Internet

Subscribe to Internet via RSS

The controversial consumer gripe site, RipoffReport.com, is at it again.  The First Circuit recently affirmed a lower court’s ruling that RipoffReport.com was entitled to immunity under Section 230 of the Communications Decency Act, 47 U.S.C. §230(c)(1) (the “CDA” or “Section 230”) for defamation-related claims based on certain user posts on its site. (Small Justice LLC v. Xcentric Ventures LLC, 2017 WL 4534395 (1st Cir. Oct. 11, 2017)). This is the latest in a string of victories for RipoffReport.com on that issue. In this case, RipoffReport.com also successfully relied on its website “terms of use” to fend off a novel copyright attack from the plaintiff, the successor-in-interest to the copyright in the user postings at issue.  

This past week, the Supreme Court denied the petitions for certiorari in two noteworthy Ninth Circuit decisions that had interpreted the scope of liability under the federal Computer Fraud and Abuse Act (CFAA) in the context of wrongful access of company networks by employees and in instances involving unwanted data

On May 16, 2017, the Ninth Circuit rejected a petition for cancellation of the GOOGLE trademark based on a “genericide” theory that claimed Google should lose its trademark protection because the word “google” has become synonymous to the public with the term “search the internet.” (See Elliott v. Google, Inc., 2017 WL 2112311 (9th Cir. May 16, 2017)).

Genericide, or a claim of genericness that would allow for cancellation of a trademark, occurs when the public appropriates a trademark and uses it as a generic name for particular types of goods or services irrespective of source. The accusation of genericide is ironic: that because brands have become so popular, consumers simply use their names generically for a type of product, and thus brands should no longer be trademarked.  Such genericide can occur due to a trademark owner’s failure to police the mark, resulting in widespread usage by competitors leading to a perception of genericness among the public.

With summer concerts and music festivals in full swing, many fans will be surprised to find $145 face value tickets reselling online for $3,000 to $11,000.

On May 11, 2017, New York Attorney General Eric Schneiderman took the most recent step in dealing with this problem, and announced seven settlements in “ticket bot” enforcement actions, calling for settlement payments totaling $4.19 million. This development represents the latest step in Schneiderman’s longstanding and highly publicized efforts to combat unfair ticket resale practices occurring in New York.  The enforcement also highlights the technological methods that ticket brokers use to evade the protective measures of well-known ticket marketplaces or otherwise conceal their online activities.

Screen scraping is a problem that has vexed website owners since the early days of e-commerce – how to make valuable content available to users and customers, but prevent competitors from accessing such content for commercial purposes.  Even in the advent of social media, mobile commerce, and advanced software, the issue remains relevant to today’s companies, as evidenced by the craigslist’s victory this past week against an aggregator that had formerly scraped its user postings.

An ongoing dispute from this past winter that we have been watching has raised these long-standing issues anew.

Heritage Auctions, a major auction house that specializes in rare coins, entertainment memorabilia and natural historical items, has brought a multi-count suit against Christie’s, alleging that its competitor scraped millions of proprietary and copyrighted photos and listings from Heritage’s website and reposted them on its own subscriber-only auction site Collectrium. (Heritage Capital Corp. v. Christie’s, Inc., No. 16-03404 (N.D. Tex. filed Dec. 9, 2016)).  Plaintiffs claim that Collectrium removed copyright notices from the original listings and photos and ported the data onto its own site, thereby saving significant costs from producing similar listings or paying licensing fees and allegedly causing harm to Heritage in additional IT-related costs and diverted or lost business.

This past summer, we wrote about two instances in which courts refused to enforce website terms presented in browsewrap agreements.  As we noted, clickthrough agreements are generally more likely to be found to be enforced.  However, even the enforceability of clickthrough agreements is going to depend, in part, on how the user experience leading to the “agreement” is designed.  Two recent decisions illustrate the importance of web design and the presentation of the “call to action” language in determining the enforceability of a site’s clickthrough terms.

In a decision from early November, a D.C. federal court ruled that an Airbnb user who signed up on a mobile device had assented to the service’s Terms and was bound to arbitrate his claims. (Selden v. Airbnb, Inc., 2016 WL 6476934 (D.D.C. Nov. 1, 2016)).   Conversely, in a notable decision from late August, the Second Circuit refused to rule as a matter of law that the plaintiff was bound by the arbitration clause contained in Amazon’s terms and conditions because the plaintiff did not necessarily assent to and was on constructive notice of the terms when he completed the purchase in question. (Nicosia v. Amazon.com, Inc., 2016 WL 4473225 (2d Cir. Aug. 25, 2016)).

Last month, a New York district court refused to dismiss most of the copyright infringement claims asserted against a website operator based on an allegation that the website linked to an infringing copy of plaintiff’s software stored on a third-party’s servers. (Live Face on Web, LLC v. Biblio Holdings LLC, 2016 WL 4766344 (S.D.N.Y., September 13, 2016)).

The software at issue allows websites to display a video of a personal host to welcome online visitors, explaining the website’s products or services and, ideally, capturing the attention of the visitor and increasing the site’s “stickiness.”  A website operator/customer implements the software by embedding an HTML script tag to its website code to link the website to a copy of the software on the customer’s server or an outside server. When a user’s browser retrieves a webpage, a copy of the software is allegedly stored on the visitor’s computer in cache.

UPDATE: On January 18, 2019, the Ninth Circuit affirmed the award of damages and injunctive relief in favor of Facebook. (Facebook, Inc. v. Power Ventures, Inc., No. 17-16161 (9th Cir. Jan. 18, 2019) (unpublished)). The California district court in 2017 had awarded Facebook almost $80,000 in CFAA damages, representing only the period after Facebook sent its cease and desist letter to the defendant and including expenses both for technical measures to block Power Ventures from accessing Facebook servers and expenses for negotiating with Power Ventures to voluntarily stop its activities and destroy the data.  The lower court also granted Facebook’s request for a permanent injunction barring defendant from, among other things, accessing Facebook for a commercial purpose without permission.

  • Unauthorized Access: A former employee, whose access has been revoked, and who uses a current employee’s login credentials to gain network access to his former company’s network, violates the CFAA. [U.S. v. Nosal, 2016 WL 3608752 (9th Cir. July 5, 2016)]
  • Data Scraping: A commercial entity that accesses a public website after permission has been explicitly revoked can be civilly liable under the CFAA. However, a violation of the terms of use of a website, without more, cannot be the basis for liability under the CFAA, a ruling that runs contrary to language from one circuit level decision regarding potential CFAA liability for screen scraping activities (See e.g., EF Cultural Travel BV v. Zefer Corp., 318 F.3d 58 (1st Cir. 2003)). [Facebook, Inc. v. Power Ventures, Inc., No. 13-17102 (9th July 12, 2016)]

This past week, the Ninth Circuit released two important decisions that clarify the scope of liability under the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030.  The Act was originally designed to target hackers, but has lately been brought to bear in many contexts involving wrongful access of company networks by current and former employees and in cases involving the unauthorized scraping of data from publicly available websites.