Plaintiff (here VeriPic) and defendant both sell digital asset management software to law enforcement. VeriPic and Foray both sell software that allows users to determine real distances/heights etc. from a photo. Also, Foray’s software can validate whether a piece of digital evidence has been manipulated or altered between the time it is entered into the system and a later time when a user wishes to make use of that piece of digital evidence. VeriPic’s software allows the user to validate not only whether digital evidence has been altered since it was entered, but also whether the digital evidence has been altered from the moment the picture was originally taken.
VeriPic sued Foray for false advertising and copyright infringement (and related claims). The court here rejects them.
The state and federal false advertising claims were judged by the same standard, meaning that the analysis of the FAL and UCL claims used the explicit/implicit falsity divide (as consumer FAL/UCL claims do not). First, the court rejected VeriPic’s survey, since it looked at digital photo users in law enforcement. However, most of the respondents were unfamiliar with the relevant software programs, though they used some form of photo evidence in their work. More importantly, they weren’t the relevant audience for the targeted ad claims, which were made in response to requests for proposals, in direct emails, and displays at trade shows. VeriPic didn’t show that photo users would see those materials. So the survey wasn’t shown to be reliable or relevant.
Thus, VeriPic had to make a claim for explicit falsity, a “rigorous” standard requiring a statement to be “unambiguously false,” analyzed in its full context. The fact that statements were made to sophisticated consumers with background knowledge/expertise is relevant here, as are industry standards.
VeriPic first challenged Foray’s claims that it could “authenticate” digital evidence, arguing that authentication required assessing whether there’d been any alterations since the photo was taken, not just since the photo was entered into the software system. The latter, VeriPic argued, was known as “integrity.” VeriPic relied on industry guidelines (known as SWGIT guidelines). But those guidelines showed that “authenticate” had different meanings dependent on context. In some contexts, authentication requires a human observation, and neither party can provide that. In other contexts, “authentication” means being able to “discern if a questioned image is an accurate representation of the original data by some defined criteria.” But this was closely related to the concept of “integrity.” The SWGIT guidelines therefore defined “Forensic Image Authentication” as a type or subset of “integrity” process. Plus, Foray showed that the digital asset management software industry uses the term “authentication” when referring to the ability to ensure the “integrity” of images. This included three other competitors, as well as VeriPic’s own website FAQ. Though VeriPic claimed that its “true authentication” was better than “acquisition authentication” (which was all Foray could provide at the relevant time), it was still using the term “authentication,” not “integrity.”
VeriPic’s only evidence of purchasers using the term in its chosen manner was one RFP, which stated that “[b]y ‘Authentication’ we specifically mean the examination of the photos at the time it is imported into the system to look for signs that the photos were edited by photo editing software PRIOR to import into the system and PRIOR to acquisition of the photo into the system.” But, the court pointed out, this RFP found it necessary “to provide an express definition of how it was using the term and to bold and capitalize the word ‘prior’ to make clear” its meaning, suggesting that it wasn’t using a common definition of “authentication,” or at the very least that there’s some other definition of the term that needed to be distinguished. Nor did VeriPic’s expert testimony support its proposed definition as the only industry definition. Thus, summary judgment was appropriate.
VeriPic challenged another statement: “While some vendors may claim they are ASCLD or SWGIT compliant, no other digital evidence management system vendor complies with the SWGIT workflow shown above. ONLY the Foray ADAMS solution meets this requirement!” VeriPic argued that this workflow was one of four example workflows and thus wasn’t a requirement, and that “only” was literally false because VeriPic complied too.
As to “requirement,” the statement wasn’t literally false in context. The example workflow at issue was the only one that involved a digital asset management system; the guidelines said that the examples weren’t exhaustive, though. Foray’s use of “requirement” was consistent with the meaning that its software was one known way of complying with the standards. The OED defines “requirement” as “something wanted or needed,” and Foray’s use of the word “merely conveys that its software uses a series of steps known to be wanted or needed by the example workflow—i.e, consistent with it, as it is written.”
As for the “only,” it was undisputed that the example workflow contemplated making copies of the images whenever an image was viewed or processed. VeriPic contends that making copies isn’t as good at protecting the integrity of the evidence; instead VeriPic provides enhancement tools that don’t make copies. While this might be a good idea, “VeriPic’s product cannot be literally consistent with the workflow—rendering Foray’ statement unambiguously false—where its product allows user to deviate from the steps listed in that workflow.” Summary judgment for Foray.
The court also rejected VeriPic’s copyright and copyright-related claims. VeriPic alleged that Foray obtained VeriPic’s software in 2008 and copied it. Foray’s employees testified that they observed the use of VeriPic’s software, but never obtained a copy of the software or the source code. VeriPic’s evidence was a 2005 email from Lynn Slaughter, a Foray sales representative, to other Foray employees. The email stated: “I will be getting a VeriPic DVD at the CBD conference that I will send in to the office. (Our client will bring me one ...).” This was insufficient to create a genuine dispute of fact on access. VeriPic failed to provide any evidence that Slaughter did get a copy; the only record evidence was Slaughter’s testimony to the contrary.
Plus, Foray provided evidence of independent creation in 2005, with a source code expert who reviewed the 2005 software and the current version and found no changes to the parts of the code VeriPic claimed had been copied.
The DMCA claim failed because there was, likewise, no evidence of circumvention. So did the contributory infringement/inducement claims.
As for VeriPic’s claim for inducement of breach of contract, VeriPic argued that Foray intentionally encouraged and assisted VeriPic’s customers to breach their end user licensing agreements by allowing Foray employees access to and use of VeriPic’s copyrighted works. Two Foray employees said that VeriPic customers allowed them to view VeriPic’s software while the customers were using the program, but testified that they never directly used the software. “VeriPic fails to explain how merely allowing a third party to view VeriPic’s software while the customer is using it is a breach of the end user license agreements.” None of the cited provisions of the EULA barred allowing a third party to view the software while it is in use.
VeriPic also cited the Slaughter email, but there was no evidence she got the disc, and in any event there was no evidence that the client mentioned in the email was a party to the EULA.