Header graphic for print
New Media and Technology Law Blog

Facebook Takes a Page from Ticketmaster’s Playbook: Block Unauthorized Web Site Access with Carefully Drafted Terms of Use

Posted in Contracts, Copyright

In 2007, Ticketmaster brought a multi-count complaint against RMG Technologies, a software company that supplied ticket brokers with software that enabled them to automatically and rapidly access Ticketmaster’s Web site, to the detriment of ordinary users seeking tickets to popular events. The Ticketmaster v. RMG complaint was notable for stating a series of claims that leveraged the allegation that RMG’s access to the Web site for the purpose of creating its software, as well as the subsequent use of the software, violated the Ticketmaster Terms of Use and was thus unauthorized. Ticketmaster’s claims included breach of contract, copyright infringement, violation of the anticircumvention provisions of the Digital Millennium Copyright Act, and violation of the Computer Fraud and Abuse Act. Based on these claims, Ticketmaster succeeded in obtaining a preliminary injunction against the distribution of the software and a $18.2 million default judgment against RMG.

In December 2008, Facebook filed a similarly framed complaint against Power Ventures, the operator of Power.com, an online service that allows social networking users to access all of their accounts through one interface. In Facebook, Inc. v. Power Ventures, Inc. (N.D. Cal. May 11, 2009), Judge Jeremy Fogel denied Power Ventures’s motion to dismiss Facebook’s claims of copyright infringement, violation of the anticircumvention provisions of the DMCA, and violation of federal and state trademark infringement laws for failure to state a claim. Judge Fogel acknowledged the similarity of Facebook’s copyright claims against Power Ventures to the claims in Ticketmaster’s litigation against RMG. Slip op. at 5.

The essence of the dispute is that Power Ventures, instead of developing its interface through the Facebook Connect developer program, created a Facebook user account and accessed Facebook content through that account. Facebook alleged that the creation and use of that account was in violation of the Facebook Terms of Use. Facebook Complaint ¶ 24, 41. The complaint also alleges that Power Ventures used the interface that it created to induce Facebook users to share their usernames and passwords, and then utilized that information to access Facebook servers via its interface in a manner that violated the Facebook ToU.

The complaint alleges that the ToU prohibits a variety of activities, including, among other things, solicitation of passwords or personally identifying information for commercial or unlawful purposes; using or attempting to use the account of another user or creating a false identity; using automated scripts; impersonating another person or entity; sending “junk mail” or “spam”; harvesting e-mail addresses; registering for more than one account; and “using Facebook’s website for commercial use without the express permission of Facebook.” The ToU also provides that the limited license granted to access and use the site terminates when the site is used “other than as specifically authorized herein.”

The copyright claim alleges that in violation of the ToU, Power Ventures used its account to access and copy the Facebook Web site, including the Facebook home page for which Facebook has obtained a copyright registration. Complaint ¶ 31, 70. Judge Fogel concluded that the allegations of the complaint made out a sufficient claim of copyright infringement because Power Ventures “need only access and copy one page to commit copyright infringement.” The court also found that the ToU prohibited downloading, scraping or distributing content from the Facebook Web site content except that belonging to the user, and that in any event, using automated methods, i.e., “data mining, robots, scraping, or similar data gathering or extraction methods” to access any content were also prohibited by the ToU. Thus, the court found that the allegation that Power Ventures accessed Facebook via automated means constituted made out a claim of direct copyright infringement, while the allegation that Facebook users utilized the Power.com interface to access their own profile pages made out claim of secondary copyright infringement.

Judge Fogel also declined to dismiss Facebook’s claim that the use of automated scripts to access Facebook copyrighted content bypassed specific technical measures designed to block such access and thus violated the DMCA. The trademark infringement claims were sustained based upon the inclusion in the complaint of a screenshot illustrating the use of the Facebook mark on an e-mail sent by Power Ventures to Facebook users. The court did order Facebook to file a short statement clarifying the basis for its California unfair competition claim.

The complaint also alleges a federal CAN-SPAM claim stemming from the transmission of e-mails to other Facebook users encouraging them to use the Power.com interface. According to the opinion, Power Ventures abandoned its challenge to the sufficiency of the CAN-SPAM claim, as well as its challenge to the sufficiency of the complaint under the CFAA. The CFAA claim also is grounded on the allegation that Power Ventures’s access to Facebook’s computers was unauthorized because it was in violation of the Facebook ToU.

The court’s refusal to dismiss Facebook’s claims demonstrates that careful drafting of a Web site terms of use is essential to obtaining legal redress for unauthorized access, particularly unauthorized access by competitors and others for commercial purposes. Access that violates the clear proscriptions of a ToU can form the basis for a multiplicity of legal claims, thereby maximizing the chances of a successful challenge to unwanted access.