, and Edcomm's access likley violated LinkedIn's terms, as a technical matter.) Also, LinkedIn distinguishes between “company accounts” and “personal accounts.” Personal accounts seem by design to be akin to resumes, and while it makes sense for someone to be restricted from exploiting their contacts for competitive purposes, the personal accounts don’t lend themselves to use by the company. Neither the court nor the parties focuses on this. As an afterthought, my instinct is that parties are often misdirecting their energies with fights over “who owns contacts.” Contacts are personal, and particularly in the social networking context, I would think it would be difficult for one person to take advantage of another person’s contacts. I could see Edcomm sending out a spam message to Eagle’s LinkedIn contacts, announcing that Eagle is no longer with the company and prospective customers should contact Edcomm directly, but apart from this, is it really realistic for Edcomm to continue to exploit Eagle’s contacts?
Although it's tough to say since the case is at the initial stages, the lawsuit in Pennsylvania seems like a small part of the overall dispute, which includes the litigation in the Southern District of New York. In the Southern District case, Sawbeh alleges fraud on the part of Eagle and her cohorts; if the fraud and misrepresentation claims are successful, they will likely dwarf the effect of the battle over the LinkedIn contacts and phone number. Any victory that is achieved in the Pennsylvania litigation may turn out to be pyrrhic, depending on how the New York litigation pans out.
Posted by Venkat at 10:52 AM | Licensing/Contracts , Trade Secrets , Trespass to Chattels
November 10, 2011
Courts Says Employer's Lawsuit Against Ex-Employee Over Retention and Use of Twitter Account can Proceed--PhoneDog v. Kravitz
[Post by Venkat Balasubramani]
PhoneDog v. Kravitz, 2011 WL 5415612 (N.D. Ca.; Nov. 8, 2011)
Another day, another post-employment dispute over a social media account.
In this case, Noah Kravitz worked for PhoneDog, which is an "interactive mobile news and reviews web resource." Kravitz worked as a reviewer and video blogger. He used the "@PhoneDog_Noah" twitter account, and it amassed approximately seventeen thousand followers. When he left, PhoneDog asked for the account "back" but he demurred, instead changing the account handle from @PhoneDog_Noah to "@noahkravitz". PhoneDog sued, asserting claims for (1) misappropriation of trade secrets, (2) interference with economic advantage; and (3) conversion.
Trade secret claim: Kravitz argued that there was no "trade secret" information, because the followers of the account are not secret and are publicly discernable. The passwords he argued merely allow an individual logging on to the account to view the publicly known follower information. He also argued that PhoneDog did not adequately safeguard the password information and treat is a trade secret. The court punts on the issue and says:
PhoneDog has sufficiently described the subject matter of the trade secret with sufficient particularity and has alleged that, despite its demand that Mr. Kravitz relinquish use of the password and Account, he has refused to do so. At this stage, these allegations are sufficient to state a claim. Further, to the extent that Mr. Kravitz has challenged whether the password and Account followers are trade secrets and whether Mr. Kravitz's conduct constitutes misappropriation requires consideration of evidence beyond the scope of the pleading.
Economic advantage claim: The court rejects the interference with economic advantage claim, saying that PhoneDog's allegations were muddled on this issue. It was unclear as to whether PhoneDog was saying Kravitz interfered with PhoneDog's relationship with account followers or with its subscribers or consumers more generally. The court also says PhoneDog failed to connect the dots with respect to any harm based on advertiser relationships, or even any economic harm generally. [I hope PhoneDog was not making a claim based on its vicarious relationship with followers of the @PhoneDog_Noah Twitter account--we all know how tenuous social media relationships are!]
Conversion: The court declines to dismiss the conversion claim, saying that PhoneDog alleged it had the right to possession over the account, and "the nature of that claim is at the core of this lawsuit and cannot be determined on the present record."
__
This is the scenario that many people speculated about when Rick Sanchez left CNN--would Sanchez get to keep his Twitter account? ("Who 'Owns' A Twitter Account: Employer Or Employee?") Sanchez ultimately kept the account and changed the name. (See: "Ex-CNN anchor Sanchez keeps his Twitter account, changes the name.") I don't think this decision does much to move the needle either way, as it punts on the bulk of the issues.
I end up somewhat skeptical on both of PhoneDog's remaining claims.
Was the password really a trade secret? Is an account's follower list a trade secret? Social media account information does not fit nicely within the trade secret box. "Customer lists" historically were a classic trade secret, but when customer lists are now published publicly and capable of being mined, does that concept go away? Even if the list were public, could anyone "download" the list? Could Noah have contacted the list any other way than through the account that he's supposed to turn over? What if Noah had posted a "goodbye" tweet saying "follow me at [new account name]"? With respect to the conversion issue, the court's analysis was disappointingly brief. It's interesting that, in this case, PhoneDog has its own Twitter account and this particular account was one set up specifically for Kravitz--it's not as if he took the company's one and only Twitter account. One other claim you often see discussed in this context is a trademark-based claim. Kravitz likely averted these by changing the name of the account, and presumably removing any PhoneDog branding elements.
The takeaway is to have a written agreement that governs this issue! I blogged about a case last month where a court resolved a social media/account ownership issue in favor of the employer, relying on a written agreement. ("Ex-Employee Converted Social Media/Website Passwords by Keeping Them From Her Employer--Ardis Health v. Nankivell.")
A somewhat interesting aspect of the dispute arose over the value of the Twitter account and followers, which was relevant to the issue of whether PhoneDog's claim for damages got over the $75,000 hurdle. (It had to satisfy the $75,000 jurisdictional threshold for diversity jurisdiction.) PhoneDog said it suffered $340,000 in damages. The account had 17,000 followers, "which according to industry standards, are each valued at $2.50." [I must admit that this caused an eyeroll.] PhoneDog said this translated into a monthly damage amount of $42,500 "for each month that [Kravitz] used the account." Kravitz on the other hand said that Twitter followers have discretion to subscribe or unsubscribe and therefore this valuation was suspect. He also argued that the value in any Twitter account "comes from . . . efforts in posting tweets and [an] individual's interest in following . . . not from the account itself." According to him, there's no evidence that an account even with a significant number of followers has any ongoing value. The court does not resolve this issue, instead finding that PhoneDog alleged enough to get over the $75,000 jurisdictional threshold. These arguments really made me wonder whether the parties were spending money on the dispute in excess of the assets they were fighting over. As in many business break ups, emotions tend to run high. This was surely a contributing factor. This case has mediation written all over it.
Related posts:
"Ex-Employee Converted Social Media/Website Passwords by Keeping Them From Her Employer--Ardis Health v. Nankivell."
Court Declines to Dismiss or Transfer Lawsuit Over @OMGFacts Twitter Account -- Deck v. Spartz, Inc.
Posted by Venkat at 07:13 AM | Licensing/Contracts , Trade Secrets , Trespass to Chattels
November 09, 2011
Employers Demanding the Right to Remotely Wipe Employees' Phones?
By Eric Goldman
I got the following email from one of my students (I edited a little to increase the anonymity):
Recently, my spouse's company announced that it is going to implement a new policy regarding those employees using their mobile devices to check company email. These phones are personal phones, and not provided by the company. What they are proposing is that my spouse sign a release that states that the Company has the right to remotely wipe the phone (restoring it to factory settings) if they feel that any of their trade secrets have been compromised, or if the spouse loses/misplaces the phone.
My problem with this is that these are personal phones with personal information not connected to her work. Does her company have the right to wield such power, or is this over doing it?
This was the first time I'd ever heard of such a provision. Has this become a new standard, or is this company over-the-top hyper-protective of its trade secrets?
As an employee, I would not sign such a release. Further, if I were the employer, I would be reluctant to rely on the release, even if signed, to actually wipe a former employee's phone. If the employee challenged the wipe in court, I would imagine many judges would be reluctant to enforce the release, motivating them to look for reasons not to do so. If nothing else, there's a major due process problem (in the equity sense, not the legal sense). The company is the judge, jury and executioner without ever proving trade secret misappropriation, and carrying out the remote wipe could cause catastrophic data losses for the employee (and possibly for a subsequent employer). This just seems like a bad idea all around.
Please email me if you've seen a provision like this in the field before or if you know of any cases/statutes that address the situation. In the email, let me know if I can repost your email here.
_____
UPDATE: I got this response: "For what it is worth, my firm has a similar policy, though as far as I know it is only enforced technologically (by installation of remote management software) rather than by written agreement. Of course, we can opt out by using a firm-provided blackberry instead of checking work email on our personal phones; perhaps mitigating the sting somewhat."
UPDATE 2: Another response: "These are fairly common provisions to ensure the ability to protect company/client secrets if the phone is lost. Like your other commenter said, these agreements only are usually required for personal devices only when they are allowed as an option to company-provided devices. In that instance, you consent to the wipe in exchange for the convenience of carrying around only one device instead of two. The interesting legal question comes when the firm only pays for email, but retains the contract with the service provider, where you can get a Quon-like situation and potentially a claim against the company for accessing phone records even though they’re not paying for it (recall that the 9th Circuit’s SCA portions of Quon were not part of the Supreme Court’s opinion). But something to think about when you give your company access to your device."
Eric's additional thought: I'm still not seeing how the ability to remote-wipe the company-provided device prevents the leakage of trade secret info. I assume there are still ways to move trade secret information off the device...? I know some companies have developed blocking technology to prevent data leakage through forwarding emails and downloading to flash drives, and I assume this blocking technology would be on the company-issued device. But I have been skeptical that such blocking technology works very well.
UPDATE 3: Another response:
I know some employers believe they are making this 'enforceable' by requiring that the security settings be set on the phone in such a way that they can do the wipe (and effectively the employee hands the security PW of one's personal phone over to one's employer -- which to me is even more dangerous than the notion of letting them wipe it).
It does seem rather silly though in a day when many of us have our entire phone content backed up regularly, either on our home computer or now on iCloud or its equivalents -- and I know of no wiping system that would reach out to those backup copies. (And, since virtually all of our workplace emails are set up with a web-based reader anyway, or some other connection that bypasses the hyper-security of a direct connection to Exchange or whatever might be used, it's all kind of moot in the end.)
Yours is the first example I'd heard of a piece of paper on top of it all -- although I'm not surprised to hear of such. The 'policy' such as it is was often ad hoc created by the IT group, or at best a policy of the company without necessarily getting a firm OK from the employee for the right to mess up his whole life to protect the purported trade secrets. And, to be clear, apart from this piece of paper, I've been seing this going on for many years -- essentially about the time BlackBerry introduced the ability to do such a thing.
Regardless, I've seen the consequences personally when I left my last job, where I had a personal phone (albeit one I had reimbursed by the employer) that was mixed use -- job and personal -- and the realization that as I left the only way to do it was to have it all wiped out. In new job I've gone the inconvenient path of carrying the work-owned BlackBerry, which is 100% work, and my own personal smartphone, which is 100% me. And, in doing so, I've actually discovered a new joy -- There are many times I now leave the work phone at home, and I have a little more control over my life as a result as I'm not being pinged by workers 24/7. (They don't all necessarily know I'm not paying attention, which is even better.)
UPDATE 4: Another response:
This is probably more common than you might think because remote wipe of phones is a standard feature that comes with Microsoft Exchange these days. I've worked at Hewlett-Packard, Microsoft and Amazon, and all of them were set up to where they could remotely wipe your phone via Exchange if you set it up to work with corporate e-mail, regardless of whether or not the phone was personal or company owned.
In my employment contracts, there was usually a clause that said that if I put company data on a device that I personally own, that the company has the right to audit and remove data from said machine, but I have no clue how enforceable that might be....Since I work with a lot of source code for my profession, this doesn't seem that unreasonable to me.
UPDATE 5: Another response:
Such policies and the technology that enables them have become commonplace in large enterprises. Most businesses see such a policy as a trade off for not allowing the employee to use his phone for work at all. In other words, they allow the employee to use their personal phones for work purposes, but require that they submit to searches and remote wiping. Not only is there an element of trade secret protection, but also the issue of breach notification for loss of personal information under state breach notification laws, GLBA, or HITECH.
In fact, there are some applications out there that create a sandbox environment for the employer’s email, calendar, and other information and only allow partial deletion. Good for Enterprise is one such solution, though there are others. However, as you can imagine, there are a lot of issues to work through. The application on these devices can collect location information, IP address, unique device id, etc. Additionally, there are issues with employees giving consent for these types of policies in the EU. Though not impossible, most EU Data Protection Authorities view consent in workplace as coerced, therefore, not freely given. (more on that in the Article 29 Working Party documents WP48, WP114, and WP187)
When I looked into this issue, I did a brief search for cases on this issue but I was not able to find any. There are no statutes that I am aware of that would be directly on point.
UPDATE 6: Another response: "I was at a firm that did this and never thought it was a big deal. My firm gave attorneys two options for mobile devices: you could get a firm-owned Blackberry or receive your firm email on your own personal Blackberry/iPhone. If you brought your own device you agreed to allow them to remote wipe it if you reported the device as lost. I understood the intent to be preventing accidental release or discovery of confidential client information, not to prevent attorneys from deliberately leaking info; there were plenty of other ways to do that if someone wanted. I considered it a useful policy, since if I lost my phone I would want my information deleted anyway. (For what it's worth, when I left they didn't bother to/remember to wipe my phone.)"
Eric's response: I wonder if lawyers acquiesce to this concept more willingly because we are so attuned to the protection of client confidences anyway.
Posted by Eric at 09:52 PM | Trade Secrets | TrackBack
October 15, 2011
Q3 2011 Quick Links, Part 5
By Eric Goldman
See the other quick links posts in this series:
* Q3 2011 Quick Links, Part 4
* Q3 2011 Quick Links, Part 3
* Q3 2011 Quick Links, Part 2 (Trademarks/Domain Names Edition)
* Q3 2011 Quick Links, Part 1 (Copyright Edition)
Trade Secrets
* Congressional proposal to add a private cause of action to the federal Economic Espionage Act. David Almeling supports the general idea. My take from an email list:
I don't understand the incremental value of a federal private cause of action beyond the current state laws for the described situations. I also wonder if this is the beginning of the end for federal deference to state regulation of trade secrets. If the amendment get adopted, it would be entirely logical to see the restrictions relaxed over time to make it into a general-purpose private right of action for any trade secret misappropriation. For an analogous regulation, see the significant expansion of the CFAA over the past quarter-century, and especially the growing number of cases involving CFAA violations because former employees continued to access their former employees' hardware (and, presumably, misappropriate trade secrets).
* Mattel's lawsuit against MGA over the Bratz dolls has gone sour for Mattel in a big way. It was hit with another $225M in damages, bringing the amount it owes MGA to $310M. Oops.
* Probation for two individuals in the first lost iPhone prosecution, but no charges against Gizmodo. Yet, somehow, Apple apparently lost yet another "priceless" iPhone prototype at a bar.
Patents
* Bessen et al, The Private and Social Costs of Patent Trolls:
In the past, non-practicing entities (NPEs) — firms that license patents without producing goods — have facilitated technology markets and increased rents for small inventors. Is this also true for today’s NPEs? Or are they “patent trolls” who opportunistically litigate over software patents with unpredictable boundaries? Using stock market event studies around patent lawsuit filings, we find that NPE lawsuits are associated with half a trillion dollars of lost wealth to defendants from 1990 through 2010, mostly from technology companies. Moreover, very little of this loss represents a transfer to small inventors. Instead, it implies reduced innovation incentives.
* Joe Mullin is blogging again on patent matters, especially NPE issues! From his blog, check out his co-blogger's post on Innovatio, which is sending licensing demands to hundreds of companies who are offering industry-standard wi-fi to consumers.
E-Commerce
* After tossing its CA affiliates aside like rag dolls, Amazon and CA struck a deal on sales taxes that reinstated its CA affiliates (1, 2).
* Businesses using Groupons may be getting lower Yelp reviews.
* Dan Ariely deconstructs online retailers and websites to show how they are using psychological forces to get us to do what they want.
* Earll v. eBay, 5:11-cv-00262-JF (N.D. Cal. Sept. 7, 2011). eBay could be exposed to claims under the Disabled Persons Act and the Unruh Act.
* Foley v. JetBlue Airways (N.D. Cal. Aug. 3, 2011). Federal aviation law preempts California law regarding disability accessibility to airline website.
* Weinstein v. eBay. StubHub wins an anti-scalping case under New York law.
* NYT: Good example of how a properly managed consumer review website can improve marketplaces.
Contracts
* David Stebbins is at it again. He sued Google to enforce his purported $500 billion arbitration win. The magistrate recommended dismissing the case as frivolous. Stebbins sued Microsoft too; see the long interview with him and a link to his video.
* Davis v. Avvo, 8:10-cv-02352-JDW-TBM (M.D. Fla. Sept. 13, 2011). Forum selection clause in Avvo’s user agreement upheld.
* Fusha v. Delta Airlines (D. Md. Aug. 30, 2011). Venue selection clause in check-the-box user agreement upheld.
* TradeComet.com LLC v. Google, Inc., 2011 WL 3100388 (2nd Cir. July 26, 2011): "a district court is not required to enforce a forum selection clause only by transferring a case pursuant to § 1404(a) when that clause specifies that suit may be brought in an alternative federal forum. Rather, in such circumstances, a defendant may seek to enforce a forum selection clause under Rule 12(b)."
A separate summary order upheld the applicability of Google's forum selection clause against TradeComet. The court says Google's clause doesn't overreach because "Google unquestionably holds a ‘special interest’ in making sure that it is not subject to suit in numerous different fora for claims arising from its agreements with over a million advertisers."
* Marso v. United Parcel Service, Inc., No. 09 CVS 2582 (N.C. App. Ct. Sept. 20, 2011). UPS required customers to go through a mandatory clickthrough agreement on computers in its store, but...
plaintiff asserts that defendant's employee entered the information into the computer, and that "[n]o one advised [plaintiff], orally or in writing, about any UPS Tariff, waybill, or service guide," or advised him that he could request a copy of the same….plaintiff suggests by his argument that he did not assent to the terms of service identified in the UPS Tariff, which would limit defendant's liability for the fraudulent cashier's check collected by defendant upon delivery of plaintiff's package to Mr. Thompson, and instead asserts that he formed an oral contract with defendant's employee which obligated defendant to be liable to plaintiff for $12,145.00 without limitation. Thus, there appears to be a genuine issue as to whether plaintiff assented to be bound by the limiting terms of the UPS Tariff, and whether defendant presented plaintiff with actual or constructive notice of the terms set forth by the UPS Tariff.
* Truong v. eBay, Inc., 2011 WL 3716999 (Cal. App. Ct. Aug. 24, 2011). This is a busted eBay Motors transaction where eBay warned the winning buyer not to complete the transaction and the seller sued for tortious interference with contract:
eBay raised the immunity provision of the federal Communications Decency Act (47 U.S.C. § 230). As appellant pointed out to the trial court, and as that court ruled, the pertinent provision of that statute makes the law applicable to an action taken by an internet service provider to restrict access to or availability of material that is obscene, harassing, “or otherwise objectionable.” The conduct alleged against eBay was not editing or policing content of items posted on its marketplace, but interfering with a contract. (See 47 U.S.C. § 230(c)(2)(A).) eBay does not urge this ground in its respondent’s brief.
* Added to my RSS feed: The Tech Contracts Blog by David Tollen.
Miscellaneous
* ABA Journal on electronic service of notice.
* James Grimmelmann's Internet Law casebook.
* On TWiL in late August, I discussed privacy and MP3Tunes with Denise Howell, Evan Brown and David Snead. The recording.
* Top 15 most popular "Damn You Auto Correct" postings of all time. Hilarious.
* Good news: I will receive the 2011 "IP Vanguard Award" (in the Academic/Public Policy category) from the California State Bar's IP Section.
Posted by Eric at 07:02 AM | E-Commerce , Licensing/Contracts , Patents , Trade Secrets | TrackBack
August 04, 2011
Idea Submission Case Revived Against MySpace--Riggs v. MySpace
By Eric Goldman
Riggs v. MySpace, Inc., 2011 WL 3020543 (9th Cir. July 25, 2011)
Riggs created a popular MySpace page, only to have MySpace delete it twice. Not pleased by that turn of events, for years Riggs has been doggedly pursuing a lawsuit against MySpace pro se. Two years ago, the district court unceremoniously bounced her lawsuit relying, in part, on a novel reading of 47 USC 230(c)(1). The Ninth Circuit upheld the 230 ruling on appeal:
The district court properly dismissed Riggs’s negligence and gross negligence claims, arising from MySpace’s decisions to delete Riggs’s user profiles on its social networking website yet not delete other profiles Riggs alleged were created by celebrity imposters, because these claims were precluded by section 230(c)(1) of the Communications Decency Act. See Fair Hous. Council of San Fernando Valley v. Roommates.com, LLC, 521 F.3d 1157, 1170-71 (9th Cir. 2008) (en banc) (“[A]ny activity that can be boiled down to deciding whether to exclude material that third parties seek to post online is perforce immune under section 230.”).
Another Roommates.com citation for the defense. But, as I explain in my prior blog post, I think this should have been a 230(c)(2) dismissal, not a 230(c)(1) dismissal.
The court also rejected her claim for “promissory fraud breach of contract claim” (whatever that means) for lack of cognizable damages.
However, in an unexpected turn, the court revived her idea submission claim (an implied-in-fact contract breach) "because Riggs alleged in her First Amended Complaint at paragraph 120 that she told the News Corporation’s executive’s assistant that she wanted to “sell” her ideas before she disclosed them." That's a pretty weak allegation made to a person who may lack proper authority to promise anything, so the court seemed mighty generous to Riggs in reviving the case. Nevertheless, this is consistent with California's amorphous idea submission doctrines. They can be a nice end-run to survive motions to dismiss because, by definition, the parties are likely to dispute the facts in an implied-in-fact contract. Sadly, the Ninth Circuit recently expanded the idea submission doctrines in the Larry Montz case (mentioned here), so expect more weak idea submission claims to get further in litigation than they should.
Although the idea submission claim wasn't really a workaround to 47 USC 230, I think this case bears some parallels to Barnes v. Yahoo. In both cases, 47 USC 230 emphatically closed some doors to plaintiffs, but squishy state law doctrines opened other doors for the plaintiffs. It's a good reminder why 47 USC 230 works so well. Because it has so few exceptions, it ends cases cold. Fluffy doctrines like promissory estoppel and implied-in-fact contracts make it hard for judges to cleanly end cases early.
Eriq Gardner's story on the case.
Posted by Eric at 05:18 PM | Derivative Liability , Licensing/Contracts , Trade Secrets | TrackBack
June 06, 2011
April-May 2011 Quick Links, Part 3
By Eric Goldman
Search Engines
* Google is working on a deal with the DOJ over illegal pharmaceutical ads and has set aside $500M for fines. Some background on the problem. Google isn’t the only search engine with problematic pharmaceutical ads. Will the other companies be getting the DOJ’s call too?
* Kevin Kelly: "This is the great gift of the free web. It has made some goods so cheap to acquire -- like answers, encyclopedia facts, directions, weather reports, recommendations -- that we generate entirely new realms of activity by doing far more of them. More is different. We ask so many more questions than before that this ask-and-answer is something new. Have you ever wondered where all our questions were before search engines? We didn't even bother to ask them."
* Vitaly Borker, who tried to game Google’s algorithm by seeking out bad consumer reviews, will be going to prison.
* Google won ALM's Best Legal Department in 2011. This article has a great inside look at Google’s legal department and how it makes decisions.
* More winners and losers from Google's algorithmic update.
* Latest antitrust enforcement challenge for Google: South Korea.
* More search censorship in Argentina. The ruling in Spanish.
* Yahoo changed its search log retention period from 3 months to 18.
* Market America is appealing its court loss to Google to the Third Circuit. Most recent blog post.
* Apple jiggers with the ranking algorithm for apps in its app store.
* CNET: “Bing head says 'traditional search' is dying.”
* Realcomp II, Ltd v. FTC, 11a0084p.06 (6th Cir. April 6, 2011). A monopolistic real estate electronic network violated antitrust laws when it provided only limited syndication of real estate listings subject to non-standard brokerage fee arrangements. Implications for Google?
* JC Penney’s 90 day timeout from Google for black hat SEO appears to be over.
* Gord Hotchkiss: “Why Results Quality Is So Important to Search Engines”
Privacy and Security
* Facebook tried to conduct a whisper campaign to bash Google on privacy. That backfired. Steven Levy: “Facebook’s Stealth Attack on Google Exposes Its Own Privacy Problem.” Danny Sullivan: “How Facebook Enables The Google Social “Scraping” It’s Upset About.”
* Not everyone loves the WSJ “What They Know” series.
* Kate Kaye of ClickZ on which of the half-dozen Congressional privacy bills the ad industry should favor.
* WSJ: Schmidt: Google Trying to Simplify Privacy Policies, but Lawyers Get In the Way.
* Less than 1% of Firefox users are using Do Not Track TPLs.
* Third party misuse of an open wifi leads to an unhappy wake-up call for the wifi owner.
* FTC gets $3M settlement from Playdom for COPPA violations. Among other purported defects, Playdom asked kids their ages and purported to bounce underage kids, but gave those kids the option to proceed just by checking a box rather than obtaining verifiable parental consent.
* An IP address can now pin down your location to within a half mile.
* The Sony Playstation hack of 70M member records will probably make my year-end list of top 10 Internet law developments. This event will be horking the law for the better part of a decade.
* EFF on how the Kerry-McCain privacy bill would preempt state law.
* Apple tried to squash the Mac Defender malware in its latest operating system release, but didn't get very far. Microsoft has made such benevolent dictatorship decisions before as well.
Publicity Rights and Trade Secrets
* Reality TV show participants were sued for prematurely revealing the show's outcome (in a lawsuit over the show's alleged failure to pay). See my first year Contract Law problem on maintaining secrecy in reality TV shows.
* Stars on the red carpet grant an implied license to their publicity rights in photos taken there.
* Basketball player Chris Bosh sues the mother of his child to prevent her from appearing in a reality TV show “Basketball Wives.”
* Larry Montz v. Pilgrim Film and Television, 08-56954 (9th Cir. May 4, 2011). In an idea submission case, “We again hold that copyright law does not preempt a contract claim where plaintiff alleges a bilateral expectation that he would be compensated for use of the idea, the essential element of a Desny claim that separates it from preempted claims for the use of copyrighted material.” The panel also reversed the district court conclusion that a “breach of confidence” claim was preempted.
* Many publicity rights complaints over Facebook's "Sponsored Stories": Fraley v. Facebook; JN v Facebook; and EKD v. Facebook. Filings in the Cohen v. Facebook case: motion to dismiss and supplemental brief on 47 USC 230.
* Litigation over Donald Trump’s licensing of his name to home developers. Interesting issues about a trademark licensor’s liability for a licensee’s activity and liability by endorsers for bum offerings.
* MGA spent $130M in its legal battle with Mattel.
Posted by Eric at 07:19 AM | Privacy/Security , Publicity/Privacy Rights , Search Engines , Trade Secrets | TrackBack
March 01, 2011
Jan.-Feb. 2011 Quick Links, Part 3 (Trademarks, Domain Names and Trade Secrets Edition)
By Eric Goldman
Trademarks and Domain Names
* From my perspective, the Department of Homeland Security (DHS) domain name seizures are one of the US government’s top 5 all-time worst assaults on the Internet’s integrity. DHS’s ICE division is grabbing domain names—the virtual equivalent of printing presses—citing half-baked legal theories and poorly researched factual claims without any advance notice or adversarial proceedings. This is exactly what we expect our government won’t do.
Yet, I haven’t seen a proportionate blowback. Why aren’t affected domain name owners suing the government for improperly seizing their printing presses? (This takes me back to the 2-decade-old Steve Jackson Games case and the EFF’s founding). Why aren’t there Congressional hearings asking DHS to defend its behavior? Where aren’t other parts of the administration forcing DHS to justify itself? Why aren’t judges pushing DHS to do a better job of demonstrating their cases on an ex parte basis? I’m a little baffled why there hasn’t been a revolt against the DHS’s baldfaced abuse of government power. I confess I’m part of the problem in that I haven’t grabbed the pitchforks either, but I’m not sure how I can best help. If you have any thoughts, I’d welcome them.
A linkwrap on this topic:
- Techdirt raises some general questions.
- One of the DHS affidavits. Techdirt deconstructs it.
- Sen. Wyden seems like our only legislator paying attention.
- Wendy Seltzer explores the due process problems.
- An ICE representative tried to defend its actions, with no success.
- Another 18 names seized.
- In a crackdown aimed at child porn, DHS took down 84,000 websites "by mistake." This is exactly the kind of “mistake” that would not happen if due process were followed and speech restrictions were subject to adversarial proceedings.
- EFF on what the repeated DHS screwups teach us about the "wisdom" of COICA:
- Techdirt: “ICE Boss: It's Okay To Ignore The Constitution If It's To Protect Companies”
* Private Career Training Institutions Agency v. Vancouver Career College (Burnaby) Inc., 2011 BCCA 69 (BC Ct. App. Feb 11, 2011): "The burden was on the appellant to satisfy the judge that there were reasonable grounds to believe that the respondents’ use of keyword advertising was actually or potentially misleading. He found as a fact that the appellant had not established that the respondents’ keyword advertising was actually or potentially misleading. He stated that the appellant had not persuaded him that the respondents’ use of its competitors’ names in keyword advertising “could...lead a student astray or into making a harmful error of judgment”. There was evidence to support those findings."
* NY S953: New York is trying yet again to ban domain name sales to terrorist groups. My prior blog post.
* Kim v. Coach: class action suit for Coach sending trademark takedown notices to eBay for the resales of legitimate goods. AP story.
* Joe Mullin recaps our efforts to crack open the Rosetta Stone v. Google joint appendix.
* LinkedIn allows ad targeting by company name. Competitive poaching, anyone? Will they be the newest defendants in keyword ad lawsuits?
* Rebecca covers an interesting and complicated dispute over a comparable drug being linked to a patented drug in a pharmaceutical reference database, with some parallels to keyword advertising.
* The Supreme Court denied certiorari in the latest appeal in Moseley v. V Secret Catalogue Inc. Prof. McCarthy on the ruling for which certiorari was sought.
* Law.com: Digital Chocolate and Zynga Settle over 'Mafia Wars'
* Ford sues Ferrari for naming one of its race cars "F150" in celebration of Italy's 150th anniversary of unification.
* Subway seeks to trademark "footlong."
* Las Vegas Sun: Double Down Saloon v. Double Down Lounge.
* Technolawyer tries to enforce a trademark in “SmallLaw.”
* Fleischer Studios v. AVELA (9th Cir. Feb. 23, 2011). The Ninth Circuit says that the Betty Boop character is in the public domain. This is quite a remarkable opinion, but I particularly call your attention to the discussion about trademarks and merchandising (cites omitted):
Even a cursory examination, let alone a close one, of “the articles themselves, the defendant’s merchandising practices, and any evidence that consumers have actually inferred a connection between the defendant’s product and the trademark owner,” reveal that A.V.E.L.A. is not using Betty Boop as a trademark, but instead as a functional product. Just as in Job’s Daughters [a 1980 9th Circuit case the majority cites even though it wasn't cited by either party or the district court], Betty Boop “w[as] a prominent feature of each item so as to be visible to others when worn . . . .” A.V.E.L.A. “never designated the merchandise as ‘official’ [Fleischer] merchandise or otherwise affirmatively indicated sponsorship.” Fleischer “did not show a single instance in which a customer was misled about the origin, sponsorship, or endorsement of [A.V.E.L.A.’s products], nor that it received any complaints about [A.V.E.L.A.’s] wares.”...“The name and [Betty Boop image] were functional aesthetic components of the product, not trademarks. There could be, therefore, no infringement.”
The court goes on to discuss Dastar:
If we ruled that A.V.E.L.A.’s depictions of Betty Boop infringed Fleischer’s trademarks, the Betty Boop character would essentially never enter the public domain. Such a result would run directly contrary to Dastar.
I applaud the majority opinion's spirit, and this could be quite a revolutionary opinion if it truly sets Ninth Circuit precedent. However, I’ve repeatedly criticized the Ninth Circuit for making up the rules panel-by-panel (I know I'm not the only one), and I suspect this is just another one-off. Kate Spelman thinks this is a good case for en banc review (I agree).
* WSJ: A quick survey of major legal issues in franchising law.
* Meth Lab Cleanup LLC v. Spaulding Decon, LLC, 2010 WL 5572397(D. Idaho Oct. 25, 2010): "the mere fact that resulting harm from the alleged confusion over the contents of the parties' websites may be incurred by an Idaho company is not sufficient to show that Spaulding “directed” its conduct toward Idaho."
* Walgreens is elevating the profile of its house-branded products.
* Index of WIPO UDRP Panel Decisions
* Oddee: 12 Hilarious Knock-off Fails
Trade Secrets
* Has the original Coca-Cola recipe leaked out?
* Reality Blurred: The producers of Survivor sue over leaked information about the upcoming season, but they drop the suit once they learn the leak source.
* David S. Almeling et al, A Statistical Analysis of Trade Secret Litigation in State Courts
Posted by Eric at 01:44 PM | Domain Names , E-Commerce , Internet History , Trade Secrets , Trademark | TrackBack
January 02, 2011
Nov.-Dec. 2010 Quick Links, Part 5
By Eric Goldman
Taxes
* Amazon.com, LLC v New York State Dept. of Taxation & Fin., 2010 NY Slip Op 07823 (N.Y. App. Div. Nov. 4, 2010). A NY appellate court rejected Overstock's/Amazon's facial challenges to "affiliates tax" but revived the as-applied challenge. The court distinguishes between "solicitation" of business for Amazon (collection obligation imposed) and passive advertising for Amazon (no collection obligation), but doesn't clearly explain why Amazon affiliates are engaged in solicitation and not passive advertising. Among other things, the court says [I reordered quotes]:
An advertisement in a newspaper is clearly not solicitation, as it is geared to the public at large. Likewise, the maintenance of a Web site which the visitor must reach on his or her own initiative is not, under the statute, or the advisory opinions, a solicitation. On the other hand, the targeting of a potential customer by the transmission of an e-mail is no different from a direct telephone call or a mailing to a customer. Both constitute active initiatives by a party seeking to generate business by pursuing a sale...When a representative can only receive compensation for an actual sale, it is much more likely that the representative will actually solicit, rather than passively maintain a Web site.....Nevertheless, we remand for further discovery so that plaintiffs can make their record that all their in-state representatives do is advertise on New York-based Web sites.
Although I think the court's analysis is wrong, it is not fatal to affiliate programs. For example, it seems like Amazon could fix its program by (1) prohibiting email marketing by affiliates, or (2) moving to a CPC model for affiliates.
"If such retailers have total annual gross sales in Colorado of $100,000 or more, such retailers must: Provide notice with each purchase (the “transactional notice”). The transactional notice must:
• State that the retailer does not collect Colorado sales or use tax.
• State that the purchase is not exempt from Colorado sales or use tax merely because it is made over the Internet
or by other remote means.
• State that State of Colorado requires Colorado purchasers to file a sales or use tax return at the end of the year
for all taxable Colorado purchases that were not taxed, and pay tax on those purchases
• The notice must be easily seen and located near the total price.”
Miscellaneous
* Ars Technica on the Comcast/Level 3 spat. Is it a Net Neutrality red flag or a garden-variety peering disputes?
* Putting an end to one of the most over-hyped stories of the year, Craigslist shut down its adult services category globally.
In an unrelated development, Craigslist got a $6M+ judgment against ezadsuite.com, which "developed, advertised, and sold software programs to automate posting ads on Craigslist’s website and utilized other automated devices and related services meant to circumvent Craigslist’s security measures." This is one of those doctrinally troubling rulings that I choose to ignore because it's a default judgment. See the magistrate report and the judge's adoption.
* Latest NYT article hand-wringing about cyberbullying. WaPo has a myth-busting article on bullying.
* Specht v. Google, 2010 WL 5288154 (N.D. Ill. Dec. 17, 2010). Google wins a trademark battle over the term "Android." Some interesting parts:
- "on its own, the use of a domain name or e-mail address to identify an Internet host computer does not constitute a bona fide use in commerce. The use of a website address containing a trademark is not the same as use of the mark."
- "The androiddata.com website served as a remnant of a closed business. A "ghost site" such as this is not a bona fide use in commerce that can prevent the abandonment of a mark. The cost is small to maintain a domain name registration and host a several-page promotional website without e-commerce functionality, such as that which Plaintiffs contend existed at androiddata.com....Allowing a mark owner to preserve trademark rights by posting the mark on a functional yet almost purposeless website, at such a nominal expense, is the type of token and residual use of a mark that the Lanham Act does not consider a bona fide use in commerce."
* Oklahoma HB 2800: Executors can take over web accounts of the deceased.
* In theory ending another one of the year's most overhyped stories, the Borings got $1 for their trespass claim against Google. Previous blog coverage (1, 2, 3).
* Reuters: “A Reuters Legal analysis found that jurors' forays on the Internet have resulted in dozens of mistrials, appeals and overturned verdicts in the last two years.” Previous blog coverage.
* The Starwood v. Hilton Hotels corporate espionage lawsuit has settled. I tested this dispute on my IP course last year (see the exam and sample answer).
* California State Bar Standing Committee on Professional Responsibility and Conduct Opinion No. 2010-179:
Whether an attorney violates his or her duties of confidentiality and competence when using technology to transmit or store confidential client information will depend on the particular technology being used and the circumstances surrounding such use. Before using a particular technology in the course of representing a client, an attorney must take appropriate steps to evaluate: 1) the level of security attendant to the use of that technology, including whether reasonable precautions may be taken when using the technology to increase the level of security; 2) the legal ramifications to a third party who intercepts, accesses or exceeds authorized use of the electronic information; 3) the degree of sensitivity of the information; 4) the possible impact on the client of an inadvertent disclosure of privileged or confidential information or work product; 5) the urgency of the situation; and 6) the client’s instructions and circumstances, such as access by others to the client’s devices and communications.
* Another ill-conceived California law: large companies have to disclose on their websites their efforts to reduce slavery and human trafficking in their supply chains. Are you kidding me???
* Fun with Google Books Ngram viewer: cyberlaw vs. other terms; but different results when the terms are capitalized.
* Inside Higher Ed: "professors ‘caught on tape’ is a growing genre, and some think it could have a chilling effect on academe."
* HuffPost: You're Out: 20 Things That Became Obsolete This Decade.
* Tell your favorite male bloggers (besides Venkat and me, of course) how you really feel about their strengths.
Posted by Eric at 07:54 AM | E-Commerce , Marketing , Privacy/Security , Trade Secrets | TrackBack
September 24, 2010
Availability of Client Data on LinkedIn, Facebook, and Google Sinks Trade Secrets Claim -- Sasqua Group v. Courtney
[Post by Venkat with a brief comment from Eric]
Sasqua Group, Inc. v. Courtney, 2010 WL 3613855 (E.D.N.Y. Aug. 2, 2010)
Background: Sasqua Group and its principal (Tors) ran a executive search consulting firm for professionals in the financial services industry. They work with "a small group of high-caliber clients, including . . Barclays Capital, The Royal Bank of Scotland, Nomura American Holding, Inc. . . . " In 2000, Sasqua took on Lori Courtney (Tors's niece) as a consultant. Sasqua claimed that Courtney ran the day-to-day affairs of Sasqua and lacked experience when she came to work for Sasqua. Courtney's version differed.
In 2008, Tors and Courtney negotiated but did not enter into a partnership agreement and continued to work together. [If this isn't a red flag for a dispute in the future, I'm not sure what is.] Courtney continued to work with Sasqua under a consulting agreement which was renewed annually. In 2009, despite the lack of a partnership agreement, Tors and Courtney started sharing profits and expenses of Sasqua. In early 2010, Courtney resigned from Sasqua and formed Artemis Consulting. Within the week, three Sasqua recruitment consultants advised Sasqua that they were leaving to work for Courtney at Artemis. Tors contacted Sasqua clients to let them know of Courtney's departure, and one of the clients (Standard Charter) told Tors that it already know what was going on. Predictably unhappy, Tors sued Courtney and Artemis. Sasqua asserted a variety of claims, but sought an injunction to prevent Courtney's communication with Sasqua's "client contacts" (i.e., particular individuals at companies who were in charge of hiring companies such as Sasqua and Artemis).
The Court's Decision: Since Sasqua did not have a non-competition or a non-solicitation agreement with Courtney, it was left to rely on a trade secrets claim based on its client list. This claim did not fare well.
The key issue the court focused on was whether the information sought to be protected as a trade secret was known outside the business or readily ascertainable. Courtney argued that the information Sasqua sought to protect was freely available, or available with little efforts through using sources such as LinkedIn, Facebook, and Google:
virtually all capital markets personnel have their contact information on Bloomberg, LinkedIn, Facebook or other publicly available databases, including the firm's own media advertising.
Sasqua argued that it developed database software which kept track of client contacts and preferences. Unfortunately for Sasqua, Courtney was adept at finding information on the internet, and her in-court demonstration of how to find out information that Sasqua claimed was a trade secret seemed to have impressed the court:
Courtney . . . described a . . . process that she would utilize if she were approached by a foreign exchange trader who was looking for a position at Nomura and if she were starting from scratch. Going to Google first this time, Courtney typed in the phrase "global head of FX in Nomura." Approximately 72,400 hits came up, the first of which was entitled "Nomura Appoints Head of Fixed Income Research." . . . Courtney next went to Bloomberg.com . . . Doing a search on Bloomberg, Courtney was able to find the direct phone number for Gladwin at Nomura's offices in London, the London address itself and Gladwin's direct e-mail address. The Bloomberg site also allows the user to send an instant message to Gladwin . . . .
Courtney also explained how such a search could be conducted on LinkedIn, which she described as being "like Facebook but for business" and as being more searchable than Bloomberg "because people put their whole profile on LinkedIn."
The court also credits her testimony on the availability of contact information and professional details on the internet:
[i]t used to be years ago, that people were very protective about their resumes and personal information because no one ever wanted their employer to get wind that they were looking for another job . . . [now] everyone . . . puts it out there for the world to see because people want to be connected now. People want to know - - people want the recruiters knowing who they are and how to find your information and how to find them if they have a good opportunity.
Sasqua argued that although contact information for certain decision-makers may be readily ascertainable, things like the chain of command, placement preferences, and histories were not. The court held that Sasqua failed to put forth evidence in support of this. Additionally, the court sided with Courtney on the issue of whether Sasqua undertook reasonable measures to protect the secrecy of the alleged trade secrets. Courtney submitted a declaration from Sasqua's computer technician that Sasqua actually misappropriated the client list from its prior employer and that Sasqua was "extremely lax" in its efforts to safeguard the data.
___
In the modern era where professional networking on the internet is the norm, things like client lists will become increasingly difficult to protect as trade secrets. If the information you are seeking to protect as a trade secret is available on the internet (and the defendant can access it with clean hands), you're going to have an uphill battle. (But see Hirel Connectors, Inc. v. United States, 2004 U.S. Dist. LEXIS 31036 (C.D. Cal. Jan. 23, 2004) ("This Court declines to hold that information that becomes publicly available on the Internet can never be a trade secret under California law.").) Also, as more information that may fall into the trade secrets category is in electronic form, efforts to protect its secrecy will be important. Allowing employees at the company to freely access information that a party later claims is a trade secret will put the party in an awkward position.
Additional coverage: 3 Geeks and a Law Blog ("Thanks to LinkedIn, Your Client Database May Not Be a Trade Secret").
______
Eric's comment: This case reminds me a lot of the classic trade secret case Gary Van Zeeland Talent, Inc. v. Sandas, 84 Wis. 2d 202 (1978). In that case, Van Zeeland took in a young apprentice Sandas, taught him the business (in that case, booking bands at music venues) and then saw Sandas leave only to go into competition with his former mentor. As Sandas walked out the door, he grabbed a list of contacts at the various music venues. Ultimately the court concludes that the information wasn't protectable as a trade secret because it would be simple to recreate that list. This was back in the 1970s, when in fact it was comparatively hard to put together contact lists. In the digital age, where people and businesses publish detailed profiles implicitly describing what they are looking to buy and sell, it will become increasingly harder for many businesses to claim their contacts/customer lists as trade secrets.
Posted by Venkat at 10:24 AM | Trade Secrets
August 09, 2010
July 2010 Quick Links, Part 1 (IP Edition)
By Eric Goldman
Trademarks
* Rebelution, LLC v. Perez, 2010 WL 3036217 (N.D. Cal. July 30, 2010). The plaintiff is a band named Rebelution. The defendant is a music performer named Pitbull who released an album "Pitbull Starring in Rebelution" without intending to reference plaintiff. No summary judgment to defendant. Wikipedia has a disambiguation page for "Rebelution."
* Southeastern Pennsylvania Transportation Authority v. Mednick Mezyk & Credo (E.D. Pa. complaint filed June 21, 2010). Interesting trademark lawsuit. A government transit authority, SEPTA, has sued personal injury lawyers for the ways they advertise that they represent plaintiffs against SEPTA. I think SEPTA has a tough argument, and they sure look thin-skinned.
* Ryan Gile: "New York New York Hotel/Casino Successfully Hijacks NewYorkNewYork.com"
* Can Chevrolet get people to stop calling it "Chevy"? Not likely.
* The latest article addressing the Trademark Use in Commerce debate: Lee Ann W. Lockridge, When Is a Use In Commerce a Noncommercial Use?, 37 Florida State University Law Review 337 (2010)
Copyright
* The Copyright Office issued new circumvention exceptions for 17 USC 1201 exceptions. The EFF breaks it down.
* MGE UPS Systems v. GE Consumer and Industrial Inc., 08-10521 (5th Cir. July 20, 2010). A significant (and possibly incorrect) ruling on 1201: “Because the dongle does not protect against copyright violations, the mere fact that the dongle itself is circumvented does not give rise to a circumvention violation within the meaning of the DMCA.”
* Mattel Inc. v. MGA Entertainment Inc., 09-55673 (9th Cir July 22, 2010). Another Kozinski bull-in-the-china-shop opinion, it is studded with important legal statements. Among the most interesting: an employee agreement purporting to assign copyrights from the employee failed when the language read more like a patent assignment. But read the whole thing.
* Teter v. Glass Onion, Inc., 5:08-cv-06097-FJG (W.D. Mo. July 12, 2010). Troubling ruling. An art gallery selling an artist’s painting does not make a fair use when making and then publishing thumbnail images of the paintings on the gallery’s website. No first sale defense for making the thumbnail images, either, although I’m not sure how the gallery can advertise the paintings for sale online without the thumbnails. The trademark infringement claim for referencing the artist’s name also survives because of the possibility the gallery looked like an authorized dealer when it wasn’t.
* We learned how much the Viacom v. YouTube ruling cost Google: $100M. Can you imagine what good things might have come if YouTube and Viacom had poured their legal fees into innovation rather than litigation? Also, this is a prime example of just how much it costs when a well-funded company (Google) decides to treat a lawsuit as bet-your-business. No way that most start-ups could have coughed up $100M for the lawyers.
* Scott v. Scribd settled. My original blog post on the case.
* Cable v. Agence France Presse, 2010 U.S. Dist. LEXIS 73893 (N.D. Ill. July 20, 2010), A professional photographer’s claim for 17 USC 1202 for removal of copyright management information survives a motion to dismiss.
* Las Vegas Sun does a thorough expose on alleged copyright troll Righthaven (look at the "related stories" too).
* Copyright enforcement mill gets caught red-handed committing copyright infringement on its website. Whoops!
* SAP has stopped contesting liability in the Oracle/TomorrowNow lawsuit.
* Miller v. Facebook, 2010 U.S. Dist. LEXIS 75204 (N.D. Cal. July 23, 2010). A software copyright registration for a literary work (i.e., the source code) was sufficient to uphold a pleading that the defense infringed the software's look and feel (i.e., an audio-visual work). My most recent post on this case.
Other IPs
* Bimbo Bakeries v. Botticelli: Bimbo Bakeries [great TM!], makers of Thomas English Muffins, gets an inevitable disclosure injunction against a departed employee who knows how to make their "nooks and crannies" and went to a rival baker. See also this post from Trading Secrets.
* Agora Financial LLC v. Samler, WDQ-09-1200 (D. Md. June 17, 2010). This case is similar to the more high-profile Barclays v. theflyonthewall case. The newsletter publisher plaintiff provides stock recommendations to its readers; the defendant republishes the tips on TipsTraders.com. The magistrate rejects a default judgment against the defendant because (1) the hot news doctrine is preempted by copyright law, and (2) even if it isn’t, the “plaintiffs’ writers’ investment recommendations are copyrightable” and therefore ineligible for hot news protection. Ruh-roh. The judge should have stopped at #1. Even the plaintiff admitted that the recommendations were uncopyrightable facts. So now what? Does this now mean everyone who republishes the recommendations is a copyright infringer?
Posted by Eric at 01:25 PM | Copyright , E-Commerce , Trade Secrets , Trademark | TrackBack
April 27, 2010
Interesting Database Scraping Case Survives Summary Judgment--Snap-On Business Solutions v. O'Neil
[Post by Venkat, with additional comments from Eric below]
Snap-on Business Solutions Inc. v. O'Neil & Assocs., Inc. (N.D. Ohio April 16, 2010) [scribd]
Snap-on is one of those cases that's great because the court canvasses the various claims that come into play in the increasingly common scenario when someone accesses a computer or network to extract data following termination of (or outside of) a contractual relationship. (The practice of extracting data from a website is commonly known as 'scraping'.) The court punts based on the existence of factual disputes, but the court's order is well worth a read just because it lays out the issues and theories.
The background facts are straightforward. Mitsubishi hired Snap-on to build a database of parts data which Mitsubishi dealers could then access online. Mitsubishi provided the underlying documents and images (parts information) to Snap-on, who converted them and built a "searchable database with linked data and images." At some point, Mitsubishi decided to move the parts database over to O'Neil, instead of Snap-on. When Mitsubishi asked for a copy of the database, Snap-on predictably declined. Snap-on told Mitsubishi that Mitsubishi could have the database, but would have to pay an extra fee. Meanwhile, O'Neil, Mitsubishi's new vendor suggested that it could extract the data from Snap-on's servers using O'Neil "scraper tool." O'Neil ran the scraping program, and used log-ins provided by Mitsubishi in the process of gathering the data. According to testimony from Snap-on, O'Neil's access of Snap-on's website caused Snap-on's website to "crash" in at least one instance.
Snap-on sued O'Neil (and interestingly not Mitsubishi) alleging Computer Fraud and Abuse Act, trespass to chattels, unjust enrichment, breach of contract, copyright infringement, and misappropriation of trade secrets.
Computer Fraud and Abuse Act: The key question on the Computer Fraud and Abuse Act claim was whether O'Neil's access of the website was "without authorization." The court held that the underlying agreement between Mitsubishi and Snap-on did not clearly resolve the question of whether Mitsubishi could authorize O'Neil to access Snap-on's website and servers and, whether even assuming Mitsubishi had this ability, Mitsubishi somehow lost it.
I think the court came to the correct conclusion on whether the access was without authorization. There's a split of authority in the employment context as to whether an employee's access to the employer's servers for the employee's own purposes constitutes "unauthorized access," but this case doesn't implicate that scenario. (Jeff Neuburger covers the 9th Circuit's recent ruling in LVRC Holdings, LLC v. Brekka, which acknowledges this split.) Here, the parties had an agreement, and the only viable argument by O'Neil on the unauthorized access issue was that Mitsubishi had authorized O'Neil to access Snap-on's computers and servers. (Since you had to log-in to access the website, O'Neil could not argue that Snap-on impliedly authorized everyone (including search engines) to access its site.) The terms of the agreement between the parties would resolve this issue and the agreement didn't provide a definitive answer, at least at the summary judgment stage.
Trespass to Chattels: Snap-on also asserted a trespass claim based on damage or temporary deprivation of the ability to use its servers. The court also declined to resolve this issue on summary judgment, finding that Snap-on presented sufficient evidence to find that O'Neil's unauthorized access caused Snap-on's servers to crash and "deprived Snap-on of their use for a substantial time.
O'Neil argued that copyright law preempts Snap-on's trespass claim. The court summarily (and in a conclusory fashion) rejects this argument, finding that Snap-on's argument seeks to protect the integrity of its computer servers, rather than its "possessory interest in the [software] or accompanying database."
Unjust Enrichment: The court finds that Snap-on's unjust enrichment claims were preempted by the Copyright Act since Snap-on failed to provide any evidence as to how the unjust infringement claims were based on rights distinct from Snap-on's rights as a copyright owner.
Breach of Contract: Snap-on also asserted a claim for a breach of its end user license agreement. The court declined to dismiss this claim based on the existence of factual dispute as to whether the parties entered the EULA and whether O'Neil breached it. Surprisingly, Snap-on's website required a log-in but only contained a statement that "[the] use of and access to the information on [Snap-on's] site is subject to the terms and conditions set out in [Snap-on's] legal statement." Snap-on did not users to check the box, acknowledging that they read and agreed to the end user terms.
Copyright Infringement: Snap-on knew it had an uphill battle on the copyright claim for a few reasons. First, much of the material (such as the images) is owned by Mitsubishi to begin with. Second, it's tough for anyone to argue that pricing and parts information is copyrightable. With this in mind, Snap-on argued that the "database structure" is entitled to copyright protection and Snap-on owned the copyrights in the structure.
The court went through the Feist analysis. In Feist, the court held that a "factual compilation is eligible for copyright if it features an original selection or arrangement of facts, but the copyright is limited to the particular selection or arrangement. In no event may copyright extend to the facts themselves." Lower courts have applied Feist and found that databases containing facts may be copyrightable. O'Neil argued that the "arrangement" or the database structure was obvious and was thus not entitled to copyright protection. The court again agrees with Snap-on that factual disputes preclude summary judgment on copyrightability and ownership.
The court's conclusion on the copyright issue seemed the most problematic. Even if Snap-on owned some part of the underlying arrangement or database structure, did O'Neil "copy" the structure, or otherwise exercise any rights exclusive to the copyright owner? This is a tough sell. Also, on the ownership issue, I would think Mitsubishi would have a colorable argument that even if it didn't own the copyright, it should be treated as a joint owner along with Snap-on?
Trade Secrets: Finally, the court also declines to grant summary judgment on Snap-on's trade secrets claims. I'm not sure what trade secrets Snap-on is using to support its claim, and I'm skeptical that any trade secrets exist here that O'Neil misappropriated. However, given that the court declined to grant summary judgment on the other claims, it wasn't the end of the world for the court to let this claim go to the jury as well.
__
Apart from canvassing the various legal theories that come into play in this type of a factual scenario, the case also offers a few practice pointers.
First, if someone is hosting or storing data for you, it makes sense to have a provision in the agreement that allows you to get access to the data at the termination of the relationship, regardless of any contractual dispute that may arise between the parties. The party with physical access to the data will have leverage as a practical matter, and this is the type of thing contractual language should address. As a last resort, the party who may be in a position to extract the data should have an unbridled ongoing right to extract the data during the course of the relationship. The agreement should also have a notice and breach provision that would prevent the summary denial or revocation of authorization.
Second, I'm surprised there wasn't a clear ownership clause in the agreement that said Mitsubishi owns the underlying data, the database structure, and any copyrightable elements in the database. A determination by the court that Snap-on owns some copyrights in the database structure could cause problems down the road for Mitsubishi. There are many reasons why it made sense for Mitsubishi to own the data, and Snap-on doesn't have much of a business justification for owning the data because it can't use it at the termination of the relationship. As a last resort, Mitsubishi should have had a broad license to the data.
Third, the agreement should contain terms allowing Mitsubishi to authorize third parties the right to access Snap-on's servers and any copyrighted material, at least for back-up and archiving purposes.
Fourth, if you are a website that is looking to prevent scraping, ownership of the underlying data and restrictions on access (such as a log-in) help significantly. Professor Goldman's comments below highlight that scraping is problematic from a legal standpoint. However, two things that bolstered Snap-on’s claims are its ownership of the data and the fact that O’Neil accessed the site through a log-in which it wasn’t clearly authorized to use. This, coupled with the fact that Snap-on was in physical possession of the data at the termination of the relationship, pretty much put it in the driver’s seat.
Finally, Snap-on's contract formation process could have been cleaner. Where you have a situation involving access of a website for a business purpose (where the person is accessing data that they need) there's much less risk of people declining to access your website based on additional hurdles in the form of click throughs or check the box. In the consumer setting, websites often weigh certainty of contract formation against customer conversion, but this isn't really present in Snap-on's case. I guess what I'm saying in a long-winded way was that Snap-on should have implemented a mandatory, non-leaky, clickthrough, as discussed in Professor Goldman's post covering Scherillo v. Dun & Bradstreet.
____________________________
Eric's comments:
This is such a rich and interesting case that both Venkat and I wanted to cover it. I am frequently asked if scraping is legal, and the short answer is that (a) possibly not, but (b) people regularly do it anyway. This case illustrates the difficulty of doing scraping legally, and I highly recommend reading this case to anyone who thinks scraping solves a business problem they are having. If anything, this case was unusually defense-favorable because the replacement vendor (O'Neil) was scraping the customer’s (Mitsubishi’s) data at the customer’s request. Yet, because that data resided on Snap-on's servers, O'Neil is still staring down the barrel of copyright, contract, CFAA and common law trespass to chattels claims. If I were on the defense team, I'd be whipping out my checkbook and angling for a settlement, because I expect this case will not play well in front of a jury.
This case is slightly similar to a case from earlier this year that I never got a chance to blog, Edgenet v. Home Depot. In both Edgenet and this case, a big company retained an outsourced vendor to maintain and enhance an obviously unwieldy product catalog, and legal tussles ensued when the customer and vendor divorced. According to this opinion, Mitsubishi thought it had procured the IP rights to Snap-on's enhanced database, but Snap-on thought otherwise and demanded extra money to get something Mitsubishi thought it had already bought. As Venkat indicates, this reinforces the practice pointer that customers always need to have a clear exit strategy nailed down upfront whenever they enter into an outsourcing relationship.
The case is a little less clear about Mitsubishi's ability to get interim deliveries of the database pre-termination. (The case suggests that Snap-on tried to charge for this as well). As Venkat also indicates, this violates another rule of outsourcing--without a copy of its database, Mitsubishi was never in control of its fate and continuously vulnerable to Snap-on deciding to play a hold-up game.
When Mitsubishi finally decided to go with Plan B and retain O'Neil as Snap-on's replacement vendor, a series of poor judgments followed. Mitsubishi decided it was too expensive to have O'Neil replicate the work Snap-on had done, and Mitsubishi apparently decided it was too expensive to pay Snap-on for the one-time delivery from its database. But what did Mitsubishi expect--that Snap-on expected to be paid for delivering the data but would acquiesce to free scraping? Snap-on seems to have made it clear that its business model included payment for getting Mitsubishi data out of Snap-on's database, so Mitsubishi had to know that any alternative courses of action were dicey.
Then O'Neil, presumably trying to be helpful, offered the scraping option. Any lawyer in the process should have kiboshed the idea on the spot. Instead, Mitsubishi gave O'Neil some login credentials in apparent violation of the Snap-on agreement. This reminded me of the Oracle v. SAP lawsuit, which is not going to end well for SAP.
The scraping process did not go well, either. It appears the scraping tool was misconfigured because it allegedly caused enormous traffic spikes that ultimately crashed the site at least once (and maybe twice). Even if the court follows the more restrictive Hamidi approach to common law trespass to chattels requiring damage to computer system resources, this qualifies. Snap-on blocked the scraper's IP address, so O'Neil offered to continue using a different IP address (a big no-no in my guide to "legitimate" scraping) but only if Mitsubishi signed an indemnity agreement...which Mitsubishi signed. What??? Are you kidding me??? It's hard to wave a bigger red flag of problems ahead than to have a vendor say that it will only continue if it gets an indemnity agreement. Fortunately for O'Neil, the indemnity agreement may mean that O'Neil won't be writing checks when the jury says nyet; unfortunately for O'Neil, the indemnity agreement won't help if the feds decide to bring a criminal CFAA prosecution. Snap-on blocked the second IP address, O'Neil stopped scraping, and Snap-on decided to sue.
Where were the lawyers in this process? I'm shocked that Mitsubishi's lawyer didn't shoot down the initial scraping proposal. Scraping was a classic engineer's solution to a legal problem. But even if the lawyer never got a chance to speak up then, surely lawyers got involved when O'Neil tendered the indemnity agreement to Mitsubishi. That they didn't put their foot down then blows my mind. Given Snap-on's delays, it appears that Snap-on might not have even sued if O'Neil hadn't reinitiated scraping via a second IP address, so the indemnity agreement should have given Mitsubishi and O'Neil enough time and warning to realize that the engineering solution had failed and it was time to seek a legal solution.
As Venkat recaps, the legal rulings are fairly straightforward given our standard understandings of scraping law. However, they illustrate that despite its ubiquity, scraping may not be legally defensible when challenged in court--even, in this case, when Mitsubishi was trying to retrieve "its own" data.
Finally, this case is a microcosm of the broader IP battles over product catalog and taxonomical data. See my notes from my 2007 talk about IP rights in taxonomies. I don't have a solution to these IP battles, but I continue to wonder about the social benefits we could obtain if a global product catalog existed that everyone could freely use.
Posted by Venkat at 09:50 AM | Copyright , E-Commerce , Licensing/Contracts , Trade Secrets , Trespass to Chattels
August 10, 2009
Nursing Student's Blog Post Doesn't Support Expulsion--Yoder v. University of Louisville
By Eric Goldman
Yoder v. University of Louisville, 2009 WL 2406235 (W.D. Ky. Aug. 3, 2009). Yoder's initial complaint.
Nina Yoder was a University of Louisville nursing student. She posted a blog post to MySpace entitled "How I Witnessed the Miracle of Life” that describes her first-hand observations from a school assignment to go watch a patient-mother giving birth. The blog post now appears to be set to private, but you can see a PDF of it, and the opinion quotes the full text for your reading pleasure. This blog post and the resulting imbroglio sparked a lot of discussion. For more background, see this page with some of the source correspondence (and over 100 comments) and this thread from a nursing students' blog with about 250 comments.
Even if Yoder’s blog post was intended to be tongue-in-cheek, I can see why the blog post was so controversial. As just one example, the blog post repeatedly refers to newborn babies as "creeps." The court does not have kind words to describe the blog post, calling it "vulgar," "distasteful," "offensive," "crass and uncouth," and an "abject failure" as an attempt at humor. My personal take is that the blog post was, at best, ill-advised. I really can't imagine when I would want to work with a nurse who calls my baby a "creep," even if in jest, and (as discussed below) the amount of detail Yoder disclosed about her patient shows a reckless disregard for the confidentiality we expect from medical professionals.
When University of Louisville nursing school administrators discovered the post, they expelled Yoder from the nursing program on the grounds that she violated two contracts: the student honor code and a confidentiality agreement. Given how damaging Yoder's post was to the University's nursing school (after reading it, I suspect few patients would agree to let student nurses observe their treatments), I understand this impulse. However, the administrators’ decision to have two uniformed police officers at the termination meeting (because Yoder had separately blogged about her support of the Second Amendment) and to frisk her for weapons seemed a little over-the-top.
In this ruling, the court reverses the school's expulsion, holding that the school incorrectly interpreted the contracts. The main ruling relates to the contracts' requirement that Yoder not disclose patient confidential information. The defendants allege that the blog post disclosed "the following identifying information about the birth mother: the number of her children; the date that she was in labor; her behaviors; the treatment that she underwent (an epidural); her reaction to labor (vomiting); and the reactions of her family." The court says that none of this information was personally identifiable to the patient or her family because the post "does not disclose the birth mother's name, address, social security number, or the like. It does not disclose her age, race, or ethnicity. The Blog Post does not contain ‘financial’ or ‘employment related information’ about the birth mother. It does not disclose where she was in labor."
Well, the court is correct about the non-identifiable nature of the disclosures if you only consider the four corners of the blog post. No one could use the blog post to identify the mother or her family without relying on additional information. Nevertheless, the court's rationale is completely off-base. I’m confident that any savvy investigator could combine the blog post with other data sources and quickly identify the mom with a high degree of certainty, even if the investigator would rely only on easily obtainable published information. Just knowing the baby’s exact birthdate and limiting the inquiry to the Louisville area immediately limits the pool of possible women to a few hundred. Knowing that the child was the mom's third baby should narrow that restricted pool further. Thus, the court was clearly wrong when it said, categorically, "the Blog Post does not contain information that could possibly lead to the discovery of the birth mother's identity" (italics added). The first person who emails me the correct identity of the patient in question can, as their reward, choose a slinky from my special slinky stash.
As a result, this court's ruling illustrates the false distinction between personally identifiable and non-personally identifiable information. (The same issue arose in the recent Johnson v. Microsoft case declaring that IP addresses are not personally identifiable.) Paul Ohm has an important paper coming out on de-identification that should end this distinction permanently. The ability to combine multiple data sources makes it possible to uniquely identify data subjects even if each individual data source does not enable identification on its own. Especially in light of the healthcare context, this judge was way too charitable to Yoder on this point.
The court also says that Yoder did not violate a "professionalism" requirement in the school’s honor code because the blog post "was not created or used in any professional context." This is analogous to the K-12 school discipline cases (all uncited) where the principal disciplines a student for a blog post made off-campus. Clearly school administrators can reach too far into private conduct when meting out discipline, but again I think the judge is being very charitable here. Yoder was blogging her personal observations about a professional experience she had in a hospital, under confidentiality agreements, while doing her schoolwork. By this reasoning, any post that Yoder wrote in her personal time would not trigger the professionalism code, but given the subject matter of this post, this issue probably warranted more careful treatment.
Having said that, I totally agree with the judge's ultimate conclusion to reinstate Yoder. Although her post raised all kinds of yellow and even red flags about her judgment, the school had a wonderful teaching opportunity to explain/reinforce all kinds of lessons about the professional responsibility of a nurse (like, don't call patients' babies "creeps," even in jest). I think they didn’t capitalize on that opportunity by applying a one-strike rule to Yoder.
An update on Yoder's saga from the Chronicle of Higher Education.
Posted by Eric at 10:12 AM | Content Regulation , Trade Secrets | TrackBack
April 28, 2009
Promatek Redux: Software Consultant Enjoined from Metatag Usage and Other TM References--Deltek v. Iuvo
By Eric Goldman
Deltek, Inc. v. Iuvo Systems, Inc., 2009 WL 1073196 (E.D. Va. April 20, 2009). The Justia page.
Every year in Cyberlaw, I teach Promatek v. Equitrac, a Seventh Circuit metatags case from 2002 noteworthy for its multiple litigant and judicial errors typical of a cyberspace freakout case. Among the many mysteries of the case is how the court treats the fact that Equitrac advertised that it provided servicing of Promatek's equipment. The court says that Equitrac was free to say that, but it couldn't say it in the metatags...for reasons that I still don't understand.
Today's case raises similar issues to the Promatek case, and the resolution isn't much clearer. Deltek sells complex cost-accounting software. Iuvo includes three former Deltek employees who started a business providing consulting about Deltek software and other Deltek software-related services. Iuvo's websites advertise the fact that it provides servicing for Deltek software, but Deltek apparently doesn't like that or, apparently, the competition (not surprising because Iuvo was allegedly undercutting Deltek's price). Thus, Deltek launches a multi-prong attack on Iuvo, including claims that the site infringes its trademarks, the former employees misappropriated Deltek trade secrets, and the former employees violated their non-compete agreements.
With respect to the trademark claims, the defendants assert "fair use" (more precisely, nominative use). The court isn't convinced, in part because of the implied affiliation from Iuvo's references to Deltek's trademarks, even though the websites had an appropriate disclaimer of any relationship. Citing the doctrinally confused Axiom case, the court relies on the same implied-affiliation grounds for the metatags, saying "This use of Deltek's trademarks as metatags may cause a consumer to believe that Iuvo is affiliated or related to Deltek and may therefore constitute an improper attempt to trade on the commercial value associated with the marks." However, no one who understands metatags believes this statement is in the least bit credible.
Ultimately, the court crafts a split-the-baby injunction, restricting Iuvo:
from using in the "www.iuvosystems.com" website the phrases "Deltek Upgrade", "We Provide Deltek Solutions" and "Technology Consultants With Deltek Experience"; from using as metatags for any website associated with the Defendants' business activities any Deltek trademarks or trade names including, but not limited to, "Deltek Costpoint," "Deltek Time Collection," "Deltek Install," "Deltek Hosting" and "Deltek Consulting" and from using the web domain names "www.installdeltek.com" and "www.installdeltek.net."
Although the injunction is relatively narrow, it is still obviously problematic. First, the blanket restriction on including Deltek in the metatags makes no sense. See the Welles case. Second, I don't immediately see anything wrong with the phrase "installdeltek" in the domain name if Iuvo acts as a systems integrator and, in fact, installs Deltek software (a point I believe Deltek contested). Finally, I'm struggling to see what's wrong with the phrase "Technology Consultants with Deltek Experience," which seems completely accurate in describing both the former Deltek employees' experience as well as the company's accumulated experience.
Three observations about the case:
1) I hate metatag cases!
2) This is yet another example that the nominative use defense isn't very robust.
3) It's interesting that the court declined to issue an injunction based on the trade secret and non-compete claims, so Deltek's only victory came from its trademark claims. This is a good example of trademark's power to restrict competition, even when other anti-competition legal doctrines fail, and even when the competition may be in the consumers' best interest.
Posted by Eric at 09:31 AM | Trade Secrets , Trademark | TrackBack
April 12, 2009
Q1 2009 Quick Links, Part 4
By Eric Goldman
Security
* Massachusetts Data Security regulations were amended.
* In Facebook v. Power.com, Facebook brought another lawsuit to block extraction of user data from the site (similar to the Facebook v. ConnectU lawsuit). Venkat, Masnick, News.com, NYT, Justia. In this case, I wonder if Facebook has adequately distinguished between Power.com's behavior and the operation of its own "Find a Friend" service that taps into third party email servers to extract email addresses. Power.com’s response.
* Andritz, Inc. v. Southern Maintenance Contractor, LLC, 2009 WL 48187 (M.D. Ga. Jan. 7, 2009). IP infringement isn't a cognizable harm under the Computer Fraud & Abuse Act.
Adware/Spyware
* Who says Valentine's Day is just a Hallmark holiday? Sales of spyware and other tools to track cheating SOs also increase around Valentine's Day.
* Susan Brenner on the Cybercrimes Treaty and the US's decision not to criminalize possession of malware as required by the treaty.
Venture Capital
* BusinessWeek: Silicon Valley innovation is being stifled by VCs who only want to make small bets, not big bets. But VC investing is faddish, so the wind might change tomorrow.
* $600M of VC investments in virtual worlds.
Contracts
* Burcham v. Expedia, Inc., 2009 U.S. Dist. LEXIS 17104 (E.D. Mo. Mar. 6, 2009). Buyer was bound to user agreement even though he argued (without any evidence) that someone else established the account he used. This dovetails nicely with the broad reading of who is bound by an online user agreement; see my discussion in the Lori Drew case. Jeff Neuburger's writeup. Aside: I wonder if Expedia will be insulated by 47 USC 230 for the allegedly wrong description of amenities if they got the description of the hotel from third parties. For an analogous result involving the binding of users who didn't agree to the initial contract, see CoStar Realty Information, Inc. v. Field, 2009 WL 841132 (D. Md. March 31, 2009).
* Fractional Villas Inc. v. Tahoe Clubhouse, No. 08cv1396 (S.D. Cal. Feb. 25, 2009). Citing the RMG case, the court says that merely visiting a site may be sufficient to bind visitors to a browsewrap. However, in this case, there was insufficient evidence that the defendant had ever visited the site.
* Cherny v. Emigrant Bank, 2009 U.S. Dist. Lexis 2486 (March 12, 2009). Latest case that breach of privacy policy isn’t actionable unless there are actual damages. Venkat’s writeup.
* A stat I fully believe: "studies have shown that more than half of all companies cannot even locate signed copies of 10% or more of their contracts." The Zen Master asks: if both parties think they have entered a contract but neither can find a copy, do they have a contract? (this has really happened to me before).
Taxes
* Amazon v. New York and Overstock v. New York (N.Y. Sup. Ct. Jan. 12, 2009). Kudos to New York for finally figuring out a way to break the Internet and defeat the Internet Tax Freedom Act by treating Amazon Associates as traveling salespeople for sales tax collection purposes. I imagine every state in the country will jump on this bandwagon, at which point some e-tailers will kill their affiliate program and others will end up imposing sales tax collection nationwide.
* Pitt County v. Hotels.com, L.P. (4th Cir. Jan. 14, 2009), Online travel aggregators aren't "retailers" (as referenced in the statute) for purposes of collecting local hotel occupancy taxes.
General
* Some interesting cyberspace exceptionalism developments involving cases where paper presentation may be different from electronic presentation of the exact same content. In Smith v. Under Armour, Inc., 2008 WL 5486764, web payment confirmations displayed on-screen are not "printed" within the meaning of the Fair and Accurate Credit Transactions Act. Accord Smith v. Zazzle.com, Inc., 2008 U.S. Dist. LEXIS 101050. See generally this Proskauer recap. In Saulic v. Symantec Corp., a California law prohibiting data collection with credit card sales was held inapplicable online.
* Sudduth v. Donnelly, 2009 WL 918090 (N.D. Ill. April 1, 2009). Plaintiff got stiffed on his eBay transaction and sued eBay for 1983 equal protection and conspiracy claims as well as a Title VI civil rights claim. Because eBay isn't a state actor, however, the court dismissed eBay.
* My colleague Steve Diamond is blogging every detail of the battle for SAG's soul over at his new blog, King Harvest. For example, he summarizes the travails of the Screen Actor's Guild.
* Oddee: 10 Geekiest T-Shirts. I own a t-shirt that says "I'm Blogging This" (a gift from a former student) and a mug that says "Vegetarian Blogger" (gift from a colleague).
* Oddee: 15 Most Unfortunate Town Names. I think Licking County should have been a contender.
* Is there any better sign of Cyberlaw's maturity than the publication of Internet Law in a Nutshell
* Oddee: 12 Most Ridiculous Lawsuits. I welcome your nominations for the most ridiculous Internet lawsuits of all time. I hope to write that up some day.
* Happy birthday, Gmail! Best email software I've ever used. The battles over Gmail privacy seem so...2004!
Free Stuff
* The Ninth Circuit recently updated its website...with RSS feeds!
* Nolo Press' "NDAs for Free." Potentially useful site.
* I have one extra copy of my Fall 2008 Cyberspace Law course reader. First person to send an email with their mailing address gets it. [CLAIMED]
Posted by Eric at 12:03 PM | Adware/Spyware , E-Commerce , Licensing/Contracts , Privacy/Security , Trade Secrets , Virtual Worlds | TrackBack
April 26, 2006
Employee Blogging Risks
By Eric Goldman
A couple of weeks ago, I spoke at the North Carolina Journal of Law & Technology's symposium called "Attack of the Blog: Legal Horrors in the Workplace." (I definitely did not pick the name!) In the morning, I spoke about the risks that companies face when their employees blog. I see blogging as a subset of Internet communications generally, so I'm not sure these risks are limited to blogging. Nevertheless, the following risks are possible:
Non-Legal Risks
* Employee relations risk. A personal dispute between employees could be taken online, triggering a flame war or exposing the personal dispute to a broad audience within and outside the company.
* Customer relations risk. Employees could make disclosures that undermine customer confidence in the company's products by revealing too much about the company's inner workings or by disparaging the company's products. Employees could also oversell customers by making overstated claims about the products.
* Reputational risk. Employees might make personal disclosures about other employees/stakeholders that degrade the overall public perception of the company.
Legal Risks
* Admissions. Blog posts could be party admissions. Even if not, they could be adverse evidence introduced in litigation.
* Trade Libel. Employees could actionably disparage competitors' products.
* Disclosure of Non-Public Information. There are several ways that employees could convert non-public information into public information in ways that have legal significance.
- If the company is publicly traded, these disclosures may manipulate the stock price or constitute securities fraud
- Employees could undermine the company's position by tipping off competitors about plans in the works. If the employee publishes company trade secrets to the blog, in most cases that information will be irretrievably lost as a trade secret.
- Employees might disclose third party trade secrets, which could lead those third parties to bring a trade secret misappropriation claim.
- Employees might disclose patentable information that jeopardizes the company's ability to obtain a patent using that information. For example, a blog post should start the 1 year clock ticking under 102(b). Similarly, if the foreign patent applications have not yet been filed, the blog post should negate the company's ability to seek foreign patents on the published information. This is a real gotcha that may catch some unsuspecting companies.
Conclusion
Just to be clear, I'm not convinced these risks are all that serious. The emergence of blogs might lower the guard or caution of employees, but all of these risks would exist even without blogs, and most employees will make good choices. Even so, some employees will make poor choices, and thus companies who are concerned about employee blogging might choose to address blogging as part of an overall policy on Internet usage or disclosure of company information. At the same time, employee blogging can be a significant asset to the company, so companies might look at employee blogging as an resource to nurture rather than risky behavior to squelch.
Posted by Eric at 08:05 PM | General , Patents , Trade Secrets
December 07, 2005
Keeping C&D Letters Confidential
By Eric Goldman
An all-too-familiar story. A famous celebrity takes her clothes off in a private outdoor space (in this case, Jennifer Aniston goes topless in her backyard). The paparazzi captures the event for posterity and profit. Celebrity finds out and unleashes a bulldog lawyer on the case. Lawyer writes a cease and desist letter to potential publisher with stern warnings about republishing the photos. The cease-and-desist letter hits the Internet. (In all likelihood, the photos will hit the Internet too, but to my knowledge we haven't gotten that far yet).
Here's the twist that triggers this blog post. The lawyer's letter says no less than 3 times that the C&D recipient may not publish the cease-and-desist letter:
* the letter is titled at the top "confidential legal notice/not for publication"
* the second sentence says "This is a confidential legal notice...and may not be published or disseminated in any way."
* the last paragraph reads: "This letter is a confidential legal communication and is not for publication. Any publication, dissemination or broadcast of any portion of this letter will constitute a breach of confidence and a violation of the Copyright Act, and You are not authorized to publish this letter in whole or in part absent our express written authorization."
These brouhahas never seem to end up well for anyone. Let's deconstruct the situation.
Jennifer Aniston
Jennifer Aniston should have known better. I recognize this may sound a little heartless; after all, she was in her own home and her lawyer alleges that the photographer was a mile away using an incredibly high-powered telephoto lens. If true, no question she should have had a reasonable expectation of privacy.
However, I believe that in practice, the rules are simply different for the top 1,000 most famous people in the world. For these celebrities, certain activities (nakedness, friskiness, ingesting) in a potentially observable place are never consequence-free, regardless of what the law says or the celebrity wants.
In this case, an afternoon of topless sunbathing at home has the consequence of a multi-month multi-continent pitched legal battle that, in all likelihood, will be futile (i.e., the pictures will almost certainly irrevocably hit the Internet). I'm not saying this is a good outcome, but it's an inevitable result in this era. This has to be on the minds of the world's most famous celebrities at this point.
The Paparazzi
If the photographer really did use a telescopic lens to take pictures of someone's backyard from a mile away and then tried to resell the photos, I'm fairly comfortable that there will be legal redress.
The Lawyer and the Smoking Gun
Some people complain that lawyers can't communicate very well, but good news here--we have no problem understanding what this lawyer wanted. He did not want to see this letter posted to the Internet. Yet, there it is, on the Smoking Gun in all its glory.
There are some problems with the lawyer's desire. How can a lawyer claim that a cease-and-desist letter is a confidential communication? In general, sending the letter to a third party without any confidentiality assurances should blow any legal confidentiality protections. The lawyer's redundant declarations doesn't change the analysis one iota (if anything, repeating these statements to bloggers will invariably lead to the opposite outcome). So, on its face, I don't see how the confidentiality demands/instructions are anything more than hyperbolic and low-efficacy scare tactics.
The copyright issue is more complex. The letter should qualify as an original work of authorship, and posting the letter online should violate at least 2 of the 106 rights (reproduction and distribution).
But is there some legal defense that nevertheless permits the reposting of C&D letters? The most obvious one is fair use, but fair use analyses are always tricky. For a good example in a relevant context, consider how Google deals with C&D letters it receives. At the Yale Regulating Search conference, a Google representative explained that Google turns over all 512(c)(3) demand letters to ChillingEffects.org because (a) Google wants the letters to see the light of day, (b) Google feared that publishing the letters would be an unexcused infringement, and (c) Google thinks that ChillingEffects.org's republication of the letters would be protected by fair use.
Can this be right? Google can't republish the letter but a third party can? ChillingEffects.org changes the fair use analysis in two ways: first, it's a non-profit actor, and second, it does add some commentary to the letter. But this seems like a silly formalistic solution. (I'll note that the Aniston C&D letter recipient apparently took the same approach, handing the letter off to the Smoking Gun, who added some light commentary).
C&D letter recipients shouldn't have to go to such extremes. Senders of C&D letters should be accountable for their actions. They seek legal redress and the letters themselves are legally significant (i.e., they could create the basis for willfulness determinations; they may be the basis for the recipient seeking a declaratory judgment). To fully understand what is taking place in the field, information about these C&Ds has to enter the public discourse. And simply reporting the receipt of a C&D isn't enough--to understand the letter and its potential impacts, external observers have to read the precise words used.
Therefore, I would strongly favor a statute that exculpates C&D letter recipients from republishing the letter. Because such a statute is unlikely, I am hoping the courts will create a defacto per se fair use exclusion for republishing C&D letters. Meanwhile, kudos to the Smoking Gun for not letting the repeated exhortations keep the letter off the Internet.
Finally, I suspect some readers of this post got here on the mistaken hope of seeing the pictures in question (or others of a similar nature). If you made it this far with that expectation, I'm sorry to disappoint.
Posted by Eric at 11:28 AM | Copyright , Trade Secrets | Comments (8)