When do you need a nondisclosure agreement?

I wrote a blog post for Tech Cocktail called 5 Reasons You May Need an NDA. I hope you’ll click on over and give it a read.

Here are the 5 reasons I came up with. Can you think of others?:

  1. Your discussions turn from “what” to “how.”
  2. You are dealing with someone other than an investor.
  3. You have made substantial investment in your innovation.
  4. You will be sharing documents or data.
  5. You want to save on legal fees.

Leave your comments below. I know there are many other reasons — pro and con — concerning NDAs.

Accessing email server from Canada supported personal jurisdiction in the U.S.

MacDermid, Inc. v. Deiter, No. 11-5388 (2d Cir. December 26, 2012)

The Second Circuit reversed a District Court that held it could not exercise personal jurisdiction over a Canadian defendant accused of accessing email servers located in Connecticut.

Defendant lived and worked in Canada for a U.S.-based company having its principal place of business in Connecticut. She knew her company’s email servers were located in Connecticut.

When she learned that she was about to be terminated from her position, she forwarded confidential company data from her work email account to her personal account.

The former employer sued in the U.S. District Court for the District of Connecticut. That court dismissed the case, holding that the relevant Connecticut state statute (Conn. Gen. Stat. § 52-59b(a)) did not authorize the exercise of personal jurisdiction. The lower court found that although the statute authorized personal jurisdiction over one who “uses a computer” in the state, defendant’s alleged computer use took place exclusively in Canada.

Plaintiff-employer sought review with the Second Circuit Court of Appeals. On appeal, the court reversed, holding that the state statute authorized the exercise of personal jurisdiction, and that such exercise comported with due process.

The court found it was “not material” that defendant was outside Connecticut when she accessed her employer’s servers. It held that the statute required only that the computer or network, not the user, be located in the state.

On the due process issue, the court found that defendant had minimum contacts with Connecticut, as she knew the servers were located there. The court also found that she purposefully directed her alleged tortious activity there. After balancing other relevant factors (e.g., location of witnesses, burden on the defendant, Connecticut’s interests in seeing its laws enforced), the court found the exercise of personal jurisdiction to be reasonable.

I have joined InfoLawGroup LLP

Today is my first day as Senior Counsel with InfoLawGroup LLP. I could not be more thrilled about this terrific development in my career. ILG is an awesome firm of very smart attorneys, and I cannot wait to provide services to my clients from this great platform.

My practice will continue to focus on technology and intellectual property law — copyright, trademark, content and technology development, licensing, privacy, domain names, the DMCA, and many other important issues that businesses and individuals face on the web and in the mobile space.

I will continue to post here at internetcases, but I expect that the nature and frequency of the content may change. A lot of my blogging and social media efforts will be directed at content published at infolawgroup.com and through the firm’s other social media. (Be sure to follow InfoLawGroup on Twitter.)

And I’ll still co-host This WEEK in LAW every Friday.

I’m grateful to my former colleagues at Hinshaw & Culbertson LLP whom I bade adieu yesterday. Hinshaw is a very good firm, and I respect and admire the folks I worked with there. During my departure everyone was very gracious, acknowledging that InfoLawGroup is a better fit for my clients’ needs and for the way that I practice law.

Most of all I’m grateful to my wife and to others in my family who are providing me with all types of support without which I wouldn’t have the wherewithal to strike out on this path.

And thank you, dear reader, for enjoying internetcases. I’ll look forward to bringing you along in this next chapter.

Email privacy is weak even with court oversight

Huntington Ingalls Inc. v. Doe, 2012 WL 5897483 (N.D. Cal. November 21, 2012)

A federal court in California has allowed a party to subpoena Google to learn the identity of a Gmail account owner, even though that owner did nothing to involve himself in the dispute.

A contractor that plaintiff hired accidentally emailed “property” belonging to plaintiff to the wrong email address. (The court’s opinion is not clear on the nature of this “property,” but we are safe in assuming it was some sort of proprietary information.) Plaintiff sent messages to the Gmail account seeking return of the property, but the unknown account owner did not respond.

Plaintiff filed suit in federal court against the anonymous account holder (John Doe) seeking declaratory and injunctive relief (i.e., to get the property back). Since plaintiff did not know Doe’s identity, it sought expedited discovery so that it could subpoena Google for the identifying information.

email

The court granted the motion for leave to send the subpoenas. It found that:

  • without the subpoena, plaintiff would have no other way to obtain “this most basic information”
  • the subpoena was the exclusive means available to plaintiff to protect its property interest
  • plaintiff’s proposed procedure guarded Doe’s due process rights by requiring Google to give Doe notice of the subpoena and an opportunity to object

The court’s opinion shows how any privacy interest in one’s email account information is tenuous at best. In this situation, the target of the unmasking efforts was, as they say, minding his own business, not doing anything to inject himself into any dispute.

Moreover, unlike many previous cases in which courts have required the party seeking discovery of an anonymous party’s identity to put forth facts showing it has a good case, there was no claim here that Doe did anything wrong. Instead, it was the sender’s mistake. One could find it unsettling to know that other peoples’ errors could cause a court to order his or her identity to be publicly revealed.

Photo courtesy Flickr user Bart Heird under this Creative Commons license.

Court allows expedited discovery to identify website hijackers

Indigital Solutions, LLC v. Mohammed, 2012 WL 5825824 (S.D.Tex. November 15, 2012)

Plaintiffs alleged that one or more unknown defendants used malware to gain access to plaintiffs’ email account, web hosting account and domain registration account. From a message in plaintiffs’ email account, the defendants acquired an image of one of the plaintiff’s signature, which defendants used to forge a domain name transfer agreement. Plaintiffs sued under the Computer Fraud and Abuse Act and other theories. They sought leave to take expedited discovery to learn the identity of the unknown defendants. The court granted the motion.

The court found that plaintiffs had made a prima facie showing of harm by setting forth a valid claim under the Computer Fraud and Abuse Act. The discovery request was specific, in that they sought third party subpoenas to specified recipients seeking particular information. All alternative means of discovering the defendants had been exhausted, and the case could not move forward without the information. And the court found no privacy interest on the part of the defendants to be at stake, especially given the evidence that the defendants were not U.S. citizens, thus not subject to any First Amendment interest in anonymity.

Facebook activity did not support claim that employee solicited former employer’s clients

Invidia, LLC v. DiFonzo, 2012 WL 5576406 (Mass.Super. October 22, 2012)

Defendant hairstylist signed an employment agreement with plaintiff that restricted her from soliciting any of plaintiff’s clients or customers for 2 years. Four days after she quit plaintiff’s salon, her new employer announced on Facebook that defendant had come on board as a stylist. One of defendant’s former clients left a comment to that post about looking forward to an upcoming appointment.

stylist

Either before or after she left plaintiff’s employ (the opinion is not clear about this), defendant had become Facebook friends with at least 8 of the customers she served while working for plaintiff.

Plaintiff sued for breach of contract and sought a preliminary injunction. The court denied the motion, in part because plaintiff failed to show evidence that defendant had violated the nonsolicitation provision.

The court found that it did not constitute solicitation of plaintiff’s customers to post a notice on Facebook that defendant was beginning work at a new salon. The court said it would have viewed it differently had plaintiff contacted a client to tell her that she was moving to a new salon, but there was no evidence of any such contact.

As for having clients as Facebook friends, the court noted that:

[O]ne can be Facebook friends with others without soliciting those friends to change hair salons, and [plaintiff] has presented no evidence of any communications, through Facebook or otherwise, in which [defendant] has suggested to these Facebook friends that they should take their business to her chair at [her new employer].

See also, TEKsystems, Inc. v. Hammernick.

Photo courtesy Flickr user planetc1 under this Creative Commons license

Trial court erred in ordering defendant to turn over his iPhone in ediscovery dispute

AllianceBernstein L.P. v. Atha, — N.Y.S.2d —, 2012 WL 5519060 (N.Y.A.D. 1 Dept., November 15, 2012)

Plaintiff sued its former employee for breach of contract alleging he took client contact information on his iPhone when he left the job. The trial court ordered defendant to turn the iPhone over to plaintiff’s counsel so plaintiff could obtain the allegedly retained information.

Defendant sought review of the discovery order. On appeal, the court reversed and remanded.

The appellate court found that the lower court’s order that defendant turn over his iPhone was beyond the scope of plaintiff’s request and was too broad for the needs of the case. Ordering production of defendant’s iPhone (which, the court observed, has built-in applications and internet access) “was tantamount to ordering the production of his computer.” The iPhone would disclose irrelevant information that might include privileged communications or confidential information.

So the court ordered that the phone and a record of the device’s contents be delivered to the court for an in camera review to determine what, if any information contained on the phone was responsive to plaintiff’s discovery request.

Court won’t ban Gawker from posting Hulk Hogan sex tape

Bollea v. Gawker Media, LLC, 2012 WL 5509624 (M.D.Fla. November 14, 2012)

A few years ago someone surreptitiously filmed Hulk Hogan cavorting in bed with a woman not his wife. Gawker got a copy through an anonymous source and posted a minute of excerpts on gawker.com. (I’m not linking to it but it’s easily accessible. Just be warned, it’s extremely NSFW.)

Hulk sued in federal court alleging various invasion of privacy claims. He sought a preliminary injunction against Gawker continuing to make the video available. The court denied the motion, finding such an injunction to be an unconstitutional prior restraint on Gawker’s free speech right.

Gawker conceded that Hulk had a right of privacy in the contents of the tape, but argued that Gawker’s First Amendment rights outweighed the privacy interest.

The court found that Hulk failed to satisfy his heavy burden to overcome the presumption that a preliminary injunction would be an unconstitutional prior restraint under the First Amendment. Hulk’s public persona, including the publicity he and his family derived from his reality show, his own book describing an affair he had during his marriage, prior reports by other parties of the existence and content of the tape, and Hulk’s own public discussion of issues relating to his marriage, sex life, and the tape all demonstrated, in the court’s view, that the tape was a subject of general interest and concern to the community.

And he failed to show that he would suffer irreparable harm from the publication. The court’s decision on this point was based in part on the fact that mere embarassment was not enough to satisfy the irreparable harm standard. Moreover, the court found this to be a case where the “cat is out of the bag,” so it was not apparent that a preliminary injunction would do anything to help.

Court orders in camera review of injured plaintiff’s Facebook content

Richards v. Hertz Corp., — N.Y.S.2d —, 2012 WL 5503841 (N.Y.A.D. 2 Dept. November 14, 2012)

Plaintiff sued defendant for personal injury. Defendant saw a photo plaintiff had publicly posted on Facebook of herself skiing. When defendant requested plaintiff to turn over the rest of her Facebook content (presumably to find other like-pictures which would undermine plaintiff’s case), plaintiff sought a protective order. The trial court granted the motion for protective order, but required plaintiff to turn over every photo she had posted to Facebook of herself engaged in a “sporting activity”.

woman skiing

Defendants appealed the entry of the protective order. On review, the appellate court reversed and remanded, finding that defendants had made a showing that at least some of the discovery sought would result in the disclosure of relevant or potentially relevant evidence.

But due to the “likely presence” of private and irrelevant information in plaintiff’s account, the court ordered the information be turned over to the judge for an in camera review prior to disclosure to defendants.

Whether the plaintiff effectively preserved her Facebook account information may be an issue here. The facts go back to 2009. One is left to wonder whether and to what extent plaintiff has not gone back and deleted information from her account which would bear on the nature and extent of her injuries. It goes to show that social media discovery disputes can take on a number of nuances.

Photo courtesy Flickr user decafinata under this Creative Commons license.

Online terms of service were not effective to prohibit data scraping

CollegeSource, Inc. v. AcademyOne, Inc., 2012 WL 5269213 (E.D. Pa. October 25, 2012)

paint scraping

Plaintiff sued its competitor, another platform for providing online college transfer services. Among other things, plaintiff alleged that defendant breached plaintiff’s online terms of service, violated the Computer Fraud and Abuse Act, and was unjustly enriched by copying and “scraping” course catalog information from plaintiff’s service and using that collected data to populate defendant’s own database.

Defendant moved for summary judgment on these claims. The court granted the motion.

Breach of Contract

The court held that defendant’s scraping and collection efforts did not fall within the scope of plaintiff’s online terms of service.

Although certain of defendant’s employees had subscribed to plaintiff’s premium services (and thereby agreed to tems of service that prohibited data scraping), the documents and information defendants used were gathered through a different service. Plaintiffs provided a function called “CataLink”, through which colleges could link website visitors to documents stored on plaintiff’s server. End users clicking on those links would not be presented with any terms of service by which to be bound.

Plaintiffs attempted an unsuccessful workaround on this point, arguing that the terms for the subscription services bound users of all “Services” provided by plaintiff (including the separate CataLink services). The court rejected this argument, finding it possible that a typical user may never even have known he visited a CataLink link. Moreover, the court found, if plaintiff had intended its subscriber agreement to include CataLink, it did not make its intention clear.

Unjust Enrichment

The court held that plaintiff’s unjust enrichment claim was preempted by the Copyright Act. Plaintiff asserted that defendant was unjustly enriched because it copied and displayed on its website course descriptions from plaintiff’s catalogs, and in doing so derived a financial benefit. And plaintiff argued that the facts in this case differed substantially from those required to state a claim for copyright infringement, in that defendant had misrepresented, or had taken in an underhanded way. But the court found that these elements (misrepresentation and acting underhandedly) did not avoid preemption. Nor did the element of “benefit conferred” defeat preemption, since a copyright infringer always accepts the benefit of the copyrighted work.

Computer Fraud and Abuse Act

The court found that defendant did not violate the Computer Fraud and Abuse Act, because the documents alleged to have been copied were available to the general public. And since plaintiff obtained the documents using the CataLink service — which, as discussed above was not subject to the terms of service — there were no contractual restrictions to define “without authorization” or “exceed[ing] authorized access” as used in the CFAA.

Image courtesy Flickr user fontplaydotcom under this Creative Commons license.