Online Commerce

Subscribe to Online Commerce via RSS

In a blog post last month, Google announced that it would extend certain commitments it made to the FTC in 2012 that were set to expire relating to, among other things,  the scraping of third-party content for use on certain Google “vertical search” properties such as Google Shopping.  The announcement came days before the commitments were set to expire on December 27th and months after Yelp had claimed that Google was not living up to its promises by allegedly scraping Yelp local business photos for use in certain Google results (e.g., local business listings).

In a brief, unpublished opinion, the Sixth Circuit affirmed the dismissal of right of publicity and privacy claims against a host of self-publishing platforms and service providers for distributing an erotic (and purported “less than tasteful”) book whose cover contained an unauthorized copy of the plaintiffs’ engagement photo because the plaintiffs failed to plead more than an “incidental” use of the photo by the service providers. (Roe v. Amazon.com, No. 16-3987 (6th Cir. Nov. 21, 2017) (unpublished)).

This dispute initially raised our interest because it raised the larger issues of how to define a “publisher” and “distributor” in the modern e-commerce environment and to what extent an ebook platform or print-on-demand service could be protected for distributing third-party content by the immunity provided by Section 230 of the Communications Decency Act (“CDA Section 230”).  While we anticipated that such issues would get a full examination on appeal, the Sixth Circuit sidestepped these novel issues and decided the case on the merits of the privacy claims. 

A U.S. federal district court judge on Tuesday, November 29 ordered Coinbase Inc., the largest cryptocurrency exchange and storage platform in the world, to provide information about certain of its account holders to the U.S. Internal Revenue Services (IRS).  Information pertaining to as many as 14,355 account holders and 8.9 million transactions could be covered in this order, according to estimates provided by Coinbase.  The full order by Judge Jacqueline Scott Corley of the U.S. District Court for the Northern District of California can be found here.

While a significant milestone in a protracted legal battle between Coinbase and the IRS, the order handed down by Judge Corley is considerably narrower than what the IRS had originally requested.  The information Coinbase must provide is limited to the holder’s name, date of birth, taxpayer identification number (TIN), and address; the date, amount, type of transaction, post-transaction balance, and names of counterparties to any transaction covered by the order; and periodic account statements for the covered accounts.  Significantly, only account holders that have bought, sold, sent, or received cryptocurrency worth $20,000 or more in any tax year from 2013 to 2015 are covered by the order. 

UPDATE: On April 16, 2018, the British Columbia Supreme Court denied Google’s request to amend the Canadian delisting injunction based on the argument that the injunction would “require it to violate the laws of another jurisdiction, including interfering with freedom of expression.”  (Equustek Solutions Inc. v. Jack, 2018 BCSC 610 (Apr. 16, 2018)).  The Canadian court held that the effect of the California district court order (based upon CDA immunity) is that no action can be taken against Google to enforce the injunction in U.S. courts – but that would not restrict the ability of a Canadian court to issue its own orders “directed to parties over whom it has personal jurisdiction.”

“The U.S. decision does not establish that the injunction requires Google to violate American law. That would be the case if, for example, the [defendants] obtained an order from a U.S. court requiring Google to link to their websites. But there is no suggestion that any U.S. law prohibits Google from de-indexing those websites, either in compliance with the injunction or for any other reason. Absent the injunction, Google would be free to choose whether to list those websites and the injunction restricts that choice, but injunctions frequently restrain conduct that would otherwise be prima facie lawful. A party being restricted in its ability to exercise certain rights is not the same thing as that party being required to violate the law.”

In a decision that sets up a potential international comity showdown, a California district court granted Google’s request for a preliminary injunction preventing enforcement in the U.S. of a Canadian court order that compelled Google to globally de-list certain search results of a former distributor that had allegedly used its websites to unlawfully sell the defendant Equustek Solutions’s (“Equustek”) intellectual property. (Google LLC v. Equustek Solutions Inc., 2017 WL 5000834 (N.D. Cal.  Nov. 2, 2017)).

In granting Google’s request for a preliminary injunction, the court found that Google likely satisfied all three elements of qualifying for immunity under Section 230 of the Communications Decency Act, 47 U.S.C. §230(c)(1) (the “CDA” or “Section 230”) as a service provider that linked to third-party content, and that the Canadian court’s order implicated online free speech concerns.  Indeed, the court concluded its opinion with language that surely buoyed many online providers and open internet advocates that had previously expressed concerns about the extraterritorial effort of the Canadian order:

“By forcing intermediaries to remove links to third-party material, the Canadian order undermines the policy goals of Section 230 immunity and threatens free speech on the global internet.”

In an unpublished opinion, the Ninth Circuit affirmed a lower court’s ruling that had sent a putative class action against Amazon over its pricing practices to arbitration, as per Amazon’s terms of service. (Wiseley v. Amazon.com, Inc., No. 15-56799 (9th Cir. Sept. 19, 2017) (unpublished)).  In finding that Amazon’s “Conditions of Use” were not unconscionable and presented in a reasonable manner, this holding differs from a Second Circuit decision from last year that declined to compel arbitration because reasonable minds could disagree regarding the sufficiency of notice provided to Amazon.com customers when placing an order through the website. (On remand, a New York magistrate judge ruled that the court should grant Amazon’s motion to compel arbitration on other grounds based upon the plaintiff’s constructive knowledge of the terms.)

This month, in one of the many recently-filed Illinois biometric privacy suits, a class action complaint alleging violations of Illinois’s Biometric Information Privacy Act (BIPA) was lodged against Wow Bao, a restaurant chain, over its use of self-order kiosks that allow customers to use faceprints as a method to authenticate purchases. (Morris v. Wow Bao LLC, No. 2017-CH-12029 (Ill. Cir. Ct. filed Sept. 5, 2017)).  The suit against Wow Bao was not the only BIPA-related suit filed in September, as several businesses with an Illinois presence, including Crunch Fitness and Speedway, Inc., were served with complaints. And more than a week ago, an Illinois federal court refused to dismiss BIPA claims against photo storage service Shutterfly over claims that its photo tagging feature created a faceprint of the non-user plaintiff after a friend uploaded a group photo, and upon the service’s suggestion, then tagged the plaintiff, thereby storing plaintiff’s faceprint and name in Shutterfly’s database without his notice or consent. (Monroy v. Shutterfly, Inc., No. 16-10984 (N.D. Ill. Sept. 15, 2017)).

UPDATE:  Last month, the First Circuit affirmed the dismissal of the action, holding that there was no language in Homeaway’s “Basic Rental Guarantee” that makes any representation or warranty that Homeaway pre-screened listings before they were posted, as the document, at that time, simply established a process for obtaining a refund of up to $1000 (subject to certain conditions). (Hiam v. HomeAway.com, Inc., No. 17-1898 (1st Cir. Apr. 12, 2018)).  Beyond examining the Guarantee, the court followed the lower court’s reasoning that focused on HomeAway’s business-specific terms and conditions, which expressly notified users that listings are not pre-screened (“[W]e have no duty to pre-screen content posted on the Site by members, travelers or other users”).  With dismissal based upon the language of HomeAway’s Guarantee and site terms, the appeals court declined to opine on whether the dismissal was also justified on CDA Section 230 grounds.

In a resounding victory for well-drafted terms and conditions and robust immunity under Section 230 of the Communications Decency Act, 47 U.S.C. § 230 (“CDA Section 230”), a Massachusetts district court granted summary judgment in favor of HomeAway, the online vacation rental marketplace, on two users’ claims stemming from a dispute over a property listing on the VRBO.com site. (Hiam v. HomeAway.com, Inc., No. 16-10360 (D. Mass. July 27, 2017)).   In its opinion, the court not only held that CDA Section 230 bars HomeAway from being treated as a “seller of travel services” under state consumer protection regulations, but also that HomeAway’s terms and conditions and privacy policy expressly disavowed any promises to pre-screen or monitor rental listings or release member information upon a user’s request.

In recent years, courts have issued varying rulings as to whether online or mobile users adequately consented to user agreements or terms of service when completing an online purchase or registering for a service.  In each case, judges have examined the facts closely, particularly the user interface that presents the terms to the user before he or she completes a transaction.  In an important ruling vindicating Uber’s user registration and electronic contracting process, the Second Circuit reversed the lower court and held that the notice of Uber’s terms of service was reasonably conspicuous and that the plaintiff unambiguously manifested assent to the terms, and therefore agreed to arbitrate his claims with Uber. (Meyer v. Uber Technologies, Inc., 2017 WL 3526682 (2d Cir. Aug. 17, 2017)).  While clearly good news for Uber in this litigation, in blessing Uber’s mobile contracting process, the court also established something of a template for other mobile apps to follow to ensure that their terms and conditions will be enforceable against their members or users. 

With summer concerts and music festivals in full swing, many fans will be surprised to find $145 face value tickets reselling online for $3,000 to $11,000.

On May 11, 2017, New York Attorney General Eric Schneiderman took the most recent step in dealing with this problem, and announced seven settlements in “ticket bot” enforcement actions, calling for settlement payments totaling $4.19 million. This development represents the latest step in Schneiderman’s longstanding and highly publicized efforts to combat unfair ticket resale practices occurring in New York.  The enforcement also highlights the technological methods that ticket brokers use to evade the protective measures of well-known ticket marketplaces or otherwise conceal their online activities.

Screen scraping is a problem that has vexed website owners since the early days of e-commerce – how to make valuable content available to users and customers, but prevent competitors from accessing such content for commercial purposes.  Even in the advent of social media, mobile commerce, and advanced software, the issue remains relevant to today’s companies, as evidenced by the craigslist’s victory this past week against an aggregator that had formerly scraped its user postings.

An ongoing dispute from this past winter that we have been watching has raised these long-standing issues anew.

Heritage Auctions, a major auction house that specializes in rare coins, entertainment memorabilia and natural historical items, has brought a multi-count suit against Christie’s, alleging that its competitor scraped millions of proprietary and copyrighted photos and listings from Heritage’s website and reposted them on its own subscriber-only auction site Collectrium. (Heritage Capital Corp. v. Christie’s, Inc., No. 16-03404 (N.D. Tex. filed Dec. 9, 2016)).  Plaintiffs claim that Collectrium removed copyright notices from the original listings and photos and ported the data onto its own site, thereby saving significant costs from producing similar listings or paying licensing fees and allegedly causing harm to Heritage in additional IT-related costs and diverted or lost business.