Google Sued for Running Ads for “Fraudulent Mobile Subscription Services”–Goddard v. Google

By Eric Goldman

Goddard v. Google, Inc., Case No. 108CV111658 (Cal. Super. Ct. complaint dated April 30, 2008). Google’s notice of removal to federal court C08 02738 (N.D. Cal. removal notice dated May 30, 2008). [warning: 1.5MB file. Google’s notice contains a copy of the original complaint.]

Cyberlaw is filled with examples of plaintiffs suing the wrong defendant for perceived transgressions committed by someone else. Today’s misdirected lawsuit involves “fraudulent mobile subscription services,” which are optional third party services for cellphones (such as ringtones) that are charged on a periodic basis. The plaintiffs in this putative class action lawsuit feel like they got fleeced by providers of these subscription services. If they did, I hope they get appropriate redress from the wrongdoing vendors. But instead of suing the allegedly fraudulent vendors, the plaintiffs think Google should cover the losses for the sole reason that Google ran ads for the services. The argument goes as follows:

* Google has an express policy requiring mobile service providers to disclose certain info to consumers about their practices

* Google deliberately does not enforce this policy (or inadequately enforces it) to enjoy undeserved cash

* As a result, Google should stand behind all of the losses committed by its advertisers

There are some obvious problems with this argument. First, it’s a gross example of cyberspace exceptionalism. An analogy might be that dead-trees newspapers should stand behind any losses suffered by readers who transact with newspaper advertisers. Sounds ridiculous? It does to me, whether the publisher is online or off.

Second, this argument ought to be clearly, squarely and soundly trumped by 47 USC 230. eBay has won on this exact point when plaintiffs have tried to hold it liable for accepting advertising (in the form of listings) for fraudulent products (at minimum, the Gentry case involving fake sports memorabilia seems apropos). The recent Doe v. MySpace case is also analogous, because the plaintiffs were trying to hold MySpace liable under a “premises liability” theory for tortious activity that took place outside of its premises. Either way, if Google’s sole role in the process was publishing third party ads, it’s not liable per 230.

It’s not clear if the plaintiffs know about 230 or think it applies to this case, but they made two arguments that could be used to argue around 230. First, they allege that Google helped write the ad copy. I’m still not sure if this allegation actually is enough to hold Google liable for downstream fraud, but unless Google actually wrote the copy itself, it’s not liable for third party ads even if it helped edit them or prescreened them (see Ramey v. Darkside Productions).

Second, they try to argue that Google’s contract with its advertisers describing minimum standards for mobile service vendors running Google ads is an express marketing representation that binds Google for any breaches by the advertiser. By anchoring the claim in false advertising, the allegation might be designed to take advantage of the Mazur v. eBay exclusion to 230. However, treating contractual restrictions with a third party as affirmative representations to consumers is the exact same analytical error made by the New Jersey Attorney General’s office in the JuicyCampus investigation, and the error is no less baffling here. I remain surprised that bright lawyers so fundamentally misunderstand the interaction between contract and false advertising law.

There’s one more twist to this lawsuit that merits discussion. As a predicate harm for some of its claims, the plaintiffs argue that their cellphones are computers under the Computer Fraud & Abuse Act (CFAA) and the vendor’s confirmatory text messages (required to authorize the service) are unauthorized accesses of a protected computer under the CFAA. I’m not really sure what to make of this theory, but I’m pretty sure it’s novel (not necessarily in a good way). I’m OK with treating at least some cellphones as computers under the statutory definition, although this would expand the CFAA’s reach quite a bit, but I think it would be highly problematic to treat text messages to a cellphone as an unauthorized access. And even if we did that, I still don’t see how Google is responsible for the violation.

(For kicks, there is an analogous claim that Google aided and abetted the vendors’ trespass to chattel of the cellphones).

One more thing: this interpretation of the CFAA follows the DOJ’s recent attempt to treat breaches of a website’s user agreement as a criminal CFAA violation in the Lori Drew prosecution. Given these crazy expansive CFAA claims, it may be time to rethink that statute.