Posted on Techdirt - 12 October 2012 @ 12:29pm
Sen. Amy Klobuchar has introduced a new bill, the "Cloud Computing Act of 2012" (S.3569), that purports to "improve the enforcement of criminal and civil law with respect to cloud computing." Given its introduction so close to the election, it's doubtful this bill will go anywhere. Still, it provides an excellent case study of how even well-meaning legislators can botch Internet regulation.
What the Bill Does
From its 1980s origins as a law restricting hacking into government computers, the Computer Fraud and Abuse Act (CFAA) has morphed into a general-purpose federal law against trespassing on anyone else's computers. With that breadth, the CFAA extends to a wide variety of activities, ranging from data scraping (see, e.g., EF Cultural Travel v. Explorica) to fake profiles (see, e.g., the Lori Drew prosecution related to Megan Meier's death) to ex-employees walking out the door with competitively sensitive information (see, e.g., US v. Nosal and WEC v. Miller).
The proposed bill's main substantive provisions attempt to give "cloud computing services" extra protections under the CFAA. First, the bill says that each unauthorized access of a cloud computing account counts as a separate CFAA offense. Second, the bill specifies a formula for computing losses in CFAA violations involving cloud computing services, setting a minimum floor of $500 loss per affected cloud computing account.
Problems with the Bill
The CFAA is Already a Mess. Good luck trying to read the CFAA's text. Constant amendments over the years have created spaghetti code. This bill adds only slightly to the CFAA's overall lack-of-tidiness, but every incremental amendment makes the CFAA more unwieldy.
The Definition of "Cloud Computing Service" is Incoherent. The bill seeks to protect cloud computing services, but what are those? Check out the bill's definition:
the term "cloud computing service" means a service that enables convenient, on-demand network access to a shared pool of configurable computing resources (including networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or interaction by the provider of the service.
What??? This sounds more like a vendor's sales pitch than a basis for criminal prosecution. We can reinforce the definition's weakness by trying to determine what isn't a cloud computing service. Every user-generated content website seems to qualify; but so should every online bank. In fact, this definition of cloud computing service probably becomes co-extensive with the Internet generally.
To be fair, the failed definition isn't totally the drafter's fault. I don't think it's possible to define "cloud computing service" precisely. Tip to legislators: if you can't clearly define your subject matter of your legislation, you're probably doing something wrong.
What's the Problem That Needs to Be Solved? I can't figure out how the proposed amendments address any problem we're seeing in the field. It's possible I've missed some relevant case, but I can't think of a single case I've seen where the CFAA underprotected a cloud computing service or this legislation would have changed the outcome. Seeking some clarity, I submitted a press inquiry to Sen. Klobuchar's office last week and got no response. So I have no idea what problem this bill purports to solve.
This bill exemplifies several ongoing problems with efforts to legislate the Internet:
1) Legislative grandstanding. It's flashy for legislators to tell their constituents that they are fighting hard to protect emerging technologies like "cloud computing." But legislators rarely understand cutting-edge technologies, and usually rapidly evolving technologies are poor candidates for legislative intervention. So legislators' efforts to push buzzword-laden legislation are often more for show than substance.
2) Regulatory exceptionalism. As I explain here, legislators keep creating new "exceptionalist" rules for subsets of the Internet ecosystem--online dating sites, social networks, cloud computing services, etc. We saw how well that worked in California's effort to ban employers from asking employees for social media login credentials. California so utterly failed at defining "social media" that it simply covered the entire Internet...and all non-networked electronic data too! Yet, legislators seemingly haven't learned from their colleagues' repeated failed efforts to precisely define the contours of some Internet subcommunity. The proposed CFAA amendment, and its gibberish definition of "cloud computing service," exemplifies this.
3) Code proliferation. For every problem, real or perceived, legislators think they can fix the problem with more regulatory code. But the manufacturing of new legal code exacts a toll of its own. This bill increases the CFAA's complexity with minimal or zero commensurate benefit. If Sen. Klobuchar or anyone else really wants to "fix" the CFAA, a good start would be to reduce the law's length, organize it better, and reduce its implications for users' ordinary Internet activity.
27 Comments | Leave a Comment..
Posted on Techdirt - 14 August 2012 @ 3:43am
Gizmodo.com published an article, Smoke & Mirrors: The Greatest Scam in Tech, about Redmond's venture, Peep Telephony. In addition to using the word "scam" in the title, the article had lots of denigrating things to say about Peep and about Redmond's prior initiatives. (The opinion lays out the beefs, although some of the hot spots are apparent from a quick review of the initial article). Gizmodo subsequently published Redmond's rebuttals. Later, Redmond apparently decided the rebuttal wasn't enough and asked Gizmodo to remove both articles, which Gizmodo declined to do. Redmond then sued Gizmodo's parent Gawker Media for defamation. The court dismissed the case on anti-SLAPP grounds, and that means Redmond will owe a check to Gawker for his lawsuit.
The court has no problem finding that Peep Telephony's activities were a matter of public interest, as Peep Telephony had received some high-profile coverage from technology reporters before Gizmodo's story, and Redmond apparently had been trying to stir up press coverage in advance of the 2011 CES conference. The court summarizes that the "Gizmodo article was a warning to a segment of the public--consumers and investors in the tech community--that Redmond's claims about his latest technology were not credible."
The court also says that Redmond's beefs relate to statements of opinion, not fact. The court notes that the word "scam" as not a factual assertion (a dicey outcome), the article was written in a "casual" and "sarcastic" first-person style ("the article's general tenor and language would give a reasonable reader the impression the authors were expressing subjective opinions, not reporting facts"), and the article used weasel words, such as "seems," "arguably," "looks like," etc., to qualify key fact-like assertions.
The most interesting part of the opinion is where the court talks about the article's "transparency." The court says (emphasis added):
The sources upon which the authors rely for their conclusions are specified, and the article incorporates active links to many of the original sources--mainly Web sites and promotional material created and maintained by Redmond and his ventures....Having ready access to the same facts as the authors, readers were put in a position to draw their own conclusions about Redmond and his ventures and technologies....Statements are generally considered to be nonactionable opinion when the facts supporting the opinion are disclosed.
This is true, of course, but a point often lost when defamation plaintiffs are breathing fire. A properly-cited article, filled with hyperlinks to original source materials, should be extra-resistant to defamation claims--even if written with typical blogger snark. Readers can easily inspect the source materials themselves and make their own judgments about the article's veracity. Thus, either the citations provide proper factual support for the article's opinion, or the links should eliminate any problems with the author's knowledge (where that matters to the prima facie defamation claim, which would have been the situation here). Either way, the defamation claim should fail, as it did here.
So this decision is a great ruling for bloggers. Unfortunately, it's unpublished (like far too many California appellate court opinions), which limits its precedential effect. To fix this, my RA and I are planning to request that the court publish it. Even if it remains unpublished, perhaps the ultimate takeaway--that defamation claims against well-cited blog posts will be quickly dismissed by anti-SLAPP laws and lead to the plaintiff paying money to the defense--will help dissuade similar lawsuits nonetheless. Especially in a situation like this, where the potential plaintiff already had gotten an on-the-spot rebuttal, suing over a blog post like Gizmodo's rarely makes sense.
Read More | 16 Comments | Leave a Comment..
Posted on Techdirt - 30 March 2012 @ 4:05pm
Every time I read an opinion like this ruling in AR Pillow Inc. v. Cottrell, a little piece of me dies. This is a ridiculously easy case, yet somehow it got all tangled up.
The litigants are rival vendors of similar products to combat baby acid reflux. For a slightly similar dispute involving trademark fights over baby products, see BabyAge v. Leachco.
The plaintiff is largely complaining about text on the defendant's website explaining why the plaintiff's product isn't as good as the defendant's. From my perspective, the explanation doesn't constitute a trademark "use" at all because the trademark is being used as a referent. See, e.g., Naked Cowboy v. CBS, 2012 WL 592539 (S.D.N.Y. Feb 23, 2012). Thus, the court should dismiss the trademark claim for non-trademark use. But if the court doesn't do that, at least it should dismiss as a nominative use. See, e.g., 1 800 GET THIN v. Hiltzik. There is absolutely no question that the defendant's reference qualifies as a nominative use under Ninth Circuit law. Yet, and here's where a piece of me dies, the opinion doesn't discuss nominative use AT ALL. What???
Instead of addressing the two most obvious grounds, the court engages in doctrinal contortions to fit this case into a standard likelihood of consumer confusion (LOCC) analysis. As I've explained elsewhere, the multi-factor LOCC test simply makes no sense when a third party is using the trademark editorially as a referent. My paradigmatic example is the Ballysucks case, where the LOCC analysis is ridiculous because the court is trying to compare a vendor with a griper who registered a "sucks" domain. The LOCC test doesn't work any better here. The judge almost seems to know that the LOCC test isn't the right test, but he doesn't seem to know what else to do.
Fortunately, the judge overcomes his shaky analysis by reaching the right result, concluding that there's insufficient evidence of consumer confusion. Yay for good outcomes. But we need to find better ways to make it clear trademark law should not play a role in situations like this. For more on that, see my Online Word of Mouth paper.
One more point: the court's technological discussions are a mixed bag. On the plus side, citing Network Automation and Matt Cutts' blog post/video, the judge rejects the plaintiff's claims over keyword metatags because Google ignores them. But then the judge launches these groaners:
"there is no evidence in the record that use of the term AR Pillow in Google or other search engine currently leads to defendant's website"
"Consumers who search for AR Pillow today are not presented with defendant's website in the rankings"
Oh god, not this again. Please, let's kill this meme RIGHT NOW. Relative placement of search engine results is a HORRIBLE way to evaluate trademark disputes. First, as I explain here, the junior user doesn't control placements--the search engines do. Second, in my post on the Bitchen Kitchen litigation, I explain technological reasons why this is a terrible idea, including search results personalization, the fact that results change minute-by-minute, and the fact that different search engines rank their results differently. Judges, I beg you, please don't go down this wormhole.
8 Comments | Leave a Comment..
Posted on Techdirt - 24 January 2012 @ 7:34pm
In my long-running series of litigants saying one thing in court and another when talking to their friends online, consider this from a worker's comp case after a refrigerator fell on Clement:
The first issue Clement raises in his brief is whether pictures of him that appeared on Facebook and MySpace should have been admitted into evidence. He complains that the pictures “are a disgrace to the dignity of the workers' compensation proceedings and the legal system” and have nothing to do with his medical treatment....
We find no abuse of discretion in the allowance of the photographs. Clement contended that he was in excruciating pain, but these pictures show him drinking and partying. Certainly these pictures could have a bearing on Clement's credibility, albeit a negative effect that Clement might not wish to be demonstrated to the ALJ or the Commission. We hold that there was not an abuse of discretion in allowing the photographs.
Now that Facebook can do facial recognition, it should next develop a tool to detect photos depicting alcoholic drinks and give users a way to automatically opt-out of those photos!
Prior blog posts in this series:
* YouTube Video Impeaches Witness' Credibility--Ensign Yacht v. Arrigoni
* Facebook Entries Negate Car Crash Victims' Physical Injury Claims
* Contrary MySpace Evidence Strikes a Litigant Again--HAC, Inc. v. Box
* MySpace Postings Foil Another Litigant--Sedie v. U.S.
* Disturbingly Humorous MySpace Posts Used as Impeaching Evidence in Spousal Abuse Case--Embry v. State
* Latest Example of Social Networking Site Evidence Contradicting In-Court Testimony--People v. Franco
23 Comments | Leave a Comment..
Posted on Techdirt - 16 January 2012 @ 11:03pm
We've seen some pathetic trademark lawsuits this year (SUE MOAR KALE, anyone?), but I'll nominate this long-running litigation money-sink (going over 3.5 years) as the saddest trademark case of 2011.
Fancaster registered its mark in 1989 for broadcasting services, and over the years it's been used in connection with a range of services, "including selling Fancaster branded radios, charging customers to watch closed circuit boxing matches, producing karaoke shows, transmitting sponsored news messages to wireless pagers and cell phones, and conducting live demonstrations of FANCASTER broadcast services" (cites omitted).
In 2006, it launched Fancaster.com to broadcast short sport-related video clips. It hoped to cover such must-see events "as La Tomatina in Spain, Ostrich racing in Arizona, the Westminster Kennel Club Dog Show and the annual Nathan's Hot Dog Eating Contest." Rather than advertise the website on the Internet (you know, where people who enjoy content online might already be), they were seeking out untapped Internet enthusiasts by "marketing the website at sporting events, bars, on local television channels in Sioux Falls, South Dakota and Sioux City, Iowa, on radio stations in Charleston, South Carolina, and via flyers and handbills."
Meanwhile, in 2008 Comcast rolled out a service called fancast.com "that allowed users to watch full-length premium mainstream media over the Internet." The service was a debacle, losing $80M in less that 2 years due to “the unexpectedly high cost of distributing video content on the internet.” (Even though Comcast acquired bandwidth at wholesale rather than retail costs... how much would it have cost non-carriers to launch competitive services?). In March 2011, Comcast shut down the Fancast service and rolled the domain name over to XfinityTV.
With the overlap between the Fancaster and Fancast names, one possibility is that Comcast blatantly ripped off the name of a small startup who wouldn't want to tangle with a giant, thereby creating "reverse confusion" where everyone thinks first-mover Fancaster infringes second-comer Comcast. But another story equally fits these facts: Fancaster is doing a little trademark trolling, seeking to increase Comcast's $80M of losses by grabbing some gravy for itself. (Some gravy indeed: Fancaster's damages expert thought it would take $73M of corrective advertising to fix Comcast's damage to a brand that has no market awareness outside of Sioux City.)
It's a sad commentary on our milieu when we can't tell which litigant is bullying the other. Maybe *both* parties are equally imbibing the bullying elixir. Fancaster initially unleashed the litigation hounds, but Comcast responded with a hailstorm of countermoves, including an ACPA counterclaim for a slew of "fancast" domain names Fancaster registered after learning about Comcast's upcoming launch. A lot of lawyers appear to have satisfied their billable hour goals using this case. Yay for free-spending, deep-pocketed clients!
The court resoundingly thumped Fancaster's core argument about consumer confusion, miraculously finding a way to twist all of the factors to Comcast's favor. The judge may have cut some analytical corners, but that says the judge simply didn't accept Fancaster's narrative.
The court specifically rejected the possibility of initial interest confusion, citing 3rd Circuit precedent that basically limited IIC to competitors, because the parties didn't directly compete. The court also dismissed Fancaster's efforts to show overlaps in search engine results, saying "the confusion one encounters on an Internet search engine is a twenty-first century version of that experienced when searching the phone book." (I am going to be doing some work this quarter to show that the initial interest confusion doctrine almost never succeeds in court any more, and therefore it imposes costs on both litigants for no gain. This case is just one example of that.)
The court also scoffed at Fancaster's request for $73M for corrective advertising:
There is not a shred of evidence of any damage to the Fancaster mark caused by Comcast. The only loss to Fancaster that Mr. Krueger could testify to was that resulting from pursuing the instant litigation against Comcast.
Comcast had survey expert Hal Poret do two surveys. The court tossed the first one because it didn't adequately replicate market conditions by not presenting consumers with a navigable website:
use of a printout and static screenshots, instead of live websites, provide ample grounds on which to exclude the March 2009 survey. For one, it is difficult to fathom how presenting a respondent with a paper printout of the FANCAST homepage in anyway replicates how an Internet user would encounter and perceive the FANCAST website in the marketplace. Websites, particularly those that offer video content, are meant to be viewed on a computer and allow consumers to browse and interact with them via hyperlinks. The FANCAST printout offered none of these aspects. Similarly, although viewed on a computer, the static screenshots of the fancaster and control website homepages did not allow respondents to interact with them as they ordinarily would in the marketplace.
I haven't researched this issue, but this ruling may tell us something important about the requirements for consumer surveys when websites are involved.
This ruling eviscerated Fancaster's case, making it a strong win for Comcast, but it left a few residual legal issues open. Yet, the legal battle has been mooted by the passage of time. Comcast already stopped using Fancast as a brand, and Fancaster still hasn't shown a lot of movement towards developing a real business or even a revenue model. Are the parties really going to spend more money on a pointless lawsuit? We all know what the answer should be; let's see how they actually answer.
For more on the case, see Rebecca Tushnet's 43(B)log .
11 Comments | Leave a Comment..
Posted on Techdirt - 21 December 2011 @ 3:42pm
Because Facebook does so many things that aren't in users' interests, their "Sponsored Stories" program barely registers. Nevertheless, Sponsored Stories demonstrates why many people are burned out on Facebook. Facebook collects user preferences through its semantically ambiguous "like" button and then uses that data to show ads to the users' friends with a seeming endorsement. Using my preferences does little to advance my relationship with my friends, but the implicit endorsement is designed to get my friends to investigate the ads, increasing the advertiser's credibility and Facebook's profits. So Sponsored Stories creates a zero-sum game: I, as a user, probably don't get any value from the public presentation of my implicit endorsement (if anything, it might hurt my position with my friends), but Facebook and its advertisers benefit from it.
My response to Facebook's roll out of Sponsored Stories was swift and decisive: I don't "like" any businesses on Facebook or do any other activities on Facebook that I believe can trigger a Sponsored Story. (I would also categorically opt-out of being a part of Sponsored Stories if Facebook actually let me decide what I want to share with my friends, but Facebook doesn't). Instead, if I want to make a commercial recommendation to my friends--something I do occasionally--I just share it directly in my status report. That way, I control the message I deliver to my friends, instead of letting Facebook or advertisers control how they communicate my interest to my friends. And the zero-sum nature of Facebook's offering drives a deeper wedge into my relationship with Facebook, making me less willing to use Facebook generally and more receptive to alternatives.
To me, this marketplace response is adequate. To plaintiffs' lawyers in Fraley v. Facebook, however, Sponsored Stories gives another reason for a litigation fiesta. Remarkably, unlike so many other "privacy" lawsuits against Internet companies, this lawsuit survives the motion to dismiss--dramatically increasing the odds that Facebook will be writing a check for this so-called "feature."
This is a rich and interesting opinion by Judge Koh (embedded below) that has something for everyone to "like" (or dislike). Some of the highlights:
Article III Standing
In a ruling that bucks a mini-trend, Judge Koh upholds the case from an Article III standing challenge. She says that violation of a statutory right (in this case, California's publicity rights statute) automatically satisfies the actual harm requirement of Article III standing. The plaintiffs also satisfied the "particularized" and "concrete" requirements of Article III by explaining how the Sponsored Stories feature used their information.
She explicitly distinguishes numerous defense-side Article III wins (including her own recent iPhone application litigation and Low v. LinkedIn decisions) by noting the particular nature of the plaintiffs' publicity rights claim. In this case, unlike the others, the plaintiffs are claiming that their endorsement had commercial value to help sell goods to others, compared to the situation in the prior cases where the commercial value of a user's data came from theoretically improved marketing to the user him/herself. She says:
Plaintiffs here do not allege that their personal browsing histories have economic value to advertisers wishing to target advertisements at Plaintiffs themselves, nor that their demographic information has economic value for general marketing and analytics purposes. Rather, they allege that their individual, personalized endorsement of products, services, and brands to their friends and acquaintances has concrete, provable value in the economy at large, which can be measured by the additional profit Facebook earns from selling Sponsored Stories compared to its sale of regular advertisements.
She says later:
Plaintiffs assert that they have a tangible property interest in their personal endorsement of Facebook advertisers’ products to their Facebook Friends, and that Facebook has been unlawfully profiting from the nonconsensual exploitation of Plaintiffs’ statutory right of publicity. Thus, in the same way that celebrities suffer economic harm when their likeness is misappropriated for another’s commercial gain without compensation, Plaintiffs allege that they have been injured by Facebook’s failure to compensate them for the use of their personal endorsements because “[i]n essence, Plaintiffs are celebrities—to their friends.”
Clearly, Judge Koh is making a tricky intellectual move, and I bet it's going to make some privacy advocates unhappy. There is unquestionably a street value to data about a person to improve the marketing to that person, just as there is unquestionably commercial value in gaining an endorsement from a consumer. It's awkward to recognize one value and not the other. (Of course, in many of the precedent cases, there was only the possibility of data leakage; there wasn't actually a showing that any marketer had bought the leaked data for commercial reuse).
However, Judge Koh's fancy footwork rips open only a very small hole in the Article III jurisprudence. Her exception only applies where there's a statutory publicity rights claim, and only when the defendant made a commercially-motivated endorsement. I'm sure we'll see plaintiffs advance claims to take advantage of this ruling, but few plaintiffs will be able to style their claims accordingly.
In another tricky intellectual move, Judge Koh distinguishes Cohen v. Facebook, which dismissed a publicity rights claim based on Facebook's "Friend Finder" service, because this case showed a more direct connection between the friend's endorsement and the commercial value derived by Facebook. She also implies the lawyers did a better job here than in Cohen. I didn't fully understand this distinction other than Judge Koh's desire to reach a different result without disturbing the Cohen precedent.
47 USC 230
Facebook's 230 defense is tricky. First, it seeks to invoke the defense against a publicity rights claim, which the 9th Circuit said was possible in Perfect 10 v. ccBill in a controversial statutory reading that has been rejected by every other court outside the Ninth Circuit. Judge Koh doesn't touch that issue.
Second, Facebook seeks 230 protection for the ad copy it created automatically. The ad is based on a user action, the "Like," plus various pieces of user content, but Facebook assembles it all into a package that the user never sees, blesses or necessarily even wants. We've had some other cases upholding 230 when a service provider is so intimately involved with creating the final content, such as the Carafano case, but Facebook is clearly playing at the edge of the statutory immunity.
Judge Koh rules that Facebook is over that line and doesn't get the immunity. Unfortunately, she does so by saying that Facebook is partially the information content provider of the ads in question. She references the dispositive allegations:
Plaintiffs allege that Facebook creates content by deceptively mistranslating members’ actions, such as clicking on a ‘Like’ button on a company’s page, into the words “Plaintiff likes [Brand],” and further combining that text with Plaintiff’s photograph, the company’s logo, and the label “Sponsored Story.” ... Plaintiffs allege that they themselves have no control over whether to post a particular company’s name or logo, and that Facebook maintains sole control over whether to display a Sponsored Story at all.
Personally, I'd be much more sympathetic to Facebook's position if users had the specific ability to "like" a business page without simultaneously authorizing the Sponsored Story. Because Facebook's controls are insufficiently granular, Facebook automatically interprets a "like" as both a statement of user attitudes and as a green light to create the Sponsored Story. In contrast, imagine that when a user "liked" a business page, Facebook prepared the ad copy for the Sponsored Story, presented it to the user, and asked the user if the user wanted to publish the ad copy to his/her friends. At this point, I would feel much more strongly that the ad copy really was the user's words. Naturally, Facebook doesn't give users this level of control over the words being put into their mouths.
On the other hand, consider an alternative example where a website both publishes UGC on its site and then syndicates the content to third party sites. It's my position that the website gets 230 for both acts of publication, even if the user never expressly green-lighted the syndication (so long as the user-to-website license permitted the syndication). See, e.g., Prickett v. infoUSA. Based on Judge Koh's explication, I'm not exactly sure why Facebook crossed the 230 line while some of these other situations probably don't.
Facebook responded that its activities didn't make it a content provider but just represented traditional editorial functions. The court rejects the argument, citing this allegation:
Plaintiffs allege not only that Facebook rearranged text and images provided by members, but moreover that by grouping such content in a particular way with third-party logos, Facebook transformed the character of Plaintiffs’ words, photographs, and actions into a commercial endorsement to which they did not consent.
In the context of this case, I see her point. Sadly, the opinion's wording will give false hope to a slew of plaintiffs who will argue that the website's presentation of third party content constituted some type of unauthorized endorsement. It will take a few cases to burst the plaintiffs' bubbles about a new exception to 230.
The Statutory Publicity Rights Claim (CA Civil Code 3344)
Facebook took a few cracks at the claim, all of which were unsuccessful:
Newsworthiness. The publicity rights statute does not restrict using someone's personality "in connection with any news." This is a backdoor First Amendment defense, as what constitutes news tracks First Amendment jurisprudence on "matters of public interest." This defense seemed like a hail-mary for Facebook--a user "liking" a page is clearly "new" information to the marketplace, but it's not "news" in either the traditional or First Amendment sense. The court seems unimpressed, saying that even if a user "liking" a commercial product is news to that user's social network, using that information commercially drops out of the exception. I wasn't persuaded by the judge's distinction here, but then again Facebook's argument about what constituted "news" was obviously tendentious.
I was a little disappointed that Judge Koh sidestepped some interesting lurking issues about what is "news" in the modern environment, where all of us are publishers to our local communities and we as publishers can have significant clout in a small community. Some academic literature in the 1990s discussed these issues in the Internet context, but it might be worth revisiting as a paper topic. Judge Koh also sidestepped the intellectually interesting issue of whether opinions about marketplace goods are "newsworthy," something that I strongly believe to be the case in the context of anti-SLAPP laws.
Injury. Facebook argued that non-celebrities have to show economic injury as part of their 3344 prima facie case. The court rejects this distinction, saying "[i]n a society dominated by reality television shows, YouTube, Twitter, and online social networking sites, the distinction between a “celebrity” and a “non-celebrity” seems to be an increasingly arbitrary one." Furthermore, the plaintiffs did allege injury by showing that their endorsements were valuable to Facebook, which helps distinguish this case from the Cohen "Friend Finder" precedent. I liked this quote:
While traditionally, advertisers had little incentive to exploit a non-celebrity’s likeness because such endorsement would carry little weight in the economy at large, Plaintiffs’ allegations suggest that advertisers’ ability to conduct targeted marketing has now made friend endorsements “a valuable marketing tool,” just as celebrity endorsements have always been so considered.
For more on this point, see my Online Word of Mouth paper.
Unfair Competition Law (UCL)
Normally, we'd expect the UCL claim to be tossed because the plaintiffs can't make the required showing that they lost "money or property." Numerous Internet privacy cases have reached that conclusion. Judge Koh makes the same intellectual move she did with Article III standing, saying that publicity rights are different than other privacy torts. She says: "[t]o the extent Plaintiffs allege they can prove that their endorsement of commercial products to their Facebook Friends has concrete, quantifiable value for which they are entitled to compensation, the Court finds that Plaintiffs have properly alleged loss of money or property for purposes of establishing standing under the UCL." I wonder if plaintiffs can make that showing because there's no existing market for consumer-to-consumer endorsements, but it's enough to survive the motion to dismiss. In particular, she says California's statutory damages for publicity rights violations aren't enough to demonstrate the value of the endorsements.
Judge Koh also concludes that plaintiffs properly alleged that Facebook's activities were unlawful, unfair and fraudulent (in the latter case, because Facebook allegedly overclaimed users' abilities to opt-out of Sponsored Stories).
Recent caselaw makes it even clearer that there's no separate cause of action for unjust enrichment; instead, it's just a synonym for restitution. As a result, the court tosses this claim.
This is not a good ruling for Facebook, but I can't really feel too sorry for it. Facebook has been playing fast-and-loose with the law in many different contexts (see, e.g., its FTC bust), and Sponsored Stories is no different. Before rolling it out, Facebook surely knew that the Sponsored Stories offering was on murky legal ground. It can't be surprised that it didn't get an easy dismissal.
Even so, if it gets that far, Facebook may yet win this case. Judge Koh has made it clear that she's a tough customer, but Facebook has plenty of power to its remaining arguments. Nevertheless, I'm reasonably confident it won't get that far. Given the importance of maximizing ad revenues and its desire to clean up legal issues in advance of an IPO, it seems more likely that Facebook will cut a deal with plaintiffs' counsel. I imagine Facebook might try to do a settlement like the Facebook Beacon settlement that results in minimal restrictive covenants, a chunk of money into the lawyers' hands, and a chunk of money that doesn't get into users' hands but instead goes into something like Facebook's privacy foundation.
Read More | 5 Comments | Leave a Comment..
Posted on Techdirt - 9 December 2011 @ 7:39pm
Sen. Wyden and Rep. Issa have released a draft of OPEN: Online Protection & ENforcement of Digital Trade Act, intended as an alternative to SOPA/PROTECT-IP. See my prior posts opposing SOPA and linkwrapping the discussion. Unlike SOPA's disgustingly blatant rent-seeking, which was such an over-the-top abuse of the legislative process that it did not (and could not) support a principled or even intelligent conversations about it, OPEN provides a useful starting point for a sensible conversation that could actually lead to acceptable compromises. For that reason alone, I think Congress should immediately stop all work on SOPA/PROTECT-IP and redirect that energy towards vetting this proposal. Having said that, for reasons I'll explain in a moment, I continue to believe the assumptions underlying SOPA/PROTECT-IP and OPEN are misguided, meaning that forging a compromise from OPEN's more sensible proposal may be tricky.
Before I get further into substance, two process notes:
First, SOPA was the product of rent-seekers who were talking only amongst themselves and legislators tethered to their campaign contributions. The drafting process was disturbingly closed-door and exclusionary, exactly the kind we wish didn't take place in our representative democracy. In contrast, the OPEN sponsors want to have a dialogue about their ideas. In support of that, they have posted the draft to a website that allows comments and discussion. This is the way our democracy SHOULD work. Why is such an open process the exception instead of the rule?
Second, OPEN is a comparatively svelte 18 pages focused mostly on one core concept, compared to SOPA's 78 page monstrosity that advanced about a dozen different substantive proposals. I can't tell you the number of times I've seen very smart people stymied to keep all of SOPA's moving parts separate, and the failure to do so meant that they were conflating different parts of the statute in ways that prevented productive discussion. (Just two examples: the Colbert Report, where Zittrain mostly focused on SOPA's felony streaming provision while his counterpart was mostly talking about the cutoff provisions; and Business Insider's infographic where the felony streaming sanction was presented as a remedy to the cutoff provisions.) By reducing the number of topics at issue, OPEN substantially reduces the chance that policy discussants will simply talk past each other.
The law contemplates that rightsowners can file a petition against rogue websites at the ITC, an independent federal agency best known for its adjudication of certain patent disputes. In response to the rightsowner's petition, the ITC will conduct an administrative adjudication. If the ITC determines that the website is a rogue website, then (1) the website is required to cease its conduct (not sure how enforceable that is), (2) the site also will be subject to any other unspecified consequences following from its determination as a rogue actor, and (3) most importantly, the rightsowner can take the ITC determination to payment service providers (PSPs) and ad networks and have them cut off the flow of money to the rogue website. The PSPs and ad networks would be protected by several immunities for trying to comply with the orders or their other efforts to protect the public.
This makes OPEN similar to SOPA in that it seeks to cut off funds flowing to rogue actors. However, among other key differences, PSPs and ad networks have no legal obligations until the ITC makes a ruling. In contrast, SOPA imposed cutoff obligations on PSPs and ad networks based merely on rightsowners' unsubstantiated assertions.
Substantively, some of the things I liked about OPEN:
* it situates the discussion about "rogue websites" in foreign trade policy. This fixes SOPA's overinclusive application to both domestic and foreign actors. However, if we really think rogue websites are a transborder enforcement problem, there are many other trade policy solutions that might be better options to consider—the most obvious being transborder enforcement coordination like the FTC does with its foreign counterparts.
* OPEN doesn't touch the domain name system or search engines. SOPA had the potential to destroy the DNS and to jeopardize search engine functioning. OPEN sidesteps both pitfalls.
* OPEN builds in some due process before any formal legal obligations attach. As we've recently seen, due process is actually quite important, and we suffer from its absence. I say "some" due process because I'm not sure how much due process will attach in practice. For example, I have some concerns about the notice provision--not every targeted website will receive notice of the ITC investigation. However, I did like that any website the ITC labels as rogue can correct any identified problems, reapproach the ITC and ask it to remove the "rogue" determination.
* the definition of rogue website is tightened up substantially. It requires three elements:
a) a "non-domestic domain name," which requires that the registry, registrar and registrant all have to be located outside the US (I'm not sure what "located" means in this context). Venkat asked me what happens to a .com registered with a foreign registrar; I believe OPEN does not apply to this domain name.
b) conducting business in the US; and
c) "has only limited purpose or use other than engaging in infringing activity and whose owner or operator primarily uses the site to willfully engage in infringing activity."
The last element, in particular, is quite restrictive by requiring willful infringement. The meaning of the word "willful" is notoriously murky (see, e.g., the multitudinous Supreme Court cases over the word), so the statute would be improved by using a more detailed synonym. No matter what, though, willful is a high scienter level that should easily exclude most legitimate players. The statute further expressly excludes any sites that:
- follow good notice-and-takedown procedures
- qualify for 17 USC 512 (the DMCA online safe harbors) [this means that the statute sits next to 512 instead of rendering 512 moot like SOPA threatened to do], or
- distribute "copies that were made without infringing a copyright or trademark." I'm not 100% sure what this means. It apparently excludes websites reselling goods covered by the First Sale doctrine. I presume that the exclusion includes sites that sell legitimate knock-off goods, such as replicas of goods that aren't protected by copyrights or trademarks.
* if a PSP or ad network fails to comply with an ITC order, the only consequence is that the DOJ can seek injunctive relief. Rightsowners do not have a private cause of action in those cases. As discussed below, this doesn't eliminate all PSP/ad network exposure to rightsowners, but rightsowners can't introduce evidence of ITC orders in any civil suits they bring against PSPs or ad networks.
* on the trademark side, it expressly limits its applicability to counterfeiting (although there is an erroneous cross-reference in the draft). Presumably, dilution or garden-variety trademark infringement disputes don't qualify under the statute.
What's Not Good
Substantively, some of the things I don't like about OPEN:
* OPEN still contemplates reestablishing a Fortress USA. Fortress USA marginally makes sense regarding the shipment of physical goods across geographic borders. It makes zero sense for digital bits zinging around the borderless network.
* in particular, because OPEN would burden only US-governed PSPs and ad networks, it may drive websites—including legitimate websites who want to reduce their risk of being mistargeted—to shift their business to foreign-based PSPs and ad networks. If lots of businesses make a switch based on these concerns, OPEN could counterproductively result in net financial losses for the US economy.
* similarly, foreign websites can opt-out entirely of the ITC process by consenting to US judicial jurisdiction. I like the idea of an opt-out, but imagine if other countries offered the same quid-pro-quo of allowing US websites to opt-out of some nasty foreign process so long as the websites consent to jurisdiction in their countries. I think we'd be outraged and insulted; which is how I would expect foreign countries to view this quid-pro-quo. Cf. Venkat's recent post on Facebook v. Faceporn. Then again, other countries might think it's a pretty good idea, leading to a proliferation of transborder quid-pro-quo jurisdictional offers.
* designating the ITC to conduct the investigations is a little odd. First, the ITC is an administrative agency, not a federal court. I don't fully understand all of the implications of administrative vs. judicial review, but I believe there are substantial procedural differences that could lead to important substantive differences. Second, the ITC has been gamed in the patent world (see, e.g., my colleague Colleen Chien's research on the ITC explaining how the ITC hears many US company vs. US company disputes), so I fear similar gaming will emerge. For example, a rightsowner chasing a rogue website could simultaneously pursue a domestic court action, a foreign court action and an ITC proceeding. How would these types of parallel proceedings play out in practice? We're still trying to resolve the parallel proceeding problems in patents.
* like SOPA, the bill covers copyright infringement, trademark infringement *and* 1201 circumvention. I don't understand why the circumvention issue is getting equal billing or how often transborder circumventions are a real problem. Seeing how 1201 circumvention lawsuits have devolved into anti-competitive enforcements, picking up the circumvention piece could increase the risk of competitive misuse of the statute.
* like SOPA, the definitions are vague. Consider, for example, the definition of Internet advertising service:
The term Internet advertising service means a service that serves an online advertisement in viewable form for any period of time on an Internet site.
Hmm...what does that mean? Notice that the definition doesn't directly distinguish between third-party ad networks and sites that sell their own ads. I think in practice sites that sell their own ads drop out of the statute, so one possible implication is that more sites will ramp up their own ad sales. (This is doubtful, but just throwing the possibility out there.) I think the focus on "viewable" is interesting; are audio-only ads excluded? And what does it mean to "serve" content? This contemplates a specific technological interaction that I don't fully understand today and will almost certainly evolve over time.
Why I'm Not Enthusiastic About OPEN
Even though OPEN is worth discussing intelligently, unlike SOPA, I believe it's based on two underlying assumptions that aren't fixable.
First, like SOPA, OPEN assumes there is a problem with foreign rogue websites that needs to be solved. I'm not saying there isn't, but the policy discussions have been startlingly devoid of reliable and credible facts demonstrating the nature and scope of the problem.
Instead, the evidence in support of a rogue website "problem" typically consists of two main threads: (a) people are dying from counterfeit drugs, and (b) bad guys are "stealing" our stuff. With respect to the former, I've never seen anything more than ad hoc assertion; but if there's a real problem, counterfeit drugs can be fixed with a highly targeted solution. With respect to the latter, it's hard to give those arguments much credit. After all, all rightsowners' arguments are inherently self-interested: it's in their financial interest to say that they would like to make more money than they are making. It's also in their interest to bemoan broad sectoral changes in the economy as evidence that someone is capturing money they think they are entitled to (and to use rent-seeking to thwart those broad sectoral changes). More importantly, there is lots of evidence that a lot of rightsowners are making a lot of money today, both via the Internet and more generally. So it's hard to break out the quantity of actual economic losses that rightsowners are truly suffering when those claims are intermingled with rightsowners' general rent-seeking efforts.
Therefore, until the rightsowners offer us more than the trumped-up BS already-discredited statistics, I'm still not clear on the problem, how bad it is, how any legislative solution would remediate that problem, and if the collateral consequences of the effort to remediate the problem are greater or less than the problem itself. OPEN does nothing to fill the void of supporting foundational evidence of the problem, so it's hard for me to be enthusiastic about its solution.
Second, and more importantly, attacking the money supply to supposed bad actors remains too blunt an instrument. I may be truly on my own on this point, as many people I respect--including, notably, Rep. Lofgren--are prepared to embrace the policy solution of cutting off money flows. However, by embracing an attack on the movement of money, OPEN replicates one of SOPA's sins. If a player is engaged in legitimate and illegitimate activity and its money supply is cut off, both activities go down the tubes. In contrast, one of the positive aspects of 17 USC 512(c) and (d) is that they require the copyright owner to identify infringing items and target only those items. Giving rightsowners a remedy that would affect an entire site for only some items on the site goes too far.
The OPEN bill tries hard to minimize overbreadth by narrowly defining the targeted websites. Perhaps this definition is narrow enough that there won't be much collateral damage. However, in practice, regulating money flows nevertheless could have pernicious effects in the field. A PSP or ad network drawn into an ITC proceeding frequently will "voluntarily" choose to toss the targeted website before the ITC proceeding reaches its conclusion—even if the ITC proceeding would have rejected the challenge. Furthermore, rightsowners still will send cutoff notices to PSPs/ad networks without filing any ITC petition, and the PSPs/ad networks will often honor them as a way of preempting an ITC proceeding.
What this teaches me (in combination with the Elsevier v. Chitika case) is that PSPs and ad networks need robust statutory immunities which are not based on a notice-and-takedown scheme. On the trademark side, the need for an immunity became clear after the sloppy language in Gucci v. Frontline. On the copyright side, 512 doesn't cover PSPs and ad networks, probably because in a million years the safe harbor drafters never thought PSPs and ad networks would be liable for third party infringing activity in the first place. Now that we've seen copyright law and trademark law creep much further than we could have imagined in 1998, we should plug this liability hole completely. If OPEN proceeds, it should have a broad-based immunity for PSPs and ad networks with the idea that rightsowners are getting a specific remedy against them in the new law.
While OPEN can't really be fixed to resolve my two structural concerns, my hope is that the discussion about OPEN will force rightsowners to provide *credible* evidence of harms that they or consumers are suffering (no more self-serving hype, please), and that such evidence will force us to think carefully about how "rifle shot" solutions (as opposed to shotgun solutions) can ameliorate those harms. If we have a discourse that even slightly resembles this ideal, then OPEN will be successful no matter what final outcome we reach.
75 Comments | Leave a Comment..
Posted on Techdirt - 7 December 2011 @ 12:09am
Groupion provides CRM software as a service (SaaS). Groupon distributes "deal of the day" offers that are typically unprofitable for advertisers and often have the extra "benefit" of causing the advertisers to get trashed on Yelp. Groupion sued Groupon for trademark infringement. I previously blogged on the complaint.
The court denies Groupion's various motions. The court runs through a typical multi-factor likelihood of consumer confusion analysis:
- mark similarity. Calling this factor "critical," the court concludes that consumers can keep the marks separate. The visual depictions of the logos are different, Groupion has one more syllable, and the words are portmaneaus from different inspirations ("coupon" + "group" vs. "groupware" + "companion").
- product similarity. "The parties' products are used for different functions and purposes, and are purchased by different classes of consumers."
- marketing channels. The Internet's commonality is discounted (cite to Network Automation), and the rest of the parties' channels are disparate as you would expect when one company is B2B and the other B2C.
- mark strength. The court says "Groupion" is weak because others are using similar marks in its field and Groupion didn't show evidence of the mark's commercial strength.
- intent. Groupion asserted that Groupon must have selected the mark knowing about it, but Groupion didn't provide any evidence to that effect. Groupon's failure to stop after Groupion's C&D was irrelevant.
- evidence of actual confusion. None of Groupion's evidence "demonstrates instances of actual confusion by its customers regarding the source of its products."
- likelihood of expansion. Groupon bought a mobile apps business, but the court says it will use that to distribute deals, not for intracompany groupware.
- purchaser care. B2B software buyers are careful, as are advertisers.
Thus, the factors point against Groupion's likelihood of success, so the court denies the preliminary injunction, Groupion's motion for summary judgment and motion to cancel Groupion's registered mark. I assume Groupon will view this as an invitation to bring its own summary judgment motion and kill this case. The judge's tone was unmistakable.
11 Comments | Leave a Comment..