Attorney Evan Brown

December 1, 2015 Computer Crime, First Amendment

Seventh Circuit sides with Backpage in free speech suit against sheriff

trouble

Backpage is an infamous classified ads website that provides an online forum for users to post ads relating to adult services. The sheriff of Cook County, Illinois (i.e. Chicago) sent letters to the major credit card companies urging them to prohibit users from using the companies’ services to purchase Backpage ads (whether those ads were legal or not). Backpage sued the sheriff, arguing the communications with the credit card companies were a free speech violation.

The lower court denied Backpage’s motion for preliminary injunction. Backpage sought review with the Seventh Circuit. On appeal, the court reversed and remanded.

The appellate court held that while the sheriff has a First Amendment right to express his views about Backpage, a public official who tries to shut down an avenue of expression of ideas and opinions through “actual or threatened imposition of government power or sanction” is violating the First Amendment.

Judge Posner, writing for the court, mentioned the sheriff’s past failure to shut down Craigslist’s adult section through litigation (See Dart v. Craigslist, Inc. 665 F.Supp.2d 961 (N.D.Ill.2009)):

The suit against Craigslist having failed, the sheriff decided to proceed against Backpage not by litigation but instead by suffocation, depriving the company of ad revenues by scaring off its payments-service providers. The analogy is to killing a person by cutting off his oxygen supply rather than by shooting him. Still, if all the sheriff were doing to crush Backpage was done in his capacity as a private citizen rather than as a government official (and a powerful government official at that), he would be within his rights. But he is using the power of his office to threaten legal sanctions against the credit-card companies for facilitating future speech, and by doing so he is violating the First Amendment unless there is no constitutionally protected speech in the ads on Backpage’s website—and no one is claiming that.

The court went on to find that the sheriff’s communications made the credit card companies “victims of government coercion,” in that the letters threatened Backpage with criminal culpability when, à la Dart v. Craigslist and 47 U.S.C. 230, it was unclear whether Backpage was in violation of the law for providing the forum for the ads.

Backpage.com, LLC v. Dart, — F.3d —, 2015 WL 7717221 (7th Cir. Nov. 30, 2015)

Evan Brown is a Chicago attorney advising enterprises on important aspects of technology law, including software development, technology and content licensing, and general privacy issues.

November 9, 2015 Copyright

Digital locker service not liable for copyright infringement based on user download of unlicensed ebook

digital locker

A boon for cloud service providers: Court decision protects locker service from infringement over user’s storage and downloading of unlicensed copy of ebook.

Plaintiff-author granted a license to defendant-digital locker service, authorizing users of defendant’s services to store and download sample copies of plaintiff’s ebook. Plaintiff later terminated the license. On two separate occasions, one of defendant’s customers — who had acquired a sample copy of the ebook during the license period — downloaded her sample copy from defendant’s locker storage service and onto her e-reader device. Plaintiff filed suit, claiming these post-license termination customer downloads amounted to direct and contributory infringement by the file locker service.

Both parties moved for summary judgment. The court granted defendant’s motion and denied plaintiff’s motion.

As to the question of direct infringement, the court relied heavily on Cartoon Network v. CSC Holdings, 536 F.3d 121 (2nd Cir. 2008) to hold that a lack of evidence of defendant’s “volitional conduct” in distributing and reproducing the downloaded copies precluded a claim for direct infringement. Quoting from Capitol Records v. ReDigi, 934 F.Supp.2d 640 (S.D.N.Y. 2013), the court found that defendant “did not have a ‘fundamental and deliberate role,” such that it was transformed ‘from a passive provider of a space in which infringing activities happened to occur to an active participant in the process of copyright infringement.’”

Plaintiff’s contributory infringement claim failed under the “substantial noninfringing uses” test (the “Sony-Betamax Rule”) set out in Sony v. Universal, 464 U.S. 417 (1984). The court held that defendant could not be held liable for contributory infringement because its digital locker systems was capable of substantial non-infringing uses, and indeed was used for commercially significant noninfringing uses.

Smith v. BarnesandNoble.com, No. 2015 WL 6681145 (S.D.N.Y. Nov. 2, 2015)

Evan Brown is a Chicago attorney helping clients in matters dealing with copyright, technology, the internet and new media. Call him at (630) 362-7237, send email to ebrown [at] internetcases dot com, or follow him on Twitter @internetcases

Photo courtesy of Flickr user Alex Thomson under this Creative Commons license.

October 23, 2015 Contracts, Evidence

Want your online agreements to be enforceable? Keep good transaction data.

Chicago internet attorney Evan Brown

A recent court decision underscores the importance of building online e-commerce platforms with the ability to reliably gather information about transactions. The case also says some troubling things about open source.

Plaintiff loaned money in exchange for the borrower assigning its accounts receivable to plaintiff. As part of plaintiff’s services, it provided a platform for its borrower to generate and send invoices to the borrower’s customers. The borrower began generating fake invoices, and one of its customers — the defendant in this case — refused to pay. There was a dispute over whether defendant had accepted or rejected the invoices using plaintiff’s invoice platform.

After a trial, the judge ruled in favor of defendant. The court found that the digital data showing whether defendant had accepted or rejected the invoices was unreliable. The court found credible the testimony of one of defendant’s employees that he never clicked “I agree” on the fraudulent invoices. And there was no good database evidence that he had.

Plaintiff sought review with the Court of Appeal of California. On appeal, the court affirmed, agreeing that the data was unreliable, and further commenting on the problematic use of open source software in plaintiff’s online invoice platform.

The court of appeal found that substantial evidence supported the lower court’s findings. Specifically, it agreed with the lower court’s findings that the defendant’s employee never clicked on the “I agree” button to accept the fraudulent invoices. The court also credited the lower court’s finding that the data was unreliable in part because plaintiff’s website was developed from open source code, and that the developer made untested changes to the software on a weekly basis.

The treatment of the open source aspect is perhaps unfortunate. One unfamiliar with open source would read the court’s opinion as an indictment against open source software’s fundamental reliability:

Open source code is problematic because anonymous people on the internet design it, and “holes” are not fixed by vendor updates. Notifications that there are issues with the code may not go out.

The lack of reliability of the data in this case was not due to the fundamental nature of open source. (We know that open source software, e.g., Linux, powers essential core features of the modern internet.) So it is unfortunate that future litigants may look to this case to argue against vendors who use open source solutions. Fortunately, the case is not citable as precendent (many California Court of Appeal cases are not citable). But the court’s negative treatment of the nature of open source is a troubling example of how a judge may be swayed by a technological red herring.

21st Capital Corp. v. Onodi Tooling & Engineering Co., 2015 WL 5943097 (Not officially published, California Court of Appeal, October 13, 2015)

Evan Brown is a Chicago attorney advising enterprises on important aspects of technology law, including software development, technology and content licensing, and general privacy issues.

Photo by Flickr user bookfinch under this Creative Commons license.

October 12, 2015 First Amendment, Privacy, Right of Publicity

California court okays lawsuit against mugshot posting website

The Court of Appeal of California has held that defendant website operator – who posted arrestees’ mugshots and names, and generated revenue from advertisements using arrestees’ names and by accepting money to take the photos down – was not entitled to have the lawsuit against it dismissed. Defendant’s profiting from the photos and their takedown was not in connection with an issue of public interest, and therefore did not entitle defendant to the relief afforded by an anti-SLAPP motion.

Plaintiff filed a class action lawsuit against defendant website operator, arguing that the website’s practice of accepting money to take down mugshots it posted violated California laws against misappropriation of likeness, and constituted unfair and unlawful business practices.

Defendant moved to dismiss, arguing plaintiff’s claims comprised a “strategic lawsuit against public participation” (or “SLAPP”). California has an anti-SLAPP statute that allows defendants to move to strike any cause of action “arising from any act of that person in furtherance of the person’s right of petition or free speech under the United States Constitution or the California Constitution in connection with a public issue …, unless the court determines that the plaintiff has established that there is a probability that the plaintiff will prevail on the claim.”

The court held that the posting of mugshots was in furtherance of defendant’s free speech rights and was in connection with a public issue. But the actual complained-of conduct – the generating of revenue through advertisements, and from fees generated for taking the photos down – was not protected activity under the anti-SLAPP statute.

Because the claims did not arise from the part of defendant’s conduct that would be considered “protected activity” under the anti-SLAPP statute, but instead arose from other, non-protected activity (making money off of people’s names and photos), the anti-SLAPP statute did not protect defendant. Unless the parties settle, the case will proceed.

Rogers v. Justmugshots.Com, Corp., 2015 WL 5838403, (Not Reported in Cal.Rptr.3d) (October 7, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

October 6, 2015 Defamation, Section 230

Newspaper not liable for alleged defamatory letter to editor published online

The Appellate Court of Illinois has sided in favor of a local newspaper in a defamation lawsuit brought against the paper over a reader’s allegedly defamatory letter to the editor. The court held that the Communciations Decency Act (at 47 U.S.C. 230) “absolved” the newspaper of liability over this appearance of third party content on the newspaper’s website.

Plaintiff — a lawyer and self-identified civil rights advocate — sent several letters to local businesses claiming those businesses did not have enough handicapped parking spaces. Instead of merely asking the businesses to create those parking spaces, he demanded each one pay him $5,000 or face a lawsuit.

One local resident thought plaintiff’s demands were greedy and extortionate, and wrote a letter to the editor of the local newspaper covering the story. The newspaper posted the letter online. Both the newspaper and the letter’s author found themselves as defendants in plaintiff’s defamation lawsuit.

The letter-writer settled with plaintiff, but the newspaper stayed in as a defendant and moved to dismiss, arguing that federal law immunized it from liability for content provided by the third party letter-writer.

The lower court dismissed the defamation claim against the newspaper, holding that the Communications Decency Act (at 47 U.S.C. §230) protected the newspaper from liability for the third party letter-writer’s comments posted on the newspaper’s website.

Plaintiff sought review with the Appellate Court of Illinois. On appeal, the court affirmed the dismissal.

The Communications Decency Act (at 47 U.S.C §230(c)(1)) says that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” The appellate court found that the leter-writer was another information content provider that placed comments on the newspaper’s website. Therefore, it held that the Communications Decency Act “absolved” the newspaper from responsibility.

Straw v. Streamwood Chamber of Commerce, 2015 IL App (1st) 143094-U (September 29, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

September 5, 2015 Computer Crime, Section 230

Washington Supreme Court keeps victims’ lawsuit against Backpage.com moving forward

Plaintiffs – three minor girls – alleged that they were subjected to multiple instances of rape by adults who contacted them through advertisements posted on Backpage.com. Plaintiffs sued the website and its owner alleging various claims.

Defendants moved to dismiss the claims, arguing that Section 230 (47 U.S.C. § 230) shielded the website from liability arising from content posted by the site’s users. The lower court denied the motion to dismiss, finding that the site’s involvement went beyond passive hosting. Plaintiffs had claimed the website’s advertisement posting rules were intentionally designed to aid in evading law enforcement scrutiny, thereby facilitating the illegal trafficking and exploitation of minors. Defendants sought review with the court of appeals, which certified the question to the Washington state Supreme Court.

The Supreme Court affirmed the denial of the motion to dismiss. The court emphasized the necessity for further investigation into the website’s practices to determine the extent of its involvement in the alleged illegal activities. It found that plaintiffs’ allegations suggested that Backpage had specific content requirements and posting rules that, while outwardly appearing to comply with legal standards by prohibiting explicit content, were allegedly crafted in such a manner as to facilitate the concealment of illegal activities, including the sexual exploitation of minors.

J.S. v. Village Voice Media Holdings, LLC, 359 P.3d 714 (Wash., September 3, 2015)

August 17, 2015 Contracts

Court provides guidance on how to effectively communicate online terms of service

Are online terms of service provided via hyperlink in an email binding on the recipient of that email? The Second Circuit recently addressed that question, and the decision gives guidance on best practices for online providers.

Plaintiff booked a trip to the Galapagos Islands using defendant’s website. When she purchased her ticket, she got a booking information email, a confirmation invoice and a service voucher. (It is not clear how plaintiff got the confirmation invoice and the service voucher – the court’s opinion says they were sent as emails, but the PACER record does not show them as emails. In any event, plaintiff did not dispute that she received all three documents, nor did she dispute all three documents contained a hyperlink to defendant’s “terms and conditions” which were available online.)

One evening during the trip, a tour guide allegedly assaulted plaintiff. She sued defendant for negligently hiring and training that tour guide. Defendant moved to dismiss, pointing to language in the online terms and conditions that called for disputes to be heard in Canadian court. The district court dismissed the action, and plaintiff sought review with the Second Circuit. On appeal, the court affirmed. It held that defendant had reasonably communicated the forum selection clause to plaintiff by using hyperlinks and the appropriate language in the terms and conditions.

Each of the documents contained an underlined hyperlink, and accompanying language advising plaintiff to click on the hyperlink. The booking information email contained a standalone provision with the heading “TERMS AND CONDITIONS”. This section stated that “[a]ll . . . passengers must read, understand and agree to the following terms and conditions.” The hyperlink immediately followed. Both the confirmation invoice and the voucher contained a link to the terms and conditions, preceded by “[c]onfirmation of your reservation means that you have already read, agreed to and understood the terms and conditions. . . .”

The actual structure and language of the terms and conditions also served to reasonably communicate the forum selection clause. The second paragraph stated that the terms and conditions “affect your rights and designate the governing law and forum for the resolution of any and all disputes.” Later in the terms and conditions, a standalone section titled “APPLICABLE LAW” provided that all matters arising from the agreement were subject to Ontario and Canadian law and the exclusive jurisdiction of the Ontario and Canadian courts.

The decision validates the notion that an e-commerce provider can rely on establishing valid and binding contracts with its customers without having to actually transmit a copy of the terms and conditions that would apply to the transaction. Though the facts of this case dealt with email, there is no substantive reason why the best practices revealed by the court’s decision would not apply to providers of mobile apps and other online platforms.

Starkey v. G Adventures, Inc., — F.3d —, 2015 WL 4664237 (2nd Cir. August 7, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

August 13, 2015 Privacy

Is the Sixth Circuit willing to recognize a right to be forgotten under U.S. law?

Recent FOIA decision questions the 20-year-old notion that defendants have no interest in preventing release of booking photographs during ongoing criminal proceedings.

The Freedom of Information Act (“FOIA”) implements “a general philosophy of full agency disclosure” of government records. Since the mid-90s, the Sixth Circuit has required law enforcement to turn over booking photographs of defendants while ongoing criminal proceedings are occurring.

Plaintiff sought the booking photos of four criminal defendants from the U.S. Marshall’s office. When the U.S. Marshall refused to turn the photos over, plaintiff filed suit. The district court found in plaintiff’s favor, citing the Sixth Circuit case of Detroit Free Press v. United States Department of Justice, 73 F.3d 93 (1996). Defendant sought review with the Sixth Circuit and, bound by the 1996 decision, a panel of the Sixth Circuit affirmed, ordering that the photos be turned over.

But the panel was far from comfortable in its holding. Although it was bound to follow the earlier Sixth Circuit precedent, it urged the court to consider en banc whether an exception to FOIA applies to booking photographs. “In particular, we question the panel’s conclusion that defendants have no interest in preventing the public release of their booking photographs during ongoing criminal proceedings.”

The general theory behind the current requirement that booking photos be released is that the suspects have already appeared publicly in court, and the release of the photos and their names conveys no further information to implicate a protectible privacy interest. But this panel of the court noted that “[s]uch images convey an ‘unmistakable badge of criminality’ and, therefore, provide more information to the public than a person’s mere appearance.”

Something like a right to be forgotten appears in the court’s discussion of how photos can linger online: “[B]ooking photographs often remain publicly available on the Internet long after a case ends, undermining the temporal limitations presumed” by Sixth Circuit case law that calls for the release of photos during ongoing proceedings.

Detroit Free Press v. U.S. Dept. of Justice, — F.3d —, 2015 WL 4745284 (6th Cir. August 12, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

August 5, 2015 Computer Crime, Litigation, Privacy

Facebook hacking victim’s CFAA and SCA claims not barred by statutes of limitation

Knowledge that email account had been hacked did not start the statutes of limitation clock ticking for Computer Fraud and Abuse Act and Stored Communications Act claims based on alleged related hacking of Facebook account occurring several months later.

Plaintiff sued her ex-boyfriend in federal court for allegedly accessing her Facebook and Aol email accounts. She brought claims under the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (“CFAA”), and the Stored Communications Act, 18 U.S.C. § 2701, et seq. (“SCA”).

Both the CFAA and the SCA have two-year statutes of limitation. Defendant moved to dismiss, arguing that the limitation periods had expired.

The district court granted the motion to dismiss, but plaintiff sought review with the Second Circuit Court of Appeals. On appeal, the court affirmed the dismissal as to the email account, but reversed and remanded as to the Facebook account.

In August 2011, plaintiff discovered that someone had altered her Aol email account password. Later that month someone used her email account to send lewd and derogatory sexually-themed messages about her to people in her contact list. A few months later, similar things happened with her Facebook account — she discovered she could not log in in February 2012, and in March 2012 someone publicly posted sexually-themed messages using her account. She figured out it was her (now married) ex-boyfriend and filed suit.

The district court dismissed the claims because it found plaintiff first discovered facts giving rise to the claims in August 2011, but did not file suit until more than two years later, in January 2014. The Court of Appeals agreed with the district court as to the email account. She had enough facts in 2011 to know her Aol account had been compromised, and waited too long to file suit over that. But that was not the case with the Facebook account. The district court had concluded plaintiff knew in 2011 that her “computer” had been compromised. The Court of Appeals observed that the lower court failed to properly recognize the nuance concerning which computer systems were being accessed without authorization. Unauthorized access to the Facebook server gave rise to the claims relating to the Facebook account. The 2011 knowledge about her email being hacked did not bear on whether she knew her Facebook account would be compromised. The court observed:

We take judicial notice of the fact that it is not uncommon for one person to hold several or many Internet accounts, possibly with several or many different usernames and passwords, less than all of which may be compromised at any one time. At least on the facts as alleged by the plaintiff, it does not follow from the fact that the plaintiff discovered that one such account — AOL e-mail — had been compromised that she thereby had a reasonable opportunity to discover, or should be expected to have discovered, that another of her accounts — Facebook — might similarly have become compromised.

The decision gives us an opportunity to think about how users’ interests in having their data kept secure from third party access attaches to devices and systems that may be quite remote from where the user is located. The typical victim of a hack or data breach these days is not going to be the owner of the server that is compromised. Instead, the incident will typically involve the compromising of a system somewhere else that is hosting the user’s information or communications. This decision from the Second Circuit recognizes that reality, and contributes to the reasonable opportunity for redress in those situations.

Sewell v. Bernardin, — F.3d —, 2015 WL 4619519 (2nd Cir. August 4, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

July 9, 2015 Trademarks

What is required for a website design to be protectible as trade dress?

Plaintiff sued defendant for, among other things, trade dress misappropriation, asserting that plaintiff’s website had a particular look and feel that would convert leads to sales, and that defendant copied the look and feel of the website’s distinctive elements. Defendant moved to dismiss the trade dress claim for failure to state a claim. The court granted the motion.

It found that plaintiff had failed to meet the requirement of pleading how its website’s design was distinctive. It noted that a mere cataloguing of a website’s features does not give defendants adequate notice of a plaintiff’s trade dress claim, especially, when the list of features comprising the trade dress is not complete. Rather, a complaint must “synthesize” how those features combine to create the website’s protectable look and feel. In the court’s view, a complaint that lists only some, but not all, of the features of the plaintiff’s website that the plaintiff believes constitute its trade dress is insufficient to state a plausible claim for trade dress infringement under the Lanham Act.

FC Online Marketing, Inc. v. Burke’s Martial Arts, LLC, 2015 WL 4162757 (E.D.N.Y., July 8, 2015)