Cicilia Barnes’ choice in men was worthy of a Darwin Award. After she broke up with her boyfriend, he created fake personal ads for her on Yahoo and impersonated her on online forums. As the Ninth Circuit described it in Barnes v. Yahoo:
Barnes did not authorize her now former boyfriend to post the profiles, which is hardly surprising considering their content. The profiles contained nude photographs of Barnes and her boyfriend, taken without her knowledge, and some kind of open solicitation, whether express or implied is unclear, to engage in sexual intercourse. The ex-boyfriend then conducted discussions in Yahoo’s online “chat rooms,” posing as Barnes and directing male correspondents to the fraudulent profiles he had created. The profiles also included the addresses, real and electronic, and telephone number at Barnes’ place of employment. Before long, men whom Barnes did not know were peppering her office with emails, phone calls, and personal visits, all in the expectation of sex.
Barnes demanded that Yahoo take the information down, but Yahoo didn’t do so, despite a policy that it would remove fake profiles if the complaining party supported its request with a drivers license. However, attention from the press did get Yahoo to focus, at least for a short while. Again, from the court:
. . . a local news program was preparing to broadcast a report on the incident. A day before the initial air date of the broadcast, Yahoo broke its silence; its Director of Communications, a Ms. Osako, called Barnes and asked her to fax directly the previous statements she had mailed. Ms. Osako told Barnes that she would “personally walk the statements over to the division responsible for stopping unauthorized profiles and they would take care of it.”
Two months later the profiles were still on Yahoo’s site, and Ms. Barnes filed suit against Yahoo in Oregon state court. At that point, the profiles were at last removed.
To pin liability on Yahoo, Barnes need to get past 17 U.S.C. Section 230 and, like so many that came before her, she tried valiantly but unsuccessfully.
However, sometimes imaginative lawyering pays off, and Barnes argued breach of contract, based on the fact that Yahoo had engaged in discussions with her, promised to remove the material, and then failed to do so. The court:
Subsection 230(c)(1) creates a baseline rule: no liability for publishing or speaking the content of other information service providers. Insofar as Yahoo made a promise with the constructive intent that it be enforceable, it has implicitly agreed to an alteration in such baseline. Therefore, we conclude that, insofar as Barnes alleges a breach of contract claim under the theory of promissory estoppel, subsection 230(c)(1) of the Act does not preclude her cause of action.
The takeaway from this case? If you are an online service provider and someone asks you to remove objectionable material, you have two choices: you can refuse to do so and be pretty confident that Section 230 will provide you with immunity; or, if you say you will remove the material, do so, or risk facing the outcome that Yahoo experienced in this case.
We had a great CLE at the BBA on Wednesday evening. The lucky folks who attended received three hours of (almost) nonstop legal info, and we barely scratched the surface of the topics.
I spoke on CDA Section 230, which has seen a great deal of activity lately, and there are no signs it’s slowing down. Below, via scribd.com, are the slides and paper that I prepared for the program.
On January 26, 2009, in what may have been Judge Ralph Gants’ last opinion before departing Suffolk Superior Court for the Supreme Judicial Court on January 29, 2009, Judge Gants ruled on a number of issues in the New England Patriots lawsuit against StubHub.com. The claims are based on the fact that StubHub provides an online marketplace for the scalping of Patriot’s tickets, something that really pisses off the Patriots’ owners, who attempt to exercise a high degree of control over their ticket sales. The Patriots’ various causes of action arise out of their claim that the tickets are a “revocable license” with printed terms, and civil claims related to the Massachusetts anti-scalping statute, G. L. c. 140, Section 185A.
The discussion on 47 USC Section 230 is only a small part of the decision (which addresses a number of defensive theories set forth by StubHub on summary judgment, rejecting most of them) is as follows:
CDA immunity “applies only if the interactive computer service provider is not also an ‘information content provider,’ which is defined as someone who is ‘responsible, in whole or in part,’ for the creation or development of the offending content.” Roommates, 521 F.3d at 1162;47 U.S.C. § 230(f)(3). The Ninth Circuit has interpreted the term “development” as “referring not merely to augmenting the content generally, but to materially contributing to its alleged unlawfulness. In other words, a website helps to develop unlawful content, and thus falls within the exception to section 230, if it contributes materially to the alleged illegality of the conduct.” Roommates, 521 F.3d at 1167-1168. Here, as discussed earlier, there is evidence in the record that StubHub materially contributed to the illegal “ticket scalping” of its sellers. In effect, the same evidence of knowing participation in illegal “ticket scalping” that is sufficient, if proven, to establish improper means is also sufficient to place StubHub outside the immunity provided by the CDA.
The Ninth Circuit Roommates.com decision is, itself, debatable (and the dissent debates it quite credibly). In that case the 9th Circuit (en banc) held that because Roommates.com provided drop down menus that provided choices that violated the Fair Housing Act (children, sexual orientation), Roommates.com had lost immunity under Section 230. The drop down menus, the Ninth Circuit held, turned the web site into the “developer . . . at least in part” of the illegal information.
Although it’s not clear from Judge Gants’ decision, a look at the StubHub site shows that that StubHub fell directly into the Section 230 exception created by the Ninth Circuit. StubHub guides ticket sellers through a series of menu choices (sport/team/date), much in the manner that Rommates.com does. Assuming that the presence of the Patriots in this menu structure induces sellers to engage in illegal conduct by selling the tickets (Judge Gants used the Supreme Court’s copyright infringement decision in Grokster decision to argue inducement), StubHub fell directly under Roommates.com.
One must wonder whether StubHub could obtain immunity under 47 USC Section 230, going forward, by simply eliminating references to the Patriots and allowing sellers to fill in the Patriot’s name in free text. This would be analogous to the “open text box” (as opposed to the drop down menus) that the Ninth Circuit held was protected by Section 230 immunity in Roommates.com. The Patriots would have a difficult time getting past Section 230 if StubHub was purely passive. However, this would be a significant deviation from the system of identifying tickets to sell or buy created by StubHub, and I’m sure would result in fewer sales of Patriot’s tickets.
It’s easy to forget that the Digital Millennium Copyright Act is really two separate laws. One protects publishers from “inadvertent” copyright infringement by creating the “notice-and-takedown” regime that requires copyright owners to demand that publishers take down copyrighted works published by third parties before asserting infringement. The other part of the DMCA is the anti-circumvention rule that generally prevents anyone from from bypassing copy protection schemes.
The Electronic Frontier Foundation (“the leading civil liberties group defending your rights in the digital world”) has published the fifth update to its comprehensive white paper, “Unintended Consequences: Ten Years Under the DMCA.”This 19 page report details the extent to which the DMCA’s anti-circumvention provisions have been used to not to mount legal challenges against pirates who develop technologies to circumvent copy protection, but against consumers, scientists, and legitimate competitors in ways not fully anticipated when the law was passed. The EFF paper provides a comprehensive history of this side of the DMCA, including the famous “Felton/SDMI challenge” incident in 2000 (“bet you can’t defeat this protection. You did? Well, any disclosure of that would violate the DMCA, so put a sock in it”), and the efforts to claim that an end-user license agreement may constitute an access control measure protected by the DMCA. This is a “must read” document for anyone interested in anti-circumvention enforcement under the DMCA.
Articles by Joe Laferrera of my firm, discussing application of the DMCA in the cases of Lexmark International v. Static Control Components, and Chamberlain Group v. Skylink Technologies are linked here and here.
“[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider. … [n]o cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section. . . . . [However this law] shall [not] be construed to limit or expand any law pertaining to intellectual property.”
No provider or user of an interactive computer service shall be treated as the publisher or speaker or any information provided by another information content provider
And –
No provider or user of an interactive computer service shall be liable on account of —
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected
Put simply, this law allows web site operators to avoid liability for certain types of publications on their sites by people outside their control, and to police their sites as they wish.The most obvious example is any kind of bulletin or message board that allows comments by members of the public.The site operator is not the “publisher,” and therefore is not liable for tort claims, such as defamation.
The First Circuit Court of Appeals recently applied this law for the first time in this circuit, in the case of Universal Communication Systems, Inc. (UCS) v. Lycos, Inc. Lycos, the owner of the Raging Bull website, allows the public to discuss the fortunes of public companies.
In 2003, various posters (or possibly the same poster, operating under several different screen names) made disparaging and possibly defamatory comments about UCS on the Raging Bull UCS message board page. UCS sued these individuals under their screen names (in other words, as John Does), but also sued Lycos for publishing these comments. In other words, UCS sued the message board.
Lycos asserted the CDA in defense.After the District Court dismissed based on the CDA, the plaintiff appealed to the First Circuit, which published its decision early this year.
To no one’s great surprise, the First Circuit held that Lycos was protected by the CDA. The First Circuit rejected a variety of attempts by UCS to penetrate the protection of the CDA: that Lycos was not an “Internet service provider,” that the postings became Lycos’ “own” speech when it didn’t remove them after being notified of their existence by UCS, that Lycos had “constructed and operated” its web site so as to “contribute to the proliferation of misinformation,” and that Lycos had engaged in trademark dilution (the CDA does not protect bulletin boards from intellectual property claims, particularly trademark, trade secret and patent claims).
Lycos had the wind at its back in this case, but this is still an important precedent in understanding the CDA, and the application of this statute by the First Circuit.
Cuban, co-founder of HDNet and owner of the NBA’s Dallas Mavericks, also said YouTube would eventually be “sued into oblivion” because of copyright violations.
“They are just breaking the law,” Cuban told a group of advertisers in New York. “The only reason it hasn’t been sued yet is because there is nobody with big money to sue.”
* * *
Cuban said “anyone who buys that (YouTube) is a moron” because of potential lawsuits from copyright violations.
“There is a reason they haven’t yet gone public, they haven’t sold. It’s because they are going to be toasted,” said Cuban, who has sold start-ups to Yahoo and CompuServe.
The outspoken (to put it mildly) Cuban, billionaire owner of the Dallas Mavericks and Chairman of HDTVcable network has repeated this message loudly and often, both before and after Google’s $1.6 billion purchase offer to YouTube. Many other media sources appear to have picked up the tune, and the media-giant mouthpieces have added to the volume by rattling their sabers, implying that its only a matter of time before this “mother of all lawsuits” is forthcoming.
Don’t believe a word of it. Surprisingly few observers have asked the pertinent question here: do the Supreme Court’s 1995 Grokster decision and the DMCA (the Digital Millennium Copyright Act) protect YouTube from liability for copyright-protected works posted by third parties (third parties being the law’s awkward way of saying someone other than YouTube itself)?
Grokster sets the legal standard for contributory copyright infringement, in this context a product or service (YouTube) that encourages or assists third parties to post infringing works. Based on what I’ve observed, it seems that YouTube has been well advised by some pretty savvy lawyers, and that as a result it has stayed on the safe side of the line defined by Grokster. I’ve read of no evidence suggesting that YouTube has intended its service to be used for infringing works, or that it has done anything to foster infringement. If such evidence existed, you can be sure the media companies would let us know, and they haven’t. We also can be pretty sure that Google carefully vetted YouTube for this issue, and that if it had found adverse evidence, YouTube would still be flying solo.
As to the second issue, the DMCA, this federal law provides a strict “notice and take down” procedure that requires copyright owners to give written notice of an infringing work posted by a third party to the web host, including its precise location (its URL), as part of a demand that the work be “taken down.” There is no suggestion that YouTube has not responded in a timely way to legitimate take-down requests, and in fact the press has reported that YouTube has attempted to develop technologies that can help identify copyrighted works. (If this is true it would weigh even more heavily in YouTube’s favor in evaluating YouTube’s intent for purposes of applying Grokser).
All YouTube needs to do is hire a staff capable of looking at a take-down notice and removing the work at the identified URL. Ten, fifty, maybe a hundred FTEs, perhaps working in India or another low-wage country, should be sufficient, and hence the “whack a mole” metaphor – I can for-see copyright owners being forced to constantly scan YouTube to catch their copyrighted works when they pop up over and over again (posted by different users), and repeatedly provide infringement notices to YouTube. To put it differently, and a bit crudely, every time a copyrighted work pops up the copyright owner would “whack the mole” by sending a take-down notice. Of course, the media companies could themselves hire low-wage foreign workers to scan YouTube, and issue the take-down notices, creating more third-world employment on both sides of the equation. Strange but true …
As an ambivalent owner of an Apple iPod I’ve given a lot of thought to the fact that songs I download from Apple’s iTunes will not play on a portable device other than an Apple iPod. If I want to play my iTunes music collection on another manufacturer’s MP3 player, today or five years from now, I’ll be unable to play the tunes downloaded from iTunes. The Digital Millennium Copyright Act prevents competitors from reverse engineering the protection Apple embeds in these files, and therefore Apple has, in effect, a government enabled lock-in.
The only legal way around this restriction requires users to burn the iTunes songs to a CD and then import (rip) them back into iTunes as MP3 files. This eliminates Apple’s digital rights management (DRM) and “frees” these tunes, but what a hassle and disincentive to buy music from iTunes. Do I do this? Yes. Do I like it? Ah …. (If you’d like to gain a better understanding of how iTunes DRM works and how to avoid it, click here.)
Cory Doctorow has written a scathing editorial in Information Week discussing the policy and legal issues involved in Apple’s DRM program. A few choice quotes from the article:
Reverse engineering is a common practice in most industries. You can reverse-engineer a blender and make your own blades, you can reverse-engineer a car and make your own muffler, and you can reverse-engineer a document and make a compatible reader. . . . But [because of the Digital Millennium Copyright Act] the iTunes/iPod product line is off-limits to this kind of reverse-engineering.
Apple’s competition-proof music makes switching away from its product expensive for Apple’s customers. The world of consumer electronics changes quickly and you’d have to be a fool to believe that no one will ever make a superior portable music player to the iPod.
Steve Jobs really doesn’t care how many CPUs you play an iTune on, or whether you burn a playlist seven or 10 times. He wants you to get locked into iPods, . . .
Read the full article here before you download another tune from iTunes. You may conclude that you still have no choice, but at least you’ll have a better understanding of your predicament.
One of the risks of sending a legal demand letter to someone in the Internet age is that they will post it on the web and ridicule you. That’s what happened when the Baker & McKenzie law firm sent the very popular web site Boing Boing a letter warning it not to broadcast the World Cup competition, and containing the ominous threat that it would have its “agents actively monitor your website and others to identify unlawful activity.” Boing Boing published the letter here. (The letter is an image, so you may have to print it to read it).
Is a preemptive strike like this legally effective? Almost certainly it is not, except as a warning to the web site owner itself not to publish video or audio from the Cup. However, no sane, established web site owner would do so even without such a warning, since the site owner would risk significant damages (and particularly “statutory” damages – aka punitive damages) of up to $150,000 per infringement ). The far greater likelihood is that a third party will publish the audio or video (on a video site such as YouTube.com, for example, where videos of the Cup continue to be rampant), and that it was publications of this nature that Baker & McKenzie was targeting.
However, the owners of the World Cup broadcast rights must give notice after the fact under the strict procedures described in the DMCA (at least in the U.S., where Boing Boing is based). A preemptive, “before the fact” letter gives the copyright owner no greater rights than if it had not sent it at all. The owner of the Cup broadcast rights would still have to go through the “after the fact” notice and “take down” procedures mandated by the DMCA.
Back to my original point, when you send these demand letters (which by their nature often are extreme examples of “lawyer-speak”), you do risk public ridicule on the Web, and people will often try very hard to effect this. One of my all-time favorite examples of this is “The Rocket Formerly Known as Black,” which is quite funny, and seems to have taken on a life of its own.
An interesting article in Business Week on the copyright issues raised by YouTube’s tremendous success.
When YouTube Inc. was sued on July 14 for copyright infringement, the shock wasn’t that the video-sharing service was being yanked into court. Questions had been swirling for months about whether the upstart, which now dishes up 100 million daily videos, was crossing copyright boundaries by letting its members upload videos with little oversight. continue . .
YouTube has a strong answer to this complaint based on the Digital Millennium Copyright Act (pdf file), which allows publishers like YouTube to avoid copyright liability for infringements posted by third parties, so long as an infringement is taken down after notice to the publisher.
[Update: this case was affirmed by the First Circuit in 2007; link here]
Massachusetts Lawyers Weekly reports, on the front page of its October 31, 2005 issue, that Federal District Court Judge Robert Keeton has dismissed, under the Communications Decency Act, claims that Lycos was responsible for third-party defamatory postings on Lycos’ Raging Bull website. The case is Universal Communications Systems, Inc. v. Lycos, Inc. Apparently there is no written decision from Judge Keeton.
The idea that a web site is not liable for defamatory postings is not, I repeat not, news. The Communications Decency Act provides:
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
Translation: A web hosting service that permits third parties to post on its site is not the publisher or speaker of that information, and therefore cannot be liable for defamation posted by the third party.
This may be the first decision applying this law in Massachusetts, but it’s old news everywhere else. Cases across the country have uniformly interpreted the CDA to immunize ISPs and web hosts accused of defamation posted on their sites by third parties.
Communications Decency Act. Traffic Power.Com has sued Aaron Wall, owner of the Search Engine Optimization Blog, alleging defamation and misappropriation of trade secrets.
Assuming that the offending material was not written by Wall himself (but rather by one of his posters), the defamation claim against him is likely to be barred by the federal Communications Decency Act (CDA), which provides in part:
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
If Wall is not the publisher or speaker of the offending words, he cannot be liable for their publication on his blog.
Although the term “interactive computer service” (ISC) is poorly defined, the courts have held that it includes not only traditional ISPs, but also web site hosts such as AOL. It’s hard to see why the definition shouldn’t extend to blog site owners.
Assuming that Wall is found to be an ISC, he’s halfway home. A number of courts have held that the law protects ISCs from defamation claims.
Immunity for trade secret misappropriation is more problematic. The CDA provides that “[n]othing in this section shall be construed to limit or expand any law pertaining to intellectual property.” However, the law fails to define “intellectual property.” While the three traditional branches of IP are unquestionably covered by this provision (patents, copyrights and trademarks, all of which are federal IP rights), it’s not clear whether trade secrets, which are a construct of state law and which have elements that lend themselves to both intellectual property analysis and tort analysis, will be treated as “intellectual property.”
Thus, this case has the potential to answer two important questions: are bloggers covered by the CDA, and does liability for trade secret claims fall within the CDA? Stay tuned….
This site is hosted by Gesmer Updegrove LLP, a technology law firm based in Boston, Massachusetts. You can find a summary of our services here. To learn how GU can help you, contact: Lee Gesmer
