June 23, 2006 Computer Crime, Copyright, Fraud/Misrepresentation

Selling fake software on Amazon.com can get you five years in prison

[Thanks to Tech Law Advisor for alerting me to this case.]

Defendant Banks devised a scheme where he would make copies of various Microsoft products and sell them through Amazon.com to buyers who purchased them cash-on-delivery. After getting orders for at least $300,000 worth of software in this way, the plan began to collapse. Dissatisfied customers turned Banks into the FBI, and a federal grand jury indicted him on several counts, including mail fraud, possessing false securities, and criminal copyright infringement. A jury convicted him, and he got five years in prison.

Banks appealed his conviction and sentence, but the Third Circuit affirmed. On the criminal copyright infringement claim, Banks argued that the government had not introduced sufficient evidence to show that the Microsoft software was protected by copyright.

The criminal provisions of the Copyright Act, at 17 U.S.C. §506 state that

Any person who willfully infringes a copyright shall be punished as provided under [18 U.S.C. §2319], if the infringement was committed– (A) for purposes of commercial advantage or private financial gain; (B) by the reproduction or distribution, including by electronic means, during any 180-day period, of 1 or more copies or phonorecords of 1 or more copyrighted works, which have a total retail value of more than $1,000…. (Emphasis added.)

The court held that evidence introduced at trial through an “antipiracy specialist associated with the Microsoft company” was sufficient to show Microsoft’s ownership of the copyrights in the works. In the specialist’s unrebutted testimony, she stated her “belief” that Microsoft copyrights covered the works at issue. Further, the specialist had testified that Microsoft sent Banks the same type of cease and desist letter as it did to others who were suspected of violating Microsoft’s copyrights.

One is left to wonder why the government did not introduce any of Microsoft’s copyright registration certificates in the course of proving the element of copyright ownership. One would think that that would be the best practice for making such proof. In any event, the question before the court was whether the jury correctly concluded that Microsoft owned the copyrights in the works. The antipiracy specialist’s testimony — even if a bit weak on this point — apparently was enough.

United States v. Vampire Nation, (Slip Op.) — F.3d —, 2006 WL 1679385 (3d Cir., June 20, 2006).

June 19, 2006 Miscellaneous

How will MySpace.com defend itself in the recent assault lawsuit?

Techdirt reports that a Texas teenager and her mother have sued MySpace.com, claiming that it failed to protect the teenager from an alleged predator she met online who assaulted her. It will be interesting to see if and how MySpace might try to use Section 230 of the Communicaitons Decency Act, 47 USC §230, in its defense.

The closest precedent we have to look at is a case called Doe v. America Online, Inc., 783 So.2d 1010 (Fla. 2001). In that case, the Supreme Court of Florida held that 47 U.S.C. §230 preempted a mother’s negligence suit against AOL arising from the illegal conduct of an AOL subscriber. The mother alleged that AOL negligently failed to terminate the account of a subscriber who used a chat room to promote the sale of obscene photographs and videos of the mother’s minor son.

Adopting the Fourth Circuit’s reasoning in Zeran v. America Online, Inc., the court held that finding AOL negligent for its failure to police the conduct of chat room participants would be to treat AOL as a publisher of the complained of conduct. Such treatment would be at odds with the provisions of Section 230, and thus the negligence action was preempted.

In the Doe v. AOL case, the alleged illegal conduct took place online. In the MySpace.com case, the alleged illegal conduct arose from an online meeting, but actually took place offline. Will that difference affect the viability of a Section 230 defense?

June 18, 2006 Trademarks

Macabre result avoided in mortician domain name case

If a court won’t let you use your own name, you might feel like you’re a mere ghost of your former self. That happened to Ed Kalis of Broward County, Florida. In a recent case, Florida’s court of appeal considered whether a trial court’s order against Kalis, enjoining him from using his own last name in various means of advertising and in the URL for his company’s website, was proper.

The appellate court held that the injunction was overkill.

For many years, Kalis worked for Kalis Funeral Home, which his father started in 1959. The family sold the business in 1994, but the funeral home kept the Kalis name, and Kalis stayed on staff. In 2004, Kalis left and moved 100 yards down the street to start up a new “funeral, burial, cremation and mortuarial business.” The name for the new business was a dead ringer of the old one: Ed Kalis Memorial Services.

So you can see the problem here. The owner of the old funeral home was rightfully concerned that people were going to be confused when they saw two very similar businesses with very similar names just down the street from one another. So they filed suit.

Kalis changed the name of his new business to Edwards Cremation & Funeral Services, but the old funeral home still had a bone to pick. The old funeral home asked the court to stop Ed Kalis from listing himself as the licensed director of his new business on signs, in the Yellow Pages, and in the URL for his website.

The court’s opinion is only two pages, so there’s just a skeleton of analysis. It determined that the lower court had abused its discretion in prohibiting Kalis from using his actual name in connection with advertising and in the URL. That prohibition was overbroad.

So it sounds like the injunction was hardly the death knell for Kalis’s new enterprise.

Ed Kalis Memorial Servs., LLC v. McIntee Holdings, LLC, — So.2d —-, 2006 WL 1627131 (Fla.App. 4 Dist., June 14, 2006).

June 12, 2006 Miscellaneous

No COPA cause of action for DaVinci Code documentary

Pro se plaintiff Walter Viola didn’t care too much for The History Channel’s “Beyond the Da Vinci Code” which aired in December 2005. He disliked it so much that he filed a federal lawsuit against A&E Networks, claiming that it had defamed the Catholic church, and that Internet content promoting the show violated both Section 223 of the Communications Decency Act and the Children’s Online Protection Act, 47 U.S.C. §231.

The court easily dismissed Viola’s suit. Judge McVerry of the U.S. District Court for the Western District of Pennsylvania, in adopting the Report and Recommendation of Magistrate Hay, held that neither the CDA nor COPA provide for a private cause of action. “[T]he authority to enforce the CDA lies with the proper government authorities and not with a private citizen such as plaintiff.”

Viola v. A&E Televison Networks, — F.Supp.2d —-, 2006 WL 1549703 (W.D. Pa., June 7, 2006).

June 5, 2006 Personal Jurisdiction

A drop-down menu and a few sales create personal jurisdiction over nonresident website operator

Many of the cases that deal with personal jurisdiction arising from online activity are of limited instructional value, because the defendant often has contacts with the forum state in addition to the contacts made through the Internet. The cases are usually fact-specific, and it is sometimes difficult to distill principles that may apply to other situations where a plaintiff claims that a court should exercise personal jurisdiction over a nonresident party because of something that party did online.

The recent decision in the case of Qwest Comm. Int’l. v. Sonny Corp., however, provides some useful guidance on the question of Internet jurisdiction, because the facts are relatively simple. The defendant has a website through which products are sold, and indeed has fulfilled the orders of at least three customers living in the state where the action was filed.

Telecom giant Qwest sued family-owned Sonny Corporation in federal court in the state of Washington. From its facility in Michigan, Sonny sells educational plush toys called “Qwesties” through the website www.qwesty.com. Qwest alleged, among other things, that Sonny’s use of the name “Qwesty” in connection with toys dilutes the famous Qwest trademark.

Sonny moved to dismiss for lack of personal jurisdiction. The court denied the motion, holding that Sonny purposefully availed itself to the privilege of conducting activity in the state of Washington.

The Qwesty website is simple in its layout and operation. It is not unlike thousands of other small business e-commerce websites. A visitor merely chooses a product for purchase, and, in the process of completing the transaction, selects from a drop-down menu the state to which the product should be shipped. Every state, including Washington, is listed as a choice in this drop-down menu.

Determining that it could exercise personal jurisdiction over the out-of-state defendant, the court applied both the Zippo “sliding scale” test (derived from Zippo Mfg. Co. v. Zippo Dot Com, Inc., 952 F.Supp 1119 (W.D. Pa. 1997)) and the “effects doctrine” of Calder v. Jones, 465 U.S. 783 (1984). Citing to Rio Props. v. Rio Int’l Interlink, 284 F.3d 1007 (9th Cir. 2002), the court held that “[g]enerally, operating at least a passive website, in conjunction with ‘something more’ that demonstrates that the defendant directed activity toward the forum state, is sufficient to confer jurisdiction.”

The court concluded that Sonny’s website is sufficiently interactive under the Zippo test because it is used to “advertise, sell and ship [the] product[s] into customers’ Washington homes.” In holding that Sonny’s conduct satisfied the “effects doctrine,” the court emphasized that sales efforts are “expressly aimed at Washington in that the website lists Washington as an available shipping location and Defendant intentionally ship[s] its product into this state.” Furthermore, that conduct has allegedly caused harm in Washington.

One is left to wonder whether the holding would have been different had Sonny omitted the drop-down menu that included Washington state as a choice. If it were up to the Internet user to manually type in his or her home state, would that render the consumers as the ones doing the “express aiming” and not Sonny? Should a website owner only pre-populate its form fields with the names of states in which it is willing to conduct litigation?

Qwest Comm. Int’l, Inc. v. Sonny Corp., (Slip Op.) 2006 WL 1319451 (W.D. Wash., May 15, 2006).

June 3, 2006 Defamation

Are bloggers liable for defamatory third party comments to their posts?

We don’t know yet. But probably not.

The headline to this article from law.com is a bit misleading. It reads, “Judge: Bloggers Entitled to Immunity Under Communications Act.” While that is probably true, the case that the article covers did not address the defendant’s status as a blogger. Yes, the defendant Tucker Max has a blog, but the alleged defamatory comments at issue in the case were posted to a message board, not as a blog post or blog comments. The case is called Dimeo v. Max, (Slip Op.) 2006 WL 1490098 (E.D. Pa., 2006).

So the case really wasn’t much different from a lot of other cases applying 47 U.S.C. 230 to communications posted online. The leading case on Section 230 immunity, Zeran v. America Online, Inc., 129 F.3d 327 (4th Cir. 1997) provided immunity to AOL for messages posted to a forum board. More recently, courts have found message board operators protected under Section 230 in cases such as Donato v. Moldow and Roskowski v. Corvallis Police Officers’ Association.

Section 230(c) provides, in relevant part, that “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” As far as I know, there have not yet been any reported court decisions addressing the question of whether Section 230 immunity applies to bloggers. We came pretty close to seeing the issue addressed earlier this year with the case of TrafficPower.com v. Seobook.com in a federal court in Nevada, but that case was dismissed for lack of personal jurisdiction. [Read Eric Goldman’s coverage of that case.]

June 1, 2006 Privacy

Stored Communications Act not violated by viewing website readily accessible to the general public

You’ve really got to commend Michael Snow for his creative thinking. A few years ago, DirecTV sued Snow in Florida federal court, alleging that he had illegally intercepted DirecTV’s satellite signal. The case was dismissed, but Snow apparently held a grudge.

Not being satisfied with merely setting up a gripe site to air his grievances against DirecTV and so-called “corporate extortion,” Snow went a step further. He set up a “private support group” website for “individuals who have been, are being, or will be sued by any Corporate entity.” The language on the home page expressly forbade access “by DIRECTV and its agents.” To actually visit the site, you had to establish a username and password, and enter into a click-wrap agreement wherein you promised you had nothing to do with DirecTV.

Some employees of DirecTV as well as some attorneys from a couple of the firms that had represented DirecTV found Snow’s site and, notwithstanding the prohibition against their entry, signed up and went on in. After Snow discovered this “unauthorized” access, he filed suit against DirecTV and its law firms, alleging that the defendants had unlawfully accessed the stored web pages in violation of the Stored Communications Act, 18 U.S.C. §2701 et seq.

The U.S. District Court for the Middle District of Florida tossed out Snow’s suit on a motion to dismiss for failure to state a claim upon which relief could be granted. It held that the pages of the website were not “in electronic storage,” and thus could not be protected from unauthorized access under the Stored Communications Act. On appeal, the Eleventh Circuit affirmed the dismissal, but on different grounds.

The Electronic Communications Privacy Act provides that “[i]t shall not be unlawful . . . for any person – (1) to intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.”

The court held that the way Snow had set up the entry page of his site was not sufficient to take it out of the class of electronic communications that are “readily accessible to the general public.” Apparently, the mechanism Snow had established to exclude certain people was too passive.

Unlike the case of Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir. 2002), which was a case involving a site where users had to demonstrate knowledge not publicly available in order to gain access, Snow’s site employed a mere “self-screening methodology” by which “unintended users would voluntarily excuse themselves.” The court indicated that Snow needed a stronger safeguard than the honor-system method he used. “A short simple statement that the plaintiff screens the registrants before granting access may have been sufficient to infer that the website was not configured to be readily accessible to the general public.”

So the key seems to lie in the screening process. The case doesn’t provide a whole lot of guidance on what level of screening is necessary to make a site off-limits to the general public. Nonetheless, the holding of the case, along with the holding of Konop, seems to indicate that it’s easier from a legal standpoint to partition off a portion of the Internet for a specific crowd, rather than open it up to everyone while excluding just a few individuals.

Snow v. DirecTV, Inc., — F.3d —, 2006 WL 1493817 (11th Cir., June 1, 2006).

Joe Gratz has a great post on the case, and his blog (which is very interesting, by the way) is where I first learned of the decision.

May 26, 2006 Privacy

Apple v. Does it mean anything?

You can almost literally hear the buzz from today’s California Court of Appeal ruling in the Apple v. Does case. The champagne is probably flowing at the EFF after the court’s holding that (for the time being) in California, web publishers (this probably includes bloggers) do not have to reveal their confidential sources when they get a news scoop.

Think back. When was the last time you got a secret e-mail from a company insider and posted it to your blog? It’s been awhile, right? So what does the case mean for the run-of-the-mill blogger or web publisher?

I say that the part of the case everyone’s all excited about really doesn’t mean that much.

There is a part of the case, however, that is quite relevant to everyday Internet users. The court gave a detailed analysis of how the federal Stored Communications Act (18 U.S.C. §§2701 – 2712) (“SCA”) requires e-mail messages saved on an ISP’s server to remain undisclosed in the face of a third party civil subpoena.

Here are the basics of the SCA analysis:

In 2004, someone at Apple Computer apparently sent a few e-mails containing confidential details of an unreleased Apple product to the publishers of some Mac enthusiast websites. The publishers of the sites posted the information about the anticipated product, thereby disclosing some of Apple’s trade secrets.

Apple filed suit, and naturally wanted to know who had leaked the information. It issued subpoenas to the e-mail service provider on whose server the surreptitious e-mails were stored, demanding to know the contents of the e-mail messages.

The web publishers asked the trial court for a protective order to prevent the disclosure of the messages, because they wanted to protect their confidential sources. The trial court denied the motion, however, because the publishers had involved themselves in the unlawful misappropriation of a trade secret.

On appeal, the publishers argued, among other things, that the e-mail service provider could not comply with the subpoena without violating the SCA. The Court of Appeal agreed, and reversed the trial court.

The SCA provides, in relevant part, that “a person or entity providing an electronic communication service to the public shall not knowingly divulge to any person or entity the contents of a communication while in electronic storage by that service . . . .” It’s a fancy way of saying that an ISP can’t turn over server copies of e-mail messages. But like any good law enacted by Congress, there are some exceptions.

An ISP can turn over stored communications to a third party, for example, when doing so is “incidental to the protection of the rights or property of the service provider.” Apple argued that this exception should apply, and that the subpoena should be enforced, because failing to comply with the subpoena would subject the service provider to contempt proceedings, thus placing the provider’s property at risk. Read that sentence again. Yep, the court thought that was a circular argument too. And it made no effort to conceal the flaw in logic: “the antecedent assumes the consequents.”

Did you notice that I linked to Wikipedia just then? The court relied on Wikipedia as well in its opinion — no less than ten times! [More on Wikipedia and the courts.]

In any event, the court rejected Apple’s various arguments that the SCA would not prohibit disclosure of the stored e-mail messages. For example, it disagreed with Apple’s argument that there must be an implied exception in the SCA for disclosure of e-mail messages pursuant to a civil subpoena.

The court went on for several pages addressing this argument, analyzing the plain meaning of the SCA, and delving into the policy reasons for its enactment. It concluded that Congress “reasonably decide[d]” that email service providers are a “kind of data bailee to whom email is trusted for delivery and secure storage. . . .”

So at the end of the day, the case is no doubt interesting. Whether the heady First Amendment issues mean anything to the average blogger is not obvious. But the SCA part of the holding is at least refreshing, especially in light of all the other threats to personal privacy looming large recently.

There is plenty of commentary on this case out there already. Try Denise Howell, Joe Gratz, and the EFF for starters.

May 24, 2006 Trademarks

Court enjoins use of metatags in trademark infringement case

The recent case of Shainin II, LLC v. Allen is a straightforward metatag trademark infringement case. On May 15, 2006, Judge Pechman of the U.S. District Court for the Western District of Washington entered an order enjoining a former employee from using his former employer’s trademarks as metatags in a website promoting competing services.

Nodding to the well-known case of Brookfield Communications, Inc. v. West Coast Entertainment Corp., 174 F.3d 1036 (9th Cir. 1999), the court addressed the possibility of “initial interest confusion” arising from the wrongful diverting of web traffic to the defendant’s site. The court acknowledged, however, that use of another’s trademark as a metatag does not automatically mean trademark infringement. As in Playboy Enters., Inc. v. Welles, 279 F.3d 796 (9th Cir. 2002), sometimes metatag trademark use is permissible “nominative use.”

But in this case, the plaintiffs had raised serious questions going to the merits of their trademark infringement claim. Moreover, the balance of the hardships weighed heavily in favor of the plaintiffs, as defendants would suffer little or no harm in being forced to remove the metatags. In fact, they had already done so by the time of the hearing. Accordingly, an injunction against further use of the trademarks in the metatags was appropriate.

Shainin II, LLC v. Allen, (Slip Op.) 2006 WL 1319405 (May 15, 2006).

May 11, 2006 First Amendment

Can Congress restrict minors’ access to social networking websites?

The Childrens Internet Protection Act (“CIPA”) curbs federal funding for any public library or school that will not employ software filters to prohibit minors from accessing pornographic materials. There is a bill [H.R. 5319] before Congress called the Deleting Online Predators Act (DOPA for short) that seeks to expand the scope of CIPA. The Bill calls for restricting federal funding for public libraries and schools that do not block minors’ access to chat rooms and social networking sites (such as MySpace.com).

CIPA withstood a constitutional challenge before the United States Supreme Court in 2003. [U.S. v. American Library Assn., 539 U.S. 194 (2003)] If DOPA is enacted, it will likely face First Amendment scrutiny as well. Might the analysis be different this time around?

In the American Library Association case, the Supreme Court observed that “most libraries already exclude pornography from their print collections because they deem it inappropriate for inclusion. We do not subject these decisions to heightened scrutiny; it would make little sense to treat libraries’ judgments to block online pornography any differently, when these judgments are made for just the same reason.” Accordingly, it does not violate library partrons’ First Amendment rights for there to be filters on the computers at the library.

In blocking access to chat rooms and social networking sites, aren’t libraries going a step futher, inasmuch as they are literally obstructing the “speech” of library patrons? Perhaps. But a court hearing such a challenge would once again have a ready analogy from real-world library experience: when was the last time you saw a successful constitutional challenge to a librarian enforcing the library’s quiet rule?

[News.com’s coverage]

Scroll to top