Tuesday, April 12, 2011

Governing the Magic Circle panel 3

Eric Goldman - Capricious Account Terminations and 47 U.S.C. Section 230(c)(2)

Under §230(c)(1), websites generally aren’t liable for third-party content. But §230(c)(2) also has import. It says no provider shall be held liable on account of any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable. Doesn’t apply to federal criminal prosecutions (of potential relevance if the provider restricts access to info used by gov’t). Doesn’t apply to IP claims or ECPA/state law antiwiretapping equivalents. Seeing people blocked as spammers complaining; people threaten to sue for “listening in” to the spam, but chances are this exception is irrelevant.

People allege that ISPs violate constitutional rights, but that runs aground on state action. State/federal claims are all that’s left, but §230(c)(2) takes that out.

One complaint people have: virtual world providers terminate their accounts.

Any workarounds? Hard to allege IP violations based on terminating user account, but has been litigated by CafePress—plaintiff alleged that kicking him off violated his TM rights, but court disagreed.

Good faith: possible workaround if antitrust/anticompetitive motivations are at issue. One case said maybe failing to explain to the user why she was kicked off is lack of good faith. Are some kinds of moral condemnation bad faith? It should be a subjective test: did they think they were acting for the right reason?

“Otherwise objectionable”: do we treat this as ejusdem generis (evaluating the words by the company they keep) or as a general catchall? Caselaw is murky but tends toward the latter.

False advertising/breach of contract/promissory estoppel. Some false advertising cases suggest §230(c)(2) might trump the words the ISP used. Heightened pleading requirements might apply. Contract claims: termination for convenience clauses and other disclaimers may protect the ISP. Some plaintiffs have claimed to be third-party beneficiary of someone else’s contract; this almost invariably fails. Promissory estoppel: Barnes v. Yahoo! leaves promissory estoppel as a possibility for working around the statute—therefore providers stop making promises that might be relied upon (if they’re represented by counsel).

Gives the ISP the ability to manage community without fear of legal regulation. We don’t want providers standing on the sidelines, encouraging anarchy. Users often want provider protection from other users. Market forces constrain capricious exercise of this power. Existing users can reduce activity or leave.

Farnaz Alemi (with James Chang) - Gaming the System: Whether Minors Should be Able to Disaffirm Online Contracts
Minors are important consumers in virtual worlds: feemium grames are a growing part of ecommerce; 64% of mobile gamers are minors. April 2010: 12 year old spent £900 on Farmville/Facebook, £288 from own account and the rest from his mother’s credit card. Bought virtual coins to make purchases in Farmville, and both Farmville and Facebook were unwilling to credit the account unless she turned him in to the police as a thief. Motive: he wanted the good stuff—knew he was making purchases.

A 6-year-old played Tap Zoo on her iPod Touch, trying to build a bigger zoo, purchased sea turtles, crocodiles and tigers for $100s. Parents logged into iTunes to sign up for the game, which stayed valid and automatically logged out only after 15 minutes. Controversy did lead to a refund. TapZoo: one consumer says it’s a scam—supposed to be a free app but charged $1000s.

Smurfberries: a 4-year-old bought $66.88 in Capcom’s Smurfberries on an iPad, bought tokens that speed up gameplay. Mother had no idea son could use real world money inside the game. Game says on the bottom: buying Smurfberries will charge your iTunes account.

11 year old spent about $1600 on Xbox live, when mother turned off parental controls by mistake. “It was just me wanting to get all this stuff which other people have which I don’t have and I was getting jealous.”

8 year old bought $1400 of Smurfberries. Free to download, but billed for in-app purchases. Capcom is rumored to make $4 million/month from Smurfberries. Apple receives 30%. Mother said this preyed on children—game is for kids 4+. Apple refunded the money after the Washington Post reported on the story and a Rep. from Mass. wrote to the FTC—unfair trade practices. Public interest view: $99 for a wagon or $19 for a bucket of snowflakes doesn’t have any business in a children’s game.

Who should be responsible? Parents, game providers, credit card companies, children?

Parents are giving the children the resources—as with violent games, arguably they should be proactive. Review games in advance, time the 15 minute password, educate kids, use discretion regarding forms of payment (use gift card), learn to say no (she says: probably what they are doing right now anyway).

Game providers: Apple updated its software to require a password every time a purchase is made while using an application. Microsoft: Play Smart, Play Safe—online resource for families (RT: yeah, that will work).

Credit card companies: if reported as fraud or theft—but will parents do that?

Children: the law is that minors may disaffirm contracts if they’re under 18, on grounds they don’t understand the transaction. Many businesses therefore refuse to contract with minors for fear of later disaffirmance—may be happening in online games.

Exceptions to disaffirmance: necessities of life (food, lodging, medical services); disaffirmance can’t be used as a sword, only a shield—AV v. iParadigms where disaffirmance was being used to avoid a clickwrap contract and assert a copyright infringement claim—can’t void obligations while retaining the benefits of the contract. Arts and sports—some states don’t allow disaffirmance by child actors etc. without going to court; California doesn’t allow disaffirmance of contract to create copyrightable work without going to court.

Should minors be able to disaffirm? Do kids understand what they’re doing? They have cellphones and iPads. Children understand games better than their own parents! They’re engaged in complex transactions: they know how to level up, manage a farm, purchase tokens, manage their money/property in the game. (RT: Understanding how to play a game and understanding its implications are very different things. This argument requires equivocation with respect to those two things.)

12-year-old boy knew he was making purchases in Farmville. 11-year-old with Xbox knew he was making purchases. If minors know how to operate intricate games, then shouldn’t we place the responsibility on the player regardless of age? (This strikes me as defining deviancy down, on the part of the game providers. I heard similar perspectives at the ANA about how teens are “almost” old enough to vote and drink and therefore what’s the problem in marketing to them? That the law must draw bright lines where there are often gradations is only an argument against legal lines when the benefits of doing so don’t outweigh the admitted costs for the folks near the line. And, starting from the premise that kids aren’t generally cognitively or emotionally able to make the same kinds of considerations as adults generally are, I’m not convinced.)

Currently, the game providers are shouldering the PR backlash, but Smurfberries has an explicit disclosure on the bottom—what more can they do? They give the purchaser an option to back away. Should the FTC determine they’re engaged in unfair trade practices? (Um, that’s why we ban both deceptive and unfair trade practices. I know plenty of advertisers don’t like it, but (or maybe that’s why) it’s in the statute. Here’s the current FTC standard: “To justify a finding of unfairness the injury must satisfy three tests. It must be substantial; it must not be outweighed by any countervailing benefits to consumers or competition that the practice produces; and it must be an injury that consumers themselves could not reasonably have avoided.”  I understand Alemi to be saying that parents are already saying “no,” but they can’t figure out how to make the tech adhere to their decisions. I think that’s well within the “can’t reasonably be avoided” boundary.)

If game companies are blunted with more regulations, they’ll continue to limit their age pools, even if these are popular with youth. This could lead minors to create fake accounts.

The standard of voidable contract should no longer be the standard—instead there should be a rebuttable presumption that you knew what you were doing. Could rebut that by showing the child didn’t understand the transaction—say, when there was a 15-minute buffer. But if it’s 6 months of transactions, no dice. (I don’t understand why the exception for receiving the benefit doesn’t already apply to that. I don’t see any instance of a successful lawsuit in her parade of not-so-horribles. Conversely, I also don’t see how changing the law, so that it’s presumptively ok as a legal matter to take hundreds of dollars from 4-year-olds, changes the PR problem. It’s still a jerk move.)

Young Ming Kow and Bonnie Nardi - Mediating Contradictions of Digital Media

Contradictions aren’t necessarily bad—they occur at the edges, and help systems grow and develop. WoW community: examines modders. Modding is the practice of end user alteration of commercial hardware or software. WoW mods are scripted programming files that specify user interface elements, mostly distributed for free. Modders sometimes solicit donations in one of the mod’s windows. Blizzard supported modding—we can’t make hundreds of options, but you can.

Field observations in California and BlizzCon, forums, and chatrooms. Face to face interviews as well as chatroom interviews. A tradition within US community of ownership: WoW modders fought over two mod policies: (1) add-ons must be free of charge, with no premium versions, charge for downloads, charge for services related to the add-on, or otherwise require compensation. (2) modders may not solicit donations in the game/mod. Requests should be limited to the add-on website or distribution site and should not appear in the game. This substantially limits the number of donations—many gamers never visit the distribution site (and certainly not once they’ve used the mod for a while and decided how valuable the mod is).

Blizzard said it wanted to maintain the quality of its product. Modders wanted the freedom to determine distribution. Modders called for a strike. Some pulled their mods. Others stopped maintaining them. Blizzard warned users who complained but gave a 60-day grace period. Some were practically affected—donation links on a homepage made $20/week; donation links in the game allowed him to “count on [donations] to put food on my table.” He can’t mod fulltime. But fulltime modding is not just about making a living—fulltime modding leads to excellent mods, such as QuestHelper, 23 million downloads.

Contradiction arises because mods have different values to users and corporate overlords. Curse.com, a commercial company targeting gamers, sells premium versions of its mod downloading tool—suggested a relative solution to reward modders based on download counts, allowing them to share 20% of revenue from premium versions, divided by popularity, and to redeem reward points for Amazon gift cards. Other micropayment systems exist online. Mediating link allows resolution of contradictions, possibly.

I offered some of my questions about minors. Chang was responding: the problem hasn’t yet materialized; we envision contracts to become more important as minors’ presence online increases. Credit card companies will be less likely to refund the money in the future. In terms of whether minors could disaffirm contracts where they actually got the benefit of the Smurfberries, the argument is equitable—but the equitable concern is inconsistently applied across jurisdictions. I.V. Paradigms, the court said they got the benefit of the Turnitin system, but that was odd since they were required to use the system to get credit.

Q: perplexed about examples with children. We have lots of games with paper tokens that are treated like money—Monopoly involves things that sound a lot like bona fide financial transactions. One might even say the child learns some things about how economies work. But to confuse those games with contracts would be odd. If a person plays that game, then goes online and plays something with a similar set of transactions that cost money, why does that become a contract just because there’s a corporate developer who’d like to collect money from the transaction and says something at the bottom of the screen that says “this is a contract”? It’s not the mechanics of the transaction that the child misapprehends but the consequences of the property system applied.

Chang: The rebuttable presumption would take a number of factors into account. Beyond virtual worlds—if you contract with Gmail and agree to ToS, same considerations. The fact that you’re playing a game could be taken into account.

Q: Apple says: I entered into a contract with mom and dad saying they’re responsible for charges on their account. Is the concept here that minors can disaffirm a purchase even if they’re using mom and dad’s account?

Chang: there are many different ways that minors disaffirming take place. Minors logged into parents’ account; or when a minor signs up for an account, which is allowed for 13-year-olds for Apple as long as a parent provides a credit card. We’re interested in the case where the account belongs to the minor; the parent hasn’t expressly agreed to the contract. (RT: Do any of the actual examples cover this?) You don’t know what the parent was thinking when the kid got the credit card. We looked at agency principles, which are very complex, but ended up limiting analysis to the case where kids are actually agreeing. (Lemley pointed out that his experience was that Apple requires him to agree to a new contract every time he signs on!)

Q: Modding—isn’t the question whether Blizzard can claim ownership of the mods? Blizzard’s real objection seems to be about some hierarchical desire for amateur status for modders. (Nice way to put it! I suppose we could also talk about free riding, even though there doesn’t seem to be free riding—Blizzard thinks that money on the table is by definition its money.) Is that as easily moderated by a third way?

Kow: modding community believes that they can use ownership to control distribution/seek donations. But Blizzard doesn’t agree—thinks they’re derivative works. Modders are small group—maybe 5%. Blizzard thinks it makes sense to protect its business interests over the other 95%. Some mods are accused of including invasive content interfering with the user experience. Only a few, but that led to a decision to ban all mods from asking for donations within the mod.

Nardi: there is a “good game experience” from Blizzard’s point of view, and asking for money in the mod harms that experience.

Heymann for Goldman: what about pretexts—the user is taking up too much bandwidth—should there be some connection to objectionable content?

Goldman: When a service provider kicks a user off its system, it blocks their ability to do anything, including uploading objectionable content. Could kick a user off, as WoW threatened, for going around saying mean things elsewhere—that stretches the concept. In the anti-spam cases, we’re seeing the same thing, though. You are not only responding to past spam but cutting off future communications (presumptively spam). Courts seem to think that’s ok. Thus, if you can terminate an account for past spamming, you can terminate an account for any other similar reason—even if there was plenty of legit content the user can be kicked off, not just have the offending content surgically removed.

Q: the papers sound like big corporation wins v. little kids, big corporation wins v. modders, big corporation wins v. users—Goldman’s title was “capricious” terminations. Does he really mean that? Can ISPs breach their promises?

Goldman: hard to stretch the statute to support the truly capricious termination. But if the ISP can come up with a good pretext, it might still comply with the statute. He doesn’t think the ISP needs to list reasons in the ToS. The thing he thinks is troublesome from a contractual perspective is promising not to terminate and then doing so. Don’t think ISP needs to be able to use the statute to unwind its contractual promises, but he thinks that’s a colorable argument. As a practical matter, ISP will promise that it can act capriciously to the full extent of the law; 230(c)(2) just reinforces that.

Power imbalances: company can act as game god; market forces offer a pushback. Doesn’t strike him that one clearly trumps the other.

Q: but no one ever talks about accountability in decisions made by big corporations. Of course communities need to be managed, but when the corporation is making money off of social interactions, the free market does not of its own accord apply a social justice obligation. In exchange for the money, why not require companies to treat those social ties with respect?

Goldman: descriptively, Congress may have said that there’s no accountability. Normatively, his view is that accountability means many different things. Every ISP thinks their industry is not the right solution for any problem at hand—the lawyers should solve it; the lawyers think the engineers should solve it; Goldman thinks that the law is the wrong solution.

Lemley: seems significant that virtually no business catering to older groups allows kids under 13, and that nonetheless a bunch of kids end up on the games. They ban kids because of COPPA. Should the test use evidence of age misrepresentation as evidence that the kid knew what she was doing?

Chang: What COPPA has done is ban minors from the internet unless they’re willing to misrepresent who they are. Many companies don’t want to take the time to obtain verifiable parental consent. No gmail, other basics. (RT: But on the other hand: Club Penguin!) Part of the reason to advance the presumption is to give increased confidence to retailers. We don’t want retailers to be constantly questioning the risk of minor disaffirmance. This will remove a lot of value of microtransactions. (Okay, this is part of my skepticism: retailers are stuck with the costs of fraud a lot. Convince me that this marginal uncertainty over and above real fraud is depressing retail activity, or that this is the intervention retailers need rather than other measures to combat identity theft—James Grimmelmann has a short recent piece making the point about how much fraud retailers tolerate because they can’t be bothered to check things like spelling, age, birthdate, etc.)

Chang thinks that age misrepresentation should be evidence that the kid knew what she was doing. If the kid understands she can’t enter into the transaction unless she’s 13 and changes her birthdate, that’s awareness of the rules.

No comments: