Category: Copyright

May 21, 2012 Copyright, Privacy

Social media legal best practices: some problems and solutions with uploading photos and tagging people

Facebook, Flickr, 500px and mobile sharing applications such as Instagram have replaced the hard copy photo album as the preferred method for letting others see pictures you have taken. Now photos are easy to take and easy to share. This easiness makes a number of legal questions potentially more relevant.

Embarrassing photos

Let’s be honest — every one of us has been in photos that we do not want others to see. It may be just bad lighting, an awkward angle, or something more sinister such as nudity or drug use, but having a photo like that made public would cause embarrassment or some other type of harm. Sometimes the law affords ways to get embarrassing photos taken down. To the same extent the law can help, the one posting the embarrassing photo puts himself at risk for legal liability.

Invasion of privacy. If someone takes a picture of another in a public place, or with a bunch of other people, the subject of the photo probably does not have a right of privacy in whatever he or she is doing in the photo. So the law will not be helpful in getting that content off the internet. But there are plenty of situations where the subject of a photo may have a privacy interest that the law will recognize.

  • “Intrusion upon seclusion,” as its name suggests, is a legal claim that one can make when someone has intentionally intruded — physically or otherwise — upon their solitude or seclusion. Surreptitiously taken photos of a person in her own home, or in a place where she expected privacy (e.g., in a hotel room or dressing room) would likely give rise to an unlawful intrusion upon seclusion.
  • “Publication of private facts” is another form of invasion of privacy. A person commits this kind of invasion of privacy by publishing private, non-newsworthy facts about another person in a way that would be offensive to a reasonable person. Posting photos of one’s ex-girlfriend engaged in group sex would be considered publication of private facts. Posting family pics of one’s nephew when he was a kid would not.

Photoshop jobs

Some people enjoy using Photoshop or a similar advanced photo editing application to paste the head of one person onto the body of another. (Reddit has an entire category devoted to Photoshop requests.) This can have drastic, negative consequences on the person who — through this editing — appears to be in the photo doing something he or she did not and would not do. This conduct might give rise to legal claims of infliction of emotional distress and defamation.

Infliction of emotional distress. We expect our fellow members of society to be somewhat thick-skinned, and courts generally do not allow lawsuits over hurt feelings. But when it’s really bad, the law may step in to help. One may recover for infliction of emotional distress (sometimes called “outrage”) against another person who acts intentionally, and in a way that is extreme and outrageous, to cause emotional distress that is severe. Some states require there to be some associated physical harm. A bride who sued her photographer over the emotional distress she suffered when the photographer posted pictures of her in her underwear lost her case because she alleged no fear that she was exposed to physical harm.

Defamation. A person can sue another for defamation over any “published” false statement that harms the person’s reputation. Some forms of defamation are particularly bad (they are called defamation per se), and are proven when, for example, someone falsely states that a person has committed a crime, has engaged in sexually immoral behavior, or has a loathsome disease. A realistic Photoshop job could effectively communicate a false statement about someone that is harmful to his or her reputation.

Copied photos

Since copying and reposting images is so easy, a lot of people do it. On social media platforms, users often do not mind if a friend copies the photos from last night’s dinner party and reuploads them to another account. In situations like these, it’s simply “no harm, no foul.” Technically there is copyright infringement going on, but what friend is going to file a lawsuit against another friend over this socially-acceptable use? The more nefarious situations illustrate how copyright can be used to control the display and distribution of photos.

In most instances, the person who takes a photo owns the copyright in that photo. A lot of people believe that if you appear in a photo, you own the copyright. That’s not true unless the photo is a self portrait (e.g., camera held at arm’s length and turned back toward the person, or shot into the mirror), or unless the person in the photo has otherwise gotten ownership of the copyright through a written assignment (a much rarer situation).

A person who finds that his or her copyrighted photos have been copied and reposted without permission has a number of options available. In the United States, a quick remedy is available under the notice and takedown provisions of the Digital Millennium Copyright Act. The copyright owner sends a notice to the platform hosting the photos and demands the photos be taken down. The platform has an incentive to comply with that demand, because if it does, it cannot be held responsible for the infringement. Usually a DMCA takedown notice is sufficient to solve the problem. But occasionally one must escalate the dispute into copyright infringement litigation.

Some other things to keep in mind

With the protections afforded by free speech and the difficulties involved in winning an invasion of privacy or infliction of emotional distress lawsuit, one can get away with quite a bit when using photos in social media. One court has even observed that you do not need a person’s permission before tagging him or her in a photo.

A person offended by the use of a photo by him or of him may have recourse even in those situations where it is not so egregious as to give him a right to sue. Social media platforms have terms of service that prohibit users from harassing others, imitating others, or otherwise engaging in harmful conduct. The site will likely remove content once it is made aware of it. (I have sent many requests to Facebook’s legal department requesting content to be removed — and it has been removed.) The norms of social media communities play an important role in governing how users treat one another, and that principle extends to the notions of civility as played out through the use of photos online.

Evan Brown is a Chicago technology and intellectual property attorney. He advises businesses and individuals in a wide range of situations, including social media best practices. 

Photo credit: AForestFrolic

May 21, 2012 Anonymity, Copyright

Court tosses copyright claims against 244 accused BitTorrent infringers

Digital Sins, Inc. v. John Does 1–245, 2012 WL 1744838 (S.D.N.Y. May 15, 2012)

Plaintiff Digital Sins filed a copyright lawsuit against 245 anonymous BitTorrent users. The court dismissed the case against all but one of the unknown John Does, finding that the defendants had been improperly joined in one lawsuit. The judge observed that “there is a right way and a wrong way to litigate [copyright infringement claims], and so far this way strikes me as the wrong way.”

Federal Rule of Civil Procedure 20(a)(2) provides that defendants can be joined into one case if, for example, the plaintiff’s right to relief arises out of the same transaction, occurrence, or series of transactions or occurrences, or if there is any question of law or fact common to all defendants.

In this case, the court found that those requirements had not been met. Plaintiff’s allegations that the defendants merely commited the same type of violation in the same way, did not satisfy the test for permissive joinder under Rule 20. There was no basis, according to the court, to conclude that any of the defendants was acting other than independently when he or she chose to access the BitTorrent protocol.

The court went on to find that having all the defendants joined in one action would not give rise to any valid judicial economy. Any such economy from litigating all the cases in a single action would only benefit plaintiff, by not having to pay separate filing fees to sue each defendant. Moreover, trying 245 separate cases in which each of 245 different defendants would assert his own separate defenses under a single umbrella would be unmanageable.

Photo credit: nshontz

February 1, 2012 Copyright, Defamation, Miscellaneous, Privacy, Right of Publicity, Section 230, Trademarks

Six interesting technology law issues raised in the Facebook IPO

Patent trolls, open source, do not track, SOPA, PIPA and much, much more: Facebook’s IPO filing has a real zoo of issues.

The securities laws require that companies going public identify risk factors that could adversely affect the company’s stock. Facebook’s S-1 filing, which it sent to the SEC today, identified almost 40 such factors. A number of these risks are examples of technology law issues that almost any internet company would face, particularly companies whose product is the users.

(1) Advertising regulation. In providing detail about the nature of this risk, Facebook mentions “adverse legal developments relating to advertising, including legislative and regulatory developments” and “the impact of new technologies that could block or obscure the display of our ads and other commercial content.” Facebook is likely concerned about the various technological and legal restrictions on online behavioral advertising, whether in the form of mandatory opportunities for users to opt-out of data collection or or the more aggressive “do not track” idea. The value of the advertising is of course tied to its effectiveness, and any technological, regulatory or legislative measures to enhance user privacy is a risk to Facebook’s revenue.

(2) Data security. No one knows exactly how much information Facebook has about its users. Not only does it have all the content uploaded by its 845 million users, it has the information that could be gleaned from the staggering 100 billion friendships among those users. [More stats] A data breach puts Facebook at risk of a PR backlash, regulatory investigations from the FTC, and civil liability to its users for negligence and other causes of action. But Facebook would not be left without remedy, having in its arsenal civil actions under the Computer Fraud and Abuse Act and the Stored Communications Act (among other laws) against the perpetrators. It is also likely the federal government would step in to enforce the criminal provisions of these acts as well.

(3) Changing laws. The section of the S-1 discussing this risk factor provides a laundry list of the various issues that online businesses face. Among them: user privacy, rights of publicity, data protection, intellectual property, electronic contracts, competition, protection of minors, consumer protection, taxation, and online payment services. Facebook is understandably concerned that changes to any of these areas of the law, anywhere in the world, could make doing business more expensive or, even worse, make parts of the service unlawful. Though not mentioned by name here, SOPA, PIPA, and do-not-track legislation are clearly in Facebook’s mind when it notes that “there have been a number of recent legislative proposals in the United States . . . that would impose new obligations in areas such as privacy and liability for copyright infringement by third parties.”

(4) Intellectual property protection. The company begins its discussion of this risk with a few obvious observations, namely, how the company may be adversely affected if it is unable to secure trademark, copyright or patent registration for its various intellectual property assets. Later in the disclosure, though, Facebook says some really interesting things about open source:

As a result of our open source contributions and the use of open source in our products, we may license or be required to license innovations that turn out to be material to our business and may also be exposed to increased litigation risk. If the protection of our proprietary rights is inadequate to prevent unauthorized use or appropriation by third parties, the value of our brand and other intangible assets may be diminished and competitors may be able to more effectively mimic our service and methods of operations.

(5) Patent troll lawsuits. Facebook notes that internet and technology companies “frequently enter into litigation based on allegations of infringement, misappropriation, or other violations of intellectual property or other rights.” But it goes on to give special attention to those “non-practicing entities” (read: patent trolls) “that own patents and other intellectual property rights,” which “often attempt to aggressively assert their rights in order to extract value from technology companies.” Facebook believes that as its profile continues to rise, especially in the glory of its IPO, it will increasingly become the target of patent trolls. For now it does not seem worried: “[W]e do not believe that the final outcome of intellectual property claims that we currently face will have a material adverse effect on our business.” Instead, those endeavors are a suck on resources: “[D]efending patent and other intellectual property claims is costly and can impose a significant burden on management and employees….” And there is also the risk that these lawsuits might turn out badly, and Facebook would have to pay judgments, get licenses, or develop workarounds.

(6) Tort liability for user-generated content. Facebook acknowledges that it faces, and will face, claims relating to information that is published or made available on the site by its users, including claims concerning defamation, intellectual property rights, rights of publicity and privacy, and personal injury torts. Though it does not specifically mention the robust immunity from liability over third party content provided by 47 U.S.C. 230, Facebook indicates a certain confidence in the protections afforded by U.S. law from tort liability. It is the international scene that gives Facebook concern here: “This risk is enhanced in certain jurisdictions outside the United States where our protection from liability for third-party actions may be unclear and where we may be less protected under local laws than we are in the United States.”

You have to hand it to the teams of professionals who have put together Facebook’s IPO filing. I suppose the billions of dollars at stake can serve as a motivation for thoroughness. In any event, the well-articulated discussion of these risks in the S-1 is an interesting read, and can serve to guide the many lesser-valued companies out there.

January 30, 2012 Copyright, DMCA

Fair use, the DMCA, and presidential politics

The 2012 presidential election cycle is already giving internet law enthusiasts things to talk about. Last week it was Ron Paul’s grumblings about an unauthorized campaign ad on YouTube. Now NBC is moaning about a Mitt Romney ad comprised almost entirely of Tom Brokaw on the Nightly News in 1997.

NBC has asked the ad be pulled, claiming it is a copyright infringement. Smart people are already saying the ad is fair use. It probably is fair use.

And NBC knows that. Romney’s campaign posted the ad on YouTube five days ago, and it is yet to be the subject of a DMCA takedown notice. Though such a notice would be easy to draft and send, NBC is aware that the fallout could be expensive. Section 512(f) of the DMCA penalizes the senders of bogus takedown notices. And the courts have not taken kindly to purported victims of infringement who do not fully consider fair use before having content taken off YouTube.

With the election still months away, we may yet see controversial action like we did in 2008 by the news media to disable political content. These situations underscore the problem presented by how long it takes to process DMCA counternotifications and 512(f) actions.

A candidate’s defeat makes these processes moot. So maybe we should hope for a longer republican primary season just so we can see some good DMCA and fair use litigation. Come on NBC, send that takedown notice!

January 28, 2012 Computer Crime, Copyright

Are nonpirate Megaupload users entitled to compensation from the government?

If I left my coat in a taxi that was later impounded because, unknown to me, the driver was transporting heroin in the trunk, would I be left out in the cold?

People who used Megaupload to lawfully store and transfer files are rightfully upset that their stuff is unavailable after last week’s raid. Some groups in other countries say they are going to sue the U.S. government. Would a lawsuit like that get anywhere in a U.S. court?

The Fifth Amendment — best known for its privilege against self-incrimination — says that “private property [shall not] be taken for public use, without just compensation”. (You can impress your legally-trained friends at parties by confidently and casually referring to the Takings Clause.) Does the Takings Clause give innocent Megaupload users a right to be paid the value of the files they are being deprived of while the feds use the servers on which those files are stored to prove their case against Kim Dotcom and company?

Back in 2008, Ilya Somin and Orin Kerr had a conversation on the Volokh Conspiracy discussing this question of whether the Fifth Amendment protects innocent third parties who lose property in a criminal investigation. If you read that commentary you will see that a case over the Megaupload takedown might be tough for a number of esoteric reasons, not the least of which is Supreme Court precedent.

There are some face-value problems with a case like this as well. Has the government taken the property for a “public use”? One could argue that the reason the servers (including the innocent content) were seized was for the so-called public good of going after piracy. But then the innocent content is not being “used” in connection with the prosecution — it just happens to be there.

I do not pretend to know the answers to this inquiry, and I’m relying on sharper Constitutional minds than mine to leave some good comments. (If you know Ilya Somin or Orin Kerr, send them a link to this post!) All I know is that it does not seem fair that users of the cloud should so easily be deprived in the name of law enforcement.

 

Related articles
Enhanced by Zemanta
January 25, 2012 Contracts, Copyright

Megaupload takedown reminds us why website terms and conditions can be important

Kashmir Hill pointed out that at least one erstwhile file sharing service has changed its business model in response to the federal government’s action against Megaupload. She observes that:

FileSonic users can’t be too happy to have one of the main features of the site taken away. But the company must be less worried about its breach of contract with existing users than it is about the possibility of getting the Megaupload treatment, i.e., arrest, seizure of its property, and a criminal indictment.

This raises an important point. Any kind of online service that pushes the legal envelope may want to build in some mechanisms to pull back with impunity if it gets freaked out or loses its envelope-pushing courage. Said another way, that service should not make promises to its users that it cannot keep in the event the service wants to change what it is doing.

Some well known user generated content sites do this pretty well already in their terms of service. For example:

  • Dropbox: “We reserve the right to suspend or end the Services at any time, with or without cause, and with or without notice.”
  • YouTube reserves the right to discontinue any aspect of the Service at any time.”
  • Reddit: “We also reserve the right to discontinue the Program, or change the content or formatting of the Program, at any time without notice to you, and to require the immediate cessation of any specific use of the Program.”
  • Facebook (being kind of vague): “If you . . . create risk or possible legal exposure for us, we can stop providing all or part of Facebook to you.”

All good examples of foresight in drafting website terms and conditions that help innovative sites with damage control.

January 20, 2012 Copyright

If you critique SOPA, read the text. If you read the text, read it right.

Earlier this week Eriq Gardner speculated in a tweet that less than one tenth of one percent of folks have actually read the SOPA legislation. I bet he’s right. It’s good to read the statute. But what might be worse than not reading it is reading it wrongly and thereafter propagating misunderstanding.

One of the motifs that has permeated the SOPA discussion is this idea that evil (usually corporate) interests could shut down entire, innocent sites based on one piece of user generated content on that site that is, or links to, infringing material.

Some commentators, such as the usually astute Khan Academy in the video embedded below, have gone so far as to say that one little transgression by one user could bring down all of Facebook, YouTube, or Vimeo. (That discussion begins at about the 5:00 mark where the narrator purports to parse the language of Section 103 of SOPA.)

We are fortunate to have the means and motivation to rally around an issue like SOPA and make it a topic of worldwide discussion. But it turns unfortunate when some of the loudest criticism is based on misinformation. That’s happening now.

It is silly to think that one person could bring down Facebook and leave its almost a billion users in the dark. It is silly to think that Congress would enact legislation making that possible. Those thoughts are silly because they are not based on reality. One user could not cause Facebook to be shut down, and SOPA does provide content owners with a way to accomplish that.

If you take a close look at SOPA, (and of course you should) you see that this “one person taking down Facebook” conclusion is not supported by the language of the statute.

If a federal judge is convinced that a site is “dedicated to the theft of U.S. property,” then he or she can enter an injunction (according to the Federal Rules of Civil Procedure and all the case law attendant thereto) shutting down that site’s domain name.

The present misunderstanding comes from a reading of SOPA’s definition in Section 103 of what it means for a site to be “dedicated to the theft of U.S. property.” That definition is much narrower than what other commentators would have you believe. Among other things, the site has to be:

  • primarily designed or operated for the purpose of offering goods or services in a manner that engages in, enables, or facilitates infringement, circumvention or counterfeiting,
  • have only limited purpose or use other than offering goods or services in a manner that engages in, enables, or facilitates infringement, circumvention or counterfeiting, or
  • be marketed by its operator or another acting in concert with that operator for use in offering goods or services in a manner that engages in, enables, or facilitates infringement, circumvention or counterfeiting.

A less-than-careful reading leads one to think that the definition brings in any site that enables or facilitates infringement, circumvention or counterfeiting. Read the definition again. Is Facebook primarily designed to rip off US property? Is it used for only a little more (i.e., does it have a limited purpose) other than to enable or promote piracy? Does Mark Zuckerberg say that is what it is for? Because the answers to these questions are no, no and no, a federal judge would not conclude that Facebook is a site dedicated to the theft of U.S. property.

If that federal judge were to so conclude, then he would likely be smoking dope. And if that is the state of affairs, then our problem is not SOPA, but federal judges smoking dope.

The fervent opposition to SOPA leads one to be reminded, like David Newhoff was in this piece, of the “death panel” hyperbole that surrounded the healthcare debate. It might be the same part of the brain at work that caused all the irrationality in Vancouver after the Stanley Cup. I’m just sayin’.

Principled and reasonable debate is awesome. Misguided arguments waste everyone’s time.

January 18, 2012 Copyright

SOPA/PIPA reading list

This list is a work in progress. Newer additions are at the top of the list.

January 17, 2012 Anonymity, Copyright, Electronic Discovery, Evidence

No deposition of account holder allowed until he is named as defendant in BitTorrent copyright case

Hard Drive Productions, Inc. v. Doe, 2012 WL 90412 (E.D. Cal. July 11, 2012)

In a mass copyright infringement suit, plaintiff served a subpoena on an internet service provider and got the identifying information for the account holder suspected of trading a copy of a movie via BitTorrent. The account holder was uncooperative with plaintiff’s offers to settle, and denied downloading the file.

Instead of simply naming the identified account holder as a defendant in the case and proceeding with ordinary discovery, plaintiff asked the court for leave to take “expedited discovery,” namely, to depose the account holder to learn about:

  • the account holder’s involvement with the alleged distribution
  • his computers and network setup
  • his technical savvy
  • other users who may have had access to the computers or network

The court denied plaintiff’s request for leave to engage in the expedited discovery. It found that unlike other copyright cases in which anonymous infringers were identified, the efforts in this case “went far beyond seeking to identify a Doe defendant.” Instead, the court observed, it would be “a full-on deposition during which [the account holder] who plaintiff admits is likely not represented by counsel, may unwarily incriminate himself on the record before he has even been named as a defendant and served with process.”

November 17, 2011 Anonymity, Computer Crime, Copyright, Privacy, Section 230

Video: my appearance on the news talking about isanyoneup.com

Last night I appeared in a piece that aired on the 9 o’clock news here in Chicago, talking about the legal issues surrounding isanyoneup.com. (That site is definitely NSFW and I’m not linking to it because it doesn’t deserve the page rank help.) The site presents some interesting legal questions, like whether and to what extent it is shielded by Section 230 of the Communications Decency Act for the harm that arises from the content it publishes (I don’t think it is shielded completely). The site also engages in some pretty blatant copyright infringement, and does not enjoy safe harbor protection under the Digital Millennium Copyright Act.

Here’s the video:

Scroll to top