Court Refuses To Issue Injunction Stopping Secret Web Spycams From Running On Rental Laptops

from the really? dept

A couple months ago, we wrote about the class action lawsuit from a family who discovered that the company from whom they had rented a laptop, Aaron’s, had secretly installed spying software that would surreptitiously turn on the laptop’s webcam, take pictures, and send them back to the company. That seems like a pretty big privacy issue, and a no brainer for the judge in the case to issue an injunction, getting the company to stop using such software until the case is sorted out.

But, no such luck. The judge refused to order an injunction, pointing out, first of all, that the people suing no longer had that laptop, so there was no additional harm to them. As for everyone else in the class, there’s this stunner of a line from the judge:

Moreover, it is purely conjecture that the other members of the putative class will be subjected to remote access of personal information.

That doesn’t make sense to me at all. If they’re not subject to remote access, then such an injunction wouldn’t matter anyway. Yet, if they are subject to the remote access, then the injunction can help. In other words, the judge’s logic is backwards: it might not happen, so let’s not try to prevent it? The court could still issue the injunction — and if people aren’t subject to that kind of remote access to their personal information, then nothing would happen.

Separately, the judge suggested that the family has a weak case, because the CFAA computer hacking law they’re relying on requires interception of electronic communications… and the court isn’t sure that snapping a photo of you captures electronic communications. That certainly does raise an interesting legal question. I’m not a fan of the CFAA, but if you’re just spying on someone via a webcam, is that the same thing as spying what’s on their desktop? I think the common sense solution is that of course both should be seen as violating the law… but it is a unique situation.

I’m not the only one surprised and confused by this. Internet lawyer Venkat Balasubramani was surprised as well:

Yikes! Privacy class actions seem out of control to me, but I’ll admit even I was surprised by this result. I’m equally surprised that the Aaron’s-affiliated defendants did not all just stipulate to suspending use of the software until things were sorted out. (Aarons, Inc. did, but its franchisee Aspen Way did not. In fact, Aspen Way did not participate in the hearing, which makes the denial of injunctive relief all the more perplexing.) Setting aside whether the court was correct in its view of the merits of the case, the court takes an unduly restrictive view of the facts when it states that no “interception” of an electronic communication occurred because there was no evidence that Mr. Byrd was online or communicating with someone else when the image in question was captured. Surely, given the ex-employee’s testimony as to what type of information was viewed through use of the software, it’s fair to presume that the Aspen Way employees are not sitting around making sure that the capture only occurred while the computer user was offline or not communicating with another person.

But seriously, think about what this ruling could mean. It could certainly open up the opportunity for more software products to secretly turn your camera on, claiming it’s fine because there’s no “communication” going on.

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Court Refuses To Issue Injunction Stopping Secret Web Spycams From Running On Rental Laptops”

Subscribe: RSS Leave a comment
48 Comments
Anonymous Coward says:

“But seriously, think about what this ruling could mean. It could certainly open up the opportunity for more software products to secretly turn your camera on, claiming it’s fine because there’s no “communication” going on. “

You are on the right track Mr. Masnick, but you think small.

If private companies can spy on you in your own home, why shouldn’t the government? Say goodbye to your privacy. Freedom of speech is next.

Anonymous Coward says:

Re: The mind boggles...

What if the person renting the laptop and was in the privacy in their own home?

Then add this to the scenario, what if the person was underage and lets say recently got out of the shower and was undressed at the time?

Then will the company be making child pornography? I know that will be a key incentive to stop this.

sheenyglass (profile) says:

Compare to apple store

Separately, the judge suggested that the family has a weak case, because the CFAA computer hacking law they’re relying on requires interception of electronic communications… and the court isn’t sure that snapping a photo of you captures electronic communications

Its interesting to compare this case to the incident with the Apple Store and performance artist taking photos of customers ( http://goo.gl/BQAqa ). obviously the privacy issues are very different, but considering the hacking alone issue, it seems like the relevant facts are similar – both involve remotely activating a webcam and using it to surreptitiously observe and photograph them. If remotely controlling a webcam in this fashion constitutes hacking in one of these incidents it should be considered hacking in both.

ClarkeyBalboa (profile) says:

Re: Compare to apple store

I partially agree that the cases are similar, but i think several points seperate them (at least to me): the Apple incident was being held at a public place, on public computers. The Apple store allowed people to install software onto their computers by potential customers, so i don’t think that should constitute hacking.

sheenyglass (profile) says:

Re: Re: Compare to apple store

I agree that the public/private location of the computer separates the two cases – those factors are what I was thinking of when I distinguished between hacking and privacy issues. I think (and I think we agree) that Aarons violated their customers’ privacy in a pretty egregious manner, while the apple store customers suffered no comparable violation.

My point is just that, regarding the hacking charge (where hacking is classified as an interception of communications), both situations are equally likely to be hacking.

David Liu (profile) says:

Re: Compare to apple store

I would say though, it might depend on the rental agreement. The computers are still technically the rental companies, so it may not really be hacking in this case; plus, the camera software sorta has a “semi-legitimate” use in that they can be used to track down thieves. I know that there have been many cases (shown on Techdirt no less), where a stolen laptop used the webcam to track down and get an image of the thieve, resulting in the retrieval of the item.

ts says:

I wonder if the judge would feel any different if it happened to him… maybe the laptop was in his teenage daughter’s bedroom? Would he actually say that it’s okay for a company to spy on his daughter while she’s changing clothes? Of course not. This should be an open and shut case, and the people responsible for the spying should probably be tried for child porn.

Anonymous Coward says:

Re: Re: Re:

Hoth’s Law of Child Pornography

If ever the words Legality and Privacy should enter the same sentence on the internet, let it be known that within 10 replies of said sentence, one(or more) replies shall attempt to reconcile whatever the topic to being for Child Pornography, or against its censorship.

Anonymous Coward says:

Interception

I think the judge might actually be right about the electronic communication, just having read what’s above. The statute requires interception of an electronic communication. I don’t see where there would be an interception, even if there were an electronic communication. Say that the webcam’s capturing of the picture is an electronic communication. That seems unobjectionable, but where is there an interception? The store ordered the pictures to be taken and transmitted and I don’t see any point when the family had control over the information. If the family never directed the picture to be sent or had any control over it, then I don’t see how there could be an interception.

That being said, this case is disgusting and the store’s behavior is abhorrent. I hope that the family is also suing for the traditional privacy torts as well and this statute. Those would seem to give a better basis for recovery at first glance.

DataShade (profile) says:

Re: Interception

Came here to say this. There’s no interception if the company is initiating and receiving the disgusting, amoral, privacy-invading electronic communication. Which, of course, is the amazing part of the law – attempts to intercept an illegal communication are, themselves, illegal, like how the DMCA’s ant-circumvention clause means that even if a company’s doing something that flies in the face of established law, your attempt to circumvent that makes you a criminal.

New Mexico Mark says:

Computer cameras

Given that malware exists that allows controllers to activate camera and/or microphone, I see any camera or microphone as a way to make any security problem even worse.

In other words, “Ooohh, my computer has a security boo-boo. No worries though, a band-aid will make it aaaallll better.” (Those little round Band-aids are best since the actual lens doesn’t get adhesive on it.)

V says:

Retesting...

Like elderly drivers, judges should be required to take frequent tests on new laws, technology and other issues they might be encountering during the course of a job.

If they fail – like an elderly person who should no longer be driving – they should be stripped of their seat and remanded into remedial education.

Judges who are illiterates in technology are as worthless at judging the issues as they are judging a case in a language they don’t understand.

Tracy says:

Signed Agreement

When you rent something, you usually sign an agreement pertaining to the item being rented. If there is anything in the agreement about the webcam and their monitoring software then there is nothing that can be done. If there isn’t anything in the agreement then the rental company is breaking privacy laws. Even if you buy a laptop, the selling company could have something about webcam monitoring software in the OEM agreement. Make sure to read what you are agreeing to with your signature.

ComputerAddict (profile) says:

Same as School case?

Deja vu?

http://www.huffingtonpost.com/2010/02/18/harriton-high-school-spie_n_467491.html

Like this case the judge should have stopped the use of the software. For any lawsuits over pictures taken from this ruling forward that show personal information, compromising pictures of minors (like them undressing in the school’s case), etc. should include the judge as a defendant.

hmm (profile) says:

well

There’s a very simple answer to this..make sure the company in question is publicly slammed and slammed HARD….

We’ve all seen how public opinion can tip companies like news international into bankruptcy (oh wait thats next week teeheehee!) and a company like Aaron’s will lose MILLIONS as customers turn away….”hey thats the store with the guys that like to masturbate to pictures of their customers children…..I’m off to best buy”……etc

Anonymous Coward says:

They are setting prescedent (sic).....

All those ‘Kinect’ and related camera products that users are putting in their homes, letting the ‘game console’ monitor their activity….

Yep, those devices sending info back to the parent company are not ‘electronic communication’ and when the government starts requesting the footage so they can start ‘looking for those darn copyright thieves’ or ‘hunting terrorists (you know who you are… all you citizens with views that that don’t line directly up with the current government interpretation of the ‘law’).

Sure it’s a crackpot conspiracy theorist point of view, but don’t come crying to me when it actually happens.

Aaron.Walkhouse says:

Not only was the judge right (legally), he was dropping
broad hints on how to go forward in a way that could work.
He cannot say so directly as he’s forbidden from helping.

Firstly, don’t rely on wiretap privacy law where peeping
tom privacy law is more appropriate. Even though a computer
was used through the internet this was more like peeking
through a window than tapping your phone. Somebody has
confused the two and may have said you can’t use the right
approach because the wrong one was rejected.

For your best example of such an approach look up that
recent case where a school was nailed for doing the exact
same thing to it’s students with loaned school laptops
computers. This case has a weaker defence than that one.

Secondly, get the proof. Just because they could spy on
you and you have indications the might have done it, you
still have to bring the judge something he can use, whether
it be proof obtained in the normal course of discovery or
proof that they obstructed discovery to keep evidence out
of your hands. With either you win and if they tried to
hide or destroy evidence instead of letting their lawyer
handle it they not only lose by default, they are in deep
trouble for that second procedural offence.

To do both, put together a class action for a peeping tom
kind of eavesdropping offence so that you can legally
search their offices for proof they spied on any member of
your class and don’t forget to look for signs that they
tried to hide anything at all from the lawyers on either
side. That maximizes your likelihood of success and gives
you the lawful opportunity to pool your resources so your
lawyer can dig more deeply than you can afford alone.

Once the offender sees you will win whether or not he
cooperates he’ll probably beg for a deal.

Funny thought says:

Funny Thought

So I wonder if this will affect the standard of FBI audio interception currently allowed by our US legal system. As many of you may know and doubtless some have not yet heard, the FBI last year won a case for using a persons “On Star” system to listen in on them without getting a wiretap. The judges ruling on limitations? Since the owner of the automobile had specifically not paid for the “On Star” service to be activated the FBI was legally required to pay the bill for the time period. So there you have it they don’t need a warrant to search or eavesdrop on you they only have to pay for the service if you haven’t already activated it. This is why do not purchase cars with these services and in the future when such services are impossible to avoid I will manually disable all such antennas when purchasing new cars. You have already been recorded by rental car companies if you have rented from a US airport in the last ten years for “security purposes” in case the rental agency needs to sue you for damages to their property. Several notices to avoid discussions of proprietary content have been sent via companies and divisions I have worked for concerning the information gathering performed in this manner by rival companies (China).

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...