November 6, 2008 First Amendment, Spam

Government spam blocking not a violation of First Amendment right to petition

Ferrone v. Onorato, No. 07-4299, 2008 WL 4763257 (3rd Cir. October 31, 2008)

The Third Circuit Court of Appeals has held that a county government did not violate a citizen’s First Amendment right to petition the government for a redress of greivences when the county set its spam filters to block all email from the citizen’s domain. There was no evidence that such blocking was done with intent to deprive the citizen of his Constitutional rights, or with reckless disregard of those rights.

The founding fathers managed Spam
The Founding Fathers managed Spam

The Allegheny County, Pennsylvania office of economic devlopment was getting a lot of email from [email protected]. A county official directed that his IT staff block all future messages sent from that address. Accidentally, however, the filter was set to block all messages from the @rock-port.com domain from being sent to any county account.

Plaintiff Ferrone, who was already in a dispute with the county, tried sending 14 email messages to various county officials over the course of five weeks. Because of the spam filter settings, the messages did not get through. So Ferrone sued, claiming a violation of the First Amendment right to petition the government for a redress of grievences. The county moved for summary judgment and the court granted the motion. Ferrone sought review with the Third Circuit. On appeal, the court affirmed.

The court held that the First Amendment’s prohibition on the “abridgement” of the right to petition the government requires a plaintiff to show an actual intent on the part of the government to diminish this right. The court refused to accept Ferrone’s argument that the act of blocking email messages alone, without an examination of the government’s intent, would rise to the level of a constitutional violation. Rejecting Ferrone’s attempts to “plump” up his “specious claim” by throwing in the First Amendment, the court held that no reasonable factfinder could have found a violation of Constitutional rights.

October 28, 2008 Copyright

Google Book Search case settles

Three years after it was filed, much of that time existing in apparent dormancy, the copyright infringement case filed by the Authors Guild against Google Book Search (f/k/a Google Print) has settled. (Thanks to Greg Beck for alerting me to this via a post he put up on Twitter.)

Here is a page with all kinds of information about the settlement. It’s a complicated proposed agreement, so it will take some time to understand it. There is sure to be plenty of commentary from others in the blogosphere over the next day or so.

It’s good to see this resolved. Almost three years ago I was on a panel discussion at the John Marshall Law School talking about the fair use implications of the case. You can download the MP3 of that talk here.

October 28, 2008 Copyright, DMCA

DMCA reaches the decade mark

My friend Kevin Thompson over at Cyberlaw Central reminded me this morning in this post that President Clinton signed the Digital Millennium Copyright Act ten years ago today. Tempus fugit. It’s interesting to reflect on how this critical piece of legislation has affected (I think fostered) the growth of the online infrastructure with its safe harbor provisions found at 17 U.S.C. 512.

DMCA at 10 years

Simply stated, the DMCA at section 512 gives safe harbor protections to providers of interactive computer services (like ISPs and websites hosting user generated content) from liability when users upload content that infringes on another’s copyright rights. To sail its ship into the safe harbor, the provider has to take certain affirmative steps, like registering an agent with the Copyright Office, terminating the accounts of repeat infringers, and, most importantly, responding appropriately to “takedown notices” sent by copyright owners identifying infringing content on the provider’s system.

Though few could disagree with the principle of protecting service providers from infringement liability occasioned by the conduct of third party users (i.e., stemming from user generated content), the DMCA has its critics. And the actual mechanism has some bugs.

A big factor in the problem is the sheer volume of user generated content that’s put online. How can an operator like YouTube, who gets hours of new content loaded to its servers every minute, reasonably be expected to give meaningful review to every takedown notice that comes its way? It can’t.

So for practical reasons, big providers (and smaller ones alike) take down accused content essentially with a rubber stamp. And who can blame them? It saves administrative time and helps ensure safe harbor protection. But there are negative consequences to users and to the public. These consequences on the First Amendment and other rights are well-exemplified by the recent correspondence between the McCain-Palin campaign and YouTube, with amicus-like voices joining the chorus.

Like any ten-year old, the DMCA shows signs of maturity. It has withstood a decade of scrutiny, all the while giving service providers peace of mind, along with relatively efficient mechanisms for copyright owners to get infringing material taken down quickly. But also like a ten-year-old, the challenging years of adolescence — and the accompanying rudimentary changes — are around the corner. It’ll still be the DMCA, but I wouldn’t be surprised to see some transformation going on as user generated content becomes less a novelty and more a standard.

Birthday cake photo courtesy of Flickr user “juverna” via this Creative Commons license.

October 27, 2008 Litigation

No judicial notice for Wikipedia entry

Flores v. State, No. 2008 WL 4683960 (Tx. App. October 23, 2008)

Not surprisingly, a Texas appellate court has held that it should not take judicial notice of a Wikipedia article.

Defendant was tried and convicted for cocaine possession. He appealed his sentence, arguing the trial court improperly admitted two oral statements the defendant made while being interrogated. Defendant apparently objected to the method investigators used to interrogate him, because he asked the appellate court to take judicial notice of the Wikipedia entry for the John Reid technique.

Citing to a Wall Street Journal article from earlier this year, the court declined to treat Wikipedia as a “reliable website,” instead invoking the overworn observation that Wikipedia’s greatest strength (its open platform) is also its greatest weakness.

At least one other court has declined giving judicial notice to a Wikipedia entry. This past May, the defendant in the trademark case Cynergy Ergonomics, Inc. v. Ergonomic Partners, Inc., 2008 WL 2064967 (E.D. Mo. May 14, 2008) asked the court to take judicial notice of the Wikipedia article about DaVinci’s Vitruvian Man.

The Cynergy Ergonomics court looked to Fed. R. Evid. 201 which provides that a court may take judicial notice of a fact not in the record where it is “either (1) generally known within the territorial jurisdiction of the trial court or (2) capable of accurate and ready determination by resort to sources whose accuracy cannot reasonably be questioned.” While not expressly criticizing the reliability of Wikipedia, the court found that the entry did not meet the criteria for judicial notice.

Interrogation room photo courtesy Flickr user Vincent Tulio via this Creative Commons license. Vitruvian Man has been in the public domain for quite some time.

October 25, 2008 Trademarks

Court allows U.S. lawsuit over video posted on Mexican website

Rapper 50 Cent’s Lanham Act claim against Cancun night club survives motion to dismiss

Jackson v. Grupo Industrial Hotelero, S.A., No. 07-22046, 2008 WL 4648999 (S.D. Fla. October 20, 2008)

Defendant owns Coco Bongo, a popular Cancun nightclub. Coco Bongo allegedly used rapper 50 Cent‘s likeness as well as one of his registered trademarks in some Spring Break 2007 video advertisements posted to the web. 50 Cent sued under the Lanham Act in federal court here in the United States alleging trademark infringement as false designation of origin.

Coco Bongo moved to dismiss, arguing a lack of subject matter jurisdiction. It contended that the alleged acts occurred outside of the United States, thus an extraterritorial application of the Lanham Act would violate Supreme Court and Eleventh Circuit authority. The court denied the motion.

The fact that the offending advertisements were on the web was key to the court’s finding that the court had subject matter jurisdiction. 50 Cent was seeking enforcement of his United States trademark rights in the United States. Although the Coco Bongo website was located in Mexico, and even though the website and its advertisements might be viewable by numerous other countries, it was the availability of the allegedly infringing advertisement within the United States that gave rise to an alleged violation of the Lanham Act.

See also Rogers v. Wright for analysis of the extraterritorial application of the Lanham Act.

October 24, 2008 Anonymity, Defamation, Electronic Discovery, Litigation, Privacy

Expedited electronic discovery includes subpoena to ISP and imaging of defendants’ hard drives

Allcare Dental Management, LLC v. Zrinyi, No. 08-407, 2008 WL 4649131 (D. Idaho October 20, 2008)

Plaintiffs filed a defamation lawsuit against some known defendants as well as some anonymous John Doe defendants in federal court over statements posted to Complaintsboard.com. The plaintiffs did not know the names or contact information of the Doe defendants, so they needed to get that information from the Does’ Internet service provider.  But the ISP would not turn that information over without a subpoena because of the restrictions of the Cable Communications Policy Act, 47 U.S.C. § 501 et seq. [More on the CCPA.]

Under Federal Rule of Civil Procedure 26(d)(1), a party generally may not seek discovery in a case until the parties have had a Rule 26(f) conference to discuss such things as discovery. Because of the Rule 26(d)(1) requirement, the plaintiffs found themselves in a catch-22 of sorts: how could they know with whom to have the Rule 26(f) conference if they did not know the defendants’ identity.

So the plaintiffs’ filed a motion with the court to allow a subpoena to issue to the ISP prior to the Rule 26(f) conference. Finding that there was good cause for the expedited discovery, the court granted the motion. It found that the subpoena was needed to ascertain the identities of the unknown defendants. [More on Doe subpoenas.] Furthermore, it was important to act sooner than later, because ISPs retain data for only a limited time.

The Plaintiffs also contended that that the known defendants would likely delete relevant information from their computer hard drives before the parties could engage in the ordinary process of discovery. So the plaintiffs’ motion also sought an order requiring the known defendants to turn over their computers to have their hard drives copied.

The court granted this part of the motion as well, ordering the known defendants to turn their computers over to the plaintiffs’ retained forensics professional immediately. The forensics professional was to make the copies of the hard drives and place those copies with the court clerk, not to be accessed or reviewed until stipulation of the parties or further order from the court.

October 23, 2008 Computer Crime

No damage under Computer Fraud and Abuse Act for merely copying customer list

Sam’s Wines & Liquors, Inc. v. Hartig, 2008 WL 4394962 (N.D.Ill. September 24, 2008)

Hartig worked for Sam’s Wines & Liquors and had access to a password-protected customer list. Hartig left Sam’s in June 2005 and went to work for Plinio Group. Some two and a half years after leaving Sam’s, Hartig sent an email to customers appearing on Sam’s list, soliciting business for Plinio.

Sam’s claimed that Hartig used his password to access and copy the customer list prior to the time he resigned. So Sam’s sued Hartig for a number of things, including violation of the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. 1030 et seq. Hartig moved to dismiss the CFAA claim under Rule 12(b)(6) for failure to state a claim upon which relief can be granted. The court granted the motion.

Hartig put forth three arguments why the CFAA claim should be thrown out. First, he argued that Sam’s had not and could not adequately allege that Hartig accessed a protected computer without authorization, or that he exceeded his authorized access. Second, he argued that Sam’s had not and could not allege that it suffered “damage” under the CFAA from Hartig’s conduct. Finally, he argued that Sam’s had not and could not allege that it suffered “loss” under the CFAA from Hartig’s conduct.

The court held that Sam’s adequately pled unauthorized access to a protected computer (applying the agency principles Judge Posner set forth in Intl. Airport Centers v. Citrin, 440 F.3d 418 (7th Cir. 2006)). It also held that the expenses Sam’s incurred in responding to Hartig’s alleged conduct were properly pled as “loss” under the CFAA. But the claim failed on the damage element: merely accessing the information and allegedly using it while working for a competitor was not “impairment to the integrity or availability of data, a program, a system, or information.”

See Garelli Wong & Assoc., Inc. v. Nichols, 551 F.Supp.2d 704 (N.D.Ill. 2008) for a similar analysis.

October 21, 2008 Computer Crime, Privacy

Divorce spyware case moves forward

Court refuses to dismiss ECPA, SCA and CFAA claims against ex-spouse accused of delivering malicious code.

Becker v. Toca, No. 07-7202, 2008 WL 4443050 (E.D. La. September 26, 2008)

Plaintiff Becker sued his ex-wife, one Ms. Toca, claiming that Toca installed on Becker’s home and office computers a Trojan Horse that could steal passwords and send them to a remote computer. Becker claimed violations of the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), the Computer Fraud and Abuse Act (CFAA), and Louisiana’s Electronic Surveillance Act.

Toca moved to dismiss for failure to state a claim upon which relief can be granted. The court dismissed the Louisiana state claim, but allowed the federal claims under the ECPA, SCA and CFAA to move forward.

In denying Toca’s motion on the ECPA claim, the court nodded to the general consensus established by cases such as Steve Jackson Games, Inc. v. United States Secret Service, 36 F.3d 457 (5th Cir. 1994), United States v. Seiger, 318 F.3d 1039, 1047 (11th Cir. 2003), Konop v. Hawaiian Airlines, Inc., 302 F.3d 868 (9th Cir.2001), and Bailey v. Bailey, 2008 WL 324156 (E.D. Mich. 2008) that ECPA liability requires the electronic communication to be intercepted contemporaneously with its transmission. Toca had argued that merely sending the Trojan Horse could not be considered an “interception” of an “electronic communication” under the ECPA. But the court held that allegations of stealing the passwords and transmitting them elsewhere, in conjunction with Becker’s computers being connected to the Internet, made it “reasonable … to infer that the Trojan Horse program may have collected information contemporaneous to its transmission.”

As for the SCA claim, Toca had argued Becker’s allegedly infected computers were not “a facility through which an electronic communication service is provided,” and thus not within the protection of the SCA. The court declined to dismiss the claim at the pleading stage because it was unclear to what extent the Trojan Horse may have accessed or retrieved information stored with an electronic communication service provider.

The court denied the motion to dismiss the CFAA claim, rejecting Toca’s arguments that the affected computers were not “protected” computers under the CFAA, and that the allegations were insufficient to show Toca intended to cause “damage.” The allegations that the Trojan Horse caused error messages and slow processing were sufficient on this point. Toca argued that an intent to damage the computers would be incompatible with a desire to retrieve information from them. But the court rejected this all-or-nothing damage approach.

The Louisiana statute claim failed simply because the court held that the statute covered only wire and oral communications, leaving electronic communications of the type at issue within the case outside its scope.

October 17, 2008 First Amendment

No injunction against transferring student over violent YouTube video

O.Z. v. Board of Trustees of Long Beach Unified School Dist., 2008 WL 4396895 (C.D. Cal. Sept. 9, 2008)

While school was out of session for spring break, seventh grader O.Z. collaborated with a classmate to make a slide show video dramatizing the murder of the students’ English teacher. Though O.Z. says she did not intend to share the slide show to anyone outside her home, she posted the video to YouTube. A couple months later, while doing a vanity search on YouTube, the English teacher encountered the video. Naturally distressed by the work, the teacher notified school authorities. Administrators suspended O.Z. and transferred her to a different school for her eighth grade year.

O.Z. filed suit and sought a preliminary injunction requiring the school district to re-enroll her at her former school. She argued that the slide show was protected speech under the First Amendment, and that the school’s discipline for it was unconstitutional. The court denied the motion for preliminary injunction.

In evaluating the likelihood of O.Z.’s success on her First Amendment claim, the court applied the standard set forth in Tinker v. Des Moines Ind. Comm. School Dist., 393 U.S. 503 (1969). The Tinker test provides that discipline over student speech is appropriate if school officials reasonably conclude that the speech will “materially and substantially disrupt the work and discipline of the school.”

O.Z. argued that the slide show was merely a joke and not a true threat. But the court found that the school could reasonably forecast substantial disruption of school activities given the violent language and unusual photos comprising the video slide show. Further, the decision to transfer O.Z. served not only to discipline her, but to protect the safety of the teacher.

The fact that O.Z. created the slide show outside of school was of little import in the circumstances. Comparing the present situation with Wisniewski v. Board of Educ. of Weedsport Cent. School Dist., 494 F.3d 34 (2nd Cir. 2007) and other cases involving off-campus conduct, the court found that the slide show created a foreseeable risk of disruption within the school. Such a finding was no doubt influenced by the ability of social media platforms like YouTube to facilitate wide distribution of content.

Scroll to top