Online terms of service restricting competitor access to website were unenforceable

If you are in the habit of reading online terms and conditions, you may have encountered a provision that looks something like this:

You may not use the site to gain competitive intelligence about [Provider] to compete with [Provider] or its affiliates.

A court recently held that a provision containing essentially this language was not enforceable against a competitor accused of accessing and copying website content. The court found the provision to be an overly broad non-compete covenant under applicable state law, and likely against public policy. For this reason (among others), the court denied the plaintiff website owner’s motion for a temporary restraining order against the defendant competitor.

The court observed that the restriction was without any geographic or temporal limit. Nor was the provision saved by the requirement that use of “competitive intelligence” be the subject of restricted use. In this particular case, plaintiff was complaining of defendant’s use of information on the publicly-visible portions of plaintiff’s website. Under Illinois law, in order for a covenant not to compete be enforceable, the covenant must secure some “protectable interest” such as a trade secret. For purposes of denying the motion for a temporary restraining order, the court found that a covenant restricting the use of such widely disseminated, freely available information is likely unenforceable.

TopstepTrader, LLC v. OneUp Trader, LLC, 2017 WL 2798397 (N.D. Ill. June 28, 2017)

Evan_BrownAbout the Author: Evan Brown is a Chicago technology and intellectual property attorney. Call Evan at (630) 362-7237, send email to ebrown [at] internetcases.com, or follow him on Twitter @internetcases. Read Evan’s other blog, UDRP Tracker, for information about domain name disputes.

Eleventh Circuit requires copyright owner to obtain registration certificate before filing suit

Although an author owns the copyright in a work the moment he or she creates the work, a court will not hear a case over infringement of the work until the work is registered with the Copyright Office. Here is relevant language from the Copyright Act:

[N]o civil action for infringement of the copyright in any United States work shall be instituted until . . . registration of the copyright claim has been made in accordance with this title.

17 U.S.C. 411(a). Since the Copyright Office issues a certificate of registration when it registers the copyright in a work, one view is that the statute requires a copyright plaintiff to have that registration certificate in hand before filing suit.

But that is not how courts have always applied the statute. Other language in the Copyright Act says that:

the owner of copyright or of any exclusive right in the work may obtain registration of the copyright claim by delivering to the Copyright Office the deposit specified by this section, together with the application and fee specified by sections 409 and 708 [of the Copyright Act].

17 U.S.C. 408(a). Notice how 408(a) does not talk about receiving a registration certificate – it seems to indicate that registration occurs simply by the owner submitting the application, fee and deposit. Some courts have read this portion of the statute this way, and allowed a plaintiff to file suit for copyright infringement after submitting the materials to the Copyright Office but before the registration certificate is issued.

So there is a split among the federal circuits on this issue, namely, between the “registration approach” (requiring certificate in hand) and the “application approach” (requiring only that the application, fee and deposit have been made).

Recently, the Eleventh Circuit Court of Appeals weighed in on the issue. It sided with the registration approach – holding that the plain language of the Copyright Act requires it.

Plaintiff owned the copyright in online articles to which it granted a license to defendant website operator under a subscription agreement. The agreement required defendant to discontinue publication of the licensed content when the agreement terminated. But after termination, the articles remained online. So plaintiff sued for copyright infringement.

The lower court dismissed the action on defendant’s motion because plaintiff had not alleged receipt of the copyright registration certificate in the works at issue. It had only alleged that it had filed the applications to register the copyright claims in the works. Plaintiff sought review with the Eleventh Circuit. On appeal, the court affirmed the dismissal.

The court concluded that the Copyright Act defines registration as a process that requires action by both the copyright owner and the Copyright Office. It relied heavily on language from Section 410 of the Copyright Act that reads as follows:

When, after examination, the Register of Copyrights determines that, in accordance with the provisions of this title, the material deposited constitutes copyrightable subject matter and that the other legal and formal requirements of this title have been met, the Register shall register the claim and issue to the applicant a certificate of registration under the seal of the Copyright Office.

17 U.S.C. 410 (emphasis added). Bolstered by the dictionary definition of “after,” the court held “that registration occurs only after examination of an application necessarily means that registration occurs ‘[l]ater in time than’ or ‘subsequent to’ the filing of the application for registration.”

Fourth Estate Public Benefit Corporation v. Wall-Street.com, LLC, —F.3d —, 2017 WL 2191243 (11th Cir. May 18, 2017)

See also: Is a copyright registration required before filing an infringement lawsuit?

Evan_BrownAbout the Author: Evan Brown is a Chicago technology and intellectual property attorney. Call Evan at (630) 362-7237, send email to ebrown [at] internetcases.com, or follow him on Twitter @internetcases. Read Evan’s other blog, UDRP Tracker, for information about domain name disputes.

No liability for cable company that retained customer information in violation of law

Court essentially holds “no harm, no foul” in case involving violation of federal privacy statute. The case fails to provide an incentive for “privacy by design”.

Can a company that is obligated by law to destroy information about its former customers be held liable under that law if, after the contract with the customer ends, the company does not destroy the information as required? A recent decision from the United States Court of Appeals for the Eighth Circuit (which is located in St. Louis) gives some insight into that issue. The case is called Braitberg v. Charter Communications, Inc., — F.3d —, 2016 WL 4698283 (8th Cir., Sep. 8, 2016).

12493182714_859e827fe6_z

Plaintiff filed a lawsuit against his former cable company after he learned that the company held on to his personally identifiable information, including his social security number, years after he had terminated his cable service. The cable company was obligated under the federal Cable Communications Policy Act to “destroy personally identifiable information if the information is no longer necessary for the purpose for which it was collected.”

The lower court dismissed the lawsuit on the basis that plaintiff had not properly demonstrated that he had standing to bring the lawsuit. Plaintiff appealed to the Eighth Circuit. On review, the court of appeals affirmed the dismissal of the lawsuit.

The appellate court’s decision was informed by the recent Supreme Court decision in Spokeo, Inc. v. Robins, 136 S.Ct. 1540 (S.Ct. 2016), which addressed, among other things, the question of whether a plaintiff asserting violation of a privacy statute has standing to sue.

As a general matter, Article III of the Constitution limits the jurisdiction of the federal courts to actual “cases or controversies”. A party invoking federal jurisdiction must show, among other things, that the alleged injury is both “concrete and particularized” and “actual or imminent, not conjectural or hypothetical”.

In this case, the Court of Appeals found that plaintiff had not alleged an injury in fact as required under Article III and the Spokeo decision. His complaint asserted merely “a bare procedural violation, divorced from any concrete harm.”

The court’s opinion goes on to provide some examples of when the violation of a privacy statute would give rise to standing. It does this by noting certain things that plaintiff did not allege. He did not, for example allege that defendant had disclosed information to a third party, that any other party accessed the data, or that defendant used the information in any way after the termination of the agreement. Simply stated, he identified no material risk of harm from the retention. This speculative or hypothetical risk was insufficient for him to bring the lawsuit.

One unfortunate side effect of this decision is that it does little to encourage the implementation of “privacy by design” in the development of online platforms. As we have discussed before, various interests, including the federal government, have encouraged companies to develop systems in a way that only keeps data around for as long as it is needed. The federal courts’ unwillingness to recognize liability in situations where data is indeed kept around longer than necessary, even in violation of the law, does not provide an incentive for the utilization of privacy by design practices.

Braitberg v. Charter Communications, Inc., — F.3d —, 2016 WL 4698283 (8th Cir., Sep. 8, 2016)

Photo courtesy Flickr user Justin Hall under this Creative Commons license.

Evan_BrownAbout the Author: Evan Brown is a Chicago technology and intellectual property attorney. Call Evan at (630) 362-7237, send email to ebrown [at] internetcases.com, or follow him on Twitter @internetcases. Read Evan’s other blog, UDRP Tracker, for information about domain name disputes.

Facebook hacking victim’s CFAA and SCA claims not barred by statutes of limitation

Knowledge that email account had been hacked did not start the statutes of limitation clock ticking for Computer Fraud and Abuse Act and Stored Communications Act claims based on alleged related hacking of Facebook account occurring several months later.

Plaintiff sued her ex-boyfriend in federal court for allegedly accessing her Facebook and Aol email accounts. She brought claims under the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (“CFAA”), and the Stored Communications Act, 18 U.S.C. § 2701, et seq. (“SCA”).

Both the CFAA and the SCA have two-year statutes of limitation. Defendant moved to dismiss, arguing that the limitation periods had expired.

The district court granted the motion to dismiss, but plaintiff sought review with the Second Circuit Court of Appeals. On appeal, the court affirmed the dismissal as to the email account, but reversed and remanded as to the Facebook account.

In August 2011, plaintiff discovered that someone had altered her Aol email account password. Later that month someone used her email account to send lewd and derogatory sexually-themed messages about her to people in her contact list. A few months later, similar things happened with her Facebook account — she discovered she could not log in in February 2012, and in March 2012 someone publicly posted sexually-themed messages using her account. She figured out it was her (now married) ex-boyfriend and filed suit.

The district court dismissed the claims because it found plaintiff first discovered facts giving rise to the claims in August 2011, but did not file suit until more than two years later, in January 2014. The Court of Appeals agreed with the district court as to the email account. She had enough facts in 2011 to know her Aol account had been compromised, and waited too long to file suit over that. But that was not the case with the Facebook account. The district court had concluded plaintiff knew in 2011 that her “computer” had been compromised. The Court of Appeals observed that the lower court failed to properly recognize the nuance concerning which computer systems were being accessed without authorization. Unauthorized access to the Facebook server gave rise to the claims relating to the Facebook account. The 2011 knowledge about her email being hacked did not bear on whether she knew her Facebook account would be compromised. The court observed:

We take judicial notice of the fact that it is not uncommon for one person to hold several or many Internet accounts, possibly with several or many different usernames and passwords, less than all of which may be compromised at any one time. At least on the facts as alleged by the plaintiff, it does not follow from the fact that the plaintiff discovered that one such account — AOL e-mail — had been compromised that she thereby had a reasonable opportunity to discover, or should be expected to have discovered, that another of her accounts — Facebook — might similarly have become compromised.

The decision gives us an opportunity to think about how users’ interests in having their data kept secure from third party access attaches to devices and systems that may be quite remote from where the user is located. The typical victim of a hack or data breach these days is not going to be the owner of the server that is compromised. Instead, the incident will typically involve the compromising of a system somewhere else that is hosting the user’s information or communications. This decision from the Second Circuit recognizes that reality, and contributes to the reasonable opportunity for redress in those situations.

Sewell v. Bernardin, — F.3d —, 2015 WL 4619519 (2nd Cir. August 4, 2015)

Evan Brown is an attorney in Chicago helping clients manage issues involving technology and new media.

In software dispute, court enforces forum selection clause and transfers case from California to Michigan

Though parties often think of forum selection clauses as throwaway “boilerplate” language, a recent case demonstrates the influence such a clause can have on where litigation takes place.

Plaintiff sued defendant in California for fraud and other claims relating to the alleged defective performance of electronic medical records software. Defendant moved to transfer the matter to federal court in Michigan, based on a forum selection clause in the agreement that provided, in relevant part, that “[a]ny and all litigation arising from or relating to this Agreement will be filed and prosecuted before any court of competent subject matter jurisdiction in the State of Michigan.” Plaintiff objected to the motion, arguing that enforcement would violate California public policy in a number of ways. The court rejected plaintiff’s arguments and granted the motion to transfer.

Plaintiff argued that transfer would go against California’s public policy against unfair business practices, and would also be against the policy of incentivizing medical providers to adopt electronic medical records systems. The court rejected these arguments because plaintiff’s motion dealt with venue, i.e., where the lawsuit would occur, not which substantive law would apply. Given that the potential existed for the federal court in Michigan to consider whether California law should apply, transferring the case would not cut against public policy.

The court further rejected plaintiff’s argument that the forum selection clause was unconscionable, given that plaintiff did not dispute that she read the clause, and was a sophisticated party. Moreover, citing to language of the Supreme Court on the issue, the court refused to consider arguments about the parties’ private interests. “When parties agree to a forum-selection clause, they waive the right to challenge the preselected forum as inconvenient or less convenient for themselves or their witnesses, or for their pursuit of the litigation.”

East Bay Women’s Health, Inc. v. gloStream, Inc., 2014 WL 1618382 (N.D.Cal. April 21, 2014)

Evan Brown is an attorney in Chicago, advising clients on matters dealing with technology, the internet and new media. Follow him on Twitter @internetcases

Related:

[This is a cross post from the InfoLawGroup blog.]

Does publication on the web give rise to “access” in copyright infringement analysis?

2003lookbackPlaintiff sued defendant for copyright infringement. Defendant moved for judgment on the pleadings (which is essentially the same thing as a motion to dismiss for failure to state a claim except it is after defendant files an answer). Defendant asserted that plaintiff had not pled copyright infringement because under the Seventh Circuit’s “substantial similarity” test to demonstrate infringement, plaintiff had not pled defendant had “access” to the allegedly infringed work.

The court rejected defendant’s argument and denied the motion for judgment on the pleadings on this issue.

In some copyright infringement cases, a plaintiff may not have direct evidence that the defendant committed infringement. In those situations, a finder of fact may infer that infringement has occurred when it is shown that:

  • the defendant had access to the copyrighted work; and
  • the accused work is substantially similar to the copyrighted work.

In this case, defendant argued it never had access to plaintiff’s designs that it was alleged to have infringed. But the court considered the online publication, 11 years ago, of plaintiff’s designs, to find access for purposes of the motion for judgment on the pleadings:

With regard to online publication, in 2003, [plaintiff] first published the [allegedly infringed work] at [its website]. The Internet already was widely used and accessible at that time. Because the non-movant is entitled to reasonable favorable inferences in evaluating a motion for judgment on the pleadings, the online publication is enough to establish access for purposes of denying [defendant’s] motion for judgment on the pleadings.

The court’s decision provides no meaningful analysis as to why publication on the web gives rise to access. It states the finding above in such a conclusory manner as if to indicate it sets forth some per se rule. But one is left to wonder whether other factual nuance would change the answer to the inquiry: What if publication were in 1993 rather than 2003, at a time when many, many fewer people were on the web? What if the publication were behind a paywall for which defendant had no authorization to pass? What if defendant pled it did not utilize the web for this sort of information, or, even more compellingly, not at all?

Skyline Design, Inc. v. McGrory Glass, Inc., 2014 WL 258564 (N.D.Ill. January 23, 2014)

Judge who sent Facebook friend request to wife in pending divorce proceeding should have been disqualified

facebook-friend-request-446x298While a divorce case was pending, the judge overseeing the case sent the wife a Facebook friend request. The wife did not accept the request. Thereafter, the judge entered a final judgment that was more favorable to the husband. After the wife found out about other cases in which the judge had reached out to litigants through social media, she filed a motion to disqualify the judge. The judge refused to disqualify herself.

The wife sought review with the appellate court. On appeal, the court reversed and remanded, holding that the judge should have disqualified herself:

The “friend” request placed the litigant between the proverbial rock and a hard place: either engage in improper ex parte communications with the judge presiding over the case or risk offending the judge by not accepting the “friend” request.

Moreover, the court found the problem of friending a party in a pending case “of far more concern” than a judge’s Facebook friendship with a lawyer. Forbidding judges and counsel to be Facebook friends, especially in smaller counties with tight-knit legal communities, would be unworkable. But with a friend request from the judge, a party has a “well founded fear” of not receiving a fair and impartial trial.

Chace v. Loisel, — So.3d —, 2014 WL 258620 (Fla.App. 5 Dist. January 24, 2014)

Court refuses to help author who was victim of alleged bogus DMCA takedown notices

Author and her publisher disagreed on the content of two of the author’s new books. (As an aside, this author is very prolific — she alleges that she publishes a new book every two weeks!) So rather than deal with publisher, author self-published the works on Amazon. Publisher sent DMCA takedown notices to Amazon, with which Amazon complied. Author sued publisher under Section 512(f) of the DMCA, which provides penalties against senders of DMCA takedown notices that knowingly materially misrepresent claims of infringement. She sought a temporary restraining order (TRO), asking the court to instruct publisher to tell Amazon to make the works available.

The court denied the TRO motion. It found that author had failed to show she would suffer irreparable harm if the works were not put back on the market. In the court’s view, author failed to show how a temporary delay in sales would affect her reputation or goodwill.

The case presents an interesting issue concerning a party’s right to send a DMCA takedown notice. Author alleges that her agreement with publisher provided she owns the copyright in her works, and that publisher merely has a right of first refusal to publish any “sequels” to her previous works. So if what author is saying is true, that publisher does not have a copyright interest in the books but merely a contract interest, she stands a good chance, ultimately, on her 512(f) claim.

Flynn v. Siren-BookStrand, Inc., 2013 WL 5315959 (September 20, 2013)

Court slaps Prenda client with more than $20,000 in defendant’s costs and attorney’s fees

AF Holdings, represented by infamous copyright trolls Prenda Law, voluntarily withdrew its copyright infringement claims against the defendant, an alleged BitTorrent infringer. Defendant sought to recover his costs and attorney’s fees pursuant to the Copyright Act, which provides that:

In any civil action under this title, the court in its discretion may allow the recovery of full costs by or against any party other than the United States or an officer thereof. Except as otherwise provided by this title, the court may also award a reasonable attorney’s fee to the prevailing party as part of the costs.

The court found that all factors for an award of costs and attorney’s fees weighed in defendant’s favor:

  • Degree of success: There was no dispute that defendant completely prevailed in the case.
  • Frivolousness/Objective Unreasonableness: Plaintiff’s case was frivolous and objectively unreasonable in that it never presented any evidence (although it had the opportunity to do so) to support its claim that it had standing to assert a claim for copyright infringement. Moreover, the court found that plaintiff did not do a proper investigation to determine defendant was the one in the household who committed the alleged infringement. Instead, it simply alleged that he fit the best demographic of one who would infringe.
  • Motivation: The court found that it did not appear plaintiff was motivated to protect the copyright at issue, but merely to coerce settlements.
  • Compensation/Deterrence: The court awarded fees as a deterrent to copyright trolls everywhere: other persons or entities that might contemplate a similar business model that is not intended to protect copyrighted work but instead designed to generate revenues through suits and coerced settlements.
  • Furthering the Purpose of the Copyright Act: The primary objective of the Copyright Act is to encourage the production of original literary, artistic, and musical expression for the good of the public. But here, the court found, plaintiff had not acted to protect original expression but rather to capitalize on coerced settlements.

Based on these factors, and after considering the number of hours spent and the hourly rate of defendant’s counsel, the court ordered plaintiff to pay $19,420.38 in attorney’s fees and $3,111.55 in costs (mainly for electronic discovery and deposition costs). Copyright trolls be warned.

AF Holdings LLC v. Navasca
, 2013 WL 3815677 (N.D.Cal. July 22, 2013)

Judge who was Facebook friends with victim’s father did not have to recuse himself

Case provides valuable guidance to judges on how to responsibly handle social media connections and communications.

Judge sent defendant to prison for assaulting defendant’s girlfriend. Defendant appealed his sentence claiming, among other things, that the judge was not impartial, given that the judge was Facebook friends with the girlfriend-victim’s father, and that the two of them had communicated through Facebook’s private message feature. The appellate court held that the judge did not err by not recusing himself.

The appellate court found that no rule prohibited the judge from being Facebook friends with the victim’s father. And the judge followed the proper procedure concerning the private message by:

  • discontinuing reading it once he realized it pertained to the case
  • warning the victim’s father not to communicate ex parte in that manner
  • printing the message out and placing it in the case file
  • notifying counsel for the parties

Moreover, the private message was not adverse to defendant, but actually asked for leniency. On these facts, the court found an insufficient showing of bias to find reversible error.

Youkers v. State, — S.W.3d —, 2013 WL 2077196 (Tex.App. May 15, 2013)

1 2 3 4 7 8 9